Small Business Lending Data Collection Under the Equal Credit Opportunity Act (Regulation B)

AGENCY:

Bureau of Consumer Financial Protection.

ACTION:

Proposed rule; request for public comment.

SUMMARY:

The Bureau of Consumer Financial Protection (Bureau) is publishing for public comment a proposed rule amending Regulation B to implement changes to the Equal Credit Opportunity Act (ECOA) made by section 1071 of the Dodd-Frank Wall Street Reform and Consumer Protection Act (Dodd-Frank Act). Consistent with section 1071, the Bureau is proposing to require covered financial institutions to collect and report to the Bureau data on applications for credit for small businesses, including those that are owned by women or minorities. The Bureau's proposal also addresses its approach to privacy interests and the publication of section 1071 data; shielding certain demographic data from underwriters and other persons; recordkeeping requirements; enforcement provisions; and the proposed rule's effective and compliance dates.

DATES:

Comments must be received on or before January 6, 2022.

ADDRESSES:

You may submit comments, identified by Docket No. CFPB-2021-0015 or RIN 3170-AA09, by any of the following methods:

• Federal eRulemaking Portal: https://www.regulations.gov . Follow the instructions for submitting comments.

• Email: 2021-NPRM-1071@cfpb.gov . Include Docket No. CFPB-2021-0015 or RIN 3170-AA09 in the subject line of the message.

• Mail/Hand Delivery/Courier: Comment Intake—Section 1071 Small Business Lending Data Collection, Bureau of Consumer Financial Protection, 1700 G Street NW, Washington, DC 20552.

Instructions: The Bureau encourages the early submission of comments. All submissions should include the agency name and docket number or Regulatory Information Number (RIN) for this rulemaking. Because paper mail in the Washington, DC area and at the Bureau is subject to delay, and in light of difficulties associated with mail and hand deliveries during the COVID-19 pandemic, commenters are encouraged to submit comments electronically. In general, all comments received will be posted without change to https://www.regulations.gov. In addition, once the Bureau's headquarters reopens, comments will be available for public inspection and copying at 1700 G Street NW, Washington, DC 20552, on official business days between the hours of 10 a.m. and 5 p.m. Eastern Time. At that time, you can make an appointment to inspect the documents by telephoning 202-435-7275.

All comments, including attachments and other supporting materials, will become part of the public record and subject to public disclosure. Proprietary information or sensitive personal information, such as account numbers or Social Security numbers, or names of other individuals, should not be included. Comments will not be edited to remove any identifying or contact information.

FOR FURTHER INFORMATION CONTACT:

Camille Gray, Paralegal Specialist; Tola Adenuga, Regulatory Implementation and Guidance Specialist; Tarrian Ellis, Honors Attorney; Jaydee DiGiovanni, Counsel; Kristine M. Andreassen, Pavitra Bacon, Benjamin Cady, Joseph Devlin, Amy Durant, Gregory Evans, David Jacobs, Kathryn Lazarev, Lawrence Lee, Kristen Phinnessee, or Michael Scherzer, Senior Counsels, Office of Regulations, at 202-435-7700 or https://reginquiries.consumerfinance.gov/ . If you require this document in an alternative electronic format, please contact CFPB_Accessibility@cfpb.gov .

SUPPLEMENTARY INFORMATION:

I. Summary of the Proposed Rule

In 2010, Congress passed the Dodd-Frank Act. Section 1071 of that Act amended ECOA to require that financial institutions collect and report to the Bureau certain data regarding applications for credit for women-owned, minority-owned, and small businesses. Section 1071's statutory purposes are to (1) facilitate enforcement of fair lending laws, and (2) enable communities, governmental entities, and creditors to identify business and community development needs and opportunities of women-owned, minority-owned, and small businesses.

Section 1071 specifies a number of data points that financial institutions are required to collect and report, and also provides authority for the Bureau to require any additional data that the Bureau determines would aid in fulfilling section 1071's statutory purposes. Section 1071 also contains a number of other requirements, including those that address restricting the access of underwriters and other persons to certain 1071 data; recordkeeping; publication of 1071 data; and modifications or deletions of data prior to publication in order to advance a privacy interest.

Section 1071 directs the Bureau to prescribe such rules and issue such guidance as may be necessary to carry out, enforce, and compile data pursuant to section 1071, and permits the Bureau to adopt exceptions to any requirement or to exempt financial institutions from the requirements of section 1071 as the Bureau deems necessary or appropriate to carry out the purposes of section 1071. The Bureau is proposing to add a new subpart B to Regulation B to implement the requirements of section 1071. Key aspects of the Bureau's proposal are summarized below.

If finalized, the Bureau's proposed rule would create the first comprehensive database of small business credit applications in the United States. This would include critical information about women-owned and minority-owned small businesses to help regulators and the public identify and address fair lending concerns. The database would also enable a range of stakeholders to better identify business and community development needs and opportunities for small businesses, including women-owned and minority-owned small businesses. Just as the Bureau works in other ways to help foster fairness and opportunity in consumer financial services markets for all consumers, the proposed 1071 rule is structured to realize these same goals for the small business market—for all small businesses within the scope of the rule, including those that are owned by women and minorities. Research indicates that minority-owned small businesses face particular obstacles, as do those that are women-owned, but the current lack of comprehensive, quantitative data has made it difficult to understand the extent of these obstacles and address them with responsive policy. By shining a light on lending practices in this area, the Bureau believes that the 1071 data would not only foster a culture of compliance but bring particular attention to the underserved parts of the small business market that have traditionally faced the greatest obstacles to success. In this way, the proposed rule is intended to help small businesses drive inclusive and equitable growth.

Scope. The Bureau is proposing to require financial institutions to collect and report 1071 data regarding applications for credit for small businesses, including those that are owned by women and minorities. The Bureau is not proposing to require that financial institutions collect and report data regarding applications for women-owned and minority-owned businesses that are not small. Because most existing businesses are small businesses, covering small businesses necessarily means nearly all women-owned and minority-owned businesses will also be covered. The Bureau believes that this scope is consistent with the statute and will allow the rule to carry out section 1071's purposes without requiring collection of data that would be of limited utility.

Covered financial institutions. Consistent with language from section 1071, the Bureau is proposing to define a “financial institution” to include any partnership, company, corporation, association (incorporated or unincorporated), trust, estate, cooperative organization, or other entity that engages in any financial activity. Under the proposed definition, the Bureau's 1071 rule would apply to a variety of entities that engage in small business lending, including depository institutions ( i.e., banks, savings associations, and credit unions), online lenders, platform lenders, community development financial institutions (both depository and nondepository institutions), lenders involved in equipment and vehicle financing (captive financing companies and independent financing companies), commercial finance companies, governmental lending entities, and nonprofit nondepository lenders.

The Bureau's proposal uses the term “covered financial institution” to refer to those financial institutions that would be required to comply with section 1071's data collection and reporting requirements. The Bureau is proposing that a covered financial institution would be a financial institution that originated at least 25 covered credit transactions for small businesses in each of the two preceding calendar years. The Bureau is not proposing an asset-based exemption threshold for depository institutions, or any other general exemptions for particular categories of financial institutions.

The Bureau is also proposing to permit creditors that are not covered financial institutions to voluntarily collect and report data under section 1071 in certain circumstances.

Covered credit transactions. The Bureau is proposing to require that covered financial institutions collect and report data regarding covered applications from small businesses for covered credit transactions. The Bureau is proposing to define a “covered credit transaction” as one that meets the definition of business credit under existing Regulation B, with certain exceptions. Loans, lines of credit, credit cards, and merchant cash advances (including such credit transactions for agricultural purposes and those that are also covered by the Home Mortgage Disclosure Act of 1975 (HMDA) ) would all be covered credit transactions within the scope of this proposed rule. The Bureau is proposing to exclude trade credit, public utilities credit, securities credit, and incidental credit. Factoring, leases, consumer-designated credit used for business purposes, and credit secured by certain investment properties would also not be covered credit transactions.

Covered applications. The Bureau is proposing to define a “covered application”—which would trigger data collection and reporting and related requirements—as an oral or written request for a covered credit transaction that is made in accordance with procedures used by a financial institution for the type of credit requested. This proposed definition of covered application is largely consistent with the existing Regulation B definition of that term. However, the Bureau is also proposing that certain circumstances would not be covered applications, even if they are considered applications under existing Regulation B. Specifically, the Bureau is proposing that a covered application does not include (1) reevaluation, extension, or renewal requests on an existing business credit account, unless the request seeks additional credit amounts; or (2) inquiries and prequalification requests.

Small business definition. The Bureau is proposing to define a “small business,” about whose applications for credit data must be collected and reported, by reference to the definitions of “business concern” and “small business concern” as set out in the Small Business Act and Small Business Administration (SBA) regulations. However, in lieu of using the SBA's size standards for defining a small business concern, the Bureau's proposed definition would look to whether the business had $5 million or less in gross annual revenue for its preceding fiscal year. The Bureau is seeking SBA approval for its alternate small business size standard pursuant to the Small Business Act.

Data to be collected and reported. The Bureau's proposal addresses the data points that must be collected and reported by covered financial institutions for covered applications from small businesses. Many of the proposed data points are specifically enumerated in section 1071; for the others, the Bureau is proposing to use the authority granted by section 1071 to require financial institutions to collect and report any additional data that the Bureau determines would aid in fulfilling the purposes of section 1071. Certain of these data points are or could be collected from the applicant (or otherwise determined based on information provided or authorized by the applicant); other data points are based on information solely within the financial institution's control. The Bureau is proposing that covered financial institutions maintain procedures to collect applicant-provided data at a time and in a manner that is reasonably designed to obtain a response. The Bureau's proposal also addresses what financial institutions should do if, despite having such procedures in place, they are unable to obtain certain data from an applicant. A financial institution would be permitted to rely on statements made by an applicant (whether in writing or orally) or information provided by an applicant when collecting and reporting 1071 data, although for most data points if the financial institution verifies the information provided it must report the verified information. The Bureau's proposal would also permit financial institutions to reuse certain previously collected data in certain circumstances.

As noted above, the Bureau's proposal includes certain data points that are, or could be, provided by the applicant. Some data points specifically relate to the credit being applied for: The credit type (which includes information on the credit product, types of guarantees, and loan term); The credit purpose; and the amount applied for. There are also data points that relate to the applicant's business: A census tract based on an address or location provided by the applicant; gross annual revenue for the applicant's preceding full fiscal year; the 6-digit North American Industry Classification System (NAICS) code appropriate for the applicant; the number of workers that the applicant has ( i.e., non-owners working for the applicant); the applicant's time in business; and the number of principal owners of the applicant.

There are also data points that would be provided by the applicant addressing the demographics of the applicant's ownership: Whether the applicant is a minority-owned business; whether the applicant is a women-owned business; and the ethnicity, race, and sex of the applicant's principal owners. The Bureau refers to these data points collectively as an applicant's “protected demographic information.” The Bureau is proposing that principal owners' ethnicity and race be collected from applicants using aggregate categories as well as disaggregated subcategories. The Bureau is proposing to permit principal owners to self-describe their sex (instead of or in addition to choosing male and/or female), and is seeking comment on whether and, if so, how its collection of principal owners' sex should incorporate sexual orientation and gender identity in light of the recent Supreme Court decision in Bostock v. Clayton County and the Bureau's subsequent ECOA interpretive rule. If an applicant does not provide any ethnicity, race, or sex information for any principal owners, the Bureau is proposing that the financial institution must collect at least one principal owner's race and ethnicity (but not sex) via visual observation or surname, but only if the financial institution meets with any principal owners in person or via electronic media with an enabled video component. The Bureau is proposing detailed instructions to assist financial institutions in collecting and reporting applicants' protected demographic information pursuant to section 1071. The Bureau is also proposing a sample data collection form, which would include a required notice to applicants that the financial institution cannot discriminate on the basis of an applicant's minority- or women-owned business status or any principal owner's ethnicity, race, or sex.

In addition, the Bureau's proposal includes data points that would be generated or supplied solely by the financial institution. These data points include, for all applications: A unique identifier for each application for or extension of credit; the application date; the application method ( i.e., the means by which the applicant submitted its application); the application recipient (that is, whether the financial institution or its affiliate received the application directly, or whether it was received by the financial institution via a third party); the action taken by the financial institution on the application; and the action taken date. For denied applications, there is also a data point for denial reasons. For applications that are originated or approved but not accepted, there is a data point for the amount originated or approved, and a data point for pricing information (which would include, as applicable, interest rate, total origination charges, broker fees, initial annual charges, additional cost for merchant cash advances or other sales-based financing, and prepayment penalties).

Firewall. The Bureau's proposal includes a section to implement the requirement in section 1071 that certain data collected be shielded from underwriters and certain other persons; the Bureau refers to this as the “firewall.” An employee or officer of a financial institution or a financial institution's affiliate that is involved in making any determination concerning the application would be prohibited from accessing an applicant's responses to inquiries that the financial institution makes pursuant to section 1071 regarding whether the applicant is a minority-owned or women-owned business, and the ethnicity, race, and sex of the applicant's principal owners.

This prohibition would not apply to an employee or officer, however, if the financial institution determines that it is not feasible to limit that employee's or officer's access to an applicant's responses to the financial institution's inquiries regarding the applicant's protected demographic information, and the financial institution provides a notice to the applicant regarding that access. It would not be feasible to limit access if the financial institution determines that an employee or officer involved in making any determination concerning a covered application should have access to one or more applicants' responses to inquiries regarding protected demographic information. The notice must be provided to each applicant whose information will be accessed or, alternatively, the financial institution could provide the notice to all applicants whose information could be accessed. The Bureau is proposing sample language that a financial institution could use in providing this notice.

Reporting data to the Bureau; publication of data by the Bureau; and privacy considerations. The Bureau is proposing to require that 1071 data be collected on a calendar year basis and reported to the Bureau on or before June 1 of the following year. Financial institutions reporting data to the Bureau would be required to provide certain identifying information about themselves as part of their submission. The Bureau is proposing to provide technical instructions for the submission of 1071 data in a Filing Instructions Guide and related materials.

The Bureau is proposing to make available to the public, on an annual basis and on the Bureau's website, the data submitted to it by financial institutions, subject to modifications or deletions made by the Bureau, at its discretion, to protect privacy interests. To determine whether and how the Bureau might use its discretion to modify or delete data prior to publication, the Bureau is proposing a “balancing test” that would assess the risks and benefits of public disclosure. After the Bureau receives at least one full year of 1071 data following the compliance date of the final rule, the Bureau plans to issue a policy statement in which it would set forth its intended modifications and deletions. The Bureau is also proposing that the Bureau's publication of the data would satisfy financial institutions' statutory obligation to make data available to the public upon request.

Recordkeeping, enforcement, severability, and effective and compliance dates. The Bureau's proposal addresses issues related to recordkeeping and to severability of the rule. It also addresses enforcement of violations of the rule, along with provisions regarding bona fide errors under the rule as well as several safe harbors.

Finally, the Bureau is proposing that its final rule to implement section 1071 would become effective 90 days after publication in the Federal Register , though compliance with the rule would not be required until approximately 18 months after publication in the Federal Register . The Bureau is also proposing several related transitional provisions that would permit covered financial institutions to begin collecting applicants' protected demographic information prior to the compliance date and would permit financial institutions to use a different time period to determine whether they will be covered by the rule as of the compliance date.

II. Background

As discussed above, in 2010, Congress enacted the Dodd-Frank Act. Section 1071 of the Dodd-Frank Act, which amended ECOA, requires financial institutions to collect and report to the Bureau data regarding applications for credit for women-owned, minority-owned, and small businesses. Section 1071 was adopted for the dual purposes of facilitating fair lending enforcement and enabling communities, governmental entities, and creditors to identify business and community development needs and opportunities of such businesses. Section 1071 complements other Federal efforts to ensure fair lending and to promote community development for small businesses, including through ECOA, the Community Reinvestment Act of 1977 (CRA), and the Community Development Financial Institutions (CDFI) Fund.

The collection and subsequent publication of more robust and granular data regarding credit applications for small businesses, including those that are women- and minority-owned, will provide much-needed transparency to the small business lending market. The current COVID-19 pandemic has shown that transparency is essential, particularly at a time of crisis, when small businesses, especially those owned by women and minorities, may be in urgent need of credit in order to recover from economic shocks.

Furthermore, in the years and decades to come, the collection and publication of these data will be helpful in identifying potential fair lending violations and in facilitating the enforcement of anti-discrimination laws. It will also help governments, community groups, financial institutions, and other stakeholders to identify opportunities and gaps in the market, thereby enhancing business and community development and boosting broad-based economic activity and growth.

Overview

Small businesses are a cornerstone of the U.S. economy. There were over 30 million small businesses in the U.S. in 2017, employing almost half of all private sector employees. Small businesses, particularly start-ups, also generated 65 percent of new jobs since 2000. Small businesses were hit hard by two major shocks in the last two decades. First, the Great Recession, which began in 2007, disproportionately affected small businesses. Between 2007 and 2009, employment at businesses with under 50 employees fell by 10.4 percent, compared with 7.5 percent at larger firms, while between 2008 and 2011 lending to small firms fell by 18 percent, compared with 9 percent at larger firms. Small businesses suffered again because of the COVID-19 pandemic. Around 40 percent of small businesses were temporarily closed in late March and early April 2020, due primarily to demand shocks and employee health concerns. Across the first year of the pandemic, “excess” business establishment exits from the market, in comparison to exits over the same period from prior years, numbered up to 200,000. As of mid-2021, loan approvals (other than for government emergency programs) still remained low, and some 845,000 non-farm private sector jobs had not yet been recovered.

During the last two decades, the small business lending landscape has also transformed. Traditional providers—namely banks—consolidated, leading to branch closures. The number of banks in the U.S. has declined from over 18,000 in 1986 to under 5,200 today and the number of branches declined by 14 percent from 2009 to 2020. Meanwhile, new providers and products, such as fintechs and merchant cash advances (MCAs), have become increasingly prevalent in the small business lending market. Financing by MCA providers is estimated to have increased from $8.6 billion in volume during 2014 to $15.3 billion in 2017. From 2017 to 2019, the volume may have increased further to $19 billion. Meanwhile, financing by fintechs is estimated to have increased from $1.4 billion in outstanding balances in 2013 to approximately $25 billion in 2019.

Both recent economic shocks and changes in patterns of small business financing have had fair lending and community development implications. In terms of the effect of economic shocks, data suggest that women-owned and minority-owned small businesses were impacted disproportionately by the economic crises of the last two decades. Data further suggest that women-owned and minority-owned small businesses, compared to other small businesses, had fewer cash reserves and faced steeper hurdles in accessing credit that would have allowed them to better weather these crises.

Regarding trends in the small business financing landscape, the shift away from traditional providers of small business credit toward newer types of providers gives rise to both potential harm and opportunity. In terms of potential harms, bank closures may have made it more difficult for small businesses, particularly women-owned and minority-owned small businesses, to access credit and remain open—particularly in low- and moderate-income areas and rural communities. Newer providers, often offering newer products, have less experience complying with both Federal and State lending laws and regulations. Additionally, they may use algorithms and artificial intelligence (AI), which may create or heighten “risks of unlawful discrimination, unfair, deceptive, or abusive acts or practices . . . or privacy concerns.” In addition, opaque product terms and high interest rates could trap business owners in cycles of debt.

In terms of opportunity, innovative products and lending models, including the use of AI, may yield benefits of more accurate, lower-cost, and faster underwriting, as well as expanded credit access for small businesses that may not have obtained credit under traditional credit underwriting approaches. Specifically, newer providers and approaches may permit those with low or nonexistent personal or business credit scores—including women and minorities who own or seek to start small businesses but on average have relatively lower personal credit scores than male and white business owners —to more easily access credit. Non-traditional credit providers may help offset decreases in lending associated with the closure of bank branches. For instance, fintechs may help provide financing to small businesses in rural communities that lack bank branches.

The precise impacts of these broader trends are not well understood at present because there are no comprehensive, comparable, and application-level data across the fragmented and complex small business lending market. Some small business lending data exist, provided mostly by Federal regulators, but available data are incomplete in certain ways. Some do not include lending by certain categories of institutions, such as smaller depository institutions. And none include lending by nondepository institutions, which comprises almost half of all small business financing.

The datasets that do exist both over- and underestimate small business lending in certain respects by including small dollar loans to non-small businesses and by excluding larger loans to small businesses. Further, these datasets all concern originated loans; they do not include information on applications that do not result in originated loans. Nor do they generally include borrower demographics. Other public, private, and nonprofit datasets offer only partial snapshots of particular areas of the market. Finally, much of the publicly available data are aggregated, which does not permit more granular, loan- or application-level analysis that would facilitate fair lending or business and community development analysis by stakeholders other than those that collected the data. See part II.B below for a detailed discussion on existing data on small business financing.

The remainder of this part II focuses on several broad topics that explain, in more detail, the need for the small business lending data that the proposed rule to implement section 1071 would provide: (A) The role of small businesses in the U.S. economy; (B) existing data on small business financing; (C) the landscape of small business financing; (D) estimating the size of the small business financing market despite limited data; (E) the particular challenges faced by women-owned and minority-owned small businesses; and (F) the purposes and impact of section 1071.

A. Small Businesses in the United States

Small businesses are an important, dynamic, and widely diverse part of the U.S. economy. They are critical to employment, innovation, and economic growth and stability, both overall and specifically for minority and women entrepreneurs.

The Small Business Act, as implemented by the SBA, defines a small business using size standards that generally hinge on the average number of employees or average annual receipts of the business concern and are customized industry by industry across 1,057 6-digit North American Industry Classification System (NAICS) codes. Size standards based on average number of employees are used in all industries in the manufacturing and wholesale trade sectors, as well as in certain industries across a variety of other sectors as well. Employee-based size standards range from 100 (used almost entirely in certain industries within the wholesale trade sector) to 1,000 (used in industries across a variety of sectors including, for example, petroleum refineries, automobile manufacturing, and greeting card publishers). Size standards based on average annual receipts are used in nearly all other industries, and range from $1 million (used in most industries in the crop production and animal production and aquaculture subsectors) to $41.5 million (used in industries across a variety of sectors including, for example, passenger car leasing, television broadcasting, and general medical and surgical hospitals).

Simpler definitions of what constitutes a small business are used in certain contexts. For example, in certain annual research releases the SBA's Office of Advocacy defines a small business as one that has fewer than 500 employees. According to the Office of Advocacy, and based on this definition of a small business, there are 31.7 million such businesses in the U.S. that represent 99.9 percent of all U.S. firms and employ over 60 million Americans. Six million of these small businesses have paid employees, while 25.7 million are non-employer businesses ( i.e., the owner(s) are the only people involved in the business). From 2000 to 2019, small businesses, particularly young businesses and start-ups, created 10.5 million net new jobs in the U.S., while large businesses created 5.6 million.

Nearly one third of all businesses are minority-owned and more than one third are women-owned, though minorities and women own a smaller share of employer firms. As of 2018, minorities owned over one million employer firms in the U.S. (amounting to 18.3 percent of all employer firms) and, as of 2017, approximately 8.2 million non-employer firms. Likewise, as of 2018, women owned about 1.1 million employer firms (19.9 percent of all employer firms) and, as of 2017, approximately 10.6 million non-employer firms.

Businesses are legally structured in several ways. In 2017, 87 percent of non-employer businesses were sole proprietorships, which means that the business is not distinguishable from the owner for tax and legal purposes; the owner receives profits directly but is also legally responsible for the business's obligations. Seven percent of non-employer businesses were partnerships, which can be structured to limit the personal liability of some or all owners; limited partners may exchange control for limited liability, while general partners that run the business may remain personally liable. Six percent of non-employer businesses were structured as corporations—4.6 percent are S-corporations and 1.5 percent are C-corporations—which are independent legal entities owned by shareholders who are not personally liable for the corporation's obligations. In 2017, most small employer businesses were corporations, with 50.5 percent choosing to be S-corporations and 16.8 percent preferring C-corporation status, although sole proprietorship and partnership structures remained relatively popular at 12.9 percent and 11.8 percent respectively. By contrast, 74.2 percent of large employer businesses chose to be C-corporations, with 9.3 percent preferring a partnership structure and 8.1 percent S-corporation status.

Small businesses are particularly important in specific sectors of the economy. In 2016, in the services sector, small businesses supplied 45 percent of 19.7 million healthcare and social services jobs, over 60 percent of 13.7 million accommodation and food services jobs, and over 80 percent of 6.3 million construction jobs. In the same year, in manufacturing, small businesses made up 44 percent out of 11.6 million jobs. Finally, in 2016, small family farms totaled 96 percent out of 2.2 million farms, and small businesses provided over 80 percent of agriculture, forestry, and fishing and hunting jobs out of 161,000. As such, the financial health of small businesses is essential to the U.S. economy, especially to the supply of critical and basic goods and services—from producing food to serving it at restaurants, and from home building to healthcare.

Small businesses have been especially hard-hit by the COVID-19 pandemic. At a low point in the pandemic in April 2020, 20 percent of self-employed workers had temporarily exited the labor market. Industries in which small businesses played a large role have been particularly impacted. For example, comparing April 2020 with April 2019, employment declined by almost 50 percent in the leisure and hospitality industries (also declining by 50 percent among food services and drinking establishments within the leisure and hospitality industry), in which small businesses employ 60 percent of workers.

B. Existing Data on Small Business Lending

While small businesses are a critical part of the U.S. economy and require financial support, it is still true, as it was in 2017 when the Bureau published its White Paper on small business lending, that it is not possible with current data to confidently answer basic questions regarding the state of small business lending. This limitation is especially the case with regard to the race, sex, and ethnicity of small business owners, applications as opposed to originations, and for small business financing products that are not currently reported in Call Report data.

Data on small business lending are fragmented, incomplete, and not standardized, making it difficult to conduct meaningful comparisons across products and over time. This hinders attempts by policymakers and other stakeholders to understand the size, shape, and dynamics of the small business lending marketplace, including the interaction of supply and demand, as well as potentially problematic lending practices, gaps in the market, or trends in funding that may be holding back some communities. For example, absent better data, it is hard to determine if relatively lower levels of bank loans to small businesses in the decade before the pandemic began were reflective of a net relative decline in lending to small businesses as compared to large businesses or rather a shift within small business lending from banks to alternative lenders. To the extent there may have been a relative decline, it is difficult to assess if that decline affected certain types of small businesses more than others, including women-owned and minority-owned small businesses.

The primary sources of information on lending by depository institutions are the Federal Financial Institutions Examination Council (FFIEC) and National Credit Union Administration (NCUA) Consolidated Reports of Condition and Income (Call Reports), as well as reporting under the CRA. Under the FFIEC and CRA reporting regimes, small loans to businesses of any size are used in whole or in part as a proxy for loans to small businesses. The FFIEC Call Report captures banks' outstanding number and amount of small loans to businesses (that is, loans originated under $1 million to businesses of any size; small loans to farms are those originated under $500,000). The CRA requires banks and savings associations with assets over a specified threshold to report loans in original amounts of $1 million or less to businesses; reporters are asked to indicate whether the borrower's gross annual revenue is $1 million or less, if they have that information. The NCUA Call Report captures data on all loans over $50,000 to members for commercial purposes, regardless of any indicator about the business's size. There are no similar sources of information about lending to small businesses by nondepository institutions. The SBA also releases data concerning its loan programs, but these typically do not include demographic information, and this covers only a small portion of the overall small business financing market.

These public data sources provide some of the most extensive information currently available on small business lending. However, they suffer from four material limitations, namely that the data capture only parts of the market, are published at a high level of aggregation, do not permit detailed analysis across the markets, and lack standardization across different agencies.

First, these datasets exclude entire categories of lenders. For example, banks under $1.322 billion in assets do not have to report under the CRA. The FFIEC and NCUA Call Reports and CRA data do not include lending by nondepository financial institutions, which the Bureau estimates to represent 40 percent of the small business financing market and is rapidly growing.

Second, Federal agencies publish summary data at a high level in a manner that does not facilitate independent analysis by other agencies or stakeholders. The FFIEC and NCUA Call Reports and the CRA data are all available at a higher level of aggregation than loan-level, limiting fair lending and detailed geographic analyses since race, sex, and ethnicity as well as business location data are rarely disclosed.

Third, the detailed data collected by these Federal sources have significant limitations as well, preventing any analysis into certain issues or types of borrowers, even by the regulators possessing these data. Neither Call Report nor CRA data include applications, which limits insights into any potential discrimination or discouragement in application processes as well as into the interaction between credit supply and demand. The Call Report and CRA data separately identify loans of under $1 million in value, and CRA data also identify loans to businesses with annual revenues of $1 million or less. However, the Call Report definition of small business loans as those with a loan size of $1 million or less at origination is both overinclusive, as it counts small loans to businesses of all sizes, and underinclusive, as it excludes loans over $1 million made to small businesses. Credit unions report any loans under $50,000 as consumer loans and not as commercial loans, potentially excluding from measurement an important source of funding for many small businesses, particularly the smallest and often most underserved.

Finally, the Federal sources of small business lending data are not standardized across agencies and cannot be easily compared. For example, the FFIEC Call Report collects small loans to businesses as a proxy for small business lending, whereas the NCUA Call Report collects loans to members for commercial purposes above $50,000 but with no upper limit. The loan-level data for the Paycheck Protection Program (PPP) offer an unprecedented level of insight into small business lending, but this dataset is a one-off snapshot into the market for a specific lending program at an acute moment of crisis and is also limited in utility by relatively low response levels to demographic questions concerning borrowers.

The Federal government also conducts and releases a variety of statistics, surveys, and research reports on small business lending through the member banks for the Federal Reserve System, the FDIC, CDFI Fund, and the U.S. Census Bureau. These data sources offer insights into broad trends and specific small business lending issues but are less useful for detailed fair lending analyses or identification of specific areas, industries, or demographic groups being underserved. Periodic changes in survey methodology and questions can also limit comparability and the ability to track developments over time.

There are also a variety of non-governmental data sources, issued by both private and nonprofit entities, that cover small businesses and/or the small business financing market. These include datasets and surveys published by commercial data and analytics firms, credit reporting agencies, trade associations, community groups, and academic institutions. Certain of these data sources are publicly available and track specific topics, such as small business optimism, small business employment, rates of small business credit application approvals, small business lending and delinquency levels, and rates of small business closure. Other databases have more granularity and provide detailed information on individual businesses, including revenue, credit utilization, industry, and location.

While these non-public sources of data on small businesses may provide a useful supplement to existing Federal sources of small business lending data, these private and nonprofit sources often do not have lending information, may rely in places on unverified research based on public internet sources, and/or narrowly limit use cases for parties accessing data. Further, commercial datasets are generally not free to public users and can be costly, raising equity issues for stakeholders who cannot afford access.

C. The Landscape of Small Business Finance

Notwithstanding the lack of data on the market, it is clear that financing plays an important role in enabling small businesses to grow and contribute to the economy. When it is available, financing not only provides resources for small businesses to smooth cash flows for current operations, but also affords business owners the opportunity to invest in business growth. An analysis by the National Small Business Association, which examined data from 1993 through 2016, found a correlation between small business owners' ability to access credit and their ability to hire. This same study found that, while not the sole cause, the inability to secure financing may have led 16 percent of small businesses to reduce their number of employees and approximately 10 percent of small businesses to reduce employee benefits. Lack of access to financing also contributed to a further 10 percent of small businesses being unable to increase store inventory in order to meet existing demand.

To support their growth or to make it through harder times, small businesses look to a variety of funding sources. Especially when starting out, entrepreneurs often rely on their own savings and help from family and friends. If a business generates a profit, its owners may decide to reinvest retained earnings to fund further growth. However, for many aspiring business owners—and their personal networks—savings and retained earnings may not be sufficient to fund a new venture or grow it, leading owners to seek other sources of funding. This is particularly true for minority- and women-led households, which on average have less wealth than their white- and men-led counterparts.

One such source of funding comes from others besides family and friends, whether high net worth individuals or “angel investors,” venture capital funds, or, in a more recent development usually facilitated by online platforms, via crowdsourcing from retail investors. Often, these early investments take the form of equity funding, which business owners are not obligated to repay to investors. However, equity funding requires giving up some ownership and control to investors, which certain entrepreneurs may not wish to do. For small businesses, equity funding also tends to be somewhat more expensive than debt financing in the longer run. This is for a number of reasons, including that loan interest payments, unlike capital gains, are tax-deductible. Finally, equity investments from others besides family and friends are available to only a minority of small businesses.

Many small businesses instead seek debt financing from a wide range of providers. These providers include depository institutions, such as banks, savings associations, and credit unions, as well as fintechs and commercial finance companies, specialized providers of specific financing products, and a range of government and government-sponsored enterprises, among others.

In the past, small businesses principally sought credit from banks; however, as banks have merged and consolidated, particularly in the wake of the Great Recession, they have provided less financing to small businesses. As noted earlier, the number of banks has declined significantly since a post-Great Depression peak in 1986 of over 18,000 institutions to around 5,200 institutions today, while 13,500 branches closed from 2009 to mid-2020, representing a 14 percent decrease. Although nearly half of counties either gained bank branches or retained the same number between 2012 and 2017, the majority lost branches over this period. Out of 44 counties that were deeply affected by branch closures, defined as having 10 or fewer branches in 2012 and seeing five or more of those close by 2017, 39 were rural counties. Of rural counties, just over 40 percent lost bank branches in that period; the rural counties that experienced substantial declines in bank branches tend to be lower-income and with a higher proportion of African-American residents relative to other rural counties, raising concerns about equal access to credit.

As banks and branches have merged and/or closed, the share of banking assets has also become increasingly concentrated in the largest institutions, with banks of over $10 billion in assets representing 84 percent of all industry assets in 2018, totaling $15.1 out of $17.9 trillion. Nevertheless, banks of under $10 billion in assets continue to hold approximately half of all small business loans (using the FFIEC Call Report definition of loans of under $1 million), highlighting the importance of smaller banks to the small business lending market. Since smaller bank credit approvals have traditionally been close to 50 percent, while large banks approve only 25-30 percent of applications, bank consolidation may have implications for small business credit access. Since institutions under $1.322 billion in assets are not required to report on lending under the CRA, it is difficult to precisely assess the impact of bank consolidation and shuttered branches on small business lending and access to credit in local areas. By contrast, credit unions increased their small business lending from $30 billion in 2008 to at least $55 billion in 2019. Like banks, credit unions typically receive high satisfaction scores among small business borrowers, reflecting more high-contact, relationship-based lending models.

Certain banks and credit unions choose to be mission-based lenders, as CDFIs or Minority Depository Institutions (MDIs). Mission-based lenders focus on providing credit to traditionally underserved and low-income communities and individuals to promote community development and expand economic opportunity, making them a relatively smaller by dollar value but essential part of the small business lending market. There were over 1,200 CDFIs (around half of which are depository institutions) as of May 2021 and over 140 MDIs as of March 2021.

During a period in which that depository institutions have been providing relatively less funding to small businesses, small businesses have increasingly relied on other nondepository institutions for financing. Since nondepositories typically do not report their small business financing activities to regulators, however, there are no authoritative sources for either the number of such entities or the dollar value of financing they provide to small businesses. However, what data are available make clear that fintech firms are rapidly increasing their share of the small business financing market.

Whether depository or nondepository, each provider of small business financing assesses a variety of different criteria to determine whether and on what terms to grant an extension of credit or other financing product, including business and financial performance, the credit history of the business and its owner(s), the time in business, and the industry, among other factors. Protections such as guarantees, collateral, and insurance can mitigate perceived risks, potentially enabling a lender to offer better terms or facilitating an extension of credit that would otherwise not meet lending limit or underwriting criteria. Often, government agencies, including the SBA, FHA, and USDA, guarantee or insure loans themselves to encourage lenders to provide credit to borrowers that may not otherwise be able to obtain credit, either on affordable terms and conditions or at all. Different lenders also employ diverse methods for assessing risk, with smaller banks generally relying more on traditional underwriting methods and typically managing multi-product relationships. Fintechs increasingly use algorithms, automation, and even AI and machine learning to assess risk and make underwriting decisions, with originations typically being less relationship-based in nature.

As well as diversity in underwriting methodology and criteria, there are also considerable differences across small business financing products and providers with respect to pricing methods and repayment structures. As a result, it can be challenging to compare the competitiveness of product pricing and terms. The Bureau understands that term loans, lines of credit, and credit cards typically disclose annualized interest rates; leases often take into account depreciation; factoring products discount an invoice's value and add a fee; and MCAs apply a multiple to the value of the up-front payment. Moreover, providers may add additional fees that are not standardized within industries, much less across them. The Bureau believes that this complexity may confuse business owners and render them unable to secure more favorable rates due to opacity in offers presented—which in some cases may even be deliberate —and a corresponding inability to effectively compare across different financing options. This may impair applicants' ability to make informed choices.

D. Estimating the Size and Scope of the Small Business Financing Market

In light of the lack of data and the heterogeneity of products and providers within the small business financing market, it can be difficult to get a clear sense of the size and scope of the market. In this section, the Bureau describes its estimates of the total outstanding balances of credit in the market, the number of institutions that are active in the small business financing market, and how the Bureau arrived at these estimates. Where possible, the Bureau tries to estimate the state of the small business financing market at the end of 2019 in order to estimate the state of the market during a year unaffected by the COVID-19 pandemic.

One challenge is that some of the data report the dollar value of originations and some report outstanding balances. For the purposes of this exercise and for most, but not all, products, the Bureau assumes that for every $1 originated in the market in a given year, there is approximately a corresponding $3 of outstanding balances. This assumption is based on the ratio of the 2019 FFIEC Call Report data, which totaled $721 billion in outstanding balances on bank loans to small businesses and small farms, and the 2019 CRA data, which recorded $264 billion in bank loan originations to small businesses and small farms. This assumption is limited by the extent to which other small business financing products differ from loans and lines of credit, which make up the majority of financing products captured by the FFIEC Call Report data and the CRA data.

As detailed in this section, the Bureau estimates that the market for small business financing products totaled $1.4 trillion in outstanding balances in 2019. The Bureau estimates that small business financing by depository institutions makes up just over half of small business financing by private institutions. In 2020 and 2021, COVID-19 emergency lending programs added a further $1 trillion to this value, bringing the overall size of the small business financing market up to $2.4 trillion. Below, the Bureau estimates the market share for different small business financing products.

Since the available data regarding depository institutions' small loans to businesses address term loans, lines of credit, and credit cards together, the respective share of different products in the overall small business financing market is difficult to assess. As detailed in this section, the Bureau estimates that together, private term loans and lines of credit constitute the largest small business credit product by value, totaling approximately $770 billion in outstanding balances in 2019, although PPP and EIDL Program loans have since added $1 trillion to this figure.

Lending by banks, saving associations, and credit unions comprises the largest part of this total amount for private term loans and lines of credit. Using FFIEC Call Report data for December 2019, the Bureau estimates that banks and savings associations account for a total of about $721 billion in outstanding credit to small businesses and small farms as of December 2019. Using NCUA Call Report data for December 2019, the Bureau estimates that credit unions account for a total of about $55 billion in outstanding credit to members for commercial purposes. From this value, the Bureau subtracts $62 billion in credit card lending to arrive at $713 billion in outstanding balances for term loans and lines of credit. From this value, the Bureau further subtracts $134 billion in SBA guaranteed loans to arrive at $580 billion in outstanding balances for private term loans and lines of credit extended by depository institutions ( i.e., banks, savings associations, and credit unions) as of December 2019.

The remaining $190 billion in outstanding balances for private term loans and lines of credit was extended by various nondepository institutions, namely commercial finance companies, fintechs, and nondepository CDFIs.

Commercial finance companies specialize in financing equipment and vehicle purchases. The Bureau estimates that the value of outstanding balances on credit extended by commercial finance companies totaled approximately $160 billion. Using data from the Federal Reserve Board's Finance Company Business Receivables data on owned assets as of December 2019, the Bureau estimates commercial finance companies outstanding credit for commercial purposes as the value of retail motor vehicle loans plus equipment loans and other business receivables, which totaled about $215 billion. The Bureau further assumes that about 75 percent of this value, or $162 billion, can be attributed to loans to small businesses.

Typical fintech providers are characterized primarily by providing banking services exclusively in an online environment. The Bureau estimates that total outstanding loan balances for fintech providers reached around $25 billion in 2019. In a 2018 report, S&P Global projected that online platform lenders would originate about $9.3 billion in credit to small and medium enterprises in 2019. Using this estimate, the Bureau scales up the value of originations to $25 billion in estimated outstanding balances, under the assumptions discussed above. At the beginning of the COVID-19 pandemic and financial crisis, fintechs originated around $22 billion in PPP loans to small businesses from March to August 2020 and likely continued to originate billions more during the third wave of PPP loans in 2021, which represents an almost 90 percent increase or more in outstanding balances since 2019. This follows already rapid growth from $1.4 billion in estimated outstanding balances in 2013.

The Bureau estimates the value of outstanding balances on credit extended by nondepository CDFIs to small business borrowers to be around $1.5 billion. Using reporting by the CDFI Fund for 2019, the Bureau scales down the outstanding balances for loan funds of $13.8 billion and for venture capital funds of $0.3 billion by the proportion of all CDFI lending attributable to business borrowers, which totaled $15.4 billion out of $141.2 billion.

Categorized here separately so as to distinguish residential from non-residential loans, the Bureau estimates outstanding balances for loans on 5+ unit residential dwellings to total over $30 billion. Using data from the Mortgage Bankers Association, the Bureau scales up $11 billion in 2019 annual originations on loans of under $1 million in value at origination for 5+ unit residential dwellings to $30 billion in estimated outstanding balances, using the ratio between the FFIEC Call Report and the CRA data discussed above.

Also categorized separately from depository institution totals so as to distinguish private from government and government-sponsored loans, the Bureau estimates that outstanding balances for loans extended by the Small Business Administration and the Farm Credit System totaled around $200 billion in 2019.

The SBA, through its traditional 7(a), 504, and microloan programs as well as the Economic Impact Disaster Loan (EIDL) program and funding for Small Business Investment Companies (SBICs), is the largest governmental lender by value, with $143.5 billion in outstanding balances at the end of fiscal 2019. However, since the outbreak of the COVID-19 pandemic, SBA lending has increased in size by over $1 trillion due to the PPP, which totaled $800 billion, and the EIDL Program, which totaled $210 billion.

The Farm Credit System is another important government-related part of the small business credit landscape. The Bureau estimates that Farm Credit System members had around $55 billion in outstanding balances of credit extended to small farms in 2019. Using the same small loan to farms proxy as is used in the FFIEC Call Report, the Bureau estimates credit to farms with an origination value of less than $500,000. Based on the Farm Credit System's 2019 Annual Information Statement of the Farm Credit System, the Bureau estimates that outstanding balances of such small credit to farms totaled $55 billion at the end of 2019. The Bureau notes that, as with the FFIEC Call Report proxy, this number may include credit to non-small farms and may exclude larger credit transactions extended to small farms.

Mostly extended by depository institutions, the Bureau estimates that the market for small business credit cards totaled over $60 billion in outstanding balances for 2020. Using data from Y-14 Form submissions to the Federal Reserve Board, the Bureau estimates the value of outstanding balances for small business credit card accounts where the loan is underwritten with the sole proprietor or primary business owner as an applicant.

Equipment and vehicle leasing, whereby businesses secure the right to possess and use a piece of equipment or vehicle for a term in return for consideration, is another important product category that is estimated to value roughly $160 billion in outstanding balances in 2019. Using data from the Equipment Leasing and Financing Foundation for 2019, the Bureau estimates the total size of the equipment and vehicle leasing market for all sized businesses in 2019 to be approximately $900 billion. The Bureau further assumes that small businesses comprise around 18 percent of the total equipment and vehicle leasing market.

Factoring is a similarly significant product type, estimated at around $100 billion in market size for 2019. In a factoring transaction, factors purchase, at a discount, a legally enforceable claim for payment ( i.e., accounts receivables or invoices) for goods already supplied or services already rendered by a business for which payment has not yet been made; hence, a factor's risk related to repayment often lies with the business's customer and not the business itself. In most cases, specific companies, called factors, provide factoring products.

The market for MCAs is developing rapidly and data are even more scarce than for other segments of the small business lending market. This limits the reliability of estimates as to the MCA market's size. Based on market research conducted by Bryant Park Capital (BPC) and reported on by deBanked.com , the Bureau estimates the 2019 market size to be around $20 billion. The MCA market is also of particular significance for smaller and traditionally underserved businesses that may not qualify for other types of credit. MCAs are typically structured to provide a lump sum payment up front (a cash advance) in exchange for a share of future revenue until the advance, plus an additional amount, is repaid. Unlike the majority of other small business financing products, MCAs typically purport to be for short durations. The Bureau understands that MCAs also tend to be relatively high-cost products. Two States, New York and California, will soon implement laws that will require providers of “sales-based financing,” such as MCAs, to provide disclosures (including estimated APR) similar to those required under the Truth in Lending Act (TILA), which generally only applies to consumer credit.

Finally, trade credit is another significant market, which the Bureau estimates to total $51 billion in outstanding balances in 2019. Using a report by Fundbox/PYMNTS, the Bureau estimates the trade credit market size by adding the total accounts payable for businesses under $1 million in annual revenue. Considering the total value of accounts payable for businesses between $1 million and $5 million would increase the market size by $88 billion. Trade credit is an often informal, business-to-business transaction, usually between non-financial firms whereby suppliers allow their customers to acquire goods and/or services without requiring immediate payment.

The Bureau estimates that there were approximately 8,100 financial institutions extending small business financing in 2019, almost 80 percent of which were depository institutions.

Based on FFIEC Call Report data for December 2019, the Bureau estimates that about 5,100 banks and savings associations are active in the small business lending market, out of a total of about 5,200 banks and savings associations. The Bureau assumes that a bank or savings association is “active” in the market if it reports a positive outstanding balance of small loans, lines of credit, and credit cards to businesses.

Based on the NCUA Call Report data for December 2019, the Bureau estimates that about 1,200 out of 5,300 total credit unions were active in the small business lending market. The Bureau defines a credit union as “active” in the market if it reported a positive number of originations of loans, lines of credit, and credit cards to members for commercial purposes in 2019.

The Bureau estimates that there are about 1,800 nondepository institutions active in the small business financing market, accounting for around $550 billion in outstanding credit to small businesses.

The Bureau estimates that about 300 commercial finance companies are engaged in small business lending. By searching UCC filings, Manasa Gopal and Philipp Schnabl identified almost 300 commercial finance companies, including both independent and captive finance companies, with at least 1,500 small business loans between 2006 and 2016. The Bureau also estimates there to be about 30 or more fintechs currently active in the small business lending market, not including MCA providers. Using the same methodology as for commercial finance companies, Gopal and Schnabl identified 19 fintech companies. The Bureau conservatively increases this estimate to 30 to account for rapid growth in the industry from 2016 to 2019.

The Bureau estimates that 340 nondepository CDFIs are engaged in small business lending. Both depository and nondepository institutions can be CDFIs. Depository CDFIs are counted in the numbers of banks, savings associations, and credit unions engaged in small business lending. According to the CDFI fund, 487 nondepository funds ( i.e., loan funds and venture capital funds) reported as CDFIs in 2019. Of these, 340 institutions reported that business finance or commercial real estate finance were a primary or secondary line of business in 2019.

The Bureau estimates that about 270 nondepository mortgage lenders participated in the credit market for 5+ unit residential dwellings in 2019 and that about 50 of these institutions extended 25 or more of these loans to small businesses. In its “2019 Multifamily Lending Report,” the Mortgage Bankers Association lists annual multifamily lending volumes by institution, including a distinction for loans of under $1 million in value at origination. Using the same small loan to business proxy as is used in the FFIEC Call Report, the Bureau estimates the number of nondepository mortgage lenders by counting the number of institutions that appear on this list that are not depository institutions and that extended at least 50 loans in 2019. The Bureau counts institutions extending at least 50 loans of any size in order to estimate institutions extending at least 25 small loans, based on the assumption that some 50 percent of these loans may have been for values greater than $1 million.

Based on data from UCC filings collected by deBanked.com, the Bureau estimates that about 100 institutions were active in the market for providing MCA products to small businesses in 2021.

The Bureau estimates the number of factors to be between 700-900 and assumes that most factors are providing financing to small business.

Finally, many government agencies and government-sponsored enterprises provide or facilitate a significant proportion of small business credit. As the flagship government lender, the Small Business Administration managed in 2019 a portfolio of over $140 billion in loans to small businesses, to which it added over $1 trillion in loans extended as part of the COVID-19 emergency lending programs. Across Federal, State, and municipal governments, the Bureau estimates that there are likely over 100 government small business lending programs. Additionally, the Farm Credit System reports that, as of December 2019, the Farm Credit System contains a total of 72 banks and associations. The Bureau assumes that all of these Farm Credit System institutions are engaged in lending to small farms.

E. Challenges for Women-Owned and Minority-Owned Small Businesses

Within the context of small business financing, women-owned and minority-owned businesses often face relatively more challenges than their counterparts. Specifically, women-owned and minority-owned small businesses can be even more susceptible to the impact of economic shocks and have a harder time accessing credit to survive and thrive in better times.

Although women-owned and minority-owned businesses are found in many industry sectors, women-owned businesses are concentrated in the health care and social assistance sector, while minority-owned businesses are primarily concentrated in the service sector, the healthcare and social assistance sector, and the administrative support, waste management and remediation sectors. During economic downturns, such as the Great Recession and the financial crisis resulting from the COVID-19 pandemic, women-owned and minority-owned small businesses tend to fare worse than other small businesses. Women and minority business owners have been disproportionately hurt by the COVID-19 pandemic, with rates of business ownership dropping from February to April 2020 by 41 percent, 32 percent, and 26 percent for African American, Latinx, and Asian individuals, respectively, compared with 17 percent for white individuals. Female business ownership declined by 25 percent, compared with 20 percent for male ownership.

Women-owned and minority-owned small businesses often have smaller cash reserves on average, leaving them less able to weather downturns and credit crunches. For example, in February 2021, 39 percent of women-owned businesses had one month or less in cash reserves, compared with 29 percent of men-owned firms. And in around 90 percent of majority Black and Hispanic communities, most businesses have fewer than 14 days of cash buffer, while this is true of only 35 percent of majority white communities. As a result, many small businesses, especially those owned by women and minorities, may have had a greater need for financing just as small business lenders began to approve fewer loans in response to economic uncertainty. Loan approvals at smaller banks dropped from 50 percent pre-pandemic to 12 percent in April 2020 and have settled between 18 and 19 percent since June 2020; the trend is similar for large banks, credit unions, and fintechs.

The PPP—part of the Federal government's response to the pandemic—helped to keep many small businesses afloat, but a number of factors prevented minority-owned small businesses from accessing PPP loans as easily as other firms. For example, established banking relationships between applicants and lending providers were often critical to approvals in early PPP underwriting; many minority-owned businesses did not have such relationships. Further, many minority-owned firms are sole proprietorships and independent contractors, both of which received delayed access to PPP loans. Unprofitable non-employer firms were also initially barred from receiving loans. Although Black-owned firms are more likely to use fintech providers, these lenders were only belatedly allowed to disburse PPP funds. However, once fintech providers were allowed to disburse PPP loans, Black borrowers in particular benefited from this access, highlighting the ability of fintech firms to reach minority-owned business borrowers.

Finally, applicants whose owners belong to protected categories may have received different credit outcomes when applying for PPP loans, although limitations in demographic information for PPP loans have hindered fair lending analyses.

Given the severity of the COVID-19 pandemic for small businesses generally and its potentially disproportionate impact on women-owned and minority-owned small businesses, it is essential to better understand the small business financing landscape to maintain support for this key part of the U.S. economy both during and after the pandemic.

F. The Purposes and Impact of Section 1071

The Dodd-Frank Act sets forth the Bureau's purposes and mission. It provides that a key component of the Bureau's fair lending work is to ensure fair, equitable, and nondiscriminatory access to credit for both individuals and their communities. And in passing section 1071, Congress articulated two purposes for requiring the Bureau to collect data on small business credit applications and loans—to “facilitate enforcement of fair lending laws” and to “enable communities, governmental entities, and creditors to identify business and community development needs and opportunities of women-owned, minority-owned, and small businesses.” Although the Dodd-Frank Act does not further explain or clarify these dual statutory purposes, other Federal laws shed light on both purposes. That is, a set of existing Federal laws form the backdrop for the use of 1071 data to facilitate the enforcement of fair lending laws, and to identify business and community development needs of small businesses across the United States.

1. Facilitating Enforcement of Fair Lending Laws

Congress intended for section 1071 to “facilitate enforcement of fair lending laws,” which include ECOA, the Home Mortgage Disclosure Act of 1975 (HMDA), the Fair Housing Act (FHAct), and other Federal and State anti-discrimination laws.

i. Equal Credit Opportunity Act (ECOA)

ECOA, which is implemented by Regulation B, applies to all creditors. Congress first enacted ECOA in 1974 to require financial institutions and other firms engaged in the extension of credit to “make credit equally available to all creditworthy customers without regard to sex or marital status.” Two years later, Congress expanded ECOA's scope to include age, race, color, religion, national origin, receipt of public assistance benefits, and exercise of rights under the Federal Consumer Credit Protection Act.

ECOA makes it unlawful for any creditor to discriminate against any applicant with respect to any aspect of a credit transaction (1) on the basis of race, color, religion, national origin, sex (including sexual orientation and gender identity), marital status, or age (provided the applicant has the capacity to contract); (2) because all or part of the applicant's income derives from any public assistance program; or (3) because the applicant has in good faith exercised any right under the Consumer Credit Protection Act. In keeping with the broad reach of the statute's prohibition, Regulation B covers creditor activities before, during, and after the extension of credit. Regulation B also bars creditors from making any oral or written statement, in advertising or otherwise, to applicants or prospective applicants that would discourage, on a prohibited basis, a reasonable person from making or pursuing an application. Regulation B also generally prohibits creditors from making inquiries about whether an applicant is a member of certain protected categories.

The Bureau has recognized the following methods of proving lending discrimination under ECOA and Regulation B: Overt evidence of discrimination, evidence of disparate treatment, and evidence of disparate impact. Overt evidence of discrimination exists when a creditor blatantly discriminates on a prohibited basis. Disparate treatment occurs when a creditor treats an applicant differently based on a prohibited basis such as race or national origin. Disparate impact occurs when a creditor employs facially neutral policies or practices that have an adverse effect or impact on a member of a protected class unless the facially neutral policies or practices meet a legitimate business need that cannot reasonably be achieved by means that are less disparate in their impact.

Multiple Federal regulators can enforce violations of ECOA and Regulation B and apply various penalties. Enforcement and penalties for those who violate ECOA and Regulation B are set forth in 15 U.S.C. 1691e(b) and 12 CFR 1002.16. Violations may also result in civil money penalties, which are governed by 12 U.S.C. 5565(c)(3). The Bureau and multiple other Federal regulators have the statutory authority to bring actions to enforce the requirements of ECOA. These regulators have the authority to engage in research, conduct investigations, file administrative complaints, hold hearings, and adjudicate claims through the administrative enforcement process regarding ECOA. Regulators also have independent litigation authority and can file cases in Federal court alleging violations of fair lending laws under their jurisdiction. Like other Federal regulators who are assigned enforcement authority under section 704 of ECOA, the Bureau is required to refer matters to the Department of Justice (DOJ) when it has reason to believe that a creditor has engaged in a pattern or practice of lending discrimination. Private parties may also bring claims under the civil enforcement provisions of ECOA, including individual and class action claims against creditors for actual and punitive damages for any violation of ECOA.

ii. Home Mortgage Disclosure Act (HMDA)

HMDA, implemented by the Bureau's Regulation C (12 CFR part 1003), requires lenders who meet certain coverage tests to report detailed information to their Federal supervisory agencies about mortgage applications and loans at the transaction level. These reported data are a valuable resource for regulators, researchers, economists, industry, and advocates assessing housing needs, public investment, and possible discrimination as well as studying and analyzing trends in the mortgage market for a variety of purposes, including general market and economic monitoring. There may be some overlap between what is required to be reported under HMDA and what is covered by section 1071 for certain mortgage applications and loans for women-owned, minority-owned, and small businesses.

A violation of HMDA and Regulation C is subject to administrative sanctions, including civil money penalties. Compliance can be enforced by the Bureau, the U.S. Department of Housing and Urban Development (HUD), the FDIC, the Board, the National Credit Union Administration (NCUA), or the Office of the Comptroller of Currency (OCC). These regulators have the statutory authority to bring actions to enforce the requirements of HMDA and to engage in research, conduct investigations, file administrative complaints, hold hearings, and adjudicate claims through the administrative enforcement process regarding HMDA.

iii. Fair Housing Act (FHAct)

Title VIII of the Civil Rights Act of 1968, as amended (Fair Housing Act, or FHAct), prohibits discrimination in the sale, rental, or financing of dwellings and in other housing-related activities because of race, color, religion, sex (including sexual orientation and gender identity), disability, familial status, or national origin. The Fair Housing Act and its implementing regulations specifically prohibit discrimination in the making of loans, the purchasing of loans, and in setting the terms and conditions for making loans available, without reference to consumers, legal entities, or the purpose of the loan being made, although these prohibitions relate exclusively to dwellings. As with ECOA, the courts have recognized three methods of proof of lending discrimination under the FHAct: (1) Overt evidence of discrimination; (2) evidence of disparate treatment; and (3) evidence of disparate impact.

The DOJ and HUD are jointly responsible for enforcing the Fair Housing Act. The Fair Housing Act authorizes the HUD Secretary to issue a Charge of Discrimination on behalf of aggrieved persons following an investigation and a determination that reasonable cause exists to believe that a discriminatory housing practice has occurred. The DOJ may bring lawsuits where there is reason to believe that a person or entity is engaged in a “pattern or practice” of discrimination or where a denial of rights to a group of persons raises an issue of general public importance, or where a housing discrimination complaint has been investigated by HUD, HUD has issued a Charge of Discrimination, and one of the parties to the case has “elected” to go to Federal court. In FHAct cases, HUD and the DOJ can obtain injunctive relief, including affirmative requirements for training and policy changes, monetary damages and, in pattern or practice cases, civil penalties.

Upon receipt of a complaint alleging facts that may constitute a violation of the FHAct or upon receipt of information from a consumer compliance examination or other information suggesting a violation of the FHAct, Federal executive agencies forward such facts or information to HUD and, where such facts or information indicate a possible pattern or practice of discrimination in violation of the FHAct, to the DOJ. Private parties may also bring claims under the civil enforcement provisions of FHAct.

iv. Other Fair Lending Laws

Several other Federal statutes seek to promote fair lending. The CRA seeks affirmatively to encourage institutions to help to meet the credit needs of the entire community served by each institution covered by the statute, and CRA ratings take into account lending discrimination by those institutions. The Americans with Disabilities Act of 1990 prohibits discrimination against persons with disabilities in the provision of goods and services, including credit services. Sections 1981 and 1982 of the Federal Civil Rights Acts are broad anti-discrimination laws that have been applied to many aspects of credit transactions.

Many States and municipalities have also enacted fair lending, fair housing, and/or civil rights laws (often modeled on their Federal counterparts) that seek to broadly prohibit credit discrimination, including protections for business credit. Some of these laws expressly enumerate protections beyond those expressly enumerated in the Federal statutes.

v. Facilitating Enforcement

In order for the 1071 rule to facilitate enforcement of the fair lending laws discussed above, the Bureau believes that it must collect and make available sufficient data to help the public and regulators identify potentially discriminatory lending patterns that could constitute violations of fair lending laws. Financial regulators and enforcement agencies need a consistent and comprehensive dataset for all financial institutions subject to 1071 reporting in order to also use 1071 data in their initial prioritization, peer analysis, redlining reviews, and screening processes to select institutions for monitoring, examination, or investigation. Section 1071 data would facilitate more efficient fair lending examinations. For example, regulators could use pricing and other data to prioritize fair lending examinations—without such data, some financial institutions would face unnecessary examination burden while others whose practices warrant closer review would not receive sufficient scrutiny.

Moreover, as discussed in part V below, the Bureau believes specific aspects of its proposal offer particular benefits for the enforcement of fair lending laws. For example, the Bureau's proposal regarding transactional and institutional coverage would allow community groups and government agencies to include most of the small business financing market in fair lending analyses. The proposed inclusion of pricing data fields such as interest rate and fees would provide information on disparities in pricing outcomes, and data fields such as gross annual revenue, denial reasons, and time in business would allow for a more refined analysis and understanding of disparities in both underwriting and pricing outcomes. While 1071 data alone generally will not offer proof of compliance with fair lending laws, regulators, community groups, researchers, and financial institutions will be able to use 1071 data to identify potential disparities in small business lending based on disaggregated categories of race and ethnicity. Overall, the data collection under 1071 rule will allow, for the first time, for comprehensive and market-wide fair lending risk analysis.

2. Identifying Business and Community Development Needs

The second purpose of section 1071 is to enable communities, governmental entities, and creditors to identify business and community development needs and opportunities of women-owned, minority-owned, and small businesses.

Section 1071 does not expressly define the phrase “business and community development needs.” However, other Federal statutes and regulations, including the CRA and the Riegle Community Development and Regulatory Improvement Act of 1994, reference or define the phrases “business development” and “community development” and can help explain what it means to enable communities, governmental entities, and creditors to “identify business and community development needs and opportunities.”

The Bureau believes, based on its consideration of these other Federal statutes and regulations, that the proposed 1071 rule would provide more data to the public—including communities, governmental entities, and creditors—for analyzing whether financial institutions are serving the credit needs of their small business customers. In addition, with 1071 data, the public would be better able to understand access to and sources of credit in particular communities or industries, such as a higher concentration of risky loan products in a given community, and to identify the emergence of new loan products, participants, or underwriting practices. The data would not only assist in identifying potentially discriminatory practices, but would also contribute to a better understanding of the experiences that members within certain communities may share in the small business financing market.

i. Community Reinvestment Act (CRA)

The CRA, a part of the Housing and Community Development Act, was passed by Congress in 1977, which found that “regulated financial institutions have continuing and affirmative obligation to help meet the credit needs of the local communities in which they are chartered.” As such, one of the statutory purposes of the CRA is to encourage such institutions to help meet the credit needs of the local communities in which they are chartered consistent with the safe and sound operation of such institutions.

The legislative history for the CRA suggests that the concerns motivating the Act's passage included certain practices by banks including redlining ( i.e., declining to extend credit in neighborhoods populated by ethnic or racial minorities) and community disinvestment ( i.e., taking deposits from lower-income areas, often populated by ethnic or racial minorities, without extending credit or banking services to residents of those areas). The CRA requires the “appropriate Federal financial supervisory agency” of a given depository institution to “prepare a written evaluation of the institution's record of meeting the credit needs of its entire community, including low- and moderate-income neighborhoods.” These requirements were first implemented by a 1978 rulemaking, and were amended in 1995 and 2005. These rulemakings, adopted by each of the agencies responsible for ensuring compliance with the CRA, established specific performance measures, requiring banks to disclose information about small business, small farm and community development lending.

The agencies tasked with ensuring compliance—including the OCC, the Board, and the FDIC —evaluate each insured depository institution's record in helping meet the credit needs of its entire community. Overall, the CRA and its regulations generate data that help agencies and the public at large identify instances of redlining, community disinvestment, and geographical areas that are “banking deserts.” The CRA regulations of the Board and the FDIC currently have the same definitions of “community development” that include banking and credit services that support the following: (1) Affordable housing for low- and moderate-income (LMI) individuals; (2) community services for LMI individuals; (3) activities that promote economic development by financing small business and small farms; and (4) activities that revitalize or stabilize LMI geographies, disaster areas, and certain distressed or underserved middle-income areas based on other factors.

In September 2020, the Board announced an advance notice of proposed rulemaking to update its CRA regulations, specifically to more effectively meet the needs of LMI communities and address inequities in credit access.” As part of this exercise, the Board requested feedback on potential revisions to its data collection and reporting requirements. The Board suggested that more granular reporting of community development loan and investment data may be needed to aid community development and improve compliance with the CRA, noting that the lack of such data “means that there is no aggregate community development data at a local level available to create the local benchmarks for the community development financing metric.” As such, the publication of 1071 data would also be a useful resource for supporting community development efforts under the CRA.

In June 2020, the OCC promulgated a final rule that adopted a broader definition of “community development” than the one used by the Board and the FDIC. However, in July 2021, the OCC announced that it was reconsidering the June 2020 revisions to its CRA regulations, and that it may join the Board's consideration of proposed revisions to strengthen bank compliance with CRA regulations.

ii. Community Development Financial Institution Fund (CDFI Fund)

The Riegle Community Development and Regulatory Improvement Act of 1994 authorized the CDFI Fund. In passing that statute, Congress found that many of the Nation's urban, rural, and Native American communities face “critical social and economic problems arising in part from the lack of economic growth, people living in poverty, and the lack of employment and other opportunities.”

To address these problems, Congress created the CDFI Fund to “promote economic revitalization and community development” through investment in and assistance to CDFIs, including enhancing the liquidity of CDFIs.

The concept of community development is central to the operation of the CDFI Fund. While CDFI Fund regulations do not directly define that term, any entity applying for CDFI certification must have “promoting community development” as its “primary mission.” In making this determination, the CDFI Fund considers whether the activities of the entity are purposefully directed toward improving the social and/or economic conditions of underserved people, which may include low-income persons or persons who lack adequate access to capital and financial services and residents of economically distressed communities.

The CDFI Fund collects data from the recipients of its financial and technical assistance, shedding some light on the extent of community development in the areas where CDFIs operate. The CDFI Fund also publishes the data it receives with appropriate redactions to protect privacy interests. However, given that CDFIs comprise a relatively small share of the overall small business lending market, section 1071 would materially enhance understanding of the broader extent of community development outside of areas where CDFIs already operate. The data from a 1071 rulemaking would also likely augment the data the CDFI Fund already receives.

3. Potential Impact of Section 1071 Data

A section 1071 rule would provide on an annual basis application-level data on small business credit, including certain protected demographic information about applicants and their principal owners. This would include information on applications for credit that are originated, as well as those that are denied, withdrawn, incomplete, or approved by the financial institution but not accepted by the applicant. This information would enable stakeholders of all kinds in the small business lending market to gain unprecedented insight into trends in small business lending, specifically with respect to women-owned and minority-owned small businesses. It would also provide insight into the interaction of supply and demand over time.

In terms of facilitating fair lending enforcement, interested government agencies and other stakeholders would be able to use 1071 data to analyze potential instances of practices resulting in the disparate treatment of or disparate impact on women- and minority-owned small businesses, using statistical methods to identify possible fair lending risks.

Regarding the identification of business and community development needs, the data that would be made available by the Bureau under this rulemaking, if finalized as proposed, would help government entities and public and private lenders identify and target sub-segments of the market that remain underserved, facilitating entrepreneurship and business development in those communities.

The advancement of both statutory purposes of section 1071—facilitating fair lending enforcement and identifying business and community development needs—in turn will support small businesses across all sectors of the economy, which are fundamental to the economic health of the U.S. and which have been hard hit by recent economic and financial crises. The use of data that would be provided pursuant to regulations under section 1071 can both support the underlying purposes of section 1071 and help the economy as a whole. For example, according to one estimate, fair and equitable lending to Black entrepreneurs could have added $13 trillion in business revenue over the last 20 years and created 6 million jobs. As the economy recovers from the effects of the COVID-19 pandemic, data collected and published pursuant to regulations implementing section 1071 would help to support equitable and sustainable growth and prosperity in all communities in the U.S.

4. Bureau Priorities

On June 2, 2021, the Bureau announced as priorities action to address issues of pervasive racial injustice and the long-term economic impacts of the COVID-19 pandemic on consumers. The Acting Director explained that the Bureau will use all of its tools and authority—including rulemaking—to protect and fight for fairness for all consumers in financial markets. The Bureau believes that implementing the section 1071 data collection, maintenance, and reporting obligations established in the Dodd-Frank Act would advance those priorities.

Congress enacted section 1071 for the purposes of facilitating enforcement of fair lending laws, and enabling communities, governmental entities, and creditors to identify business and community development needs and opportunities for women-owned, minority-owned, and small businesses. The Bureau believes that 1071 data will come to play an important role as HMDA data have done for the mortgage market. HMDA data have provided lenders, community groups, and others the tools to identify and address fair lending risks and strengthen fair lending oversight and enforcement. In a similar way, section 1071 data will allow diverse stakeholders to analyze lending patterns that are potentially discriminatory. By identifying and addressing discriminatory small business lending practices, the Bureau will help to ensure fair, equitable, and nondiscriminatory access to credit for both individuals and their communities.

HMDA data have also proven effective in creating transparency in the mortgage market that improves the understanding of credit needs, where they may remain unmet, and the relationship between mortgage lending and community development. The Bureau believes that the 1071 data will provide the Bureau and other stakeholders with critical insights into the small business lending market. The current COVID-19 pandemic has shown that transparency is essential at a time of crisis, when small businesses, especially those owned by women and minorities, may be in urgent need of credit in order to recover from the economic shocks. As at least one SER suggested, a 1071 rule would help lenders across the country better connect underserved entrepreneurs to working capital and resources in order to build a more inclusive economy.

III. Outreach

In the years leading up to the release of this proposed rule, the Bureau held over 100 outreach meetings with financial institutions, trade associations, community groups, researchers, governmental entities, and other stakeholders regarding the 1071 rulemaking. The Bureau also took a number of other steps, beyond individual stakeholder meetings, to solicit feedback more broadly from the public on a 1071 rule.

Request for information, field hearing, and White Paper on small business lending. On May 10, 2017, the Bureau published a request for information (RFI) regarding the small business lending market in which it sought public comment to understand more about the products that are offered to small businesses, the financial institutions that offer such credit, the small business lending data that currently are used and may be maintained by financial institutions, the potential complexity and cost of small business data collection and reporting, and privacy concerns related to the disclosure purposes of section 1071. On the same date, the Bureau held a field hearing regarding section 1071 at which the RFI was announced and then-Director Richard Cordray noted the importance of a section 1071 rulemaking given the absence of systematic data on how small businesses are faring and whether or how much they are being held back by financing constraints. Finally, at the same time, the Bureau also published its White Paper on small business lending, which reflected the initial findings of the Bureau's research providing a preliminary understanding of the small business lending environment, with a particular emphasis on lending to women-owned and minority-owned small businesses.

1071 Symposium. In November 2019, the Bureau held a symposium on section 1071 to assist the Bureau in its policy development process and to receive feedback from experts, including academic, think tank, consumer advocate, industry, and government experts in the small business lending arena. The symposium had two panels. The first panel focused on the evolution in the small business lending marketplace. The second panel included a discussion surrounding the implementation of section 1071, including issues raised in response to the Bureau's RFI.

Small Business Advisory Review Panel. Under the Small Business Regulatory Enforcement Fairness Act of 1996 (SBREFA), which amended the Regulatory Flexibility Act (RFA), the Bureau must convene and chair a Small Business Advisory Review Panel (Panel) if it is considering a proposed rule that could have a significant economic impact on a substantial number of small entities. The Panel considers the impact of the proposals under consideration by the Bureau and obtains feedback from representatives of the small entities that would likely be subject to the rule. The Panel is comprised of a representative from the Bureau, the Chief Counsel for Advocacy of the Small Business Administration (SBA), and a representative from the Office of Information and Regulatory Affairs (OIRA) in the Office of Management and Budget (OMB). Representatives from 20 small businesses were selected as small entity representatives (SERs) for this SBREFA process. These SERs were representatives of small businesses that are financial institutions that would likely be directly affected by a 1071 rule. These SERs did not represent the small business applicants for credit about whom information would be collected and reported under a 1071 rule.

On September 15, 2020, the Bureau issued its Outline of Proposals under Consideration and Alternatives Considered (Outline or SBREFA Outline) for the section 1071 rulemaking, a detailed document that discusses (1) the relevant law, (2) the regulatory process, (3) the rule proposals the Bureau was considering, and (4) an economic analysis of the potential impacts of those proposals on directly affected small entities.

The Bureau convened the Panel for this proposed rule on October 15, 2020 and held a total of four meetings with SERs during October 19-22, 2020, conducted online via video conference (Panel Outreach Meetings). In preparation for the Panel Outreach Meetings and to facilitate an informed and detailed discussion of the proposals under consideration, discussion questions for the SERs were included throughout the Bureau's Outline.

In advance of the Panel Outreach Meetings, the Bureau, SBA's Office of Advocacy, and OIRA held a series of video conferences with the SERs to describe the Small Business Review Process, obtain important background information about each SER's current business practices, and begin discussions on selected portions of the proposals under consideration.

All 20 SERs participated in the Panel Outreach Meetings. Representatives from the Bureau, SBA's Office of Advocacy, and OIRA provided introductory remarks. The meetings were then organized around discussions led by the Bureau about each aspect of the proposals under consideration and the potential impact on small businesses. The Bureau also invited SERs to submit written feedback by November 9, 2020; most SERs did so.

On December 15, 2020, the Bureau released the Final Report of the Small Business Review Panel on the CFPB's Proposals Under Consideration for the Small Business Lending Data Collection Rulemaking. This report includes a summary of the feedback received from SERs during the panel process (including oral feedback received during the pre-Panel video conferences and Panel Outreach Meetings, as well as timely submitted written feedback) and findings and recommendations made by the Panel. As required by the RFA, the Bureau considers the Panel's findings in its initial regulatory flexibility analysis, as set out in part VIII below.

The Bureau also invited other stakeholders to submit feedback on the SBREFA Outline by December 14, 2020. The Bureau received approximately 60 submissions from a variety of other stakeholders, including financial institutions, trade associations, community groups, a think tank, and a government agency. Feedback from these other stakeholders was not considered by the Panel and is not reflected in the Panel Report.

The Bureau has considered the feedback it received from SERs, the findings and recommendations of the Panel, and the feedback from other stakeholders in preparing this proposed rule. The feedback, findings, and recommendations are summarized throughout this notice where relevant.

One-Time Cost Survey. On July 22, 2020, the Bureau released a voluntary survey to measure the one-time costs of compliance with an eventual small business lending data collection rule. The objective of the survey was to solicit, from institutions offering small business credit products that could potentially be covered by this rule, information about potential one-time costs to prepare to collect and report data. The survey did not cover potential on-going costs from actually collecting and reporting 1071 data, and assumed that reporting was required only for the 13 statutorily required data points and that compliance with the statutory firewall requirement was not required. The deadline for responses was October 16, 2020. The Bureau received responses from 105 financial institutions. The results of the survey inform the Bureau's analyses of the potential impacts of the proposed rule as set out in parts VII and VIII below.

ECOA request for information. On July 28, 2020, the Bureau issued a request for information to seek public input on ECOA and Regulation B. In the RFI, the Bureau sought public comment on a number of topics, including small business lending and the ways that the Bureau, in light of its authority under ECOA and Regulation B, might support efforts to meet the credit needs of small businesses, particularly those that are minority-owned and women-owned.

Ongoing market monitoring. The Bureau conducts outreach to industry and other stakeholders to understand their experiences with the small business finance market, economic conditions, and the collection and reporting of data regarding that market. A particular near-term priority in the Bureau's recent market monitoring has been the impacts of the pandemic and the effectiveness of the Federal government response. Findings from market monitoring activities inform the Bureau on matters affecting the small business sector.

Technical outreach. In the months before the publication of this proposed rule, the Bureau began conducting technical outreach with third party software providers that serve financial institutions and software and technology staff from financial institutions that are likely to have to report 1071 data to the Bureau. With these software vendors and technical staffs, the Bureau has held and, after publication of this proposed rule, will continue to hold discussions concerning the technical systems and procedures the Bureau will provide to collect 1071 data. The Bureau intends to understand the technology solutions currently provided by vendors to support the small business lending activities of financial institutions. The Bureau believes this information will be helpful in informing the Bureau in its design and implementation of a platform for intake and processing of 1071 data to help the platform integrate, to the degree possible, with existing systems and data collection procedures. These meetings also serve to raise awareness of technology providers as to their potential future role in supporting the 1071 rule as well as the lead time that may be necessary for some or all affected financial institutions to come into compliance with the requirements of a final section 1071 rule. The feedback that the Bureau is gathering is purely technical in nature. This outreach process is ongoing and will continue throughout the rulemaking.

IV. Legal Authorities

The Bureau is issuing this proposed rule pursuant to its authority under section 1071. Some aspects of this rule are also proposed under the Bureau's more general rulemaking authorities in ECOA. Congress enacted ECOA to prohibit discrimination against any applicant, regarding any aspect of a credit transaction, on the basis of, amongst other things, race, color, national origin, and sex. The Bureau has certain oversight, enforcement, and supervisory authority over ECOA requirements and has rulemaking authority under the statute.

ECOA is implemented in Regulation B. Among other things, Regulation B generally prohibits creditors from inquiring about an applicant's race, color, religion, national origin, or sex, with limited exceptions, including if it is required by law.

As discussed above, in the Dodd-Frank Act Congress amended ECOA by adding section 1071, which directs the Bureau to adopt regulations governing the collection and reporting of small business lending data. Specifically, section 1071 requires financial institutions to collect and report to the Bureau certain data on applications for credit for women-owned, minority-owned, and small businesses. Congress enacted section 1071 for the purpose of (1) facilitating enforcement of fair lending laws and (2) enabling communities, governmental entities, and creditors to identify business and community development needs and opportunities of women-owned, minority-owned, and small businesses. The Bureau often refers to these as section 1071's fair lending purpose and its business and community development purpose, respectively.

To advance these statutory purposes, section 1071 grants the Bureau general rulemaking authority for section 1071, providing that the Bureau shall prescribe such rules and issue such guidance as may be necessary to carry out, enforce, and compile data pursuant to section 1071. ECOA section 704B(g)(2) also permits the Bureau to adopt exceptions to any requirement of section 1071 and to conditionally or unconditionally exempt any financial institution or class of financial institutions from the requirements of section 1071, as the Bureau deems necessary or appropriate to carry out the purposes of section 1071. The Bureau principally relies on its 704B(g)(1) authority in this proposed rule and relies on 704B(g)(2) when proposing specific exceptions or exemptions to section 1071's requirements. Section 704B(g)(3) directs the Bureau to issue guidance designed to facilitate compliance with the requirements of section 1071.

In addition, section 703(a) of ECOA gives the Bureau broad authority to prescribe regulations to carry out the purposes of ECOA, including provisions that in the judgment of the Bureau are necessary or proper to effectuate the purposes of ECOA, to prevent circumvention or evasion thereof, or to facilitate or substantiate compliance therewith. That section also states that the Bureau may provide for such adjustments and exceptions for any class of transactions, as in the judgment of the Bureau are necessary or proper to effectuate the purposes of ECOA, to prevent circumvention or evasion thereof, or to facilitate or substantiate compliance therewith.

Section 1071 establishes requirements or obligations for financial institutions that the Bureau would implement in this proposed rule. These provisions include the requirement in ECOA section 704B(b) that a financial institution shall inquire whether an applicant for credit is a women-owned, minority-owned, or small business; that a financial institution must maintain a record of responses to such inquiry, separate from the application; that an applicant may refuse to provide any information requested regarding the inquiry under 704B(b); that a financial institution must limit access of loan underwriters, or other officers or employees of the financial institution or any affiliate, to applicant responses to inquiries under 704B(b); and that if a financial institution determines that a loan underwriter or other officer or employee should have access to any information provided by the applicant pursuant to a request under 704B(b) that the financial institution shall provide notice to the applicant of the access of the underwriter to such information, along with notice that the financial institution may not discriminate on the basis of such information.

ECOA section 704B(e)(1) directs financial institutions to compile and maintain, in accordance with regulations of the Bureau, records of the information provided by applicants for credit pursuant to a request under 704B(b). Section 704B(e)(2) requires that the information compiled and maintained under 704B(e)(1) be itemized in order to clearly and conspicuously disclose an enumerated list of data points. Section 704B(e)(2)(H) requires financial institutions to compile and maintain any additional data that the Bureau determines would aid in fulfilling the purposes of section 1071.

Several provisions of section 1071 expressly refer to regulations that the Bureau shall promulgate to implement certain requirements, including in ECOA section 704B(e)(1) regarding how financial institutions must compile and maintain data pursuant to section 1071, and in 704B(f)(2)(B) and (C) regarding the form of information made available by financial institutions to the public and the form and manner in which the Bureau itself should make 1071 data available to the public generally.

Two provisions expressly give the Bureau discretion with respect to public availability of 1071 data. Specifically, ECOA section 704B(e)(4) states that the Bureau may, at its discretion, delete or modify 1071 data before making it available to the public if the Bureau determines that the deletion or modification of the data would advance a privacy interest. Section 704B(f)(3) gives the Bureau the discretion to compile and aggregate 1071 data for its own use, as well as to make public such compilations of aggregate data.

V. Section-by-Section Analysis

Overview

In this Overview of part V, the Bureau first provides an overview of section 1071 and then a brief summary of the proposed rule. Each provision, along with its rationale and relevant feedback received through the SBREFA process, is discussed in detail in the section-by-section analyses that follow. The Bureau's proposed rule is largely consistent with, though more detailed than, its proposals under consideration in the SBREFA Outline. However, the Bureau has altered or refined its approach since SBREFA in certain respects, which are noted in the summary of the proposed rule below and discussed in detail in the section-by-section analyses that follow.

Next, the Bureau discusses the high-level and general comments regarding this rulemaking that it received from SERs and other stakeholders on its SBREFA Outline. Finally, the Bureau addresses several issues for which there is no proposed regulatory text or commentary.

The Bureau seeks comment on its proposed approach to implementing section 1071. Requests for comment on each provision and on particular issues are included throughout the section-by-section analyses in this part V.

A. Overview of Section 1071

As discussed above, section 1071 of the Dodd-Frank Act requires that financial institutions collect and report to the Bureau certain data regarding applications for credit for women-owned, minority-owned, and small businesses. Section 1071's statutory purposes are to (1) facilitate enforcement of fair lending laws, and (2) to enable communities, governmental entities, and creditors to identify business and community development needs and opportunities of women-owned, minority-owned, and small businesses.

Section 1071 specifies a number of data points that financial institutions are required to collect and report, and also provides authority for the Bureau to require any additional data that the Bureau determines would aid in fulfilling section 1071's statutory purposes. Section 1071 also contains a number of other requirements, including those that address restricting the access of underwriters and other persons to certain 1071 data and publication of 1071 data. In addition, section 1071 permits the Bureau, at its discretion, to modify or delete data prior to publication if it determines that such a deletion or modification would advance a privacy interest.

Section 1071 directs the Bureau to prescribe such rules, and issue such guidance as may be necessary to carry out, enforce, and compile data pursuant to section 1071. It also permits the Bureau to adopt exceptions to any requirement or to exempt financial institutions from the requirements of section 1071 as the Bureau deems necessary or appropriate to carry out the purposes of section 1071. Section 1071 also directs the Bureau to issue guidance designed to facilitate compliance with the requirements of section 1071. As discussed in part IV above and throughout the section-by-section analyses in this part V, most of the Bureau's proposal is dedicated to implementing these statutory provisions.

B. Section 1071 in the Context of HMDA

The Bureau's proposal for implementing section 1071 necessarily exists against the backdrop of HMDA (as discussed in part II.F.1.ii above). With the passage of the Dodd-Frank Act in 2010, Congress enacted section 1071 at the same time that it amended HMDA and transferred HMDA rulemaking authority and other functions to the Bureau. HMDA is a data collection and reporting statute that requires certain depository institutions and for-profit nondepository institutions to collect, report, and disclose data about originations and purchases of mortgage loans, as well as mortgage loan applications that do not result in originations (for example, applications that are denied or withdrawn). The Bureau's Regulation C, 12 CFR part 1003, implements HMDA. In light of the similarities between 1071 and HMDA, the Bureau's section-by-section analyses in this part V often discusses how similar provisions are addressed in the context of HMDA.

HMDA's purposes are: (1) To help determine whether financial institutions are serving their communities' housing needs; (2) to assist public officials in distributing public investment to attract private investment; and (3) to assist in identifying potential discriminatory lending patterns and enforcing antidiscrimination statutes.

A covered institution for purposes of HMDA reporting is a depository or nondepository institution that meets the relevant coverage criteria set forth in the regulation. A depository institution is required to comply with Regulation C if it meets the asset-size threshold, location test, loan activity test, federally related test, and the loan-volume threshold for either closed-end loans or open-end lines of credit set forth in the regulation. A nondepository institution is required to comply with Regulation C if it meets the location test and the loan-volume threshold for either closed-end loans or open-end lines of credit set forth in the regulation.

A covered transaction under HMDA is generally a loan or line of credit secured (or, for applications, proposed to be secured) by a lien on a dwelling, that is not specifically excluded under Regulation C § 1003.3(c). The data points generally required to be reported about each covered transaction can be grouped into four broad categories:

• Information about the applicants, borrowers, and underwriting process, such as ethnicity, race, and sex of the applicant, the applicant's gross income and debt-to-income ratio, the application channel, action taken, and, if applicable, reason(s) for denial.

• Information about the property securing the loan or proposed to secure the loan, such as census tract and other property location information, construction method, property value, and additional information about manufactured and multifamily housing.
• Information about the features of the loan, such as the loan type, pricing information (including interest rate and origination charges), loan term, introductory rate period, and non-amortizing features.
• Certain unique identifiers, such as a universal loan identifier, loan originator identifier, and a legal entity identifier for the financial institution.

Covered institutions are required to submit their HMDA data by March 1 following the calendar year for which data are collected. Covered institutions with larger volumes of covered loans and applications are required to submit their HMDA data for each of the first three quarters of the year in addition to their annual submission.

Following the calendar year in which HMDA data are collected, a covered institution's disclosure statement and modified loan/application register (LAR) become publicly available on the FFIEC's HMDA Platform. In addition, aggregate reports for each Metropolitan Statistical Area and Metropolitan Division that show lending patterns by property location, age of housing stock, and income level, sex, ethnicity, and race become publicly available.

HMDA data are the primary source of information for regulators, researchers, economists, industry, and advocates analyzing the mortgage market both for HMDA's purposes and for general market monitoring. HMDA data are used by the Federal supervisory agencies to support a variety of activities. For example, Federal supervisory agencies use HMDA data as part of their fair lending examination process, and also use HMDA data in conducting Community Reinvestment Act performance evaluations. HMDA disclosures provide the public with information on the home mortgage lending activities of particular reporting entities and on activity in their communities. These disclosures are used by local, State, and Federal officials to evaluate housing trends and issues and by community organizations to monitor financial institution lending patterns.

C. Summary of the Proposed Rule

The Bureau is proposing to add a new subpart B to Regulation B to implement the requirements of section 1071 and to make conforming amendments to existing Regulation B. The Bureau's proposal is summarized below, in the order of the section-by-section analyses in this part V that follow.

1. General Provisions (§§ 1002.5(a)(4), 1002.101, and 1002.102)

Changes to existing Regulation B (§ 1002.5(a)(4)). The Bureau is proposing to amend existing § 1002.5(a)(4) to expressly permit voluntary collection and reporting of information regarding the ethnicity, race, and sex of applicants' principal owners, or whether the applicant is a minority-owned business or a women-owned business, in certain circumstances.

Scope, purpose, and authority (§ 1002.101). The Bureau is proposing in § 1002.101 to set forth the authority, purpose, and scope for proposed subpart B. Among other things, this proposed section would set forth section 1071's two statutory purposes of facilitating enforcement of fair lending laws and enabling communities, governmental entities, and creditors to identify business and community development needs and opportunities of women-owned, minority-owned, and small businesses.

Definitions (§ 1002.102). The Bureau is proposing in § 1002.102 a number of definitions for terms used in proposed subpart B, which generally fall into several categories. First, some proposed definitions refer to terms defined elsewhere in proposed subpart B—specifically, terms of particular importance including business, covered application, covered credit transaction, covered financial institution, financial institution, and small business. Second, some proposed definitions refer to terms defined elsewhere in existing Regulation B ( i.e., business credit, credit, and State) or other regulations ( i.e., the definition of dwelling and a portion of the definition of affiliate reference Regulation C and an SBA regulation, respectively). Finally, the remaining terms are defined in proposed § 1002.102, including applicant, closed-end credit transaction, minority individual, minority-owned business, open-end credit transaction, principal owner, small business lending application register, women-owned business, and a portion of the definition of affiliate.

2. Coverage (§§ 1002.103 Through 1002.106)

Covered applications (§ 1002.103). The Bureau is proposing § 1002.103 to define what is, and is not, a covered application under proposed subpart B; this definition would trigger the data collection and reporting requirements under subpart B for covered financial institutions. The Bureau is proposing to define a covered application in § 1002.103(a) as an oral or written request for a covered credit transaction that is made in accordance with procedures used by a financial institution for the type of credit requested. The Bureau is also proposing that a covered application does not include (1) reevaluation, extension, or renewal requests on an existing business credit account, unless the request seeks additional credit amounts; and (2) inquiries and prequalification requests.

Covered credit transactions (§ 1002.104). The Bureau is proposing to require that covered financial institutions collect and report data for all covered applications from small businesses for transactions that meet the definition of business credit under existing Regulation B, with certain exceptions. The Bureau is proposing § 1002.104(a) to define the term covered credit transaction as an extension of business credit that is not an excluded transaction under proposed § 1002.104(b). Loans, lines of credit, credit cards, and MCAs (including such credit transactions for agricultural purposes and those that are also covered by HMDA“ (that is, HMDA-reportable transactions)) would all fall within the scope of this proposed rule. The Bureau is proposing in § 1002.104(b) to exclude from the requirements of proposed subpart B trade credit, public utilities credit, securities credit, and incidental credit. Factoring, leases, consumer-designated credit used for business purposes, and credit secured by certain investment properties would also not be covered credit transactions.

Covered financial institutions (§ 1002.105). The Bureau is proposing to define in § 1002.105(a) the term financial institution, consistent with the definition in section 1071, as any partnership, company, corporation, association (incorporated or unincorporated), trust, estate, cooperative organization, or other entity that engages in any financial activity. Under this proposed definition, proposed subpart B's requirements would apply to a variety of entities that engage in small business lending, including depository institutions ( i.e., banks, savings associations, and credit unions), online lenders, platform lenders, CDFIs, lenders involved in equipment and vehicle financing (captive financing companies and independent financing companies), commercial finance companies, governmental lending entities, and nonprofit nondepository lenders. The Bureau is not proposing to cover motor vehicle dealers. The Bureau is proposing in § 1002.105(b) to define the term covered financial institution as a financial institution that originated at least 25 covered credit transactions for small businesses in each of the two preceding calendar years. Only financial institutions that meet this loan-volume threshold would be required to collect and report small business lending data under proposed subpart B.

Small business definition (§ 1002.106). The Bureau is proposing in § 1002.106 to adopt the SBA's definitions of “business” and “small business” as set out in the Small Business Act and SBA regulations. The Bureau is also proposing that, notwithstanding the small business size standards established by SBA regulations, for purposes of proposed subpart B, a business is a small business if and only if its gross annual revenue is $5 million or less for its preceding fiscal year. The Bureau is seeking SBA approval for this alternate small business size standard pursuant to the Small Business Act.

3. Compiling, Maintaining, and Reporting 1071 Data (§§ 1002.107 Through 1002.111)

Compilation of reportable data (§ 1002.107). The Bureau is proposing in § 1002.107 to address several aspects of collecting data on covered applications from small businesses. The Bureau is proposing in § 1002.107(a) to require financial institutions to compile and maintain the data points enumerated in § 1002.107(a)(1) through (21) regarding covered applications from small businesses. These data points would be collected and reported in accordance with the proposed official commentary and the Filing Instructions Guide that the Bureau anticipates later providing for the appropriate year. Certain of these data points are or could be collected from the applicant (or otherwise determined based on information provided or authorized by the applicant); other data points are based on information solely within the financial institution's control. Proposed appendix E would provide a sample data collection form for requesting from applicants their minority- and women-owned business status and the race, sex, and ethnicity of their principal owners. Proposed appendices F and G provide additional details and guidance regarding collecting those data points.

The Bureau is proposing in § 1002.107(c)(1) that covered financial institutions maintain procedures to collect applicant-provided data at a time and in a manner that is reasonably designed to obtain a response. The Bureau's proposal also addresses what financial institutions should do if, despite having such procedures in place, they are unable to obtain certain data from an applicant. Pursuant to proposed § 1002.107(b), financial institutions would be permitted to rely on statements made by an applicant (whether in writing or orally) or information provided by an applicant when collecting and reporting 1071 data, although for most data points if the financial institution verifies the information provided it must report the verified information. Proposed § 1002.107(c)(2) would also permit financial institutions to reuse certain previously collected data in certain circumstances.

Firewall (§ 1002.108). The Bureau is proposing § 1002.108 to implement the requirement in section 1071 that certain data collected be shielded from underwriters and certain other persons; the Bureau refers to this as the “firewall.” Pursuant to proposed § 1002.108(b), an employee or officer of a financial institution or a financial institution's affiliate that is involved in making any determination concerning the application would be prohibited from accessing an applicant's responses to inquiries that the financial institution makes pursuant to section 1071 regarding whether the applicant is a minority-owned or women-owned business, and the ethnicity, race, and sex of the applicant's principal owners.

However, pursuant to proposed § 1002.108(c), this prohibition would not apply to an employee or officer if the financial institution determines that it is not feasible to limit that employee's or officer's access to an applicant's responses to the financial institution's inquiries regarding the applicant's protected demographic information, and the financial institution provides a notice to the applicant regarding that access. It would not be feasible to limit access if the financial institution determines that an employee or officer involved in making any determination concerning a covered application should have access to one or more applicants' responses to inquiries regarding the applicant's protected demographic information. The notice must be provided to each applicant whose information will be accessed or, alternatively, the financial institution could provide the notice to all applicants whose information could be accessed. The Bureau is proposing sample language that a financial institution could use in providing this notice.

Reporting data to the Bureau (§ 1002.109). The Bureau is proposing § 1002.109 to address several aspects of financial institutions' obligations to report section 1071 data to the Bureau. First, the Bureau is proposing in § 1002.109(a) that 1071 data be collected on a calendar year basis and reported to the Bureau on or before June 1 of the following year. The Bureau also addresses collection and reporting requirements of subsidiaries of financial institutions and collection and reporting requirements of financial institutions where multiple financial institutions are involved in a transaction in proposed § 1002.109(a). Second, the Bureau lists in proposed § 1002.109(b) the information that financial institutions would be required to provide about themselves when reporting 1071 data to the Bureau, including the financial institution's name, headquarters address, contact person, Federal prudential regulator, institutional identifiers, and parent entity information. Finally, the Bureau is proposing § 1002.109(c) to address technical instructions for the submission of data to the Bureau, including information about the Filing Instructions Guide, which the Bureau anticipates later providing for the appropriate year.

Publication of 1071 data by the Bureau (§ 1002.110). The Bureau is proposing in § 1002.110 to address several issues regarding the publication of 1071 data. The Bureau is proposing in § 1002.110(a) that it shall make available to the public, on an annual basis and on the Bureau's website, the data submitted to it by financial institutions. The Bureau is proposing to make these data available subject to deletions or modifications made by the Bureau, at its discretion, if the Bureau determines that such deletions or modifications would advance a privacy interest. To determine whether and how the Bureau might use its discretion to modify or delete data prior to publication, the Bureau is proposing a “balancing test” that assesses the risks and benefits of public disclosure. The Bureau's proposed approach to the balancing test is discussed in detail in part VI below. Proposed § 1002.110(b) would state that the Bureau may, at its discretion, compile and aggregate data submitted by financial institutions and may publish such compilations or aggregations.

Proposed § 1002.110(c) would require a covered financial institution to publish on its website a statement that its 1071 data, as modified by the Bureau, are or will be available on the Bureau's website. Proposed § 1002.110(d) would set forth when a covered financial institution shall make this statement available and how long the financial institution shall maintain the statement on its website. These requirements would satisfy financial institutions' statutory obligation to make data available to the public upon request.

Recordkeeping (§ 1002.111). The Bureau is proposing § 1002.111 to address several aspects of the recordkeeping requirements for 1071 data. First, the Bureau is proposing § 1002.111(a) to require a covered financial institution to retain evidence of compliance with proposed subpart B, which includes a copy of its small business lending application register, for at least three years after the register is required to be submitted to the Bureau pursuant to proposed § 1002.109. Second, the Bureau is proposing § 1002.111(b) to require a financial institution to maintain, separately from the rest of an application for credit and accompanying information, an applicant's responses to a financial institution's inquiries regarding the applicant's protected demographic information. Finally, the Bureau is proposing § 1002.111(c) to require that, in compiling and maintaining its small business lending application register, a financial institution not include any personally identifiable information concerning any individual who is, or is connected with, an applicant.

4. Other Provisions (§§ 1002.112 Through 1002.114)

Enforcement (§ 1002.112). The Bureau is proposing § 1002.112 to address several issues related to the enforcement of proposed subpart B. First, the Bureau is proposing § 1002.112(a) to state that a violation of section 1071 or proposed subpart B is subject to administrative sanctions and civil liability as provided in sections 704 and 706 of ECOA. Second, the Bureau is proposing in § 1002.112(b) to provide that a bona fide error in compiling, maintaining, or reporting data with respect to a covered application is an error that was unintentional and occurred despite the maintenance of procedures reasonably adapted to avoid such an error, and that such an error is presumed not to be a violation of ECOA or proposed subpart B if the number of such errors does not exceed the thresholds set forth in proposed appendix H. Third, the Bureau is proposing in § 1002.112(c) to identify four safe harbors under which certain errors—specifically those regarding census tract, NAICS code, small business status, and application date—would not constitute violations of ECOA or Regulation B.

Severability (§ 1002.113). The Bureau is proposing in § 1002.113 to provide that the provisions of proposed subpart B are separate and severable from one another, and that if any provision is stayed or determined to be invalid, it is the Bureau's intent that the remaining provisions shall continue in effect.

Effective date, compliance date, and special transitional rules (§ 1002.114). The Bureau is proposing § 1002.114 to address several issues related to the Bureau's eventual final rule to implement section 1071. First, the Bureau is proposing in § 1002.114(a) that its final rule to implement section 1071 would become effective 90 days after publication in the Federal Register , but pursuant to proposed § 1002.114(b) compliance with the final rule would not be required until approximately 18 months after publication in the Federal Register . Second, the Bureau is proposing in § 1002.114(c) certain transitional provisions that would permit covered financial institutions to begin collecting protected applicants' demographic information beginning 12 months prior to the compliance date and would permit financial institutions to use a different time period to determine whether they will be covered by the rule as of the compliance date.

D. High-Level and General Comments on the SBREFA Outline

During the SBREFA process, SERs provided feedback on nearly all aspects of the Bureau's proposals under consideration as set forth in the SBREFA Outline. Other stakeholders did likewise in their written feedback on the SBREFA Outline. That feedback is discussed in the section-by-section analyses of the proposed rule below. SERs and other stakeholders also provided feedback of a more general nature on the Bureau's section 1071 rulemaking. That feedback is summarized here; the SBREFA Panel Report provides a more complete summary of the SBREFA process and comments provided by SERs.

Most SERs and stakeholders were generally supportive of the statutory purposes of section 1071. Several SERs as well as a range of other stakeholders—including community groups, CDFIs, several community banks, and a State consumer financial protection agency—were supportive of the Bureau's statutory mandate to promulgate a section 1071 rule. Many stakeholders, including community groups, several CDFI banks, and a small community bank, expressly supported broad coverage of both financial institutions and products in the 1071 rulemaking. One community bank stakeholder stated that larger financial institutions should not be excluded; another community bank asserted that a 1071 rule should cover credit unions, governmental entities, commercial finance firms, and alternative online lenders.

Several trade association stakeholders supported a more limited approach to implementation of a 1071 rulemaking. A number of trade associations requested exemptions for the specific types of financial institutions they represented, including credit unions, vendor finance and dealer-related institutions, and community banks. One trade association argued that Federal credit union laws limited the extent to which credit unions could seek to expand their small business lending operations. Two trade association stakeholders suggested that the Bureau adopt a phased or staged approach to implementation, starting only with certain products and institutions. One trade association suggested that the Bureau adopt a high size-based exemption for institutions.

A number of SERs and stakeholders, including several CDFIs, a number of community groups and a community bank, expressed the view that data transparency in the small business lending market is critical to advance the goals of fair lending enforcement and access to credit for small businesses, especially those that are minority-owned and women-owned. One SER and several stakeholders, including two community groups and one small business trade association, stated that the limited data currently available show that the lending practices of many financial institutions exclude women-owned and minority-owned businesses, exacerbating a racial wealth gap, and that section 1071 has the opportunity to address such lending disparities, which are costly to businesses, lenders, and the economy as a whole. The SER also said that data transparency and fairness should be an advantage to smaller, local financial institutions, allowing them to better distinguish their value proposition compared to larger financial institutions or predatory lenders. A CDFI stakeholder and a community group stakeholder emphasized that 1071 data would be an important supplement to CRA and HMDA data to determine community development needs. Another community group stakeholder and a small business trade association emphasized the importance of supporting access to credit for women-owned and minority-owned small businesses. One community group argued that the availability of 1071 data would spur innovation in the small business lending market.

Several SERs and several community groups and CDFI stakeholders stated that the completion of a 1071 rulemaking was welcome, given the many years stakeholders have been waiting for these data. Several SERs and other stakeholders, including community groups and CDFIs, supported a 1071 rulemaking as necessary to better understand the small business lending market, as the COVID-19 pandemic highlighted how the most vulnerable small businesses can be disproportionately impacted by economic shocks. Several community groups and a small business trade association stakeholders argued that the response to the COVID-19 pandemic, including the PPP program, exacerbated existing gender and racial disparities, and did not provide access to credit to excluded lower- and middle-income communities and women-owned or minority-owned small businesses. Two community bank trade associations noted the outsized importance of community banks and CDFIs in providing PPP loans to their local communities, including to minority-owned small businesses, and warned that an unintended consequence of a 1071 rulemaking may be to impair this existing lending. One trade association suggested that the Bureau delay issuing any proposal until the economic forces driven by the COVID-19 pandemic have subsided and recovery is evident.

Other stakeholders expressed concerns about the uses of data coming from a 1071 rulemaking. One trade association suggested that the collection of data on race and gender would create the perception among customers that these factors played a role in credit decisions. One community bank stakeholder asserted that 1071 data should not be used in regulatory oversight or examinations of financial institutions, but rather to better understand the small lending market and help regulators support lending. Several trade associations expressed concerns that misleading conclusions could be drawn from data from a 1071 rulemaking, and that small business lending was complex and varied.

SERs nearly uniformly suggested that the Bureau aim to draft simple regulations, and choose simpler options if possible, noting that more complex rules tend to make compliance more difficult and drive up compliance costs, which could potentially increase prices or reduce small businesses' access to credit. A number of stakeholders—including community banks, community groups, a small business trade association, and bank and credit union trade associations—similarly supported simple and clear regulations and requested that the Bureau avoid complex or ambiguous rules, which they asserted would make compliance more costly. One CDFI bank stakeholder asserted that existing ambiguities and conflicts in the law have caused financial institutions to avoid collecting the very data they would need to identify lending discrimination, and that mandating data collection and clarifying rules would be critical to addressing these concerns.

Many SERs and a community bank stakeholder requested clear written guidance and implementation support materials from the Bureau, such as small entity compliance guides, a “help desk” for questions, and sample disclosure language (translated into languages other than English for individuals with limited English proficiency). Several SERs also discussed the need for applicant-facing materials explaining what the section 1071 regulation is and why the financial institution must collect data. Relatedly, one SER requested that the Bureau educate and train currently unregulated financial institutions to help them implement the rule.

A number of SERs (representing financial institutions that operate primarily online as well as financial institutions that interact with small business applicants in-person) indicated their belief that financial institutions with extensive online lending operations would be able to comply with an eventual 1071 rule more easily, more quickly, and at lower cost due to their greater degree of automation than financial institutions with primarily in-person and/or paper-based operations. SERs and several stakeholders (including a community bank trade association, a community group, and a community bank) urged the Bureau to align with other Federal data reporting regimes—such as HMDA, CRA, CDFI Fund, or SBA—if possible, and thought that financial institutions with experience complying with these other Federal data reporting regimes would have an easier time complying with an eventual 1071 rule than would financial institutions, including some SERs, with no such experience. One trade association suggested that any comparisons with HMDA were misplaced, as the small business lending market is more varied and complex than the market for residential mortgage lending.

Several SERs stated that a 1071 rule should take into account the different types of financial institutions operating in the small business lending market. One SER suggested that the Bureau had not focused enough attention on the impact of a 1071 rule on nondepository institutions, which they said play a vital role in providing essential credit to small businesses in the United States, many of which are women-owned and minority-owned. Another SER and two trade associations asserted that the data collected from credit unions, which are bound by their charters (pursuant to Federal and State laws and regulations) to serve a specific field of membership, would likely be incomparable with data from other financial institutions that are permitted to serve any kind of customer.

Many SERs supported broad coverage of both financial institutions and products, as reflected in section 1071's language covering any application to a financial institution for credit for a women-owned, minority-owned, or small business.

The SBREFA Panel recommended that the Bureau issue implementation and guidance materials (including a small entity compliance guide as required by the RFA, as well as other materials), specifically to assist small financial institutions in complying with the eventual 1071 rule. The Panel also recommended that the Bureau consider providing sample disclosure language related to the collection of ethnicity, race, and sex of applicants.

The Bureau agrees with the general comments made in favor of keeping the scope of the proposed rule broad. In general, the Bureau believes that broad coverage of institutions and products as requested by a number of SERs and stakeholders would result in the collection of more data and would be consistent with the statutory purposes of section 1071. The Bureau does not believe that the request made by several trade association stakeholders to take a more limited approach to scope—including the various limitations on the coverage of certain types of financial institutions and products—would be consistent with the statutory purposes of section 1071. The Bureau addresses these issues directly in the section-by-section analyses of proposed §§ 1002.104 and 1002.105 below.

The Bureau agrees with the SERs and stakeholders that expressed the view that data transparency in the small business lending market is critical to advancing the statutory purposes of section 1071. The Bureau believes that the limited data that do exist, cited by one SER and several stakeholders, appear to support the existence of disparities in the small business lending markets, as identified in part II above. The Bureau agrees—as do other Federal regulators that the Bureau has consulted in developing this proposed rule—that 1071 data would be an important supplementation to CRA and HMDA data in helping a variety of parties determine and address business and community development needs. The Bureau agrees with the SERs and stakeholders that identified specific ways that the publication of 1071 data would advance this statutory purpose in helping the public identify business needs, including, as one SER suggested, creating data that would be useful to help smaller, local financial institutions distinguish their value proposition compared to other lenders, and could be used to spur innovation in the small business lending market.

Regarding the support of certain SERs and other stakeholders welcoming the completion of a 1071 rulemaking, the Bureau's views on this are best expressed in the section-by-section analyses of proposed §§ 1002.113 and 1002.114 concerning effective date and compliance date. Regarding the data cited by SERs and other stakeholders concerning lending disparities in the PPP program during the COVID-19 pandemic, the Bureau believes that the availability of data on PPP lending further supports the importance of collecting and publishing 1071 data; it was only the existence of PPP lending data, despite its limitations, that enabled these stakeholders to make arguments regarding the state of fair lending and business and community development under PPP.

The Bureau appreciates the concerns expressed by some stakeholders concerning the uses of 1071 data. The Bureau believes that the firewall provision of proposed § 1002.108, including the proposed notice provision, are intended to address the concern by one trade association stakeholder that the collection of ethnicity, race, and sex data may create the perception among customers that these factors play a role in credit decisions. The Bureau disagrees with the stakeholder that asserted that 1071 data should not be used in regulatory oversight or examinations. Such use is contemplated by ECOA section 704B(a)(2), which provides that the data are intended to facilitate the enforcement of fair lending laws. The Bureau does agree with the same stakeholder, however, that 1071 data should be used to help regulators better understand the small business lending markets and better support such lending. The Bureau does not disagree in the abstract with the assertions made by several trade associations that misleading conclusions could be drawn from 1071 data; the Bureau notes that these stakeholders did not cite any examples and that any source of data may be misinterpreted absent robust procedures and methodologies. The Bureau believes, given its experience with HMDA data, that such concerns are misplaced—overall, HMDA data have helped shed light on previously hidden issues and proven highly effective in accomplishing its congressionally mandated purposes.

The Bureau has attempted as much as possible to propose rules that are both simple and clear, as SERs and other stakeholders suggested. For instance, the Bureau is proposing a simple definition of small business in proposed § 1002.106 below. While the Bureau has endeavored to avoid unnecessary ambiguity and complexity in its proposed rule, complexity in the proposed rule reflects the inherent complexity of the subject, including the variations and diversity in the small business lending market as well as the complications of collecting data to conduct fair lending analyses and identify business and community development needs.

Regarding the request for clear written guidance and implementation support materials, the Bureau intends to develop various compliance materials, as it does with most major rules. These materials will include a small entity compliance guide that will provide regulatory implementation guidance, and a Filing Instructions Guide that will provide technical instructions for the submission of 1071 data to the Bureau. With regard to the comment that the Bureau should provide applicant-facing materials, the Bureau proposes in appendix E a sample data collection form that can be used to collect from applicants their minority-owned business status, women-owned business status, and the ethnicity, race, and sex of their principal owners, along with the related required disclosures.

The Bureau generally agrees with the observation of a number SERs that financial institutions with extensive online lending operations would likely find compliance with a section 1071 rule easier than those with primarily in-person operations. The Bureau sets out its preliminary assessment of the costs of the rule on financial institutions in parts VII and VIII below.

The Bureau has attempted, whenever possible, to align or conform its proposed rule with other Federal data reporting regimes, as several SERs and other stakeholders requested. The Bureau references and, where possible, aligns the proposed rule with specific Federal data reporting regimes, as explained in the section-by-section analyses below. The Bureau appreciates the comments made by some SERs and other stakeholders that there are different types of financial institutions in the small business lending market and that the differences between institutional types may complicate data analysis. The Bureau notes, however, that simply excluding certain types of institutions from 1071 reporting requirements would be inconsistent with the statutory purposes of section 1071, and that it would be more congruent with section 1071 instead to collect information on financial institution type as set out in proposed § 1002.109(b)(9), for the reasons set out below.

E. Cross-Cutting Interpretive Issues

1. The Bureau's Approach to Non-Small Women-Owned and Minority-Owned Businesses in This Rulemaking

The Bureau is proposing to require financial institutions to collect and report data regarding applications for credit for small businesses; the Bureau is not, however, proposing to require financial institutions to collect and report data with respect to applicants that are not small businesses. ECOA section 704B(b) states that “in the case of any application to a financial institution for credit for [a] women-owned, minority-owned, or small business,” the financial institution must “inquire whether the business is a women-owned, minority-owned or small business . . . .” For the reasons set forth below, the Bureau is proposing this approach as an interpretation of the statute pursuant to its authority under 704B(g)(1), and, in the alternative, pursuant to its authority under 704B(g)(2) to adopt exceptions to any requirement of section 1071 as the Bureau deems necessary or appropriate to carry out the purposes of section 1071 and its implied de minimis authority.

The Bureau explained in the SBREFA Outline that in light of the comprehensive coverage of women-owned and minority-owned businesses within the scope of small businesses (discussed in more detail below), it was considering proposing that the data collection and reporting requirements of its eventual 1071 rule would apply to any application to a financial institution for credit only for small businesses as defined under the eventual 1071 rule. The Bureau explained that it was concerned that a requirement to collect and report 1071 data on applications for women-owned and minority-owned businesses that are not small businesses could affect all aspects of financial institutions' commercial lending operations while resulting in limited information beyond what would already be collected and reported about women-owned and minority-owned small businesses. In addition, financing for large businesses can be much more varied and complex than are the products used for small business lending. Thus, under the approach the Bureau was considering proposing, financial institutions would collect and report lending data for all applicants that satisfy the Bureau's definition of a small business, including identifying women-owned and minority-owned businesses within that pool, but financial institutions would not be required to collect and report 1071 data for women-owned and minority-owned businesses that are not “small.”

In the SBREFA Outline, the Bureau noted that most existing businesses, including almost all women-owned and minority-owned businesses, are “small business concerns” as that term is currently defined by the SBA. Therefore, the Bureau posited that coverage of small businesses by this rule would necessarily include nearly all women-owned and minority-owned businesses. Based on the 2018 Annual Business Survey by the U.S. Census, the Bureau estimated that 5.72 million employer firms—99.6 percent of all employer firms—are small (defined for the purposes of the survey as having fewer than 500 employees). That same definition covers one million minority-owned employer firms (99.9 percent of all minority-owned firms) and 1.1 million women-owned employer firms (99.9 percent of all women-owned firms). The Bureau estimated that, among non-small businesses, which are only 0.4 percent of all firms nationally, 10 percent of this small fraction are minority-owned firms and 13 percent are women-owned.

A number of SERs expressed a belief that covering just small business applications would supply adequate or nearly complete lending data for purposes of section 1071. However, other SERs stated that the Bureau's regulation should collect data regarding applications for credit for non-small minority-owned and women-owned businesses as well. One SER relayed first-hand observations in their community that larger minority-owned and women-owned businesses were excluded from full access to credit, and expressed an interest in the Bureau capturing and reporting that information. One SER observed that smaller financial institutions, or those that generally focus on small business lending, might find that collecting and reporting data for all business loan applications would be simpler than determining which applications would be within the scope of the eventual 1071 rule.

The SBREFA Panel recommended that the Bureau continue to explore whether the data collection and reporting requirements in its 1071 rule should be limited to any application to a financial institution for credit only for small businesses (as defined by the Bureau's regulation) or whether it should also extend to applications for women-owned and minority-owned businesses that are not small. The Panel also recommended that the Bureau seek comment on the costs to small financial institutions of collecting and reporting 1071 data regarding applications for credit for women-owned and minority-owned businesses that are not small (as defined by the Bureau's regulation).

Feedback from other stakeholders generally supported the Bureau's approach to limiting 1071 data collection to small businesses, including identifying women- and minority-owned businesses within that pool. A number of commenters expressed support for the Bureau's approach under consideration, arguing that requiring data collection for non-small women- and minority-owned businesses would increase compliance burden without significantly contributing to 1071's purposes. Some responses also stated that this approach was consistent with legislative intent, positing that Congress did not intend for financial institutions to collect 1071 data on large companies. A community group noted that its support for the Bureau's approach was conditional on the Bureau adopting a broad definition of small business, thus limiting the likelihood of missing significant women- and minority-owned business application data. A joint comment from a number of community groups urged the Bureau to monitor the market and to reevaluate this approach if later publications of the Annual Business Survey show that the number of non-small women- and minority-owned businesses exceed current estimates. Another joint comment from community groups did not support the Bureau's approach under consideration, urging the Bureau to consider instead covering non-small women- and minority-owned businesses in the data collection and arguing that it might be easier for financial institutions to collect data for all applicants, as opposed to developing systems for screening out applicants that are not covered. Two banks suggested that 1071 data collection should extend to all businesses; one was concerned about fair lending disparities, while the other remarked that large business applicants should not be relieved of the burden of having their data collected under 1071.

The Bureau believes that section 1071 is ambiguous with respect to its coverage of applications for credit for non-small women- or minority-owned businesses, and the Bureau therefore proposes to interpret this ambiguity pursuant to ECOA section 704B(g)(1). The Bureau acknowledges that the plain language of 704B(b) could be read to require financial institutions to collect information from all women-owned and minority-owned businesses, including those that are not small businesses. But based on a close consideration of the text, structure, and purpose of the statute, and the interactions between section 1071 and other provisions of ECOA and Regulation B, the Bureau believes that the statute's coverage of, and Congress's intent with respect to, data regarding non-small businesses is ambiguous.

The Bureau interprets ECOA section 704B(b) and (b)(1) to require that financial institutions first determine whether an applicant is a small business within the scope of the rule's data collection before making the required inquiries that would otherwise be prohibited by existing Regulation B. There is a general prohibition in existing Regulation B (in § 1002.5(b)) which states that a “creditor shall not inquire about the race, color, religion, national origin, or sex of an applicant or any other person in connection with a credit transaction, except” if expressly permitted to do so by law or regulation.

In the introductory language to ECOA section 704B(b), Congress instructed that the 1071 data collection regime applies only “ in the case of any application to a financial institution for credit for women-owned, minority-owned, or small business” (emphasis added). The Bureau believes that “in the case of” indicates Congress's intent to limit application of section 1071 to these types of businesses, rather than requiring financial institutions to make 1071-related inquiries of all business applicants for credit. The next paragraph (704B(b)(1)) does not use the conditional phrase “in the case of” used in 704B(b); rather, it instructs a financial institution to “inquire.” The Bureau believes that the instruction to “inquire” in 704B(b)(1) is intended to provide the necessary exception to Regulation B's general prohibition against “inquir[ing]” as to protected demographic information in connection with a credit transaction. Indeed, absent section 1071's lifting of the prohibition, generally, a financial institution could not determine, or even ask about, an applicant's women- or minority-owned status, because doing so would necessarily constitute “inquir[ing] about the race, color, religion, national origin, or sex of an applicant” in violation of existing § 1002.5(b). The Bureau believes that Congress likely intended to ensure that financial institutions could determine whether an applicant is covered by the 1071 data collection without risking a violation of other provisions of ECOA and Regulation B.

However, unlike with women- and minority-owned business status, there is no legal impediment to a financial institution's determining whether an applicant is a small business, and financial institutions can make that determination as a threshold matter without risking running afoul of ECOA and Regulation B. Therefore, the Bureau believes that the scope of the introductory “in the case of” language in ECOA section 704(b) is ambiguous as to coverage of non-small women- and minority-owned businesses. To resolve this ambiguity, the Bureau has applied its expertise to interpreting the language and structure of 1071 within the context of the general prohibition on inquiring into protected demographic information in existing § 1002.5(b), and concludes that ECOA section 704B(b)(1) is best read as only referring to questions about applicants' protected demographic information ( i.e., women- and minority-owned business status as well as the race, sex, and ethnicity of the principal owners of the business). The Bureau believes 704B(b)'s more general “in the case of” language should be understood to indicate the conditions under which 1071 data collection should take place, and requires financial institutions to make a threshold determination that an applicant is a small business before proceeding with an inquiry into the applicant's protected demographic information.

The Bureau also notes that the collection of data on applications for non-small women- or minority-owned businesses would not carry out either of section 1071's stated purposes because the data would be of only limited usefulness for conducting the relevant analyses of non-small businesses. Such analyses would necessitate comparing data regarding non-small women-owned and minority-owned business applicants to data regarding non-small non-women-owned and non-minority-owned business applicants, in order to control for lending outcomes that result from differences in applicant size. But section 1071 does not require or otherwise address the collection of data for non-small business applicants that are not women- or minority-owned. Therefore, the resulting data set will lack a control group, arguably the most meaningful comparator for any data on non-small women- or minority-owned businesses. It is unlikely that Congress intended, and the statute is reasonably read not to require, the collection of data that would be of limited utility.

Finally, the Bureau notes that the title of section 1071 is “Small Business Data Collection,” and 1071 amends ECOA to add a new section titled “Small Business Loan Data Collection.” In the presence of ambiguity, these titles provide some additional evidence that Congress did not intend the statute to authorize the collection of data on businesses that are not small.

For these reasons, the Bureau proposes to interpret ECOA section 704B(b) to cover the collection only of data with respect to small businesses, including those that are women- and minority-owned. Likewise, as discussed immediately below in E.2 of this Overview to part V, the Bureau is proposing to clarify that the 704B(b)(1) inquiry, when applicable, pertains to an applicant's minority-owned business status and women-owned business status as well as the race, sex, and ethnicity of its principal owners. For the same reasons, the Bureau believes that not requiring the collection of data with respect to applications for non-small businesses would be necessary or appropriate to carry out the purposes of section 1071; therefore, in the alternative, the Bureau proposes to exercise its exception authority in 704B(g)(2) to effect this outcome. Finally, because the Bureau believes that the collection of data on non-small women- and minority-owned businesses would “yield a gain of trivial or no value,” the Bureau proposes, in the alternative, to exercise its implied de minimis authority to create this exception.

The Bureau seeks comment on its proposed approach to limiting the scope of data collection pursuant to subpart B to covered applications for small businesses, but not women- or minority-owned businesses that are not small. As recommended by the SBREFA Panel, the Bureau also seeks comment on the costs to small financial institutions of collecting and reporting 1071 data regarding applications for credit for women-owned and minority-owned businesses that are not small businesses as defined in proposed § 1002.106(b). See the section-by-section analysis of proposed § 1002.106(b) below, where the Bureau is seeking comment on the proposed definition of a small business.

2. The Meaning of “information requested pursuant to subsection (b)”

Four different provisions of section 1071 refer to or rely on “information requested pursuant to subsection (b)” or similar language. First, ECOA section 704B(b)(2) provides that financial institutions must “maintain a record of the responses to such inquiry” and keep those records separate from the application and information that accompanies it. Second, 704B(c) states that applicants for credit “may refuse to provide any information requested pursuant to subsection (b).” Third, 704B(d) requires financial institutions to limit the access of certain employees to “information provided by the applicant pursuant to a request under subsection (b),” with certain exceptions. Fourth, 704B(e) instructs financial institutions that “information provided by any loan applicant pursuant to a request under subsection (b) . . . shall be itemized in order to clearly and conspicuously disclose” data including the loan type and purpose, amount of credit applied for and approved, and gross annual revenue.

In light of these four disparate provisions, the Bureau believes that section 1071 is ambiguous with respect to the meaning of “any information provided by the applicant pursuant to a request under subsection (b).” On the one hand, ECOA section 704B(b)(1) directs financial institutions to inquire whether a business is “a women-owned, minority-owned, or small business,” so the phrase could be interpreted as referring only to those three data points. Section 704B(e), however, indicates that the scope of 704B(b) could be much broader; it suggests that all of the information that financial institutions are required to compile and maintain—not simply an applicant's status as a women-owned, minority-owned, or small business—constitutes information provided by an applicant “pursuant to a request under subsection (b).” But as noted above, information deemed provided pursuant to subsection (b) is subject to the notable protections of separate recordkeeping under 704B(b)(2), a right to refuse under 704B(c), and the firewall under 704B(d). Applying these special protections to many of the data points in 704B(e), such as gross annual revenue or amount applied for, would be extremely difficult to implement, because this information is critical to financial institutions' ordinary operations in making credit decisions. Additionally, 704B(e) describes as “provided by any loan applicant” under 704B(b) data points that plainly must come from the financial institution itself, such as application number and action taken, further suggesting that Congress viewed this term as encompassing more information than lies within the four corners of 704B(b)(1). Finally, as noted above, the circular structure of 704B(b) complicates the question of what constitutes information provided “pursuant to a request under subsection (b).” Read together, the introductory language in 704B(b) and (b)(1) direct financial institutions, “in the case of” a credit application “for [1] women-owned, [2] minority-owned, or [3] small business,” to “inquire whether the business is a [1] women-owned, [2] minority-owned, or [3] small business.” The Bureau believes that this circularity further demonstrates the ambiguity of the phrase “pursuant to a request under subsection (b).”

The Bureau believes that it is reasonable to resolve these ambiguities by giving different meanings to the phrase “any information provided by the applicant pursuant to a request under subsection (b)” (or similar) with respect to ECOA section 704B(e) as opposed to 704B(b)(2), (c), and (d). With respect to 704B(e), the Bureau interprets the phrase to refer to all the data points now articulated in proposed § 1002.107(a). Section 704B(e) is the source of financial institutions' obligation to “compile and maintain” data that they must then submit to the Bureau, so it would be reasonable to interpret this paragraph as referring to the complete data collection Congress devised in enacting section 1071.

But with respect to the three statutory provisions creating special protections for certain information—the firewall in ECOA section 704B(d), separate recordkeeping in 704B(b)(2), and the right to refuse in 704B(c)—the Bureau interprets the phrase to refer to the data points in proposed § 1002.107(a)(18) (women-owned business status), (a)(19) (minority-owned business status), and (a)(20) (ethnicity, race, and sex of principal owners). Each of these data points requests sensitive demographic information that has no bearing on the creditworthiness of the applicant, about which existing § 1002.5(b) would generally prohibit the financial institution from inquiring absent section 1071's mandate to collect and report that information, and with respect to which applicants are protected from discrimination. The Bureau accordingly believes that it would be reasonable to apply section 1071's special-protection provisions to apply to this information, regardless of whether the statutory authority to collect it originates in 704B(b)(1) (women-owned and minority-owned business status) or 704B(e)(2)(G) (race, sex, and ethnicity of principal owners). The Bureau similarly believes that it would have been unreasonable for Congress to have intended that these special protections would apply to any of the other data points now proposed in § 1002.107(a), which the financial institution is permitted to request regardless of coverage under section 1071 which are not the subject of Federal antidiscrimination law, and many of which financial institutions currently use for underwriting purposes.

The Bureau implements these interpretations of “information requested pursuant to subsection (b)” in several different section-by-section discussions. With respect to ECOA section 704B(e), the Bureau discusses its interpretation of the phrase in the section-by-section analysis of proposed § 1002.107(a). The Bureau's interpretation of 704B(d)'s firewall requirement is addressed at greater length in the section-by-section analysis of proposed § 1002.108, and the Bureau's interpretation of the separate recordkeeping requirement in 704B(b)(2) is addressed in the section-by-section analysis of proposed § 1002.111(b). The right to refuse in 704B(c) is discussed in the section-by-section analyses of the data points that the Bureau proposes to be subject to the right to refuse: Proposed § 1002.107(a)(18) (women-owned business status), (19) (minority-owned business status), and (20) (ethnicity, race, and sex of principal owners).

3. No Collection of Small Business Status as a Data Point

The Bureau notes that neither of its interpretations of “information requested pursuant to subsection (b)” reference a specific data point for an applicant's status as a small business, nor is the Bureau otherwise including in proposed § 1002.107(a) that financial institutions collect, maintain, or submit a data point whose sole function is to state whether the applicant is or is not a small business.

At SBREFA, the Bureau conveyed that it was considering proposing small business status as a separate data point. The Bureau also stated that it was considering not proposing to extend the right to refuse or firewall to a financial institution's specific inquiry regarding small business status; the Bureau did not address in the SBREFA Outline whether small business status would be subject to the separate recordkeeping requirement. In lieu of further details about the potential data point on small business status, the Bureau noted that it was considering proposing that collection and reporting of whether an applicant for credit is a small business be based on applicant-reported information, but that the precise nature of the data point would depend on the ultimate definition of small business.

As discussed below in the section-by-section analysis of proposed § 1002.106(b), the Bureau is now proposing a definition of small business that largely adopts the SBREFA Outline's First Alternative Approach with a threshold of $5 million. After considering the implications of this approach, the Bureau now believes that it would render redundant any requirement that financial institutions also collect a standalone data point whose sole purpose is to state whether an applicant is a small business, because the gross annual revenue data point wholly encompasses whether an applicant is a small business. Indeed, under the proposed definition of small business, when a financial institution asks an applicant its gross annual revenue, that question is functionally identical to asking, “are you a small business?” The Bureau believes that it would be a reasonable interpretation of ECOA section 704B(b)'s query as to small business status for that question to take the form of, “what is your gross annual revenue?” Furthermore, as discussed above with respect to the Bureau's approach to non-small women- and minority-owned businesses, the Bureau is interpreting financial institutions' data collection obligations as attaching only in the case of applications from small businesses; if a financial institution determines that an applicant is not a small business, none of the obligations under this rule would apply. As such, a standalone data point that serves only to designate whether a business qualifies as small for purposes of the rule would be redundant with the mere fact that the 1071 data collection occurs at all, as well as with the collection of gross annual revenue.

The Bureau acknowledges that the plain language of ECOA section 704B(b) could be read to require financial institutions to ask applicants subject to the data collection the precise question, “are you a small business?” Upon further analysis, however, the Bureau believes that Congress's intended treatment of small business status as a standalone data point is ambiguous. As described in more detail above with respect to the rulemaking's coverage of women- and minority-owned businesses that are not small, 704B(b)'s introductory language and 704B(b)(1) appear to require financial institutions to know the answer to whether an applicant is women-owned, minority-owned, or small before they make their inquiry; to resolve this ambiguity, the Bureau interprets 704B(b)'s introductory language and 704B(b)(1) to require that financial institutions first straightforwardly assess whether an applicant is a small business before proceeding to inquire into the applicant's protected demographic information that would otherwise be prohibited by existing § 1002.5(b).

In sum, pursuant to its authority under ECOA section 704B(g)(1) to prescribe such rules as may be necessary to carry out, enforce, and compile data pursuant to section 1071, the Bureau interprets 704B(b) and (b)(1) to obviate the need for financial institutions to collect a standalone data point whose sole purpose is to note an applicant's small business status. For the same reasons, the Bureau believes that not requiring the collection of a separate data point on small business status would be necessary or appropriate to carry out the purposes of section 1071; therefore, in the alternative, the Bureau proposes to exercise its exception authority in 704B(g)(2) to effect this outcome. Finally, because the Bureau believes that the collection of a standalone data point on small business status would “yield a gain of trivial or no value,” the Bureau proposes, in the alternative, to exercise its implied de minimis authority to create this exception.

In light of the above, the Bureau seeks comment on whether a standalone data point solely dedicated to small business status might nonetheless be useful and, if so, how it might be implemented.

F. Conforming Amendments to Existing Regulation B

As discussed above, the Bureau is proposing to implement its section 1071 rule in a new subpart B of Regulation B. The content of existing Regulation B would become subpart A of Regulation B. This change would not affect the current section numbering in Regulation B. The Bureau believes it is appropriate to make this rule a part of Regulation B, as section 1071 is a part of ECOA. Nonetheless, the Bureau seeks comment on whether it should instead codify its section 1071 rule as a free-standing regulation with its own CFR part and, if so, why.

As noted above and as discussed in more detail below, the Bureau is proposing amendments to amend existing § 1002.5(a)(4) and associated commentary to expressly permit voluntary collection of minority-owned business status, women-owned business status, and the race, sex, and ethnicity of applicants' principal owners in accordance with the requirements of subpart B. In addition, the Bureau anticipates revising certain references to the entire regulation (which use the terms “regulation” or “part”) in existing Regulation B to instead refer specifically to subpart A. The Bureau does not intend to make any substantive changes with these revisions, but rather intends to maintain the status quo.

Subpart A—General

Section 1002.5 Rules Concerning Requests for Information

5(a) General Rules

5(a)(4) Other Permissible Collection of Information

Background

ECOA prohibits creditors from discriminating against applicants, with respect to any aspect of a credit transaction, on the basis of—among other things—race, color, religion, national origin, sex or marital status, or age. It also states that making an inquiry under 15 U.S.C. 1691c-2 (that is, section 1071), in accordance with the requirements of that section, shall not constitute discrimination for purposes of ECOA. Regulation B, in existing § 1002.5(b), generally prohibits a creditor from inquiring about protected demographic information in connection with a credit transaction unless otherwise required by Regulation B, ECOA, or other Federal law or regulation.

In 2017, the Bureau amended Regulation B, adding § 1002.5(a)(4) to allow creditors to collect ethnicity, race, and sex from mortgage applicants in certain cases where the creditor is not required to report under HMDA and Regulation C. As part of this rulemaking, the Bureau added § 1002.5(a)(4) to expressly permit the collection of ethnicity, race, and sex information from mortgage applicants in certain cases where the creditor is not required to report under HMDA and Regulation C. For example, existing § 1002.5(a)(4) expressly permits the collection of ethnicity, race, and sex information for certain transactions for which Regulation C permits optional reporting. However, nothing in existing Regulation B (or in ECOA) expressly permits voluntary collection and reporting of information regarding the ethnicity, race, and sex of applicants' principal owners, or whether the applicant is a minority-owned business or women-owned business, under section 1071.

SBREFA Proposal Under Consideration and Feedback Received

During the SBREFA process, some SERs, primarily small CDFIs and mission-oriented community banks, stated that they would be inclined to collect and report 1071 data to the Bureau even if not required to do so, such as if they fell under loan-volume thresholds. These SERs expressed an intent to report data even if not required to out of a belief in the importance and utility of 1071 data.

Proposed Rule

The Bureau is proposing to amend existing § 1002.5(a)(4) to add three exemptions (in proposed § 1002.5(a)(4)(vii), (viii), and (ix)) that would permit certain creditors that are not covered financial institutions under the rule to collect small business applicants' protected demographic information under certain circumstances. The Bureau is also proposing to add comment 5(a)(2)-4 and to revise existing comment 5(a)(4)-1 to provide guidance on these proposed exemptions.

Proposed § 1002.5(a)(4)(vii) would provide that a creditor that was required to report small business lending data pursuant to proposed § 1002.109 for any of the preceding five calendar years but is not currently a covered financial institution under proposed § 1002.105(b) may collect information pursuant to proposed subpart B for a covered application as defined in proposed § 1002.103 regarding whether the applicant is a minority-owned business or a women-owned business, and the ethnicity, race, and sex of the applicant's principal owners if it complies with the requirements of proposed subpart B as otherwise required for covered financial institutions pursuant to proposed §§ 1002.107, 1002.108, 1002.111, 1002.112, and 1002.114 for that application. In short, proposed § 1002.5(a)(4)(vii) would permit a previously covered financial institution to collect such information for covered applications for up to five years after it fell below the loan-volume threshold of proposed § 1002.105(b), provided that it does so in accordance with the relevant requirements of proposed subpart B.

The Bureau expects that some creditors that are no longer covered financial institutions and thus no longer required to report 1071 data in a given reporting year may prefer to continue to collect applicants' protected demographic information in the event they become a covered financial institution again, in order to maintain consistent compliance standards from year to year. As it did in a similar context for HMDA reporting, the Bureau believes that permitting such collection for five years provides an appropriate time frame under which a financial institution should be permitted to continue collecting the information without having to change its compliance processes. The Bureau believes that a five-year period is sufficient to help an institution discern whether it is likely to have to report 1071 data in the near future but not so long as to permit it to collect such information in a period too attenuated from previous 1071 reporting.

Therefore, the Bureau believes that it is an appropriate use of its statutory authority under sections 703(a) and 704B(g)(1) of ECOA to permit creditors to collect the 1071 demographic information in the manner set out in proposed § 1002.5(a)(4)(vii). The proposal would effectuate the purposes of and facilitate compliance with ECOA and is necessary to carry out, enforce, and compile data pursuant to section 1071 because it would permit creditors to collect information without interruption from year to year, thereby facilitating compliance with the 1071 rule's data collection requirements and improving the quality and reliability of the data collected. The Bureau also believes that this provision is narrowly tailored and would preserve and respect the general limitations in existing § 1002.5(b) through (d).

Proposed § 1002.5(a)(4)(viii) would provide that a creditor that exceeded the loan-volume threshold in the first year of the two-year threshold period provided in proposed § 1002.105(b) may, in the second year, collect information pursuant to proposed subpart B for a covered application as defined in proposed § 1002.103 regarding whether the applicant is a minority-owned business or a women-owned business, and the ethnicity, race, and sex of the applicant's principal owners if it complies with the requirements of subpart B as otherwise required for covered financial institutions pursuant to proposed §§ 1002.107, 1002.108, 1002.111, 1002.112, and 1002.114 for that application.

The Bureau believes that its proposal would benefit creditors in certain situations in which the creditor has not previously reported 1071 data but expects to be covered in the following year and wishes to prepare for that future reporting obligation. For example, where a creditor surpasses the loan-volume threshold of proposed § 1002.105(b) for the first time in a given calendar year, it may wish to begin collecting applicants' protected demographic information for covered applications received in the next calendar year (second calendar year) so as to ensure its compliance systems are fully functional before it is required to collect and report information pursuant to proposed subpart B in the following calendar year (third calendar year).

The Bureau believes that it is an appropriate use of its statutory authority under sections 703(a) and 704B(g)(1) of ECOA to permit creditors to collect information under proposed § 1002.5(a)(4)(viii). A creditor likely would benefit from being able to collect applicants' protected demographic information with assurance of compliance with existing § 1002.5 regardless of whether it actually becomes subject to proposed subpart B reporting at the end of the two-year threshold period. The proposal would effectuate the purposes of and facilitate compliance with ECOA and is necessary to carry out, enforce, and compile data pursuant to section 1071 because it would facilitate compliance with the 1071 rule's data collection requirements and improve the quality and reliability of the data collected by financial institutions that may be transitioning into being required to collect and report 1071 data.

Proposed § 1002.5(a)(4)(ix) would state that a creditor that is not currently a covered financial institution under proposed § 1002.105(b), and is not otherwise a creditor to which proposed § 1002.5(a)(4)(vii) or (viii) applies, may collect information pursuant to proposed subpart B for a covered application as defined in proposed § 1002.103 regarding whether an applicant for a covered credit transaction is a minority-owned business or a women-owned business, and the ethnicity, race, and sex of the applicant's principal owners if the creditor complies with the requirements of proposed subpart B as otherwise required for covered financial institutions pursuant to proposed §§ 1002.107 through 1002.112 and 1002.114 for that application. The proposal would permit a financial institution that wishes to voluntarily report 1071 data to collect applicants' protected demographic information without running afoul of Regulation B. Unlike creditors subject to proposed § 1002.5(a)(4)(vii) or (viii), a creditor seeking to voluntarily collect applicant's protected demographic information under proposed § 1002.5(a)(4)(ix) would be required to report it to the Bureau.

The Bureau believes that permitting creditors to collect 1071 demographic information pursuant to proposed § 1002.5(a)(4)(vii) or (viii) would facilitate compliance and promote data quality in the event that creditors subject to those provisions later become covered financial institutions. For those creditors that wish to voluntarily report 1071 data, as well as others covered by proposed § 1002.5(a)(4)(ix) (where reporting is required when applicants' protected demographic information is collected), the reported data would be additional information that would further the intended purposes of the statute. An analysis of business and community development needs would benefit from the inclusion of voluntarily reported data from financial institutions below the reporting threshold. Such institutions more often serve sparsely populated rural, underserved communities or are member-owned organizations (such as credit unions). As some SERs suggested, the voluntary collection and reporting of 1071 data by such financial institutions may stem from a community development orientation and commitment to fair lending. Further, the reporting of such data would provide a more complete picture of total lending activity—and therefore enable a more complete analysis of fair lending risks as well as business and community development needs—especially given that larger financial institutions may be less likely to operate in sparsely populated, rural, and underserved communities, for the reasons set out in part II above. The Bureau is proposing § 1002.5(a)(4)(ix) in response to feedback from some stakeholders that indicated they might want to collect and report 1071 data even if they were not required to do so. The Bureau believes, for the reasons set out above, that it is an appropriate use of its general authority under sections 703(a) and 704B(g)(1) of ECOA to permit creditors to collect information under proposed § 1002.5(a)(4)(ix), as such collection would effectuate the purposes of and facilitate compliance with ECOA and is necessary to carry out, enforce, and compile data pursuant to section 1071. Further, the Bureau believes that permitting creditors to collect applicants' protected demographic information would result in the collection of additional information that could carry out section 1071's business and community development purpose.

Existing comment 5(a)(4)-1 currently addresses recordkeeping requirements for ethnicity, race, and sex information that is voluntarily collected for HMDA under the existing provisions of § 1002.5(a)(4). The Bureau is proposing to revise this comment by adding to it a parallel reference to proposed subpart B, along with a statement that the information collected pursuant to proposed subpart B must be retained pursuant to the requirements set forth in proposed § 1002.111.

Proposed comment 5(a)(2)-4 would state that proposed subpart B of Regulation B generally requires creditors that are covered financial institutions as defined in proposed § 1002.105(a) to collect and report information about the ethnicity, race, and sex of the principal owners of applicants for certain small business credit, as well as whether the applicant is minority-owned or women-owned as defined in proposed § 1002.102(m) and (s), respectively. The Bureau is proposing this comment for parity with existing comment 5(a)(2)-2, which addresses the requirement to collect and report information about the race, ethnicity, and sex of applicants under HMDA. Existing comment 5(a)(2)-3 explains that persons such as loan brokers and correspondents do not violate ECOA or Regulation B if they collect information that they are otherwise prohibited from collecting, where the purpose of collecting the information is to provide it to a creditor that is subject to HMDA or another Federal or State statute or regulation requiring data collection. The Bureau believes that the reference to another Federal statute or regulation adequately encompasses section 1071 and proposed subpart B, and thus it does not propose to amend this existing comment in order to make clear that loan brokers and other persons collecting applicants' protected demographic information on behalf of covered financial institutions are not violating ECOA or Regulation B by doing so.

The Bureau seeks comment on these three proposed exemptions to be added to existing § 1002.5(a)(4), and associated commentary, including whether there are other specific situations that should be added to the list of exemptions in § 1002.5(a)(4) to permit the collection of applicants' protected demographic information, and whether any similar modifications to other provisions are necessary. In particular, the Bureau seeks comment on whether it should add another exemption to § 1002.5(a)(4) relating to proposed § 1002.114(c)(1), wherein the Bureau is proposing to permit financial institutions to collect, but would not require them to report, applicants' protected demographic information prior to the compliance date.

The Bureau also notes that, as discussed in the section-by-section analysis of proposed § 1002.104(a) below, it seeks comment on whether it should permit financial institutions to voluntarily collect and report 1071 data on applications for products that the Bureau is not proposing to cover. If the Bureau were to permit such voluntary collection and reporting, the Bureau expects to add a provision similar to proposed § 1002.5(a)(4)(ix) to address it.

Subpart B—Small Business Lending Data Collection

Section 1002.101 Authority, Purpose, and Scope

Proposed § 1002.101 would set forth the authority, purpose, and scope for proposed subpart B. Specifically, it would provide that proposed subpart B is issued by the Bureau pursuant to section 704B of ECOA (15 U.S.C. 1691c-2). It would further state that, except as otherwise provided therein, proposed subpart B applies to covered financial institutions, as defined in proposed § 1002.105(b), other than a person excluded from coverage of this part by section 1029 of the Dodd-Frank Act. It also would set out section 1071's two statutory purposes of facilitating fair lending enforcement and enabling the identification of business and community development needs and opportunities for women-owned, minority-owned, and small businesses.

The Bureau seeks comment on its proposed approach to this section, including whether any other information on the 1071 rule's authority, purpose, or scope should be addressed herein.

Section 1002.102 Definitions

The Bureau is proposing a number of definitions for terms used in subpart B, in § 1002.102. These definitions generally fall into several categories. First, some definitions in proposed § 1002.102 refer to terms defined elsewhere in proposed subpart B—specifically, the terms business, covered application, covered credit transaction, covered financial institution, financial institution, and small business are defined in proposed §§ 1002.106(a), 1002.103, 1002.104, 1002.105(b), 1002.105(a), and 1002.106(b), respectively. These terms are of particular importance in proposed subpart B, and the Bureau is proposing to define them in separate sections, rather than in proposed § 1002.102, for ease of reading.

Second, some terms in proposed § 1002.102 are defined by cross-referencing the definitions of terms defined in existing Regulation B—specifically, business credit, credit, and State are defined by reference to existing § 1002.2(g), (j), and (aa), respectively. Similarly, several definitions refer to terms defined in other regulations—specifically, a portion of the affiliate definition refers to the SBA's regulation at 13 CFR 121.103, and dwelling refers to the definition in Regulation C § 1003.2(f). These terms are each used in proposed subpart B, and the Bureau believes it is appropriate to incorporate them into the subpart B definitions in this manner.

Finally, the remaining terms are defined directly in proposed § 1002.102. These include applicant, closed-end credit transaction, minority individual, minority-owned business, open-end credit transaction, principal owner, small business lending application register, and women-owned business, as well as a portion of the definition of affiliate. Some of these definitions draw on definitions in existing Regulation B or elsewhere in Federal laws or regulations.

The Bureau believes that basing this proposal's definitions on previously defined terms (whether in Regulation B, Regulation C, or regulations promulgated by another agency), to the extent possible, would minimize regulatory uncertainty and facilitate compliance, particularly where the other regulations are likely to apply, in their own right, to the same transactions. However, as discussed further below, the Bureau is in certain instances proposing to deviate from the existing definitions for purposes of this proposal.

These definitions are each discussed in detail below. The Bureau is proposing these definitions pursuant to its authority under section 704B(g)(1) to prescribe such rules and issue such guidance as may be necessary to carry out, enforce, and compile data pursuant to section 1071. In addition, the Bureau is proposing certain of these definitions to implement particular definitions in section 1071 including the statutory definitions set out in 704B(h). Any other authorities that the Bureau is relying on to propose certain definitions are discussed in the section-by-section analysis of those specific definitions.

The Bureau seeks comment on its proposed approach to each of these definitions, as well as whether there are any other terms that the Bureau should define for purposes of proposed subpart B.

102(a) Affiliate

Proposed § 1002.102(a) would define “affiliate” based on whether the term is used to refer to a financial institution or to an applicant.

Proposed § 1002.102(a) would define “affiliate” with respect to a financial institution as any company that controls, is controlled by, or is under common control with, another company, as set forth in the Bank Holding Company Act of 1956. Existing Regulation B does not define affiliate. This proposed definition would provide a consistent approach with the Bureau's Regulation C, which applies the term to financial institutions, as defined in Regulation C, for certain reporting obligations. The Bureau believes that this definition would be appropriate to define an affiliate of a financial institution, and that it should provide sufficient clarity for financial institutions when determining responsibilities under proposed subpart B.

Proposed § 1002.102(a) would define “affiliate” with respect to a business or an applicant as having the same meaning as described in 13 CFR 121.103, which is an SBA regulation titled “How does SBA determine affiliation?” This proposed definition would provide consistency with the Bureau's proposed approach to what constitutes a small business for purposes of section 1071, as discussed in the section-by-section analysis of proposed § 1002.106(b) below. As discussed in the section-by-section analysis of proposed § 1002.106(b) below, the Bureau is proposing to define a small business by reference to the SBA's regulations (with the exception of an alternate size standard, as set forth in proposed § 1002.106(b)). As discussed in the section-by-section analysis of proposed § 1002.107(a)(14), the Bureau is proposing to permit, but not require, a financial institution to report the gross annual revenue for the applicant in a manner that includes the revenue of affiliates as well. As discussed in the section-by-section analysis of proposed § 1002.107(a)(16), the Bureau is proposing that a financial institution, if asked, shall explain to the applicant that workers for affiliates of the applicant would only be counted if the financial institution were also collecting the affiliates' gross annual revenue. The Bureau is therefore proposing to define affiliate in subpart B for purposes of a business or an applicant by referring to the SBA's definition of affiliate.

The Bureau seeks comment on its proposed approach to this definition.

102(b) Applicant

Proposed § 1002.102(b) would define “applicant” to mean any person who requests or who has received an extension of business credit from a financial institution. The term “applicant” is undefined in section 1071. Proposed § 1002.102(b) is based on the definition of applicant in existing Regulation B, though for consistency with other parts of this proposed rule, it adds a limitation that the credit be business credit and uses the term financial institution instead of creditor. It also omits the references to other persons who are or may become contractually liable regarding an extension of credit such as guarantors, sureties, endorsers, and similar parties. The Bureau is concerned that including other such persons could exceed the scope of the data collection anticipated by section 1071. Including them could also make the data collection more difficult as financial institutions might need to report data points (such as gross annual revenue, NAICS code, time in business, and others) regarding multiple persons in connection with a single application. Collecting such information on guarantors, sureties, endorsers, and similar parties would likely not support 1071's business and community development purpose. Thus, the Bureau believes it is appropriate to limit the definition of applicant in proposed subpart B to only those persons who request, or have received, an extension of business credit from a financial institution.

The Bureau seeks comment on its proposed approach to this definition.

102(c) Business

Proposed § 1002.102(c) would refer to proposed § 1002.106(a) for a definition of the term “business.” See the section-by-section analysis of proposed § 1002.106(a) for a detailed discussion of that definition.

102(d) Business Credit

Proposed § 1002.102(d) would refer to existing § 1002.2(g) for a definition of the term “business credit.” The term “credit” is undefined in section 1071. Section 1071 does not use the term “business credit,” though it does define “small business loan” as a loan made to a small business. Existing § 1002.2(g) defines “business credit” as “referring to extensions of credit primarily for business or commercial (including agricultural) purposes, but excluding extensions of credit of the types described in § 1002.3(a) through (d).” The Bureau believes it is appropriate to define business credit by reference to the existing definition in Regulation B. The Bureau's proposal uses the term business credit principally in defining a covered credit transaction in proposed § 1002.104(a).

As described in the section-by-section analysis of proposed § 1002.104(a) below, loans, lines of credit, credit cards, and MCAs (including such credit transactions for agricultural purposes and those that are also covered by HMDA) would all fall under the proposed definition for business credit.

The Bureau notes existing § 1002.2(g) excludes public utilities credit, securities credit, incidental credit, and government credit (that is, extensions of credit made to governments or governmental subdivisions, agencies, or instrumentalities—not extensions of credit made by governments), as defined in existing § 1002.3(a) through (d), from certain aspects of existing Regulation B. As described in the section-by-section analysis of proposed § 1002.104(b) below, for the purpose of subpart B, the Bureau is proposing complete exclusions for public utilities credit, securities credit, and incidental credit from the definition of a covered credit transaction in proposed § 1002.104(b). The Bureau is not proposing an exclusion for extensions of credit made to governments or governmental subdivisions, agencies, or instrumentalities, because governmental entities would not constitute small businesses under the proposed rule. Moreover, as described in the section-by-section analysis of proposed § 1002.104(b) below, the Bureau believes it is appropriate to interpret section 1071 as not applying to factoring, leases, consumer-designated credit used for business purposes, or credit secured by certain investment properties.

The Bureau seeks comment on its proposed approach to this definition.

102(e) Closed-End Credit Transaction

Proposed § 1002.102(e) states that a closed-end credit transaction means an extension of credit that is not an open-end credit transaction under proposed § 1002.102(n). The Bureau's proposal specifies different requirements for collecting and reporting certain data points based on whether the application is for a closed-end credit transaction or an open-end credit transaction. See the section-by-section analysis of proposed § 1002.102(n) for a discussion of what constitutes an open-end credit transaction.

The Bureau seeks comment on its proposed approach to this definition.

102(f) Covered Application

Proposed § 1002.102(f) would refer to proposed § 1002.103 for a definition of the term “covered application.” See the section-by-section analysis of proposed § 1002.103 for a detailed discussion of that definition.

102(g) Covered Credit Transaction

Proposed § 1002.102(g) would refer to proposed § 1002.104 for a definition of the term “covered credit transaction.” See the section-by-section analysis of proposed § 1002.104 for a detailed discussion of that definition.

102(h) Covered Financial Institution

Proposed § 1002.102(h) would refer to proposed § 1002.105(b) for a definition of the term “covered financial institution.” See the section-by-section analysis of proposed § 1002.105(b) for a detailed discussion of that definition.

102(i) Credit

Proposed § 1002.102(i) would refer to existing § 1002.2(j) for a definition of the term “credit.” The term “credit” is undefined in section 1071. Existing § 1002.2(j), which largely follows the definition of credit in ECOA, defines “credit” to mean the right granted by a creditor to an applicant to defer payment of a debt, incur debt and defer its payment, or purchase property or services and defer payment therefor. The Bureau believes that referring to this existing definition of credit for purposes of subpart B would help to foster consistency with existing Regulation B. The term credit in proposed subpart B is used in the context of what constitutes a covered credit transaction—that is, whether the application is reportable under the section 1071 rule. See the section-by-section analysis of proposed § 1002.104 below for more details.

The Bureau seeks comment on its proposed approach to this definition.

102(j) Dwelling

Proposed § 1002.102(j) would refer to Regulation C § 1003.2(f) for a definition of the term “dwelling.” That provision defines dwelling to mean a residential structure, whether or not attached to real property. The term includes but is not limited to a detached home, an individual condominium or cooperative unit, a manufactured home or other factory-built home, or a multifamily residential structure or community. Proposed comment 102(j)-1 would provide that Bureau interpretations that appear in supplement I to part 1003 containing official commentary in connection with § 1003.2(f) are generally applicable to the definition of a dwelling in proposed § 1002.102(j). Proposed comment 102(j)-2 would clarify that the definition of dwelling under existing § 1002.14(b)(2) applies to relevant provisions under existing Regulation B, and proposed § 1002.102(j) is not intended to repeal, abrogate, annul, impair, or interfere with any existing interpretations, orders, agreements, ordinances, rules, or regulations adopted or issued pursuant to existing § 1002.14(b)(2).

The Bureau believes that adopting the Regulation C definition of dwelling would streamline reporting and minimize compliance risks for financial institutions that are also reporting covered credit transactions under HMDA and would simplify data analysis for HMDA-reportable transactions. As an alternative, the Bureau considered adopting the existing Regulation B definition of dwelling, which is similar to the Regulation C definition. The Bureau understands that the existing Regulation B definition of dwelling is primarily applied in the context of the ECOA Valuations Rule and would thus not streamline reporting and minimize compliance risks in the same way as would adopting the Regulation C definition, which is already being applied to data collection and reporting requirements. The existing Regulation B definition of dwelling is also not supported by the same level of clarifying commentary as the definition under Regulation C. The Bureau believes that proposed comment 102(j)-1 will address most if not all questions related to the definition of dwelling by incorporating the Bureau's official commentary related to § 1003.2(f). Proposed comment 102(j)-2 also seeks to avoid potential confusion by clarifying that proposed § 1002.102(j) does not affect the status of existing § 1002.14(b)(2), which defines the term “dwelling” for purposes of existing Regulation B.

The Bureau seeks comment on its proposed approach to this definition.

102(k) Financial Institution

Proposed § 1002.102( l ) would refer to proposed § 1002.105(a) for a definition of the term “financial institution.” See the section-by-section analysis of proposed § 1002.105(a) for a detailed discussion of that definition.

102(l) Minority Individual

Background

ECOA section 704B(b)(1) requires a financial institution to ask whether an applicant is a minority-owned business. Additionally, 704B(h)(5) uses the term “minority individual” when defining the term minority-owned business. Although 704B(h)(5) defines the term “minority,” section 1071 does not define the term “minority individual.” Section 704B(h)(4) defines the term “minority” as having the same meaning as in section 1204(c)(3) of the Financial Institutions Reform, Recovery, and Enforcement Act of 1989 (FIRREA). That statute defines “minority” to mean any Black American, Native American, Hispanic American, or Asian American.

SBREFA Proposal Under Consideration and Feedback Received

In the SBREFA Outline, the Bureau stated that it was considering proposing guidance that would clarify that a minority individual is a natural person who is Black or African American, Asian, American Indian or Alaska Native, Native Hawaiian or Other Pacific Islander, and/or Hispanic or Latino ( i.e., would mirror the aggregate race and ethnicity categories in Regulation C).thnsp; The Bureau also stated it was considering proposing guidance clarifying that a multi-racial person would be considered a minority individual.

Several SERs supported clarifying the meaning of minority individual using the aggregate categories for race and ethnicity in Regulation C. However, one SER suggested using the disaggregated categories in Regulation C, instead of the aggregate categories, for this purpose. Other stakeholders providing feedback on the SBREFA Outline generally supported using the aggregate categories when determining who is a minority individual for purposes of reporting whether a business is a minority-owned business.

The SBREFA Panel recommended clarifying that, consistent with the aggregate categories for race and ethnicity in Regulation C, a minority individual is a natural person who is Black or African American, Asian, American Indian or Alaska Native, Native Hawaiian or Other Pacific Islander, and/or Hispanic or Latino.

Proposed Rule

Consistent with the approach that the Bureau took during the SBREFA process, proposed § 1002.102(1) would clarify that the term “minority individual” means a natural person who is American Indian or Alaska Native, Asian, Black or African American, Native Hawaiian or Other Pacific Islander, and/or Hispanic or Latino. The Bureau believes that these categories represent contemporary, more specific delineations of the categories described in section 1204(c)(3) of FIRREA. Proposed comment 102(1)-2 would clarify that a multi-racial or multi-ethnic person would be a minority individual. Proposed comment 102(1)-1 would clarify that this definition would be used only when an applicant determines whether it is a minority-owned business pursuant to proposed §§ 1002.102(m) and 1002.107(a)(18). Proposed comment 102(1)-3 would clarify the relationship of the definition of minority individual to the disaggregated subcategories used to determine a principal owner's ethnicity and race. The Bureau's proposed approach is consistent with the SBREFA Panel's recommendation discussed above.

The Bureau believes this clarified terminology, which uses the aggregate ethnicity and race categories set forth in existing Regulation B and Regulation C, would avoid the potentially confusing situation where an applicant is using one set of aggregate race and ethnicity categories when answering questions about the principal owners' race and ethnicity but is asked to use a different set of aggregate categories when indicating whether a business is a minority-owned business. It also avoids creating a situation where a financial institution is required to use different race and ethnicity categories when complying with different portions of Regulation B and, if applicable, Regulation C. Consistency among race and ethnicity data collection regimes may also allow for better coordination among data users when reviewing data across multiple data collection regimes.

The Bureau seeks comment on its proposed approach to this definition, including its proposed clarification of the definition of minority individual, and requests comment on whether additional clarification is needed. Additionally, in section-by-section analysis of proposed § 1002.107(a)(20), the Bureau is requesting comment regarding whether an additional category for Middle Eastern or North African should be added for purposes of responding to a financial institution's inquiry regarding a principal owner's ethnicity or race and, if so, how this category should be included and defined. The Bureau also seeks comment on whether the definition of minority individual should include a natural person who is Middle Eastern or North African, as well as whether the inclusion of a natural person who is Middle Eastern or North African in the definition of minority individual for purposes of proposed § 1002.102( l ) should be dependent on whether Middle Eastern or North African is added as an aggregate category for purposes of proposed § 1002.107(a)(20).

102(m) Minority-Owned Business

Background

ECOA section 704B(b)(1) requires financial institutions to inquire whether applicants for credit are minority-owned businesses. For purposes of the financial institution's inquiry under 704B(b), 704B(h)(5) defines a business as a minority-owned business if (A) more than 50 percent of the ownership or control is held by one or more minority individuals, and (B) more than 50 percent of the net profit or loss accrues to one or more minority individuals. Section 1071 does not expressly define the related terms of “ownership” or “control,” nor does it describe what it means for net profits or losses to accrue to an individual.

SBREFA Proposal Under Consideration and Feedback Received

In the SBREFA Outline, the Bureau stated it was considering proposing use of the statutory definition of “minority-owned business” (as set forth above) with further clarification of the terms “ownership” and “control.” The Bureau considered proposing use of concepts set forth in the Financial Crimes Enforcement Network's (FinCEN) Customer Due Diligence (CDD) rule to clarify these terms.

Some SERs expressed concerns with certain aspects of the statutory definition of minority-owned business, asserting that the definition could cause confusion or pose particular complexities. Several SERs and some other stakeholders providing feedback on the SBREFA Outline asked that the definition of minority-owned business be revised to align with the definition used by other agencies, such as the SBA and the CDFI Fund. These SERs and other commenters recommended that the Bureau use a “50 percent or more” threshold for ownership or control, instead of the “more than 50 percent” standard in the statutory definition. Conversely, two SERs and several other commenters supported using the statutory definition of minority-owned business, including the “more than 50 percent” portion of the definition.

A number of SERs recommended that the Bureau simplify the definition to ensure it is understandable to small business applicants and to thereby facilitate consistent data collection. SERs' suggestions included eliminating the portion of the definition that refers to accrual of net profits and losses, eliminating the portion of the definition that refers to control, and providing a simplified and standardized definition.

Several SERs supported using the concepts of ownership and control in FinCEN's CDD rule when defining minority-owned business; one SER said that doing so would be logical and efficient, while another said it would create regulatory consistency and ease compliance burden. One SER said that most credit unions are familiar with the CDD rule. Generally, other commenters supported use of the CDD concepts to clarify the terms “ownership” and “control.” They stated that small business applicants are familiar with the concepts in the CDD rule or that they appreciated the consistency with existing regulatory requirements. However, one trade association commenter requested that the Bureau provide simplified applicant-facing materials without clarifying the definition, and two other stakeholders suggested that applicants might not be familiar with the CDD rule or may not understand the CDD rule.

The SBREFA Panel recommended seeking comment on potential interpretations of the definition of minority-owned business to clarify the term and to ensure that small business applicants would be able to understand questions asking if they are minority-owned businesses.

Proposed Rule

Proposed § 1002.102(m) would define a minority-owned business as a business for which more than 50 percent of its ownership or control is held by one or more minority individuals, and more than 50 percent of its net profits or losses accrue to one or more minority individuals. This definition is consistent with ECOA section 704B(h)(5) and the Bureau's proposal under consideration in the SBREFA Outline.

Proposed comment 102(m)-1 would explain that a business must satisfy both prongs of the definition to be a minority-owned business—that is, (A) more than 50 percent of the ownership or control is held by one or more minority individuals, and (B) more than 50 percent of the net profits or losses accrue to one or more minority individuals.

Proposed comment 102(m)-2 would clarify that the definition of minority-owned business is used only when an applicant determines if it is a minority-owned business for purposes of proposed § 1002.107(a)(18). A financial institution would provide the definition of minority-owned business when asking the applicant to provide minority-owned business status pursuant to proposed § 1002.107(a)(18), but a financial institution would not be permitted or required to make its own determination regarding whether an applicant is a minority-owned business for this purpose.

Proposed comment 102(m)-3 would further note that a financial institution would be permitted to assist an applicant when determining whether it is a minority-owned business but would not be required to do so, and could provide the applicant with the definitions of ownership, control, and accrual of net profits or losses set forth in proposed comments 102(m)-4 through -6. Additionally, for purposes of reporting an applicant's minority-owned business status, a financial institution would rely on the applicant's determinations of its ownership, control, and accrual of net profits and losses.

Consistent with the approach described during the SBREFA process, the Bureau is proposing to clarify “ownership” and “control” using concepts from the CDD rule. Proposed comment 102(m)-4 would clarify that a natural person owns a business if that natural person directly or indirectly, through any contract, arrangement, understanding, relationship or otherwise, has an equity interest in the business. Proposed comment 102(m)-4 would also provide examples of ownership and clarify that, where applicable, ownership would need to be traced or followed through corporate or other indirect ownership structures for purposes of proposed §§ 1002.102(m) and 1002.107(a)(18). Proposed comment 102(m)-5 would clarify that a natural person controls a business if that natural person has significant responsibility to manage or direct the business, and would provide examples of natural persons who control a business. Proposed comment 102(m)-6 would clarify that a business's net profits and losses accrue to a natural person if that natural person receives the net profits or losses, is legally entitled or required to receive the net profits or losses, or is legally entitled or required to recognize the net profits or losses for tax purposes.

The Bureau believes many small business applicants already respond to questions about who owns and who controls a business entity when completing CDD forms or otherwise responding to questions related to the CDD rule and thus should be familiar with the concepts in the CDD rule. Because the CDD rule does not address the second prong of the definition in ECOA section 704B(h)(5) (regarding accrual of net profit or loss), the Bureau is proposing in § 1002.102(m) that this prong of the definition be defined to mean that one or more minority individuals must receive or be legally entitled to receive the net profits or losses or that one or more minority individuals must be legally required to recognize the net profits and losses. However, the Bureau shares some SERs' concerns that the statutory definition of minority-owned business might, in some cases, be difficult for applicants to understand, which could in turn jeopardize the accuracy of reported data. Thus, consistent with the SBREFA Panel's recommendation, the Bureau seeks comment on the proposed definition of minority-owned business and possible alternatives that may clarify the term in order to help ensure that small business applicants can determine whether they are minority-owned businesses for purposes of section 1071 data collection.

102(n) Open-End Credit Transaction

Proposed § 1002.102(n) would state that open-end credit transaction means an open-end credit plan as defined in Regulation Z § 1026.2(a)(20), but without regard to whether the credit is consumer credit, as defined in § 1026.2(a)(12), is extended by a creditor, as defined in § 1026.2(a)(17), or is extended to a consumer, as defined in § 1026.2(a)(11). The term “open-end credit transaction” is undefined in section 1071. The Bureau's proposal specifies different rules for collecting and reporting certain data points based on whether the application is for a closed-end credit transaction or an open-end credit transaction. The Bureau believes its proposed definition is reasonable because it aligns with the definition of “open-end credit transaction” in Regulation Z § 1026.2(a)(20). The Bureau further believes that such alignment will minimize confusion and facilitate compliance.

The Bureau seeks comment on its proposed approach to this definition.

102(o) Principal Owner

Background

ECOA section 704B(e) requires financial institutions to compile and maintain the ethnicity, race, and sex of an applicant's principal owners. However, section 1071 does not expressly define who is a principal owner of a business.

SBREFA Proposal Under Consideration and Feedback

In the SBREFA Outline, the Bureau stated that it was considering proposing to define the term “principal owner” in a manner consistent with the CDD rule. Under a definition consistent with the CDD rule, an individual would be a principal owner if the individual directly or indirectly, through any contract, arrangement, understanding, relationship or otherwise, owns 25 percent or more of the equity interests of the business.

Several SERs and other stakeholders providing feedback on the SBREFA Outline expressed familiarity with the CDD rule, and supported aligning with that rule's 25 percent ownership standard for defining a principal owner for the section 1071 rule. One SER said that aligning definitions with the CDD rule would be logical and efficient. Another SER supported use of the CDD rule's concepts in determining who was a principal owner. Other SERs and stakeholders said they currently collect this information for beneficial owners at or above 20 percent in order to comply with SBA or other requirements and suggested aligning with that standard instead.

The SBREFA Panel recommended that the Bureau propose aligning the definition of principal owner with concepts of ownership and control that exist in other Federal regulations with which financial institutions are already complying, to the extent possible.

Proposed Rule

Proposed § 1002.102(o) would define principal owner in a manner that is, in part, consistent with the CDD rule. Specifically, a natural person would be a principal owner if the natural person directly owns 25 percent or more of the equity interests of the business. However, as proposed comment 102(o)-1 would note, a natural person would need to directly own an equity share of 25 percent or more in the business in order to be a principal owner. Due to the potential complications with collecting a principal owner's ethnicity, race, and sex information when a trust or entity is an owner, the Bureau is proposing that entities not be considered principal owners and indirect ownership by individuals likewise not be considered when determining if someone is a principal owner for purposes of collecting and reporting principal owners' ethnicity, race, and sex or the number of principal owners. Thus, when determining who is a principal owner, ownership would not be traced through multiple corporate structures to determine if a natural person owns 25 percent or more of the applicant's equity interests. Additionally, because only a natural person would be a principal owner for the 1071 rule, entities such trusts, partnerships, limited liability companies, and corporations, would not be principal owners.

Proposed comment 102(o)-2 would clarify that a financial institution would provide an applicant with the definition of principal owner when asking the applicant to provide the number of its principal owners pursuant to proposed § 1002.107(a)(21) and the ethnicity, race, and sex of its principal owners pursuant to proposed § 1002.107(a)(20). If a financial institution meets in person with a natural person about a covered application, the financial institution may be required to determine if the natural person with whom it meets is a principal owner in order to collect and report the principal owner's ethnicity and race based on visual observation and/or surname. (See proposed comments 107(a)(20)-5 and -9.) Additionally, proposed comment 102(o)-2 would note that if an applicant does not provide the number of its principal owners in response to the financial institution's request pursuant to proposed § 1002.107(a)(21), the financial institution may need to determine the number of the applicant's principal owners and report that information based on other documents or information. (See proposed comments 107(a)(21)-1 through -3.)

Consistent with its approach in the SBREFA Outline and with the SBREFA Panel's recommendation, the Bureau is proposing that the definition of principal owner align with the 25 percent ownership definition in the CDD rule. The Bureau believes that this standard, which aligns with another Federal regulation, is already broadly in use and is likely to be familiar to most financial institutions and applicants. Banks, credit unions, and certain other financial institutions must comply with the CDD rule. The Bureau believes applicants, as a general matter, are more likely to be familiar with CDD requirements than SBA or CDFI Fund requirements because they have to complete CDD forms before opening an initial account ( i.e., loan or deposit account) at a bank or at certain other institutions. However, due to potential complications with collecting ethnicity, race, and sex information for principal owners, the Bureau is proposing that individuals that only indirectly own 25 percent or more of an applicant's equity interests, as well as entities and trusts, are not principal owners.

The Bureau notes that it is possible under its proposed approach that an applicant might not identify any principal owners as being women or minorities but nonetheless could be a women- and/or minority-owned business. This could occur, for example, if a white male owned 40 percent of a business while three Asian women each owned 20 percent. Only the white male would be designated as a principal owner, but the business would be nonetheless both women-owned and minority-owned. While the Bureau acknowledges that some applicants could find this approach confusing, it is consistent with the statutory language in section 1071. To help mitigate against potential confusion, the Bureau has proposed that the questions regarding minority-owned business status and women-owned business status appear in the proposed sample data collection form before questions about the race, sex, and ethnicity of principal owners.

The Bureau seeks comment on this proposed definition of a principal owner, including the proposal not to include individuals that only indirectly own 25 percent or more of an applicant's equity interests as principal owners. The Bureau requests comment on whether additional clarification on any aspect of the proposed definition is needed.

102(p) Small Business

Proposed § 1002.102(p) would refer to proposed § 1002.106(b) for a definition of the term “small business.” See the section-by-section analysis of proposed § 1002.106(b) for a detailed discussion of that definition.

102(q) Small Business Lending Application Register

Proposed § 1002.102(q) would define the term “small business lending application register” or “register” as the data reported, or required to be reported, annually pursuant to proposed § 1002.109. The Bureau did not include a definition of small business lending application register in the SBREFA Outline, though it did address proposals under consideration for compiling, maintaining, and reporting 1071 data to the Bureau. See the section-by-section analysis of proposed § 1002.109 for a detailed discussion of the proposed rule's provisions addressing reporting data to the Bureau, including feedback received from SERs and other stakeholders on that subject. The Bureau's proposed definition refers only to the data that is reported, or required to be reported, annually; it does not refer to the data required to be collected and maintained (prior to reporting).

The Bureau seeks comment on its proposed definition of “small business lending application register” or “register” in proposed § 1002.102(q).

102(r) State

Proposed § 1002.102(r) would refer to existing § 1002.2(aa) for a definition of the term “State.” Existing § 1002.2(aa) defines the term as any State, the District of Columbia, the Commonwealth of Puerto Rico, or any territory or possession of the United States. The Bureau did not include a definition of State in the SBREFA Outline nor did it receive any feedback on the term from SERs. This proposed definition of State would be consistent with existing Regulation B and familiar to financial institutions.

The Bureau seeks comment on its proposed approach to this definition.

102(s) Women-Owned Business

Background

ECOA section 704B(b)(1) requires financial institutions to inquire whether applicants for credit are women-owned businesses. For purposes of the financial institution's inquiry under 704B(b), 704B(h)(5) defines a business as a women-owned business if (A) more than 50 percent of the ownership or control is held by one or more women, and (B) more than 50 percent of the net profit or loss accrues to one or more women. Section 1071 does not expressly define the related terms of “ownership” or “control,” nor does it describe what it means for net profits or losses to accrue to an individual.

SBREFA Proposal Under Consideration and Feedback Received

In the SBREFA Outline, the Bureau stated that it was considering proposing use of the statutory definition of a “women-owned business” (as set forth above) with further clarification of the terms “ownership” and “control” using concepts set forth in the CDD rule.

Some SERs expressed concerns with certain aspects of the statutory definition of women-owned business, asserting that the definition could cause confusion or pose particular complexities. Several SERs and some other stakeholders providing feedback on the SBREFA Outline asked that the definition of women-owned business be revised to align with the definition used by other agencies, such as the SBA and the CDFI Fund. Some SERs as well as some other commenters expressed concern that a business that is owned equally by a woman and a man would not be a “women-owned business” under the statutory definition of women-owned business because the woman would not own “more than 50 percent” of the business and the woman might not control more than 50 percent of the business. These SERs and other commenters recommended that the Bureau instead use a “50 percent or more” threshold for ownership or control as the standard. Conversely, two SERs and several other stakeholders supported using the statutory definition of women-owned business, including the “more than 50 percent” portion of the definition.

A number of SERs recommended that the Bureau simplify the definition to ensure it is understandable to small business applicants and to thereby facilitate consistent data collection. SERs' suggestions included eliminating the portion of the definition that refers to accrual of net profit and loss, eliminating the portion of the definition that refers to control, and providing a simplified and standardized definition.

Several SERs supported using the concepts of ownership and control in the CDD rule when defining women-owned business; one SER said that doing so would be logical and efficient, while another said it would create regulatory consistency and ease compliance burden. One SER said that most credit unions are familiar with the CDD rule. Generally, other commenters supported use of the CDD concepts to clarify the terms “ownership” and “control.” They stated that small business applicants are familiar with the concepts in the CDD rule or that they appreciated the consistency with existing regulatory requirements. However, one trade association commenter thought the Bureau should provide simplified applicant-facing materials without clarifying the definition, and two other stakeholders suggested that applicants might not be familiar with the CDD rule or may not understand the CDD rule.

The SBREFA Panel recommended seeking comment on potential interpretations of the definition of women-owned business to clarify the term and to ensure that small business applicants would be able to understand questions asking if they are a women-owned business.

Proposed Rule

Proposed § 1002.102(s) would define a women-owned business as a business for which more than 50 percent of its ownership or control is held by one or more women, and more than 50 percent of its net profits or losses accrue to one or more women. This definition is consistent with ECOA section 704B(h)(6) and the Bureau's proposal under consideration in the SBREFA Outline.

Proposed comment 102(s)-1 would explain that a business must satisfy both prongs of the definition to be a women-owned business—that is, (A) more than 50 percent of the ownership or control is held by one or more women, and (B) more than 50 percent of the net profits or losses accrue to one or more women.

Proposed comment 102(s)-2 would clarify that the definition of women-owned business is used only when an applicant determines if it is a women-owned business for purposes of proposed § 1002.107(a)(19). A financial institution would provide the definition of women-owned business when asking the applicant to provide women-owned business status pursuant to proposed § 1002.107(a)(19), but a financial institution would not be permitted or required to make its own determination regarding whether an applicant is a women-owned business for this purpose.

Proposed comment 102(s)-3 would further note that a financial institution would be permitted to assist an applicant when determining whether it is a women-owned business but would not be required to do so, and could provide the applicant with the definitions of ownership, control, and accrual of net profits or losses set forth in proposed comments 102(s)-4 through -6. Additionally, for purposes of reporting an applicant's women-owned business status, a financial institution would rely on the applicant's determinations of its ownership, control, and accrual of net profits and losses.

Consistent with the approach during the SBREFA process, the Bureau is proposing to clarify “ownership” and “control” using concepts from the CDD rule. Proposed comment 102(s)-4 would clarify that a natural person owns a business if that natural person directly or indirectly, through any contract, arrangement, understanding, relationship or otherwise, has an equity interest in the business. Proposed comment 102(s)-4 would also provide examples of ownership and clarify that, where applicable, ownership would need to be traced or followed through corporate or other indirect ownership structures for purposes of proposed §§ 1002.102(s) and 1002.107(a)(19). Proposed comment 102(s)-5 would clarify that a natural person controls a business if that natural person has significant responsibility to manage or direct the business and would provide examples of natural persons who control a business. Proposed comment 102(s)-6 would clarify that a business's net profits and losses accrue to a natural person if that natural person receives the net profits, is legally entitled or required to receive the net profits or losses, or is legally entitled or required to recognize the net profits or losses for tax purposes.

The Bureau believes many small business applicants already respond to questions about who owns and who controls a business entity when completing CDD forms or otherwise responding to questions related to the CDD rule and would be familiar with the concepts in the CDD rule. Because the CDD rule does not address the second prong of the definition in ECOA section 704B(h)(6) (regarding accrual of net profit or loss), the Bureau is proposing in comment 102(s)-4 that this prong of the definition be defined to mean that one or more women must receive or be legally entitled to receive the net profits or losses or that one or more women must be legally required to recognize the net profits or losses. However, the Bureau shares some SERs' concerns that the statutory definition of women-owned business might, in some cases, be difficult for applicants to understand, which could in turn jeopardize the accuracy of reported data. Thus, consistent with the SBREFA Panel's recommendation, the Bureau seeks comment on the proposed definition of women-owned business and possible alternatives that may clarify the term in order to help ensure that small business applicants can determine whether they are a women-owned business for purposes of section 1071 data collection.

Section 1002.103 Covered Applications

ECOA section 704B(b) requires that financial institutions collect, maintain, and report to the Bureau certain information regarding “any application to a financial institution for credit.” For covered financial institutions, the definition of “application” will trigger data collection and reporting obligations with respect to covered credit transactions. However, section 1071 does not expressly define “application.”

The Bureau is proposing § 1002.103 to define what is, and is not, a covered application for purposes of subpart B pursuant to its authority in ECOA section 704B(g)(1) to prescribe such rules and issue such guidance as may be necessary to carry out, enforce, and compile data pursuant to section 1071. Proposed § 1002.103(a) would provide a general definition of the term “covered application,” followed by a list of the circumstances that are not covered applications in proposed § 1002.103(b).

103(a) Covered Application

SBREFA Proposal Under Consideration and Feedback Received

In the SBREFA Outline, the Bureau stated it was considering defining an “application” largely consistent with the definition of that term in existing § 1002.2(f)— i.e., “an oral or written request for an extension of credit that is made in accordance with procedures used by a creditor for the type of credit requested.” The Bureau considered possible alternative definitions of “application,” including defining the term by using the definition of the term “completed application” in existing § 1002.2(f) (when “a creditor has received all the information that the creditor regularly obtains and considers in evaluating applications for the amount and type of credit requested . . . ”). The Bureau also considered defining “application” as particular documents or specific data points that, if collected, would trigger a duty to collect and report data.

SERs discussed their varied methods of defining what constitutes an “application” within their institutions. Many SERs define an application as the point when there is enough information to make a credit decision. Several SERs define an application as meeting the requirements of a checklist, stating that obtaining all the information and satisfying due diligence can take a long time. Other SERs define an application as the submission of specific data or documents, or obtaining sufficient information about the borrower to pull a credit report. One SER explained that their in-person application process is iterative, not readily definable, and unique for each applicant. The SER also explained that a single underwriting process could be used at their financial institution for multiple loans requested throughout the year.

Several SERs supported using the definition of “application” in existing § 1002.2(f). One of these SERs emphasized the importance of capturing data that may indicate potential discouragement of minority-owned businesses, including discouragement that could occur in advance of an application being submitted for underwriting. Another SER stated that using the definition in existing § 1002.2(f) would be helpful for training purposes, rather than creating a wholly new definition for purposes of implementing section 1071. Many SERs urged the Bureau in an eventual 1071 rule to define an application as a completed application, that is, at the point when there is sufficient information to render a credit decision. One SER opposed using the definition of “completed application,” explaining that it would be too restrictive and less aligned with the purposes of section 1071. Another SER opposed use of the definition of application in existing § 1002.2(f), explaining that in a “relationship lending” model, each small business application is unique.

SERs expressed varying views on whether withdrawn and incomplete applications should be captured in the 1071 data. Some SERs felt incomplete applications should be captured in the 1071 data as a potential indicator of discouragement. One SER stated that small and unsophisticated businesses are more likely to leave an application incomplete. Another SER recommended not capturing incomplete applications, asserting that such data would not be informative or useful. Another SER expressed concern about whether incomplete or withdrawn applications would include sufficient data for reporting.

Other stakeholders also provided feedback on the definition of “application.” The overwhelming majority of commenters, including both community groups and industry representatives, supported use of the definition of an “application” in existing § 1002.2(f). Community groups, CDFIs, and a SER noted that use of the definition would further the purposes of 1071 by capturing applicants dissuaded from completing an application, potentially due to unlawful discouragement or other discrimination. Commenters highlighted research that minority-owned and women-owned businesses are disproportionately discouraged from applying for credit and the frequency of discrimination during the pre-application stage. One commenter stated that the definition could better identify barriers to credit, consistent with the community development purpose of section 1071. Other commenters, including many industry commenters, stated that financial institutions are familiar with the definition in existing § 1002.2(f), and so use of this definition would reduce burden by minimizing the need for additional training or different procedures. Several commenters also stated that using the definition in existing § 1002.2(f) is appropriate given that section 1071 amends ECOA, which is implemented by existing Regulation B. One industry commenter also highlighted the flexibility provided by the definition in existing § 1002.2(f).

Although supportive of using the definition in existing § 1002.2(f) for the 1071 rule, several industry commenters sought further clarification or illustrations of the definition given considerable variations in practices among financial institutions. One commenter suggested a safe harbor that allows a financial institution to define what constitutes an “application.” One industry trade representative expressed that many of its members have no formal “application” and so attempts to leverage existing definitions or stages to define an application would be unfamiliar to their members and could create an inflexible process.

Several industry commenters supported triggering section 1071 data collection and reporting based on the “completed application” definition in existing § 1002.2(f) and stated that the Bureau should not require data collection on withdrawn and incomplete applications. These commenters stated that using a “completed application” definition would provide more complete and meaningful data, more uniformity across products and lenders, and conserve resources that would otherwise be required to gather missing data points on incomplete or withdrawn applications. One commenter stated that collection of data on incomplete applications would not further section 1071's purposes or reflect potential discrimination, but rather would merely represent borrower confusion in the application process. One commenter suggested using a defined set of criteria to define an “application.”

Several SERs and other stakeholders also provided comments on applicant requests for more than one product at the same time. For example, in connection with the application/loan number data point (referred to in this proposal as the unique identifier data point), one SER stated that if an applicant requests more than one type of credit product, a separate application/loan number is assigned to each product request. In contrast, other SERs indicated they use a single application number even if multiple products are requested. Among other stakeholders, some commenters supported reporting separate applications in instances where the applicant requests multiple covered credit transactions at the same time, while others supported requiring reporting of only one application. One commenter suggested that the Bureau should accommodate both approaches. Another commenter remarked that if a business is applying for multiple products, the basic information is going to be the same, the only difference being that only one product is funded. This same commenter suggested that if these requests are reported as multiple applications, that will overinflate the data.

Relatedly, two SERs discussed the issue of multiple extensions of credit resulting from a single application. One of these SERs explained that such multiple extensions of credit are assigned separate application/loan numbers at their financial institution. The other SER suggested that reporting in this situation will be complex, and that combining the separate loans that could result into a single reporting line would be extremely difficult.

The SBREFA Panel recommended that, if the Bureau proposes using the Regulation B definition of the term “application” for 1071 data collection, the Bureau consider clarifying when a completed application— i.e., an application sufficient to make a credit decision—falls within the proposed definition of the term “application.” The SBREFA Panel further recommended the Bureau seek comment on the benefits and costs of collecting 1071 data on incomplete or withdrawn applications. Finally, with respect to lines of credit, the SBREFA Panel recommended (in the context of the loan/credit type and loan/credit purpose data points) that the Bureau seek comment on how financial institutions currently handle increases in lines of credit and how best to require reporting of multiple lines of credit within the same account.

Proposed Rule

The Bureau is proposing to define a covered application in § 1002.103(a) as an oral or written request for a covered credit transaction that is made in accordance with procedures used by a financial institution for the type of credit requested. This proposed definition of “covered application” is consistent with the definition of “application” that the Bureau said it was considering proposing in the SBREFA Outline. As noted above, the term “application” is undefined in section 1071. The Bureau believes its proposed definition of the term is reasonable, particularly as it aligns with the definition of “application” in existing § 1002.2(f). The Bureau is also proposing commentary to accompany this definition. Circumstances that are not covered applications are addressed in the section-by-section analysis of proposed § 1002.103(b) below. Pursuant to ECOA section 704B(b)(1), an “application” triggering data collection and reporting obligations occurs without regard to whether such application is received in person, by mail, by telephone, by electronic mail or other form of electronic transmission, or by any other means.

Several SERs and a majority of other commenters supported use of this definition, noting that it best aligns with the purposes of section 1071 and is familiar to creditors. The Bureau agrees with certain SERs and other commenters that incomplete and withdrawn applications—which would generally be captured under proposed § 1002.103(a)—are essential to the purposes of section 1071 as a tool to identify potential discrimination (including through discouragement) and to better understand the credit market. The definition of “covered application” in proposed § 1002.103(a), which is similar to the definition of “application” in existing § 1002.2(f), is also familiar to creditors and provides flexibility to accommodate different application processes described by the SERs (including written and oral applications; online and relationship lending models; and use of standard forms, checklists, and other minimum requirements). Finally, the Bureau believes this approach strikes an appropriate balance by triggering 1071 collection and reporting requirements only after there is a request for credit (using procedures defined by the financial institution), but still early enough in the process to capture most incomplete, withdrawn, and denied applications.

The Bureau recognizes that the proposed definition of “covered application” in § 1002.103(a), while flexible, would mean that 1071 data collection and reporting may be triggered at different times for different financial institutions and different types of covered credit transactions. For example, for a financial institution that defines an application under its procedures as the submission of a standard form either online or in-person, a “covered application” would be triggered when an applicant submits the form. In contrast, another financial institution may not use a standard form and instead define an application as a request for credit and authorization to pull a credit check on the business and principal owners. In that circumstance, a “covered application” under proposed § 1002.103(a) would not be triggered until that process is satisfied. Using the same example, if the financial institution orally collects certain information from a prospective applicant (such as gross annual revenue and business location) and discusses with the prospective applicant potential credit product options offered by the financial institution, no “covered application” would be triggered until the prospective applicant indicates that it wants to proceed to apply for credit and authorizes the financial institution to pull a credit check. Similarly, if a prospective applicant merely expresses interest in obtaining credit—not yet focusing on any particular type of covered credit transaction and not submitting a “covered application”—the interaction also would not be reportable. While the proposed definition of “covered application” does not provide a bright-line rule, the Bureau believes the proposed definition would be familiar to financial institutions and provide consistency with existing Regulation B and Regulation C.

During SBREFA, SERs asked the Bureau to clarify when an application sufficient to make a credit decision would align with an “application” triggering 1071 collection and reporting requirements. Accordingly, the Bureau notes that a “covered application” may align with the information necessary to make a credit decision or it may be possible to have a “covered application” before having information necessary to make a credit decision—it depends on each financial institution's own procedures. For example, suppose a financial institution defines an application under its procedures as the point when an applicant, or someone on the applicant's behalf, fills out certain key pieces of information on an application form. If the financial institution's process is to immediately transmit the application to underwriting for a decision once the form is submitted, 1071 collection and reporting would likely be triggered at the same time there is sufficient information to make a credit decision. On the other hand, if the financial institution requires additional verification of documents and follow-up requests before submitting the loan file to underwriting, the financial institution would likely have a “covered application” before it has sufficient information to make a credit decision.

Proposed comment 103(a)-1 would underscore that a financial institution has latitude to establish its own application process or procedure and to decide the type and amount of information it will require from applicants. Proposed comment 103(a)-2 would explain that the term “procedures” refers to the actual practices followed by a financial institution as well as its stated application procedures, and provides an example. Because the definition of “covered application” is based on a financial institution's actual practices, a financial institution should have little incentive to attempt to artificially define an “application” in its written procedures as occurring later in the process; for example, if a financial institution has near a 100 percent approval rate because all “applications” have already been vetted earlier in the process, the financial institution's stated definition of an application likely does not reflect its actual practices. Proposed comment 103(a)-3 would provide that the commentary accompanying existing §§ 1002.2(f) and 1002.9 is generally applicable to the proposed definition of “covered application,” except as provided otherwise in proposed § 1002.103(b).

Proposed comments 103(a)-4 through -6 would address how a financial institution reports multiple covered credit transaction requests at one time or a request for a credit transaction that results in the origination of multiple covered credit transactions. Proposed comment 103(a)-4 would provide that if an applicant makes a request for two or more covered credit transactions at one time, the financial institution reports each request for a covered credit transaction as a separate covered application. The Bureau believes the proposed approach would further the purposes of section 1071 by better capturing demand for credit, including demand for different covered credit transactions at the same time. The Bureau also believes that the simplicity of this approach would reduce data reporting errors compared to potential alternatives, for example, alternatives in which the financial institution may sometimes report such requests as a single covered application or, in other circumstances, as multiple covered applications. Finally, the Bureau believes that concerns about duplicative information requests would be mitigated by permitting financial institutions to reuse certain previously collected data, as set forth in proposed § 1002.107(c)(2). In response to SERs' feedback, proposed comment 103(a)-5 would address the circumstance where an initial request for a single covered credit transaction results in the origination of multiple covered credit transactions. Similarly, in response to the SBREFA Panel's recommendations, proposed comment 103(a)-6 would address requests for multiple lines of credit at one time, proposing that such requests would be reported based on the procedures used by the financial institution for the type of credit account.

Proposed comment 103(a)-7 would address how a financial institution would report applications where there is a change in whether the applicant is requesting a covered credit transaction. If the applicant initially requests a covered credit transaction, but during the application process is offered and accepts instead a product that is not reportable, the Bureau is proposing to designate this circumstance as not a covered application, due in part to concerns that reporting in this scenario could affect data quality. For example, reporting on product types that are not covered credit transactions (for example, leases) could raise data quality questions if there are not appropriate fields to capture the terms of those transactions. Despite these concerns, the Bureau is also considering whether capturing such transactions in the 1071 data could be useful to identifying potential steering or other forms of discrimination, therefore furthering the purposes of section 1071. As noted below, the Bureau seeks comment on whether to require full or limited reporting in these circumstances. If an applicant initially requests a product that is not a covered credit transaction, but during the application process decides to seek instead a product that is a covered credit transaction, the application is a covered application and must be reported.

The Bureau seeks comment on its proposed definition of a covered application in § 1002.103(a) and associated commentary. The Bureau also seeks comment on the advantages and disadvantages of collecting data on incomplete or withdrawn applications, as well as how collection would or would not further the purposes of section 1071. In addition, the Bureau seeks comment on reporting of multiple lines of credit on a single credit account, including how financial institutions internally consider multiple lines of a credit on a single account and the Bureau's proposed approach in comment 103(a)-6.

As noted above, the Bureau also seeks comment on how a financial institution should report applications where there is a change in whether the request for credit involves a covered credit transaction. Specifically, the Bureau seeks comment on the advantages and disadvantages of requiring full or limited reporting where an applicant initially seeks a product that is a covered credit transaction, but ultimately is offered and accepts a product that is not reportable. For example, whether in those circumstances the financial institution should report limited data points related to the transaction (such as whether the applicant is a small business; whether the applicant is a women-owned business or a minority-owned business; the principal owners' race, sex, and ethnicity; number of principal owners; gross annual revenue; and loan type reported as “Non-reportable credit product” or something similar). The Bureau is particularly interested in receiving comments on the utility of such data to identify potential steering or other forms of discrimination, the effect on data quality, and other factors related to the purposes of section 1071.

Alternatives Considered

The Bureau considered several other options for defining “application.” First, the Bureau considered triggering 1071 collection and reporting based on a “completed application,” which is defined in existing § 1002.2(f) as an application in which the creditor has received “all the information that the creditor regularly obtains and considers” in evaluating similar products. The Bureau is not proposing to use the definition of “completed application” in existing § 1002.2(f) for its definition of covered application in subpart B, as doing so would exclude incomplete applications and many withdrawn applications that may reflect demand for credit and potential discrimination during the application process. While some commenters noted that use of this definition would provide uniformity in the data across financial institutions and product types, the Bureau is concerned about the loss of data on incomplete and withdrawn applications. Although some commenters suggested that the “completed application” definition could result in more accurate and complete data because it is collected later in the application process, the Bureau believes that this benefit can largely be obtained under the current proposal by requiring financial institutions to report, where available, verified applicant-provided information, as set forth in proposed § 1002.107(b). Although some SERs and other stakeholders urged the Bureau to define an application based on when there is sufficient information to render a credit decision, as pointed out by another SER, such a definition may not be as effective in furthering the purposes of 1071. For example, it would capture few to no incomplete applications and a smaller share of withdrawn applications. Moreover, as discussed above, in certain situations—depending on a financial institution's application procedures—the definition of a covered application in proposed § 1002.103(a) may align with the point where there is enough information to render a credit decision.

The Bureau also considered defining “covered application” as a set of specific data points that, if collected, would trigger a duty to collect and report 1071 data. The Bureau is not proposing this approach for a few reasons. First, this approach would introduce another regulatory definition of “application,” which could cause confusion and hinder compliance. Second, this approach could require financial institutions to alter their existing practices, resulting in burden. Third, this approach could lead some financial institutions to intentionally delay the gathering of one or more data points until after a credit decision was made in order to avoid triggering 1071 obligations. Last, this approach may be difficult to execute given that financial institutions use different data points in underwriting based on product type, lending model, exposure, and other factors.

103(b) Circumstances That Are Not Covered Applications

SBREFA Proposal Under Consideration and Feedback Received

In the SBREFA Outline, the Bureau stated it was considering clarifying circumstances that would not be reportable under section 1071, even if certain of those circumstances would otherwise be considered an “application” under existing § 1002.2(f). Specifically, those circumstances were: (1) Inquiries/prequalifications; (2) reevaluation, extension, and renewal requests, except requests for additional credit amounts; and (3) solicitations and firm offers of credit.

Reevaluation, extension, or renewal requests on an existing business credit account, unless the request seeks additional credit amounts. Several SERs supported the Bureau's proposal under consideration to exclude renewals unless additional credit is requested; one SER also supported excluding solicitations. Several SERs urged the Bureau to exclude line increases as a distinct type of application, explaining that financial institutions may not require a new application for such requests and that underwriting a line increase request is substantively distinct from underwriting a request for new credit because a line increase extensively relies on past performance data and prior relationships. Due to these differences, one SER suggested that including line increases may skew 1071 data, causing misinterpretations. The SBREFA Panel recommended the Bureau seek comment on whether to include line increases as a separate reportable application. The SBREFA Panel also recommended that the Bureau seek comment on how financial institutions currently handle increases in lines of credit.

A number of other industry stakeholders also supported the Bureau's proposal under consideration to exclude reevaluations, extensions, and renewal requests (except requests for additional credit amounts). The commenters stated that such collection would be duplicative since financial institutions would also be reporting data on the original application (perhaps in the same reporting year). The commenters also noted that extension requests are often short term and granted without a full application process, that requiring reporting could lead to fewer financial institutions offering extensions due to the added collection and reporting burden (particularly for open-ended credit), and that providing an exemption would be consistent with HMDA reporting. One commenter sought exclusion of rate adjustments. Community group commenters opposed exclusion of reevaluations, renewals, and extensions.

Several industry commenters opposed 1071 collection and reporting on reevaluations, extensions, or renewals that seek additional credit amounts. These commenters stated that 1071 collection and reporting should focus on data collected at the time of origination, that collecting data repeatedly from the same borrowers would add burden, and that collecting data for line increases would make it difficult for financial institutions to provide timely approvals. One commenter suggested only reporting on additional credit amounts if the original note is replaced. Other industry commenters—while not explicitly opposing such collection—suggested the Bureau further consider whether increases or renewals with additional credit amounts should be an “application” for purposes of the rule. The commenters noted that such increases/renewals are typically more streamlined than a standard application given the financial institution already has the applicant's information in its possession, and that the Bureau should carefully balance burden (which could affect how such requests could be processed) with benefit (obtaining additional data on the same applicant). One industry representative supported collection on requests that include additional credit amounts. Another commenter sought clarification on what would be reported in such circumstances: The newly advanced funds or the entire outstanding amount.

Inquiries and prequalification requests. Several SERs urged the Bureau not to require reporting on prequalifications or inquiries. These SERs explained that they encounter a high number of inquiries from rate shoppers asking about qualification requirements and potential rates, many of which are abandoned or otherwise do not progress to a completed application. A significant number of other industry commenters also supported the Bureau's proposal under consideration to exclude inquiries and prequalifications. These commenters noted that such inquiries could include countless informal interactions that would be difficult to collect in a consistent manner and that may lead to misleading or erroneous data. The commenters also stated that collection would be duplicative and impose significant burden without countervailing benefits. Community group commenters expressed support for collecting data on inquiries and prequalifications to identify discrimination that occurs before an application is submitted.

Solicitations and firm offers of credit. A number of industry commenters supported exclusion of solicitations and firm offers of credit. One commenter noted that excluding such data would avoid duplicative steps and be consistent with the purposes of section 1071.

Proposed Rule

Proposed § 1002.103(b) would identify certain circumstances that are not covered applications—even if they otherwise would be considered an application under existing § 1002.2(f). Specifically, the Bureau is proposing that a covered application does not include (1) reevaluation, extension, or renewal requests on an existing business credit account, unless the request seeks additional credit amounts; and (2) inquiries and prequalification requests. As discussed below, solicitations and firm offers of credit would also not be “covered applications” under the proposed definition. The Bureau is also proposing comments 103(b)-1 through -5 to provide additional guidance and examples of circumstances that do and do not trigger 1071 collection and reporting as a covered application. For example, proposed comment 103(b)-4 clarifies that the term “covered application” does not include evaluations or reviews of existing accounts initiated by the financial institution.

Reevaluation, extension, or renewal requests on an existing business credit account, unless the request seeks additional credit amounts. The Bureau is proposing to exclude from the definition of a “covered application” requests by borrowers to modify the terms or duration of an existing extension of credit, other than (as explained below) requests for additional credit amounts. The Bureau believes that requests to modify the terms or duration of an existing extension of credit, which occur with high frequency in the small business lending space, may add complexity and burden for financial institutions, while potentially providing limited additional information relevant to the purposes of section 1071. Moreover, broadly including requests to modify the terms or duration of existing extensions of credit might affect the quality of the data absent additional flags to distinguish the transactions from new originations. The Bureau is also concerned about the impact of adding 1071 collection and reporting requirements to what are otherwise streamlined evaluations, particularly given the limited additional data that would be gained from such reporting. The Bureau also notes that Regulation C takes a similar approach by excluding reporting of loan modifications.

In contrast, the Bureau is not proposing to exclude requests for additional credit amounts (such as line increases or new money on existing facilities). That is, reporting would be required for requests for additional credit amounts. The Bureau believes that capturing requests for additional credit amounts will further the purposes of section 1071, particularly the community development purpose, as it would more accurately capture demand for credit. Although several SERs and other commenters opposed reporting on new credit amounts—due to the potentially streamlined nature of such reviews (which may differ from underwriting of new applications) and concerns about duplicative reporting—the Bureau believes these factors do not outweigh the potential community development benefits of reporting and collection. Moreover, the Bureau believes that concerns about duplicative reporting would be mitigated by proposed § 1002.107(c)(2), which would permit a financial institution to reuse certain data points under certain circumstances. In addition, under proposed § 1002.107(a)(7) and (8), when reporting a covered application that seeks additional credit amounts on an existing account, the financial institution would only report the additional credit amount sought (and approved or originated, as applicable), and not the entire credit amount extended. A request to withdraw additional credit amounts at or below a previously approved credit limit amount on an existing open-end line of credit would not be a covered application as the request falls within the terms of a previously approved covered credit agreement.

Inquiries and prequalification requests. Existing Regulation B recognizes that before a consumer or business requests credit in accordance with the procedures used by a creditor for the type of credit requested, a creditor may provide a prospective applicant with information about credit terms. Existing Regulation B comments 2(f)-3 and 9-5 refer to these situations as inquiries and prequalification requests. Generally, an inquiry occurs when a consumer or business requests information about credit terms offered by a creditor; a prequalification request generally refers to a request by a consumer or business for a preliminary determination on whether the prospective applicant would likely qualify for credit under a creditor's standards or for what amount. Under existing Regulation B comments 2(f)-3 and 9-5, an inquiry or prequalification request may become an “application” that triggers adverse action notification requirements if the creditor evaluates information about the consumer or business, decides to decline the request, and communicates this to the consumer or business; otherwise, such inquiries and prequalification requests are generally not considered applications under existing Regulation B. As explained in existing comment 2(f)-3, whether the inquiry or prequalification request becomes an application depends on how the creditor responds to the consumer or business, not on what the consumer or business says or asks.

Regulation C excludes all prequalification requests from HMDA reporting, even if the prequalification request becomes an application under existing Regulation B. Regulation C does not address reporting of inquiries more generally.

The Bureau is proposing to exclude inquiries and prequalification requests as a “covered application,” even if the inquiry or prequalification request may become an “application” under existing § 1002.2(f) that may trigger notification requirements. The Bureau agrees with SERs and other commenters that requiring data collection for all inquiries and prequalifications could create operational challenges given that such interactions may be voluminous and typically occur before a financial institution has the relevant data or processes in place for tracking requests for credit. The Bureau is likewise concerned that requiring the collection of 1071 data for these requests could pose data accuracy issues, given the often informal nature of these interactions, which may raise the risk of missing, unavailable, or erroneous data. In addition, reporting of inquiries and prequalifications could be duplicative if the applicant subsequently applies for credit in accordance with the procedures designated by the financial institution.

The Bureau also has concerns about requiring reporting of inquiries and prequalification requests only in situations that would otherwise be treated as an “application” under existing Regulation B— i.e., when the financial institution evaluates information about the consumer or business, decides to decline the request, and communicates this to the consumer or business. The Bureau is concerned that the logistics of reporting an inquiry or prequalification only in certain circumstances—if the institution evaluates the information, declines the request, and communicates it to the business—would be operationally challenging for financial institutions and could lead to data distortion as only denials would be captured. In these circumstances, a financial institution may prefer reporting all inquiries and prequalifications, which could lead to some of the challenges identified above. The Bureau is also considering the market effects of requiring reporting only for certain inquiries and prequalification requests, including whether it would cause financial institutions to restrict such interactions or services.

The Bureau, however, remains concerned about potential discrimination that may occur in these early interactions with a financial institution. In particular, the Bureau is concerned about excluding data on inquiries and prequalification requests when the financial institution evaluates information about a business and declines the request, which may be useful for identifying potential prohibited discouragement of or discrimination against applicants or prospective applicants.

On balance, the Bureau believes it is appropriate to interpret “application” as used in section 1071 to exclude inquiries and prequalification requests given the considerations identified above, including the timing and often informal nature of such interactions, the operational challenges of implementing such a definition, and related concerns about the reliability of the data.

Although the Bureau is proposing to exclude inquiries and prequalification requests from the definition of “covered application,” the Bureau notes that the relevant analysis of whether an inquiry or prequalification request is reportable focuses on how the financial institution structures, processes, and responds to such requests, not what they are called. For example, if a financial institution has a formalized process to screen businesses requesting credit and deny those it considers ineligible, a request for credit that goes through that process may be a “covered application,” even if the financial institution labels the review a “prequalification” request or an “inquiry.”

The Bureau further notes that requests for credit that meet the proposed definition of “covered application” would be reportable, even if the application was preceded by an inquiry or prequalification request. For example, if a business initially seeks information about potential credit offerings, the financial institution responds, and then the business submits an application for a covered credit transaction following the financial institution's procedures, the application would be reportable. If, on the other hand, the business asks about potential credit offerings, but then chooses not to submit an application, there is no covered application.

Finally, the Bureau notes that inquiries and prequalification requests where the institution evaluates the information, declines the request, and communicates it to the business or consumer, are “applications” under existing Regulation B, and are thus subject to its requirements regarding “applications,” including its adverse action notification requirements and nondiscrimination provisions. In no way are the exclusions in proposed § 1002.103(b) intended to repeal, abrogate, annul, impair, change, or interfere with the scope of the term application in existing § 1002.2(f) as applicable to existing Regulation B.

Solicitations and firm offers of credit. Proposed comment 103(b)-4 would clarify that the term covered application does not include solicitations and firm offers of credit; like other reviews or evaluations initiated by the financial institution, these communications do not involve an applicant requesting credit, and so are not “covered applications.” Excluding solicitations and firm offers of credit is also consistent with the language of ECOA section 704B(b)(1), which provides that an application in response to a solicitation by a financial institution could be an application under section 1071, but the text is silent on solicitations without any applicant response. Thus, consistent with the statutory language, a solicitation or firm offer of credit may become a “covered application” under the proposed definition if an applicant responds to the solicitation or offer by requesting a covered credit transaction.

In conclusion and for the reasons identified above, the Bureau believes its proposed exclusion of inquiries and prequalification requests is reasonable. Similarly, the Bureau believes its proposed exclusion of reevaluation, extension, or renewal requests on an existing business credit account, unless the request seeks additional credit amounts, is a reasonable interpretation of an “application” as used in section 1071 for the reasons described above, including that the original extension of credit would be collected and reported and further reporting would yield limited additional data. The Bureau also believes its proposed treatment of solicitations and firm offers of credit is a reasonable interpretation of an “application” as used in section 1071, as discussed above.

The Bureau seeks comment on its proposed definition of a covered application in § 1002.103(b) and associated commentary. The Bureau also seeks comment on whether instead to define a “covered application,” consistent with existing Regulation B, to include inquiries or prequalification requests where the financial institution evaluates information about the business, decides to decline the request, and communicates this to the business. Related to this alternative approach, the Bureau further seeks comment on whether additional data fields may be necessary in order to distinguish prequalification requests and inquiries from other reported applications. In addition, if the Bureau were to require reporting of declined inquiries or prequalification requests (as described above), the Bureau seeks comment on whether financial institutions would want the option to report all prequalification requests and inquiries, to allow for a comparison with denials.

In addition, the Bureau seeks comment on whether, alternatively, to define a “covered application” consistent with Regulation C, which (as discussed above) does not require a financial institution to report prequalification requests, even if those requests may constitute applications under existing Regulation B for purposes of adverse action notices, but does not address reporting of inquiries more generally. Related to this alternative approach, the Bureau also seeks comment on whether greater clarity could be achieved by defining, for purposes of proposed subpart B only, inquiries as requests for information about loan terms that do not become applications under existing Regulation B, and prequalification requests as requests that may become applications under existing Regulation B. In addition, the Bureau also seeks comment on the frequency with which financial institutions accept prequalification requests (as described in Regulation C comment 2(b)-2, but with respect to prospective business applicants) and what data are collected in connection with such prequalification requests, as well as potential effects on the market if some or all prequalification requests were reportable under section 1071.

Consistent with the SBREFA Panel's recommendation, the Bureau also seeks comment on whether to include line increase requests as a “covered application” and information on how financial institutions currently process requests for a line of credit increase. In addition to line increases, the Bureau also seeks comment on financial institution practices related to other types of requests for additional credit amounts, and whether such requests should be captured in 1071 data.

Lastly, the Bureau notes that Regulation C requires the reporting of assumptions for HMDA, but the Bureau does not have information on whether assumptions are similarly used in the small business lending context. The Bureau seeks comment on this issue, including how an assumption in small business lending might be structured (for example, whether it is typically a modification of an existing extension of credit or a new extension of credit), the frequency of assumptions in the small business lending context, and whether reporting of assumptions for small business lending would further the purposes of section 1071.

Section 1002.104 Covered Credit Transactions and Excluded Transactions

104(a) Covered Credit Transaction

ECOA section 704B(b) requires financial institutions to collect and report information regarding any application for “credit” made by women-owned, minority-owned, or small businesses. Although the term “credit” is not specifically defined in section 1071, ECOA defines “credit” as “the right granted by a creditor to a debtor to defer payment of debt or to incur debts and defer its payment or to purchase property or services and defer payment therefor.” As noted above in the section-by-section analysis of § 1002.102(d), existing Regulation B further defines “business credit” as “extensions of credit primarily for business or commercial (including agricultural) purposes,” with some exclusions. As discussed in detail below, the Bureau is proposing to require that covered financial institutions report data for all applications for transactions that meet the definition of business credit unless otherwise excluded. Proposed § 1002.104(a) would define the term “covered credit transaction” as an extension of business credit that is not an excluded transaction under proposed § 1002.104(b). Loans, lines of credit, credit cards, and MCAs (including such credit transactions for agricultural purposes and HMDA-reportable transactions) would all fall within the scope of this proposed rule, which would cover the majority of products that small businesses use to obtain financing. As such, the Bureau believes that the inclusion of these products in the Bureau's 1071 rule is important to fulfilling the purposes of section 1071. Pursuant to this approach, the Bureau notes that the products discussed below do not constitute an exhaustive list of covered credit transactions; other types of business credit not specifically described below would nevertheless constitute covered credit transactions unless excluded by proposed § 1002.104(b).

Proposed § 1002.104(b), in turn, would state that the requirements of subpart B do not apply to trade credit, public utilities credit, securities credit, and incidental credit. Associated commentary would make clear that the term “covered credit transaction” also does not cover factoring, leases, consumer-designated credit used for business purposes, or credit secured by certain investment properties.

For the reasons set forth below, the Bureau is proposing § 1002.104 pursuant to its authority under ECOA section 704B(g)(1) to prescribe such rules and issue such guidance as may be necessary to carry out, enforce, and compile data under section 1071.

In the SBREFA Outline, the Bureau stated that it was considering proposing that a covered product under section 1071 is one that meets the definition of “credit” under ECOA and is not otherwise excluded from collection and reporting requirements. Specifically, the Bureau stated that it was considering proposing that covered products under section 1071 would include term loans, lines of credit, and credit cards. The Bureau stated that term loans, lines of credit, and credit cards meet the definition of “credit” under ECOA and these products collectively make up the majority of business financing products used by small businesses and are an essential source of financing for such businesses. The Bureau also proffered in the SBREFA Outline that the inclusion of these products in the Bureau's 1071 rule is important to fulfilling the purposes of section 1071. The Bureau also stated in SBREFA Outline that it was considering proposing that the following products not be covered by the 1071 rule: consumer credit used for business purposes; leases; trade credit; factoring; and MCAs.

SERs and other stakeholders providing feedback on the SBREFA Outline generally supported the Bureau's proposal under consideration to include term loans, lines of credit, and credit cards as covered products under section 1071. Many stakeholders (including roughly half the SERs) urged the Bureau to pursue expansive product coverage in order to adequately capture small businesses' experiences with obtaining financing, especially for women-owned and minority-owned small businesses. Many SERs and other stakeholders advocated for including MCAs within the scope of the eventual 1071 rule; some SERs and stakeholders also advocated for including factoring, and in some cases leases as well, in order to capture the full landscape of small business financing. Multiple stakeholders expressed concern that the exclusions under consideration for certain products ( e.g., MCAs) would disproportionately burden traditional lenders who do not offer such products.

As discussed below, the Bureau proposes that the 1071 rule cover loans, lines of credit, credit cards, and MCAs. The Bureau also explains below that “covered credit transaction” would encompass agricultural-purpose credit and HMDA-reportable transactions.

Loans, lines of credit, and credit cards. As noted above, stakeholders generally presume and support the coverage of loans, lines of credit, and credit cards. These products are commonly offered to small business applicants (making up almost 60 percent of the aggregate dollar volume of various financial products used by small businesses). The Bureau is not proposing definitions for loans, lines of credit, and credit cards because the Bureau believes these products are generally and adequately covered by the proposed definition of “credit” in proposed § 1002.102(i).

The Bureau seeks comment on its proposed approach to covered credit transactions and particularly on whether it should define loans, lines of credit, and credit cards, and, if so, how.

Merchant cash advances. MCAs are a form of financing for small businesses that purport to be structured as a sale of potential future income. MCAs vary in form and substance, but under a typical MCA, a merchant receives a cash advance and promises to repay it plus some additional amount or multiple of the amount advanced ( e.g., 1.2 or 1.5, the “payback” or “factor” “rate”). The merchant promises to repay by either pledging a percentage of its future revenue, such as its daily credit and debit card receipts (the “holdback percentage”), or agreeing to pay a fixed daily withdrawal amount to the MCA provider until the agreed upon payment amount is satisfied. MCA contracts often provide for repayment directly through the merchant's card processor and/or via ACH withdrawals from the merchant's bank account. MCAs constitute the primary product under an umbrella that the Bureau refers to as “sales-based financing”; generally, transactions wherein a financial institution extends funds to a business and repayment is based on the business's anticipated sales, revenue, or invoices.

The Bureau understands that the MCA market is generally dominated by nondepository lenders not subject to Federal safety and soundness supervision or reporting requirements. The Bureau also understands that MCA providers may not be required to obtain State lending licenses. As a result, information on MCA lending volume and practices is limited. The Bureau notes, however, that California recently enacted a law that brings providers of commercial financing options, including factoring and MCAs, into the California Financing Law (CFL), which will impose disclosure requirements. New York also enacted a law that would impose similar disclosure requirements upon certain New York commercial financing providers, including MCA providers.

Although the Bureau's 2017 White Paper estimated the MCA market constituted less than 1 percent of the aggregate dollar volume of various financial products used by small businesses in the U.S. in 2014, the Bureau finds that more recent evidence suggests the industry may now be much larger. For example, the 2020 Federal Reserve Banks' survey of firms with 1-499 employees (“employer firms”) found that 8 percent of such businesses applied for and regularly used MCAs. Moreover, on August 18, 2019, the trade website deBanked reported that according to an investment bank's projections, “the MCA industry will have more than doubled its small business funding to $19.2 billion by year-end 2019, up from $8.6 billion in 2014.”

Based on stakeholder feedback and available data, the Bureau understands that MCAs are often used by merchants due to the speed and ease with which they can be obtained, particularly for merchants unable to obtain financing from more traditional sources. According to the 2020 Federal Reserve Banks' report regarding firms owned by people of color (both small employer firms and non-employer firms), Black-owned firms, Hispanic-owned firms, and Asian-owned firms were more likely to have applied for MCAs (14 percent, 10 percent, and 10 percent respectively) than white-owned firms (7 percent). The Bureau believes that this report supports stakeholders' assertions that minority-owned businesses are more likely to use MCAs.

The Bureau believes that the higher frequency of MCA use among minority-owned businesses coupled with reports of problematic provider practices lends credence to many stakeholders' claims that MCAs may raise fair lending concerns. The FTC released a Staff Perspective in February 2020 discussing its concerns with the MCA industry and noting the industry's tendency to “cater to higher-risk businesses or owners with low credit scores—typically offering them higher-cost products.” The FTC has also filed enforcement actions against MCA providers and their principals, in one case alleging that they misrepresented the terms of MCAs that they provided, and then used “unfair collection practices, including sometimes threatening physical violence, to compel consumers to pay.” The FTC recently obtained a settlement that requires an MCA provider to pay more than $9.8 million to settle charges that it took money from businesses' bank accounts without permission and deceived them about the amount of financing business owners would receive and other features of its financing products. Moreover, the Bureau understands that the default rate amongst small businesses that use MCAs is relatively high—5 to 15 percent according to one estimate (compared with a 2 percent default rate on SBA loans). The Bureau believes this high default rate may be explained by the fact that the typical MCA holdback percentage—10 to 20 percent of gross receipts or revenues—may be onerous for already cash-strapped small businesses. The Bureau also understands that it is not uncommon for small businesses that use MCAs to obtain new MCAs from other MCA providers (more than a quarter of such businesses, by one account); they also may use one MCA to pay off another. Firms that take on added debt loads in this way (a process known as “stacking”) “may not fully recognize the costs involved, which could potentially jeopardize the financial health of their businesses.”

As small businesses struggle with the COVID-19 pandemic, the Bureau is seeing more reports of MCA providers employing aggressive collection practices, such as “pursuing legal claims against owners that freeze their bank accounts and . . . pressing their family members, neighbors, insurers, distributors—even their customers.” Given the fact that 84 percent of the credit applicants surveyed by the Federal Reserve Banks were approved for an MCA and the fact that it appears significantly more difficult to obtain credit as a “high credit risk” applicant during the COVID-19 pandemic, the Bureau believes that vulnerable small businesses are increasingly seeking MCAs to support their pandemic recovery.

In its SBREFA Outline, the Bureau stated that it was considering proposing that MCAs not be a covered product under section 1071 since including them may add additional complexity or reporting burden given the unique structure of the transactions.

During and following the SBREFA Panel meetings, many SERs advocated for including MCAs within the scope of the 1071 rule due, in part, to their widespread use by small businesses in the same way as traditional loans. In response to the SBREFA Outline, many other stakeholders, including community groups and industry representatives, urged the inclusion of MCAs for one or more of the following reasons:

• MCAs are widely used by small businesses and have a rapidly growing market share.
• MCAs are often advertised as loans even though MCA providers have been strongly opposed to labeling their products as loans.
• The complexity of MCAs is not a good reason to exclude them from coverage.
• Minority-owned small businesses disproportionately use MCAs.
• Excluding the largely unregulated MCA industry would create unequal regulatory burdens for entities that may compete for the same small business clients.
• MCAs should be considered “credit” for the purposes of section 1071.
• Small businesses do not distinguish these products from other forms of financing.
• Some MCA providers engage in harmful practices and should be subject to oversight.

The Bureau observes that, throughout the development of the 1071 rule, MCAs have been the focus of significant attention and a unique source of near-consensus among a diverse array of stakeholders—almost all of whom advocated for covering MCAs in the 1071 rule. The only commenters that have supported the exclusion of MCAs from the 1071 rule were MCA providers or trade associations representing MCA providers. These stakeholders argue that MCAs do not meet the definition of credit under ECOA or State law and are instead much like traditional factoring arrangements, which are generally understood not to be credit.

Potential coverage of MCAs under the 1071 rule has also drawn the attention of government entities seeking to regulate the industry. For example, in response to the SBREFA Outline, the California Department of Financial Protection and Innovation submitted a comment letter stating that “nearly all the data points would be just as easy for an MCA company to report as any other financial institution.” In addition, FTC staff submitted a comment letter in response to the Bureau's Request for Information on the Equal Credit Opportunity Act and Regulation B noting that the FTC has brought many actions protecting small businesses but that detecting illegal conduct in this space can be challenging, particularly with regard to MCAs. The FTC comment letter urges the Bureau to remind small business lenders that whether a particular law applies depends on actual facts and circumstances and not solely on how one party chooses to characterize the transaction. FTC staff also recommends the Bureau help small businesses through data collection, collecting complaints, and education.

Upon further consideration and in light of stakeholder feedback provided during the SBREFA process, the Bureau is proposing to cover MCAs as reportable under 1071. The Bureau believes that the statutory term “credit” in ECOA is ambiguous as to whether it covers sales-based financing products like MCAs, and existing Regulation B offers no further clarity except to note in commentary that factoring, as “a purchase of accounts receivable,” is not covered by ECOA or Regulation B. Based on its review of typical MCA arrangements and its expertise with respect to the nature of credit transactions, the Bureau believes that the better reading of the term “credit” is that it encompasses MCAs and other types of sales-based financing. As noted above, ECOA defines “credit” to mean “the right granted by a creditor to a debtor to defer payment of debt or to incur debts and defer its payment or to purchase property or services and defer payment therefor.” The Bureau is thus not proposing to specifically define MCAs or other sales-based financing in the 1071 rule because the Bureau believes these products are covered by the proposed definition of “credit” in § 1002.102(i). Nor does the Bureau believe that MCAs should be excluded from the rule as a species of factoring (as defined in proposed comment 104(a)-2), because MCAs are not based on accounts receivable from “goods that the recipient has supplied or services that the recipient has rendered.”

As an initial matter, the Bureau believes that MCAs do not constitute factoring within the meaning of the existing commentary to Regulation B or the definition in proposed comment 104(b)-1, discussed in greater detail below. In factoring transactions, entities receiving financing sell their legal right to payment from a third party for goods supplied or services rendered, and that right exists at the time of the transaction itself; the provider of funds seeks payment directly from the third party, and the transaction between the recipient and the provider of funds is complete at the time of the sale. In other words, the recipient of the financing has no remaining payment obligation, meaning that no payment is deferred. In contrast, at the time of the advance in an MCA, the recipient of the financing has no existing rights to payment that it can transfer. The transaction thus constitutes only a promise by the “seller” to transfer funds to the “buyer” once they materialize at a later date. The Bureau believes that the ECOA definition of credit, by referring to the right to “defer” payments, necessarily invokes this temporal consideration.

Furthermore, the Bureau interprets ECOA's definition of credit as making dispositive whether one party has granted another the right to repay at some time subsequent to the initial transaction, without consideration of factors such as the existence of recourse or analysis of who bears the risk of loss. MCA providers grant such a right: They advance funds to small businesses and grant them the right to defer repayment by allowing them to repay over time. Additionally, as a practical matter, the Bureau understands that MCAs are underwritten and function like a typical loan ( i.e., underwriting of the recipient of the funds; repayment that functionally comes from the recipient's own accounts rather than from a third party; repayment of the advance itself plus additional amounts akin to interest; and, at least for some subset of MCAs, repayment in regular intervals over a predictable period of time).

Finally, the Bureau believes that the inclusion of MCAs in the Bureau's 1071 rule is important to fulfilling both the fair lending and the business and community development purposes of section 1071. The Bureau also believes that including MCAs would create a more level playing field across financial institutions that provide cash flow financing to small businesses as well as create a data set that better reflects demand for such financing by the smallest and most vulnerable businesses.

The Bureau seeks comment on its proposed approach to covered credit transactions, and in particular, on whether it should define MCAs and/or other sales-based financing transactions, and if so, how.

Agricultural-purpose credit. In the SBREFA Outline, the Bureau did not expressly address credit used for agricultural purposes, although such credit is generally covered by the broad definition of credit under ECOA and agricultural businesses are included in section 1071's definition of small business. Based on questions from SERs about the Bureau's intended approach, however, the SBREFA Panel recommended that the Bureau address in the proposed rule whether it intends to cover agricultural loans in the eventual 1071 rule. Moreover, in a July 2019 report, the U.S. Government Accountability Office (GAO) discussed its finding that information on the amount and types of agricultural credit to socially disadvantaged farmers and ranchers (SDFRs) is limited, and suggested that the 1071 rulemaking may be a way to engage in “additional data collection and reporting for nonmortgage loans.”

According to the 2017 Census of Agriculture, there are about 3.4 million farmers and ranchers (“producers”) working on 2 million farming and ranching operations (“farms”) in the United States. The U.S. Department of Agriculture (USDA) Economic Research Service found that family farms (where the majority of the business is owned by the operator and individuals related to the operator) of various types together accounted for nearly 98 percent of U.S. farms in 2019. Small family farms (less than $350,000 in gross cash farm income (GCFI)) accounted for 90 percent of all U.S. farms and large-scale family farms ($1 million or more in GCFI) make up about 3 percent of farms but 44 percent of the value of production.

According to the 2019 Annual Report of the Farm Credit Administration, most agricultural lending (approximately 83 percent) is done by either commercial banks or the Farm Credit System (FCS), a network of government-sponsored entities (GSEs) regulated by the Farm Credit Administration, an independent government agency. The USDA's Farm Service Agency accounts for a small share (3 percent) of agricultural credit through direct loans and guarantees of loans made by private lenders.

The GAO found that, using 2015-2017 USDA survey data, SDFRs represented an estimated 17 percent of primary producers in the survey, but accounted for only an estimated 8 percent of total outstanding agricultural debt. Loans to purchase agricultural real estate accounted for most of SDFRs' outstanding debt (67 percent). Farms with minority or women primary producers are, on average, smaller and bring in less revenue than farms with a non-SDFR primary producer ( i.e., a white male)—while SDFRs represented 30 percent of all farms, they operated 21 percent of total farm land and accounted for 13 percent of the market value of agricultural products sold in 2017.

The share of minority representation in farming, particularly that of Black farmers, has declined sharply over the last 100 years. The number of female producers has increased significantly over the last 100 years but remains relatively small compared to male farm producers. Based on the disposition of numerous lawsuits alleging discrimination against minority farmers, the Bureau believes that credit discrimination may play a role in this decline. The GAO cites SDFR advocacy groups, which have said some SDFRs face actual or perceived unfair treatment in lending or may be dissuaded from applying for credit because of past instances of alleged discrimination. In addition, the GAO cites SDFR advocacy groups, lending industry representatives, and Federal officials in stating that SDFRs are more likely to operate smaller, lower-revenue farms, have weaker credit histories, or lack clear title to their agricultural land, which can make it difficult for them to qualify for loans. The Bureau understands that determining the “creditworthiness” of a farmer is often a judgmental process in which lending decisions are de-centralized and involve weighing many discretionary factors, the Bureau believes that there are heightened fair lending risks in agricultural lending.

In light of the above, the Bureau believes that covering agricultural credit in its 1071 rule is important for both of section 1071's statutory purposes, and is not proposing to define covered credit in a way that would exclude agricultural credit from the rule. The Bureau seeks comment on the potential costs and complexities associated with covering such credit.

HMDA-reportable transactions. By adopting Regulation C's definition of dwelling and its commentary regarding investment properties, the Bureau seeks to ensure consistency and minimize compliance burdens for financial institutions that must also report credit transactions covered by HMDA (that is, HMDA-reportable transactions). Based on Bureau calculations using the 2019 HMDA data, the Bureau found that close to 2,000 lenders and around 530,000 applications indicated a “business or commercial purpose” and around 500,000 applications were used for an “investment” (as defined by the occupancy code) purpose. Of those applications, around 50,000 were for 5+ unit properties. The overall number of applications the Bureau expects to be reported annually under the proposed rule is around 26 million. Thus, the Bureau anticipates a relatively small but not insignificant overlap regarding real estate investment loans between HMDA and 1071.

The Bureau has considered excluding all transactions that were also reportable under HMDA, but believes such an exclusion would add complexity to data analysis. The Bureau understands that requiring lenders to find and delete from databases that supply their 1071 submission only those transactions that also appear in HMDA may require a separate scrub of the data and create additional compliance burden, as well as compliance risk if HMDA-reportable transactions are not deleted from a 1071 submission. For example, if the Bureau were to exclude HMDA reportable transactions from 1071 and a small business wants to purchase a 5+ dwelling unit property (that the financial institution would need to know is HMDA reportable), the financial institution would have to make sure it is not collecting protected demographic information on principal owners, even though that information must be collected for every other type of loan that same business might apply for. The Bureau also believes that it may not be possible to identify loans in the HMDA data that, but for this exclusion, would be reported under 1071 because the financial institution would need to know which HMDA applications are for small businesses versus large businesses. Moreover, excluding HMDA-reportable applications could mean that a financial institution that is below the HMDA reporting threshold would not report these loans at all.

Further, in addition to not being able to distinguish which applications are from small and not large businesses, the Bureau believes that excluding all transactions that were also reportable under HMDA may be at odds with the statutory purposes of section 1071. The following information will not be collected for applications only reported under HMDA: (1) The principal owner's race, sex, or ethnicity where the applicant is not a natural person; (2) minority-owned and women-owned business status; (3) gross annual revenue; and (4) other 1071 data points such as pricing, NAICS code, and number of workers. The Bureau is concerned that not collecting this information would run contrary to section 1071's fair lending and business and community development purposes.

For applications that would be reported under both HMDA and 1071 (generally, business credit secured by dwellings, with the exception of credit secured by 1-4 individual dwelling units that the applicant or one or more of the applicant's principal owners does not, or will not, occupy), the Bureau seeks comment on whether it should require such applications to be flagged as such when reported under subpart B. The Bureau believes that for data integrity and analysis purposes, it may be helpful to know if a loan is in both datasets and a dual reporting flag may help ensure any data analysis is not double-counting certain applications.

104(b) Excluded Transactions

Proposed § 1002.104(b) would provide that the requirements of subpart B do not apply to trade credit, public utilities credit, securities credit, and incidental credit. Proposed comments 104(b)-1 and -2 would make clear that the term covered credit transaction also does not cover factoring and leases. The proposed treatment of each of these types of transactions is discussed in detail below. Proposed comments 104(b)-3 and -4 would clarify that the term covered credit transaction does not include consumer-designated credit or credit secured by certain investment properties because, as discussed in detail below, such transactions are not business credit. The Bureau also discusses its proposed treatment of extensions of credit made to governments or governmental subdivisions, agencies, or instrumentalities and certain purchases of covered credit transactions. Finally, the Bureau discusses its proposed exclusions for trade credit, public utilities credit, securities credit, and incidental credit.

The Bureau seeks comment on whether it should permit financial institutions to voluntarily collect applicants' protected demographic information (that is, the applicant's minority-owned business status and women-owned business status, and the ethnicity, race, and sex of the applicant's principal owners) for applications for some or all of the types of transactions that the Bureau is proposing not to cover, and to report those applications to the Bureau pursuant to proposed § 1002.109.

Factoring. In traditional factoring arrangements, a business in need of financing sells all or a portion of its accounts receivable (existing but unpaid invoices) to another business, known as a “factor.” The factor then receives payments on the accounts receivable from the business's debtors or customers directly, and not from the business that had entered into the factoring transaction. If the business has sold only a portion of its invoices, then once the account debtors pay their invoices to the factor, the factor remits the remainder of the balance to the business after deducting a fee (specifically, a discount applied to the sold accounts receivable usually stated on a percentage basis).

The Bureau understands that like the market for MCAs, the factoring market is generally dominated by nondepository lenders not subject to Federal safety and soundness supervision or reporting requirements. The Bureau also understands that generally, factors may not be required to obtain State lending licenses. As a result, information on factoring volume and practices is limited. The Bureau notes, however, that the California and New York disclosure laws mentioned above cover factoring.

The Bureau's 2017 White Paper estimated the factoring market as constituting around 8 percent of the number of accounts used by small businesses in the U.S. in 2014. Based on more recent evidence, the Bureau believes the industry has not significantly grown. For example, the 2017 and 2020 Federal Reserve Banks' surveys of firms with 1-499 employees (“employer firms”) found that 4 percent of such businesses applied for and regularly used factoring. In the 2020 Small Business Credit Survey of Employer Firms, this figure dropped to 3 percent of employer firms.

In the SBREFA Outline, the Bureau stated that it was considering excluding factoring from coverage under the 1071 rule. As a general matter, the Bureau received fewer comments from stakeholders regarding factoring compared to some other products, though some SERs did advocate for including factoring. Moreover, several stakeholders (representing both community group and industry perspectives) argued that factoring should be covered under section 1071: First, factoring is widely used by small businesses, particularly very small businesses, who are more likely to face heightened challenges accessing business credit; second, both New York and California have passed disclosure laws covering factoring and exclusion would potentially lead to a regulatory advantage for lenders offering higher-cost, less-transparent credit products.

A community group commenter stated that the Bureau should require the reporting of these agreements regardless of whether there is a credit agreement incident to the factoring agreement under Regulation B (this concept is discussed in more detail below). A few commenters that supported the proposed exclusion under consideration of factoring did so on the basis that factoring is not “credit” under ECOA. Commenters did not raise fair lending concerns or concerns about predatory practices related to factoring.

An existing comment in Regulation B (comment 9(a)(3)-3) provides that “[f]actoring refers to a purchase of accounts receivable, and thus is not subject to [ECOA or Regulation B].” Existing Regulation B does not offer a definition for “accounts receivable.” However, if there is a “credit extension incident to the factoring arrangement,” Regulation B's notification rules apply, as do other relevant sections of ECOA and Regulation B. The Bureau understands that the Board's treatment of credit extensions incident to factoring arrangements—as a type of credit but one entitled to exemptions from certain requirements—was motivated by its reading of congressional intent related to the Women's Business Ownership Act of 1988, which amended ECOA to extend notification and record retention requirements to business credit. In its proposed rule on this issue, the Board explained that it was treating credit extensions incident to factoring arrangements differently from other forms of business credit based on “evidence of congressional intent that the amendments should not apply to . . . certain types of business credit (such as applications for trade credit and credit incident to factoring arrangements).” Based on the Bureau's work to date and conversations with industry stakeholders, the Bureau understands that purported factoring arrangements may take various forms, including longer-term or revolving transactions that appear to have credit or credit-like features, and the Bureau believes that a subset of such arrangements may constitute credit incident to the factoring arrangement, particularly if they involve goods or services that have not been supplied or rendered.

The Bureau is proposing to not cover factoring under the 1071 rule. Modeled on the definitions set forth in the New York and California commercial financing disclosure laws, proposed comment 104(b)-1 would provide that factoring is an accounts receivable purchase transaction between businesses that includes an agreement to purchase, transfer, or sell a legally enforceable claim for payment for goods that the recipient has supplied or services that the recipient has rendered but for which payment has not yet been made. Proposed comment 104(b)-1 would also clarify that an extension of business credit incident to a factoring arrangement is a covered credit transaction and that a financial institution shall report such a transaction as an “Other sales-based financing transaction” under proposed § 1002.107(a)(5).

The Bureau believes that, as discussed with respect to MCAs above, a traditional factoring agreement, as described in proposed comment 104(b)-1, is not credit under ECOA because the provider of the funds does not grant the recipient the right to defer payment. Instead, the provider of funds seeks payment directly from a third party, and the transaction between the recipient and the provider of funds is complete at the time of the sale. The Bureau also believes that treating factoring as credit under the 1071 rule could create inconsistencies and compliance concerns related to existing Regulation B, which currently states that factoring (as a purchase of accounts receivable) is not subject to ECOA. Moreover, while a few commenters did suggest covering factoring as part of a broader effort to adequately capture small businesses' experiences with obtaining financing, the Bureau notes that commenters did not raise particular fair lending concerns related to factoring. The Bureau is proposing a more detailed description of what constitutes factoring in proposed comment 104(b)-1 because it is concerned that the existing Regulation B commentary regarding factoring may not provide sufficient clarity for purposes of collecting and reporting data under section 1071 as it does not offer a definition for “accounts receivable.” Proposed comment 104(b)-1 would state that it is not intended to repeal, abrogate, annul, impair, or interfere with any existing interpretations, orders, agreements, ordinances, rules, or regulations adopted or issued pursuant to existing comment 9(a)(3)-3.

The Bureau seeks comment on its proposed approach to factoring. The Bureau also seeks comment on how the subset of purported factoring arrangements that may in fact be credit ( i.e., those that are revolving in nature or that cover anticipated receivables) should be reported under the 1071 rule. Specifically, the Bureau seeks comment on whether such arrangements should be reported as credit extensions incident to factoring (and thus reported “other sales-based financing”) or as MCAs.

Leases. A leasing transaction generally refers to an agreement in which a lessor transfers the right of possession and use of a good or asset to a lessee in return for consideration. Under a “true” or “operating” lease, a lessee (the user) makes regular payments to a lessor (the owner) in exchange for the right to use an asset (such as equipment, buildings, motor vehicles, etc.).

Leases are not expressly addressed in ECOA or Regulation B. The Bureau has never opined on whether ECOA and Regulation B apply to leases, and the Board made only one statement about the applicability of ECOA and Regulation B to leases, in the preamble to a final rule under ECOA. In that 1985 statement, the Board responded to the Ninth Circuit's opinion in Brothers v. First Leasing, which concluded that consumer leasing falls under ECOA. The Board stated that it believes that “Congress did not intend the ECOA, which on its face applies only to credit transactions, to cover lease transactions unless the transaction results in a `credit sale' as defined in the Truth in Lending Act and Regulation Z.” The Board then noted that it would continue to monitor leasing transactions and take further action as appropriate. The Bureau is unaware of any such further actions taken by the Board.

The Bureau understands that many financial institutions (such as equipment finance companies) offer both loans and leases to their small business customers and some financial institutions comply with Regulation B for their leases as well as their loans as a matter of course. Lessor stakeholders have told Bureau staff that from their perspective, as well as that of their customers, loans and leases are indistinguishable. The Bureau understands that this is particularly true of “financial” or “capital” leases, as defined under article 2A of the UCC, which closely resemble (and according to some stakeholders, in some cases are indistinguishable from) term loans. The Bureau understands that financial leases are treated like assets on buyers' balance sheets, whereas operating leases are treated as expenses that remain off the balance sheet. The Bureau understands that the ownership characteristics of a financial lease also resemble those of a loan—the financial lease term is the substantial economic life of the asset (as evidenced by a one dollar purchase option at the end of the lease term and/or lack of residual financial obligations at the end of the lease term) and the lessee claims both interest and depreciation on their taxes. The Bureau understands that for some financial institutions, reporting loans but not leases may require added cost and effort to separate them in databases. The Bureau also understands that because depository institutions currently report both loan and lease activity to other regulators in their Call Reports, they may prefer to maintain a consistent approach for section 1071.

In its SBREFA Outline, the Bureau stated that it was considering proposing that leases not be a covered product under section 1071 unless the product is a credit sale. The Bureau stated that for purposes of section 1071, it was considering proposing a definition of “credit sale” similar to the Regulation Z definition of that term as a transaction in which the lessor is a creditor and the lessee (i) agrees to pay as compensation for use a sum substantially equivalent to, or in excess of, the total value of the property and services involved; and (ii) will become (or has the option to become), for no additional consideration or for nominal consideration, the owner of the property upon compliance with the agreement.

In response to the SBREFA Outline, several stakeholders argued that leases should be covered in an eventual 1071 rule, one noting that leasing products make up 13 percent of the small business financing market share in dollar terms. A few other stakeholders stated that leases should not be covered. For example, a trade association stated that (1) given the unique structure of the transactions, including leases would add unnecessary, additional complexity and reporting burdens, and that (2) unlike credit, in a lease, the lessee does not have an ownership interest in the leased property and that this difference could lead to data integrity issues.

The Bureau is proposing to not cover leases under the 1071 rule. Drawing from the UCC definition of “lease,” which was adopted by the New York and California commercial financing disclosure laws, proposed comment 104(b)-2 would provide that the term covered credit transaction does not cover leases, and that a lease, for purposes of proposed subpart B, is a transfer from one business to another of the right to possession and use of goods for a term, and for primarily business or commercial (including agricultural) purposes, in return for consideration. It would further state that a lease does not include a sale, including a sale on approval or a sale or return, or a transaction resulting in the retention or creation of a security interest.

The Bureau considered several other approaches to covering leasing, including referring to Regulation Z's definition of “credit sale.” The Bureau understands that financial institutions focused on offering leases and loans for business purposes are generally not familiar with the Regulation Z definition of “credit sale,” given that Regulation Z applies only to consumer credit. The Bureau thus believes that referring to the Regulation Z definition of “credit sale” could create confusion and would not align with current industry practices. The Bureau understands that such financial institutions offering leases primarily for business or commercial (including agricultural) purposes are more accustomed to applying the UCC definitions of “lease” and “finance lease,” and/or the generally accepted accounting principles (GAAP) rules issued by the Financial Accounting Standards Board (FASB) governing “operating,” “capital,” and “finance” leases. The Bureau believes that drawing from the UCC definition of lease will lead to more consistency with financial institutions' current practices. Nearly all U.S. jurisdictions have adopted Article 2A of the UCC, and the Bureau understands that virtually every form of lease used by major leasing companies provides that it is governed by the laws of one of the jurisdictions that has adopted Article 2A.

Based on its review of business-purpose leases and its expertise with respect to the meaning of “credit,” the Bureau believes that the better reading of the term “credit” is that it does not encompass such leases. In the business-purpose context, the Bureau understands that in a true lease, the lessor retains title and will receive the property back after the conclusion of the lease term, without any expectation by either party that, for example, ownership of the property will be transferred or that payments made pursuant to the lease agreement constitute anything other than payments in exchange for the temporary use of the property. As a result, the Bureau does not believe that in the business-purpose context a true lease transaction involves the right to incur debt and defer its payment, defer payment of a debt, or defer payment for goods or services.

The Bureau is aware that there are other types of leases with characteristics that bear some resemblance to forms of credit like credit sales, such as a contemplated transfer of ownership at the end of the lease term. The Bureau is not proposing at this time to parse whether different types of leases might constitute “credit” but notes that proposed comment 104(b)-2's definition of lease would not include a sale, including a sale on approval or a sale or return, or a transaction resulting in the retention or creation of a security interest. The Bureau seeks comment on whether there are types of leases, or leases with certain characteristics, that should be excluded from proposed comment 104(b)-2 and thus treated as reportable under 1071. Based on the practical difficulty cited by some stakeholders of distinguishing leases from loans, the Bureau also seeks comment on whether financial institutions should be permitted to voluntarily report lease transactions.

Consumer-designated credit. In the SBREFA Outline, the Bureau stated that it was considering proposing that the 1071 rule not cover products designated by the creditor as consumer purpose products. In response, several SERs asserted that consumer-designated credit is often an important source of financing for small businesses (particularly for women-owned and minority-owned small businesses, and sole proprietorships), and ideally should be included within the scope of the eventual 1071 rule. One SER stated that consumer-designated credit used for business purposes should be included in an eventual 1071 rule if trends show increasing usage. However, these SERs acknowledged the potential complexity and burden of trying to identify the intended use of consumer-designated credit, such as whether a consumer's home equity line of credit will be used for a business purpose.

Several SERs supported excluding consumer-designated credit. One SER asserted that including consumer credit would not support the purposes of section 1071. Another SER stated that including consumer-designated credit used for business purposes would double their cost of complying with an eventual 1071 rule. The SBREFA Panel recommended that the Bureau continue to explore the potential costs to financial institutions associated with reporting consumer-designated credit used for business purposes in the 1071 rule as well as the implications of including such credit in a small business lending data set. The Panel also recommended that the Bureau seek comment in the proposed rule on how best to define consumer-designated credit in the event the Bureau determines that an exclusion for such products is appropriate.

Many non-SER stakeholders supported the proposed exclusion under consideration of consumer-designated credit from section 1071 for one or more of the following reasons: First, that financial institutions should be able to rely on the applicant's stated purpose for the use of funds and institutions would not know, nor should they be expected to know, if a borrower instead starts or invests in a business using the proceeds of a personal loan. Second, that this approach would greatly simplify the regulatory effort necessary to define and identify business uses of consumer products. Third, that inclusion of consumer credit could vastly expand the scope of the data collected beyond usefulness and also greatly increase the costs of compliance.

One credit union trade association stakeholder stated that the Bureau should adopt a clearer definition of consumer-designated credit and that it should clarify that it will not challenge a credit union's judgment when designating a consumer or business purpose for credit.

The Bureau is proposing that the 1071 rule not cover products designated by the creditor as consumer purpose products (consumer-designated credit). Proposed comment 104(b)-3 would make clear that the term covered credit transaction does not include consumer-designated credit used for business purposes, because such transactions are not business credit. Proposed comment 104(b)-3 would provide that a transaction qualifies as consumer-designated credit if the financial institution offers or extends the credit primarily for personal, family, or household purposes. For example, an open-end credit account used for both personal and business purposes is not business credit for the purpose of proposed subpart B unless the financial institution designated or intended for the primary purpose of the account to be business-related.

The Bureau understands that some small business owners may use consumer-designated credit in order to finance their small businesses—such as taking out a home equity line of credit or charging business expenses on their personal credit cards. Nonetheless, the Bureau believes it is appropriate to interpret section 1071 as not applying to this type of credit. Most notably, ECOA section 704B(b) directs financial institutions to collect data in the case of an application “ for credit for women-owned, minority-owned, or small business ” (emphasis added). The statute thus applies only to applications for credit for a business; at the time of an application for consumer-designated credit, however, the application is not for a business. Several policy reasons also support this approach. First, the Bureau is concerned about financial institutions' ability to consistently identify when consumer-designated credit is being used for business purposes. Inconsistent reporting across financial institutions could lead to data quality concerns. Credit sought by consumers for both personal and business purposes could be particularly difficult to separate into reportable and non-reportable portions. The Bureau believes the proposal to define business credit to exclude consumer-designated credit will simplify compliance by obviating the need for financial institutions to identify and distinguish business uses of consumer-purpose credit products. Second, not including consumer-designated credit used for business purposes within the scope of this rulemaking would make it clear that the applications reported will all be seeking credit to use for business purposes, which supports 1071's directive to collect and report data in the case of an application for credit for a business. Third, not covering consumer-designated credit used for business purposes would provide certainty to financial institutions that offer only consumer-designated credit that they would not be subject to this proposal's data collection and reporting requirements.

As recommended by the SBREFA Panel, the Bureau seeks comment on this proposed interpretation, including how the Bureau has defined the scope of consumer-designated credit. The Bureau also seeks comment on whether it should permit financial institutions to voluntarily report consumer-designated credit when they have reason to believe the credit might be used for business purposes.

Credit secured by certain investment properties. In the SBREFA Outline, the Bureau did not expressly discuss treatment of real estate-secured loans used for investment purposes. Based on questions from SERs about the Bureau's intended approach, however, the SBREFA Panel recommended that the Bureau address in the proposed rule whether it intends to cover real estate-secured investment loans in the 1071 rule. One SER had asked that the Bureau clarify whether loans covering 1-4 family properties used for investment purposes are business loans under section 1071, and several SERs recommended that the Bureau cover real estate investment loans (for both non-owner occupied residential property and commercial property) under section 1071. Several other SERs sought to distinguish certain types of real estate investment loans; one SER remarked, for example, that owning a single non-owner occupied residential property as an investment may be more of a “hobby” but owning multiple properties could be considered a business.

A number of other stakeholders suggested that the Bureau should exclude at least some real estate investment loans under section 1071. A few stakeholders stated that the Bureau should consider an exemption for loans that are reported under another regulatory framework, such as HMDA and/or CRA because the effort of collecting and reporting information regarding such real estate loans would not be worth the added burden given the availability of alternative data sources. A few stakeholders argued that Congress did not intend to include real estate investment loans within the scope of section 1071. One such stakeholder stated that this intention is evident because many of the proposed loan purpose categories reflect a desire to collect data regarding credit offered to businesses which offer a product or service. One stakeholder seeking exclusion of certain real estate loans explained that most commercial real estate loans are made to borrowers as investments and not for operating their business. A few stakeholders suggested that the Bureau should only treat as reportable loans secured by owner-occupied commercial real estate where the primary source of repayment is the cash flow from the ongoing business operations. One stakeholder noted that because commercial real estate loans made to investors are typically made to business entities with complex ownership structures, their inclusion under 1071 would create additional hurdles for lenders seeking to determine the principal owners.

Based on this feedback as well as its general knowledge regarding both consumer and commercial real estate lending, the Bureau understands that many financial institutions use their consumer mortgage lending channels to process credit applications secured by 1-4 family residential property and used for investment purposes, while applications for credit secured by 5+ unit multifamily properties or rental portfolio loans secured by more than four 1-4 unit residential properties are generally processed through commercial mortgage lending channels. The Bureau also understands that loans made through consumer mortgage lending channels are often made pursuant to the guidelines of Fannie Mae, Freddie Mac, the Federal Housing Administration (FHA), and the Department of Veterans Affairs (VA), and are likely already reported under HMDA.

In light of the feedback received and the Panel's recommendation, the Bureau is proposing that the 1071 rule not cover credit secured by certain investment properties, because such credit may not always be primarily for business or commercial purposes. Specifically, proposed comment 104(b)-4 would explain that a covered credit transaction does not include an extension of credit that is secured by 1-4 individual dwelling units that the applicant or one or more of the applicant's principal owners does not, or will not, occupy. The Bureau is not proposing to exclude credit secured by owner-occupied dwellings; for example, those secured by a dwelling occupied by a business's sole proprietor/principal owner. The Bureau is thus proposing to exclude real estate investment loans only in certain limited circumstances (such as when credit is secured by non-owner occupied 1-4 dwelling units and not 5+ dwelling units). As discussed above in the section-by-section analysis of proposed § 1002.102(j), the Bureau is proposing to define “dwelling” to have the same meaning as Regulation C § 1003.2(f). Similarly, proposed comment 104(b)-4, which would address what does and does not constitute an investment property, is modeled on Regulation C's comment 4(a)(6)-4.

The Bureau is proposing a definition of “covered credit transaction” that does not cover certain real estate investment loans in the scope of a “covered credit transaction” pursuant to its authority under ECOA section 704B(g)(1) to prescribe such rules and issue such guidance as may be necessary to carry out, enforce, and compile data under section 1071. The Bureau believes that its exclusion of credit secured by certain investment properties will better capture lending to true small businesses (as opposed to consumers seeking to diversify their investments) and will also better align with financial institution lending practices. The Bureau understands that it may not always be easy for financial institutions to distinguish between business-purpose real estate investment loans and consumer-purpose real estate investment loans; however, covering all such loans would likely include some percentage of consumer-purpose loans in the 1071 rule, which could be contrary to section 1071's business and community development purpose.

The Bureau seeks comment on its proposed approach for credit secured by certain investment properties, including whether it is appropriate to consider credit not to be business credit when it is secured by 1-4 individual dwelling units that the applicant or one or more of the applicant's principal owners does not, or will not, occupy; and, if not, whether a different number of dwelling units in the property securing the credit would be an appropriate way to make a distinction between business and consumer-designated credit. The Bureau also solicits comment on whether to permit financial institutions to voluntarily report real estate investment loan transactions that are secured by non-owner occupied 1-4 dwelling units.

Government credit. The existing definition of business credit in § 1002.2(g) excludes public utilities credit, securities credit, incidental credit, and government credit (that is, extensions of credit made to governments or governmental subdivisions, agencies, or instrumentalities—not extensions of credit made by governments), as defined in existing § 1002.3(a) through (d), from certain aspects of existing Regulation B. For the purpose of proposed subpart B, the Bureau is proposing complete exclusions for public utilities credit, securities credit, and incidental credit from the definition of a covered credit transaction in proposed § 1002.104(b), as discussed below.

However, the Bureau is not proposing to exclude government credit, as defined in existing § 1002.3(d)(1) to mean “extensions of credit made to governments or governmental subdivisions, agencies, or instrumentalities.” The Bureau believes that an express exclusion for extensions of credit made to governments or governmental subdivisions, agencies, or instrumentalities is not necessary because such governmental entities would not constitute small businesses under the proposed rule. The Bureau seeks comment on its approach to government credit.

Certain purchases of covered credit transactions. In the SBREFA Outline, the Bureau did not expressly discuss treatment of loan purchases, but the Bureau sought feedback on any products that should or should not be covered by the Bureau's eventual 1071 rule. Several SERs voiced support for generally aligning small business lending reporting requirements for financial institutions with the approach taken for HMDA reporting in the Bureau's Regulation C. One SER stressed that imposing section 1071 requirements for loan buyers, who play an important role in assisting CDFIs but do not make credit decisions, might risk their continued participation. Feedback from other stakeholders was limited, although a few stakeholders suggested that the Bureau should generally exclude purchased loans. The Panel did not provide a specific recommendation on this topic.

The Bureau believes that this feedback may be based in part on the requirements that apply to HMDA, where Regulation C requires financial institutions to report purchases of covered loans under HMDA. This requirement is based on statutory language that contemplates data collection for loan purchases. As discussed in the section-by-section analysis of proposed § 1002.103, ECOA section 704B(b) requires that financial institutions collect, maintain, and report to the Bureau certain information regarding “any application to a financial institution for credit.” For covered financial institutions, the definition of “application” will trigger data collection and reporting obligations with respect to covered credit transactions. Under proposed subpart B, purchasing a loan does not, in itself, generate an obligation for a covered financial institution to report small business lending data. Rather, a reporting obligation may arise on the basis of making a final credit decision on an application. (See the section-by-section analysis of proposed § 1002.109(a)(3) for additional information.) The Bureau also notes the corollary point that selling a covered loan would not, in itself, obviate an existing obligation of a covered financial institution to report small business lending data for that application, pursuant to proposed comment 107(a)-1.i.

Because under this proposal purchasing a loan does not, in itself, generate an obligation for a covered financial institution to report small business lending data regarding the underlying application, the Bureau is not proposing a specific exclusion for these purchases.

The Bureau seeks comment on its proposal not to expressly exclude the purchase of covered credit transactions in the proposed rule's regulatory text or commentary.

Certain purchases of covered credit transactions—pooled loans. In the SBREFA Outline, the Bureau did not expressly discuss treatment of pooled loan purchases, but the Bureau sought feedback on any products that should or should not be covered by the Bureau's eventual 1071 rule. A CDFI SER that occasionally participates in pooled loan purchases recommended that the Bureau ensure that reporting obligations for such pooled loans are clear.

The Panel did not provide a specific recommendation on this topic. The Bureau believes that this feedback may be based in part on the requirements that apply to HMDA, where Regulation C requires financial institutions to report purchases of covered loans under HMDA. This requirement is based on statutory language that contemplates data collection for loan purchases. However, Regulation C exempts from these general reporting requirements “[t]he purchase of an interest in a pool of closed-end mortgage loans or open-end lines of credit” As discussed in the section-by-section analysis of proposed § 1002.103 above, ECOA section 704B(b) requires that financial institutions collect, maintain, and report to the Bureau certain information regarding “any application to a financial institution for credit.” For covered financial institutions, the definition of “application” (or, as used in this proposed rule, “covered application”) will trigger data collection and reporting obligations with respect to covered credit transactions. Under this proposed subpart, the purchase of an interest in a pool of loans does not, in itself, generate an obligation for a covered financial institution to report small business lending data. There is thus no need to propose a similar exclusion in this proposed subpart.

The Bureau believes that requiring covered financial institutions to collect and maintain data related to the purchase of an interest in a pool of covered credit transactions would do little to further the purposes of section 1071. The Bureau generally believes that a pooled loan purchase would arise after a final credit decision on the relevant loans has already been made ( e.g., after the loans were originated) and therefore the Bureau believes that the purchaser of an interest in a pool of loans would understand that there would be no section 1071 obligation. Section 1071 would already capture the lending information of the loans in this pool, as the application for each origination in the pool would already be reported (assuming it was originated by a covered financial institution and otherwise satisfies the requirements of proposed subpart B). For clarity, however, the Bureau is stating here that no reporting obligations arise from purchasing an interest in a pool of covered credit transactions, including credit-backed securities or real estate investment conduits. The Bureau believes that this clarification, similar to Regulation C comment 3(c)(4)-1, will assist covered financial institutions in understanding the scope of their obligations.

The Bureau seeks comment on its proposal not to expressly exclude the purchase of an interest in a pool of covered credit transactions in the proposed rule's regulatory text or commentary.

Certain purchases of covered credit transactions—partial interests in a covered credit transaction. In the SBREFA Outline, the Bureau did not specifically solicit feedback on a financial institution's obligation to report the purchase of a partial interest in a covered credit transaction (such as through participation loans, where multiple financial institutions fund a single origination); however, the Bureau did receive some feedback on this issue. One SER noted that there was some uncertainty with respect to how the Bureau intended to treat loan participations. This SER urged the Bureau not to discourage smaller credit unions in rural markets, who the SER stated may be likely to take part in loan participations, from helping their communities. The Panel did not provide a specific recommendation on this topic. Several other stakeholders also requested that the Bureau exempt participation loans.

The Bureau believes that this feedback may be based in part on the requirements that apply to HMDA, where Regulation C requires financial institutions to report purchases of covered loans under HMDA. This requirement is based on statutory language that contemplates data collection for loan purchases. However, Regulation C exempts from these general reporting requirements “[t]he purchase of a partial interest in a closed-end mortgage loan or open-end line of credit” As discussed in the section-by-section analysis of proposed § 1002.103 above, ECOA section 704B(b) requires that financial institutions collect, maintain, and report to the Bureau certain information regarding “any application to a financial institution for credit.” For covered financial institutions, the definition of “application” (or, as used in this proposed rule, “covered application”) will trigger data collection and reporting obligations with respect to covered credit transactions. Under this subpart, a partial purchase of a loan does not, in itself, generate an obligation for a covered financial institution to report small business lending data. There is thus no need to propose a similar exclusion in this subpart.

The Bureau believes that this approach, combined with proposed § 1002.109(a)(3), provides sufficient clarity for financial institutions that choose to take part in loan participations. For example, Financial Institution A receives an application for a covered credit transaction and approves the loan, and then Financial Institution A elects to organize a loan participation agreement where Financial Institutions B and C agree to purchase a partial interest. This is a covered credit transaction for Financial Institution A, but it is not a covered credit transaction for Financial Institutions B and C. The Bureau believes that this approach differs from how loan participations are reported by banks and savings associations under the CRA. That is, under the CRA, if the loan originated by Financial Institution A met the definition of a small business loan, then if any (or all) of the financial institutions were CRA loan reporters the loans may be reported under the CRA.

The Bureau believes that the purposes of section 1071 counsel towards the broad collection of small business lending by financial institutions. The Bureau is further unaware of any reason why data with respect to such lending should not be collected because more than one financial institution holds an interest in a covered product. Conversely, the Bureau does not believe that requiring reporting by each financial institution with a partial interest in a covered credit transaction would further section 1071's purposes, and is concerned that having a single loan reported by multiple financial institutions could compromise the quality of the section 1071 dataset. Read in conjunction with proposed § 1002.109(a)(3), however, the Bureau believes that the covered credit transactions at issue here will nonetheless generally be reported by one covered financial institution, the financial institution that sold portions of the loan to other participants.

The Bureau seeks comment on its proposal not to expressly exclude the purchase of a partial interest in a covered credit transaction in the proposed rule's regulatory text or commentary. In particular, the Bureau solicits comment on how this proposed exclusion may differ from reporting obligations under the CRA, and if the Bureau adopted another approach, how overlapping reporters or data might be flagged to avoid double-counting certain information.

Trade credit. Under existing Regulation B, trade credit refers to a “financing arrangement that involves a buyer and a seller—such as a supplier who finances the sale of equipment, supplies, or inventory; it does not apply to an extension of credit by a bank or other financial institution for the financing of such items.” Thus, trade credit typically involves a transaction in which a seller allows a business to purchase its own goods without requiring immediate payment, and the seller is not otherwise in the financial services business. Businesses offering trade credit generally do so as a means to facilitate the sale of their own goods and not as a stand-alone financing product.

Most of the notification requirements of existing Regulation B do not apply to trade credit transactions. In a typical trade credit transaction, the seller is not otherwise in the financial services business. The Bureau's White Paper estimated that trade credit represents approximately 21 percent of the aggregate dollar volume of various financial products used by small businesses. The Bureau understands that there are tens of thousands of merchants and wholesalers that extend credit to small businesses solely in connection with sale of goods and services by these trade creditors.

In its SBREFA Outline, the Bureau stated that it was considering proposing that trade credit not be a covered product under section 1071. The Bureau stated that trade credit can be offered by entities that are themselves very small businesses and that the Bureau was concerned that these entities, in particular, may incur large costs relative to their size to collect and report 1071 data in an accurate and consistent manner.

The Bureau only received a few comments regarding its proposal under consideration to exclude trade credit. A few stakeholders suggested that trade credit should be covered. One commenter noted that trade credit is used for a significant number of agricultural finance transactions (equipment financing and input financing for row crop farmers) and suggested that the Bureau should monitor this sector of the agricultural finance industry. A trade association stated that the exclusion of trade credit should apply not only to the seller of inventory and businesses facilitating the sale of inventory, but also its affiliates and facilitators because these entities generally provide financing only for the seller's products and not for competing or unrelated products. The trade association cautioned that the collection and publication of data, if applied to such an affiliate, could significantly impact the seller's ability to maintain trade secrets, as these data would provide competitors a comprehensive insight into the seller's distribution and wholesale strategies, and it would also create a substantial risk to the applicants themselves due to privacy concerns.

The Bureau is proposing to not cover trade credit in its 1071 rule. Proposed § 1002.104(b)(1) would define trade credit as a financing arrangement wherein a business acquires goods or services from another business without making immediate payment to the business providing the goods or services. Proposed comment 104(b)(1)-1 would provide that an example of trade credit is one that involves a supplier that finances the sale of equipment, supplies, or inventory. Proposed comment 104(b)(1)-1 would provide that an extension of business credit by a financial institution other than the supplier for the financing of such items is not trade credit. Proposed comment 104(b)(1)-2 would clarify that the definition of trade credit under existing comment 9(a)(3)-2 applies to relevant provisions under existing Regulation B, and that proposed § 1002.104(b)(1) is not intended to repeal, abrogate, annul, impair, or interfere with any existing interpretations, orders, agreements, ordinances, rules, or regulations adopted or issued pursuant to existing comment 9(a)(3)-2.

The Bureau is proposing a definition of “covered credit transaction” that excludes trade credit pursuant to its authority under ECOA section 704B(g)(1) to prescribe such rules and issue such guidance as may be necessary to carry out, enforce, and compile data under section 1071. While trade credit constitutes “credit” within the meaning of proposed § 1002.102(k), the Bureau believes that trade credit is categorically different from products like loans, lines of credit, credit cards, and MCAs and that there are several reasons to exclude it from coverage. Trade credit is not a general-use business lending product—that is, trade creditors generally extend credit as a means to facilitate the sale of their own goods, rather than offering it as a stand-alone financial product. The Bureau believes that while trade creditors might meet the definition in section 1071 of a financial institution, they are not financial services providers that manage compliance with regulatory requirements associated with making extensions of credit. The Bureau understands that trade credit can be offered by entities that are themselves very small businesses; the Bureau continues to be concerned that these entities, in particular, may incur large costs relative to their size to collect and report 1071 data in an accurate and consistent manner. Taken together, the Bureau is concerned that requiring trade credit to be reported under proposed subpart B may lead to significant data quality issues. The Bureau is also concerned that the fixed costs of coming into compliance with its 1071 rule could lead these businesses to reduce or cease offering trade credit to their small business customers, which would run contrary to the community development purpose of section 1071.

The Bureau notes that its proposed definition of trade credit in § 1002.104(b)(1) is focused on the business providing the goods or services being financed. It thus does not extend to affiliates and facilitators of trade creditors that provide financing, even if only for the trade creditor's products and not for competing or unrelated products. Provided that they otherwise meet the definition of a covered financial institution in proposed § 1002.105(b), such affiliates and facilitators must collect and report data under the 1071 rule. The Bureau believes that, unlike trade creditors themselves, such affiliates and facilitators offer stand-alone credit products in the same way as other financial institutions. As such, the Bureau does not have the same concerns about data quality or market exit by affiliates and facilitators that it does about trade creditors themselves.

The Bureau seeks comment on its proposal to exclude trade credit from the 1071 rule and on its proposed definition of trade credit.

Public utilities credit. As noted above, the existing definition of business credit in § 1002.2(g) excludes public utilities credit, securities credit, incidental credit, and government credit, as defined in existing § 1002.3(a) through (d), from certain procedural requirements of existing Regulation B. For the purpose of proposed subpart B, the Bureau is proposing complete exclusions for public utilities credit from the definition of a covered credit transaction in proposed § 1002.104(b).

In the SBREFA Outline, the Bureau did not expressly discuss treatment of public utilities credit transactions. However, the Bureau sought feedback on any products that should or should not be covered by the Bureau's eventual 1071 rule, and did not receive any feedback specific to public utilities credit.

Proposed § 1002.104(b)(2) would exclude public utilities credit, as defined in existing § 1002.3(a)(1). Existing § 1002.3(a)(1) states that the term public utilities credit refers to extensions of credit that involve public utility services provided through pipe, wire, or other connected facilities, or radio or similar transmission (including extensions of such facilities), if the charges for service, delayed payment, and any discount for prompt payment are filed with or regulated by a government unit. Several existing Regulation B requirements do not apply to public utilities credit transactions. Existing comment 3(a)-1 explains that the definition applies only to credit for the purchase of a utility service, such as electricity, gas, or telephone service. Credit provided or offered by a public utility for some other purpose—such as for financing the purchase of a gas dryer, telephone equipment, or other durable goods, or for insultation or other home improvements—would not be excepted under proposed § 1002.104(b)(2) but may be excepted if it constitutes trade credit under proposed § 1002.104(b)(1), or in the case of financing for certain home improvements, for example, if it does not constitute an extension of business credit under proposed § 1002.104(a). Existing comment 3(a)-2 states in part that a utility company is a creditor when it supplies utility service and bills the user after the service has been provided.

The Bureau is proposing a definition of “covered credit transaction” that excludes public utilities credit pursuant to its authority under ECOA section 704B(g)(1) to prescribe such rules and issue such guidance as may be necessary to carry out, enforce, and compile data under section 1071. The Bureau believes that excluding public utilities credit from the 1071 rule is reasonable for the same reasons as the Board enumerated when it adopted exemptions from certain procedural requirements under subpart A. Specifically, the Bureau is concerned that covering public utilities credit under 1071 could require “substantial changes in the forms and procedures of public utilities companies. Costs associated with such changes would, in all likelihood, be passed along to [small business owners].” The Bureau notes that many of the policies and procedures of public utilities companies are separately regulated at the State and Municipal levels by public service commissions, and at the Federal level by the Federal Energy Regulatory Commission. The Bureau also believes that public utilities credit is akin to trade credit and thus is proposing to exclude it from coverage under subpart B for the same reasons.

The Bureau seeks comment on its proposal to exclude public utilities credit.

Securities credit. As noted above, the existing definition of business credit in § 1002.2(g) excludes public utilities credit, securities credit, incidental credit, and government credit, as defined in existing § 1002.3(a) through (d), from certain procedural requirements of existing Regulation B. For the purpose of proposed subpart B, the Bureau is proposing complete exclusions for securities credit from the definition of a covered credit transaction in proposed § 1002.104(b).

In the SBREFA Outline, the Bureau did not expressly discuss treatment of securities credit transactions, but the Bureau sought feedback on any products that should or should not be covered by the Bureau's eventual 1071 rule. The Bureau did not receive any feedback specific to securities credit.

Proposed § 1002.104(b)(3) would exclude securities credit, as defined in existing § 1002.3(b)(1). Existing § 1002.3(b)(1) states that the term securities credit refers to extensions of credit subject to regulation under section 7 of the Securities Exchange Act of 1934 or extensions of credit by a broker or dealer subject to regulation as a broker or dealer under the Securities Exchange Act of 1934. Several existing Regulation B requirements do not apply to securities credit transactions.

The Bureau is proposing a definition of “covered credit transaction” that excludes securities credit pursuant to its authority under ECOA section 704B(g)(1) to prescribe such rules and issue such guidance as may be necessary to carry out, enforce, and compile data under section 1071. The Bureau is proposing to exclude securities credit to foster consistency with existing Regulation B.

The Bureau seeks comment on its proposal to exclude securities credit.

Incidental credit. As noted above, the existing definition of business credit in § 1002.2(g) excludes public utilities credit, securities credit, incidental credit, and government credit, as defined in existing § 1002.3(a) through (d), from certain procedural requirements of existing Regulation B. For the purpose of proposed subpart B, the Bureau is proposing complete exclusions for incidental credit from the definition of a covered credit transaction in proposed § 1002.104(b).

In the SBREFA Outline, the Bureau did not expressly discuss treatment of incidental credit transactions, but the Bureau sought feedback on any products that should or should not be covered by the Bureau's eventual 1071 rule. The Bureau did not receive any feedback specific to incidental credit.

Proposed § 1002.104(b)(4) would exclude incidental credit, as defined in existing § 1002.3(c)(1), but without regard to whether the credit is consumer credit, as defined in existing § 1002.2(h). Existing § 1002.3(c)(1) states that incidental credit refers to extensions of consumer credit other than the types described in § 1002(a) and (b): (i) That are not made pursuant to the terms of a credit card account; (ii) that are not subject to a finance charge (as defined in Regulation Z § 1026.4); and (iii) that are not payable by agreement in more than four installments. A number of existing Regulation B requirements do not apply to “incidental credit” (referring to extensions of consumer credit). Existing comment 3(c)-1 explains that if a service provider (such as a hospital, doctor, lawyer, or merchant) allows the client or customer to defer the payment of a bill, this deferral of debt is credit for purposes of the regulation, even though there is no finance charge and no agreement for payment in installments. Because of the exceptions provided by existing § 1002.3, however, these particular credit extensions are excepted from compliance with certain procedural requirements as specified in § 1002.3(c).

The Bureau is proposing a definition of “covered credit transaction” that excludes incidental credit pursuant to its authority under ECOA section 704B(g)(1) to prescribe such rules and issue such guidance as may be necessary to carry out, enforce, and compile data under section 1071. The Bureau believes that the Board's reasoning with respect to incidental credit's limited exception under existing Regulation B is equally applicable and relevant here. The Board sought to minimize burdens on businesses that “permit their customers to defer payment of debt as a convenience and are not in the business of extending credit.” The Board cited the example of doctors and dentists that permit their patients to defer payment of fees and who are extending credit as incidental to their principal activity of health care. The Board also noted that “[s]mall neighborhood businesses such as drugstores and grocery stores frequently permit their customers to postpone payment on an informal basis not associated with a formal credit plan.” The Bureau believes that incidental credit, as described above, is akin to trade credit and thus is proposing to exclude it from coverage under subpart B for the same reasons.

The Bureau seeks comment on its proposal to exclude incidental credit.

Section 1002.105 Covered Financial Institutions and Exempt Institutions

ECOA section 704B(h)(1) defines the term “financial institution” as “any partnership, company, corporation, association (incorporated or unincorporated), trust, estate, cooperative organization, or other entity that engages in any financial activity.” The Bureau is proposing to define a financial institution in § 1002.105(a) consistent with that statutory language. The Bureau is proposing to define a covered financial institution in § 1002.105(b) as a financial institution that originated at least 25 covered credit transactions from small businesses in each of the two preceding calendar years. Only those financial institutions that meet this loan-volume threshold in the definition of a covered financial institution would be required to collect and report small business lending data pursuant to proposed subpart B.

The Bureau's proposed definitions reflect the broad nature of the data collection specified in section 1071, while recognizing the risks that financial institutions with the lowest volume of small business lending might reduce or cease their small business lending activity because of the fixed costs of coming into compliance with this rule.

The Bureau is proposing § 1002.105 to implement ECOA section 704B(h)(1) and pursuant to its authority under 704B(g)(1) to prescribe such rules and issue such guidance as may be necessary to carry out, enforce, and compile data pursuant to section 1071. The Bureau is also proposing § 1002.105(b) pursuant to its authority under 704B(g)(2) to conditionally or unconditionally exempt any financial institution or class of financial institutions from the statute's requirements, as the Bureau deems necessary or appropriate to carry out the purposes of section 1071. The Bureau is proposing these provisions and proposing to use its exemption authority under 704B(g)(2) for the reasons set forth below.

105(a) Financial Institution

Background

ECOA section 704B(h)(1) defines the term “financial institution” as “any partnership, company, corporation, association (incorporated or unincorporated), trust, estate, cooperative organization, or other entity that engages in any financial activity.”

SBREFA Proposals Under Consideration and Feedback Received

At SBREFA, the Bureau stated it was considering proposing a general definition of “financial institution” consistent with the section 1071 definition. The Bureau noted that Regulation B, which implements ECOA, has not otherwise defined this term.

SERs generally did not express concern regarding the general definition of a “financial institution” under consideration, although one SER expressed concern at the broad reach of what might be considered a financial activity. The SBREFA Panel did not provide any recommendations on the definition of a financial institution. Feedback on the definition of “financial institution” from other stakeholders was likewise nearly universally positive, with most opining that a definition that encompasses all small business lenders would be appropriate.

Proposed Rule

Proposed § 1002.105(a) would define a financial institution as any partnership, company, corporation, association (incorporated or unincorporated), trust, estate, cooperative organization, or other entity that engages in any financial activity. This proposed definition restates the statute and is the same definition that the Bureau stated it was considering proposing in the SBREFA Outline. The Bureau believes that this definition reflects the broad nature of small business lending data collection specified in section 1071. Under such a definition, the rule's data collection and reporting requirements would apply to a variety of entities that engage in small business lending, including depository institutions ( i.e., banks, savings associations, and credit unions), online lenders, platform lenders, CDFIs, lenders involved in equipment and vehicle financing (captive financing companies and independent financing companies), commercial finance companies, governmental lending entities, and nonprofit, nondepository lenders.

As noted above, one SER expressed concern at the broad reach of this definition. But the broad scope of what may be considered a “financial activity” in the proposed definition of financial institution is not the principal determinative factor as to whether small business lending data collection and reporting is required; the proposed definition of a covered financial institution, the proposed definition of a covered application, and the proposed definition of a covered credit transaction, among others, all would impose limits on what entities could be subject to this proposed rule's data collection and reporting requirements.

Proposed comment 105(a)-1 would provide a non-exhaustive list of examples of entities that may fit within the definition of a financial institution. This proposed comment would make clear that nonprofit and governmental entities, governmental subdivisions, or governmental agencies, among others, who conduct financial activity fit within the definition of a financial institution. The definition of the term “financial institution” in ECOA section 704B(h)(1) includes the phrase “or other entity.” That term readily encompasses governments and government entities. Even if the term were ambiguous, the Bureau believes—based on its expertise and experience—that interpreting it to encompass governments and government entities would promote the purposes of section 1071. For example, the Bureau believes that it will be helpful to identify the business and community development needs of women-owned, minority-owned, and small businesses by collecting lending data from both a county-run assistance program for establishing new businesses and financial institutions that operate nationwide, like online lenders. The Bureau also believes that the terms “companies” or “corporations” under the definition of “person,” on their face, cover all companies and corporations, including government-owned or -affiliated companies and corporations. And even if those terms were ambiguous, the Bureau believes—based on its expertise and experience—that interpreting them to cover government-owned or -companies and corporations would promote the purposes of section 1071. The Bureau emphasizes that the list of examples of entities in proposed comment 105(a)-1 is not exhaustive and that other entities not specifically described would nonetheless fit within the definition of a financial institution under proposed § 1002.105(a). For example, the Bureau believes that an organization offering insurance premium financing, where the organization provides short-term loans to businesses to pay for property and casualty insurance, is included within the definition of proposed § 1002.105(a), even though this specific business model is not described in proposed comment 105(a)-1.

Proposed comment 105(a)-2 would refer to proposed § 1002.101(a) to reiterate the statutory exclusion for motor vehicle dealers.

The Bureau seeks comment on this proposed definition of a financial institution, and generally requests comment on whether additional clarification is needed.

105(b) Covered Financial Institution

Background

The Bureau has received requests to adopt exemptions from section 1071 collection and reporting requirements for financial institutions that do not frequently engage in small business lending. Reasons cited have included encouraging market entry, ensuring data quality, alleged lack of materiality of data from smaller lenders that rarely make small business loans, and lack of capacity by the lenders sufficient to justify small business lending as a line of business in light of the cost of complying with an eventual 1071 rule.

SBREFA Proposals Under Consideration and Feedback Received

In the SBREFA Outline, the Bureau stated that it was considering, in light of section 1071's statutory purposes, proposing to exempt financial institutions from any collection and reporting requirements based on either or both a size-based and/or activity-based threshold. In the SBREFA Outline, the Bureau set forth several alternative thresholds under consideration for such an exemption.

There was a diversity of perspectives with respect to the Bureau's approaches under consideration regarding potential exemptions. While some SERs stressed the need for expansive lender coverage to fulfill section 1071's purposes, others suggested that such purposes could be fulfilled by the Bureau collecting and reporting data from only the largest lenders. SERs also offered varying opinions regarding the exemption metrics and thresholds under consideration, with some SERs favoring activity-based exemptions and others preferring an asset-based approach. SERs uniformly supported clear, predictable collection and reporting exemption thresholds.

The SBREFA Panel recommended that the Bureau continue to explore whether either or both a size-based or activity-based test might be appropriate to determine whether a financial institution must collect and report 1071 data or should be exempt, given section 1071's statutory purposes. The SBREFA Panel also recommended that the Bureau continue to explore whether the fixed costs of coming into compliance with an eventual 1071 rule might cause certain financial institutions to reduce or cease lending to small businesses, as it considers the possible exemptions for financial institutions based on size and/or activity, along with any alternative approaches.

Feedback from other stakeholders generally was in support of exempting certain financial institutions from 1071 collection and reporting obligations. Most feedback in support of pursuing exemptions focused on the potential burden of a new regulatory regime, with some stakeholders cautioning that collection and reporting obligations could lead to an increase in the cost of credit. A few stakeholders connected these potential costs with section 1071's purpose to identify community development needs and opportunities (chiefly arguing that costs might lead to higher costs of lending or lower lending volume), or otherwise expressed a general belief that some exemptions were consistent with statutory purposes. Several stakeholders, mostly community groups, urged caution with respect to the extent of any such exemptions, arguing that significant data limitations would run contrary to the general purposes of section 1071.

Activity-based exemption. In the SBREFA Outline, the Bureau stated that it was considering whether only financial institutions that engage in a certain amount of small business lending activity should be required to collect and report 1071 data. The Bureau explained that in light of 1071's potentially broad application to financial institutions, an activity-based test to determine reporting responsibility might be appropriate. In particular, the Bureau expressed concern that financial institutions with the lowest volume of small business lending might reduce or cease their small business lending activity because of the fixed costs of coming into compliance with an eventual 1071 rule. The Bureau stated that this result could be contrary to the community development purpose of section 1071.

The Bureau specifically mentioned three possible activity-based threshold levels, each defined by a financial institution's annual number of small business loans originated or the financial institution's annual total dollar value of small business loans originated. (That is, if either measurement is exceeded, then the financial institution must collect and report 1071 data.) Those three possible activity-based threshold levels were: Originations of at least 25 loans or $2.5 million (Option 1 Exemption Threshold); originations of at least 50 loans or $5 million (Option 2 Exemption Threshold); and originations of at least 100 loans or $10 million (Option 3 Exemption Threshold). These possible activity-based thresholds could be based on the financial institution's lending as of the end of the last calendar year, or the end of each of the last two calendar years. An activity-based exemption could apply to depository and nondepository institutions alike.

Some SERs advocated for an activity-based exemption. Several of these SERs preferred an annual 25-loan threshold (with at least one expressing support specifically for the Option 1 Exemption Threshold). One SER preferred the Option 2 Exemption Threshold, while another preferred the Bureau's Option 3 Exemption Threshold. Another SER recommended setting a threshold of more than 100 small business applications (rather than originations) for two consecutive years. These SERs emphasized a general need for thorough data reporting from a wide variety of lenders, and cautioned that in many smaller and rural markets, larger exemptions might result in little or no data collection given that many lenders in those markets make very few small business loans annually.

One SER suggested setting an activity-based threshold based on loan portfolio size rather than annual originations. Another SER suggested that the Bureau consider exempting certain financial institutions using a location test similar or identical to what is used for HMDA, which does not apply to institutions that do not have a home or branch office in a Metropolitan Statistical Area.

There was no uniformity in the feedback from other stakeholders with respect to an activity-based exemption and its potential level. Many commenters, including lenders, trade associations, and community groups, expressed support for the Option 1 Exemption Threshold, although most explicitly supported only the 25-loan threshold. On the other hand, a few comments advocated for versions of the Option 3 Exemption Threshold and many comments urged the Bureau to adopt a threshold higher than the Option 3 Exemption Threshold. Commenters who advocated for higher thresholds consisted of lenders and trade associations.

Size-based exemption. In the SBREFA Outline, the Bureau stated that it was concerned that the smallest financial institutions might reduce or cease their small business lending activity because of the fixed costs of coming into compliance with an eventual 1071 rule, which could be contrary to the community development purpose of section 1071. Specifically, the Bureau considered whether depository institutions with assets under a given threshold should be exempt from collecting and reporting small business lending data.

The Bureau stated that it was considering proposing to exempt depository institutions with assets under a given threshold from section 1071's data collection and reporting requirements. The Bureau postulated that this size-based approach could provide a straightforward exemption for very small depository institutions and avoid the need for those entities to measure or monitor their small business lending activity in order to determine whether they would be exempt from the Bureau's 1071 rule. In particular, the Bureau considered possible asset-based exemption threshold levels of $100 million (Option A Exemption Level) and $200 million (Option B Exemption Level). For purposes of this exemption, the Bureau considered proposing that a depository institution measure assets as of the end of the last calendar year, or the end of both of the last two calendar years. The Bureau asked SERs whether there were alternative approaches to a size-based exemption that the Bureau should consider.

SERs did not suggest size-based exemptions other than an asset-based metric that would apply to depository institutions. A few SERs advocated that the Bureau should consider initially exempting lenders other than “large” financial institutions (which, one SER suggested, might be defined for depository institutions as those having more than $1 billion in assets). These SERs stated that this approach would capture the vast majority of small business loans while avoiding imposing undue regulatory burden on smaller lenders, who might be less capable of absorbing such costs. They suggested that the Bureau might later consider whether to expand section 1071 data collection and reporting requirements to smaller financial institutions after first analyzing the available data. Several SERs cautioned that some financial institutions, particularly small nondepository lenders, might cease lending to small businesses if the eventual 1071 rule's one-time costs are too high.

One SER stated that a $200 million asset-based exemption would be helpful to small depository lenders, and others suggested that a threshold of $600 million was appropriate. Another SER countered, however, that they were unaware of data to support an asset-based exemption larger than $100 million. Some SERs expressly opposed an asset-based exemption; one SER cautioned that an exemption based solely on asset size would be inadvisable because many lenders do not hold their loans on their balance sheet. Another SER stated that adopting an asset-based exemption would risk excluding the collection of nearly all small business lending data in certain regions.

Input from other stakeholders was split. Many stakeholders supported a size-based exemption (typically an asset-based exemption), contending that small depository institutions faced substantial compliance costs and presented a lower likelihood of fair lending violations. Small depository institutions were also particularly concerned about data security issues. However, a number of other stakeholders counseled against a size-based exemption, arguing that exemptions should be based instead on lending activity, and that size-based exemptions risked under-reporting in important markets. In addition, some stakeholders noted that because there was no ready equivalent size-based measurement for nondepository institutions, including an asset-based exemption in the 1071 rule would put other small financial institutions at a cost disadvantage.

Combined exemption. The Bureau stated that it was exploring whether to combine the size- and activity-based approaches. Under a combined approach, a financial institution would be required to collect and report 1071 data if it exceeds either: (1) A given annual number of small business loans originated; or (2) annual total small business lending, measured in dollars. However, depository institutions with assets under a given asset threshold would be exempt from reporting, regardless of the number or dollar value of small business loans they originated during the relevant time period.

At least one SER supported a combined size-based and activity-based exemption. Some SERs also suggested other possible bases for setting exemption thresholds. For example, several SERs suggested that the Bureau focus on the number of small business loans that would be covered or excluded, rather than the number of financial institutions, in setting an exemption threshold. One SER suggested setting a threshold based on loan portfolio size rather than annual originations. As discussed above, another SER suggested that the Bureau consider exempting certain financial institutions using a location test similar or identical to what is used for HMDA, which does not apply to institutions that do not have a home or branch office in a Metropolitan Statistical Area.

Alternative exemptions. The Bureau did not express that it was considering other collection and reporting exemptions. However, the Bureau did request feedback on alternative approaches. In particular, the Bureau asked whether there were certain types of financial institutions, such as governmental lending entities or nonprofit nondepository lenders, that the Bureau should consider not including within 1071's data collection and reporting requirements.

One credit union SER requested that the Bureau exempt all credit unions from section 1071 data collection and reporting requirements, asserting that credit unions had not displayed what they characterized as a “pattern of unfair lending.” In contrast, another SER cautioned against providing exemptions for particular types of financial institutions, noting the risk of missing important lending data. A few SERs, particularly CDFIs, strongly preferred that all lenders, including nonprofit and government lenders, be subject to section 1071 data collection and reporting requirements. One SER asserted that disparities exist in many forms of small business lending, including the SBA's 7(a) Loan Program, State lending programs, and funds distributed through the recent Coronavirus Aid, Relief, and Economic Security Act (CARES Act). Another SER stated that in certain parts of the country, such as the Midwest, Farm Credit System loans are available to small businesses, and thus Farm Credit institutions are in competition with other lenders and should be covered entities. One SER stated that the Bureau should consider exempting nondepository, nonprofit Native CDFIs because section 1071 data collection and reporting requirements might impose significant compliance costs and privacy concerns. The SBREFA Panel recommendations did not directly address this topic, although the Panel did recommend that the Bureau continue to consider alternative approaches to exemptions.

Feedback from other stakeholders included a variety of suggestions for other types of financial institutions that the Bureau should consider exempting. These suggestions were made by financial institutions (or their trade associations) to describe either themselves or portions of their membership. The Bureau received this feedback pertaining to CDFIs, credit unions, minority depository institutions, financial institutions in rural areas or low- and moderate-income areas, financial institutions that would themselves be small businesses under the rule, and motor vehicle dealers. Conversely, some stakeholders encouraged the Bureau not to provide any such categorical exemptions. One stakeholder also urged the Bureau not to exempt government or nonprofit lenders, arguing that they were an important element of achieving broad coverage in 1071 data.

Proposed Rule—Activity-Based Exemption

Proposed § 1002.105(b) would define a covered financial institution as a financial institution that originated at least 25 covered credit transactions for small businesses in each of the two preceding calendar years. This proposed definition adopts the portion of the Option 1 Exemption Threshold based on number of originations discussed at SBREFA, using the two consecutive year approach that was also described at SBREFA. The Bureau believes this definition will facilitate compliance by describing which financial institutions are required to collect and report small business data. The Bureau is also proposing commentary to accompany proposed § 1002.105(b). The Bureau's rationale for proposing this exemption, and for not proposing any others, is discussed in detail below.

In general, the Bureau believes that fulfilling the purposes of section 1071 necessitates collecting small business lending data from all sizes and types of financial institutions (other than those with a low volume of lending activity), particularly given the variety of entities identified in ECOA section 704B(h)(1). The Bureau is proposing to exempt certain financial institutions from its small business lending data collection rule because it remains concerned that financial institutions with the lowest volume of small business lending might reduce or cease their small business lending activity due to the fixed costs of coming into compliance with the 1071 rule. A reduction in access to credit would run contrary to the community development purpose of section 1071. Section 1071 describes its community development purpose as “enabl[ing] communities, governmental entities, and creditors to identify business and community development needs and opportunities of women-owned, minority-owned, and small businesses.” In the Bureau's view, such business and community development opportunities cannot be appropriately identified if the 1071 rule unduly eliminates those opportunities by reducing access to credit, which, as explained below, supports the Bureau's use of its exemption authority under 704B(g)(2) here. Feedback from SBREFA showed that a broad array of financial institutions, trade associations, community groups, and others share the Bureau's concern about the risk of reducing access to small business credit, particularly with respect to financial institutions that infrequently lend to small businesses.

The Bureau is proposing § 1002.105(b) pursuant to its authority under ECOA section 704B(g)(1) to prescribe such rules and issue such guidance as may be necessary to carry out, enforce, and compile data pursuant to section 1071 and its authority under 704B(g)(2) to adopt exceptions to any requirement of section 1071 and, conditionally or unconditionally, exempt any financial institution or class of financial institutions from the requirements of section 1071, as the Bureau deems necessary or appropriate to carry out the purposes of section 1071.

The Bureau believes that an activity-based threshold would provide a simple basis for financial institutions that infrequently lend to small businesses to determine whether they have conducted sufficient lending activity as to be required to collect and report data under proposed subpart B. With respect to setting an activity-based threshold, feedback favored using only originations. SERs uniformly supported clear, predictable collection and reporting exemption thresholds. With respect to feedback from other stakeholders, nearly all of the comments that expressed support for the Option 1 Exemption Threshold provided support only for the 25-loan metric, and not the total lending metric (and several comments explicitly urged the Bureau not to adopt the $2.5 million lending threshold). The Bureau believes that furnishing a dual activity-based threshold, under which infrequent lenders must ascertain both measurements to determine whether reporting may be required, would cut against the goal of simplifying the rule as lenders would then have to track two metrics, not one. The Bureau believes that a dual threshold would create more regulatory complexity as, among other things, the resulting rule would have to address issues such as how lines of credit and credit cards are meant to be counted towards the dollar volume threshold. (For example, should the rule use the maximum amount that could be extended or something else, like an average of the amount actually outstanding? If the former, how should changes in the limit be treated?) In contrast, tracking total annual small business originations does not entail such complexity.

In particular, the Bureau believes that a primary advantage of an activity-based threshold—ease of compliance—would be undermined if the Bureau were to implement a complex, dual threshold eligibility test. The Bureau wishes to ensure that infrequent lenders are not incurring significant undue compliance costs, particularly while not reporting data. In general, tracking two thresholds is more complex than tracking one. And of these two thresholds, the Bureau believes that tracking total originations is simpler than tracking total lending. The Bureau believes it is also more likely that financial institutions are already tracking total originations. The Bureau believes that proposing an activity-based threshold that employs data already generally collected by financial institutions could mitigate the risk that section 1071, when implemented, would result in reduced access to credit.

The Bureau is thus proposing to set the loan-volume threshold at 25 covered credit transactions from small businesses in each of the past two years. This proposal is based, in part, on feedback received at SBREFA. As mentioned above, several SERs recommended an annual 25-loan threshold and many comments, including those from lenders, trade associations, and community groups, expressed support for the Option 1 Exemption Threshold, with most explicitly supporting just the 25-loan threshold and not total lending.

The Bureau continues to consider whether this loan-volume threshold should be set at a different level, such as 50 or 100 originations, as described in the SBREFA Outline. The Bureau notes that there was also substantial support for a much higher loan-volume threshold than 25 originations. In addition to the SER feedback discussed above, several stakeholders advocated for 100 loans and many others advocated for an even higher threshold. However, at least to this point, the Bureau is not convinced, based on the feedback from SERs and other stakeholders, that higher thresholds would be more necessary or appropriate to carry out the purposes of section 1071. Rather, such advocacy focused either on concerns that lower thresholds would not exempt a particular financial institution or type of financial institution, such as community banks, or that higher thresholds would not substantially diminish overall data collection.

Supporters of the 25-loan threshold and supporters of the 100-loan threshold each argued that such a threshold would be similar to that used in HMDA. The Bureau's 2015 HMDA Rule set the closed-end loan threshold

at 25 originated loans for each of the two preceding calendar years. However, in 2020, the Bureau increased the threshold to 100 closed-end loans, effective the same year. The Bureau set the HMDA threshold pursuant to its authority to provide adjustments or exceptions that it judges as necessary and proper to effectuate the purposes of HMDA or to facilitate compliance with HMDA. In the present case, with respect to institutional coverage thresholds, the Bureau does not believe a direct comparison with HMDA is instructive because of differences in the relevant statutory authorities and between home mortgages and small business loans.

The Bureau also considered how its proposed threshold of 25 covered credit transactions for small businesses (and the other thresholds under consideration at SBREFA) might affect overall collection and reporting of 1071 data from banks and credit unions, based on data as of 2019. Table 1 below provides the Bureau's estimated share of depository institutions, estimated share of small business loans from those institutions (measured in total number of loans), and estimated share of small business credit from those institutions (measured in dollars) that would be covered by a loan-volume threshold of 25, 50, or 100 small business loans. The Bureau estimates that a depository institution is covered for a particular loan-volume threshold as of 2019 if the estimated number of originations for that institution exceeded the threshold in both 2017 and 2018. Given the limitations of the source data, the Bureau cautions that these estimates are not intended to provide a complete sense of the possible consequences of adopting each particular threshold. Nonetheless, the Bureau is providing estimates based on these data because it is the best information currently available to the Bureau. Moreover, the Bureau emphasizes that these estimates apply only to depository institutions. This information is based on FFIEC and Credit Union Call Reports, as well as Community Reinvestment Act submissions. Under these data collections, banks report small loans made to businesses and farms (regardless of the borrower's size). Credit unions report commercial loans over $50,000 made to members (also, regardless of the borrower's size). The Bureau is unable to determine the degree to which these data provide an adequate proxy for the applications from small businesses that would be subject to 1071 reporting. The methodologies and assumptions used to produce these estimates are further documented in part VII.D below and in more detail in its Supplemental estimation methodology for institutional coverage and market-level cost estimates in the small business lending data collection notice of proposed rulemaking released concurrently with this proposal.

Table 1 above shows that as the loan-volume threshold rises, the estimated share of depository institutions subject to section 1071 decreases substantially. Likewise, the estimated share of small business loans and small business credit captured by the rule would also decrease, although those decreases are less pronounced. The Bureau has no information for nondepository institutions such that the Bureau could provide similar estimates for comment. The Bureau requests in response to this proposal such information and data that might bear on any activity-based exemption for nondepository institutions.

The Bureau notes that the above estimates represent small business lending data prior to the COVID-19 pandemic and ensuing policy responses. The Bureau is keenly aware that many financial institutions, including those that may not have historically participated actively in small business lending, served their communities by becoming participating lenders in the SBA's Paycheck Protection Program. This program ended on May 31, 2021. The Bureau expects that by the time its 1071 rule is finalized and implemented, lending activity conducted pursuant to the SBA's Paycheck Protection Program will not be determinative of whether a given financial institution qualifies as a covered financial institution under the 1071 rule. The Bureau will continue to monitor the market and consider what other adjustments, if any, may be needed to ensure that, to the best of the Bureau's ability, the 1071 rulemaking is informed by up-to-date and accurate information about the small business lending market.

The Bureau seeks comment on its proposed 25 originations threshold incorporated into the definition of a covered financial institution. The Bureau also solicits comment on whether this threshold should alternatively be set at 50 or 100 covered credit transactions.

The Bureau is proposing to define a covered financial institution using a loan-volume threshold that must be achieved in each of the two preceding calendar years. SERs provided relatively little feedback directly on the measurement period, but broadly expressed a desire for clear, predictable collection and reporting thresholds. The Bureau received substantial feedback advocating for a two-year approach, but little feedback asking for a one-year threshold period. A few stakeholders also expressed interest in a measurement period longer than two years.

The Bureau acknowledges that a loan-volume threshold based on a two-year period could create some operational complexity for some financial institutions. To be sure that it was not a covered financial institution, a financial institution would need to maintain records sufficient to show total small business originations for both years of the threshold period. The Bureau believes that two years is not a prohibitively long time, although it is possible that infrequent lenders may have smaller staff or fewer resources to reliably track such information for 1071 purposes. The Bureau believes that a two-year threshold period is advisable to eliminate uncertainty surrounding data collection responsibilities. Under this proposal, a financial institution that may not frequently lend to small businesses, but that experiences an unusual and unexpectedly high lending volume in a single year would not be a covered financial institution. As discussed in part VII below, in order to comply with the Bureau's proposed 1071 rule, a financial institution may need to undertake substantial one-time costs that include operational changes, such as staff training, information technology changes, and develop policies and procedures. Therefore, the Bureau believes that it is appropriate to propose a two-year threshold period to provide more stability around reporting responsibilities. Regulations that implement HMDA and the Community Reinvestment Act provide similar periods to determine coverage.

The Bureau notes that employing a two-year approach would delay reporting for new, potentially active entrants. For example, under this proposal a large lender that enters the market and originates hundreds or even thousands of small business loans in its first two calendar years of lending would not report its covered applications. That is, under the Bureau's proposal, this financial institution would not be required to collect and report 1071 data on its covered applications for small businesses in those first two years, although the institution could choose to voluntarily collect and report data. The Bureau has concerns, however, about triggering data collection and reporting requirement based on lenders' estimates of their projected future volume.

The proposed two-year threshold period may pose other considerations for financial institutions that conduct small business lending activity near the proposed 25 small business originations threshold. See the section-by-section analysis of proposed § 1002.5(a)(4) above for a discussion of proposed § 1002.5(a)(4)(viii), which would allow a financial institution to collect ethnicity, race, and sex information pursuant to proposed subpart B for a covered application under certain circumstances during the second year of the threshold period. See the section-by-section analysis of proposed § 1002.114(c) below for discussion of additional flexibility that the Bureau is proposing regarding measuring lending activity prior to the rule's compliance date.

The Bureau is proposing to set the activity-based threshold based on small business originations, rather than applications. The statutory language of 1071 generally applies to applications; however, the Bureau believes that using small business originations for purposes of defining a covered financial institution is the better approach. The Bureau expects that financial institutions track their small business application volumes in various ways, but whether an origination resulted is a clear and readily identifiable metric. The Bureau is concerned that attempting to use an exemption metric based on applications would impose new obligations on financial institutions solely for purposes of determining whether or not they are subject to this rule. As discussed above, the Bureau believes that proposing an activity-based threshold that employs data already generally collected by financial institutions could mitigate the risk that section 1071, when implemented, would result in reduced access to credit. In addition, even those financial institutions that track total applications now may not do so in a way that fully aligns with how the Bureau is proposing to define covered applications for purposes of proposed subpart B. Using originations is also consistent with the Bureau's Regulation C. In addition, the Bureau received limited feedback advocating for the use of applications to set the activity-based threshold.

Proposed comment 105(b)-1 would clarify the meaning of a preceding calendar year for purposes of the proposed activity-based exemption. See the section-by-section analysis of proposed § 1002.114(c)(2) below for additional discussion regarding measuring lending activity prior to the rule's compliance date. Proposed comment 105(b)-2 would emphasize that a financial institution qualifies as a covered financial institution based on total covered credit transactions originated for small businesses, rather than covered applications received from small businesses. Proposed comment 105(b)-3 would explain that whether a financial institution is a covered financial institution depends on its particular small business lending activity in the two preceding calendar years, and that the obligations of a covered financial institution is an annual consideration for each year that data may be compiled and maintained under proposed § 1002.107(a).

The Bureau is proposing to clarify in § 1002.105(b) that for purposes of defining a covered financial institution, if more than one financial institution was involved in the origination of a covered credit transaction, only the financial institution that made the final credit decision approving the application shall count the origination. The Bureau believes that providing this clarifying language would assist financial institutions in understanding which transactions count towards the loan-volume threshold. This approach is consistent with the Bureau's proposed § 1002.109(a)(3).

Proposed comments 105(b)-4 and -5 would explain when a financial institution is a covered financial institution following a merger or acquisition. These proposed comments are largely consistent with the Bureau's approach to reporting obligations surrounding a merger under Regulation C, with modifications to reflect the nature of the small business lending market and to provide additional clarifications.

Proposed comment 105(b)-6 would clarify that Regulation B (including proposed subpart B) generally does not apply to lending activities that occur outside the United States.

Finally, proposed comment 105(b)-7 would address financial institutions that do not qualify as covered financial institutions but may nonetheless wish to voluntarily collect and report small business lending data. This proposed comment would reiterate that proposed § 1002.5(a)(4)(vii) through (ix) permits a creditor that is not a covered financial institution under proposed § 1002.105(b) to voluntarily collect and report information regarding covered applications in certain circumstances. If a creditor is voluntarily collecting applicants' protected demographic information for covered applications, it shall do so in compliance with proposed §§ 1002.107, 1002.108, 1002.111, 1002.112, and 1002.114 as though it were a covered financial institution. Proposed comment 105(b)-7 would further state that if a creditor is voluntarily reporting those covered applications to the Bureau, it shall do so in compliance with proposed §§ 1002.109 and 1002.110 as though it were a covered financial institution.

The Bureau seeks comment on its proposed definition of a covered financial institution, which uses a loan-volume threshold of 25 covered credit transactions from small businesses. The Bureau continues to consider whether this loan-volume threshold should be changed to a different threshold, such as 50 or 100 originations from small businesses, and seeks feedback and data related to any of these three potential thresholds. In addition, the Bureau seeks comment on whether an activity-based threshold should be based on the total number of small business applications, rather than originations. The Bureau also requests comment on whether additional clarification is needed for this proposed definition.

Alternatives Considered—Size-Based Exemption and Combined Exemptions

The Bureau is not proposing to define a covered financial institution on the basis of the size of the financial institution, as measured by total assets for depository institutions or some other metric. Likewise, the Bureau is not proposing to define a covered financial institution with reference to the financial institution's size in combination with its small business lending activity.

For the reasons discussed above, the Bureau believes that proposing an exemption based on a financial institution's recent small business lending activity would be appropriate to carry out the purposes of section 1071. The Bureau believes that in comparison to a size-based exemption, an activity-based exemption is a more compelling basis for exempting certain financial institutions from coverage in light of section 1071's community development purpose. As previously stated, the Bureau is concerned that certain financial institutions might reduce or cease their small business lending activity because of the fixed costs of coming into compliance with this rule, and that a reduction in access to credit would run contrary to the community development purpose of section 1071. However, the Bureau is persuaded that small business lending activity holds a more direct relationship to a given financial institution's role in the small business lending market than a more general measurement of the financial institution's size as measured in total assets. Using a size-based metric would present a much rougher proxy for the risk that a financial institution may reduce or eliminate its small business lending activities as a result of the one-time costs of coming into compliance with this rule.

The Bureau also believes that proposing an activity-based exemption is a superior approach to proposing a size-based exemption because an exemption based on asset size would apply only to depository institutions. The Bureau is unaware of a similar size metric for nondepository institutions, and SERs and other stakeholders who provided feedback on the SBREFA Outline were not able to offer one. A size-based exemption approach might therefore risk distorting the collected data and create an uneven playing field. As noted above, other stakeholders explained that because there was no readily available equivalent size-based measurement for nondepository institutions, including an asset-based exemption might risk presenting a cost disadvantage for other small financial institutions. Moreover, exempting proportionately more depository institutions than nondepository institutions may present demographic data collection concerns. A recent small business credit survey revealed racial disparities in applications under the SBA's Paycheck Protection Program: the data showed white-owned firms were most likely to apply for a loan through a small bank (defined as under $10 billion in assets), while Black-owned firms were three times as likely as white-owned firms to apply for a loan through an online lender. The Bureau is concerned that collecting data under different standards for depository institutions versus nondepository institutions would run contrary to the purposes of section 1071 and undermine the utility of the data, as well as the purposes of the Bureau, which are, in part, “to implement and, where applicable, enforce . . . consistently” Federal laws including ECOA.

The Bureau also considered whether proposing a size-based exemption, on the basis of total assets for depository institutions, would be appropriate in combination with the above-discussed activity-based exemption. The Bureau is not persuaded that proposing such an additional exemption would be necessary or appropriate to carry out the purposes of section 1071. In particular, the Bureau considered two types of depository institutions that might be exempt by virtue of a size-based exemption:

• An Active Small Depository Institution (ASDI), meaning any depository institution smaller than a particular asset size that lends at or above a given activity-based threshold, and
• An Inactive Small Depository Institution (ISDI), meaning any depository institution smaller than a particular asset size that lends below a given activity-based threshold.

In examining the case for ASDIs and ISDIs, the Bureau believes that an additional, asset-based exemption may provide a slightly less costly means of ascertaining exemption status for a small number of ISDIs, but such an exemption would eliminate small business lending data from a moderate share of ASDIs that would otherwise provide valuable data in fulfilling both of section 1071's purposes.

Using the same data that were compiled for the activity-based exemption analysis, the Bureau estimates that under its proposed 25 originations threshold approximately 6,300 to 6,500 depository institutions would not be covered financial institutions, and therefore would be exempt from collection and reporting. The Bureau further estimates that proposing an asset-based exemption of $200 million would result in approximately 1,300 to 1,500 additional depository institutions not reporting (all of which, by definition, are ASDIs), while 5,200 to 5,400 depository institutions would already have been exempt, but have a somewhat lower-cost method of ascertaining this information ( e.g., ISDIs).

Table 2 below indicates the estimated number of ASDIs that would report under various loan-volume thresholds, by asset size. As shown in Table 2, if the Bureau proposed an asset-based exemption of $100 million in addition to the proposed activity-based exemption of 25 originated covered credit transactions for small businesses, 500 to 592 more depository institutions would not be covered financial institutions, although these institutions originated more than 25 covered credit transactions for small businesses in each of the previous two years. Likewise, if the Bureau proposed an asset-based exemption of $200 million in addition to the proposed 25-originations activity-based exemption, 1,299 to 1,466 more depository institutions would not be covered financial institutions, although these institutions originated more than 25 covered credit transactions for small businesses in each of the previous two years.

Of the estimated 5,200 to 5,400 ISDIs, as defined by a 25 originations threshold and $200 million asset threshold, about 4,200 are credit unions and about 1,000 or 1,200 are banks. Furthermore, the vast majority of these ISDI credit unions (88 percent) had either no small business originations in 2017 and 2018 or fewer than 10 small business originations in 2017 and 2018 (97 percent). The Bureau believes that it is likely that these institutions would be able to determine that they do not meet a loan-volume threshold almost as easily as they can determine that they do not meet an asset-based threshold. Only 34 credit unions with assets below $200 million had between 10 and 25 small business originations in both 2017 and 2018. The Bureau estimates that as many as 1,200 banks and 34 credit unions would benefit from a simpler method of determining exemption status. However, as stated above, the Bureau believes that such cost savings likely would still be minimal.

The Bureau therefore believes that providing an additional, asset-based exemption might provide a somewhat less costly means of ascertaining exemption status for some ISDIs, although this number may be relatively modest. However, the tradeoff of providing a simpler exemption for some depository institutions is that a $200 million asset-based exemption would increase the overall percent of exempt depository institutions by some 13 percentage points by also extending to ASDIs. The Bureau estimates that these ASDIs accounted for between 171,000 and 226,000 originations in 2019, or about 2 percent of total covered originations under the 25 originations threshold. Exempting additional depository institutions by adding an asset-based exemption would curtail both the volume of and possible variety of data, and the Bureau is concerned that exempting ASDIs would detract from the utility of 1071 data in carrying out the purposes of section 1071 by removing important data from disclosure and review.

The Bureau also considered feedback from SERs and other stakeholders who suggested that the Bureau exempt lenders other than “large” financial institutions, such as depository institutions with more than $1 billion in assets, and then potentially extend the rule to smaller lenders at a later time. These SERs and stakeholders argued that this approach would capture the vast majority of small business loans while avoiding imposing undue regulatory burden on smaller lenders, who might be less capable of absorbing such costs. However, the Bureau is not currently persuaded that capturing lending data only from large financial institutions would be necessary or appropriate to carry out section 1071's statutory purposes.

Supporters of collecting data only from large depository institutions argue that such depository institutions may be more capable of absorbing compliance costs. However, the Bureau is concerned that data collection from only large depository institutions may not provide adequate data for community development purposes, as there may be demographic disparities among applications by the type (and size) of financial institution. Likewise, data collection from only large depository institutions would not allow the Bureau to conduct fair lending analyses for other types of financial institutions. In general, the Bureau believes that appropriately carrying out the purposes of section 1071 necessitates collecting small business lending data from all sizes and types of financial institutions (other than those with the lowest volume of lending activity), particularly given the variety of entities identified in section 704B(h)(1), discussed above. See the section-by-section analysis of proposed § 1002.114 below, however, for further discussion of a possible tiered compliance date based on the size of the financial institution.

Therefore, for the reasons described above, Bureau is not proposing an asset-based exemption to the definition of a covered financial institution.

Alternative Considered—Other Exemptions

The Bureau is not proposing to adopt alternative exemptions or exceptions to the definition of covered financial institution, other than the loan-volume threshold as described above.

As discussed above, the Bureau believes that, in light of the text and purposes of section 1071, the Bureau should generally adopt the posture that all manner of small business lenders should be subject to reporting. Feedback from SERs and others generally did not provide compelling policy reasons or legal arguments for exempting entire classes of financial institutions. Moreover, the Bureau believes that most policy arguments that were raised in this context are better addressed through potential activity-based considerations.

With respect to government lenders, the Bureau has not identified, nor did SERs or other stakeholders provide, policy or legal rationales for excluding government lenders from data collection. To the contrary, a few SERs, particularly CDFIs, strongly preferred that all lenders, including government entities, be subject to section 1071 data collection and reporting requirements; one stakeholder likewise urged the Bureau not to exempt government lenders. The Bureau believes that collecting information on small business lending by government entities furthers the purposes of section 1071. Moreover, the Bureau believes, as described above in the discussion of proposed comment 105(a)-1, that government entities are included within the phrase “other entity” in the ECOA section 704B(h)(1) definition of “financial institution.” For example, the Bureau believes that it will be helpful to identify the business and community development needs of women-owned, minority-owned, and small businesses by collecting lending data from both an online lender and a county-run assistance program for establishing new businesses.

For the same reasons, the Bureau does not believe that exempting not-for-profit lenders from data collection is consistent with the purposes of section 1071. The Bureau believes that organizations exempt from taxation pursuant to 26 U.S.C. 501(c) play a crucial role in lending to small businesses, particularly those that are women- or minority-owned, in certain communities.

Those providing feedback generally argued for categorical exemptions because, they said, certain financial institutions (1) would encounter difficulty absorbing compliance costs; (2) are integral to a community's lending needs; and/or (3) employ business methods or offer products not conducive to data collection and reporting. With respect to compliance costs, the Bureau believes that directly considering a financial institution's activity is a more appropriate way to address this concern. With respect to a financial institution's lending importance for a community or region (such as low income or rural), the Bureau believes that such arguments emphasize the importance of collecting and analyzing such data to further the purposes of section 1071 rather than justify an exemption. Finally, with respect to considering the particularities of certain business models, the Bureau is persuaded that it can most appropriately address such concerns by considering potentially modified reporting rules for particular business models and specific products. See the section-by-section analyses of proposed §§ 1002.104(b) and 1002.109(a)(3). The Bureau is proposing comment 105(a)-1, discussed above, consistent with the considerations discussed here.

Therefore, for the reasons described above, the Bureau is not proposing to define a covered financial institution by providing alternative exemptions or exceptions. The Bureau seeks comment on this approach, including data or information that might bear upon any such alternative exemptions in light of section 1071's purposes.

Section 1002.106 Business and Small Business

ECOA section 704B(h)(2) defines the term “small business” as having the same meaning as “small business concern” in section 3 of the Small Business Act. The Bureau is proposing to define a small business consistent with the statutory language. In particular, the Bureau is proposing to define a small business concern to have the same meaning as the term “small business concern” in 15 U.S.C. 632(a), as implemented by 13 CFR 121.101 through 121.107. Notwithstanding the size standards set forth in 13 CFR 121.201, for purposes of proposed subpart B, the Bureau is proposing that a business is a small business if and only if its gross annual revenue for its preceding fiscal year is $5 million or less. The Bureau is seeking SBA approval for this alternate small business size standard pursuant to the Small Business Act.

The Bureau believes it may be instructive for financial institutions to first consider whether an applicant may be a business under proposed § 1002.106(a), and then to consider, if the applicant is a business, whether the business is small under § 1002.106(b). Furthermore, the Bureau believes that these proposed definitions implement the statutory language of section 1071 while reflecting the need for a wide variety of financial institutions to apply a simple, broad definition of a small business that would be practical across the many product types, application types, technology platforms, and applicants in the market.

For the reasons set forth below, the Bureau is proposing § 1002.106 to implement ECOA section 704B(h)(2) and pursuant to its authority under ECOA section 704B(g)(1) to prescribe such rules and issue such guidance as may be necessary to carry out, enforce, and compile data under section 1071.

106(a) Business

Background

ECOA section 704B(h)(2) defines the term “small business” as having the same meaning as “small business concern” in section 3 of the Small Business Act. The Small Business Act provides a general definition of a “small business concern,” authorizes SBA to establish detailed size standards for use by all agencies, and permits an agency to request SBA approval for a size standard specific to an agency's program. The SBA's regulations define a “business concern” as “a business entity organized for profit, with a place of business located in the United States, and which operates primarily within the United States or which makes a significant contribution to the U.S. economy through payment of taxes or use of American products, materials or labor.”

SBREFA Proposals Under Consideration and Feedback Received

In the SBREFA Outline, the Bureau stated it was considering proposing to define “small business” by cross-referencing the SBA's general definition of “small business concern” but adopting a simplified size standard for purposes of its section 1071 rule. Thus, the Bureau explained that it was considering a proposal under which financial institutions would not be required to collect and report 1071 data for not-for-profit applicants, because they are not “organized for profit” and are thus not a “business concern.” The Bureau explained that a business concern may take a number of different legal forms, including a sole proprietorship, partnership, LLC, corporation, joint venture, trust, or cooperative. The Bureau explained that, because the definition is limited to American businesses, if the Bureau adopted this definition for purposes of 1071, loans to foreign companies would be outside the scope of 1071 data collection and reporting requirements.

Feedback from stakeholders regarding the proposal under consideration focused primarily on how the Bureau might define a business size standard, addressed below. The Bureau did receive limited feedback, however, suggesting that the Bureau consider certain modifications or adjustments to the definition of a business concern, such as clarifying that the term does not include foreign-owned entities, certain trusts, and certain real estate holding companies.

Proposed Rule

Proposed § 1002.106(a) would define a business as having the same meaning as the term “business concern or concern” in 13 CFR 121.105. This proposed definition is consistent with ECOA section 704B(h)(2), which defines the term “small business” as having the same meaning as “small business concern” in section 3 of the Small Business Act. The SBA has issued 13 CFR 121.105, “How does SBA define `business concern or concern,'” pursuant to the Small Business Act. The Bureau refers to the entirety of that section for additional information. In particular, the Bureau notes that this definition includes elements such as being “a business entity organized for profit” that has “a place of business located in the United States” and “operates primarily within the United States or . . . makes a significant contribution to the U.S. economy.”

The Bureau is not providing interpretations of this SBA regulation in proposed subpart B because the Bureau believes that existing SBA interpretations are responsive to the general questions posed at SBREFA.

The Bureau seeks comment on this proposed definition of a business, and generally seeks comment on whether additional clarification is needed.

106(b) Small Business

Background

Section 1071 data collection purposes, requirements, and potential impacts. A key component of the Bureau's fair lending work under the Dodd-Frank Act is to ensure fair, equitable, and nondiscriminatory access to credit for both individuals and their communities. Section 1071 of the Dodd-Frank Act, which amended ECOA, requires financial institutions to collect and report to the Bureau data regarding applications for credit for women-owned, minority-owned, and small businesses. ECOA section 704B(h)(2) states that “[t]he term `small business' has the same meaning as the term `small business concern' in section 3 of the Small Business Act (15 U.S.C. 632).” Section 1071 was adopted for the dual statutory purposes of facilitating fair lending enforcement and enabling communities, governmental entities, and creditors to identify business and community development needs and opportunities of women-owned, minority-owned, and small businesses.

As set forth in section 1071, the data that financial institutions would be required to collect and report to the Bureau include, among other things, the gross annual revenue of the business in the preceding fiscal year, the type and purpose of the loan, the census tract for the applicant's principal place of business, and the race, sex, and ethnicity of the principal owners of the business. ECOA section 704B(f)(2)(C) further provides that information compiled and maintained under the statute shall be “annually made available to the public generally by the Bureau, in such form and in such manner as is determined by the Bureau, by regulation.” The Bureau believes that the collection and subsequent publication of robust and granular data pursuant to section 1071 regarding credit applications for small businesses, including those that are women- and minority-owned, will provide much-needed transparency to an otherwise opaque market and better ensure fair, equitable, and nondiscriminatory access to credit.

The Bureau understands that access to fair, equitable, and nondiscriminatory credit is crucial to the success of small businesses. Small businesses—including women-owned and minority-owned small businesses—need access to credit to smooth out business cash flows and to enable entrepreneurial investments that take advantage of, and sustain, opportunities for growth. The market these businesses turn to for credit is vast, varied, and complex. Overall, small businesses have many options when it comes to financing, including a wide range of products and providers. Yet market-wide data on credit to small businesses remains very limited, particularly with respect to applicants' protected demographic information at the core of section 1071. The Bureau believes that a section 1071 rulemaking would provide data that could serve as a significant resource for financial institutions, community groups, policy makers, and small businesses.

SBA size standards. The Small Business Act permits the Small Business Administrator to prescribe detailed size standards by which a business concern may be categorized as a small business, which may be based on the number of employees, dollar volume of business, net worth, net income, a combination of these, or other appropriate factors.

As implemented by the SBA, these size standards generally hinge on average annual receipts or the average number of employees of the business concern and are customized industry-by-industry across 1,057 6-digit NAICS codes. Specifically, the SBA typically uses two primary measures of business size for size standards purposes: (i) Average annual gross receipts for businesses in services, retail trade, agricultural, and construction industries, and (ii) average number of employees for businesses in all manufacturing, most mining and utilities industries, and some transportation, information and research and development industries. To measure business size, the SBA also uses financial assets for certain financial industries, and for the petroleum refining industry, it uses refining capacity and employees. The SBA's size standards are used to establish eligibility for a variety of Federal small business assistance programs, including for Federal government contracting and business development programs designed to assist small businesses in obtaining Federal contracts and for SBA's loan guarantee programs, which provide access to capital for small businesses that are unable to qualify for and receive conventional loans elsewhere. Under the Small Business Jobs Act of 2010 (Small Business Act), the SBA is required to review all size standards no less frequently than once every five years. The Small Business Act further provides that no Federal agency may prescribe a size standard for categorizing a business concern as a small business concern unless certain conditions are met, including approval by the SBA's Administrator.

The SBA's rule governing its consideration of other agencies' requests for approval of alternate size standards requires that the agency seeking to adopt an alternate size standard consult in writing with the SBA's Division Chief for the Office of Size Standards in advance of issuing an NPRM containing the proposed alternate size standard. The Bureau has met this requirement. After issuing an NPRM, the agency must provide a copy of the published NPRM to the Division Chief for the Office of Size Standards, and the agency cannot adopt a final rule including its alternate size standard until the size standard has been approved by the SBA's Administrator.

Market considerations. A wide variety of financial institutions, with varying levels of sophistication and experience, extend credit to small businesses. As proposed, section 1071 applies to abroad range of financial institutions. Banks and credit unions that serve a breadth of customers typically organize their commercial lending operations into segments based on a combination of risk, underwriting, product offering, and customer management factors that are appropriate to each segment. The three most frequent organizational groupings are retail/small business, middle market, and large corporate banking. Commercial customers are generally assigned based on their revenue potential and aggregate credit exposure, with smaller accounts assigned to the retail/small business banking area. The overwhelming preponderance of small businesses are generally found in the retail/small business banking group, which may also conduct consumer banking.

Today, the distinguishing characteristic that many larger financial institutions (principally banks with $10 billion or more in assets) use to assign small businesses into the retail/small business banking group is gross annual revenue. While cut-offs vary by financial institution, the most common demarcations categorize small/retail customers as those below $5 million, or up to $10 million, in gross annual revenue. The maximum amount of a retail/small business banking term loan or credit line is typically $5 million or less.

Financial institutions that do not conduct SBA lending generally do not collect or consider the number of employees of a small business applying for credit, but they often capture gross annual revenue information, including for regulatory compliance purposes. Specifically, retail/small business lenders routinely collect applicants' gross annual revenue information because notification requirements under existing Regulation B vary for business credit applicants depending on whether or not they “had gross revenues of $1 million or less in [their] preceding fiscal year.” For a business applicant with gross annual revenues of $1 million or less, a creditor must provide a notification following an adverse action, such as a credit denial, that is generally similar to that provided to a consumer in both substance and timing. As a result, small business lenders often adopt compliance management systems similar to those found among consumer lenders.

The Bureau believes it is important for a financial institution to be able to quickly determine at the beginning of the application process whether an applicant is a “small business” for purposes of the 1071 rule. Financial institutions generally cannot inquire about an applicant's protected demographic information (including the race, sex, and ethnicity of an applicant's principal owners) without being legally required to do so. As discussed in the Overview of this part V, this proposal will only require (and thus only permit) such inquiries for small businesses. While the Bureau is proposing to allow financial institutions flexibility in when they seek this protected demographic information, the Bureau believes that financial institutions generally have the best chance of obtaining it, and supporting the purposes of section 1071, if they ask for it in the earlier stages of the application process. As a result, a financial institution may need to know, even before the application is initiated, which application path the applicant must follow—a 1071-governed or a non-1071-governed application path.

Early feedback. From very early on in its discussions with stakeholders regarding section 1071, the Bureau has received feedback focused primarily on how the Bureau might define a business size standard. For example, in response to the Bureau's 2017 RFI, many stakeholders expressed concern about the difficulties in determining the appropriate NAICS code for businesses and in applying the NAICS-based standards in determining whether a business loan applicant is a small business. Commenters who addressed the issue of a small business definition were universally in favor of the Bureau adopting something less complex than the SBA's size standards based on 6-digit NAICS codes. Commenters noted that the use of these standards is relatively complex and would introduce burdens for the 1071 rule with limited benefit. There was broad support in this particular context for a simpler definition of small business, particularly echoing the 2017 RFI's mention of gross annual revenue as a threshold delineation defining a small business. In addition to revenue, number of employees, loan amount, total exposure of the business, or some combination of those factors were also mentioned as possible bases for alternate size standards. While community groups supported a simpler definition, some cautioned that whatever definition the Bureau chooses must cover most small businesses in order to comport with congressional intent.

SBREFA Proposals Under Consideration and Feedback Received

In the SBREFA Outline, the Bureau stated that it believed that using a simpler, more straightforward approach to the size standard aspect of the “small business” definition was a better approach for purposes of its 1071 rule. The Bureau further stated that such an approach would assist both financial institutions and applicants seeking to quickly understand whether a business is “small” and to employ a workable size standard for small business data collection without navigating the potential complexities of determining the appropriate 6-digit NAICS code, and then the relevant size standard based on that NAICS code, for each applicant.

The Bureau stated in the SBREFA Outline that it was considering three alternative approaches to determining whether an applicant business is small. These three approaches, described in more detail below, would have used: (1) Only gross annual revenue (“SBREFA First Alternative Approach”); (2) either the number of employees or average annual receipts/gross annual revenue, depending on whether the business is engaged in either manufacturing/wholesale or services (“SBREFA Second Alternative Approach”); or (3) size standards across 13 industry groups that correspond to 2-digit NAICS code industry groupings (“SBREFA Third Alternative Approach”).

Under the SBREFA First Alternative Approach, the Bureau considered proposing a size standard using the gross annual revenue of the applicant business in the prior year, with a potential “small” threshold of $1 million or $5 million.

Under the SBREFA Second Alternative Approach, the Bureau considered proposing a size standard of a maximum of 500 employees for manufacturing and wholesale industries and a maximum of $8 million in gross annual revenue for all other industries. The Bureau selected 500 employees as a potential threshold for manufacturing and wholesale industries because that figure is the most common of the SBA's employee-based size standards. The Bureau selected $8 million for all other industries because that figure is the most common size standard threshold for average annual receipts. The Bureau stated that it was considering using gross annual revenue, rather than the SBA's average annual receipts, for consistency with the 1071 statutorily required gross annual revenue data point.

Under the SBREFA Third Alternative Approach, the Bureau considered proposing a size standard using gross annual revenue or the number of employees based on a size standard in each of 13 2-digit NAICS code categories that applies to the largest number of firms within each 2-digit NAICS code category. Applying the SBA's 2019 size standards, the third alternative would result in eight different size standards across the 13 categories.

The Bureau stated it was not planning to propose requiring that financial institutions verify information provided by applicants necessary for determining whether an applicant is small, regardless of the Bureau's approach to a small business size standard. Rather, the Bureau was considering proposing that a financial institution would generally report the information as provided by the applicant. However, if the financial institution verifies such information for its own purposes, it would report the verified information to the Bureau.

SERs generally preferred a simple small business definition and expressed concern that the SBA's approach to defining a small business—which bases classification on an applicant's 6-digit NAICS code—is relatively complex. The Bureau discusses the concerns with respect to the potential complexity of gathering NAICS codes in the section-by-section analysis of proposed § 1002.107(a)(15) below, and the Bureau discusses the concerns with respect to the potential complexity using NAICS codes to determine small business status below.

Nearly all SERs expressed some familiarity with the SBA's small business definition. More than half the SERs currently gather an applicant's NAICS code as a routine part of the application process, because NAICS codes are used for SBA loans and for CDFI Fund reporting. One SER also uses this information for tracking the concentration of its loans across certain industries. Some SERs gather NAICS codes from applicants' tax documents or business credit reports and others rely on information provided directly by the applicants; these SERs emphasized the importance of permitting reliance on applicant self-reported data.

One SER remarked that it would be critical for the purposes of section 1071 to have sectoral industry information about applicants in some form, such as NAICS codes, in order to ensure meaningful data. The Bureau discusses the independent value of NAICS codes, and related comments from SERs regarding certain difficulties and challenges surrounding collecting NAICS codes from applicants, in the section-by-section analysis of proposed § 1002.107(a)(15) below. Another SER expressly opposed using NAICS codes to determine whether an applicant is a small business for purposes of section 1071. A few SERs stated that they did not think it would be particularly costly to collect NAICS codes for all of their small business loans, and one SER described the SBA's classification approach as precise and not very burdensome.

Some SERs supported the SBREFA First Alternative Approach for defining a small business, which would use an applicant's gross annual revenue with a potential “small” threshold of $1 million or $5 million. Several SERs were supportive of this simple approach but thought the potential threshold should be higher. For most SERs, nearly all their small business customers had less than $5 million in gross annual revenue; most are under $1 million. Several SERs remarked that a $1 million gross annual revenue threshold would be too low, noting that it would exclude many businesses defined by SBA regulations as “small”; some of these SERs said that a $5 million gross annual revenue threshold would be acceptable. Some SERs advocated for higher revenue thresholds, such as $8 million or $10 million. One SER cautioned that a small business definition based only on gross annual revenue would not account for regional variations in business size. One SER specifically suggested that the Bureau align its small business definition with the $1 million standard used by certain supervisory agencies for CRA reporting (which requires the reporting of loans in original amounts of $1 million or less to businesses and, if known, identification of whether the business's gross annual revenue is $1 million or less). However, this SER also supported other versions of the SBREFA First Alternative Approach and SBREFA Second Alternative Approach if the Bureau did not adopt the CRA approach. Relatedly, there were some concerns about capturing revenue information from small businesses. Some SERs do not collect these data now, or do not do so across all lending products. SERs also expressed a concern that some applicants likely would not know their gross annual revenue as a precise dollar amount. See the section-by-section analysis of proposed § 1002.107(a)(14) below for a discussion of the gross annual revenue data point.

Some SERs supported the Bureau's SBREFA Second Alternative Approach, which would distinguish between applicants in manufacturing and wholesale industries (500 employees) and all other industries ($8 million in gross annual revenue). These SERs stated that while this approach was still relatively simple, it would nonetheless capture most relevant data. One SER noted a discrepancy between the thresholds, stating that a manufacturer with 500 employees would be much larger than a business with $8 million in gross annual revenue. Some SERs expressed concerns about how to collect data on the number of employees, particularly regarding how part-time and seasonal employees, and contractors, would be counted. One SER suggested that a small business be defined as having less than $10 million in annual revenue and 50 or fewer employees. Another SER emphasized the importance of including collection and reporting requirements for applicants with very few or no employees on payroll, stating that most minority-owned and women-owned small businesses have no employees. One SER opposed the SBREFA Second Alternative Approach, stating that it would be too complex and potentially confusing.

One SER also supported the SBREFA Third Alternative Approach as closest to the SBA approach, stating that it reflects the SBA's substantially different definitions of a small business across different industries. This SER stated that the SBREFA First and Second Alternative Approaches would exclude many SBA-qualified small businesses. Other SERs also stated that this 2-digit NAICS code alternative was significantly less complex and prone to less human error than the SBA definition using 6-digit NAICS codes. On the other hand, one SER stated that the SBREFA Third Alternative Approach would be the most costly and difficult to implement compared to the other two alternatives under consideration.

The SBREFA Panel recommended that the Bureau seek to adopt a definition of “small business” that is easy for small business applicants to understand and straightforward for financial institutions to implement, while still collecting comprehensive data regarding lending to small businesses. The SBREFA Panel also recommended that the Bureau continue to explore how information that small financial institutions may or may not currently collect from small business applicants (specifically, gross annual revenue, number of employees, and NAICS code) might inform the potential selection of an alternative for a “small business” size standard. The SBREFA Panel also recommended that the Bureau continue to explore ways to minimize burden on both the small financial institutions collecting NAICS code information as well as the small business applicants who need to provide it, for example the possibility of collecting the 2-digit NAICS code rather than the 6-digit code.

Feedback on the SBREFA materials from stakeholders other than SERs showed broad support for the Bureau pursuing a simplified version of the SBA small business definition, focusing chiefly on the size standard. A diverse array of stakeholders requested that the Bureau provide a simplified small business definition, including a wide variety of lenders, trade associations, and community groups. However, at least one commenter explicitly urged the Bureau to adopt the SBA definition. Reasons for supporting a simpler definition included that it might lower compliance costs (and therefore, the commenters noted, the cost of credit), it would obviate the need for financial institutions to understand or track the SBA size standards, and a more complex definition might impact data consistency or quality (either because financial institutions might incorrectly report data, or because the data itself might not lend itself to analysis). Several stakeholders voiced concern with respect to the SBA's detailed approach to categorizing the applicant's business, arguing that NAICS codes were developed for procurement, contained too many categories, and were not familiar to many financial institutions and applicants.

Stakeholders offered varying levels of support for the Bureau's proffered size standard alternatives, although in general there was more support for a standard using only gross annual revenue. Many stakeholders, including a variety of trade associations, supported the SBREFA First Alternative Approach; a few explicitly opposed it. Those voicing support generally preferred the simplicity of the approach; some stakeholders noted that a definition using gross annual revenue aligned with how lenders typically consider an applicant's size for other purposes. Stakeholders suggested that the Bureau select a specific revenue limit for small businesses including $500,000, $1 million, $5 million, and $8 million. Some stakeholders expressing support for a $8 million revenue limit noted that it would better capture small businesses in wholesale and manufacturing, while allowing the Bureau to adopt a single, uniform standard. Stakeholders opposing the SBREFA First Alternative Approach generally expressed concern with using gross annual revenue, either citing concerns about its accuracy or because they said a uniform gross annual revenue standard would not account for regional variation among businesses or reflect the SBA's general approach to distinguishing businesses by industry. One stakeholder generally expressed concern that the SBREFA First Alternative Approach might exclude too many small business applicants from the 1071 rule.

Several stakeholders, mostly community groups, supported the SBREFA Second Alternative Approach; several comments from industry opposed the approach. Those in support of the SBREFA Second Alternative Approach characterized it as providing a balance between simplicity and providing results more closely aligned with the more comprehensive SBA approach, which distinguishes businesses by industry. Some stakeholders expressed concern with respect to distinguishing the nature of the applicant's business ( e.g., whether it was engaged in manufacturing or wholesale), and others thought that there may be difficulties accurately measuring the number of employees.

A few stakeholders supported the SBREFA Third Alternative Approach, while several explicitly opposed it. Supporters of the SBREFA Third Alternative Approach praised how closely the alternative aligned with the SBA's definition, while those in opposition criticized it as overly complex. In particular, those opposing this approach were concerned that it would still require financial institutions to have a close working knowledge of NAICS codes.

A few stakeholders advocated that the Bureau consider adopting a small business definition that incorporated loan size. Some of these stakeholders suggested that the Bureau consider aligning this definition with standards in the CRA. One stakeholder suggested that the Bureau define a small business as one with gross annual revenue of $1 million where the business has requested a loan of $1 million or less.

Proposed Rule

Proposed § 1002.106(b) would define a small business as having the same meaning as the term “small business concern” in 15 U.S.C. 632(a), as implemented in 13 CFR 121.101 through 121.107. The Bureau believes that adopting existing statutory and regulatory small business definitions, which are widely understood and already the subject of notice and comment, is consistent with the purposes of section 1071 and will facilitate compliance. Proposed § 1002.106(b) would further state that, notwithstanding the size standards set forth in 13 CFR 121.201, for purposes of proposed subpart B, a business is a small business if and only if its gross annual revenue, as defined in proposed § 1002.107(a)(14), for its preceding fiscal year is $5 million or less. This proposed definition largely adopts the SBREFA First Alternative Approach with a threshold of $5 million. The Bureau believes this proposed definition implements the statutory language of section 1071 while reflecting a need for financial institutions to apply a simple, broad definition of a small business. The Bureau is seeking SBA approval for this alternate small business size standard pursuant to the Small Business Act.

Proposed comments 106(b)-1 and 106(b)-2 would clarify the obligations of covered financial institutions when new information may arise that could change the determination of whether an applicant is a small business, which in turn gives rise to requirements under proposed subpart B and/or prohibitions under existing Regulation B. The Bureau acknowledges that a financial institution's understanding of an applicant's gross annual revenue may change as the institution proceeds through underwriting. Proposed comment 106(b)-1 would explain that if a financial institution initially determines an applicant is a small business as defined in proposed § 1002.106 based on available information and obtains data required by proposed § 1002.107(a)(18) through (20), but the financial institution later concludes that the applicant is not a small business, the financial institution may process and retain the data without violating ECOA or this regulation if it meets the requirements of proposed § 1002.112(c)(3). Proposed comment 106(b)-2 would explain that if a financial institution initially determines that the applicant is not a small business as defined in proposed § 1002.106, but then later concludes the applicant is a small business, the financial institution shall endeavor to compile, maintain, and report the data required under proposed § 1002.107(a) in a manner that is reasonable under the circumstances.

Proposed comment 106(b)-3 would explain that a financial institution may rely on an applicant's representations regarding gross annual revenue (which may or may not include an affiliate's revenue) for purposes of determining small business status under § 1002.106(b).

For the reasons discussed above in the section-by-section analysis of proposed § 1002.106(a), the Bureau is proposing to define a small business as having the same meaning as the term “small business concern” in 15 U.S.C. 632(a), as implemented in 13 CFR 121.101 through 121.107. However, for reasons discussed in detail below, the Bureau is proposing that notwithstanding the size standards set forth in 13 CFR 121.201, for purposes of subpart B, a business is a small business if and only if its gross annual revenue, as defined in proposed § 1002.107(a)(14), for its preceding fiscal year is $5 million or less. Generally, the Bureau believes that adopting this gross annual revenue standard from the SBREFA First Alternative Approach is consistent with the purposes of section 1071 and addresses the concerns that the Bureau has heard with respect to determining whether applicants are small businesses for purposes of complying with section 1071, particularly with respect to the concerns regarding determining the applicant's NAICS code, and the implications thereof. Due to concerns expressed by other stakeholders, which are described above, and upon its own further consideration as discussed in this section-by-section analysis under Alternatives Considered below, the Bureau is not proposing the $1 million gross annual revenue standard from the SBREFA First Alternative Approach.

The Bureau seeks comment on this proposed definition of a small business, including the $5 million gross annual revenue size standard, as well as whether additional clarification is needed for any aspect of this proposed definition. The Bureau also seeks comment on whether another variation of the proposed size standard would better serve the purposes of section 1071, such as a lower revenue size standard or a higher one, potentially at the $8 million or $10 million level. The Bureau also seeks comment on whether, in addition to the above-described gross annual revenue-based size standard, a small business definition that also included any business that was furnished a loan pursuant to an SBA program (regardless of the applicant's gross annual revenue) would further the purposes of 1071.

Similarly, the Bureau seeks comment on whether the SBREFA Second Alternative Approach at $8 million gross annual revenue or 500 employees (depending on the type of business) would align more closely with section 1071's purposes. Likewise, the Bureau seeks comment on whether a variation of the proposed size standard, such as using an applicant's average gross annual revenue averaged over two or five years, would better serve the purposes of section 1071. In addition, the Bureau seeks comment on defining a small business consistent with the entirety of existing SBA regulations, including any advantages or disadvantages that using such a definition might pose specifically in the context of this rulemaking. Specifically, the Bureau seeks comment on how the proposed size standard would fit in with a financial institution's current lending or organization practices. If the financial institution is an SBA lender, the Bureau seeks comment on whether the proposed size standard would introduce additional difficulties or challenges.

In order to keep pace with changes to the SBA's own size standards and the potential impact of future inflation, the Bureau is considering whether it might update its proposed $5 million gross annual revenue size standard over time (perhaps at the end of a calendar year in order to allow financial institutions to use the same threshold consistently throughout the year). The Bureau seeks comment on how this should be done and the frequency at which it should occur.

Alternatives Considered

Gross annual revenue of $1 million. Under the SBREFA First Alternative Approach, the Bureau considered proposing a size standard using the gross annual revenue of the applicant business in the prior year, with a potential “small” threshold of $1 million or $5 million. However, upon further consideration, the Bureau is concerned that the $1 million threshold considered under the SBREFA First Alternative Approach likely would not satisfy the SBA's requirements for an alternative size standard across industries and would exclude too many businesses designated as small under the SBA's size standards.

Loan size. The Bureau considered defining a small business based at least in part on loan size. For example, one SER suggested that the Bureau align its small business definition with the $1 million standard for revenue and loan size used by certain supervisory agencies for CRA reporting. The Bureau also considered that under the FFIEC Call Report collections, banks report small loans made to businesses and farms. Through the Credit Union Call Report, credit unions report commercial loans over $50,000 made to members.

The Bureau believes that such potential definitions do not bear a sufficient relationship to the size of the business or its operations. The above-mentioned Call Report data, for example, is reported regardless of the size of the business. Thus, such Call Reports would capture lending information regarding small loans furnished to businesses that may be dominant in their field. Likewise, under a definition similar to the CRA, application data for businesses with low revenue that may be applying for large loans would be excluded. The Bureau does not believe that adopting such an approach would further the purposes of section 1071. The Bureau also received some stakeholder feedback cautioning against using the CRA definition based on loan size, because such a definition would exclude substantial portions of small business lending.

Existing SBA size standards. As discussed above, the Bureau is seeking approval from the SBA to use a $5 million gross annual revenue alternative size standard in defining a “small business” for purposes of this rulemaking, as the Bureau does not believe the SBA's size standards are suitable for this data collection initiative and prefers to establish a more appropriate small business definition limited to the section 1071 rulemaking.

The Bureau believes that requiring application of existing SBA size standards for the section 1071 rule could result in many financial institutions having to undergo operational and/or compliance management system changes. The Bureau believes that it will reduce burden for financial institutions, particularly those without sophisticated compliance management systems or familiarity with SBA lending, to comply with a gross annual revenue size standard for the section 1071 small business definition that better aligns with current lending practices.

If the Bureau were to adopt a small business definition using the existing SBA size standards that vary by industry based on 6-digit NAICS codes, financial institutions would only be able to request an applicant's protected demographic information further along in the application process, once they have obtained the multiple pieces of data that would be necessary to determine whether the applicant is small and, therefore, the 1071 process applies. The Bureau is concerned that this delay would make it more difficult for financial institutions to collect applicants' protected demographic information that is important to both of section 1071's statutory purposes. The Bureau is particularly concerned about financial institutions' ability to collect these data for applications that are withdrawn or closed for incompleteness early in the application process. These data collection considerations differ from those applicable to SBA lending programs, whereby a lender often cannot (and should not) make an accurate eligibility determination for an SBA loan until later in the application process, often after a loan has already been initially decisioned and after the lender has collected information related to size, time in business, and other data.

In order to allow financial institutions to quickly determine whether the section 1071 rule applies, the Bureau is seeking to minimize complexity for financial institutions in determining whether a covered application is reportable because the applicant business is a small business—a necessary determination for the 1071-based collection of any other information. The Bureau believes that the section 1071 rule would benefit from a universal, easy-to-apply reporting trigger that does not need to be supported by additional documentation or research. Such a reporting trigger must be easily understood by small business owners who may be completing an application online, or by the tens of thousands of customer-facing personnel who take small business applications in an industry with a typical annual turnover rate of 10 to 20 percent. The Bureau believes that a gross annual revenue reporting trigger will facilitate better compliance with 1071 requirements because it aligns with current lending and organizational practices.

The Bureau is concerned that requiring financial institutions to rely on the SBA's existing size standards for purposes of the section 1071 data collection and reporting requirements would pose risks to the efficient operation of small business lending. Based on the overwhelmingly consistent feedback the Bureau has received from stakeholders on this issue, the Bureau believes that using the SBA's existing size standards for the purposes of section 1071—wherein the financial institution must quickly determine the appropriate 6-digit NAICS code for businesses and then apply a variety of standards, including potentially gathering information to determine five years of the applicant's average annual receipts or employee information—would not align with current lending and organizational practices. Application of the existing size standards, at the beginning of the application process, could slow down the application process, particularly at institutions that are often able to render credit decisions in a matter of minutes; the Bureau is concerned that financial institutions may be compelled to raise the cost of credit or originate fewer covered credit transactions as a result. Such an outcome could needlessly affect access to credit for small businesses. Eliminating credit opportunities or reducing access to credit to small businesses, including women-owned and minority-owned small businesses, in this way would conflict with the statutory purpose of section 1071 to “enable communities, governmental entities, and creditors to identify business and community development needs and opportunities of women-owned, minority-owned, and small businesses.”

The Bureau expects that many financial institutions, for efficiency, will bifurcate their business credit application procedures based on an initial determination of whether the application will be subject to section 1071. The Bureau therefore believes that many financial institutions will not proceed with taking applicant information until the financial institution is able to determine that the applicant is small (in which case, section 1071 will require the financial institution to collect and report the applicant's protected demographic information) or that the applicant is not small (where ECOA generally prohibits the financial institution from collecting protected demographic information). If this process requires determining the correct NAICS code for the applicant, and in many cases, requesting five years of average annual receipts or employee information from the applicant, the Bureau believes that businesses seeking access to credit will encounter, at a minimum, otherwise avoidable delays in processing applications.

The Bureau believes that the $5 million gross annual revenue standard it is proposing is a more efficient and appropriate measure of applicant size for purposes of determining whether small business lending data collection is required pursuant to section 1071. The Bureau understands that the SBA generally bases business concern size standards on average annual receipts or the average number of employees of the business concern, as customized industry-by-industry across 1,057 6-digit NAICS codes. The SBA typically uses two primary measures of business size for size standards purposes: (i) Average annual gross receipts for businesses in services, retail trade, agricultural, and construction industries, and (ii) average number of employees for businesses in all manufacturing industries, most mining and utilities industries, and some transportation, information, and research and development industries. The Bureau understands that SBA's size standards are used to establish eligibility for a variety of Federal small business assistance programs, including for Federal government contracting and business development programs designed to assist small businesses in obtaining Federal contracts and for SBA's loan guarantee programs, which provide access to capital for small businesses that are unable to qualify for and receive conventional loans elsewhere. The Bureau notes that the size standard used under section 1071 would only be used to determine whether small business lending data collection is required pursuant to section 1071, and would have no bearing on eligibility for Federal small business assistance. Moreover, the Bureau believes it is far more likely that an applicant will be able to readily respond to a question regarding its gross annual revenue for the preceding fiscal year—something already contemplated by existing Regulation B for all business credit to determine whether notice requirements apply —than offer the closest metric currently in use by SBA regulations, which is generally average annual receipts for the previous five fiscal years. Furthermore, use of this gross annual revenue standard would be efficient, as a financial institution is statutorily required to collect and report gross annual revenue by ECOA section 704B(e)(2)(F).

The Bureau believes that section 1071 differs from other programs that may have been contemplated pursuant to the Small Business Act's provisions pertaining to the establishment of size standards. First and most notably, the rulemaking contemplated by section 1071 is not a “program” in the traditional sense of a procurement or other Federal assistance program; the rule would not confer a direct benefit or advantage to the small business applicant or financial institution in terms of contract, procurement, loan guaranty, or government backed debenture. Rather, financial institutions will be contributing information about credit applications for businesses identified as small under section 1071—information that will be valuable to the Bureau, financial institutions, policymakers, and other stakeholders, including small businesses. Second, unlike other such alternative size standard requests, the Bureau notes that a size standard under section 1071 would apply to businesses across all sectors applying for financing, rather than a particular industry or sector. And third, the Bureau believes that arriving at a simplified size standard is an essential element to this “program,” as more complex approaches may limit opportunities for small businesses by reducing access to credit.

Section 1071 is also unique in that Congress specified that the data collection regime include a particular form of revenue for the businesses at issue. As discussed in the section-by-section analysis of proposed § 1002.107(a)(14) below, section 1071 requires a financial institution to collect “the gross annual revenue of the business in the last fiscal year of the women-owned, minority-owned, or small business loan applicant preceding the date of the application.” The Bureau considered whether under section 1071 a financial institution should have to apply two different revenue-based rules (first, one for determining whether the business is small under the existing SBA size standards and therefore section 1071 data must be collected and reported; and, second, if the business is small, another for reporting the business's gross annual revenue in the last fiscal year), or whether applying only one revenue-based rule for section 1071 could be sufficient. The Bureau believes that requiring financial institutions to apply both would be unnecessarily confusing and burdensome, and would also increase potential for errors in data collection. The Bureau does not believe it is appropriate to use only average annual receipts, given the language of section 1071. Moreover, as discussed below, section 1071 amends ECOA, which already incorporates gross annual revenue as implemented under existing Regulation B.

ECOA section 704B(e)(2)(G) requires a financial institution to collect and report the race, sex, and ethnicity of the principal owners of the business. Existing Regulation B generally prohibits a creditor from inquiring about such protected demographic information in connection with a credit transaction unless otherwise required by Regulation B, ECOA, or other State or Federal law, regulation, order, or agreement. Thus, in order to avoid potential liability under ECOA and existing Regulation B, a financial institution must accurately determine that a business credit application is subject to section 1071 before inquiring about the applicant's protected demographic information. The Bureau does not believe the SBA's existing size standards allow for the quick and accurate determination of small business status required for this 1071 data collection initiative. Specifically, the Bureau does not believe this determination can be quickly and accurately made if, as required under the SBA's existing size standards, the financial institution must determine the appropriate NAICS code for the business and then apply the NAICS-based size standards to determine whether a business loan applicant is a small business.

As discussed above, SERs and other stakeholders have expressed concern to the Bureau about the difficulties in determining the appropriate NAICS code for businesses and in applying the NAICS-based size standards. They generally preferred a simple small business definition and expressed concern that the SBA's approach to defining a small business—which bases classification on an applicant's 6-digit NAICS code—is relatively complex in this context. The Bureau believes that removing a NAICS-based small business determination as a step in determining small business status will both facilitate compliance and better achieve the purposes of section 1071. The Bureau understands that one reason that SERs and others expressed a strong desire for a simple approach to determining whether an applicant is small is that this initial determination may drive the application process. To comply with section 1071 requirements, financial institutions may use a different application process, or different or additional application materials, with applicants for business credit that are small businesses than they do with applicants that are not small businesses. Thus, quickly and accurately determining whether an applicant is a small business at the outset of the application process may be a crucial step, one that financial institutions would benefit from being able to seamlessly accomplish. Considering the requirements and prohibitions in ECOA with respect to protected demographic information, the Bureau understands the import that financial institutions have placed on both the speed and accuracy of this determination.

As discussed in the section-by-section analysis of proposed § 1002.107(a)(15) below, the Bureau believes that NAICS codes possess considerable value for section 1071's fair lending purpose as well as its business and community development purpose beyond being necessary for determining whether an applicant is a small business under the SBA's size standards. The Bureau is therefore proposing that financial institutions be required to collect and report NAICS codes as one of the data fields for applications subject to section 1071. However, the Bureau believes that gathering NAICS code information at some point during the application process, while still the subject of some concern for financial institutions, is a different consideration from requiring NAICS information as a necessary step to beginning an application (and correctly determining which type of application to initiate).

The Bureau also believes that this simplified alternative size standard will provide largely consistent reporting results, as compared to adopting the full SBA size standards. The Bureau used data from the U.S. Census's 2012 Statistics of U.S. Businesses (SUSB) and the U.S. Department of Agriculture's 2012 Census of Agriculture to analyze how each of the Bureau's contemplated alternative approaches would change the number of businesses defined as “small” relative to the SBA definition. If all NAICS classifications and size assessments could be done correctly, applying the SBA's full 6-digit NAICS code-based size standards would result in complete coverage of small businesses as defined by the SBA—all applications by small businesses would be reported (other than those made to financial institutions that qualify for an exemption) and no applications made by non-small businesses would be reported. The Bureau estimates that 270,000 businesses that would be small under the SBA's existing size standards (out of 7.2 million small employer businesses and farms) would not be covered by the Bureau's proposed $5 million gross revenue standard. The Bureau further estimates that the Bureau's proposed rule would cover some 77,000 businesses that would not be small under the SBA size standards. The Bureau believes that such variation with respect to the SBA's current size standards is an appropriate trade-off for the reasons described herein.

The Bureau notes, however, that a $5 million gross annual revenue alternative size standard would affect some industries more than others. That is, applications for small businesses would be reported to the Bureau less from some industries than others. In general, there will be a larger proportion of businesses whose applications would not be reported in industries with a higher revenue-based size standard. The industries most affected by this are the retail trade and construction industries. Other industries that would be disproportionately affected may include manufacturing, wholesale trade, health care and social assistance, and professional, scientific, and technical services. The Bureau received little public feedback with respect to such concerns, although the Bureau seeks comment with respect to any potential effects on particular subsets of applicants that may be disproportionately included or excluded on the basis of a gross annual revenue standard (such as those subject to employee-based size standards), particularly in light of section 1071's purposes.

The Bureau also believes that a simplified size standard will be important for financial institutions that may not frequently engage in small business lending in determining whether they are covered under the 1071 rule. As discussed in the section-by-section analysis of proposed § 1002.105(b), the Bureau is proposing to mandate section 1071 small business lending data collection only from those financial institutions that originated at least 25 covered credit transactions from small businesses in each of the two preceding calendar years. Those financial institutions that do not frequently lend to small businesses will be seeking to track precisely how many covered credit transactions for small businesses they have originated. The Bureau believes that it is important to empower financial institutions to quickly ascertain whether a covered credit transaction was furnished to a small business, such that infrequent lenders can continue to monitor whether section 1071 compliance is required.

Average gross annual revenue. The Bureau considered proposing an approach that would use an average gross annual revenue calculated over an averaging or “lookback” period instead of using the gross annual revenue for the preceding fiscal year. This alternative approach would be similar to the SBA approach of using a five-year annual receipts average. The Bureau understands that the SBA expects the five-year average to: (i) Enable some mid-size businesses currently categorized above their corresponding size standards to gain or regain small business status and thereby qualify for participation in Federal assistance intended for small businesses, and (ii) allow some advanced and larger small businesses close to their size thresholds to lengthen their small business status for a longer period and thereby continue their participation in Federal small business programs. However, because the 1071 rule is not connected to eligibility for participation in any Federal programs for small business loans, grants, procurement, or otherwise, the Bureau believes that allowing financial institutions to consider applicants' gross annual revenue for the preceding fiscal year is sufficient for 1071 purposes. The Bureau also notes that using gross annual revenue for the preceding fiscal year is consistent with the notification requirements of existing Regulation B and the Bureau's approach in proposed § 1002.107(a)(14) regarding the gross annual revenue data point. The Bureau believes that using this measure instead of an average will better align with current lending practices and will simplify determinations regarding 1071 reporting status.

Section 1002.107 Compilation of Reportable Data

107(a) Data Format and Itemization

Background

ECOA section 704B(e) requires financial institutions to “compile and maintain” records of information provided by applicants “pursuant to a request under subsection (b),” and requires them to “itemiz[e]” such information to “clearly and conspicuously disclose” a number of data points; the Bureau refers to these as statutory data points. Section 704B(e)(2)(H) provides the Bureau with authority to require “any additional data that the Bureau determines would aid in fulfilling the purposes of [section 1071]”; the Bureau refers to data points adopted under this authority as discretionary data points. The stated statutory purposes of 1071 are twofold: (1) To facilitate enforcement of fair lending laws; and (2) to enable communities, governmental entities, and creditors to identify business and community development needs and opportunities of women-owned, minority-owned, and small businesses. The Bureau notes that “discretionary” in this context means discretionary for the Bureau to adopt, not discretionary for financial institutions to comply with.

The 1071 data collected and reported by financial institutions would generally be made available to the public unless the Bureau decides to delete or modify certain data to advance a privacy interest. As discussed below in part VI, the Bureau is proposing to use a balancing test to determine what data should be deleted or modified, but does not intend to apply the balancing test until financial institutions have reported at least a full year of 1071 data to the Bureau. The Bureau notes that the utility of 1071 data to particular groups of data users will depend on the specific data collected and the form, manner, and extent to which the Bureau makes such data available to the public.

The users of data from the Bureau's proposed 1071 rule could include the Bureau itself; other Federal agencies including the prudential banking regulators; Congress; State and local governments; community, consumer, and civil rights groups; researchers and academics; financial institutions; small businesses; and small business trade organizations. The comprehensive data that would be collected under the Bureau's rule is not available elsewhere, though some aggregate information for some loans to businesses—but not applications—exists in other sources. For example, there are several datasets on loans to businesses by depository institutions. The FFIEC Call Report data provide information on banks' and savings associations' total outstanding number and amount of loans to businesses for loans under $1 million and farms for loans under $500,000. The CRA requires banks and savings associations with assets over a specified threshold ($1.322 billion as of 2021) to report data on loans to businesses with origination amounts of $1 million or less and loans to farms with origination amounts of $500,000 or less. NCUA Call Reports include information on credit unions' outstanding and originated commercial loans to members over $50,000. Though the Bureau and other agencies with supervisory jurisdiction can currently approximate some 1071 data through requests during examinations of individual institutions, the agencies would only have access to data from a relatively small number of such institutions at any one time and the data obtained would not be uniform among institutions. The availability of uniform 1071 data across different types of financial institutions should significantly improve agencies' ability to focus limited supervisory resources on institutions with higher fair lending risk. Section 1071 data may also provide insight into how well the market is meeting the credit needs of small businesses in general, as well as women- and minority-owned small businesses in particular, and could potentially be used to identify market opportunities.

The Bureau has received feedback relevant to the 1071 rulemaking from a variety of sources, including through the SBREFA process as well as the Bureau's 1071 Symposium and the 2017 RFI on small business lending. This feedback addressed, among other things, the potential inclusion of discretionary data points in the 1071 rulemaking, which is discussed further below. By discussing these potential discretionary data points under consideration in the SBREFA Outline, the Bureau obtained helpful feedback on costs and benefits from the SERs and other stakeholders to inform the Bureau's decision-making for purposes of this NPRM.

SBREFA Proposals Under Consideration and Feedback Received

In the SBREFA Outline, the Bureau explained its understanding of the data points enumerated in section 1071. The Outline noted that ECOA section 704B(b) requires financial institutions to inquire whether an applicant for credit is a women-owned, minority-owned, or small business. In addition, the statute states that the information compiled and maintained by a financial institution under section 704B(e)(1) shall be itemized in order to clearly and conspicuously disclose a number of particular items that are enumerated in the statute. In the Outline, the Bureau stated that it was considering proposing to require all of these data points.

The Bureau also discussed in the SBREFA Outline its proposals under consideration regarding data points adopted pursuant to its discretionary data points authority under ECOA section 704B(e)(2)(H). The Bureau explained that it was considering proposing to require that financial institutions report discretionary data points regarding pricing, time in business, NAICS code, and number of employees.

SERs provided feedback on nearly all aspects of the data points under consideration, including certain feedback applicable to all data points. Regarding data points generally, most SERs requested that the Bureau make the collection and reporting of data points as simple as possible. Two SERs stated that collecting and reporting the statutory data points would not pose any issues because they collect them now. A number of SERs urged the Bureau to require collection and reporting of a number of data points based only on information as provided by the applicant. One SER stated that the Bureau should be aware that, as with HMDA reporting, the cost of collecting and reporting the data points will include expensive data quality scrubs in order to avoid negative examination findings. Another SER stated that it will be challenging to standardize the data so reporting can be automated, and that this will likely require significant training and a tremendous amount of human intervention.

Furthermore, some SERs expressed concern about asking applicants to provide certain information (in particular the race, sex, and ethnicity of principal owners), as they believed that applicants would feel uncomfortable providing, or even being asked about, that information, and that if applicants are denied credit they might feel it was because of the protected demographic information they provided. One SER stated that the collection of 1071 data could seem like an intrusion of privacy by the financial institution, particularly to minority borrowers. The SER stated that prospective applicants may decide to seek financing elsewhere. Another SER stated that some prospective applicants' distrust of the Federal government (and concern over how 1071 data might be used) might adversely impact their ability to lend to the communities they serve. Other SERs that currently collect this information (for example, because they are CDFIs or SBA lenders) indicated that they generally do not have difficulty collecting demographic information from borrowers.

Several SERs suggested that the Bureau develop a system to assist in the collection of applicants' protected demographic information, and possibly other applicant-provided 1071 data, that would avoid the need for financial institutions to request and store sensitive information about applicants. One SER suggested that this system could also permit applicants to input their addresses for geocoding.

SERs also provided detailed feedback on the discretionary data points that the Bureau was considering. One SER stated that the cost of collecting and reporting the discretionary data points under consideration would be significant, and another SER stated that the Bureau should include as few data points as possible to avoid unnecessary costs. Another SER stated that the Bureau should finalize a rule with just the statutorily required data points and avoid adding any discretionary data points. That SER suggested that if the Bureau does include discretionary data points, the Bureau could consider providing an exemption from discretionary data point collecting and reporting for certain small 1071 reporters, similar to the partial data point exemption approach taken under HMDA.

Other SERs favored the inclusion of some or all of the discretionary data points. Two SERs stated their support for the inclusion of all four discretionary data points under consideration. One of these SERs suggested that the Bureau also collect information regarding the way the application was taken (in person, by phone, or online) in order to monitor possible discouragement of applicants. The other SER suggested that the Bureau also collect credit score information.

Stakeholders commenting on the statutory data points and data points in general largely echoed the SERs' concerns. Industry commenters suggested that the method of collection be as clear and simple as possible, that the cost burden be taken into account, and that the Bureau not require verification of applicant-provided information. Community groups largely supported the Bureau's proposals under consideration for the statutory data points, and emphasized the importance of the new 1071 data collection regime.

A large majority of industry stakeholders commenting on the SBREFA Outline opposed the collection of any discretionary data points, stating that including them would be overly burdensome and unnecessary. Industry commenters argued that the 1071 rule would be very burdensome in any case, requiring new software and onerously different business processes, and adding data points would only increase that burden. Some commenters stated that collecting and reporting the discretionary data points would increase compliance obligations and costs, and likely impact credit costs and availability for small business customers. Some commenters were concerned about the discretionary data points being made public without contextual information, potentially leading to damaging misinterpretations. One stakeholder stated that unnecessary discretionary data points would add to the already significant privacy concerns of financial institutions and borrowers. Several commenters suggested that the Bureau consider an incremental approach to expanding the data collection in the future should the statutory fields not be sufficient to accomplish the original intent of 1071. Several other stakeholders suggested that if the Bureau includes discretionary data points, it should provide an exemption from reporting them for smaller financial institutions.

Community groups and several community development lenders supported mandatory reporting of the discretionary data points under consideration, saying that they would help achieve section 1071's purposes. One stakeholder stated that the discretionary data points under consideration relate to underwriting decisions and must be accounted for so credit providers cannot—as they said HMDA reporters have done for years—hide behind data not collected as justification for their lending disparities. A community development lender supported the collection of the discretionary data points, but suggested that the Bureau not collect number of employees. Some stakeholders suggested additional discretionary data points.

Regarding data points in general, the SBREFA Panel recommended that the Bureau consider proposing in the NPRM that applicant-provided data points be self-reported by the applicant only, without an obligation for the financial institution to verify the information provided by the applicant. Regarding the discretionary data points, the SBREFA Panel recommended that if time in business, number of employees, and NAICS code become part of the proposal, the Bureau continue to explore ways to minimize the burden to small financial institutions of collecting and reporting such data; and with respect to NAICS code specifically, the burden on small business applicants who need to provide the information. As to pricing, the Panel recommended that if this data point becomes part of the proposal, the Bureau seek comment on potential methods for avoiding misinterpretations of disparities.

Proposed Rule

The Bureau is proposing to adopt the statutory data points largely consistent with its proposals under consideration at SBREFA, but with certain changes as discussed in the section-by-section analyses of the individual data points below. Consistent with its approach under consideration in the SBREFA Outline, the Bureau is proposing discretionary data points relating to pricing, time in business, NAICS code, and number of workers. In addition, based on feedback from SERs and other stakeholders and in the course of developing the proposed rule, the Bureau identified several additional data points that it believes would be important to the quality and completeness of the 1071 data collected and would aid significantly in furthering the purposes of section 1071. The proposed rule would adopt additional discretionary data points regarding application method, application recipient, denial reasons, and number of principal owners. In addition, the Bureau is relying on ECOA section 704B(e)(2)(H), as well as its authority under 704B(g)(1), to make certain clarifications to the statutory data points. These data points are all discussed in detail in the section-by-section analyses of proposed § 1002.107(a)(1) through (21) below.

The Bureau continues to believe that discretionary data points for pricing, time in business, NAICS code, and number of workers would serve the purposes of 1071, improve the utility of the data for stakeholders, and potentially reduce the occurrence of misinterpretations or incorrect conclusions based on analysis of an otherwise more limited data set. The Bureau also believes that discretionary data points for application method, application recipient, denial reasons, and number of principal owners would help to achieve these goals more effectively.

In proposing these discretionary data points, the Bureau considered the additional operational complexity and potential reputational harm that collecting and reporting discretionary data points could impose on financial institutions. The Bureau has sought to respond to industry concerns regarding discretionary data points by proposing a limited number of discretionary data points that would offer the highest value in light of 1071's statutory purposes. For this reason, the Bureau is not proposing certain additional discretionary data points suggested by SERs and other stakeholders such as credit score or applicant's business structure (see the discussion below). In addition, the Bureau has not chosen to take an incremental approach to adding data points, as one stakeholder suggested, or permitting collecting and reporting of discretionary data points to be phased in over time. The Bureau believes the information from the proposed discretionary data points would further section 1071's purposes for the reasons stated above, and should be collected and reported as soon as possible. In addition, data from these discretionary data points would be an important part of the privacy balancing test analysis that would be conducted after the first year of 1071 data is received. The Bureau will consider industry concerns about potential reputational harm that collecting and reporting discretionary data points could impose on financial institutions when it conducts the privacy balancing test analysis.

In regard to the specific method by which a financial institution would collect the 1071 data points, the proposed rule would require a covered financial institution to compile and maintain data regarding covered applications from small businesses, and require that the data be compiled in the manner prescribed for each data point and as explained in associated Official Interpretations (included in this proposed rule) and the Filing Instructions Guide (FIG) that the Bureau anticipates later providing on a yearly basis. The proposed rule would then explain that the data compiled shall include the items described in proposed § 1002.107(a)(1) through (21). The Official Interpretations, sometimes referred to as official comments or official commentary, provide important guidance on compliance with the regulation and are discussed in this preamble in relation to each data point as well as other regulatory provisions. The FIG would provide instructions on the operational methods for compiling and reporting data, including which codes to report for different required information. The FIG would be updated yearly, as is the FIG that is used with HMDA compilation and reporting.

The Bureau notes that some of the details contained in the proposed regulatory text and commentary may also be appropriate for inclusion in the FIG, and it anticipates that it may choose to relocate some such details to the FIG when issuing the final rule. For example, proposed § 1002.107(a)(1) addresses the unique identifier data point. A portion of proposed comment 107(a)(1)-1 would explain that the unique identifier must not exceed 45 characters, and may only include standard numerical and/or alphabetical characters and cannot include dashes, other special characters, or characters with diacritics. At the final rule stage, the Bureau might consider removing those details from the commentary and addressing them instead in the FIG, in order to preserve flexibility in how the submission platform is ultimately designed and implemented.

Proposed comment 107(a)-1 would provide general guidance on complying with § 1002.107(a), and would explain that: (i) A covered financial institution reports the data even if the credit originated pursuant to the reported application was subsequently sold by the institution; (ii) a covered financial institution annually reports data for covered applications for which final action was taken in the previous calendar year; and (iii) a financial institution reports data for a covered application on its small business lending application register for the calendar year during which final action was taken on the application, even if the institution received the application in a previous calendar year. The Bureau believes that these operational instructions would clarify a financial institution's collection and reporting requirements and so facilitate compliance. The Bureau also believes that these instructions would help to ensure the accuracy and consistency of the data collected and reported.

The Bureau crafted the proposed rule in consideration of the concerns and input of the SERs and other stakeholders. First, the proposed rule would generally not require a financial institution to verify applicant-provided information, as discussed more fully in the section-by-section analysis of proposed § 1002.107(b) below, and has limited the discretionary data points to those that the Bureau believes would be most useful for the purposes of section 1071. In addition, the Bureau has considered the costs, including data quality scrubs, automation and training, that would be imposed by the collection and reporting of the statutory and discretionary data points; these are discussed in detail in part VII below. The Bureau has attempted to craft the collection and reporting requirements to be as clear and operationally manageable as possible, and requests comment on potential methods for increasing clarity and manageability.

In regard to concerns from SERs and other stakeholders about being required to collect applicants' protected demographic information for purposes of section 1071, the Bureau notes that several SERs reported collecting this kind of information currently (because they are CDFIs, or because they are participating in certain SBA or similar loan guarantee programs). In addition, the Bureau crafted the proposed rule to provide flexibility for financial institutions in the collection and reporting of this information. The Bureau is also not proposing an exemption for small financial institutions from reporting the discretionary data points, as suggested by some SERs and commenters. As explained in the section-by-section analysis of proposed § 1002.105(b) above, certain institutions with limited small business loan originations would be exempt from 1071 collection and reporting obligations. Furthermore, the Bureau is concerned that the usefulness of the data collected would be reduced if the data set is incomplete for some financial institutions. Finally, the Bureau is not proposing at this time to establish a Federal collection system for protected demographic or other information for use with 1071 reporting that would avoid the need for financial institutions to request and store this information about applicants, as suggested by several SERs.

The Bureau seeks comment on its proposed approach to the collection and reporting of the 1071 data points, including the specific requests for input above and in the section-by-section analysis of each of the proposed data points below.

Proposed Rule—Other Discretionary Data Points Considered But Not Proposed

As mentioned above, SERs and other stakeholders suggested some additional data points for the Bureau's consideration, and the Bureau considered others in the development of this proposed rule. Because of the operational complexities likely to be posed by each of these potential data points, as well as the reasons explained below, the Bureau has chosen not to propose to include any of the following data points in the 1071 rule. Nonetheless, the Bureau seeks comment on whether the following potential data points or any others would further the purposes of section 1071 and thus should be considered for inclusion in the final rule.

• Type of business/entity structure (sole proprietorship, C-corp, LLC, partnership, etc.). This information could be useful in providing context to the race, sex, and ethnicity data regarding applicants' principal owners. However, the Bureau believes that collecting the number of principal owners, as proposed in § 1002.107(a)(21), would better serve this purpose.

• Credit score. Collecting credit score and other credit information could be particularly useful for the fair lending purpose of section 1071. However, because of the different types of scores and different situations in which a financial institution would or would not access scores, the Bureau believes that this data point could be quite complicated and involve complex sub-fields, which could pose operational difficulties for financial institutions in collecting and reporting this information. These complexities could also make it difficult for data users to understand and interpret credit score data.

• Credit reporting information, including whether credit information was accessed. This data point could also be complicated and involve complex sub-fields, making it difficult for financial institutions to collect and report. As with credit score, these complexities could also make it difficult for data users to understand and interpret these data. In addition, it is not clear that this information would be useful without also collecting credit score.

• Percentage ownership of each principal owner and percentage ownership by women and by minorities. This information could be useful in providing context to the ethnicity, race, and sex data regarding applicants' principal owners. However, the Bureau is concerned that requesting this type of percentage data could be confusing to applicants and could result in inconsistent responses across applicants and institutions. The Bureau believes that collecting the number of principal owners, as proposed in § 1002.107(a)(21), would better serve this same purpose.

• Whether the applicant has an existing relationship with the financial institution and the nature of that relationship. This information could provide additional context for a financial institution's credit decision, and thus could be useful for both of section 1071's statutory purposes. However, the Bureau believes that the usefulness of the data collected may not justify the additional operational complexity of identifying and tracking such relationships for reporting.

• Customer number, and/or unique (but anonymous) identification number for applicants or associated persons for tracking of multiple applications. This information could be useful to track multiple applications by a single small business within a particular financial institution, whether submitted at one time or over the course of the year. However, the Bureau believes that the potential difficulties posed by requiring the reporting of this information—particularly for applications that have been withdrawn or abandoned—would not be warranted in light of the utility of the data.

107(a)(1) Unique Identifier

Background

ECOA section 704B(e)(2)(A) requires financial institutions to collect and report “the number of the application . . . .” Regulation C includes a similar reporting requirement for a universal loan identifier (ULI), though some insured credit unions and depositories whose lending activity falls below applicable thresholds are partially exempt and only need to report a non-universal loan identifier (NULI). Both the ULI and the NULI use only alphanumeric characters, and do not allow use of identifying information about the applicant or borrower in the identifier. The ULI is “unique” in the national HMDA reporting market because it uses a unique legal entity identifier (LEI) for the reporting institution and then the identifier is required to be unique within that institution. The ULI must be no more than 45 characters and the NULI must be no more than 22 characters.

SBREFA Proposals Under Consideration and Feedback Received

The Bureau stated in the SBREFA Outline that it was considering proposing that financial institutions report an alphanumeric application or loan number of no more than 45 characters that is unique, within the financial institution, to the referenced extension (or requested extension) of credit and that remains uniform through the application and origination stages of the process. The financial institution would assign this number to an application, and the number would be reported as the application number if the credit applied for was not originated. The same number would be reported as the loan number if the credit applied for was originated. The application/loan number would not include any identifying information about the applicant. The Bureau stated that it was considering proposing a structure for the method of assigning and reporting the application/loan number under section 1071 to follow HMDA/Regulation C formatting and other requirements, which might reduce initial software development costs.

SERs reported varied practices with respect to assigning application and loan numbers. Some SERs stated they do not assign application numbers; some of those SERs indicated, however, that they do assign loan numbers at or before origination. Two SERs reported tracking applications and loans using an identification number assigned to the customer. One SER expressed concern about reporting actual loan numbers to the Bureau due to potential identity theft, and requested that the Bureau permit financial institutions to generate a new application/loan number specifically for 1071 reporting purposes. One SER stated that if an applicant requests more than one type of credit product, a separate application/loan number is assigned to each product request, while other SERs indicated they use a single application number even if multiple products are requested.

The SBREFA Panel recommended that in the NPRM the Bureau consider proposing to permit financial institutions to report “dummy” application/loan numbers assigned specifically for 1071 reporting purposes, rather than the numbers they use internally.

Feedback from other stakeholders echoed many of the SERs' concerns, making clear that many lenders do not assign numbers at the application stage and others assign them at various points in the process. One commenter explained that being required to assign an application number early would disrupt its procedures. Another commenter stated that the Bureau should provide flexibility in this data point to account for the wide range of practices.

Proposed Rule

The Bureau is proposing to require that financial institutions report an alphanumeric identifier starting with the LEI of the financial institution. This unique alphanumeric identifier would be required to be unique within the financial institution to the specific covered application, and would be required to be usable to identify and retrieve the specific file corresponding to the application for or extension of credit. The Bureau is also proposing commentary with additional details, as discussed below.

This proposed unique identifier requirement closely follows the SBREFA Outline approach for this data point, with certain adjustments and clarifications. First, the Bureau has chosen to propose the more precise term of “unique identifier,” instead of “application/loan number,” which was the term used in the SBREFA Outline. In addition, the Bureau had stated that its approach in the SBREFA Outline would follow Regulation C formatting and other requirements, but did not explicitly discuss the use of “dummy” numbers, as is done with HMDA. For clarity, the Bureau is including language in proposed comment 107(a)(1)-1 that would explain that the identifier does not have to be the number that the financial institution uses for the application internally. Proposed comment 107(a)(1)-1 would also provide the formatting requirements for the unique identifier. The Bureau is proposing an identifier of 45 characters or fewer, as is currently required for HMDA.

The Bureau notes that the SBREFA Outline language could be read to suggest that the financial institution must assign a number to an application and then keep that number uniform throughout its subsequent processing of the application; this is not what was intended. The Bureau is making clear in the proposal that the unique identifier would not need to stay “uniform” throughout the application and subsequent processing. Proposed comment 107(a)(1)-1 would explain that the financial institution may assign the unique identifier at any time prior to reporting the application. Proposed comment 107(a)(1)-1 would also explain that refinancings or applications for refinancing must be assigned a different identifier than the transaction that is being refinanced.

Proposed comment 107(a)(1)-2 would make clear that the unique identifier must not include any directly identifying information regarding the applicant or persons (natural or legal) associated with the applicant. The Bureau is aware that internal identification numbers assigned by the financial institution to the application or applicant could be considered directly or indirectly identifying information, and requests comment on this issue. The Bureau also notes that, as discussed in part VI.C.6.i, due to privacy risks the Bureau is proposing to not publish the unique identifier data field in unmodified form; the Bureau is seeking comment on potential modifications to or deletion of this data field in the published application-level 1071 data.

Proposed comment 107(a)(1)-2 would also cross-reference proposed § 1002.111(c) and related commentary, which prohibit any personally identifiable information concerning any individual who is, or is connected with, an applicant, in records retained under proposed § 1002.111.

As stated above, the Bureau is proposing to require that the unique identifier begin with the financial institution's LEI; this requirement was not stated in the SBREFA Outline. Pursuant to proposed § 1002.109(b)(1)(vi), any covered financial institution that does not currently use an LEI would be required to obtain and maintain an LEI in order to identify itself when reporting the 1071 data. Including the financial institution's LEI in the unique identifiers that it assigns to its applications should not cause extra operational difficulty once the programming to do so has been implemented. The Bureau believes that including the LEI will increase the specificity and usefulness of the identifier and the record it identifies. Although a “check digit” is required for the HMDA ULI, the Bureau is not proposing to require its use in the 1071 unique identifier. The Bureau believes that, based on its current expectations for a 1071 reporting platform, a check digit would be unnecessary.

The Bureau's proposal is intended to avoid the potential problems identified by SERs during the SBREFA process. The method proposed would accommodate different institutions' numbering systems because the unique identifier can be created separately from that internal system. The Bureau's proposed approach would also alleviate the identity theft concerns raised with respect to reporting actual loan numbers, though the Bureau is unlikely to release the unique identifier data reported to the Bureau publicly in any case. In regard to the issue of requests by the same applicant for more than one credit product at the same time, the Bureau proposes to treat those as separate applications. See the section-by-section analysis of proposed § 1002.103 above.

The Bureau seeks comment on its proposed approach to the unique identifier data point. In addition, the Bureau requests comment on the use of the LEI in the unique identifier and the possible use of a check digit.

107(a)(2) Application Date

Background

ECOA section 704B(e)(2)(A) requires financial institutions to collect and report the “date on which the application was received.”

SBREFA Proposal Under Consideration and Feedback Received

In the SBREFA Outline, the Bureau stated it was considering proposing that financial institutions report the application date using either (i) the date shown on a paper or electronic application form; or (ii) the day on which a credit request becomes an “application.” The Bureau considered proposing that application date be reported with a day, month, and year. The Bureau also considered proposing that financial institutions have a grace period of several days on either side of the date reported to reduce the compliance burden of pinpointing an exact date on which an application was received.

Most SERs stated that application date would not be difficult to report, though some suggested different triggers for the reporting of application date. This feedback overlapped with feedback on the definition of an application. Several SERs suggested the date an application is completed and submitted for underwriting review should be the triggering date. Several other SERs expressed support for reporting the date based on when a credit memorandum is generated. One SER suggested that each financial institution be permitted to develop its own process for reporting application date, so long as it is done consistently. Another SER expressed concern with reporting application date as a general matter, explaining that a date is not currently recorded in their system as a matter of practice. Instead of application date, that SER suggested that financial institutions report the date they make a decision on the loan. Several SERs were strongly in favor of the Bureau providing a grace period of several days on either side of the date reported to reduce compliance burden.

Other stakeholders to comment on this data point were generally in favor of the proposal under consideration, and particularly the grace period, which they expressed would reduce the compliance burden of pinpointing an exact date. One stakeholder suggested a 7-day grace period. One financial institution suggested that application date be assigned up through and including at closing in order to accommodate financing requests outside normal business hours.

The SBREFA Panel recommended that the Bureau seek comment on how best to define “application date” in light of how it decides to propose defining an “application.”

Proposed Rule

The Bureau is proposing to require reporting of application date in § 1002.107(a)(2) as the date the covered application was received by the financial institution or the date on a paper or electronic application form. Proposed § 1002.107(a)(2) is consistent with the Bureau's proposal under consideration in the SBREFA Outline, with revised language for clarity. Proposed comments 107(a)(2)-1 and -2 would clarify the need for a financial institution to take a consistent approach when reporting application date, and provide guidance on how to report application date for indirect applications. In light of SER and other stakeholder feedback supportive of permitting a grace period for reporting the date of application, the Bureau is proposing a safe harbor in § 1002.112(c)(4), which would provide that a financial institution does not violate proposed subpart B if it reports on its small business lending application register an application date that is within three calendar days of the actual application date pursuant to proposed § 1002.107(a)(2).

The Bureau seeks comment on its proposed approach to collecting application date in § 1002.107(a)(2) and associated commentary. As recommended by the SBREFA Panel, the Bureau also seeks comment on how best to define this data point in light of the Bureau's proposed definition of “covered application” in § 1002.103.

107(a)(3) Application Method

ECOA section 704B(e)(2)(H) authorizes the Bureau to require financial institutions to compile and maintain “any additional data that the Bureau determines would aid in fulfilling the purposes of [section 1071].” The Bureau believes that application method data will aid in fulfilling the purposes of section 1071, as explained below.

The Bureau did not address the method of application as a potential data point under consideration in the SBREFA Outline. However, during the SBREFA process, one CDFI SER suggested collecting information regarding the way an application was taken (in person, by phone, or online) in order to monitor for possible discouragement of applicants. Relatedly, several SERs that took applications for credit primarily or entirely online asserted that such channels were less likely to result in discrimination and more likely to increase access to credit to women-owned and minority-owned small businesses.

In light of this feedback during the SBREFA process, pursuant to its authority under ECOA section 704B(e)(2)(H), and for the reasons set forth below, the Bureau is proposing to require financial institutions to collect and report application method. Proposed § 1002.107(a)(3) would define this data point as the means by which the applicant submitted the covered application directly or indirectly to the financial institution. The Bureau is also proposing commentary to accompany proposed § 1002.107(a)(3).

The Bureau believes that data on application method would improve the market's understanding of how applicants apply for credit which, in turn, would facilitate fair lending enforcement, including helping determine whether certain application methods are more or less likely to be associated with violations of fair lending laws. This proposed data field would also permit comparisons across financial institutions for a given application method. In addition, data on application method supports 1071's statutory purposes by assisting with an understanding of the business and community development needs of a particular geographic region. For instance, application method may help users of 1071 data analyze the extent to which financial institutions may be providing access to credit online or by telephone in “credit deserts” where financial institutions do not have branch operations.

The Bureau also believes that collecting data on application method will aid in analysis of multiple 1071 data points collected and reported by financial institutions, including the ethnicity, race, and sex of applicants' principal owners. First, these data will assist the Bureau and other data users in identifying whether applicants are more or less likely to provide this (and other) 1071 information in different application channels. This information may also assist in determining whether a financial institution has procedures to collect applicant-provided data at a time and in a manner that is reasonably designed to obtain a response, as would be required by proposed § 1002.107(c)(1).

Finally, data on application method would assist in analyzing data reported under, and assessing compliance with, proposed § 1002.107(a)(20), which requires financial institutions to collect principal owners' ethnicity and race via visual observation or surname in certain circumstances. Having application method reporting will allow the Bureau and other data users to determine, for example, which applications could be subject to data collection via visual observation or surname (because the financial institution met with the applicant in person) and, together with information reported under proposed § 1002.107(a)(20), which of those applications did and did not have information collected that way.

Proposed comment 107(a)(3)-1 would clarify that a financial institution complies with proposed § 1002.107(a)(3) by reporting the means by which the applicant submitted the application from one of the following options: in-person, telephone, online, or mail. Proposed comment 107(a)(3)-1 would explain how financial institutions are to choose which application method to report, including via a “waterfall approach” when they have contact with an applicant in multiple ways.

Proposed comment 107(a)(3)-1.i would provide that an financial institution reports the application method as “in-person” if the financial institution, or another party acting on the financial institution's behalf, meets with the applicant in person (for example, in a branch office, at the applicant's place of business, or via electronic media with a video component). Proposed comment 107(a)(3)-1.ii would provide that a financial institution reports the application method as “telephone” if the financial institution, or another party acting on the financial institution's behalf, did not meet with the applicant in person as described in proposed comment 1002.107(a)(3)-1.i but communicated with the applicant by telephone or via electronic media without a video component.

Proposed comment 107(a)(3)-1.iii would provide that a financial institution reports the application method as “online” if it, or another party acting on the financial institution's behalf, did not meet with the applicant in person and did not communicate with the applicant by telephone as described in proposed comments 1002.107(a)(3)-1.i and ii but communicated with the applicant through an online application, electronic mail, text message, and/or some other form of online communication. Proposed comment 107(a)(3)-1.iv would provide that a financial institution reports the application method as “mail” if the financial institution, or another party acting on the financial institution's behalf, did not meet with the applicant in person and did not communicate with the applicant by telephone, as described in proposed comments 1002.107(a)(3)-1.i and ii, but communicated with the applicant in writing via United States mail, courier or overnight service, or hand-delivery (including hand-delivery of documents via an overnight drop box or at a teller window).

Proposed comment 107(a)(3)-2 would provide guidance on what application method a financial institution would report for interactions with applicants both online and by mail. In short, a financial institution would report application method based on the method by which it, or another party acting on its behalf, requested the ethnicity, race, and sex of the applicant's principal owners pursuant to proposed § 1002.107(a)(20). Proposed comment 107(a)(3)-2 also would provide separate examples of when the application method should be reported as “online” and “mail.”

The Bureau seeks comment on its proposed approach to this data point.

107(a)(4) Application Recipient

ECOA section 704B(e)(2)(H) authorizes the Bureau to require financial institutions to compile and maintain “any additional data that the Bureau determines would aid in fulfilling the purposes of [section 1071].” Although the Bureau did not address application recipient as a potential data point under consideration in the SBREFA Outline, the Bureau believes that application recipient data would aid in fulfilling the purposes of section 1071, as explained below.

Financial institutions employ a wide variety of lending models in extending credit to small businesses. During the SBREFA process, the Bureau explored section 1071's requirement to collect and report certain data for any “application to a financial institution for credit,” which could be read as applying to more than one financial institution when an intermediary provides the application to another financial institution that takes final action on the application. See the section-by-section analysis of proposed § 1002.109(a)(3) below for a discussion of proposed reporting obligations where multiple financial institutions are involved in a covered credit transaction. Financial institutions, of course, may receive applications for credit directly from small businesses—depending on the institution, applications may be submitted online, by telephone, by mail, or in person at a branch location, the applicant's place of business, or some other place. In addition, some financial institutions may receive applications routed to them through third parties, such as brokers or vehicle or equipment dealers. Some financial institutions issue credit cards branded for particular retailers, for which applications are taken in person at the retailer's store locations. Some brokers and dealers may send applications to a single financial institution, while others may send them to multiple financial institutions at the same time. In these types of application scenarios involving third parties, the financial institution may not directly interact with the applicant at all during the application process.

In the SBREFA Outline, the Bureau noted the wide array of small business lending models operating today. The Bureau noted that certain section 1071 requirements might apply to intermediaries in the application chain. As discussed in the section-by-section analysis of proposed § 1002.109(a)(3) below, several SERs voiced support for aligning reporting requirements for financial institutions that are not the lender of record with the approach taken for HMDA reporting in the Bureau's Regulation C. The Bureau did not receive feedback from SERs on whether data concerning the existence of intermediaries should be collected. Other stakeholders did urge the Bureau, however, to provide clear rules for lenders that work with partners, including when lenders should, and need not, collect 1071 data. Stakeholders also urged the Bureau to provide clear rules that would work for a broad array of business models, including lenders working with partners and agents.

The Bureau believes that information regarding how an application is received would enhance small business lending data and further the purposes of section 1071. Pursuant to its authority under ECOA section 704B(e)(2)H), the Bureau is thus proposing § 1002.107(a)(4), which would require financial institutions to collect and report the application recipient, meaning whether the applicant submitted the covered application directly to the financial institution or its affiliate, or whether the applicant submitted the covered application indirectly to the financial institution via a third party. Proposed comment 107(a)(4)-1 would clarify that if a financial institution is reporting actions taken by its agent consistent with proposed comment 109(a)(3)-3, then the agent is considered the financial institution for the purposes of proposed § 1002.107(a)(4).

The Bureau believes that collecting data on application recipient, in combination with application method, as discussed above, would improve the market's understanding of how small businesses interact with financial institutions when applying for credit which, in turn, would facilitate fair lending analysis, including identifying risks in small business lending. Information about application method and whether the application was submitted directly or indirectly also would promote the community and business development purposes of the statute by improving the public's understanding of the structure of small business lending originations across the market, the methods by which credit is originated for particular groups or underserved markets, and trends over time (for example, to the extent applicant preferences shift from in-person to online interactions). It will also be helpful for the Bureau and data users to know the relationship between the covered financial institution and the applicant in the context of certain other collected and reported data.

The Bureau also believes that collecting and reporting information on the application recipient may facilitate fair lending analysis because particular business models may provide more or less reliable information with respect to the ethnicity, race, and sex of the principal owners of the applicant. In addition, the Bureau believes that collecting and reporting information on the application recipient may assist with an understanding of the business and community development needs of an area or applicant. For instance, the proposed collection of application recipient may help users of 1071 data understand whether financial institutions making credit decisions are directly interacting with the applicant and/or generally operate in the same community as the applicant. Finally, the Bureau expects that financial institutions know and track how they receive applications for credit from small businesses and thus does not believe that this data point should be difficult for financial institutions to collect and report.

The Bureau seeks comment on its proposed approach to this data point.

107(a)(5) Credit Type

Background

Section 1071 requires financial institutions to collect and report “the type and purpose of the loan or other credit being applied for.” (The credit purpose data point is addressed in proposed § 1002.107(a)(6).) For HMDA reporting, Regulation C requires numerous data points that indicate the type of credit applied for or originated: the type of guarantees used; lien order; loan term; the presence of nontraditional contract terms including balloon, interest only, and negative amortization payments; variable rate information; open-end status; and reverse mortgage status. Section 1071 provides no additional information or details regarding what aspects of credit type should be collected and reported.

SBREFA Proposals Under Consideration and Feedback Received

In the SBREFA Outline, the Bureau stated it was considering proposing that financial institutions report the loan/credit type data point via three sub-components: (1) Type of Loan Product (chosen from a specified list); (2) Type of Guarantee (chosen from a specified list); and (3) Loan Term (in months, or using “Not Applicable” for products that do not have a loan term and for applications that did not specify a loan term). The SBREFA Outline included lists of types of loan product and types of guarantees.

The Bureau explained in the SBREFA Outline that a separate category for the presence of a guarantee was included in recognition of the fact that a guaranteed loan is often made as a counteroffer for either a requested loan by the applicant or because the applicant does not qualify for a conventional loan. Having guarantee status captured as a feature of loan type therefore would provide useful information. The Bureau also noted that some borrowers specifically request a government guaranteed loan program and/or receive a loan from a financial institution that only participates in such a program.

For reporting when an application requests more than one type of loan product, the Bureau stated in the SBREFA Outline that it was considering whether to propose that (1) financial institutions choose up to three items from the subcomponent lists for the Loan Type data point if there is only one application and multiple products/guarantees/terms were asked for; or (2) financial institutions report separate applications/originations for each loan type requested or originated. The Bureau explained that financial institutions would be able to choose more than one guarantee for originated or approved but not accepted credit. For loan product and loan term, however, financial institutions would report only one of each subcomponent on originated credit or credit approved but not accepted.

A number of SERs requested certain products be added to the “product type” list; this feedback generally aligned with feedback regarding product coverage (see the section-by-section analysis of proposed § 1002.104 above). Two SERs suggested that line increases should be excluded. Some SERs requested that the Bureau permit multiple types of guarantees to be selected for a single application, and one SER suggested that FHA guarantees be added to the guarantee list. One SER explained that government guarantees and personal guarantees are different—the government guarantee being a credit enhancement and a personal guarantee being a form of collateral.

The SBREFA Panel recommended that the Bureau consider modifying the product type and guarantee lists in accordance with the various suggestions made by SERs. The Panel also recommended that the Bureau seek comment on how financial institutions currently handle increases in lines of credit and how best to require reporting of this data point for multiple lines of credit within the same account.

The Bureau also received feedback from other stakeholders regarding this data point. A community group commenter stated that the three data fields making up this data point are appropriate choices because each is necessary separately and in combination to help determine whether lenders are responding to the needs for credit by offering affordable and sustainable products to traditionally underserved small businesses. Commenters requesting that additional products be covered by the rule, such as MCAs, likewise said those products would need to be added to the loan product list. Another commenter stated that the Bureau should also expand the number of guarantees that a financial institution can select because creditors will sometimes stack four or five guarantees on a single loan product.

One commenter stated that the “type and purpose of the financing” are fluid in the application process, and the Bureau should make it clear that high-level, general, or categorical information is sufficient for these data points. Other commenters appreciated the inclusion of “other,” “unknown,” and “other/unknown” in the field lists to facilitate compliance. One commenter asked that the Bureau provide clear guidance on how this data point should be reported, and another stated that reporting this data point should not be costly if it is defined simply and left unchanged.

Treatment of multiple products requested at the same time. Regarding how a single request for multiple loan/credit products should be reported, some commenters supported reporting separate applications while others supported requiring reporting as a single application. One commenter suggested that the Bureau should accommodate both approaches. Another commenter remarked that if a business is applying for multiple products, the basic information is going to be the same, the only difference would be which product is funded. This same commenter suggested that if multiple applications are reported, that will overinflate the data points as the business does not have three separate applications, but only one application for different products. This commenter further pointed out that there are instances where a business is only applying for a loan but ends up liking the terms of a line of credit, and asked whether that change in decision would become a new application.

Proposed Rule

The Bureau is proposing in § 1002.107(a)(5) to require that financial institutions collect and report the following information regarding the type of credit applied for or originated: (i) The credit product; (ii) The type or types of guarantees that were obtained for an extension of credit, or that would have been obtained if the covered credit transaction were originated; and (iii) The length of the loan term, in months, if applicable. These aspects of credit type are discussed in turn below. This proposal is consistent with the approach presented in the SBREFA Outline, and would require the financial institution to choose the credit product and guarantee(s) from a specified list. (These lists are provided in the commentary accompanying proposed § 1002.107(a)(5).) The lists include choices for “Other” and “Not provided by applicant and otherwise undetermined,” as appropriate, to facilitate compliance. Based on the feedback from SERs and other stakeholders, and consistent with the SBREFA Panel's recommendation to consider modifying the product type and guarantee lists in accordance with the suggestions made by SERs, the Bureau has updated the lists to reflect additional credit products and types of guarantees. The Bureau is also proposing to use the term “credit type” for this data point, rather than the SBREFA Outline term “loan/credit type,” for clarity and consistency with terminology used elsewhere in the proposal.

The Bureau believes that it is reasonable to interpret the statutory term “credit type” to comprise the proposed three data fields, because they are critical to understanding the nature of small business credit applied for and provided, as explained below. For the reasons discussed herein, the Bureau believes that the subcategories of credit product (including collateral), guarantee type, and loan term would aid in fulfilling the purposes of section 1071. Financial institutions generally have all of the information required for this data point when they process applications (and the reporting regime would be sufficiently flexible when they do not), so the Bureau does not believe there is anything in this approach that would impose particular operational difficulty. Additionally, the Bureau believes it is reasonable to interpret type of credit “applied for” to include the type of credit actually originated when an application results in an extension of credit.

The Bureau seeks comment on its proposed approach to the credit type data point, including the lists of products and guarantees proposed and the other specific requests for input below.

Credit product. The first data field the Bureau is proposing to include in the credit type data point is the credit product ( i.e., a commonly understood category of small business lending like term loans or lines of credit) which the Bureau considers to be an integral part of the statutory requirement to collect credit type. The Bureau believes information about the various products sought by applicants would further the purposes of section 1071 by demonstrating, for example, how small businesses of different sizes or in different sectors choose to pursue, or ultimately access, different forms of credit.

The Bureau distinguishes between secured and unsecured term loans and lines of credit in its list of credit products because it believes that whether a term loan or line of credit is collateralized can have such a significant effect on things like approval rates and pricing that secured and unsecured products fundamentally differ in kind. For this reason, the Bureau believes that including information on the use of collateral in the credit product data field will help data users to avoid inaccurate interpretations of 1071 data. The Bureau believes that whether a loan is secured or unsecured will be part of an application or loan file and, as a result, should not be operationally difficult to report once a financial institution's 1071 compliance system is set up.

Proposed comment 107(a)(5)-1 would present the instructions for collecting and reporting credit product and the proposed list of credit products from which financial institutions would select. Proposed comment 107(a)(5)-1 would explain that a financial institution complies with § 1002.107(a)(5)(i) by selecting the credit product requested from the list provided in the comment. It would also explain that if an applicant requests more than one credit product, the financial institution reports each credit product requested as a separate application.

The issue of how to collect and report multiple products applied for at the same time affects several data points, but is most salient for credit type. The Bureau believes that requiring a separate application to be reported for each credit product requested would yield more complete and useful data, and that a financial institution should not experience operational difficulties in copying the relevant information, identical for most data points, to separate lines in the small business lending application register. This issue is discussed more fully in the section-by-section analysis of proposed § 1002.103(a), which also addresses the Bureau's proposed approach to multiple lines of credit within the same account.

The Bureau intends the list of credit products provided in proposed comment 107(a)(5)-1 to align with the most common types of credit products in small business lending. As explained above, the list for credit product included in the SBREFA Outline has been amended based on SER and stakeholder input, as well as other considerations. Specifically, “Merchant cash advance” and “Other sales-based financing transaction” have been added to the list to correspond with their inclusion as covered credit transactions under proposed § 1002.104. See the section-by-section analysis of proposed § 1002.104 above for a more complete discussion of products covered by and excluded from the Bureau's proposal. Proposed comment 107(a)(5)-6 would explain when “other sales-based financing transaction” is used for reporting.

Proposed comment 107(a)(5)-1 would also explain that if the credit product for an application does not appear on the list of products provided, the financial institution selects “other” as the credit product and reports the specific product via free-form text. The Bureau believes that allowing financial institutions to choose “other” when the credit product for the application does not appear on the provided list would facilitate compliance. In addition, collecting this information on “other” credit products would assist the Bureau in monitoring product trends and key developments in the small business lending market, which the Bureau could use to inform any future iterations of the list.

Proposed comment 107(a)(5)-2 would explain that, pursuant to proposed § 1002.107(c)(1), a financial institution is required to maintain procedures reasonably designed to collect applicant-provided data, which includes credit product. However, if a financial institution is nonetheless unable to collect or otherwise determine credit product information because the applicant does not indicate what credit product it seeks and the application is denied, withdrawn, or closed for incompleteness before a credit product is identified, the proposed comment would explain that the financial institution reports that the credit product is “not provided by applicant and otherwise undetermined.” This option is similar to the “unknown” response under consideration during SBREFA, but has been revised to more accurately reflect the situations in which the response would be appropriate. The Bureau believes that permitting use of this response would facilitate compliance and enhance the quality of data collected. As discussed above, commenting stakeholders supported the flexibility afforded by this kind of response.

Proposed comment 107(a)(5)-3 would explain how a financial institution reports a transaction that involves a counteroffer. The comment would state that if a financial institution presents a counteroffer for a different credit product than the product the applicant had initially requested, and the applicant does not agree to proceed with the counteroffer, a financial institution reports the application for the original credit product as denied pursuant to proposed § 1002.107(a)(9). If the applicant agrees to proceed with consideration of the financial institution's counteroffer, the financial institution reports the disposition of the application based on the credit product that was offered, and does not report the original credit product applied for. The Bureau believes that, in the complex circumstances created by counteroffers, the meaning of the type of credit “applied for” is ambiguous, and it is reasonable to interpret the credit product “applied for” to mean the credit product considered via the applicant's response to the counteroffer. For a discussion of the Bureau's proposed treatment of counteroffers more generally, see the section-by-section analysis of proposed § 1002.107(a)(9) below.

The Bureau notes that, under its proposal, line increases would be reportable so that the small business lending market can be tracked accurately. See the section-by-section analysis of proposed § 1002.103(a) above for additional details. However, the Bureau is not proposing that line increases be included as a separate item in the credit product list.

The Bureau seeks comment on its proposed approach to this data field, including the appropriateness and usefulness of the products included in the list, whether there are other products that should be added, and the proposed treatment of counteroffers. The Bureau also seeks comment on how financial institutions currently handle increases in lines of credit and whether a line increase should be considered a credit product, and on whether an overdraft line of credit should be considered a product separate from a line of credit and thus added to the product list.

Type of guarantee. The second data field the Bureau is proposing to include in the credit type data point is guarantee. The Bureau considers the guarantee obtained for an extension of credit to be part of the credit “type” because it is fundamental to the nature of the transaction in that it meaningfully impacts terms such as interest rates, such that guarantee information could help to explain potential disparities in outcomes and reduce inaccurate conclusions, aiding in fulfilling the fair lending purpose of section 1071. Indeed, in common parlance, small business credit transactions are often referred to using the name of the guarantee ( e.g., “a 7(a) loan,” referring to the SBA 7(a) guarantee). Because various types of guarantees are available for different credit products, the Bureau believes that guarantee type should constitute a separate data field within the credit type data point, so that data users can conduct separate analyses with respect to credit product and guarantees, and to avoid excessive complexity in the credit product data field. Information on the distribution of government loan guarantees (such as those provided in SBA programs) across different geographic areas and applicant groups should allow a better understanding of how those programs function on the ground, aiding in fulfilling the business and community development purpose of section 1071. As with collateral, information on guarantees is generally a part of an application or loan file and should not be operationally difficult to report once a financial institution's 1071 compliance system is set up.

Proposed comment 107(a)(5)-4 would present the instructions for collecting and reporting type of guarantee and the proposed list of guarantees from which financial institutions would select. Proposed comment 107(a)(5)-4 would explain that a financial institution complies with § 1002.107(a)(5)(ii) by selecting the type or types of guarantee(s) obtained for an originated covered credit transaction, or that would have been obtained if the covered credit transaction were originated, from the list provided in the comment.

The Bureau intends the list of guarantee types provided in proposed comment 107(a)(5)-4 to align with the most common types of guarantees used in small business lending. As explained above, the list for guarantee type included in the SBREFA Outline has been amended based on SER and stakeholder input. Specifically, “FHA insurance” and “Bureau of Indian Affairs guarantee,” which the Bureau believes are often used with small business credit, have been added.

Proposed comment 107(a)(5)-4 would also explain that the financial institution may select, if applicable, up to a maximum of five guarantees for a single application or transaction. In the SBREFA Outline, the Bureau stated that it was considering allowing financial institutions to report more than one guarantee for an application or originated credit. The Bureau understands that small business credit may have more than one guarantee, such as an SBA guarantee and a personal guarantee, and believes that more complete information can be collected by requiring as many as five to be reported.

Proposed comment 107(a)(5)-4 would also explain that if the type of guarantee for an application or originated transaction does not appear on the list of guarantees provided, the financial institution selects “other guarantee,” and reports the type of guarantee as free-form text. As with credit product, the Bureau believes that allowing financial institutions to choose “other” when a guarantee for the application does not appear on the provided list will facilitate compliance. In addition, collecting this information on “other” guarantee types would assist the Bureau in monitoring trends in usage of other types of guarantees and key developments in the small business lending market, which the Bureau could use to inform any future iterations of the list.

Finally, proposed comment 107(a)(5)-4 would provide that if no guarantee is obtained or would have been obtained if the covered credit transaction were originated, the financial institution selects “no guarantee.” Because a small business credit transaction does not always involve use of a guarantee, the Bureau is not proposing to include “not provided by applicant and otherwise undetermined” as an option. If no guarantee is identified for an application, the financial institution would report “no guarantee.”

In regard to the distinction one SER made between government and personal guarantees, the Bureau notes that the proposed rule would identify them as separate options within the data field, thereby allowing data users to analyze them independently.

The Bureau seeks comment on its proposed approach to this data field, including the appropriateness and usefulness of the items listed, and whether there are other guarantees that should be added. The Bureau also seeks comment on whether five is the appropriate upper limit for reporting guarantees.

Loan term. The third data field the Bureau is proposing to include in the credit type data point is the loan term. As with the consumer lending market, the pricing and sustainability of closed-end credit transactions for small businesses are associated with term length, and without awareness of the term of the loan, data users will have less of an understanding of the types of credit being made available to applicants. Credit with a one-month term may differ not just in degree but in kind from credit with a 60-month term. The Bureau thus believes that the length of the loan term is a fundamental attribute of the type of credit that applicants are seeking such that it should be treated as a separate data field within credit type. As with other elements of the credit type data point, loan term information would allow data users to reduce inaccurate conclusions or misinterpretations of the 1071 data, aiding in fulfilling both the fair lending and business and community development purposes of section 1071. Likewise, the loan term will be part of the application or loan file and should not be operationally difficult to report once a financial institution's 1071 compliance system is set up.

Proposed comment 107(a)(5)-5 would present the instructions for collecting and reporting loan term. Specifically, it would explain that a financial institution complies with proposed § 1002.107(a)(5)(iii) by reporting the number of months in the loan term for the covered credit transaction, and that the loan term is the number of months after which the legal obligation will mature or terminate. The comment would further explain how to measure the loan term and the possible use of rounding.

Proposed comment 107(a)(5)-5 would also make clear that if a credit product, such as a credit card, does not have a loan term, the financial institution reports loan term as “not applicable.” The financial institution also reports “not applicable” if the application is denied, withdrawn, or determined to be incomplete before a loan term has been identified. The Bureau believes that permitting the use of “not applicable” in these situations would facilitate compliance and aid in the collection of appropriate data. The Bureau believes that the proposed regulatory text and commentary described above would alleviate many of the concerns of the SERs and other commenting stakeholders regarding the credit type data point. The credit product and guarantee type lists have been updated using their input and continued Bureau consideration. Multiple types of guarantees would be permitted by the proposal, and FHA guarantees have been added to the list.

The Bureau believes the statutory term “type . . . of the loan” to be ambiguous, and reasonably interprets the term to include the credit product, any guarantee obtained, and the term of a closed-end loan because an accurate and useful record of the “type” of loan or credit would include those data fields. In the alternative, ECOA section 704B(e)(2)(H) authorizes the Bureau to require inclusion of “any additional data that the Bureau determines would aid in fulfilling the purposes of [section 1071],” and for the reasons discussed above, the Bureau has also determined that the subcategories of credit product (including collateral), guarantee type, and loan term would aid in fulfilling those purposes.

The Bureau seeks comment on its proposed approach to this data field.

107(a)(6) Credit Purpose

Background

Section 1071 requires financial institutions to collect and report “the type and purpose of the loan or other credit being applied for.” (The credit type data point is addressed in proposed § 1002.107(a)(5).)

SBREFA Proposals Under Consideration and Feedback Received

The Bureau stated in the SBREFA Outline that it was considering proposing that financial institutions report the loan/credit purpose data point by choosing one or more purposes from a specified list. In addition to several specific business purposes, the list included choices for “Other” or “Unknown” to facilitate compliance. The Bureau also explained that it was considering proposing that financial institutions be allowed to choose up to three purposes when the applicant indicates more than one purpose.

Some SERs stated that they collect information on loan/credit purpose, although the information they collect may be different from that in the loan/credit purpose list in the SBREFA Outline. One SER did, however, suggest that the Bureau's purposes list was similar to their list. Some SERs made suggestions of additional loan/credit purposes to add to the list, including for inventory loans, agricultural loans, and contract financing. One SER requested that the Bureau clarify whether this data point is intended to capture the purpose of the loan or the type of collateral. Another SER recommended combining the categories of motor vehicle finance and equipment finance, explaining that certain financing can span both categories (such as for a truck and a trailer as a combined purchase). One of the SERs expressed concern about possible confusion regarding credit with multiple purposes, and another SER suggested that the Bureau provide clear instructions on this data point. Another SER suggested that the Bureau explain how a line of credit should be reported if there can be multiple lines for different purposes all within the same account.

The SBREFA Panel recommended that the Bureau consider modifying the loan/credit purpose lists in accordance with the various suggestions made by SERs.

Like the SERs, the other stakeholders who provided feedback on the SBREFA Outline stated that they often collect loan purpose information from applicants, but that the specific loan purposes they use differ somewhat from those listed in the SBREFA Outline. Stakeholders supported the inclusion of “other” and “unknown” in the list of purposes, and one suggested that the Bureau add “Not Applicable” for products, such as credit cards, that do not have a specific purpose. As with the SERs, these stakeholders requested clarifications and several changes to the loan purposes list. One commenter stated that financial institutions should not have to present the entire list to applicants where a loan product's terms do not allow the loan to be used for one or more of the specified purposes. That same commenter suggested that financial institutions should be allowed to include additional purposes not on the list, and in the instance an applicant selects an additional purpose, the financial institution would include it as “other” unless the selected purpose squarely fits within, or is a subset of, a purpose specified on the Bureau's list.

Proposed Rule

The Bureau is proposing in § 1002.107(a)(6) to require that financial institutions collect and report the purpose or purposes of the credit applied for or originated. The Bureau's proposed approach aligns with the SBREFA Outline approach, with certain adjustments. First, the Bureau is proposing to use the term “credit purpose” for this data point, rather than “loan/credit purpose,” for clarity and consistency with terminology used elsewhere in the proposal. In addition, the proposal would provide a more complete description of the purposes listed, which would clarify the relation between the purpose of the credit and the form of collateral used. The proposal also reflects other changes to the list of purposes presented in the SBREFA Outline, as explained below.

Proposed comment 107(a)(6)-1 would present instructions for collecting and reporting credit purpose and would provide the proposed list of credit purposes from which financial institutions would select.

The proposed list is similar to the list in the SBREFA Outline although, consistent with the SBREFA Panel's recommendation, the Bureau has made adjustments based on SERs' suggestions, as well as those of other stakeholders and its own further consideration. First, the items on the SBREFA list that described types of collateral, such as commercial real estate, have been updated to more clearly reflect that the financial institution is collecting and reporting the purpose of the loan, and not the form of collateral, though the form of collateral may be referred to in describing that purpose. In addition, the listed purposes involving real estate now differentiate between dwelling and non-dwelling real estate. The Bureau believes that this distinction would help in collecting more precise and useful data. To facilitate compliance the Bureau is also proposing to add “not applicable” to the purposes list for use when an application is for a credit product that generally has indeterminate or numerous potential purposes, such as a credit card. Proposed comment 107(a)(6)-5 would also explain the use of “not applicable” as a response. In addition to the changes described above, the proposed list of purposes also reflects small nonsubstantive edits for clarity.

Proposed comment 107(a)(6)-2 would explain that if the applicant indicates or the financial institution is otherwise aware of more than one purpose for the credit applied for or originated, the financial institution would report those purposes, up to a maximum of three, using the list provided, in any order it chooses. Since an applicant may have more than one purpose for a credit transaction, the Bureau believes it is appropriate to require collection and reporting of more than one credit purpose for this data point in that situation. The Bureau believes that having financial institutions report up to three purposes would provide useful and substantive data. The Bureau also believes that allowing financial institutions discretion as to the order of the purposes would facilitate compliance.

Proposed comment 107(a)(6)-3 would explain that if a purpose of the covered credit transaction does not appear on the list of purposes provided, the financial institution reports “other” as the credit purpose and reports the purpose as free-form text. The Bureau believes that allowing financial institutions to choose “other” when a credit purpose for the application does not appear on the provided list would facilitate compliance. In addition, collecting this information on “other” credit purposes would assist the Bureau in monitoring trends in this area and key developments in the small business lending market, which the Bureau could use to inform any future iterations of the list. For efficiency and to facilitate compliance, proposed comment 107(a)(6)-3 would also explain that if the application has more than one “other” purpose, the financial institution chooses the most significant “other” purpose, in its discretion, and reports that “other” purpose. The comment would then explain that a financial institution reports a maximum of three credit purposes, including any “other” purpose reported.

Proposed comment 107(a)(6)-4 would explain that, pursuant to proposed § 1002.107(c)(1), a financial institution shall maintain procedures reasonably designed to collect applicant-provided information, which includes credit purpose. However, if a financial institution is nonetheless unable to collect or determine credit purpose information, the financial institution would report that the credit purpose is “not provided by applicant and otherwise undetermined.” The Bureau believes that permitting use of this response would facilitate compliance and enhance the quality of data collected.

In order to facilitate compliance, the Bureau is also proposing comments 107(a)(6)-6 and -7. Proposed comment 107(a)(6)-6 would clarify that, as explained in proposed comment 104(b)-4, subpart B does not apply to an extension of credit that is secured by 1-4 individual dwelling units that the applicant or one or more of the applicant's principal owners does not, or will not, occupy. Proposed comment 107(a)(6)-7 would clarify the collection and reporting obligations of financial institutions with respect to the credit purpose data point, explaining that the financial institution would be permitted, but not required, to present the list of credit purposes provided in comment 107(a)(6)-1 to the applicant. Proposed comment 107(a)(6)-7 would further explain that the financial institution would also be permitted to ask about purposes not included on the list provided in proposed comment 107(a)(6)-1. Finally, proposed comment 107(a)(6)-7 would clarify that if an applicant chooses a purpose or purposes that are similar to purposes on the list provided, but uses different language, the financial institution would report the purpose or purposes from the list provided. The Bureau believes that minimizing use of free-form text here would improve the usefulness of the data collected and facilitate compliance.

The Bureau believes that, with the modifications discussed above, the list of credit purposes provided in proposed comment 107(a)(6)-1 appropriately aligns with the purposes of credit sought in the small business credit market. As explained above, the Bureau has clarified the distinction between the purpose of the credit and the collateral involved, as one SER suggested. In addition, the Bureau believes that the explanations and instructions in the proposed commentary accompanying § 1002.107(a)(6) should reduce any confusion as to how a financial institution would comply when an application involves multiple purposes, and in other situations. In regard to the SER comment about multiple lines of credit for different purposes within the same account, see the discussion of “covered application” in the section-by-section analysis of proposed § 1002.103(a) above.

The Bureau seeks comment on its proposed approach to the credit purpose data point. In addition, the Bureau seeks comment on whether there are any purposes that should be added to or modified on its proposed list including, in particular, on the potential usefulness of including “agricultural credit” and “overdraft line of credit” in the credit purposes list. Finally, the Bureau requests comment on whether further explanations or instructions with respect to this data point would facilitate compliance.

107(a)(7) Amount Applied For

Background

Section 1071 requires financial institutions to collect and report “the amount of the credit or credit limit applied for, and the amount of the credit transaction or the credit limit approved.”

The Bureau notes that for HMDA, Regulation C § 1003.4(a)(7) requires reporting of “the amount of the covered loan or the amount applied for, as applicable,” which requires reporting of the amount applied for only when the credit is not originated. Because section 1071 uses the conjunction “and” rather than “or,” the Bureau reads section 1071 to require collection and reporting of the amount applied for regardless of whether the application is ultimately approved or originated. (The amount approved or originated data point is addressed in proposed § 1002.107(a)(8).)

SBREFA Proposals Under Consideration and Feedback Received

The Bureau stated in the SBREFA Outline that it was considering requiring financial institutions to report the amount applied for data point using the initial amount of credit or credit limit requested by the applicant at the application stage, or later in the process but prior to the financial institution's evaluation of the credit request. The Bureau further explained in the SBREFA Outline that this method would not require reporting of amounts discussed before an application is made to a financial institution, but would capture the initial amount requested at the application stage or later, and would reflect the amount of the request that was evaluated by the financial institution in making a credit decision. In addition, if the applicant did not request a particular amount, but the financial institution underwrote the application as being for a specific amount, the financial institution would report the amount considered for underwriting. If the particular product applied for would not involve a specific amount requested or underwritten, the financial institution would report “Not Applicable” for this data point. Finally, the Bureau suggested in the SBREFA Outline that when an applicant responds to a “firm offer” that specifies an amount, which may occur in conjunction with a pre-approved credit solicitation, the amount applied for would generally be the amount of the firm offer.

Because of the relationship between the amount applied for and the amount approved or originated data points, the following summary of SER feedback includes input on both. One SER articulated the importance of capturing data on both the amount applied for and the amount approved, stating that both data points were necessary to identify potentially discriminatory practices, such as discouragement, in the lending process. Another SER explained that the amount applied for could change during the iterative application process, particularly with a business that may not have previously had a banking relationship with the financial institution, but that the amount generally stayed consistent through underwriting. Other SERs asserted that differences between the amounts requested and approved were frequent, for a variety of reasons. One SER stated that they notify applicants of a preliminary offered amount, which often changes after documentation and underwriting. One example offered was that disparities between the amount applicants applied for and the amount the lenders approved may be attributable to collateral being assessed at a different value than the amount the applicants initially requested. Some SERs also remarked that differences in these amounts were often attributable to financial institutions acting as counselors or advisors to small businesses, including start-ups, and going back and forth until arriving at an amount that is appropriate given the customer's needs.

One SER (who supported reporting the amount initially applied for and the amount approved) strongly opposed reporting counteroffers, stating that negotiation is quite prevalent in small business lending. Another SER suggested that the Bureau use ranges for reporting the amount applied for, rather than specific numbers, and that the Bureau allow a financial institution to report “not applicable” if an applicant does not specify an amount requested. A SER also suggested there could be other potential complexities in capturing data on credit amount/limit the applicant applied for and credit amount/limit the lender approved, such as simultaneous or grouped financings involving multiple products, different sub-limits for each product or loan, and a general credit limit for an entire facility. SERs asked that these data points be captured in a manner that took these complexities into account.

The SBREFA Panel recommended that the Bureau seek comment on potential methods for avoiding misinterpretations of disparities between the credit amount/limit applied for and the credit amount/limit approved.

The Bureau also received feedback from other stakeholders regarding this data point. Industry stakeholders providing feedback on the SBREFA Outline emphasized that arriving at an applied for amount is a complex, iterative process and that the reporting requirement should be flexible. One stakeholder suggested that the Bureau propose to require reporting of the amount of the request that was evaluated by the financial institution in making the credit decision. That stakeholder echoed the comments of others when it explained that the amount of credit requested can change a great deal in formulating an application. The stakeholder further explained that some borrowers request a specific amount immediately, others may not arrive at a number until after two or three sessions, and still others may float multiple numbers during several conversations, trying to gauge a loan officer's reaction. Another stakeholder commented that an applicant's stated credit desires can be arbitrary and that comparing the initial amount requested against the amount approved could be misleading and is not a reliable measure of the health or efficacy of small business lending. Other stakeholders stated that an applicant will often or usually state a specific amount early on, but that the amount will usually change during the process for various appropriate reasons. One stakeholder explained that small business loans generally are not a quick affair and require substantial review by and interaction between the lender and borrower, and business credit that it is uncommon for a small business applicant's requested credit amount to stay the same from application to underwriting. One trade association stated that many small businesses will request a much higher loan amount than what is ultimately approved after evaluation of collateral, particularly in transactions involving real estate or equipment, and that for start-ups and sole proprietorships a lack of sophistication can also lead to initial requests being unrealistic. That trade association further explained that in these cases, the financial institution will work with the applicant to arrive at a more reasonable amount, which could take place over a period of weeks or months. The trade association then recommended that the Bureau allow reporting of an amount that is determined at a later stage than the first request. Finally, another industry stakeholder requested that the Bureau propose to allow reporting of the applied for amount using ranges of numbers, stating that applicants often request credit this way.

A community group stakeholder stated that the Bureau should require financial institutions to report the initial amount requested at the time of application, explaining that the amount of credit requested is important for the purposes of section 1071, which it described as including enforcing fair lending laws and assessing whether credit needs are met.

Two stakeholders supported the use of “not applicable” when the credit product does not have a specific amount or limit, and another stakeholder said that no “applied for” credit limit should be required for open-end products. Two other stakeholders requested that the Bureau allow the use of “not applicable” whenever an applicant does not request a specific amount.

Proposed Rule

The Bureau is proposing in § 1002.107(a)(7) to require that a financial institution collect and report “the initial amount of credit or the initial credit limit requested by the applicant.” Proposed comment 107(a)(7)-1 would explain that a financial institution is not required to report credit amounts or limits discussed before an application is made, but must capture the amount initially requested at the application stage or later. In addition, proposed comment 107(a)(7)-1 would state that if the applicant does not request a specific amount, but the financial institution underwrites the application for a specific amount, the financial institution reports the amount considered for underwriting as the amount applied for. Finally, proposed comment 107(a)(7)-1 would instruct that if the applicant requests an amount as a range of numbers, the financial institution reports the midpoint of that range.

The Bureau is aware that there could be complexity in pinpointing the specific initial amount requested by an applicant in the fluid process of a small business credit application, which the Bureau acknowledges could make this data point difficult for financial institutions to collect and report. Nonetheless, the statute requires that the amount applied for be reported, and that information could be important for both of section 1071's statutory purposes. The Bureau believes that its proposed regulatory text and commentary, described above, would provide a flexible compliance regime for this data point that would accommodate different business practices. A financial institution would not be required to report amounts discussed before the application is made, which would accommodate preliminary informal interactions. In addition, the proposed comment's instruction on how to report this data point when the applicant requests a range of numbers would facilitate compliance in that situation and yield data that would be comparable to the other data collected for this data point ( i.e., specific numbers and not ranges of numbers). The Bureau believes that more precise information will be more useful and should not create extra difficulty for financial institutions to collect.

Furthermore, proposed comment 107(a)(7)-1 would address the method for reporting when no initial amount is requested by the applicant—that is, the financial institution reports the amount considered for underwriting as the amount applied for. The Bureau believes that this method would aid compliance and yield appropriate data by avoiding the need to report a preliminary number when a financial institution's business practices do not result in there being such a number to report. The Bureau understands that a specific amount is often not required by many financial institutions for products such as credit cards, as the financial institution assigns the credit limit as part of the credit evaluation process.

The SER and stakeholder feedback from SBREFA suggest that mandating reporting of an amount applied for in all cases could impose undue compliance burden and complicate Regulation B compliance for entities that do not, for certain products, currently require that the borrower request a specific credit amount or credit limit as part of the financial institution's application process. In light of the complexities and concerns described by the SERs and other stakeholders, and the Bureau's understanding that sometimes there is no amount underwritten to, the Bureau believes that the amount applied for data point should avoid interfering with this arrangement by allowing use of “not applicable” in certain instances. Thus, proposed comment 107(a)(7)-2 would explain that if the particular product applied for does not involve a specific amount requested or underwritten, the financial institution reports that the requirement is “not applicable.”

In addition to situations in which no amount applied for is requested by the financial institution or underwritten to and the amount applied for would be “not applicable,” as described above, the Bureau understands that there may be situations where the financial institution requests an amount applied for but the applicant nonetheless does not provide one. To address this situation, proposed comment 107(a)(7)-2 would explain that, in compliance with proposed § 1002.107(c)(1), a financial institution shall maintain procedures reasonably designed to collect applicant-provided information, which includes the credit amount initially requested by the applicant. However, if a financial institution is nonetheless unable to collect or otherwise determine the amount initially requested, the financial institution reports that the amount applied for is “not provided by applicant and otherwise undetermined.” The Bureau believes that providing the reporting flexibilities in proposed comment 107(a)(7)-2, along with the proposed reporting of the amount presented for underwriting when appropriate, would facilitate compliance by accommodating different business practices and would also allow for collection of useful data.

Proposed comment 107(a)(7)-3 would provide instructions for reporting the amount applied for in regard to firm offers. “Firm offers” involve solicitations to small businesses when they have been pre-approved for a term loan, line of credit, or credit card. Proposed comment 107(a)(7)-3 would explain that when an applicant responds to a “firm offer” that specifies an amount or limit, which may occur in conjunction with a pre-approved credit solicitation, the financial institution reports the amount applied for as the amount of the firm offer, unless the applicant requests a different amount. If the firm offer does not specify an amount or limit and the applicant does not request a specific amount, the amount applied for is the amount underwritten by the financial institution. The Bureau believes that when the applicant knows the amount of the pre-approval before responding, that figure could appropriately be considered as the amount applied for. The Bureau understands that financial institutions often provide an amount in such solicitations. But if no amount appears in the pre-approved solicitation, the Bureau considers that an applicant responding to the firm offer has not requested a specific amount, and reporting of the amount underwritten would be appropriate. The Bureau's proposal follows the SBREFA Outline's approach under consideration for handling firm offers, and the SERs and other stakeholders did not object to this method. The Bureau seeks comment, however, on whether it should handle reporting of the amount applied for in connection with firm offers in a different manner than as set forth in this proposed comment, such as by requiring reporting of “not applicable” in situations where the firm offer does not specify an amount or limit and the applicant does not request one.

Proposed comment 107(a)(7)-4 would explain that when reporting a covered application that seeks additional credit amounts on an existing account, the financial institution reports only the additional credit amount sought, and not any previous amounts sought or extended. The Bureau believes that this comment would facilitate compliance by providing clear guidance on reporting in this situation, and that avoiding double reporting of previous amounts would result in more appropriate and useful data. The Bureau notes that a request to withdraw additional credit amounts at or below a previously approved credit limit amount on an existing open-end line of credit would not be a covered application, and so proposed comment 107(a)(7)-4 would not apply to such a situation.

The Bureau believes that the proposed regulatory text and commentary described above would alleviate many of the concerns of the SERs and other stakeholders providing feedback on the SBREFA Outline. The Bureau notes that the proposal would accommodate different business practices and the often fluid nature of amounts applied for in small business lending. In regard to concerns about disparities between the amount applied for and the amount approved or originated, section 1071 requires the collection and reporting of the amount applied for, which is important for both of section 1071's statutory purposes.

The Bureau seeks comment on its proposed approach to the amount applied for data point. The Bureau also requests comment on how best to require reporting of amount applied for in situations involving multiple products or credit lines under a single credit limit. The Bureau also requests comment on potential methods for avoiding misinterpretations of disparities between the amount applied for and the amount approved or originated. Finally, the Bureau requests comment on its proposed approach to reporting when a range of numbers is requested.

107(a)(8) Amount Approved or Originated

Background

Section 1071 requires financial institutions to collect and report “the amount of the credit or credit limit applied for, and the amount of the credit transaction or the credit limit approved.” (The amount applied for data point is addressed in proposed § 1002.107(a)(7).) As explained in the section-by-section analysis of proposed § 1002.107(a)(7) above, the Bureau reads section 1071 to require collection and reporting of the amount or limit applied for as well as the amount of the credit transaction or credit limit approved.

SBREFA Proposals Under Consideration and Feedback Received

In the SBREFA Outline, the Bureau explained that it was considering proposing that financial institutions report (1) the amount of the originated loan for a closed-end origination; (2) the amount approved for a closed-end loan application that is approved but not accepted; and (3) the amount of the credit limit approved for open-end products (regardless of whether the open-end product is originated or approved but not accepted). In light of the potential meaning of the statutory language, the Bureau explained that it was considering proposing different standards for closed-end and open-end products. In addition, the financial institution would report “Not Applicable” for this data point for applications that are denied, closed for incompleteness, or withdrawn by the applicant before a credit decision is made.

The relevant SBREFA Panel Report section summarized feedback on both the amount applied for and the amount approved data points. For ease of reading, the Bureau has included the discussion of both above in the section-by-section analysis of proposed § 1002.107(a)(7). The following summary focuses more on the amount approved or originated data point. One SER articulated the importance of capturing data on both the amount applied for and the amount approved, stating that both data points were necessary to identify practices, such as discouragement, in the lending process. Other SERs asserted that differences between the amounts requested and approved were frequent, for a variety of reasons. One SER stated that they notify applicants of a preliminary offered amount, which often changes after documentation and underwriting. One example offered was that disparities between the amount applicants applied for and the amount the lenders approved may be attributable to collateral being assessed at a different value than the amount the applicants initially requested.

One SER (who supported reporting the amount initially applied for and the amount approved) strongly opposed reporting counteroffers, stating that negotiation is quite prevalent in small business lending. Another SER also suggested there could be other potential complexities in capturing data on credit amount/limit the applicant applied for and credit amount/limit the lender approved, such as simultaneous or grouped financings involving multiple products, different sub-limits for each product or loan, and a general credit limit for an entire facility. SERs asked that these data points be captured in a manner that took these complexities into account.

As noted in the feedback summary above, the SBREFA Panel recommendation addressed both the amount applied for and the amount approved data points. The Panel recommended that the Bureau seek comment on potential methods for avoiding misinterpretations of disparities between the credit amount/limit applied for and the credit amount/limit approved.

Few of the stakeholders who provided written feedback on the SBREFA Outline objected to the reporting method under consideration for amount approved/originated. One commenter asked that this data point be reported using ranges of numbers rather than specific amounts, in order for it to be uniform with the method it suggested for the amount applied for data point. Other commenters pointed out possible confusion as to the definitions of closed-end and open-end credit. In addition, commenters stated that sometimes applicants are provided more than one approval amount, and one commenter suggested that in such cases the Bureau should require reporting of the highest approval amount when the credit is approved but not accepted.

Proposed Rule

The Bureau is proposing in § 1002.107(a)(8) that the amount approved or originated data point be collected and reported as follows: (i) For an application for a closed-end credit transaction that is approved but not accepted, the financial institution collects and reports the amount approved by the financial institution; (ii) for a closed-end credit transaction that is originated, the financial institution collects and reports the amount of credit originated; and (iii) for an application for an open-end credit transaction that is originated or approved but not accepted, the financial institution collects and reports the amount of the credit limit approved.

The Bureau's proposal follows the SBREFA Outline approach for this data point, with certain adjustments and clarifications. First, for clarity the proposed rule refers to this data point as “amount approved or originated.” In addition, the Bureau is proposing comment 107(a)(8)-2 to explain that when a financial institution presents multiple approval amounts from which the applicant may choose, and the credit is approved but not accepted, the financial institution reports the highest amount approved. The Bureau believes that reporting the highest amount approved when credit is approved but not accepted, as addressed in this proposed comment, would most accurately reflect the amount of credit that was made available to the applicant in this situation.

Proposed comment 107(a)(8)-1 would provide general instructions for the amount approved or originated data point, explaining that a financial institution would comply with proposed § 1002.107(a)(8) by reporting the amount approved or originated for credit that is originated or approved but not accepted. For applications that the financial institution, pursuant to proposed § 1002.107(a)(9), reports as denied, withdrawn by the applicant, or incomplete, the financial institution would report that the amount approved or originated is “not applicable.” The Bureau believes that these instructions and providing for reporting of “not applicable” in certain circumstances will facilitate compliance for this data point and elicit accurate and appropriate data.

Proposed comments 107(a)(8)-3 and -4 would provide specific instructions for identifying and reporting the amount approved or originated for closed-end transactions, including refinancings. The Bureau believes that the instructions provided would facilitate compliance and elicit accurate and useful data.

Proposed comment 107(a)(8)-5 would provide instructions regarding counteroffers and the amount approved or originated data point, explaining that if an applicant agrees to proceed with consideration of a counteroffer for an amount or limit different from the amount for which the applicant applied, and the covered credit transaction is approved and originated, the financial institution reports the amount granted. Proposed comment 107(a)(8)-5 would further explain that if an applicant does not agree to proceed with consideration of a counteroffer or fails to respond, the institution reports the action taken on the application as denied and reports “not applicable” for the amount approved or originated. The proposed comment would then provide a reference to proposed comment 107(a)(9)-2, which discusses the action taken data point in relation to counteroffers. For a more complete discussion of how the proposed rule would treat reporting obligations for applications involving counteroffers, see the section-by-section analysis of proposed § 1002.107(a)(9) below (action taken).

Most of the SER feedback on the amount approved or originated data point focused on its relation to the amount applied for data point. That issue is discussed in the section-by-section analysis of proposed § 1002.107(a)(7) above (amount applied for). One SER also expressed concern about reporting counteroffers in relation to the amount approved or originated data point. The Bureau believes that, as explained above, proposed comment 107(a)(8)-5 provides an appropriate and manageable method for reporting amount approved or originated in counteroffer situations. Other stakeholders asked that the Bureau take into account the complexity of multiple product or account situations. The Bureau has done so in relation to its treatment of covered applications, discussed in the section-by-section analysis of proposed § 1002.103(a) above. In regard to the comment concerning confusion between closed-end and open-end credit, the Bureau is proposing to define these terms clearly in the regulatory text at proposed § 1002.102(e) and (n). As for the suggestion that the amount approved or originated data point be reported using ranges of numbers (for consistency with its request to report the amount applied for data point using ranges), the Bureau is not proposing to have financial institutions report the amount applied for using ranges of numbers, though it does seek comment on this possibility in the section-by-section analysis of proposed § 1002.107(a)(7) above.

The Bureau reads the statutory language “the amount of the credit transaction or the credit limit approved” to require the amount of the credit limit approved to be reported for open-end applications, and the amount of the credit transaction to be reported for closed-end applications. The Bureau believes the phrase “the amount of the credit transaction or the credit limit approved” to be ambiguous in regard to closed-end transactions because the most common meaning of the word “transaction” in the context for closed-end credit transactions would be an originated loan. Thus, the Bureau reasonably interprets the statute as requiring reporting of the amount originated for closed-end credit transactions. In the alternative, section 1071 authorizes the Bureau to include any “additional data that the Bureau determines would aid in fulfilling the purposes of [section 1071].” The Bureau has determined that for closed-end credit transactions that are originated, reporting of the amount originated would aid in fulfilling the enforcement of fair lending laws, by indicating the credit that had been provided to different types of applicants in actual transactions. The Bureau has also determined that reporting of the amount originated for closed-end credit transactions would aid in fulfilling the business and community development purpose of section 1071 by providing a more complete and accurate picture of the credit actually being provided to different businesses and communities. In addition, in the alternative, the Bureau believes that it is appropriate to use its exception authority under ECOA section 704B(g)(2) to require the amount originated, rather than the amount approved, for originated closed-end credit transactions, because collecting data on the amount approved instead of the amount originated for a closed-end transaction would compromise the utility and quality of the data being reported, thus inhibiting the fair lending and business and community development purposes of section 1071.

Similarly, the Bureau has determined that for closed-end credit that is approved but not accepted, the amount approved would aid in fulfilling the purposes of section 1071. Primarily, reporting of the amount approved for closed-end credit would aid in fulfilling the enforcement of fair lending laws, by indicating the credit that had been offered to different types of applicants when the transaction does not close and there is no amount originated to report. Reporting of the amount approved for closed-end credit would also aid in fulfilling the business and community development purpose of section 1071 by providing a more complete picture of the credit being offered to different businesses and communities.

The Bureau seeks comment on its proposed approach to the amount approved or originated data point, including on the specific requests for input above. As recommended by the SBREFA Panel and explained in the section-by-section analysis of proposed § 1002.107(a)(7) above, the Bureau requests comment on potential methods for avoiding misinterpretations of disparities between the credit amount or limit applied for and the credit amount or limit originated or approved and on the possible use of ranges of numbers for reporting the amount applied for and amount approved or originated data points. In addition, the Bureau requests comment on whether it would be useful and appropriate to require reporting of the amount approved as well as the amount originated for originated closed-end credit transactions.

107(a)(9) Action Taken

Background

ECOA section 704B(e)(2)(D) requires financial institutions to report the “type of action taken” on an application.

SBREFA Proposal Under Consideration and Feedback Received

In the SBREFA Outline, the Bureau stated it was considering proposing five categories for reporting “action taken”: Loan originated, application approved but not accepted, application denied, incomplete application (closed or denied), and application withdrawn by the applicant.

Action taken categories in general. Most SERs were supportive of the action taken categories under consideration. Several SERs stated that the categories align with information they currently collect. One SER explained that a single application could pass through all of these stages and expressed concern that identifying the right category to report may be subjective and questioned by examiners or auditors after the fact. Another SER asked for additional clarity on the difference between denied applications and incomplete applications. This SER also suggested adding a category for lenders to indicate if an applicant is rate shopping. The SBREFA Panel recommended that the Bureau further clarify the circumstances in which each of the action taken categories should be used.

Of the other stakeholders that provided feedback on this issue, several supported the action taken codes set forth in the SBREFA Outline. One industry commenter stated that the data point would generally not be difficult or expensive to report and two commenters reported currently tracking some similar (though not identical) fields. One community group commenter underscored the importance of collecting action taken codes (including approvals and denials) in order to track demand for credit and identify potential discrimination. The commenter also noted current available data (Community Reinvestment Act data and surveys) on small business lending provides limited information on supply and demand. The commenter stated that capturing incomplete and withdrawn applications was important as it may reflect discouragement or discriminatory treatment, and that the approved but not accepted category could reflect less favorable pricing or loan terms. Two industry commenters suggested the Bureau further simplify the action taken categories by eliminating the approved but not accepted and incomplete categories, and including only originated, abandoned, and denied categories. One stakeholder suggested adding a field for other circumstances, such as rate shopping. Several community group commenters suggested the action taken categories be expanded to include all the HMDA action taken categories.

Treatment of counteroffers. In response to a question in the SBREFA Outline about whether counteroffers should be separately identified in the 1071 data set, several SERs discussed the frequency of counteroffers in small business lending and the potential utility of capturing counteroffers in 1071 data. One SER expressed concern with reporting each adjustment in the application process because, they said, not all counteroffers are memorialized in writing. In the context of discussions on the amount approved data point, a SER strongly opposed reporting counteroffers, stating that negotiation is quite prevalent in small business lending. The SBREFA Panel recommended the Bureau seek comment on whether to capture counteroffers in 1071 data, and if so, the best method for doing so.

Other stakeholders also commented on counteroffers. Several industry commenters stated that counteroffers should not be reported. The commenters noted that there are often multiple rounds of back-and-forth communications in small business lending, that capturing counteroffers is unnecessary as the information is practically captured in the loan decision and other 1071 data (such as loan amount approved), and that counteroffers are not necessary to show the availability of credit. If reported, several industry commenters suggested use of a data flag to simplify reporting, avoid reporting of potentially numerous counteroffers in a single application, and avoid the additional costs for financial institutions to conduct edits and validity checks on each separate counteroffer. Another industry representative also urged that if counteroffers are reported, they should be considered a single application. No community groups commented on this topic.

Proposed Rule

The Bureau is proposing in § 1002.107(a)(9) to require reporting of the action taken by the financial institution on the covered application, reported as originated, approved but not accepted, denied, withdrawn by the applicant, or incomplete. As discussed above, most SERs and other stakeholders were generally supportive of these categories. In addition, the Bureau is proposing to categorize all incomplete applications as a single category of “incomplete”; while this proposed approach is not consistent with Regulation C comments 4(a)(8)(i)-4 and -6, the Bureau is concerned about potential errors in the data if financial institutions report incomplete denials separate from notices of incompleteness. There may also be some benefit for fair lending analysis to reserve the denied category solely for credit-related denials, rather than denials that are based on incompleteness. As noted below, the Bureau seeks comment on reporting the “incomplete” action taken category.

In response to commenter suggestions, the Bureau considered removing or combining several action taken categories. For example, the Bureau considered eliminating the approved but not accepted category; however, because the Bureau believes data collected under this category would reflect demand for credit, the Bureau is retaining this category in its proposal. The Bureau also considered removing the category of incomplete applications. However, because the Bureau believes capturing data on incomplete applications is essential to identifying potential discrimination and discouragement during the application process, the Bureau is retaining this action taken category as well. Finally, the Bureau considered combining the incomplete and withdrawn categories, since both actions reflect an applicant's inability or affirmative decision not to proceed with the request for credit. However, the Bureau is retaining incomplete and withdrawn as separate categories, as a high incidence of incomplete applications could signal an issue with the level of assistance provided by the financial institution (for example, not providing reasonable support or assistance to ensure an applicant satisfies all credit conditions; or providing more support to some applicants than others). As noted below, the Bureau seeks comment on this issue.

The Bureau is not proposing additional action taken categories beyond what was considered in the SBREFA Outline. Although some commenters suggested the Bureau expand the action taken codes to those currently used in Regulation C (including preapprovals or purchased loans), the Bureau does not believe those additional fields would be appropriate or necessary in the context of section 1071 given the diversity of processes and other complexities in the small business lending space and because section 1071, unlike HMDA, does not expressly reference loan purchases.

The Bureau also considered, but is not proposing, adding an action taken category or flag for counteroffers. As noted by certain SERs and other commenters, it would be potentially infeasible to capture all of the proposed 1071 data fields for every back-and-forth counteroffer with an applicant, and attempting to do so would likely lead to confusion and data errors. The Bureau also agrees with commenter feedback that, even without a counteroffer flag or field, the proposed section 1071 data fields would capture many of the terms of accepted counteroffers (such as pricing, guarantee, etc.), as well as the amount initially requested by the applicant. Thus, the Bureau believes the addition of a counteroffer flag or field would provide limited useful information beyond what would be captured under the current proposal. Moreover, while a counteroffer flag or field might be useful as a screening tool for potential discrimination (for example, if women-owned businesses or minority-owned businesses are provided counteroffers or denied at a higher rate than male- or non-Hispanic white-owned businesses), a flag alone would lack any specificity to provide further fair lending analysis.

Following the SBREFA Panel's recommendation and feedback from other stakeholders, proposed comment 107(a)(9)-1 would provide additional clarity on when a financial institution should select each of the proposed action taken codes. The financial institution identifies the applicable action taken code based on final action taken on the covered application.

Proposed comment 107(a)(9)-2 would provide instructions for reporting action taken on covered applications that involve a counteroffer, along with examples. The Bureau's proposed treatment of counteroffers aligns with how counteroffers are treated under existing § 1002.9 notification procedures. Specifically, proposed comment 107(a)(9)-2 would state that if a financial institution makes a counteroffer to grant credit on terms other than those originally requested by the applicant and the applicant declines to proceed with the counteroffer or fails to respond, the institution reports the action taken as a denial on the original terms requested by the applicant. If the applicant agrees to proceed with consideration of the financial institution's counteroffer, the financial institution reports the action taken as the disposition of the application based on the terms of the counteroffer. This proposed approach to reporting counteroffers also aligns with how they are reported under Regulation C.

Proposed comment 107(a)(9)-3 would discuss reporting action taken for rescinded transactions. Proposed comment 107(a)(9)-4 would clarify that a financial institution reports covered applications on its small business lending application register for the year in which final action is taken. Finally, proposed comment 107(a)(9)-5 would provide guidance for reporting action taken if a financial institution issues an approval that is subject to the applicant meeting certain conditions.

The Bureau seeks comment on proposed § 1002.107(a)(9) that would require reporting of action taken and the associated commentary. The Bureau also specifically seeks comment on whether the “withdrawn by applicant” category should be merged with the “incomplete” category for purposes of reporting action taken. The Bureau seeks comment as well on whether the Bureau's proposal to categorize all incomplete applications as a single category of “incomplete” (closed or denied) should instead be reported consistent with the approach in Regulation C, which provides separate categories for denials (including on the basis of incompleteness) and files closed for incompleteness (if the financial institution sent a written notice of incompleteness). In addition, the Bureau seeks comment on whether counteroffers that are not accepted, such as a credit offer for a lower credit amount than requested, should be reported as “approved but not accepted” rather than “denied,” in order to reflect the availability of credit. As recommended by the SBREFA Panel, the Bureau also seeks comment on whether to specifically capture counteroffers in section 1071 data, and if so, whether to use a counteroffer flag in the data or some other method.

107(a)(10) Action Taken Date

In addition to requiring financial institutions to collect and report the type of action they take on an application, as discussed in the section-by-section analysis of proposed § 1002.107(a)(9) above, ECOA section 704B(e)(2)(D) requires financial institutions to collect and report the “date of such action.”

In the SBREFA Outline, the Bureau indicated that it was considering proposing that the action taken date be reported with a day, month, and year, and requested feedback on potential challenges financial institutions may have in identifying such date for each of the action taken categories. The Bureau received limited comments on this data point during the SBREFA process. One SER suggested that the Bureau provide a grace period of several days before and after the action taken date. Another SER recommended that the date assigned as the action taken date be to the best of the financial institution's knowledge or belief given the uncertainty in assigning a particular date. The Bureau received similar feedback from other stakeholders. Two industry stakeholders suggested that a grace period or tolerance be provided to ease compliance burden, similar to the tolerance under consideration for the “application date” data point. One stakeholder recommended that the action taken date for approved and denied loans be the exact date such actions occurred.

Proposed § 1002.107(a)(10) would require action taken date to be reported as the date of the action taken by the financial institution. Proposed comments 107(a)(10)-1 through -5 would provide additional details on how to report the action taken date for each of the action taken categories in proposed § 1002.107(a)(9). For example, proposed comment 107(a)(10)-1 would explain that for denied applications, the financial institution reports either the date the application was denied or the date the denial notice was sent to the applicant.

The Bureau notes that its proposed approach for this data point largely mirrors the Regulation C approach for action taken date in § 1003.4(a)(8)(ii) and related commentary, with modifications to align with the action taken categories in proposed § 1002.107(a)(9). Regarding the request from a SER and other stakeholders to adopt a grace period for the action taken date data point, the Bureau believes that a grace period or tolerance to report the action taken date would not be necessary, in light of the flexibility already provided in proposed comments 107(a)(10)-1 through -5. Further, the Bureau believes that financial institutions generally already have policies and procedures in place to capture the date an action is taken in the normal course of their business operations.

Proposed comment 107(a)(10)-4 would explain that for covered credit transactions that are originated, a financial institution generally reports the closing or account opening date. That proposed comment also states that if the disbursement of funds takes place on a date later than the closing or account opening date, the institution may, alternatively, use the date of initial disbursement.

The Bureau seeks comment on its proposed approach to the action taken date data point.

In addition, for originated transactions, the Bureau is considering whether the date the application was approved should be captured in addition to, or instead of, the date of closing or account opening. The Bureau is also considering whether the date of closing or account opening should be reported separately from the date of disbursement of funds (for term loans) or funds availability (for lines of credit). Having these dates reported separately would permit the Bureau and other data users to determine the length of time elapsed between when an application is approved, when the closing occurred or the account was opened, and when the applicant actually received the loan funds or access to funds. Specifically, the Bureau is concerned that a lengthy gap between the loan approval date and the date the funds are made available to applicants could have adverse effects particularly on certain types of small businesses. For example, in agricultural lending where planting and harvesting seasons fall within certain time frames, if loan proceeds are not provided within a certain period of time after the financial institution receives and approves an application, the loan proceeds may no longer be of maximum value to the applicant. The Bureau seeks comment on whether it should adopt data points to capture application approval date and/or the date funds are disbursed or made available.

107(a)(11) Denial Reasons

Background

ECOA section 704B(e)(2)(H) authorizes the Bureau to require financial institutions to compile and maintain “any additional data that the Bureau determines would aid in fulfilling the purposes of [section 1071].” In addition to requiring financial institutions to collect and report the action taken date for denied applications, as discussed in the section-by-section analysis of proposed § 1002.107(a)(10) above, the Bureau is proposing to require financial institutions to collect and report the principal reason or reasons an application was denied. The Bureau believes that collection of denial reason information would aid in fulfilling the purposes of section 1071, as explained below.

SBREFA Proposal Under Consideration and Feedback Received

In the SBREFA Outline, as part of its discussion regarding the action taken data point, the Bureau requested feedback on whether financial institutions would prefer to report denial reasons to help explain the decision on an application, and if so, whether reporting denial reasons should be mandatory or optional.

When asked whether they would prefer reporting denial reasons to help explain the decision on an application, some SERs expressed concern about reporting denial reasons. These SERs asserted that requiring lenders to report reasons for denial could add more burden than benefit, may not be useful given the number of possible reasons for a denial, might not shed light on the actual reasons for a denial, may be difficult to standardize for uniform reporting, would require additional processes to ensure accurate reporting, and may present heightened privacy concerns. One SER expressed a preference to report denial reasons.

Feedback received from other stakeholders was mixed. Stakeholders opposing reporting denial reasons expressed concerns about the privacy of applicants' information if such data were released to the public. For example, they asserted that if denial reasons were released to the public, such information would make it easy to identify applicants from small communities and expose an applicant's sensitive business information like insufficient cashflow. One stakeholder mentioned that denial reasons may encompass multiple reasons and would therefore be burdensome to collect and store.

Stakeholders in favor of optional (rather than mandatory) reporting of denial reasons asserted that reporting this information would be unnecessary and burdensome and may further push small and mid-size financial institutions out of small business lending, and suggested that, if included in the rule, reporting not be made mandatory (that is, financial institutions would be permitted but not required to report such information, at the financial institution's discretion). One stakeholder suggested that rural community banks under $1 billion be exempted from reporting denial reasons due to data privacy concerns.

Finally, stakeholders in favor of mandatory reporting of denial reasons asserted that such data provide regulators and the public with important—and currently unavailable—data necessary to uncover fair lending issues and identify underwriting factors that need to be addressed. They stressed that the collection of denial data (via the action taken data point) accompanied by robust denial reasons will provide small business applicants with useful and actionable information. In addition, commenters noted that these data will help identify barriers to credit for small businesses and provide deeper insight into the reasons why credit is denied. The SBREFA Panel did not make any recommendations related to denial reasons.

Proposed Rule

Proposed § 1002.107(a)(11) would require reporting of the principal reason or reasons the financial institution denied the covered application. Proposed comment 107(a)(11)-1 would explain that a financial institution complies with proposed § 1002.107(a)(11) by reporting the principal reason or reasons it denied the application, indicating up to four reasons. The financial institution reports only the principal reason or reasons it denied the application, even if there are fewer than four reasons. The proposed comment provides an example to illustrate. The proposed comment would also state that reasons reported must accurately describe the principal reason or reasons the financial institution denied the application. Finally, the proposed comment provides a list of denial reasons from which financial institutions would select the principal reason or reasons for denying a covered application.

Proposed comment 107(a)(11)-1 also explains that a financial institution reports the denial reason as “other” where none of the enumerated denial reasons adequately describe the principal reason or reasons it denied the application, and the institution reports the denial reason or reasons as free-form text. The Bureau believes that allowing financial institutions to choose “other” in this situation would facilitate compliance. In addition, collecting information on “other” denials would assist the Bureau in monitoring trends in this area and key developments in the small business lending market, which the Bureau could use to inform any future iterations of the list.

Proposed comment 107(a)(11)-2 would clarify that a financial institution complies with proposed § 1002.107(a)(11) by reporting that the requirement is not applicable if the action taken on the application, pursuant to proposed § 1002.107(a)(9), is not a denial, and provides an example.

The Bureau notes that its proposed approach for this data point largely mirrors the Regulation C approach for denial reasons in § 1003.4(a)(16) and related commentary, with modifications to align with the reasons applications are denied in the small business lending (rather than residential mortgage lending) context.

Pursuant to its authority under ECOA section 704B(e)(2)(H), the Bureau believes that data regarding denial reasons would further the purposes of section 1071 by allowing data users to better understand the rationale behind denial decisions, help identify potential fair lending concerns, and provide financial institutions with data to evaluate their business underwriting criteria and address potential gaps as needed. In addition, robust data on application denial reasons across applicants, financial institutions, products, and communities could help target limited resources and assistance to applicants and communities, thus furthering section 1071's community development purpose. With respect to fair lending compliance, denial reasons data would help data users analyze potential denial disparities.

With regard to the potential additional compliance burdens SERs and other commenters referenced, the Bureau believes that, as a practical matter, most financial institutions are already documenting the principal reason or reasons for the denial in an adverse action notice, or should be prepared to do so if requested. However, the Bureau recognizes that if a financial institution is not currently covered by existing adverse action notice requirements under Regulation B, it may face greater challenges in reporting this information than financial institutions that currently provide adverse action notifications. The concerns raised by SERs and other stakeholders regarding the privacy implications of denial reasons are addressed in part VI.C.viii below.

The Bureau also believes that exempting certain financial institutions from the requirement to report denial reasons, or permitting financial institutions to report denial reasons voluntarily, would not be appropriate given the need for consistent and meaningful data to further the purposes of section 1071. In addition, the Bureau considered gaps in the existing small business lending data and notes that available survey data are often not representative across the industry, does not provide timely information, and does not cover all entities involved in small business lending. The Bureau notes that the 2015 HMDA Final Rule added mandatory reporting of denial reasons to Regulation C because the Bureau recognized that the collection of denial reason data could facilitate more efficient and less burdensome fair lending examinations.

Finally, the Bureau is aware that certain stakeholders are concerned that reporting denial reason data may result in fair lending actions against financial institutions for potential discriminatory disparities. The Bureau, however, believes that including denial reasons in 1071 data might actually reduce this risk, as it would allow financial institutions to point to potentially legitimate reasons for disparities.

The Bureau seeks comment on its proposed approach to this data point, including regarding whether the denial reason categories listed and explained in proposed comment 107(a)(11)-1 sufficiently cover the common credit denial reasons in the small business lending industry. If not, the Bureau seeks input on other denial reason categories to consider including in the proposed list of denial reasons. The Bureau also requests further comment on the potential utility of denial reason data as well as on the potential burdens to industry in reporting denial reasons, in light of the denial reason categories it is proposing and the data's ability to aid in fulfilling the purposes of section 1071.

107(a)(12) Pricing Information

Background

ECOA section 704B(e)(2)(H) authorizes the Bureau to require financial institutions to compile and maintain “any additional data that the Bureau determines would aid in fulfilling the purposes of [section 1071].” The Bureau believes that pricing data would serve to further both the fair lending purpose and the business and community development purpose of 1071. The majority of small businesses are run by a single owner without extensive financial experience or expert staff to navigate the commercial credit marketplace, which lacks many of the Federal protections found in consumer lending. Heightened risks to fair lending and small business development may arise from different pricing for the same products and the selective marketing of higher-priced or even predatory and unsustainable products. Because price-setting is integral to the functioning of any market, any analysis of the small business lending market—including to enforce fair lending laws or identify community and business development opportunities—would be less meaningful without this information.

Research conducted for the Department of Commerce has found that minority-owned businesses tend to pay higher interest rates on business loans than those that are not minority-owned, and a recent report by the Federal Reserve Bank of Atlanta found that minority-owned firms more frequently applied for potentially higher-cost credit products, and were also more likely to report challenges in applying for credit such as being offered high interest rates. In addition, research conducted for the SBA has found that Black- and Hispanic-owned businesses were less likely to have business bank loans and more likely to use more expensive credit card financing. The 2020 Small Business Credit Survey by a collaboration of Federal Reserve Banks found that small business applicants to nonbank lenders, such as online lenders and finance companies, were more likely to report high interest rates or unfavorable terms than applicants to depository institutions. To the extent that the recovery from the COVID-19 pandemic and resulting economic crisis is still ongoing when the Bureau's final 1071 rule becomes effective, and in regard to economic emergencies affecting small business access to credit that may occur in the future, tracking pricing in this segment of the market is particularly important.

The Bureau believes pricing data are important because the statutory data points alone offer (1) limited insight into underwriting disparities and (2) no insight into predatory prices or pricing disparities. For example, they might show that a particular market segment is expanding and apparently filling an important need, but this could actually be an area with predatory conduct. Pricing information would allow the Bureau and others to understand the situation more accurately. Data collection without pricing information could have the unintended consequence of incentivizing irresponsible lending, as providers seeking to increase representation of underserved groups could be encouraged to adopt high-cost models of lending.

Without information on pricing, data users would be unable to screen for fair lending pricing risks, and regulators would be less able to focus their enforcement and supervision resources appropriately on situations of greater possibility for questionable activities. In addition, if potential discriminatory conduct is monitored effectively in regard to loan approvals, but not in regard to pricing, industry compliance systems may focus solely on approvals and denials and ignore potential pricing disparities. Having pricing data available under 1071 would also increase transparency and help demonstrate to lenders where business opportunities exist to offer credit to underserved markets. In addition, it could demonstrate to small businesses the availability of more affordable credit.

SBREFA Proposal Under Consideration and Feedback Received

At SBREFA, the Bureau stated that it was considering proposing to include pricing of originated credit and credit that is approved but not accepted as a discretionary data point because it could further the fair lending purpose of section 1071 by enhancing the ability to effectively and efficiently enforce fair lending laws. In addition, the Bureau stated that pricing data could add value in promoting market transparency and new product development opportunities, thus furthering the business and community development purpose of section 1071. The Bureau also stated that a pricing data point could be reported on the basis of annual percentage rate (APR), total cost of credit (TCC), interest rate and total fees, or some other pricing metric. The SBREFA Panel recommended that, if pricing were to be part of this proposal, the Bureau seek comment on potential methods for avoiding misinterpretations of disparities in pricing data.

During the SBREFA process, SERs provided various comments on the inclusion of pricing data in the rule. Feedback relevant to a specific pricing data point is discussed in the section-by-section analysis of proposed § 1002.107(a)(12)(i) through (vi) below. Immediately below, the Bureau addresses feedback relevant to reporting pricing information in general.

Some SERs urged the Bureau to require submission of a pricing metric, stating, for example, that pricing data are essential to understanding the operation of the market and the nature of credit extended. Some SERs supported use of APR as a pricing metric, including several who stated that they currently calculate APR. One SER (a CDFI) stated that they disclose APR to applicants now, and that if they are able to easily collect and report this data point without additional cost and burden, other FIs should be able to do the same. Several SERs supported the use of APR to enable comparisons of pricing across various small business lending products, and suggested the Bureau look to State-mandated and Truth in Lending Act APR disclosures for guidance on methodologies. One SER supported the use of APR as the metric if lenders and not the Bureau did the calculation. Another SER suggested the Bureau collect detailed pricing information, including APR, but “hold harmless” the reporting financial institutions to ensure the accuracy of the data. Conversely, at least two SERs opposed using APR as a pricing metric; one cited the burden associated with making that calculation and the other said pricing information based on APR would be confusing to small business owners. Several SERs supported reporting pricing information as interest rate and fees. Two SERs preferred using TCC. One SER suggested that the Bureau consider allowing financial institutions to choose which pricing metric they prefer to report.

A large majority of industry stakeholders opposed inclusion of any discretionary data points, and they were particularly concerned about a pricing data point. Several stakeholders stated that a pricing data point would be complex and costly to implement across various product types. One stakeholder was concerned about contracts that bundle services with credit, stating that pricing data would not capture the true economics of the transaction. Several stakeholders were worried about reputational risk because pricing could be publicly reported without contextual information such as the nature of the collateral, credit scores, size of down payment, compensating deposit balances, bundled services, etc., that would explain the pricing variations. One commenter opposed including pricing data, but said that if the Bureau chose to do so it should also allow voluntary submission of some of this contextual information. One stakeholder stated that pricing of commercial loans is often complex and cannot be adequately analyzed with the limited factors proposed, which may lead to erroneous conclusions and have severe negative impacts on the financial industry from regulatory and reputational risk standpoints. A community bank stakeholder commented that community banks price risk on a case-by-case basis and asserted that if this ability to price risk appropriately is restricted by uninformed fair lending guidelines, the Bureau risks removing a large number of community banks from existence. The bank went on to opine that this could further reduce the ability of thousands of small businesses to access credit. Another bank stated that pricing data alone would provide an incomplete picture that could be easily distorted to suit the political agenda of the user. That bank was also concerned about disparate impact analysis or similar tools being used because this could be unfair to the bank or its borrowers considering the small data set that the reported data of this small bank represents. Another stakeholder summed up these industry concerns, stating that pricing is simply too varied across the spectrum of the industry to include in the 1071 process without sowing confusion among lenders, borrowers, and the general public, stifling lending activity, and introducing numerous unintended consequences.

Several SERs, along with industry stakeholders, were concerned about the Bureau potentially making public pricing data and felt that this choice could be costly and challenging to carry out. They further asserted that bad outcomes could result from unjustified fair lending concerns, such as distortions to the market through interference with risk-based pricing. Many SERs, along with other industry stakeholders, noted that pricing is complex, often unique to the applicant's situation, and may involve extra services bundled with the loan. Without adequate context, therefore, pricing data could lead to inaccurate interpretations of the collected data and unfair reputational damage. One SER stated that the market for small business credit is price competitive and accordingly pricing information is unnecessary for section 1071. Another SER said that pricing for some products may reflect more than just the cost of the loan and may be high relative to other credit products if the covered financial institution is a supportive lender working with less established or higher credit risk applicants over a period of time. Similarly, the SBREFA Panel Report recommended that the Bureau seek comment in the proposed rule on potential methods for avoiding misinterpretations of disparities in pricing.

Community groups, as well as some community development lenders, strongly favored inclusion of discretionary data points in general, and were particularly interested in having pricing data reported to help achieve 1071's purposes. One stakeholder stated that pricing information is a critical fair lending tool and would allow regulators, advocates, and industry to conduct fair lending reviews and monitor the market for emerging high-cost products. That commenter also stated that the eventual inclusion of pricing data in HMDA has been critical in identifying disparate pricing among protected classes. Another stakeholder suggested that a data collection regime designed to further fair lending enforcement cannot ignore information about whether high-cost lenders are targeting business owners of color or women-owned businesses, or if lenders are charging more to their female borrowers or customers of color. One community group stated that without pricing data lenders flooding neighborhoods of color with high-cost loans would be seen as adequately serving otherwise underserved markets. Another commenter stated that MCAs have extremely high effective APRs, and added that if section 1071 data collection indicates that access to capital is improving but is blind to whether that capital is provided at 30 percent APR or 300 percent APR, Congress's intent will not be accomplished.

Regarding 1071's business and community development purpose specifically, one stakeholder stated that merely by providing price transparency the Bureau could encourage the development of successful lending models because policymakers, community organizations, investors, banks seeking partnerships, and others would be able to see, for the first time, which business models are successful at reaching minority-owned, women-owned, and other underserved small businesses. That commenter went on to state that transparency would also attract investment capital and partnerships into models that work, and could lead to a market-based model and a pro-innovation approach to regulation.

One community development lender that supported inclusion of a pricing data point encouraged the Bureau to identify one consistent pricing metric that financial institutions must report on and added that because this could create reporting challenges, especially for smaller institutions, the Bureau should ensure there is clear guidance and consistency on the pricing data point. Of the pricing metrics asked about in the SBREFA Outline, a majority of the community groups and community development lenders who supported inclusion of a pricing data point preferred use of APR, though some suggested the Bureau also require reporting of rate and fees with the APR, as well as rate spread as reported under HMDA. One community development lender stated that APR is the only established metric that enables informed comparisons of the cost of capital over time and between products of different dollar amounts and term lengths. That lender went on to state that APR is the metric that people know and expect, because it is the legally required standard for mortgages, auto loans, credit cards, student loans and personal loans, including short-term loans. The lender further explained that small businesses seeking financing from CDFIs or mission-based lenders are informed about their true cost of capital through an APR disclosure, and if it can easily collect and report this data point without additional burdens and costs, other small business lenders should be able to. Some commenters who favored APR suggested that the Bureau start with the recent disclosure methods adopted in California and New York, and that the Bureau use those methods for pricing of MCAs and factoring specifically.

Industry stakeholders stated that APR would be complicated and costly to implement, and that if it is used the Bureau should provide clear guidance, with one stakeholder suggesting the Bureau follow the Regulation Z method, which sets out instructions for calculating APR. Another stakeholder stated that for some products, such as inventory financing, APR would be meaningless. Some industry stakeholders suggested the Bureau use other metrics—one requested TCC, another requested rate and fees, and a third asked that the Bureau allow reporting of a single fixed fee as an option.

Finally, some SERs and industry stakeholders also expressed privacy-related concerns regarding public disclosure of pricing information. The Bureau addresses these comments in part VI below regarding privacy considerations involving publication of the 1071 data.

Proposed Rule

The Bureau is proposing, in § 1002.107(a)(12), to require financial institutions to report certain pricing information for covered credit transactions. Specifically, proposed § 1002.107(a)(12)(i)(A) would require financial institutions to report the interest rate that is or would be applicable to the covered credit transaction; proposed § 1002.107(a)(12)(ii) would require financial institutions to report the total origination charges for a covered credit transaction; proposed § 1002.107(a)(12)(iii) would require financial institutions to report the broker fees for a covered credit transaction; proposed § 1002.107(a)(12)(iv) would require financial institutions to report the total amount of all non-interest charges that are scheduled to be imposed over the first annual period of the covered credit transaction; proposed § 1002.107(a)(12)(v) would require financial institutions to report, for an MCA or other sales-based financing transactions, the difference between the amount advanced and the amount to be repaid; and proposed § 1002.107(a)(12)(vi) would require financial institutions to report information about any prepayment penalties applicable to the covered credit transaction.

Proposed comment 107(a)(12)-1 would clarify that, for applications that the financial institution reports as denied, withdrawn by the applicant, or incomplete, the financial institution reports pricing information as “not applicable.” Proposed § 1002.107(a)(12) would apply only to credit transactions that either have been originated or have been approved by the financial institution but not accepted by the applicant. The Bureau believes that pricing information is generally available for these transactions because the financial institution would generally have to determine the price to approve (or originate) the transaction. But other applications—like those that are denied, withdrawn by the applicant, or incomplete—would likely have terminated too early in the application process for pricing information to be generally available.

The Bureau is proposing to require financial institutions to report pricing data generally as interest rate and fees rather than APR, TCC, or another single pricing metric that attempts to combine multiple aspects of the cost of credit. The Bureau believes that interest rate and fees provide greater utility to data users than the formula-based pricing metrics described above, which will aid in fulfilling the purposes of section 1071. Separately enumerating the interest rate and certain general categories of fees will allow 1071 data users to more precisely analyze the components of a credit transaction's price. For example, 1071 data users could identify potentially discriminatory price disparities within upfront fees charged to borrowers at origination that may not be visible in a single pricing metric. Similarly, information about which components of a transaction's price may be relatively more expensive would allow users to better identify business and community development initiatives because they would be able to target their initiative at the particular component, such as the interest rate, that appears to be most responsible for the relatively high price of the transaction.

The diversity of products in the commercial lending space may also undermine the utility of APR or other single pricing metrics. Many MCAs, for example, lack either a defined term or a periodic payment amount. Thus, financial institutions would have to estimate these terms to calculate an APR.

The Bureau also believes that the interest rate and fees may be less burdensome for financial institutions to report than other single pricing metrics. These alternative pricing metrics involve complex calculations that may be difficult for financial institutions to perform accurately. And, as noted above, certain types of commercial financing would require financial institutions to assume or estimate parts of the pricing formula, further increasing complexity. The interest rate and fees, in contrast, are typically listed in the credit contract for a particular transaction.

The Bureau acknowledges that some financial institutions currently calculate APR for commercial financing transactions, or will do so in the future, either as a best practice or to comply with State disclosure laws. In developing the pricing data points in proposed § 1002.107(a)(12), the Bureau has reviewed definitions and concepts found in Regulation Z, such as the definition of “finance charge” in § 1026.4. Regulation Z also forms the basis for many parts of State commercial financing disclosure laws. The Bureau does not intend to achieve a wholesale incorporation of § 1026.4 into proposed § 1002.107(a)(12), with interpretations of one regulation necessarily controlling the meaning of the other regulation. In fact, as discussed below, in many places perfect alignment between proposed § 1002.107(a)(12) and Regulation Z would not be feasible or desirable. But proposed § 1002.107(a)(12) adopts many concepts from Regulation Z. The Bureau believes that this similarity may limit burden for financial institutions that are calculating APR for other purposes.

Regarding State commercial financing disclosures, the Bureau understands that the disclosures under development in New York and California rely upon Regulation Z definitions, such as the finance charge. These States have not fully implemented their disclosures at the time of this notice and may change their standards in the future. In addition, other States might adopt new commercial financing disclosures with different definitions and methodologies. The Bureau will continue to monitor regulatory developments in the small business lending market, and seeks comment on ways to reduce burden on financial institutions with respect to overlaps or conflicts between State law disclosure requirements and the Bureau's proposal.

As a general matter, the Bureau believes that 1071 data can provide value to users without reflecting every factor that influences pricing. For comparison, HMDA data have a long history of utility for fair lending purposes even though they alone generally do not offer proof of compliance with fair lending laws. This proposed rule includes several important factors that influence pricing, such as the credit product, the type of guarantee, and the credit purpose. These data points will help users avoid improper comparisons when examining the 1071 data. The Bureau seeks comment on its proposed approach to this data point, as well as regarding additional information that could help reduce misinterpretations of disparities in pricing, including modifications to the pricing information in proposed § 1002.107(a)(12). For example, the Bureau seeks comment on whether more information about the nature of the collateral securing the loan is necessary to understanding pricing data, such as total origination charges, applicable to a particular transaction.

Proposed Rule—107(a)(12)(i) Interest Rate

Proposed § 1002.107(a)(12)(i)(A) would require financial institutions to report the interest rate that is or would be applicable to the covered credit transaction. If the interest rate is adjustable, proposed § 1002.107(a)(12)(i)(B) would require the submission of the margin, index value, and index name that is or would be applicable to the covered credit transaction at origination.

Proposed comment 107(a)(12)(i)-1 would clarify that if a covered credit transaction includes an initial period with an introductory interest rate, after which the interest rate adjusts, a financial institution complies by reporting information about the interest rate applicable after the introductory period. Proposed comment 107(a)(12)(i)-2 would explain that a financial institution reports the interest rate applicable to the amount of credit approved or originated reported in proposed § 1002.107(a)(8) if a covered credit transaction includes multiple interest rates applicable to different credit features. Lastly, proposed comment 107(a)(12)(i)-3 lists a number of indices to report and directs that if the index used does not appear on the list of indices provided, the financial institution reports “other” and provides the name of the index via free-form text. The Bureau believes that allowing financial institutions to choose “other” when an index that does not appear on the provided list is used would facilitate compliance. In addition, collecting this information on “other” indices would assist the Bureau in monitoring trends in this area and key developments in the small business lending market, which the Bureau could use to inform any future iterations of the list.

The Bureau is proposing to collect the interest rate on the covered credit transaction because this information furthers both the fair lending purpose and the business and community development purpose of section 1071 by allowing regulators, advocates, and industry to conduct fair lending reviews and monitor the market for emerging high-cost products. In addition, the availability of this pricing metric would provide pricing transparency and could encourage the development of successful lending models because policymakers, community organizations, investors, banks seeking partnerships, and others would be able to see which business models are successful at reaching minority-owned, women-owned, and other underserved small businesses.

As discussed above, research has found that minority-owned businesses tend to obtain, or be offered, higher interest rates on business credit. The collection of interest rate (along with fees) will allow the Bureau, other government agencies, and other data users to have insight into the existing market, monitor the market for potentially troubling trends, and conduct fair lending analyses that adequately take into account this important metric.

As discussed above, during the SBREFA process, several SERs supported the use of APR as a pricing metric. The Bureau notes that certain-State level commercial lending disclosures, notably California and New York, require the disclosure of APR. Because the interest rate must be known to calculate APR, the Bureau believes that proposed § 1002.107(a)(12)(i) may impose little burden on financial institutions that already include the interest rate on such disclosures required by State law, as well as on the contract between the financial institution and the applicant.

Proposed § 1002.107(a)(12)(i)(B) would provide that, for adjustable interest rates based upon an index, a financial institution must report the margin, index value, and index name that is or would be applicable to the covered credit transaction at origination. Just as the disclosure of the interest rate for fixed rate transactions will allow data users to ascertain the interest rate applicable to the covered credit transaction throughout its cycle, the Bureau believes that these three elements will allow data users to do the same for adjustable rate transactions based upon an index and improve the utility of such data. Proposed comment 107(a)(12)(i)-4 would clarify that a financial institution complies with proposed § 1002.107(a)(12)(i)(B) by reporting the index value at the time the application is approved by the financial institution. The Bureau seeks comment on whether the index value should be reported based on a different time period or if at the time of approval is the most appropriate measure.

The Bureau seeks comment on proposed § 1002.107(a)(12)(i) and its commentary, including whether a different measure of pricing would provide more accurate data, whether additional information about pricing (for example, amortization type or adjustment frequency) would provide beneficial data to help ascertain fair lending risk and further the business and community development purpose of section 1071, and whether there are additional indices that should be included in the list from which financial institutions choose to report the applicable index on adjustable rate transactions.

The Bureau also seeks comment on whether there may be covered credit transactions where the interest rate may change after origination based on factors such as if the borrower maintains an account at the financial institution or if some other condition is met, and if so, whether additional commentary would be helpful to provide more guidance on which rate to report in that circumstance.

Proposed Rule—107(a)(12)(ii) Total Origination Charges

Proposed § 1002.107(a)(12)(ii) would require financial institutions to report the total origination charges for a covered credit transaction. Total origination charges are the total amount of all charges payable directly or indirectly by the applicant and imposed directly or indirectly by the financial institution at or before origination as an incident to or a condition of the extension of credit, expressed in dollars.

Proposed comment 107(a)(12)(ii)-1 would clarify that charges imposed uniformly in cash and credit transactions are not reportable. Proposed comment 107(a)(12)(ii)-2 would provide guidance on reporting charges imposed by third parties. Proposed comment 107(a)(12)(ii)-3 would clarify that broker fees are included in the total origination charges. Proposed comment 107(a)(12)(ii)-4 would provide guidance on reporting charges for other products or services paid at or before origination. And proposed comment 107(a)(12)(ii)-5 would list examples of reportable charges.

The Bureau understands that financial institutions charge a variety of fees when originating credit for small business applicants. For example, financial institutions may charge fees for processing an application, for underwriting, for filing a UCC-1 statement, for obtaining an appraisal, for obtaining a guarantee through a Federal agency program, and for other activities related to origination. Depending on the financial institution and the credit product, similar fees may take different names. One financial institution may describe a charge as an origination fee, while another describes a similar charge as an underwriting or documentation fee. Proposed § 1002.107(a)(12)(ii) would provide information about the total amount of all upfront fees charged for originating and extending credit, regardless of how such fees are denominated.

Information about the total origination charges would benefit 1071 data users by giving them relatively granular pricing data. Much of the research on access to credit in the small business lending environment has lacked information about upfront fees, or has used less granular pricing metrics. Proposed § 1002.107(a)(12)(ii) would enable users to examine the contribution upfront costs make to the price of credit in the small business lending market. For example, users could analyze pricing disparities specifically in upfront costs charged to borrowers or borrowers in certain communities. Users could also look at total origination charges to better understand the relationship between the elements of credit pricing such as by examining the trade-offs between the interest rate and the upfront charges. Empowering users to engage in this level of analysis would aid in fulfilling the fair lending and business and community development purposes of the statute.

In developing the total origination charges data point, the Bureau considered definitions and concepts in existing regulations. In particular, Regulation Z § 1026.4 contains a measure of the cost of credit: The finance charge. Regulation Z § 1026.4 defines the finance charge as “any charge payable directly or indirectly by the consumer and imposed directly or indirectly by the creditor as an incident to or a condition of the extension of credit.” The finance charge appears in numerous regulatory provisions governing consumer financial services, such as disclosures to borrowers in certain mortgage transactions, and calculation of the APR.

Proposed § 1002.107(a)(12)(ii)'s description of total origination charges is similar to Regulation Z's definition of the finance charge. As with the finance charge, proposed § 1002.107(a)(12)(ii) would exclude charges imposed uniformly in cash and credit transactions. Proposed § 1002.107(a)(12)(ii) would use a similar test for including fees and amounts charged by someone other than the financial institution. And proposed § 1002.107(a)(12)(ii) adopts the same approach toward including broker fees in the total origination charges that Regulation Z takes toward including mortgage broker fees in the finance charge. With respect to charges for other products or services that the applicant pays at or before origination, proposed comment 107(a)(12)(ii)-4 would explain that such charges are included in the total origination charges only if the financial institution requires the purchase of such other product or service. Regulation Z does not adopt a uniform approach to services bundled with the credit transaction. But charges or premiums for credit insurance or debt cancellation coverage are included in the finance charge if the creditor requires the purchase of such additional services.

Proposed § 1002.107(a)(12)(ii), however, differs in important ways from Regulation Z's definition of the finance charge. First, proposed § 1002.107(a)(12)(ii) is narrower than the finance charge. The finance charge includes certain credit costs that are imposed after a financial institution originates a transaction, such as interest and time-price differential. Proposed § 1002.107(a)(12)(ii), on the other hand, is limited to charges at or before origination, because other proposed pricing data points, such as the interest rate and initial annual charges, capture information about the cost of credit over the life of the transaction. Second, within its scope, proposed § 1002.107(a)(12)(ii) is more comprehensive than the finance charge. The finance charge excludes many upfront costs of obtaining credit. For example, the finance charge excludes application fees charged to all applicants for credit, and numerous fees in transactions secured by real property. Proposed § 1002.107(a)(12)(ii) contains no similar exclusions. The Bureau believes that many of the upfront fees omitted from the finance charge, such as application fees, are typical of small business credit transactions, and therefore including such charges helps data users to understand pricing in the small business lending market. Additionally, a measure of origination charges with numerous exclusions may encourage financial institutions to shift costs to the excluded fees, where they would be hidden from users of the 1071 data. Finally, proposed § 1002.107(a)(12)(ii) is simpler than the Regulation Z definition of finance charge, which the Bureau believes may improve the likelihood that the information is accurately reported.

As discussed above, during the SBREFA process, some SERs supported use of APR as a pricing metric, including several who stated that they currently calculate APR. Several SERs supported the use of APR to enable comparisons of pricing across various small business lending products, and suggested the Bureau look to State-mandated and Truth in Lending Act APR disclosures for guidance on methodologies. Of the pricing metrics asked about in the SBREFA Outline, a majority of the community groups and community development lenders who supported inclusion of a pricing data point preferred use of APR, though some suggested the Bureau also require submission of rate and fees with the APR, as well as rate spread as reported under HMDA. Some commenters who favored APR suggested that the Bureau start with the recent disclosure methods adopted in California and New York, and that the Bureau use those methods for pricing of MCAs and factoring specifically. As discussed above, the Bureau is proposing to require financial institutions generally to report interest rate and fees, rather than APR. But in developing proposed § 1002.107(a)(12)(ii)'s definition of total origination charges, the Bureau has adapted certain language and concepts from Regulation Z's definition of the finance charge. Because the finance charge must be known to calculate APR, including the APR that would be disclosed under California and New York law, the Bureau believes that proposed § 1002.107(a)(12)(ii) may impose less burden on financial institutions and improve the likelihood that the information is accurately reported as compared to a measure of total origination charges that had no similarity to the finance charge.

For the reasons given above, proposed § 1002.107(a)(12)(ii) would require financial institutions to report the total amount of all charges payable directly or indirectly by the applicant and imposed directly or indirectly by the financial institution at or before origination as an incident to or a condition of the extension of credit, expressed in dollars. Proposed § 1002.107(a)(12)(ii) would apply to credit transactions that either have been originated or have been approved by the financial institution but not accepted by the applicant. The Bureau seeks comment on proposed § 1002.107(a)(12)(ii) and its commentary. For example, the Bureau seeks comment on whether concepts and guidance adapted from Regulation Z, such as proposed comment 107(a)(12)(ii)-1 on comparable cash transactions, are applicable in the small business lending context such that they should be incorporated as drafted. The Bureau also seeks comment on whether to enumerate certain types of charges separately in the 1071 data, and whether to include or exclude certain types of charges in the total origination charges.

Proposed Rule—107(a)(12)(iii) Broker Fees

Proposed § 1002.107(a)(12)(iii) would require financial institutions to report the broker fees for a covered credit transaction. Broker fees are the total amount of all charges included in the total reportable origination charges that are fees paid by the applicant directly to a broker or to the financial institution for delivery to a broker, expressed in dollars.

Proposed comment 107(a)(12)(iii)-1 would provide an example of reporting different types of broker fees. Proposed comment 107(a)(12)(iii)-2 would clarify that financial institutions would use a “best information readily available” standard regarding fees paid directly to a broker by an applicant.

The Bureau believes that small business loan brokers are an important part of the small business lending market, and may feature more prominently in certain financing arrangements, such as MCAs. The existence of brokers creates opportunities for potential practices that inflate the cost of small business credit. For example, compensation that is tied to the terms of a loan may encourage brokers to steer applicants to financial institutions offering less favorable terms. Because of the potential risks involved in multi-party business arrangements, the FFIEC's Interagency Fair Lending Examination Procedures emphasize the importance of understanding the role that brokers play in a financial institution's lending process. These risks may be heightened in the small business lending market because applicants lack the substantive protections afforded to consumer credit applicants, such as the prohibition on basing loan originator compensation on the terms of a transaction.

Accordingly, proposed § 1002.107(a)(12)(iii) would provide information about the broker fees associated with a transaction. Although broker fees are included in proposed § 1002.107(a)(12)(iii)'s definition of total origination charges, separately enumerating the total broker fees would allow users to better understand the role that brokers play in the price of small business credit. For example, users could analyze whether broker fees specifically appear to be creating fair lending risk or higher prices for certain communities. Empowering users to engage in this level of analysis would aid in fulfilling the fair lending and business and community development purposes of the statute.

The Bureau believes, however, that financial institutions may have difficulty reporting broker fees that an applicant pays directly to a broker. Proposed comment 107(a)(12)(iii)-2 would clarify that a financial institution would rely on the best information readily available to the financial institution at the time final action is taken. Information readily available could include, for example, information provided by an applicant or broker that the financial institution reasonably believes regarding the amount of fees paid by the applicant directly to the broker. The “best information readily available” standard is used in reporting certain HMDA data under Regulation C, and the Bureau believes it may also be appropriate for reporting fees paid directly to a broker by an applicant.

For the reasons given above, proposed § 1002.107(a)(12)(iii) would require financial institutions to report the total amount of all charges included in proposed § 1002.107(a)(12)(ii) that are fees paid by the applicant directly to a broker or to the financial institution for delivery to a broker, expressed in dollars. Proposed § 1002.107(a)(12)(iii) would apply to credit transactions that either have been originated or have been approved by the financial institution but not accepted by the applicant. The Bureau seeks comment on proposed § 1002.107(a)(12)(iii) and its commentary, including on the knowledge that financial institutions might have about direct broker fees and the challenges of reporting such information.

Proposed Rule—107(a)(12)(iv) Initial Annual Charges

Proposed § 1002.107(a)(12)(iv) would require financial institutions to report the total amount of all non-interest charges that are scheduled to be imposed over the first annual period of the covered credit transaction, expressed in dollars.

Proposed comment 107(a)(12)(iv)-1 would provide an example of how to calculate the amount to report. Proposed comment 107(a)(12)(iv)-2 would highlight that a financial institution should exclude interest expenses from the initial annual charges reported. Proposed comment 107(a)(12)(iv)-3 would note that a financial institution should not include any charges for events that are avoidable by the applicant, including for example, charges for late payment, for exceeding a credit limit, for delinquency or default, or for paying items that overdraw an account. Proposed comment 107(a)(12)(iv)-4 would provide examples of initial annual charges that may be scheduled to be imposed during the initial annual period, including monthly fees, annual fees, and other similar charges. Finally, proposed comment 107(a)(12)(iv)-5 would clarify that a financial institution complies with the provision by reporting as the default the highest amount for a charge scheduled to be imposed, and provides an example of how to calculate the amount reported when the scheduled fee to be imposed may be reduced based upon a specified occurrence.

The Bureau understands that there are a variety of ways that small business loans may be structured. This could include whether there is an interest rate imposed on the transaction, whether there are finance charges, and whether there are a myriad of other fees that may be scheduled to be paid or are contingent upon some occurrence. In addition, the Bureau understands from its market monitoring activity that covered credit transactions may include scheduled fees that encompass a substantial part of the cost of the covered credit product, and without knowledge of those fees, the cost of the credit would be misleading. The Bureau believes that proposed § 1002.107(a)(12)(iv) would enable data users to have a more accurate understanding of the cost of the covered credit transaction than if the data lacked information about scheduled fees.

As noted above, the Bureau believes that there may be small business loans that do not include an interest rate, but do include a monthly finance charge that is imposed on the covered credit transaction. If the financial institution were only required to report the interest rate on these types of transactions, the true cost of credit would be wholly inaccurate because the monthly finance charge would not be reported. In addition, small business loans, like consumer loans, may include a number of other fees, such as annual fees and other similar charges. The information collected and reported under proposed § 1002.107(a)(12)(iv) would allow data users to have a more complete picture of the cost of the covered credit transaction and promote market transparency, thus furthering the business and community development purpose of section 1071. In addition, this pricing data could further the fair lending purpose of section 1071 as it could enhance the ability to effectively and efficiently enforce fair lending laws.

Proposed § 1002.107(a)(12)(iv) would provide that a financial institution only report charges scheduled to be imposed over the first annual period of the covered credit transaction. The Bureau believes that by only requiring scheduled charges to be reported (rather than the submission of all potential charges, some of which could be speculative), the data reported will be more accurate than if a financial institution had to make an educated guess as to what charges will be imposed over the first annual period. Proposed § 1002.107(a)(12)(iv) would not require a financial institution to itemize the charges reported thereunder. The Bureau believes that requiring charges to be itemized could add a considerable amount of complexity for financial institutions in collecting and reporting the initial annual charges, given the range of fees that could be charged and the variations in how they might be imposed. The Bureau seeks comment on the likelihood that FIs would schedule charges in the second year of a covered credit transaction and beyond specifically in an effort to avoid reporting the charges for purposes of 1071.

A financial institution complies with proposed § 1002.107(a)(12)(iv) by not including charges for events that are avoidable by the applicant; this restriction is explained more fully in proposed comment 107(a)(12)(iv)-3, which would provide examples of types of avoidable charges. As noted above, the Bureau believes that the accuracy of the data reported is enhanced by only including charges that are scheduled to be imposed and not including potential charges that are contingent upon an action (or inaction) by the borrower. The Bureau also believes that only requiring financial institutions to report such charges for the first year, and not the life of the loan, will minimize any burden associated with reporting the data. This information should be included in the contract and, at most, would require a simple calculation to arrive at the total charges for the initial annual period. An example of how to calculate the initial annual charges for the first annual period is found in proposed comment 107(a)(12)(iv)-1. The Bureau also seeks comment on how it should treat situations where the applicant has informed the financial institution that it expects to regularly incur “avoidable charges,” for example where an applicant intends to pay late each month, such that a late fee, which would otherwise be an avoidable charge and not reportable under this provision, is in effect no longer contingent. Specifically, the Bureau seeks comment on whether such charges should be reported as a scheduled charge.

Proposed comment 107(a)(12)(iv)-5 would provide additional explanation about what amount to report when the financial institution provides a discount on the charge if certain conditions are met. The Bureau understands that some financial institutions may provide a discount on specific charges when certain conditions are met. For example, a financial institution may provide a discount on a monthly charge if the borrower maintains a checking account at the financial institution. In such a circumstance, proposed § 1002.107(a)(12)(iv) would require the financial institution to report the non-discounted amount to maintain consistency across the data that is reported by all financial institutions.

The collection of initial annual charges was not discussed during the SBREFA process. However, during that process several SERs remarked that pricing is complex and often unique to the applicant's situation, and may involve extra services bundled with the loan, and without adequate context pricing data could lead to inaccurate interpretations and reputational damage to financial institutions. The Bureau believes that the submission of initial annual charge data will help to decrease the likelihood of inaccurate interpretations and provide additional context by giving a more complete picture of the pricing of each covered credit transaction.

For the reasons given above, proposed § 1002.107(a)(12)(iv) would require submission of the total amount of all non-interest charges that are scheduled to be imposed over the first annual period of the covered credit transaction, expressed in dollars. The Bureau seeks comment on proposed § 1002.17(a)(12)(iv) and its commentary, including whether to include or exclude certain types of charges as reportable under initial annual charges.

Proposed Rule—107(a)(12)(v) Additional Cost for Merchant Cash Advances or Other Sales-Based Financing

Proposed § 1002.107(a)(12)(v) would require financial institutions to report additional cost data for MCAs or other sales-based financing transactions. Specifically, this cost is the difference between the amount advanced and the amount to be repaid, expressed in dollars. Proposed comment 107(a)(12)(v)-1 would provide an example of the difference between the amount advanced and the amount to be repaid for an MCA.

As discussed above, the Bureau is proposing several data points to provide information on pricing in the small business lending market. These pricing data points would provide information about the interest rate and fees applicable to a covered credit transaction. Some types of commercial financing, however, contain pricing terms that are difficult to reflect in data points about a transaction's interest rate and fees. For example, under a typical MCA, a merchant receives a cash advance and promises to repay it (plus some additional amount) to the MCA provider. MCA providers generally do not provide an interest rate, and while they may charge fees at origination or during the first year, the majority of an MCA's cost comes from the additional amount repaid by the merchant on top of the cash advance. This additional amount may be expressed as a multiple of the amount advanced in the form of a factor rate or percentage, or it may be derived by comparing the total payback amount to the amount actually advanced. This additional amount is typically not characterized as interest, so it would not be reported under proposed § 1002.107(a)(12)(i). Nor is this additional amount characterized as a fee charged at origination or scheduled to be imposed during the first year after the transaction, so it would not be reported under proposed § 1002.107(a)(12)(ii) or (iv). Without an additional pricing data point to capture this additional amount due, users attempting to analyze MCA pricing for fair lending or business and community development purposes would miss most of the cost of credit associated with these transactions. Therefore, the inclusion of this data point would aid in fulfilling the fair lending and business and community development purposes of the statute.

At the same time, the Bureau believes that information about the additional amount repaid by the merchant would impose relatively low burden on financial institutions. A typical MCA contract lists the amount of future revenue purchased and the purchase price. A financial institution could determine the additional amount repaid by computing the difference between these two numbers.

For the reasons discussed above, proposed § 1002.107(a)(12)(v) would require financial institutions to report, for an MCA or other sales-based financing transaction, the difference between the amount advanced and the amount to be repaid, expressed in dollars. Proposed § 1002.107(a)(12)(v) would apply to credit transactions that either have been originated or have been approved by the financial institution but not accepted by the applicant. The Bureau seeks comment on proposed § 1002.107(a)(12)(v) and proposed comment 107(a)(12)(v)-1, including whether to require additional pricing information for MCAs, and whether MCAs could be structured in ways that evade the proposed reporting requirement, such as by omitting or making variable the amount to be repaid.

Proposed Rule—107(a)(12)(vi) Prepayment Penalties

Proposed § 1002.107(a)(12)(vi)(A) would require financial institutions to report whether the financial institution could have included a prepayment penalty under the policies and procedures applicable to the covered credit transaction. Proposed § 1002.107(a)(12)(vi)(B) would require financial institutions to report whether the terms of the covered credit transaction include a charge imposed for paying all or part of the transaction's principal before the date on which the principal is due. Proposed comment 107(a)(12)(vi)-1 would provide additional information on how to determine whether the applicable policies and procedures allow a financial institution to include prepayment penalties in the loan agreement.

The Bureau understands, through its market monitoring function, that small business loan contracts may include prepayment penalties and the penalties can be sizable and structured as a percent of the remaining outstanding balance. The Bureau also understands that there may be concern among stakeholders, including community groups, that certain small business applicants may be steered toward loans containing prepayment penalty terms. The collection of data regarding which contracts contain a prepayment penalty and whether a prepayment penalty could have been imposed on specific contract types allows the data to be analyzed for fair lending purposes to see if certain groups may be steered into contracts containing prepayment penalties. Assuming that prepayment penalty data would be part of the publicly available data, from a market competition standpoint, financial institutions may want to know how frequently their competitors are utilizing prepayment penalties. Thus, these data could help further the business and community development purpose of section 1071 by promoting market transparency and new product development opportunities.

Proposed § 1002.107(a)(12)(vi)(A) would require financial institutions to report whether the financial institution could have included a prepayment penalty under the policies and procedures applicable to the covered credit transaction, while proposed § 1002.107(a)(12)(vi)(B) would require financial institutions to report whether the terms of the covered credit transaction actually include a prepayment penalty term. The provisions would allow data users to determine what percentage of covered credit transactions could contain a prepayment penalty term, what percentage of such transactions actually contain the term, and, together with other data points, the demographic profile of borrowers whose contracts do and do not include the term. The Bureau believes the two provisions work together to allow data users to better determine whether certain borrowers are being steered towards covered credit transactions containing prepayment penalty terms.

Proposed comment 107(a)(12)(vi)-1 would elaborate on the requirement to report whether financial institutions could have included a prepayment penalty in the covered credit transaction to clarify that the applicable policies and procedures are those that the financial institutions follows when evaluating applications for the specific credit type and credit purpose requested. The Bureau believes this provision will ensure that similar credit products are being analyzed together and minimize the possibility that potential fair lending risk is incorrectly identified.

For the reasons given above, proposed § 1002.107(a)(12)(vi)(A) would require financial institutions to report whether the financial institution could have included a prepayment penalty under the policies and procedures applicable to the covered credit transaction. Proposed § 1002.107(a)(12)(vi)(B) would require financial institutions to report whether the terms of the covered credit transaction include a charge imposed for paying all or part of the transaction's principal before the date on which the principal is due.

The Bureau seeks comment on proposed § 1002.107(a)(12)(vi) and its commentary, including whether to enumerate other types of contingent charges separately in the 1071 data to more accurately reflect the cost of covered credit transactions. The Bureau also seeks comment on whether there are alternative data that would provide similar insight into whether certain borrowers are being steered into covered credit transactions containing prepayment penalty terms or other similar contingent terms.

107(a)(13) Census Tract

Background

Section 1071 requires financial institutions to collect and report “the census tract in which is located the principal place of business of the . . . applicant.” This provision is similar to Regulation C, which requires reporting of the census tract in certain circumstances if the property securing the loan (or proposed to secure the loan, if the transaction was not originated) is in a county with a population of more than 30,000. Under Regulation C, the financial institution generally finds the census tract by geocoding using the address of the property. Geocoding is the process of using a particular property address to locate its geographical coordinates and the corresponding census tract.

CRA reporting of business loans by depository institutions also requires reporting of census tract. The Bureau understands that CRA allows reporting of a census tract based on the address or location where the proceeds of the credit will be principally applied.

SBREFA Proposals Under Consideration and Feedback Received

In the SBREFA Outline, the Bureau explained that it was considering proposing that financial institutions report a census tract based on an address collected in the application, or during review or origination of the loan. The financial institution would use the address where the loan proceeds will principally be applied, if that address is known to the financial institution, which the Bureau believes would be more useful to carry out the community development and fair lending purposes of section 1071. For example, if a financial institution makes a loan to a small business to buy or improve commercial real estate, the location of the real estate is more relevant to section 1071's statutory purposes than the location of the main office. If the financial institution does not possess that information, the financial institution would use the location of the small business borrower's main office or headquarters. If that, too, is unknown, the financial institution could use another business address associated with the application. The financial institution would also report which of these address types it is using, unless that information is unknown: (1) The address where the loan proceeds will principally be applied; or (2) the location of the small business borrower's main office or headquarters; or (3) some other business address, including those for which the financial institution is unsure about the nature of the address.

In response to the SBREFA Outline, SERs explained that they generally capture the main office address of small business applicants, which for sole proprietors is frequently a home address; the address where the loan proceeds will be used is typically captured for commercial real estate transactions. Some of the SERs stated that they do not know the proceeds address, and one suggested that for simplicity the Bureau should use the business address only.

A number of SERs explained that they have experience geocoding addresses to obtain census tract information—such as for CDFI Fund reporting, voluntary CRA reporting, or for reporting mortgage loans under HMDA—though some did not. Some SERs suggested that a requirement to report a geocoded census tract for financial institutions that do not do so now would impose costs on the financial institution and possibly the borrower. One SER stated that few nondepository institutions collect or are even familiar with census tract data. One SER recommended following the format used for CRA reporting of census tract information, rather than the slightly different format used under HMDA. Another SER suggested that the Bureau provide simple instructions for reporting census tract and employ less burdensome geocoding requirements than exist for HMDA. Several SERs explained that they use a free service available through the FFIEC to convert addresses they receive from applicants to census tract data. A few SERs suggested that the Bureau should provide or support a Federal government-sponsored system for the secure batch processing of address data to convert to census tract information that could be used to satisfy geocoding requirements across multiple reporting regimes including 1071.

The SBREFA Panel recommended that the Bureau seek comment on the feasibility and ease of using existing Federal services to geocode addresses in order to determine census tract for 1071 reporting purposes (such as what is offered by the FFIEC for use in reporting HMDA data).

Stakeholders commenting on the SBREFA Outline explained that financial institutions do not currently collect census tract information unless they need to report it as a CDFI, or for CRA or HMDA. Some commenters stated that they use the free FFIEC tool for geocoding, though one commenter pointed out that this service does not allow batch processing. One commenter requested that financial institutions be given a safe harbor if the tool used provides an incorrect coding. The comments, like the SER feedback, did not suggest a problem with the waterfall approach in the SBREFA Outline. There were concerns about proceeds locations not having addresses, and proceeds addresses being unknown to the financial institution, but the waterfall would allow them to simply use another address. One commenter stated that not requiring a specific type of address would help avoid burdening financial institutions. Another commenter stated that it had no reason to ask applicants about the proceeds address, and one requested that the Bureau make clear that a financial institution has no obligation to ask about the proceeds or headquarters address if it does not do so now. Several commenters stated that allowing use of the proceeds address was helpful, and would further section 1071's purposes and reduce burden by allowing use of the same data as reported under CRA. Two commenters stated that the Bureau should align this data point with the CRA, and one of these, a community development organization, stated that the CRA method for reporting census tract was easier than the HMDA method. This commenter provided statistical evidence suggesting that the CRA method also yielded more complete data than the HMDA method.

Proposed Rule

The Bureau is proposing § 1002.107(a)(13) to require financial institutions to collect and report the census tract data point using a “waterfall” approach, which closely aligns with the Bureau's proposal under consideration in the SBREFA Outline. The proposed rule would require a financial institution to collect and report the census tract in which is located: (i) The address or location where the proceeds of the credit applied for or originated will be or would have been principally applied; or (ii) If the information in (i) is unknown, the address or location of the main office or headquarters of the applicant; or (iii) If the information in both (i) and (ii) is unknown, another address or location associated with the applicant. In addition, the proposed rule would require that the financial institution also indicate which one of the three types of addresses or locations listed in (i), (ii), or (iii) the census tract is based on. Although the proposed rule does not specifically require it, the Bureau assumes that financial institutions or their vendors would generally use a geocoding tool to convert the appropriate address to a census tract number.

The Bureau believes that its proposed reporting method for the census tract data point leverages existing industry information collection practices and would result in useful information to further section 1071's purposes while avoiding imposing much additional burden on financial institutions. The waterfall method in the proposed regulation would achieve these goals by allowing a financial institution to report an address it already has, with no further investigation; allowing a financial institution to avoid further investigation when it is unsure about the nature of the address reported; and allowing CRA reporters to report the same address for 1071 as they do for CRA; while also increasing the likelihood of the proceeds address being reported. The Bureau considers the census tract of the proceeds address to be particularly useful for both the fair lending and business and community development purposes of 1071.

First, the proposed approach would require a financial institution to report the census tract of the proceeds address if it is available, but would not require a financial institution to ask about it specifically. Financial institutions would be able to apply the waterfall approach to the addresses they are currently collecting; they would not be required to specifically ask for the proceeds or headquarters addresses. In addition, the proposed method would allow a financial institution to report that it is unsure about the nature of the address if it has no information as to the nature or function of the business address it possesses. This provision should address potential concerns about reporters spending time on complex, fact-specific questions and unintentionally misreporting this data point when financial institution staff have to determine what kind of address they are reporting based on insufficient information. The Bureau believes that this option would be particularly helpful if the application were denied or withdrawn early in the application process before the nature of any address provided by the applicant is clear.

Proposed comment 107(a)(13)-1 would provide general instructions on using the waterfall reporting method, with examples for guidance. The Bureau believes that this comment would facilitate compliance and seeks comment on whether any additional instructions or examples would be useful.

Proposed comment 107(a)(13)-2 would explain that a financial institution complies with proposed § 1002.107(a)(13) by identifying the appropriate address or location and the type of that address or location in good faith, using appropriate information from the applicant's credit file or otherwise known by the financial institution. The comment would also make clear that a financial institution is not required to investigate beyond its standard procedures as to the nature of the addresses or locations it collects. The Bureau believes that this guidance strikes the right balance by allowing flexibility in reporting, and also requiring appropriate good faith compliance in exercising that flexibility, thereby yielding quality data.

Proposed comment 107(a)(13)-3 would explain that pursuant to proposed § 1002.107(c)(1), a financial institution shall maintain procedures reasonably designed to collect applicant-provided information, which includes at least one address or location for an applicant for census tract reporting. However, the comment would further explain that if a financial institution is nonetheless unable to collect or otherwise determine any address or location for an application, the financial institution reports that the census tract information is “not provided by applicant and otherwise undetermined.” Based on the Bureau's understanding of how financial institutions currently define an application under their internal procedures, the Bureau believes it is highly unlikely that a financial institution would not obtain some type of address for the applicant. Nonetheless, the Bureau is proposing to permit financial institutions to report this data point using the “not provided by applicant and otherwise undetermined” response in order to facilitate compliance in those rare instances when the financial institution does not have the data requested. The reference in the comment to proposed § 1002.107(c)(1) would make clear, however, that a financial institution must maintain procedures reasonably designed to collect at least one address. As with the previous comment, the Bureau believes that this comment would strike the right balance by facilitating compliance and also emphasizing the requirement to collect appropriate data.

The Bureau is proposing a safe harbor in § 1002.112(c)(1), which would state that an incorrect entry for census tract is not a violation of ECOA or subpart B if the financial institution obtained the census tract by correctly using a geocoding tool provided by the FFIEC or the Bureau. Proposed comment 107(a)(13)-4 would cross-reference that provision. See the section-by-section analysis of proposed § 1002.112(c)(1) below for additional discussion of this safe harbor.

The Bureau notes that section 1071's description of the census tract data point refers to the census tract for the applicant's “principal place of business.” The Bureau considers the waterfall approach in proposed § 1002.107(a)(13) to be a reasonable interpretation of the undefined statutory term “principal place of business,” which the Bureau understands not to have a standard definition, and thus believes to be ambiguous. First, the Bureau believes that the address or location of the main office or headquarters of the applicant fits easily into one of the common meanings of “principal place of business.” In addition, the Bureau expects that, generally, the address where the loan proceeds will be applied will also be the main office or headquarters address. The primary exception to this principle would be in the case of credit intended for purchase, construction/, or refinancing of real estate; under these circumstances, the Bureau reasonably interprets the term “principal place of business” to mean, in essence, the principal location for business activities relating to the extension of credit at issue. Although “another address or location associated with the applicant” may not always be the principal place of business of the applicant, the Bureau considers this information to be the financial institution's best option for reporting data on the principal place of business when the nature of a location is unknown.

In the alternative, section 1071 authorizes the Bureau to include any “additional data that the Bureau determines would aid in fulfilling the purposes of [section 1071].” The Bureau has determined that requiring reporting of the proceeds address would aid in fulfilling both the fair lending and business and community development purposes of section 1071 by providing more useful information on the location of the credit activity for fair lending analysis and understanding where the business and community development is occurring. Requiring reporting of another address or location associated with the applicant when both the proceeds address and the main office or headquarters address are not available would provide location data when otherwise none would be present, thus also aiding in fulfilling both the fair lending and business and community development purposes of section 1071 by providing more useful information on the location of the lending for fair lending analysis and understanding where the business and community development is likely occurring. In addition, requiring data on the nature of the address reported would aid in fulfilling both the fair lending and business and community development purposes of section 1071 by facilitating accurate analyses of the data reported. Also, in the alternative, the Bureau believes it would be appropriate to use its exception authority under 704B(g)(2) to provide that financial institutions would not report the “main office or headquarters address” in certain situations because the Bureau believes that the proceeds address and “another address or location associated with the applicant” would carry out the purposes of section 1071 more appropriately than requiring the main office or headquarters address in every situation.

As discussed above, some SERs explained that they generally collect the main office address of the small business, which for sole proprietorships will often be a home address, and are generally not aware of the proceeds address. The Bureau's proposed waterfall approach accommodates this situation by allowing financial institutions to report census tract using the address that they have. In regard to SERs' concerns about the potential burden of geocoding addresses to obtain census tract, the Bureau notes that there does not appear to be a viable alternative to collecting and reporting the statutorily required census tract data without geocoding. While several SERs are already geocoding applicants' addresses, some SERs were concerned about the burden associated with geocoding for HMDA and one expressed a preference for the CRA method of geocoding, as did several other stakeholders. Accordingly, the Bureau seeks comment on the difference between geocoding for HMDA and for CRA, and any specific advantages or disadvantages associated with geocoding under either method. In regard to a Federal government tool capable of batch processing for geocoding of addresses, the Bureau is considering the utility of such a tool. The Bureau notes that the proposed rule would provide a safe harbor for use of such a Bureau tool, if created, as well as for the currently existing FFIEC tool. As the SBREFA Panel recommended, the Bureau seeks comment on the feasibility and ease of using existing Federal services to geocode addresses in order to determine census tract for 1071 reporting purposes (such as what is offered by the FFIEC for use in reporting HMDA data).

The Bureau seeks comment on its proposed approach to the census tract data point. In addition to the specific requests for input above, the Bureau notes that the waterfall method is intended to allow CRA reporters to provide the same data for both reporting regimes, but requests comment on whether the proposed method would achieve this goal and, if not, whether and how this data point should be further coordinated with CRA.

107(a)(14) Gross Annual Revenue

Background

Section 1071 requires financial institutions to collect and report “the gross annual revenue of the business in the last fiscal year of the . . . applicant preceding the date of the application.”

SBREFA Proposal Under Consideration and Feedback Received

In the SBREFA Outline, the Bureau stated that it was considering proposing that financial institutions report the gross annual revenue of the applicant during its last fiscal year. The Bureau stated that if a financial institution verifies gross annual revenue and bases its credit decision on that amount, the financial institution would report the verified amount. If the financial institution does not verify gross annual revenue, it would report the amount provided by the applicant.

Many SERs indicated that they collect gross annual revenue information, although they differed in how much they seek to verify this information. ⁶²⁸ Several SERs requested clarification regarding how gross annual revenue would be reported for startups and other young businesses. A few SERs stated that they do not capture gross annual revenue at all or collect it only in limited circumstances. One of these SERs stated that collecting gross annual revenue would be challenging; others suggested they could likely estimate gross annual revenue based on information they do collect.

Several SERs explained that they collect gross annual revenue using different methods and forms of verification for different types of credit. SERs advocated for allowing gross annual revenue to be reported as provided by the applicant, without an obligation for the financial institution to verify that information. A few SERs suggested that applicants often cannot provide accurate gross annual revenue information, although one SER suggested that in its experience applicants are generally able to provide reasonable estimates of gross annual revenue. Several SERs preferred reporting ranges rather than precise values. Several SERs also remarked that most businesses take advantage of tax filing extensions and thus typically do not have complete financial information for the prior year until many months later, and asked how that situation should be addressed when requesting applicants' gross annual revenue for the prior fiscal year.

The SBREFA Panel recommended that, in light of SER feedback supporting the Bureau's proposal under consideration to not require financial institutions to verify gross annual revenue information, the Bureau proceed with that approach in the proposal. The SBREFA Panel also recommended that the Bureau explore the timing of tax and revenue reporting and seek comment in the proposal on how that timing can best be coordinated with the collection and reporting of this data point.

The Bureau also received feedback from other stakeholders. Although one stakeholder commented that gross annual revenue is a consistent measure, simple to define, and easily computed, other stakeholders were concerned about the complexity and difficulty of reporting a specifically defined revenue number. One stakeholder stated that gross annual revenue was difficult to precisely define given differences in accounting and tax practices both across and within business subsectors. Two commenters suggested that reporting this data point would be complicated by the question of whether a business uses cash flow or accrual accounting. Other stakeholders requested the reporting of revenue ranges rather than specific values, and one of these commenters suggested that reporting a specific number may discourage some borrowers from applying. Another stakeholder explained that sometimes an application is denied or withdrawn before the revenue information is collected. One stakeholder stated that allowing flexibility in the collection and reporting of this data point would be very important.

With regard to whether the revenue of affiliates is included in the gross annual revenue they collect and whether that information is used for underwriting purposes, stakeholders reported that some collect this information and some do not, depending on the application and specific product. One commenter stated that it does not collect such information unless the affiliate will be liable on the loan. Two stakeholders stated that the Bureau must require inclusion of affiliate revenue to make sure that a given business truly is small.

Many stakeholders stated that they generally verify the income information using profit and loss statements, taxes, bank statements, and “third-party technology solutions.” Some stated that they do not verify revenue information for specific products, such as credit cards, and that sometimes it is difficult to verify the revenue of a particular applicant, as tax information can be complex or dated. Stakeholders overwhelmingly supported the Bureau's proposal under consideration not to require verification of revenue, and one stakeholder objected to requiring the reporting of verified information even when the lender has verified the revenue.

Stakeholders also expressed concern about collecting gross annual revenue for start-ups and very small businesses that might not have useable or clear information. One stakeholder explained that its members may obtain and rely on applicant bank statements for a specified time period, and so should be permitted to extrapolate annual revenue based on partially reported revenue.

Proposed Rule

Proposed § 1002.107(a)(14) would require reporting of the gross annual revenue of the applicant for its preceding full fiscal year prior to when the information is collected. The Bureau is proposing to require reporting of a specific value for gross annual revenue—rather than a range, for which some SERs and stakeholders expressed a preference—to simplify the reporting of gross annual revenue information for financial institutions and because it believes that a precise value would be more useful for 1071 data users, including the Bureau.

Consistent with the SBREFA Panel's recommendation and feedback from SERs and other stakeholders, proposed comment 107(a)(14)-1 would clarify that a financial institution need not verify gross annual revenue information provided by the applicant to comply with proposed § 1002.107(a)(14). The proposed comment would explain that the financial institution may rely on statements of or information provided by the applicant in collecting and reporting gross annual revenue. The proposed comment would also state, however, that if the financial institution verifies the gross annual revenue provided by the applicant it must report the verified information. The Bureau believes that a requirement to verify gross annual revenue could be operationally difficult for many financial institutions, particularly in situations in which the financial institution does not collect gross annual revenue currently. The Bureau also does not believe, at this time, that such a requirement is necessary in fulfilling either of section 1071's statutory purposes. However, the Bureau does believe that reporting verified revenue when the financial institution already possesses that information would not be operationally difficult, and would enhance the accuracy of the information collected.

Proposed comment 107(a)(14)-1 would also provide specific language that a financial institution could use to ask about an applicant's gross annual revenue and would explain that a financial institution could rely on the applicant's answer. The Bureau believes this language would facilitate compliance for financial institutions that currently do not collect gross annual revenue, collect it only in limited circumstances, or would otherwise find its collection challenging, as some SERs and other stakeholders suggested.

Overall, the Bureau believes that this approach in proposed comment 107(a)(14)-1—clarifying that a financial institution need not verify applicant-provided gross annual revenue information, and providing language that a financial institution may use to ask for such information—should reduce the complexity and difficulty of collecting gross annual revenue information that some SERs and stakeholders expressed concern about.

The Bureau believes that situations could arise in which the financial institution has identified that an applicant is a small business for the purposes of proposed § 1002.106(b) through, for example, an initial screening question asking whether the applicant's gross annual revenue is below $5 million, but then the specific gross annual revenue amount could not be collected. Therefore, the Bureau is proposing comment 107(a)(14)-2, which would first clarify that pursuant to proposed § 1002.107(c)(1), a financial institution shall maintain procedures reasonably designed to collect applicant-provided information, including the gross annual revenue of the applicant. The proposed comment would then state that if a financial institution is nonetheless unable to collect or determine the specific gross annual revenue of the applicant, the financial institution reports that the gross annual revenue is “not provided by applicant and otherwise undetermined.” The Bureau believes that permitting this reporting flexibility would reduce the complexity and difficulty of reporting gross annual revenue information, particularly when an application has been denied or withdrawn early in the process and the gross annual revenue could not be collected.

Proposed comment 107(a)(14)-3 would clarify that a financial institution is permitted, but not required, to report the gross annual revenue for the applicant that includes the revenue of affiliates as well. The proposed comment would state that, for example, if the financial institution does not normally collect information on affiliate revenue, the financial institution reports only the applicant's revenue and does not include the revenue of any affiliates when it has not collected that information. The Bureau believes that permitting, but not requiring, a financial institution to include the revenue of affiliates will carry out the purposes of section 1071 while reducing undue burden on financial institutions in collecting gross annual revenue information. Proposed comment 107(a)(14)-3 would conclude by explaining that in determining whether the applicant is a small business under proposed § 1002.106(b), a financial institution may rely on an applicant's representations regarding gross annual revenue, which may or may not include affiliates' revenue. The Bureau notes that proposed comment 106(b)-3 would follow the same approach to affiliate revenue for purposes of determining whether an applicant is a small business under proposed § 1002.106(b). The Bureau believes that this operational equivalence between proposed § 1002.107(a)(14) and proposed § 1002.106(b) would facilitate compliance and enhance the consistency of 1071 data.

As mentioned above, some SERs suggested they might be able to estimate gross annual revenue using information that they now collect, and one stakeholder suggested that it could extrapolate annual revenue based on partially reported revenue. The Bureau does not currently believe that estimation or extrapolation would be likely to result in sufficiently accurate data for reporting under proposed § 1002.107(a)(14). For example, a seasonal business's bank statements for its busy season would likely yield an inflated gross annual revenue when extrapolated to a full year. In addition, the Bureau believes that the language presented in proposed comment 107(a)(14)-1 would provide a manageable method for collecting full gross annual revenue when a financial institution does not do so now. Nonetheless, the Bureau seeks comment on whether financial institutions should be permitted to estimate or extrapolate gross annual revenue from partially reported revenue or other information, and how such estimation or extrapolation would be carried out. The Bureau also notes that estimation or extrapolation of gross annual revenue is sufficient for the purposes of determining small business status under proposed § 1002.106(b), subject to the requirement under proposed comment 107(a)(14)-1 that a financial institution must report verified gross annual revenue information if available.

The Bureau seeks comment on its proposed approach to the gross annual revenue data point, as well as the specific requests for comment above. As the SBREFA Panel recommended, the Bureau also seeks comment on how the timing of tax and revenue reporting can best be coordinated with the collection and reporting of gross annual revenue. In addition, the Bureau seeks comment on the effect of cash flow versus accrual accounting on reporting of gross annual revenue.

107(a)(15) NAICS Code

ECOA section 704B(e)(2)(H) authorizes the Bureau to require financial institutions to compile and maintain “any additional data that the Bureau determines would aid in fulfilling the purposes of [section 1071].” The Bureau is proposing in § 1002.107(a)(15) to require that financial institutions collect and report an applicant's 6-digit NAICS code. The Bureau believes that 6-digit NAICS code data would aid in fulfilling the purposes of section 1071, as explained below.

As described above, the SBA customizes its size standards on an industry-by-industry basis using 1,057 6-digit NAICS codes. The first two digits of a NAICS code broadly capture the industry sector of a business. The third digit captures the industry's subsector, the fourth captures the industry group, the fifth captures the industry code, and the sixth captures the national industry. The NAICS code thus becomes more specific as digits increase and the 6-digit code is the most specific. In its SBREFA Outline, the Bureau stated that it was considering proposing that financial institutions collect and report NAICS code as an important metric for fair lending analysis (allowing separation of dissimilar types of businesses to limit misinterpretations of the data) and assessing community development impacts (allowing better measurement of community development impact).

As described in detail in the section-by-section analysis of proposed § 1002.106(b) above, SERs and other stakeholders expressed concern about the difficulties in determining the appropriate NAICS code for businesses and in applying the NAICS-based standards in determining whether a business loan applicant is a small business. In addition, several SERs stated that correctly classifying an applicant's NAICS code can be difficult, as the business may change over time, codes may have overlapping definitions, small businesses often do not know their NAICS code or may operate in multiple NAICS sectors, and classifications may be prone to human error. Another SER noted that NAICS codes classifications could be subject to change based on SBA rulemaking, and thus financial institutions would need to track such developments. Other SERs stated that the 2-digit NAICS code is significantly less complex and prone to less human error than the SBA definition using 6-digit NAICS codes.

The SBREFA Panel recommended that the Bureau continue to explore ways to minimize burden on both the small financial institutions collecting NAICS code information as well as the small business applicants who need to provide it, for example the possibility of collecting the 2-NAICS code rather than the 6-digit code.

Proposed § 1002.107(a)(15) would require financial institutions to collect and report a 6-digit NAICS code appropriate for the applicant's business. Proposed comment 107(a)(15)-1 would provide general background on NAICS codes and would state that a financial institution complies with proposed § 1002.107(a)(15) if it uses the NAICS codes in effect on January 1 of the calendar year covered by the small business lending application register that it is reporting. Proposed comment 107(a)(15)-2 would clarify that, when a financial institution is unable to collect or determine the applicant's NAICS code, it reports that the NAICS code is “not provided by applicant and otherwise undetermined.”

The Bureau is also proposing that financial institutions be permitted to rely on NAICS codes obtained from the applicant or certain other sources, without having to verify that information itself. Specifically, proposed comment 107(a)(15)-3 would clarify that, consistent with proposed § 1002.107(b), a financial institution may rely on applicable applicant information or statements when compiling and reporting the NAICS code and would provide an example of an applicant providing a financial institution with the applicant's tax return that includes the applicant's reported NAICS code. Proposed comment 107(a)(15)-4 would provide that a financial institution may rely on a NAICS code obtained through the financial institution's use of business information products, such as company profiles or business credit reports, which provide the applicant's NAICS code.

The Bureau believes that NAICS codes would considerably aid in fulfilling both section 1071's fair lending purpose and its business and community development purpose, even if having NAICS code is not necessary for determining whether an applicant is a small business under the Bureau's proposed alternative size standard. The Bureau believes that capturing 6-digit NAICS codes in the 1071 data would facilitate enforcement of fair lending laws. For example, financial institutions often designate certain industries as high-risk, such as industries that have high rates of businesses leaving the market or that deal primarily in cash transactions. The 6-digit NAICS codes would help ensure that users are comparing applicants with similar profiles, thereby controlling for factors that might provide non-discriminatory explanations for disparities in credit and pricing decisions. Moreover, NAICS codes would be useful for identifying business and community development needs and opportunities of small businesses, which may differ widely based on industry, even controlling for other factors. For example, 6-digit NAICS codes would help data users identify industries where small businesses face challenges accessing credit and understand how small businesses in different industries use credit. Furthermore, disclosing NAICS codes would provide for consistency and compatibility with other public datasets related to small business lending activity, which generally use NAICS codes. This ability to synthesize 1071 data with other datasets would help the public use the data in ways that advance both the business and community development and fair lending purposes of section 1071.

The Bureau believes that collecting the full 6-digit NAICS code (as opposed to the 2-digit sector code) would better enable the Bureau and other stakeholders to drill down and identify whether disparities arise at a sector level or more specifically at a U.S. National Industry level and would also enable the collection of better information on the specific types of businesses that are accessing, or struggling to access, credit. For example, a wide variety of businesses, including those providing car washes, footwear and leather goods repair, and nail salons, all fall under the 2-digit sector code 81: Other Services (except Public Administration). Without 6-digit NAICS codes, all of these business types would be combined into one analysis, potentially masking different characteristics and different outcomes across these business types.

The Bureau recognizes that, under its proposal, all financial institutions subject to reporting would need to gain familiarity with the NAICS code system, refer to NAICS classifications for all relevant applications, and report NAICS codes to the Bureau. To address commenter concerns related to the complexity of determining a correct NAICS code, the Bureau is proposing (1) a safe harbor to indicate that an incorrect NAICS code entry is not a violation of subpart B if the first two digits of the NAICS code are correct and the financial institution maintains procedures reasonably adapted to correctly identify the subsequent four digits (see proposed § 1002.112(c)(2)); (2) permitting a financial institution to rely on applicable applicant information or statements when compiling and reporting the NAICS code (see proposed comment 107(a)(15)-3); and (3) permitting a financial institution to rely on a NAICS code obtained through the financial institution's use of business information products, such as company profiles, business credit reports, or NAICS identification tools (see proposed comment 107(a)(15)-4). The proposed NAICS-specific safe harbor would be available to financial institutions in addition to the general bona fide error exemption under proposed § 1002.112(b). See the section-by-section analysis of proposed § 1002.112(c)(2) below for a detailed discussion of the proposed safe harbor.

The Bureau seeks comment on its proposal to collect 6-digit NAICS codes together with the safe harbor described in proposed § 1002.112(c)(2). The Bureau also seeks comment on whether requiring a 3-digit NAICS code with no safe harbor would be a better alternative.

107(a)(16) Number of Workers

Background

ECOA section 704B(e)(2)(H) authorizes the Bureau to require financial institutions to compile and maintain “any additional data that the Bureau determines would aid in fulfilling the purposes of [section 1071].” The Bureau believes that data providing the number of persons working for a small business applicant would aid in fulfilling the business and community development purpose of section 1071. These data would allow users to better understand the job maintenance and creation that small business credit is associated with and help track that aspect of business and community development.

SBREFA Proposal Under Consideration and Feedback Received

In the SBREFA Outline, the Bureau stated that it was considering proposing that financial institutions collect and report the number of employees of the applicant. The Bureau stated that it was considering proposing that if the financial institution verifies the number of employees provided by the applicant, the financial institution would report the verified number. On the other hand, if the financial institution does not verify the number of employees, it would report the number provided by the applicant.

Many SERs indicated that they do not collect number of employees. One of these SERs stated that they do not support the inclusion of this data point in an eventual 1071 rule, although they could collect this information. Several SERs suggested that there could be particular complexities in accurately capturing this information, particularly regarding how part-time and seasonal employees and contractors should be counted. Some SERs stated that they collect number of employees but do not verify that information.

The SBREFA Panel recommended (with respect to both the time in business and number of employees data points), that if these data points become part of the proposal, the Bureau continue to explore ways to minimize the burden to small financial institutions of collecting and reporting these data points.

A large majority of industry stakeholders commenting on the SBREFA Outline opposed the inclusion of any of the discretionary data points, including number of employees. One trade association stated that this data point would frustrate small business applicants, particularly if they have to apply full-time employee calculation formulas. Several stakeholders discussed the difficulty of defining a number of employees data point, suggesting that complex rules would be necessary for how to count part-time and seasonal employees, as well as contractors. Another commenter suggested that verifying this information would be extremely difficult. Industry commenters also explained that most financial institutions do not collect this information now, and several pointed out that these data are not useful for evaluating credit risk. Another stated that number of employees is not a meaningful figure across industries, given the use of contractors and part-time employees. One commenter pointed out that the many sole proprietorships and non-employee firms mean that this number will often be zero. One financial institution stated that it does collect this information now, but does not verify it.

Community groups were strongly in favor of including a number of employees data point. One group stated that the number of employees data would help provide a greater understanding of microbusinesses, typically defined in terms ranging from less than five to ten employees, one or more of whom is the owner. Another suggested that the Bureau collect the total number of employees and number of owners separately, which it said would avoid the problem found in PPP data where owners mistakenly reported themselves as employees. This same commenter stated that user testing and guidance would be necessary to ensure that the number of employees is reported accurately and consistently. However, one community development fund that supported the collection of the other discretionary data points opposed collection of the number of employees. This stakeholder stated that there is little research support for direct job creation/retention as the primary impact of small business assistance, and that the scholarly consensus suggests the economic impacts of small firms are related to their capacity to improve local entrepreneurial networks and create ecosystems that are desired and sought out by bigger firms. The commenter then stated that by having covered financial institutions report on job counts, the Bureau would be implicitly reinforcing the inaccurate notion that employment is a key dimension of small business assistance.

Proposed Rule

Proposed § 1002.107(a)(16) would require financial institutions to report the number of non-owners working for the applicant. Although some SERs and other stakeholders questioned the usefulness of employment data for 1071's purposes, the Bureau continues to believe that this information would be particularly helpful in fulfilling the business and community development purpose of section 1071. Information on the number of workers should help data users assess community development impacts by allowing better understanding of the number of jobs affected. In addition, in order to avoid mistaken over-reporting of workers, the proposed regulation would make clear that only non-owners would be reported as workers.

Proposed comment 107(a)(16)-1 would discuss the collection of the number of workers. As discussed above, several SERs and other stakeholders suggested that there could be particular complexities in accurately capturing this information, particularly regarding how part-time and seasonal workers and contractors should be counted. To help alleviate these concerns, the proposed comment would state that in collecting the number of workers from an applicant, the financial institution would explain that full-time, part-time, and seasonal workers, as well as contractors who work primarily for the applicant, would be counted as workers, but principal owners of the business would not. If asked, the financial institution would explain that volunteers would not be counted as workers. This treatment of part-time, seasonal, contract, and volunteer workers would follow the SBA's method for counting employees, with minor simplifications. The Bureau believes that this guidance would allow financial institutions that originate SBA-guaranteed loans to use the same number of workers data for both the loan guarantee program and 1071 reporting. The Bureau seeks comment on whether further modifications to the number of workers data point are needed to facilitate this operational simplification.

Proposed comment 107(a)(16)-1 would also explain that workers for affiliates of the applicant would only be counted if the financial institution were also collecting the affiliates' gross annual revenue. The Bureau believes that this coordination between these two data points would facilitate compliance and yield more consistent data.

The proposed comment would further explain that the financial institution may rely on statements of or information provided by the applicant in collecting and reporting number of workers, but if the financial institution verifies the number of workers provided by the applicant, it must report the verified information. This guidance would address the concerns raised about the difficulty of verification. The Bureau believes that allowing financial institutions to rely on applicant- provided information will sufficiently safeguard accuracy such that the resulting data will aid in fulfilling the purposes of 1071. However, the Bureau also believes that reporting the verified number of workers when the financial institution already possesses that information would not be operationally difficult, and would enhance the accuracy of the information collected.

Finally, proposed comment 107(a)(16)-1 would also provide sample language that a financial institution could use to ask about the number of workers, if it does not collect the number of workers by another method. The Bureau understands that, as discussed above, financial institutions engaged in SBA lending are already collecting employee information to apply the SBA's size standards. However, SBA lending represents only a small percentage of the small business credit market. Given the difficulty for financial institutions in potentially requesting this information of all applicants, the Bureau provides the sample language in the proposed comment, which implements the simplified version of the SBA definition presented earlier in the proposed comment. The Bureau believes that permitting use of the model question would facilitate compliance. The Bureau seeks comment on this method of collection, and on the specific language proposed.

Proposed comment 107(a)(16)-2 would first clarify that a financial institution shall maintain procedures reasonably designed to collect applicant-provided information, including the number of workers of the applicant. The proposed comment would then state that if a financial institution is nonetheless unable to collect or determine the number of workers of the applicant, the financial institution reports that the number of workers is “not provided by applicant and otherwise undetermined.” The Bureau believes that this approach would reduce the burden on financial institutions that are unable to collect or determine the number of workers of the applicant, particularly when an application is denied or withdrawn early in the application process.

The Bureau seeks comment on its proposed approach to the number of workers data point, as well as on the specific requests for comment above. The Bureau also seeks comment on whether financial institutions collect information about the number of workers from applicants using definitions other than the SBA's, and how the collection of this data point could best be integrated with those collections of information.

107(a)(17) Time in Business

Background

ECOA section 704B(e)(2)(H) authorizes the Bureau to require financial institutions to compile and maintain “any additional data that the Bureau determines would aid in fulfilling the purposes of [section 1071].” The Bureau believes that data providing the time in business of a small business applicant would aid in fulfilling both the business and community development and fair lending purposes of section 1071, as explained below.

SBREFA Proposal Under Consideration and Feedback Received

In the SBREFA Outline, the Bureau stated that it was considering proposing to include as a discretionary data point time in business of the applicant (as of the date of application), expressed in years, or months if less than one year. The Bureau stated that time-in-business information could help explain differences in underwriting risk among small business applicants and thus avoid misinterpretation of the section 1071 dataset by distinguishing potentially riskier new businesses from less risky established businesses. Time-in-business information could also provide a better measurement of community development effects, in terms of number of start-ups or other relatively new businesses seeking and obtaining financing. The Bureau stated that a financial institution may choose to verify the time in business provided by an applicant as part of its normal course of business. If the financial institution does not verify the time in business provided by the applicant, the financial institution would report the time in business provided by the applicant. If the financial institution does verify the time in business provided by the applicant, it would report the verified information.

Many SERs currently collect time-in-business information, explaining that time-in-business information is valuable for measuring risk in underwriting. However, some SERs collect this information on their application forms or keep it as part of a general narrative in a credit memorandum about the application, but do not retain it as a specific data field in their systems. Some SERs capture time-in-business information by recording the year, or month/day/year, of incorporation; others capture it as the number of years the applicant has been in business. One SER stated that they do not support the inclusion of time in business as a data point in the NPRM, although they could collect this information.

Several SERs stated that they use State incorporation filings to determine or verify time in business. Some SERs explained that they view a business as a start-up if it has been in business either less than two or less than three years. For one SER, time in business is relevant for the specific line of business for which financing is sought, rather than the length of time the applicant has been in some business generally. Another SER suggested that the Bureau use ranges for time-in-business reporting, similar to a suggested method for collecting and reporting gross annual revenue.

The SBREFA Panel recommended (with respect to both the time in business and number of employees data points), that if these data points become part of the proposal, the Bureau continue to explore ways to minimize the burden to small financial institutions of collecting and reporting these data points.

Community group stakeholders supported the inclusion of the time-in-business data point, stating that start-ups and younger businesses often face challenges accessing credit, and having time-in-business data would be especially critical to exploring gender and racial disparities and fostering equitable access to affordable loan capital. Two industry stakeholders supported inclusion, stating that time in business is a key underwriting factor and could explain credit disparities. One community group stakeholder agreed, stating that time in business and other discretionary data points must be accounted for so credit providers cannot, as they said HMDA reporters have done for years, hide behind data not collected as justification for their lending disparities.

A large majority of industry stakeholders opposed all discretionary data points, including time in business. One industry stakeholder focused specifically on the time-in-business data point, stating that there are too many variables in the data point to be easily and clearly defined for collection. That stakeholder provided examples of complications in collection of the data point, such as (1) the time the entity has existed or existed under the current ownership, (2) how much experience the owners have had in this business or closely related fields, (3) if the experience is in closely related fields how close must they be, (4) whether the entity has history but is being purchased using loan funds by ownership with little experience, and (5) whether industry should report how long the existing management structure has been in place. It then requested that the Bureau drop this data point or make the options very simple.

Industry stakeholders reported different ways that they currently collect and use time-in-business information. Stakeholders report that the information is not universally collected and may be collected using different formats, even within a single institution. A trade association suggested that reporting time in business should be optional. One stakeholder said that it verifies the data using Secretary of State or other third-party information, and that an applicant that does not meet the time-in-business requirement for a product may be automatically rejected. Two other stakeholders stated that they focus on the overall experience of the ownership or management, rather than the age of the business.

Proposed Rule

Proposed § 1002.107(a)(17) would require a financial institution to collect and report the time the applicant has been in business, described in whole years, as relied on or collected by the financial institution. Proposed § 1002.107(a)(17) would require the data be reported in whole years, rather than ranges of time, as suggested by a SER and a stakeholder, because a financial institution would have a definite number of years if it collects this information, and the Bureau believes that would make the data more granular and useful.

The Bureau continues to believe that time in business would likely advance both statutory purposes of 1071. Research illustrates, and commenters have emphasized, the role that start-ups and new businesses play in the business ecosystem and in promoting important community development aims, such as creating new jobs. Financial institutions often have special credit policies regarding start-ups and other young businesses, including whether the institution will extend credit to start-ups at all, the type(s) of credit products start-ups and new businesses can apply for, and the amount of credit for which they can be approved. Studies generally show that start-ups experience greater difficulty in accessing credit, and one community group stakeholder made the same point. In addition, one study suggested that Black- and Hispanic-owned firms are under-represented in terms of firms that have external financing, have lower levels of liquidity in their early years, and have higher rates of exiting the market within the first three years. In regard to the facilitation of fair lending analyses, time-in-business data would provide a useful control in fair lending analyses to identify similarly situated applicants and eliminate some false positives, while also allowing monitoring of potential disparate treatment of minority- and women-owned start-ups and relatively new businesses. In addition, many SERs reported that time-in-business information is valuable for measuring risk in underwriting, and they did not limit this observation to start-ups and new businesses. The Bureau also believes that collecting time-in-business information generally, rather than in the first few years, would provide useful data for understanding the relative maturity of small businesses in different communities.

The Bureau believes that time-in-business data would benefit data users, including financial institutions, policymakers, and communities. Such data would allow data users to better identify the proportion of small businesses seeking credit that are start-ups or relatively new businesses, the type(s) of credit that is offered and provided to start-ups and newer businesses, the geographic makeup of those businesses, the types of financial institutions that are reaching such businesses, and where communities might focus business development efforts. The data may also aid policymakers in addressing issues impacting the growth of small start-ups. The data, particularly as to unmet demand, could help interested financial institutions identify lending opportunities to reach more start-ups and new businesses, promoting both business and community development.

In addition, as some of the stakeholders suggested, the Bureau believes that the inclusion of time-in-business data could help mitigate the concerns of data misrepresentation. For example, data indicating that a small business applicant is a start-up with little experience or financial history could provide a legitimate business explanation for why the financial institution denied the application or approved it for less credit than was applied for. Therefore, time-in-business data may help to explain the credit decision made by a financial institution, which may address any concerns of data misrepresentation.

The Bureau is not proposing to make this data field optional, as suggested by a trade association. The Bureau is concerned that, if it were to do so, very little data would be reported.

As explained above, the SBREFA Panel recommended that the Bureau explore ways to minimize the burden on small financial institutions of collecting and reporting the time-in-business data point. SERs and industry stakeholders reported different ways that they currently collect and use time-in-business information, reporting that the information is not universally collected and may be collected using different formats, even within a single institution. The Bureau believes that by allowing financial institutions to report the time in business that they relied on in making their credit decisions, the burden on the financial institution (of any size) could be reduced, while the resulting information would still aid in fulfilling the purposes of section 1071. Although industry commenters overwhelmingly expressed concern about the burden associated with any discretionary data points as a general matter, the Bureau believes that time-in-business information can be made relatively easy for financial institutions to collect if the Bureau leverages the methods currently in use by individual financial institutions. As the SERs and stakeholders explained, many or possibly most financial institutions already collect time-in-business information for underwriting purposes or to determine general eligibility, though the format and specific information collected vary by institution and may relate to owner or management experience rather than business longevity. Therefore, the Bureau is proposing that financial institutions that collect time-in-business information be required to report the time in business that they relied on (or would have relied on, for applications that were withdrawn prior to a credit decision) in making the credit decision. If the financial institution collects time-in-business information that reflects owner or management experience rather than business longevity, the financial institution would report time in business using the number it collects and relies on reflecting owner or management experience. If the financial institution relies on verified information, it reports the verified information. If it does not verify the information, it reports the unverified information. Requiring reporting of time in business “relied on” should avoid requiring financial institutions that collect some version of this information to change their practices or add extra procedures to collect the Bureau's version of time in business. In addition, the Bureau believes that collecting the actual information used by the financial institution to evaluate the application would aid fair lending analysis. Furthermore, the Bureau does not believe that the variations among the data collected by individual institutions would interfere with the business and community development purpose of 1071, because the information would still be useful in identifying new ownership, management, and businesses that may face credit challenges.

In addition to providing some financial institutions with the ability to avoid duplicative information gathering by simply reporting the time in business relied on, the proposed data point would also facilitate compliance for financial institutions that do not currently collect or rely on time-in-business information by allowing them to use the specific question provided in proposed comment 107(a)(17)-4, as explained below. The Bureau believes that permitting these two proposed methods for collection and reporting should accommodate different institutional practices and reduce operational difficulty for financial institutions in reporting this data point.

In order to clarify the potential use of the two methods (relied on or collected) of reporting for the time-in-business data point, proposed comment 107(a)(17)-1 would provide guidance on how to report using either method. The proposed comment would explain that, regardless of which method is used, the financial institution must report the time in business in whole years, or indicate if a business has not begun operating yet, or has been in operation for less than a year. The Bureau believes that this reporting format would inform data users of the maturity of the applicant businesses and signal which are start-ups.

Proposed comment 107(a)(17)-1 would further explain that when the financial institution relies on an applicant's time in business as part of a credit decision, it reports the time in business relied on in making the credit decision. However, the comment would further explain that proposed § 1002.107(a)(17) would not require the financial institution to rely on an applicant's time in business in making a credit decision. The Bureau believes that this guidance would make clear that the requirement to collect and report applicants' time in business would not change the financial institution's internal business practices. A financial institution would only be required to report the time in business relied on in making the credit decision if the financial institution actually does rely on an applicant's time in business in making its credit decision.

Proposed comment 107(a)(17)-1 would also explain that the financial institution may rely on statements or information provided by the applicant in collecting and reporting time in business; however, pursuant to proposed § 1002.107(b), if the financial institution verifies the time in business provided by the applicant, it must report the verified information. This guidance would apply whether the financial institution relies on the time in business in making its credit decision or not, although the Bureau believes that verification would be very uncommon when the financial institution is not relying on the information. The Bureau believes that allowing financial institutions to rely on applicant-provided information will sufficiently safeguard accuracy such that the resulting data will aid in fulfilling the purposes of 1071. However, the Bureau also believes that reporting the verified time in business when the financial institution already possesses that information would not be operationally difficult, and would enhance the accuracy of the information collected and ensure that it was the information that the financial institution relied on in making the credit decision.

Proposed comment 107(a)(17)-2 would provide instructions on how to report the time in business relied on in making the credit decision. The proposed comment would state that when a financial institution evaluates an applicant's time in business as part of a credit decision, it reports the time in business relied on in making the credit decision. For example, the proposed comment would further explain, if the financial institution relies on the number of years of experience the applicant's owners have in the current line of business, the financial institution reports that number of years as the time in business. Similarly, if the financial institution relies on the number of years that the applicant has existed, the financial institution reports the number of years that the applicant has existed as the time in business. Proposed comment 107(a)(17)-2 would then conclude by stating that a financial institution reports the length of business existence or experience duration that it relies on in making its credit decision, and is not required to adopt any particular definition of time in business. The Bureau believes that this proposed comment would provide useful guidance on how a financial institution complies with § 1002.107(a)(17) when it relies on time in business and would help such financial institutions avoid unnecessary compliance difficulties by reporting information that they already possess.

Proposed comment 107(a)(17)-3 would state that a financial institution relies on an applicant's time in business in making a credit decision if the time in business was a factor in the credit decision, even if it was not a dispositive factor. The comment would provide the example that if the time in business is one of multiple factors in the financial institution's credit decision, the financial institution has relied on the time in business even if the financial institution denies the application because one or more underwriting requirements other than the time in business are not satisfied. The Bureau believes that this guidance would help financial institutions to understand how to comply correctly with proposed § 1002.107(a)(17).

Proposed comment 107(a)(17)-4 would clarify that if the financial institution does not rely on time in business in considering an application, pursuant to proposed § 1002.107(c)(1) it shall still maintain procedures reasonably designed to collect applicant-provided information, which includes the applicant's time in business. The proposed comment would explain that in collecting time in business from an applicant, the financial institution complies with proposed § 1002.107(a)(17) by asking for the number of years that the applicant has been operating the business it operates now. The proposed comment would further explain that when the applicant has multiple owners with different numbers of years operating that business, the financial institution collects and reports the greatest number of years of any owner. As discussed above, the Bureau believes that providing this clear instruction on how to collect the time in business when a financial institution does not do so now would avoid the potential complications and difficulties described by the SERs and industry stakeholders in collecting this data point. In addition, the Bureau notes that, as would be made clear in proposed comment 107(a)(17)-1, a financial institution would not need to verify an applicant's response to the inquiry. Proposed comment 107(a)(17)-4 would then conclude by making clear that the financial institution does not need to comply with the instruction if it collects and relies on the time in business by another method in making the credit decision.

Proposed comment 107(a)(17)-5 would explain that pursuant to proposed § 1002.107(c)(1) a financial institution shall maintain reasonable procedures to collect information provided by the applicant, which includes the time in business of the applicant, but if the financial institution is unable to collect or determine the time in business of the applicant, the financial institution reports that the time in business is “not provided by applicant and otherwise undetermined.” The Bureau believes that permitting use of this response would facilitate compliance, particularly in situations in which the application is denied or withdrawn early in the application process.

The Bureau seeks comment on its proposed approach to this data point. The Bureau also seeks comment on whether time-in-business information may be less relevant or collectable for certain products or situations (such as retailer-branded credit cards acquired at point of sale) and whether reporting “not applicable” should be allowed in those instances. In addition, the Bureau seeks comment on whether there should be an upper limit on time in business—for example, to allow reporting of “over 20 years” for any applicant of that duration, rather than requiring reporting of a specific number of years.

107(a)(18) Minority-Owned Business Status

Background

ECOA section 704B(b) requires financial institutions to inquire whether applicants for credit are minority-owned businesses and to maintain a record of the responses to that inquiry separate from the applications and accompanying information. Section 704B(c) provides that applicants for credit may refuse to provide information requested pursuant to 704B(b). The Bureau is proposing § 1002.107(a)(18) to address how a financial institution would collect and report an applicant's minority-owned business status.

SBREFA Proposal Under Consideration and Feedback

In the SBREFA Outline, the Bureau stated that it was considering proposing that financial institutions be permitted to collect and report minority-owned business status solely based on applicant self-reporting and that the Bureau was not considering requiring reporting based on visual observation and/or surname. The Bureau also stated that it was considering proposing that the right to refuse under ECOA section 704B(c) apply to the financial institution's specific inquiries regarding minority-owned business status as well as women-owned status and the principal owners' race, sex, and ethnicity

Several SERs supported this approach and urged the Bureau to require collection and reporting of minority-owned business status based only on the information the applicant provides ( i.e., self-reporting). SERs also expressed concerns about the difficulties and costs that may be associated with collecting minority-owned business status on some basis other than applicant self-reporting. For example, although many SERs indicated that they review some ownership information about applicants in order to obtain guarantees or for other reasons, most of those SERs said that they do not review the accrual of net profits and losses and some said that they do not review information related to who controls an applicant. One SER said that determining ownership is relatively straightforward, but the issue of control can be subjective. One SER said that it would not be able to determine who controlled an applicant and that an applicant would need to self-report that information. Another SER noted that some small business applicants do not have simple ownership structures. A different SER stated that some financial institutions do not meet in person with all of the owners of small business applicants.

Other industry stakeholders providing feedback on the SBREFA Outline also supported collection and reporting of minority-owned business status based only on applicant self-reporting and noted several challenges with reporting this data point based on visual observation and/or surname. Some industry commenters stated that it would not be possible to report minority-owned business status based on visual observation and/or surname in at least some circumstances. Others expressed concerns about the cost and time required to do so. One industry commenter noted that the tracking of ownership and other information needed to report based on visual observation and/or surname would be laborious. Another commenter noted that some financial institutions do not obtain the information necessary to make the determinations that would underlie a visual observation requirement ( i.e., information about ownership, control, etc.). One commenter specifically noted that the statute only requires financial institutions to “inquire” about minority-owned business status. Conversely, a community group opposed reporting based only on applicant self-reporting.

Some commenters stated that financial institutions should not be required to collect or report this information at all, or that they should not be required to collect or report it in certain situations, such as when a trust or other entity owns or controls an applicant.

Some SERs and a few other commenters said that the Bureau should create a tool or otherwise arrange for applicants to self-report, at least, demographic information (namely, minority-owned business status and women-owned business status as well as the ethnicity, race, and sex of principal owners) directly to the Bureau or to a third-party that maintains a database of such information.

Some SERs were concerned that, if notified of their right to refuse, applicants may not provide protected demographic information, thus limiting the usefulness of 1071 data. One SER and several other commenters similarly agreed with the Bureau's proposal under consideration to limit the right to refuse to applicants' protected demographic information only. However, three commenters opined that the Bureau's approach was too limited and that the right to refuse should apply to small business status as well as other data points. Several SERs requested that the Bureau provide sample language for use in any disclosure and collection forms in which an applicant's right to refuse is stated, so that applicants understand why lenders are requesting protected demographic information and how the information will be used. Two SERs asked that the Bureau provide sample language in English as well as in other languages, such as Spanish.

The SBREFA Panel recommended that the Bureau consider creating sample data collection forms that, to the extent possible, simply and clearly explain the information being requested for purposes of this data point. The SBREFA Panel recommended that the Bureau consider developing sample disclosure language that financial institutions may use to provide some context as to why applicants are being asked to provide protected demographic information, in order to encourage applicants to respond. It also said that the Bureau should additionally consider providing these sample data collection forms in other languages, such as Spanish.

Proposed Rule

Consistent with its approach during the SBREFA process, proposed § 1002.107(a)(18) would require financial institutions to collect and report whether an applicant is a minority-owned business. Proposed § 1002.107(a)(18) would also require financial institutions to collect and report whether minority-owned business status is being reported based on previously collected data pursuant to proposed § 1002.107(c)(2). It would also require that when the financial institution requests minority-owned business status from an applicant, the financial institution inform the applicant that the financial institution cannot discriminate on the basis of the applicant's minority-owned business status, or on whether the applicant provides this information. Finally, proposed § 1002.107(a)(18) would refer to proposed appendix F for additional details regarding how financial institutions are required to collect and report minority-owned business status. Proposed appendix F would include a requirement that a financial institution inform an applicant that the applicant is not required to respond to the financial institution's questions regarding the applicant's minority-owned business status and women-owned business status, and a prohibition on financial institutions requiring applicants to provide this information. Consistent with the SBREFA Panel's recommendation, proposed appendix E, which is a sample data collection form, would include a question about minority-owned business status and related information to assist applicants with responding to the question.

Proposed comment 107(a)(18)-1 would clarify that a financial institution would be required to ask an applicant if it is a minority-owned business for each covered application unless the financial institution is permitted to report minority-owned business status based on previously collected data. Additionally, the financial institution would be required to permit an applicant to refuse to answer the financial institution's inquiry and to inform the applicant that it is not required to provide the information. The financial institution would report the applicant's response, its refusal to answer the inquiry (such as when the applicant indicates that it does not wish to provide the requested information), or its failure to respond (such as when the applicant fails to submit a data collection form) to the inquiry. See proposed appendix F for additional instructions on how the Bureau proposes that financial institutions collect and report minority-owned business status.

Proposed comment 107(a)(18)-2 would explain that a financial institution must inform the applicant that the financial institution cannot discriminate on the basis of an applicant's minority-owned business status or on whether the applicant provides the information. It would also clarify that a financial institution may combine this non-discrimination notice regarding minority-owned business status with the similar non-discrimination notices that a financial institution is required to provide when requesting women-owned business status and a principal owner's ethnicity, race, and sex if a financial institution requests minority-owned business status, women-owned business status, and/or a principal owner's ethnicity, race, and sex in the same data collection form or at the same time.

Proposed comment 107(a)(18)-3 would explain how, pursuant to proposed § 1002.111(b), financial institutions must record an applicant's response regarding minority-owned business status pursuant to proposed § 1002.107(a)(18) separate from the application and accompanying information. This proposed comment would also provide examples of how responses could be recorded separately from the application and accompanying information.

Proposed comment 107(a)(18)-4 would state that pursuant to proposed § 1002.107(c)(1), a financial institution shall maintain procedures reasonably designed to collect applicant-provided information, which includes the applicant's minority-owned business status. However, if a financial institution does not receive a response to its inquiry, the financial institution would report that the applicant's minority-owned business status is “not provided by applicant.”

Proposed comment 107(a)(18)-5 would state that notwithstanding proposed § 1002.107(b) (regarding verification of applicant-provided information), a financial institution would report the applicant's response, its refusal to answer the inquiry, or its failure to respond to the inquiry pursuant to proposed § 1002.107(a)(18), even if the financial institution verifies or otherwise obtains an applicant's minority-owned business status for other purposes. Moreover, as proposed in the instructions in appendix F, a financial institution would not be required or permitted to verify the applicant's response to the financial institution's inquiry pursuant to proposed § 1002.107(a)(18) regarding minority-owned business status.

Proposed comment 107(a)(18)-6 would clarify that a financial institution does not report minority-owned business status based on visual observation, surname, or any basis other than the applicant's response to the inquiry that the financial institution makes to satisfy § 1002.107(a)(18) or, if the financial institution is permitted to report based on previously collected data, on the basis of the applicant's response to the inquiry that the financial institution previously made to satisfy § 1002.107(a)(18).

Proposed comment 107(a)(18)-7 would clarify that a financial institution may report minority-owned business status based on previously collected data if the financial institution is permitted to do so pursuant to proposed § 1002.107(c)(2) and its commentary.

Consistent with its approach during the SBREFA process, the Bureau is not proposing that financial institutions collect or report minority-owned business status based on visual observation, surname, or any method other than an applicant-provided response to a specific inquiry asked for purposes of proposed § 1002.107(a)(18). Similarly, the Bureau is not proposing that financial institutions be permitted or required to verify an applicant's response. Although the Bureau is proposing that financial institutions collect and report a principal owner's ethnicity and race based on visual observation and/or surname in certain circumstances, the Bureau believes that there would be additional complexities and difficulties with attempting to collect and report minority-owned business status based on visual observation and/or surname. Some of these additional difficulties arise because the financial institution may need to determine who controls the applicant as well as who owns the applicant and who realizes the net profits and losses. Other difficulties arise from the fact that the financial institution would need to know how each natural person it meets with in person fits into the ownership structure of the applicant as well as its control and profit structures. For example, it would not be sufficient to know whether a natural person is an owner. The financial institution also would need to know what percentage of the ownership interest and control the natural person held and, if that ownership was not more than 50 percent, the institution would need to know who owned and controlled the remainder of the applicant. An additional complication, specific to this data point, arises when the financial institution is not able to visually observe absent owners. In these cases, the financial institution may not be able to determine if the business is a minority-owned business. Thus, even if a financial institution has an in-person meeting with one or more natural persons associated with an applicant, it may be difficult or impossible for the financial institution to determine if an applicant is a minority-owned business.

The Bureau seeks comment on its proposed approach to this data point, including the proposed methods of collecting and reporting the data. The Bureau also requests comment on whether additional clarification regarding any aspect of this data point is needed. In particular, the Bureau seeks comment on whether applicants are likely to have difficulty understanding and determining the information they are being asked to provide and, if so, how the Bureau may mitigate such difficulties.

107(a)(19) Women-Owned Business Status

Background

ECOA section 704B(b) requires financial institutions to inquire whether applicants for credit are women-owned businesses and to maintain a record of the responses to that inquiry separate from the applications and accompanying information. Section 704B(c) provides that applicants for credit may refuse to provide information requested pursuant to 704B(b). The Bureau is proposing § 1002.107(a)(19) to address how a financial institution would collect and report an applicant's women-owned business status.

SBREFA Proposal Under Consideration and Feedback Received

In the SBREFA Outline, the Bureau stated that it was considering proposing that financial institutions be permitted to collect and report women-owned business status solely based on applicant self-reporting and that the Bureau was not considering requiring reporting based on visual observation and/or surname. The Bureau also stated that it was considering proposing that the right to refuse under ECOA section 704B(c) apply to the financial institution's specific inquiries regarding minority-owned business status as well as women-owned status and the principal owners' race, sex, and ethnicity.

As with collecting and reporting minority-owned business status, several SERs supported this approach and urged the Bureau to require collection and reporting of women-owned business status based only on the information the applicant provides ( i.e., self-reporting). SERs also expressed concerns about the difficulties and costs that may be associated with collecting women-owned business status on some basis other than applicant self-reporting. For example, although many SERs indicated that they review some ownership information about applicants in order to obtain guarantees or for other reasons, most of those SERs said that they do not review the accrual of net profits and losses and some said that they do not review information related to who controls an applicant. One SER said that determining ownership is relatively straightforward, but the issue of control can be subjective. One SER said that it would not be able to determine who controlled an applicant and that an applicant would need to self-report that information. Another SER noted that some small business applicants do not have simple ownership structures. A different SER stated that some financial institutions do not meet in person with all of the owners of small business applicants.

As with collecting and reporting minority-owned business status, other industry stakeholders providing feedback on the SBREFA Outline also supported collection and reporting of women-owned business status based only on applicant self-reporting and noted several challenges with reporting this data point based on visual observation and/or surname. Some industry commenters stated that it would not be possible to report women-owned business status based on visual observation and/or surname in, at least, some circumstances. Others expressed concerns about the cost and time required to do so. One industry commenter noted that the tracking of ownership and other information needed to report based on visual observation and/or surname would be laborious. Another commenter noted that some financial institutions do not obtain the information necessary to make the determinations that would underlie a visual observation requirement ( i.e., information about ownership, control, etc.). One commenter specifically noted that the statute only requires financial institutions to “inquire” about women-owned business status. Conversely, a community group opposed reporting based only on applicant self-reporting.

Some commenters stated that financial institutions should not be required to collect or report this information at all, or that they should not be required to collect or report it in certain situations, such as when a trust or other entity owns or controls an applicant.

Some SERs and a few other commenters said that the Bureau should create a tool or otherwise arrange for applicants to self-report, at least, demographic information (namely women-owned business status and minority-owned business status as well as the ethnicity, race, and sex of principal owners) directly to the Bureau or to a third-party that maintains a database of such information.

Some SERs were concerned that, if notified of their right to refuse, applicants may not provide protected demographic information, thus limiting the usefulness of 1071 data. One SER and several other commenters similarly agreed with the Bureau's proposal under consideration to limit the right to refuse to applicants' protected demographic information only. However, three commenters opined that the Bureau's approach was too limited and that the right to refuse should apply to small business status as well as other data points. Several SERs requested that the Bureau provide sample language for use in any disclosure and collection forms in which an applicant's right to refuse is stated, so that applicants understand why lenders are requesting protected demographic information and how the information will be used. Two SERs asked that the Bureau provide sample language in English as well as in other languages, such as Spanish.

The SBREFA Panel recommended that the Bureau consider creating sample data collection forms that, to the extent possible, simply and clearly explain the information being requested for purposes of this data point. The SBREFA Panel recommended that the Bureau consider developing sample disclosure language that financial institutions may use to provide some context as to why applicants are being asked to provide protected demographic information, in order to encourage applicants to respond. It also recommended that the Bureau should consider providing these sample data collection forms in other languages, such as Spanish.

Proposed Rule

Consistent with its approach during the SBREFA process, proposed § 1002.107(a)(19) would require financial institutions to collect and report whether an applicant is a women-owned business. Proposed § 1002.107(a)(19) would also require financial institutions to collect and report whether women-owned business status is being reported based on previously collected data pursuant to proposed § 1002.107(c)(2). It would also require that when the financial institution requests women-owned business status from an applicant, the financial institution inform the applicant that the financial institution cannot discriminate on the basis of the applicant's women-owned business status, or on whether the applicant provides this information. Finally, proposed § 1002.107(a)(19) would refer to proposed appendix F for additional details regarding how financial institutions are required to collect and report women-owned business status. Proposed appendix F would include a requirement that a financial institution inform an applicant that the applicant is not required to respond to the financial institution's questions regarding the applicant's women-owned business status and minority-owned business status, and a prohibition on financial institutions requiring applicants to provide this information. Consistent with the SBREFA Panel's recommendation, proposed appendix E, which is a sample data collection form, would include a question about women-owned business status and related information to assist applicants with responding to the question.

Proposed comment 107(a)(19)-1 would clarify that a financial institution would be required to ask an applicant if it is a women-owned business for each covered application unless the financial institution is permitted to report women-owned business status based on previously collected data. Additionally, the financial institution would be required to permit an applicant to refuse to answer the financial institution's inquiry and to inform the applicant that it is not required to provide the information. The financial institution would report the applicant's response, its refusal to answer the inquiry (such as when the applicant indicates that it does not wish to provide the requested information), or its failure to respond (such as when the applicant fails to submit a data collection form) to the inquiry. See proposed appendix F for additional instructions on how the Bureau proposes that financial institutions collect and report women-owned business status.

Proposed comment 107(a)(19)-2 would explain that a financial institution must inform the applicant that the financial institution cannot discriminate on the basis of an applicant's women-owned business status or on whether the applicant provides the information. It would also clarify that a financial institution may combine this non-discrimination notice regarding women-owned business status with the similar non-discrimination notices that a financial institution is required to provide when requesting minority-owned business status and a principal owner's ethnicity, race, and sex if a financial institution requests minority-owned business status, women-owned business status, and/or a principal owner's ethnicity, race, and sex in the same data collection form or at the same time.

Proposed comment 107(a)(19)-3 would explain how, pursuant to proposed § 1002.111(b), financial institutions must record an applicant's response regarding women-owned business status pursuant to proposed § 1002.107(a)(19) separate from the application and accompanying information. This proposed comment would also provide examples of how responses could be recorded separately from the application and accompanying information.

Proposed comment 107(a)(19)-4 would state that pursuant to proposed § 1002.107(c)(1), a financial institution shall maintain procedures reasonably designed to collect applicant-provided information, which includes the applicant's women-owned business status. However, if a financial institution does not receive a response, the financial institution would report that the applicant's women-owned business status is “not provided by applicant.”

Proposed comment 107(a)(19)-5 would state that notwithstanding proposed § 1002.107(b) (regarding verification of applicant-provided information), a financial institution would report the applicant's response, its refusal to answer the inquiry, or its failure to respond to the inquiry pursuant to proposed § 1002.107(a)(19), even if the financial institution verifies or otherwise obtains an applicant's women-owned business status for other purposes. Moreover, as proposed in the instructions in appendix F, a financial institution would not be required or permitted to verify the applicant's response to the financial institution's inquiry pursuant to proposed § 1002.107(a)(19) regarding women-owned business status. Thus, for example, under the principle articulated in proposed comment 107(a)(19)-5, a financial institution could not second guess an applicant's decision to determine whether it is a women-owned business for purposes of proposed § 1002.107(a)(19) based on the gender identity of the principal owners. The Bureau seeks comment on whether it would be useful to expressly codify this application of the principle in the commentary.

Proposed comment 107(a)(19)-6 would clarify that a financial institution does not report women-owned business status based on visual observation, surname, or any basis other than the applicant's response to the inquiry that the financial institution makes to satisfy proposed § 1002.107(a)(19) or, if the financial institution is permitted to report based on previously collected data, on the basis of the applicant's response to the inquiry that the financial institution previously made to satisfy proposed § 1002.107(a)(19).

Proposed comment 107(a)(19)-7 would clarify that a financial institution may report women-owned business status based on previously collected data if the financial institution is permitted to do so pursuant to proposed § 1002.107(c)(2) and its commentary.

Consistent with its approach during the SBREFA process, the Bureau is not proposing that financial institutions collect or report women-owned business status based on visual observation, surname, or any method other than an applicant-provided response to a specific inquiry asked for purposes of proposed § 1002.107(a)(19). Similarly, the Bureau is not proposing that financial institutions be permitted or required to verify an applicant's response. Although the Bureau is proposing that financial institutions collect and report a principal owner's ethnicity and race based on visual observation and/or surname in certain circumstances, the Bureau believes that there would be additional complexities and difficulties with attempting to collect and report women-owned business status based on visual observation and/or surname. Some of these additional difficulties arise because the financial institution may need to determine who controls the applicant as well as who owns the applicant and who realizes the net profits and losses. Other difficulties arise from the fact that the financial institution would need to know how each natural person it meets with in person fits into the ownership structure of the applicant as well as its control and profit structures. For example, it would not be sufficient to know whether a natural person is an owner. The financial institution also would need to know what percentage of the ownership interest and control the natural person held and, if that ownership was not more than 50 percent, the institution would need to know who owned and controlled the remainder of the applicant. An additional complication, specific to this data point, arises when the financial institution is not able to visually observe absent owners. In these cases, the financial institution may not be able to determine if the business is a women-owned business. Thus, even if a financial institution has an in-person meeting with one or more natural persons associated with an applicant, it may be difficult or impossible for the financial institution to determine if an applicant is a women-owned business.

The Bureau seeks comment on its proposed approach to this data point, including the proposed methods of collecting and reporting the data. The Bureau also requests comment on whether additional clarification regarding any aspect of this data point is needed. In particular, the Bureau seeks comment on whether applicants are likely to have difficulty understanding and determining the information they are being asked to provide and, if so, how the Bureau may mitigate such difficulties.

107(a)(20) Ethnicity, Race, and Sex of Principal Owners

Background

ECOA section 704B(e)(2)(G) requires financial institutions to compile and maintain certain information, including the race, sex, and ethnicity of an applicant's principal owners. However, section 1071 does not set out what categories should be used when collecting and reporting this information. The Bureau is proposing § 1002.107(a)(20) to address how a financial institution would collect and report the ethnicity, race, and sex of an applicant's principal owners. See the section-by-section analysis of proposed § 1002.102(o) above for a discussion of the definition of a principal owner.

SBREFA Proposal Under Consideration and Feedback

In the SBREFA Outline, the Bureau stated that it was considering proposing that financial institutions use the aggregate race, sex, and ethnicity categories from Regulation C when requesting that applicants provide race, sex, and ethnicity information of principal owners.

SERs were generally supportive of aligning the race, sex, and ethnicity categories used for reporting demographic information about principal owners in 1071 with the aggregate categories used in Regulation C for HMDA. However, one SER stated that the Bureau should consider revisiting the use of male and female as categories for sex because gender is not binary. Additionally, some other stakeholders, including community groups and a trade association, were opposed to using the HMDA aggregate categories for reporting race and ethnicity. Generally, these commenters opposed the use of the aggregate categories because, they said, those categories could mask discrimination and do not provide sufficient detail or context. These commenters generally supported use of the HMDA disaggregated subcategories for reporting a principal owner's race and ethnicity.

Additionally, in the SBREFA Outline, the Bureau stated that it was considering proposing that the collection and reporting of a principal owner's race, sex, and ethnicity be based solely on applicant self-reporting. The Bureau stated in the SBREFA Outline that it anticipated that requiring reporting based on visual observation and/or surname could create unwarranted compliance burdens in the context of small business lending, although the Bureau sought feedback on the potential challenges, costs, and benefits of implementing such a requirement. The Bureau also stated in the SBREFA Outline that it was considering developing a sample data collection form to assist industry in collecting this information and to communicate an applicant's right to refuse to provide such information.

SERs generally supported applicants' self-reporting of principal owners' race, sex, and ethnicity and strongly preferred that financial institutions not be required to report based on visual observation and/or surname. Some SERs said financial institutions should not be required to “guess” the race, sex, and ethnicity of principal owners, remarking, among other things, that doing so is both extremely difficult and ineffective, and that collecting demographic information based on visual observation makes staff uncomfortable. Another SER said that reporting demographic information based on visual observation and/or surname is likely to introduce both error and bias to the process. One SER stated that financial institutions do not always meet with all principal owners of a business in person and that financial institutions occasionally meet with a manager or officer who might not be a principal owner. Conversely, another SER stated that when relying on applicants to self-report demographic information, there are higher rates of non-FEFF responses in the business lending context compared to consumer residential lending. This SER suggested that the Bureau will need to account for this disparity.

Other industry and trade association stakeholders that commented on the SBREFA Outline also generally supported applicants' self-reporting of principal owners' race, sex, and ethnicity and strongly preferred that financial institutions not be required to report this information based on visual observation and/or surname. Some of these commenters noted that some financial institutions might not know who a business's principal owners are, might not collect the information necessary to determine who they are, or might not meet in person with principal owners. Others asserted that reporting based on visual observation and/or surname increases the cost and time to process a small business loan, may result in inaccurate data, and may create awkward situations or customer disputes. One trade association argued that the statute only requires financial institutions to “inquire” about a principal owner's race, sex, and ethnicity. However, two community groups stated that financial institutions should be permitted or required to report based on visual observation and/or surname when an applicant does not provide the information, and a CDFI stated that financial institutions should be required to report race, sex, and ethnicity based on visual observation and/or surname only when an applicant does not provide the information and does not refuse to provide the information.

Two industry commenters suggested that the Bureau create a tool or otherwise arrange for applicants to self-report, at least, demographic information (namely minority-owned business status and women-owned business status as well as the race, sex, and ethnicity of principal owners) directly to the Bureau or to a third-party that maintains a database of such information.

Some SERs were concerned that, if notified of their right to refuse, applicants may not provide protected demographic information, thus limiting the usefulness of 1071 data. One SER and several other commenters similarly agreed with the Bureau's proposal under consideration to limit the right to refuse to applicants' protected demographic information only. However, three commenters opined that the Bureau's approach was too limited and that the right to refuse should apply to small business status as well as other data points. Several SERs requested that the Bureau provide sample language for use in any disclosure and collection forms in which an applicant's right to refuse is stated, so that applicants understand why lenders are requesting protected demographic information and how the information will be used. Two SERs asked that the Bureau provide sample language in English as well as in other languages, such as Spanish.

One trade association requested that reporting of a principal owner's race, sex, and ethnicity not be required in certain situations, such as when a principal owner is a trust or another entity.

Some SERs and other commenters requested that the Bureau develop a form to assist financial institutions with collecting the race, sex, and ethnicity of principal owners. One SER suggested developing a sample data collection form similar to the one used for HMDA data collection and including the same disclosures. One commenter noted that the use of a model form may increase the uniformity and consistency of reporting such demographic information. Another commenter suggested that any model form should include an explanation of why the financial institution is requesting the information and a statement of the applicant's right to refuse to provide the information.

The SBREFA Panel recommended that, in order to assist both small financial institutions and small business applicants, the Bureau consider creating sample data collection forms that, to the extent possible, simply and clearly explain the information being requested for purposes of this data point. The Panel also recommended that the Bureau additionally consider providing such sample data collection forms in other languages, such as Spanish.

Proposed Rule

Proposed § 1002.107(a)(20) would require financial institutions to collect and report the ethnicity, race, and sex of the applicant's principal owners as well as whether this information is being reported based on previously collected data pursuant to proposed § 1002.107(c)(2). It would also require financial institutions to report whether the ethnicity and race are being reported by the financial institution on the basis of visual observation or surname. Proposed § 1002.107(a)(20) would require financial institutions to collect and report ethnicity, race, and sex data as prescribed in proposed appendix G. Proposed appendix G would include a requirement that a financial institution inform an applicant that the applicant is not required to respond to the financial institution's questions regarding its principal owners' ethnicity, race or sex and would also include a prohibition on financial institutions requiring applicants to provide this information. Proposed § 1002.107(a)(20) would also require that when the financial institution requests ethnicity, race, and sex information from an applicant, the financial institution inform the applicant that the financial institution cannot discriminate on the basis of a principal owner's ethnicity, race, or sex, or on whether the applicant provides this information. Consistent with the SBREFA Panel's recommendation, the Bureau is proposing a sample data collection form that financial institutions could use to collect ethnicity, race, and sex information. See proposed appendix E.

Proposed Rule—Collecting Ethnicity, Race, and Sex, In General

Proposed comment 107(a)(20)-1 would clarify how a financial institution collects ethnicity, race, and sex information. It would state that unless a financial institution is permitted to report ethnicity, race, and sex information based on previously collected data pursuant to proposed § 1002.107(c)(2), a financial institution must ask an applicant to report its principal owners' ethnicity, race, and sex for each covered application and that the financial institution must permit an applicant to refuse to answer the financial institution's inquiry. It would require financial institutions to inform the applicant that it is not required to provide the information. Proposed comment 107(a)(20)-1 would further clarify that the financial institution must report the applicant's responses, its refusal to answer the inquiries, or its failure to respond to the inquiries, and explain that in certain situations, discussed in proposed comments 107(a)(20)-7 and -8 and in appendix G, a financial institution may also be required to report one or more principal owners' ethnicity and race (but not sex) based on visual observation and/or surname. Proposed comment 107(a)(20)-1 would cross-reference proposed appendix G for additional instructions.

Proposed comment 107(a)(20)-2 would explain that a financial institution must inform the applicant that the financial institution shall not discriminate on the basis of a principal owner's ethnicity, race, or sex or on whether the applicant provides that information. It would also clarify that a financial institution may combine this non-discrimination notice with the similar non-discrimination notices that a financial institution would be required to provide when requesting minority-owned business status and women-owned business status if a financial institution requests minority-owned business status, women-owned business status, and/or a principal owner's ethnicity, race, and sex in the same data collection form or at the same time.

Proposed comment 107(a)(20)-3 would explain how, pursuant to proposed § 1002.111(b), financial institutions must record applicants' responses regarding a principal owner's ethnicity, race, and sex pursuant to § 1002.107(a)(20) separate from the application and accompanying information. This proposed comment would also provide examples of how responses could be recorded separately from the application and accompanying information.

Proposed comment 107(a)(20)-4 would clarify that a financial institution would be required to maintain procedures reasonably designed to collect applicant-provided information, including the ethnicity, race, and sex of an applicant's principal owners pursuant to proposed § 1002.107(c)(1). However, if a financial institution is nonetheless unable to collect the principal owners' ethnicity, race, or sex from the applicant and if the financial institution is not required to report the principal owners' ethnicity and race based on visual observation and/or surname, the financial institution would report that the principal owner's ethnicity, race, or sex (as applicable) is “not provided by applicant.”

Proposed comment 107(a)(20)-12 would clarify that a financial institution would neither be required nor permitted to verify the ethnicity, race, or sex information that the applicant provides for purposes of proposed § 1002.107(a)(20), even if the financial institution verifies or otherwise obtains the ethnicity, race, or sex of the applicant's principal owners for other purposes. Thus, for example, under the principle articulated in proposed comment 107(a)(20)-12, a financial institution could not second guess an applicant's decision to provide sex information for the applicant's principal owners for purposes of § 1002.107(a)(20) based on the gender identity of the principal owners. The Bureau solicits comment on whether it would be useful to expressly codify this application of the principle in the commentary.

Additionally, the proposed comment would explain that, if an applicant refuses to respond to the inquiry pursuant to proposed § 1002.107(a)(20) or fails to respond to this inquiry, the financial institution would report that the applicant declined to provide the information or did not respond to the inquiry (as applicable), unless the financial institution is required to report ethnicity and race based on visual observation and/or surname. Finally, the proposed comment would explain that the financial institution does not report ethnicity, race, or sex pursuant to proposed § 1002.107(a)(20) based on information that the financial institution collects for other purposes.

Proposed comment 107(a)(20)-5 would explain that generally an applicant determines its principal owners and decides whether to provide information about principal owners. It would further state that, nonetheless, a financial institution may be required to report ethnicity and race information based on visual observation and/or surname and may need to determine if a natural person with whom the financial institution meets in person is a principal owner. It would explain how a financial institution determines who is a principal owner in the event that the financial institution may be required to report ethnicity and race information based on visual observation and/or surname. It would also provide examples of how the financial institution can make that determination and note that the financial institution is not required to verify any responses regarding whether a natural person is a principal owner.

The Bureau seeks comment on these general aspects of collecting and reporting principal owners' ethnicity, race, and sex, including comments on the challenges that financial institutions may have implementing them.

Proposed Rule—Collecting Ethnicity and Race Using Aggregate Categories and Disaggregated Subcategories

The Bureau is proposing that financial institutions request principal owners' ethnicity and race using both aggregate categories as well as disaggregated subcategories.

With respect to ethnicity data collection, the Bureau is proposing to use the same aggregate categories ( i.e., Hispanic or Latino and Not Hispanic or Latino) and disaggregated subcategories as are used in Regulation C. With respect to race data collection, the Bureau is proposing to use the same aggregate categories as are used in Regulation C: American Indian or Alaska Native; Asian; Black or African American; Native Hawaiian or Other Pacific Islander; and White. Regulation C also has disaggregated subcategories for the Asian race category and the Native Hawaiian or Other Pacific Islander race category. In addition, with respect to the American Indian or Alaska Native race category, Regulation C invites an applicant to provide the name of a principal or enrolled tribe. Similar to HMDA, the Bureau is proposing to invite an applicant to provide the name of a principal or enrolled tribe for each principal owner with respect to the Indian or Alaska Native race category and to adopt the disaggregated subcategories used in HMDA for the Asian race category and the Native Hawaiian and Other Pacific Islander race category. In addition, the Bureau is proposing to add disaggregated subcategories for the Black or African American race category, which are not used when collecting data pursuant to Regulation C.

OMB has issued standards for the classification of Federal data on ethnicity and race. OMB's government-wide standards provide a minimum standard for maintaining, collecting, and presenting data on race and ethnicity for all Federal reporting purposes. These standards have been developed to provide “a common language for uniformity and comparability in the collection and use of data on race and ethnicity by Federal agencies.” The OMB standards provide the following minimum categories for data on ethnicity and race: Two minimum ethnicity categories (Hispanic or Latino; Not Hispanic or Latino) and five minimum race categories (American Indian or Alaska Native; Asian; Black or African American; Native Hawaiian or Other Pacific Islander; and White). The aggregate categories for ethnicity and race in Regulation C, which the Bureau is proposing to use in subpart B, conform to the OMB standards.

In addition to the minimum data categories for ethnicity and race, the OMB Federal Data Standards on Race and Ethnicity provide additional key principles. First, self-identification is the preferred means of obtaining information about an individual's ethnicity and race, except in instances where observer identification is more practical. Second, the collection of greater detail is encouraged as long as any collection that uses more detail is organized in such a way that the additional detail can be aggregated into the minimum aggregate categories for data on ethnicity and race. More detailed reporting, which can be aggregated to the minimum categories, may be used at the agencies' discretion. Lastly, Federal agencies must produce as much detailed information on ethnicity and race as possible; however, Federal agencies shall not present data on detailed categories if doing so would compromise data quality or confidentiality standards.

Although OMB received comments requesting the creation of a separate Arab or Middle Eastern ethnicity category prior to the adoption of the OMB Federal Data Standards on Race and Ethnicity in 1997, OMB accepted the Interagency Committee's recommendation not to include one in the 1997 minimum standards for reporting of Federal data on race and ethnicity. OMB noted that while it was adopting the Interagency Committee's recommendation, it believed additional research was needed to determine the best way to improve data on this population group.

In 2017, OMB requested comment on the Federal Interagency Working Group for Research on Race and Ethnicity's (Working Group's) proposals to update the OMB Federal Data Standards on Race and Ethnicity. The Working Group proposed adding a Middle Eastern or North African classification to the Federal Data Standards on Race and Ethnicity and to issue specific guidelines for the collection of detailed data for American Indian or Alaska Native, Asian, Black or African American, Hispanic or Latino, Native Hawaiian or Other Pacific Islander, and White groups. The Working Group also considered whether race and ethnicity should be collected using separate questions versus a combined question.

In considering what to propose that financial institutions collect and report with respect to the ethnicity and race of the applicant's principal owners, the Bureau believes it is also important to consider the data standards that the U.S. Census Bureau (Census Bureau) uses in the Decennial Census. The definition of Hispanic or Latino origin used in the 2010 and 2020 Census questionnaire refers to a person of Cuban, Mexican, Puerto Rican, South or Central American, or other Spanish culture or origin regardless of race. The 2010 and 2020 Census disaggregated the Hispanic or Latino ethnicity into four categories (Mexican, Mexican American, or Chicano; Puerto Rican; Cuban; and Another Hispanic, Latino or Spanish origin) and included an area where respondents could provide ( i.e., write in) a specific Hispanic, Latino, or Spanish origin group as additional information.

The 2010 and 2020 Census questionnaires listed three of OMB's five aggregate race categories (American Indian or Alaska Native; Black or African American; and White). Although the questionnaires do not list the aggregate race categories for Asian or for Native Hawaiian or Other Pacific Islander, they do list the related disaggregated subcategories for the Asian race category ( i.e., Asian Indian, Chinese, Filipino, Japanese, Korean, Vietnamese, Other Asian), and for the Native Hawaiian and Other Pacific Islander race category ( i.e., Native Hawaiian, Chamorro, Samoan, Other Pacific Islander). These questionnaires also included three areas where respondents could write in a specific race: A specific Other Asian race, a specific Other Pacific Islander race, or the name of an enrolled or principal tribe in the American Indian or Alaska Native category. Additionally, the 2020 Census allowed respondents to write in a specific origin for the White category and for the Black or African American category. For respondents who did not identify with any of the five minimum OMB race categories, the Census Bureau included a sixth race category—Some Other Race—on the 2010 and 2020 Census questionnaires. Respondents could also select one or more race categories and write-in options.

On February 28, 2017, the Census Bureau released its 2015 National Content Test: Race and Ethnicity Analysis Report. The National Content Test (NCT) provided the U.S. Census Bureau with empirical research to contribute to the planning for the content of the 2020 Census' race/ethnicity questions. The report presented findings to the Census Bureau Director and executive staff on research conducted to assess optimal design elements that could be used in question(s) on race and ethnicity. It noted that Americans view “race” and “ethnicity” differently than in decades past and that a growing number of people find the current race and ethnicity categories confusing, or they wish to see their own specific group reflected on the Census questionnaire. The NCT's research found that there have been a growing number of people who do not identify with any of the official OMB race categories, and that an increasing number of respondents have been racially classified as “Some Other Race.” This was primarily because of reporting by Hispanics who did not identify with any of the OMB race categories, but it also noted that segments of other populations, such as Afro-Caribbean and Middle Eastern or North African populations, did not identify with any of the OMB race categories. The 2015 National Content Test: Race and Ethnicity Analysis Report concluded that optimal design elements that may increase reporting, decrease item non-response, and improve data accuracy and reliability include: (1) A combined race and ethnicity question with detailed checkbox options; (2) a separate “Middle Eastern or North African” response category; and (3) instructions to “Mark all that apply” or “Select all that apply” (instead of “Mark [X] one or more boxes”).

As discussed above, the Census Bureau did not ultimately incorporate these design elements into the questionnaire for the 2020 Decennial Census. Instead, the questionnaire continued to ask about ethnicity and race in two separate questions. While the questionnaire did not provide detailed check box options for the White race category or for the Black or African American race category, the questionnaire did add write-in options and noted examples. For White, it noted examples of German, Irish, English, Italian, Lebanese, and Egyptian. For Black or African American, it noted examples of African American, Jamaican, Haitian, Nigerian, Ethiopian, and Somali. Nonetheless, as discussed below, the Bureau is requesting comment on whether the approach and design elements set forth in the 2015 National Content Test: Race and Ethnicity Report Analysis (whether in whole or in part) would improve data collection that otherwise furthers section 1071's purposes, improve self-identification of race and ethnicity by applicants and response rates, or impose burdens on financial institutions collecting and reporting this information.

Consistent with its approach during the SBREFA process, the Bureau is proposing that financial institutions must permit applicants to provide a principal owner's ethnicity and race using the aggregate categories used for HMDA data collection. The Bureau also believes that aligning the aggregate ethnicity and race categories for 1071 data collection with the HMDA data collection will promote consistency and may reduce potential confusion for applicants, financial institutions, and other users of the data. As noted above, the feedback received on the SBREFA Outline generally showed that SERs and commenters favored such consistency.

However, the Bureau is also proposing that applicants must be permitted to provide a principal owner's ethnicity and race using the disaggregated subcategories used in HMDA data collection. With respect to ethnicity data collection, the Bureau is proposing that applicants must be permitted to provide a principal owner's ethnicity using the disaggregated subcategories used in HMDA data collection. For race data collection, the Bureau is proposing that applicants must be permitted to provide a principal owner's race using the disaggregated subcategories for the Asian race category and the Native Hawaiian or Other Pacific Islander race category. Unlike HMDA, the Bureau is also proposing that applicants must be permitted to provide a principal owner's race using disaggregated subcategories for the Black or African American race category. Lastly, similar to HMDA, the Bureau is proposing to invite an applicant to provide the name of a principal or enrolled tribe for each principal owner with respect to the American Indian or Alaska Native race category.

This portion of proposed § 1002.107(a)(20) differs from the Bureau's SBREFA approach. The Bureau is proposing use of disaggregated subcategories for 1071 data collection, in part, for consistency with existing HMDA reporting requirements. Moreover, based on feedback received during the SBREFA process from SERs and other stakeholders, the Bureau believes that collection and reporting using disaggregated subcategories could be beneficial when attempting to identify potential discrimination or business and community development needs in particular communities. While the Bureau recognizes that disaggregated data may not be useful in analyzing potential discrimination where financial institutions do not have a sufficient number of applicants or borrowers within particular subgroups to permit reliable assessments of whether unlawful discrimination may have occurred, disaggregated data on ethnicity and race may help identify potentially discriminatory lending patterns in situations in which the numbers are sufficient to permit such fair lending assessments. Additionally, as suggested in the 2015 National Content Test: Race and Ethnicity Report Analysis, the use of disaggregated subcategories may increase response rates.

Nonetheless, the Bureau acknowledges the concerns that some SERs and other stakeholders raised regarding the collection and reporting of disaggregated data. In particular, the Bureau understands that including the disaggregated subcategories for four principal owners may make data collection more difficult in certain situations, such as for applications taken solely by telephone or for paper applications taken at retail locations. Given these concerns, the Bureau seeks comment on whether an accommodation should be made for certain application scenarios, for example by permitting financial institutions to collect ethnicity and race information using only the aggregate categories or to permit financial institutions to collect ethnicity, race, and sex information on only one principal owner in those scenarios. Additionally, the Bureau notes that FinCEN's CDD rule excludes from certain of its requirements point-of-sale transactions for the purchase of retail goods or services up to a limit of $50,000. For the reasons discussed in more detail in the section-by-section analysis of proposed § 1002.107(c)(1) below, the Bureau is not proposing to take this approach for the 1071 rule given the different purposes and requirements of the CDD rule (as well as FinCEN's related customer identification program (CIP) rule) and section 1071. Nonetheless, the Bureau seeks comment on whether covered applications taken at retail locations, such as credit cards and lines of credit with a credit limit under a specified amount (such as $50,000), should be excepted from some or all of the requirement to obtain principal owners' ethnicity, race, and sex information. For example, should financial institutions only be required to ask about principal owners' sex along with aggregate race and ethnicity categories (but not disaggregated subcategories), or to ask about only one principal owner's ethnicity, race, and sex for such applications?

The Bureau seeks comment on its proposed use of the HMDA aggregate categories, the HMDA disaggregated subcategories (including the ability to provide additional information if an applicant indicates that a principal owner is Other Hispanic or Latino, Other Asian, or Other Pacific Islander), and the addition of disaggregated subcategories for the Black or African American category. Additionally, the Bureau seeks comment regarding whether it would be helpful or appropriate to provide additional clarification or to pursue a different approach regarding the ability of a principal owner to identify as Other Hispanic or Latino, Other Asian, or Other Pacific Islander or to provide additional information if a principal owner is Other Hispanic or Latino, Other Asian, or Other Pacific Islander. The Bureau also seeks comment on whether any additional or different categories or subcategories should be used for 1071 data collection, and whether the collection and reporting of race and ethnicity should be combined into a single question for purposes of 1071 data collection and reporting. The Bureau further seeks comment on whether an additional category for Middle Eastern or North African should be added and, if so, how this category should be included and defined. In addition, the Bureau seeks comment on whether disaggregated subcategories should be added for the aggregate White category, and if so, what disaggregated subcategories should be added and whether the applicant should be permitted to write in or otherwise provide other disaggregated subcategories or additional information. The Bureau seeks comment on whether the approach and design elements set forth in the 2015 National Content Test: Race and Ethnicity Report Analysis would improve data collection or otherwise further section 1071's purposes, as well as whether it would pose any particular burdens or challenges for financial institutions collecting and reporting this information. Finally, the Bureau seeks comment on whether, similar to data collection pursuant to Regulation C, financial institutions should be limited to reporting a specified number of aggregate categories and disaggregated subcategories and, if so, whether such a limitation should be described in the sample data collection form.

Proposed comment 107(a)(20)-6 would explain that applicants must be permitted to provide a principal owner's ethnicity using aggregate categories and disaggregated subcategories and would also list the aggregate categories and disaggregated subcategories that applicants must be permitted to use. Proposed comment 107(a)(20)-6 would also explain that applicants must be permitted to select one, both, or none of the aggregate categories and as many disaggregated subcategories as the applicant chooses, even if the applicant does not select the corresponding aggregate category. Proposed comment 107(a)(20)-6 would state that, if an applicant provides ethnicity information for a principal owner, the financial institution reports all of the aggregate categories and disaggregated subcategories provided by the applicant, and it would provide an example. The proposed comment would state that a financial institution must also permit the applicant to refuse to provide ethnicity information for one or more principal owners and explain how a financial institution reports ethnicity information if an applicant declines to provide the information or fails to respond. Finally, the proposed comment would explain how a financial institution reports ethnicity information if an applicant has fewer than four principal owners, and it would provide an example.

Proposed comment 107(a)(20)-7 would explain that applicants must be permitted to provide a principal owner's race using aggregate categories and disaggregated subcategories and would also list the aggregate categories and disaggregated subcategories that applicants must be permitted to use. Proposed comment 107(a)(20)-7 would also explain that applicants must be permitted to select one, more than one, or none of the aggregate categories and as many disaggregated subcategories as the applicant chooses, even if the applicant does not select the corresponding aggregate category. Proposed comment 107(a)(20)-7 would explain that, if an applicant provides race information for a principal owner, the financial institution reports all of the aggregate categories and disaggregated subcategories provided by the applicant, and it would provide an example. The proposed comment would state that a financial institution must also permit the applicant to refuse to provide race information for one or more principal owners and explains how a financial institution reports race information if an applicant declines to provide the information or fails to respond. Finally, the proposed comment would explain how a financial institution reports race information if an applicant has fewer than four principal owners, and it would provide an example.

Proposed Rule—Collecting Sex

Federal, State, and local government agencies have been moving to providing options for designating sex beyond the binary options of male or female. At the Federal level, for example, the Department of State has announced that it is planning to offer the option of a new gender marker for non-binary, intersex, and gender non-conforming persons. It will be available for passports and Consular Reports of Birth Abroad as an alternative to male or female. The Food and Drug Administration includes the gender options female, male, intersex, transgender, and “prefer not to disclose” on certain patient forms. A number of States and the District of Columbia, as well as some local governments, offer an alternative sex or gender designation to male and female ( e.g., “X”) on government-issued documents and forms such as drivers' licenses and identification cards, and in some cases birth certificates.

The Supreme Court's opinion last year in Bostock v. Clayton County concluded that sex discrimination encompasses sexual orientation discrimination and gender identity discrimination, and that these forms of discrimination necessarily involve consideration of sex. It reached this conclusion in the context of Title VII of the Civil Rights Act of 1964, as amended, which prohibits sex discrimination in employment. Following the issuance of the Supreme Court's opinion and building on a 2016 letter the Bureau sent to an advocacy organization, the Bureau issued an interpretive rule clarifying that ECOA's and Regulation B's prohibition on discrimination based on sex protects against discrimination based on sexual orientation, gender identity, actual or perceived nonconformity with sex based or gender-based stereotypes, and the sex of people associated with the applicant. Other Federal agencies have similarly clarified that other statutes that protect against discrimination based on sex protect against discrimination based on sexual orientation and gender identity.

Some other Federal agencies have also begun to re-consider how they collect information on sex by including questions about sexual orientation and gender identity as part of questions about sex. For example, the Census Bureau released the Household Pulse Survey, which asked questions about sex assigned at birth, current gender identity, and sexual orientation. Specifically, the Household Pulse Survey includes the following three questions:

1. What sex were you assigned at birth, on your original birth certificate? (A respondent could provide a response of male or female.)

2. Do you currently describe yourself as male, female or transgender? (A respondent also could provide a response of “none of these.”)

3. Which of the following best represents how you think of yourself?

In response to the third question, a respondent would select from the following responses: (1) Gay or lesbian; (2) Straight, that is not gay or lesbian; (3) Bisexual; (4) Something else; or (5) I don't know.

Other Federal agencies and initiatives have encouraged sexual orientation and gender identity data collection in health care settings.

In light of the Bureau's recent ECOA interpretive rule, the continued evolution of categories used for sex data collection purposes at the Federal, State, and local government levels, and feedback on the SBREFA Outline, the Bureau is proposing to collect information about sex for purposes of section 1071 more expansively than was under consideration in the SBREFA Outline. Specifically, the Bureau is proposing adding an option for “I prefer to self-describe” (with the ability of the applicant to write in or otherwise provide additional information) for the principal owner's sex to accompany the existing “male,” “female,” and “I do not wish to provide this information” options currently used on the HMDA sample data collection form.

Proposed comment 107(a)(20)-8 would explain that an applicant must be permitted to provide a principal owner's sex using one or more of the following categories: Male, Female, and/or that the principal owner prefers to self-describe their sex. It would further explain that, if an applicant indicates that a principal owner prefers to self-describe their sex, the financial institution would be required to permit the applicant to provide additional information about the principal owner's sex. The financial institution would report to the Bureau the additional information provided by the applicant as free-form text.

Proposed comment 107(a)(20)-8 would state that a financial institution must permit an applicant to select as many categories as the applicant chooses and that the financial institution reports the category or categories selected by the applicant, including any additional information provided by the applicant, or reports that the applicant refused to provide the information or failed to respond. It would clarify that a financial institution is not permitted to report sex based on visual observation, surname, or any basis other than the applicant-provided information. Finally, proposed comment 107(a)(20)-8 would explain how a financial institution would report sex if an applicant has fewer than four principal owners, provide an example, and direct financial institutions to proposed appendix G for additional information on collecting and reporting a principal owner's sex.

The Bureau seeks comment on its proposed approach to requesting information about a principal owner's sex, including the opportunity for self-identification (by allowing the applicant to write in or otherwise provide additional information). The Bureau also seeks comment on whether the sample data collection form should list examples from which the applicant could choose when a principal owner self-identifies and an applicant writes in or otherwise provides additional information about the principal owner's sex, such as “intersex,” “non-binary,” or “transgender.” The Bureau also seeks comment on whether, alternatively, sex should be collected solely via the “I prefer to self-describe” option (with the ability to write in or otherwise provide additional information)—that is, without male and female being listed as options. The Bureau also seeks comment on whether applicants should be restricted from designating more than one category for a principal owner's sex ( e.g., from selecting both “Female” and “I prefer to self-describe”).

The Bureau also seeks comment on whether financial institutions should be required to ask separate questions regarding sex, sexual orientation, and gender identity and, if so, what categories should be offered for use in responding to each question. For example, the Bureau requests comment on whether the sample data collection form should include the three questions and related responses (described above) from the Pulse Household Survey questionnaire, or a check box for “Principal owner identifies as LGBTQ+” with an accompanying space for providing additional information. The Bureau also seeks comment on whether it should adopt a data point to collect an applicant's lesbian, gay, bisexual, transgender, or queer plus (LGBTQ+)-owned business status, similar to the way it is proposing to collect minority-owned business status and women-owned business status as discussed in the section-by-section analysis of proposed § 1002.107(a)(18) and (19) above. The Bureau also seeks comment on whether including such questions would improve data collection or otherwise further section 1071's purposes, as well as whether it would pose any particular burdens or challenges for industry.

In addition, to ensure that a financial institution's representation of nondiscrimination on the basis of sex information provided by the applicant is consistent with the protections afforded under ECOA and Regulation B, the Bureau seeks comment on whether ambiguity exists for any responses that an applicant might reasonably use to self-describe a principal owner's sex for purposes of section 1071 (for example, intersex status) and if clarification may be needed.

Finally, the Bureau also requests information on Federal, State, and local government initiatives, as well as private sector initiatives, involving the use of sex categories other than male and female and the inclusion of questions regarding sexual orientation and gender identity in demographic information.

Proposed Rule—Collecting Ethnicity and Race via Visual Observation or Surname in Certain Circumstances

The Bureau is proposing that financial institutions be required to collect and report at least one principal owner's ethnicity and race based on visual observation and/or surname in certain circumstances. Specifically, a financial institution would be required to report at least one principal owner's ethnicity and race based on visual observation and/or surname if the financial institution meets in person with one or more of the applicant's principal owners and the applicant does not provide ethnicity, race, or sex information for at least one principal owner in response to the financial institution's inquiry pursuant to proposed § 1002.107(a)(20).

Although the Bureau indicated in the SBREFA Outline that it was not considering proposing that financial institutions report a principal owner's race, sex, and ethnicity based on visual observation and/or surname, the Bureau asked SERs to provide feedback about the potential challenges, costs, and benefits of implementing such a requirement for applicants who do not self-report the information. The Bureau also asked SERs to provide feedback about how those potential challenges and costs would change if reporting based on visual observation and/or surname was required only if the applicant is a sole proprietor but not if the applicant is an entity. Although many SERs and commenters opposed reporting ethnicity, race, or sex on the basis of visual observation and/or surname, some other commenters said that financial institutions should be required to report based on visual observation and/or surname in certain circumstances. Additionally, one SER specifically noted that the Bureau would need to account for lower self-reporting rates than are achieved for HMDA reporting. Consistent with this feedback, the Bureau notes that demographic response rates in the SBA's Paycheck Protection Program (PPP) data are much lower when compared to ethnicity, race, and sex response rates in HMDA data. For instance, roughly 71 percent of respondents in the PPP data did not provide a response for race, compared to only 14.7 percent in the HMDA data. Roughly 66 percent of respondents in the PPP data did not provide a response for ethnicity, compared to only 14.3 percent in the HMDA data.

Without a visual observation and/or surname collection requirement, the Bureau believes that meaningful analysis of the 1071 principal owner race and ethnicity data could be difficult, significantly undermining section 1071's fair lending purpose. Comprehensive and accurate collection and reporting of data is also vital to section 1071's business and community development purpose. Historically, one challenge under HMDA has been the reluctance of some applicants to voluntarily provide requested demographic information, such as race and ethnicity. The requirement in Regulation C to collect race, sex, and ethnicity on the basis of visual observation or surname is an important tool to address that challenge, and the Bureau believes that the requirement has resulted in more robust response rates in the HMDA data. The Bureau has considered the feedback in response to the SBREFA Outline and this related information and has determined that not proposing a requirement to report based on visual observation and/or surname could diminish the utility of the 1071 data.

Accordingly, the Bureau has determined that the appropriate approach to further section 1071's purposes is to propose to require that financial institutions collect at least one principal owner's race and ethnicity (but not sex) on the basis of visual observation and/or surname when the applicant does not provide ethnicity, race or sex information for at least one principal owner and the financial institution meets in person with one or more principal owners. In other words, a financial institution would not be required to collect race and ethnicity via visual observation and/or surname if the applicant provides any demographic information regarding any principal owner. The Bureau is concerned that, for applicants with multiple principal owners, the financial institution may not be able to determine whether the applicant has provided the demographic information, for example the sex, of the principal owner who meets in person with the financial institution or for another principal owner. The Bureau seeks comment on this proposed approach. The Bureau also seeks comment on whether a financial institution should be required to collect a principal owner's ethnicity and/or race via visual observation and/or surname if the applicant has only one principal owner, the applicant does not provide the principal owner's information, and the financial institution meets in person with the principal owner. In this situation, the financial institution would be able to “match” any demographic information that the applicant provides with the correct the principal owner because there is only one principal owner.

Proposed comment 107(a)(20)-9 would explain that a financial institution is required to report ethnicity and race (but not sex) based on visual observation and/or surname in certain circumstances. The proposed comment would explain that if a financial institution meets in person with one or more of an applicant's principal owners and the applicant does not provide ethnicity, race, or sex information for at least one principal owner, the financial institution must report at least one principal owner's ethnicity and race (but not sex) based on visual observation, surname, or a combination of both visual observation and surname. It would further explain that a financial institution is not required to report based on visual observation and/or surname if the principal owner only meets in person with a third party through whom the applicant is submitting an application to the financial institution and would provide an example.

Proposed comment 107(a)(20)-10 would clarify that a financial institution meets with a principal owner in person if an employee or officer of the financial institution or one of its affiliates has a meeting or discussion with the applicant's principal owner about an application and can visually observe the principal owner. The proposed comment would also provide examples of situations where the financial institution meets in person with a principal owner and where it does not. The Bureau requests comment on this approach and whether additional or different examples are necessary.

Proposed comment 107(a)(20)-11 would clarify that a financial institution uses only aggregate categories when reporting ethnicity and race based on visual observation and/or surname and would direct financial institutions to proposed appendix G for additional information on collecting and reporting ethnicity and race based on visual observation and/or surname. However, the Bureau requests comment on whether financial institutions should be permitted, but not required, to use the disaggregated subcategories (in addition to the required aggregate categories) when reporting race and ethnicity based on visual observation and/or surname.

In addition to the specific matters identified above, the Bureau seeks comment on its proposed approach to this data point, the proposed methods of collecting and reporting the data, and requests comment on whether additional clarification regarding any aspect of this data point is needed.

107(a)(21) Number of Principal Owners

ECOA section 704B(e)(2)(H) authorizes the Bureau to require financial institutions to compile and maintain “any additional data that the Bureau determines would aid in fulfilling the purposes of [section 1071].” The Bureau believes that collection of the number of principal owners of an applicant would aid in fulfilling the purposes of section 1071, as explained below.

The Bureau did not address the number of principal owners as a potential data point under consideration in the SBREFA Outline, although it did seek feedback on several questions related to the number of applicants' principal owners. To facilitate collection of the ethnicity, race, and sex of applicants' principal owners pursuant to proposed § 1002.107(a)(20), the Bureau is proposing that financial institutions collect and report the number of an applicant's principal owners.

Section 1071 uses the term “principal owner” but does not define it. Proposed § 1002.102(o) would define a principal owner as a natural person who directly owns 25 percent or more of the equity interests of a business. Thus, under this proposed definition, it is possible that an applicant would have no principal owners or between one and four principal owners.

As explained in proposed comment 107(a)(21)-1, a financial institution would be able to collect an applicant's number of principal owners by requesting the number of principal owners from the applicant or by determining the number of principal owners from information provided by the applicant or that the financial institution otherwise obtains. If the financial institution asks the applicant to provide the number of its principal owners pursuant to proposed § 1002.107(a)(21), the financial institution must provide the definition of principal owner set forth in proposed § 1002.102(o). If permitted pursuant to proposed § 1002.107(c)(2), a financial institution could report an applicant's number of principal owners based on previously collected data.

The Bureau believes that an applicant is likely to know how many principal owners it has and should not have significant difficulties or objections to providing this basic piece of information. Moreover, the Bureau understands that financial institutions are already obtaining information about principal owners. Further, this additional information would aid in fulfilling the purposes of section 1071 as it may provide necessary context for other data points. For example, if an applicant reports the ethnicity, race, and sex for one principal owner, having the total number of principal owners would permit the Bureau and other data users to know whether that owner's demographics represents the demographics of the entirety of the applicant's principal ownership or merely one quarter of it. This information would help data users in fulfilling both the fair lending and business and community development purposes of section 1071.

Proposed comment 107(a)(21)-2 would clarify the relationship between the proposed requirement to collect and report the number of principal owners in proposed § 1002.107(a)(21) with the proposed requirement to report verified information in proposed § 1002.107(b). The proposed comment would state that the financial institution may rely on an applicant's statements in collecting and reporting the number of the applicant's principal owners. The financial institution would not be required to verify the number of principal owners provided by the applicant, but if the financial institution verifies the number of principal owners, then the financial institution would be required to report the verified number of principal owners.

Proposed comment 107(a)(21)-3 would state that pursuant to proposed § 1002.107(c)(1), a financial institution is required to maintain procedures reasonably designed to collect applicant-provided information, which includes the applicant's number of principal owners. However, if a financial institution is nonetheless unable to collect or determine the number of principal owners of the applicant, the financial institution would report that the number of principal owners is “not provided by applicant and otherwise undetermined.”

The Bureau seeks comment on its proposed approach to this data point. The Bureau also seeks comment on whether the Bureau should instead, or additionally, require collection and reporting of similar information about owners (rather than principal owners). For example, should the Bureau require that financial institutions collect and report the number of owners that an applicant has that are not natural persons, in order to obtain a more complete picture of the applicant's ownership structure?

107(b) Verification of Applicant-Provided Information

ECOA section 704B(e)(1) provides that “[e]ach financial institution shall compile and maintain, in accordance with regulations of the Bureau, a record of the information provided by any loan applicant pursuant to a request under [section 704B(b)].” Section 1071 does not impose any requirement for a financial institution to verify the information provided by an applicant.

In the SBREFA Outline, the Bureau did not include a general statement about the issue of verification of applicant-provided data points. For certain data points such as time in business, however, the Outline did explain that the Bureau was considering proposing that if the financial institution did not verify the information provided by the applicant, the financial institution would report the information provided by the applicant. If the financial institution did verify the information provided by the applicant, the Outline explained that the financial institution would report the verified information. The Outline did not state that the Bureau was considering proposing that a financial institution would be required to verify any of the applicant-provided data points.

As explained in the section-by-section analysis of proposed § 1002.107(a) above, a number of SERs urged the Bureau to require collection and reporting of a number of data points based only on information as provided by the applicant. No SERs stated that they thought verification should be generally required. The industry stakeholders who commented on this issue asked that the Bureau not require verification of applicant-provided information. The Bureau did not receive any comments on this issue from community group stakeholders.

The Bureau is proposing in § 1002.107(b) that unless otherwise provided in subpart B, the financial institution would be able to rely on statements of the applicant when compiling data unless it verifies the information provided, in which case it would be required to collect and report the verified information. Proposed comment 107(b)-1 would explain that a financial institution may rely on statements made by an applicant (whether made in writing or orally) or information provided by an applicant when compiling and reporting data pursuant to the 1071 rule for applicant-provided data; the financial institution would not be required to verify those statements. Proposed comment 107(b)-1 would further explain, however, that if the financial institution does verify applicant statements for its own business purposes, such as statements relating to gross annual revenue or time in business, the financial institution would report the verified information. The comment would go on to explain that, depending on the circumstances and the financial institution's procedures, certain applicant-provided data could be collected without a specific request from the applicant. For example, gross annual revenue could be collected from tax return documents. In addition, the proposed comment would make clear that applicant-provided data are the data that are or could be provided by the applicant, including those in proposed § 1002.107(a)(5) through (7), and (13) through (21). Finally, proposed comment 107(b)-1 would provide a cross reference to proposed comment 107(c)(2)-3, which would discuss the possible reuse of certain previously collected data.

The Bureau believes that requiring verification of applicant-provided data points would greatly increase the operational burden of the 1071 rule, and that relying on applicant-provided data would ensure sufficient accuracy to carry out the purposes of section 1071. As discussed above, section 1071 does not speak to verification; rather it refers only to compiling and maintaining a record of certain information provided by an applicant. However, the Bureau believes that requiring financial institutions to collect and report (for the 1071 rule) information that they have already verified would not add operational difficulty, and would enhance the accuracy and usefulness of the data, thereby furthering the purposes of section 1071. The Bureau is implementing this requirement pursuant to its authority under ECOA section 704B(g)(1) to prescribe rules in order to carry out, enforce, and compile data pursuant to section 1071, and as an interpretation of the statutory phrase “compile and maintain” in ECOA section 704B(e)(1). In the Bureau's view, the verification that the financial institution chooses to carry out is part of compiling and maintaining the information provided by the applicant, and this requirement will improve the quality and usefulness of the resulting 1071 data set.

As discussed above, many SERs and other stakeholders opposed the inclusion of a verification requirement, and the Bureau has taken their input into account when crafting this proposed provision.

The Bureau seeks comment on its proposed approach to verification of the 1071 data points, including the specific guidance that would be presented in comment 107(b)-1. The Bureau also seeks comment on whether financial institutions should be required to indicate whether particular data points being reported have been verified or not.

107(c) Time and Manner of Collection

107(c)(1) In General

Background

Although the definition of “application” triggers a financial institution's duty to collect 1071 data, the application definition does not necessarily govern when that data must be collected. The language and structure of section 1071—which applies to “applications” from “applicants”—indicates that the data must be collected sometime during the application process, but does not provide further detail.

Financial institutions have expressed concern about when applicant-provided data must be collected, and particularly the timing of collecting applicants' protected demographic information (that is, whether the applicant is a minority-owned business or a women-owned business, and the ethnicity, race, and sex of the applicant's principal owners, pursuant to proposed § 1002.107(a)(18) through (20)). Collecting this protected demographic information from applicants for purposes of section 1071 has been a particular concern for financial institutions, as financial institutions currently are generally prohibited from collecting such information except in narrow circumstances. As such, its required collection under section 1071 will be a departure from current practice for most financial institutions.

SBREFA Proposal Under Consideration and Feedback Received

In the SBREFA Outline, the Bureau stated that it was not currently considering specifying a particular time period in which financial institutions must seek to collect 1071 data from applicants. It also conveyed that it was seeking to provide financial institutions discretion and flexibility to time their 1071 data collection at a point during the application process that works best for their processes and relationships with applicants and to avoid unnecessary costs, while still fulfilling section 1071's purposes. The Bureau also noted that it had considered possible alternatives of requiring financial institutions to collect 1071 data within or by a specified time period, such as simultaneous with the triggering of an “application,” before obtaining a “completed application,” or before notifying the applicant of action taken.

Most SERs that addressed the issue of timing for data collection indicated that they plan to collect 1071 data, and particularly applicants' protected demographic information (as would be required under proposed § 1002.107(a)(18) through (20)), early in the application process and likely at the time an application is initially being submitted. These SERs felt that the longer they wait to request 1071 data, the more difficult or infeasible it will be to gather the information from applicants. Another SER urged the Bureau to give financial institutions flexibility to explore optimal timing for collection of 1071-required protected demographic information in order to maximize the response rate without discouraging applicants from pursuing the application. This SER suggested that protected demographic information should be collected during the application process, but before the application is considered complete. The SBREFA Panel recommended that the Bureau seek comment on whether it is necessary to specify a time period specifically for the collection of 1071-required protected demographic information, and if so, what would be the best period to designate.

Nearly all industry stakeholders to comment on this issue supported the Bureau not specifying a time period, and instead giving financial institutions discretion to set their own optimal timing for the collection of applicant-provided 1071 data. The commenters noted that given the variety of products, financial institutions, and business models in small business lending, a one-size-fits-all approach would be unworkable and could disrupt financial institutions' processes. Some commenters also highlighted the complexity of small business lending applications and stated that flexible collection would provide greater simplicity, reduce burden, and allow for more accurate reporting, particularly where not all the data points are available at the time of collection. A few commenters sought flexibility due to concerns that if protected demographic information is collected early on in the process, an applicant would believe that information would be used to discriminate against them. One commenter suggested looking at FinCEN's customer due diligence rule, which allows for information collection at the time of closing. Although industry commenters generally favored flexibility, several stated they would likely collect 1071 data as early as possible in order to ensure data quality and collection. One stakeholder stated that applicant-provided data would be impossible to get if an application is withdrawn, incomplete, or denied before the required data are requested. Another industry commenter suggested the Bureau allow flexibility, but provide a safe harbor for financial institutions that collect applicant-provided data points on or with the application.

Many of the commenters seeking flexibility stated that point-of-sale (POS) applications would be particularly problematic with a rigid timing requirement. POS applications include those private label credit cards or other products offered through retailers in which the financial institution itself does not interact with the applicant at the time of application. POS applications are taken in a variety of different settings and locations, such as at the checkout line, online, or at customer service desks. Commenters urged that they would need additional flexibility for a POS application to request 1071 data, such as at some point reasonably following application submission. Commenters cited concerns about the accuracy and completeness of data collected in a POS application: Interactions are with retailer's employees who may not be able to answer questions about the data collection, interactions often take place in a public place (which may lead to erroneous answers or refusals to answer), and the person submitting a POS application may not have relevant knowledge to respond to the 1071-required questions, leading to delayed or abandoned applications. Commenters also expressed concern that reporting of POS applications would reflect the retailer's lending footprint, not the financial institution's, and so lead to incorrect assumptions about the financial institution's lending.

A number of stakeholders, including community groups and several financial institutions, urged the Bureau to specify a time period for the collection of 1071 data, stating that failure to do so would undermine the accuracy of the data. The commenters stated that complete flexibility would result in inconsistent and unreliable data since financial institutions would be collecting the data at different stages of the application process. The commenters stated that financial institutions that wait to collect the data would have difficulty obtaining applicant-provided information if the application was withdrawn, incomplete, or denied. The commenters also noted that discrimination is likely to occur in the early stages of the application process, and would not be captured if financial institutions are permitted to delay data collection. One commenter stated that requiring collection at the time of application could also promote non-discriminatory treatment as it would impress upon lenders and applicants the need for fair treatment. An industry commenter stated that not specifying a time period may lead to financial institution regulatory paralysis or confusion about when to collect 1071 data from applicants.

Among commenters that recommended a specific time period for collection, many suggested collecting applicant-provided data at the time of an application or otherwise “upfront.” One commenter noted that 1071-required data could be built into the application itself. On the other hand, several commenters suggested 1071 data should be collected any time before an application is considered complete or, one commenter suggested, when financial institutions know that 1071 collection will be required. The commenters stated that this would be the time period during which applicants are most likely to voluntarily provide the data, would ensure comparable data across lenders, and would still provide financial institutions flexibility to account for various application processes. One commenter suggested testing and focus groups to determine optimal timing. Otherwise, the commenter suggested 1071 data be collected before a financial institution disburses funds to the applicant.

Proposed Rule

The Bureau is proposing § 1002.107(c)(1), which would require a covered financial institution to maintain procedures to collect applicant-provided data under proposed § 1002.107(a) at a time and in a manner that is reasonably designed to obtain a response. The Bureau agrees with SERs and other stakeholders about the benefits of providing a flexible approach concerning when applicant-provided data must be collected during the application process. As noted by some commenters, given the variety of application processes in the small business lending space, requiring 1071 data collection to occur within a narrow window may affect data quality and disrupt financial institution practices. On the other hand, the Bureau believes that safeguards are necessary to ensure that financial institutions are not evading or delaying their obligation to collect 1071 data in a manner that detrimentally affects response rates. In light of these considerations, the Bureau is proposing an approach that would maintain flexibility, but require a financial institution to maintain procedures to collect applicant-provided data at a time and in a manner that is reasonably designed to obtain a response. This proposal thus implements the flexible approach under consideration in the SBREFA Outline, though with additional safeguards.

Proposed comments 107(c)(1)-1 and -2 would clarify the meaning of financial institution “procedures” and reiterate a financial institution's latitude to establish procedures concerning the timing and manner that it collects applicant-provided data, provided that those procedures are reasonably designed to collect the applicant-provided data in proposed § 1002.107(a).

Proposed comment 107(c)(1)-3 would clarify what constitutes “applicant-provided data” in proposed § 1002.107(c)(1). The proposed comment would also clarify that applicant-provided data does not include data that is generated or supplied only by the financial institution. The Bureau believes this clarification would address commenter concerns that certain data points collected early in the process may not be as accurate (or available) as data available at a later time—for example, information on action taken is only available late in the application process.

Proposed comment 107(c)(1)-4 would provide additional guidance on financial institutions' procedures that are reasonably designed to obtain a response. As noted in proposed comment 107(c)(1)-4, a financial institution would assess on a periodic basis whether its procedures are reasonably designed. One way a financial institution may be able to assess whether its procedures are reasonably designed would be, once 1071 data are made publicly available, to compare its response rate with similarly situated financial institutions (for example, those that offer similar products, use a similar lending model, or are of a similar size). The Bureau also anticipates that the response rate will differ depending on the data point: Some applicant-provided data points (for example, time in business) may have a higher response rate than other applicant-provided data points (such as a principal owner's race, sex, and ethnicity). The key is for a financial institution to assess on a periodic basis whether its procedures are reasonably designed to obtain a response.

Proposed comments 107(c)(1)-5 and -6 would provide examples of procedures that generally are and are not reasonably designed to obtain a response. Although the inquiry requires a fact-based determination, the Bureau believes providing examples and further guidance of practices that likely are and are not reasonably designed to obtain a response would facilitate compliance and promote best practices. For example, the Bureau believes that, as a general matter, once there is a “covered application,” the earlier a financial institution seeks to collect applicant-provided information, the greater the likelihood of obtaining an applicant response (particularly for covered applications that are later withdrawn or left incomplete). Thus, the Bureau believes that, as a general matter, a procedure reasonably designed to obtain a response is one in which a financial institution requests applicant-provided data at the time of a covered application. For example, it could request these data in connection with a written application form, provided any collection form requesting applicants' protected demographic information pursuant to proposed § 1002.107(a)(18) through (20) is separate from the application form and other documents used to collect other information related to the application, as would be required by proposed § 1002.111(b). Collecting applicant-provided data after a covered application is submitted—for example, while the application is being completed through the submission of additional documents and verifications—may be reasonably designed to obtain a response depending on the particular financial institution's procedures, with earlier collections more likely to be reasonably designed. The Bureau believes providing such compliance examples would incentivize early collection and be consistent with the practice many SERs and other industry commenters indicated they planned to follow in any event. While some commenters stated that an applicant may be reluctant to respond to early collection due to concerns that the information may be used to discriminate against them, the Bureau believes those concerns can be addressed through the use of a data collection form (such as the sample collection form in proposed appendix E) that would explain to applicants the reason the information is being collected. Moreover, the Bureau notes that financial institutions regularly collect data required by HMDA and Regulation C at the time of application without significant issue and that the sample data collection form in Regulation C similarly provides an explanation to applicants as to the reason protected demographic information is being collected.

Conversely, the Bureau believes that, as a general matter, it is unlikely that small business applicants will respond to data requests that occur simultaneous with or after notifying an applicant of action taken on the covered application. Depending on the particular facts, however, these procedures may be reasonably designed to obtain a response; for example, if the financial institution has evidence or a reason to believe that under its procedures the response rate would be similar to or better than other alternatives. Although a fact-based determination, proposed comment 107(c)(1)-6 would clarify that such procedures would generally not be considered “reasonably designed.”

Proposed comment 107(c)(1)-7 would explain that a financial institution reports updated applicant-provided data if it obtains more current data during the application process. Proposed comment 107(c)(1)-8 would provide guidance in the event a financial institution changes its determination regarding an applicant's status as a small business.

Many industry commenters discussed the need for additional flexibility specifically for POS applications. The Bureau understands that many (though not all) POS applications, particularly those for smaller credit amounts or to purchase particular goods in a store, are often submitted on-site at POS and decisioned in real time. Under proposed § 1002.107(c)(1) and associated commentary, the Bureau anticipates that most financial institutions would generally collect applicant-provided 1071 data at POS, and not at some later time after the credit request has been decisioned and the applicant has left the store, as suggested by some commenters. Despite the comments on this issue, the Bureau is not proposing a different approach for collecting applicant-provided data specifically for POS applications. Commenters raised concerns about retail employees seeking to collect 1071 required data in a public setting. However, the Bureau believes that financial institutions can develop procedures to accommodate collection in this setting, including (as discussed above) by using the sample collection form developed by the Bureau. The Bureau also does not believe that any specialized knowledge is necessary to collect 1071 data, and so believes that retail employees can collect the information. Although it is possible that the accuracy of the data collected in POS applications may be more prone to errors, as some commenters allege, the Bureau believes that having such data, even with decreased accuracy, would be preferable to not having any applicant-provided data for such applications.

Several industry commenters suggested the Bureau look to FinCEN's customer due diligence (CDD) rule, which excludes from certain of its requirements POS transactions to provide credit products solely for the purchase of retail goods/services up to a limit of $50,000. The Bureau is not proposing to take this approach given the different purposes and requirements of the CDD rule and section 1071. The purpose of the CDD rule is to improve financial transparency and prevent criminals and terrorists from misusing companies to disguise their illicit activities and launder their ill-gotten gains. Under the CDD rule, covered financial institutions must identify and verify the identity of natural persons (known as beneficial owners) of legal entity customers who own, control, and profit from companies when those companies open accounts. The CDD exclusion for certain POS transactions is based on the “very low risk posed by opening such accounts at [a] brick and mortar store.” While the CDD rule (and the customer identification program (CIP) rule ) focus on accounts (including certain originated loans), obtaining data on denials is essential to 1071's purposes. Moreover, unlike the CDD and CIP rules, which require covered financial institutions to collect certain essential information, section 1071 only requires that financial institutions seek to collect applicants' protected demographic information, and permits applicants to refuse to provide that information. Given these key differences, the Bureau is not proposing to follow the CIP and CDD rules concerning timing of collection or the exclusion of certain POS applications.

The Bureau seeks comment on proposed § 1002.107(c)(1) and associated commentary. As recommended by the SBREFA Panel, the Bureau seeks comment on whether it is necessary to specify a time period specifically for the collection of protected 1071 demographic information, and if so, what time period the Bureau should designate. The Bureau also seeks comment on the examples set forth in proposed comments 107(c)(1)-5 and -6, and whether it would be useful to provide additional examples of procedures that are and that are not reasonably designed to obtain a response. In addition, the Bureau seeks comment on its proposed approach for POS applications, including its proposal that would not make any particular exceptions for the timing and manner of 1071 data collection for POS applications.

107(c)(2) Previously Collected Data

In the SBREFA Outline, the Bureau emphasized that it was seeking to provide financial institutions with discretion and flexibility in the timing of 1071 data collection, in light of considerations including their relationships with applicants and the need to avoid unnecessary costs. The Bureau did not specifically discuss whether a financial institution could meet its 1071 obligations on a covered application by reusing certain data it had previously collected from the same applicant. In response to the Bureau's proposal under consideration concerning timing of collection of certain 1071 data, however, a commenter suggested financial institutions provide annual certification of 1071 data where there is an ongoing customer relationship. The commenter noted that the data are unlikely to change within a year, there may be multiple transactions during that time, and it would avoid financial institutions and applicants having to provide the information during the application process, saving time and expense.

The Bureau is proposing § 1002.107(c)(2), which would permit, but not require, a financial institution to reuse previously collected data to satisfy proposed § 1002.107(a)(13) through (21) if the data were collected within the same calendar year as the current covered application and the financial institution has no reason to believe the data are inaccurate. The Bureau believes that, absent a reason to suspect otherwise, recently collected 1071 data are likely to be reliable. Additionally, the Bureau believes that a flexible approach giving financial institutions discretion to reuse these data is consistent with the approach the Bureau proposed at SBREFA. Although proposed § 1002.107(c)(2) would apply to certain data collected within the same calendar year, nothing prevents a financial institution from confirming with the applicant whether information collected more than a year ago from the applicant remains accurate.

Proposed comment 107(c)(2)-1 would provide an example of how certain previously collected data can be reused by a financial institution. Proposed comment 107(c)(2)-2 would identify the particular data that can be reused. The comment would also clarify that other data required by proposed § 1002.107(a) could not be reused, as those data points are specific and unique to each covered application. Proposed comment 107(c)(2)-3 would clarify instances where data have not been “previously collected” and so cannot be reused under proposed § 1002.107(c)(2).

Proposed comment 107(c)(2)-4 would provide guidance on when information is considered collected in the same calendar year, and so may be reused by a financial institution in certain circumstances. In particular, the proposed comment discusses applications that span more than one calendar year.

Proposed comment 107(c)(2)-5 would provide clarity and an example of when a financial institution has reason to believe data may be inaccurate, and so cannot be reused for a subsequent covered application. Finally, proposed comments 107(c)(2)-6 and -7 would provide guidance on when data regarding minority-owned business status, women-owned business status, and data on the principal owners' ethnicity, race, and sex may be reused by a financial institution in a subsequent covered application.

The Bureau seeks comment on § 1002.107(c)(2) and associated commentary. The Bureau also seeks comment on whether a period of one calendar year to reuse certain previously collected data is appropriate or whether it should be extended to a longer period (such as two or three years). In addition, the Bureau seeks comment on whether financial institutions should be required to notify applicants that information they provide (including, in particular, minority-owned business status, women-owned business status, and the principal owners' ethnicity, race, and sex) could be reused for subsequent applications.

Section 1002.108 Firewall

Background

ECOA section 704B(d) generally restricts the access of certain individuals at a financial institution or its affiliates to certain information provided by an applicant pursuant to section 1071. The Bureau calls this requirement in 704B(d) a “firewall.” More specifically, 704B(d)(1) states that “[w]here feasible,” underwriters and other officers and employees of a financial institution or its affiliates “involved in making any determination concerning an application for credit” cannot have access to any information provided by the applicant pursuant to a request under 704B(b). That is, the statute limits access not only by underwriters and persons making an underwriting decision but also by anyone else involved in making any determination concerning an application. However, it does not expressly define the term “feasible” or provide clarification regarding what it means to be involved in making any determination concerning an application for credit.

Additionally, under ECOA section 704B(d)(2), if the financial institution determines that an underwriter, employee, or officer involved in making a determination “should have access” to any information provided by the applicant pursuant to a request under 704B(b), the financial institution must provide a notice to the applicant of the underwriter's access to such information, along with notice that the financial institution may not discriminate on the basis of such information. Section 704B(d)(2) does not expressly define or describe when an underwriter, employee, or officer “should have access,” nor does it explain the relationship, if any, between when a financial institution determines that an individual “should have access” under 704B(d)(2) and whether it is “feasible” to implement and maintain a firewall under 704B(d)(1).

The Bureau believes that ECOA section 704B(d) contains significant ambiguities with respect to how financial institutions, in practical terms, should determine how to implement a firewall to limit underwriters', employees', and officers' access to the information provided by applicants pursuant to section 704B(b). Indeed, based on feedback from SERs and other commenters, the Bureau believes that in many instances financial institutions that find it not “feasible” to implement and maintain a firewall will be the same institutions determining that relevant individuals “should have access” to the information provided by an applicant pursuant to 704B(b). The Bureau further believes that reading these two provisions in isolation from each other would result in significant confusion and challenges, particularly for smaller financial institutions.

Accordingly, the Bureau believes that section 1071's firewall requirement is best implemented by reading the “should have access” language in ECOA section 704B(d)(2) in conjunction with the “feasibility” language in 704B(d)(1). In 704B(d)(1), if it is feasible to implement and maintain a firewall, then underwriters, other employees, and officers shall not have access to the information subject to the firewall; but it is not feasible to implement and maintain a firewall if an underwriter, other employee, or officer subject to the firewall should have access to that information. If it is not feasible to implement and maintain a firewall, then that underwriter, other employee, or officer who should have access is permitted to have access so long as the financial institution provides a notice to the applicant.

As discussed in greater detail above in E.2 of the Overview to this part V, the Bureau also believes that section 1071 is ambiguous with respect to the meaning of “any information provided by the applicant pursuant to a request under subsection (b).” On the one hand, ECOA section 704B(b)(1) directs financial institutions to inquire whether a business is “a women-owned, minority-owned, or small business,” so the phrase could be interpreted as referring only to those three data points. Section 704B(e), however, indicates that the scope of 704B(b) is much broader. It instructs financial institutions that “information provided by any loan applicant pursuant to a request under subsection (b) . . . shall be itemized in order to clearly and conspicuously disclose” data including the loan type and purpose, the amount of credit applied for and approved, and gross annual revenue, among others. In other words, 704B(e) designates all of the information that financial institutions are required to compile and maintain—not simply an applicant's status as a women-owned, minority-owned, or small business—as information provided by an applicant “pursuant to a request under subsection (b).” But information deemed provided pursuant to 704B(b) is subject not only to the firewall under 704B(d) but also to a right to refuse under 704B(c) and separate recordkeeping requirements under 704B(b)(2). Applying these special protections to many of the data points in 704B(e), such as an applicant's gross annual revenue or the amount applied for, would be extremely difficult to implement because this information is critical to financial institutions' ordinary operations in making credit decisions.

In order to resolve these ambiguities, the Bureau believes that the best reading of the statute is to give different meanings to the phrase “any information provided by the applicant pursuant to a request under subsection (b)” with respect to ECOA section 704B(e) as opposed to 704B(b)(2), (c), and (d). As relevant here, with respect to the firewall in ECOA section 704B(d), the Bureau interprets the phrase to refer to the data points in proposed § 1002.107(a)(18) (minority-owned business status) and proposed § 1002.107(a)(19) (women-owned business status), as well as proposed § 1002.107(a)(20) (ethnicity, race, and sex of principal owners). Each of these data points require financial institutions to request demographic information that has no bearing on the creditworthiness of the applicant. Moreover, a financial institution could not inquire about this demographic information absent section 1071's mandate to collect and report the information, and ECOA prohibits a financial institution from discriminating against an applicant on the basis of the information. The Bureau accordingly believes that the best effectuation of congressional intent is to apply section 1071's special-protection provisions to apply to this demographic information, regardless of whether the statutory authority to collect it originates in 704B(b)(1) (women-owned business status and minority-owned business status) or 704B(e)(2)(G) (race, sex, and ethnicity of principal owners). The Bureau similarly believes that Congress did not intend these special protections to apply to any of the other data points proposed in § 1002.107(a), which the financial institution is permitted to request regardless of coverage under section 1071, which are not the subject of Federal antidiscrimination law, and many of which financial institutions currently use for underwriting purposes.

The Bureau is proposing § 1002.108 to implement ECOA section 704B(d) and, pursuant to its authority in 704B(g)(1), to prescribe such rules and issue such guidance as may be necessary to carry out, enforce, and compile data pursuant to section 1071.

SBREFA Proposal Under Consideration and Feedback

Information subject to the firewall. In the SBREFA Outline, the Bureau stated that it was considering proposing that financial institutions need only limit access under ECOA section 704B(d) to an applicant's responses to the financial institution's specific inquiries regarding women-owned and minority-owned business status and the ethnicity, race, and sex of principal owners, but not to an applicant's small business status. As discussed below, many SERs and other commenters suggested that restricting access to protected demographic information obtained to comply with section 1071 ( i.e., minority-owned business status, women-owned business status, and the principal owners' ethnicity, race, and sex) would be difficult for their institutions. Although these SERs and other commenters generally did not comment on the scope of information that the Bureau considered proposing be subject to the firewall (other than to say that liming access would be difficult), one commenter said that small business status should not be subject to the firewall and another commenter said that it should.

The SBREFA Panel recommended that the Bureau propose clear guidance on what information is subject to the firewall requirement.

Feasibility of maintaining a firewall. In the SBREFA Outline, the Bureau also stated that it was considering how it might apply the feasibility standard in ECOA section 704B(d)(1) and asked several questions related to this standard. Several SERs that take in-person or paper applications or that have very limited commercial lending staff stated that it would be costly or impossible for them to restrict access to applicants' protected demographic information by underwriters and other persons involved in making determinations concerning applications from small businesses. In contrast, several SERs that operate entirely online said that it would be relatively easy for them to restrict access to applicants' protected demographic information. Another SER said that it could restrict access to protected demographic information for applications received online (though not for paper applications), but that it would necessitate an overhaul of its online system.

Many other stakeholders providing feedback on the SBREFA Outline said that it would not be possible to limit access to applicants' protected demographic information or that attempting to do so would be costly and time consuming. Some other commenters suggested that implementing and maintaining a firewall would be impossible for all financial institutions or certain categories of financial institutions ( i.e., smaller financial institutions, community banks, credit unions). Generally, these commenters requested exemptions from the firewall requirement for either all financial institutions or specific categories of financial institutions. Generally, commenters were concerned about the costs associated with hiring additional staff, outsourcing additional functions, or making system changes to implement and maintain the firewall. However, some commenters indicated that financial institutions should not be required to change their existing application or other processes to maintain a firewall and noted that underwriters and officers who gather information from small business applicants also make determinations regarding such applications. Commenters noted that implementing a firewall would necessitate more points of contact between employees of the financial institution and an applicant and would require financial institutions to reassign job duties and retrain existing employees.

Importantly, many comments from SERs and others seemed to reflect confusion about the intended scope of the firewall. For example, some SERs and other commenters seemed to think that the firewall would prohibit employees who were generally aware of an applicant's business status or of a principal owner's ethnicity, race, and sex, such as due to participation in outside organizations or activities, from making any determinations regarding applications. One commenter remarked that it would be impossible to comply with the firewall requirement if a financial institution required a principal owner to provide a driver's license. Additionally, some SERs and other commenters requested guidance on the scope and applicability of the firewall, indicating that the SBREFA Outline was not sufficiently clear regarding the firewall's scope.

The SBREFA Panel recommended that the Bureau propose a clear feasibility standard that takes into account the costs of establishing and maintaining a firewall to limit access by underwriters and other persons.

Providing a notice in lieu of the firewall. In the SBREFA Outline, the Bureau also stated that it was considering proposing to interpret ECOA section 704B(d)(2) to permit financial institutions to give underwriters, employees, and officers access to applicants' responses regarding women-owned business status, minority-owned business status and the principal owners' race, sex, and ethnicity when the financial institution determines that such access is needed for the underwriter, employee, or officer to perform usual and regularly assigned job duties. In such circumstances, the financial institution would need to comply with the statutory requirement to provide a notice in lieu of limiting access. The Bureau also stated in the SBREFA Outline that the financial institution could provide the notice to all small business applicants or the specific applicant or applicants whose information will or may be accessed. The Bureau also stated that it was considering developing sample disclosure language that financial institutions could use when providing the notice under 704B(d)(2) and that the notice under 704B(d)(2) need not include language regarding small business status.

SERs and other stakeholders generally were supportive of providing a notice to applicants in lieu of restricting access to applicants' protected demographic information obtained for purposes of the 1071 rule. Several stated that it should be permissible to provide a disclosure or notice to meet the firewall requirement, and others stated that a financial institution should be permitted to provide a notice to meet the firewall requirement if the financial institution itself determines that establishing and maintaining a firewall was not feasible. However, one industry commenter stated that financial institutions should not be required to provide a notice to comply with the firewall requirement, and one SER said that use of the notice should be optional. This SER suggested that requiring the use of a notice may cause confusion for the applicant and have the unintended consequence of causing unfounded claims of discrimination if the application is denied. One SER cautioned that many people do not read notices and disclosures, and another SER suggested that financial institutions would not want to provide a notice because the loan process already involves too much paperwork.

Several SERs and several other stakeholders indicated a preference for providing a notice to all applicants, not just those specific applicants whose protected demographic information was likely to be accessed by underwriters and others making decisions regarding applications.

Several stakeholders supported a model notice. One SER as well as two other commenters asked that, if the Bureau provided sample language or a model notice, that the Bureau provide it in English as well as in other languages, such as Spanish. SERs and other stakeholders suggested a variety of statements that they thought should or should not be included in sample language or a model notice. They also provided a variety of suggestions on combining the notice with other documents, such as the application, sample data collection form, or with other required notices and disclosures.

One SER requested that the Bureau clarify when a financial institution would be permitted to provide a notice in lieu of restricting access to applicants' protected demographic information. Some stakeholders requested additional guidance on the timing and methods for providing a notice.

The SBREFA Panel recommended that the Bureau propose to permit financial institutions to provide a notice to applicants instead of restricting access to applicants' protected demographic information if it is not feasible for the financial institution to restrict such access.

Proposed Rule

The Bureau is proposing § 1002.108 to implement the firewall provisions in ECOA section 704B(d). Proposed § 1002.108(a) would provide certain relevant definitions, proposed § 1002.108(b) would state the general prohibition on access to applicants' protected demographic information by certain persons, proposed § 1002.108(c) would explain the exception to that prohibition, and proposed § 1002.108(d) would provide language for the notice necessary in order to qualify for the exception. The Bureau is also proposing commentary. The Bureau's proposed approach to § 1002.108 is consistent with its approach under consideration during the SBREFA process. The Bureau's general rationale for how it reads the firewall provisions are set forth in this section-by-section analysis of proposed § 1002.108 above, under Background.

Proposed § 1002.108(b) would state that, unless the exception under proposed § 1002.108(c) applies, an employee or officer of a covered financial institution or a covered financial institution's affiliate shall not have access to an applicant's responses to inquiries that the financial institution makes pursuant to this subpart regarding whether the applicant is a minority-owned business under proposed § 1002.107(a)(18) or a women-owned business under proposed § 1002.107(a)(19), and regarding the ethnicity, race, and sex of the applicant's principal owners under proposed § 1002.107(20), if that employee or officer is involved in making any determination concerning that applicant's covered application.

Consistent with the SBREFA Panel's recommendation, proposed comment 108(b)-1 would clarify the information that is subject to the prohibition on access ( i.e., the firewall) and provide examples. First, proposed comment 108(b)-1 would clarify that the prohibition in proposed § 1002.108(b) would apply only to an applicant's responses to the inquiries that the covered financial institution makes to satisfy § 1002.107(a)(18) through (20) and provide examples. Second, proposed comment 108(b)-1 would clarify that the prohibition in proposed § 1002.108(b) does not apply to ethnicity or race information about principal owners that the financial institution collects via visual observation or surname, or to an applicant's responses to inquiries regarding minority-owned or women-owned business status, or principal owners' ethnicity, race, or sex, made for other purposes and provide an example. It would also clarify that the prohibition does not apply if an employee or officer generally knows that an applicant is a minority-owned business or women-owned business, or knows the ethnicity, race, or sex of any of the applicant's principal owners due to activities unrelated to the inquiries made to satisfy the financial institution's obligations under subpart B, as well as provide an example.

In response to SBREFA feedback requesting additional clarification and guidance on who would be subject to the firewall, proposed comment 108(b)-2 would clarify the scope of persons subject to the prohibition and provide examples.

Additionally, the Bureau is proposing to define the phrase “involved in making any determination concerning a covered application.” Proposed § 1002.108(a)(1) would define this phrase to mean participating in a decision regarding the evaluation of a covered application, including the creditworthiness of an applicant for a covered credit transaction. Thus, an employee or officer who participates in such decision would be subject to the prohibition in proposed § 1002.108(b), and thus could not have access to an applicant's responses to the covered financial institution's inquiries under proposed § 1002.107(a)(18) through (20) with regard to that covered application, unless the exception in proposed § 1002.108(c) applies.

Proposed comment 108(a)-1 would provide additional clarification regarding when an employee or officer is “involved in making any determination concerning a covered application.” In particular, it would clarify that an employee or officer is involved in making a determination concerning a covered application if the employee or officer makes, or otherwise participates in, a decision regarding the evaluation of a covered application or the creditworthiness of an applicant for a covered credit transaction. Proposed comment 108(a)-1 would note that this group of employees and officers includes, but is not limited to, employees and officers who serve as underwriters. Additionally, it would explain that the decision that the employee or officer makes or participates in must be about a specific covered application. An employee or officer would not be involved in making a determination concerning a covered application if the employee or officer is involved in making a decision that affects covered applications generally, the employee or officer interacts with small businesses prior to them becoming applicants or submitting a covered application, or the employee or officer makes or participates in a decision after the financial institution has taken final action on the application, such as decisions about servicing or collecting a covered credit transaction.

Consistent with the SBREFA Panel's recommendation, proposed § 1002.108(c) would state that the prohibition in proposed § 1002.108(b) shall not apply to an employee or officer if a financial institution determines that it is not feasible to limit that employee's or officer's access to one or more of an applicant's responses to the financial institution's inquiries under § 1002.107(a)(18) through (20) and the financial institution provides the notice required under proposed § 1002.108(d) to the applicant. Proposed § 1002.108(c) would further state that it is not feasible to limit access as required pursuant to proposed § 1002.108(b) if the financial institution determines that an employee or officer involved in making any determination concerning a covered application should have access to one or more applicants' responses to the financial institution's inquiries under proposed § 1002.107(a)(18) through (20).

Proposed comment 108(c)-1 would clarify that a financial institution is not required to limit the access of a particular employee or officer who is involved in making determinations concerning covered applications if the financial institution determines that the particular employee or officer should have access to the information collected pursuant to proposed § 1002.107(a)(18) through (20) and the financial institution provides the notice required by proposed § 1002.108(d). It would explain that a financial institution can determine that several employees and officers should have access or that all of a group of similarly situated employees or officers should have access, but that a financial institution cannot permit all employees and officers to have access simply because it has determined that one or more employees or officers should have access. It would also provide an example.

Proposed § 1002.108(a)(2) would define the phrase “should have access” to mean that an employee or officer may need to collect, see, consider, refer to, or otherwise use the information to perform that employee's or officer's assigned job duties. Proposed comment 108(a)-2 would explain that a financial institution may determine that an employee or officer should have access for purposes of proposed § 1002.108 if that employee or officer is assigned one or more job duties that may require the employee or officer to collect (based on visual observation, surname, or otherwise), see, consider, refer to, or use information otherwise subject to the prohibition in proposed § 1002.108(b). The employee or officer would not have to be required to collect, see, consider, refer to or use such information or to actually collect, see, consider, refer to or use such information. It would be sufficient if the employee or officer might need to do so to perform the employee's or officer's assigned job duties. This approach is similar to the approach under consideration during the SBREFA process, though in response to feedback received, the proposed definition would not require that the assigned job duties be usually or regularly assigned. Thus, an employee or officer would not be subject to the prohibition if the financial institution determines that the employee or officer might need to see, consider, refer to, or otherwise use the information an applicant provided pursuant to proposed § 1002.17(a)(18) through (20) to perform the employee's or officer's assigned job duties, and the financial institution provides the required notice to the applicant. Proposed comment 108(a)-2 would include an example of when a financial institution would be able to determine that an officer should have access and would state that, if a financial institution determines that an employee or officer who is involved in making any determination concerning a covered application should have access for purposes of § 1002.108, the financial institution is responsible for ensuring that the employee or officer only accesses and uses the protected information for lawful purposes. Additionally, proposed comment 108(a)-2 would explain that a financial institution may determine that all employees or officers with the same job description or assigned duties should have access for purposes of § 1002.108 and provide an example.

Proposed § 1002.108(d) would describe the notice that a financial institution is required to provide to satisfy the exception in proposed § 1002.108(c). Proposed § 1002.108(d) would state that, in order to satisfy the exception set forth in proposed § 1002.108(c), a financial institution shall provide a notice to each applicant whose responses will be accessed, informing the applicant that one or more employees or officers involved in making determinations concerning the covered application may have access to the applicant's responses to the financial institution's inquiries regarding whether the applicant is a minority-owned business or a women-owned business, and regarding the ethnicity, race, and sex of the applicant's principal owners. Proposed § 1002.108(d) would also state that the financial institution shall provide this notice when making the inquiries required under § 1002.107(a)(18) through (20) and together with the notices required pursuant to § 1002.107(a)(18) through (20).

Proposed comment 108(d)-1 would explain that if a financial institution determines that one or more employees or officers should have access pursuant to proposed § 1002.108(c), then the financial institution must provide the required notice to, at a minimum, the applicant or applicants whose responses will be accessed by an employee or officer involved in making determinations regarding the applicant's or applicants' covered applications. It would also clarify that, as an alternative, the financial institution could provide the required notice to a larger group of applicants, including all applicants, if it determines that one or more officers or employees should have access.

Proposed comment 108(d)-2 would describe the content of the required notice. It would state that the notice must inform the applicant that one or more employees and officers involved in making determinations regarding the applicant's covered application may have access to the applicant's responses regarding the applicant's minority-owned business status, its women-owned business status, and its principal owners' ethnicity, race, and sex. Proposed comment 108(d)-2 would note that the financial institution may, but is not required to, provide the notice on its data collection form. Additionally, proposed comment 108(d)-2 would include language for the required notice. A financial institution would be required to use the language set forth in proposed comment 108(d)-2 or substantially similar language when providing the notice.

Comment 108(d)-3 would explain that if a financial institution is providing the notice required by proposed § 1002.108(d) orally, it must provide the notice prior to asking the applicant if it is a minority-owned business or women-owned business and prior to asking for a principal owner's ethnicity, race, or sex. It would further explain that, if the notice required by proposed § 1002.108(d) is provided on the same paper or electronic data collection form as the inquiries about minority-owned business status, women-owned business status, and the principal owners' ethnicity, race, or sex, the financial institution would be required to provide the notice at the top of the form. If the notice required by proposed § 1002.108(d) is provided in an electronic or paper document that is separate from the data collection form, the financial institution would be required to provide the notice at the same time as the data collection form or prior to providing the data collection form. Additionally, proposed comment 108(d)-3 would clarify that the notice required pursuant to proposed § 1002.108(d) must be provided with the non-discrimination notices required pursuant to proposed § 1002.107(a)(18) through (20) and would reference proposed appendix E for an example.

The Bureau believes that its proposed approach reflects the feedback from most SERs and commenters who preferred to be able to give a notice and did not want to hire additional staff or change processes. While some commenters did not want to provide a notice, section 1071 requires that a financial institution provide a specific notice to an applicant if the financial institution determines that an employee or officer should have access to information otherwise subject to the firewall requirement. As an alternative to providing a notice, a financial institution could take the steps necessary to establish and maintain a firewall.

The Bureau seeks comment on its proposed approach to the firewall requirement and whether a different approach might result in a better policy outcome. The Bureau also seeks comment on the scope of the proposed firewall and the exception. The Bureau specifically seeks comment on whether the firewall should apply to information about principal owners' ethnicity and race that is obtained via visual observation and/or surname. Finally, the Bureau generally requests comment on whether additional clarification is needed regarding the firewall requirement.

Section 1002.109 Reporting of Data to the Bureau

Proposed § 1002.109 would address several aspects of financial institutions' obligations to report 1071 data to the Bureau. First, proposed § 1002.109(a) would require 1071 data to be collected on a calendar year basis and reported to the Bureau by June 1 of the following year, and would address several related issues. Second, proposed § 1002.109(b) would detail the information that financial institutions must provide about themselves when reporting 1071 data to the Bureau. Finally, proposed § 1002.109(c) would address technical instructions for submitting data to the Bureau.

The Bureau is proposing § 1002.109 to implement ECOA section 704B(f)(1) and pursuant to its authority under 704B(g)(1) to prescribe such rules and issue such guidance as may be necessary to carry out, enforce, and compile data pursuant to section 1071. The Bureau is also proposing § 1002.109(b) pursuant to 704B(e)(2)(H), which requires financial institutions to compile and maintain as part of their 1071 data any additional data that the Bureau determines would aid in fulfilling the purposes of section 1071.

109(a) Reporting to the Bureau

109(a)(1) Annual Reporting

Background

ECOA section 704B(f)(1) provides that “[t]he data required to be compiled and maintained under [section 1071] by any financial institution shall be submitted annually to the Bureau.”

SBREFA Proposal Under Consideration and Feedback Received

In the SBREFA Outline, the Bureau stated it was considering proposing that financial institutions collect 1071 data on a calendar year basis, and that financial institutions report 1071 data to the Bureau by a specified time after the end of each calendar year.

SERs and other stakeholders responded to various aspects of the Bureau's proposals under consideration in the SBREFA Outline on reporting 1071 data to the Bureau, including reporting frequency, reporting period, and submission date.

Regarding reporting frequency, stakeholder comments were split. One SER suggested that data reporting be done on a calendar year basis, to avoid half-year measurements. Some other stakeholders—including several industry and trade association stakeholders, and a community group—also supported reporting no more or less frequently than once a year. Other stakeholders supported reporting on a more frequent basis than annually. In that latter group, another SER requested ongoing data reporting, arguing that more frequent reporting is less burdensome by permitting financial institutions to submit data as applications are received or loans are made. Three stakeholders (a community group, a think tank, and a community development lender trade association) also supported reporting more frequently than annually, especially for larger financial institutions, arguing that technology enables near real-time reporting.

Regarding the reporting period and submission date, several trade associations supported collecting data on a calendar year basis. A community group suggested an alternative to calendar-year reporting, specifically a one-year collection period starting on July 1 and ending on June 30 the next year. The group argued that this alternative schedule would help financial institutions avoid overlapping obligations with the calendar year data collection schedule for HMDA. A SER cautioned against aligning the annual reporting dates for section 1071 with the reporting dates for HMDA, noting that reporting for both regimes at the same time could strain resources; other stakeholders echoed this view. Other stakeholders requested that the Bureau coordinate reporting dates with other Federal agencies, including those responsible for collecting data from CDFI Fund participants and banks subject to CRA reporting.

Regarding reporting 1071 data to the Bureau, several SERs noted that they already report much of the data that a 1071 rule would seem likely to require to the Treasury Department's CDFI Fund. One SER requested that the Bureau coordinate with the CDFI Fund on consistency of definitions, types of data collection, and timing of reporting, and that the agencies should consider streamlining reporting requirements through data sharing.

The SBREFA Panel recommended, regarding this issue as well as other recordkeeping and reporting issues addressed in the SBREFA Outline, that the Bureau seek comment on these aspects of a 1071 rule, and how best to implement them in a manner that minimizes cost and burden to small financial institutions.

Proposed Rule

The Bureau is proposing, in § 1002.109(a)(1)(i), to require that by June 1 following the calendar year for which data are collected and maintained as required by proposed § 1002.107, a covered financial institution shall submit its small business lending application register in the format prescribed by the Bureau. This approach to reporting frequency and reporting period is consistent with both the annual submission schedule specified in the statute as well as with the approach under consideration at SBREFA.

Regarding reporting frequency, while several stakeholders and one SER advocated for more frequent reporting (especially via application programming interface (API)), annual reporting is consistent with what ECOA section 704B(f)(1) provides and with HMDA for most filers. The Bureau is concerned that requiring more frequent reporting for 1071 data could be unduly onerous for financial institutions, especially small financial institutions and those with lower application volumes.

Further, the Bureau is not proposing that financial institutions (small or otherwise) be permitted to submit their 1071 data on a real-time basis. The Bureau believes that this would add complexity to the Bureau reporting system. The Bureau is concerned that this approach could result in financial institutions treating the Bureau as their official recordkeeping system for their 1071 data. Financial institutions that were required to update or correct their data as a result of an audit, examination, or compliance review would need to make such changes within the Bureau's system, requiring the Bureau to develop an infrastructure that not only accepts real-time submissions, but also real-time corrections to prior real-time submissions. Nonetheless, the Bureau is continuing to explore ways it might facilitate or streamline reporting, particularly for small financial institutions. See the section-by-section analysis of proposed § 1002.109(c) below for additional information.

Regarding the reporting period, the Bureau believes there are advantages to having data collected and reported on a calendar year basis. Calendar year reporting may facilitate other aspects of the rule that depend on data that is typically recorded on a calendar year basis. For instance, other parts of the rule look to annual data, such as proposed § 1002.105(b), which would use a financial institution's loan volumes over the prior two calendar years to determine coverage. Further, the Bureau understands that financial institutions would generally prefer to have such data collections occur on a calendar year basis because such an approach would be generally consistent with their operations. The Bureau is concerned that requiring an annual reporting period other than the calendar year—such as July 1 to June 30—could result in additional challenges for financial institutions in complying with the rule, which could in turn make errors in collecting and reporting data to the Bureau more likely.

As discussed in more detail below in the section-by-section analysis of proposed § 1002.114(b) below, the Bureau is considering whether to require or permit the initial collection of data under the eventual 1071 rule to begin, following an appropriate implementation period, at some point during the year rather than on January 1. For example, if the compliance date were on July 1, 2024, the Bureau would permit or require all financial institutions to collect and report data pursuant to proposed § 1002.109(a) for the period July 1 to December 31, 2024. After this initial partial collection year, financial institutions would collect data on a calendar year basis.

Regarding the proposed submission date, several stakeholders (including community groups) requested a March 1 submission deadline on the grounds that financial institutions comply with a March 1 deadline for HMDA despite its relative complexity compared to 1071. The Bureau is proposing a June 1 submission deadline to give additional time for the compliance staff of financial institutions to dedicate time and resources focused on preparing a small business lending application register, after meeting other reporting obligations with earlier deadlines, such as under HMDA or CRA. This may be especially important for smaller financial institutions that will rely on the same staff to comply with other data reporting regimes and this 1071 rule.

Proposed § 1002.109(a)(1)(ii) would require that an authorized representative of the covered financial institution with knowledge of the data submitted certify to the accuracy and completeness of data submitted pursuant to proposed § 1005.109(a). A similar provision exists in Regulation C (§ 1003.5(a)(i)), and the Bureau believes it would be appropriate to adopt it here as well. Based on the Bureau's experience with HMDA and Regulation C, the Bureau believes that having a specific person responsible for certifying to the accuracy and completeness of data is likely to lead to financial institutions providing better quality data.

Proposed § 1002.109(a)(1)(iii) would clarify that when the last day for submission of data prescribed under proposed § 1002.109(a)(1) falls on a date that is not a business day, a submission is considered timely if it is submitted no later than the next business day.

The Bureau seeks comment on its proposed approach to the aspects of reporting addressed in proposed § 1002.109(a), including that the reporting frequency be annual, that the reporting period be the calendar year, and that the submission date be June 1 of the next calendar year. In particular, the Bureau seeks comment with respect to proposed § 1002.109(a)(1)(i) on whether requiring the submission of small business lending application registers by June 1 might give rise to complications for any persons or entities relying on data from the registers for other purposes, such as Federal regulators scheduling examinations.

109(a)(2) Reporting by Subsidiaries

ECOA section 704B(f)(1) states that “any” financial institution obligated to report 1071 data to the Bureau must do so annually; the statute does not expressly address financial institutions that are themselves subsidiaries of other financial institutions. In the SBREFA Outline, the Bureau did not address this issue for section 1071 reporting.

Proposed § 1002.109(a)(2) would state that a covered financial institution that is a subsidiary of another covered financial institution shall complete a separate small business lending application register. The subsidiary shall submit its small business lending application register, directly or through its parent, to the Bureau. Proposed comment 109(a)(2)-1 would explain that a covered financial institution is considered a subsidiary of another covered financial institution for purposes of reporting data pursuant to proposed § 1002.109 if more than 50 percent of the ownership or control of the first covered financial institution is held by the second covered financial institution. This proposed provision mirrors one that exists for HMDA reporting under Regulation C in § 1003.5(a)(2). The Bureau believes that this proposed provision would help facilitate compliance with the 1071 rule by permitting parent financial institutions to coordinate the reporting of all their subsidiaries' small business lending data together.

The Bureau seeks comment on this aspect of its proposal. Additionally, the Bureau seeks comment on proposed § 1002.109(a)(2) in light of proposed § 1002.105(b), which would define a covered financial institution as a financial institution that originated at least 25 covered credit transactions for small businesses in each of the two preceding calendar years. The Bureau seeks comment on whether this provision may risk creating ambiguity with respect to compliance and whether additional safeguards may be required to dissuade financial institutions from creating subsidiaries for the sole purpose of avoiding the collection and reporting or section 1071 data. The Bureau also seeks comment on all other aspects of this proposal.

109(a)(3) Reporting Obligations Where Multiple Financial Institutions Are Involved in a Covered Credit Transaction

Section 1071's requirement to collect and report data for any “application to a financial institution for credit” could be read as applying to more than one financial institution when an intermediary provides the application to another institution that takes final action on the application. It might also apply in cases where one application is simultaneously sent to multiple financial institutions. This broad reading may serve a useful function, such as comprehensive reporting by all financial institutions involved in a small business lending transaction, but could also generate duplicative compliance costs for financial institutions and potentially detract from the quality of reported 1071 data, increasing the risk that certain applications are reported multiple times.

At SBREFA, in considering ECOA section 704B(f)(1), the Bureau stated that it was considering proposing that in the situation where more than one party is involved on the lender side of a single small business loan or application, section 1071's data collection and reporting requirements would be limited in the same manner as in Regulation C. For HMDA, Regulation C provides (in § 1003.4(a) and comment 4(a)-3) that if more than one financial institution was involved in the origination of a covered loan, the financial institution that made the final credit decision approving the application before closing or account opening shall report the covered loan as an origination. If there was an origination, then the financial institution making the final credit decision approving the application would be responsible for reporting (even if the financial institution used credit standards set by another party). If more than one financial institution approved a loan, and the loan was purchased after closing by one of the financial institutions approving the loan, the purchaser (such as an assignee) would report the loan. If there was no origination and multiple financial institutions received the same application, then any financial institution that made a credit decision would be responsible for reporting (even if other financial institution also reported on the same potential non-originated application).

Several SERs voiced support for aligning reporting requirements for financial institutions that are not the lender of record with the approach taken for HMDA reporting in the Bureau's Regulation C. One SER stressed that imposing section 1071 requirements for loan buyers, who play an important role in assisting CDFIs but do not make credit decisions, might risk their continued participation. Another CDFI SER explained that the institution occasionally participates in pooled loan purchases and recommended that the Bureau ensure that reporting obligations for such pooled loans are clear. Other SERs expressed concern in adopting the Bureau's approach in Regulation C, noting the differences between small business and residential loan products, and advocated for simpler approaches. The SBREFA Panel did not provide a relevant recommendation.

Comments from other stakeholders included several voicing support for a HMDA-like approach, praising the Bureau's consistent approach and interest in limiting duplicative information. However, several comments advocated against the HMDA approach, generally by proffering other ideas rather than criticizing the rules or outcomes of the HMDA approach. Alternative suggestions varied, but included suggesting that data collection and reporting should be required only for the company most closely interacting with the loan applicant; if a financial institution receives a covered application, then the application should be subject to reporting, regardless of outcome; the financial institution that funded (or would have funded) the loan should be required to collect and report; and the financial institution that conducts the underwriting and determines whether the small business credit applicant qualifies for credit using its underwriting criteria should be required to report and collect.

Proposed § 1002.109(a)(3) would provide that only one covered financial institution shall report each covered credit transaction as an origination, and that if more than one financial institution was involved in an origination, the financial institution that made the final credit decision approving the application shall report the loan as an origination, if the financial institution is a covered financial institution.

Proposed § 1002.109(a)(3) would further provide that if there was no origination, then any covered financial institution that made a credit decision shall report the application. The Bureau is aware that under certain lending models as they operate today, financial institutions may not always be aware of whether another financial institution originated a credit transaction. The Bureau believes that information on whether there was an origination should generally be available, or that lending models can be adjusted to provide this information at low cost. For example, if an applicant applies to Financial Institutions A and B, and then withdraws an application with Financial Institution A, then Financial Institution A should be able to ascertain whether the applicant obtained credit from Financial Institution B.

Proposed comment 109(a)(3)-1 would provide general guidance on how to report originations and applications involving more than one institution. In short, if more than one financial institution was involved in the origination of a covered credit transaction, the financial institution that made the final credit decision approving the application shall report the covered credit transaction as an origination. Proposed comment 109(a)(3)-2 would offer examples illustrating how a financial institution should report a particular application or originated covered credit transaction. Proposed comment 109(a)(3)-3 would explain that if a covered financial institution made a credit decision on a covered application through the actions of an agent, the financial institution reports the application, and provides an example. State law determines whether one party is the agent of another. While these proposed comments assume that all of the parties are covered financial institutions, the same principles and examples would apply if any of the parties is not a covered financial institution.

The Bureau seeks comment on this aspect of its proposal. In particular, the Bureau seeks comment with respect to proposed § 1002.109(a)(3) on whether, particularly in the case of applications that a financial institution is treating as withdrawn or denied, the financial institution can ascertain if a covered credit transaction was originated by another financial institution without logistical difficulty or significant compliance cost.

109(b) Financial Institution Identifying Information

Beginning in 1989, Regulation C required financial institutions reporting HMDA data to use a discrete transmittal sheet to provide information on themselves separate from the loan/application registers used to submit HMDA data. The 2015 HMDA final rule replaced the transmittal sheet requirement with Regulation C § 1003.5(a)(3), which requires that a financial institution reporting HMDA data to provide with its submission (i) its name; (ii) the calendar year the data submission covers; (iii) the name and contact information of a person who may be contacted with questions about the institution's submission; (iv) its appropriate Federal agency; (v) the total number of entries contained in the submission; (vi) its Federal Taxpayer Identification Number; and (vii) its Legal Entity Identifier (LEI). The Bureau and FFIEC publish information on financial institutions that report HMDA data in the HMDA Reporter Panel, which includes the required submission information, provided by financial institutions under § 1003.5(a)(3), as well as other data derived from this information.

The Bureau is proposing to collect information regarding financial institutions that report 1071 data, similar to the information required under Regulation C. Specifically, proposed § 1002.109(b) would require that a financial institution provide the following information about itself as part of its submission: (1) Its name; (2) its headquarters address; (3) the name and business contact information of a person who may be contacted with questions about the financial institution's submission; (4) its Federal prudential regulator, if applicable; (5) its Federal Taxpayer Identification Number; (6) its LEI; (7) its Research, Statistics, Supervision, and Discount identification (RSSD ID) number, if applicable; (8) its parent institution information, if applicable (including the name, LEI, and RSSD ID number of its immediate parent entity and top-holding parent entity, if applicable); (9) the type of financial institution, chosen from a list provided; and (10) whether the financial institution is voluntarily reporting 1071 data.

As discussed below, the Bureau believes it would be appropriate to require each of these pieces of information regarding financial institutions reporting 1071 data. As a practical matter, the Bureau expects that this information might be provided by a financial institution when it initially sets up an account with the Bureau's 1071 data submission platform to allow it to file 1071 data as required by the rule. Thus, this information might exist in the Bureau's 1071 data submission system and be updated by the financial institution as needed.

As described in detail below, the Bureau believes that detailed information on the financial institutions reporting 1071 data is necessary to carry out, enforce, and compile data under section 1071, pursuant to ECOA section 704B(f)(1) and (g)(1), and would aid in fulfilling the purposes of section 1071, pursuant to 704B(e)(2)(H). To analyze 1071 data, the Bureau and other potential users of the data would need information on the financial institutions that are taking covered applications and making covered credit transactions. Fair lending analysis is based on a review of the decisions financial institutions make on applications. Similarly, an analysis of the business and community development needs of a given community is based on understanding the volume and geography of the lending activities of specific financial institutions.

With the possible exception of the LEI (in proposed § 1002.109(b)(6) and (8)(ii) and (v)) in certain circumstances, the Bureau believes that financial institutions already have all the information that would be required of them under proposed § 1002.109(b), and that being required to provide this information to the Bureau should not pose any particular difficulties or costs on financial institutions.

The Bureau seeks comment on its approach to collecting information on financial institutions, including each of the items listed in proposed § 1002.109(b)(1) through (10) as well as whether the Bureau should require the reporting of any other information on financial institutions. Additional requests for comment specific to certain pieces of information are included below.

Paragraph 109(b)(1)

During the SBREFA process, in the context of discussing privacy, some stakeholders expressed an aversion to the collection and publication of information on financial institutions. Some stakeholders, including SERs and some larger entities, commented that the Bureau should not publish the names of financial institutions reporting 1071 data, asserting that those financial institutions would face reputational risks. Some stakeholders even appeared to suggest that the Bureau not collect the names of financial institutions at all.

Proposed § 1002.109(b)(1) would require a financial institution to provide its name. Regulation C (§ 1003.5(a)(2)(i)) requires financial institutions to provide their names on their transmittal sheets when filing HMDA data, and the Bureau believes that a similar requirement would be appropriate here.

The Bureau believes that collecting a financial institution's name (as well as all the other identifying information in proposed § 1002.109(b)) is necessary to carry out, enforce, and compile data under section 1071, and would aid in fulfilling the purposes of section 1071. For both of section 1071's statutory purposes, the identity of the financial institution taking covered applications and originating covered credit transactions is critical. Without knowing the financial institution's name, fair lending enforcement would not be possible. Analyzing business and community development needs is much improved when it is possible to identify which financial institutions are operating in specific geographic areas.

There are additional practical considerations. Examinations for compliance with section 1071 would be difficult, if not impossible, without the name of the financial institution associated with a specific small business lending application register. Further, it would be difficult for the Bureau to administer a website for 1071 data submissions without creating logins assigned to specific financial institutions. Finally, the Bureau is proposing in § 1002.110(c) that financial institutions' statutory obligation to make 1071 data available to any member of the public, upon request, pursuant to ECOA section 704B(f)(2)(B) would be satisfied by the institutions' directing the public to the Bureau's website for this information. Without the financial institution's name (and other relevant identifying information), proposed § 1002.110(c) would not satisfy this statutory requirement.

Paragraph 109(b)(2)

Proposed § 1002.109(b)(2) would require a financial institution to provide the physical address of its headquarters location. The headquarters address of a financial institution would provide geographic information that would aid in fulfilling the statutory purposes of section 1071, including, for instance, analyses of the connection between a financial institution's location and the business and community development needs where it operates. It will also help identify and differentiate financial institutions, particularly nondepository financial institutions, that have similar names.

Paragraph 109(b)(3)

Proposed § 1002.109(b)(3) would require a financial institution to provide the name and business contact information of a person who may be contacted with questions about the financial institution's 1071 data submission. Regulation C includes a similar requirement in § 1003.5(a)(3)(iii), and the Bureau believes it would be appropriate to require such information here. In general, the Bureau has found, from its experience with HMDA and Regulation C, that requiring the name and business contact information of a person who may be contacted with questions generally facilitates communication in the event that follow-up on a submission is required.

Paragraph 109(b)(4)

Proposed § 1002.109(b)(4) would require a financial institution that is a depository institution to provide the name of its Federal prudential regulator, if applicable. Proposed comment 109(b)(4)-1 would explain how to determine which Federal prudential regulator ( i.e., the OCC, the FDIC, the Board, or the NCUA) a financial institution should report. Proposed comment 109(b)(4)-2 would provide guidance on when a financial institution must report a new Federal prudential regulator, for instance, in the event of a merger or a change of charter.

Regulation C includes a similar provision in § 1003.5(a)(3)(iv), requiring financial institutions to identify the appropriate Federal agency. In the Regulation C context, the purpose of this requirement is to identify the agency to which a financial institution must report its HMDA data—often the financial institution's Federal prudential regulator for depository institutions, and other agencies for nondepository institutions. Here, the Bureau believes a requirement to report a financial institution's Federal prudential regulator would be appropriate for different reasons. The reporting of a financial institution's Federal prudential regulator may enable analysts to more easily identify other information about a financial institution that its Federal prudential regulator may make publicly available, such as Call Report data; further, such additional data may be used to perform analyses of the characteristics of financial institution's 1071 data by regulator. Nondepository institutions generally do not have Federal prudential regulators and would not report one under this proposed requirement.

Paragraph 109(b)(5)

Proposed § 1002.109(b)(5) would require a financial institution to provide its Federal Taxpayer Identification Number (TIN). Proposed comment 109(b)(5)-1 would explain when a financial institution should report a new Federal TIN in the event that it obtains a new Federal TIN (for instance, because the financial institution merges with another financial institution and adopts the Federal TIN of the other financial institution).

Regulation C § 1003.5(a)(3)(iv) requires financial institutions to report Federal TIN with their HMDA submissions, and the Bureau believes such a requirement would be appropriate here as well. A financial institution's Federal TIN may be used to identify other publicly available information on a financial institution, and combine that data with a financial institution's 1071 register to enhance the types of analysis that can be conducted to further the two statutory purposes of section 1071.

Paragraph 109(b)(6)

Proposed § 1002.109(b)(6) would require a financial institution to provide its LEI. Proposed comment 109(b)(6)-1 would explain what an LEI is and would make clear that financial institutions that do not currently have an LEI must obtain one, and that financial institutions have an ongoing obligation to maintain an LEI in order to satisfy proposed § 1002.109(b)(6).

An LEI is a unique, 20-digit identifier issued by an entity endorsed or otherwise governed by the Global LEI Foundation. Regulation C requires financial institutions to obtain and use an LEI, which facilitates the analysis of HMDA data and aids in the recognition of patterns by more precisely identifying financial institutions and affiliated companies. The LEI also helps financial institutions that report HMDA data generate the universal loan identifier used to identify application or application-level records in Regulation C. Similarly, in the 1071 context, a financial institution's LEI would also likely facilitate analyses of 1071 data, by helping the Bureau and other stakeholders better understand a financial institution's corporate structure. The Bureau would also require, in proposed § 1002.107(a)(1), financial institutions to use their LEIs to create unique identifiers for covered applications. The Bureau believes this, in turn, would result in more sophisticated and useful analyses of the financial institution's 1071 data.

Paragraph 109(b)(7)

Proposed § 1002.109(b)(7) would require a financial institution to report its RSSD ID number, if applicable. An RSSD ID is a unique identifying number assigned to institutions, including main offices and branches, by the Federal Reserve System. All depository institutions know and regularly report their RSSD ID numbers on FFIEC regulatory forms. RSSD ID would help users of the 1071 data to link the data for a particular financial institution to other regulatory data, including the connections between a particular financial institution with others. The Bureau believes that this additional information would result in more sophisticated and useful analyses of the financial institution's 1071 data.

Proposed comment 109(b)(7)-1 would explain what a RSSD ID number is and how financial institutions that have one might find it. Financial institutions that do not have RSSD IDs, typically nondepository institutions, would not be required to obtain them, and would report “not applicable” in that field.

Paragraph 109(b)(8)

Proposed § 1002.109(b)(8) would require a financial institution to provide certain information on its parent entities, if applicable. This information would include the name, the LEI (if available), and the RSSD ID (if available) of the financial institution's immediate parent entity and the financial institution's top-holding parent entity.

Proposed comments 109(b)(8)-1 and -2 would provide guidance on how to identify a financial institution's immediate parent entity and a financial institution's top-holding parent entity. Proposed comment 109(b)(8)-3 would explain that a financial institution would report its parent entities' LEIs if they have them, but that no parent entity would be required to obtain an LEI if it did not already have one. Proposed comment 109(b)(8)-4 would likewise explain that a financial institution would report its parent entities' RSSD ID numbers if they had them.

The Bureau believes that the collection of information on a financial institution's structure would further both of the statutory purposes of section 1071. Data on a financial institution's organizational structure that is self-reported would be more accurate than generating such information from publicly available sources.

Better structural information would, for instance, improve the accuracy of peer analyses, which would facilitate fair lending enforcement. Further analyzing trends over time would be useful for identifying institutions that may give rise to fair lending risk. Given structural changes to institutions over time, information that enables the identification of institutions consistently and accurately over time is important to this trend analysis.

In addition, the Bureau believes that information on a financial institution's structure would advance the business and community development purpose of section 1071 by facilitating the analysis of whether and how corporate structure impacts how a financial institution provides access to credit to small businesses. In particular, this structural information could be used to understand how regulation in one part of a corporate structure impacts unregulated entities within the same corporate group.

Proposed § 1002.109(b)(8) would result in more accurate and comprehensive corporate structure information by requiring financial institutions to provide not only the name of one parent entity, but the immediate parent entity of the financial institution as well as the top-holding parent of the financial institution (for some financial institutions, this would be a bank holding company). For the reasons set out in the section-by-section analyses of proposed § 1002.109(b)(6) and (7), the reporting of LEI and RSSD ID of parent entities would improve the ability of regulators and other stakeholders to map out more precisely and fully the often complex networks of a financial institution's corporate structure. This more detailed and accurate structural data, in turn, may be used to perform more sophisticated and useful analyses of the financial institution's 1071 data. In addition, this information will help the Bureau confirm whether data are appropriately being reported by financial institutions on behalf of their subsidiaries pursuant to proposed § 1002.109(a)(2).

With respect to proposed § 1002.109(b)(8), the Bureau seeks comment on whether it should require any other parent entity information to be provided by financial institutions reporting 1071 data.

Paragraph 109(b)(9)

Proposed § 1002.109(b)(9) would require a financial institution to report the type of financial institution it is, selecting the applicable type or types of institution from a list in proposed comment 109(b)(9)-1. The comment would also explain that a financial institution shall select all applicable types. The list provided in the proposed comment includes: (i) Bank or savings association, (ii) minority depository institution, (iii) credit union, (iv) nondepository institution, (v) CDFI, (vi) other nonprofit financial institution, (vii) Farm Credit System institution, (viii) government lender, (ix) commercial finance company, (x) equipment finance company, (xi) industrial loan company, (xii) fintech, and (xiii) other. Proposed comment 109(b)(9)-2 would explain that a financial institution reports the type of financial institution as “other” where none of the enumerated types of financial institution appropriately describe the applicable type of financial institution, and the institution reports the type of financial institution as free-form text.

The Bureau believes that information regarding the type of financial institution reporting 1071 data would greatly assist in the analysis conducted by the Bureau and other users of 1071 data. Information providing further details on types of financial institutions would help advance the statutory purposes of section 1071; fair lending analysts might use this information on the financial institution type (for instance, depository institution compared to nondepository institutions) as a control variable for their analyses. The inclusion of this information may also assist in an assessment of the business and community development needs of an area as it may provide analysts a means of determining what types of financial institutions serve certain geographic areas.

In addition, the Bureau believes that this information, combined with the parent entity information required by proposed § 1002.109(b)(8), would offer more accurate and granular data on nondepository institutions within the same corporate group as depository institutions. Currently, the National Information Center database, which contains information on the structure of corporate groups that contain banks and other financial institutions, provides little information on nondepository institutions. As set out in the section-by-section analysis of proposed § 1002.109(b)(8) above, information on corporate structure that financial institutions self-report could fill in reporting gaps, including more specific information on financial institution types.

With respect to proposed § 1002.109(b)(9), the Bureau seeks comment on whether it should consider removing, modifying, or adding any types of financial institutions to the list in proposed comment 109(b)(9)-1, including in order to manage unique privacy interests (such as, for example, whether a category for captive finance companies that lend to applicants that share the same branding should be included on the list). The Bureau further seeks comment on whether it should consider defining any of the types of financial institutions in the proposed list, in particular whether and how to define the term “fintech.”

Paragraph 109(b)(10)

Proposed § 1002.109(b)(10) would require a financial institution to indicate whether it is not a covered financial institution under proposed § 1002.105(a) and is thus voluntarily reporting covered applications.

The Bureau believes it is important to be able to specifically identify these institutions' transactions in the data set. If reporting were restricted to only financial institutions required to report, the 1071 data would accurately reflect the overall population of financial institutions subject to 1071. However, institutions that do not meet the rule's loan-volume thresholds in proposed § 1002.105(b) may choose to voluntarily report 1071 data pursuant to proposed § 1002.5(a)(4)(vii) through (ix). Those institutions that voluntarily report data may not be representative of all potential voluntary reporters and may differ from required reporters. Without a specific designation, it may not be possible to distinguish an institution voluntarily reporting data after a single year of exceeding the loan-volume threshold from an institution reporting because it has already exceeded the loan-volume threshold in two consecutive years. The Bureau believes that users of 1071 data would benefit from being able to use this information as a control variable, resulting in better fair lending as well as business and community development analyses, to account for certain differences that may exist as between required and voluntary reporters.

109(c) Procedures for the Submission of Data to the Bureau

ECOA section 704B(g)(1) authorizes the Bureau to prescribe rules and issue such guidance as may be necessary to carry out, enforce, and compile data pursuant to section 1071. Section 704B(g)(3) provides for the Bureau to issue guidance to facilitate compliance with the requirements of section 1071.

The SBREFA Panel recommended that the Bureau seek comment on the recordkeeping and reporting issues addressed in the SBREFA Outline, including how best to implement them in a manner that minimizes cost and burden to small financial institutions. The Panel also recommended that the Bureau explore ways to streamline reporting for small financial institutions.

Proposed § 1002.109(c) would direct financial institutions to a publicly available website containing the Bureau's Filing Instructions Guide, which would set out technical instructions for the submission of data to the Bureau pursuant to proposed § 1002.109. Regulation C § 1003.5(a)(5) contains a comparable provision, which directs users to a Bureau website that sets out instructions for the submission of HMDA data, and the Bureau believes a similar approach would be appropriate here.

The Bureau intends to develop a system to receive, process, and publish the data collected pursuant to section 1071 and proposed subpart B. In doing so, the Bureau will benefit from what it learned in its multiyear effort in developing the HMDA Platform, through which entities file data as required under HMDA and Regulation C. The HMDA Platform satisfies regulatory requirements with an entirely web-based, open source system, using a container-based microservices approach and modern cloud architectures. It was designed to be continuously improved to incorporate evolving technologies and better serve HMDA data users. Publication of the HMDA data is designed to meet user needs and includes, for example, a Data Browser to filter and download datasets and explore the data using an interactive map. As it did in developing the HMDA Platform, the Bureau's work in developing the section 1071 data submission system will focus on satisfying all legal requirements, promoting data accuracy, and reducing burden. Also as with HMDA, the Bureau anticipates providing a Filing Instructions Guide and related materials for financial institutions.

The Bureau seeks comment on this aspect of the proposal, including the provision of technical instructions for data submission via a Bureau website and how best to implement the provisions of this section in a manner that minimizes cost and burden particularly to small financial institutions while implementing all statutory obligations. The Bureau also seeks comment on ways it could streamline reporting for small financial institutions.

Other Reporting Issues

Regulation C § 1003.5(a)(1)(i) provides that a financial institution shall submit its annual loan/application register in electronic format to the appropriate Federal agency. Regulation C does not provide for the submission of HMDA data by unaffiliated third parties directly on behalf of financial institutions in the way that a parent institution may submit HMDA data on behalf of its subsidiary under § 1003.5(a)(2) and comment 5(a)-3. The Bureau understands from financial institutions that report HMDA data to the Bureau that most institutions use third party software vendors in some way to help them prepare or submit their loan/application registers to the Bureau.

The Bureau seeks comment on whether it should permit third parties (such as financial software vendors) to submit to the Bureau a small business lending application register on behalf of a financial institution, including whether financial institutions should be required to designate third parties authorized to submit registers on their behalf.

Section 1002.110 Publication of Data

Proposed § 1002.110 would address several issues surrounding publication of section 1071 data. First, proposed § 1002.110(a) would address annual publication of application-level data on the Bureau's website, subject to deletions or modifications based on the Bureau's consideration of privacy interests. Second, proposed § 1002.110(b) would state that the Bureau may, at its discretion, compile and aggregate data submitted by financial institutions and may publish such compilations or aggregations as the Bureau deems appropriate. Third, proposed § 1002.110(c) would require a covered financial institution to publish on its website a statement that its 1071 data, as modified by the Bureau, are or will be available on the Bureau's website. Finally, proposed § 1002.110(d) would provide when a covered financial institution shall make the notice required by proposed § 1002.110(c) available to the public and how long it shall maintain the notice on its website.

The Bureau is proposing § 1002.110 to implement ECOA section 704B(f)(2)(B) and (C), which require the Bureau to adopt regulations addressing the form and manner that 1071 data are made available to the public, and pursuant to its authority under 704B(g)(1) to prescribe such rules and issue such guidance as may be necessary to carry out, enforce, and compile data pursuant to section 1071. The Bureau is also proposing § 1002.110(b) pursuant to 704B(f)(3), which permits the Bureau, at its discretion, to compile and aggregate 1071 data, and to publish such aggregate data.

110(a) Publication of Small Business Lending Application Registers and Associated Financial Institution Information

ECOA section 704B(f)(2)(C) requires that the Bureau annually make the 1071 data it receives from financial institutions available to the public in a such form and in such manner as the Bureau determines by regulation. The Bureau addressed this issue in the SBREFA Outline as part of its discussion regarding privacy considerations; SER and other stakeholder comments regarding privacy issues are addressed in part VI below. Proposed § 1002.110(a) would state that the Bureau shall make available to the public generally the data reported to it by financial institutions pursuant to proposed § 1002.109, subject to deletions or modifications made by the Bureau, at its discretion, if the Bureau determines that the deletion or modification of the data would advance a privacy interest. (The Bureau is proposing to make such determinations using a balancing test, as discussed in detail in part VI below.) The Bureau shall make such data available on an annual basis, by publishing it on the Bureau's website.

The Bureau seeks comment on its proposed approach to implementing ECOA section 704B(f)(2)(C).

110(b) Publication of Aggregate Data

ECOA section 704B(f)(3) provides that the Bureau may, at its discretion “compile and aggregate data collected under this section for its own use” and “make public such compilations of aggregate data.” The Bureau did not address this issue at SBREFA.

Proposed § 1002.110(b) would state that the Bureau may, at its discretion, compile and aggregate data submitted by financial institutions pursuant to proposed § 1002.109, and make any compilations or aggregations of such data publicly available as the Bureau deems appropriate. The Bureau believes that publication of certain such compilations and aggregations may provide useful data to the public to supplement the Bureau's publication of application-level data pursuant to proposed § 1002.110(a). This is especially true of application-level data fields that the Bureau may choose, using its proposed balancing test (described in parts VI.C.1 and .2 below) to modify or delete before publication pursuant to proposed § 1002.110(a).

The Bureau seeks comment on this aspect of its proposal.

110(c) Statement of Financial Institution's Small Business Lending Data Available on the Bureau's Website and 110(d) Availability of Statements

Background

ECOA section 704B(f)(2)(B) requires that the data compiled and maintained by financial institutions shall be “made available to any member of the public, upon request, in the form required under regulations prescribed by the Bureau.”

SBREFA Proposal Under Consideration and Feedback Received

The Bureau stated in the SBREFA Outline that it was considering proposing an approach in which financial institutions could satisfy this requirement by referring the public to the Bureau's website where 1071 data would be available. Under this approach, the 1071 data would be available with any modifications or deletions required based on the Bureau's application of the balancing test described in part VI below. The Bureau also stated that it considered requiring financial institutions to make their own data available to the public directly, upon request. However, the Bureau was concerned that this approach could involve greater burden for financial institutions, lead to privacy risks resulting from errors by individual financial institutions implementing any modifications or deletions required by the Bureau, and be less efficient overall.

One SER and several industry stakeholders expressed strong support for the Bureau's proposal under consideration that the public be directed to access 1071 data via the Bureau's website, rather than requiring financial institutions to provide the data themselves upon request. These stakeholders expressed concern that a requirement that financial institutions themselves provide 1071 data to the public upon request would be burdensome, adding complexity to the process, making errors more likely, and giving rise to data privacy risks. One community group asserted that the Bureau should require financial institutions to provide 1071 data within 30 days of a request from the public and, absent this, that the Bureau should make application-level 1071 data available to the public quarterly rather than annually.

The SBREFA Panel recommended, regarding this issue as well as other recordkeeping and reporting issues addressed in the SBREFA Outline, that the Bureau seek comment on these aspects of a 1071 rule, and how best to implement them in a manner that minimizes cost and burden to small financial institutions.

Proposed Rule

Proposed § 1002.110(c) would require that a covered financial institution make available to the public on its website, or otherwise upon request, a statement that the covered financial institution's small business lending application register, as modified by the Bureau pursuant to proposed § 1002.110(a), is or will be available on the Bureau's website. The Bureau is proposing this approach, which is consistent with its approach under consideration at SBREFA, for the reasons discussed above, including that this approach would reduce potential burdens on financial institutions associated with publishing modified data, would reduce privacy risks resulting from errors by individual financial institutions implementing any modifications or deletions required by the Bureau, and would be more efficient overall. Regulation C (§ 1003.5(c)(1)) implements a similar statutory requirement regarding the form of data reporting and requires financial institutions to direct any public requests for HMDA data they receive to the Bureau; the Bureau believes that a similar provision would be appropriate here to maintain continuity across reporting regimes, and because the Bureau believes that this provision would help ensure consistent implementation of any modification or deletion decisions that the Bureau determines would advance a privacy interest.

Proposed § 1002.110(c) would also state that a financial institution shall use language provided by the Bureau, or substantially similar language, to satisfy this requirement to provide a statement. Proposed comment 110(c)-1 would provide model language that financial institutions can use to comply with proposed § 1002.110(c). Proposed comment 110(c)-2 would provide guidance to financial institutions that do not have websites.

Proposed § 1002.110(d) would provide that a covered financial institution shall make the notice required by proposed § 1002.110(c) available to the public on its website when it submits a small business lending application register to the Bureau pursuant to proposed § 1002.110(a), and shall maintain the notice for as long as it has an obligation to retain its small business lending application registers pursuant to proposed § 1002.111(a).

The Bureau seeks comment on its proposed approach to implementing ECOA section 704B(f)(3), including how best to implement proposed § 1002.110(c) and (d) in a manner that minimizes cost and burden particularly on small financial institutions while implementing all statutory obligations.

Section 1002.111 Recordkeeping

Proposed § 1002.111 would address several aspects of the recordkeeping requirements for 1071 data. First, proposed § 1002.111(a) would require a covered financial institution to retain evidence of its compliance with this section, which includes a copy of its small business lending application register, for at least three years after submitting the register pursuant to proposed § 1002.109. Second, proposed § 1002.111(b) would require a financial institution to maintain, separately from the rest of the application and accompanying information, an applicant's responses to a financial institution's inquiries required by ECOA section 704B(b)(1) ( i.e., whether the applicant is a minority-owned business or a women-owned business, and regarding the ethnicity, race, and sex of the applicant's principal owners). Finally, proposed § 1002.111(c) would require that, in compiling and maintaining any records under proposed §§ 1002.107 and 1002.111(b), or reporting data pursuant to proposed § 1002.109, a financial institution shall not include personally identifiable information concerning any individual who is, or is connected with, an applicant.

The Bureau is proposing § 1002.111 to implement ECOA section 704B(f)(2)(A), which requires financial institutions to compile and maintain 1071 data for at least three years; 704B(b)(2), which requires financial institutions to maintain a record of the responses to the inquiry required by 704B(b)(1), separate from the application and accompanying information; and 704B(e)(3), which provides that in compiling and maintaining 1071 data, a financial institution may not include personally identifiable information concerning an individual who is, or is connected with, an applicant. The Bureau is also proposing § 1002.111 pursuant to its authority under 704B(g)(1) to prescribe such rules and issue such guidance as may be necessary to carry out, enforce, and compile data pursuant to section 1071.

111(a) Record Retention

ECOA section 704B(f)(2)(A) requires that information compiled and maintained under section 1071 be retained for not less than three years after the date of preparation. In the SBREFA Outline, the Bureau stated that it was considering proposing that a financial institution retain its 1071 data for at least three years after they are submitted to the Bureau. The Bureau received little feedback on this issue; a few stakeholders opined that the three-year retention period was acceptable.

The SBREFA Panel recommended, regarding this issue as well as other recordkeeping and reporting issues addressed in the SBREFA Outline, that the Bureau seek comment on these aspects of a 1071 rule, and how best to implement them in a manner that minimizes cost and burden to small financial institutions.

Proposed § 1002.111(a) would require that a financial institution retain a copy of its small business lending application register for three years after the register is submitted to the Bureau pursuant to proposed § 1002.109. This proposed approach is consistent with the approach that the Bureau considered proposing at SBREFA. By way of comparison, under Regulation C, financial institutions must retain the loan/application registers that they submit to the Bureau for three years. This reflects the requirement in HMDA itself that a LAR be retained for three years after it is made available.

Proposed comment 111(a)-1 would provide examples of what evidence of compliance with the proposed provision is likely to include. Proposed comment 111(a)-2 would require that a creditor that is voluntarily, under § 1002.5(a)(4)(vii) and (viii), collecting information pursuant to subpart B but is not required to report that data to the Bureau, complies with proposed § 1002.111(a) by retaining evidence of compliance with subpart B for at least three years after June 1 of the year following the year that data was collected.

The Bureau seeks comment on its proposed approach to implementing ECOA section 704B(f)(2)(A), including how best to implement proposed § 1002.111(a) in a manner that minimizes cost and burden particularly on small financial institutions while implementing all statutory obligations.

111(b) Certain Information Kept Separate From the Rest of the Application

ECOA section 704B(b)(2) requires financial institutions to maintain a record of the “responses to [the] inquiry” required by 704B(b)(1) separate from the application and accompanying information. As discussed below and consistent with the approach set forth in E.2 of the Overview to this part V, the Bureau proposes to interpret the term “responses to such inquiry” in 704B(b)(2) to be the applicant's responses to inquiries regarding protected demographic information—that is, whether the applicant is a minority-owned business or a women-owned business, and the ethnicity, race, and sex of the applicant's principal owners.

In the SBREFA Outline, the Bureau discussed this statutory provision but did not present a proposal under consideration to address it. Some SERs quoted this statutory language in written feedback, but none provided feedback on the particular issue of keeping certain information separate from the rest of the application. One trade association stakeholder noted that, under HMDA and Regulation C, banks are permitted to inquire about and collect required data points (which include information such as the ethnicity, race, and sex of applicants' principal owners) on and with the application. This stakeholder urged the Bureau to permit the same for 1071, and further requested a safe harbor for a bank that inquires and collects required data points on or with an application.

The SBREFA Panel recommended, regarding this issue as well as other recordkeeping and reporting issues addressed in the SBREFA Outline, that the Bureau seek comment on this aspect of a 1071 rule, and how best to implement it in a manner that minimizes cost and burden to small financial institutions.

Proposed § 1002.111(b) would state that a financial institution shall maintain, separately from the rest of the application and accompanying information, an applicant's responses to the financial institution's inquiries to collect data pursuant to proposed subpart B regarding whether an applicant for a covered credit transaction is a minority-owned business under proposed § 1002.107(a)(18) or a women-owned business under proposed § 1002.107(a)(19), and regarding the ethnicity, race, and sex of the applicant's principal owners under proposed § 1002.107(a)(20).

Proposed comment 111(b)-1 would explain that a financial institution may satisfy this requirement by keeping an applicant's responses to the financial institution's request pursuant to proposed § 1002.107(a)(18) through (20) in a file or document that is discrete or distinct from the application and its accompanying information. For example, such information could be collected on a piece of paper that is separate from the rest of the application form. In order to satisfy the requirement in proposed § 1002.111(b), an applicant's responses to the financial institution's request pursuant to proposed § 1002.107(a)(18) through (20) need not be maintained in a separate electronic system, nor need they be removed from the physical files containing the application. However, the financial institution may nonetheless need to keep this information in a different electronic or physical file in order to satisfy the requirements of proposed § 1002.108.

As discussed in detail above in E.2 in the Overview of this part V, the Bureau believes the best reading of the statutory provisions that mention the inquiry made under ECOA section 704B(b)(1)—in 704B(b)(2) as well as in 704B(c) regarding the right to refuse and 704B(d) regarding the firewall—is that they refer to applicants' responses to the inquiries regarding minority-owned and women-owned business status in proposed § 1002.107(a)(18) and (19), and regarding the ethnicity, race, and sex of applicants' principal owners in proposed § 1002.107(a)(20). Each of these three data points require financial institutions to request demographic information that has no bearing on the creditworthiness of the applicant. Moreover, a financial institution could not inquire about this demographic information absent section 1071's mandate to collect and report the information, and ECOA prohibits a financial institution from discriminating against an applicant on the basis of the information. The Bureau accordingly believes that the best effectuation of congressional intent is to apply section 1071's special-protection provisions to apply to this demographic information, regardless of whether the statutory authority to collect it originates in 704B(b)(1) (women-owned business status and minority-owned business status) or 704B(e)(2)(G) (race, sex, and ethnicity of principal owners). The Bureau similarly believes that Congress did not intend these special protections to apply to any of the other applicant-provided data points proposed in § 1002.107(a), which the financial institution is permitted to request regardless of coverage under section 1071, which are not the subject of Federal antidiscrimination law, and many of which financial institutions currently use for underwriting purposes.

With respect to the stakeholder's request that the section 1071 rule mirror HMDA's approach to collection of ethnicity, race, and sex data, the Bureau notes that there is no requirement in HMDA that is comparable to ECOA section 704B(b)(2)'s requirement that certain information be kept separate from the application and accompanying information; Regulation C thus anticipates that the demographic information required under HMDA can be collected as part of the application. The Bureau recognizes from stakeholder comments identified in the section-by-section analysis of proposed § 1002.107(c)(1) above that there may be potential difficulties in satisfying the proposed requirements regarding the time and manner of collecting applicant-provided data while not being able to ask for that information on the application itself. Proposed comment 111(b)-1 is intended to clarify, and facilitate compliance with, the statutory directive that financial institutions must keep certain information separate from the credit application.

The Bureau seeks comment on its proposed approach to implementing ECOA section 704B(b)(2), including how best to implement proposed § 1002.111(b) in a manner that minimizes cost and burden, particularly on small financial institutions, while implementing all statutory obligations. The Bureau also seeks comment on whether, for financial institutions that determine that underwriters or other persons should have access to applicants' demographic information pursuant to proposed § 1002.108(b), it should likewise waive the requirement in proposed § 1002.111(b) to keep that information separate from the application and accompanying information.

111(c) Limitation on Personally Identifiable Information Retained Under This Section

Background

ECOA section 704B(e)(3) provides that in compiling and maintaining any record of information under section 1071, a financial institution may not include in such record the name, specific address (other than the census tract), telephone number, electronic mail address, or any other personally identifiable information (PII) concerning any individual who is, or is connected with, an applicant.

SBREFA Proposal Under Consideration and Feedback Received

In the SBREFA Outline, the Bureau stated it was considering proposing a prohibition on including certain PII about any individuals associated with small business applicants in the small business lending application register a financial institution is required to compile, maintain, and report to the Bureau (other than the information specifically required to be collected and reported pursuant to section 1071, such as the ethnicity, race, and sex of principal owners). The Bureau also stated that this prohibition would not apply to PII collected by financial institutions outside of their specific 1071 data records.

SERs and other stakeholders offered limited feedback on this issue. One SER requested clarification on this statutory provision, specifically asking whether financial institutions were permitted to keep PII in their own loan-level records. A trade association supported a ban on including PII in the 1071 data. Another stated that the Bureau should issue a clarifying provision for excluding PII in compiling and maintaining any record of information from the different stages in the process ( e.g., bank systems, regulatory submission file). Two community group stakeholders supported a prohibition on including personally identifiable information in 1071 data to reduce potential privacy concerns surrounding release of 1071 data.

Some stakeholders expressed concern regarding a different issue related to data privacy. Federal and State laws protect the financial and data privacy of individuals, typically by imposing obligations on financial institutions to provide their customers notice and an opportunity to opt out in advance of the disclosure of their nonpublic personal information to unaffiliated third parties. Several industry stakeholders expressed concern that reporting 1071 data to the Bureau may cause them to violate other data privacy laws, including State data privacy laws.

The SBREFA Panel recommended, regarding this issue as well as other recordkeeping and reporting issues addressed in the Outline, that the Bureau seek comment on these aspects of a 1071 rule, and how best to implement them in a manner that minimizes cost and burden to small financial institutions.

Proposed Rule

The Bureau is proposing in § 1002.111(c) that in compiling and maintaining any records under proposed § 1002.107 or § 1002.111(b), or reporting data pursuant to proposed § 1002.109, a financial institution shall not include any name, specific address, telephone number, email address, or any PII concerning any individual who is, or is connected with, an applicant, other than as required pursuant to proposed § 1002.107 or § 1002.111(b). The prohibition on the inclusion of PII in ECOA section 704B(e)(3), which covers the “compiling and maintaining any record of information,” implicates proposed §§ 1002.107, 1002.109, and 1002.111, which together would address the compilation, maintenance, and reporting of 1071 data by financial institutions.

Proposed comment 111(c)-1 would clarify that the prohibition in proposed § 1002.111(c) applies to data compiled and maintained pursuant to § 1002.107, data in the small business lending application register submitted by the financial institution to the Bureau under proposed § 1002.109, the version of the register that the financial institution maintains under proposed § 1002.111(a), and the separate record of certain information created pursuant to proposed § 1002.111(b).

Proposed comment 111(c)-2 would address the types of information (including PII) that a financial institution is prohibited from including in the data it compiles and maintains pursuant to proposed § 1002.107, in its records under proposed § 1002.111(b), or in data reported to the Bureau under proposed § 1002.109. The examples of types of PII identified in proposed comment 111(c)-2 are illustrative and not exhaustive.

Proposed comment 111(c)-3 would clarify that the prohibition in proposed § 1002.111(c) does not extend to the application or any other records that the financial institution maintains. This comment is intended to address the request by a SER and another stakeholder that the Bureau clarify that this prohibition does not extend more broadly to a financial institution's application or loan-related files.

Proposed comment 111(c)-4 would clarify that the prohibition in proposed § 1002.111(c) does not bar financial institutions from providing to the Bureau, pursuant to proposed § 1002.109(b)(3), the name and business contact information of the person who may be contacted with questions about the financial institution's submission.

The Bureau seeks comment on its proposed approach to implementing ECOA section 704B(e)(3), including how best to implement this requirement in a manner that minimizes cost and burden, particularly on small financial institutions, while implementing all statutory obligations. Regarding comments by stakeholders that reporting 1071 data to the Bureau could give rise to a potential conflict with the data protection and privacy laws prohibiting the disclosure of nonpublic personal information to unaffiliated third parties, the Bureau notes that such laws typically provide an exemption for disclosures made pursuant to Federal and State law. The Bureau seeks comment on whether the requirements in this proposed rule could conflict with other data privacy or data protection laws, and whether the Bureau might need to use its preemption authority under ECOA, Regulation B, and/or section 1041(a)(1) of the Dodd-Frank Act to ensure that financial institutions do not violate State law in reporting 1071 data to the Bureau. The Bureau also seeks comment on whether it should include a provision to preempt any State data privacy or data protection laws that would prohibit the collection, maintenance, and reporting to the Bureau of 1071 data.

Section 1002.112 Enforcement

Proposed § 1002.112 would address several issues related to the enforcement of violations of the requirements of proposed subpart B. First, proposed § 1002.112(a) would state that a violation of section 1071 or subpart B of Regulation B is subject to administrative sanctions and civil liability as provided in sections 704 and 706 of ECOA. Second, proposed § 1002.112(b) would provide that a bona fide error in compiling, maintaining, or reporting data with respect to a covered application is an error that was unintentional and occurred despite the maintenance of procedures reasonably adapted to avoid such an error. This proposed provision also addresses the maintenance of procedures reasonably adapted to avoid such errors. Third, proposed § 1002.112(c) would identify four safe harbors under which certain errors—namely, certain types of incorrect entries for census tract, NAICS code, small business status, and application date—would not constitute violations of ECOA or Regulation B.

The Bureau is proposing § 1002.112 to implement sections 704 and 706 of ECOA, pursuant to its authority under ECOA section 704B(g)(1) to prescribe such rules and issue such guidance as may be necessary to carry out, enforce, and compile data pursuant to section 1071 and pursuant to its authority under 704B(g)(2) to adopt exceptions to any requirement of section 1071 and to exempt any financial institution or class of financial institutions from the requirements of section 1071, as the Bureau deems necessary or appropriate to carry out the purposes of section 1071.

112(a) Administrative Enforcement and Civil Liability

A violation of section 1071 is subject to the enforcement provisions of ECOA, of which section 1071 is a part. ECOA contains administrative enforcement provisions in section 704, and it provides for civil liability in section 706. The enforcement provisions in existing Regulation B (§ 1002.16(a)(1) and (2)) cross-reference and paraphrase these administrative enforcement and civil liability provisions of ECOA.

Proposed § 1002.112(a) would provide that a violation of section 1071 or subpart B of Regulation B is subject to administrative sanctions and civil liability as provided in sections 704 and 706 of ECOA, where applicable. Regarding stakeholder concerns about private litigants bringing actions for non-compliance, the Bureau believes that its administrative enforcement mechanisms would be appropriate and adequate to address most instances of non-compliance by financial institutions that report 1071 data to the Bureau, based on its experience with Regulation C and HMDA. The Bureau believes that proposed § 1002.112(b) addresses the concerns raised by stakeholders that requested that penalties for non-compliance not be assessed in the first year that 1071 data is collected, given the likelihood of unintentional errors as covered financial institutions learn how to implement this rule.

The Bureau seeks comment on its proposed approach to administrative enforcement and civil liability.

112(b) Bona Fide Errors

SBREFA Proposal Under Consideration and Feedback Received

During the SBREFA process, SERs and other industry stakeholders expressed concern about private litigants suing them for non-compliance with the 1071 rule. In addition, several SERs requested that the Bureau not assess penalties for the first year of 1071 data collection and reporting, as it did following the 2015 HMDA final rule; prior to the compliance date for that rule, the Bureau issued a policy statement announcing it would not seek penalties for errors for the first calendar year (2018) of data collected under the amended Regulation C. Stakeholders asked the Bureau to emulate that approach for 1071. Other stakeholders expressed concern about the potential consequences of committing what they viewed as technical or inadvertent errors in collecting or reporting 1071 data. One financial institution stakeholder suggested that the 1071 rule adopt or emulate the good faith error provisions set out in Regulation C, including § 1003.6(b)(1), which provides that an error in compiling or recording data for a covered loan or application is not a violation of HMDA or Regulation C if the error was unintentional and occurred despite the maintenance of procedures reasonably adapted to avoid such an error. Stakeholders also referred to the existing error-related exemptions in ECOA and Regulation B. ECOA's civil liability provision states that creditors will not be liable for acts done or omitted in good faith in conformity with any official rule, regulation, or interpretation thereof by the Bureau.

Proposed Rule

Proposed § 1002.112(b) would provide that a bona fide error in compiling, maintaining, or reporting data with respect to a covered application is an error that was unintentional and occurred despite the maintenance of procedures reasonably adapted to avoid such an error. A bona fide error is not a violation of ECOA or subpart B. A financial institution is presumed to maintain procedures reasonably adapted to avoid errors with respect to a given data field if the number of errors found in a random sample of the financial institution's submission for the data field does not equal or exceed a threshold specified by the Bureau for this purpose in proposed appendix H. However, an error is not a bona fide error if either there is a reasonable basis to believe the error was intentional or there is other evidence that the financial institution did not maintain procedures reasonably adapted to avoid such errors.

The Bureau believes that a similar approach to Regulation C, modified and combined with the approach taken by Federal agencies in HMDA examinations, would be appropriate here. Regulation C § 1003.6(b)(1) provides that an error in compiling or recording data for a covered loan or application is not a violation of HMDA or Regulation C if the error was unintentional and occurred despite the maintenance of procedures reasonably adapted to avoid such an error. In an examination of a financial institution for compliance with Regulation C, a financial institution may make a certain number of unintentional errors in a testing sample of applications for a given data field in the institution's loan/application register (LAR), the HMDA analog to the small business lending application register, before it must resubmit its LAR. These tolerance thresholds are based on the number of loans or applications in a LAR as set out in the HMDA tolerances table in the FFIEC's Interagency HMDA examination procedures.

For instance, as described in the HMDA tolerances table, a bank that submitted 45 applications is subject to a threshold of three inadvertent errors per data field based on the review of a random sample of 30 applications in the bank's LAR; a bank that submitted 45,000 applications would be subject to a threshold of four inadvertent errors per data field based on a sample of 79 applications. The tolerances thresholds, as a percentage of the random sample of applications reviewed, become more stringent as the number of total applications rises.

The Bureau would provide a similar table of thresholds in proposed appendix H and incorporate it in the bona fide error provision as set out in proposed § 1002.112(b). Under this proposed provision and the table of thresholds in proposed appendix H, financial institutions that report a number of errors equal to or below the applicable thresholds are presumed to have in place procedures reasonably adapted to avoid errors; those that report a number of errors above the applicable thresholds are not presumed to have in place procedures reasonably adapted to avoid errors. The Bureau believes that this approach would be broadly consistent with the approach it has taken for HMDA. The Bureau also believes that this approach would address the concerns expressed by stakeholders regarding liability for some data reporting errors, especially in the earlier years of reporting, as processes are first being implemented. Moreover, the Bureau believes that this provision will help to ensure the accuracy of the data submitted by requiring the maintenance of appropriate procedures; at the same time, this provision will prevent financial institutions from being subjected to liability for some difficult-to-avoid errors that could drive those institutions from the small-business lending market. Therefore, the Bureau believes this provision is necessary to carry out, enforce, and compile data pursuant to section 1071, as well as necessary or appropriate to carrying out section 1071's purposes.

Proposed comment 112(b)-1 would explain that a financial institution is presumed to maintain procedures reasonably adapted to avoid errors with respect to a given data field if the number of errors found in a random sample of the financial institution's submission for the data field does not equal or exceed a threshold specified by the Bureau for this purpose. Proposed comment 112(b)-1 would also explain that the Bureau's thresholds appear in column C of the table in proposed appendix H, and that the size of the random sample shall depend on the size of the financial institution's small business lending application register, as shown in column A of the table in appendix H.

Proposed comment 112(b)-2 would provide that, for purposes of determining bona fide errors under § 1002.112(b), the term “data field” generally refers to individual fields, but that, with respect to information on the ethnicity or race of an applicant or borrower, or co-applicant or co-borrower, a data field group may consist of more than one field. If one or more of the fields within an ethnicity or race field group have errors, they count as one (and only one) error for that data field group.

Proposed comment 112(b)-3 would provide that an error that meets the criteria for one of the four safe harbor provisions in proposed § 1002.112(c) would not be counted as an error for purposes of determining whether a financial institution has exceeded the error threshold for a given data field.

The Bureau seeks comment on its proposed approach to bona fide errors, including whether the tolerance levels in proposed appendix H are appropriate.

112(c) Safe Harbors

Proposed § 1002.112(c) would establish four safe harbor provisions, providing that certain types of errors would not constitute violations of ECOA or Regulation B. Proposed § 1002.112(c)(1) would provide a safe harbor for an incorrect entry for census tract obtained by correct use of a geocoding tool provided by the FFIEC or the Bureau. Proposed § 1002.112(c)(2) would provide a safe harbor for an incorrect NAICS code determined by a financial institution under certain circumstances. Proposed § 1002.112(c)(3) would provide a safe harbor for the collection of applicants' protected demographic information pursuant to proposed § 1002.107(a)(18) through (20) after an initially erroneous determination that an applicant is a small business. Proposed § 1002.112(c)(4) would provide a safe harbor for the reporting of an application date that is within three calendar days of the actual application date.

As described in further detail below, the Bureau is proposing the four safe harbors established in proposed § 1002.112(c) pursuant to its authority under ECOA and as amended by section 1071. Section 703 of ECOA provides the Bureau the authority to prescribe regulations to carry out the purposes of ECOA, including such adjustments and exceptions for any class of transactions that in the judgment of the Bureau are necessary or proper to effectuate the purposes of ECOA, to prevent circumvention or evasion thereof, or to facilitate or substantiate compliance therewith. Section 704B(g)(1) provides that the Bureau shall prescribe such rules as may be necessary to carry out, enforce, and compile data pursuant to section 1071. Section 704B(g)(2) authorizes the Bureau to adopt exceptions to any requirement of section 1071 and to exempt any financial institution or class of financial institutions from the requirements of section 1071, as the Bureau deems necessary or appropriate to carry out the purposes of section 1071.

112(c)(1) Incorrect Entry for Census Tract

The Bureau received feedback on the SBREFA Outline, concerning a provision in Regulation C providing for a good faith error exemption in inadvertently selecting the wrong census tract for a property. In response, the Bureau is proposing § 1002.112(c)(1), which would provide that an incorrect entry for census tract is not a violation of ECOA or this subpart if the financial institution obtained the census tract by correctly using a geocoding tool provided by the FFIEC or the Bureau. Regulation C § 1003.6(b)(2) contains a similar provision, and the Bureau believes a similar approach would be appropriate here. Especially in light of the years that financial institutions have already been relying on the FFIEC geocoding tool in the HMDA context, the Bureau believes financial institutions would be justified in expecting not to be held liable for reporting erroneous information provided by the FFIEC or Bureau. Additionally, the Bureau believes that this proposed safe harbor will ultimately improve the accuracy of the data submitted by encouraging the use of reliable FFIEC geocoding tools, and preventing financial institutions from being subjected to liability for some difficult-to-avoid errors that could drive those institutions either to eschew these useful tools or exit the small business lending market. Therefore, the Bureau believes this provision is necessary to carry out, enforce, or compile data pursuant to section 1071, and necessary or appropriate to carry out section 1071's purposes.

Proposed comment 112(c)(1)-1 would explain that the safe harbor provision under proposed § 1002.112(c)(1) would not extend to a financial institution's failure to provide the correct census tract number for a covered application on its small business lending application register, as required by proposed § 1002.107(a)(13), because the FFIEC or Bureau geocoding tool did not return a census tract for the address provided by the financial institution. In addition, proposed comment 112(c)(1)-1 would explain that this safe harbor provision would not extend to a census tract error that results from a financial institution entering an inaccurate address into the FFIEC or Bureau geocoding tool.

The Bureau seeks comment on its proposed approach to this safe harbor.

112(c)(2) Incorrect Entry for NAICS Code

As discussed in the section-by-section analysis of proposed § 1002.107(a)(15) above, the Bureau is proposing to require financial institutions to collect an applicant's 6-digit NAICS code. A financial institution would be permitted to rely on an applicant's representations or on other information regarding its NAICS code as described in proposed comments 107(a)(15)-3 and -4. Proposed § 1002.112(c)(2) would apply when a financial institution does not rely on such information, but instead the financial institution identifies the NAICS code for an applicant and the identified NAICS code is incorrect. Specifically, proposed § 1002.112(c)(2) would provide that the incorrect entry for that institution-identified NAICS code is not a violation of subpart B, provided that the first two digits of the NAICS code are correct and the financial institution maintains procedures reasonably adapted to correctly identify the subsequent four digits.

The Bureau is proposing this safe harbor pursuant to its statutory authority under section 704B(g)(1) and (2). This safe harbor would address comments from several stakeholders who stated that correctly classifying an applicant's NAICS code can be difficult, as the business may change over time, codes may have overlapping definitions, small businesses often do not know their NAICS code, and classifications may be prone to human error. The Bureau believes that this proposed safe harbor would also alleviate concerns about NAICS codes classifications being subject to change based on SBA rulemaking (in situations where the SBA does not change the 2-digit sector code). The Bureau believes that this proposed safe harbor will help to ensure the accuracy of the data submitted by requiring the maintenance of appropriate procedures and requiring that the most crucial first two digits be correct in every instance; at the same time, the proposed safe harbor will prevent financial institutions from being subjected to liability for some difficult-to-avoid errors. Therefore, the Bureau believes this provision is necessary and appropriate to carry out section 1071 and its purposes.

The Bureau seeks comment on its proposed approach to this safe harbor. As discussed in the section-by-section analysis of proposed § 1002.107(a)(15) above, the Bureau seeks comment on its proposal to collect 6-digit NAICS codes with the safe harbor described in proposed § 1002.112(c)(2). The Bureau also seeks comment on whether requiring a 3-digit NAICS code with no safe harbor would be a better alternative.

112(c)(3) Incorrect Determination of Small Business Status

Proposed § 1002.112(c)(3) would provide that a financial institution that initially determines that an applicant is a small business, as defined in proposed § 1002.106(b), but then later concludes the applicant is not a small business, does not violate ECOA or Regulation B if it collected information pursuant to subpart B regarding whether an applicant for a covered credit transaction is a minority-owned business or a women-owned business, and the ethnicity, race, and sex of the applicant's principal owners. Proposed § 1002.112(c)(3) would further provide that a financial institution seeking to avail itself of this safe harbor shall comply with the requirements of subpart B as otherwise required pursuant to proposed §§ 1002.107, 1002.108, and 1002.111 with respect to the collected information.

The Bureau is proposing this safe harbor pursuant to its authority under section 703(a) of ECOA, which allows the Bureau to provide for certain exceptions to Regulation B “as in the judgment of the Bureau are necessary or proper to effectuate the purposes of [ECOA], to prevent circumvention or evasion thereof, or to facilitate or substantiate compliance therewith.” The Bureau believes the proposed safe harbor is needed to address situations where the financial institution initially determines that an applicant is a small business and believes it is required under the 1071 rule to collect protected demographic information, but later concludes that the applicant is not a small business when it, for example, obtains updated gross annual revenue information. In such situations, the financial institution may be uncertain about whether it “may obtain information required by a regulation” under existing § 1002.5(a)(2), which could deter financial institutions from complying with the 1071 rule. The Bureau believes that this safe harbor would facilitate compliance with ECOA by eliminating a situation in which financial institutions might be deterred from appropriately collecting applicants' protected demographic information due to the possibility that their understanding of an applicant's small business status might change during the course of the application process.

Proposed § 1002.112(c)(3) would make it clear that a financial institution does not violate the existing Regulation B general prohibition against inquiring about the race, national origin, or sex of an applicant as long as the financial institution complies with the requirements of the subpart B, including the requirements set forth in proposed §§ 1002.107, 1002.108, and 1002.111 with respect to the collected information. Proposed comment 106(b)-1 would clarify that the financial institution does not report the application on its small business lending application register pursuant to § 1002.109.

The Bureau seeks comment on its proposed approach to this safe harbor.

112(c)(4) Incorrect Application Date

Proposed § 1002.107(a)(2) would require financial institutions to report application date. In the SBREFA Outline, the Bureau stated that it was considering proposing providing financial institutions a grace period of several days on either side of the date reported to reduce the compliance burden of pinpointing an exact date on which an application was received. As discussed in the section-by-section analysis of proposed § 1002.107(a)(2) above, several SERs and other stakeholders were strongly in favor of the Bureau providing such a grace period to reduce compliance burden.

In light of SER and other stakeholder feedback, proposed § 1002.112(c)(4) would provide that a financial institution does not violate proposed subpart B if it reports on its small business lending application register an application date that is within three calendar days of the actual application date pursuant to proposed § 1002.107(a)(2). The Bureau believes that this proposed provision will ensure the level of accuracy needed for the resulting data to be useful in carrying out section 1071's purposes and minimize the risk that financial institutions will be held liable for difficult-to-avoid errors, which might otherwise affect their participation in the small business lending market. Therefore, the Bureau believes this provision is necessary and appropriate to carry out section 1071 and its purposes. The Bureau seeks comment on its proposed approach to this safe harbor.

Section 1002.113 Severability

Proposed § 1002.113 would provide that the provisions of subpart B are separate and severable from one another, and that if any provision is stayed or determined to be invalid, the remaining provisions shall continue in effect.

This is a standard severability clause of the kind that is included in many regulations to clearly express agency intent about the course that is preferred if such events were to occur.

Section 1002.114 Effective Date, Compliance Date, and Special Transitional Rules

Proposed § 1002.114 would address when the proposed rule would be effective and when financial institutions would be required to comply with the rule, as well as how financial institutions could choose to comply with the rule during this transitional period. Proposed § 1002.114(a) would state that this small business lending data collection rule would become effective 90 days after the final rule is published in the Federal Register . Proposed § 1002.114(b) would provide that compliance with the rule would not be required until approximately 18 months after the final rule is published in the Federal Register . Proposed § 1002.114(c)(1) would permit covered financial institutions to begin collecting information pursuant to proposed § 1002.107(a)(18) through (20) beginning 12 months prior to the compliance date. Proposed § 1002.114(c)(2) would permit a financial institution to use a different time period to determine whether it is a covered financial institution under proposed § 1002.105(b) as of the compliance date.

The Bureau is proposing § 1002.114 pursuant to its authority under ECOA section 704B(g)(1) to prescribe such rules and issue such guidance as may be necessary to carry out, enforce, and compile data pursuant to section 1071. The Bureau is also proposing § 1002.114(c) pursuant to its authority under section 703(a) of ECOA to prescribe regulations to carry out the purposes of ECOA and provide exceptions as in the judgment of the Bureau are necessary or proper to effectuate the purposes of or facilitate or substantiate compliance with ECOA.

114(a) Effective Date and 114(b) Compliance Date

Background

Section 1071 does not specify an implementation period, though pursuant to ECOA section 704B(f)(1), financial institutions must report 1071 data to the Bureau on an annual basis. In the SBREFA Outline, the Bureau noted that it sought to ensure that financial institutions have sufficient time to implement the 1071 rule, and stated that it was considering proposing that financial institutions have approximately two calendar years for implementation.

SBREFA Proposal Under Consideration and Feedback Received

SER and stakeholder feedback regarding the two-year period for implementation under consideration was mixed. Some found the two-year period to be adequate, some requested more time, and a few urged for less. Some provided related feedback about adopting a grace period for data errors in the first year(s) after the 1071 rule becomes effective.

A number of stakeholders agreed that two years was sufficient time to implement a 1071 rule. SERs generally supported a two-year implementation period. Several SERs with completely online operations felt that two years was sufficient time to implement the eventual 1071 rule; some estimated that they could do it in less time. A large number of industry stakeholders (including national and regional trade associations, community banks, fintech lenders, and others) accepted a two-year implementation period as adequate or said that two years was the minimum amount of time needed to implement 1071 (though some of these stakeholders also requested more time, as discussed below). A few qualified their statements, however, as dependent on the Bureau not adopting additional data points beyond those discussed in the SBREFA Outline or not making further changes to the rule once it is finalized.

A number of other stakeholders argued that two years was inadequate time to implement a 1071 rule. Some other SERs that do not have primarily online operations and do not have experience with other Federal data reporting regimes such as HMDA said it would be hard to project how long implementation would take, but that it could potentially take three years or more. One SER said that two years would not be enough as currently there are no data collection vendors for 1071 compliance. Another SER said clear and concise definitions were important and expressed frustration that definitive answers to compliance-related questions (whether from the Bureau or third-party vendors) can be hard to come by, which could stymie implementation efforts. One SER suggested that it was overly optimistic for other SERs (mostly CDFIs) to say they would be able to implement 1071 quickly.

Some of the industry stakeholders mentioned above requested more time, up to three years, and suggested that two years was the bare minimum they required to implement a 1071 rule, given the need to create new systems, policies and procedures, to change their products as needed, and to train personnel in compliance. One large bank trade association stakeholder requested three years coupled with a two-year grace period.

Several trade associations representing community banks and credit unions asserted that two years was inadequate for smaller financial institutions that had no experience with HMDA or similar reporting regimes. These commenters suggested tiered implementation, with larger financial institutions (or HMDA reporters) reporting earlier and smaller financial institutions later. Similarly, two smaller trade associations asserted that smaller and mission-based lenders should have up to three years to implement 1071.

A number of stakeholders argued that two years was too much time to implement a 1071 rule. Several community group stakeholders opposed a two-year implementation period as too long and instead supported a one-year period. These groups opposed a longer implementation period on the grounds that ten years have elapsed since Dodd-Frank Act was passed and the need for data to analyze disparities in small business lending is urgent. A State-level trade association suggested a one-year period for larger financial institutions and a longer period for smaller financial institutions.

Some stakeholders requested a grace period associated with the first year of implementation. A few SERs suggested that the Bureau adopt a grace period of some kind during which financial institutions would not be penalized for erring in trying to comply with a 1071 regulation. This grace period would be akin to the first year in which the 2015 revisions to Regulation C were effective, when examinations were used to troubleshoot and perfect data reporting rather than penalize reporters. Two other industry stakeholders similarly requested a safe harbor for any data collection errors for the first one or two years following the rule's effective date.

The SBREFA Panel recommended that the Bureau seek comment on the sufficiency of a two-year implementation period, and in particular what aspects of a 1071 rule might require more or less time to implement. The Panel further recommended that the Bureau seek comment on ways to facilitate implementation for small financial institutions, particularly those that have had no experience with any kind of Federal data reporting regime.

Proposed Rule

The Bureau is proposing in § 1002.114(a) that its small business lending data collection rule become effective 90 days after the final rule is published in the Federal Register . At that time, the rule would become part of the Code of Federal Regulations; this would permit financial institutions to avail themselves of the special transitional rule in proposed § 1002.114(c)(2), discussed below. However, pursuant to proposed § 1002.114(b), compliance with the final rule would not be required until approximately 18 months after the final rule is published in the Federal Register .

The Bureau's proposed approach is a compromise between the two-year implementation period under consideration at SBREFA that a slight majority of stakeholders found acceptable and the shorter one-year implementation period requested by certain stakeholders. The Bureau believes that the statutory purposes of section 1071 are better served by an earlier compliance date that would, in turn, result in earlier publication of data by the Bureau. The Bureau acknowledges the preference of various SERs and other stakeholders for a compliance period of two or more years to comply. The Bureau notes, however, that some SERs and other industry stakeholders said that they could be ready in less than two years. The Bureau agrees with the stakeholders that asserted that a shorter implementation period is preferable given the length of time that has elapsed since the passage of section 1071 of the Dodd-Frank Act.

The Bureau notes that it does not anticipate setting the compliance date at exactly 18 months following publication of the final rule in the Federal Register . Rather, the Bureau expects to specify a date certain for a compliance date, which it anticipates will be approximately 18 months after the final rule is published. Thus, for example, if the Bureau published the final rule in June 2023, the Bureau would set the compliance date at January 1, 2025.

If the final rule were published early or late in the year, because proposed § 1002.114(b) would require compliance approximately 18 months after publication of the final rule, the compliance date would be set in mid-year. For instance, if the final rule were published in the Federal Register in March 2023, the compliance date would be in September 2024. Based on this possibility, the Bureau is considering whether to permit or require financial institutions to collect data on a partial year basis in the remainder of the first year following the compliance date, as the section-by-section analysis of proposed § 1002.109(a)(1) addresses. For example, if the compliance date were July 1, 2024, the Bureau would permit or require all financial institutions to collect and report data pursuant to proposed § 1002.109(a) for the period July 1 to December 31, 2024, and financial institutions would report that data by June 1, 2025 (pursuant to proposed § 1002.109(a)(1)(i)). After 2024, financial institutions would comply with proposed § 1002.109(a), which requires the collection of 1071 data on a calendar year basis.

The Bureau believes that permitting or requiring a partial year collection in the initial year of compliance would further the purposes of section 1071 by expediting the collection and, potentially, the publication of data to be used to further the fair lending and community development purposes of the statute.

The Bureau seeks comment on its proposed effective date of 90 days following publication of an eventual final rule and its proposed compliance date of approximately 18 months after the publication of its final rule to implement section 1071. In particular, the Bureau seeks comment on which aspects of the Bureau's proposed rule might require more or less time to implement, and ways in which the Bureau could facilitate implementation for small financial institutions, especially those that have had no experience with other Federal data reporting regimes. The Bureau further seeks comment on two alternatives: (a) Whether the Bureau should adopt a compliance date of two years after the publication of the final rule; and (b) whether the Bureau should adopt different compliance dates based on the size of a financial institution ( e.g., one year for large financial institutions, two years for smaller institutions).

114(c) Special Transitional Rules

The Bureau is proposing two transitional rules in § 1002.114(c) to facilitate the compliance of financial institutions with subpart B. Proposed § 1002.114(c)(1) would permit covered financial institutions to collect information regarding applicants' minority-owned business status, women-owned business status, and the race, sex, and ethnicity of applicants' principal owners under proposed § 1002.107(a)(18) through (20) beginning 12 months prior to the compliance date. Proposed § 1002.114(c)(2) would provide that to determine if it is a covered financial institution as of the compliance date, a financial institution is permitted to use its originations of covered credit transactions for small businesses in the second and third preceding calendar years (rather than its originations in the two immediately preceding calendar years).

The Bureau believes that these transitional rules are necessary to carry out, enforce, and compile data pursuant to section 1071, will carry out the purposes of ECOA, and are necessary or proper to effectuate the purposes of ECOA and facilitate or substantiate compliance therewith.

114(c)(1) Collection of Information Prior to the Compliance Date

Proposed § 1002.114(c)(1) would provide that a financial institution that will be a covered financial institution as of the compliance date in proposed § 1002.114(b) is permitted, but not required, to collect information regarding whether an applicant for a covered credit transaction is a minority-owned business under proposed § 1002.107(a)(18), a women-owned business under proposed § 1002.107(a)(19), and the ethnicity, race, and sex of the applicant's principal owners under proposed § 1002.107(a)(20) beginning 12 months prior to the compliance date. A financial institution collecting such information pursuant to proposed § 1002.114(c)(1) must do so in accordance with the requirements set out in proposed §§ 1002.107(18) through (20) and 1002.108. The Bureau believes that this provision would give financial institutions time to test their procedures and systems for compiling and maintaining this information in advance of actually being required to collect and subsequently report it to the Bureau. Under this proposed provision, financial institutions would have time to adjust any procedures or systems that may result in the inaccurate compilation or maintenance of applicants' protected demographic information, the collection of which is required by section 1071 but otherwise generally prohibited under ECOA and Regulation B. (Financial institutions could of course collect the other information that would be required by this proposed rule at any time, without needing express permission in Regulation B to do so.) The Bureau believes that this provision would facilitate compliance and improve the quality and accuracy of the 1071 data reported to the Bureau and therefore is necessary to carry out, enforce, and compile data pursuant to section 1071, and will carry out the purposes of ECOA, and is necessary or proper to effectuate the purposes of ECOA and facilitate or substantiate compliance therewith.

The Bureau seeks comment on the approach in this proposal.

114(c)(2) Determining Whether a Financial Institution is a Covered Financial Institution for Purposes of This Subpart

Proposed § 1002.114(c)(2) would provide that for purposes of determining whether a financial institution is a covered financial institution under proposed § 1002.105(b) as of the compliance date specified in proposed § 1002.114(b), a financial institution would be permitted, but not required, to use its originations of covered credit transactions for small businesses in the second and third preceding calendar years (rather than its originations in the two immediately preceding calendar years). The Bureau believes that this proposed provision would provide greater clarity and certainty to financial institutions as to whether or not they would be covered financial institutions as of the compliance date. This may be particularly important for those financial institutions that originate a volume of covered credit transactions close to the threshold under proposed § 1002.105(b). The Bureau believes this provision is necessary to carry out, enforce, and compile data pursuant to section 1071.

The Bureau seeks comment on the approach in this proposal.

Appendix E to Part 1002—Sample Form for Collecting Certain Applicant-Provided Data Under Subpart B

Background

ECOA section 704B(b) requires financial institutions to inquire whether applicants are women-owned businesses, minority-owned businesses, or small businesses, and to maintain a record of the responses to that inquiry separate from the applications and accompanying information.

Additionally, ECOA section 704B(e) requires financial institutions to compile, maintain, and report certain information, including the ethnicity, race, and sex of an applicant's principal owners. Section 1071 does not set out what categories should be used when collecting and reporting this information.

ECOA section 704B(c) provides that applicants for credit may refuse to provide information requested pursuant to 704B(b), including minority-owned and women-owned business status.

Under ECOA section 704B(d)(2), if a financial institution determines that an underwriter, employee, or officer involved in making a determination “should have access” to any information provided by the applicant pursuant to a request under section 704B(b), the financial institution must provide a notice of “the access of the underwriter to such information,” along with notice that the financial institution may not discriminate on the basis of such information.

SBREFA Proposal Under Consideration and Feedback Received

In the SBREFA Outline, the Bureau stated that it was considering developing a sample data collection form to assist industry in collecting the principal owners' ethnicity, race, and sex and to communicate an applicant's right to refuse to provide such information. The Bureau stated in the SBREFA Outline that this sample data collection form would also include the definition of principal owner and clarify that it is possible, depending on the factual circumstances, that no one will be identified as a principal owner. It also stated that the Bureau was considering proposing simplified applicant-facing materials to aid industry in collecting minority-owned business status and women-owned business status. Specifically, for these applicant-facing materials and industry clarifications, the Bureau stated in the SBREFA Outline that it was considering proposing the following definitions: (1) “Ownership” to mean directly or indirectly having an equity interest in a business ( i.e., directly or indirectly, through any contract, arrangement, understanding, relationship, or otherwise, owning an equity interest in the business); (2) “control” of a business to mirror the CDD rule, where it means having significant responsibility to control, manage, or direct a business; and (3) the “accrual of net profit or loss” with reference to generally accepted accounting practices and any applicable Internal Revenue Service standards. Finally, the Bureau stated in the SBREFA Outline that it was considering developing model disclosures that financial institutions could use when providing the notice under ECOA section 704B(d)(2).

Some SERs requested that the Bureau develop a uniform collection form to assist financial institutions with the collection of reporting of minority-owned business status, women-owned business status, and the race, sex, and ethnicity of principal owners. One SER suggested developing a sample data collection form similar to the one used for HMDA data collection and including the same disclosures. One commenter noted that the use of a model form may increase the uniformity and consistency of reporting demographic information. Another commenter suggested that any model form should include an explanation of why the financial institution is requesting the information and a statement of the applicant's right to refuse to provide the information.

One SER asked that, if the Bureau provided sample language for the notice to be provided pursuant to ECOA section 704B(d)(2), that the Bureau provide it in English as well as in other languages, such as Spanish. One SER stated that sample language for a notice should include a statement that underwriter access to demographic information is not detrimental and that such access is necessary due to the small size of the lender.

The SBREFA Panel recommended that the Bureau consider creating sample data collection forms that, to the extent possible, simply and clearly explain the information being requested for purposes of the minority-owned business data point, the women-owned business data point, and the principal owners' ethnicity, race, and sex data point. It also said that the Bureau should additionally consider providing these sample data collection forms in other languages, such as Spanish. The Panel also recommended that the Bureau consider developing sample disclosure language that financial institutions could use to provide some context as to why applicants are being asked to provide demographic information, in order to encourage applicants to respond.

Proposed Rule

Consistent with the SBREFA Panel's recommendation, the Bureau is proposing a sample data collection form that financial institutions could use to collect minority-owned business status, women-owned business status, and principal owners' ethnicity, race, and sex. As suggested in the feedback from SERs, the proposed sample data collection form would be similar to the HMDA data collection form and would include a notice of the applicant's right to refuse to provide the information as well as an explanation of why the financial institution is requesting the information. The sample data collection form would also include the definitions of minority individual, minority-owned business, principal owner, and women-owned business as they would be defined in proposed § 1002.102( l ), (m), (o), and (s), respectively. Although the Bureau is not currently proposing a sample data collection form in Spanish or any language other than English, the Bureau requests comment on whether a sample data collection form in Spanish or in another language other than English would be useful to financial institutions in the context of their 1071 obligations.

Additionally, to aid financial institutions with the collection of the information in proposed § 1002.107(a)(21), the sample data collection form would include a question about the applicant's number of principal owners.

Finally, consistent with the SBREFA Panel's recommendation, the Bureau is proposing that the sample data collection form would include language that a financial institution could use to satisfy the notice requirement under ECOA section 704B(d)(2) if it determines that one or more employees or officers should have access to the applicant's protected demographic information pursuant to proposed § 1002.108(b)(2).

The Bureau is proposing appendix E pursuant to its authority under ECOA section 704B(g)(1) to prescribe such rules and issue such guidance as may be necessary to carry out, enforce, and compile data pursuant to section 1071, in order to facilitate compliance with the statutory requirements to collect minority-owned and women-owned business status, and the ethnicity, race, and sex of principal owners pursuant to 704B(b)(1) and (e)(2)(G). Further, the Bureau is proposing appendix E pursuant to its obligation in 704B(g)(3) to issue guidance to facilitate compliance with the requirements of section 1071, including assisting financial institutions in working with applicants to determine whether the applicants are women-owned or minority-owned businesses.

The Bureau seeks comment on the proposed sample data collection form, including the proposed language for the notice under ECOA section 704B(d)(2). The Bureau generally requests comment on whether additional clarification regarding any aspect of the sample data collection form or the related notice provided pursuant to 704B(d)(2) is needed. The Bureau also seeks comment on whether the sample data collection form should identify the Bureau to applicants as a potential resource in connection with their applicable legal rights or for additional information about the data collection, including concerns regarding non-compliance. In addition, the Bureau seeks comment on whether financial institutions need additional information on how to adapt this form for use in digital modes of data collection, and, if so, what specific information would be most useful.

Appendix F to Part 1002—Instructions for Collecting and Reporting Small Business Applicants' Minority-Owned and Women-Owned Business Status Under Subpart B

ECOA section 704B(b) requires financial institutions to inquire whether applicants for credit are women-owned businesses, minority-owned businesses, or small businesses and to maintain a record of the responses to that inquiry separate from the applications and accompanying information. However, section 1071 does not include specific instructions on how a financial institution should collect or report such information.

The Bureau is proposing appendix F to provide instructions to aid financial institutions when collecting minority-owned business status pursuant to proposed § 1002.107(a)(18) and women-owned business status pursuant to proposed § 1002.107(a)(19).

The Bureau is proposing appendix F pursuant to its authority under ECOA section 704B(g)(1) to prescribe such rules and issue such guidance as may be necessary to carry out, enforce, and compile data pursuant to section 1071, in order to facilitate compliance with the statutory requirements to collect minority-owned and women-owned business status pursuant to 704B(b)(1). Further, the Bureau is proposing appendix F pursuant to its obligation in 704B(g)(3) to issue guidance to facilitate compliance with the requirements of section 1071, including assisting financial institutions in working with applicants to determine whether the applicants are women-owned or minority-owned businesses.

The Bureau seeks comment on the proposed instructions, and generally requests comment on whether additional clarification regarding any aspect of the proposed instructions is needed. The Bureau further requests comment on whether additional or different instructions are needed for financial institutions that choose not to use a paper data collection form to collect minority-owned business status or women-owned business status, such as collecting such information using a web-based or other electronic data collection form, or over the telephone. The Bureau also seeks comment regarding the challenges faced by both applicants and financial institutions by the data collection instructions prescribed in appendix F and specifically requests comment on ways to improve the data collection of minority-owned business status and women-owned business status.

Appendix G to Part 1002—Instructions for Collecting and Reporting Ethnicity, Race, and Sex of Small Business Applicants' Principal Owners Under Subpart B

ECOA section 704B(e) requires financial institutions to compile, maintain, and report certain information, including the ethnicity, race, and sex of an applicant's principal owners, but does not provide specific instructions on how a financial institution should do so.

The Bureau is proposing appendix G to provide instructions to aid financial institutions when collecting principal owners' ethnicity, race, and sex pursuant to proposed § 1002.107(a)(20). The Bureau is proposing appendix G pursuant to its authority under ECOA section 704B(g)(1) to prescribe such rules and issue such guidance as may be necessary to carry out, enforce, and compile data pursuant to section 1071, to facilitate compliance with the statutory requirements to collect the ethnicity, race, and sex of principal owners pursuant to 704B(e)(2)(G), and pursuant to 704B(g)(3), which directs the Bureau to issue guidance designed to facilitate compliance with the requirements of section 1071.

The Bureau seeks comment on the proposed instructions, and generally requests comment on whether additional clarification regarding any aspect of the proposed instructions is needed. The Bureau further requests comment on whether additional or different instructions are needed for financial institutions that chose not to use a paper data collection form to collect, principal owners' ethnicity, race, and sex, such as collecting such information using a web-based or other electronic data collection form or over the telephone. The Bureau also seeks comment regarding the challenges faced by both applicants and financial institutions by the data collection instructions prescribed in appendix G and specifically requests comment on ways to improve the data collection of principal owners' ethnicity, race, and sex.

Appendix H to Part 1002—Tolerances for Bona Fide Errors in Data Reported Under Subpart B

The Bureau is proposing appendix H, which would set out a Threshold Table, as referred to in proposed § 1002.112(b) and proposed comment 112(b)-1. As these provisions would explain, a financial institution is presumed to maintain procedures reasonably adapted to avoid errors with respect to a given data field if the number of errors found in a random sample of a financial institution's data submission for a given data field do not equal or exceed the threshold in column C of the Threshold Table.

Under the Threshold Table in proposed appendix H, column A would list the size of the financial institution's small business lending application register in ranges of application register counts ( e.g., 25 to 50, 51-100, 101-130, etc.). The applicable register count range would then determine both the size of the random sample, under column B, and the applicable error threshold, under column C. The error threshold of column C, as proposed comment 112(b)-1 would explain, identifies the maximum number of errors that a particular data field in a financial institution's small business lending application register may contain such that the financial institution is presumed to maintain procedures reasonably adapted to avoid errors with respect to a given data field. Column D would be illustrative, showing the error threshold as a percentage of the random sample size.

Proposed appendix H would also include examples of how financial institutions would use the Threshold Table.

For the reasons set out in the section-by-section analysis of proposed § 1002.112(b), the Bureau is proposing appendix H pursuant to its authority under ECOA section 704B(g)(1) to prescribe such rules and issue such guidance as may be necessary to carry out, enforce, and compile data pursuant to section 1071, and its authority under 704B(g)(2) to adopt exceptions to any requirement of section 1071 and to exempt any financial institution or class of financial institutions from the requirements section 1071 as the Bureau deems necessary or appropriate to carry out the purposes of section 1071.

The Bureau seeks comment on this proposed appendix H. In particular, the Bureau seeks comment on whether the register count ranges in column A, the random sample sizes in column B, and the error thresholds in column C are appropriate. The Bureau further seeks comment on whether a covered financial institution should be required to correct and resubmit data for a particular data field, if the institution has met or exceeded the thresholds provided in appendix H.

VI. Public Disclosure of 1071 Data

A. Introduction

Section 1071 of the Dodd-Frank Act amended ECOA to require financial institutions to collect and report to the Bureau data about applications for credit for women-owned, minority-owned, and small businesses, and for those data to be subsequently disclosed to the public.

The Bureau is proposing that financial institutions not compile, maintain, or submit any name, specific address, telephone number, email address or any personally identifiable information concerning any individual who is, or is connected with, an applicant, other than as would be required pursuant to proposed § 1002.107. Nonetheless, publication of the data fields proposed in § 1002.107(a) in an unedited, application-level format could potentially affect the privacy interests and lead to the re-identification of, and risk of harm to, small businesses, related natural persons, and financial institutions.

Section 1071 states that the Bureau may, “at its discretion, delete or modify data collected under [section 1071] which is or will be available to the public, if the Bureau determines that the deletion or modification of the data would advance a privacy interest.” For the reasons discussed below, the Bureau is proposing to adopt a balancing test as the method by which it would implement its “discretion” to delete or modify data before making the data available to the public.

However, the Bureau does not yet have any data under section 1071 and the Bureau does not believe that there are any comparable datasets that it could use as an adequate proxy for 1071 data to which it could apply the balancing test at this time. The Bureau is thus setting forth herein a partial analysis under the balancing test, for public comment. With several exceptions, discussed in part VI.C.6 below, the Bureau is not at this time proposing specific modifications or deletions for the public application-level 1071 data. After the Bureau receives at least one full year of 1071 data from financial institutions following the compliance date of the final rule, the Bureau intends to issue a policy statement (informed by comments received on the partial analysis in this proposal), in which the Bureau would set forth its intended modifications and deletions.

B. Background

1. SBREFA Outline

In the SBREFA Outline, the Bureau stated it was considering proposing to use a balancing test for purposes of deciding how to exercise its discretion to modify or delete data prior to publication. The Bureau explained that data would be modified or deleted if disclosure of the data in unmodified form would pose risks to privacy interests that are not justified by the benefits of public disclosure in light of the statutory purposes of section 1071. If the risks of disclosing unmodified data are not justified by the benefits under the balancing test, the Bureau explained it would determine whether modifications could appropriately diminish the risks. The Bureau further explained that it was considering proposing to apply this balancing test to the privacy interests of non-natural persons ( e.g., small business applicants or financial institutions), with respect to protecting sensitive commercial information, as well as the privacy interests of natural persons ( e.g., principal owners), with respect to protecting personal information.

As an alternative to a balancing test, the Bureau had considered an approach in which it would modify data prior to publication if an identified privacy risk crosses some significance threshold, without assessing that risk against the benefit of disclosure. The Bureau explained that such an approach, however, could be inconsistent with the express disclosure purposes of the statute.

2. SBREFA Feedback

The Bureau received feedback on its privacy proposals under consideration from SERs and other commenters; the SBREFA Panel also made recommendations regarding privacy. Comments related to the design and implementation of the balancing test itself are described immediately below. Comments addressing general issues related to benefits, privacy risks, and potential modifications of data fields are described further below in part VI.C. Comments addressing the benefits of specific data fields the Bureau considered as part of the SBREFA process are discussed in the section-by-section analysis of proposed § 1002.107(a), in part V above. Comments addressing the privacy risks and potential modifications of specific data fields are discussed below in part VI.C.

With respect to the balancing test itself, several SERs expressed the view that it would be difficult to balance transparency and fairness in the marketplace with privacy interests. A SER and another industry commenter suggested that the balancing test described in the SBREFA Outline would not adequately protect privacy interests because it appeared to be subjective, dependent on the limitations of agency expertise, and subject to change. A community group commenter maintained that financial institution privacy did not appear to have been a concern for Congress in section 1071.

One industry commenter recommended that the Bureau consider the alternative approach of not balancing privacy risks against the benefits of disclosure because of the heightened privacy risks in the small business market (relative to consumer privacy risks), particularly in geographies where re-identification risk is higher. Another industry commenter expressed the view that excluding community banks from collection and reporting would provide a more straightforward approach to protecting privacy. On the other hand, a community group maintained that the benefits of public disclosure would always justify any alleged privacy risks.

Commenters also addressed information security concerns and potential conflicts with other privacy laws. Two SERs raised concerns that the transmission of 1071 data to the Bureau could give rise to the risk of a data security breach involving personally identifiable information or information that would directly identify a small business. One SER requested that financial institutions be held harmless if there were a data security breach for which the Bureau was responsible. Another industry commenter expressed the concern that some applicants would be hesitant to provide information in light of data security concerns. Another requested that the Bureau describe and seek comment on its data security safeguards.

Commenters also addressed procedural issues surrounding the implementation of the Bureau's privacy analysis. Several industry commenters requested that the Bureau not bifurcate the analysis of privacy issues into a separate notice-and-comment rulemaking, which was the approach the Bureau took with respect to data fields reported under the 2015 HMDA Final Rule. One commenter stated that a full explanation of the balancing test design and its application would help financial institutions consider potential reputational risks associated with data disclosure. One industry stakeholder stated that the Bureau should take what the stakeholder described as a transparent approach to decisions about public disclosure. Another stakeholder stated that if privacy issues are raised after implementation of a rulemaking, the Bureau should, as the stakeholder described, promptly limit publication of data that might be released to the public. Other industry commenters maintained that decisions about modifications or deletions to protect privacy should be published following notice-and-comment rulemaking, rather than by policy statement.

The SBREFA Panel recommended that the Bureau offer more detail in the proposal on the balancing test and its application to the 1071 data fields. The Panel also recommended that the Bureau seek comment on how it should design and implement the balancing test. In addition, the Panel recommended that the Bureau seek comment on the range of privacy concerns articulated by SERs, including potential re-identification of small businesses and financial institutions, as well as the types of harms and sensitivities the unmodified release of 1071 data could cause to financial institutions and small business applicants. Finally, the Panel recommended that the Bureau seek comment on the potential benefits of publishing unmodified 1071 data.

C. Design, Implementation, and Application of Balancing Test

In light of the feedback from SERs and other stakeholders, and for the reasons below, the Bureau is proposing to adopt a balancing test, consistent with the test described in the SBREFA Outline. As recommended by the SBREFA Panel, the Bureau is providing additional detail on the balancing test and how it would be applied to the proposed 1071 data points; this analysis is in Preliminary Application of the Balancing Test in part VI.C.6 below. As discussed under Implementation of the Balancing Test in part VI.C.2 below, however, the Bureau is not proposing specific modifications or deletions for most of the proposed data fields because data required for a statistical analysis of re-identification risk are not yet available.

1. Balancing Test Design

Under ECOA section 704B(e)(4), the Bureau “may, at its discretion, delete or modify data collected under this section which is or will be available to the public, if the Bureau determines that the deletion or modification of the data would advance a privacy interest.” Congress thus provided the Bureau with broad discretion to modify or delete data prior to public disclosure to advance privacy interests. The Bureau continues to believe that a balancing test is a reasonable approach for exercising this discretion and would effectuate the purposes of section 1071 better than the alternative approaches discussed in the SBREFA Outline and recommended by some commenters. As recognized by commenters, exercising this discretion inherently requires that the Bureau reconcile competing policy interests. A balancing test approach would help the Bureau consider the privacy risks and benefits of disclosing data fields, tailor modifications or deletions of data narrowly to appropriately balance privacy risks and benefits in the published data, and establish a decision framework that is responsive to a broad set of stakeholder concerns that might evolve over time. The Bureau intends to engage with stakeholders, including through this proposal, to supplement its own expertise in evaluating privacy interests for these purposes.

Alternative approaches recommended by stakeholders are summarized in part VI.B.2 above. The Bureau is not proposing approaches that do not consider the benefits of public disclosure because it is concerned they would result in outcomes inconsistent with the statutory purposes. For example, deleting all application-level data from public release and instead publishing aggregate data would advance privacy interests but would substantially undermine the public disclosure purposes of the statute.

The Bureau also considered the suggestion that it exercise its discretion to modify or delete application-level data prior to publication by exempting classes of financial institutions from public disclosure. While this would address the privacy interests of those financial institutions and their customers that might arise in certain markets, this approach would be too narrow because privacy concerns that arise for these persons may also arise for others, such as small businesses and natural persons in other markets. The Bureau is not proposing an approach that assumes the benefits of disclosure will always justify risks to privacy interests. The commenter recommending this approach did not provide a basis for such a conclusion with respect to individual data fields, or the dataset as a whole.

With respect to the comment that the Bureau not consider the privacy interests of financial institutions, section 1071 generally provides that the Bureau may delete or modify data if it determines that doing so “would advance a privacy interest.” The statute does not define the term “privacy interest,” however, and the Bureau believes it can reasonably be interpreted broadly, for purposes of section 1071, to include interests of non-natural persons with respect to certain commercial information.

Whether a non-natural person has cognizable “privacy interests” under the Constitution or common law is not a settled legal question across all areas of the law. Common law recognizes that businesses have an interest in protecting sensitive commercial information, similar to the privacy interests enjoyed by natural persons. Although the courts have typically described these interests as property interests, cases sometimes describe these types of interests as privacy interests. Some circuits have held that non-natural persons have constitutionally protected privacy interests, while other circuits have rejected this notion. The Supreme Court has held that corporations do not have privacy rights on par with natural persons, and that corporations do not have “personal” privacy interests; however, it has not directly addressed the issue of whether a non-natural person has a cognizable “privacy interest.” The Bureau also understands that the interests of many small businesses may be closely tied to the privacy interests of natural persons.

The Bureau believes it is appropriate to consider the privacy interests of non-natural persons under the 1071 balancing test. The proposed 1071 data points would reveal information about non-natural persons—including small businesses and financial institutions—and Congress did not expressly limit the privacy interests the Bureau may consider to those of natural persons. Nor did Congress expressly limit the privacy interests the Bureau may consider to those of applicants or borrowers, as it did in HMDA. Further, courts have recognized that non-natural persons have privacy interests in certain contexts. The Bureau seeks comment on its interpretation of “privacy interests” under section 1071 and its proposal to consider the privacy interests of both financial institutions and non-natural person applicants.

Several commenters raised concerns about the information security implications of reporting data to the Bureau. While the Bureau's information security procedures are outside the scope of this rulemaking, the Bureau takes strong measures to mitigate and address any risks to the security of sensitive data it receives, consistent with the guidance and standards set for Federal information security programs, and is committed to protecting the privacy and information security of the 1071 data it receives from financial institutions. In addition, the Bureau does not believe a financial institution could be held legally liable for the exposure of data due to a breach at a government agency or for reporting data to a government agency if the institution was legally required to provide the data to the agency and did so in accordance with other applicable law.

The Bureau acknowledges the concern raised by some SERs and other stakeholders that some applicants might be hesitant to provide information in light of data security concerns. However, the Bureau does not believe that such concerns will broadly discourage applicants from seeking credit from financial institutions that are responsible for reporting data to the Bureau.

For the reasons described above, the Bureau proposes to use a balancing test to exercise its discretion under ECOA section 704B(e)(4) to delete or modify data collected under section 1071 which is or would be available to the public where the Bureau determines that the deletion or modification of the data would advance a privacy interest. Specifically, the Bureau proposes to modify or, as appropriate, delete data fields from the public application-level 1071 data where the release of the unmodified data would create risks to the privacy interests of applicants, related natural persons, or financial institutions that would not be justified by the benefits of such release to the public in light of the statutory purposes of section 1071. In such circumstances, the need to protect the privacy interests of applicants, related natural persons, or financial institutions would require that individual data fields be modified or, as appropriate, deleted. Considering the public disclosure of 1071 data as a whole, the privacy interests of applicants, related natural persons, or financial institutions would arise under the balancing test only where the disclosure of 1071 data may both substantially facilitate the re-identification of an applicant or related natural person, in the data and disclose information about such persons, or the identified financial institution, that is not otherwise public and may be harmful or sensitive. Thus, disclosure of an unmodified individual data field may create a risk to privacy interests if such disclosure either would substantially facilitate the re-identification of an applicant or related natural person; or would disclose information about applicants or related natural persons, or an identified financial institution, that is not otherwise public and that may be harmful or sensitive. This interpretation implements ECOA section 704(e)(4).

Where the publication of unmodified application-level 1071 data may create risks to privacy, the proposed balancing test would require that the Bureau consider the benefits of disclosure in light of section 1071's purposes and, where these benefits do not justify the privacy risks the disclosure would create, modify the public application-level dataset to appropriately balance the privacy risks and disclosure benefits. The Bureau would delete the data field prior to publishing the application-level dataset if other modifications would not appropriately balance the privacy risks and disclosure benefits. An individual data field would be a candidate for modification or deletion under the proposed balancing test if its disclosure in unmodified form would create a risk of re-identification or a risk of harm or sensitivity.

The Bureau's proposed balancing test generally resembles the balancing test adopted in the 2015 HMDA Final Rule, with certain adjustments for the 1071 context. In particular, the Bureau's proposed 1071 balancing test would consider the privacy interests of not just applicants, but also related natural persons who might not be applicants (such as principal owners of a business, where a legal entity is the applicant), as well as the privacy interests of financial institutions reporting 1071 data.

The Bureau's proposed 1071 balancing test would not specifically consider the risks that a financial institution could be identified in the public application-level 1071 data. Section 1071 requires financial institutions to compile and maintain data and provides that such information be made available to the public upon request. Accordingly, section 1071 contemplates that the public would know what application data are associated with particular financial institutions. Because the statute directly contemplates disclosure of a financial institution's identity in connection with the public application-level dataset, the Bureau proposes to disclose financial institution identity; the re-identification risk element of the analysis would not apply to financial institutions. However, the Bureau would consider the risk to a financial institution that the release of 1071 data in unmodified form would disclose information that may be harmful or sensitive to a financial institution.

As recommended by the SBREFA Panel, the Bureau seeks comment on the design of its proposed balancing test. The Bureau also seeks comment on whether the balancing test should apply to the privacy interests of natural persons generally, rather than just those of natural persons related to applicants.

2. Implementation of the Balancing Test

As noted above, the SBREFA Panel and other commenters recommended that the Bureau offer more detail in the proposal on how the Bureau intends to implement and apply its balancing test to the 1071 data fields it is proposing. Several industry commenters requested that the Bureau apply the balancing test directly in the Bureau's 1071 rulemaking, rather than after the Bureau issues a final rule. Because of data limitations discussed below, the Bureau is not proposing a full application of the balancing test to most of the proposed data points. Instead, the Bureau is setting forth and seeking comment on its analysis of the benefits and harms or sensitivities that could arise with respect to individual data fields and the dataset as a whole. The Bureau is not conducting a full analysis of the risks of re-identification; the Bureau is proposing to determine the extent of re-identification risk after it has obtained a full year of reported 1071 data. Accordingly, the Bureau is not proposing specific modifications or deletions for most of the proposed data points, but is instead seeking comment throughout part VI.C.5 and .6 on the types of techniques it is considering.

The Bureau is not applying the proposed balancing test fully to the proposed data fields because the lack of an existing 1071 dataset, or a sufficiently similar dataset, materially limits its ability to analyze re-identification risks. Unlike the balancing test elements of benefits, harms, and sensitivities, the Bureau would analyze the re-identification risk element, in part, using a statistical analysis. Specifically, the Bureau would determine whether a particular combination of data fields in a dataset generates a unique set of records that can be accurately matched to records in another publicly available dataset identifying an applicant or a related natural person. Where certain data fields significantly contribute to re-identification risk, the Bureau can use this type of analysis to determine what modifications can be made to the data fields to reduce re-identification risk—that is, by reducing the number of unique combinations produced by data fields—while maintaining as much data utility as possible.

However, the absence of an existing 1071 dataset or sufficiently similar data significantly impedes the Bureau's ability to preliminarily determine whether a proposed 1071 data field, individually or in combination with others, would substantially facilitate re-identification, or how specifically to modify data to reduce that risk. Because there does not exist a dataset sufficiently similar to what would be published under section 1071, a re-identification analysis of data other than actual reported 1071 data would not provide an accurate basis on which the Bureau could apply the balancing test and modify or delete the data, as appropriate. Underestimating the degree to which a 1071 data field, individually or in combination with others, facilitates re-identification risk could unnecessarily increase privacy risks to an applicant or a related natural person, while overestimating re-identification risk could unnecessarily reduce data utility.

In light of these limitations, the Bureau considered deferring all analysis under the proposed balancing test until after the 1071 rule is finalized. However, the Bureau is concerned that doing so would reduce opportunities for public feedback on privacy issues and their relationship to the general 1071 proposal. Although the Bureau lacks data that would allow it to perform a complete re-identification analysis at this time, it believes there is substantial value in setting forth its preliminary analysis under other aspects of the balancing test. Specifically, the Bureau has preliminarily analyzed the benefits and harms or sensitivities associated with the proposed data fields, the capacity and motives of third parties to match proposed 1071 data fields to other identifiable datasets, and potential modification techniques it may consider to address privacy risks. The Bureau's preliminary analysis of these aspects of the balancing test is set forth below. The Bureau acknowledges that the public will not have an opportunity to comment on the Bureau's intentions with respect to specific modifications or deletions for each proposed data field before a 1071 rule is finalized. However, the Bureau believes this limitation outweighs the risks of basing modifications or deletions on a potentially inaccurate re-identification analysis. And while a number of community groups that provided feedback on the Bureau's SBREFA Outline asserted that privacy risks would be low, they nonetheless recognized the role played by modification techniques. The Bureau agrees that modification techniques could play an important role in reducing privacy risks. The Bureau's ability to design effective modifications, however, requires application-level data that are not currently available.

As noted above, several industry commenters asserted that privacy decisions should be finalized by notice-and-comment rulemaking, rather than by policy statement. The Bureau believes, however, that a policy statement would be an appropriate vehicle for announcing its intentions with respect to modifications and deletions of 1071 data. First, under section 1071, the Bureau may delete or modify data at its discretion, in contrast to other provisions in the statute that require legislative rulemaking. Second, the Bureau's proposed approach with respect to modifications and deletions would not impose compliance obligations on financial institutions; as discussed in the section-by-section analysis of proposed § 1002.110 above, the Bureau is proposing to publish application-level data on its website on behalf of financial institutions.

Nonetheless, in the interest of obtaining public feedback on the qualitative aspects of its balancing test analysis, the Bureau is including a preliminary detailed analysis for each of the proposed data points, described under Preliminary Application of the Balancing Test in part VI.C.6 below. After the first year of 1071 data is reported to the Bureau, but before the Bureau releases the first year of 1071 data to the public, it would publish a policy statement setting forth its intentions with respect to modifications and deletions to the public application-level 1071 data. Before publishing that policy statement, the Bureau would conduct a balancing test analysis based on feedback to this proposal as well as a quantitative analysis of re-identification risk using reported 1071 data. At this time, the Bureau does not intend to re-propose its balancing test analysis for public comment prior to issuing the policy statement, in the interest of making data publicly available in a timely manner.

While the Bureau is seeking public feedback on its analysis below, preserving the ability to exercise its discretion to modify or delete data through policy statements allows the Bureau to manage the relationship between privacy risks and benefits of disclosure more actively. The Bureau believes this flexibility may be especially important in the event the Bureau becomes aware of developments that might contribute to privacy risks. The privacy landscape is constantly evolving, and risks to applicant privacy created by the publication of the application-level 1071 data may change as the result of technological advances and other external developments. For example, a new source of publicly available records may become accessible, increasing or decreasing privacy risks under the balancing test, or the Bureau may discover evidence suggesting that third parties are using the 1071 data in unforeseen, potentially harmful ways. Potential uses of the application-level 1071 data in furtherance of the statute's purposes may also evolve, such that the benefits associated with the disclosure of certain data may increase to an extent that justifies providing more information to the public in less modified form. As recommended by the SBREFA Panel, the Bureau seeks comment on its approach described above for implementing the balancing test.

3. Disclosure Benefits

In the SBREFA Outline, the Bureau explained that, under the balancing test it was considering, data would be modified or deleted if disclosure in unmodified form would pose risks to privacy interests that are not justified by the benefits of public disclosure in light of the statutory purposes of section 1071. The Bureau sought feedback on the data points generally, as well as the benefits of public disclosure to financial institutions for each of the data points under consideration. Feedback on the benefits of public disclosure of the data points under consideration during the SBREFA process is described in the applicable section-by-section analysis of proposed § 1002.107(a)(1) through (21) in part V above. Feedback on the benefits of public disclosure of the 1071 dataset as a whole is described below.

Under the proposed balancing test, the Bureau would consider the benefits of disclosure of the application-level 1071 data to the public in light of the statutory purposes of section 1071. As described above, the 1071 data would be the most comprehensive dataset available to analyze trends within the U.S. small business lending industry. The Bureau expects that users of 1071 data would rely on this information to help achieve the statutory purposes of section 1071: (1) Facilitating the enforcement of fair lending laws; and (2) enabling communities, governmental entities, and creditors to identify business and community development needs and opportunities of women-owned, minority-owned, and small businesses. This would make 1071 data the foremost data source that governmental entities, researchers, economists, industry, and community groups rely on to achieve 1071's purposes and to analyze the small business lending market. The Bureau received feedback provided by SERs, other commenters, and the SBREFA Panel on the potential benefits of disclosure. Comments related to the overall benefits of data disclosure, the fair lending benefits, and business and community development benefits are described below.

Some SERs and industry stakeholders generally supported the public disclosure of 1071 data to promote the monitoring of equal access to credit for small businesses, and narrowing the information gap between lenders and borrowers, community groups, and public officials. A number of SERs expressed the view that data transparency in the small business lending market is critical to advance the goals of fair lending enforcement and access to credit for small businesses, especially those that are minority-owned and women-owned. One SER stated that the data currently available are limited, and that section 1071 has the opportunity to address lending disparities. The SER also explained that data transparency and fairness could address lending practices that tend to exclude women-owned and minority-owned businesses, exacerbating a racial wealth gap. An industry stakeholder supported the public disclosure of 1071 data to promote the monitoring of equal access to credit for women- and minority-owned businesses.

Several SERs also underscored the importance of public disclosure of 1071 data in furthering the 1071 rule's business and community development purpose. One SER stated that the 1071 rule could be a model for the marketplace and pro-innovation if implemented with checks and balances. Another SER said that more transparency would help governments and creditors understand what strategies are successful in reaching women-owned and minority-owned small businesses and shed light on the marketplace and pricing overall. Other SERs emphasized the importance of publishing pricing information (specifically captured as APR), together with product type for understanding the cost and availability of financing products to small businesses, the importance of NAICS codes or other industry information for determining which industries are getting funding generally, and the importance of census tract or other geographic information for understanding the extent of lending to small businesses in low-to-moderate income neighborhoods.

However, several industry commenters expressed the belief that there were no, or few, benefits to publishing 1071 data in general, in addition to raising general concerns about privacy risks, discussed under Risks to Privacy Interests in part VI.C.4 below. Several commenters maintained that the benefits of public disclosure would be limited due to concerns about the data points the Bureau was considering and the absence of other data points that could, in the view of these commenters, reduce the risk of misinterpretation of the data. SERs and industry commenters also questioned the benefits associated with individual data points, as described in the applicable section-by-section analysis of proposed § 1002.107(a)(1) through (21) in part V above.

Community group commenters supported public disclosure of 1071 data. One commenter expressed the view that robust data collection would allow the public to gain a much greater understanding of gaps in lending to borrowers in the marketplace, and easily identify unmet borrowing needs. The commenter explained that the 1071 dataset would cover more types of loans from more institutions than existing CRA data (which had been used for similar kinds of analyses in the past), potentially giving the Bureau a comprehensive view of the small business lending market. The commenter also explained that data collection under the proposal would build an understanding of the credit needs and financing outcomes of small businesses in the lending marketplace through information from data fields such as amount applied for, action taken, and amount approved or originated. Additionally, several community group commenters asserted that transparency through public disclosure would benefit responsible financial institutions by allowing them to distinguish themselves from others and providing a means for discovering and addressing problematic practices earlier.

The Bureau has considered these comments and the ways in which public disclosure of the proposed 1071 data fields would facilitate the enforcement of fair lending laws. Market transparency through publication of the application-level 1071 data would help to identify potential fair lending violations and address discrimination in small business lending. For example, the ability to compare pricing is a central outcome in many fair lending analyses, which often aim to determine if similarly situated applicants face higher prices due to a prohibited basis under ECOA, such as ethnicity, race, and sex. In supporting the inclusion of pricing as a discretionary data point, one community group explained that collecting data on price would facilitate enforcement of fair lending laws by identifying discrimination in lending through information on whether an application was approved and at what price. The 1071 data would also be used by public officials, researchers, and community groups to identify potentially discriminatory lending patterns and to enforce anti-discrimination statutes. For example, data on action taken would be used in fair lending analyses to identify potential disparities in denial rates among similarly situated applicants. Additionally, public disclosure of the 1071 data fields would enable data users to advocate that financial institutions maintain robust fair lending policies and practices and could also increase the prospect of self-correction when financial institutions conduct their own analyses to assess potential fair lending risks. At the same time, greater transparency could provide explanatory context for lending decisions, which may help protect responsible lenders from inaccurate assumptions based on more limited public data.

Moreover, data users, such as community groups, researchers, and public officials, would be able to use 1071 data to help determine whether certain types of credit are disproportionately available to different groups. For example, one community group commenter explained that because credit cards and other types of high-interest credit are widely used by small businesses, information on the types of credit applied for or originated could reveal the extent to which women-owned or minority-owned small businesses can access term loans or are served disproportionately by credit cards or other small business credit products that generally carry higher interest rates. The same commenter also explained that data users may be able to use the 1071 data to investigate whether certain products or businesses are disproportionately supported by government guarantee programs in business and community development and possibly help to develop more targeted programs.

The Bureau has also considered the ways in which publication of the application-level 1071 data would promote the business and community development purpose of 1071. The Bureau believes that the public application-level 1071 data would provide useful and robust data, allowing data users to appropriately and efficiently focus resources on particular areas of need. For example, reporting of information about rates of denial, and the associated reasons for denial of a business credit application, combined with data fields commonly used to help make underwriting decisions, such as gross annual revenue and time in business, would improve the public's ability to generally understand financial institutions' decision-making and to identify underserved areas of the market. The Bureau also believes that the public application-level 1071 data could yield information helpful in understanding the economic health of communities. NAICS codes, for example, could provide information about rates at which particular types of businesses are applying for and receiving credit in general, and which types of lending products are being requested, when combined with credit type. This information would also allow data users to identify trends in the small business market that could provide evidence as to the health of the overall economy. Understanding these potential indicators would also help public officials focus efforts to help creditors serve the lending needs of communities and give government officials information to efficiently distribute resources to vulnerable small business applicants. Finally, pricing information, such as total origination charges for different types of credit, would also allow data users to better understand pricing decisions and the cost of credit to small businesses. Information about credit purpose would allow data users to better understand why small businesses are using credit, thus helping communities determine whether creditors are serving the small business lending needs of their communities and also helping public officials to target public investment to better attract private investment and innovation. As recommended by the SBREFA Panel, the Bureau seeks comment on its understanding of the benefits of public disclosure of the 1071 data described above.

4. Risks to Privacy Interests

The Bureau has considered the risks to privacy that may be created by the public disclosure of the 1071 data that would be reported to the Bureau under the proposal. Based on its analysis to date, the Bureau believes that public disclosure of the unmodified application-level dataset, as a whole, might create risks to privacy interests under the 1071 balancing test. As described in more detail below, this is due to the presence of unique data fields in the dataset that the Bureau believes could create re-identification risk and the presence of individual data fields that the Bureau believes would create a risk of harm or sensitivity. Accordingly, the Bureau intends to consider whether modifications or deletions to the public application-level 1071 data would reduce these risks to privacy and appropriately balance them with the benefits of disclosure for section 1071's purposes.

As recommended by the SBREFA Panel, the Bureau seeks comment on the range of privacy concerns articulated by SERs, including potential re-identification of small businesses and financial institutions, as well as the types of harms and sensitivities the unmodified release of 1071 data could cause to financial institutions and small business applicants, which are described further below.

i. Re-Identification Risk

In the Bureau's SBREFA Outline, the Bureau explained that, while information that directly identifies natural persons, such as name, address, date of birth, or Social Security number would not be collected pursuant to section 1071 requirements, publication of 1071 data under consideration in an unmodified, application-level format potentially could be used to re-identify small business applicants and related natural persons or potentially harm their privacy interests. One SER stated that there has not been a single demonstrated incident of re-identification using HMDA data, and that privacy concerns could be addressed through modification techniques. However, many SERs and several industry stakeholders explained that 1071 data would facilitate the re- identification of natural persons and businesses, particularly in low-density geographies, like rural areas. Some stakeholders stated that it would be difficult to predict whether re-identification could arise, particularly as technology evolves.

The Bureau is concerned about two re-identification scenarios. First, a third party may use common data fields to match a 1071 record to a record in another dataset that contains the identity of the applicant or related natural person. The Bureau uses the term “adversary” when referring to such third parties. Second, an adversary may rely on pre-existing personal knowledge to recognize an applicant's record in the unmodified 1071 data.

Re-identification based on matching. Under the first scenario, it may be possible to match a 1071 record to an identified dataset, either directly or through a combination of intermediate datasets. The 1071 data that would be reported under the proposal, like the data reported under HMDA and Regulation C, may contain data fields that create re-identification risk. However, successfully re-identifying a 1071 record would require several steps and may present a significant challenge.

First, an adversary generally would have to isolate a record that is unique within the 1071 data. A 1071 record is unique when the values of the data fields associated with it are shared by zero or few other 1071 records. As discussed above, the Bureau believes actual 1071 data are needed to perform an accurate re-identification analysis. Thus, the Bureau does not intend to apply the balancing test until after it has analyzed re-identification risk with at least a full year of reported 1071 data.

A 1071 record having unique combinations of values would not automatically result in its re-identification; an adversary would also have to find a record corresponding to the applicant or related natural person in another dataset by matching similar combinations of data fields. Once a 1071 record has been matched to a corresponding record, an adversary would possess any additional fields found in the corresponding record but not found in the 1071 record, such as, possibly, the identity of the applicant. However, even after accomplishing such a match, an adversary might not have accurately re-identified the true applicant to whom the 1071 record relates. For example, if the corresponding record is not the only record in the other dataset that shares certain data fields with the unique 1071 record, an adversary would have to make a probabilistic determination as to which corresponding record belongs to the applicant.

As described below and addressed with respect to individual data fields in part VI.C.6 further below, the Bureau expects that the census tract and NAICS code data fields may significantly contribute to re-identification risk. Geographic and industry information are publicly available in a variety of sources and in a form that directly identifies businesses or in a way that could be derived with reasonable accuracy. This information is also likely to produce unique instances in the data, both when used separately and also, especially, when combined. Other data fields may result in unique combinations (particularly when combined with census tract), but the Bureau would need actual 1071 data to analyze their contribution to uniqueness.

In the 1071 context, the Bureau believes that particularly relevant sources of identified data for matching purposes are UCC filings, property records, and titles. The Bureau believes that such filings could pose a serious re-identification risk because of the availability of information about the lender, the applicant, and the date of transaction. The proposed 1071 data fields in unmodified form would identify the financial institution as well as the action taken date or application date. If the action taken date is on or near the UCC filing date, for example, an adversary might be able to use the date and financial institution on the UCC filings to identify the applicants of originated loans in the public application-level 1071 data. The UCC filing also typically will have the address of the borrower. Combinations of lender, action taken date, and census tract might result in unique combinations of data fields that an adversary could connect to a publicly available source of information to re-identify the applicant. Therefore, the Bureau believes identity of the financial institution and the action taken date (and application date, which could be a proxy for action taken date) may significantly contribute to re-identification risk. UCC filings may also, although to a lesser extent, contain detailed information on the type of loan and the amount approved.

With respect to 1071 loans secured by residential and commercial property, publicly available real estate transaction records and property tax records would be particularly relevant sources of identified data, as the Bureau described in its proposed policy guidance on the disclosure of loan-level HMDA data. Because some of the data fields in such public records are also present in the 1071 data, the Bureau believes that the publication of application-level 1071 data without any modifications would create a risk that these public records could be directly matched to a 1071 record to re-identify an applicant. In addition, a business's own website, public directories, or websites that review businesses typically include the business's location, time in business, and information that could be used to derive information about the business's owners.

UCC filings also frequently include the name of the lender, the name of the business, and the date that the filing was submitted. Though the availability differs by State, UCC filings are often searchable in State databases, and are a source of data frequently mined by data brokers. UCC statements are often filed against specific collateral and business assets generally, especially for products like general lines of credit. These types of filings would be available more broadly than just for loans with very specific collateral (like equipment or vehicles). Such filings could pose a serious re-identification risk because of the availability of information about the lender, the applicant, and the date of transaction.

Identified public data records in loan-level datasets for programs like the SBA's 7(a), 8(a), 504, and PPP programs, as well as State-level registries of women-owned and minority-owned businesses for contracting purposes, may also contribute to re-identification risk. These datasets include information such as loan program guarantee information, industry or NAICS code, demographic information about the business owners, time in business, and number of workers. Time in business and number of workers could also likely significantly contribute to re-identification risk, especially in combination with other data fields like census tract and NAICS code.

Other publicly available sources of data similar to those included in the proposed 1071 data, but only for certain types of credit, include loan-level performance datasets made available by the Government-Sponsored Enterprises (GSEs). The GSE datasets include information such as borrower demographic information, loan program guarantee information, pricing data, loan term, loan purpose, and the year of action taken. Asset-backed securities datasets for securitized mortgage and auto loans are made available by the Securities and Exchange Commission through the Electronic Data Gathering, Analysis, and Retrieval (EDGAR) system. These datasets include information about the lender, the date of action taken, pricing data, loan term, loan amount applied for and approved. These datasets are available online with limited restrictions on access. But these datasets do not include the name of the borrower; as described above, this means that an adversary who is able to match a record in one of these datasets to a record in the 1071 data would need to make an additional match to an identified dataset to re-identify an applicant. And some of these datasets contain restrictions on use, such as a prohibition on attempting to re-identify borrowers.

Private datasets, which could be made available in identified or de-identified form, that could be matched to the 1071 data are also available. For example, data brokers collect information about small businesses from a wide range of sources and sell it for a variety of purposes, including marketing, identity verification, and fraud detection. These datasets typically include data collected from commercial, government, and other publicly available sources and may contain data about the business, including industry code, information about geography, and estimates of gross annual income, number of workers, and information about related natural persons, including the race and ethnicity of business owners. Some of these datasets contain restrictions on use, such as requiring a legitimate business purpose, and some may prohibit attempts to re-identify borrowers.

In addition to considering the steps an adversary would need to complete to re-identify the 1071 data and the various data sources that may be required to accomplish re-identification, including their limitations, the Bureau also has considered the capacity, incentives, and characteristics of potential adversaries, including those that may attempt re-identification for harmful purposes. In particular, a potential competitor of a small business or a firm with other commercial interests may seek information about a business's expansion strategy or financial condition, including whether it was able to obtain credit approval. This could be part of routine market monitoring or to gain a specific commercial advantage.

These potential adversaries could possess the resources to use private datasets in addition to publicly available records to re-identify the 1071 data. However, the Bureau has considered the extent to which much of the commercial benefit to be obtained by re-identifying the 1071 data may be more readily available from private datasets to which these potential adversaries already have access without the need for recourse to the 1071 data. In many cases, information from other datasets may be timelier than that found in the 1071 data. Furthermore, some of these potential adversaries may refrain from re-identifying the 1071 data for reputational reasons or because they have agreed to restrictions on using data from the additional datasets described above for re-identification purposes.

Additionally, while some academics, researchers, and journalists might use de-identified 1071 data, some may be interested in re-identifying the 1071 data for research purposes. These persons may differ in their capacity to re-identify an applicant in the 1071 data. However, as mentioned above, some private datasets may have contractual terms prohibiting their use for re-identification purposes and therefore these persons may be restricted from actually using the 1071 data to re-identify applicants. Further, those academics or journalists with significant resources may be affiliated with organizations that have reputational or institutional interests that would not be served by re-identifying the 1071 data. These factors may reduce the risk of re-identification by such persons.

The Bureau has considered whether parties intending to commit identity theft or financial fraud may have the incentive and capacity to re-identify the 1071 data. As discussed under Risk of Harm or Sensitivity in part VI.C.4.ii below, the Bureau believes that the 1071 data would be of minimal use for these purposes. Further, these potential adversaries are not law abiding and may have easier, albeit illegal, ways to secure data for these purposes than attempting to re-identify application-level 1071 data.

Re-identification based on personal knowledge. In addition to the possibility of re-identifying applicants through matching 1071 data to other datasets, some potential adversaries may be able to re-identify a particular applicant or related natural person in the 1071 data by relying on personal knowledge about the applicant or natural person. The unmodified 1071 data would include location and demographic information, such as the race, sex, and ethnicity of principal owners, and industry information. These types of information may be likely to be known to a potential adversary who is familiar with a specific applicant or related natural person. Therefore, such a potential adversary may be able to re-identify a known applicant or related natural person without attempting to match a 1071 record to another data source. This potential adversary could include a customer, competitor, or person with other commercial ties to the applicant, or a neighbor or acquaintance of a related natural person, and the interest in re-identification may range from mere curiosity to the desire to embarrass or otherwise harm the applicant. These potential adversaries may possess a high level of specific knowledge about the characteristics of a particular applicant or related natural person. Adversaries who can re-identify an applicant or natural person based on personal knowledge would be able to complement their existing knowledge with the full 1071 application-level data, and therefore could contribute to risks of harm or sensitivity.

Pre-existing personal knowledge possessed by such a potential adversary would be limited to information about a subset of applicants and related natural persons. Thus, any re-identification attempt by such an adversary would likely target or impact a more limited number of applicants or natural persons, compared to the large numbers of applicants or natural persons who could be re-identified by adversaries possessing sophisticated matching techniques.

Although the Bureau believes that location, protected demographic information, and industry information may be more likely to be known than other information in the 1071 data, it is impossible to predict the exact content of any pre-existing personal knowledge that such a potential adversary may possess. This uncertainty creates challenges for evaluating the degree to which individual data fields contribute to the risk of re-identification by such a potential adversary. For these reasons, the discussions of re-identification risk in the Bureau's analysis of data points below generally focus on the risk of re-identification based on matching, not on personal knowledge. The Bureau seeks comment on how the Bureau could assess re-identification risk arising from adversaries with personal knowledge.

Applications that do not result in originations. In its final policy guidance on the disclosure of loan-level HMDA data, the Bureau explained that the risk of re-identification to applicants is significantly lower for applications that do not result in originated loans. The Bureau explained that the lack of public information about applications significantly reduces the likelihood that an adversary could match the record of a HMDA loan application that was not originated to an identified record in another dataset. The Bureau has not identified any publicly available information about applications for business loans. As discussed under Implementation of the Balancing Test in part VI.C.2 above, the Bureau lacks data necessary to perform a complete re-identification analysis at this time. However, the unmodified 1071 data might contain data fields that facilitate the re-identification of applicants. For example, the census tract and NAICS code data fields could result in unique combinations that an adversary could use to match to an identified public record, such as a business directory.

Overlap between HMDA and 1071 data generally. As noted above in the section-by-section analysis of proposed § 1002.104(a), the Bureau anticipates that some applications would be reported under both HMDA and 1071. The public loan-level HMDA dataset contains data fields in addition to, or that overlap with, the proposed 1071 data fields, and the proposed 1071 data includes data fields that are not included in the public loan-level HMDA dataset. The Bureau recognizes that, in cases of overlap, some 1071 data fields may require additional analysis with respect to risks of harm or sensitivity and re-identification posed by such overlap. When the Bureau performs a full re-identification analysis, it intends to consider the potential for applications reported under 1071 to be matched to loans reported under HMDA. The Bureau seeks comment on this issue and the implications of potential re-identification risk and potential risk of harm or sensitivity for applications reported under both section 1071 and HMDA.

ii. Risk of Harm or Sensitivity

In the SBREFA process, the Bureau sought feedback on the nature and scope of privacy interests of non-natural persons ( e.g., small business applicants and financial institutions) and natural persons ( e.g., principal owners of small businesses) that the Bureau should consider under its potential balancing test, including the types of sensitive commercial information that could be exposed by publishing the data points (individually or in combination) under consideration.

A number of SERs and other stakeholders addressed the risk of harm or sensitivity from the disclosure of 1071 data in unmodified form. Several SERs and other stakeholders stated that the disclosure of 1071 data could create a risk of harm or sensitivity for small businesses and related natural persons. Several SERs stated that public knowledge of borrowing activity (even without any other potential harms) would be very concerning to some small businesses as some small business owners consider that information sensitive or deeply personal. Some stakeholders stated that the disclosure of a banking relationship could raise harm or sensitivity concerns because it might lead to adverse inferences about the business's financial condition. One SER stated that small business owners valued their privacy just as much as consumers. Several industry commenters stated that 1071 data might reveal information about a small business's strategy or financial condition, as well as information about the personal characteristics or financial conditions of related natural persons, which the commenters stated could contribute to identity theft.

Several community group stakeholders stated, in contrast, that the risk of harm or sensitivity from publishing 1071 data would be minimal because some of the data are already publicly available. These stakeholders also stated that financial institutions likely exaggerate privacy concerns of small businesses or natural persons. With respect to concerns that publication of data could facilitate targeted marketing of predatory lending products, a community group stated that rather than fostering predatory practices, public disclosure would deter them by enabling the public to identify problematic pricing or loan terms and conditions and prevent them from becoming more widespread.

In addition to addressing the risks of harm and sensitivity to small businesses, several SERs and other stakeholders addressed potential risks of harm and sensitivity to financial institutions from the disclosure of 1071 data. Several SERs stated that 1071 data could be used to generate marketing lists and that this would result in creditors taking other financial institutions' customers away. One SER stated that, because of this, financial institutions may stop lending to small businesses in certain markets. In contrast, two SERs stated that it was relatively easy to obtain information on other financial institutions' small business lending activity. Two SERs stated that they were more concerned about the privacy of small business applicants or borrowers than the privacy of financial institutions, but that both mattered. In addition, one industry stakeholder expressed concern that disclosing the type or purpose of financing and the amount applied for and approved could facilitate re-identification of borrowers, particularly in rural areas or small towns. The commenter also expressed concern that disclosing this information could harm community banks located in such areas. The commenter stated that this could happen because small businesses in such areas are likely to perceive that this information could cause them to be re-identified, and that they would respond by seeking financing with a large creditor in another town or online, rather than their community bank.

A few industry commenters expressed concern that the 1071 data could reveal information such as a financial institution's client lists, terms and conditions, insights about the financial institution's strategy in particular geographic areas, or, for certain financial institutions, sensitive supply management data. A community group commenter stated that public disclosure of 1071 data would not have significant negative effects on competition and could provide lenders with insights that could allow them to become more competitive.

Some SERs expressed concern that 1071 data could be used against financial institutions in litigation by class action attorneys or to harm their public reputations. One SER expressed concern that public disclosure of 1071 data could cause financial institutions to face more litigation, which, in the SER's view, would increase the cost of credit for small businesses. Another SER expressed concern that data users could misinterpret pricing information. For example, according to the SER, data users might infer discrimination based on higher pricing for an applicant, when the pricing was in fact unrelated to the applicant's race. The SER stated that the purpose of section 1071 was to help small businesses and asserted that releasing full 1071 data would present an opportunity for third parties to sue or criticize financial institutions.

Several industry commenters stated that data about loan terms would be sensitive because they would invite criticism of or litigation over disparities without accounting for various legitimate business reasons for disparities and increase compliance costs. Other industry commenters stated that publication of 1071 data would lead financial institutions to artificially lower prices, standardize underwriting, or reduce access to credit to limit exposure to fair lending litigation or reputational risk. One community group stated that it did not believe the purposes of section 1071 required the Bureau to take into account such financial institution concerns about litigation or reputational risk, compliance costs, or impacts on underwriting. One industry stakeholder stated that the Bureau could address these risks by providing clear guidance about how it would use 1071 data in its fair lending supervisory program.

The Bureau has considered whether, if an application-level record in the public 1071 data were to be re-identified, 1071 data reported to the Bureau would disclose information about an applicant, related natural person, or financial institution that is not otherwise public and may be harmful or sensitive. Specifically, the Bureau has evaluated whether the 1071 data could be used for harmful purposes such as fraud or identity theft or the targeted marketing of products and services that may pose risks that are not apparent. The Bureau has also evaluated whether the 1071 data could cause competitive harm to small business applicants or to financial institutions. Furthermore, even where the disclosure of the data field is unlikely to lead to financial or other tangible harms, the Bureau has evaluated whether certain 1071 data fields may be viewed as sensitive if associated with a particular applicant, related natural person, or financial institution. In evaluating the potential sensitivity of a data field, the Bureau has considered whether disclosure of the data field could cause dignitary or reputational harm to small business applicants and related natural persons. The Bureau has also evaluated whether disclosure of the data field could cause reputational harm to financial institutions.

As discussed above and as noted by several community group stakeholders, some identifiable information about small business lending is currently available to the general public. Such information is available both in public records and in private datasets with varying barriers to access and restrictions on use. In evaluating the risk of harm or sensitivity created by the publication of the application-level 1071 data, the Bureau's analysis has considered the degree to which such disclosure would increase this risk relative to the risk that already exists, absent the public availability of 1071 data. Accordingly, the Bureau has considered whether the data that would be reported to the Bureau are typically publicly available in an identifiable form. The Bureau has also considered whether there are any barriers to accessing such data or restrictions on its use. In general, the Bureau believes that, where a data field is already publicly available, the risk of harm or sensitivity from the disclosure of that data field in the 1071 data is reduced.

In evaluating the risk of harm or sensitivity created by the publication of the application-level 1071 data, the Bureau also has considered the likelihood that the application-level 1071 data would be re-identified. As discussed under Re-Identification Risk in part VI.C.4.i above, the Bureau generally believes that successful re-identification of application-level 1071 data would require several steps and may present a significant challenge. To the extent that the risk that re-identification would be accomplished is low, the risk of disclosing harmful or sensitive information would be reduced.

The Bureau agrees with commenters who stated that the disclosure of 1071 data could potentially create a risk of harm or sensitivity not only to natural persons, such as the owner of a small business that is a sole proprietorship, but also to non-natural persons. As discussed under Balancing Test Design in part VI.C.1 above, when considering the risk of harm or sensitivity, the Bureau's proposed balancing test would consider the risks to non-natural persons, including financial institutions.

The Bureau has considered whether the 1071 data could be used for harmful purposes such as fraud or identity theft or the targeted marketing of products and services that may pose risks that are not apparent. As noted above, several SERs and other stakeholders stated that the 1071 data could potentially be used for these purposes. The Bureau's preliminary view is that the unmodified application-level 1071 data would be of minimal use for purposes of perpetrating identity theft or financial fraud against applicants or related natural persons. The 1071 data would not include information typically required to open new accounts in the name of a small business's principal owner, such as Social Security number, date of birth, place of birth, passport number, or driver's license number. Additionally, the 1071 data would not include information useful to perpetrate existing account fraud, such as account numbers or passwords.

However, while the Bureau believes that the unmodified 1071 data would be of minimal use for perpetrating fraud or identity theft, the Bureau acknowledges that almost any information relating to a small business could, theoretically, be used for these purposes. As a result, the unmodified 1071 data could provide at least some additional data that could be used for these purposes. For example, the 1071 data could potentially be used in a phishing attack against an applicant by a perpetrator purporting to be the financial institution, or for knowledge-based authentication purposes. While much information that may be useful for phishing or knowledge-based authentication—such as the name of the financial institution and the date of action taken—may already be available from UCC filings, the 1071 data may contain additional information that may be useful for such purposes, such as information about the type of loan and loan terms. However, some of this information may also be available from private data sources. The Bureau also notes that, based on the Bureau's expertise and analysis, the publication of HMDA data—which contains many data fields that are similar to data fields that would be disclosed under section 1071—has not resulted in any measurable increase in fraud or identity theft against mortgage applicants.

As several of the SERs and other stakeholders suggested, the Bureau has also considered whether the unmodified application-level 1071 data would provide information that is not already public and could be used for the targeted marketing of products and services that may pose risks that are not apparent. Although the 1071 data could be used to market products and services that would be beneficial for small businesses—perhaps increasing competition among creditors that could help small businesses receive better terms—they could also be used to target potentially vulnerable small businesses with marketing for products and services that may pose risks that are not apparent. While, as a community group stakeholder stated, the 1071 dataset may generally be useful for identifying predatory lending practices in the small business lending market, the Bureau believes that the targeted marketing of products that may pose risks that are not apparent is a harmful purpose for which 1071 data could potentially be used.

For example, data users might perceive certain 1071 data to reveal negative information about an applicant's financial condition or vulnerability to scams relating to debt relief or credit repair. Information about a loan might also be used for a practice known as “stacking,” in which some creditors have been alleged to obtain lead lists based on publicly available information and offer follow-on loans or advances that add to the debt burden carried by small businesses. Some creditors might also use the data for deceptive marketing practices. However, the utility of the 1071 data for predatory marketing practices may be limited by the delay between action taken on a loan and publication of the application-level 1071 data.

As several of the SERs and other stakeholders suggested, the Bureau has also considered whether the unmodified 1071 data would result in competitive harm to small business applicants or related natural persons. The 1071 data, if re-identified, may disclose some general information about a small business's use of credit that is not currently available to the general public. As discussed in the individual data field sections below, the Bureau acknowledges that certain 1071 data points in unmodified form could reflect negatively on the financial condition of a business or its owners.

As several of the SERs and other stakeholders recommended, the Bureau has also considered whether the unmodified 1071 data would result in competitive harm to financial institutions. As discussed below with respect to the financial institution identifying information that would be reported pursuant to proposed § 1002.109(b), the Bureau is proposing to identify the financial institution in the public application-level 1071 data. Therefore, the 1071 data could reveal general information about a financial institution's lending practices that is not widely available to the general public. Data fields such as census tract, NAICS code, credit type, and pricing could disclose information about where a financial institution is doing business, what industries it is doing business with, what kinds of products it is offering, and what kinds of prices it is charging, respectively. Additionally, as several SERs stated, if a small business applicant were to be re-identified, a financial institution's competitors could identify the small businesses to which the financial institution is offering or providing credit.

The Bureau acknowledges that the increased transparency into small business lending provided by 1071 data could reveal general information about a financial institution's lending practices that is not widely available to the general public, and that this information could be useful to others, including other financial institutions. For example, if the 1071 data were re-identified, a financial institution could potentially offer credit to a particular small business at a lower price than they received from another financial institution. However, the Bureau does not believe the unmodified application-level 1071 data would include key inputs for or be detailed enough to substantially facilitate the reverse-engineering of a financial institution's proprietary lending models. (For example, it would not include information about an applicant's credit history.) Financial institution concerns with disclosure of information about general lending practices are discussed in greater detail under Balancing Risks and Benefits in part VI.C.5 below.

As noted above, an industry commenter expressed concern that disclosing information about applicants in rural areas could lead them to seek financing elsewhere. However, from the perspective of a small business, seeking financing with a lender in another community would not necessarily reduce the risk that someone in the small business's community may ultimately re-identify them in the 1071 data because the 1071 data would be reported with respect to the location of the business, as discussed in the section-by-section analysis of proposed § 1002.107(a)(13) above (census tract). As discussed above, with respect to the concern about re-identification risk to applicants and related natural persons, the Bureau would determine the extent of re-identification risk when it has obtained a full year of reported 1071 data and would state its intentions, at that time, about whether certain 1071 data fields should be modified or deleted prior to public disclosure.

Some SERs expressed the concern, further detailed above, that 1071 data could harm financial institutions by increasing the amount of litigation against financial institutions. The Bureau acknowledges this risk, which is discussed in greater detail under Balancing Risks and Benefits in part VI.C.5 below, and in part VI.C.6.xviii with respect to the application of the proposed balancing test to financial institution identifying information.

In addition to considering whether the disclosure of a data field could lead to financial or other tangible harms, such as those described above, the Bureau has also considered whether the 1071 data fields might be viewed as sensitive. As noted above, several SERs and other stakeholders stated that disclosure of the unmodified 1071 data would divulge data that may be sensitive to applicants, related natural persons, or financial institutions. In assessing whether a data field creates a risk of sensitivity, the Bureau has evaluated whether its disclosure could lead to dignitary or reputational harm to small business applicants or related natural persons. For example, as several industry commenters stated, if the 1071 data were re-identified, the data could reveal information that casts a negative light on a small business's financial condition, such as the fact that a loan was denied due to a business's credit characteristics or cashflow. This information could be embarrassing to the small business and its owners.

The Bureau has also evaluated whether the disclosure of a data field could cause reputational harm to financial institutions. As noted above, some SERs expressed concern that 1071 data could harm a financial institution's reputation by leading data users to draw unfounded inferences about discrimination. The Bureau notes that several of the 1071 data fields, if disclosed in unmodified form, would help address this concern by serving as control variables. For example, many financial institutions consider a small business's revenue when assessing the risk of extending credit. As a result, disclosing gross annual revenue data would help ensure that data users who are evaluating potential disparities in underwriting or pricing can compare small businesses with similar revenues, thereby controlling for a factor that might provide a legitimate explanation for some disparities. The Bureau also notes that it does not expect that 1071 data alone could generally be used to determine whether a lender is complying with fair lending laws. The Bureau expects that, when regulators conduct fair lending examinations, they would analyze additional information before reaching a determination about an institution's compliance with fair lending laws.

In assessing the risk of sensitivity, the Bureau has also considered general societal and cultural expectations with respect to what information is available to the general public. For example, disclosing gross annual revenue in unmodified form could disclose sensitive information because it could reflect the financial condition of a small business or, where a small business is a sole proprietorship, a natural person. This type of information about a business's or natural person's financial condition is typically not available to the general public.

The Bureau also acknowledges the comments stating that some small businesses and their owners would consider the very fact that they sought credit sensitive, or would consider the disclosure of a banking relationship sensitive because others may draw adverse inferences about the small business's financial condition. These are concerns about sensitivity that would result merely from the re-identification of the applicant, rather than from the disclosure of particular data fields. The Bureau seeks to address these concerns by mitigating the risk of re-identification, as described under Re-Identification Risk in part VI.C.4.i above.

The Bureau seeks comment on its approach to assessing the risks of harm and sensitivity presented by the disclosure of unmodified 1071 data.

5. Balancing Risks and Benefits

Under the approach described in the SBREFA Outline, the Bureau would delete or modify 1071 data if disclosure of the data in unmodified form would pose risks to privacy interests that are not justified by the benefits of public disclosure in light of the statutory purposes of section 1071. If the risks of disclosing unmodified data are not justified by the benefits under the balancing test, the Bureau would determine whether modifications or deletions could appropriately balance the risks and benefits. In the SBREFA Outline, the Bureau explained that it was considering various approaches that would appropriately advance privacy interests while still providing users with data useful to fulfilling the purposes of section 1071. The Bureau explained that these approaches could include various statistical disclosure limitation techniques when justified under the balancing test, such as those that mask the precise value of data points to prevent the disclosure of certain data elements. The Bureau also sought feedback generally on how it could mitigate concerns arising from re-identification risk.

Several community group commenters stated that the Bureau should make as much data publicly available as possible to maximize data utility. One commenter stated that privacy concerns could be addressed through the prohibition on collecting personally identifiable information and increasing coverage of 1071 reporters and products. But this commenter, several SERs, and many other industry commenters expressed support for modifying or deleting the data from the public application-level 1071 data to balance privacy risks with the benefits of public disclosure. Commenters provided a wide variety of feedback on what kind of techniques would be appropriate, including publishing data in ranges, aggregating data, differential privacy, and data-swapping. In addition, several industry commenters recommended that the Bureau reduce rule coverage to limit harms, such as by using asset thresholds and exclusions for types of financial institutions. By contrast, a community group commenter recommended that the Bureau expand the rule's coverage to increase the number of observations and reduce re-identification risk. One SER recommended a process by which covered financial institutions could identify certain application records that might present heightened re-identification risk and trigger further analysis by the Bureau before full application-level data are published. Another SER suggested that the Bureau set a minimum sample size before publishing application-level data for some rural markets to avoid harm.

Balancing risks and benefits generally. As noted previously, the Bureau intends to apply the proposed balancing test after it receives the first year of data reported pursuant to an eventual 1071 rule. For data fields the public disclosure of which the Bureau believes would create risks to privacy interests of applicants, related natural persons, or financial institutions, either because a field increases re-identification risk or poses a risk of harm or sensitivity, the Bureau intends to assess these risks against the benefits of disclosure. Where the Bureau determines that the disclosure of an individual data field, alone or in combination with other fields, would create risks to privacy that are not justified by the benefits of disclosure to 1071's purposes, the Bureau would consider whether it could appropriately balance the privacy risks and disclosure benefits through modification techniques or whether the field should be deleted from the public dataset. The Bureau also would evaluate the risks and benefits of disclosing a data field in light of modifications or deletions considered for other data fields.

The Bureau is mindful of the connection between the risk of re-identification and the risk of harm or sensitivity. To the extent that the risk of re-identification created by disclosure of the 1071 data is reduced, the risk of disclosing harmful or sensitive information also would be reduced. Conversely, to the extent that the public application-level 1071 data would not disclose information that is harmful or sensitive, the consequences of re-identification would be reduced. Where the Bureau determines that modification of a data field is appropriate, the Bureau's consideration of the available forms of modification for the 1071 data would also be informed by the operational challenges associated with various forms of modification and the need to make application-level data available to the public in a timely manner.

The Bureau is also aware of concerns raised by SERs and other stakeholders, described under Risk of Harm or Sensitivity in part VI.C.4.ii above, that disclosing the proposed 1071 data in unmodified form could increase risks of litigation or reputational harm to financial institutions, and reveal information that could cause competitive harm to financial institutions. However, in applying the balancing test, the Bureau generally intends to give significant weight to the benefits of disclosure relative to these risks.

In general, the Bureau believes that deleting or modifying data because the data would disclose general information about a financial institution's lending practices—compared with information that could substantially facilitate, for example, the reverse-engineering of a financial institution's proprietary lending models—would be inconsistent with section 1071. As noted above, the statute directly contemplates disclosure of financial institution identity in connection with the public application-level dataset. Each of the data fields prescribed by the statute—with the exception of the application number—could provide some insight into a financial institution's lending practices. If the Bureau were to exclude data on this basis, it would exclude virtually all of the statutorily required 1071 data points from the public data. This would significantly frustrate both of the statutory purposes of section 1071 because it would prevent the public from using the data to identify potential fair lending violations, and it would prevent communities and creditors from using the 1071 data to identify business and community development needs and opportunities of small businesses. For example, this information could benefit more competitive creditors, as well as small businesses in obtaining credit at a lower cost.

While the Bureau acknowledges financial institutions' concern about the litigation and reputational risks involving section 1071 data, the Bureau does not believe that this concern justifies the exclusion of data from public disclosure. One of the statutory purposes of section 1071 is to facilitate enforcement of fair lending laws, which authorize enforcement by parties other than the Bureau. Additionally, section 1071 contemplates that financial institutions would make their own application-level data available to the public, which necessarily entails their identification.

Modification techniques generally. In light of the purposes of section 1071, the Bureau intends to modify or delete the 1071 data only as needed under the balancing test prior to public disclosure. The Bureau recognizes, as explained by community groups, that modifications, to varying degrees, may negatively impact the utility of the data for the fair lending and business and community development purposes of the statute. However, the proposed balancing test is designed to ensure that decisions to modify or delete the public application-level 1071 data take these benefits into account. Below, the Bureau addresses general issues related to modification techniques in the context of this proposal. These techniques are discussed in greater detail with respect to specific data points further below. Where no specific modification technique is described with respect to particular data points, the Bureau has not identified an obvious modification technique other than potentially swapping, suppression, or deletion, which are discussed below under Other techniques.

While certain information that directly identifies applicants or related natural persons generally would not be collected under the proposal, the Bureau does not believe this feature of the proposal would be sufficient to eliminate privacy risks that would arise from publishing the data in unmodified form, as discussed in greater detail under Risks to Privacy Interests in part VI.C.4 above. The Bureau also does not believe that privacy risks can be adequately resolved through rule coverage ( e.g., using asset thresholds and exclusions for types of financial institutions). While some re-identification risk could be reduced by increasing the number of loans reported to the Bureau, the Bureau does not believe the effects of doing so are necessarily predictable because re-identification risk depends on the characteristics of the data. Further, increasing the number of loans would not address risks of harm or sensitivity to re-identified applicants or natural persons. Suggestions for addressing privacy risks through exemptions are discussed under Balancing Test Design in part VI.C.1 above.

Aggregate data. The Bureau does not intend to address privacy risks for application-level 1071 data through aggregate disclosures at this time. As discussed in the section-by-section analysis of proposed § 1002.110(a) above, and as required by section 1071, the Bureau is proposing to make available to the public the information submitted to it by financial institutions pursuant to proposed § 1002.109, subject to deletions or modifications made by the Bureau. As discussed in the section-by-section analysis of proposed § 1002.110(b) above, and as authorized by the statute, the Bureau may, at its discretion, compile and aggregate information submitted by financial institutions pursuant to proposed § 1002.109, and make any compilations or aggregations of such data publicly available as the Bureau deems appropriate. The Bureau initially anticipates making the data collected under section 1071 available at the application level—with appropriate potential modifications and deletions—rather than providing aggregate data with counts and averages for each data field. The Bureau may consider releasing aggregated data in the future, after it determines whether narrower modifications or deletions could address privacy risks. The Bureau received some suggestions to consider “differential privacy” techniques. Such techniques are typically used in connection with aggregate statistics to reduce the identifiability of more granular data. The Bureau seeks comment on whether differential privacy techniques might be appropriate for application-level data.

Recoding. The Bureau intends to consider various methods to “recode” the proposed data fields as necessary under the balancing test. Recoding techniques decrease the number of distinct categories for a data field. In the context of the 1071 data fields, recoding would involve providing the value of a data field in a higher-level category that increases the number of records within a given combination. Some data fields like census tract and NAICS code have structures that permit recoding without developing new 1071-specific recoding categories. For example, if the Bureau were to determine that the re-identification risk presented by the census tract data field does not justify the benefits of unmodified disclosure, the Bureau could instead provide geography at the county level, for example, since census tracts are designed to be non-overlapping subdivisions of a county.

The Bureau also intends to consider recoding through the use of bins or intervals of values for data fields that, in unmodified form, would have continuous values (such as data fields for amount applied for, amount approved, gross annual revenue, or number of workers). Unmodified continuous data fields can be highly identifying, depending on the data field, but binning these values can reduce the risk of re-identification substantially. An additional approach for continuous data fields would be to top- or bottom-code the data field to prevent extreme values from being released that may be particularly identifiable. This approach could be performed alone or in conjunction with recoding the data into intervals.

Other techniques. The Bureau might also consider “targeted suppression” techniques. Targeted suppression makes certain values of data points unavailable for records when a certain combination of values is held by too few records. The Bureau might consider, for example, treating certain values of data points as “not available” if the application is the only small business application from a particular census tract. Targeted suppression can be applied in several ways. One way would be to remove the value of a field that makes the record identifiable. For example, if census tract and NAICS code identify a record, the microdata could delete the value of the NAICS code for any applications that are in cells deemed sensitive. A second approach could leave the census tract and NAICS code but suppress the values of other data points. This method would reduce the potential harm if the record were re-identified. A third approach could be to remove the record from the dataset entirely. In general, suppression is a more common approach for aggregate data than for application-level data.

One drawback to targeted suppression is that it complicates data analysis for any end user. For example, with respect to the public application-level 1071 data, a data user would be presented with millions of rows, but in certain rows and for certain data points, values would be missing. Another drawback is that suppression would need to be done in a way such that the remaining unmodified data do not provide a user with the ability to back out the modified field, sometimes involving complementary suppression or deleting values of other applications to ensure that the missing value cannot be reengineered. The Bureau seeks comment on whether targeted suppression techniques could preserve the benefits of the public application-level 1071 data, and, if so, what the Bureau should consider as the minimum cell size to implement targeted suppression.

The Bureau seeks comment on other modification techniques, such as “data swapping” (sometimes called “switching”). Data swapping involves finding two records that are similar on several dimensions and swapping the values for other data fields between the two records. In effect, data swapping would require that the Bureau preserve certain data fields while swapping others. Another set of techniques for addressing privacy risks for continuous data would involve adding “random noise” to the reported values. For example, under “additive noise techniques,” a random value is added to the existing value of the data field. Under “multiplicative noise techniques,” the true value is multiplied by a random value. The Bureau seeks comment on whether such techniques would preserve the benefits of the public application-level 1071 data. A drawback to these approaches is that data would be released with values that do not match the true values of the underlying data. Data users would need to take such modifications into account when performing any analyses.

The Bureau has considered the SER recommendation for allowing financial institutions to identify records that might present heightened re-identification risk. The Bureau appreciates this suggestion but is not proposing it because privacy risks are likely common to many types of applicants, related natural persons, and financial institutions and such risks should be addressed in a broader context, such as through this proposal. The Bureau's proposed process for obtaining public input on the balancing test is discussed under Implementation of the Balancing Test in part VI.C.2 above.

6. Preliminary Application of the Balancing Test to Public Application-Level 1071 Data

As explained above, the Bureau does not yet have data under section 1071 and does not believe that there are comparable datasets that it could use as an adequate proxy for 1071 data to which it could apply the balancing test at this time. However, as recommended by the SBREFA Panel, the Bureau is providing additional detail on how it would apply the balancing test to the 1071 data fields as set forth in the proposal.

In accordance with the proposed balancing test described above, privacy risks may not be justified by the benefits of disclosure if disclosing the data field in unmodified form would substantially facilitate the re-identification of applicants and related natural persons, or disclose information about an applicant, related natural persons, or a financial institution that is not otherwise public and may be harmful or sensitive. The Bureau has proposed modifications or deletions for the proposed financial institution identifying information (other than contact information for natural persons), and the proposed use of free-form text for certain data. The Bureau also is proposing not to disclose the proposed unique identifier in unmodified form. However, because the Bureau is not conducting a full re-identification analysis at this time, it has not determined whether the privacy risks of disclosing the other proposed data fields in unmodified form in the public application-level 1071 data would be justified by the benefits of disclosure. Accordingly, the Bureau has not yet determined whether data fields—other than those for the proposed unique identifier data point, the proposed financial institution identifying information, and the proposed free-form text that would be used to report some of the data—should be deleted, modified, or published in unmodified form.

The Bureau is setting forth its preliminary analysis below to provide transparency and obtain public feedback. The Bureau seeks comment on its analysis of the public disclosure benefits and privacy risks for each data field. Specifically, the Bureau seeks comment on the following issues with respect to each data field, individually or in combination with others: (1) Whether there are additional benefits of unmodified public disclosure in light of the purposes of the statute; (2) whether disclosure in unmodified form would reveal additional information that might be considered harmful or sensitive by an applicant, related natural person, or financial institution; and (3) whether disclosure in unmodified form would significantly contribute to the risk that an applicant or related natural person might be re-identified. The Bureau seeks comment on other modification techniques it could use, and whether deletion would appropriately balance the benefits of disclosure with privacy risks.

i. Unique Identifier

Proposed § 1002.107(a)(1) would require financial institutions to collect and report an alphanumeric identifier, starting with the legal entity identifier of the financial institution, unique within the financial institution to the specific covered application, and which can be used to identify and retrieve the specific file or files corresponding to the application for or extension of credit.

Disclosing the unique identifier in the public application-level 1071 data in unmodified form would help data users conducting fair lending analysis or seeking to identify business and community development needs or opportunities. This data field would allow data users to run analyses that quickly compare specific records to detect trends or disparities. The unique identifier would also provide data users a way to identify, distinguish, and organize credit and application data, which is invaluable for data processing.

Disclosing the unique identifier in the 1071 data in unmodified form by itself would likely disclose minimal, if any, information about an applicant or related natural person that may be harmful or sensitive if such person were re-identified, or that may be harmful or sensitive to an identified financial institution. As noted above, section 1071 prohibits financial institutions from including in 1071 records certain personally identifiable information that directly identifies a natural person applicant or someone connected with the applicant. In addition the Bureau is proposing to prohibit financial institutions from reporting information that would directly identify a small business. For these reasons, the Bureau does not expect that the unique identifier would be considered harmful or sensitive.

A few industry stakeholders expressed concern that small businesses could be identified if application or loan numbers were added to UCC filings. Although publicly available datasets do not presently include the unique identifier data field, financial institution legal entity identifiers are publicly available, and the Bureau is aware of rare instances in which a loan number is included in UCC filings. In addition, as the Bureau noted in its policy guidance on the disclosure of loan-level HMDA data, many jurisdictions publicly disclose real estate transaction records in an identified form, and the Bureau believes many financial institutions include loan numbers on these publicly recorded documents.

The Bureau believes inclusion of the proposed unique identifier, rather than application or loan numbers, would limit the possibility of using application or loan number to match 1071 data to those publicly recorded documents, thus reducing risk of re-identification. However, there is a risk that, after financial institutions begin to report data under section 1071, they may replace the loan numbers currently assigned to small business loans with the unique identifier and, if they do, the unique identifier could be included on publicly recorded documents. Especially considering the uniqueness of the identifiers, this data field on a publicly recorded document could be used to match a 1071 record to an identified public record directly and reliably.

In light of these potential re-identification risks, the Bureau proposes not to publish the proposed unique identifier data field in unmodified form. The Bureau seeks comment on whether there are modifications that would appropriately balance identified privacy risks and disclosure benefits. The Bureau is considering the feasibility of disclosing a separate unique identifier that the Bureau could create. The Bureau is also considering deleting the data field from the public application-level 1071 data, but seeks comment on whether the proposed deletion would create challenges for users of the data and, if so, how the Bureau could address those challenges other than by creating a separate unique identifier. The Bureau notes that some of the benefits of the unique identifier in analyzing the data could be achieved through the Bureau's proposed disclosure of LEI, as discussed in part VI.C.6.xviii below. The Bureau also notes that the universal loan identifier reported to the Bureau under HMDA, which is similar in function to the proposed unique identifier, is currently excluded from the public loan-level HMDA data.

The Bureau seeks comment on this analysis as well as its proposal not to publish the unique identifier in unmodified form.

ii. Application Date

Proposed § 1002.107(a)(2) would require financial institutions to collect and report the date the covered application was received by the financial institution or the date shown on a paper or electronic application form.

Disclosing application date in the public application-level 1071 data in unmodified form would allow data users to monitor trends over time in small business lending. Application date also would provide a disaggregated piece of temporal data that can be used to identify seasonality in small business lending (for example, when combined with the pricing data fields to show interest rates charged to applicants over a specific date range). In fair lending analyses, application date would provide data users with the means to compare level of service (from application date to action taken date) and identify potential disparities on a prohibited basis between applications. Application date could also act as a control for factors that may provide a legitimate explanation for some disparities, such as interest rates during different time periods or differences in general economic conditions or institutional practices over time.

By itself, disclosing application date in the 1071 data in unmodified form would likely disclose minimal, if any, information about an applicant or related natural person that may be harmful or sensitive if such person were re-identified, or that may be harmful or sensitive to an identified financial institution. It is conceivable that an adversary such as a competitor or other market participant may find it helpful to understand when a business is seeking credit; for example, to better understand the business's strategy and cash flow needs. In addition, marketers and creditors could use this information to target products to entities recently in the market for credit, either to deploy new funds or to refinance out of a current loan. However, the Bureau does not believe that disclosing the application date would otherwise disclose sensitive information about a small business or its owner, or any information that would be used for harmful purposes. Any utility of this data field for such purposes would be curtailed by the time lag in public release of the 1071 data.

The Bureau has not identified publicly available datasets that include data fields an adversary could directly match to the application date field. However, an adversary may be able to infer a likely origination date based on typical time lags between application, credit decision, and origination, potentially enabling matching to other datasets that record these later dates.

If the Bureau determines that application date should be modified, the Bureau may consider disclosing the application date at a higher level; for example, disclosing the month and year but not the specific date. In light of the potential re-identification risk arising from this data field, the Bureau seeks comment on whether there are other specific modifications it should consider, and whether deletion would balance the risks and benefits of disclosure.

The Bureau seeks comment on this analysis.

iii. Application Method and Application Recipient

Proposed § 1002.107(a)(3) would require financial institutions to collect and report the means by which the applicant submitted the covered application directly or indirectly to the financial institution. A financial institution would report whether the applicant submitted the application in person, by telephone, by mail, or online. Proposed § 1002.107(a)(4) would require financial institutions to collect and report whether the applicant submitted the covered application directly to the financial institution or its affiliate, or whether the applicant submitted the covered application indirectly to the financial institution via a third party.

Disclosing application method and whether the application was submitted indirectly in the public application-level 1071 data would further the fair lending enforcement purpose of the statute. Application method information would allow the public to better understand the role of the financial institution as a creditor and would facilitate pricing analyses by helping the public identify potential factors in pricing outcomes. In addition, proposed § 1002.107(a)(20) would require the collection of race or ethnicity information for the applicant's principal owner(s) using visual observation or surname in certain circumstances. If the Bureau finalizes this proposal, application method information would provide context for the information collected.

Information about application method and whether the application was submitted directly or indirectly also would promote the community and business development purposes of the statute. This information would improve the public's understanding of the structure of small business lending originations across the market, the methods by which credit is originated for particular groups or underserved markets, and trends over time (for example, the extent to which applicant preferences shift from in-person to online interactions).

Disclosing application method and whether the application was submitted directly or indirectly, in unmodified form, would likely disclose minimal, if any, information about an applicant or related natural person that may be harmful or sensitive if such person were re-identified. If applicants or related natural persons were re-identified, application method is likely to be of relatively limited utility to an adversary because it conveys little information about a natural person's characteristics or a business's financial condition. While adversaries interested in targeted marketing could direct future marketing efforts to a business using the same application channel, it is likely that marketing firms already possess strategic information about the best methods for establishing contact. Unmodified disclosure of application method and whether the application was submitted indirectly may reveal information that financial institutions regard as harmful or sensitive, but, as discussed under Risk of Harm or Sensitivity in part VI.C.4.ii above, the Bureau does not believe that disclosure would permit the reverse-engineering of a financial institution's proprietary lending models.

The Bureau has not identified publicly available datasets that include data fields an adversary could directly match to the application method or application recipient data fields in unmodified form in the public application-level 1071 data with respect to an applicant or related natural person. While the Bureau's HMDA data and the GSE loan-level datasets include acquisition channel information in loan-level data, these datasets do not identify applicants or related natural persons. Therefore, an adversary would face challenges in using application method or application recipient information to match a section 1071 record to an identified publicly available record. However, the Bureau seeks comment on whether there are other identifiable application/loan-level datasets that include this information or whether HMDA data or the GSE loan-level datasets could be matched to other identifiable datasets.

The Bureau seeks comment on this analysis.

iv. Credit Type

Proposed § 1002.107(a)(5) would require financial institutions to collect and report to the Bureau certain information about the type of credit applied for or originated. The proposal would require financial institutions to report three categories of information that together constitute the type of credit. First, the proposal would require financial institutions to report the type of credit product. Second, the proposal would require financial institutions to report the type or types of guarantees that were obtained for an extension of credit, or that would have been obtained if the covered credit transaction had been originated. Third, the proposal would require financial institutions to report the length of the loan term, in months, if applicable.

Disclosing data about the type of credit product, type of guarantee, and loan term in the public application-level 1071 data in unmodified form would facilitate enforcement of fair lending laws by allowing data users to determine whether any disparities in underwriting or pricing may be due to differences in these features of a loan.

Disclosing these data would also be useful for identifying business and community development needs. These data would enable the public to understand whether certain types of credit are disproportionately available to certain groups. For example, information about the presence or lack of collateral would provide more information about lending patterns in different geographic areas and for different groups of applicants. Furthermore, each of the credit type data fields would help the public avoid misinterpretations of the 1071 data. In addition, information on the distribution of government loan guarantees (such as those provided in SBA programs) across different geographic areas and groups of applicants could provide information about how those programs function on the ground, aiding in fulfilling the business and community development purpose of section 1071. Information about the type of guarantee would also allow communities, governmental entities, and creditors to monitor the use of personal guarantees, which carry additional risk to the guarantors and businesses. Finally, information about loan term would provide insights into the pricing and sustainability of closed-end credit transactions.

The Bureau believes that data about the type of credit product, type of guarantee, and loan term could disclose information that may be harmful or sensitive to applicants or related natural persons. A business's competitors could use these data fields—in conjunction with the loan amount and pricing data fields—to draw inferences about the business's financial condition based on whether the business obtained credit on favorable or unfavorable terms. The type of guarantee data fields could indicate heightened credit risk for the applicant. Credit type data also could be used for targeted marketing of products and services that may pose risks that are not apparent to the business or related natural persons.

Disclosure of the type of credit product, type of guarantee, and loan term in unmodified form may reveal information that financial institutions regard as harmful or sensitive, such as the types of products they offer or the government programs in which they participate. However, as discussed under Risk of Harm or Sensitivity in part VI.C.4.ii above, the Bureau does not believe that disclosure of these data fields would permit the reverse-engineering of a financial institution's proprietary lending models. Furthermore, general information about the types of credit a financial institution is offering is widely available on creditor websites and in marketing materials.

The Bureau is aware that certain identified datasets include application-level information on the type of credit product, type of guarantee, or loan term. Government lending programs, such as the SBA's 7(a) and 504 programs, publish loan-level data that indicate the term of the loan and whether the loan is a term loan or a line of credit. In some States, UCC filings may include some information related to the type of collateral. In the Bureau's view, the existing public availability of this information decreases the potential harm or sensitivity of disclosing information about the type of credit product, type of guarantee, and loan term in the 1071 data.

The Bureau has identified publicly available datasets that include data fields an adversary could directly match to the credit type data fields in unmodified form in the public application-level 1071 data with respect to an applicant or related natural person. As noted above, information about the type of credit product, loan term, and type of collateral is found in many publicly available datasets, including data from government lending programs and, in some States, UCC filings. Therefore, in many cases, an adversary could use this information, combined with other fields, to match a section 1071 record to an identified publicly available record.

If the Bureau determines that the type of guarantee should be modified, the Bureau may consider disclosing values that are more general than the values reported to the Bureau. For example, the Bureau could disclose “Federal guarantee” instead of disclosing the specific program. If the Bureau determines that the loan term should be modified, the Bureau may consider recoding loan term data into bins—for example, using intervals of two or five years—to reduce the potential for re-identification risk.

The Bureau seeks comment on this analysis.

v. Credit Purpose

Proposed § 1002.107(a)(6) would require financial institutions to collect and report to the Bureau the purpose or purposes of the credit applied for or originated.

Disclosing the purpose of the credit in the public application-level 1071 data in unmodified form would facilitate enforcement of fair lending laws. Because financial institutions may generally consider credit used for certain purposes to be riskier than credit used for other purposes, data about the purpose of the credit would help ensure that users can compare applicants with similar profiles, thereby controlling for factors that might provide non-discriminatory explanations for some disparities in credit and pricing decisions. Disclosing data about the purpose of the credit would also be useful for identifying business and community development needs and opportunities of small businesses. Information about the purpose of the credit would help the public understand whether small businesses face barriers accessing credit that they would be seeking to use for a particular purpose. In conjunction with NAICS code and census tract, information about the purpose of the credit could help the public understand whether small businesses in certain industries or in certain communities face unique challenges accessing credit to, for example, purchase equipment or expand their businesses.

Disclosing the purpose of the credit in the 1071 data in unmodified form by itself would likely disclose minimal, if any, information about an applicant or related natural person that may be harmful or sensitive if such person were re-identified, or that may be harmful or sensitive to an identified financial institution. However, information about the purpose of the credit could be useful to adversaries such as a small business's competitors, potential acquirers, or new market entrants, since it contains information about a business's strategy and performance, such as whether a business is expanding or conducting an acquisition. Nonetheless, this information would generally not be detailed enough to cause small businesses competitive harm. The value of this information to a small business's competitors is also likely to be mitigated by the delay between the date of action taken on a loan and the publication of the application-level 1071 data.

Disclosure of credit purpose in unmodified form may also reveal information that financial institutions regard as harmful or sensitive, such as information that a financial institution offers credit that is used for certain purposes. However, as discussed under Risk of Harm or Sensitivity in part VI.C.4.ii above, the Bureau does not believe that disclosure would permit the reverse-engineering of a financial institution's proprietary lending models.

The Bureau has not identified publicly available datasets that include data fields an adversary could directly match to the credit purpose data fields in unmodified form in the public application-level 1071 data with respect to an applicant or related natural person. Identified public datasets pertaining to small business loans generally do not contain information about the purpose of the credit. Therefore, an adversary would have difficulty using the credit purpose data fields to match a section 1071 record to an identified publicly available record accurately.

The Bureau seeks comment on this analysis.

vi. Amount Applied for

Proposed § 1002.107(a)(7) would require financial institutions to collect and report to the Bureau the initial amount of credit or the initial credit limit requested by the applicant.

Disclosing amount applied for in the public application-level 1071 data in unmodified form would help facilitate enforcement of fair lending laws by allowing data users to control for other variables in the data. Several industry representatives expressed concern that these data could lead to misinterpretations based on perceived disparate treatment as opposed to the complex nature of commercial lending. For example, financial institutions may consider different or additional underwriting criteria, depending on the amount applied for. Applications for large lines of credit might require an in-depth cash-flow analysis, while a smaller line of credit may be underwritten, in part, based on a business's (or business owner's) credit scores. In conjunction with amount approved or originated, this data field would allow data users to determine the difference between the amount an applicant requested, and the amount approved or originated. This information would also help data users identify potentially discriminatory lending patterns and distinguish them from legitimate business factors when combined with other data. This type of information is important to consider in fair lending analyses since the amount applied for may affect the likelihood of denial or the price of an approved loan.

Amount applied for would also help data users understand lending disparities. For example, data users would be able to identify potential fair lending violations where certain small businesses disproportionately receive less credit than applied for on a prohibited basis. Finally, the amount applied for would help communities, governmental entities, and creditors monitor the demand for credit. Specifically, when combined with NAICS code and census tract, the amount applied for could help data users assess the demand for credit in particular industries and communities and enable data users to devise strategies for narrowing or eliminating potential inequalities.

Disclosing amount applied for in the 1071 data in unmodified form would likely disclose information about an applicant or related natural person that may be harmful or sensitive if such person were re-identified. Business owners might view details about the amount applied for as sensitive, particularly where they are concerned about the risk of being re-identified as an applicant for credit. In addition, the amount applied for could also lead to targeted marketing of products or services that pose risks that are not apparent, because it could help lenders target small businesses that received less credit than they requested with offers for loans at higher rates or fees. The amount applied for is generally not included in other publicly available data, so it would likely not be useful to adversaries seeking to match 1071 data with other publicly available data. However, the Bureau believes amount applied for would be useful to an adversary. For example, a significant shortfall between the amount applied for and the amount approved could be used either by an applicant's competitor or by a consumer, to infer that the business has a relatively weak financial position. With information on whether or not a business is granted a loan, an adversary might gain insight into the scale of a business's objectives based on the amount applied for and/or approved. The relative scarcity of this information at present would also increase the value to adversaries of re-identification. In addition, as discussed under Risk of Harm or Sensitivity in part VI.C.4.ii above, the Bureau does not believe that disclosure would permit the reverse-engineering of a financial institution's proprietary lending models.

The Bureau has not identified publicly available datasets that include data fields an adversary could directly match to the amount applied for data field in unmodified form in the public application-level 1071 data with respect to an applicant or related natural person.

If the Bureau determines that the amount applied for should be modified, the Bureau may consider recoding the data into bins. For example, the Bureau could recode the amount applied for into bins of $25,000.

The Bureau seeks comment on this analysis.

vii. Amount Approved or Originated

Proposed § 1002.107(a)(8) would require financial institutions to collect and report to the Bureau: (i) For an application for a closed-end credit transaction that is approved but not accepted, the amount approved by the financial institution; or (ii) for a closed-end credit transaction that is originated, the amount of credit originated; or (iii) for an application for an open-end credit transaction that is originated or approved but not accepted, the amount of the credit limit approved.

Disclosing amount approved or originated in the public application-level 1071 data in unmodified form would allow users to identify potentially discriminatory lending patterns in which small business applicants might be receiving less credit due to a prohibited basis. These data would also enable data users to devise strategies for narrowing or eliminating these inequalities. Additionally, in conjunction with amount applied for, disclosure of these data fields would allow data users to determine if there is a difference between the amount requested and the amount approved or originated. This information would help data users identify any potentially discriminatory lending patterns in which small businesses might disproportionately receive less credit than what they applied for on a prohibited basis. As described above, when combined with the amount applied for, these data also could provide significant value as a control in fair lending analysis. Additionally, due to the sometimes complex nature of underwriting in commercial lending, when combined with credit purpose these data would allow users to identify potential discrimination when comparing loan applications for similar purposes.

The amount approved or originated would also be useful for business and community development purposes. Disparities with respect to the provision of credit can significantly impede the growth of women-owned and minority-owned businesses. When combined with census tract, these data could help users understand whether women-owned and minority-owned businesses are experiencing issues accessing credit in their communities (separate from the question of whether potential fair lending violations are occurring). When combined with NAICS codes, these data could help users understand whether women-owned and minority-owned businesses in particular industries are struggling to access credit. In addition, these data would allow data users to approximate the size of the small business lending market.

Like the amount applied for data field, disclosing amount approved or originated in the 1071 data in unmodified form would likely disclose information about an applicant or related natural person that might be harmful or sensitive if such person were re-identified, or that might be harmful or sensitive to an identified financial institution. The Bureau believes that information about the amount approved or originated could be useful to potential adversaries. For example, for creditors, these data fields would provide some insight into competitors' lending practices, particularly when combined with other data points such as gross annual revenue, number of workers, time in business, and pricing. These data might allow creditors to make general inferences about the relative risk appetites of their competitors. However, as discussed under Risk of Harm or Sensitivity in part VI.C.4.ii above, the Bureau does not believe that disclosure would permit the reverse-engineering of a financial institution's proprietary lending models.

The Bureau has identified publicly available datasets that include data fields an adversary could directly match to the amount approved or originated data fields in unmodified form in the public application-level 1071 data with respect to an applicant or related natural person. Credit amount approved or originated is often widely available in public datasets, such as loan-level data for the SBA 7(a) and 504 programs, as well as property records and UCC filings. Therefore, in unmodified form, adversaries would be able to match the amount of credit approved or originated to an existing public record.

If the Bureau determines that the amount approved or originated should be modified, the Bureau may consider recoding the data into bins. For example, the Bureau could recode the data into bins of $25,000.

The Bureau seeks comment on this analysis.

viii. Action Taken (Type) and Denial Reasons

Proposed § 1002.107(a)(9) and (11) would require financial institutions to collect and report to the Bureau the action taken by the financial institution on the covered application, reported as originated, approved but not accepted, denied, withdrawn by the applicant, or incomplete; and if applicable, for denied applications, the principal reason or reasons the financial institution denied the covered application.

Disclosing action taken and denial reasons in the public application-level 1071 data in unmodified form would provide important data on credit outcomes for small businesses, including women-owned and minority-owned small businesses, that apply for credit. Data provided by these data fields would allow data users to examine the rates of originations, approvals, denials, and incomplete and withdrawn applications, and whether they differ among groups protected under ECOA. Of the stakeholders that provided feedback on this issue, several supported the collection of action taken and denial reason data in order to track demand for credit and identify potential discrimination. Information that credit was originated or was approved, but not accepted, would help data users determine whether there are potential disparities in the terms and conditions received by women-owned and minority-owned small businesses. Information that an application was incomplete or withdrawn would highlight potential issues of discouragement, level of assistance disparities, or other discriminatory treatment that could cause women-owned or minority-owned small businesses to walk away from the lending process or otherwise fail to complete the application. One commenter stated that capturing incomplete and withdrawn applications was important as it may reflect discouragement or discriminatory treatment, and that the approved but not accepted category could reflect less favorable pricing or loan terms. For example, when combined with amount approved or originated, data users could also identify issues of possible discouragement where lenders have potentially under-funded loan applications from women-owned and minority-owned businesses.

Denial reasons would help data users examine reasons for credit denials particularly for women-owned and minority-owned businesses. For example, when combined with action taken date, denial reasons could help identify potential denial reasons disproportionately affecting protected classes, which may be useful to identify discrimination and enable data users to potentially develop strategies for narrowing or eliminating inequalities. These data would also be useful as a way to compare similarly situated applicants, which could be useful to both identify and explain potential disparities. Disclosing action taken and denial reasons would also be useful for business and community development purposes. The type of action taken would provide insights into the supply of credit. Data users would be able to monitor rates of credit denial, which can provide information on the willingness of creditors to lend, when combined with other data. Granular denial reason codes would also provide useful actionable information to small business applicants generally. For example, where small businesses are denied loans because of insufficient collateral, or time in business, data users could help direct programs and investment targeted specifically to these businesses in a particular community. When combined with census tract, analysis of denial reasons by geographical area could help identify whether small businesses in certain areas are experiencing higher rates of denial and the specific reasons for denial.

During the SBREFA process, stakeholders commented that disclosure of denial reasons would be embarrassing for applicants and might discourage them from applying for credit. Several industry commenters believed that reporting reasons for denial would reveal information that would be very harmful or sensitive for businesses or natural persons. The Bureau agrees that this information could be harmful or sensitive for applicants or related natural persons.

Commenters also described sensitivities associated with originated loans, such as concerns that some small business owners could be reluctant to be perceived as needing credit in the first place. One industry stakeholder believed that disclosure of action taken would allow competitors to reverse engineer a financial institution's credit scoring model. The Bureau does not believe disclosing the fact that credit was sought, in and of itself, likely would be harmful or sensitive to small businesses because credit is widely used by small businesses. Furthermore, the harm or sensitivity of disclosing information that credit was originated is mitigated by the publication of originated loan details in UCC filings, for instance. Additionally, as discussed under Risk of Harm or Sensitivity in part VI.C.4.ii above, the Bureau does not believe that disclosure of action taken would permit the reverse-engineering of a financial institution's proprietary lending models.

The Bureau has not identified publicly available datasets that include data fields an adversary could directly match to data fields for denied applications (and reasons for denial) in unmodified form in the public application-level 1071 data with respect to an applicant or related natural person. However, at a category level, these data fields could tell adversaries which records it may be possible to match against other databases that include originated loans, as opposed to unoriginated loan records that cannot be matched in this way. Credit denials or credit offered but not originated are generally not disclosed to the public. Specifically, most of these data fields included in this data point are not found in publicly available sources of records that contain the identity of an applicant; the only data field that would be consistently available would be for originated loans. Without such an identified publicly available record to match with, there would likely be difficulty in attempting to re-identify an applicant by matching a 1071 record using these data fields.

However, as discussed under Re-Identification Risk in part VI.C.4.i above, adversaries may be able to use other data fields, such as census tract, NAICS code, and identified public information, such as business directories, to determine the identity of an applicant or related natural person. Thus, if applicants and related natural persons could be re-identified, an adversary could learn information about application denials for these businesses and use this information for a variety of purposes.

The Bureau seeks comment on this analysis. In light of the potential harm or sensitivity arising from the disclosure of application denials and the reasons for denial, the Bureau seeks comment on whether there are specific modifications it should consider, and whether modifying these data fields by grouping them, or deleting these data fields, would appropriately balance the privacy risks and benefits of disclosure, in light of the purposes of section 1071.

ix. Action Taken Date

Proposed § 1002.107(a)(10) would require financial institutions to collect and report the date of the action taken by the financial institution.

Disclosing action taken date in the public application-level 1071 data in unmodified form would allow data users to monitor trends over time in small business lending more precisely than they could if only the year were disclosed. When combined with application date, information about the date of action taken would enable data users to determine the length of time, for different groups, between when businesses applied for credit and when they received the credit decision. This information would have benefits for fair lending analysis, allowing data users to determine whether certain groups experience different processing times (for example, longer processing for women-owned business, or faster denials for minority-owned businesses). The action taken date also would help ensure that users evaluating potential disparities in pricing or other terms and conditions can compare applicants that obtained loans on similar dates, thereby controlling for factors that might provide a legitimate explanation for some disparities, such as different market interest rates or different institutional practices over different time periods.

Disclosing action taken date in the 1071 data in unmodified form would likely disclose minimal, if any, information about an applicant or related natural person that may be harmful or sensitive if such person were re-identified, or that may be harmful or sensitive to an identified financial institution.

The Bureau has identified publicly available datasets that include data fields an adversary could directly match to the action taken date data field in unmodified form in the public application-level 1071 data with respect to an applicant or related natural person. Public availability of the action taken date depends on the type of action taken. For example, the approval date of originated loans is widely publicly available in SBA 7(a), 504, and other program loan-level records that identify borrowers, and the date of executed agreements is often available for property records and UCC filings, which could be closely related to action taken date. For originated loans, action taken date would substantially facilitate matching with publicly available datasets that identify borrowers. Additionally, the 1071 data could identify the lender as well as the application date and action taken date. Where action taken date is on or near the UCC filing date, for example, an adversary might be able to use the date and lender on the UCC filings to identify the borrowers of originated loans in the eventual 1071 data. Action taken date may be less useful in re-identifying applicants of loans that were not originated because the action taken date for such loans is rarely publicly available.

If the Bureau determined that action taken date should be modified, the Bureau may consider disclosing the date at a higher level; for example, disclosing the month in which action was taken, but not the specific date. This could reduce the re-identification risk from sources such as UCC filings that may include the specific date of action taken. In light of the potential re-identification risk arising from this data field, the Bureau seeks comment on whether there are other specific modifications it should consider and whether deletion would balance the risks and benefits of disclosure.

The Bureau seeks comment on this analysis.

x. Pricing Information

Proposed § 1002.107(a)(12) would require financial institutions to collect and report to the Bureau the following information regarding the pricing of a covered credit transaction that is originated or approved but not accepted, as applicable: (i) The interest rate; (ii) total origination charges, defined as the total amount of all charges payable directly or indirectly by the applicant and imposed directly or indirectly by the financial institution at or before origination as an incident to or a condition of the extension of credit; (iii) broker fees, defined as the total amount of all origination charges that are fees paid by the applicant directly to a broker or to the financial institution for delivery to a broker; (iv) initial annual charges, defined as the total amount of all non-interest charges that are scheduled to be imposed over the first annual period of the covered credit transaction; (v) additional costs for merchant cash advances or other sales-based financing, defined as, for a merchant cash advance or other sales-based financing transaction, the difference between the amount advanced and the amount to be repaid; and (vi) prepayment penalties.

The Bureau believes that these pricing data fields would serve to further both the fair lending purpose and the business and community development purpose of section 1071. The statutory data points alone offer limited insight into underwriting disparities and no insight into predatory prices or pricing disparities. For example, the statutory data points alone might show that a particular market segment is expanding and apparently filling an important need, but this could actually be an area with predatory conduct. Pricing information would allow the Bureau and others to understand the situation more accurately. Data collection without pricing information could have the unintended consequence of incentivizing irresponsible lending, as providers seeking to increase representation of underserved groups could be encouraged to adopt high-cost models of lending.

Without information on pricing, data users would be unable to screen for fair lending pricing risks and prioritize fair lending enforcement resources. In addition, if potential discriminatory conduct is monitored effectively with regard to loan approvals, but not with regard to pricing, industry compliance systems may focus solely on approvals and denials and ignore potential pricing disparities. Having pricing data available in the public application-level 1071 data would also increase transparency and demonstrate to responsible lenders where business opportunities exist to offer credit to underserved markets. Pricing data could also help small businesses identify where credit may be available on better terms. The Bureau provides additional analysis of the benefits of the pricing data fields in the section-by-section analysis of proposed § 1002.107(a)(12) above, including proposed § 1002.107(a)(12)(i) through (vi).

During the SBREFA process, several industry commenters expressed concern that pricing data could lead financial institutions to artificially flatten prices or create misperceptions about disparities among applicants, in light of the complexity of underwriting decisions. One industry commenter stated that pricing data could present “privacy risk” to applicants in rural communities, without specifying the nature of the risk. Several SERs stated that pricing data may be sensitive to financial institutions. One of these SERs suggested that even aggregate pricing information would be commercially sensitive data for a financial institution. While acknowledging other SERs' concerns, a few SERs stated that information on competitors' pricing is relatively easy to obtain now.

The Bureau believes that information about the interest rates and fees charged in connection with credit represents basic information about the features of a product generally would present low risk of harm or sensitivity. Disclosure of pricing data in unmodified form may reveal information that some applicants or related natural persons may regard as harmful or sensitive, such as a reflection of their perceived credit risk. However, the Bureau received feedback during the SBREFA process that multiple factors contribute to pricing for small business credit. Disclosure of pricing data in unmodified form may also reveal information that financial institutions regard as harmful or sensitive, such as the prices a financial institution charges for certain types of credit. However, as discussed under Risk of Harm or Sensitivity in part VI.C.4.ii above, the Bureau does not believe that disclosure of pricing information would permit the reverse-engineering of a financial institution's proprietary lending models.

The Bureau has identified publicly available datasets that include data fields an adversary could directly match to the pricing data fields in unmodified form in the public application-level 1071 data with respect to an applicant or related natural person. Identified data about the interest rate and fees charged for a given loan are available from a limited number of publicly available datasets, such as data for the SBA 7(a) and 504 programs. Additionally, the PPP loan program has a uniform 1 percent interest rate.

During the SBREFA process, one industry stakeholder stated that, if pricing data are collected, the Bureau should publish them along with demographic information only in aggregate form, such as at an industry or multi-firm level, rather than the application level. The commenter stated that publication of pricing information along with demographic information risks creating the perception of potential fair lending violations that are not based on adequate analysis. The Bureau notes that 1071 data alone (including pricing data) generally could not be used to determine whether a lender is complying with fair lending laws. For example, HMDA data have a long history of utility for fair lending purposes even though they alone generally do not offer proof of compliance with fair lending laws. Additionally, in the section-by-section analysis of proposed § 1002.107(a)(12) above, the Bureau seeks comment on additional information that could help reduce misinterpretations of disparities in pricing, including modifications to the pricing information under proposed § 1002.107(a)(12).

If the Bureau determines that pricing data should be modified, the Bureau may consider recoding the pricing information data fields into bins. For example, the Bureau may consider recoding interest rates into bins of 0.25 percentage points or origination fees into bins of $500. The Bureau may also consider top-coding pricing data fields, which would mask particularly high values.

The Bureau seeks comment on this analysis.

xi. Census Tract

Proposed § 1002.107(a)(13) would require financial institutions to collect and report the census tract in which is located: (1) The address or location where the proceeds of the credit applied for or originated will be or would have been principally applied; or, (2) if this information is unknown, the address or location of the main office or headquarters of the applicant; or, (3) if this information is also unknown, another address or location associated with the applicant. In addition to reporting the census tract, the financial institution would be required to indicate which one of these three types of addresses or locations the census tract is based on.

Disclosing census tract data in the public application-level 1071 data in unmodified form would aid in fulfilling both the fair lending and business and community development purposes of section 1071 by providing more useful information on the location of the credit activity for fair lending analysis and understanding where the business and community development is occurring. With respect to fair lending enforcement, a measure of geography at the neighborhood or community level is necessary to identify redlining—the illegal practice in which those in a certain area or neighborhood are denied access to credit, are charged higher prices, or are otherwise not given the same access to credit as those in other areas, on the basis of race or for some other prohibited reason. Additionally, because differences in the level of competition in the local credit market may contribute to differences in interest rates or approval rates for otherwise similarly situated small businesses, census tract data would help ensure that users can compare applicants with similar profiles, thereby controlling for factors that might provide non-discriminatory explanations for some disparities in credit and pricing decisions.

The inclusion of a geographic indicator, such as census tract, that identifies the appropriate community—not merely the appropriate county or State—would further the statute's community and business development purposes. Census tract data would enable data users to monitor credit conditions in particular communities and identify communities that are underserved by the small business credit market. In addition, requiring data on the nature of the address reported would aid in fulfilling both the fair lending and business and community development purposes of section 1071 by facilitating accurate analyses of the data reported.

Disclosing the census tract in the 1071 data in unmodified form would likely disclose minimal, if any, information about an applicant or related natural person that may be harmful or sensitive if such person were re-identified, or that may be harmful or sensitive to an identified financial institution. The Bureau is aware that, for sole proprietors, the main office address of small business applicants is frequently a home address. However, the actual street address would not be reported or disclosed. In addition, small businesses commonly make their locations available in the normal course of their business by disclosing their addresses.

If the address reflects where the proceeds of the credit will be or would have been principally applied, disclosing the census tract may reveal some information about an applicant's business strategy, particularly if paired with the loan purpose data field. For example, the data could indicate that a small business is pursuing or was pursuing an expansion to a particular address. However, the value of this information to a small business's competitors is likely to be mitigated by the delay between the date of action taken on a loan and the publication of the application-level 1071 data. Disclosure of the census tract in unmodified form may also reveal information that financial institutions regard as harmful or sensitive, such as a financial institution's trade area. However, as discussed under Risk of Harm or Sensitivity in part VI.C.4.ii above, the Bureau does not believe that disclosure would permit the reverse-engineering of a financial institution's proprietary lending models.

During the SBREFA process, several industry stakeholders stated that geographic identifiers such as census tract would have a high potential to contribute to the re-identification of businesses or natural persons, especially in small towns or rural areas, where only one or two businesses may be located in a census tract. Several industry commenters expressed concern about re-identification risks arising from the combination of the census tract data fields with other data fields, noting that it might be difficult to predict which data fields could contribute to re-identification. One commenter stated that tax assessor and UCC records could be used to re-identify businesses in rural areas, and that adversaries with personal knowledge of businesses in rural areas could learn about a business's or natural person's sensitive financial characteristics. Some SERs stated that the combination of geographic identifiers and information about a small business's industry could make it easy to re-identify businesses in remote or rural areas. Two industry stakeholders stated that census tract and data about the type and purpose of financing would contribute to the re-identification of businesses or natural persons. One of these commenters also stated that combining geographic identifiers with data on the amount applied for or approved could contribute to re-identification. One industry commenter stated that census tract, combined with gross annual revenue and NAICS code, could facilitate re-identification of applicants in areas with low populations. A community group stakeholder stated that increasing the universe of financial institutions reporting 1071 data would mitigate privacy concerns about disclosing census tract.

The Bureau has identified publicly available datasets that include data fields an adversary could directly match to the census tract data field in unmodified form in the public application-level 1071 data with respect to an applicant or related natural person. The Bureau expects that, in most cases, the census tract that financial institutions would report to the Bureau would be based on the address or location of the main office or headquarters of the applicant, either because that is where the proceeds of the credit will be applied or because the financial institution does not know the location or address where the proceeds of the credit will be applied, but does know the main office or headquarters address. The Bureau believes that, for many small businesses, this address or location is likely to be publicly available on the internet from sources such as the business's website and review websites. Information about a business's location is also likely available from loan-level data for public loan programs as well as from private datasets, such as from data brokers. Therefore, in many cases, the Bureau believes an adversary could use the census tract data fields, combined with other fields, to match a section 1071 record to an identified publicly available record.

Disclosing the census tract is likely to produce unique instances in the data—particularly when combined with the 6-digit NAICS code, if the 6-digit NAICS code is disclosed in unmodified form. There are currently 73,057 census tracts and 1,057 6-digit NAICS codes, which produce over 77 million combinations. With so many possible combinations, there would likely be many instances in the 1071 data where the census tract and 6-digit NAICS code form a unique combination. Regarding the comment that increasing the universe of financial institutions reporting 1071 data would mitigate privacy concerns about disclosing census tract, the Bureau's proposals regarding the coverage of the 1071 rule are addressed elsewhere in this proposed rule.

During the SBREFA process, several commenters suggested ways the Bureau might modify census tract data to reduce privacy risk. Several industry commenters recommended that the Bureau disclose geographical data on the county or State level to reduce re-identification risk. One SER recommended the reporting of geographic data only at the State level or higher. The SER stated that even county-level data in some areas could potentially lead to re-identification of applicants or borrowers.

A joint comment from a number of community groups recommended that the Bureau consider modifying data with a low number of observations in a census tract to be reported at the zip code or county level. One SER recommended that the Bureau establish a minimum sample size before publishing application-level data for some rural markets to avoid privacy risks. A community group stakeholder recommended masking techniques such as moving data from a census tract with few observations to a contiguous or nearby census tract. This commenter also recommended that the Bureau consider switching records for similarly situated applicants between nearby census tracts to make it impossible to reconnect individual applicants while preserving the benefits of the data.

If the Bureau were to modify census tract, it might consider disclosing a broader location category, such as county or State. Census tracts are defined by the U.S. Census Bureau, and the next-largest geographic identifier in the Census Bureau's hierarchy of geographic identifiers is county. The next-largest geographic identifier after county is State. While likely reducing re-identification risk substantially, disclosing the county or State instead of the census tract would also reduce the utility of the 1071 data. There are 73,057 census tracts, as noted above, but only 3,143 counties, suggesting a significant loss of geographic detail in modifying census tract. The Bureau could potentially use a geographic designation larger than census tract but smaller than county. However, since the use of Census Bureau-defined geographies is widespread, using modifications that already reflect standard Census Bureau-defined geographies significantly improves the utility of the data to data users.

The Bureau seeks comment on this analysis. The Bureau seeks comment on how disclosing the county, State, or some other geographic identifier—rather than the census tract—would affect the benefits of disclosure, the potential for harm or sensitivity, and the potential for re-identification of applicants or related natural persons.

xii. Gross Annual Revenue

Proposed § 1002.107(a)(14) would require financial institutions to collect and report to the Bureau the gross annual revenue of the applicant for its preceding full fiscal year prior to when the information is collected.

Disclosing gross annual revenue in the public application-level 1071 data in unmodified form would facilitate enforcement of fair lending laws. Many creditors use gross annual revenue to help define whether a business is a small business and set revenue thresholds for assigning risk. Information about gross annual revenue would help ensure that users who are evaluating potential disparities in underwriting or pricing can compare small businesses with similar revenues, thereby controlling for a factor that might provide a legitimate explanation for some disparities. Disclosing gross annual revenue would also be useful for identifying business and community development needs and opportunities of small businesses. And because gross annual revenue is often used as a proxy for the size of a small business, these data could allow users to determine the availability of credit for small businesses of various sizes—including the very smallest businesses, which may face unique challenges accessing credit.

Disclosing gross annual revenue in the 1071 data in unmodified form would likely disclose information about an applicant or related natural person that may be harmful or sensitive if such person were re-identified. One SER stated during the SBREFA process that, in the case of sole proprietorships, gross annual revenue can serve as a proxy for the small business owner's personal income. The Bureau believes that disclosing gross annual revenue in unmodified form would likely disclose sensitive information because it could reflect the financial condition of a small business or, where a small business is a sole proprietorship, a natural person. With respect to the risk of harm or sensitivity to financial institutions, other creditors might use gross annual revenue data to learn more about the types of small businesses with which their competitors do business. However, as discussed under Risk of Harm or Sensitivity in part VI.C.4.ii above, the Bureau does not believe that disclosure would permit the reverse-engineering of a financial institution's proprietary lending models.

Gross annual revenue data are likely to be of interest to potential adversaries. As described below, gross annual revenue data are not available on a widespread basis from identified public databases. Competitors of the small business, other commercial entities, creditors, researchers, or persons with criminal intent all may have an interest in using these data to monitor the size or performance of an applicant that may be a rival, partner, or target of inquiry, investigation, or illegal activity.

The Bureau has identified publicly available datasets that include data fields an adversary could directly match to the gross annual revenue data field in unmodified form in the public application-level 1071 data with respect to an applicant or related natural person. Gross annual revenue data are available from private databases. Gross annual revenue data are also available from data for New York State's women- and minority-owned business certification program, in which it is recoded into bins. However, these data are not available from identified public databases on a widespread basis.

During the SBREFA process, a community group stakeholder recommended that the Bureau consider reporting gross annual revenue in categories rather than specific amounts. An industry commenter recommended that the Bureau delete gross annual revenue from the public application-level 1071 data to protect the privacy of an applicant or related natural person. If the Bureau determines that gross annual revenue should be modified, the Bureau may consider recoding gross annual revenue data into bins by, for example, disclosing the data in ranges of $25,000. The Bureau may also consider top-coding gross annual revenue, which would mask particularly high values, thereby reducing the identifiability of application data from businesses with especially high gross annual revenue.

The Bureau seeks comment on this analysis.

xiii. NAICS Code

Proposed § 1002.107(a)(15) would require financial institutions to collect and report to the Bureau a 6-digit North American Industry Classification System (NAICS) code appropriate for the applicant.

Disclosing 6-digit NAICS codes in the public application-level 1071 data in unmodified form would be useful for identifying business and community development needs and opportunities of small businesses. Such business and community development needs and opportunities may differ widely based on industry, even controlling for other factors. For example, 6-digit NAICS codes would help data users understand how small businesses in different industries use credit as well as identify industries in which small businesses face challenges accessing credit. Furthermore, disclosing NAICS codes would provide for consistency and compatibility with other public datasets related to small business lending activity, which generally use NAICS codes. This ability to synthesize 1071 data with other datasets would help the public use the data in ways that would advance both the fair lending and business and community development purposes of section 1071.

Disclosing 6-digit NAICS codes in the 1071 data in unmodified form would also facilitate enforcement of fair lending laws in other ways. Financial institutions often designate certain industries as high-risk, such as industries that have high rates of businesses leaving the market or that deal primarily in cash transactions. The 6-digit NAICS codes would help ensure that users can compare applicants with similar profiles, thereby controlling for factors that might provide non-discriminatory explanations for some disparities in credit and pricing decisions. The Bureau also believes that using the SBA's 6-digit NAICS codes (as opposed to the 2-digit code) would enable the public to identify whether disparities arise at a sector level and would provide more specific information on the types of businesses that are accessing or struggling to access credit.

Including 6-digit NAICS codes in the public application-level 1071 data in unmodified form by itself would likely disclose minimal, if any, information about an applicant or related natural person that may be harmful or sensitive if such person were re-identified, or that may be harmful or sensitive to an identified financial institution. The 6-digit NAICS codes are unlikely to be harmful or sensitive to a small business because information about a small business's industry is likely to be apparent to anyone interacting with it. Disclosure of the 6-digit NAICS codes in unmodified form may reveal information that financial institutions regard as harmful or sensitive, such as the industries with which the financial institution does business. However, as discussed under Risk of Harm or Sensitivity in part VI.C.4.ii above, the Bureau does not believe that disclosure would permit the reverse-engineering of a financial institution's proprietary lending models.

During the SBREFA process, several industry commenters stated that NAICS codes would increase re-identification risk for small businesses, particularly in combination with geographic identifiers, such as census tract. The Bureau has identified publicly available datasets that include data fields an adversary could directly match to the NAICS code data field in unmodified form in the public application-level 1071 data with respect to an applicant or related natural person. A business's NAICS code is likely to be publicly available in loan-level data for public loan programs such as the 7(a), 8(a), or PPP programs and in private datasets. In addition, even where the specific NAICS code may not be publicly available, it could be derived with reasonable accuracy from other public information that is available for most businesses, such as business directories, a business's website, or from personal observation by members of the community where a business is located. Therefore, in many cases, an adversary could use 6-digit NAICS codes, combined with other fields, to match a section 1071 record to an identified publicly available record.

The 6-digit NAICS code data field is likely to produce unique instances in the data, especially when combined with census tract, if census tract is disclosed in unmodified form. There are currently 73,057 census tracts and 1,057 6-digit NAICS codes, which produce over 77 million combinations. With so many possible combinations, there would likely be many instances in the 1071 data where the census tract and 6-digit NAICS code form a unique combination.

If the Bureau determines that the 6-digit NAICS code should be modified, the Bureau may consider disclosing NAICS codes at a higher level by disclosing the 2-digit, 3-digit, or 4-digit NAICS code instead of the 6-digit code. Disclosing NAICS code at a higher level would reduce re-identification risk but would also reduce the utility of the data. There are 1,057 6-digit NAICS codes, as noted above, but there are only 99 3-digit subsectors and 20 broad 2-digit sectors. As a result, disclosing NAICS code at a higher level would reduce the specificity of the information in the 1071 data about the small business's industry.

The Bureau seeks comment on this analysis. The Bureau specifically seeks comment on how disclosing the 2-, 3-, or 4-digit NAICS code—rather than the 6-digit NAICS code—would affect the benefits of disclosure, the potential harm and sensitivity, and potential for re-identification for this data field.

xiv. Number of Workers

Proposed § 1002.107(a)(16) would require financial institutions to collect and report to the Bureau the number of non-owners working for the applicant.

Disclosing number of workers in the public application-level 1071 data in unmodified form would be useful for identifying business and community development needs and opportunities of small businesses. This information would give the public a greater understanding of how the business and community development needs and opportunities of small businesses may differ based on the number of workers. The number of workers would help the public understand, for example, the extent to which “non-employer” businesses, which do not have employees besides the owner, and “microbusinesses,” which are typically defined as having fewer than 10 employees, may face unique challenges accessing credit or may use credit in different ways. Identifying the number of workers would also allow data users to understand the number of jobs supported by loans to a business. Disclosing the number of workers would also advance the fair lending purpose of section 1071. This information would help ensure that users of the 1071 data who are evaluating potential disparities in underwriting or pricing can compare small businesses with a similar number of workers, thereby controlling for a factor that might provide a legitimate explanation for some disparities.

Disclosing number of workers in the application-level 1071 data in unmodified form would likely disclose minimal, if any, information about an applicant or related natural person that may be harmful or sensitive if such person were re-identified, or that may be harmful or sensitive to an identified financial institution. Financial institutions may use data about the number of workers to learn more about the types of small businesses with which their competitors do business. However, as discussed under Risk of Harm or Sensitivity in part VI.C.4.ii above, the Bureau does not believe that disclosure would permit the reverse-engineering of a financial institution's proprietary lending models.

Furthermore, information about the number of workers is also likely to be publicly available for many businesses. State registries of businesses may include information about a business's number of workers. Private databases also commonly include this information, which is often verified by the business. Further, loan-level records from SBA loan programs include a field for the number of jobs supported by a loan, which in some instances may reflect the business's number of workers. In the Bureau's view, the public availability of this information decreases any potential sensitivity or harm of disclosing number of workers in the application-level 1071 data. At the same time, the Bureau believes that the utility of number of workers data in the public application-level 1071 data to potential adversaries would be low due to the widespread public availability of this information.

The Bureau has identified publicly available datasets that include data fields an adversary could directly match to the number of workers data field in unmodified form in the public application-level 1071 data with respect to an applicant or related natural person. As noted above, information about a business's number of workers is found in many publicly available datasets in which the business's name is identified, including State business registries, commercial databases, and loan-level records from SBA loan programs. Therefore, in many cases, an adversary could use number of workers, combined with other fields, to match a section 1071 record to an identified publicly available record. Data on a business's number of workers may easily produce unique combinations, particularly when combined with other data fields in the public application-level 1071 data and particularly for businesses with higher numbers of workers, which are more likely to be unique in the dataset.

If the Bureau determines that the number of workers data field should be modified, the Bureau may consider recoding the data into bins. The Bureau could also top-code number of workers, given that larger values in the 1071 data are more likely to be unique.

The Bureau seeks comment on this analysis.

xv. Time in Business

Proposed § 1002.107(a)(17) would require financial institutions to collect and report to the Bureau the time the applicant has been in business, described in whole years, as relied on or collected by the financial institution.

Disclosing time in business in the public application-level 1071 data in unmodified form would advance both the fair lending and business and community development purposes of section 1071. As discussed in greater detail above in the section-by-section analysis of proposed § 1002.107(a)(17), start-ups and new businesses play an important role in the business ecosystem, particularly with respect to job creation. Time in business data would allow data users to better identify the proportion of small businesses seeking credit that are start-ups or relatively new businesses, the types of credit that are offered and provided to start-ups and newer businesses, the geographic makeup of those businesses, the types of financial institutions that are reaching such businesses, and where communities might focus business development efforts. The data may also aid policymakers in addressing issues impacting the growth of small start-ups. The data, particularly as to unmet demand, could help interested financial institutions identify lending opportunities to reach more start-ups and new businesses, promoting both business and community development.

Disclosing time in business would also facilitate the enforcement of fair lending laws. Because lenders generally perceive younger businesses as having higher credit risk, time in business data would help ensure that users can compare applicants with similar profiles, thereby controlling for factors that might provide non-discriminatory explanations for some disparities in credit and pricing decisions.

Disclosing time in business in the 1071 data in unmodified form would likely disclose minimal, if any, information about an applicant or related natural person that may be harmful or sensitive if such person were re-identified, or that may be harmful or sensitive to an identified financial institution. During the SBREFA process, one industry commenter recommended that the Bureau delete time in business from the public application-level 1071 data, citing general concerns that the data field could facilitate re-identification and disclose previously non-public information to competitors. However, while financial institutions may use time in business data to learn more about the types of small businesses with which their competitors do business, the Bureau does not believe that disclosure would permit the reverse-engineering of a financial institution's proprietary lending models, as discussed under Risk of Harm or Sensitivity in part VI.C.4.ii above. Information about time in business is also likely to be publicly available for many businesses. Businesses typically disclose their date of establishment in public registration filings. Many commercial databases also include this information. In the Bureau's view, the existing public availability of this information decreases any potential harm or sensitivity of disclosing time in business in the public application-level 1071 data.

The Bureau has identified publicly available datasets that include data fields an adversary could directly match to the time in business data field in unmodified form in the public application-level 1071 data with respect to an applicant or related natural person. As noted above, information about time in business is found in many publicly available datasets, including State business registries and commercial databases. Therefore, in many cases, an adversary could use time in business, combined with other fields, to match a section 1071 record to an identified publicly available record. Time in business data may easily produce unique combinations, particularly when combined with other data fields in the public application-level 1071 data, and particularly for larger time in business values, which are more likely to be unique in the dataset.

If the Bureau determines that the time in business data field should be modified, it may consider recoding time in business into bins—for example, using two- or five-year intervals—to reduce the identifiability of a specific length of time in business. The Bureau could also top-code time in business at a value such as 25 years, given that larger values are more likely to be unique. With regard to the industry commenter's recommendation that the Bureau delete time in business from the public application-level 1071 data based on re-identification concerns, the Bureau's determination about whether this field should be modified or deleted will be based on the re-identification analysis that it will conduct once it receives at least a full year of actual data reported by financial institutions.

The Bureau seeks comment on this analysis. The Bureau specifically seeks comment on what intervals the Bureau should use if it were to recode time in business into bins and what value the Bureau should use if it were to top-code this data field.

xvi. Minority-Owned Business Status and Women-Owned Business Status

Proposed § 1002.107(a)(18) and (19) would require financial institutions to collect and report to the Bureau whether the applicant is a minority-owned business or a women-owned business and whether minority-owned business status or women-owned business status is being reported based on previously collected data pursuant to proposed § 1002.107(c)(2).

Disclosing women-owned and minority-owned business status in the public application-level 1071 data in unmodified form is central to furthering the fair lending purpose of section 1071 and would promote the business and community development purpose of the statute by identifying opportunities for further development of women-owned and minority-owned small businesses. In fair lending analyses, knowing whether a business is women-owned or minority-owned would help data users identify potential discriminatory lending patterns. Publishing information on women-owned or minority-owned business status in the public application-level 1071 data would help data users examine and identify potential disparities in small business lending. For example, when combined with action taken, data users would be able to identify if women-owned and minority-owned small businesses are denied for credit at disproportionate rates. In addition, when combined with pricing information, data users would be able to identify if women-owned and minority-owned businesses are receiving credit at higher prices. Additionally, these data would allow communities, governmental entities, and creditors to determine areas where women-owned and minority-owned small businesses are underserved relative to other small businesses and to focus resources to identify business and community development opportunities for women-owned and minority-owned small businesses. Disclosing women-owned and minority-owned business status could also help communities, governmental entities, and creditors determine whether or not initiatives to increase access to credit for women-owned and minority-owned businesses are succeeding.

Disclosing women-owned and minority-owned business status in the 1071 data in unmodified form would likely disclose minimal, if any, information about an applicant or related natural person that may be harmful or sensitive if such person were re-identified, or that may be harmful or sensitive to an identified financial institution. While some applicants or related natural persons may regard this information as harmful or sensitive, the Bureau believes this information generally would present low risk of harm or sensitivity. The Bureau also believes that this information already may be available to the general public, as discussed in the paragraph below, and that this information would have relatively limited utility for adversaries if an applicant or related natural person were re-identified.

However, in many cases, an adversary could use women-owned or minority-owned business status, in combination with other 1071 data, to match a section 1071 record to an identified publicly available record. The Bureau has identified publicly available datasets that include data fields an adversary could directly match to the minority- or women-owned status data fields in unmodified form in the public application-level 1071 data with respect to an applicant or related natural person. Women-owned business status and minority-owned business status is likely to be publicly available for many businesses. Many businesses also publicly register or certify with the SBA or State or local authorities as a women-owned or minority-owned business to access government programs. For example, businesses are identified as woman or minority-owned in the public loan-level SBA 7(a) and PPP data, and demographic status indicators are available in loan-level 8(a) records. Additionally, businesses' websites may have information about their owners that could be used to derive women-owned and minority-owned business status information. Private commercial databases also often contain this information, either imported from public records or estimated using software based on owner names (or both).

The Bureau invites comment on this analysis.

xvii. Ethnicity, Race, and Sex of Principal Owners and Number of Principal Owners

Proposed § 1002.107(a)(20) would require financial institutions to collect and report to the Bureau the ethnicity, race, and sex of the applicant's principal owner(s); whether ethnicity and race are being collected by the financial institution on the basis of visual observation or surname; and whether ethnicity, race, or sex are being reported based on previously collected data pursuant to proposed § 1002.107(c)(2). Unless a financial institution is permitted to report ethnicity, race, and sex information based on previously collected data pursuant to proposed § 1002.107(c)(2), a financial institution must ask an applicant about its principal owners' ethnicity, race, and sex for each application. A financial institution must permit an applicant to refuse to answer the financial institution's inquiry and report its refusal to answer the inquiry, or its failure to respond to the inquiry.

Disclosing the ethnicity, race, and sex of the applicant's principal owner(s) in the public application-level 1071 data in unmodified form would be central to furthering the fair lending purpose of section 1071 and would promote the business and community development purpose of the statute by identifying opportunities for further development of women-owned and minority-owned small businesses. In fair lending analyses, data on the ethnicity, race, and sex of an applicant's principal owner(s) would be used to identify potential risk of discrimination under fair lending laws. These data would be essential for this purpose when analyzed in conjunction with data fields such as action taken, credit amount approved or originated, and pricing. For example, when combined with the type of action taken, ethnicity, race, and sex data of an applicant's principal owner(s) would help data users identify whether women-owned and minority-owned applicants are denied at higher rates on a prohibited basis. In addition, as discussed above with women-owned and minority-owned business status, when combined with pricing information, data on ethnicity, race, and sex of an applicant's principal owner(s) would help data users identify if women-owned and minority-owned businesses are receiving credit at higher prices. In addition, because the Bureau is proposing to require that financial institutions report ethnicity and race using the aggregate categories and disaggregated subcategories listed in proposed comments 107(a)(20)-5 and -6, respectively, such data would enable data users to identify potential discrimination or challenges accessing credit by particular ethnic and racial minorities.

Data on ethnicity, race, and sex of the applicant's principal owner(s) would also be essential for the business and community development purpose of section 1071. These data would allow communities, governmental entities, and creditors to determine areas where women-owned and minority-owned small businesses are underserved relative to other small businesses. In addition, such demographic information about small business applicants would allow communities, governmental entities, and creditors to focus resources to identify business and community development opportunities for women-owned and minority-owned small businesses. For example, in conjunction with NAICS codes, these data would help data users identify challenges facing women-owned businesses and businesses owned by individuals from different ethnic and racial groups in particular industries. This information could also help communities and lenders focus investment and resources in traditionally underserved demographic groups.

In general, disclosing the ethnicity, race, and sex of the applicant's principal owner(s) in the 1071 data in unmodified form would likely disclose minimal, if any information about an applicant or related natural person that may be harmful or sensitive if such person were re-identified, or that may be harmful or sensitive to an identified financial institution. As noted similarly above for the data fields on women-owned and minority-owned business status, while some applicants or related natural persons may regard this information as harmful or sensitive, the Bureau believes this information generally would present low risk of harm or sensitivity. The Bureau also notes that this information may be already available to the general public, and that this information would have relatively limited utility for adversaries if an applicant or related natural person were re-identified.

The Bureau has identified publicly available datasets that include data fields an adversary could directly match to the ethnicity, race, and sex of the applicant's principal owner(s) data fields in unmodified form in the public application-level 1071 data with respect to an applicant or related natural person. Information about the ethnicity, race, and sex of the applicant's principal owner(s) is available to the general public in some datasets. For example, certain State business registries, including those required to access women-owned and minority-owned business programs, provide this information. Other public record databases such as for SBA 8(a) and PPP loan programs also include ethnicity, race, and sex data alongside the borrower's name. Private databases often include information about the owners of businesses, which can be used to estimate ethnicity, race, and sex based on owner name. Therefore, in many cases, an adversary could use the ethnicity, race, and sex of the applicant's principal owner(s), combined with other fields, to directly or indirectly match a section 1071 record to an identified publicly available record.

As discussed in the section-by-section analysis of proposed § 1002.107(a)(20) in part V above, the Bureau is proposing that financial institutions would report sex as described in proposed comment 107(a)(20)-7, which prescribes that financial institutions shall report sex using the following categories: “Male,” “Female,” “I prefer to self-describe” (with accompanying free-form text), and “I do not wish to provide this information.” As such, if finalized, the Bureau would permit an applicant to self-describe their sex by selecting “I prefer to self-describe” with using free-from text. As discussed in part VI.C.6.xix below, the Bureau is proposing to delete free-form text from the public application-level 1071 data. However, the Bureau seeks comment on whether there are additional specific modifications it should consider with regard to applicants who choose to self-describe their sex.

As discussed in the section-by-section analysis of proposed § 1002.107(a)(20) in part V above, the Bureau is seeking comment in this proposal about the reporting of sexual orientation and gender identity of principal owners—specifically, whether separate questions regarding sex, sexual orientation, and gender identity should be asked and, if so, what categories should be offered on the sample data collection form for use by applicants in responding to each question. The Bureau seeks comment on whether disclosing that one or more principal owners of an applicant has answered any of these questions, and how, could cause heightened sensitivity or risk of harm and whether there are specific modifications the Bureau should consider if such data points are included in the final rule.

The Bureau seeks comment on this analysis.

xviii. Financial Institution Identifying Information

Proposed § 1002.109(b) would require a financial institution to provide the Bureau with certain information with its submission of its small business lending application register: (1) Its name; (2) its headquarters address; (3) the name and business contact information of a person who may be contacted with questions about the financial institution's submission; (4) its Federal prudential regulator, if applicable; (5) its Federal Taxpayer Identification Number; (6) its LEI; (7) its RSSD ID, if applicable; (8) parent entity information, if applicable; (9) the type of financial institution that it is, indicated by selecting the appropriate type or types of institution from the list provided or entering free-form text; and (10) whether the financial institution is voluntarily reporting covered applications for covered credit transactions.

Regulation C requires financial institutions to report similar information when submitting their loan-level HMDA data. Regulation C also requires financial institutions to report the calendar year of submission and the total number of entries in their loan-level HMDA data. Regulation C does not require financial institutions to submit their headquarters address, RSSD ID, or financial institution type or indicate whether they are reporting data voluntarily. With the exception of contact information for a person who can be reached about the financial institution's submission, the information financial institutions are required to submit with their HMDA submissions under § 1003.5(a)(3) is publicly available through the FFIEC website.

Financial institution identifying information other than individual contact information. For the reasons described below, the Bureau preliminarily determines that the privacy risks of disclosing the financial institution identifying information data fields in unmodified form, other than data fields containing the information for the financial institution's point of contact for its 1071 data submission ( i.e., the name and business contact information of a person who may be contacted with questions about the submission), would be justified by the benefits of disclosure for section 1071's purposes. As such, the Bureau proposes to disclose such information to the public as reported, without modification. The Bureau seeks comment on this determination.

Disclosing the financial institution identifying information, other than individual contact information, in the public application-level 1071 data in unmodified form would facilitate the enforcement of fair lending laws. The purposes of section 1071 in large part concern evaluating the practices of individual financial institutions and disclosing their identifying information allows the public to evaluate their lending practices. Identifying their Federal regulator would also facilitate fair lending enforcement by enabling the public to communicate with the regulator in connection with administrative enforcement of fair lending laws. Disclosing RSSD ID and parent institution information would enable the public to map corporate relationships for financial institutions, which is also important for fair lending enforcement.

Disclosing financial institution identifying information, including financial institution type, would enable the public to evaluate which financial institutions are reaching underserved areas of the market and the extent to which different types of financing is available from different types of institutions. And as described more fully in the section-by-section analysis of proposed § 1002.109(b) above, financial institution identifying information would promote the fair lending and community and business development purposes of the statute by allowing users to identify financial institutions precisely and draw appropriate conclusions from the data.

Several SERs and industry commenters expressed concern that disclosing financial institution identifying information would lead to frivolous litigation and unfounded reputational risks, and would increase the cost of credit or limit credit availability for small businesses.

Disclosing financial institution identifying information in the 1071 data in unmodified form would likely disclose minimal, if any, information about an applicant or related natural person that may be harmful or sensitive if such person were re-identified. While some businesses might view their identification as an applicant as harmful or sensitive, the Bureau does not believe revealing the name of the financial institution would significantly increase such risks. In addition, this information is already largely available from other identified public records, such as UCC filings. For the same reason, the Bureau does not believe revealing the name of the financial institution would significantly increase risk of fraud or identity theft to businesses or related natural persons caused by adversaries impersonating the financial institution.

Disclosing financial institution identifying information in the 1071 data in unmodified form would not, by itself, reveal information that is harmful or sensitive, given financial institutions' commercial interests. Additionally, other public records, such as public HMDA data, tax records, and commercial databases disclose Federal Taxpayer Identification number, RSSD ID, and LEI. Disclosing financial institution identifying information in unmodified form may reveal information that financial institutions regard as harmful or sensitive, but, as discussed under Risk of Harm or Sensitivity in part VI.C.4.ii above, the Bureau does not believe that disclosure of the information in the public application-level 1071 data would permit the reverse-engineering of a financial institution's proprietary lending models. The Bureau acknowledges, however, that this information could, in some circumstances, lead to reputational risks and increased costs for financial institutions, which might be passed on to their customers in the form of increased costs or decreased access to credit.

Several SERs were concerned that publishing financial institution identifying information could increase re-identification risk of applicants and related natural persons. One industry stakeholder provided feedback that customers of captive wholesale finance companies with applicant bases limited to franchises or licensees of a particular distributor or manufacturer would face unique re-identification risks. The commenter explained that, in many instances, these applicants may be the financial institution's only customer in a particular State, or one of only a very small number of customers in the State, heightening the privacy concerns for publication of data tied to these financial institutions.

The Bureau has identified publicly available datasets that include data fields an adversary could directly match to financial institution identifying information data fields in unmodified form in the public application-level 1071 data with respect to an applicant or related natural person. Other identified public records, such as UCC filings, disclose financial institution name. Therefore, in many cases, an adversary could use identifying financial institution data fields, combined with other 1071 data fields, to match a section 1071 record to an identified public record. Because the Bureau does not intend to perform a re-identification analysis of the 1071 data fields until 1071 data are reported, it has not determined the extent to which financial institution identifying information or other data fields could contribute to record uniqueness.

With respect to concerns raised regarding captive wholesale finance companies, the Bureau acknowledges that financial institution identifying information in unmodified form in the public application-level 1071 data could, in combination with other data fields like census tract, NAICS codes, and credit type or purpose, facilitate re-identification of applicants that have a common name, without requiring that adversaries match 1071 records to other identified datasets. As discussed in the section-by-section analysis of proposed § 1002.104(b) above, the Bureau proposes to exclude trade credit and other transactions from the scope of covered credit transactions. This might eliminate some transactions involving such lenders. The Bureau seeks comment on the circumstances under which a transaction involving a captive wholesale finance company would be covered by the proposal notwithstanding the exemption.

To the extent there are such transactions, the Bureau seeks comment on the instances in which captive wholesale finance companies lend exclusively to businesses that are publicly branded in a way that can be easily matched to the identity of the financial institution. As discussed in the section-by-section analysis of proposed § 1002.109(b) above, the Bureau also seeks comment on whether a final rule could include certain categories of financial institution types that would allow the Bureau to easily identify such financial institutions in the unmodified 1071 dataset without an application-level analysis. Finally, the Bureau seeks comment on whether there are particular modification techniques that would reduce re-identification risks and risks of harm or sensitivity for applicants and related natural persons who might be re-identified in the public application-level 1071 data.

The Bureau has considered whether a modification of the 1071 data available to the public short of deleting financial institution identifying information (other than individual contact information) would appropriately balance identified privacy risks and disclosure benefits of this data field. Several SERs stated that a solution to their concerns about financial institution privacy would be for the Bureau not to release the names of financial institutions when publishing 1071 data.

The Bureau proposes to disclose financial institution identifying information, other than individual contact information, to the public as reported, without modification. The Bureau preliminarily determines that risks to privacy interests from the disclosure of this data field in unmodified form would be justified by the benefits of disclosure for section 1071's purposes. As described above, while the Bureau has not conducted a uniqueness analysis, it is very likely that disclosure of financial institution identifying information would substantially facilitate the re-identification of applicants or related natural persons. If such persons were re-identified, disclosure of other 1071 data fields would likely create a risk of harm or sensitivity. In addition, the disclosure of other proposed 1071 data fields in combination with identifying financial institution name likely would reveal information that may be harmful or sensitive to financial institutions. The Bureau nonetheless determines that these risks to privacy would be justified by the benefits of disclosure in light of section 1071's purposes.

The Bureau also seeks comment on this analysis and its proposal to disclose these fields without modification in the public application-level 1071 data.

Individual contact information. Proposed § 1002.109(b)(1)(iii) would require financial institutions to report the name and business contact information of a person who may be contacted with questions about the financial institution's submission. In contrast to the other financial institution identifying information described above, the Bureau preliminarily determines that the privacy risks of disclosure in unmodified form of this data field would not be justified by the benefits of disclosure for section 1071's purposes. As such, the Bureau proposes to delete such information from the publicly available data. The Bureau seeks comment on this determination.

Disclosing individual contact information in the public application-level 1071 data in unmodified form would enable the public to contact natural persons at financial institutions about the technical aspects of a financial institution's submission of application-level data. However, the Bureau does not believe this would promote the fair lending or community or business development purposes of section 1071 because the Bureau, not the general public, will coordinate with this person to ensure proper submission of data. Moreover, the person designated by the financial institution to respond to questions about the submission might not necessarily be designated by the financial institution for engaging with the general public.

Disclosing individual contact information in the 1071 data in unmodified form would likely not disclose any information about an applicant or related natural person if such person were re-identified. However, disclosing the name and contact information of natural persons designated by the financial institution would disclose information that may be harmful or sensitive to identified financial institutions and its employees. Financial institutions have a legitimate interest in protecting the identities of their employees from the public, consistent with their job functions, and persons identified for purposes of questions about the financial institution's submission to the Bureau might not necessarily be responsible for engaging with the general public.

The Bureau has considered whether a modification of the 1071 data available to the public other than exclusion of individual contact information would appropriately balance identified privacy risks and disclosure benefits of this data field. Because disclosure of this data field in unmodified form would not promote the purposes of section 1071 and would likely reveal information that would be harmful or sensitive to a financial institution and its employees, the Bureau does not believe there is a modification that would appropriately balance the privacy risks and disclosure benefits for this data field. Accordingly, the Bureau preliminarily determines that deleting individual contact information would appropriately balance the privacy risks and disclosure benefits of this data field.

The Bureau seeks comment on this analysis as well as its proposed deletion.

xix. Free-Form Text

Proposed § 1002.107(a) would require financial institutions to use free-form text to report certain data fields where a financial institution reports information that is not included in a list of data fields provided. Under proposed § 1002.107(a)(5), (6), (11), (12), and (20), free-form text could be used to report credit type (product and guarantee information); credit purpose; denial reasons; pricing (the interest rate index used); and ethnicity, race, and sex. ⁸⁶¹ Financial institutions also would have flexibility in describing identifying information that would be provided under proposed § 1002.109(b). Free-form text used to report ethnicity, race, and sex would be completed based on information provided by applicants; all other free-form text would be completed based on information provided by the financial institution.

Free-form text would allow the reporting of any information, including information that may be harmful or sensitive to applicants, related natural persons, and possibly the interests of financial institutions. Such information might also create a significant risk of re-identification for applicants or related natural persons. Given the expected amount of 1071 data reported each year, it will not be feasible for the Bureau to review the free-form text submitted before publishing the application-level 1071 data. The Bureau believes at this time that, under the balancing test, deleting free-form text from the public application-level 1071 data, other than with respect to the financial institution identifying information described in part VI.C.6.xviii above, would appropriately balance the benefits of disclosure with the risks to the privacy interests of applicants, related natural persons, and financial institutions.

The Bureau seeks comment on this analysis as well as its proposed deletion.

VII. Dodd-Frank Act Section 1022(b)(2) Analysis

The Bureau is considering the potential benefits, costs, and impacts of the proposed rule. The Bureau requests comment on the preliminary discussion presented below, as well as submissions of additional data that could inform the Bureau's consideration of the benefits, costs, and impacts of the proposed rule. In developing the proposed rule, the Bureau has consulted with or offered to consult with the prudential regulators (the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation, the National Credit Union Administration, and the Office of the Comptroller of the Currency), the Department of Agriculture, the Department of Housing and Urban Development, the Department of Justice, the Department of the Treasury, the Economic Development Administration, the Farm Credit Administration, the Federal Trade Commission, the Financial Crimes Enforcement Network, the Minority Business Development Agency, and the Small Business Administration regarding, among other things, consistency with any prudential, market, or systemic objectives administered by such agencies.

In the Dodd-Frank Act, which was enacted “[t]o promote the financial stability of the United States by improving accountability and transparency in the financial system,” Congress directed the Bureau to adopt regulations governing the collection of small business lending data. Under section 1071, covered financial institutions must compile, maintain, and submit certain specified data points regarding applications for credit for women-owned, minority-owned, and small businesses, along with “any additional data that the Bureau determines would aid in fulfilling the purposes of [section 1071].” Under the proposed rule, covered financial institutions would be required to collect and report the following data points: (1) A unique identifier, (2) application date, (3) application method, (4) application recipient, (5) credit type, (6) credit purpose, (7) amount applied for, (8) amount approved or originated, (9) action taken, (10) action taken date, (11) denial reasons, (12) pricing information, (13) census tract, (14) gross annual revenue, (15) NAICS code, (16) number of workers, (17) time in business, (18) minority-owned business status, (19) women-owned business status, (20) ethnicity, race, and sex of principal owners, and (21) the number of principal owners.

Under the proposed rule, financial institutions would be required to report data on small business credit applications under section 1071 if they originated at least 25 covered credit transactions in each of the two preceding calendar years. The Bureau is proposing to define an application as an oral or written request for a covered credit transaction that is made in accordance with the procedures used by a financial institution for the type of credit requested, with some exceptions. The Bureau is proposing to define the term covered credit transaction as an extension of business credit that is not an excluded transaction. Loans, lines of credit, credit cards, and merchant cash advances (including such credit transactions for agricultural purposes and those that are also covered by HMDA (that is, HMDA-reportable transactions)) would all fall within the transactional scope of this proposed rule. The Bureau is broadly proposing to not cover the following types of transactions: Factoring, leases, consumer-designated credit used for business purposes, credit secured by certain investment properties, trade credit, public utilities credit, securities credit, and incidental credit. Additionally, the Bureau is proposing that a business is a small business if and only if its gross annual revenue for its preceding fiscal year is $5 million or less.

A. Statement of Need

Congress directed the Bureau to adopt regulations governing the collection of small business lending data. Specifically, section 1071 of the Dodd-Frank Act amended ECOA to require financial institutions to compile, maintain, and submit to the Bureau certain data on applications for credit for women-owned, minority-owned, and small businesses. Congress enacted section 1071 for the purpose of facilitating enforcement of fair lending laws and enabling communities, governmental entities, and creditors to identify business and community development needs and opportunities of women-owned, minority-owned, and small businesses. The Bureau is issuing this proposed rule to implement the section 1071 mandate.

Small businesses play a key role in fostering community development and fueling economic growth both nationally and in their local communities. However, comprehensive data on loans to small businesses currently are limited. The largest sources of information on lending by depository institutions are the FFIEC and NCUA Call Reports and reporting under the CRA. Under the FFIEC Call Report and CRA reporting regimes, small loans to businesses of any size are used in whole or in part as a proxy for loans to small businesses. The FFIEC Call Report captures banks' and savings associations' total outstanding number and amount of small loans to businesses (that is, loans originated under $1 million to businesses of any size; small loans to farms are those originated under $500,000) by institution. The CRA requires banks and savings associations with assets over a specified threshold (currently $1.305 billion) to report data on loans to businesses with origination amounts of $1 million or less; reporters are asked to indicate whether the borrower's gross annual revenue is $1 million or less, if they have that information. Under the CRA, banks and savings associations report aggregate numbers and values of originations at an institution level and at various geographic levels. The NCUA Call Report captures credit unions' total originations, but not applications, on all loans over $50,000 to members for commercial purposes, regardless of any indicator about the business's size. Some federally funded loan programs, such as the SBA's 7(a) or 504 programs and the CDFI Fund require reporting of loan-level data, but only for loans that received support under those programs. Nondepository institutions do not report small business lending applications under any of these reporting regimes. There are no similar sources of information about lending to small businesses by nondepository institutions.

There are also a variety of non-governmental data sources, issued by both private and nonprofit entities, that cover small businesses and/or the small business financing market. These include datasets and surveys published by commercial data and analytics firms, credit reporting agencies, trade associations, community groups, and academic institutions. See part II.B for additional information on these sources. While these non-public sources of data on small businesses may provide a useful supplement to existing Federal sources of small business lending data, these private and nonprofit sources often do not have lending information, may rely on unverified research based on public internet sources, and/or narrowly limit use cases for parties accessing data. Further, commercial datasets are generally not free to public users and can be costly, raising equity issues for stakeholders who cannot afford access.

Under the proposed rule, covered financial institutions would be required to compile, maintain, and submit data regarding the race, sex, and ethnicity of the principal owners of the business and whether a small business is women-owned or minority-owned. No other source of data comprehensively collects this type of demographic information on small business loan applications.

Section 1071 requires financial institutions to report detailed application-level data to the Bureau, and to make it available to the public upon request. Such information will constitute a public good that illuminates the lending activities of financial institutions and the small business lending market in general. In particular, the public provision of application-level data will: (1) Provide small businesses and financial institutions with additional information to improve credit market outcomes and (2) allow members of the public, public officials, and other stakeholders to better assess compliance with antidiscrimination statutes.

First, the data made public pursuant to the proposed rule will provide information that could help to improve credit outcomes in the small business lending market. As discussed above, market-wide data on small business credit transactions is currently limited. Neither the public nor private sectors provide extensive data on credit products or terms. Small business owners have access to very little information on typical rates or products offered by different lenders. As a result, small business owners are limited in their ability to shop for the credit product that best suits their needs at the best price. The information made public pursuant to the proposed rule will provide extensive data on product types and credit terms that community development groups or commercial services could use to provide better information to small businesses. For example, a commercial provider could provide small businesses with information on what products lenders typically offer and at what rates. These data will allow small business owners to more easily compare credit terms and evaluate credit alternatives. By engaging in more informed shopping, small business owners may achieve better credit outcomes.

Furthermore, financial institutions can analyze data to understand small business lending market conditions and determine how best to provide credit to borrowers. However, financial institutions are not able to conduct very granular or comprehensive analyses because the data on small business lending are limited. The data made public pursuant to the proposed rule will allow financial institutions to better understand the demand for small business credit products and the conditions under which they are being supplied by other covered financial institutions. The data will help enable institutions to identify potentially profitable opportunities to extend credit. Small business owners, as a result, could benefit from increased credit availability.

Second, while data made public pursuant to the proposed rule may not constitute conclusive evidence of credit discrimination on its own, the data will enable members of the public, regulators, and other stakeholders to better assess compliance with antidiscrimination statutes. Application-level data that include information on business owners' race, sex, and ethnicity, as well as whether the business is women- or minority-owned, are necessary for the public to evaluate a lender's practices for potential risks of violating antidiscrimination statutes. However, as described above, there are currently no application-level data comprehensive enough or that contain the required demographic information to enable the public to conduct these kinds of analyses. The data made public pursuant to the proposed rule will be comprehensive and contain the necessary data fields for such analysis. Users will be able to examine whether, for example, a lender denies applications from women- or minority-owned businesses at higher rates than those that are not or whether these businesses are charged higher prices. This kind of transparency can place appropriate pressure on lenders to ensure that there is equity in their credit provision. Additionally, data collected under the proposed rule will contain the data fields that allow users to conduct more accurate fair lending analyses by comparing applications for credit products with similar characteristics.

B. Baseline for the Consideration of Costs and Benefits

The Bureau has discretion in any rulemaking to choose an appropriate scope of consideration with respect to potential benefits and costs and an appropriate baseline. The Bureau interpreted section 1071 to mean that obligations for financial institutions to collect, maintain, and submit data “do not arise until the Bureau issues implementing regulations and those regulations take effect.” Accordingly, this analysis considers the benefits, costs, and impacts of the major provisions of the proposed rule against a pre-section 1071 rule baseline, i.e., the current state of the world before the Bureau's section 1071 rule is implemented. Under this baseline, the Bureau assumes that institutions are complying with regulations that they are currently subject to, including reporting data under HMDA and CRA. The Bureau believes that such a baseline will also provide the public with better information about the benefits and costs of this rule.

C. Basic Approach of the Bureau's Consideration of Benefits and Costs and Data Limitations

Pursuant to section 1022(b)(2)(A) of the Dodd-Frank Act, in prescribing a rule under the Federal consumer financial laws (which include ECOA and title X of the Dodd-Frank Act), the Bureau is required to consider the potential benefits and costs to “consumers” and “covered persons,” including the potential reduction of access by consumers to consumer financial products or services resulting from such rule, and the impact of proposed rules on covered persons as described under section 1026 of the Dodd-Frank Act ( i.e., depository institutions and credit unions with $10 billion or less in total assets), and the impact on consumers in rural areas.

As mentioned above, section 1022(b)(2)(A) refers to “consumers” and “covered persons”; the Dodd-Frank Act defines the term “consumer” as an individual or someone acting on behalf of an individual, while a “covered person” is one who engages in offering or providing a “consumer financial product or service,” which means a financial product or service that is provided to consumers primarily for “personal, family, or household purposes.” In the 1071 rulemaking, however, the only parties directly affected by the rule are small businesses (rather than individual consumers) and the financial institutions from whom they seek credit (rather than covered persons). Accordingly, a section 1022(b)(2)(A) analysis that considers only the costs and benefits to individual consumers and to covered persons would not meaningfully capture the costs and benefits of the rule.

Below, the Bureau conducts the statutorily required analysis with respect to the rule's effects on consumers and covered persons. Additionally, the Bureau is electing to conduct this same analysis with respect to small businesses and the financial institutions required to compile, maintain, and submit data fields under the proposed rule. This discussion relies on data that the Bureau has obtained from industry, other regulatory agencies, and publicly available sources. However, as discussed further below, the data limit the Bureau's ability to quantify the potential costs, benefits, and impacts of the proposed rule.

1. Analysis With Respect to Consumers and Covered Persons

The proposed rule implements a data collection regime in which certain covered financial institutions must compile, maintain, and submit data with respect to applicants for credit for small businesses. The rule does not directly impact consumers or consumers in rural areas, as those terms are defined by the Dodd-Frank Act. Some covered persons, including some that are depository institutions or credit unions with $10 billion or less in total assets, will be directly affected by the rule not in their capacity as covered persons ( i.e., as offerors or providers of consumer financial products or services) but in their separate capacity as covered financial institutions that offer commercial credit. The costs, benefits, and impact of the rule on those entities are discussed below.

2. Costs to Covered Financial Institutions

Regarding the costs to covered financial institutions, the proposed rule generally establishes which financial institutions, transactions, and data points would be covered under section 1071. In order to precisely quantify the costs to covered financial institutions, the Bureau would need representative data on the operational costs that financial institutions would incur to gather and report 1071 data, one-time costs for financial institutions to update or create reporting infrastructure in response to the proposed rule, and information on the level of complexity of financial institutions' business models and compliance systems. Currently, the Bureau does not believe that data on section 1071 reporting costs with this level of granularity are systematically available from any source. The Bureau has made reasonable efforts to gather data on section 1071 reporting costs. Through outreach efforts with industry, community groups, and other regulatory agencies, the Bureau has obtained some information about potential ongoing operational and one-time compliance costs, and the discussion below uses this information to quantify certain costs of the proposed rule. The Bureau believes that the discussion constitutes the most comprehensive assessment to date of the potential costs of section 1071 reporting by financial institutions. However, the Bureau recognizes that these estimations may not fully quantify the costs to covered financial institutions, especially given the wide variation of section 1071 reporting costs among financial institutions. The Bureau continues to seek data from available sources in order to better quantify the costs to covered financial institutions.

The Bureau categorizes costs required to comply with the proposed rule into “one-time” and “ongoing” costs. “One-time” costs refer to expenses that the financial institution would incur initially and only once to implement changes required in order to comply with the requirements of the new rule. “Ongoing” costs are expenses incurred as a result of the ongoing reporting requirements of the rule, accrued on an annual basis. In considering the costs and impacts of the proposed rule, the Bureau has engaged in a series of efforts to estimate the cost of compliance by covered entities. The Bureau conducted a One-Time Cost Survey, discussed in more detail in part VII.E.1 below, to learn about the one-time implementation costs associated with implementing section 1071 and adapted ongoing cost calculations from previous rulemaking efforts. The Bureau evaluated the potential one-time costs of implementing the procedures necessary and the potential ongoing costs of annually reporting under the proposed rule in part VII.F.3 below. The discussion below provides details on the Bureau's approach in performing these institution-level analyses. The Bureau realizes that costs vary by institution due to many factors, such as size, operational structure, and product complexity, and that this variance exists on a continuum that is impossible to fully represent. In order to conduct a cost consideration that is both practical and meaningful, the Bureau has chosen an approach that focuses on three representative types of financial institutions. For each type, the Bureau has produced reasonable estimates of the costs of compliance given the limitations of the available data. Part VII.F.3 below provides additional details on this approach. More elaboration is available in the SBREFA Outline and the SBREFA Panel Report.

3. Costs to Small Businesses

The Bureau has estimated the costs to small businesses in addition to those for covered financial institutions. The Bureau expects the direct costs of the proposed rule to small businesses will be negligible, especially compared to the overall cost of credit. Therefore, the Bureau focuses its analysis on whether and how the Bureau expects financial institutions to pass on the costs of compliance with the proposed rule to small businesses and any possible effects on the availability of small business credit. According to economic theory, in a competitive framework where financial institutions are profit maximizers, the affected financial institutions would pass on to small business applicants the marginal ( i.e., variable) cost per application or origination, and either absorb the one-time and increased fixed costs of complying with the rule or exit the market if the one-time and fixed costs are sufficiently high. As discussed below, the Bureau estimates that these costs would be relatively low. Further, the Bureau received feedback through the One-Time Cost Survey process on how creditors might react to increased compliance costs due to the proposed rule. The results generally suggest that covered financial institutions will generally pass the increased cost of compliance on to small businesses and would not exit the market. The Bureau received similar feedback during the SBREFA process.

4. Benefits to Small Businesses and Covered Financial Institutions

Quantifying benefits to small businesses presents substantial challenges. As discussed above, Congress enacted section 1071 for the purpose of facilitating enforcement of fair lending laws and enabling communities, governmental entities, and creditors to identify business and community development needs and opportunities of women-owned, minority-owned, and small businesses. The Bureau is unable to readily quantify any of these benefits with precision, both because the Bureau does not have the data to quantify all benefits and because the Bureau is not able to assess completely how effective the implementation of section 1071 will be in achieving those benefits. The Bureau believes that its proposals appropriately implement the statutory mandate of section 1071 to effectuate the section's stated purposes. As discussed further below, as a data reporting rule, most provisions of the proposal would benefit small businesses in indirect ways. Nevertheless, the Bureau believes that the impact of enhanced transparency would substantially benefit small businesses. For example, the proposed rule would facilitate the detection (and thus remediation) of discrimination; promote public and private investment in certain under-served markets; and promote competitive markets. Quantifying and monetizing these benefits would require identifying all possible uses of section 1071 data, establishing causal links to the resulting public benefits, and then quantifying the magnitude of these benefits. The Bureau seeks comment on whether there are additional data sources available regarding the benefits to small businesses of the proposed rule. The Bureau is particularly interested in the quantifiable impact of increased transparency on financial institution behavior, and the need for public and private investment. The Bureau is unaware of data that would enable reliable quantitative estimates of all of these effects.

Similar issues arise in attempting to quantify the benefits to covered financial institutions. Certain benefits to covered financial institutions are difficult to quantify. For example, the Bureau believes that the section 1071 data will reduce the compliance burden of fair lending reviews for lower risk financial institutions by reducing the “false positive” rates during fair lending prioritization by regulators. The Bureau also believes that data made public pursuant to the proposed rule will allow financial institutions to better understand the demand for small business credit products and the conditions under which they are being supplied by other covered financial institutions. The Bureau believes that such benefits to financial institutions could be substantial. Nevertheless, quantifying them would require data that are currently unavailable.

In light of these data limitations, the discussion below generally provides a qualitative consideration of the benefits and impacts of the proposed rule. General economic principles, together with the limited data available, provide insight into these benefits and impacts. Where possible, the Bureau makes quantitative estimates based on these principles and the data that are available. The Bureau seeks comment on the appropriateness of the approach described above, including additional data relevant to the benefits to small businesses and covered financial institutions.

D. Coverage of the Proposed Rule

The proposed rule provides that financial institutions (both depository and nondepository) that meet all the other criteria for a “financial institution” in proposed § 1002.105(a) would only be required to collect and report section 1071 data if they originated at least 25 covered credit transactions in each of the two preceding calendar years. See proposed § 1002.105(b).

As discussed above, market-wide data on small business lending are currently limited. The Bureau is unaware of any comprehensive data available on originations for all financial institutions, which would be needed in order to precisely identify all institutions covered by the rule. To estimate coverage of the proposed rule, the Bureau uses publicly available data for two groups of financial institutions: Depository and nondepository institutions.

To estimate coverage of depository institutions, the Bureau relies on NCUA Call Reports to estimate coverage for credit unions, including for those that are not federally insured, and FFIEC Call Reports and the CRA data to estimate coverage for banks and savings associations. For the purposes of the analysis in this part VII, the Bureau estimates the number of depository institutions that would have been required to report in 2019, based on the estimated number of originations of covered products for each institution in 2017 and 2018. The Bureau accounts for mergers and acquisitions between 2017 and 2019 by assuming that any depository institutions that merged in those years report as one institution.

As discussed above, the NCUA Call Report captures data on all loans over $50,000 to members for commercial purposes, regardless of any indicator about the business's size and including number and dollar value of originations. For the purposes of estimating the impacts of the proposed rule, the Bureau uses the annual number of originated commercial loans to members reported by credit unions as a proxy for the annual number of originated covered credit transactions under the proposed rule. These are the best data available for estimating the number of credit unions that may be covered by the proposed rule. However, the Bureau acknowledges that the true number of covered credit unions may be different than what is presented here. For example, this proxy may overestimate the number of credit unions that would be covered if some commercial loans to members are not covered because the member is taking out a loan for a large business. Alternatively, this proxy may underestimate the number of credit unions that would be covered by the proposed rule if credit unions originate a substantial number of covered credit transactions with origination values under $50,000.

As discussed above, the FFIEC Call Report captures banks' and savings associations' outstanding number and amount of small loans to businesses ( i.e., loans originated under $1 million to businesses of any size; small loans to farms are those originated under $500,000). The CRA requires banks and savings associations with assets over a specified threshold ($1.322 billion as of 2021) to report loans to businesses in original amounts of $1 million or less. For the purposes of estimating the impacts of the proposed rule, the Bureau follows the convention of using small loans to businesses as a proxy for loans to small businesses and small loans to farms as a proxy for loans to small farms. These are the best data available for estimating the number of banks and savings associations that may be covered by the proposed rule. However, the Bureau acknowledges that the true number of covered banks and savings associations may be different than what is presented here. For example, this proxy would overestimate the number of banks and savings associations covered by the rule if a significant number of small loans to businesses and farms are to businesses or farms that are considered large under the definition of a small business in the proposed rule. Alternatively, this proxy would underestimate the number of banks and savings associations covered by the rule if a significant number of businesses and farms that are small under the proposed rule take out loans that are larger than $1 million or $500,000, for businesses and farms, respectively.

Although banks and savings associations reporting under the CRA are required to report the number of originations of small loans to businesses and farms, the Bureau is not aware of any comprehensive dataset that contains originations made by banks and savings associations below the CRA reporting threshold. To fill this gap, the Bureau simulated plausible values for the annual number and dollar value of originations for each bank and savings association that falls below the CRA reporting threshold for 2017, 2018, and 2019. The Bureau generated simulated originations in order to account for the uncertainty around the exact number and value of originations for these banks and saving associations. To simulate these values, the Bureau assumes that these banks have the same relationship between outstanding and originated small loans to businesses and farms as banks and savings associations above the CRA reporting threshold. First, the Bureau estimated the relationship between originated and outstanding numbers and balances of small loans to businesses and farms for CRA reporters. Then the Bureau used this estimate, together with the outstanding numbers and balances of small loans to businesses and farms of non-CRA reporters, to simulate these plausible values of originations. The Bureau has documented this methodology in more detail in its Supplemental estimation methodology for institutional coverage and market-level cost estimates in the small business lending data collection notice of proposed rulemaking released concurrently with this proposal.

Below, the Bureau reports a range of values for the estimated number of depository institutions covered under the proposed rule. The range represents a 95 percent confidence interval over the number of credit unions, banks and savings associations that would be covered under the proposed rule. The Bureau presents this range to reflect the uncertainty associated with the estimate and notes that the uncertainty is driven by the lack of data on originations by banks and savings associations below the CRA reporting threshold.

The Bureau estimates that about 992 nondepository institutions will be covered by the proposed rule: About 340 nondepository CDFIs; about 100 MCA providers; about 30 fintech companies; about 300 commercial finance companies; about 100 governmental lending entities; about 50 nondepository mortgage providers; and 72 Farm Credit System members. See part II.D above for more detail on how the Bureau arrived at these estimates.

Based on 2019 data from FFIEC and NCUA Call Reports and the CRA data, using the methodology described above, the Bureau estimates that the number of depository institutions that would be required to report under the proposed rule would be between approximately 4,000 and 4,200. The Bureau estimates that between 3,600 and 3,800 banks and savings associations and about 400 credit unions would be required to report under the proposed rule.

The Bureau has attempted to use the best available data and methods to estimate the number of financial institutions that would be covered by the proposed rule. The Bureau seeks comment on whether there are additional data sources that could provide better estimates of coverage. The Bureau also seeks comment on its Supplemental estimation methodology for institutional coverage and market-level cost estimates in the small business lending data collection notice of proposed rulemaking describing the methods used to estimate coverage.

E. Methodology for Generating Cost Estimates

The Bureau used previous HMDA rulemaking estimates as the basis for its review of 1071 data collection and reporting tasks that would impose one-time and ongoing costs. In developing its ongoing cost methodology to estimate the impacts of its 2015 HMDA final rule, the Bureau used interviews with financial institutions to understand the processes of complying with a regulation that requires collecting and reporting credit application data and to generate estimates of how changes to the reporting requirements would impact the ongoing costs of collecting and reporting mortgage application data. To analyze the potential impacts of this proposed rule, the Bureau adapted its methodology from its HMDA rulemaking activities to the small business lending market.

The Bureau expects that the tasks required for data collection, checking for accuracy, and reporting under the proposed rule would be similar to those under HMDA. The similarities in data collection and reporting tasks allowed the Bureau to leverage its previous rulemaking experience in its analysis of the potential impacts of this proposed rule.

However, there are significant differences between the home mortgage and small business lending market. For example, small business lending is generally less automated, and has a wider variety of products, smaller volumes, and smaller credit amounts. The Bureau used the SBREFA process, research using publicly available information, and the Bureau's general expertise regarding the small business lending market to determine how these differences would change the tasks required for data collection, checking for accuracy, and reporting.

During the HMDA rulemaking process, the Bureau identified seven key aspects or dimensions of compliance costs with a data collection and reporting rule: (1) The reporting system used; (2) the degree of system integration; (3) the degree of system automation; (4) the tools for geocoding; (5) the tools for performing completeness checks; (6) the tools for performing edits; and (7) the compliance program. The Bureau assumes that financial institutions will set up their 1071 reporting in a manner similar to how HMDA reporting was implemented. The Bureau presented this list of key aspects or dimensions of compliance costs in its SBREFA Outline, but did not receive specific feedback or suggestions about these areas of compliance costs.

The Bureau found during the HMDA rulemaking process that, generally, the complexity of a financial institution's approach across dimensions was consistent—that is, a financial institution generally would not use less complex approaches on some dimensions and more complex approaches on others. This allowed the Bureau to classify financial institutions, including depository institutions and nondepository institutions, into three broad tiers according to the overall level of complexity of their compliance operations. Using very similar assumptions to HMDA, the Bureau's estimation of the costs of this proposed rule also assumed that complexity across dimensions of a financial institution's small business lending data collection and reporting system is consistent.

Table 3 below summarizes the typical approach to those seven key aspects or dimensions of compliance costs across three representative types of financial institutions based on level of complexity in compliance operations. Financial institutions that are Type A have the lowest level of complexity in compliance operations, while Type B and Type C have the middle and highest levels of complexity, respectively.

In previous HMDA rulemakings, the Bureau found that the number of loan applications received was largely correlated with overall complexity of financial institutions' compliance operations. The Bureau used this observation from HMDA, in addition to early outreach to financial institutions and data from Call Reports and publicly available data from the CDFI Fund, to generate assumptions about the number of annual small business lending applications processed by each FI type. The Bureau assumes that Type A FIs receive fewer than 300 applications per year, Type B FIs receive between 300 and 2,000 applications per year, and Type C FIs receive more than 2,000 applications per year. The Bureau assumes that, for types A and B, one out of two small business applications will result in an origination. Thus, the Bureau assumes that Type A FIs originate fewer than 150 products per year and Type B FIs originate between 150 and 1,000 products per year. The Bureau assumes that Type C FIs originate one out of three applications and more than 1,000 per year.

The Bureau understands that costs vary by financial institution due to many factors, such as size, operational structure, and product complexity. Due to data limitations, the Bureau is unable to capture many of the ways in which costs vary by institution, and therefore uses these representative financial institutions with the above assumptions for its analysis. In order to aggregate costs to a market level, the Bureau must map financial institutions onto its types using discrete volume categories.

For the ongoing costs discussion in part VII.F.3.ii below, the Bureau discusses costs in the context of representative institutions for ease of exposition. The Bureau assumes that a representative Type A FI receives 100 small business credit applications per year, a representative Type B FI receives 400 applications per year, and a representative Type C FI receives 6,000 applications per year. The Bureau further assumes that a representative Type A FI originates 50 covered credit transactions per year, a representative Type B FI originates 200 covered credit transactions per year, and a representative Type C FI originates 3,000 covered credit transactions per year.

The Bureau presented an earlier version of this cost calculation methodology in the SBREFA Outline and during the SBREFA process. In general, SERs provided minimal feedback on the overall structure of the categorization of financial institutions and activities required to collect, check, and report data under the proposed rule. The Bureau has made two changes to its methodology in response to SER feedback. One SER stated that the methodology would benefit from an additional category of complexity between Types B and C. To address this issue, while the Bureau did not add an additional category of complexity, it has increased the number of applications assumed for Type A FIs and Type B FIs so that these institutions cover more of the small business credit market. The Bureau has adjusted the categories of applications for Type A FIs and Type B FIs to 100 and 400 (from 75 and 300, respectively). Several SERs also suggested that the ratio of applications per originated loans used in the SBREFA Outline was too high. The Bureau has accordingly updated its assumptions to assume two applications per origination (instead of its original three-to-one ratio) for Type A FIs and Type B FIs.

The Bureau seeks comment on its methodologies, as described in this part VII.E (including parts VII.E.1, VII.E.2, and VII.E.3 below), for estimating one-time costs of implementation, estimating ongoing costs of implementation, and generating market-level estimates of one-time and ongoing costs.

1. Methodology for Estimating One-Time Costs of Implementation of the Proposed Rule

The Bureau has identified the following eight categories of one-time costs that would likely be incurred by financial institutions to develop the infrastructure to collect and report data under the proposed rule:

1. Preparation/planning

2. Updating computer systems

3. Testing/validating systems

4. Developing forms/applications

5. Training staff and third parties (such as dealers and brokers)

6. Developing policies/procedures

7. Legal/compliance review

8. Post-implementation review of compliance policies and procedures

Conversations with financial institutions have informed the Bureau's understanding of one-time costs. Financial institutions will likely have to spend time and resources understanding the regulation, developing the required policies and procedures for their employees to follow, and engaging a legal team to review their draft policies and procedures. Additionally, financial institutions may require new equipment, such as new computer systems that can store and check the required data points; new or revised application forms or related materials to collect any data that would be required under the proposed rule that they do not currently collect, including minority-owned and women-owned business status and the ethnicity, race, and sex of applicants' principal owners, and to provide any related disclosures required by the rule. Some financial institutions mentioned that they may store, check, and report data using third-party providers such as Fiserv, Jack Henry, LaserPro, or Fidelity Information Systems (FIS), while others may use more manual methods of data storage, checking, and reporting using software applications such as Microsoft Excel. Financial institutions would also engage in a one-time training of all small business lending staff to ensure that employees understand the new policies and procedures. After all new policies and procedures have been implemented and systems/equipment deployed, financial institutions will likely undertake a final internal review to ensure that all the requirements of the section 1071 regulation have been satisfied.

The Bureau presented the one-time cost categories in the SBREFA Outline and during the SBREFA process. The SERs generally confirmed that the eight categories listed above accurately capture the components of one-time costs.

The Bureau conducted a survey regarding one-time implementation costs for section 1071 compliance targeted at FIs who extend small business credit. The Bureau developed the survey instrument based on guidance from industry on the potential types of one-time costs institutions might incur if required to report under a 1071 rule and tested the survey instrument on a small set of FIs, incorporating their feedback prior to implementation. Estimates from survey respondents form the basis of the Bureau's estimates for one-time costs in assessing the potential impact of this proposed rule. The survey was broadly designed to ask about the one-time costs of reporting data under a regime that only includes mandatory data points, uses a reporting structure similar to HMDA, uses the Regulation B definition of an “application,” and uses the respondent's own internal small business definition. The survey was divided into three sections: Respondent Information, One-Time Costs, and the Cost of Credit to Small Entities.

In the Respondent Information section, the Bureau obtained basic information about the respondent, including information on the type of institution, its size, and its volume of small business lending. (The Bureau did not, however, obtain the actual name or other directly identifying information about respondents.) The One-Time Costs section of the survey measured the total hours, staff costs, and non-salary expenses associated with the different tasks comprising one-time costs. Using the reported costs of each task, the Bureau estimated the total one-time cost for each respondent. The Cost of Credit to Small Entities section dealt with the respondent's anticipated response to the increased compliance costs of being covered by the rule in order to understand the impacts of the regulation on its small business lending activity, including any anticipated potential changes to underwriting standards, volume, prices, product mix, or market participation.

The Bureau worked with several major industry trade associations to recruit their members to respond to the survey. A total of 105 financial institutions responded to the survey.

To estimate one-time costs, the Bureau needed information on a financial institution's one-time costs by category and number of originations. Of the 105 total respondents, 49 answered these questions. The Bureau will henceforth refer to these respondents as the “cost estimation sample.” Of these respondents, 42 (86 percent) self- reported that they were a depository institution (bank or credit union). The remaining seven (14 percent) were nondepository institutions. Table 4 presents the self-reported asset size of the 42 depository institution respondents in the cost estimation sample.

For the purposes of estimating one-time costs, the Bureau distinguishes between depository institutions and nondepository institutions. The majority of nondepository institutions are not currently subject to any data reporting requirements, with the notable exception of nondepository CDFIs. The Bureau anticipates that covered financial institutions that are not currently subject to data reporting requirements will need to make more changes to their existing business operations in order to comply with the requirements of the new rule. This expectation is confirmed by the higher estimated one-time costs for nondepository institutions relative to depository institutions discussed in part VII.F.3.i.

The Bureau categorizes depository institution respondents in the cost estimation sample into four groups according to the respondents' self-reported total originations. The first group contains the two depository institutions that reported fewer than 25 originations; the Bureau assumes these institutions would not report under the proposed rule. The second group contains ten depository institutions that reported between 25 and 149 originations. The Bureau categorizes these as Type A DIs (that is, a DI that is Type A as defined above.) The third group contains the 19 depository institutions that reported between 150 and 999 originations. The Bureau categorizes these as Type B DIs. The final group contains the 11 depository institutions that reported 1,000 or more originations. The Bureau categorizes these as Type C DIs.

There are not enough nondepository institutions in the cost estimation sample to separate nondepository institutions into Types A, B, and C and obtain meaningful estimates. Instead, the Bureau is relying on the assumption that nondepository institutions (referred to as Non-DIs for purposes of this analysis) will incur the same one-time costs regardless of complexity.

The Bureau estimated the one-time costs for each of the four categories of financial institutions (Type A DI, Type B DI, Type C DI, and Non-DI) using the following methodology.

For each of the eight categories of one-time costs, the Bureau asked financial institutions to estimate and report the total number of hours that junior, mid-level, and senior staff would spend on each task, along with any additional non-salary expenses. If a respondent did not provide estimates for any component ( i.e., staff hours or non-salary expenses) of any category, it is not counted as part of the cost estimation sample. If a respondent provided estimates for some components but did not provide an estimate for a particular component ( e.g., non-salary expenses for preparation/planning) then the Bureau assumed that the respondent estimated zero for that component.

The Bureau asked survey respondents to report the average hourly wage for junior, mid-level, and senior/executive staff involved in the one-time cost categories. However, for the purposes of estimating one-time costs, the Bureau assumed a constant wage across financial institutions for each level of staff. For junior staff, the Bureau used $16.18, the 10th percentile hourly wage estimate for “loan officers” according to the 2020 Occupational Employment Statistics compiled by the Bureau of Labor Statistics. For mid-level staff, the Bureau used $36.99, the mean hourly wage estimate for “loan officers.” For senior staff, the Bureau used $64.35, the 90th percentile hourly wage estimate for “loan officers.” To account for non-monetary compensation, the Bureau also scaled these hourly wages up by 43 percent. The Bureau assumed a total hourly compensation of $23.14 for junior staff, as compared to $28.76, the mean of the junior wages reported by respondents. The Bureau assumed a total hourly compensation of $52.90 for mid-level staff, as compared to $48.94, the mean of the mid-level wages reported by respondents. The Bureau assumed a total hourly compensation of $92.02, as compared to $90.19, the mean of the senior/executive wages reported by respondents.

For each respondent in the cost estimation sample, the Bureau calculated the cost of each one-time cost category as the sum of the junior wage multiplied by the reported junior hours, the mid-level wage multiplied by the reported mid-level hours, and the senior wage multiplied by the reported senior hours and the reported non-salary expenses. The total cost for the respondent was the sum of the costs across all eight categories.

After calculating the total costs for each respondent, the Bureau identified outliers within the four groups of financial institutions (Type A DI, Type B DI, Type C DI, and Non-DI) using the interquartile range method, a standard outlier identification method. For each group of financial institutions, an observation is considered an outlier if the estimated total cost is greater than 1.5*(P₇₅ −P₂₅) + P₇₅ or less than P₂₅ −1.5*(P₇₅ −P₂₅) where P₇₅ and P₂₅ are the 75th and 25th percentiles, respectively, of total costs within that group. Using this method, the Bureau identified one outlier in each Type A DI, Type B DI, and Type C DI group and no outliers in the Non-DI group.

In addition to the total estimated one-time costs, the Bureau is interested in the hours, non-salary expenses, and total costs associated with each of the different one-time cost categories. For each group, the Bureau estimated each component of one-time costs by taking the mean of the estimated component within the group, after excluding outliers. For example, the estimated number of junior hours required by DIs of Type A to update computer systems is the mean number of junior hours reported by the nine DIs of Type A that were in the cost estimation sample, excluding one outlier. The Bureau estimated the cost associated with each category as the sum of the junior wage multiplied by the estimated junior hours, the mid-level wage multiplied by the estimated mid-level hours, and the senior wage multiplied by the estimated senior hours, and the estimated non-salary expenses.

2. Methodology for Estimating Ongoing Costs of Implementation of the Proposed Rule

The Bureau identified 15 specific data collection and reporting activities that would impose ongoing costs. Table 5 presents the full list of 15 activities. Activities 1 through 3 can broadly be described as data collection activities: These tasks are required to intake data and transfer it to the financial institution's small business data entry system. Activities 4 through 10 are related to reporting and resubmission: These tasks are required to collect required data, conduct internal checks, and report data consistent with the proposed rule. Activities 11 through 13 are related to compliance and internal audits: Employee training, and internal and external auditing procedures required to ensure data consistency and reporting in compliance with the rule. Finally, activities 14 and 15 are related to 1071 examinations by regulators: These tasks will be undertaken to prepare for and assist during regulatory compliance examinations.

Table 6 provides an example of how the Bureau calculated ongoing compliance costs associated with each compliance task. The table shows the calculation for each activity and notes whether the task would be a “variable cost,” which would depend on the number of applications the institution receives, or a “fixed cost” that does not depend on the number of applications. Table 6 shows these calculations for a Type A FI, or the institution with the least amount of complexity. Table 7 below summarizes the activities whose calculation differs by institution complexity and shows the calculations for Type B FIs and Type C FIs (where they differ from those for a Type A FI).

Many of the activities in Table 6 require time spent by loan officers and other financial institution employees. To account for time costs, the calculation used the hourly compensation of a loan officer multiplied by the amount of time required for the activity. The Bureau used a mean hourly wage of $36.99 for loan officers, based on data from the Bureau of Labor Statistics. To account for non-monetary compensation, the Bureau scaled this hourly wage by 43 percent to arrive at a total hourly compensation of $52.90 for use in these calculations. The Bureau used assumptions from its 2015 HMDA final rule analysis, updated to reflect differences between mortgage lending and small business lending, to estimate time spent on “ongoing tasks.” As an example of a time calculation, the Bureau estimated that transcribing the required data points would require approximately 11 minutes per application for a Type A FI. The calculation multiplied the number of minutes by the number of applications and the hourly compensation to arrive at the total cost, on an annual basis, of transcribing data. As another example, the Bureau estimated that ongoing training for loan officers to comply with a financial institution's 1071 policies and procedures would take about two hours per loan officer per year. The cost calculation multiplies the number of hours by the number of loan officers and by the hourly compensation.

To arrive at the amount of time required per application for each of the 15 tasks covered financial institutions would conduct to collect, check, and report 1071 data, the Bureau began with the assumptions made for each task for the 35 data points under the 2015 HMDA final rule and then adjusted these required times relative to the number of data points required under the proposed 1071 rule. The proposed rule would require covered financial institutions to collect 21 data points for each covered application. Several of these data points have multiple components. For example, the credit type data point has three subcomponents of product type, the type of guarantee, and the term. The data points for pricing information and the ethnicity, race, and sex of principal owners also have multiple subcomponents.

Some activity costs in Table 6 depend on the number of applications. It is important to differentiate between these variable costs and fixed costs because the type of cost impacts whether and to what extent covered institutions might be expected to pass on their costs to small business loan applicants in the form of higher interest rates or fees (discussed in more detail in part VII.F.4 below). Data collection, reporting, and submission activities such as geocoding data, standard annual edits and internal checks, researching questions, and resolving question responses are variable costs. All other activities are fixed cost because they do not depend on the overall number of applications being processed. An example of a fixed cost calculation is exam preparation, where the hourly compensation is multiplied by the number of total hours required by loan officers to prepare for 1071-related compliance examinations.

Table 7 shows where and how the Bureau assumed Type B FIs and Type C FIs differ from Type A FIs in its ongoing cost methodology. Type B FIs and Type C FIs use more automated procedures, which result in different cost calculations. For example, for Type B FIs and Type C FIs, transferring data to the data entry system and geocoding applications are done automatically by business application data management software licensed annually by the financial institution. The relevant address is submitted for geocoding via batch processing, rather than done manually for each application. The additional ongoing geocoding costs reflect the time spent by loan officers on “problem” applications—that is, a percentage of overall applications that the geocoding software misses—rather than time spent on all applications. However, Type B FIs and Type C FIs have the additional ongoing cost of a subscription to a geocoding software or service as well as a data management software that represents an annual fixed cost of reporting 1071 application data. This is an additional ongoing cost that less complex Type A FIs will not incur. The Bureau expects that Type A FIs will use free geocoding software available from the FFIEC or the Bureau, which may include a new batch function that could be developed by either the FFIEC or the Bureau.

Additionally, audit procedures differ between the three representative institution types. The Bureau expects a Type A FI would not conduct an internal audit but would pay for an annual external audit. A Type B FI would be expected to conduct a simple internal audit for data checks and also pay for an external audit on an annual basis. Type C FIs would have a sophisticated internal audit process in lieu of an external audit.

Table 8 below shows major assumptions that the Bureau made for each activity for each type of financial institution. Table 8 provides the total number of hours the Bureau assumes are required for each task that requires labor. For example, the Bureau assumes that transcribing data for 100 applications will require 18 hours of labor. The table also shows the assumed fixed cost of software and audits, as well as areas where the Bureau assumes there will be cost savings due to technology. In several cases, the activity does not apply to financial institutions of a certain type, and are therefore not displayed.

3. Methodology for Generating Market-Level Estimates of One-Time and Ongoing Costs

To generate market-level cost estimates, the Bureau relied on the estimates of the volume of small business lending originations described in part VII.D above. As with institutional coverage, the Bureau separates market-level cost estimates into estimates for depository institutions and for nondepository institutions.

For depository institutions, the Bureau estimated which institutions of those that existed at the end of 2019 would likely be covered or not covered by the proposed rule. An institution would be required to report data on applications received in 2019 if it originated at least 25 covered originations in each of the preceding two years ( i.e., 2017 and 2018). If two depository institutions merged between the end of 2017 and the end of 2019, the Bureau assumes that those institutions would report as one entity. The Bureau then categorized each institution as a Type A DI, Type B DI, or Type C DI based on its originations in 2019. Depository institutions with 0 to 149 covered originations in 2019 are categorized as Type A. Depository institutions with 150 to 999 covered originations are categorized as Type B. Depository institutions with 1,000 or more covered originations are categorized as Type C. For each depository institution, the Bureau assigns the appropriate estimated one-time cost, ongoing fixed cost, ongoing variable cost per application, and applications per origination estimates associated with its institution type. The estimated number of annual applications for each institution is the estimated number of originations multiplied by the number of applications per origination for that institution type. The annual ongoing cost for each institution is the ongoing fixed cost plus the ongoing variable cost per application multiplied by the estimated number of applications.

To generate market-level estimates, the Bureau first calculates the estimated one-time and annual ongoing costs for each depository institution covered by the proposed rule based on the estimated number of originations for that institution in 2019. The Bureau then sums over the covered depository institutions to find market-level statistics of total costs. As with coverage estimates, the Bureau presents a range of estimates for market-level statistics. The range reflects the uncertainty associated with the estimate of costs for banks and savings associations below the CRA reporting threshold. The Bureau has documented how it calculated these ranges in its Supplemental estimation methodology for institutional coverage and market-level cost estimates in the small business lending data collection notice of proposed rulemaking.

The Bureau is unaware of institution-level data on originations by nondepository institutions that are comprehensive enough to estimate costs using the same method as that for depository institutions. Therefore, to generate market-level estimates for nondepository institutions, the Bureau relies on the estimates discussed above and several key assumptions. The Bureau assumes that fintech lenders and MCAs are Type C FIs because they generally have more automated systems and originate more products. The Bureau assumes that the remaining nondepository institutions are Type B FIs. The Bureau assumes that each nondepository receives the same number of applications as the representative institution for each type, as described above. Hence, the Bureau assumes that fintech lenders and MCAs each receive 6,000 applications per year and all other nondepository institutions receive 400 applications per year. As explained above, the Bureau also assumes that all nondepository institutions have the same one-time costs.

F. Potential Benefits and Costs to Covered Financial Institutions and Small Businesses

1. Benefits to Small Businesses

The proposed rule could benefit small businesses by collecting data that further the two statutory purposes of section 1071. Those purposes are to facilitate the enforcement of fair lending laws and enable communities, governmental entities, and creditors to identify business and community development needs and opportunities of women-owned, minority-owned, and small businesses. Some of the benefits to small businesses discussed below stem from the public release of the data collected under the proposed rule. As discussed in more detail in part VI, the Bureau is proposing to exercise its discretion under ECOA section 704B(e)(4) to delete or modify data collected under section 1071 which are or will be available to the public where the Bureau determines that the deletion or modification of the data would advance a privacy interest. The below discussion considers the benefits of unmodified data released for public consumption, but the Bureau acknowledges that the benefits derived from public disclosure may be lower if modifications are made that reduce the utility of the public dataset.

Data collected under the proposed rule would constitute the largest and most comprehensive data in the United States on credit availability for small businesses. These data would provide important insight into possible discriminatory lending patterns in the small business lending market. Regulators could use the data to gauge fair lending risks and prioritize examinations of lenders that have a higher likelihood of violating antidiscrimination statutes. This would lead to a more efficient use of government resources in enforcing fair lending provisions. Furthermore, the public nature of the dataset would allow for members of the public to review the public dataset for possible violations of antidiscrimination statutes. The increased ability to perform fair lending analyses would benefit women-owned and minority-owned small businesses both directly, in the form of remediation when lenders ultimately are found to have violated fair lending laws, and indirectly, with increased access resulting from the scrutiny placed on financial institutions.

Central to the fair lending benefit of the dataset is the proposed collection of the action taken data point. Existing datasets that collect transaction-level data only contain data on originated small business loans. Application-level data, combined with the collection of action taken data, could allow users to construct approval or denial rates, for example, for particular lenders. Such analyses could indicate whether, for example, women-owned or minority-owned small businesses are being denied credit at higher rates than other small businesses.

The proposed rule would also include several data points on the pricing of covered credit transactions that are originated or approved but not accepted. Data users could examine, for example, whether women-owned or minority-owned small businesses are charged higher interest rates, origination charges, or initial annual charges than similarly situated businesses that are not women- or minority-owned. The proposed rule would also require information on prepayment penalties, which is an area of increasing concern due to the potential for predatory lending practices. Users could examine whether women-owned or minority-owned small firms are more likely to have prepayment penalties on extended credit.

Several data points included in the proposed rule would contribute to more accurate fair lending analyses by allowing users to compare credit products with similar characteristics. For example, there are likely differences in approval rates and prices for covered credit transactions based on credit amount applied for and approved, all three aspects of credit type (type of credit product, types of guarantees, and loan term), and credit purpose, since these factors influence the risk of extending credit. Many creditors also consider characteristics about the small business, such as industry, gross annual revenue, or time in business during their underwriting or pricing processes. Supply and demand for small business credit also varies over time and by location, so the inclusion of census tract, application date, and action taken date could lead to more accurate analyses. More accurate screening for fair lending risk would, for example, reduce the false positive rate observed during fair lending prioritization and increase the efficiency of fair lending reviews.

Creditors would also likely use the data to understand small business lending market conditions more effectively and at a more granular level than is possible with existing data sources, such as Call Reports, data from public lending programs, or privately purchased data. Data collected under the proposed rule, combined with the institution's existing information on the small business lending market, could help creditors to identify potentially profitable opportunities to extend credit. For example, creditors could use the census tract information to find areas of high credit demand into which they could consider expanding. Small business owners would benefit from increased credit availability.

Governmental entities will likely use the data to develop solutions that achieve policy objectives. For example, loan guarantees provided by the SBA's 7(a) and 504 programs are designed to increase the availability of business credit for businesses that otherwise have difficulty accessing credit. Governmental entities could use the comprehensive data on applications for covered credit transactions collected under the proposed rule to identify additional opportunities to create new—or tailor existing—programs to advance their small business lending policy objectives.

The data collected under the proposed rule would be the most extensive data on credit access for women-owned and minority-owned small businesses, and such information will help various data users in understanding the needs and opportunities of women-owned and minority-owned small businesses. For example, governmental entities often create programs that specifically target women-owned and minority-owned businesses, such as those that reserve government contracts, those that provide grants, or those specifically targeted at women-owned and minority-owned small firms. Governmental entities could use data collected under the proposed rule to alter existing programs or create new ones to meet the needs of these business owners. Private lenders could also use the data to find untapped markets of credit demand from women-owned and minority-owned small businesses.

As one of the premier data sources on the small business credit market, data collected under the proposed rule would also facilitate rigorous academic research. HMDA data, which are similar in many ways to the data that will be collected under the proposed rule, have been analyzed in many scholarly publications. The data collected under section 1071 will provide academics and other researchers a clearer window into potential discrimination in the small business credit market, as well as a better understanding of small business credit market trends and dynamics. Like in the case of HMDA, data collected under the proposed rule will be more broadly used to understand how business owners make borrowing decisions, respond to higher prices, and respond to risk.

The proposed data points would provide the above benefits in several ways. The action taken and pricing information data points would allow various entities to monitor the tightness of the small business credit market and identify areas where there are high denial rates for small business credit or where it is provided only at high cost, especially to women-owned or minority-owned small businesses. Data on census tract, NAICS code, gross annual revenue, and number of workers will provide insight into the availability of small business credit by geography, industry, and business size. Credit type and credit purpose would provide more information on how small women-owned and minority-owned businesses use credit and whether their use differs from that of other small businesses. Time in business information would allow data users to understand the credit needs of young small businesses, and specifically young women-owned and minority-owned small businesses. Recent research has shown that women-owned and minority-owned businesses face different financing challenges early in the business lifecycle than other firms, primarily driven by less access to external financing.

The Bureau seeks comment on its analysis of potential benefits to small businesses as described herein.

2. Benefits to Covered Financial Institutions

The proposed rule would provide some benefits to some covered financial institutions— i.e., the financial institutions that would be required to collect and report 1071 data on small business applications for credit. The first is some reduction of the compliance burden of fair lending reviews for lower risk financial institutions, by reducing the “false positive” rates during fair lending review prioritization by regulators. Currently, financial institutions are subject to fair lending reviews by regulators to ensure that they are complying with the ECOA in their small business lending processes. Data reported under the proposed rule would allow regulators to prioritize fair lending reviews of financial institutions with higher risk of fair lending violations, which reduces the burden on institutions with lower fair lending risk. Covered financial institutions would also be able to use the data to monitor, identify, and address their own fair lending risks and thereby avoid liability from enforcement actions and adverse exam findings requiring remedial action.

The proposed data collection could also provide an unprecedented window into the small business lending market, and such transparency may benefit financial institutions covered by the rule. Comprehensive information on small business credit applications and originations are currently unavailable. The data made public pursuant to the proposed rule could allow financial institutions to better understand the demand for small business credit products and the conditions under which they are being supplied by other covered financial institutions.

The Bureau seeks comment on its analysis of potential benefits to covered persons as described herein.

3. Costs to Covered Financial Institutions

i. One-Time Costs to Covered Financial Institutions

Using the methodology described in part VII.E.1 above, Table 9 shows the estimated total expected one-time costs for financial institutions covered by the proposed rule as well as a breakdown by the eight component categories that comprise the one-time costs for Type A DIs, Type B DIs, and Type C DIs, and Non-DIs.

Table 10 shows the estimated number of junior, mid-level, and senior staff hours and non-salary expenses for each component activity for Type A DIs. Tables 11 through 13 show the same estimates for Type B DIs, Type C DIs and Non-DIs respectively. As discussed above, the Bureau estimates all one-time costs to covered financial institutions using the One-Time Cost Survey results.

The Bureau estimates that updating computer systems would be the biggest driver of one-time costs for Type A DIs, and Type B DIs and Non-DIs. Type A DIs and Type B DIs would be expected to spend similar amounts on updating computer systems, but Type A DIs would rely somewhat more on staff.

The Bureau expects that Non-DIs would have the highest one-time costs and the highest costs to update computer systems. To update computer systems, Non-DIs would rely on mid-level staff hours and third-party vendors. Non-DIs would also spend relatively more on preparation and planning than Type A DIs or Type B DIs. These estimates are consistent with the expectation that Non-DIs will incur higher costs because they are less likely to already report data to regulators.

The Bureau estimates that the biggest drivers of one-time costs for Type C DIs would be preparation and planning and post-implementation review. These depository institutions would generally rely on mid-level staff hours to implement the required one-time changes and, in particular, would rely on mid-level staff hours for these two key activities. The Bureau estimates that Type C DIs will spend the most of all financial institution types on staff hours to implement one-time changes and the least on non-salary expenses.

The Bureau estimates that one-time costs would be higher for Type A DIs than for Type B DIs. These two types of depository institutions have similar estimated costs for most activities, but Type A DIs are expected to spend more on testing/validating systems and legal/compliance review.

These estimates are generally consistent with feedback from SERs during the SBREFA process. Several SERs stated that changes to their computer systems would contribute to their one-time costs. However, some SERs estimated larger one-time costs than the Bureau and others estimated smaller one-time costs. One SER (a commercial finance company) said that many financial institutions in their industry have no experience reporting data such as will be required under the 1071 rule and that their current developer estimates that the costs just to develop, test, and integrate their system could be up to $200,000. Another SER (a fintech) stated that they do not anticipate any one-time costs. Two SERs estimated that one-time costs would be between $15,000 and $25,000 without a detailed breakdown of those costs. One SER provided a detailed breakdown of costs and estimated that total one-time costs would be $27,000.

As mentioned above, the Bureau realizes that one-time costs vary by institution due to many factors, and that this variance exists on a continuum that is impossible to fully represent. The Bureau focuses on representative types of financial institutions in order to generate practical and meaningful estimates of costs. As a result, the Bureau expects that individual financial institutions would have slightly different one-time costs than the average estimates presented here.

The One-Time Cost Survey instructed respondents to assume that covered institutions would be required to report data at the application level on small business financing that constitutes “credit” for purposes of ECOA for the 13 statutorily mandated data points one time per year, and be responsible for validating the accuracy of all data. Respondents were further instructed to use their own institution's internal definition of small business, assume the Regulation B definition of an application, and assume a reporting structure similar to that under HMDA. Finally, respondents were instructed to not include any costs associated with creating a firewall. As such, respondents estimated one-time costs assuming that the proposed rule would be different in some ways from what the Bureau has ultimately proposed here. One SER provided feedback during the SBREFA Panel that it was hard to estimate one-time costs in the survey without knowing all the details of the proposed rule.

The Bureau estimates that the overall market impact of one-time costs for depository institutions would be between $218,000,000 and $229,000,000. Using a 7 percent discount rate and a five-year amortization window, the annualized one-time costs for depository institutions would be $53,200,000 to $55,800,000. The Bureau estimates that the overall market impact of one-time costs for nondepository institutions would be $94,400,000. Using a 7 percent discount rate and a five-year amortization window, the annualized one-time costs for nondepository institutions would be $23,000,000. As a frame of reference for these market-level one-time cost estimates, the estimated total non-interest expenses from the FFIEC and NCUA Call Reports for depository institutions that the Bureau estimates would be covered under the proposed rule was about $439 billion in 2019. The upper bound estimate of total one-time costs is approximately 0.05 percent of the total annual non-interest expenses.

The Bureau seeks comment on its analysis of one-time costs to covered financial institutions as described herein. In particular, the Bureau seeks comment on how to adjust the estimates of one-time costs to account for differences between what respondents to the survey were asked to assume and the proposed rule.

ii. Ongoing Costs to Covered Financial Institutions

Using the methodology described in part VII.E.2, Table 14 shows the total expected annual ongoing costs of the proposed rule as well as a breakdown by the component 15 activities that comprise the ongoing costs for Type A FIs, Type B FIs, and Type C FIs. The bottom of the table shows the total estimated annual 1071 ongoing compliance cost for each type of institution, along with the total cost per application the financial institution processes. To produce the estimates in Table 14, the Bureau used the calculations described in Tables 6 and 7 above and the assumptions for each activity in Table 8. In the following analysis, the Bureau provides examples of these cost calculations for the largest drivers of ongoing costs.

The Bureau estimates that a representative low complexity institution ( i.e., a Type A FI) would incur around $7,386 in total annual ongoing costs, or about $74 in total cost per application processed (assuming a representative 100 applications per year). For financial institutions of this type, the largest driver of ongoing costs is the fixed cost of the external audit, $3,500. Besides the audit cost, the largest drivers of the ongoing costs are activities that require employee time to complete. Activities like transcribing data, transferring data to the data management software, standard edits and internal checks, and training all require loan officer time. The Bureau expects training (activity number 11) to annually require approximately $638 for 6 representative loan officers to engage in two hours of training. The Bureau expects other time-dependent activities to cost around $1,000 each. For example, the Bureau assumes that Type A FIs will spend around 18 hours transferring data to 1071 data management software (activity number 3) based on estimates of the required time to transfer data to HMDA data management software. At the assumed hourly compensation, our estimate is around $1,013 for the Type A FI institutions to transfer data. An assumption of around 17 total hours to conduct standard annual editing checks (activity number 5) with some savings assumed due to an online submission platform that automatically checks for errors, results in an estimated annual ongoing cost of $490.

The Bureau estimates that a representative middle complexity institution ( i.e., a Type B FI), which is somewhat automated, would incur approximately $35,476 in additional ongoing costs per year, or around $89 per application (assuming a representative 400 applications per year). The largest components of this ongoing cost are the expenses of the small business application management software and geocoding software (activity 10) in the form of an annual software subscription fee, and the external audit of the data (activity number 13). Using interviews of financial institutions conducted to determine compliance costs with HMDA, the Bureau found mid-range HMDA data management systems to be approximately $8,000 in annual costs; the Bureau believes that cost would be comparable in the small business lending context and thus applies that estimate here. This analysis assumes that the subscription purchase would be separate from HMDA management systems, but the development of a software to jointly manage HMDA and small business lending-related data would likely result in cost savings for both products. The Bureau also estimates that a Type B FI would spend around $5,000 on external audits of their small business loan application data. The Type B FI incurs employee time-related fixed costs conducting internal checks ($10,576), training ($3,189), and prepping for examinations ($4,227) but saves time and expense on data entry and geocoding by using data management software. As an example, the Bureau expects Type B FIs to have two full-time employees spend 40 hours each to prepare for an examination (activity number 14) resulting in a cost of $4,227, and have employees spend around 12 hours assisting with an examination (activity number 15) costing $672 annually.

The Bureau estimates a representative high complexity institution ( i.e., a Type C FI), would incur $243,266 of annual ongoing costs, or $41 per application (assuming a representative 6,000 application per year). The largest driver of costs for a Type C FI is the employee time required to conduct an internal audit. The assumed 2,304 hours of employee time results in nearly $122,000 of ongoing costs annually. Exam preparation, training, and standard annual and internal checks would be expected to cost $25,365, $26,262, and $26,181 each year, respectively. The Bureau also assumes that a Type C institution would need a subscription to a small business data management software near the upper bound of the range found in interviews with financial institutions, of $13,271.

The Bureau estimates that the total annual ongoing costs for depository institutions would be between about $310,000,000 and $330,000,000 per year, about $192,000,00 to $201,000,000 of which would be annual variable costs. The Bureau estimates that the total annual ongoing costs for nondepository institutions would be about $62,300,000, about $13,700,000 of which would be annual variable costs.

To understand the impacts of these cost estimates on the profits of depository institutions, the Bureau estimates the average total net income across all products per small business origination for all DIs by type. There is no comprehensive published source of data on profits earned on small business credit transactions. The Bureau presents estimates of total net income per origination as an indication of a financial institution's ability to cover the additional expenses associated with the proposed rule. The Bureau estimates that banks and savings associations of Type A have an average net income per origination between $105,000 and $119,000. Credit Unions of Type A have an average net income per origination of $272,000. Assuming two applications per origination, a bank or savings association of Type A has a net income per application of approximately $53,000 to $60,000 and a credit union of the same type has a net income per application of about $136,000. The Bureau estimates that banks and savings associations of Type B have an average net income per origination between $50,000 and $57,000 or a net income per application between $25,000 and $29,000. The Bureau estimates that credit unions of Type B have an average net income per origination of $218,000 or an average net income per application of $109,000. The Bureau estimates that banks and savings associations of Type C have a net income per origination between $237,000 and $267,000, or, assuming three applications per origination, a net income per application between $79,000 and $89,000. The Bureau estimates that credit unions of Type C have an average net income per origination of $8,000, and average net income per application of about $3,000.

The Bureau presented early versions of these ongoing cost estimates in the SBREFA Outline and to SERs during the SBREFA process. Since then, the Bureau has adjusted its estimates to match the total number of data points in the proposed rule relative to the SBREFA Outline. The Bureau also adjusted its estimates in response to SER feedback. Several SERs provided feedback that audit costs in the SBREFA Outline were likely too low for the lowest complexity ( i.e., Type A) institution. The Bureau adjusted the Type A FI external audit costs to match estimates provided to the Bureau from a SER of $3,500, an increase from the original $500-$1,000 expected. The Bureau continues to assume the representative low complexity institution employs only an external audit but acknowledges feedback from SERs that this is not necessarily true for all Type A institutions.

The Bureau also seeks additional comment on the cost estimates above. During the Small Business Panel Review Process, several SERs indicated other areas where costs estimates should be adjusted. A number of SERs remarked that the annual training costs estimates were likely too low. One SER estimated that training costs should be around 20 percent higher and several suggested that the number of employees the Bureau is assuming for training costs on an annual basis is too low. One SER, for example, stated that everyone who interacts with customers will need to be trained and several indicated that the scope of employees who will require training includes administrative and management staff, as well as those directly involved in the credit process. One SER stated that the hourly compensation the Bureau was using for cost calculations is assuming employees are too junior given the complexity of the process and should be around $25 higher. Another suggested that the transcribing data costs estimate is too low. One SER remarked that researching questions and the annual subscription cost of 1071 data management or geocoding software is too low. While the Bureau has not made specific changes in response to these suggestions, the Bureau seeks comment on its estimation methodology and cost estimates. In accordance with the balancing test discussed in part VI above, the Bureau expects to publicly release data collected under the rule, potentially with certain data modified or deleted. A more fulsome discussion of potential risks and harms from the publication of a public 1071 data can be found in part VI.C above, but in this section the Bureau acknowledges several potential costs to covered entities that stem from the publication of a public dataset under the proposed rule.

With the publicly disclosed data, users would be able to assess fair lending risks at the institution and market level, furthering section 1071's fair lending purpose. Several commenters to the Bureau's 2017 RFI expressed concerns, however, about costs related to these analyses. During the SBREFA process, some SERs were concerned that published 1071 data could be used against financial institutions in litigation by class action attorneys or to harm their public reputations. Depending on the extent of publicly disclosed data, the Bureau expects that some financial institutions could incur ongoing costs related to responding to reports of disparities in their small business lending practices. Some financial institutions could also experience reputational risks associated with high profile reports of existing disparities where more fulsome analysis of its business practices would conclude that the disparities do not support a finding of discrimination on a prohibited basis. In anticipation of needing to respond to outside analysis and potential reputational risks, it is possible that some financial institutions may choose to change their product offerings available to small businesses, underwriting or pricing practices, or overall participation in the small business lending market. These costs are difficult to quantify, but the Bureau seeks comment on the extent of the possible costs posed by litigation or reputational harm as a result of the proposed rule.

The Bureau also received feedback that financial institutions could face potential costs with the publication of a public dataset under the proposed rule either because potential clients would be concerned about their data being collected or because of the additional competitive pressure brought by a publicly available dataset. During the SBREFA process, a number of SERs were concerned that full disclosure of all 1071 data would result in the re-identification of small business applicants and potentially harm their privacy interests. Several SERs asserted that public knowledge of borrowing activity (even without any other potential harms) would be very concerning to some small businesses as some small business owners consider that information sensitive or deeply personal. Relatedly, one SER said that the collection of 1071 data, including personal or demographic information, could seem like an invasion of privacy by the financial institution, particularly to minorities, and thus prospective applicants may decide to seek financing elsewhere. A number of these SERs stated that 1071 data could be used to generate marketing lists, resulting in a financial institution's competitors stealing small business customers. Several SERs were concerned about the Bureau potentially making public pricing data. Several SERs were particularly focused on information regarding pricing and pricing structure being commercially sensitive to financial institutions. The Bureau seeks comment on this class of potential costs to covered financial institutions.

The Bureau seeks comment on its analysis of ongoing costs to covered financial institutions as described herein.

4. Costs to Small Businesses

The Bureau expects that any direct costs of the proposed rule on small businesses would stem from additional fields that the applicant may have to complete on credit applications due to the proposed rule compared to the baseline application process. This could include information such as the race, ethnicity, and sex of business owners or number of workers that are not typically required on business credit applications. However, the Bureau expects that the cost of completing these fields on applications to be negligible, especially compared to the overall cost of credit. Therefore, the Bureau focuses the rest of the discussion on the costs of small businesses to whether and how the Bureau expects financial institutions to pass on the costs of compliance with the proposed rule to small businesses and any possible effects on the availability of small business credit.

Three types of costs (one-time, fixed ongoing, and variable ongoing) have the potential to influence the price and availability of credit to small businesses. In a competitive marketplace, standard microeconomics suggests that lenders will extend loans up to the point at which the revenue from granting an additional loan is equal to the additional cost associated with the financial institution providing the loan. One-time costs and fixed ongoing costs affect the overall profitability of a lender's loan portfolio but do not affect the added profit from extending an additional loan. Variable ongoing costs, however, affect the profitability of each additional loan and will influence the number of loans a lender provides. Based on the Bureau's available evidence, it expects that the variable ongoing costs will be passed on in full to small business credit applicants in the form of higher prices or fees and does not expect there to be a significant reduction in small businesses' ability to access credit.

One-time and fixed ongoing costs affect the overall profitability of the loan portfolio and will be considered in the lender's decision to remain in the small business credit market or the market for specific small business credit products. A financial institution would find it worthwhile to incur the one-time costs associated with complying with the proposed rule if it expects to generate enough profit over multiple years to cover those costs. Each year, a financial institution would find it worthwhile to continue extending credit if the total expected revenue from its chosen quantity of loans is greater than the sum of its ongoing fixed and variable costs. A financial institution would find it worthwhile to exit the market, even if it had already incurred the one-time costs, if the total expected revenue from that year were less than the total expected ongoing costs. During the SBREFA process, the Bureau asked panelists how they would respond to the cost of complying with the proposed rule. One nondepository institution participant did indicate that smaller firms in their industry may stop participating if one-time costs are too high, particularly if small business lending is a secondary aspect of their business model. Another nondepository institution participant indicated that significantly increasing the time between application and decision could occur due to the proposed requirements, which they said would threaten their ability to compete with other lenders.

In the One-Time Cost Survey, the Bureau asked respondents to rank a list of potential actions they may take in response to the compliance costs of implementing section 1071. Respondents ranked the following list: “Raise rates or fees on small business products”; “Raise rates/fees on other credit products”; “Accept lower profits”; “Exit some geographic markets”; “Tighten underwriting standards”; “Offer fewer or less complex products”; “No longer offer small business credit products”; or “Other” with two write-in options. Respondents ranked these options from “1” to “9” indicating their most to least likely responses, where “1” was the most likely.

In order to analyze these responses, the Bureau pooled data only from respondents that answered both the ranking question and the number of originations question. The Bureau implemented these restrictions to the pool to eliminate responses from institutions that would not be required to report under the proposed rule. Of the 105 total respondents to the One-Time Cost Survey, 44 ranked every option and reported more than 25 originations in the last year. The Bureau will henceforth refer to these respondents as the “impacts of implementation” sample.

Table 15 presents the potential responses to implementing section 1071 and the average ranking assigned by respondents in the impacts of implementation sample. The responses are listed in order of most to least likely on average, where a lower average ranking number means that respondents ranked that response most likely. Consistent with economic theory, respondents reported that they would be most likely to raise rates or fees on small business products and other credit products. On average, respondents reported that they would be least likely to exit some geographic markets or cease offering small business credit products.

The Bureau expects that the variable ongoing costs would be passed on in full to small business credit applicants in the form of higher prices or fees. This expectation is consistent with both standard microeconomic theory and feedback from SERs during the SBREFA process and respondents to the One-Time Cost Survey. Per application, the variable costs are approximately $28, $24, and $7 for Type A FIs, Type B FIs, and Type C FIs, respectively. Even if the variable costs were passed on in full to small business applicants in the form of higher interest rates or fees associated with a loan or line of credit (or even applicants in the form of application fees), the Bureau expects that this would comprise a small portion of the total cost of the average loan to the small business applicant.

As discussed above, the Bureau believes financial institutions would decide to remain in or exit the small business credit market based on the revenue generated from small business credit relative to the sum of one-time costs, fixed ongoing costs, and variable ongoing costs. The Bureau's total estimated one-time and ongoing costs are non-negligible and could potentially result in exit from the market by financial institutions that do not regularly originate many covered credit transactions. The Bureau's proposed coverage threshold of 25 covered credit transactions in two consecutive years could prevent some low-volume financial institutions from leaving the small business credit market in response to the compliance costs of the proposed rule. For example, the Bureau estimates that a Type A DI would incur one-time costs of $58,400 and fixed ongoing costs of $4,536. A depository institution that originates very few covered transactions every year may exit the market if it does not expect that profits, even over several years, would cover that one-time cost or if it does not expect annual revenues to exceed the annual ongoing costs. However, based on the net income per application estimates discussed above, the Bureau believes that institutions that are covered under the proposed rule ( i.e., above the proposed coverage threshold) will earn enough revenue to exceed these costs. Furthermore, the Bureau's findings during the SBREFA process and the respondents to the One-Time Cost Survey (discussed above) additionally support the Bureau's conclusion that the increase in compliance costs will likely be passed through to customers in the form of increased fees, rather than result in financial institutions leaving the small business credit market.

The Bureau seeks comment on other potential costs to small businesses not discussed here. The Bureau seeks comment on its analysis of costs to small businesses as described herein.

5. Alternatives Considered

This section discusses two categories of alternatives considered: Other methods for defining a covered financial institution and limiting the data points to those mandated by section 1071. The Bureau uses the methodologies discussed in parts VII.D and VII.E to estimate the impacts of these alternatives.

First, the Bureau considered multiple reporting thresholds for purposes of defining a covered financial institution. In particular, the Bureau considered whether to exempt financial institutions with fewer than 50 or 100 originations in each of the two preceding calendar years instead of 25 originations, as proposed. The Bureau also considered whether to exempt depository institutions with assets under $100 million or $200 million from section 1071's data collection and reporting requirements.

Under a 50-origination threshold, the Bureau estimates that about 2,900 to 3,100 depository institutions would report, which is approximately 1,100 fewer depository institutions relative to the proposed threshold of 25 originations. The Bureau estimates that about 2,700 to 2,900 banks and savings associations and about 200 credit unions would be covered under a 50-origination threshold. The Bureau does not have sufficient information to estimate how many fewer nondepository institutions would report under this alternative threshold. The Bureau estimates that the total one-time costs across all financial institutions associated with a 50-origination threshold would be about $252,000,000 to $264,000,000, a decrease of about $60,000,000 relative to the 25-origination threshold. The Bureau estimates that the total annual ongoing costs associated with this threshold would be about $357,000,000 to $374,000,000, a decrease of about $17,000,000 per year relative to the 25-origination threshold.

Under a 100-origination threshold, the Bureau estimates that about 1,800 to 2,000 depository institutions would report, which is approximately 2,200 fewer depository institutions relative to the proposed threshold of 25 originations. The Bureau estimates that about 1,700 to 1,900 banks and savings associations and about 100 credit unions would be covered under a 100-origination threshold The Bureau estimates that the total one-time costs across all financial institutions associated with a 100-origination threshold would be about $192,000,000 to $203,000,000, a decrease of $120,000,000 relative to the 25-origination threshold. The Bureau estimates that the total annual ongoing costs associated with this threshold would be about $332,000,000 to $347,000,000, a decrease of about $40,000,000 to $45,000,000 per year relative to the 25-origination threshold. Again, the Bureau does not have sufficient information to estimate how many fewer nondepository institutions would be required to report under this alternative.

The Bureau also considered $100 million and $200 million asset-based thresholds for depository institutions. For the purposes of considering these alternatives, the Bureau estimates how institutional coverage and costs would be different if the Bureau required a 25-origination threshold in addition to an asset-based threshold for depository institutions. The Bureau assumes that the alternative proposal would have been that a depository institution would be required to report its small business lending activity for 2019 if it had more than 25 originations in 2017 and 2018 and had assets over the asset-based threshold on December 31, 2018. The Bureau further assumes that if two institutions merged in 2019 then the resulting institution would be required to report if the sum of the separate institutions' assets on December 31, 2018 exceeded the asset-based threshold.

Under a $100 million asset-based threshold, the Bureau estimates that between 3,500 and 3,600 depository institutions would report, approximately 500 to 600 fewer depository institutions relative to a 25-origination threshold with no asset-based threshold. The Bureau estimates that about 3,100 to 3,300 banks and savings associations and about 300 credit unions would be covered under a 25-origination and $100 million asset-based threshold. The Bureau estimates that the total one-time costs across all financial institutions associated with the addition of a $100 million asset threshold would be about $284,000,000 to $291,000,000, a decrease of between $28,000,000 and $32,000,000 relative to the proposed rule. The Bureau estimates that the total annual ongoing costs associated with this threshold would be about $366,000,000 to $384,000,000, a decrease of about $7,000,000 to $9,000,000 per year relative to the 25-origination threshold with no asset-based threshold.

Under a $200 million asset-based threshold, the Bureau estimates that between 2,600 and 2,700 depository institutions would report, approximately 1,400 to 1,500 fewer depository institutions relative to a 25-origination threshold with no asset-based threshold. The Bureau estimates that about 2,300 to 2,400 banks and savings associations and about 300 credit unions would be covered under a 25-origination and $200 million asset-based threshold. The Bureau estimates that the total one-time costs across all financial institutions associated with the addition of a $200 million asset threshold would be about $240,000,000 to $244,000,000, a decrease of between $73,000,000 and $80,000,000 relative to the proposed rule. The Bureau estimates that the total annual ongoing costs associated with this threshold would be about $348,000,000 to $363,000,000, a decrease of about $25,000,000 to $29,000,000 per year relative to the 25-origination threshold with no asset-based threshold.

Second, the Bureau considered the costs and benefits for limiting its data collection to the data points required by the section 1071. In addition to the statutorily required data points enumerated in section 1071, the statute also requires financial institutions to collect and report any additional data that the Bureau determines would aid in fulfilling the purposes of section 1071. The Bureau is proposing several additional data points that rely solely on this authority. Specifically, the Bureau is proposing to require that financial institutions collect and report data on application channel, application recipient, denial reasons (for denied applications only), pricing information (for applications that are originated or approved but not accepted), NAICS code, number of workers, time in business, and number of principal owners. The Bureau has considered the impact of instead proposing only the collection of those data points required by statute.

Requiring the collection and reporting of only the statutory data points would result in a reduction in the fair lending benefit of the data compared to the proposed rule. For example, not collecting pricing information would obscure possible fair lending risk by covered financial institutions. Potential discriminatory behavior is not limited to the action taken on an application, but rather includes the terms and conditions under which applicants can access credit. If the Bureau did not collect pricing information, it would not be able to evaluate potential discriminatory behaviors on the basis of price. As mentioned in part VII.F.1 above, several of the data points the Bureau is proposing under its ECOA section 704B(e)(2)(H) authority are useful in creating more accurate fair lending analyses. A reduction in the rule's ability to facilitate the enforcement of fair lending laws would negatively impact small businesses and small business owners relative to the proposed rule.

Limiting the rule's data collection to only the data points required under the statute would also reduce the ability of the rule to support the business and community development purpose of the section 1071. Not including pricing information would significantly reduce the ability of communities, governmental entities, and creditors to understand credit conditions available to small businesses. Not including NAICS code or time in business would reduce the ability of governmental entities to tailor programs that can specifically benefit young businesses or businesses in certain industries. This reduction in benefits might be disproportionately borne by women-owned and minority-owned small businesses.

Only requiring the collection and reporting of the statutory data points would have reduced the annual ongoing cost of complying with the proposed rule. Under this alternative, the estimated total annual ongoing costs for Type A FIs, Type B FIs, and Type C FIs would be $6,833; $34,004 and $233,209, respectively. Per application, the estimated ongoing cost would be $68, $85, and $39 for Type A FIs, Type B FIs, and Type C FIs, respectively. The estimated total annual market-level ongoing cost of reporting would be between $363,000,000 and $382,000,000 or about $10,000,000 per year less than under the proposed rule. As discussed above, respondents to the One-Time Cost Survey were instructed to assume that they would only report the mandatory data fields. Hence, the Bureau can only estimate how ongoing costs would be different under this alternative.

G. Potential Impact on Depository Institutions and Credit Unions With $10 Billion or Less in Total Assets

As discussed above, the proposed rule would exclude financial institutions with fewer than 25 originated covered credit transactions in both of the two preceding calendar years. The Bureau believes that the benefits of the proposed rule to banks, savings associations, and credit unions with $10 billion or less in total assets will be similar to the benefits to covered financial institutions as a whole, discussed above. Regarding costs, other than as noted here, the Bureau also believes that the impact of the proposed rule on banks, savings associations, and credit unions with $10 billion or less in total assets will be similar to the impact for covered financial institutions as a whole. The primary difference in the impact on these institutions is likely to come from differences in the level of complexity of operations, compliance systems, and software, as well as number of product offerings and volume of originations of these institutions.

Based on FFIEC and NCUA Call Report data for December 2019, 10,375 of 10,525 banks, savings associations, and credit unions had $10 billion or less in total assets. The Bureau estimates that between 3,900 and 4,000 of such institutions would be subject to the proposed rule. The Bureau estimates that the market-level impact of the proposed rule on annual ongoing costs for banks, savings associations, and credit unions with $10 billion or less in assets would be between $151,000,000 and $171,000,000. Regarding one-time costs, the Bureau estimates that the market-level impact of the proposed rule for banks, savings associations, and credit unions with $10 billion or less in assets would be between $209,000,000 and $220,000,000. Using a 7 percent discount rate and a five-year amortization window, the estimated annualized one-time costs would be between $51,000,000 and $54,000,000.

The Bureau seeks comment on its analysis of the potential impact on depository institutions and credit unions with $10 billion or less in total assets as described herein.

H. Potential Impact on Small Businesses in Rural Areas

The proposed rule would not directly impact small businesses in rural areas. However, as with all small businesses, small businesses in rural areas may bear some indirect costs of the proposal. This would occur if financial institutions serving rural areas are covered by the proposed rule and if those institutions pass on some or all of their cost of complying with the proposed rule to small businesses.

The source data from CRA submissions that the Bureau uses to estimate institutional coverage and market estimates provide information on the county in which small business borrowers are located. However, approximately 89 percent of banks did not report CRA data in 2019, and as a result the Bureau does not believe the reported data are robust enough to estimate the locations of the small business borrowers for the banks that do not report CRA data. The Credit Union Call Report data do not provide any information on the location of credit union borrowers. Nonetheless, the Bureau is able to provide some geographical estimates of institutional coverage based on depository institution branch locations.

The Bureau used the FDIC's Summary of Deposits to identify the location of all brick and mortar bank and savings association branches and the NCUA Credit Union Branch Information to identify the location of all credit union branch and corporate offices. A bank, savings association, or credit union branch was defined as rural if it is in a rural county, as specified by the USDA's Urban Influence Codes. A branch is considered covered by the proposed rule if it belongs to a bank, savings association, or credit union that the Bureau estimated would be included under the proposed threshold of 25 originations in 2017 and 2018. Using the estimation methodology discussed in part VII.D above, the Bureau estimates that about 90 to 92 percent of rural bank and savings association branches and about 95 percent of non-rural bank and savings association branches would be covered under the proposed rule. The Bureau estimates that about 27 percent of rural credit union branches and about 29 percent of non-rural credit union branches would be covered under the proposed rule.