ICBA Response to the CFPB’s Outline of Proposals for 1071

Consumer Financial Protection Bureau CFPB

RE: 1071 SBREFA Outline of Proposals Under Consideration

Dear Sir or Madam:

The Independent Community Bankers of America (“ICBA”)[1] welcomes the opportunity to comment on the Consumer Financial Protection Bureau’s (“CFPB” or “Bureau”) Outline of Proposals (“Outline”) under consideration to implement the small business lending data collection requirements under Section 1071 of the Dodd-Frank Act (“Section 1071”).

Among other requirements, Section 1071 requires financial institutions to collect certain data regarding applications for credit for women-owned, minority-owned, and small businesses, and to report that data to the Bureau on an annual basis. The Outline describes proposals that the Bureau is considering to implement, along with the relevant law, the regulatory process, and an economic analysis of the potential impacts of the proposals on directly affected small entities.

While the Outline’s contemplation of the forthcoming rule seems to genuinely seek an approach that minimizes the compliance burden where possible, its overall scope and coverage is too broad and will unfairly penalize small community banks.

ICBA has repeatedly expressed concerns with Section 1071. Small business lending is complex and cannot be “commoditized” in the same way as consumer lending. Each small business loan has customized terms based on an analysis of numerous factors. Complex lending should not be subject to simplified, rigid analysis, which might give rise to unfounded fair lending complaints.

For this reason, the rules under Section 1071 will have a chilling effect on community banks’ ability to price for risk, unless the Bureau can properly tailor a rule before implementation and exclude community banks from coverage. Properly tailoring the rule will require substantial analysis.

The application of a consumer protection law is grossly incongruous with the underlying nature of small business lending. Unlike consumer loan products, such as mortgages and credit cards, small business loans are non-homogenous and do not lend themselves to standardized recordkeeping or comparative analysis.

ICBA is concerned that community banks would need to revert to a check-the-box system and algorithm where small businesses either meet a predetermined set of standardized credentials or do not. Homogenization of small business lending would drive various small business credit out of small banks and significantly reduce access to credit for the businesses that need it most – small businesses with unique credit needs.

Community banks do not use standard applications for small business loans. Unlike other types of consumer credit, each small business has its own distinctive characteristics with unique credit needs. Existing business lending practices do not conform to a standard data collection practice and would require extraordinary change to comply. Unlike the residential mortgage market, where there is a standard portfolio of products, each small business has its own unique characteristics and credit needs, and each small business loan has unique credit terms.

For example, the terms of a loan can vary depending on whether it is collateralized or the nature of that collateral. As a result, there is no standard application for small business loans. The current small business lending process for community banks would not conform to a standard data collection process. If banks were forced to automate their small business loans, many small borrowers that do not meet the standardized underwriting box would miss out on opportunities for credit.

Community banks are dedicated to making small business loans to their communities, as evidenced by their outsized participation in the Paycheck Protection Program (“PPP”). Despite the rapid rollout and complexity of the program, community banks were able to make over 2.8 million PPP loans – amounting to 57.5% of all loans originated under the program.

As impressively, community banks originated 72.6% of PPP loans made to non-white small business owners, and 71.5% of PPP loans made to female small business owners.[2] The share of PPP loans made by community banks far exceeds their share of bank assets and many of the small businesses turned to community banks when they were unable to get a loan from larger banks.

Given the value of community banks to their communities, as evidenced by their response to the pandemic and participation in the Paycheck Protection Program, the Bureau must proceed with caution as it considers how to proceed with a rulemaking. The Bureau’s proposed rule should acknowledge the unintended consequences of applying this rule to community banks.

Scope of Proposed Rule

Though the statutory text of Section 1071 applies to “a women-owned, a minority-owned, or a small business,” the Bureau is considering proposing that the data collection and reporting requirements only apply to applications made by small businesses. The CFPB justifies this change by explaining that the scope of “small business” would sufficiently cover almost all minority-owned and women-owned businesses.

Conversely, the Outline contemplates not requiring financial institutions (“FIs”) to collect and report Section 1071 data for women-owned and minority-owned businesses that are not “small,” arguing that large organizations may be too complex.

The Bureau’s approach here is prudent, as it would simplify coverage thresholds and would avoid the potential discrepancy of collecting data on “women-owned” or “minority-owned” businesses that do not have more than a 25 percent ownership or control by women or minorities (discussed below).

Definition of “Financial Institution” (Lender Coverage)

The CFPB is considering covering the following entities under the rule: depository institutions, online lenders/platform lenders, community development financial institutions ("CDFIs”), lenders involved in equipment and vehicle financing (captive financing companies and independent financing companies), commercial finance companies, governmental lending entities, and non-profit non-depository lenders. However, the CFPB has the authority to exempt “any class of covered entity” from a Section 1071 rulemaking.

These exemptions can be based on an entity’s asset size, transaction volume, or other criteria that the Bureau sets. Because the CFPB is concerned that the smallest FIs, or those with the lowest volume of small business lending, might reduce or cease their small business lending activity because of the fixed costs of coming into compliance with an eventual 1071 rule, it is considering exemptions based on the asset size of the FI, the activity of the FI, or an arrangement that considers both the asset size and activity of the FI. ICBA will provide feedback on each of these scenarios but advocates for a simple asset-based exemption threshold of $1 billion.

Asset-Based Exemption Should Be $1 Billion

Of the options discussed, ICBA believes that an asset-based threshold is the simplest and brightest threshold for community banks to apply and comply with. Most regulations that have coverage exemptions or varying compliance obligations are based on asset size, as the metric is a good proxy for sophistication and availability of resources that covered entities have to dedicate to compliance with the rule. This resource limitation not only includes technology or other hard resources, but also personnel and staff that must be trained and redirected toward compliance with new regulations.

While ICBA contends that an asset-size-based threshold is the most appropriate method to determine exemption from coverage, the asset thresholds proffered are grossly underweighted. The Outline offers two options under its asset-size-based coverage – exempting FIs with assets of less than $100 million (Option A) or $200 million (Option B).

According to Call Report data, approximately 20 percent of banks (1,011) hold less than $100 million in assets and would be exempt under under Option A, yet 99 percent of all small business loans would be captured and covered by the remaining banks (4,064) not excluded from the rule’s coverage.[3]

The Outline’s analysis of Option A reveals the Bureau’s underlying methodological principle for determining an exemption threshold: the principle is to capture as many small business loans as possible, while burdening as few DIs as possible. Though Option A captures 99 percent of the small business loan market, the Bureau has determined that it is not sound public policy to subject nearly 20 percent of the nation’s banks to the rule in order to ascertain the remaining one percent of the small business loan market. Simply put – the additional burden placed on 20 percent of banks is not commensurate with the one percent increase in coverage of the market.

Taking this logical chain of thought further, depository FIs under $1 billion in assets should be excluded from coverage under a 1071 rulemaking. According to FDIC research, setting a $1 billion threshold would cover 90 percent of the number of small business loans made, while only burdening 15 percent of this country’s banks.[4] Simply put, here, too – the Bureau should not burden the 85 percent of banks that hold less than $1 billion in assets to capture only 10 percent of the number of small business loans made.

ICBA understands that moderately large or even large non-depository FIs, such as title loan and payday loan stores, will always have fewer assets than even the smallest of depository FIs, such as a $50 million bank. However, unlike non-depository FIs, community banks are already subject to regular examination for compliance with fair lending laws and equal credit opportunity mandates, including compliance exams, Community Reinvestment Act exams, and Home Mortgage Disclosure Act exams. In contrast, non-bank lenders like fintechs or payday lenders are not examined for compliance with these laws. Accordingly, any asset-based sized exemption should be limited to depository FIs, such as community banks.

The Bureau has a long-established precedence of establishing asset-based thresholds for depository FIs. For example, DIs are exempt from establishing escrow accounts for higher-priced mortgage loans and are excluded from several provisions of the Qualified Mortgage Rule if they have assets of less than $2 billion.

Activity-Based Exemption Threshold

As an alternative to an asset-based exemption, particularly for non-DIs, the Bureau is exploring whether to use an activity-based exemption. The Outline contemplates three activity-based thresholds for consideration: excluding FIs that originate (A) fewer than 25 loans or less than $2.5 million in small business loans annually, (B) fewer than 50 loans or less than $5 million in small business loans annually, or (C) fewer than 100 loans or less than $10 million in small business loans annually.

Though an activity-based exemption may work for non-DIs, ICBA believes that an activity-based threshold will be less of a bright-line threshold for community banks. Using an asset-based threshold, for example, gives community banks more consistency.

When a community bank crosses an asset-size threshold in one year, it is not very common for the bank to dramatically decrease in assets to a point where it is no longer covered the next year. This results in compliance teams at banks having a fair certainty that once their bank passes the asset threshold, they will have to comply with that rule on an on-going basis.

In contrast, lending activity at a bank can vary much more dramatically and more frequently, year-by-year, depending on the regional conditions or economic cycles. Setting the coverage threshold based on an activity-threshold would mean that there is a much greater chance that community banks would either be collecting and reporting data or not on any given year because of the greater fluctuations in small business lending activity.

For example, a bank could have a few years that exceeded the activity threshold, triggering collection and reporting requirements, only to find itself not meeting the activity threshold the following year. This would result in the bank making an investment in its compliance department and technology to comply with a rule for a few years, only to find itself no longer needing to comply with the rule.

Additionally, setting an activity-based threshold may artificially throttle a bank’s business lending department if the bank is getting close to the threshold. A bank may not want to increase its small business lending so as not to cross the loan threshold in order to avoid the additional costs of complying with 1071. This of course would disincentivize lending activity in an area, an undesirable result.

Combined Size- and Activity-Based Exemptions

Under this third option, a FI would be required to collect Section1071 data if it exceeds either a given annual number of small business loans or an annual total value of small business loans, but it would not be required to report the data if the FI is less than a given asset size, regardless of dollar value or number of small business loans originated.

While this option presumably seeks to minimize the burden on FIs, the complexity might actually serve to increase the burden and blur the lines for which banks are covered by the rulemaking. Further, this hybrid approach still suffers the same flaw as the pure activity-based threshold. This approach is still subject to active intervention to avoid reporting coverage.

Other depository institution characteristics for exemption

Besides exemption options based on the size or activity of the FI, the Bureau is soliciting comment on whether there are other criteria that should be considered when exempting certain FIs from coverage. ICBA strongly recommends that the Bureau consider exempting FIs that are (1) Community Development Financial Institutions (“CDFI”), (2) Minority Depository Institutions (“MDI”), or (3) those FIs located in rural areas. Many of these exemptions have precedent in other Bureau regulations.

Community Development Financial Institutions (“CDFI”)

CDFIs are approved by the U.S. Department of the Treasury (“Treasury Department”) to receive monetary awards from the Treasury Department’s CDFI Fund, which was established to promote capital development and growth in underserved communities. Promoting homeownership and providing safe lending alternatives are among the Fund’s main goals. The Treasury Department created the CDFI designation to identify and support small-scale creditors that are committed to community-focused lending but have difficulty raising the capital needed to provide affordable financial services.

The Bureau decided to exempt CDFIs when implementing the Qualified Mortgage (“QM”) rule, finding that CDFIs that provide mortgage loans generally employ underwriting guidelines tailored to the needs of low-and-moderate income (“LMI”) consumers. Unlike creditors that rely on industry-wide underwriting guidelines, which generally do not account for the unique credit characteristics of LMI consumers, CDFI underwriting requirements include a variety of compensating factors. The Bureau cited several examples, including, “these creditors often consider personal narratives explaining prior financial difficulties, such as gaps in employment or negative credit history. Some creditors also consider a consumer’s general reputation, relying on references from a landlord or persons with whom the consumer does business.”

In exempting CDFIs from the QM rule, the Bureau noted that CDFIs undergo a screening process related to the ability of applicants to provide affordable, responsible credit to obtain the designation and must operate in accordance with the requirements of these programs, including periodic recertification. The preamble to the final QM rule also noted that CDFIs “serve consumers that have difficulty obtaining responsible and affordable credit, and that the burdens imposed by the ability-to-repay requirements would significantly impair the ability of these creditors to continue serving this market.”

Just as the Bureau felt that these characteristics of CDFIs warrant exemption from the QM rule, ICBA urges the Bureau to use the same underlying rationale here and exempt CDFIs from the 1071 rule’s coverage.

Minority Depository Institutions (“MDI”)

MDIs were designated under the Financial Institutions Reform, Recovery, and Enforcement Act (“FIRREA”), when Congress recognized that minority banks can play an important role in serving the financial needs of historically underserved communities and minority populations. The Federal Deposit Insurance Corporation (“FDIC”) defines an MDI as any federally insured depository institution for which 51 percent or more of the voting stock is owned by minority individuals or a majority of the board of directors is minority, and the community that the institution serves is predominantly minority.[5]

Based on FDIC research, MDIs serve minorities, LMI communities, and rural communities at higher rates than mainstream banks. MDIs are commonly known as “mission-driven banks” because they play a role in transforming the lives of underserved citizens and communities by making loans and providing other vital banking products and services.[6] MDIs provide safe and affordable financial services to residents and businesses in these communities.

Since Congress has determined that MDIs already play an important role in serving underserved communities and minority populations, the intent behind Section 1071 is already met by MDIs, and therefore, should not redundantly be applied to this special class of DIs. As such, ICBA urges the Bureau to exempt MDIs from the 1071 rule’s coverage.

Financial Institutions Located in Rural Areas

The Bureau should exempt small lending institutions and those operating entirely outside of metropolitan statistical areas (“MSA”), such as community banks that operate in rural areas. This exemption would mirror the HMDA’s exemption for similarly situated banks.[7] Exempting these community banks from coverage would simplify and maintain congruency between Section 1071 and HMDA.

Ultimately, no regulatory compliance is costless, and if these community banks are not exempted from Secion 1071, those costs will be passed on to business borrowers. In some cases, this increase may make loans unaffordable and reduce access to credit.

Reducing Duplicative Reporting – Financial Institutions That Are Not the Lender of Record

There may be instances where a borrower shops for a loan from multiple lenders, but only borrows from one. Or, some lenders may originate a loan, but then quickly sell the entirety or a portion of it to another entity. If each entity reports these interactions and transactions, there is a high risk of duplicative reporting, resulting in bad data. The Outline contemplates a potential solution to this problem.

In order to avoid duplicative reporting, the Bureau is considering taking an approach similar to that under HMDA, where the reporting responsibility depends on which institution made the final credit decision. If more than one FI approved a loan, and the loan was purchased after closing by one of the FIs approving the loan, the purchaser (such as an assignee) would report the loan. If there was no origination and multiple FIs received the same application, then any FI that made a credit decision would be responsible for reporting (even if other FIs also reported on the same potential non-originated application).

ICBA believes that this approach is potentially beneficial in two ways: (1) it treats multi-FI originations in the same manner as HMDA, keeping consistency, and (2) it reduces the burden for FIs that use another bank or third-party to originate credit card loans. However, while this outline discusses “reporting,” it does not discuss the associated responsibility of “collecting” the data. The proposed rulemaking should explicitly address which FI bears the burden of not only “reporting” data, but also “collecting” data. The proposed rule should also provide an acceptable mechanism to accurately reflect borrowers that do not accept approved loan terms. Similar to HMDA, Section 1071 reporting should include an option for “approved, not accepted.”[8]

Definition of “Small Business” Applicants

In order to determine which small business loan applicants trigger a lender’s collecting and reporting obligation, the Bureau must define “small business.” The Outline discusses that the Bureau would not include non-profit small businesses or foreign small businesses as small businesses that trigger Section 1071 requirements upon their application for credit. However, the Bureau is considering three options for using a simple size standard to define “small businesses.” It is important to establish a definition of “small business” that is easily and simply ascertainable.

Of the options discussed, ICBA urges the Bureau to adopt the first option, which defines a “small business” as one with gross annual revenue of $1 million or less. This is a simple, bright-line definition that will make it easier for banks to comply. This has the added benefit of a business applicant likely knowing whether it meets that threshold or not. Additionally, a $1 million annual gross revenue threshold would cover 95 percent of all businesses. [9]

Also, though not discussed in the Outline, but something to consider, the Bureau should adjust the asset threshold calculation on a consolidated basis. This would more accurately capture true “small businesses” rather than a conglomeration of affiliated businesses.

Finally, using a gross annual revenue method would align with many banks’ existing underwriting methodology, where the gross annual revenue of a business is a key factor in a credit decision. Tying the definition of a “small business” to information that the bank is likely to glean will make the process easier for both banks and applicants.

In contrast, options 2 and 3 require awareness of the Census Bureau’s North American Industry Classification System (“NAICS”) system and the code under which a business falls. This is not something that the average small business would know. This is something that the bank is likely unfamiliar with, as well. Unless the bank is an SBA lender, the loan officer and creditor likely do not ask, collect or record a small business NAICS.

Finally, while not contemplated in the Outline, ICBA recommends that the Bureau exclude small farm loans from the definition of “small business.” Not only is it unlikely that Section 1071 was enacted to cover small farm lending, but the underwriting criteria for small farm loans are distinct and different from small business loans. The distinction is already codified in several laws and regulations.

For example, the definition of small business loans and small farm loans under CRA have two different definitions, revealing the distinction between the two. It is reasonable to explicitly exclude small farm loans from coverage under the definition of “small business.”

Definitions of “Women-Owned Businesses,” “Minority-Owned Businesses,” and “Minority Individual”

Section 1071 imposes data collection and reporting requirements on FIs with respect to “any application to a financial institution for credit for [a] women-owned, minority-owned, or small business.” The Outline contemplates defining “women-owned business” and “minority-owned business” as one where (A) more than 50 percent of the ownership or control is held by one or more women/minority individuals; and (B) more than 50 percent of the net profit or loss accrues to one or more women/minority individuals (using GAAP standards and/or IRS filings).

The Bureau is also considering to add guidance that would mirror HMDA’s interpretation of “minority,” which would be a natural person who is Black or African American, Asian, American Indian or Alaska Native, Native Hawaiian or Other Pacific Islander, and/or Hispanic or Latino. Furthermore, the definition of “ownership” and “control” would mirror the terms defined in FinCEN’s Customer Due Ddiligence rule, where “ownership” means directly or indirectly having an equity interest in a business and “control” means having significant responsibility to control, manage, or direct a business.

Using these terms and definitions, which mirror existing regulations with which banks are accustomed, would be simple and objective, further limiting the potential for confusion among community banks, so long as the information does not have to be verified, as the Outline currently contemplates.

Product Coverage

Section 1071 covers “any application to a financial institution for credit.” Though not defined in Section 1071 itself, the Equal Credit Opportunity Act (“ECOA”) defines “credit” as “the right granted by a creditor to a debtor to defer payment of debt or to incur debts and defer its payment or to purchase property or services and defer payment therefor.”[10] Because products perform differently, rely on different information, and have different risk tolerances, the Bureau will need to account for these differences before establishing data collection requirements. As a prerequisite, the Bureau will have to review the landscape of products that will be covered.

Nearly all of the community banks consulted in preparation for this letter indicated that they require personal guarantees for all business credit products. The personal credit score of significant owners are evaluated, which mitigates risk. Not only is this a standard underwriting practice developed by the bank, but the prudential examiners expect it as a mitigant against safety and soundness risks.

The Outline explains that term loans, lines of credit, and business credit cards, collectively, make up the majority of business financing products used by small businesses and are an essential source of financing for such businesses. As such, the Outline contemplates covering these products under a proposed rule and seeks comment on the approach.

While ICBA believes the approach is a prudent interpretation of “credit,” the Bureau should reconsider its exclusion of merchant cash advances (“MCA”) and other unconventional products. These products are typically offered by non-depositories and are unsupervised, unlike community banks. The purpose of Section 1071 is to increase transparency and data on small business lending. , Therefore, it should focus its efforts on MCAs and other similar products that do not currently have much transparency or data rather than on products and services that already undergo routine fair lending tests and data reporting requirements.

Definition of an “Application”

Section 1071(b) requires that FIs collect and report to the Bureau certain information regarding “any application to a financial institution for credit.” Thus, for covered FIs with respect to covered products, the definition of “application” will trigger data collection and reporting under Section 1071.

The term “application,” however, is not defined in either Section 1071 or ECOA, though it is defined in Regulation B (“Reg B”).”[11] The Bureau is considering using a definition of application based on either the Reg B definition of “application” orits definition of “completed application.”

Reg B defines “application” as “an oral or written request for an extension of credit that is made in accordance with procedures used by a creditor for the type of credit requested.” Reg B defines “completed application” as one “in connection with which a creditor has received all the information that the creditor regularly obtains and considers in evaluating applications for the amount and type of credit requested (including, but not limited to, credit reports, any additional information requested from the applicant, and any approvals or reports by governmental agencies or other persons that are necessary to guarantee, insure, or provide security for the credit or collateral). The creditor shall exercise reasonable diligence in obtaining such information.[12]

The Bureau would also exclude inquiries/prequalifications, reevaluations, extension and renewal requests, except requests for additional credit amounts, and solicitations and firm offers of credit, which would normally meet the Reg B definition of application.

If the Bureau used the Reg B definition of “application,” it would trigger “the 1071 data collection requirement only after there is an actual request for credit (using the procedures defined by an FI, i.e., an “application”), but still early enough in the process to capture incomplete, withdrawn, and denied applications, thus making the reported data more in line with Section 1071’s statutory purposes.”[13]

By contrast, if the Bureau used the Reg B definition of “completed application” it would apply to applications “in which the creditor has received ‘all the information that the creditor regularly obtains and considers’ in evaluating similar products. This definition could exclude incomplete applications and many withdrawn applications, thus making the reported data less in line with Section 1071’s statutory purposes.”[14]

Because the large majority of community banks do not have formal “applications” for credit products, there are no formal “pre-approval” or “pre-qualification” stages. Those that do have an application are blanket applications, applicable to any commercial loan and not product-dependent. Any Bureau regulation that references lending stages would be an entirely new construct that would have to be adopted.

Most community banks are concerned that any definition of “application” will make their process too inflexible. Few typically use a formal application for small business loans, and those that have tried to create a more formalized process soon abandoned it because it was cumbersome and duplicative of existing recordkeeping.

Whether the CFPB ultimately opts to choose the Reg B definition of “application” or of “completed application,” ICBA believes that either option would be a sound approach that would accommodate existing practices at community banks and mirror definitions already set forth by other regulations.

Mandatory Data Points

Section 1071 requires the CFPB to collect certain enumerated data points from banks, but the Bureau does have some statutory authority to grant exemptions, where it deems it “necessary or appropriate.” In general, by using a limited selection of options or choices, the Bureau appears to have made an earnest effort to ease the process of requesting and collecting the data from covered business applicants. Creating a limited selection of options or choices will speed the information intake process.

In addition, ICBA supports the Outline’s preferred option of not requiring banks to verify any of the mandatory information provided by the applicant. To do otherwise would put banks in a precarious and difficult situation, especially concerning information related to the race, sex and ethnicity of the applicant.

However, the collection of these data points are likely to alter a bank’s existing credit procedures and many of the data points will still be difficult for community banks to collect and report.

Application Number and Application Date

Since most community banks do not have applications for commercial loans, they do not currently generate “application numbers” or “application dates.” Some banks might generate a loan number when the loans are funded, but often there is no “application number” before this point. Similarly, there are typically no “application dates” but rather dates that mark when loan proceeds were disbursed. Though it seems like a simple process on its face, generating application numbers simply to comply with this mandate does not appear to serve a necessary function.

Type and Purpose of the Financing

Community banks have explained that it is not always clear at the time of application how a borrower will use the money – particularly for open ended products (lines of credit, credit cards, etc.). Additionally, the borrower might not know how he or she would like to ultimately use the funds, or might not be willing to disclose. However, it is helpful that the Bureau’s contemplated approach would utilize a dropdown menu of options that could make compliance with this requirement easier.

Amount Applied For and Amount Approved

Because many credit cards and open-end products do not always have “amounts applied for,” ICBA appreciates the Outline’s option of a response choice that includes “N/A.” This should be an adequate option for small businesses that want a line of credit but do not have a particular amount in mind.

Census Tract of the Principal Place of Business

ICBA welcomes the Outline’s option to use the census tract where the loan proceeds will be used, rather than recording the census tract of the business. This approach mirrors the method used in CRA, thus reducing the chance for error. This model is also more illustrative as it shows where the money is actually being used/improving the community – not just where the business has its headquarters or principal place of business.

Information about the race, sex, and ethnicity of the business principal owners

While ICBA continues to believe that this data element has the high potential to lead to misconstrued conclusions, we welcome the Outline’s intent to have this data field be self-reported by the applicant only, and not require the community bank to verify or conduct a visual observation/surname analysis.

Discretionary Data Points

In order to better facilitate enforcement of fair lending laws and to enable communities, governmental entities, and creditors to identify business and community development needs and opportunities for women-owned, minority-owned, and small businesses, Section 1071 permits the Bureau to require additional data points to be collected. However, while the Bureau believes that additional data points may help meet the goals of Section 1071, it should be cognizant that the burdens of additional data collection could outweigh the benefits.

ICBA strongly objects to the addition of any discretionary datapoints - additional fields that may increase burden or the risk of misinterpretation. Any data disclosed to the public presents problems with context – unlike regulators, the public’s access is limited, and they may make inferences without seeing the full picture of why a loan was denied, or why a given rate was charged.

However, should the Bureau ultimately proceed to pursue discretionary data points despite strong objections, ICBA strongly urges the Bureau to stagger their implementation to a point in time when the mandatory data points have already been acclimated to. ICBA believes that it is better to start with the mandatory data points, allowing banks and the Bureau time to identify and remediate underlying issues with the rule’s implementation. Then, the Bureau could proceed with the implementation of discretionary data points, if it believes it is indeed necessary.


The Bureau is considering proposing to include pricing of originated credit and credit that is approved but not accepted as a discretionary data point. The Outline explains that pricing data could further the fair lending purpose of Section 1071, as it could enhance the ability to effectively and efficiently enforce fair lending laws. The Outline adds that pricing data could add value in promoting market transparency and new product development opportunities, thus furthering the community development purpose of Section 1071. A pricing data point could be reported on the basis of annual percentage rate (“APR”), total cost of credit (“TCC”), interest rate and total fees, or some other pricing metric.

However, ICBA agrees with the pitfall identified in the Outline, noting that reporting pricing information across various product types could be complicated to implement, would add implementation costs for FIs, and could possibly impose other costs related to reputational risk. This is especially true if the pricing is publicly reported without contextual information that explains the pricing variations (i.e., whether one loan had a lower rate than another, due to the better credit score of the borrower).

Time in Business

The Bureau is considering proposing to include as a discretionary data point, the time in business of the applicant (as of the date of application), expressed in years, or months if less than one year. Time in business information could help explain differences in underwriting risk among small business applicants and thus avoid misinterpretation of the Section 1071 dataset by distinguishing potentially riskier new businesses from less risky established businesses.

Though this is information that community banks sometimes collect in the course of normal underwriting, it is not uniformly collected across the industry. Therefore, FIs should have the option of reporting this field, but not be required to do so.

NAICS Code and Number of Employees

As a discretionary data point, the Bureau is considering proposing that FIs collect and report the business’s NAICS code and number of employees. However, ICBA notes that employee count typically has no bearing on the creditworthiness of the applicant and therefore is not a datapoint that banks currently collect on loan applications..

The addition of this datapoint would frustrate small business applicants, particularly if they have to apply full-time employee calculation formulas. This number could also become confusing if a business has seasonal employees, part-time employees, independent contractors, etc.

Timing Considerations for Collection of Data

The language and structure of Section 1071—which applies to “applications” from “applicants”—indicates that the data must be collected sometime during the application process. The statute does not, however, provide further direction on when during the application process information should be collected. The Bureau is not currently considering specifying a particular time period in which FIs must seek to collect 1071 data from applicants.

ICBA supports the Bureau’s inclination to not specify a particular time period in which FIs must seek to collect 1071 data. As the Outline properly notes, specifying a particular time period for collecting 1071 data from applicants could be disruptive to FIs’ existing processes.

Shielding Underwriters and Other Persons (Firewall)

Section 1071(d) includes two provisions that limit access to certain information collected under Section 1071. First, under Section 1071(d)(1), where feasible, loan underwriters or other officers or employees of an FI or its affiliates “involved in making any determination concerning an application for credit” cannot have access to “any information provided by the applicant pursuant to a request under subsection (b).” Second, under Section 1071(d)(2), if the FI “determines” that an underwriter, employee, or officer involved in making a determination “should have access” to “any information provided by the applicant pursuant to a request under subsection (b),” the FI must provide a statutorily required notice.

Unlike large financial institutions, community banks have small staffs that often perform multiple functions. They cannot afford to hire additional staff to process the data collection on small business credit applications. It is common for the same employee that meets with an applicant and gathers information during the application process to make or participate in the credit decision. As such, it would be extraordinarily costly to segregate the information collection and storage process from the decision-making process.

In addition to increasing staff to ensure the information collection is segregated from the decision-making process, community banks would have to develop a separate database to store and report such information. Community banks would have to create and develop an entirely new small business lending process to accommodate a new data collection and reporting requirement and remove the nuanced and unique nature of community bank small business lending.

Privacy Considerations Involving Bureau Publication of 1071 Data

Section 1071 requires financial institutions to compile and maintain a record of certain data points in response to a request for credit made by small businesses and women- and minority-owned businesses. Banks are required to annually submit that record to the Bureau and any information collected under a 1071-rulemaking shall be made available to the public upon request. However, some data points may raise privacy concerns.

Specifically, ICBA is concerned that the type/purpose of the financing and amount applied for/approved are worrisome since they can be reverse engineered to find the identity of the borrower, especially in small or rural towns. Even if the data is not or cannot be reverse engineered to identify specific small business loan applicants, there is likely to be a perception of such risk among small business applicants. This perceived risk could be enough of an incentive for small business loan applicants to seek anonymity by financing with a large FI in another town or an online lender. This would unfairly discriminate against community banks located in small or rural towns, due to no fault of their own.

Balancing Test

The Bureau is considering proposing to use a “balancing test” that weighs the risks and benefits of public disclosure. Certain data would be modified or deleted if its disclosure in unmodified form would pose risks to privacy interests that are not justified by the benefits of public disclosure.

As an alternative to a balancing test, the Bureau considered an approach in which it would modify data if an identified privacy risk crosses some significance threshold.

While it is a positive development that the Bureau is considering the privacy concerns of borrowers and the community banks that serve them, it is imperative that the Bureau establish a simple metric or test to exclude public disclosure of borrower information. Again, the best metric would exclude smaller community banks from having to collect and report this data. If data is excluded from public reporting by certain size or types of community banks, then the Bureau should not require the collection of that data. Requiring a bank to collect the data but not report it would create a very costly academic exercise that does not further the goals of 1071.

Bureau Publication of 1071 Data

The Bureau is considering proposing an approach in which FIs could satisfy the requirement to make 1071 data available to the public upon request by referring the public to the Bureau’s website where 1071 data would be available. Under this approach, the 1071 data would be available with any modifications or deletions required based on the Bureau’s application of the balancing test.

ICBA recommends that the Bureau pursue this approach, with one modification. ICBA suggests that the Bureau compile and aggregate data collected under this section for its own use and make public such compilations of aggregate data.

Implementation Period

The Bureau is considering proposing that FIs have approximately two calendar years for implementation following the Bureau’s issuance of a final 1071 rule. ICBA believes that two years will likely be an inadequate amount of time for compliance with the rulemaking. Depending on the results of the Bureau’s cost-benefit survey, training staff and developing systems to comply with the rule will be costly and likely rife with challenges. It is important that the Bureau give smaller community banks adequate time to come into compliance, perhaps through a staggered implementation or a prolonged period of “good faith compliance” exceptions.

In the past, the CFPB finalizes rules with broad coverage, initially, yet narrows that coverage on subsequent versions of the rule. While exemptions in subsequent iterations is appreciated, FIs have already incurred the costs of complying with the initial version of the rule. A better approach would be to first carefully evaluate a potential rule’s effects, stagger the compliance date by requiring larger financial institutions to comply with the rule first, then cover smaller financial institutions after problems have been identified and resolved. Larger banks generally have more resources to dedicate toward compliance with new rulemaking and can serve as early test-cases and lessons learned from compliance with the rule.

In conclusion, ICBA appreciates this opportunity to comment on the Bureau’s Outline of Proposals under consideration. While we firmly support the intention behind 1071 and the desire to expand access to credit for small businesses, we remain concerned that demonstrating compliance with a recordkeeping rulemaking will disadvantage community banks that do not currently have the requisite systems or staff. Should you have any questions or would like to discuss this further, please do not hesitate to contact me at Michael.Emancipator@icba.org or at 1- 866-843-4222.

Michael Emancipator
Vice President and Regulatory Counsel

[1]The Independent Community Bankers of America® creates and promotes an environment where community banks flourish. ICBA is dedicated exclusively to representing the interests of the community banking industry and its membership through effective advocacy, best-in-class education, and high-quality products and services. With nearly 50,000 locations nationwide, community banks constitute 99 percent of all banks, employ more than 700,000 Americans and are the only physical banking presence in one in three U.S. counties. Holding more than $5 trillion in assets, over $4.4 trillion in deposits, and more than $3.4 trillion in loans to consumers, small businesses and the agricultural community, community banks channel local deposits into the Main Streets and neighborhoods they serve, spurring job creation, fostering innovation and fueling their customers’ dreams in communities throughout America. For more information, visit ICBA’s website at www.icba.org.


[2] See Noah Yosif, “When the Going Gets Tough, the Tough Get Lending,” ICBA Mainstreet Matters Blog (Jul 22, 2020), available at: https://www.icba.org/news/blog-details/main-street-matters---advocacy/2020/07/22/when-the-going-gets-tough-the-tough-get-lending

[3] FFIEC Call Report Data Q2 2020.

[4] See Statement Submitted for the Record by Diego Zuluaga for the “CFPB Symposium: 1071 of the Dodd-Frank Act,” available at https://www.consumerfinance.gov/documents/8182/cfpb_zuluaga-written-statement_symposium-section-1071.pdf,which cites Federal Deposit Insurance Corporation, “Statistics on Depository Institutions,” Q2 2019.

[5] https://www.fdic.gov/regulations/resources/minority/mission-driven/guide.pdf

[6] https://www.fdic.gov/regulations/resources/minority/mission-driven/guide.pdf

[7] 12 CFR 1003.2(g)(1)(ii)

[8] HMDA specifically explains that “approved but not accepted” is appropriate only when “the financial institution made a credit decision approving the application before closing or account opening, subject solely to outstanding conditions that are customary commitment or closing conditions, but the applicant or the party that initially received the application fails to respond to the financial institution’s approval within the specified time, or the closed-end mortgage loan was not otherwise consummated or the account was not otherwise opened.

[9] U.S. Census Bureau, Statistics for All U.S. Firms with Paid Employees by Industry, Gender, and Employment Size

of Firm for the U.S. and States: 2012 More Information 2012 Survey of Business Owners, American Fact Finder, (last visited Feb 27,2017), available here.

[10] 15 U.S.C. §1602(f).

[11] SBREFA Outline of Proposals at 22.

[12] 12 CFR 1002.2(f).

[13] SBREFA Outline of Proposals at 22-23.

[14] SBREFA Outline of Proposals at 23.