[Federal Register Volume 86, Number 193 (Friday, October 8, 2021)]
[Proposed Rules]
[Pages 56356-56606]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2021-19274]



[[Page 56355]]

Vol. 86

Friday,

No. 193

October 8, 2021

Part II





 Bureau of Consumer Financial Protection





-----------------------------------------------------------------------





12 CFR Part 1002





 Small Business Lending Data Collection Under the Equal Credit 
Opportunity Act (Regulation B); Proposed Rule

  Federal Register / Vol. 86 , No. 193 / Friday, October 8, 2021 / 
Proposed Rules  

[[Page 56356]]


-----------------------------------------------------------------------

BUREAU OF CONSUMER FINANCIAL PROTECTION

12 CFR Part 1002

[Docket No. CFPB-2021-0015]
RIN 3170-AA09


Small Business Lending Data Collection Under the Equal Credit 
Opportunity Act (Regulation B)

AGENCY: Bureau of Consumer Financial Protection.

ACTION: Proposed rule; request for public comment.

-----------------------------------------------------------------------

SUMMARY: The Bureau of Consumer Financial Protection (Bureau) is 
publishing for public comment a proposed rule amending Regulation B to 
implement changes to the Equal Credit Opportunity Act (ECOA) made by 
section 1071 of the Dodd-Frank Wall Street Reform and Consumer 
Protection Act (Dodd-Frank Act). Consistent with section 1071, the 
Bureau is proposing to require covered financial institutions to 
collect and report to the Bureau data on applications for credit for 
small businesses, including those that are owned by women or 
minorities. The Bureau's proposal also addresses its approach to 
privacy interests and the publication of section 1071 data; shielding 
certain demographic data from underwriters and other persons; 
recordkeeping requirements; enforcement provisions; and the proposed 
rule's effective and compliance dates.

DATES: Comments must be received on or before January 6, 2022.

ADDRESSES: You may submit comments, identified by Docket No. CFPB-2021-
0015 or RIN 3170-AA09, by any of the following methods:
     Federal eRulemaking Portal: https://www.regulations.gov. 
Follow the instructions for submitting comments.
     Email: [email protected]. Include Docket No. CFPB-
2021-0015 or RIN 3170-AA09 in the subject line of the message.
     Mail/Hand Delivery/Courier: Comment Intake--Section 1071 
Small Business Lending Data Collection, Bureau of Consumer Financial 
Protection, 1700 G Street NW, Washington, DC 20552.
    Instructions: The Bureau encourages the early submission of 
comments. All submissions should include the agency name and docket 
number or Regulatory Information Number (RIN) for this rulemaking. 
Because paper mail in the Washington, DC area and at the Bureau is 
subject to delay, and in light of difficulties associated with mail and 
hand deliveries during the COVID-19 pandemic, commenters are encouraged 
to submit comments electronically. In general, all comments received 
will be posted without change to https://www.regulations.gov. In 
addition, once the Bureau's headquarters reopens, comments will be 
available for public inspection and copying at 1700 G Street NW, 
Washington, DC 20552, on official business days between the hours of 10 
a.m. and 5 p.m. Eastern Time. At that time, you can make an appointment 
to inspect the documents by telephoning 202-435-7275.
    All comments, including attachments and other supporting materials, 
will become part of the public record and subject to public disclosure. 
Proprietary information or sensitive personal information, such as 
account numbers or Social Security numbers, or names of other 
individuals, should not be included. Comments will not be edited to 
remove any identifying or contact information.

FOR FURTHER INFORMATION CONTACT: Camille Gray, Paralegal Specialist; 
Tola Adenuga, Regulatory Implementation and Guidance Specialist; 
Tarrian Ellis, Honors Attorney; Jaydee DiGiovanni, Counsel; Kristine M. 
Andreassen, Pavitra Bacon, Benjamin Cady, Joseph Devlin, Amy Durant, 
Gregory Evans, David Jacobs, Kathryn Lazarev, Lawrence Lee, Kristen 
Phinnessee, or Michael Scherzer, Senior Counsels, Office of 
Regulations, at 202-435-7700 or https://reginquiries.consumerfinance.gov/. If you require this document in an 
alternative electronic format, please contact 
[email protected].

SUPPLEMENTARY INFORMATION: 

I. Summary of the Proposed Rule

    In 2010, Congress passed the Dodd-Frank Act. Section 1071 of that 
Act amended ECOA\1\ to require that financial institutions collect and 
report to the Bureau certain data regarding applications for credit for 
women-owned, minority-owned, and small businesses.\2\ Section 1071's 
statutory purposes are to (1) facilitate enforcement of fair lending 
laws, and (2) enable communities, governmental entities, and creditors 
to identify business and community development needs and opportunities 
of women-owned, minority-owned, and small businesses.
---------------------------------------------------------------------------

    \1\ 15 U.S.C. 1691 et seq.
    \2\ Public Law 111-203, tit. X, section 1071, 124 Stat. 1376, 
2056 (2010), codified at ECOA section 704B, 15 U.S.C. 1691c-2.
---------------------------------------------------------------------------

    Section 1071 specifies a number of data points that financial 
institutions are required to collect and report, and also provides 
authority for the Bureau to require any additional data that the Bureau 
determines would aid in fulfilling section 1071's statutory purposes. 
Section 1071 also contains a number of other requirements, including 
those that address restricting the access of underwriters and other 
persons to certain 1071 data; recordkeeping; publication of 1071 data; 
and modifications or deletions of data prior to publication in order to 
advance a privacy interest.
    Section 1071 directs the Bureau to prescribe such rules and issue 
such guidance as may be necessary to carry out, enforce, and compile 
data pursuant to section 1071, and permits the Bureau to adopt 
exceptions to any requirement or to exempt financial institutions from 
the requirements of section 1071 as the Bureau deems necessary or 
appropriate to carry out the purposes of section 1071. The Bureau is 
proposing to add a new subpart B to Regulation B to implement the 
requirements of section 1071.\3\ Key aspects of the Bureau's proposal 
are summarized below.
---------------------------------------------------------------------------

    \3\ The Bureau interpreted section 1071 to mean that obligations 
for financial institutions to collect, maintain, and submit data 
``do not arise until the Bureau issues implementing regulations and 
those regulations take effect.'' See Letter from Leonard Kennedy, 
General Counsel, CFPB, to Chief Executive Officers of Financial 
Institutions under Section 1071 of the Dodd-Frank Act (Apr. 11, 
2011), https://files.consumerfinance.gov/f/2011/04/GC-letter-re-1071.pdf.
---------------------------------------------------------------------------

    If finalized, the Bureau's proposed rule would create the first 
comprehensive database of small business credit applications in the 
United States. This would include critical information about women-
owned and minority-owned small businesses to help regulators and the 
public identify and address fair lending concerns. The database would 
also enable a range of stakeholders to better identify business and 
community development needs and opportunities for small businesses, 
including women-owned and minority-owned small businesses. Just as the 
Bureau works in other ways to help foster fairness and opportunity in 
consumer financial services markets for all consumers, the proposed 
1071 rule is structured to realize these same goals for the small 
business market--for all small businesses within the scope of the rule, 
including those that are owned by women and minorities. Research 
indicates that minority-owned small businesses face particular 
obstacles, as do those that are women-owned, but the current lack of 
comprehensive, quantitative data has made it difficult to understand 
the extent of these obstacles and address them with responsive

[[Page 56357]]

policy. By shining a light on lending practices in this area, the 
Bureau believes that the 1071 data would not only foster a culture of 
compliance but bring particular attention to the underserved parts of 
the small business market that have traditionally faced the greatest 
obstacles to success. In this way, the proposed rule is intended to 
help small businesses drive inclusive and equitable growth.
    Scope. The Bureau is proposing to require financial institutions to 
collect and report 1071 data regarding applications for credit for 
small businesses, including those that are owned by women and 
minorities. The Bureau is not proposing to require that financial 
institutions collect and report data regarding applications for women-
owned and minority-owned businesses that are not small. Because most 
existing businesses are small businesses, covering small businesses 
necessarily means nearly all women-owned and minority-owned businesses 
will also be covered. The Bureau believes that this scope is consistent 
with the statute and will allow the rule to carry out section 1071's 
purposes without requiring collection of data that would be of limited 
utility.
    Covered financial institutions. Consistent with language from 
section 1071, the Bureau is proposing to define a ``financial 
institution'' to include any partnership, company, corporation, 
association (incorporated or unincorporated), trust, estate, 
cooperative organization, or other entity that engages in any financial 
activity. Under the proposed definition, the Bureau's 1071 rule would 
apply to a variety of entities that engage in small business lending, 
including depository institutions (i.e., banks, savings associations, 
and credit unions),\4\ online lenders, platform lenders, community 
development financial institutions (both depository and nondepository 
institutions), lenders involved in equipment and vehicle financing 
(captive financing companies and independent financing companies), 
commercial finance companies, governmental lending entities, and 
nonprofit nondepository lenders.\5\
---------------------------------------------------------------------------

    \4\ For purposes of this notice of proposed rulemaking, the 
Bureau is using the term depository institution to mean any bank or 
savings association defined by the Federal Deposit Insurance Act, 12 
U.S.C. 1813(c)(1), or credit union defined pursuant to the Federal 
Credit Union Act, 12 U.S.C. 1751 et seq., as implemented by 12 CFR 
700.2. The Bureau notes that the Dodd-Frank Act defines a depository 
institution to mean any bank or savings association defined by the 
Federal Deposit Insurance Act, 12 U.S.C. 1811 et seq.; there, that 
term does not encompass credit unions. 12 U.S.C. 5301(18)(A), 
1813(c)(1). To facilitate analysis and discussion, the Bureau is 
referring to banks and savings associations together with credit 
unions as depository institutions throughout this notice, unless 
otherwise specified.
    \5\ The Bureau's rules, including this proposed rule to 
implement section 1071, generally do not apply to motor vehicle 
dealers, as defined in section 1029(f)(2) of the Dodd-Frank Act, 
that are predominantly engaged in the sale and servicing of motor 
vehicles, the leasing and servicing of motor vehicles, or both. 12 
U.S.C. 5519.
---------------------------------------------------------------------------

    The Bureau's proposal uses the term ``covered financial 
institution'' to refer to those financial institutions that would be 
required to comply with section 1071's data collection and reporting 
requirements. The Bureau is proposing that a covered financial 
institution would be a financial institution that originated at least 
25 covered credit transactions for small businesses in each of the two 
preceding calendar years. The Bureau is not proposing an asset-based 
exemption threshold for depository institutions, or any other general 
exemptions for particular categories of financial institutions.
    The Bureau is also proposing to permit creditors that are not 
covered financial institutions to voluntarily collect and report data 
under section 1071 in certain circumstances.
    Covered credit transactions. The Bureau is proposing to require 
that covered financial institutions collect and report data regarding 
covered applications from small businesses for covered credit 
transactions. The Bureau is proposing to define a ``covered credit 
transaction'' as one that meets the definition of business credit under 
existing Regulation B, with certain exceptions. Loans, lines of credit, 
credit cards, and merchant cash advances (including such credit 
transactions for agricultural purposes and those that are also covered 
by the Home Mortgage Disclosure Act of 1975 (HMDA) \6\) would all be 
covered credit transactions within the scope of this proposed rule. The 
Bureau is proposing to exclude trade credit, public utilities credit, 
securities credit, and incidental credit. Factoring, leases, consumer-
designated credit used for business purposes, and credit secured by 
certain investment properties would also not be covered credit 
transactions.
---------------------------------------------------------------------------

    \6\ 12 U.S.C. 2801 et seq.
---------------------------------------------------------------------------

    Covered applications. The Bureau is proposing to define a ``covered 
application''--which would trigger data collection and reporting and 
related requirements--as an oral or written request for a covered 
credit transaction that is made in accordance with procedures used by a 
financial institution for the type of credit requested. This proposed 
definition of covered application is largely consistent with the 
existing Regulation B definition of that term. However, the Bureau is 
also proposing that certain circumstances would not be covered 
applications, even if they are considered applications under existing 
Regulation B. Specifically, the Bureau is proposing that a covered 
application does not include (1) reevaluation, extension, or renewal 
requests on an existing business credit account, unless the request 
seeks additional credit amounts; or (2) inquiries and prequalification 
requests.
    Small business definition. The Bureau is proposing to define a 
``small business,'' about whose applications for credit data must be 
collected and reported, by reference to the definitions of ``business 
concern'' and ``small business concern'' as set out in the Small 
Business Act \7\ and Small Business Administration (SBA) regulations. 
However, in lieu of using the SBA's size standards for defining a small 
business concern, the Bureau's proposed definition would look to 
whether the business had $5 million or less in gross annual revenue for 
its preceding fiscal year. The Bureau is seeking SBA approval for its 
alternate small business size standard pursuant to the Small Business 
Act.\8\
---------------------------------------------------------------------------

    \7\ 15 U.S.C. 631 et seq.
    \8\ See 15 U.S.C. 632(a)(2)(C).
---------------------------------------------------------------------------

    Data to be collected and reported. The Bureau's proposal addresses 
the data points that must be collected and reported by covered 
financial institutions for covered applications from small businesses. 
Many of the proposed data points are specifically enumerated in section 
1071; for the others, the Bureau is proposing to use the authority 
granted by section 1071 to require financial institutions to collect 
and report any additional data that the Bureau determines would aid in 
fulfilling the purposes of section 1071. Certain of these data points 
are or could be collected from the applicant (or otherwise determined 
based on information provided or authorized by the applicant); other 
data points are based on information solely within the financial 
institution's control. The Bureau is proposing that covered financial 
institutions maintain procedures to collect applicant-provided data at 
a time and in a manner that is reasonably designed to obtain a 
response. The Bureau's proposal also addresses what financial 
institutions should do if, despite having such procedures in place, 
they are unable to obtain certain data from an applicant. A financial 
institution would be permitted to rely on statements made by an

[[Page 56358]]

applicant (whether in writing or orally) or information provided by an 
applicant when collecting and reporting 1071 data, although for most 
data points if the financial institution verifies the information 
provided it must report the verified information. The Bureau's proposal 
would also permit financial institutions to reuse certain previously 
collected data in certain circumstances.
    As noted above, the Bureau's proposal includes certain data points 
that are, or could be, provided by the applicant. Some data points 
specifically relate to the credit being applied for: The credit type 
(which includes information on the credit product, types of guarantees, 
and loan term); The credit purpose; and the amount applied for. There 
are also data points that relate to the applicant's business: A census 
tract based on an address or location provided by the applicant; gross 
annual revenue for the applicant's preceding full fiscal year; the 6-
digit North American Industry Classification System (NAICS) code 
appropriate for the applicant; the number of workers that the applicant 
has (i.e., non-owners working for the applicant); the applicant's time 
in business; and the number of principal owners of the applicant.
    There are also data points that would be provided by the applicant 
addressing the demographics of the applicant's ownership: Whether the 
applicant is a minority-owned business; whether the applicant is a 
women-owned business; and the ethnicity, race, and sex of the 
applicant's principal owners. The Bureau refers to these data points 
collectively as an applicant's ``protected demographic information.'' 
The Bureau is proposing that principal owners' ethnicity and race be 
collected from applicants using aggregate categories as well as 
disaggregated subcategories. The Bureau is proposing to permit 
principal owners to self-describe their sex (instead of or in addition 
to choosing male and/or female), and is seeking comment on whether and, 
if so, how its collection of principal owners' sex should incorporate 
sexual orientation and gender identity in light of the recent Supreme 
Court decision in Bostock v. Clayton County \9\ and the Bureau's 
subsequent ECOA interpretive rule.\10\ If an applicant does not provide 
any ethnicity, race, or sex information for any principal owners, the 
Bureau is proposing that the financial institution must collect at 
least one principal owner's race and ethnicity (but not sex) via visual 
observation or surname, but only if the financial institution meets 
with any principal owners in person or via electronic media with an 
enabled video component. The Bureau is proposing detailed instructions 
to assist financial institutions in collecting and reporting 
applicants' protected demographic information pursuant to section 1071. 
The Bureau is also proposing a sample data collection form, which would 
include a required notice to applicants that the financial institution 
cannot discriminate on the basis of an applicant's minority- or women-
owned business status or any principal owner's ethnicity, race, or sex.
---------------------------------------------------------------------------

    \9\ 140 S. Ct. 1731 (2020).
    \10\ 86 FR 14363 (Mar. 16, 2021).
---------------------------------------------------------------------------

    In addition, the Bureau's proposal includes data points that would 
be generated or supplied solely by the financial institution. These 
data points include, for all applications: A unique identifier for each 
application for or extension of credit; the application date; the 
application method (i.e., the means by which the applicant submitted 
its application); the application recipient (that is, whether the 
financial institution or its affiliate received the application 
directly, or whether it was received by the financial institution via a 
third party); the action taken by the financial institution on the 
application; and the action taken date. For denied applications, there 
is also a data point for denial reasons. For applications that are 
originated or approved but not accepted, there is a data point for the 
amount originated or approved, and a data point for pricing information 
(which would include, as applicable, interest rate, total origination 
charges, broker fees, initial annual charges, additional cost for 
merchant cash advances or other sales-based financing, and prepayment 
penalties).
    Firewall. The Bureau's proposal includes a section to implement the 
requirement in section 1071 that certain data collected be shielded 
from underwriters and certain other persons; the Bureau refers to this 
as the ``firewall.'' An employee or officer of a financial institution 
or a financial institution's affiliate that is involved in making any 
determination concerning the application would be prohibited from 
accessing an applicant's responses to inquiries that the financial 
institution makes pursuant to section 1071 regarding whether the 
applicant is a minority-owned or women-owned business, and the 
ethnicity, race, and sex of the applicant's principal owners.
    This prohibition would not apply to an employee or officer, 
however, if the financial institution determines that it is not 
feasible to limit that employee's or officer's access to an applicant's 
responses to the financial institution's inquiries regarding the 
applicant's protected demographic information, and the financial 
institution provides a notice to the applicant regarding that access. 
It would not be feasible to limit access if the financial institution 
determines that an employee or officer involved in making any 
determination concerning a covered application should have access to 
one or more applicants' responses to inquiries regarding protected 
demographic information. The notice must be provided to each applicant 
whose information will be accessed or, alternatively, the financial 
institution could provide the notice to all applicants whose 
information could be accessed. The Bureau is proposing sample language 
that a financial institution could use in providing this notice.
    Reporting data to the Bureau; publication of data by the Bureau; 
and privacy considerations. The Bureau is proposing to require that 
1071 data be collected on a calendar year basis and reported to the 
Bureau on or before June 1 of the following year. Financial 
institutions reporting data to the Bureau would be required to provide 
certain identifying information about themselves as part of their 
submission. The Bureau is proposing to provide technical instructions 
for the submission of 1071 data in a Filing Instructions Guide and 
related materials.
    The Bureau is proposing to make available to the public, on an 
annual basis and on the Bureau's website, the data submitted to it by 
financial institutions, subject to modifications or deletions made by 
the Bureau, at its discretion, to protect privacy interests. To 
determine whether and how the Bureau might use its discretion to modify 
or delete data prior to publication, the Bureau is proposing a 
``balancing test'' that would assess the risks and benefits of public 
disclosure. After the Bureau receives at least one full year of 1071 
data following the compliance date of the final rule, the Bureau plans 
to issue a policy statement in which it would set forth its intended 
modifications and deletions. The Bureau is also proposing that the 
Bureau's publication of the data would satisfy financial institutions' 
statutory obligation to make data available to the public upon request.
    Recordkeeping, enforcement, severability, and effective and 
compliance dates. The Bureau's proposal addresses issues related to 
recordkeeping and to severability of the rule. It also addresses 
enforcement of violations of the rule, along with provisions regarding 
bona fide errors

[[Page 56359]]

under the rule as well as several safe harbors.
    Finally, the Bureau is proposing that its final rule to implement 
section 1071 would become effective 90 days after publication in the 
Federal Register, though compliance with the rule would not be required 
until approximately 18 months after publication in the Federal 
Register. The Bureau is also proposing several related transitional 
provisions that would permit covered financial institutions to begin 
collecting applicants' protected demographic information prior to the 
compliance date and would permit financial institutions to use a 
different time period to determine whether they will be covered by the 
rule as of the compliance date.

II. Background

    As discussed above, in 2010, Congress enacted the Dodd-Frank Act. 
Section 1071 of the Dodd-Frank Act, which amended ECOA, requires 
financial institutions to collect and report to the Bureau data 
regarding applications for credit for women-owned, minority-owned, and 
small businesses. Section 1071 was adopted for the dual purposes of 
facilitating fair lending enforcement and enabling communities, 
governmental entities, and creditors to identify business and community 
development needs and opportunities of such businesses. Section 1071 
complements other Federal efforts to ensure fair lending and to promote 
community development for small businesses, including through ECOA, the 
Community Reinvestment Act of 1977 (CRA),\11\ and the Community 
Development Financial Institutions (CDFI) Fund.\12\
---------------------------------------------------------------------------

    \11\ 12 U.S.C. 2901 et seq.
    \12\ The Riegle Community Development Banking and Financial 
Institutions Act of 1994, 12 U.S.C. 4701 et seq., authorized the 
Community Development Financial Institution Fund (CDFI Fund). The 
CDFI Fund is discussed in more detail in part II.F.2.ii below.
---------------------------------------------------------------------------

    The collection and subsequent publication of more robust and 
granular data regarding credit applications for small businesses, 
including those that are women- and minority-owned, will provide much-
needed transparency to the small business lending market. The current 
COVID-19 pandemic has shown that transparency is essential, 
particularly at a time of crisis, when small businesses, especially 
those owned by women and minorities, may be in urgent need of credit in 
order to recover from economic shocks.
    Furthermore, in the years and decades to come, the collection and 
publication of these data will be helpful in identifying potential fair 
lending violations and in facilitating the enforcement of anti-
discrimination laws. It will also help governments, community groups, 
financial institutions, and other stakeholders to identify 
opportunities and gaps in the market, thereby enhancing business and 
community development and boosting broad-based economic activity and 
growth.

Overview

    Small businesses are a cornerstone of the U.S. economy. There were 
over 30 million small businesses in the U.S. in 2017, employing almost 
half of all private sector employees.\13\ Small businesses, 
particularly start-ups, also generated 65 percent of new jobs since 
2000.\14\ Small businesses were hit hard by two major shocks in the 
last two decades. First, the Great Recession, which began in 2007, 
disproportionately affected small businesses.\15\ Between 2007 and 
2009, employment at businesses with under 50 employees fell by 10.4 
percent, compared with 7.5 percent at larger firms,\16\ while between 
2008 and 2011 lending to small firms fell by 18 percent, compared with 
9 percent at larger firms.\17\ Small businesses suffered again because 
of the COVID-19 pandemic. Around 40 percent of small businesses were 
temporarily closed in late March and early April 2020, due primarily to 
demand shocks and employee health concerns.\18\ Across the first year 
of the pandemic, ``excess'' business establishment exits from the 
market, in comparison to exits over the same period from prior years, 
numbered up to 200,000.\19\ As of mid-2021, loan approvals (other than 
for government emergency programs) still remained low, and some 845,000 
non-farm private sector jobs had not yet been recovered.\20\
---------------------------------------------------------------------------

    \13\ Off. of Advocacy, Small Bus. Admin., 2020 Small Business 
Profile (May 2020), https://cdn.advocacy.sba.gov/content/uploads/2020/06/04144214/2020-Small-Business-Economic-Profile-States-Territories.pdf (estimating 31.7 million small businesses in the 
United States).
    \14\ Off. of Advocacy, Small Bus. Admin., Frequently Asked 
Questions About Small Business, at 1 (Oct. 2020), https://cdn.advocacy.sba.gov/wp-content/uploads/2020/11/05122043/Small-Business-FAQ-2020.pdf (SBA OA 2020 FAQs) (small businesses accounted 
for 65.1 percent of new jobs since 2000). See generally 
Congressional Research Serv., Small Business Administration and Job 
Creation (updated June 23, 2021), https://fas.org/sgp/crs/misc/R41523.pdf (discussing small business job creation); Jon Haltiwanger 
et al., Who Creates Jobs? Small Versus Large Versus Young, 95 Rev. 
Econ. Stat. 347, 347-48 (May 2013), https://direct.mit.edu/rest/article/95/2/347/58100/Who-Creates-Jobs-Small-versus-Large-versus-Young (finding that young firms, which are generally small, 
contribute disproportionately to both gross and net job creation).
    \15\ Jason Dietrich et al., Bureau of Consumer Fin. Prot., Data 
Point: Small Business Lending and the Great Recession, at 9 (Jan. 
23, 2020), https://files.consumerfinance.gov/f/documents/cfpb_data-point_small-business-lending-great-recession.pdf (finding that small 
business lending fell sharply during the Great Recession and 
recovered slowly, still not reaching pre-Recession levels by 2017).
    \16\ Ay[scedil]eg[uuml]l [Scedil]ahin et al., Fed. Reserve Bank 
of N.Y., Current Issues in Economics & Finance, Why Small Businesses 
Were Hit Harder by the Recent Recession, at 1 (Vol. 17, No. 4, 
2011), https://www.newyorkfed.org////_issues/ci17-4.pdf.
    \17\ Rebel A. Cole, Off. of Advocacy, Small Bus. Admin, How Did 
the Financial Crisis Affect Small Business Lending in the United 
States?, at 2 (Nov. 2012), https://www.microbiz.org/content/ploads//04/SmallBizLending-and-FiscalCrisis.pdf.
    \18\ Alexander W. Bartik et al., The Impact of COVID-19 on Small 
Business Outcomes and Expectations, 117 Proc. Nat'l Acad. Sci. 
17656, 17656 (July 2020), https://www.pnas.org/content/pnas/117/30/17656.full.pdf.
    \19\ Leland D. Crane et al., Bd. of Governors of the Fed. 
Reserve Sys., Finance and Economics Discussion Series, 2020-089, 
Business Exit During the COVID-19 Pandemic: Non-Traditional Measures 
in Historical Context, at 4 (2020), https://www.federalreserve.gov/econres/feds/files/2020089r1pap.pdf (estimating excess establishment 
exits and analyzing other estimates of small business exits during 
the pandemic). The paper defines ``exit'' as permanent shutdown and 
calculates ``excess'' exits by comparing the number of exits during 
the 12-month period from March 2020 to February 2021 with previous 
years. Id. at 2-4.
    \20\ ADP Research Inst., ADP National Employment Report (May 
2021), https://adpemploymentreport.com////May-2021.aspx (non-farm 
private sector jobs as of June 2021 as compared to Feb. 2020); 
Biz2Credit, Biz2Credit Small Business Lending Index Finds April 2021 
Non-PPP Loan Approval Rates Move Little for All Types of Lenders 
(Apr. 2021), https://www.biz2credit.com/business-lending-index/april-2021 (approvals as of May 2021).
---------------------------------------------------------------------------

    During the last two decades, the small business lending landscape 
has also transformed. Traditional providers--namely banks--
consolidated, leading to branch closures. The number of banks in the 
U.S. has declined from over 18,000 in 1986 to under 5,200 today and the 
number of branches declined by 14 percent from 2009 to 2020.\21\ 
Meanwhile, new providers and products, such as fintechs and merchant 
cash advances (MCAs), have become increasingly prevalent in the small 
business lending market. Financing by MCA providers is estimated to 
have increased from $8.6 billion in volume during 2014 to $15.3 billion 
in 2017.\22\ From 2017 to 2019, the volume may

[[Page 56360]]

have increased further to $19 billion.\23\ Meanwhile, financing by 
fintechs \24\ is estimated to have increased from $1.4 billion \25\ in 
outstanding balances in 2013 to approximately $25 billion \26\ in 2019.
---------------------------------------------------------------------------

    \21\ Congressional Research Serv., Small Business Credit Markets 
and Selected Policy Issues, at 6 (Aug. 20, 2019), https://fas.org/sgp//misc/R45878.pdf (decline since 1986); Bruce C. Mitchell et al., 
Nat'l Cmty. Reinvestment Coal., Relationships Matter: Small Business 
and Bank Branch Locations, https://ncrc.org/relationships-matter-small-business-and-bank-branch-locations/ (last visited Aug. 24, 
2021) (branch closures).
    \22\ PYMNTS, How Long Can MCAs Avoid the `Loan' Label? (Jan. 20, 
2016), https://www.pymnts.com/in-depth/2016/how-long-can-mcas-avoid-the-loan-label/.
    \23\ Paul Sweeney, Gold Rush: Merchant Cash Advances are Still 
Hot, deBanked (Aug. 18, 2019), https://debanked.com/2019/08/gold-rush-merchant-cash-advances-are-still-hot/. Although the article 
does not specify one way or the other, estimates by the underlying 
source, Bryant Park Capital, appear to reference origination volumes 
rather than outstanding balances. See Nimayi Dixit, S&P Global 
Market Intelligence, Payment Fintechs Leave Their Mark On Small 
Business Lending (Aug. 28, 2018), https://www.spglobal.com/marketintelligence/en/news-insights/research/payment-fintechs-leave-their-mark-on-small-business-lending. Depending on credit multiplier 
effects, the value of annual origination volumes could be smaller or 
greater than outstanding balances. Without information on 
outstanding balances and for the purposes of calculating a market 
size for small business financing in 2019, the Bureau assumes in 
this paper a 1:1 ratio between annual origination volumes and 
outstanding balances for MCA products. See part II.D below for 
discussion of credit multiplier effects and for market size 
calculations for MCA and other small business financing products in 
2019.
    \24\ Fintechs are defined as ``technology companies providing 
alternatives to traditional banking services, most often exclusively 
in an online environment,'' and may overlap in part with other 
categories of financial institution, such as commercial finance 
companies and/or providers of specialized products, including 
factoring and MCAs. Brett Barkley & Mark Schweitzer, The Rise of 
Fintech Lending to Small Businesses: Businesses' Perspectives on 
Borrowing, 17 Int'l J. Cent. Banking 35, 35-36 (Mar. 2021), https://www.ijcb.org/journal/ijcb21q1a2.pdf.
    \25\ Id. (citing Katie Darden et al., S&P Global Market 
Intelligence, 2018 US Fintech Market Report, at 5, https://www.spglobal.com/marketintelligence/en/documents/2018-us-fintech-market-report.pdf (2018 US Fintech Market Report)). This figure 
annualizes $121 million in estimated 2013 quarterly originations to 
$484 million in annual originations and scales up to estimated 
outstanding balances using the ratio between the FFIEC Call Report 
and the CRA data discussed in part II.D below.
    \26\ 2018 US Fintech Market Report at 6. This figure scales up 
$9.3 billion in estimated 2019 credit originations for small to 
medium sized enterprise (SME) borrowers to outstanding balances 
using the ratio methodology discussed in part II.D below.
---------------------------------------------------------------------------

    Both recent economic shocks and changes in patterns of small 
business financing have had fair lending and community development 
implications. In terms of the effect of economic shocks, data suggest 
that women-owned and minority-owned small businesses were impacted 
disproportionately by the economic crises of the last two decades.\27\ 
Data further suggest that women-owned and minority-owned small 
businesses, compared to other small businesses, had fewer cash reserves 
and faced steeper hurdles in accessing credit that would have allowed 
them to better weather these crises.\28\
---------------------------------------------------------------------------

    \27\ See part II.E below.
    \28\ Id.
---------------------------------------------------------------------------

    Regarding trends in the small business financing landscape, the 
shift away from traditional providers of small business credit toward 
newer types of providers gives rise to both potential harm and 
opportunity. In terms of potential harms, bank closures may have made 
it more difficult for small businesses, particularly women-owned and 
minority-owned small businesses, to access credit and remain open--
particularly in low- and moderate-income areas and rural communities. 
Newer providers, often offering newer products, have less experience 
complying with both Federal and State lending laws and regulations. 
Additionally, they may use algorithms and artificial intelligence (AI), 
which may create or heighten ``risks of unlawful discrimination, 
unfair, deceptive, or abusive acts or practices . . . or privacy 
concerns.'' \29\ In addition, opaque product terms and high interest 
rates could trap business owners in cycles of debt.
---------------------------------------------------------------------------

    \29\ 86 FR 16837, 16839 (Mar. 31, 2021).
---------------------------------------------------------------------------

    In terms of opportunity, innovative products and lending models, 
including the use of AI, may yield benefits of more accurate, lower-
cost, and faster underwriting, as well as expanded credit access for 
small businesses that may not have obtained credit under traditional 
credit underwriting approaches.\30\ Specifically, newer providers and 
approaches may permit those with low or nonexistent personal or 
business credit scores--including women and minorities who own or seek 
to start small businesses but on average have relatively lower personal 
credit scores than male and white business owners \31\--to more easily 
access credit.\32\ Non-traditional credit providers may help offset 
decreases in lending associated with the closure of bank branches. For 
instance, fintechs may help provide financing to small businesses in 
rural communities that lack bank branches.
---------------------------------------------------------------------------

    \30\ Id. See also Patrice Ficklin et al., Bureau of Consumer 
Fin. Prot., Innovation Spotlight: Providing Adverse Action Notices 
When Using AI/ML Models (July 7, 2020), https://www.consumerfinance.gov/about-us/blog/innovation-spotlight-providing-adverse-action-notices-when-using-ai-ml-models/ 
(discussing potential benefits and risks from financial institutions 
using AI in credit underwriting and other areas).
    \31\ Geng Li, Bd. of Governors of the Fed. Reserve Sys., FEDS 
Notes: Gender-Related Differences in Credit Use and Credit Scores 
(June 22, 2018), https://www.federalreserve.gov/econres/notes/feds-notes/gender-related-differences-in-credit-use-and-credit-scores-20180622.htm (finding that single women on average have lower credit 
scores than single men); Alicia Robb, Off. of Advocacy, Small Bus. 
Admin., Minority-Owned Employer Businesses and their Credit Market 
Experiences in 2017, at 4 (July 22, 2020), https://cdn.advocacy.sba.gov/wp-content/uploads/2020/07/22172533/Minority-Owned-Employer-Businesses-and-their-Credit-Market-Experiences-in-2017.pdf (finding that Black and Hispanic small business borrowers 
are disproportionately denied credit or discouraged from applying 
for credit on the basis of their credit score).
    \32\ See Jessica Battisto et al., Who Benefited from PPP Loans 
by Fintech Lenders?, Liberty Street Economics (May 27, 2021), 
https://libertystreeteconomics.newyorkfed.org/2021/05/who-received-ppp-loans-by-fintech-lenders.html (showing that fintech lenders were 
an important source of credit for Black owners during the COVID-19 
pandemic).
---------------------------------------------------------------------------

    The precise impacts of these broader trends are not well understood 
at present because there are no comprehensive, comparable, and 
application-level data across the fragmented and complex small business 
lending market. Some small business lending data exist, provided mostly 
by Federal regulators, but available data are incomplete in certain 
ways. Some do not include lending by certain categories of 
institutions, such as smaller depository institutions. And none include 
lending by nondepository institutions, which comprises almost half of 
all small business financing.\33\
---------------------------------------------------------------------------

    \33\ The Bureau estimates that nondepository private business 
financing totaled approximately $550 billion out of around $1.2 
trillion in total private outstanding balances in 2019 (47 percent). 
This $550 billion figure includes estimated financing by fintechs 
(around $25 billion), commercial finance companies (around $160 
billion), nondepository CDFIs (around $1.5 billion), MCA providers 
(around $19 billion), factors (around $100 billion), equipment 
leasing providers (around $160 billion), nondepository mortgage 
lenders originating loans for 5+ unit residential developments 
(around $30 billion), and non-financial trade creditors (around $50 
billion). There may additionally be lending by equipment and vehicle 
dealers originating loans in their own name that is not captured 
here. Public lenders include the Small Business Association (SBA), 
the Federal Housing Association (FHA), Fannie Mac and Freddie Mac, 
and the Farm Credit System (FCS), with public lending totaling 
around $210 billion in traditional lending programs plus $1 trillion 
in emergency COVID-19 SBA lending programs. See part II.D below for 
methodology and sources regarding market size estimates for each 
lending category.
---------------------------------------------------------------------------

    The datasets that do exist both over- and underestimate small 
business lending in certain respects by including small dollar loans to 
non-small businesses and by excluding larger loans to small 
businesses.\34\ Further, these datasets all concern originated loans; 
they do not include information on applications that do not result in 
originated loans. Nor do they generally include borrower demographics. 
Other public, private, and nonprofit datasets offer only partial 
snapshots of particular areas of the market. Finally, much of the 
publicly available data are aggregated, which does not permit more 
granular, loan- or application-level analysis that

[[Page 56361]]

would facilitate fair lending or business and community development 
analysis by stakeholders other than those that collected the data. See 
part II.B below for a detailed discussion on existing data on small 
business financing.
---------------------------------------------------------------------------

    \34\ See part II.B below.
---------------------------------------------------------------------------

    The remainder of this part II focuses on several broad topics that 
explain, in more detail, the need for the small business lending data 
that the proposed rule to implement section 1071 would provide: (A) The 
role of small businesses in the U.S. economy; (B) existing data on 
small business financing; (C) the landscape of small business 
financing; (D) estimating the size of the small business financing 
market despite limited data; (E) the particular challenges faced by 
women-owned and minority-owned small businesses; and (F) the purposes 
and impact of section 1071.

A. Small Businesses in the United States

    Small businesses are an important, dynamic, and widely diverse part 
of the U.S. economy. They are critical to employment, innovation, and 
economic growth and stability, both overall and specifically for 
minority and women entrepreneurs.
    The Small Business Act, as implemented by the SBA, defines a small 
business using size standards that generally hinge on the average 
number of employees or average annual receipts of the business concern 
and are customized industry by industry across 1,057 6-digit North 
American Industry Classification System (NAICS) codes.\35\ Size 
standards based on average number of employees are used in all 
industries in the manufacturing and wholesale trade sectors, as well as 
in certain industries across a variety of other sectors as well. 
Employee-based size standards range from 100 (used almost entirely in 
certain industries within the wholesale trade sector) to 1,000 (used in 
industries across a variety of sectors including, for example, 
petroleum refineries, automobile manufacturing, and greeting card 
publishers).\36\ Size standards based on average annual receipts are 
used in nearly all other industries, and range from $1 million (used in 
most industries in the crop production and animal production and 
aquaculture subsectors) to $41.5 million (used in industries across a 
variety of sectors including, for example, passenger car leasing, 
television broadcasting, and general medical and surgical 
hospitals).\37\
---------------------------------------------------------------------------

    \35\ See Small Bus. Admin., Table of Small Business Size 
Standards Matched to North American Industry Classification System 
Codes (effective Aug. 19, 2019), https://www.sba.gov/sites/default/files/2019-08/SBA%20%20%20Size%20Standards_Effective%20Aug%2019%2C%202019_Rev.pdf.
    \36\ See id.
    \37\ A small number of industries use a size standard based on a 
metric other than average annual receipts or average number of 
employees. For example, the commercial banking industry (NAICS 
522110) is subject to an asset-based size standard. See id.
---------------------------------------------------------------------------

    Simpler definitions of what constitutes a small business are used 
in certain contexts. For example, in certain annual research releases 
the SBA's Office of Advocacy defines a small business as one that has 
fewer than 500 employees.\38\ According to the Office of Advocacy, and 
based on this definition of a small business, there are 31.7 million 
such businesses in the U.S. that represent 99.9 percent of all U.S. 
firms and employ over 60 million Americans.\39\ Six million of these 
small businesses have paid employees, while 25.7 million are non-
employer businesses (i.e., the owner(s) are the only people involved in 
the business).\40\ From 2000 to 2019, small businesses, particularly 
young businesses and start-ups, created 10.5 million net new jobs in 
the U.S., while large businesses created 5.6 million.\41\
---------------------------------------------------------------------------

    \38\ See SBA OA 2020 FAQs at 1.
    \39\ See id.
    \40\ See id.
    \41\ See id.; see also Haltiwanger et al., 95 Rev. Econ. Stat. 
at 347-48 (finding that young firms, which are generally small, 
contribute disproportionately to both gross and net job creation).
---------------------------------------------------------------------------

    Nearly one third of all businesses are minority-owned and more than 
one third are women-owned, though minorities and women own a smaller 
share of employer firms. As of 2018, minorities owned over one million 
employer firms in the U.S. (amounting to 18.3 percent of all employer 
firms) \42\ and, as of 2017, approximately 8.2 million non-employer 
firms.\43\ Likewise, as of 2018, women owned about 1.1 million employer 
firms (19.9 percent of all employer firms) \44\ and, as of 2017, 
approximately 10.6 million non-employer firms.\45\
---------------------------------------------------------------------------

    \42\ See Press Release, U.S. Census Bureau, Annual Business 
Survey Release Provides Data on Minority-Owned, Veteran-Owned and 
Women-Owned Businesses (Jan. 28, 2021), https://www.census.gov/newsroom/press-releases//business-survey.html.
    \43\ Minority Bus. Dev. Agency, U.S. Dep't of Com., The Number 
of Minority Nonemployer Firms Grew by Nearly 17% between 2014 and 
2017 (Dec. 18, 2020), https://www.mbda.gov/news/press-releases/2020/12/the-number-of-minority-nonemployer (stating that the nearly 8.2 
million minority non-employer firms in the U.S. generated $279.3 
billion in revenues in 2017, and grew in number at four times the 
rate of non-minority non-employer firms between 2014 and 2017). See 
also SBA OA 2020 FAQs at 3 (showing over 7.6 million minority-owned 
non-employer firms as of 2016).
    \44\ See Press Release, U.S. Census Bureau, Annual Business 
Survey Release Provides Data on Minority-Owned, Veteran-Owned and 
Women-Owned Businesses (Jan. 28, 2021), https://www.census.gov/newsroom/press-releases//business-survey.html.
    \45\ See Press Release, Nat'l Women's Bus. Council, NWBC Shares 
2017 Nonemployer Statistics by Demographics Estimates for Women-
Owned Businesses (Dec. 17, 2020), https://www.nwbc.gov/2020/12/17/nwbc-shares-2017-nonemployer-statistics-by-demographics-estimates-for-women-owned-businesses/ (also stating that these 10.6 million 
non-employer firms generate $286.1 billion in revenue, and that 
nearly half of all women-owned non-employer firms generate less than 
$10,000 in annual receipts, while only 0.05 percent generate $1 
million or more in revenue).
---------------------------------------------------------------------------

    Businesses are legally structured in several ways. In 2017, 87 
percent of non-employer businesses were sole proprietorships, which 
means that the business is not distinguishable from the owner for tax 
and legal purposes; the owner receives profits directly but is also 
legally responsible for the business's obligations.\46\ Seven percent 
of non-employer businesses were partnerships, which can be structured 
to limit the personal liability of some or all owners; limited partners 
may exchange control for limited liability, while general partners that 
run the business may remain personally liable.\47\ Six percent of non-
employer businesses were structured as corporations--4.6 percent are S-
corporations and 1.5 percent are C-corporations--which are independent 
legal entities owned by shareholders who are not personally liable for 
the corporation's obligations.\48\ In 2017, most small employer 
businesses were corporations, with 50.5 percent choosing to be S-
corporations and 16.8 percent preferring C-corporation status, although 
sole proprietorship and partnership structures remained relatively 
popular at 12.9 percent and 11.8 percent respectively. By contrast, 
74.2 percent of large employer businesses chose to be C-corporations, 
with 9.3 percent preferring a partnership structure and 8.1 percent S-
corporation status.\49\
---------------------------------------------------------------------------

    \46\ See SBA OA 2020 FAQs at 3.
    \47\ Id. at 4.
    \48\ Id.
    \49\ Id.
---------------------------------------------------------------------------

    Small businesses are particularly important in specific sectors of 
the economy. In 2016, in the services sector, small businesses supplied 
45 percent of 19.7 million healthcare and social services jobs, over 60 
percent of 13.7 million accommodation and food services jobs, and over 
80 percent of 6.3 million construction jobs.\50\ In the same year, in 
manufacturing, small businesses made up 44 percent out of 11.6 million

[[Page 56362]]

jobs.\51\ Finally, in 2016, small family farms totaled 96 percent out 
of 2.2 million farms,\52\ and small businesses provided over 80 percent 
of agriculture, forestry, and fishing and hunting jobs out of 
161,000.\53\ As such, the financial health of small businesses is 
essential to the U.S. economy, especially to the supply of critical and 
basic goods and services--from producing food to serving it at 
restaurants, and from home building to healthcare.
---------------------------------------------------------------------------

    \50\ See Off. of Advocacy, Small Bus. Admin., 2019 Small 
Business Profile (Apr. 2019), https://cdn.advocacy.sba.gov/wp-content/uploads/2019/04/23142719/2019-Small-Business-Profiles-US.pdf 
(2019 Small Business Profile).
    \51\ Id. at 3.
    \52\ Nat'l Inst. of Food & Agric., U.S. Dep't of Agric., Family 
Farms, https://nifa.usda.gov/family-farms (last visited July 26, 
2021) (classifying family farms as any farm organized as a sole 
proprietorship, partnership, or family corporation. Family farms 
exclude farms organized as non-family corporations or cooperatives, 
as well as farms with hired managers.).
    \53\ 2019 Small Business Profile at 3.
---------------------------------------------------------------------------

    Small businesses have been especially hard-hit by the COVID-19 
pandemic. At a low point in the pandemic in April 2020, 20 percent of 
self-employed workers had temporarily exited the labor market.\54\ 
Industries in which small businesses played a large role have been 
particularly impacted. For example, comparing April 2020 with April 
2019, employment declined by almost 50 percent in the leisure and 
hospitality industries (also declining by 50 percent among food 
services and drinking establishments within the leisure and hospitality 
industry), in which small businesses employ 60 percent of workers.\55\
---------------------------------------------------------------------------

    \54\ Daniel Wilmoth, Off. of Advocacy, Small Bus. Admin., The 
Effects of the COVID-19 Pandemic on Small Businesses (Issue Brief 
No. 16) (Mar. 2021), https://cdn.advocacy.sba.gov/wp-content/uploads/2021/03/02112318/COVID-19-Impact-On-Small-Business.pdf.
    \55\ Id. By August 2021, many of these jobs had since returned 
as mandatory closure orders ended and the economy began to recover.
---------------------------------------------------------------------------

B. Existing Data on Small Business Lending

    While small businesses are a critical part of the U.S. economy and 
require financial support, it is still true, as it was in 2017 when the 
Bureau published its White Paper on small business lending, that it is 
not possible with current data to confidently answer basic questions 
regarding the state of small business lending. This limitation is 
especially the case with regard to the race, sex, and ethnicity of 
small business owners, applications as opposed to originations, and for 
small business financing products that are not currently reported in 
Call Report data.\56\
---------------------------------------------------------------------------

    \56\ Bureau of Consumer Fin. Prot., Key dimensions of the small 
business lending landscape, at 39-40 (May 2017), https://files.consumerfinance.gov/f/documents/201705_cfpb_Key-Dimensions-Small-Business-Lending-Landscape.pdf (White Paper).
---------------------------------------------------------------------------

    Data on small business lending are fragmented, incomplete, and not 
standardized, making it difficult to conduct meaningful comparisons 
across products and over time. This hinders attempts by policymakers 
and other stakeholders to understand the size, shape, and dynamics of 
the small business lending marketplace, including the interaction of 
supply and demand, as well as potentially problematic lending 
practices, gaps in the market, or trends in funding that may be holding 
back some communities.\57\ For example, absent better data, it is hard 
to determine if relatively lower levels of bank loans to small 
businesses in the decade before the pandemic began were reflective of a 
net relative decline in lending to small businesses as compared to 
large businesses or rather a shift within small business lending from 
banks to alternative lenders.\58\ To the extent there may have been a 
relative decline, it is difficult to assess if that decline affected 
certain types of small businesses more than others, including women-
owned and minority-owned small businesses.\59\
---------------------------------------------------------------------------

    \57\ While Call Report and CRA data provide some indication of 
the level of supply of small business credit, the lack of data on 
small business credit applications makes demand for credit by small 
businesses more difficult to assess, including with respect to local 
markets or protected classes.
    \58\ Rebel A. Cole, Off. of Advocacy, Small Bus. Admin., How Did 
Bank Lending to Small Business in the United States Fare After the 
Financial Crisis?, at 26 (Jan. 2018), https://cdn.advocacy.sba.gov/wp-content/uploads/2019/05/09134658/439-How-Did-Bank-Lending-to-Small-Business-Fare.pdf (showing a decline in bank loans to small 
businesses from 2008 to 2015 from $710 billion to $600 billion). The 
level of bank lending to small businesses has recovered somewhat 
since a trough in 2012-13 that represented the lowest amount of 
lending since 2005. Fed. Deposit Ins. Corp., https://www.fdic.gov/analysis/quarterly-banking-profile/qbp/timeseries/small-business-farm-loans.xlsx (last visited July 22, 2021).
    \59\ White Paper at 40.
---------------------------------------------------------------------------

    The primary sources of information on lending by depository 
institutions are the Federal Financial Institutions Examination Council 
(FFIEC) and National Credit Union Administration (NCUA) Consolidated 
Reports of Condition and Income (Call Reports), as well as reporting 
under the CRA. Under the FFIEC and CRA reporting regimes, small loans 
to businesses of any size are used in whole or in part as a proxy for 
loans to small businesses. The FFIEC Call Report captures banks' 
outstanding number and amount of small loans to businesses (that is, 
loans originated under $1 million to businesses of any size; small 
loans to farms are those originated under $500,000).\60\ The CRA 
requires banks and savings associations with assets over a specified 
threshold to report loans in original amounts of $1 million or less to 
businesses; reporters are asked to indicate whether the borrower's 
gross annual revenue is $1 million or less, if they have that 
information.\61\ The NCUA Call Report captures data on all loans over 
$50,000 to members for commercial purposes, regardless of any indicator 
about the business's size.\62\ There are no similar sources of 
information about lending to small businesses by nondepository 
institutions. The SBA also releases data concerning its loan programs, 
but these typically do not include demographic information, and this 
covers only a small portion of the overall small business financing 
market.
---------------------------------------------------------------------------

    \60\ See Fed. Fin. Insts. Examination Council, Reporting Forms 
31, 41, and 51 (last modified Mar. 16, 2021), https://www.ffiec.gov/ffiec_report_forms.htm (FFIEC Call Report).
    \61\ See Fed. Fin. Insts. Examination Council, A Guide to CRA 
Data Collection and Reporting, at 11, 13 (2015), https://www.ffiec.gov/cra/pdf/2015_CRA_Guide.pdf (2015 FFIEC CRA Guide). 
Small business loans are defined for CRA purposes as loans whose 
original amounts are $1 million or less and that were reported on 
the institution's Call Report or Thrift Financial Report as either 
``Loans secured by nonfarm or nonresidential real estate'' or 
``Commercial and industrial loans.'' Small farm loans are defined 
for CRA purposes as loans whose original amounts are $500,000 or 
less and were reported as either ``Loans to finance agricultural 
production and other loans to farmers'' or ``Loans secured by 
farmland.'' Id. at 11. Beginning in 2023, national banks supervised 
by the OCC with assets greater than $2.5 billion will be required to 
report loans of $1.6 million or less and indicate whether the 
borrower's gross annual review is $1.6 million or less. See 85 FR 
34734 (June 5, 2020).
    \62\ See Nat'l Credit Union Admin., Call Report Form 5300 (June 
2020), https://www.ncua.gov/files/publications/regulations/form-5300-june-2020.pdf.
---------------------------------------------------------------------------

    These public data sources provide some of the most extensive 
information currently available on small business lending. However, 
they suffer from four material limitations, namely that the data 
capture only parts of the market, are published at a high level of 
aggregation, do not permit detailed analysis across the markets, and 
lack standardization across different agencies.
    First, these datasets exclude entire categories of lenders. For 
example, banks under $1.322 billion in assets do not have to report 
under the CRA.\63\ The FFIEC and NCUA Call Reports and CRA data do not 
include lending by nondepository financial institutions, which the 
Bureau estimates to represent 40 percent of the small business 
financing market and is rapidly growing.\64\
---------------------------------------------------------------------------

    \63\ Fed. Fin. Insts. Examination Council, Community 
Reinvestment Act 2021 Reporting Criteria, https://www.ffiec.gov/cra/reporter21.htm (last visited Aug. 5, 2021).
    \64\ Nondepository lending is estimated to total approximately 
$550 billion out of $1.4 trillion in total lending, excluding $1 
trillion in COVID-19 emergency program lending. See part II.D below 
(providing a detailed breakdown and methodology of estimates across 
lending products).

---------------------------------------------------------------------------

[[Page 56363]]

    Second, Federal agencies publish summary data at a high level in a 
manner that does not facilitate independent analysis by other agencies 
or stakeholders. The FFIEC and NCUA Call Reports and the CRA data are 
all available at a higher level of aggregation than loan-level, 
limiting fair lending and detailed geographic analyses since race, sex, 
and ethnicity as well as business location data are rarely disclosed.
    Third, the detailed data collected by these Federal sources have 
significant limitations as well, preventing any analysis into certain 
issues or types of borrowers, even by the regulators possessing these 
data. Neither Call Report nor CRA data include applications, which 
limits insights into any potential discrimination or discouragement in 
application processes as well as into the interaction between credit 
supply and demand. The Call Report and CRA data separately identify 
loans of under $1 million in value, and CRA data also identify loans to 
businesses with annual revenues of $1 million or less.\65\ However, the 
Call Report definition of small business loans as those with a loan 
size of $1 million or less at origination is both overinclusive, as it 
counts small loans to businesses of all sizes, and underinclusive, as 
it excludes loans over $1 million made to small businesses. Credit 
unions report any loans under $50,000 as consumer loans and not as 
commercial loans,\66\ potentially excluding from measurement an 
important source of funding for many small businesses, particularly the 
smallest and often most underserved.
---------------------------------------------------------------------------

    \65\ Fed. Fin. Insts. Examination Council, Schedule RC-C, Part 
II Loans to Small Businesses and Farms, at 1, https://www.fdic.gov/regulations/resources/call/crinst-031-041/2017/2017-03-rc-c2.pdf 
(detailing the Call Report loan size threshold of $1 million at 
origination for loans to small businesses); 2015 FFIEC CRA Guide at 
11 (detailing the CRA size thresholds of $1 million both for loan 
amount at origination and for revenue of small business borrowers).
    \66\ Nat'l Credit Union Admin., Call Report Form 5300 
Instructions, at 26 (effective Mar. 31, 2021), https://www.ncua.gov/files/publications/regulations/call-report-instructions-march-2021.pdf.
---------------------------------------------------------------------------

    Finally, the Federal sources of small business lending data are not 
standardized across agencies and cannot be easily compared. For 
example, the FFIEC Call Report collects small loans to businesses as a 
proxy for small business lending, whereas the NCUA Call Report collects 
loans to members for commercial purposes above $50,000 but with no 
upper limit. The loan-level data for the Paycheck Protection Program 
(PPP) offer an unprecedented level of insight into small business 
lending, but this dataset is a one-off snapshot into the market for a 
specific lending program at an acute moment of crisis and is also 
limited in utility by relatively low response levels to demographic 
questions concerning borrowers.\67\
---------------------------------------------------------------------------

    \67\ Zachary Warmbrodt, Tracking the Money: Bid to Make Business 
Rescue More Inclusive Undercut by Lack of Data, Politico (Mar. 2, 
2021), https://www.politico.com/news/2021/03/02/businesses-inclusive-coronavirus-relief-money-data-472539 (reporting that 75 
percent of PPP recipients did not report their ethnicity and 58 
percent did not reveal their gender).
---------------------------------------------------------------------------

    The Federal government also conducts and releases a variety of 
statistics, surveys, and research reports on small business lending 
through the member banks for the Federal Reserve System, the FDIC, CDFI 
Fund, and the U.S. Census Bureau. These data sources offer insights 
into broad trends and specific small business lending issues but are 
less useful for detailed fair lending analyses or identification of 
specific areas, industries, or demographic groups being underserved. 
Periodic changes in survey methodology and questions can also limit 
comparability and the ability to track developments over time.
    There are also a variety of non-governmental data sources, issued 
by both private and nonprofit entities, that cover small businesses 
and/or the small business financing market. These include datasets and 
surveys published by commercial data and analytics firms, credit 
reporting agencies, trade associations, community groups, and academic 
institutions. Certain of these data sources are publicly available and 
track specific topics, such as small business optimism,\68\ small 
business employment,\69\ rates of small business credit application 
approvals,\70\ small business lending and delinquency levels,\71\ and 
rates of small business closure.\72\ Other databases have more 
granularity and provide detailed information on individual businesses, 
including revenue, credit utilization, industry, and location.\73\
---------------------------------------------------------------------------

    \68\ Nat'l Fed'n of Indep. Bus., Small Business Optimism Index 
(June 2021), https://www.nfib.com/surveys/small-business-economic-trends/.
    \69\ ADP, Employment Reports, https://adpemploymentreport.com/ 
(last visited July 22, 2021).
    \70\ Biz2Credit, Biz2Credit Small Business Lending Index, 
https://www.biz2credit.com/small-business-lending-index (last 
visited July 27, 2021).
    \71\ PayNet, Small Business Lending Index, https://sbinsights.paynetonline.com/lending-activity/ (last visited July 27, 
2021).
    \72\ Opportunity Insights Economic Tracker, https://tracktherecovery.org/ (last visited July 27, 2021). The Opportunity 
Insights Economic Tracker and similar data sources may materially 
overestimate the number of business closures by not controlling for 
attrition in the small business client base of data providers. See 
Leland D. Crane et al., Bd. of Governors of the Fed. Reserve Sys., 
Finance and Economics Discussion Series, 2020-089, Business Exit 
During the COVID-19 Pandemic: Non-Traditional Measures in Historical 
Context, at 21-22 (2020), https://www.federalreserve.gov/econrest/feds/files2020089r1pap.pdf.
    \73\ See, e.g., Dun & Bradstreet, https://www.dnb.com/ (data 
provider and credit reporter); Data Axle, https://www.data-axle.com/ 
(data provider); Equifax, https://www.equifax.com/business/business-credit-reports/ (credit reporter); Experian, https://www.experian.com/small-business/business-credit-reports (credit 
reporter).
---------------------------------------------------------------------------

    While these non-public sources of data on small businesses may 
provide a useful supplement to existing Federal sources of small 
business lending data, these private and nonprofit sources often do not 
have lending information, may rely in places on unverified research 
based on public internet sources, and/or narrowly limit use cases for 
parties accessing data. Further, commercial datasets are generally not 
free to public users and can be costly, raising equity issues for 
stakeholders who cannot afford access.

C. The Landscape of Small Business Finance

    Notwithstanding the lack of data on the market, it is clear that 
financing plays an important role in enabling small businesses to grow 
and contribute to the economy. When it is available, financing not only 
provides resources for small businesses to smooth cash flows for 
current operations, but also affords business owners the opportunity to 
invest in business growth. An analysis by the National Small Business 
Association, which examined data from 1993 through 2016, found a 
correlation between small business owners' ability to access credit and 
their ability to hire.\74\ This same study found that, while not the 
sole cause, the inability to secure financing may have led 16 percent 
of small businesses to reduce their number of employees and 
approximately 10 percent of small businesses to reduce employee 
benefits. Lack of access to financing also contributed to a further 10 
percent of small businesses being unable to increase store inventory in 
order to meet existing demand.\75\
---------------------------------------------------------------------------

    \74\ Nat'l Small Bus. Ass'n, 2016 Year-End Economic Report (July 
2017), https://www.nsba.biz/wp-content/uploads/2017/02/Year-End-Economic-Report-2016.pdf.
    \75\ Id.
---------------------------------------------------------------------------

    To support their growth or to make it through harder times, small 
businesses look to a variety of funding sources. Especially when 
starting out, entrepreneurs often rely on their own

[[Page 56364]]

savings and help from family and friends. If a business generates a 
profit, its owners may decide to reinvest retained earnings to fund 
further growth. However, for many aspiring business owners--and their 
personal networks--savings and retained earnings may not be sufficient 
to fund a new venture or grow it, leading owners to seek other sources 
of funding. This is particularly true for minority- and women-led 
households, which on average have less wealth than their white- and 
men-led counterparts.\76\
---------------------------------------------------------------------------

    \76\ Emily Moss et al., The Black-White Wealth Gap Left Black 
Households More Vulnerable, Brookings Inst. (Dec. 8, 2020), https://www.brookings.edu/blog/up-front/2020/12/08/the-black-white-wealth-gap-left-black-households-more-vulnerable/ (detailing wealth gaps in 
2019 by race and sex that show white male households with more 
wealth than white female or Black male or female households at all 
age brackets). See also Erin Ruel & Robert Hauser, Explaining the 
Gender Wealth Gap, 50 Demography 1155, 1165 (Dec. 2012), https://read.dukeupress.edu/demography/article/50/4/1155/169553/Explaining-the-Gender-Wealth-Gap (finding a gender wealth gap of over $100,000 
in a longitudinal study over 50 years of a single age cohort in 
Wisconsin); Neil Bhutta et al., Bd. of Governors of the Fed. Reserve 
Sys., Disparities in Wealth by Race and Ethnicity in the 2019 Survey 
of Consumer Finances (Sept. 28, 2020), https://www.federalreserve.gov/econres/notes/feds-notes/disparities-in-wealth-by-race-and-ethnicity-in-the-2019-survey-of-consumer-finances-20200928.htm (finding median white family wealth in 2019 of 
$188,200 compared with $24,100 for Black families and $36,100 for 
Hispanic families).
---------------------------------------------------------------------------

    One such source of funding comes from others besides family and 
friends, whether high net worth individuals or ``angel investors,'' 
venture capital funds, or, in a more recent development usually 
facilitated by online platforms, via crowdsourcing from retail 
investors. Often, these early investments take the form of equity 
funding, which business owners are not obligated to repay to investors. 
However, equity funding requires giving up some ownership and control 
to investors, which certain entrepreneurs may not wish to do. For small 
businesses, equity funding also tends to be somewhat more expensive 
than debt financing in the longer run. This is for a number of reasons, 
including that loan interest payments, unlike capital gains, are tax-
deductible.\77\ Finally, equity investments from others besides family 
and friends are available to only a minority of small businesses.
---------------------------------------------------------------------------

    \77\ Jim Woodruff, The Advantages and Disadvantages of Debt and 
Equity Financing, CHRON (updated Mar. 4, 2019), https://smallbusiness.chron.com/advantages-disadvantages-debt-equity-financing-55504.html.
---------------------------------------------------------------------------

    Many small businesses instead seek debt financing from a wide range 
of providers. These providers include depository institutions, such as 
banks, savings associations, and credit unions,\78\ as well as fintechs 
and commercial finance companies, specialized providers of specific 
financing products, and a range of government and government-sponsored 
enterprises, among others.
---------------------------------------------------------------------------

    \78\ For purposes of this notice of proposed rulemaking, the 
Bureau is using the term depository institution to mean any bank or 
savings association defined by section 3(c)(1) of the Federal 
Deposit Insurance Act, 12 U.S.C. 1813(c)(1), or credit union defined 
pursuant to the Federal Credit Union Act, as implemented by 12 CFR 
700.2. The Bureau notes that the Dodd-Frank Act defines a depository 
institution to mean any bank or savings association defined by the 
Federal Deposit Insurance Act; there, that term does not encompass 
credit unions. 12 U.S.C. 5301(18)(A), 1813(c)(1). The Bureau is 
referring to banks and savings associations together with credit 
unions as depository institutions throughout this notice, unless 
otherwise specified, to facilitate analysis and discussion.
---------------------------------------------------------------------------

    In the past, small businesses principally sought credit from banks; 
however, as banks have merged and consolidated, particularly in the 
wake of the Great Recession, they have provided less financing to small 
businesses.\79\ As noted earlier, the number of banks has declined 
significantly since a post-Great Depression peak in 1986 of over 18,000 
institutions to around 5,200 institutions today,\80\ while 13,500 
branches closed from 2009 to mid-2020, representing a 14 percent 
decrease.\81\ Although nearly half of counties either gained bank 
branches or retained the same number between 2012 and 2017, the 
majority lost branches over this period.\82\ Out of 44 counties that 
were deeply affected by branch closures, defined as having 10 or fewer 
branches in 2012 and seeing five or more of those close by 2017, 39 
were rural counties.\83\ Of rural counties, just over 40 percent lost 
bank branches in that period; the rural counties that experienced 
substantial declines in bank branches tend to be lower-income and with 
a higher proportion of African-American residents relative to other 
rural counties,\84\ raising concerns about equal access to credit.
---------------------------------------------------------------------------

    \79\ Rebel A. Cole, Off. of Advocacy, Small Bus. Admin., How Did 
Bank Lending to Small Business in the United States Fare After the 
Financial Crisis?, at 26 (Jan. 2018), https://cdn.advocacy.sba.gov/wp-content/uploads/2019/05/09134658/439-How-Did-Bank-Lending-to-Small-Business-Fare.pdf (showing a decline in bank loans to small 
businesses from 2008 to 2015 from $710 billion to $600 billion). The 
level of bank lending to small businesses has recovered somewhat 
since a trough in 2012-13 that represented the lowest amount of 
lending since 2005. Fed. Deposit Ins. Corp., https://www.fdic.gov/analysis/quarterly-banking-profile/qbp/timeseries/small-business-farm-loans.xlsx (last visited July 22, 2021).
    \80\ Congressional Research Serv., Small Business Credit Markets 
and Selected Policy Issues, at 6 (Aug. 20, 2019), https://fas.org/sgp/crs/misc/R45878.pdf.
    \81\ Bruce C. Mitchell et al., Nat'l Cmty. Reinvestment Coal., 
Relationships Matter: Small Business and Bank Branch Locations, at 6 
(2020), https://ncrc.org/relationships-matter-small-business-and-bank-branch-locations/ (stating that in 2009 there were 95,596 brick 
and mortar full-service branches or retail locations but, as of June 
30, 2020, that number had fallen to 82,086).
    \82\ Bd. of Governors of the Fed. Reserve Sys., Perspectives 
from Main Street: Bank Branch Access in Rural Communities, at 1, 3-
4, 19 (Nov. 2019), https://www.federalreserve.gov/publications/files/bank-branch-access-in-rural-communities.pdf.
    \83\ Id.
    \84\ Id.
---------------------------------------------------------------------------

    As banks and branches have merged and/or closed, the share of 
banking assets has also become increasingly concentrated in the largest 
institutions, with banks of over $10 billion in assets representing 84 
percent of all industry assets in 2018,\85\ totaling $15.1 out of $17.9 
trillion.\86\ Nevertheless, banks of under $10 billion in assets 
continue to hold approximately half of all small business loans (using 
the FFIEC Call Report definition of loans of under $1 million), 
highlighting the importance of smaller banks to the small business 
lending market.\87\ Since smaller bank credit approvals have 
traditionally been close to 50 percent, while large banks approve only 
25-30 percent of applications, bank consolidation may have implications 
for small business credit access.\88\ Since institutions under $1.322 
billion in assets are not required to report on lending under the 
CRA,\89\ it is difficult to precisely assess the

[[Page 56365]]

impact of bank consolidation and shuttered branches on small business 
lending and access to credit in local areas.\90\ By contrast, credit 
unions increased their small business lending from $30 billion in 2008 
to at least $55 billion in 2019.\91\ Like banks, credit unions 
typically receive high satisfaction scores among small business 
borrowers, reflecting more high-contact, relationship-based lending 
models.\92\
---------------------------------------------------------------------------

    \85\ Congressional Research Serv., Small Business Credit Markets 
and Selected Policy Issues, at 6 (Aug. 20, 2019), https://fas.org/sgp/crs/misc/R45878.pdf.
    \86\ Fed. Deposit Ins. Corp., Bank Data and Statistics, https://www.fdic.gov/bank/statistical/ (last visited Aug. 22, 2021).
    \87\ Speech by Board Governor Lael Brainard: Community Banks, 
Small Business Credit, and Online Lending (Sept. 30, 2015), https://www.federalreserve.gov/newsevents/speech/brainard20150930a.htm. 
Banks with under $10 billion in assets are often referred to as 
``community banks.'' Congressional Research Serv., Over the Line: 
Asset Thresholds in Bank Regulation, at 2-3 (May 3, 2021), https://fas.org/sgp/crs/misc/R46779.pdf (noting that the Board of Governors 
of the Federal Reserve System (Board) and the Office of the 
Comptroller of the Currency (OCC) define community banks as having 
under $10 billion in assets, although there may be other criteria, 
with the FDIC considering also geographic footprint and a relative 
emphasis on making loans and taking deposits as opposed to engaging 
in securities and derivatives trading). Community banks are also 
more likely to engage in relationship-based lending. See id. at 3.
    \88\ Biz2Credit, Biz2Credit Small Business Lending Index, 
https://www.biz2credit.com/small-business-lending-index (last 
visited July 22, 2021). These historical approval rates are 
reflected in pre-pandemic Small Business Lending Index releases by 
Biz2Credit. See, e.g., Biz2Credit, Small Business Loan Approval 
Rates at Big Banks Remain at Record High in February 2020: 
Biz2Credit Small Business Lending Index, https://www.biz2credit.com/small-business-lending-index/february-2020 (last visited July 29, 
2021) (showing large bank approvals of 28.3 percent in February 2020 
and of 27.2 percent in February 2019 and smaller bank approvals of 
50.3 percent in February 2020 and of 48.6 percent in February 2019).
    \89\ See part II.B above.
    \90\ Bruce C. Mitchell et al., Nat'l Cmty. Reinvestment Coal., 
Relationships Matter: Small Business and Bank Branch Locations, 
https://ncrc.org/relationships-matter-small-business-and-bank-branch-locations/ (last visited July 27, 2021).
    \91\ Rebel A. Cole, Off. of Advocacy, Small Bus. Admin., How Did 
Bank Lending to Small Business in the United States Fare After the 
Financial Crisis?, at 26 (Jan. 2018), https://cdn.advocacy.sba.gov/wp-content/uploads/2019/05/09134658/439-How-Did-Bank-Lending-to-Small-Business-Fare.pdf.
    \92\ Fed. Reserve Banks, Small Business Credit Survey, 2021 
Report On Employer Firms (2021), https://www.fedsmallbusiness.org/medialibrary/FedSmallBusiness/files/2021/2021-sbcs-employer-firms-report.
---------------------------------------------------------------------------

    Certain banks and credit unions choose to be mission-based lenders, 
as CDFIs or Minority Depository Institutions (MDIs).\93\ Mission-based 
lenders focus on providing credit to traditionally underserved and low-
income communities and individuals to promote community development and 
expand economic opportunity, making them a relatively smaller by dollar 
value but essential part of the small business lending market. There 
were over 1,200 CDFIs (around half of which are depository 
institutions) as of May 2021 and over 140 MDIs as of March 2021.\94\
---------------------------------------------------------------------------

    \93\ According to the FDIC, FDIC-insured MDIs and CDFI banks are 
banks, savings banks, and savings associations (collectively, banks) 
that serve minority, low- or moderate-income (LMI), and rural 
communities at higher rates than mainstream banks. MDIs serve 
minority communities including African American, Asian American, 
Hispanic American, and Native American. CDFI banks are certified 
through the U.S. Department of the Treasury by demonstrating they 
serve LMI communities. See, e.g., Fed. Deposit Ins. Corp. Minority 
Depository Institutions Program website, https://www.fdic.gov/regulations/resources/minority/mission-driven/index.html (last 
visited July 11, 2021).
    \94\ Cmty. Dev. Fin. Inst., CDFI Certification, https://www.cdfifund.gov/programs-training/certification/cdfi (last visited 
July 21, 2021); Fed. Deposit Ins. Corp., Minority Depository 
Institutions Program (last updated June 9, 2021), https://www.fdic.gov/regulations/resources/minority/mdi.html.
---------------------------------------------------------------------------

    During a period in which that depository institutions have been 
providing relatively less funding to small businesses,\95\ small 
businesses have increasingly relied on other nondepository institutions 
for financing. Since nondepositories typically do not report their 
small business financing activities to regulators, however, there are 
no authoritative sources for either the number of such entities or the 
dollar value of financing they provide to small businesses.\96\ 
However, what data are available make clear that fintech firms are 
rapidly increasing their share of the small business financing 
market.\97\
---------------------------------------------------------------------------

    \95\ See Rebel A. Cole, Off. of Advocacy, Small Bus. Admin., How 
Did Bank Lending to Small Business in the United States Fare After 
the Financial Crisis?, at 26 (Jan. 2018), https://cdn.advocacy.sba.gov/wp-content/uploads/2019/05/09134658/439-How-Did-Bank-Lending-to-Small-Business-Fare.pdf (showing a decline in 
bank loans to small businesses from 2008-15 from $710 billion to 
$600 billion). The level of bank lending to small businesses has 
recovered somewhat since a trough in 2012-13 that represented the 
lowest amount of lending since 2005. See also Fed. Deposit Ins. 
Corp., https://www.fdic.gov/analysis/quarterly-banking-profile/qbp/timeseries/small-business-farm-loans.xlsx (last visited July 21, 
2021) (tabulating outstanding balances for credit extended to small- 
and non-small business lending by banks and thrifts over time).
    \96\ See part II.B above.
    \97\ See part II.D below.
---------------------------------------------------------------------------

    Whether depository or nondepository, each provider of small 
business financing assesses a variety of different criteria to 
determine whether and on what terms to grant an extension of credit or 
other financing product, including business and financial performance, 
the credit history of the business and its owner(s), the time in 
business, and the industry, among other factors. Protections such as 
guarantees, collateral, and insurance can mitigate perceived risks, 
potentially enabling a lender to offer better terms or facilitating an 
extension of credit that would otherwise not meet lending limit or 
underwriting criteria. Often, government agencies, including the SBA, 
FHA, and USDA, guarantee or insure loans themselves to encourage 
lenders to provide credit to borrowers that may not otherwise be able 
to obtain credit, either on affordable terms and conditions or at 
all.\98\ Different lenders also employ diverse methods for assessing 
risk, with smaller banks generally relying more on traditional 
underwriting methods and typically managing multi-product 
relationships. Fintechs increasingly use algorithms, automation, and 
even AI and machine learning to assess risk and make underwriting 
decisions, with originations typically being less relationship-based in 
nature.
---------------------------------------------------------------------------

    \98\ Congressional Research Serv., Small Business Administration 
7(a) Loan Guaranty Program (updated June 21, 2021), https://fas.org/sgp/crs/misc/R41146.pdf (discussing the SBA's flagship 7(a) loan 
guarantee program); U.S. Dep't of Hous. & Urban Dev., Descriptions 
Of Multifamily Programs, https://www.hud.gov/program_offices/housing/mfh/progdesc (last visited July 27, 2021) (listing FHA 
mortgage insurance programs for 5+ unit residential developments); 
Farm Serv. Agency, U.S. Dep't of Agric., Guaranteed Loan Program 
Fact Sheet (Mar. 2020), https://www.fsa.usda.gov/Assets/USDA-FSA-Public/usdafiles/FactSheets/guaranteed_loan_program-factsheet.pdf 
(discussing the USDA's Farm Service Agency guaranteed loan program).
---------------------------------------------------------------------------

    As well as diversity in underwriting methodology and criteria, 
there are also considerable differences across small business financing 
products and providers with respect to pricing methods and repayment 
structures. As a result, it can be challenging to compare the 
competitiveness of product pricing and terms. The Bureau understands 
that term loans, lines of credit, and credit cards typically disclose 
annualized interest rates; leases often take into account depreciation; 
factoring products discount an invoice's value and add a fee; and MCAs 
apply a multiple to the value of the up-front payment.\99\ Moreover, 
providers may add additional fees that are not standardized within 
industries, much less across them. The Bureau believes that this 
complexity may confuse business owners and render them unable to secure 
more favorable rates due to opacity in offers presented--which in some 
cases may even be deliberate \100\--and a corresponding inability to 
effectively compare across different financing options.\101\ This may 
impair applicants' ability to make informed choices.
---------------------------------------------------------------------------

    \99\ See part II.D below for definitions of the different 
product categories.
    \100\ Press Release, Fed. Trade Comm'n, Cash Advance Firm to Pay 
$9.8M to Settle FTC Complaint It Overcharged Small Businesses (Apr. 
22, 2021), https://www.ftc.gov/news-events/press-releases/2021/04/cash-advance-firm-pay-98m-settle-ftc-complaint-it-overcharged 
(settling a lawsuit between the Federal Trade Commission (FTC) and 
an MCA provider for $9.8 million where the complaint alleged that 
the provider ``deceived'' and ``misle[d]'' business borrowers about 
the amount and terms of financing); Bd. of Governors of the Fed. 
Reserve Sys., Record of Meeting: Community Advisory Council and the 
Board of Governors, at 7 (Oct. 5, 2018), https://www.federalreserve.gov/aboutthefed/files/cac-20181005.pdf (noting a 
growing trend of small business owners facing difficulty with 
expensive loan products such as MCAs where the pricing and structure 
of the loans is often deliberately obscured).
    \101\ Fed. Trade Comm'n, `Strictly Business' Forum, Staff 
Perspective, at 5 (Feb. 2020), https://www.ftc.gov/system/files/documents/reports/staff-perspective-paper-ftcs-strictly-business-forum/strictly_business_forum_staff_perspective.pdf (discussing the 
difficulty in comparing across financing products with widely 
differing methods for calculating and describing key features).
---------------------------------------------------------------------------

D. Estimating the Size and Scope of the Small Business Financing Market

    In light of the lack of data and the heterogeneity of products and 
providers within the small business financing market, it can be 
difficult to get a clear sense of the size and scope of the market. In 
this section, the Bureau describes its estimates of the total 
outstanding balances of credit in the market, the number of 
institutions that are active in the small business

[[Page 56366]]

financing market, and how the Bureau arrived at these estimates. Where 
possible, the Bureau tries to estimate the state of the small business 
financing market at the end of 2019 in order to estimate the state of 
the market during a year unaffected by the COVID-19 pandemic.
    One challenge is that some of the data report the dollar value of 
originations and some report outstanding balances. For the purposes of 
this exercise and for most, but not all, products, the Bureau assumes 
that for every $1 originated in the market in a given year, there is 
approximately a corresponding $3 of outstanding balances. This 
assumption is based on the ratio of the 2019 FFIEC Call Report data, 
which totaled $721 billion in outstanding balances on bank loans to 
small businesses and small farms, and the 2019 CRA data, which recorded 
$264 billion in bank loan originations to small businesses and small 
farms.\102\ This assumption is limited by the extent to which other 
small business financing products differ from loans and lines of 
credit, which make up the majority of financing products captured by 
the FFIEC Call Report data and the CRA data.\103\
---------------------------------------------------------------------------

    \102\ FFIEC Call Report data records outstanding balances on 
loans with origination amounts less than $1 million across 
Commercial & Industrial, Nonfarm Nonresidential, Agricultural, and 
Secured by Farmland lending categories. See FDIC Quarterly Banking 
Profile Time Series, https://www.fdic.gov/analysis/quarterly-banking-profile/qbp/timeseries/small-business-farm-loans.xlsx (last 
visited August 29, 2021).
    \103\ FFIEC Call Report data and CRA data on small business 
credit products also include business credit card products, but 
loans and lines of credit made up $713 billion out of $775 billion 
in outstanding balances on bank, savings association, and credit 
union loans to small businesses in 2019. One important caveat to 
this assumption is that products with materially shorter average 
term lengths, for example credit cards, factoring products, and 
MCAs, may have an inverse ratio of originations to outstanding 
balances. For example, top issuers of general purpose credit cards 
recorded purchase volumes of two to seven times their outstanding 
balances in 2020. Nilson Report, Issue 1192, at 6 (Feb. 2021), 
https://nilsonreport.com/publication_newsletter_archive_issue.php?issue=1192. If business-
purpose credit cards, factoring products, and MCAs behaved similarly 
with respect to the ratio of originations to outstanding balances, 
then for every $1 originated in the market in a given year, there 
could be a corresponding $0.14-0.50 in outstanding balances for such 
products ($1 divided by two to seven).
---------------------------------------------------------------------------

    As detailed in this section, the Bureau estimates that the market 
for small business financing products totaled $1.4 trillion in 
outstanding balances in 2019. The Bureau estimates that small business 
financing by depository institutions makes up just over half of small 
business financing by private institutions. In 2020 and 2021, COVID-19 
emergency lending programs added a further $1 trillion to this value, 
bringing the overall size of the small business financing market up to 
$2.4 trillion. Below, the Bureau estimates the market share for 
different small business financing products.
    Since the available data regarding depository institutions' small 
loans to businesses address term loans, lines of credit, and credit 
cards together, the respective share of different products in the 
overall small business financing market is difficult to assess. As 
detailed in this section, the Bureau estimates that together, private 
term loans and lines of credit constitute the largest small business 
credit product by value, totaling approximately $770 billion in 
outstanding balances in 2019, although PPP and EIDL Program loans have 
since added $1 trillion to this figure.
    Lending by banks, saving associations, and credit unions comprises 
the largest part of this total amount for private term loans and lines 
of credit. Using FFIEC Call Report data for December 2019, the Bureau 
estimates that banks and savings associations account for a total of 
about $721 billion in outstanding credit to small businesses and small 
farms as of December 2019.\104\ Using NCUA Call Report data for 
December 2019, the Bureau estimates that credit unions account for a 
total of about $55 billion in outstanding credit to members for 
commercial purposes.\105\ From this value, the Bureau subtracts $62 
billion in credit card lending to arrive at $713 billion in outstanding 
balances for term loans and lines of credit. From this value, the 
Bureau further subtracts $134 billion in SBA guaranteed loans to arrive 
at $580 billion in outstanding balances for private term loans and 
lines of credit extended by depository institutions (i.e., banks, 
savings associations, and credit unions) as of December 2019.
---------------------------------------------------------------------------

    \104\ Calculated from FFIEC Call Report data accessed on June 8, 
2021. The Bureau notes that, as discussed in part II.B above, these 
estimates rely on small loans to businesses as a proxy for loans to 
small businesses. As such, the Bureau acknowledges that the true 
outstanding value of credit extended to small businesses by such 
institutions may be different than what is presented here. For 
example, the small loans to businesses proxy would overestimate the 
value of outstanding credit if a significant number of small loans 
to businesses and farms are to businesses or farms that are actually 
large. Alternatively, the proxy would underestimate the value of 
outstanding credit to small businesses if a significant number of 
businesses and farms that are small under the proposed rule take out 
loans that are larger than $1 million or $500,000, for businesses 
and farms, respectively.
    \105\ Nat'l Credit Union Admin., 2019 Call Report Quarterly 
Data, https://www.ncua.gov/analysis/credit-union-corporate-call-report-data/quarterly-data (last visited Aug. 24, 2021) (2019 NCUA 
Call Report). The Bureau notes that, as discussed in part II.B 
above, credit unions only report credit transactions made to members 
for commercial purposes with values over $50,000. The Bureau uses 
this value as a proxy for small business credit. The Bureau 
acknowledges that the true value of small business credit extended 
by credit unions may be different than what is presented here. For 
example, this proxy may overestimate the value of outstanding small 
business credit because some members are taking out loans for large 
businesses. Alternatively, this proxy may underestimate the value of 
outstanding small business credit if credit unions originate a 
substantial number of small business loans with origination values 
of under $50,000. For this analysis, the Bureau includes all types 
of commercial loans to members except construction and development 
loans and multifamily residential property. This includes loans 
secured by farmland; loans secured by owner-occupied, non-farm, non-
residential property; loans secured by non-owner occupied, non-farm, 
non-residential property; loans to finance agricultural production 
and other loans to farmers; commercial and industrial loans; 
unsecured commercial loans; and unsecured revolving lines of credit 
for commercial purposes. The Bureau does include multifamily in part 
VII below.
---------------------------------------------------------------------------

    The remaining $190 billion in outstanding balances for private term 
loans and lines of credit was extended by various nondepository 
institutions, namely commercial finance companies, fintechs, and 
nondepository CDFIs.\106\
---------------------------------------------------------------------------

    \106\ There may additionally be lending by equipment and vehicle 
dealers originating loans in their own name that is not captured 
here.
---------------------------------------------------------------------------

    Commercial finance companies specialize in financing equipment and 
vehicle purchases. The Bureau estimates that the value of outstanding 
balances on credit extended by commercial finance companies totaled 
approximately $160 billion. Using data from the Federal Reserve Board's 
Finance Company Business Receivables data on owned assets as of 
December 2019, the Bureau estimates commercial finance companies 
outstanding credit for commercial purposes as the value of retail motor 
vehicle loans plus equipment loans and other business receivables, 
which totaled about $215 billion.\107\ The Bureau further assumes that 
about 75 percent of this value, or $162 billion, can be attributed to 
loans to small businesses.\108\
---------------------------------------------------------------------------

    \107\ Bd. of Governors of the Fed. Reserve Sys., Finance 
Companies--G.20 (updated July 15, 2021), https://www.federalreserve.gov/releases/g20/hist/fc_hist_b_levels.html. The 
Bureau does not include leases, since they are already counted 
within the product category of equipment and vehicle leasing, or 
wholesale loans, which it assumes are typically made to non-small 
businesses.
    \108\ This methodology is consistent with the approach taken by 
Gopal and Schnabl (2020).
---------------------------------------------------------------------------

    Typical fintech providers are characterized primarily by providing 
banking services exclusively in an online environment.\109\ The Bureau 
estimates that total outstanding loan balances for fintech providers 
reached around $25 billion in 2019. In a 2018 report, S&P Global 
projected that online

[[Page 56367]]

platform lenders would originate about $9.3 billion in credit to small 
and medium enterprises in 2019.\110\ Using this estimate, the Bureau 
scales up the value of originations to $25 billion in estimated 
outstanding balances, under the assumptions discussed above.\111\ At 
the beginning of the COVID-19 pandemic and financial crisis, fintechs 
originated around $22 billion in PPP loans to small businesses from 
March to August 2020 \112\ and likely continued to originate billions 
more during the third wave of PPP loans in 2021, which represents an 
almost 90 percent increase or more in outstanding balances since 
2019.\113\ This follows already rapid growth from $1.4 billion in 
estimated outstanding balances in 2013.\114\
---------------------------------------------------------------------------

    \109\ Barkley & Schweitzer, 17 Int'l J. Cent. Banking at 35-36.
    \110\ 2018 US Fintech Market Report at 6.
    \111\ The Bureau notes that this figure may underestimate the 
total value of fintech lending because it focuses on platform 
lenders and may overestimate the value of lending to small 
businesses because it also includes credit to medium businesses. 
Additionally, the Bureau notes that fintechs often offer products 
besides loans and lines of credit, and that there is no clear 
demarcation between fintech, commercial finance company, and MCA 
provider, limiting the precision of market size estimates. Finally, 
fintechs often sell loans once originated to other entities, 
securitize their originations, or purchase loans that banks have 
originated, which may further present challenges to the precision of 
market size estimates for this market segment.
    \112\ Jessica Battisto et al., Who Benefited from PPP Loans by 
Fintech Lenders?, Liberty Street Economics (May 27, 2021), https://libertystreeteconomics.newyorkfed.org/2021/05/who-received-ppp-loans-by-fintech-lenders.html; Small Bus. Admin., Paycheck 
Protection Program (PPP) Report (approvals through 12 p.m. EST Apr. 
16, 2020), https://www.sba.gov/sites/default/files/2020-06/PPP%20Deck%20copy-508.pdf; Small Bus. Admin., Paycheck Protection 
Program (PPP) Report (approvals through Aug. 8, 2020), https://www.sba.gov/sites/default/files/2020-08/PPP_Report%20-%202020-08-10-508.pdf.
    \113\ Per the program's intent, many PPP loans have been 
forgiven since the program began, which may mean that outstanding 
balances on PPP loans extended by fintech providers have since 
declined.
    \114\ Barkley & Schweitzer, 17 Int'l J. Cent. Banking at 35-36 
(citing 2018 US Fintech Market Report at 5). This figure annualizes 
$121 million in estimated 2013 quarterly originations to $484 
million in annual originations and scales up to estimated 
outstanding balances using the ratio between the FFIEC Call Report 
and the CRA data discussed above.
---------------------------------------------------------------------------

    The Bureau estimates the value of outstanding balances on credit 
extended by nondepository CDFIs to small business borrowers to be 
around $1.5 billion. Using reporting by the CDFI Fund for 2019, the 
Bureau scales down the outstanding balances for loan funds of $13.8 
billion and for venture capital funds of $0.3 billion by the proportion 
of all CDFI lending attributable to business borrowers, which totaled 
$15.4 billion out of $141.2 billion.\115\
---------------------------------------------------------------------------

    \115\ CDFI Fund, CDFI Annual Certification and Data Collection 
Report (ACR): A Snapshot for Fiscal Year 2019, at 17, 22 (Oct. 
2020), https://www.cdfifund.gov/sites/cdfi/files/2021-01/ACR-Public-Report-Final-10292020-508Compliant.pdf. To the extent that CDFI loan 
funds and venture capital funds extend credit to business customers 
at different rates than CDFI banks and credit unions, this 
calculation may over- or underestimate the value of lending to small 
businesses by nondepository CDFIs. This figure also assumes that all 
CDFI lending is for small businesses.
---------------------------------------------------------------------------

    Categorized here separately so as to distinguish residential from 
non-residential loans, the Bureau estimates outstanding balances for 
loans on 5+ unit residential dwellings to total over $30 billion.\116\ 
Using data from the Mortgage Bankers Association, the Bureau scales up 
$11 billion in 2019 annual originations on loans of under $1 million in 
value at origination for 5+ unit residential dwellings to $30 billion 
in estimated outstanding balances, using the ratio between the FFIEC 
Call Report and the CRA data discussed above.\117\
---------------------------------------------------------------------------

    \116\ Depository institutions, discussed above, extend a 
sizeable proportion of loans for 5+ unit residential dwellings; both 
nondepository and depository institutions are included in the total 
for 5+ unit outstanding balances.
    \117\ See Mortg. Bankers Ass'n, Annual Report on Multi-Family 
Lending--2019, at 5 (2020), https://www.mba.org/store/products/research/general/report/2019-annual-report-on-multifamily-lending. 
This includes both private loans, estimated at around $18 billion, 
and loans extended by Fannie Mae, Freddie Mac, and the FHA, 
estimated at around $13 billion. The share of 5+ unit residential 
dwelling loans of all sizes extended by governmental or government-
sponsored entities was 41 percent. The Bureau assumes for the 
purposes of this exercise that the same share is reflected in loans 
of under $1 million in value at origination, although arguably this 
share would be higher if government and government-sponsored 
entities are extended disproportionately smaller dollar value loans 
on average.
---------------------------------------------------------------------------

    Also categorized separately from depository institution totals so 
as to distinguish private from government and government-sponsored 
loans, the Bureau estimates that outstanding balances for loans 
extended by the Small Business Administration and the Farm Credit 
System totaled around $200 billion in 2019.\118\
---------------------------------------------------------------------------

    \118\ The grand total for lending by government and government-
sponsored entities would be approximately $210 billion, including 5+ 
unit residential dwelling loans extended by Fannie Mae, Freddie Mac, 
and the FHA, which are separately recorded within the 5+ unit 
residential dwelling loan product category.
---------------------------------------------------------------------------

    The SBA, through its traditional 7(a), 504, and microloan programs 
as well as the Economic Impact Disaster Loan (EIDL) program and funding 
for Small Business Investment Companies (SBICs), is the largest 
governmental lender by value, with $143.5 billion in outstanding 
balances at the end of fiscal 2019.\119\ However, since the outbreak of 
the COVID-19 pandemic, SBA lending has increased in size by over $1 
trillion due to the PPP, which totaled $800 billion, and the EIDL 
Program, which totaled $210 billion.\120\
---------------------------------------------------------------------------

    \119\ Small Bus. Admin., Small Business Administration Loan 
Program Performance (effective Mar. 31, 2021), https://www.sba.gov/document/report-small-business-administration-loan-program-performance. SBA guaranteed loans comprised $134 billion out of this 
total, which amount has been deducted from the totals for depository 
institutions to avoid double counting.
    \120\ Small Bus. Admin., Paycheck Protection Program (PPP) 
Report (approvals through May 31, 2021), https://www.sba.gov/sites/default/files/2021-06/PPP_Report_Public_210531-508.pdf; Small Bus. 
Admin., Disaster Assistance Update--Nationwide COVID EIDL, Targeted 
EIDL Advances, Supplemental Targeted Advances (June 3, 2021), 
https://www.sba.gov/sites/default/files/2021-06/COVID-19%20EIDL%20TA%20STA_6.3.2021_Public-508.pdf; Small Bus. Admin., 
Disaster Assistance Update--Nationwide EIDL Loans (Nov. 23, 2020), 
https://www.sba.gov/sites/default/files/2021-02/EIDL%20COVID-19%20Loan%2011.23.20-508_0.pdf.
---------------------------------------------------------------------------

    The Farm Credit System is another important government-related part 
of the small business credit landscape. The Bureau estimates that Farm 
Credit System members had around $55 billion in outstanding balances of 
credit extended to small farms in 2019. Using the same small loan to 
farms proxy as is used in the FFIEC Call Report, the Bureau estimates 
credit to farms with an origination value of less than $500,000. Based 
on the Farm Credit System's 2019 Annual Information Statement of the 
Farm Credit System, the Bureau estimates that outstanding balances of 
such small credit to farms totaled $55 billion at the end of 2019.\121\ 
The Bureau notes that, as with the FFIEC Call Report proxy, this number 
may include credit to non-small farms and may exclude larger credit 
transactions extended to small farms.
---------------------------------------------------------------------------

    \121\ Fed. Farm Credit Banks Funding Corp., Farm Credit 2019 
Annual Information Statement of the Farm Credit System, at 54, 
https://www.farmcreditfunding.com/ffcb_live/investorResources/informationStatements.html (last visited Aug. 13, 2021).
---------------------------------------------------------------------------

    Mostly extended by depository institutions, the Bureau estimates 
that the market for small business credit cards totaled over $60 
billion in outstanding balances for 2020.\122\ Using data from Y-14 
Form submissions to the Federal Reserve Board, the Bureau estimates the 
value of outstanding balances for small business credit card accounts 
where the loan is underwritten

[[Page 56368]]

with the sole proprietor or primary business owner as an 
applicant.\123\
---------------------------------------------------------------------------

    \122\ See Bd. of Governors of the Fed. Reserve Sys., Report 
Forms FR Y-14M, https://www.federalreserve.gov/apps/reportforms/reportdetail.aspx?sOoYJ+5BzDYnbIw+U9pka3sMtCMopzoV (last visited 
July 12, 2021). The Board's data are received from bank holding 
companies over $50 billion in assets, which represent 70 percent of 
outstanding balances for consumer credit cards; the corresponding 
percent of balances captured for small business cards is not known, 
so the total small business-purpose credit card market could be 
substantially higher or lower. See Bureau of Consumer Fin. Prot., 
The Consumer Credit Card Market, at 18 (Aug. 2019), https://files.consumerfinance.gov/f/documents/cfpb_consumer-credit-card-market-report_2019.pdf.
    \123\ Off. of Mgmt. & Budget, Instructions for the Capital 
Assessments and Stress Testing Information Collection (Reporting 
Form FR-Y14M), OMB No. 7100-0341, at 148 (Mar. 2020), https://omb.report/icr/202101-7100-006/doc/108187801.
---------------------------------------------------------------------------

    Equipment and vehicle leasing, whereby businesses secure the right 
to possess and use a piece of equipment or vehicle for a term in return 
for consideration, is another important product category that is 
estimated to value roughly $160 billion in outstanding balances in 
2019. Using data from the Equipment Leasing and Financing Foundation 
for 2019, the Bureau estimates the total size of the equipment and 
vehicle leasing market for all sized businesses in 2019 to be 
approximately $900 billion.\124\ The Bureau further assumes that small 
businesses comprise around 18 percent of the total equipment and 
vehicle leasing market.\125\
---------------------------------------------------------------------------

    \124\ See Equip. Leasing & Fin. Found., Horizon Report, https://www.leasefoundation.org/industry-resources/horizon-report/ (last 
updated Apr. 22, 2021).
    \125\ See Karen Mills, Harvard Bus. Sch., State of Small 
Business Lending, at 29 (July 2014), https://www.hbs.edu/ris/Supplemental%20Files/15-004%20HBS%20Working%20Paper%20Chart%20Deck_47695.pdf (estimating 
equipment leasing outstanding balances for small business borrowers 
at approximately $160 billion at Dec. 31, 2013); Monitor Daily, SEFI 
Report Finds Strong Performance Despite Challenges, https://www.monitordaily.com/news-posts/sefi-report-finds-strong-performance-despite-challenges/ (last visited July 27, 2021) ($903 
billion market in 2014, commensurate with an 18 percent market share 
for small business borrowers at the time of the Karen Mills report).
---------------------------------------------------------------------------

    Factoring is a similarly significant product type, estimated at 
around $100 billion in market size for 2019.\126\ In a factoring 
transaction, factors purchase, at a discount, a legally enforceable 
claim for payment (i.e., accounts receivables or invoices) for goods 
already supplied or services already rendered by a business for which 
payment has not yet been made; hence, a factor's risk related to 
repayment often lies with the business's customer and not the business 
itself. In most cases, specific companies, called factors, provide 
factoring products.
---------------------------------------------------------------------------

    \126\ See Secured Fin. Found., 2019 Secured Finance: Market 
Sizing & Impact Study Extract Report, at 7 (June 2019), https://www.sfnet.com/docs/default-source/data-files-and-research-documents/sfnet_market_sizing___impact_study_extract_f.pdf?sfvrsn=72eb7333_2. 
This study estimated the total volume of the U.S. factoring market 
to be $101 billion. To the extent that factoring volumes differ from 
outstanding balances, the value of outstanding balances may be 
higher or lower than this estimate. Also, this estimate captures 
factoring for business borrowers of all sizes, not just small 
business borrowers. The Bureau assumes that most factoring is 
provided to small business customers.
---------------------------------------------------------------------------

    The market for MCAs is developing rapidly and data are even more 
scarce than for other segments of the small business lending market. 
This limits the reliability of estimates as to the MCA market's size. 
Based on market research conducted by Bryant Park Capital (BPC) and 
reported on by deBanked.com, the Bureau estimates the 2019 market size 
to be around $20 billion.\127\ The MCA market is also of particular 
significance for smaller and traditionally underserved businesses that 
may not qualify for other types of credit.\128\ MCAs are typically 
structured to provide a lump sum payment up front (a cash advance) in 
exchange for a share of future revenue until the advance, plus an 
additional amount, is repaid. Unlike the majority of other small 
business financing products, MCAs typically purport to be for short 
durations.\129\ The Bureau understands that MCAs also tend to be 
relatively high-cost products.\130\ Two States, New York and 
California, will soon implement laws that will require providers of 
``sales-based financing,'' such as MCAs, to provide disclosures 
(including estimated APR) similar to those required under the Truth in 
Lending Act (TILA),\131\ which generally only applies to consumer 
credit.\132\
---------------------------------------------------------------------------

    \127\ Paul Sweeney, Gold Rush: Merchant Cash Advances are Still 
Hot, deBanked (Aug. 18, 2019), https://debanked.com/2019/08/gold-rush-merchant-cash-advances-are-still-hot/. BPC estimates appear to 
reference origination volumes rather than outstanding balances. See 
Nimayi Dixit, S&P Global Market Intelligence, Payment Fintechs Leave 
Their Mark On Small Business Lending (Aug. 28, 2018), https://www.spglobal.com/marketintelligence/en/news-insights/research/payment-fintechs-leave-their-mark-on-small-business-lending. 
Depending on credit multiplier effects, the value of annual 
origination volumes could be smaller or greater than outstanding 
balances. Without information on outstanding balances and for the 
purposes of calculating a market size for small business financing 
in 2019, the Bureau assumes in this paper a 1:1 ratio between annual 
origination volumes and outstanding balances for MCA products. See 
above for discussion of credit multiplier effects.
    \128\ Cf. Barbara Lipman & Ann Marie Wiersch, Bd. of Governors 
of the Fed. Reserve Sys., Uncertain Terms: What Small Business 
Borrowers Find When Browsing Online Lender websites, at 3 (Dec. 
2019), https://www.federalreserve.gov/publications/files/what-small-business-borrowers-find-when-browsing-online-lender-websites.pdf 
(observing that online lenders, including providers of MCA products, 
position themselves as offering financing to borrowers underserved 
by traditional lenders).
    \129\ See id. (stating that MCAs are generally repaid in three 
to 18 months).
    \130\ Id. (stating that annual percentage rates on MCA products 
can exceed 80 percent or rise to triple digits). See also Fed. Trade 
Comm'n, `Strictly Business' Forum, Staff Perspective, at 5 (Feb. 
2020), https://www.ftc.gov/system/files/documents/report/staff-perspective-paper-ftcs-strictly-business-forum/strickly_business__forum_staff_perspective.pdf (observing 
stakeholder concern about the high-cost of MCAs that can reach 
triple digit annual percentage rates).
    \131\ 15 U.S.C. 1601 et seq.
    \132\ New York State law will require, as of January 1, 2022, 
that providers of ``sales-based financing'' provide disclosures to 
borrowers which would include calculations of an estimated annual 
percentage rate in accordance with the Bureau's Regulation Z, 12 CFR 
part 1026. See New York S.898, section 803(c) (signed Jan. 6, 2021) 
(amending S.5470-B), https://legislation.nysenate.gov/pdf/bills/2021/s898. Similarly, California's Department of Financial 
Protection and Innovation is in the process of issuing a rule to 
implement a California law requiring disclosures by commercial 
financing companies, including those providing sales-based 
financing. See 10 Cal. Code Reg. 2057(a)(22) (defining sales-based 
financing as ``a commercial financing transaction that is repaid by 
a recipient to the financer as a percentage of sales or income, in 
which the payment amount increases and decreases according to the 
volume of sales made or income received by the recipient'' and 
including ``a true[hyphen]up mechanism''); 10 Cal. Code Reg. 
2065(a)(3) and 3001 (requiring sales-based financing providers 
disclosure estimated annual percentage rate according to Regulation 
Z, 12 CFR part 1026). Under these laws, providers of commercial 
financing generally will be required to disclose: (1) The total 
amount financed, and the amount disbursed if it is different from 
the total amount financed; (2) the finance charge; (3) the APR (or 
the estimated APR for sales-based financing and factoring 
transactions), calculated in accordance with TILA and Regulation Z; 
(4) the total repayment amount; (5) the term (or the estimated term 
for sales-based financing) of the financing; (6) periodic payment 
amounts; (7) prepayment charges; (8) all other fees and charges not 
otherwise disclosed; and (9) any collateral requirements or security 
interests. See Cal. S.B. 1235 (Sept. 30, 2018), https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=201720180SB1235; N.Y. S.B. S5470B (July 
23, 2020), https://legislation.nysenate.gov/pdf/bills/2019/S5470B.
---------------------------------------------------------------------------

    Finally, trade credit is another significant market, which the 
Bureau estimates to total $51 billion in outstanding balances in 2019. 
Using a report by Fundbox/PYMNTS, the Bureau estimates the trade credit 
market size by adding the total accounts payable for businesses under 
$1 million in annual revenue.\133\ Considering the total value of 
accounts payable for businesses between $1 million and $5 million would 
increase the market size by $88 billion.\134\ Trade credit is an often 
informal, business-to-business transaction, usually between non-
financial firms whereby suppliers allow their customers to acquire 
goods and/or

[[Page 56369]]

services without requiring immediate payment.
---------------------------------------------------------------------------

    \133\ See Fundbox/PYMNTS.com, The Trade Credit Dilemma, at 11 
(May 2019), https://www.pymnts.com/wp-content/uploads/2019/05/Trade-Credit-Dilemma-Report.pdf (estimating accounts payable for 
businesses with revenue of under $250,000 at $6.7 billion and for 
businesses with revenue of $250,000 to $999,000 at $44.6 billion).
    \134\ Id. The trade credit market is estimated to total $1.6 
trillion across all business sizes in the United States. In the 
overall $1.4 trillion market size total for all small business 
financing products, the Bureau has included only the trade credit 
market for businesses of up to $1 million in revenue for consistency 
with its White Paper.
---------------------------------------------------------------------------

    The Bureau estimates that there were approximately 8,100 financial 
institutions extending small business financing in 2019, almost 80 
percent of which were depository institutions.
    Based on FFIEC Call Report data for December 2019, the Bureau 
estimates that about 5,100 banks and savings associations are active in 
the small business lending market, out of a total of about 5,200 banks 
and savings associations.\135\ The Bureau assumes that a bank or 
savings association is ``active'' in the market if it reports a 
positive outstanding balance of small loans, lines of credit, and 
credit cards to businesses.
---------------------------------------------------------------------------

    \135\ Calculated from FFIEC Call Report data accessed on June 8, 
2021.
---------------------------------------------------------------------------

    Based on the NCUA Call Report data for December 2019, the Bureau 
estimates that about 1,200 out of 5,300 total credit unions were active 
in the small business lending market.\136\ The Bureau defines a credit 
union as ``active'' in the market if it reported a positive number of 
originations of loans, lines of credit, and credit cards to members for 
commercial purposes in 2019.
---------------------------------------------------------------------------

    \136\ 2019 NCUA Call Report. (One hundred twelve credit unions 
were not federally insured as of December 2019 but are included here 
as depository institutions. Calculated from NCUA Call Report data 
accessed on June 8, 2021.)
---------------------------------------------------------------------------

    The Bureau estimates that there are about 1,800 nondepository 
institutions active in the small business financing market,\137\ 
accounting for around $550 billion in outstanding credit to small 
businesses.
---------------------------------------------------------------------------

    \137\ There may also be cooperative or nonprofit lenders as well 
as equipment and vehicle finance dealers originating in their own 
name that are not captured by the Bureau in these figures. For 
example, by searching Uniform Commercial Code (UCC) filings, Manasa 
Gopal and Philipp Schnabl identified 19 cooperative lenders that 
originated at least 1,500 loans over the period from 2006 to 2016. 
Manasa Gopal & Philipp Schnabl, The Rise of Finance Companies and 
FinTech Lenders in Small Business Lending, N.Y.U. Stern Sch. of 
Bus., at 18 (May 13, 2020), https://ssrn.com/abstract=3600068. 
Additionally, these figures do not include trade creditors, which 
are non-financial companies that extend credit by allowing customers 
a period of time in which to pay and which are much greater in 
number since the practice is widespread across the economy.
---------------------------------------------------------------------------

    The Bureau estimates that about 300 commercial finance companies 
are engaged in small business lending. By searching UCC filings, Manasa 
Gopal and Philipp Schnabl identified almost 300 commercial finance 
companies, including both independent and captive finance companies, 
with at least 1,500 small business loans between 2006 and 2016.\138\ 
The Bureau also estimates there to be about 30 or more fintechs 
currently active in the small business lending market, not including 
MCA providers. Using the same methodology as for commercial finance 
companies, Gopal and Schnabl identified 19 fintech companies.\139\ The 
Bureau conservatively increases this estimate to 30 to account for 
rapid growth in the industry from 2016 to 2019.
---------------------------------------------------------------------------

    \138\ Id. This figure combines 192 independent finance companies 
with 95 captive finance companies. Since this estimate captures only 
those commercial finance companies averaging at least 150 loans per 
year over the 2006 to 2016 period, it may exclude smaller volume 
lenders and should be considered conservative.
    \139\ Id. Since this estimate captures only those fintechs 
averaging at least 150 loans per year over the 2006 to 2016 period, 
it may exclude smaller volume lenders and should be considered 
conservative. On the other hand, since 2019, the COVID-19 economic 
shock may have led to some fintechs scaling back or exiting the 
small business financing market. See, e.g., Ingrid Lunden, Amex 
Acquires SoftBank-backed Kabbage After Tough 2020 for the SMB 
Lender, TechCrunch (Aug. 17, 2020), https://techcrunch.com/2020/08/17/amex-acquires-softbank-backed-kabbage-after-tough-2020-for-the-smb-lender/ (noting that Kabbage temporarily shut down credit lines 
to small businesses during April 2020 and then spun off its small 
business loan portfolio when it was subsequently acquired by 
American Express).
---------------------------------------------------------------------------

    The Bureau estimates that 340 nondepository CDFIs are engaged in 
small business lending. Both depository and nondepository institutions 
can be CDFIs. Depository CDFIs are counted in the numbers of banks, 
savings associations, and credit unions engaged in small business 
lending. According to the CDFI fund, 487 nondepository funds (i.e., 
loan funds and venture capital funds) reported as CDFIs in 2019.\140\ 
Of these, 340 institutions reported that business finance or commercial 
real estate finance were a primary or secondary line of business in 
2019.\141\
---------------------------------------------------------------------------

    \140\ CDFI Fund, CDFI Annual Certification and Data Collection 
Report (ACR): A Snapshot for Fiscal Year 2019, at 8 (Oct. 2020), 
https://www.cdfifund.gov/sites/cdfi/files/2021-01/ACR-Public-Report-Final-10292020-508Compliant.pdf.
    \141\ Id. at 15-16.
---------------------------------------------------------------------------

    The Bureau estimates that about 270 nondepository mortgage lenders 
participated in the credit market for 5+ unit residential dwellings in 
2019 and that about 50 of these institutions extended 25 or more of 
these loans to small businesses. In its ``2019 Multifamily Lending 
Report,'' the Mortgage Bankers Association lists annual multifamily 
lending volumes by institution, including a distinction for loans of 
under $1 million in value at origination.\142\ Using the same small 
loan to business proxy as is used in the FFIEC Call Report, the Bureau 
estimates the number of nondepository mortgage lenders by counting the 
number of institutions that appear on this list that are not depository 
institutions and that extended at least 50 loans in 2019. The Bureau 
counts institutions extending at least 50 loans of any size in order to 
estimate institutions extending at least 25 small loans, based on the 
assumption that some 50 percent of these loans may have been for values 
greater than $1 million.
---------------------------------------------------------------------------

    \142\ See Mortg. Bankers Ass'n, Annual Report on Multi-Family 
Lending--2019, at 9-66 (2020), https://www.mba.org/store/products/research/general/report/2019-annual-report-on-multifamily-lending.
_____________________________________-

    Based on data from UCC filings collected by deBanked.com, the 
Bureau estimates that about 100 institutions were active in the market 
for providing MCA products to small businesses in 2021.\143\
---------------------------------------------------------------------------

    \143\ deBanked, UCC-1 and UCC-3 Filings by Merchant Cash Advance 
Companies & Alternative Business Lenders, https://debanked.com/merchant-cash-advance-resource/merchant-cash-advance-ucc/ (last 
visited July 11, 2021).
---------------------------------------------------------------------------

    The Bureau estimates the number of factors to be between 700-900 
and assumes that most factors are providing financing to small 
business.\144\
---------------------------------------------------------------------------

    \144\ See Secured Fin. Found., 2019 Secured Finance: Market 
Sizing & Impact Study Extract Report, at 15 (June 2019), https://www.sfnet.com/docs/default-source/data-files-and-research-documents/sfnet_market_sizing___impact_study_extract_f.pdf?sfvrsn=72eb7333_2 
(estimating the number of factors at between 700 and 900).
---------------------------------------------------------------------------

    Finally, many government agencies and government-sponsored 
enterprises provide or facilitate a significant proportion of small 
business credit. As the flagship government lender, the Small Business 
Administration managed in 2019 a portfolio of over $140 billion in 
loans to small businesses, to which it added over $1 trillion in loans 
extended as part of the COVID-19 emergency lending programs. Across 
Federal, State, and municipal governments, the Bureau estimates that 
there are likely over 100 government small business lending 
programs.\145\ Additionally, the Farm Credit System reports that, as of 
December 2019, the Farm Credit System contains a total of 72 banks and 
associations.\146\ The Bureau assumes that all of these Farm Credit 
System institutions are engaged in lending to small farms.
---------------------------------------------------------------------------

    \145\ In addition to several Federal small business lending 
programs, States and major municipalities also often have one or 
more programs of their own. One State and one municipal program in 
each State would already total 100 government lending programs 
across Federal, State, and municipal governments.
    \146\ Fed. Farm Credit Banks Funding Corp., Farm Credit 2019 
Annual Information Statement of the Farm Credit System, at 7 (Feb. 
28, 2020), https://www.farmcreditfunding.com/ffcb_live/serve/public/pressre/finin/.pdf?assetId=395570. The Bureau notes that Farm Credit 
System banks do not report FFIEC Call Reports and are thus not 
counted in the number of banks and savings associations discussed 
above.

---------------------------------------------------------------------------

[[Page 56370]]

E. Challenges for Women-Owned and Minority-Owned Small Businesses

    Within the context of small business financing, women-owned and 
minority-owned businesses often face relatively more challenges than 
their counterparts. Specifically, women-owned and minority-owned small 
businesses can be even more susceptible to the impact of economic 
shocks and have a harder time accessing credit to survive and thrive in 
better times.
    Although women-owned and minority-owned businesses are found in 
many industry sectors, women-owned businesses are concentrated in the 
health care and social assistance sector, while minority-owned 
businesses are primarily concentrated in the service sector, the 
healthcare and social assistance sector, and the administrative 
support, waste management and remediation sectors.\147\ During economic 
downturns, such as the Great Recession and the financial crisis 
resulting from the COVID-19 pandemic, women-owned and minority-owned 
small businesses tend to fare worse than other small businesses. Women 
and minority business owners have been disproportionately hurt by the 
COVID-19 pandemic, with rates of business ownership dropping from 
February to April 2020 by 41 percent, 32 percent, and 26 percent for 
African American, Latinx, and Asian individuals, respectively, compared 
with 17 percent for white individuals.\148\ Female business ownership 
declined by 25 percent, compared with 20 percent for male 
ownership.\149\
---------------------------------------------------------------------------

    \147\ White Paper at 12, 15.
    \148\ Robert Fairlie, Stanford Inst. for Economic Policy 
Research, Working Paper No. 20-022, The Impact of COVID-19 on Small 
Business Owners: Evidence of Early Stage Losses from the April 2020 
Current Population Survey, at 5 (May 2020), https://siepr.stanford.edu/sites/default/files/publications/20-022.pdf. The 
authors define the rate of business ownership as the percentage of 
the labor force that owns and is actively employed in a business as 
their main job in the survey month. Id. at 3. As such, the decline 
in business ownership could reflect owners not only exiting the 
labor market but also switching to a different (wage and salary) 
job. In many cases, these exit or switching trends were temporary 
reactions to public health lockdowns and have since partially 
reversed.
    \149\ Id. at 6, 8.
---------------------------------------------------------------------------

    Women-owned and minority-owned small businesses often have smaller 
cash reserves on average, leaving them less able to weather downturns 
and credit crunches. For example, in February 2021, 39 percent of 
women-owned businesses had one month or less in cash reserves, compared 
with 29 percent of men-owned firms.\150\ And in around 90 percent of 
majority Black and Hispanic communities, most businesses have fewer 
than 14 days of cash buffer, while this is true of only 35 percent of 
majority white communities.\151\ As a result, many small businesses, 
especially those owned by women and minorities, may have had a greater 
need for financing just as small business lenders began to approve 
fewer loans in response to economic uncertainty. Loan approvals at 
smaller banks dropped from 50 percent pre-pandemic to 12 percent in 
April 2020 and have settled between 18 and 19 percent since June 2020; 
the trend is similar for large banks, credit unions, and fintechs.\152\
---------------------------------------------------------------------------

    \150\ Eric Groves, Cash Strapped SMBs, While 75% Of PPP Is Still 
Available, Alignable (Feb. 9, 2021), https://www.alignable.com/forum/alignable-road-to-recovery-report-february-2021?utm_campaign=February&utm_medium=Press&utm_source=Press.
    \151\ JPMorgan Chase Inst., Place Matters: Small Business 
Financial Health in Urban Communities, at 5 (Sept. 2019), https://www.jpmorganchase.com/content/dam/jpmc/jpmorgan-chase-and-co/institute/pdf/institute-place-matters.pdf.
    \152\ Biz2Credit, Small Business Lending Index, https://www.biz2credit.com/small-business-lending-index (last visited July 
27, 2021).
---------------------------------------------------------------------------

    The PPP--part of the Federal government's response to the 
pandemic--helped to keep many small businesses afloat, but a number of 
factors prevented minority-owned small businesses from accessing PPP 
loans as easily as other firms. For example, established banking 
relationships between applicants and lending providers were often 
critical to approvals in early PPP underwriting; \153\ many minority-
owned businesses did not have such relationships.\154\ Further, many 
minority-owned firms are sole proprietorships and independent 
contractors, both of which received delayed access to PPP loans.\155\ 
Unprofitable non-employer firms were also initially barred from 
receiving loans.\156\ Although Black-owned firms are more likely to use 
fintech providers, these lenders were only belatedly allowed to 
disburse PPP funds.\157\ However, once fintech providers were allowed 
to disburse PPP loans, Black borrowers in particular benefited from 
this access, highlighting the ability of fintech firms to reach 
minority-owned business borrowers.\158\
---------------------------------------------------------------------------

    \153\ Sara Savat, Who you know matters, even when applying for 
PPP loans, The Source, Newsroom, Wash. Univ. in St. Louis (Feb. 15, 
2021), https://source.wustl.edu/2021/02/who-you-know-matters-even-when-applying-for-ppp-loans/ (previous lender relationship increased 
likelihood of obtaining a PPP loan by 57 percent). See generally 86 
FR 7271, 7280 (Jan. 27, 2021) (noting that many banks restricted 
access to PPP loans to existing customers, which may run a risk of 
violating the ECOA and Regulation B).
    \154\ Claire Kramer Mills, Fed. Reserve Bank of N.Y., Double 
Jeopardy: COVID-19's Concentrated Health and Wealth Effects in Black 
Communities, at 6 (Aug. 2020), https://www.newyorkfed.org/medialibrary/media/smallbusiness/DoubleJeopardy_COVID19andBlackOwnedBusinesses (arguing that a lack 
of strong banking relationships among Black-owned firms may have led 
to relatively lower rates of access to PPP loans for such firms); 
Fed. Reserve Banks, Small Business Credit Survey: 2021 Report on 
Firms Owned by People of Color, at ii (Apr. 15, 2021), https://www.fedsmallbusiness.org/medialibrary/FedSmallBusiness/files/2021/sbcs-report-on-firms-owned-by-people-of-color (Small Business Credit 
Survey of Firms Owned by People of Color) (finding that ``firms 
owned by people of color tend to have weaker banking 
relationships'').
    \155\ Greg Iacurci, Coronavirus loan program delayed for 
independent contractors and self-employed workers, CNBC (Apr. 3, 
2020), https://www.cnbc.com/2020/04/03/delays-in-sba-loans-for-independent-contractors-self-employed-workers.html.
    \156\ Stacy Cowley, `It Was a Joke': Some Small Businesses Got 
$1 Relief Loans, N.Y. Times (Jan. 11, 2021), https://www.nytimes.com/2021/01/11/business/small-businesses-ppp-covid.html 
(observing that sole proprietorships were initially eligible for PPP 
loans only if they were profitable); see also Stacy Cowley, Minority 
Entrepreneurs Struggled to Get Small-Business Relief Loans, N.Y. 
Times (Apr. 4, 2021), https://www.nytimes.com/2021/04/04/business/ppp-loans-minority-businesses.html (noting that sole proprietorships 
and independent contractor business structures are particularly 
prevalent among minority-owned businesses, which led to minority-
owned businesses being disproportionately restricted from accessing 
PPP loans during initial roll-out of the program).
    \157\ Claire Kramer Mills, Fed. Reserve Bank of N.Y., Double 
Jeopardy: COVID-19's Concentrated Health and Wealth Effects in Black 
Communities, at 5-7 (Aug. 2020), https://www.newyorkfed.org/medialibrary/media/smallbusiness/DoubleJeopardy_COVID19andBlackOwnedBusinesses.
    \158\ Jessica Battisto et al., Liberty Street Economics, Fed. 
Reserve Bank of N.Y., Who Benefited from PPP Loans by Fintech 
Lenders? (May 27, 2021), https://libertystreeteconomics.newyorkfed.org/2021/05/who-benefited-from-ppp-loans-by-fintech-lenders.html.
---------------------------------------------------------------------------

    Finally, applicants whose owners belong to protected categories may 
have received different credit outcomes when applying for PPP loans, 
although limitations in demographic information for PPP loans have 
hindered fair lending analyses.\159\
---------------------------------------------------------------------------

    \159\ Rocio Sanchez-Moyano, Fed. Reserve Bank of S.F., Paycheck 
Protection Program Lending in the Twelfth Federal Reserve District 
(Mar. 3, 2021), https://www.frbsf.org/community-development/publications/community-development-research-briefs/2021/february/ppp-lending-12th-district/ (citing matched-pair audit studies that 
found discouragement and provision of incomplete information for 
minority business owners seeking PPP loans); 86 FR 7271, 7280 (Jan. 
27, 2021) (noting that facially neutral PPP policies such as 
limiting loans to businesses with pre-existing relationships may run 
a risk of violating the ECOA and Regulation B due to a 
disproportionate impact on a prohibited basis).
---------------------------------------------------------------------------

    Given the severity of the COVID-19 pandemic for small businesses 
generally and its potentially disproportionate impact on women-owned 
and minority-owned small businesses, it is essential to better 
understand the small business financing landscape to maintain support 
for this key part of the U.S. economy both during and after the 
pandemic.

[[Page 56371]]

F. The Purposes and Impact of Section 1071

    The Dodd-Frank Act sets forth the Bureau's purposes and mission. It 
provides that a key component of the Bureau's fair lending work is to 
ensure fair, equitable, and nondiscriminatory access to credit for both 
individuals and their communities.\160\ And in passing section 1071, 
Congress articulated two purposes for requiring the Bureau to collect 
data on small business credit applications and loans--to ``facilitate 
enforcement of fair lending laws'' and to ``enable communities, 
governmental entities, and creditors to identify business and community 
development needs and opportunities of women-owned, minority-owned, and 
small businesses.'' \161\ Although the Dodd-Frank Act does not further 
explain or clarify these dual statutory purposes, other Federal laws 
shed light on both purposes. That is, a set of existing Federal laws 
form the backdrop for the use of 1071 data to facilitate the 
enforcement of fair lending laws, and to identify business and 
community development needs of small businesses across the United 
States.
---------------------------------------------------------------------------

    \160\ See 12 U.S.C. 5493(c)(2)(A) (directing the Office of Fair 
Lending and Equal Opportunity to provide ``oversight and enforcement 
of Federal laws intended to ensure the fair, equitable, and 
nondiscriminatory access to credit for both individuals and 
communities that are enforced by the Bureau,'' including ECOA and 
the Home Mortgage Disclosure Act).
    \161\ ECOA section 704B(a).
---------------------------------------------------------------------------

1. Facilitating Enforcement of Fair Lending Laws
    Congress intended for section 1071 to ``facilitate enforcement of 
fair lending laws,'' \162\ which include ECOA, the Home Mortgage 
Disclosure Act of 1975 (HMDA),\163\ the Fair Housing Act (FHAct),\164\ 
and other Federal and State anti-discrimination laws.
---------------------------------------------------------------------------

    \162\ Id.
    \163\ 12 U.S.C. 2801 et seq.
    \164\ 42 U.S.C. 3601 through 3619.
---------------------------------------------------------------------------

i. Equal Credit Opportunity Act (ECOA)
    ECOA, which is implemented by Regulation B, applies to all 
creditors. Congress first enacted ECOA in 1974 to require financial 
institutions and other firms engaged in the extension of credit to 
``make credit equally available to all creditworthy customers without 
regard to sex or marital status.'' \165\ Two years later, Congress 
expanded ECOA's scope to include age, race, color, religion, national 
origin, receipt of public assistance benefits, and exercise of rights 
under the Federal Consumer Credit Protection Act.\166\
---------------------------------------------------------------------------

    \165\ Public Law 93-495, tit. V, section 502, 88 Stat. 1500, 
1521 (1974).
    \166\ See Equal Credit Opportunity Act Amendments of 1976, 
Public Law 94-239, section 701(a), 90 Stat. 251, 251 (1976).
---------------------------------------------------------------------------

    ECOA makes it unlawful for any creditor to discriminate against any 
applicant with respect to any aspect of a credit transaction (1) on the 
basis of race, color, religion, national origin, sex (including sexual 
orientation and gender identity),\167\ marital status, or age (provided 
the applicant has the capacity to contract); (2) because all or part of 
the applicant's income derives from any public assistance program; or 
(3) because the applicant has in good faith exercised any right under 
the Consumer Credit Protection Act.\168\ In keeping with the broad 
reach of the statute's prohibition, Regulation B covers creditor 
activities before, during, and after the extension of credit.\169\ 
Regulation B also bars creditors from making any oral or written 
statement, in advertising or otherwise, to applicants or prospective 
applicants that would discourage, on a prohibited basis, a reasonable 
person from making or pursuing an application.\170\ Regulation B also 
generally prohibits creditors from making inquiries about whether an 
applicant is a member of certain protected categories.\171\
---------------------------------------------------------------------------

    \167\ In March 2021, the Bureau issued an interpretive rule 
clarifying that the scope of ECOA's and Regulation B's prohibition 
on credit discrimination on the basis of sex encompasses 
discrimination based on sexual orientation and gender identity, 
including discrimination based on actual or perceived nonconformity 
with sex-based or gender-based stereotypes and discrimination based 
on an applicant's associations. 86 FR 14363 (Mar. 16, 2021). See 
also Press Release, Bureau of Consumer Fin. Prot., CFPB Clarifies 
That Discrimination by Lenders on the Basis of Sexual Orientation 
and Gender Identity Is Illegal (Mar. 9, 2021), https://www.consumerfinance.gov/about-us/newsroom/cfpb-clarifies-discrimination-by-lenders-on-basis-of-sexual-orientation-and-gender-identity-is-illegal/. The interpretive rule states that an example 
of discriminatory sex-based or gender-based stereotyping occurs if a 
small business lender discourages a small business owner appearing 
at its office from applying for a business loan and tells the 
prospective applicant to go home and change because, in the view of 
the creditor, the small business customer's attire does not accord 
with the customer's gender. 86 FR at 14365.
    \168\ 15 U.S.C. 1601 et seq.
    \169\ See Regulation B Sec.  1002.4(a) and (b).
    \170\ Id. Sec.  1002.4(b).
    \171\ Id. Sec.  1002.5(b) through (d).
---------------------------------------------------------------------------

    The Bureau has recognized the following methods of proving lending 
discrimination under ECOA and Regulation B: Overt evidence of 
discrimination, evidence of disparate treatment, and evidence of 
disparate impact.\172\ Overt evidence of discrimination exists when a 
creditor blatantly discriminates on a prohibited basis.\173\ Disparate 
treatment occurs when a creditor treats an applicant differently based 
on a prohibited basis such as race or national origin.\174\ Disparate 
impact occurs when a creditor employs facially neutral policies or 
practices that have an adverse effect or impact on a member of a 
protected class unless the facially neutral policies or practices meet 
a legitimate business need that cannot reasonably be achieved by means 
that are less disparate in their impact.\175\
---------------------------------------------------------------------------

    \172\ See Bureau of Consumer Fin. Prot., CFPB Bulletin 2012-04 
(Fair Lending), Lending Discrimination (Apr. 18, 2012), https://files.consumerfinance.gov/f/201404_cfpb_bulletin_lending_discrimination.pdf (Interagency Policy 
Statement on Discrimination in Lending) (concurring with Interagency 
Task Force on Fair Lending, Policy Statement on Discrimination in 
Lending, 59 FR 18266 (Apr. 15, 1994)).
    \173\ See Interagency Policy Statement on Discrimination in 
Lending at 18268.
    \174\ See Regulation B comment 4(a)-1 (stating that 
``[d]isparate treatment on a prohibited basis is illegal whether or 
not it results from a conscious intent to discriminate''); Bureau of 
Consumer Fin. Prot., Equal Credit Opportunity Act (ECOA) Examination 
Procedures, at 1 (Oct. 30, 2015), https://files.consumerfinance.gov/f/documents/201510_cfpb_ecoa-narrative-and-procedures.pdf (ECOA 
Examination Procedures); see also Interagency Policy Statement on 
Discrimination in Lending at 18268.
    \175\ See Regulation B comment 6(a)-2; ECOA Examination 
Procedures at 1; see also Interagency Policy Statement on 
Discrimination in Lending at 18269.
---------------------------------------------------------------------------

    Multiple Federal regulators can enforce violations of ECOA and 
Regulation B and apply various penalties. Enforcement and penalties for 
those who violate ECOA and Regulation B are set forth in 15 U.S.C. 
1691e(b) and 12 CFR 1002.16. Violations may also result in civil money 
penalties, which are governed by 12 U.S.C. 5565(c)(3). The Bureau and 
multiple other Federal regulators have the statutory authority to bring 
actions to enforce the requirements of ECOA.\176\ These regulators have 
the authority to engage in research, conduct investigations, file 
administrative complaints, hold hearings, and adjudicate claims through 
the administrative enforcement process regarding ECOA. Regulators also 
have independent litigation authority and can file cases in Federal 
court alleging violations of fair lending laws under their 
jurisdiction. Like other Federal regulators who are assigned 
enforcement authority under section 704 of ECOA, the Bureau is required 
to refer matters to the Department of Justice (DOJ) when it has reason 
to

[[Page 56372]]

believe that a creditor has engaged in a pattern or practice of lending 
discrimination.\177\ Private parties may also bring claims under the 
civil enforcement provisions of ECOA, including individual and class 
action claims against creditors for actual and punitive damages for any 
violation of ECOA.\178\
---------------------------------------------------------------------------

    \176\ These regulators include the OCC, the Board, the FDIC, the 
NCUA, the Surface Transportation Board, the Civil Aeronautics Board, 
the Secretary of Agriculture, the Farm Credit Administration, the 
Securities and Exchange Commission, the SBA, the Secretary of 
Transportation, the Bureau, and the FTC. See 15 U.S.C. 1691c; 
Regulation B Sec.  1002.16(a).
    \177\ See 15 U.S.C. 1691e(h).
    \178\ 15 U.S.C. 1691e(a); Regulation B Sec.  1002.16(b)(1).
---------------------------------------------------------------------------

ii. Home Mortgage Disclosure Act (HMDA)
    HMDA, implemented by the Bureau's Regulation C (12 CFR part 1003), 
requires lenders who meet certain coverage tests to report detailed 
information to their Federal supervisory agencies about mortgage 
applications and loans at the transaction level. These reported data 
are a valuable resource for regulators, researchers, economists, 
industry, and advocates assessing housing needs, public investment, and 
possible discrimination as well as studying and analyzing trends in the 
mortgage market for a variety of purposes, including general market and 
economic monitoring. There may be some overlap between what is required 
to be reported under HMDA and what is covered by section 1071 for 
certain mortgage applications and loans for women-owned, minority-
owned, and small businesses.
    A violation of HMDA and Regulation C is subject to administrative 
sanctions, including civil money penalties. Compliance can be enforced 
by the Bureau, the U.S. Department of Housing and Urban Development 
(HUD), the FDIC, the Board, the National Credit Union Administration 
(NCUA), or the Office of the Comptroller of Currency (OCC). These 
regulators have the statutory authority to bring actions to enforce the 
requirements of HMDA and to engage in research, conduct investigations, 
file administrative complaints, hold hearings, and adjudicate claims 
through the administrative enforcement process regarding HMDA.
iii. Fair Housing Act (FHAct)
    Title VIII of the Civil Rights Act of 1968, as amended (Fair 
Housing Act, or FHAct), prohibits discrimination in the sale, rental, 
or financing of dwellings and in other housing-related activities 
because of race, color, religion, sex (including sexual orientation and 
gender identity),\179\ disability,\180\ familial status, or national 
origin.\181\ The Fair Housing Act \182\ and its implementing 
regulations specifically prohibit discrimination in the making of 
loans,\183\ the purchasing of loans,\184\ and in setting the terms and 
conditions for making loans available,\185\ without reference to 
consumers, legal entities, or the purpose of the loan being made, 
although these prohibitions relate exclusively to dwellings.\186\ As 
with ECOA, the courts have recognized three methods of proof of lending 
discrimination under the FHAct: (1) Overt evidence of discrimination; 
(2) evidence of disparate treatment; and (3) evidence of disparate 
impact.\187\
---------------------------------------------------------------------------

    \179\ See U.S. Dep't of Hous. & Urban Dev., Implementation of 
Executive Order 13988 on the Enforcement of the Fair Housing Act 
(Feb. 11, 2021), https://www.hud.gov/sites/dfiles/PA/documents/HUD_Memo_EO13988.pdf.
    \180\ The Bureau uses the term ``disability'' to refer to what 
the FHA and its implementing regulations term a ``handicap'' because 
that is the preferred term. See, e.g., Hunt v. Aimco Props., L.P., 
814 F.3d 1213, 1218 n.1 (11th Cir. 2016) (noting the term disability 
is generally preferred over handicap).
    \181\ 42 U.S.C. 3601 through 3619, 3631.
    \182\ 42 U.S.C. 3605(b) (noting that for purposes of 3605(a), a 
``residential real estate-related transaction'' includes the making 
or purchasing of loans or providing other financial assistance for 
purchasing, constructing, improving, repairing, or maintaining a 
dwelling, or transactions secured by residential real estate).
    \183\ 24 CFR 100.120.
    \184\ 24 CFR 100.125.
    \185\ 24 CFR 100.130.
    \186\ A ``dwelling,'' as defined by the Fair Housing Act, is any 
building, structure, or portion thereof which is occupied as, or 
designed or intended for occupancy as, a residence by one or more 
families, and any vacant land which is offered for sale or lease for 
the construction or location thereon of any such building, 
structure, or portion thereof. 42 U.S.C. 3602(b).
    \187\ See Interagency Policy Statement on Discrimination in 
Lending at 18268. See also 78 FR 11459, 11459 (Feb. 15, 2013) 
(stating that HUD, which is statutorily charged with the authority 
and responsibility for interpreting and enforcing the Fair Housing 
Act and with the power to make rules implementing the Act, ``has 
long interpreted the Act to prohibit practices with an unjustified 
discriminatory effect, regardless of whether there was an intent to 
discriminate'').
---------------------------------------------------------------------------

    The DOJ and HUD are jointly responsible for enforcing the Fair 
Housing Act. The Fair Housing Act authorizes the HUD Secretary to issue 
a Charge of Discrimination on behalf of aggrieved persons following an 
investigation and a determination that reasonable cause exists to 
believe that a discriminatory housing practice has occurred.\188\ The 
DOJ may bring lawsuits where there is reason to believe that a person 
or entity is engaged in a ``pattern or practice'' of discrimination or 
where a denial of rights to a group of persons raises an issue of 
general public importance,\189\ or where a housing discrimination 
complaint has been investigated by HUD, HUD has issued a Charge of 
Discrimination, and one of the parties to the case has ``elected'' to 
go to Federal court.\190\ In FHAct cases, HUD and the DOJ can obtain 
injunctive relief, including affirmative requirements for training and 
policy changes, monetary damages and, in pattern or practice cases, 
civil penalties.\191\
---------------------------------------------------------------------------

    \188\ 42 U.S.C. 3610(g)(1) and (2).
    \189\ See 42 U.S.C. 3614(a).
    \190\ 42 U.S.C. 3612(o)(1).
    \191\ See 42 U.S.C. 3612, 3614.
---------------------------------------------------------------------------

    Upon receipt of a complaint alleging facts that may constitute a 
violation of the FHAct or upon receipt of information from a consumer 
compliance examination or other information suggesting a violation of 
the FHAct, Federal executive agencies forward such facts or information 
to HUD and, where such facts or information indicate a possible pattern 
or practice of discrimination in violation of the FHAct, to the 
DOJ.\192\ Private parties may also bring claims under the civil 
enforcement provisions of FHAct.\193\
---------------------------------------------------------------------------

    \192\ 59 FR 2939, 2939 (Jan. 17, 1994).
    \193\ See 42 U.S.C. 3613.
---------------------------------------------------------------------------

iv. Other Fair Lending Laws
    Several other Federal statutes seek to promote fair lending. The 
CRA seeks affirmatively to encourage institutions to help to meet the 
credit needs of the entire community served by each institution covered 
by the statute, and CRA ratings take into account lending 
discrimination by those institutions.\194\ The Americans with 
Disabilities Act of 1990 prohibits discrimination against persons with 
disabilities in the provision of goods and services, including credit 
services.\195\ Sections 1981\196\ and 1982 \197\ of the Federal Civil 
Rights Acts are broad anti-discrimination laws that have been applied 
to many aspects of credit transactions.\198\
---------------------------------------------------------------------------

    \194\ See 12 U.S.C. 2901 et seq.
    \195\ See 42 U.S.C. 12101 et seq.
    \196\ 42 U.S.C. 1981(a).
    \197\ 42 U.S.C. 1982.
    \198\ See, e.g., Jackson v. Novastar Mortg., Inc., 645 F. Supp. 
2d 636 (W.D. Tenn. 2007) (motion to dismiss claim that defendants 
violated sections 1981 and 1982 by racial targeting and by offering 
credit on less favorable terms on the basis of race denied); Johnson 
v. Equicredit Corp., No. 01-CIV-5197, 2002 U.S. Dist. LEXIS 4817 
(N.D. Ill. Mar. 22, 2002) (predatory lending/reverse redlining case 
brought pursuant to section 1981); Hargraves v. Cap. City Mortg. 
Corp., 140 F. Supp. 2d 7 (D.D.C. 2000) (predatory lending/reverse 
redlining case brought under both sections 1981 and 1982), 
reconsideration granted in part, denied in part, 147 F. Supp. 2d 1 
(D.D.C. 2001) (section 1981 claim dismissed for lack of standing, 
but not section 1982 claim); Doane v. Nat'l Westminster Bank USA, 
938 F. Supp. 149 (E.D.N.Y. 1996) (mortgage redlining case brought 
under sections 1981 and 1982); Fairman v. Schaumberg Toyota, Inc., 
No. 94-CIV-5745, 1996 U.S. Dist. LEXIS 9669 (N.D. Ill. July 10, 
1996) (section 1981 suit over allegedly predatory credit scheme 
targeting African Americans and Hispanics); Steptoe v. Sav. of Am., 
800 F. Supp. 1542 (N.D. Ohio 1992) (mortgage redlining case brought 
under sections 1981 and 1982 and the Fair Housing Act); Evans v. 
First Fed. Sav. Bank of Ind., 669 F. Supp. 915 (N.D. Ind. 1987) 
(section 1982 can be used in mortgage lending discrimination case); 
Assocs. Home Equity Servs. v. Troup, 778 A.2d 529 (N.J. 2001) 
(predatory lending/reverse redlining case brought pursuant to 
section 1981).

---------------------------------------------------------------------------

[[Page 56373]]

    Many States and municipalities have also enacted fair lending, fair 
housing, and/or civil rights laws (often modeled on their Federal 
counterparts) that seek to broadly prohibit credit discrimination, 
including protections for business credit.\199\ Some of these laws 
expressly enumerate protections beyond those expressly enumerated in 
the Federal statutes.\200\
---------------------------------------------------------------------------

    \199\ See, e.g., Cal. Civ. Code 51 and 51.5 and Cal. Gov't Code 
12955; Colo. Rev. Stat. 24-34-501(3) and 5-3-210; Conn. Gen. Stat. 
46a-81e, 46a-81f, and 46a-98; Del. Code Ann. tit. 6, 4604; D.C. Code 
2-1402.21; Haw. Rev. Stat. 515-3 and 515-5; 775 Ill. Comp. Stat. 5/
1-102, 5/1-103, 5/4-102, 5/3-102, and 5/4-103; Iowa Code 216.8A and 
216.10; Me. Rev. Stat. tit. 5, 4553(5-C) and (9-C), 4595 to 4598, 
and 4581 to 4583; Md. Code Ann. State Gov't 20-705, 20-707, and 20-
1103; Mass. Gen. Laws ch. 151B, 4(3B), (14); Minn. Stat. 363A.03 
(Subd. 44), 363A.09(3), 363A.16 (Subds. 1 and 3), and 363A.17; N.H. 
Rev. Stat. Ann. 354-A:10; N.J. Stat. Ann. 10:5-12(i); N.M. Stat. 
Ann. 28-1-7; N.Y. Civ. Rights Law 40-c(2); N.Y. Exec. Law 296-A; Or. 
Rev. Stat. 174.100(7) and 659A.421; R.I. Gen. Laws 34-37-4(a) 
through (c), 34-37-4.3, and 34-37-5.4; Va. Code Ann. 6.2-501(B)(1), 
15.2-853, and 15.2-965; Vt. Stat. Ann. tit. 8, 10403 and tit. 9, 
2362, 2410, and 4503(a)(6); Wash. Rev. Code 49.60.030, 49.60.040 
(14), (26), and (27), 49.60.175, and 49.60.222; Wis. Stat. 106.50 
and 224.77. There are also a number of municipalities that have 
enacted credit discrimination ordinances. See, e.g., Austin City 
Code 5-1-1 et seq.; N.Y.C. Admin. Code 8-101 and 8-107 et seq.; S.F. 
Police Code 3304(a) et seq.
    \200\ See, e.g., Mass. Gen. Laws ch. 151B, 4(3B) (prohibiting 
discrimination based on genetic information); N.J. Stat. Ann. 10:5-1 
to 10:5-42 (same); D.C. Code 2-1401.02 and 2-1402.21 (extending 
protections from discrimination to domestic violence victims); Wis. 
Stat. 224.77 (same); N.Y. Exec. Law 296-a (prohibiting 
discrimination on the basis of military status) (credit 
transactions); N.Y. Exec. Law 296(5)(a) through (c) (same) (housing 
transactions); Wash. Rev. Code 49.60.176 (protecting veterans and 
honorably discharged service members); 775 Ill. Comp. Stat. 5/3-101 
and 5/4-101 (prohibiting discrimination based on an applicant's 
unfavorable discharge from the military); 815 Ill. Comp. Stat. 140/
1a (same). Several other State statutes also prohibit discrimination 
based on the geographic area of residence. See, e.g., 815 Ill. Comp. 
Stat. 120/1 to 120/6; Iowa Code 535A.1 to 535A.9; Md. Code Ann., 
Com. Law 12-603 (West); Mich. Comp. Laws 445.1601 to 445.1614; Minn. 
Stat. 363A.09(3)(c); N.Y. Banking Law 9-f; Wash. Rev. Code 30.04.500 
to 30.04.515.
---------------------------------------------------------------------------

v. Facilitating Enforcement
    In order for the 1071 rule to facilitate enforcement of the fair 
lending laws discussed above, the Bureau believes that it must collect 
and make available sufficient data to help the public and regulators 
identify potentially discriminatory lending patterns that could 
constitute violations of fair lending laws. Financial regulators and 
enforcement agencies need a consistent and comprehensive dataset for 
all financial institutions subject to 1071 reporting in order to also 
use 1071 data in their initial prioritization, peer analysis, redlining 
reviews, and screening processes to select institutions for monitoring, 
examination, or investigation. Section 1071 data would facilitate more 
efficient fair lending examinations. For example, regulators could use 
pricing and other data to prioritize fair lending examinations--without 
such data, some financial institutions would face unnecessary 
examination burden while others whose practices warrant closer review 
would not receive sufficient scrutiny.
    Moreover, as discussed in part V below, the Bureau believes 
specific aspects of its proposal offer particular benefits for the 
enforcement of fair lending laws. For example, the Bureau's proposal 
regarding transactional and institutional coverage would allow 
community groups and government agencies to include most of the small 
business financing market in fair lending analyses. The proposed 
inclusion of pricing data fields such as interest rate and fees would 
provide information on disparities in pricing outcomes, and data fields 
such as gross annual revenue, denial reasons, and time in business 
would allow for a more refined analysis and understanding of 
disparities in both underwriting and pricing outcomes. While 1071 data 
alone generally will not offer proof of compliance with fair lending 
laws, regulators, community groups, researchers, and financial 
institutions will be able to use 1071 data to identify potential 
disparities in small business lending based on disaggregated categories 
of race and ethnicity. Overall, the data collection under 1071 rule 
will allow, for the first time, for comprehensive and market-wide fair 
lending risk analysis.
2. Identifying Business and Community Development Needs
    The second purpose of section 1071 is to enable communities, 
governmental entities, and creditors to identify business and community 
development needs and opportunities of women-owned, minority-owned, and 
small businesses.\201\
---------------------------------------------------------------------------

    \201\ ECOA section 704B(a).
---------------------------------------------------------------------------

    Section 1071 does not expressly define the phrase ``business and 
community development needs.'' However, other Federal statutes and 
regulations, including the CRA and the Riegle Community Development and 
Regulatory Improvement Act of 1994,\202\ reference or define the 
phrases ``business development'' and ``community development'' and can 
help explain what it means to enable communities, governmental 
entities, and creditors to ``identify business and community 
development needs and opportunities.''
---------------------------------------------------------------------------

    \202\ Public Law 103-325, tit. I, section 102, 108 Stat. 2160, 
2163 (1994) (12 U.S.C. 4701 through 4719).
---------------------------------------------------------------------------

    The Bureau believes, based on its consideration of these other 
Federal statutes and regulations, that the proposed 1071 rule would 
provide more data to the public--including communities, governmental 
entities, and creditors--for analyzing whether financial institutions 
are serving the credit needs of their small business customers. In 
addition, with 1071 data, the public would be better able to understand 
access to and sources of credit in particular communities or 
industries, such as a higher concentration of risky loan products in a 
given community, and to identify the emergence of new loan products, 
participants, or underwriting practices. The data would not only assist 
in identifying potentially discriminatory practices, but would also 
contribute to a better understanding of the experiences that members 
within certain communities may share in the small business financing 
market.
i. Community Reinvestment Act (CRA)
    The CRA, a part of the Housing and Community Development Act, was 
passed by Congress in 1977, which found that ``regulated financial 
institutions have continuing and affirmative obligation to help meet 
the credit needs of the local communities in which they are 
chartered.'' \203\ As such, one of the statutory purposes of the CRA is 
to encourage such institutions to help meet the credit needs of the 
local communities in which they are chartered consistent with the safe 
and sound operation of such institutions.\204\
---------------------------------------------------------------------------

    \203\ 12 U.S.C. 2901(a)(3).
    \204\ 12 U.S.C. 2901(b).
---------------------------------------------------------------------------

    The legislative history for the CRA suggests that the concerns 
motivating the Act's passage included certain practices by banks 
including redlining (i.e., declining to extend credit in neighborhoods 
populated by ethnic or racial minorities) \205\ and community

[[Page 56374]]

disinvestment (i.e., taking deposits from lower-income areas, often 
populated by ethnic or racial minorities, without extending credit or 
banking services to residents of those areas).\206\ The CRA requires 
the ``appropriate Federal financial supervisory agency'' of a given 
depository institution to ``prepare a written evaluation of the 
institution's record of meeting the credit needs of its entire 
community, including low- and moderate-income neighborhoods.'' \207\ 
These requirements were first implemented by a 1978 rulemaking,\208\ 
and were amended in 1995 \209\ and 2005.\210\ These rulemakings, 
adopted by each of the agencies responsible for ensuring compliance 
with the CRA, established specific performance measures,\211\ requiring 
banks to disclose information about small business, small farm and 
community development lending.\212\
---------------------------------------------------------------------------

    \205\ See H.R. Rep. No. 561, 94th Cong., 1st Sess. 4 (1975) 
(``[The practice of redlining] increasingly has served to polarize 
elements of our society . . . . As polarization intensifies, 
neighborhood decline accelerates.''), reprinted in 1975 U.S.C.C.A.N. 
2303, 2305-06.
    \206\ Robert C. Art, Social Responsibility in Bank Credit 
Decisions: The Community Reinvestment Act One Decade Later, 18 Pac. 
L.J. 1071, 1076-77 & n.23 (1987) (citing 123 Cong. Rec. S8958 (daily 
ed. June 6, 1977), which stated that Sen. Proxmire, the 
congressional sponsor of the Act described redlining as ``the fact 
that banks and savings and loans will take their deposits from a 
community and instead of reinvesting them in that community, they 
will invest them elsewhere, and they will actually or figuratively 
draw a red line on a map around the areas of their city,'' further 
noting that those lines are drawn ``sometimes in the inner city, 
sometimes in the older neighborhoods, sometimes ethnic and sometimes 
black . . . .'').
    \207\ 12 U.S.C. 2906(a)(1).
    \208\ 43 FR 47144 (Oct. 12, 1978).
    \209\ 60 FR 22156 (May 4, 1995).
    \210\ 70 FR 44256 (Aug. 2, 2005).
    \211\ 12 CFR 228.11.
    \212\ See, e.g., 12 CFR 25.42, 228.11.
---------------------------------------------------------------------------

    The agencies tasked with ensuring compliance--including the 
OCC,\213\ the Board,\214\ and the FDIC \215\--evaluate each insured 
depository institution's record in helping meet the credit needs of its 
entire community.\216\ Overall, the CRA and its regulations generate 
data that help agencies and the public at large identify instances of 
redlining, community disinvestment, and geographical areas that are 
``banking deserts.'' \217\ The CRA regulations of the Board and the 
FDIC currently have the same definitions of ``community development'' 
that include banking and credit services that support the following: 
(1) Affordable housing for low- and moderate-income (LMI) individuals; 
\218\ (2) community services for LMI individuals; \219\ (3) activities 
that promote economic development by financing small business and small 
farms; \220\ and (4) activities that revitalize or stabilize LMI 
geographies, disaster areas, and certain distressed or underserved 
middle-income areas based on other factors.\221\
---------------------------------------------------------------------------

    \213\ 12 CFR part 25.
    \214\ 12 CFR part 228.
    \215\ 12 CFR parts 345, 195.
    \216\ Most specifically, that record is taken into account in 
considering an institution's application for deposit facilities, 
including mergers and acquisitions with other financial institutions 
and the opening of bank branches.
    \217\ OCC regulations define ``CRA desert'' as an area that has 
``significant unmet community development or retail lending needs'' 
and where: (1) Few banks have branches or non-branch deposit-taking 
facilities, (2) There is ``less retail or community development 
lending than would be expected based on demographic or other 
factors,'' or (3) The area ``lacks community development 
organizations or infrastructure.'' 12 CFR 25.03.
    \218\ 12 CFR 228.12(g)(1), 345.12(g)(1).
    \219\ 12 CFR 228.12(g)(2), 345.12(g)(2).
    \220\ 12 CFR 228.12(g)(3), 345.12(g)(3).
    \221\ 12 CFR 228.12(g)(4), 345.12(g)(4).
---------------------------------------------------------------------------

    In September 2020, the Board announced an advance notice of 
proposed rulemaking to update its CRA regulations, specifically to more 
effectively meet the needs of LMI communities and address inequities in 
credit access.'' \222\ As part of this exercise, the Board requested 
feedback on potential revisions to its data collection and reporting 
requirements.\223\ The Board suggested that more granular reporting of 
community development loan and investment data may be needed to aid 
community development and improve compliance with the CRA, noting that 
the lack of such data ``means that there is no aggregate community 
development data at a local level available to create the local 
benchmarks for the community development financing metric.'' \224\ As 
such, the publication of 1071 data would also be a useful resource for 
supporting community development efforts under the CRA.
---------------------------------------------------------------------------

    \222\ 85 FR 66410 (Oct. 19, 2020).
    \223\ Id. at 66459-63.
    \224\ Id. at 66462.
---------------------------------------------------------------------------

    In June 2020, the OCC promulgated a final rule that adopted a 
broader definition of ``community development'' than the one used by 
the Board and the FDIC.\225\ However, in July 2021, the OCC announced 
that it was reconsidering the June 2020 revisions to its CRA 
regulations,\226\ and that it may join the Board's consideration of 
proposed revisions to strengthen bank compliance with CRA 
regulations.\227\
---------------------------------------------------------------------------

    \225\ The FDIC initially joined the OCC in issuing its early 
2020 proposed rule to expand the definition of ``community 
development'' for purposes of CRA compliance, but it did not join 
the OCC in its issuance of a rule finalizing that proposal. Compare 
85 FR 1204 (Jan. 9, 2020) (joint FDIC-OCC proposal to amend the 
agencies' respective CRA regulations), with 85 FR 34734 (June 5, 
2020) (OCC final rule amending CRA regulations). The rule added to 
the range of activities that comprise ``community development'' for 
purposes of the OCC's revisions to the CRA regulations. 
Specifically, the OCC expanded the qualifying activities criteria to 
capture activities the OCC stated were consistent with the statutory 
purpose of the CRA but that generally did not receive credit under 
CRA regulations prior to the OCC's revisions, including certain 
activities in identified ``areas of need beyond LMI areas (i.e., 
underserved areas, distressed areas, disaster areas, Indian country 
and other tribal and native lands)'' as well as those activities 
that ``benefit a whole community, while maintaining an appropriate 
focus on LMI neighborhoods.'' 85 FR 34734, 34735 (June 5, 2020); see 
also 12 CFR 25.04(a)(1) (stating that a retail loan, a community 
development loan, a community development investment, or a community 
development service ``that helps to meet the credit needs of a 
bank's entire community, including low- and moderate-income 
communities, is a qualifying activity if it meets the criteria in 
this section at the time the activity is originated, made, or 
conducted''); 12 CFR 25.04(b)(3) (listing 12 sets of activities that 
qualify as community development loans, investments and services).
    \226\ Off. of the Comptroller of the Currency, OCC Statement on 
Rescinding its 2020 Community Reinvestment Act Rule (News Release 
2021-76) (July 20, 2021), https://www.occ.gov/news-issuances/news-releases/2021/nr-occ-2021-76.html (stating that the OCC will propose 
rescinding its June 2020 CRA final rule).
    \227\ Id. (noting the crucial nature of strengthening the CRA 
jointly with the Board and FDIC and signaling intention to issue a 
joint notice of proposed rulemaking building on the ANPR proposed by 
the Board in September 2020).
---------------------------------------------------------------------------

ii. Community Development Financial Institution Fund (CDFI Fund)
    The Riegle Community Development and Regulatory Improvement Act of 
1994 authorized the CDFI Fund.\228\ In passing that statute, Congress 
found that many of the Nation's urban, rural, and Native American 
communities face ``critical social and economic problems arising in 
part from the lack of economic growth, people living in poverty, and 
the lack of employment and other opportunities.'' \229\
---------------------------------------------------------------------------

    \228\ 12 U.S.C. 4701(b).
    \229\ 12 U.S.C. 4701(a)(1).
---------------------------------------------------------------------------

    To address these problems, Congress created the CDFI Fund to 
``promote economic revitalization and community development'' through 
investment in and assistance to CDFIs, including enhancing the 
liquidity of CDFIs.\230\
---------------------------------------------------------------------------

    \230\ 12 U.S.C. 4701(b).
---------------------------------------------------------------------------

    The concept of community development is central to the operation of 
the CDFI Fund. While CDFI Fund regulations do not directly define that 
term, any entity applying for CDFI certification must have ``promoting 
community development'' as its ``primary mission.'' \231\ In making 
this determination, the CDFI Fund considers whether the activities of 
the entity are purposefully directed toward improving the social and/or 
economic conditions of underserved people, which may include low-income 
persons or persons

[[Page 56375]]

who lack adequate access to capital and financial services and 
residents of economically distressed communities.\232\
---------------------------------------------------------------------------

    \231\ 12 CFR 1805.201(b)(1).
    \232\ Id.
---------------------------------------------------------------------------

    The CDFI Fund collects data from the recipients of its financial 
and technical assistance, shedding some light on the extent of 
community development in the areas where CDFIs operate.\233\ The CDFI 
Fund also publishes the data it receives with appropriate redactions to 
protect privacy interests.\234\ However, given that CDFIs comprise a 
relatively small share of the overall small business lending market, 
section 1071 would materially enhance understanding of the broader 
extent of community development outside of areas where CDFIs already 
operate. The data from a 1071 rulemaking would also likely augment the 
data the CDFI Fund already receives.
---------------------------------------------------------------------------

    \233\ 12 CFR 1805.803(e) (requiring recipients of technical and 
financial assistance to provide to the CDFI Fund certain information 
and documentation).
    \234\ 12 CFR 1805.803(e)(4).
---------------------------------------------------------------------------

3. Potential Impact of Section 1071 Data
    A section 1071 rule would provide on an annual basis application-
level data on small business credit, including certain protected 
demographic information about applicants and their principal owners. 
This would include information on applications for credit that are 
originated, as well as those that are denied, withdrawn, incomplete, or 
approved by the financial institution but not accepted by the 
applicant. This information would enable stakeholders of all kinds in 
the small business lending market to gain unprecedented insight into 
trends in small business lending, specifically with respect to women-
owned and minority-owned small businesses. It would also provide 
insight into the interaction of supply and demand over time.
    In terms of facilitating fair lending enforcement, interested 
government agencies and other stakeholders would be able to use 1071 
data to analyze potential instances of practices resulting in the 
disparate treatment of or disparate impact on women- and minority-owned 
small businesses, using statistical methods to identify possible fair 
lending risks.
    Regarding the identification of business and community development 
needs, the data that would be made available by the Bureau under this 
rulemaking, if finalized as proposed, would help government entities 
and public and private lenders identify and target sub-segments of the 
market that remain underserved, facilitating entrepreneurship and 
business development in those communities.
    The advancement of both statutory purposes of section 1071--
facilitating fair lending enforcement and identifying business and 
community development needs--in turn will support small businesses 
across all sectors of the economy, which are fundamental to the 
economic health of the U.S. and which have been hard hit by recent 
economic and financial crises. The use of data that would be provided 
pursuant to regulations under section 1071 can both support the 
underlying purposes of section 1071 and help the economy as a whole. 
For example, according to one estimate, fair and equitable lending to 
Black entrepreneurs could have added $13 trillion in business revenue 
over the last 20 years and created 6 million jobs.\235\ As the economy 
recovers from the effects of the COVID-19 pandemic, data collected and 
published pursuant to regulations implementing section 1071 would help 
to support equitable and sustainable growth and prosperity in all 
communities in the U.S.
---------------------------------------------------------------------------

    \235\ Citigroup, Citi GPS: Global Perspectives & Solutions, 
Closing the Racial Inequality Gaps: The Economic Cost of Black 
Inequality in the U.S., at 4 (Sept. 2020), https://ir.citi.com/NvIUklHPilz14Hwd3oxqZBLMn1_XPqo5FrxsZD0x6hhil84ZxaxEuJUWmak51UHvYk75VKeHCMI%3D.
---------------------------------------------------------------------------

4. Bureau Priorities
    On June 2, 2021, the Bureau announced as priorities action to 
address issues of pervasive racial injustice and the long-term economic 
impacts of the COVID-19 pandemic on consumers.\236\ The Acting Director 
explained that the Bureau will use all of its tools and authority--
including rulemaking--to protect and fight for fairness for all 
consumers in financial markets.\237\ The Bureau believes that 
implementing the section 1071 data collection, maintenance, and 
reporting obligations established in the Dodd-Frank Act would advance 
those priorities.
---------------------------------------------------------------------------

    \236\ Blog post, Dave Uejio, Acting Director, Bureau of Consumer 
Fin. Prot., Addressing racial inequities in consumer finance markets 
(June 2, 2021), https://www.consumerfinance.gov/about-us/blog/addressing-racial-inequities-consumer-finance-markets/.
    \237\ See Bureau of Consumer Fin. Prot., https://www.consumerfinance.gov/about-us/racial-equity/.
---------------------------------------------------------------------------

    Congress enacted section 1071 for the purposes of facilitating 
enforcement of fair lending laws, and enabling communities, 
governmental entities, and creditors to identify business and community 
development needs and opportunities for women-owned, minority-owned, 
and small businesses. The Bureau believes that 1071 data will come to 
play an important role as HMDA data have done for the mortgage market. 
HMDA data have provided lenders, community groups, and others the tools 
to identify and address fair lending risks and strengthen fair lending 
oversight and enforcement. In a similar way, section 1071 data will 
allow diverse stakeholders to analyze lending patterns that are 
potentially discriminatory. By identifying and addressing 
discriminatory small business lending practices, the Bureau will help 
to ensure fair, equitable, and nondiscriminatory access to credit for 
both individuals and their communities.
    HMDA data have also proven effective in creating transparency in 
the mortgage market that improves the understanding of credit needs, 
where they may remain unmet, and the relationship between mortgage 
lending and community development. The Bureau believes that the 1071 
data will provide the Bureau and other stakeholders with critical 
insights into the small business lending market. The current COVID-19 
pandemic has shown that transparency is essential at a time of crisis, 
when small businesses, especially those owned by women and minorities, 
may be in urgent need of credit in order to recover from the economic 
shocks. As at least one SER suggested, a 1071 rule would help lenders 
across the country better connect underserved entrepreneurs to working 
capital and resources in order to build a more inclusive economy.

III. Outreach

    In the years leading up to the release of this proposed rule, the 
Bureau held over 100 outreach meetings with financial institutions, 
trade associations, community groups, researchers, governmental 
entities, and other stakeholders regarding the 1071 rulemaking. The 
Bureau also took a number of other steps, beyond individual stakeholder 
meetings, to solicit feedback more broadly from the public on a 1071 
rule.
    Request for information, field hearing, and White Paper on small 
business lending. On May 10, 2017, the Bureau published a request for 
information (RFI) regarding the small business lending market \238\ in 
which it sought public comment to understand more about the products 
that are offered to small businesses, the financial institutions that 
offer such credit, the small business lending data that currently are 
used and may be maintained by financial institutions, the potential 
complexity and cost of small business data collection and reporting,

[[Page 56376]]

and privacy concerns related to the disclosure purposes of section 
1071.\239\ On the same date, the Bureau held a field hearing regarding 
section 1071 at which the RFI was announced and then-Director Richard 
Cordray noted the importance of a section 1071 rulemaking given the 
absence of systematic data on how small businesses are faring and 
whether or how much they are being held back by financing 
constraints.\240\ Finally, at the same time, the Bureau also published 
its White Paper on small business lending,\241\ which reflected the 
initial findings of the Bureau's research providing a preliminary 
understanding of the small business lending environment, with a 
particular emphasis on lending to women-owned and minority-owned small 
businesses.
---------------------------------------------------------------------------

    \238\ 82 FR 22318 (May 15, 2017).
    \239\ In response to the RFI, the Bureau received over 2,000 
comments in total, and over 100 unique comments offering detailed 
substantive responses on the topics raised in the RFI. These 
comments from the public helped to inform the Bureau's approach in 
its SBREFA Outline. See Bureau of Consumer Fin. Prot., Request for 
Information Regarding the Small Business Lending Market, Docket ID 
CFPB-2017-0011, https://www.regulations.gov/docket/CFPB-2017-0011.
    \240\ See Bureau of Consumer Fin. Prot., Prepared Remarks of 
CFPB Director Richard Cordray at the Small Business Lending Field 
Hearing (May 10, 2017), https://www.consumerfinance.gov/about-us/newsroom/prepared-remarks-cfpb-director-richard-cordray-small-business-lending-field-hearing/.
    \241\ Bureau of Consumer Fin. Prot., Key dimensions of the small 
business lending landscape (May 2017), https://files.consumerfinance.gov/f/documents/201705_cfpb_Key-Dimensions-Small-Business-Lending-Landscape.pdf.
---------------------------------------------------------------------------

    1071 Symposium. In November 2019, the Bureau held a symposium on 
section 1071 to assist the Bureau in its policy development process and 
to receive feedback from experts, including academic, think tank, 
consumer advocate, industry, and government experts in the small 
business lending arena.\242\ The symposium had two panels. The first 
panel focused on the evolution in the small business lending 
marketplace. The second panel included a discussion surrounding the 
implementation of section 1071, including issues raised in response to 
the Bureau's RFI.
---------------------------------------------------------------------------

    \242\ Bureau of Consumer Fin. Prot., Symposium: Section 1071 of 
the Dodd-Frank Act (held Nov. 6, 2019), https://www.consumerfinance.gov/about-us/events/archive-past-events/cfpb-symposium-section-1071-dodd-frank-act/.
---------------------------------------------------------------------------

    Small Business Advisory Review Panel. Under the Small Business 
Regulatory Enforcement Fairness Act of 1996 (SBREFA),\243\ which 
amended the Regulatory Flexibility Act (RFA), the Bureau must convene 
and chair a Small Business Advisory Review Panel (Panel) if it is 
considering a proposed rule that could have a significant economic 
impact on a substantial number of small entities.\244\ The Panel 
considers the impact of the proposals under consideration by the Bureau 
and obtains feedback from representatives of the small entities that 
would likely be subject to the rule. The Panel is comprised of a 
representative from the Bureau, the Chief Counsel for Advocacy of the 
Small Business Administration (SBA), and a representative from the 
Office of Information and Regulatory Affairs (OIRA) in the Office of 
Management and Budget (OMB). Representatives from 20 small businesses 
were selected as small entity representatives (SERs) for this SBREFA 
process. These SERs were representatives of small businesses that are 
financial institutions that would likely be directly affected by a 1071 
rule. These SERs did not represent the small business applicants for 
credit about whom information would be collected and reported under a 
1071 rule.
---------------------------------------------------------------------------

    \243\ Public Law 104-121, 110 Stat. 857 (1996).
    \244\ 5 U.S.C. 609(b).
---------------------------------------------------------------------------

    On September 15, 2020, the Bureau issued its Outline of Proposals 
under Consideration and Alternatives Considered (Outline or SBREFA 
Outline) for the section 1071 rulemaking, a detailed document that 
discusses (1) the relevant law, (2) the regulatory process, (3) the 
rule proposals the Bureau was considering, and (4) an economic analysis 
of the potential impacts of those proposals on directly affected small 
entities.\245\
---------------------------------------------------------------------------

    \245\ Bureau of Consumer Fin. Prot., Small Business Advisory 
Review Panel for Consumer Financial Protection Bureau Small Business 
Lending Data Collection Rulemaking, Outline of Proposals Under 
Consideration and Alternatives Considered (Sept. 15, 2020), https://files.consumerfinance.gov/f/documents/cfpb_1071-sbrefa_outline-of-proposals-under-consideration_2020-09.pdf (SBREFA Outline). See also 
Bureau of Consumer Fin. Prot., Consumer Financial Protection Bureau 
Releases Outline of Proposals Under Consideration to Implement Small 
Business Lending Data Collection Requirements (Sept. 15, 2020), 
https://www.consumerfinance.gov/about-us/newsroom/cfpb-releases-outline-proposals-implement-small-business-lending-data-collection-requirements/.
---------------------------------------------------------------------------

    The Bureau convened the Panel for this proposed rule on October 15, 
2020 and held a total of four meetings with SERs during October 19-22, 
2020, conducted online via video conference (Panel Outreach Meetings). 
In preparation for the Panel Outreach Meetings and to facilitate an 
informed and detailed discussion of the proposals under consideration, 
discussion questions for the SERs were included throughout the Bureau's 
Outline.\246\
---------------------------------------------------------------------------

    \246\ These questions also appeared in a shorter Discussion 
Guide for Small Entity Representatives. See Bureau of Consumer Fin. 
Prot., Small Business Advisory Review Panel for Consumer Financial 
Protection Bureau Small Business Lending Data Collection Rulemaking, 
Discussion Guide for Small Entity Representatives (Sept. 15, 2020), 
https://files.consumerfinance.gov/f/documents/cfpb_1071-sbrefa_discussion-guide_2020-09.pdf.
---------------------------------------------------------------------------

    In advance of the Panel Outreach Meetings, the Bureau, SBA's Office 
of Advocacy, and OIRA held a series of video conferences with the SERs 
to describe the Small Business Review Process, obtain important 
background information about each SER's current business practices, and 
begin discussions on selected portions of the proposals under 
consideration.
    All 20 SERs participated in the Panel Outreach Meetings. 
Representatives from the Bureau, SBA's Office of Advocacy, and OIRA 
provided introductory remarks. The meetings were then organized around 
discussions led by the Bureau about each aspect of the proposals under 
consideration and the potential impact on small businesses. The Bureau 
also invited SERs to submit written feedback by November 9, 2020; most 
SERs did so.
    On December 15, 2020, the Bureau released the Final Report of the 
Small Business Review Panel on the CFPB's Proposals Under Consideration 
for the Small Business Lending Data Collection Rulemaking.\247\ This 
report includes a summary of the feedback received from SERs during the 
panel process (including oral feedback received during the pre-Panel 
video conferences and Panel Outreach Meetings, as well as timely 
submitted written feedback) and findings and recommendations made by 
the Panel.\248\ As required by the RFA, the Bureau considers the 
Panel's findings in its initial regulatory flexibility analysis, as set 
out in part VIII below.
---------------------------------------------------------------------------

    \247\ Bureau of Consumer Fin. Prot., Final Report of the Small 
Business Review Panel on the CFPB's Proposals Under Consideration 
for the Small Business Lending Data Collection Rulemaking (Dec. 14, 
2020), https://files.consumerfinance.gov/f/documents/cfpb_1071-sbrefa-report.pdf (SBREFA Panel Report). See also Bureau of Consumer 
Fin. Prot., Consumer Financial Protection Bureau Releases Report on 
Implementing the Dodd-Frank Act's Small Business Lending Data 
Collection Requirement (Dec. 15, 2020), https://www.consumerfinance.gov/about-us/newsroom/consumer-financial-protection-bureau-releases-report-on-implementing-the-dodd-frank-acts-small-business-lending-data-collection-requirement/. The 
Bureau's SBREFA Outline and related materials, as well as the 
Bureau's presentation slides framing the discussion during the Panel 
Outreach Meetings, are appended to the SBREFA Panel Report. See 
SBREFA Panel Report at app. C through F.
    \248\ The written feedback from SERs is appended to the Panel 
Report. See id. at app. A.
---------------------------------------------------------------------------

    The Bureau also invited other stakeholders to submit feedback on 
the SBREFA Outline by December 14, 2020. The Bureau received 
approximately 60 submissions from a variety of other stakeholders, 
including financial institutions, trade associations,

[[Page 56377]]

community groups, a think tank, and a government agency.\249\ Feedback 
from these other stakeholders was not considered by the Panel and is 
not reflected in the Panel Report.
---------------------------------------------------------------------------

    \249\ Feedback received from these stakeholders on the SBREFA 
Outline will be placed on the public docket for this notice.
---------------------------------------------------------------------------

    The Bureau has considered the feedback it received from SERs, the 
findings and recommendations of the Panel, and the feedback from other 
stakeholders in preparing this proposed rule. The feedback, findings, 
and recommendations are summarized throughout this notice where 
relevant.
    One-Time Cost Survey. On July 22, 2020, the Bureau released a 
voluntary survey to measure the one-time costs of compliance with an 
eventual small business lending data collection rule.\250\ The 
objective of the survey was to solicit, from institutions offering 
small business credit products that could potentially be covered by 
this rule, information about potential one-time costs to prepare to 
collect and report data. The survey did not cover potential on-going 
costs from actually collecting and reporting 1071 data, and assumed 
that reporting was required only for the 13 statutorily required data 
points and that compliance with the statutory firewall requirement was 
not required.\251\ The deadline for responses was October 16, 2020. The 
Bureau received responses from 105 financial institutions.\252\ The 
results of the survey inform the Bureau's analyses of the potential 
impacts of the proposed rule as set out in parts VII and VIII below.
---------------------------------------------------------------------------

    \250\ Bureau of Consumer Fin. Prot., Survey: Small Business 
Compliance Cost Survey (July 22, 2020), https://files.consumerfinance.gov/f/documents/cfpb_1071-survey_2020-10.pdf.
    \251\ Id. at 1.
    \252\ See part VI below for additional details regarding this 
survey.
---------------------------------------------------------------------------

    ECOA request for information. On July 28, 2020, the Bureau issued a 
request for information to seek public input on ECOA and Regulation 
B.\253\ In the RFI, the Bureau sought public comment on a number of 
topics, including small business lending and the ways that the Bureau, 
in light of its authority under ECOA and Regulation B, might support 
efforts to meet the credit needs of small businesses, particularly 
those that are minority-owned and women-owned.\254\
---------------------------------------------------------------------------

    \253\ Bureau of Consumer Fin. Prot., Consumer Financial 
Protection Bureau Requests Information on Ways to Prevent Credit 
Discrimination and Build a More Inclusive Financial System (July 28, 
2020), https://www.consumerfinance.gov/about-us/newsroom/cfpb-rfi-prevent-credit-discrimination-build-more-inclusive-financial-system/.
    \254\ 85 FR 46600, 46602 (Aug. 3, 2020).
---------------------------------------------------------------------------

    Ongoing market monitoring. The Bureau conducts outreach to industry 
and other stakeholders to understand their experiences with the small 
business finance market, economic conditions, and the collection and 
reporting of data regarding that market. A particular near-term 
priority in the Bureau's recent market monitoring has been the impacts 
of the pandemic and the effectiveness of the Federal government 
response. Findings from market monitoring activities inform the Bureau 
on matters affecting the small business sector.
    Technical outreach. In the months before the publication of this 
proposed rule, the Bureau began conducting technical outreach with 
third party software providers that serve financial institutions and 
software and technology staff from financial institutions that are 
likely to have to report 1071 data to the Bureau. With these software 
vendors and technical staffs, the Bureau has held and, after 
publication of this proposed rule, will continue to hold discussions 
concerning the technical systems and procedures the Bureau will provide 
to collect 1071 data. The Bureau intends to understand the technology 
solutions currently provided by vendors to support the small business 
lending activities of financial institutions. The Bureau believes this 
information will be helpful in informing the Bureau in its design and 
implementation of a platform for intake and processing of 1071 data to 
help the platform integrate, to the degree possible, with existing 
systems and data collection procedures. These meetings also serve to 
raise awareness of technology providers as to their potential future 
role in supporting the 1071 rule as well as the lead time that may be 
necessary for some or all affected financial institutions to come into 
compliance with the requirements of a final section 1071 rule. The 
feedback that the Bureau is gathering is purely technical in nature. 
This outreach process is ongoing and will continue throughout the 
rulemaking.

IV. Legal Authorities

    The Bureau is issuing this proposed rule pursuant to its authority 
under section 1071. Some aspects of this rule are also proposed under 
the Bureau's more general rulemaking authorities in ECOA. Congress 
enacted ECOA to prohibit discrimination against any applicant, 
regarding any aspect of a credit transaction, on the basis of, amongst 
other things, race, color, national origin, and sex.\255\ The Bureau 
has certain oversight, enforcement, and supervisory authority over ECOA 
requirements and has rulemaking authority under the statute.
---------------------------------------------------------------------------

    \255\ 15 U.S.C. 1691(a)(1).
---------------------------------------------------------------------------

    ECOA is implemented in Regulation B.\256\ Among other things, 
Regulation B generally prohibits creditors from inquiring about an 
applicant's race, color, religion, national origin, or sex, with 
limited exceptions, including if it is required by law.\257\
---------------------------------------------------------------------------

    \256\ 12 CFR part 1002.
    \257\ Regulation B Sec.  1002.5(a)(2).
---------------------------------------------------------------------------

    As discussed above, in the Dodd-Frank Act Congress amended ECOA by 
adding section 1071, which directs the Bureau to adopt regulations 
governing the collection and reporting of small business lending data. 
Specifically, section 1071 requires financial institutions to collect 
and report to the Bureau certain data on applications for credit for 
women-owned, minority-owned, and small businesses.\258\ Congress 
enacted section 1071 for the purpose of (1) facilitating enforcement of 
fair lending laws and (2) enabling communities, governmental entities, 
and creditors to identify business and community development needs and 
opportunities of women-owned, minority-owned, and small 
businesses.\259\ The Bureau often refers to these as section 1071's 
fair lending purpose and its business and community development 
purpose, respectively.
---------------------------------------------------------------------------

    \258\ ECOA section 704B.
    \259\ ECOA section 704B(a).
---------------------------------------------------------------------------

    To advance these statutory purposes, section 1071 grants the Bureau 
general rulemaking authority for section 1071, providing that the 
Bureau shall prescribe such rules and issue such guidance as may be 
necessary to carry out, enforce, and compile data pursuant to section 
1071.\260\ ECOA section 704B(g)(2) also permits the Bureau to adopt 
exceptions to any requirement of section 1071 and to conditionally or 
unconditionally exempt any financial institution or class of financial 
institutions from the requirements of section 1071, as the Bureau deems 
necessary or appropriate to carry out the purposes of section 1071. The 
Bureau principally relies on its 704B(g)(1) authority in this proposed 
rule and relies on 704B(g)(2) when proposing specific exceptions or 
exemptions to section 1071's requirements. Section 704B(g)(3) directs 
the Bureau to issue guidance designed to facilitate compliance with the 
requirements of section 1071.
---------------------------------------------------------------------------

    \260\ ECOA section 704B(g)(1).
---------------------------------------------------------------------------

    In addition, section 703(a) of ECOA gives the Bureau broad 
authority to prescribe regulations to carry out the purposes of ECOA, 
including provisions

[[Page 56378]]

that in the judgment of the Bureau are necessary or proper to 
effectuate the purposes of ECOA, to prevent circumvention or evasion 
thereof, or to facilitate or substantiate compliance therewith. That 
section also states that the Bureau may provide for such adjustments 
and exceptions for any class of transactions, as in the judgment of the 
Bureau are necessary or proper to effectuate the purposes of ECOA, to 
prevent circumvention or evasion thereof, or to facilitate or 
substantiate compliance therewith.
    Section 1071 establishes requirements or obligations for financial 
institutions that the Bureau would implement in this proposed rule. 
These provisions include the requirement in ECOA section 704B(b) that a 
financial institution shall inquire whether an applicant for credit is 
a women-owned, minority-owned, or small business; that a financial 
institution must maintain a record of responses to such inquiry, 
separate from the application; that an applicant may refuse to provide 
any information requested regarding the inquiry under 704B(b); that a 
financial institution must limit access of loan underwriters, or other 
officers or employees of the financial institution or any affiliate, to 
applicant responses to inquiries under 704B(b); and that if a financial 
institution determines that a loan underwriter or other officer or 
employee should have access to any information provided by the 
applicant pursuant to a request under 704B(b) that the financial 
institution shall provide notice to the applicant of the access of the 
underwriter to such information, along with notice that the financial 
institution may not discriminate on the basis of such information.\261\
---------------------------------------------------------------------------

    \261\ ECOA section 704B(b)(1), (b)(2), (c), (d)(1) and (2).
---------------------------------------------------------------------------

    ECOA section 704B(e)(1) directs financial institutions to compile 
and maintain, in accordance with regulations of the Bureau, records of 
the information provided by applicants for credit pursuant to a request 
under 704B(b). Section 704B(e)(2) requires that the information 
compiled and maintained under 704B(e)(1) be itemized in order to 
clearly and conspicuously disclose an enumerated list of data points. 
Section 704B(e)(2)(H) requires financial institutions to compile and 
maintain any additional data that the Bureau determines would aid in 
fulfilling the purposes of section 1071.
    Several provisions of section 1071 expressly refer to regulations 
that the Bureau shall promulgate to implement certain requirements, 
including in ECOA section 704B(e)(1) regarding how financial 
institutions must compile and maintain data pursuant to section 1071, 
and in 704B(f)(2)(B) and (C) regarding the form of information made 
available by financial institutions to the public and the form and 
manner in which the Bureau itself should make 1071 data available to 
the public generally.
    Two provisions expressly give the Bureau discretion with respect to 
public availability of 1071 data. Specifically, ECOA section 704B(e)(4) 
states that the Bureau may, at its discretion, delete or modify 1071 
data before making it available to the public if the Bureau determines 
that the deletion or modification of the data would advance a privacy 
interest. Section 704B(f)(3) gives the Bureau the discretion to compile 
and aggregate 1071 data for its own use, as well as to make public such 
compilations of aggregate data.

V. Section-by-Section Analysis

Overview

    In this Overview of part V, the Bureau first provides an overview 
of section 1071 and then a brief summary of the proposed rule. Each 
provision, along with its rationale and relevant feedback received 
through the SBREFA process, is discussed in detail in the section-by-
section analyses that follow. The Bureau's proposed rule is largely 
consistent with, though more detailed than, its proposals under 
consideration in the SBREFA Outline. However, the Bureau has altered or 
refined its approach since SBREFA in certain respects, which are noted 
in the summary of the proposed rule below and discussed in detail in 
the section-by-section analyses that follow.
    Next, the Bureau discusses the high-level and general comments 
regarding this rulemaking that it received from SERs and other 
stakeholders on its SBREFA Outline. Finally, the Bureau addresses 
several issues for which there is no proposed regulatory text or 
commentary.
    The Bureau seeks comment on its proposed approach to implementing 
section 1071. Requests for comment on each provision and on particular 
issues are included throughout the section-by-section analyses in this 
part V.

A. Overview of Section 1071

    As discussed above, section 1071 of the Dodd-Frank Act requires 
that financial institutions collect and report to the Bureau certain 
data regarding applications for credit for women-owned, minority-owned, 
and small businesses. Section 1071's statutory purposes are to (1) 
facilitate enforcement of fair lending laws, and (2) to enable 
communities, governmental entities, and creditors to identify business 
and community development needs and opportunities of women-owned, 
minority-owned, and small businesses.
    Section 1071 specifies a number of data points that financial 
institutions are required to collect and report, and also provides 
authority for the Bureau to require any additional data that the Bureau 
determines would aid in fulfilling section 1071's statutory purposes. 
Section 1071 also contains a number of other requirements, including 
those that address restricting the access of underwriters and other 
persons to certain 1071 data and publication of 1071 data. In addition, 
section 1071 permits the Bureau, at its discretion, to modify or delete 
data prior to publication if it determines that such a deletion or 
modification would advance a privacy interest.
    Section 1071 directs the Bureau to prescribe such rules, and issue 
such guidance as may be necessary to carry out, enforce, and compile 
data pursuant to section 1071. It also permits the Bureau to adopt 
exceptions to any requirement or to exempt financial institutions from 
the requirements of section 1071 as the Bureau deems necessary or 
appropriate to carry out the purposes of section 1071. Section 1071 
also directs the Bureau to issue guidance designed to facilitate 
compliance with the requirements of section 1071. As discussed in part 
IV above and throughout the section-by-section analyses in this part V, 
most of the Bureau's proposal is dedicated to implementing these 
statutory provisions.

B. Section 1071 in the Context of HMDA

    The Bureau's proposal for implementing section 1071 necessarily 
exists against the backdrop of HMDA \262\ (as discussed in part 
II.F.1.ii above). With the passage of the Dodd-Frank Act in 2010, 
Congress enacted section 1071 at the same time that it amended HMDA and 
transferred HMDA rulemaking authority and other functions to the 
Bureau. HMDA is a data collection and reporting statute that requires 
certain depository institutions and for-profit nondepository 
institutions to collect, report, and disclose data about originations 
and purchases of mortgage loans, as well as mortgage loan applications 
that do not result in originations (for example, applications that are 
denied or withdrawn). The Bureau's Regulation C, 12 CFR part

[[Page 56379]]

1003, implements HMDA. In light of the similarities between 1071 and 
HMDA, the Bureau's section-by-section analyses in this part V often 
discusses how similar provisions are addressed in the context of HMDA.
---------------------------------------------------------------------------

    \262\ 12 U.S.C. 2801 et seq.
---------------------------------------------------------------------------

    HMDA's purposes are: (1) To help determine whether financial 
institutions are serving their communities' housing needs; (2) to 
assist public officials in distributing public investment to attract 
private investment; and (3) to assist in identifying potential 
discriminatory lending patterns and enforcing antidiscrimination 
statutes.
    A covered institution for purposes of HMDA reporting is a 
depository or nondepository institution that meets the relevant 
coverage criteria set forth in the regulation. A depository institution 
is required to comply with Regulation C if it meets the asset-size 
threshold, location test, loan activity test, federally related test, 
and the loan-volume threshold for either closed-end loans or open-end 
lines of credit set forth in the regulation. A nondepository 
institution is required to comply with Regulation C if it meets the 
location test and the loan-volume threshold for either closed-end loans 
or open-end lines of credit set forth in the regulation.
    A covered transaction under HMDA is generally a loan or line of 
credit secured (or, for applications, proposed to be secured) by a lien 
on a dwelling, that is not specifically excluded under Regulation C 
Sec.  1003.3(c). The data points generally required to be reported 
about each covered transaction can be grouped into four broad 
categories: \263\
---------------------------------------------------------------------------

    \263\ Under the Economic Growth, Regulatory Relief, and Consumer 
Protection Act, Public Law 115-174, 132 Stat. 1296 (2018), as 
implemented in Regulation C Sec.  1003.3(d), certain HMDA-covered 
institutions may be eligible for partial exemptions from some of the 
HMDA reporting requirements and only certain covered loans and 
applications are covered under partial exemptions. If a covered loan 
or application is covered under a partial exemption, the covered 
institution is not required to collect, record, and report certain 
data points.
---------------------------------------------------------------------------

     Information about the applicants, borrowers, and 
underwriting process, such as ethnicity, race, and sex of the 
applicant,\264\ the applicant's gross income and debt-to-income ratio, 
the application channel, action taken, and, if applicable, reason(s) 
for denial.
---------------------------------------------------------------------------

    \264\ As with section 1071, collection of an applicant's 
ethnicity, race, and sex under HMDA is an exception to the general 
prohibition on inquiring into protected demographic information in 
existing Sec.  1002.5(b).
---------------------------------------------------------------------------

     Information about the property securing the loan or 
proposed to secure the loan, such as census tract and other property 
location information, construction method, property value, and 
additional information about manufactured and multifamily housing.
     Information about the features of the loan, such as the 
loan type, pricing information (including interest rate and origination 
charges), loan term, introductory rate period, and non-amortizing 
features.
     Certain unique identifiers, such as a universal loan 
identifier, loan originator identifier, and a legal entity identifier 
for the financial institution.
    Covered institutions are required to submit their HMDA data by 
March 1 following the calendar year for which data are collected. 
Covered institutions with larger volumes of covered loans and 
applications are required to submit their HMDA data for each of the 
first three quarters of the year in addition to their annual 
submission.
    Following the calendar year in which HMDA data are collected, a 
covered institution's disclosure statement \265\ and modified loan/
application register (LAR) become publicly available on the FFIEC's 
HMDA Platform.\266\ In addition, aggregate reports for each 
Metropolitan Statistical Area and Metropolitan Division that show 
lending patterns by property location, age of housing stock, and income 
level, sex, ethnicity, and race become publicly available.
---------------------------------------------------------------------------

    \265\ A disclosure statement contains aggregated data derived 
from loan-level data.
    \266\ A HMDA LAR contains the record of information required to 
be collected and the record submitted annually or quarterly, as 
applicable. A modified LAR is a covered institution's LAR modified 
by the Bureau, on its website, to protect applicant and borrower 
privacy. The Bureau interprets HMDA, as amended by the Dodd-Frank 
Act, to call for the use of a balancing test to determine whether 
and how HMDA data should be modified prior to its disclosure to the 
public in order to protect applicant and borrower privacy while also 
fulfilling HMDA's public disclosure purposes. See 80 FR 66127, 
66133-34 (Oct. 28, 2015). In December 2018, the Bureau issued final 
policy guidance describing the modifications the Bureau intends to 
apply to the loan-level HMDA data that covered institutions report 
before the data are disclosed publicly. See 84 FR 649 (Jan. 31, 
2019).
---------------------------------------------------------------------------

    HMDA data are the primary source of information for regulators, 
researchers, economists, industry, and advocates analyzing the mortgage 
market both for HMDA's purposes and for general market monitoring. HMDA 
data are used by the Federal supervisory agencies to support a variety 
of activities. For example, Federal supervisory agencies use HMDA data 
as part of their fair lending \267\ examination process, and also use 
HMDA data in conducting Community Reinvestment Act \268\ performance 
evaluations. HMDA disclosures provide the public with information on 
the home mortgage lending activities of particular reporting entities 
and on activity in their communities. These disclosures are used by 
local, State, and Federal officials to evaluate housing trends and 
issues and by community organizations to monitor financial institution 
lending patterns.
---------------------------------------------------------------------------

    \267\ See ECOA (15 U.S.C. 1691 through 1691f), Regulation B, 12 
CFR part 1002, and FHA, 42 U.S.C. 3605, 24 CFR part 100.
    \268\ 12 U.S.C. 2901 through 2908, and 12 CFR parts 25, 195, 
228, and 345.
---------------------------------------------------------------------------

C. Summary of the Proposed Rule

    The Bureau is proposing to add a new subpart B to Regulation B to 
implement the requirements of section 1071 and to make conforming 
amendments to existing Regulation B. The Bureau's proposal is 
summarized below, in the order of the section-by-section analyses in 
this part V that follow.
1. General Provisions (Sec. Sec.  1002.5(a)(4), 1002.101, and 1002.102)
    Changes to existing Regulation B (Sec.  1002.5(a)(4)). The Bureau 
is proposing to amend existing Sec.  1002.5(a)(4) to expressly permit 
voluntary collection and reporting of information regarding the 
ethnicity, race, and sex of applicants' principal owners, or whether 
the applicant is a minority-owned business or a women-owned business, 
in certain circumstances.
    Scope, purpose, and authority (Sec.  1002.101). The Bureau is 
proposing in Sec.  1002.101 to set forth the authority, purpose, and 
scope for proposed subpart B. Among other things, this proposed section 
would set forth section 1071's two statutory purposes of facilitating 
enforcement of fair lending laws and enabling communities, governmental 
entities, and creditors to identify business and community development 
needs and opportunities of women-owned, minority-owned, and small 
businesses.
    Definitions (Sec.  1002.102). The Bureau is proposing in Sec.  
1002.102 a number of definitions for terms used in proposed subpart B, 
which generally fall into several categories. First, some proposed 
definitions refer to terms defined elsewhere in proposed subpart B--
specifically, terms of particular importance including business, 
covered application, covered credit transaction, covered financial 
institution, financial institution, and small business. Second, some 
proposed definitions refer to terms defined elsewhere in existing 
Regulation B (i.e., business credit, credit, and State) or other 
regulations (i.e., the definition of dwelling and a portion of the 
definition of affiliate reference Regulation C and an SBA regulation, 
respectively). Finally, the remaining terms are defined in proposed 
Sec.  1002.102, including

[[Page 56380]]

applicant, closed-end credit transaction, minority individual, 
minority-owned business, open-end credit transaction, principal owner, 
small business lending application register, women-owned business, and 
a portion of the definition of affiliate.
2. Coverage (Sec. Sec.  1002.103 Through 1002.106)
    Covered applications (Sec.  1002.103). The Bureau is proposing 
Sec.  1002.103 to define what is, and is not, a covered application 
under proposed subpart B; this definition would trigger the data 
collection and reporting requirements under subpart B for covered 
financial institutions. The Bureau is proposing to define a covered 
application in Sec.  1002.103(a) as an oral or written request for a 
covered credit transaction that is made in accordance with procedures 
used by a financial institution for the type of credit requested. The 
Bureau is also proposing that a covered application does not include 
(1) reevaluation, extension, or renewal requests on an existing 
business credit account, unless the request seeks additional credit 
amounts; and (2) inquiries and prequalification requests.
    Covered credit transactions (Sec.  1002.104). The Bureau is 
proposing to require that covered financial institutions collect and 
report data for all covered applications from small businesses for 
transactions that meet the definition of business credit under existing 
Regulation B, with certain exceptions. The Bureau is proposing Sec.  
1002.104(a) to define the term covered credit transaction as an 
extension of business credit that is not an excluded transaction under 
proposed Sec.  1002.104(b). Loans, lines of credit, credit cards, and 
MCAs (including such credit transactions for agricultural purposes and 
those that are also covered by HMDA`` \269\ (that is, HMDA-reportable 
transactions)) would all fall within the scope of this proposed rule. 
The Bureau is proposing in Sec.  1002.104(b) to exclude from the 
requirements of proposed subpart B trade credit, public utilities 
credit, securities credit, and incidental credit. Factoring, leases, 
consumer-designated credit used for business purposes, and credit 
secured by certain investment properties would also not be covered 
credit transactions.
---------------------------------------------------------------------------

    \269\ 12 U.S.C. 2801 et seq.
---------------------------------------------------------------------------

    Covered financial institutions (Sec.  1002.105). The Bureau is 
proposing to define in Sec.  1002.105(a) the term financial 
institution, consistent with the definition in section 1071, as any 
partnership, company, corporation, association (incorporated or 
unincorporated), trust, estate, cooperative organization, or other 
entity that engages in any financial activity. Under this proposed 
definition, proposed subpart B's requirements would apply to a variety 
of entities that engage in small business lending, including depository 
institutions (i.e., banks, savings associations, and credit unions), 
online lenders, platform lenders, CDFIs, lenders involved in equipment 
and vehicle financing (captive financing companies and independent 
financing companies), commercial finance companies, governmental 
lending entities, and nonprofit nondepository lenders. The Bureau is 
not proposing to cover motor vehicle dealers.\270\ The Bureau is 
proposing in Sec.  1002.105(b) to define the term covered financial 
institution as a financial institution that originated at least 25 
covered credit transactions for small businesses in each of the two 
preceding calendar years. Only financial institutions that meet this 
loan-volume threshold would be required to collect and report small 
business lending data under proposed subpart B.
---------------------------------------------------------------------------

    \270\ The Bureau is proposing that subpart B does not apply to a 
person excluded from coverage by section 1029 of the Consumer 
Financial Protection Act of 2010, title X of the Dodd-Frank Wall 
Street Reform and Consumer Protection Act, Public Law 111-203, 124 
Stat. 1376, 2004 (2010).
---------------------------------------------------------------------------

    Small business definition (Sec.  1002.106). The Bureau is proposing 
in Sec.  1002.106 to adopt the SBA's definitions of ``business'' and 
``small business'' as set out in the Small Business Act and SBA 
regulations. The Bureau is also proposing that, notwithstanding the 
small business size standards established by SBA regulations, for 
purposes of proposed subpart B, a business is a small business if and 
only if its gross annual revenue is $5 million or less for its 
preceding fiscal year. The Bureau is seeking SBA approval for this 
alternate small business size standard pursuant to the Small Business 
Act.
3. Compiling, Maintaining, and Reporting 1071 Data (Sec. Sec.  1002.107 
Through 1002.111)
    Compilation of reportable data (Sec.  1002.107). The Bureau is 
proposing in Sec.  1002.107 to address several aspects of collecting 
data on covered applications from small businesses. The Bureau is 
proposing in Sec.  1002.107(a) to require financial institutions to 
compile and maintain the data points enumerated in Sec.  1002.107(a)(1) 
through (21) regarding covered applications from small businesses. 
These data points would be collected and reported in accordance with 
the proposed official commentary and the Filing Instructions Guide that 
the Bureau anticipates later providing for the appropriate year. 
Certain of these data points are or could be collected from the 
applicant (or otherwise determined based on information provided or 
authorized by the applicant); other data points are based on 
information solely within the financial institution's control. Proposed 
appendix E would provide a sample data collection form for requesting 
from applicants their minority- and women-owned business status and the 
race, sex, and ethnicity of their principal owners. Proposed appendices 
F and G provide additional details and guidance regarding collecting 
those data points.
    The Bureau is proposing in Sec.  1002.107(c)(1) that covered 
financial institutions maintain procedures to collect applicant-
provided data at a time and in a manner that is reasonably designed to 
obtain a response. The Bureau's proposal also addresses what financial 
institutions should do if, despite having such procedures in place, 
they are unable to obtain certain data from an applicant. Pursuant to 
proposed Sec.  1002.107(b), financial institutions would be permitted 
to rely on statements made by an applicant (whether in writing or 
orally) or information provided by an applicant when collecting and 
reporting 1071 data, although for most data points if the financial 
institution verifies the information provided it must report the 
verified information. Proposed Sec.  1002.107(c)(2) would also permit 
financial institutions to reuse certain previously collected data in 
certain circumstances.
    Firewall (Sec.  1002.108). The Bureau is proposing Sec.  1002.108 
to implement the requirement in section 1071 that certain data 
collected be shielded from underwriters and certain other persons; the 
Bureau refers to this as the ``firewall.'' Pursuant to proposed Sec.  
1002.108(b), an employee or officer of a financial institution or a 
financial institution's affiliate that is involved in making any 
determination concerning the application would be prohibited from 
accessing an applicant's responses to inquiries that the financial 
institution makes pursuant to section 1071 regarding whether the 
applicant is a minority-owned or women-owned business, and the 
ethnicity, race, and sex of the applicant's principal owners.
    However, pursuant to proposed Sec.  1002.108(c), this prohibition 
would not apply to an employee or officer if the financial institution 
determines that it is not feasible to limit that employee's or 
officer's access to an applicant's

[[Page 56381]]

responses to the financial institution's inquiries regarding the 
applicant's protected demographic information, and the financial 
institution provides a notice to the applicant regarding that access. 
It would not be feasible to limit access if the financial institution 
determines that an employee or officer involved in making any 
determination concerning a covered application should have access to 
one or more applicants' responses to inquiries regarding the 
applicant's protected demographic information. The notice must be 
provided to each applicant whose information will be accessed or, 
alternatively, the financial institution could provide the notice to 
all applicants whose information could be accessed. The Bureau is 
proposing sample language that a financial institution could use in 
providing this notice.
    Reporting data to the Bureau (Sec.  1002.109). The Bureau is 
proposing Sec.  1002.109 to address several aspects of financial 
institutions' obligations to report section 1071 data to the Bureau. 
First, the Bureau is proposing in Sec.  1002.109(a) that 1071 data be 
collected on a calendar year basis and reported to the Bureau on or 
before June 1 of the following year. The Bureau also addresses 
collection and reporting requirements of subsidiaries of financial 
institutions and collection and reporting requirements of financial 
institutions where multiple financial institutions are involved in a 
transaction in proposed Sec.  1002.109(a). Second, the Bureau lists in 
proposed Sec.  1002.109(b) the information that financial institutions 
would be required to provide about themselves when reporting 1071 data 
to the Bureau, including the financial institution's name, headquarters 
address, contact person, Federal prudential regulator, institutional 
identifiers, and parent entity information. Finally, the Bureau is 
proposing Sec.  1002.109(c) to address technical instructions for the 
submission of data to the Bureau, including information about the 
Filing Instructions Guide, which the Bureau anticipates later providing 
for the appropriate year.
    Publication of 1071 data by the Bureau (Sec.  1002.110). The Bureau 
is proposing in Sec.  1002.110 to address several issues regarding the 
publication of 1071 data. The Bureau is proposing in Sec.  1002.110(a) 
that it shall make available to the public, on an annual basis and on 
the Bureau's website, the data submitted to it by financial 
institutions. The Bureau is proposing to make these data available 
subject to deletions or modifications made by the Bureau, at its 
discretion, if the Bureau determines that such deletions or 
modifications would advance a privacy interest. To determine whether 
and how the Bureau might use its discretion to modify or delete data 
prior to publication, the Bureau is proposing a ``balancing test'' that 
assesses the risks and benefits of public disclosure. The Bureau's 
proposed approach to the balancing test is discussed in detail in part 
VI below. Proposed Sec.  1002.110(b) would state that the Bureau may, 
at its discretion, compile and aggregate data submitted by financial 
institutions and may publish such compilations or aggregations.
    Proposed Sec.  1002.110(c) would require a covered financial 
institution to publish on its website a statement that its 1071 data, 
as modified by the Bureau, are or will be available on the Bureau's 
website. Proposed Sec.  1002.110(d) would set forth when a covered 
financial institution shall make this statement available and how long 
the financial institution shall maintain the statement on its website. 
These requirements would satisfy financial institutions' statutory 
obligation to make data available to the public upon request.
    Recordkeeping (Sec.  1002.111). The Bureau is proposing Sec.  
1002.111 to address several aspects of the recordkeeping requirements 
for 1071 data. First, the Bureau is proposing Sec.  1002.111(a) to 
require a covered financial institution to retain evidence of 
compliance with proposed subpart B, which includes a copy of its small 
business lending application register, for at least three years after 
the register is required to be submitted to the Bureau pursuant to 
proposed Sec.  1002.109. Second, the Bureau is proposing Sec.  
1002.111(b) to require a financial institution to maintain, separately 
from the rest of an application for credit and accompanying 
information, an applicant's responses to a financial institution's 
inquiries regarding the applicant's protected demographic information. 
Finally, the Bureau is proposing Sec.  1002.111(c) to require that, in 
compiling and maintaining its small business lending application 
register, a financial institution not include any personally 
identifiable information concerning any individual who is, or is 
connected with, an applicant.
4. Other Provisions (Sec. Sec.  1002.112 Through 1002.114)
    Enforcement (Sec.  1002.112). The Bureau is proposing Sec.  
1002.112 to address several issues related to the enforcement of 
proposed subpart B. First, the Bureau is proposing Sec.  1002.112(a) to 
state that a violation of section 1071 or proposed subpart B is subject 
to administrative sanctions and civil liability as provided in sections 
704 and 706 of ECOA. Second, the Bureau is proposing in Sec.  
1002.112(b) to provide that a bona fide error in compiling, 
maintaining, or reporting data with respect to a covered application is 
an error that was unintentional and occurred despite the maintenance of 
procedures reasonably adapted to avoid such an error, and that such an 
error is presumed not to be a violation of ECOA or proposed subpart B 
if the number of such errors does not exceed the thresholds set forth 
in proposed appendix H. Third, the Bureau is proposing in Sec.  
1002.112(c) to identify four safe harbors under which certain errors--
specifically those regarding census tract, NAICS code, small business 
status, and application date--would not constitute violations of ECOA 
or Regulation B.
    Severability (Sec.  1002.113). The Bureau is proposing in Sec.  
1002.113 to provide that the provisions of proposed subpart B are 
separate and severable from one another, and that if any provision is 
stayed or determined to be invalid, it is the Bureau's intent that the 
remaining provisions shall continue in effect.
    Effective date, compliance date, and special transitional rules 
(Sec.  1002.114). The Bureau is proposing Sec.  1002.114 to address 
several issues related to the Bureau's eventual final rule to implement 
section 1071. First, the Bureau is proposing in Sec.  1002.114(a) that 
its final rule to implement section 1071 would become effective 90 days 
after publication in the Federal Register, but pursuant to proposed 
Sec.  1002.114(b) compliance with the final rule would not be required 
until approximately 18 months after publication in the Federal 
Register. Second, the Bureau is proposing in Sec.  1002.114(c) certain 
transitional provisions that would permit covered financial 
institutions to begin collecting protected applicants' demographic 
information beginning 12 months prior to the compliance date and would 
permit financial institutions to use a different time period to 
determine whether they will be covered by the rule as of the compliance 
date.

D. High-Level and General Comments on the SBREFA Outline

    During the SBREFA process, SERs provided feedback on nearly all 
aspects of the Bureau's proposals under consideration as set forth in 
the SBREFA Outline. Other stakeholders did likewise in their written 
feedback on the SBREFA Outline. That feedback

[[Page 56382]]

is discussed in the section-by-section analyses of the proposed rule 
below. SERs and other stakeholders also provided feedback of a more 
general nature on the Bureau's section 1071 rulemaking. That feedback 
is summarized here; the SBREFA Panel Report provides a more complete 
summary of the SBREFA process and comments provided by SERs.\271\
---------------------------------------------------------------------------

    \271\ See generally SBREFA Panel Report.
---------------------------------------------------------------------------

    Most SERs and stakeholders were generally supportive of the 
statutory purposes of section 1071.\272\ Several SERs as well as a 
range of other stakeholders--including community groups, CDFIs, several 
community banks, and a State consumer financial protection agency--were 
supportive of the Bureau's statutory mandate to promulgate a section 
1071 rule. Many stakeholders, including community groups, several CDFI 
banks, and a small community bank, expressly supported broad coverage 
of both financial institutions and products in the 1071 rulemaking. One 
community bank stakeholder stated that larger financial institutions 
should not be excluded; another community bank asserted that a 1071 
rule should cover credit unions, governmental entities, commercial 
finance firms, and alternative online lenders.
---------------------------------------------------------------------------

    \272\ The SER feedback discussed herein can be found in the 
SBREFA Panel Report at 17-18.
---------------------------------------------------------------------------

    Several trade association stakeholders supported a more limited 
approach to implementation of a 1071 rulemaking. A number of trade 
associations requested exemptions for the specific types of financial 
institutions they represented, including credit unions, vendor finance 
and dealer-related institutions, and community banks. One trade 
association argued that Federal credit union laws limited the extent to 
which credit unions could seek to expand their small business lending 
operations. Two trade association stakeholders suggested that the 
Bureau adopt a phased or staged approach to implementation, starting 
only with certain products and institutions. One trade association 
suggested that the Bureau adopt a high size-based exemption for 
institutions.
    A number of SERs and stakeholders, including several CDFIs, a 
number of community groups and a community bank, expressed the view 
that data transparency in the small business lending market is critical 
to advance the goals of fair lending enforcement and access to credit 
for small businesses, especially those that are minority-owned and 
women-owned. One SER and several stakeholders, including two community 
groups and one small business trade association, stated that the 
limited data currently available show that the lending practices of 
many financial institutions exclude women-owned and minority-owned 
businesses, exacerbating a racial wealth gap, and that section 1071 has 
the opportunity to address such lending disparities, which are costly 
to businesses, lenders, and the economy as a whole. The SER also said 
that data transparency and fairness should be an advantage to smaller, 
local financial institutions, allowing them to better distinguish their 
value proposition compared to larger financial institutions or 
predatory lenders.\273\ A CDFI stakeholder and a community group 
stakeholder emphasized that 1071 data would be an important supplement 
to CRA and HMDA data to determine community development needs. Another 
community group stakeholder and a small business trade association 
emphasized the importance of supporting access to credit for women-
owned and minority-owned small businesses. One community group argued 
that the availability of 1071 data would spur innovation in the small 
business lending market.
---------------------------------------------------------------------------

    \273\ Id.
---------------------------------------------------------------------------

    Several SERs and several community groups and CDFI stakeholders 
stated that the completion of a 1071 rulemaking was welcome, given the 
many years stakeholders have been waiting for these data. Several SERs 
and other stakeholders, including community groups and CDFIs, supported 
a 1071 rulemaking as necessary to better understand the small business 
lending market, as the COVID-19 pandemic highlighted how the most 
vulnerable small businesses can be disproportionately impacted by 
economic shocks. Several community groups and a small business trade 
association stakeholders argued that the response to the COVID-19 
pandemic, including the PPP program, exacerbated existing gender and 
racial disparities, and did not provide access to credit to excluded 
lower- and middle-income communities and women-owned or minority-owned 
small businesses. Two community bank trade associations noted the 
outsized importance of community banks and CDFIs in providing PPP loans 
to their local communities, including to minority-owned small 
businesses, and warned that an unintended consequence of a 1071 
rulemaking may be to impair this existing lending. One trade 
association suggested that the Bureau delay issuing any proposal until 
the economic forces driven by the COVID-19 pandemic have subsided and 
recovery is evident.
    Other stakeholders expressed concerns about the uses of data coming 
from a 1071 rulemaking. One trade association suggested that the 
collection of data on race and gender would create the perception among 
customers that these factors played a role in credit decisions. One 
community bank stakeholder asserted that 1071 data should not be used 
in regulatory oversight or examinations of financial institutions, but 
rather to better understand the small lending market and help 
regulators support lending. Several trade associations expressed 
concerns that misleading conclusions could be drawn from data from a 
1071 rulemaking, and that small business lending was complex and 
varied.
    SERs nearly uniformly suggested that the Bureau aim to draft simple 
regulations, and choose simpler options if possible, noting that more 
complex rules tend to make compliance more difficult and drive up 
compliance costs, which could potentially increase prices or reduce 
small businesses' access to credit. A number of stakeholders--including 
community banks, community groups, a small business trade association, 
and bank and credit union trade associations--similarly supported 
simple and clear regulations and requested that the Bureau avoid 
complex or ambiguous rules, which they asserted would make compliance 
more costly. One CDFI bank stakeholder asserted that existing 
ambiguities and conflicts in the law have caused financial institutions 
to avoid collecting the very data they would need to identify lending 
discrimination, and that mandating data collection and clarifying rules 
would be critical to addressing these concerns.
    Many SERs and a community bank stakeholder requested clear written 
guidance and implementation support materials from the Bureau, such as 
small entity compliance guides, a ``help desk'' for questions, and 
sample disclosure language (translated into languages other than 
English for individuals with limited English proficiency). Several SERs 
also discussed the need for applicant-facing materials explaining what 
the section 1071 regulation is and why the financial institution must 
collect data. Relatedly, one SER requested that the Bureau educate and 
train currently unregulated financial institutions to help them 
implement the rule.
    A number of SERs (representing financial institutions that operate 
primarily online as well as financial institutions that interact with 
small business applicants in-person) indicated their belief that 
financial institutions

[[Page 56383]]

with extensive online lending operations would be able to comply with 
an eventual 1071 rule more easily, more quickly, and at lower cost due 
to their greater degree of automation than financial institutions with 
primarily in-person and/or paper-based operations. SERs and several 
stakeholders (including a community bank trade association, a community 
group, and a community bank) urged the Bureau to align with other 
Federal data reporting regimes--such as HMDA, CRA, CDFI Fund, or SBA--
if possible, and thought that financial institutions with experience 
complying with these other Federal data reporting regimes would have an 
easier time complying with an eventual 1071 rule than would financial 
institutions, including some SERs, with no such experience. One trade 
association suggested that any comparisons with HMDA were misplaced, as 
the small business lending market is more varied and complex than the 
market for residential mortgage lending.
    Several SERs stated that a 1071 rule should take into account the 
different types of financial institutions operating in the small 
business lending market. One SER suggested that the Bureau had not 
focused enough attention on the impact of a 1071 rule on nondepository 
institutions, which they said play a vital role in providing essential 
credit to small businesses in the United States, many of which are 
women-owned and minority-owned. Another SER and two trade associations 
asserted that the data collected from credit unions, which are bound by 
their charters (pursuant to Federal and State laws and regulations) to 
serve a specific field of membership, would likely be incomparable with 
data from other financial institutions that are permitted to serve any 
kind of customer.
    Many SERs supported broad coverage of both financial institutions 
and products, as reflected in section 1071's language covering any 
application to a financial institution for credit for a women-owned, 
minority-owned, or small business.
    The SBREFA Panel recommended that the Bureau issue implementation 
and guidance materials (including a small entity compliance guide as 
required by the RFA, as well as other materials), specifically to 
assist small financial institutions in complying with the eventual 1071 
rule.\274\ The Panel also recommended that the Bureau consider 
providing sample disclosure language related to the collection of 
ethnicity, race, and sex of applicants.\275\
---------------------------------------------------------------------------

    \274\ Id. at 43.
    \275\ Id.
---------------------------------------------------------------------------

    The Bureau agrees with the general comments made in favor of 
keeping the scope of the proposed rule broad. In general, the Bureau 
believes that broad coverage of institutions and products as requested 
by a number of SERs and stakeholders would result in the collection of 
more data and would be consistent with the statutory purposes of 
section 1071. The Bureau does not believe that the request made by 
several trade association stakeholders to take a more limited approach 
to scope--including the various limitations on the coverage of certain 
types of financial institutions and products--would be consistent with 
the statutory purposes of section 1071. The Bureau addresses these 
issues directly in the section-by-section analyses of proposed 
Sec. Sec.  1002.104 and 1002.105 below.
    The Bureau agrees with the SERs and stakeholders that expressed the 
view that data transparency in the small business lending market is 
critical to advancing the statutory purposes of section 1071. The 
Bureau believes that the limited data that do exist, cited by one SER 
and several stakeholders, appear to support the existence of 
disparities in the small business lending markets, as identified in 
part II above. The Bureau agrees--as do other Federal regulators that 
the Bureau has consulted in developing this proposed rule--that 1071 
data would be an important supplementation to CRA and HMDA data in 
helping a variety of parties determine and address business and 
community development needs. The Bureau agrees with the SERs and 
stakeholders that identified specific ways that the publication of 1071 
data would advance this statutory purpose in helping the public 
identify business needs, including, as one SER suggested, creating data 
that would be useful to help smaller, local financial institutions 
distinguish their value proposition compared to other lenders, and 
could be used to spur innovation in the small business lending market.
    Regarding the support of certain SERs and other stakeholders 
welcoming the completion of a 1071 rulemaking, the Bureau's views on 
this are best expressed in the section-by-section analyses of proposed 
Sec. Sec.  1002.113 and 1002.114 concerning effective date and 
compliance date. Regarding the data cited by SERs and other 
stakeholders concerning lending disparities in the PPP program during 
the COVID-19 pandemic, the Bureau believes that the availability of 
data on PPP lending further supports the importance of collecting and 
publishing 1071 data; it was only the existence of PPP lending data, 
despite its limitations, that enabled these stakeholders to make 
arguments regarding the state of fair lending and business and 
community development under PPP.
    The Bureau appreciates the concerns expressed by some stakeholders 
concerning the uses of 1071 data. The Bureau believes that the firewall 
provision of proposed Sec.  1002.108, including the proposed notice 
provision, are intended to address the concern by one trade association 
stakeholder that the collection of ethnicity, race, and sex data may 
create the perception among customers that these factors play a role in 
credit decisions. The Bureau disagrees with the stakeholder that 
asserted that 1071 data should not be used in regulatory oversight or 
examinations. Such use is contemplated by ECOA section 704B(a)(2), 
which provides that the data are intended to facilitate the enforcement 
of fair lending laws. The Bureau does agree with the same stakeholder, 
however, that 1071 data should be used to help regulators better 
understand the small business lending markets and better support such 
lending. The Bureau does not disagree in the abstract with the 
assertions made by several trade associations that misleading 
conclusions could be drawn from 1071 data; the Bureau notes that these 
stakeholders did not cite any examples and that any source of data may 
be misinterpreted absent robust procedures and methodologies. The 
Bureau believes, given its experience with HMDA data, that such 
concerns are misplaced--overall, HMDA data have helped shed light on 
previously hidden issues and proven highly effective in accomplishing 
its congressionally mandated purposes.
    The Bureau has attempted as much as possible to propose rules that 
are both simple and clear, as SERs and other stakeholders suggested. 
For instance, the Bureau is proposing a simple definition of small 
business in proposed Sec.  1002.106 below. While the Bureau has 
endeavored to avoid unnecessary ambiguity and complexity in its 
proposed rule, complexity in the proposed rule reflects the inherent 
complexity of the subject, including the variations and diversity in 
the small business lending market as well as the complications of 
collecting data to conduct fair lending analyses and identify business 
and community development needs.
    Regarding the request for clear written guidance and implementation 
support materials, the Bureau intends to develop various compliance 
materials, as it does with most major rules. These materials will 
include a small entity compliance

[[Page 56384]]

guide that will provide regulatory implementation guidance, and a 
Filing Instructions Guide that will provide technical instructions for 
the submission of 1071 data to the Bureau. With regard to the comment 
that the Bureau should provide applicant-facing materials, the Bureau 
proposes in appendix E a sample data collection form that can be used 
to collect from applicants their minority-owned business status, women-
owned business status, and the ethnicity, race, and sex of their 
principal owners, along with the related required disclosures.
    The Bureau generally agrees with the observation of a number SERs 
that financial institutions with extensive online lending operations 
would likely find compliance with a section 1071 rule easier than those 
with primarily in-person operations. The Bureau sets out its 
preliminary assessment of the costs of the rule on financial 
institutions in parts VII and VIII below.
    The Bureau has attempted, whenever possible, to align or conform 
its proposed rule with other Federal data reporting regimes, as several 
SERs and other stakeholders requested. The Bureau references and, where 
possible, aligns the proposed rule with specific Federal data reporting 
regimes, as explained in the section-by-section analyses below. The 
Bureau appreciates the comments made by some SERs and other 
stakeholders that there are different types of financial institutions 
in the small business lending market and that the differences between 
institutional types may complicate data analysis. The Bureau notes, 
however, that simply excluding certain types of institutions from 1071 
reporting requirements would be inconsistent with the statutory 
purposes of section 1071, and that it would be more congruent with 
section 1071 instead to collect information on financial institution 
type as set out in proposed Sec.  1002.109(b)(9), for the reasons set 
out below.

E. Cross-Cutting Interpretive Issues

1. The Bureau's Approach to Non-Small Women-Owned and Minority-Owned 
Businesses in This Rulemaking
    The Bureau is proposing to require financial institutions to 
collect and report data regarding applications for credit for small 
businesses; the Bureau is not, however, proposing to require financial 
institutions to collect and report data with respect to applicants that 
are not small businesses. ECOA section 704B(b) states that ``in the 
case of any application to a financial institution for credit for [a] 
women-owned, minority-owned, or small business,'' the financial 
institution must ``inquire whether the business is a women-owned, 
minority-owned or small business . . . .'' For the reasons set forth 
below, the Bureau is proposing this approach as an interpretation of 
the statute pursuant to its authority under 704B(g)(1), and, in the 
alternative, pursuant to its authority under 704B(g)(2) to adopt 
exceptions to any requirement of section 1071 as the Bureau deems 
necessary or appropriate to carry out the purposes of section 1071 and 
its implied de minimis authority.
    The Bureau explained in the SBREFA Outline that in light of the 
comprehensive coverage of women-owned and minority-owned businesses 
within the scope of small businesses (discussed in more detail below), 
it was considering proposing that the data collection and reporting 
requirements of its eventual 1071 rule would apply to any application 
to a financial institution for credit only for small businesses as 
defined under the eventual 1071 rule.\276\ The Bureau explained that it 
was concerned that a requirement to collect and report 1071 data on 
applications for women-owned and minority-owned businesses that are not 
small businesses could affect all aspects of financial institutions' 
commercial lending operations while resulting in limited information 
beyond what would already be collected and reported about women-owned 
and minority-owned small businesses. In addition, financing for large 
businesses can be much more varied and complex than are the products 
used for small business lending. Thus, under the approach the Bureau 
was considering proposing, financial institutions would collect and 
report lending data for all applicants that satisfy the Bureau's 
definition of a small business, including identifying women-owned and 
minority-owned businesses within that pool, but financial institutions 
would not be required to collect and report 1071 data for women-owned 
and minority-owned businesses that are not ``small.''
---------------------------------------------------------------------------

    \276\ SBREFA Outline at 9.
---------------------------------------------------------------------------

    In the SBREFA Outline, the Bureau noted that most existing 
businesses, including almost all women-owned and minority-owned 
businesses, are ``small business concerns'' as that term is currently 
defined by the SBA.\277\ Therefore, the Bureau posited that coverage of 
small businesses by this rule would necessarily include nearly all 
women-owned and minority-owned businesses. Based on the 2018 Annual 
Business Survey by the U.S. Census, the Bureau estimated that 5.72 
million employer firms--99.6 percent of all employer firms--are small 
(defined for the purposes of the survey as having fewer than 500 
employees). That same definition covers one million minority-owned 
employer firms (99.9 percent of all minority-owned firms) and 1.1 
million women-owned employer firms (99.9 percent of all women-owned 
firms).\278\ The Bureau estimated that, among non-small businesses, 
which are only 0.4 percent of all firms nationally, 10 percent of this 
small fraction are minority-owned firms and 13 percent are women-
owned.\279\
---------------------------------------------------------------------------

    \277\ See the section-by-section analysis of proposed Sec.  
1002.106 below for additional discussion regarding the definition of 
``small business'' for purposes of this rulemaking.
    \278\ SBREFA Outline at 9.
    \279\ Id.
---------------------------------------------------------------------------

    A number of SERs expressed a belief that covering just small 
business applications would supply adequate or nearly complete lending 
data for purposes of section 1071.\280\ However, other SERs stated that 
the Bureau's regulation should collect data regarding applications for 
credit for non-small minority-owned and women-owned businesses as well. 
One SER relayed first-hand observations in their community that larger 
minority-owned and women-owned businesses were excluded from full 
access to credit, and expressed an interest in the Bureau capturing and 
reporting that information. One SER observed that smaller financial 
institutions, or those that generally focus on small business lending, 
might find that collecting and reporting data for all business loan 
applications would be simpler than determining which applications would 
be within the scope of the eventual 1071 rule.
---------------------------------------------------------------------------

    \280\ The SER feedback discussed in herein can be found in the 
SBREFA Panel Report at 18.
---------------------------------------------------------------------------

    The SBREFA Panel recommended that the Bureau continue to explore 
whether the data collection and reporting requirements in its 1071 rule 
should be limited to any application to a financial institution for 
credit only for small businesses (as defined by the Bureau's 
regulation) or whether it should also extend to applications for women-
owned and minority-owned businesses that are not small.\281\ The Panel 
also recommended that the Bureau seek comment on the costs to small 
financial institutions of collecting and reporting 1071 data regarding 
applications for credit for women-owned and minority-owned businesses

[[Page 56385]]

that are not small (as defined by the Bureau's regulation).\282\
---------------------------------------------------------------------------

    \281\ Id. at 43.
    \282\ Id.
---------------------------------------------------------------------------

    Feedback from other stakeholders generally supported the Bureau's 
approach to limiting 1071 data collection to small businesses, 
including identifying women- and minority-owned businesses within that 
pool. A number of commenters expressed support for the Bureau's 
approach under consideration, arguing that requiring data collection 
for non-small women- and minority-owned businesses would increase 
compliance burden without significantly contributing to 1071's 
purposes. Some responses also stated that this approach was consistent 
with legislative intent, positing that Congress did not intend for 
financial institutions to collect 1071 data on large companies. A 
community group noted that its support for the Bureau's approach was 
conditional on the Bureau adopting a broad definition of small 
business, thus limiting the likelihood of missing significant women- 
and minority-owned business application data. A joint comment from a 
number of community groups urged the Bureau to monitor the market and 
to reevaluate this approach if later publications of the Annual 
Business Survey show that the number of non-small women- and minority-
owned businesses exceed current estimates. Another joint comment from 
community groups did not support the Bureau's approach under 
consideration, urging the Bureau to consider instead covering non-small 
women- and minority-owned businesses in the data collection and arguing 
that it might be easier for financial institutions to collect data for 
all applicants, as opposed to developing systems for screening out 
applicants that are not covered. Two banks suggested that 1071 data 
collection should extend to all businesses; one was concerned about 
fair lending disparities, while the other remarked that large business 
applicants should not be relieved of the burden of having their data 
collected under 1071.
    The Bureau believes that section 1071 is ambiguous with respect to 
its coverage of applications for credit for non-small women- or 
minority-owned businesses, and the Bureau therefore proposes to 
interpret this ambiguity pursuant to ECOA section 704B(g)(1). The 
Bureau acknowledges that the plain language of 704B(b) could be read to 
require financial institutions to collect information from all women-
owned and minority-owned businesses, including those that are not small 
businesses. But based on a close consideration of the text, structure, 
and purpose of the statute, and the interactions between section 1071 
and other provisions of ECOA and Regulation B, the Bureau believes that 
the statute's coverage of, and Congress's intent with respect to, data 
regarding non-small businesses is ambiguous.
    The Bureau interprets ECOA section 704B(b) and (b)(1) to require 
that financial institutions first determine whether an applicant is a 
small business within the scope of the rule's data collection before 
making the required inquiries that would otherwise be prohibited by 
existing Regulation B. There is a general prohibition in existing 
Regulation B (in Sec.  1002.5(b)) which states that a ``creditor shall 
not inquire about the race, color, religion, national origin, or sex of 
an applicant or any other person in connection with a credit 
transaction, except'' if expressly permitted to do so by law or 
regulation.
    In the introductory language to ECOA section 704B(b), Congress 
instructed that the 1071 data collection regime applies only ``in the 
case of any application to a financial institution for credit for 
women-owned, minority-owned, or small business'' (emphasis added). The 
Bureau believes that ``in the case of'' indicates Congress's intent to 
limit application of section 1071 to these types of businesses, rather 
than requiring financial institutions to make 1071-related inquiries of 
all business applicants for credit.\283\ The next paragraph 
(704B(b)(1)) does not use the conditional phrase ``in the case of'' 
used in 704B(b); rather, it instructs a financial institution to 
``inquire.'' The Bureau believes that the instruction to ``inquire'' in 
704B(b)(1) is intended to provide the necessary exception to Regulation 
B's general prohibition against ``inquir[ing]'' as to protected 
demographic information in connection with a credit transaction.\284\ 
Indeed, absent section 1071's lifting of the prohibition, generally, a 
financial institution could not determine, or even ask about, an 
applicant's women- or minority-owned status, because doing so would 
necessarily constitute ``inquir[ing] about the race, color, religion, 
national origin, or sex of an applicant'' in violation of existing 
Sec.  1002.5(b). The Bureau believes that Congress likely intended to 
ensure that financial institutions could determine whether an applicant 
is covered by the 1071 data collection without risking a violation of 
other provisions of ECOA and Regulation B.
---------------------------------------------------------------------------

    \283\ Merriam-Webster defines ``case'' as meaning ``a set of 
circumstances or conditions,'' ``a situation requiring investigation 
or action (as by the police),'' or ``the object of investigation or 
consideration.''
    \284\ As discussed in greater detail in the next section, the 
fact that the language of ECOA section 704B(b)(1) is designed to 
expressly permit inquiry into protected demographic information, 
which would otherwise be prohibited by existing Sec.  1002.5(b), is 
also evidenced by the statute's three provisions creating special 
protections for responses to the inquiry: 704B(b)(2) requires that 
responses to protected inquiries remain separate from the 
application and accompanying information; 704B(c) requires that 
applicants have a right to refuse to answer the protected inquiry; 
and 704B(d) requires that certain underwriters or other employees 
involved in making determinations on an application not have access 
to the responses to protected inquiries.
---------------------------------------------------------------------------

    However, unlike with women- and minority-owned business status, 
there is no legal impediment to a financial institution's determining 
whether an applicant is a small business, and financial institutions 
can make that determination as a threshold matter without risking 
running afoul of ECOA and Regulation B. Therefore, the Bureau believes 
that the scope of the introductory ``in the case of'' language in ECOA 
section 704(b) is ambiguous as to coverage of non-small women- and 
minority-owned businesses. To resolve this ambiguity, the Bureau has 
applied its expertise to interpreting the language and structure of 
1071 within the context of the general prohibition on inquiring into 
protected demographic information in existing Sec.  1002.5(b), and 
concludes that ECOA section 704B(b)(1) is best read as only referring 
to questions about applicants' protected demographic information (i.e., 
women- and minority-owned business status as well as the race, sex, and 
ethnicity of the principal owners of the business). The Bureau believes 
704B(b)'s more general ``in the case of'' language should be understood 
to indicate the conditions under which 1071 data collection should take 
place, and requires financial institutions to make a threshold 
determination that an applicant is a small business before proceeding 
with an inquiry into the applicant's protected demographic information.
    The Bureau also notes that the collection of data on applications 
for non-small women- or minority-owned businesses would not carry out 
either of section 1071's stated purposes because the data would be of 
only limited usefulness for conducting the relevant analyses of non-
small businesses. Such analyses would necessitate comparing data 
regarding non-small women-owned and minority-owned business applicants 
to data regarding non-small non-women-owned and non-minority-owned 
business applicants, in order to control for lending outcomes that 
result from differences in applicant size. But section 1071 does not 
require or otherwise address the collection of data for non-small 
business applicants that

[[Page 56386]]

are not women- or minority-owned. Therefore, the resulting data set 
will lack a control group, arguably the most meaningful comparator for 
any data on non-small women- or minority-owned businesses. It is 
unlikely that Congress intended, and the statute is reasonably read not 
to require, the collection of data that would be of limited 
utility.\285\
---------------------------------------------------------------------------

    \285\ See, e.g., Pub. Citizen v. U.S. Dep't of Just., 491 U.S. 
440, 454 (1989) (``Where the literal reading of a statutory term 
would `compel an odd result,' Green v. Bock Laundry Machine Co., 490 
U.S. 504, 509 (1989), we must search for other evidence of 
congressional intent to lend the term its proper scope.'').
---------------------------------------------------------------------------

    Finally, the Bureau notes that the title of section 1071 is ``Small 
Business Data Collection,'' and 1071 amends ECOA to add a new section 
titled ``Small Business Loan Data Collection.'' In the presence of 
ambiguity, these titles provide some additional evidence that Congress 
did not intend the statute to authorize the collection of data on 
businesses that are not small.\286\
---------------------------------------------------------------------------

    \286\ Almendarez-Torres v. United States, 523 U.S. 224, 234 
(1998) (`` `[T]he title of a statute and the heading of a section' 
are `tools available for the resolution of a doubt' about the 
meaning of a statute.'') (quoting Bhd. of R.R. Trainmen v. Balt. & 
Ohio R.R., 331 U.S. 519, 529 (1947)).
---------------------------------------------------------------------------

    For these reasons, the Bureau proposes to interpret ECOA section 
704B(b) to cover the collection only of data with respect to small 
businesses, including those that are women- and minority-owned. 
Likewise, as discussed immediately below in E.2 of this Overview to 
part V, the Bureau is proposing to clarify that the 704B(b)(1) inquiry, 
when applicable, pertains to an applicant's minority-owned business 
status and women-owned business status as well as the race, sex, and 
ethnicity of its principal owners. For the same reasons, the Bureau 
believes that not requiring the collection of data with respect to 
applications for non-small businesses would be necessary or appropriate 
to carry out the purposes of section 1071; therefore, in the 
alternative, the Bureau proposes to exercise its exception authority in 
704B(g)(2) to effect this outcome. Finally, because the Bureau believes 
that the collection of data on non-small women- and minority-owned 
businesses would ``yield a gain of trivial or no value,'' the Bureau 
proposes, in the alternative, to exercise its implied de minimis 
authority to create this exception.\287\
---------------------------------------------------------------------------

    \287\ Waterkeeper All. v. EPA, 853 F.3d 527, 530 (D.C. Cir. 
2017) (quoting Pub. Citizen v. FTC, 869 F.2d 1541, 1556 (D.C. Cir. 
1989)); see Alabama Power Co. v. Costle, 636 F.2d 323, 360-61 (D.C. 
Cir. 1979).
---------------------------------------------------------------------------

    The Bureau seeks comment on its proposed approach to limiting the 
scope of data collection pursuant to subpart B to covered applications 
for small businesses, but not women- or minority-owned businesses that 
are not small. As recommended by the SBREFA Panel, the Bureau also 
seeks comment on the costs to small financial institutions of 
collecting and reporting 1071 data regarding applications for credit 
for women-owned and minority-owned businesses that are not small 
businesses as defined in proposed Sec.  1002.106(b). See the section-
by-section analysis of proposed Sec.  1002.106(b) below, where the 
Bureau is seeking comment on the proposed definition of a small 
business.
2. The Meaning of ``information requested pursuant to subsection (b)''
    Four different provisions of section 1071 refer to or rely on 
``information requested pursuant to subsection (b)'' or similar 
language. First, ECOA section 704B(b)(2) provides that financial 
institutions must ``maintain a record of the responses to such 
inquiry'' and keep those records separate from the application and 
information that accompanies it. Second, 704B(c) states that applicants 
for credit ``may refuse to provide any information requested pursuant 
to subsection (b).'' Third, 704B(d) requires financial institutions to 
limit the access of certain employees to ``information provided by the 
applicant pursuant to a request under subsection (b),'' with certain 
exceptions. Fourth, 704B(e) instructs financial institutions that 
``information provided by any loan applicant pursuant to a request 
under subsection (b) . . . shall be itemized in order to clearly and 
conspicuously disclose'' data including the loan type and purpose, 
amount of credit applied for and approved, and gross annual revenue.
    In light of these four disparate provisions, the Bureau believes 
that section 1071 is ambiguous with respect to the meaning of ``any 
information provided by the applicant pursuant to a request under 
subsection (b).'' \288\ On the one hand, ECOA section 704B(b)(1) 
directs financial institutions to inquire whether a business is ``a 
women-owned, minority-owned, or small business,'' so the phrase could 
be interpreted as referring only to those three data points. Section 
704B(e), however, indicates that the scope of 704B(b) could be much 
broader; it suggests that all of the information that financial 
institutions are required to compile and maintain--not simply an 
applicant's status as a women-owned, minority-owned, or small 
business--constitutes information provided by an applicant ``pursuant 
to a request under subsection (b).'' But as noted above, information 
deemed provided pursuant to subsection (b) is subject to the notable 
protections of separate recordkeeping under 704B(b)(2), a right to 
refuse under 704B(c), and the firewall under 704B(d). Applying these 
special protections to many of the data points in 704B(e), such as 
gross annual revenue or amount applied for, would be extremely 
difficult to implement, because this information is critical to 
financial institutions' ordinary operations in making credit decisions. 
Additionally, 704B(e) describes as ``provided by any loan applicant'' 
under 704B(b) data points that plainly must come from the financial 
institution itself, such as application number and action taken, 
further suggesting that Congress viewed this term as encompassing more 
information than lies within the four corners of 704B(b)(1). Finally, 
as noted above, the circular structure of 704B(b) complicates the 
question of what constitutes information provided ``pursuant to a 
request under subsection (b).'' Read together, the introductory 
language in 704B(b) and (b)(1) direct financial institutions, ``in the 
case of'' a credit application ``for [1] women-owned, [2] minority-
owned, or [3] small business,'' to ``inquire whether the business is a 
[1] women-owned, [2] minority-owned, or [3] small business.'' The 
Bureau believes that this circularity further demonstrates the 
ambiguity of the phrase ``pursuant to a request under subsection (b).''
---------------------------------------------------------------------------

    \288\ The Bureau does not believe that the minor linguistic 
variations in these four provisions themselves have significance.
---------------------------------------------------------------------------

    The Bureau believes that it is reasonable to resolve these 
ambiguities by giving different meanings to the phrase ``any 
information provided by the applicant pursuant to a request under 
subsection (b)'' (or similar) with respect to ECOA section 704B(e) as 
opposed to 704B(b)(2), (c), and (d).\289\ With respect to 704B(e), the 
Bureau interprets the phrase to refer to all the data points now 
articulated in proposed Sec.  1002.107(a). Section 704B(e) is the 
source of financial institutions' obligation to ``compile and 
maintain'' data that they must then submit to the

[[Page 56387]]

Bureau, so it would be reasonable to interpret this paragraph as 
referring to the complete data collection Congress devised in enacting 
section 1071.
---------------------------------------------------------------------------

    \289\ While there is a presumption that a phrase appearing in 
multiple parts of a statute has the same meaning in each, ``this is 
no more than a presumption. It can be rebutted by evidence that 
Congress intended the words to be interpreted differently in each 
section, or to leave a gap for the agency to fill.'' Catskill 
Mountains Chapter of Trout Unlimited, Inc. v. EPA, 846 F.3d 492, 532 
(2d Cir. 2017) (citing Env't Def. v. Duke Energy Corp., 549 U.S. 
561, 575 (2007)). Here, the Bureau believes Congress indicated such 
an intention by using the same phrase in the substantially different 
contexts of providing special protections for sensitive demographic 
information on the one hand and ``itemiz[ing]'' all collected data 
on the other.
---------------------------------------------------------------------------

    But with respect to the three statutory provisions creating special 
protections for certain information--the firewall in ECOA section 
704B(d), separate recordkeeping in 704B(b)(2), and the right to refuse 
in 704B(c)--the Bureau interprets the phrase to refer to the data 
points in proposed Sec.  1002.107(a)(18) (women-owned business status), 
(a)(19) (minority-owned business status), and (a)(20) (ethnicity, race, 
and sex of principal owners).\290\ Each of these data points requests 
sensitive demographic information that has no bearing on the 
creditworthiness of the applicant, about which existing Sec.  1002.5(b) 
would generally prohibit the financial institution from inquiring 
absent section 1071's mandate to collect and report that information, 
and with respect to which applicants are protected from discrimination. 
The Bureau accordingly believes that it would be reasonable to apply 
section 1071's special-protection provisions to apply to this 
information, regardless of whether the statutory authority to collect 
it originates in 704B(b)(1) (women-owned and minority-owned business 
status) or 704B(e)(2)(G) (race, sex, and ethnicity of principal 
owners). The Bureau similarly believes that it would have been 
unreasonable for Congress to have intended that these special 
protections would apply to any of the other data points now proposed in 
Sec.  1002.107(a), which the financial institution is permitted to 
request regardless of coverage under section 1071 which are not the 
subject of Federal antidiscrimination law, and many of which financial 
institutions currently use for underwriting purposes.
---------------------------------------------------------------------------

    \290\ The Bureau's interpretations with respect to a separate 
data point for small business status are discussed in the next 
section.
---------------------------------------------------------------------------

    The Bureau implements these interpretations of ``information 
requested pursuant to subsection (b)'' in several different section-by-
section discussions. With respect to ECOA section 704B(e), the Bureau 
discusses its interpretation of the phrase in the section-by-section 
analysis of proposed Sec.  1002.107(a). The Bureau's interpretation of 
704B(d)'s firewall requirement is addressed at greater length in the 
section-by-section analysis of proposed Sec.  1002.108, and the 
Bureau's interpretation of the separate recordkeeping requirement in 
704B(b)(2) is addressed in the section-by-section analysis of proposed 
Sec.  1002.111(b). The right to refuse in 704B(c) is discussed in the 
section-by-section analyses of the data points that the Bureau proposes 
to be subject to the right to refuse: Proposed Sec.  1002.107(a)(18) 
(women-owned business status), (19) (minority-owned business status), 
and (20) (ethnicity, race, and sex of principal owners).
3. No Collection of Small Business Status as a Data Point
    The Bureau notes that neither of its interpretations of 
``information requested pursuant to subsection (b)'' reference a 
specific data point for an applicant's status as a small business, nor 
is the Bureau otherwise including in proposed Sec.  1002.107(a) that 
financial institutions collect, maintain, or submit a data point whose 
sole function is to state whether the applicant is or is not a small 
business.
    At SBREFA, the Bureau conveyed that it was considering proposing 
small business status as a separate data point. The Bureau also stated 
that it was considering not proposing to extend the right to refuse or 
firewall to a financial institution's specific inquiry regarding small 
business status; \291\ the Bureau did not address in the SBREFA Outline 
whether small business status would be subject to the separate 
recordkeeping requirement. In lieu of further details about the 
potential data point on small business status, the Bureau noted that it 
was considering proposing that collection and reporting of whether an 
applicant for credit is a small business be based on applicant-reported 
information, but that the precise nature of the data point would depend 
on the ultimate definition of small business.
---------------------------------------------------------------------------

    \291\ SBREFA Outline at 25.
---------------------------------------------------------------------------

    As discussed below in the section-by-section analysis of proposed 
Sec.  1002.106(b), the Bureau is now proposing a definition of small 
business that largely adopts the SBREFA Outline's First Alternative 
Approach with a threshold of $5 million. After considering the 
implications of this approach, the Bureau now believes that it would 
render redundant any requirement that financial institutions also 
collect a standalone data point whose sole purpose is to state whether 
an applicant is a small business, because the gross annual revenue data 
point wholly encompasses whether an applicant is a small business. 
Indeed, under the proposed definition of small business, when a 
financial institution asks an applicant its gross annual revenue, that 
question is functionally identical to asking, ``are you a small 
business?'' The Bureau believes that it would be a reasonable 
interpretation of ECOA section 704B(b)'s query as to small business 
status for that question to take the form of, ``what is your gross 
annual revenue?'' Furthermore, as discussed above with respect to the 
Bureau's approach to non-small women- and minority-owned businesses, 
the Bureau is interpreting financial institutions' data collection 
obligations as attaching only in the case of applications from small 
businesses; if a financial institution determines that an applicant is 
not a small business, none of the obligations under this rule would 
apply. As such, a standalone data point that serves only to designate 
whether a business qualifies as small for purposes of the rule would be 
redundant with the mere fact that the 1071 data collection occurs at 
all, as well as with the collection of gross annual revenue.
    The Bureau acknowledges that the plain language of ECOA section 
704B(b) could be read to require financial institutions to ask 
applicants subject to the data collection the precise question, ``are 
you a small business?'' Upon further analysis, however, the Bureau 
believes that Congress's intended treatment of small business status as 
a standalone data point is ambiguous. As described in more detail above 
with respect to the rulemaking's coverage of women- and minority-owned 
businesses that are not small, 704B(b)'s introductory language and 
704B(b)(1) appear to require financial institutions to know the answer 
to whether an applicant is women-owned, minority-owned, or small before 
they make their inquiry; to resolve this ambiguity, the Bureau 
interprets 704B(b)'s introductory language and 704B(b)(1) to require 
that financial institutions first straightforwardly assess whether an 
applicant is a small business before proceeding to inquire into the 
applicant's protected demographic information that would otherwise be 
prohibited by existing Sec.  1002.5(b).
    In sum, pursuant to its authority under ECOA section 704B(g)(1) to 
prescribe such rules as may be necessary to carry out, enforce, and 
compile data pursuant to section 1071, the Bureau interprets 704B(b) 
and (b)(1) to obviate the need for financial institutions to collect a 
standalone data point whose sole purpose is to note an applicant's 
small business status. For the same reasons, the Bureau believes that 
not requiring the collection of a separate data point on small business 
status would be necessary or appropriate to carry out the purposes of 
section 1071; therefore, in the alternative, the Bureau proposes to 
exercise its exception authority in 704B(g)(2) to effect this outcome.

[[Page 56388]]

Finally, because the Bureau believes that the collection of a 
standalone data point on small business status would ``yield a gain of 
trivial or no value,'' the Bureau proposes, in the alternative, to 
exercise its implied de minimis authority to create this 
exception.\292\
---------------------------------------------------------------------------

    \292\ Waterkeeper All., 853 F.3d at 530 (quoting Pub. Citizen, 
869 F.2d at 1556); see Alabama Power, 636 F.2d at 360-61.
---------------------------------------------------------------------------

    In light of the above, the Bureau seeks comment on whether a 
standalone data point solely dedicated to small business status might 
nonetheless be useful and, if so, how it might be implemented.

F. Conforming Amendments to Existing Regulation B

    As discussed above, the Bureau is proposing to implement its 
section 1071 rule in a new subpart B of Regulation B. The content of 
existing Regulation B would become subpart A of Regulation B. This 
change would not affect the current section numbering in Regulation B. 
The Bureau believes it is appropriate to make this rule a part of 
Regulation B, as section 1071 is a part of ECOA. Nonetheless, the 
Bureau seeks comment on whether it should instead codify its section 
1071 rule as a free-standing regulation with its own CFR part and, if 
so, why.
    As noted above and as discussed in more detail below, the Bureau is 
proposing amendments to amend existing Sec.  1002.5(a)(4) and 
associated commentary to expressly permit voluntary collection of 
minority-owned business status, women-owned business status, and the 
race, sex, and ethnicity of applicants' principal owners in accordance 
with the requirements of subpart B. In addition, the Bureau anticipates 
revising certain references to the entire regulation (which use the 
terms ``regulation'' or ``part'') in existing Regulation B to instead 
refer specifically to subpart A. The Bureau does not intend to make any 
substantive changes with these revisions, but rather intends to 
maintain the status quo.
Subpart A--General
Section 1002.5 Rules Concerning Requests for Information
5(a) General Rules
5(a)(4) Other Permissible Collection of Information
Background
    ECOA prohibits creditors from discriminating against applicants, 
with respect to any aspect of a credit transaction, on the basis of--
among other things--race, color, religion, national origin, sex or 
marital status, or age.\293\ It also states that making an inquiry 
under 15 U.S.C. 1691c-2 (that is, section 1071), in accordance with the 
requirements of that section, shall not constitute discrimination for 
purposes of ECOA.\294\ Regulation B, in existing Sec.  1002.5(b), 
generally prohibits a creditor from inquiring about protected 
demographic information in connection with a credit transaction unless 
otherwise required by Regulation B, ECOA, or other Federal law or 
regulation.\295\
---------------------------------------------------------------------------

    \293\ 15 U.S.C. 1691(a).
    \294\ 15 U.S.C. 1691(b)(5).
    \295\ Existing Sec.  1002.5(a)(2).
---------------------------------------------------------------------------

    In 2017, the Bureau amended Regulation B, adding Sec.  1002.5(a)(4) 
to allow creditors to collect ethnicity, race, and sex from mortgage 
applicants in certain cases where the creditor is not required to 
report under HMDA and Regulation C.\296\ As part of this rulemaking, 
the Bureau added Sec.  1002.5(a)(4) to expressly permit the collection 
of ethnicity, race, and sex information from mortgage applicants in 
certain cases where the creditor is not required to report under HMDA 
and Regulation C. For example, existing Sec.  1002.5(a)(4) expressly 
permits the collection of ethnicity, race, and sex information for 
certain transactions for which Regulation C permits optional reporting. 
However, nothing in existing Regulation B (or in ECOA) expressly 
permits voluntary collection and reporting of information regarding the 
ethnicity, race, and sex of applicants' principal owners, or whether 
the applicant is a minority-owned business or women-owned business, 
under section 1071.
---------------------------------------------------------------------------

    \296\ Equal Credit Opportunity Act (Regulation B) Ethnicity and 
Race Information Collection, 82 FR 45680, 45684 (Oct. 2, 2017).
---------------------------------------------------------------------------

SBREFA Proposal Under Consideration and Feedback Received
    During the SBREFA process, some SERs, primarily small CDFIs and 
mission-oriented community banks, stated that they would be inclined to 
collect and report 1071 data to the Bureau even if not required to do 
so, such as if they fell under loan-volume thresholds. These SERs 
expressed an intent to report data even if not required to out of a 
belief in the importance and utility of 1071 data.
Proposed Rule
    The Bureau is proposing to amend existing Sec.  1002.5(a)(4) to add 
three exemptions (in proposed Sec.  1002.5(a)(4)(vii), (viii), and 
(ix)) that would permit certain creditors that are not covered 
financial institutions under the rule to collect small business 
applicants' protected demographic information under certain 
circumstances. The Bureau is also proposing to add comment 5(a)(2)-4 
and to revise existing comment 5(a)(4)-1 to provide guidance on these 
proposed exemptions.
    Proposed Sec.  1002.5(a)(4)(vii) would provide that a creditor that 
was required to report small business lending data pursuant to proposed 
Sec.  1002.109 for any of the preceding five calendar years but is not 
currently a covered financial institution under proposed Sec.  
1002.105(b) may collect information pursuant to proposed subpart B for 
a covered application as defined in proposed Sec.  1002.103 regarding 
whether the applicant is a minority-owned business or a women-owned 
business, and the ethnicity, race, and sex of the applicant's principal 
owners if it complies with the requirements of proposed subpart B as 
otherwise required for covered financial institutions pursuant to 
proposed Sec. Sec.  1002.107, 1002.108, 1002.111, 1002.112, and 
1002.114 for that application. In short, proposed Sec.  
1002.5(a)(4)(vii) would permit a previously covered financial 
institution to collect such information for covered applications for up 
to five years after it fell below the loan-volume threshold of proposed 
Sec.  1002.105(b), provided that it does so in accordance with the 
relevant requirements of proposed subpart B.
    The Bureau expects that some creditors that are no longer covered 
financial institutions and thus no longer required to report 1071 data 
in a given reporting year may prefer to continue to collect applicants' 
protected demographic information in the event they become a covered 
financial institution again, in order to maintain consistent compliance 
standards from year to year. As it did in a similar context for HMDA 
reporting,\297\ the Bureau believes that permitting such collection for 
five years provides an appropriate time frame under which a financial 
institution should be permitted to continue collecting the information 
without having to change its compliance processes. The Bureau believes 
that a five-year period is sufficient to help an institution discern 
whether it is likely to have to report 1071 data in the near future but 
not so long as to permit it to collect such information in a period too 
attenuated from previous 1071 reporting.
---------------------------------------------------------------------------

    \297\ Existing Sec.  1002.5(a)(4)(iii).
---------------------------------------------------------------------------

    Therefore, the Bureau believes that it is an appropriate use of its 
statutory authority under sections 703(a) \298\ and

[[Page 56389]]

704B(g)(1) of ECOA to permit creditors to collect the 1071 demographic 
information in the manner set out in proposed Sec.  1002.5(a)(4)(vii). 
The proposal would effectuate the purposes of and facilitate compliance 
with ECOA and is necessary to carry out, enforce, and compile data 
pursuant to section 1071 because it would permit creditors to collect 
information without interruption from year to year, thereby 
facilitating compliance with the 1071 rule's data collection 
requirements and improving the quality and reliability of the data 
collected. The Bureau also believes that this provision is narrowly 
tailored and would preserve and respect the general limitations in 
existing Sec.  1002.5(b) through (d).
---------------------------------------------------------------------------

    \298\ 15 U.S.C. 1691b(a).
---------------------------------------------------------------------------

    Proposed Sec.  1002.5(a)(4)(viii) would provide that a creditor 
that exceeded the loan-volume threshold in the first year of the two-
year threshold period provided in proposed Sec.  1002.105(b) may, in 
the second year, collect information pursuant to proposed subpart B for 
a covered application as defined in proposed Sec.  1002.103 regarding 
whether the applicant is a minority-owned business or a women-owned 
business, and the ethnicity, race, and sex of the applicant's principal 
owners if it complies with the requirements of subpart B as otherwise 
required for covered financial institutions pursuant to proposed 
Sec. Sec.  1002.107, 1002.108, 1002.111, 1002.112, and 1002.114 for 
that application.
    The Bureau believes that its proposal would benefit creditors in 
certain situations in which the creditor has not previously reported 
1071 data but expects to be covered in the following year and wishes to 
prepare for that future reporting obligation. For example, where a 
creditor surpasses the loan-volume threshold of proposed Sec.  
1002.105(b) for the first time in a given calendar year, it may wish to 
begin collecting applicants' protected demographic information for 
covered applications received in the next calendar year (second 
calendar year) so as to ensure its compliance systems are fully 
functional before it is required to collect and report information 
pursuant to proposed subpart B in the following calendar year (third 
calendar year).
    The Bureau believes that it is an appropriate use of its statutory 
authority under sections 703(a) and 704B(g)(1) of ECOA to permit 
creditors to collect information under proposed Sec.  
1002.5(a)(4)(viii). A creditor likely would benefit from being able to 
collect applicants' protected demographic information with assurance of 
compliance with existing Sec.  1002.5 regardless of whether it actually 
becomes subject to proposed subpart B reporting at the end of the two-
year threshold period. The proposal would effectuate the purposes of 
and facilitate compliance with ECOA and is necessary to carry out, 
enforce, and compile data pursuant to section 1071 because it would 
facilitate compliance with the 1071 rule's data collection requirements 
and improve the quality and reliability of the data collected by 
financial institutions that may be transitioning into being required to 
collect and report 1071 data.
    Proposed Sec.  1002.5(a)(4)(ix) would state that a creditor that is 
not currently a covered financial institution under proposed Sec.  
1002.105(b), and is not otherwise a creditor to which proposed Sec.  
1002.5(a)(4)(vii) or (viii) applies, may collect information pursuant 
to proposed subpart B for a covered application as defined in proposed 
Sec.  1002.103 regarding whether an applicant for a covered credit 
transaction is a minority-owned business or a women-owned business, and 
the ethnicity, race, and sex of the applicant's principal owners if the 
creditor complies with the requirements of proposed subpart B as 
otherwise required for covered financial institutions pursuant to 
proposed Sec. Sec.  1002.107 through 1002.112 and 1002.114 for that 
application. The proposal would permit a financial institution that 
wishes to voluntarily report 1071 data to collect applicants' protected 
demographic information without running afoul of Regulation B. Unlike 
creditors subject to proposed Sec.  1002.5(a)(4)(vii) or (viii), a 
creditor seeking to voluntarily collect applicant's protected 
demographic information under proposed Sec.  1002.5(a)(4)(ix) would be 
required to report it to the Bureau.
    The Bureau believes that permitting creditors to collect 1071 
demographic information pursuant to proposed Sec.  1002.5(a)(4)(vii) or 
(viii) would facilitate compliance and promote data quality in the 
event that creditors subject to those provisions later become covered 
financial institutions. For those creditors that wish to voluntarily 
report 1071 data, as well as others covered by proposed Sec.  
1002.5(a)(4)(ix) (where reporting is required when applicants' 
protected demographic information is collected), the reported data 
would be additional information that would further the intended 
purposes of the statute. An analysis of business and community 
development needs would benefit from the inclusion of voluntarily 
reported data from financial institutions below the reporting 
threshold. Such institutions more often serve sparsely populated rural, 
underserved communities or are member-owned organizations (such as 
credit unions). As some SERs suggested, the voluntary collection and 
reporting of 1071 data by such financial institutions may stem from a 
community development orientation and commitment to fair lending. 
Further, the reporting of such data would provide a more complete 
picture of total lending activity--and therefore enable a more complete 
analysis of fair lending risks as well as business and community 
development needs--especially given that larger financial institutions 
may be less likely to operate in sparsely populated, rural, and 
underserved communities, for the reasons set out in part II above. The 
Bureau is proposing Sec.  1002.5(a)(4)(ix) in response to feedback from 
some stakeholders that indicated they might want to collect and report 
1071 data even if they were not required to do so. The Bureau believes, 
for the reasons set out above, that it is an appropriate use of its 
general authority under sections 703(a) and 704B(g)(1) of ECOA to 
permit creditors to collect information under proposed Sec.  
1002.5(a)(4)(ix), as such collection would effectuate the purposes of 
and facilitate compliance with ECOA and is necessary to carry out, 
enforce, and compile data pursuant to section 1071. Further, the Bureau 
believes that permitting creditors to collect applicants' protected 
demographic information would result in the collection of additional 
information that could carry out section 1071's business and community 
development purpose.
    Existing comment 5(a)(4)-1 currently addresses recordkeeping 
requirements for ethnicity, race, and sex information that is 
voluntarily collected for HMDA under the existing provisions of Sec.  
1002.5(a)(4). The Bureau is proposing to revise this comment by adding 
to it a parallel reference to proposed subpart B, along with a 
statement that the information collected pursuant to proposed subpart B 
must be retained pursuant to the requirements set forth in proposed 
Sec.  1002.111.
    Proposed comment 5(a)(2)-4 would state that proposed subpart B of 
Regulation B generally requires creditors that are covered financial 
institutions as defined in proposed Sec.  1002.105(a) to collect and 
report information about the ethnicity, race, and sex of the principal 
owners of applicants for certain small business credit, as well as 
whether the applicant is minority-owned or women-owned as defined in 
proposed Sec.  1002.102(m) and (s), respectively. The Bureau is 
proposing this comment for parity with existing comment 5(a)(2)-2, 
which

[[Page 56390]]

addresses the requirement to collect and report information about the 
race, ethnicity, and sex of applicants under HMDA. Existing comment 
5(a)(2)-3 explains that persons such as loan brokers and correspondents 
do not violate ECOA or Regulation B if they collect information that 
they are otherwise prohibited from collecting, where the purpose of 
collecting the information is to provide it to a creditor that is 
subject to HMDA or another Federal or State statute or regulation 
requiring data collection. The Bureau believes that the reference to 
another Federal statute or regulation adequately encompasses section 
1071 and proposed subpart B, and thus it does not propose to amend this 
existing comment in order to make clear that loan brokers and other 
persons collecting applicants' protected demographic information on 
behalf of covered financial institutions are not violating ECOA or 
Regulation B by doing so.
    The Bureau seeks comment on these three proposed exemptions to be 
added to existing Sec.  1002.5(a)(4), and associated commentary, 
including whether there are other specific situations that should be 
added to the list of exemptions in Sec.  1002.5(a)(4) to permit the 
collection of applicants' protected demographic information, and 
whether any similar modifications to other provisions are necessary. In 
particular, the Bureau seeks comment on whether it should add another 
exemption to Sec.  1002.5(a)(4) relating to proposed Sec.  
1002.114(c)(1), wherein the Bureau is proposing to permit financial 
institutions to collect, but would not require them to report, 
applicants' protected demographic information prior to the compliance 
date.
    The Bureau also notes that, as discussed in the section-by-section 
analysis of proposed Sec.  1002.104(a) below, it seeks comment on 
whether it should permit financial institutions to voluntarily collect 
and report 1071 data on applications for products that the Bureau is 
not proposing to cover. If the Bureau were to permit such voluntary 
collection and reporting, the Bureau expects to add a provision similar 
to proposed Sec.  1002.5(a)(4)(ix) to address it.
Subpart B--Small Business Lending Data Collection
Section 1002.101 Authority, Purpose, and Scope
    Proposed Sec.  1002.101 would set forth the authority, purpose, and 
scope for proposed subpart B. Specifically, it would provide that 
proposed subpart B is issued by the Bureau pursuant to section 704B of 
ECOA (15 U.S.C. 1691c-2). It would further state that, except as 
otherwise provided therein, proposed subpart B applies to covered 
financial institutions, as defined in proposed Sec.  1002.105(b), other 
than a person excluded from coverage of this part by section 1029 of 
the Dodd-Frank Act. It also would set out section 1071's two statutory 
purposes of facilitating fair lending enforcement and enabling the 
identification of business and community development needs and 
opportunities for women-owned, minority-owned, and small businesses.
    The Bureau seeks comment on its proposed approach to this section, 
including whether any other information on the 1071 rule's authority, 
purpose, or scope should be addressed herein.
Section 1002.102 Definitions
    The Bureau is proposing a number of definitions for terms used in 
subpart B, in Sec.  1002.102.\299\ These definitions generally fall 
into several categories. First, some definitions in proposed Sec.  
1002.102 refer to terms defined elsewhere in proposed subpart B--
specifically, the terms business, covered application, covered credit 
transaction, covered financial institution, financial institution, and 
small business are defined in proposed Sec. Sec.  1002.106(a), 
1002.103, 1002.104, 1002.105(b), 1002.105(a), and 1002.106(b), 
respectively. These terms are of particular importance in proposed 
subpart B, and the Bureau is proposing to define them in separate 
sections, rather than in proposed Sec.  1002.102, for ease of reading.
---------------------------------------------------------------------------

    \299\ The Bureau notes that there are certain terms defined in 
proposed subpart B outside of proposed Sec.  1002.102. This occurs 
where a definition is relevant only to a particular section. For 
example, the firewall provisions in proposed Sec.  1002.108 use the 
phrases ``involved in making any determination concerning a covered 
application'' and ``should have access.'' Those phrases are defined 
in Sec.  1002.108(a). Those definitions are discussed in detail in 
the section-by-section analysis of the provisions in which they 
appear.
---------------------------------------------------------------------------

    Second, some terms in proposed Sec.  1002.102 are defined by cross-
referencing the definitions of terms defined in existing Regulation B--
specifically, business credit, credit, and State are defined by 
reference to existing Sec.  1002.2(g), (j), and (aa), respectively. 
Similarly, several definitions refer to terms defined in other 
regulations--specifically, a portion of the affiliate definition refers 
to the SBA's regulation at 13 CFR 121.103, and dwelling refers to the 
definition in Regulation C Sec.  1003.2(f). These terms are each used 
in proposed subpart B, and the Bureau believes it is appropriate to 
incorporate them into the subpart B definitions in this manner.
    Finally, the remaining terms are defined directly in proposed Sec.  
1002.102. These include applicant, closed-end credit transaction, 
minority individual, minority-owned business, open-end credit 
transaction, principal owner, small business lending application 
register, and women-owned business, as well as a portion of the 
definition of affiliate. Some of these definitions draw on definitions 
in existing Regulation B or elsewhere in Federal laws or regulations.
    The Bureau believes that basing this proposal's definitions on 
previously defined terms (whether in Regulation B, Regulation C, or 
regulations promulgated by another agency), to the extent possible, 
would minimize regulatory uncertainty and facilitate compliance, 
particularly where the other regulations are likely to apply, in their 
own right, to the same transactions. However, as discussed further 
below, the Bureau is in certain instances proposing to deviate from the 
existing definitions for purposes of this proposal.
    These definitions are each discussed in detail below. The Bureau is 
proposing these definitions pursuant to its authority under section 
704B(g)(1) to prescribe such rules and issue such guidance as may be 
necessary to carry out, enforce, and compile data pursuant to section 
1071. In addition, the Bureau is proposing certain of these definitions 
to implement particular definitions in section 1071 including the 
statutory definitions set out in 704B(h). Any other authorities that 
the Bureau is relying on to propose certain definitions are discussed 
in the section-by-section analysis of those specific definitions.
    The Bureau seeks comment on its proposed approach to each of these 
definitions, as well as whether there are any other terms that the 
Bureau should define for purposes of proposed subpart B.
102(a) Affiliate
    Proposed Sec.  1002.102(a) would define ``affiliate'' based on 
whether the term is used to refer to a financial institution or to an 
applicant.
    Proposed Sec.  1002.102(a) would define ``affiliate'' with respect 
to a financial institution as any company that controls, is controlled 
by, or is under common control with, another company, as set forth in 
the Bank Holding Company Act of 1956.\300\ Existing Regulation B does 
not define affiliate. This proposed definition

[[Page 56391]]

would provide a consistent approach with the Bureau's Regulation C, 
which applies the term to financial institutions, as defined in 
Regulation C, for certain reporting obligations.\301\ The Bureau 
believes that this definition would be appropriate to define an 
affiliate of a financial institution, and that it should provide 
sufficient clarity for financial institutions when determining 
responsibilities under proposed subpart B.
---------------------------------------------------------------------------

    \300\ 12 U.S.C. 1841 et seq.
    \301\ See Regulation C comment 4(a)(11)-3.
---------------------------------------------------------------------------

    Proposed Sec.  1002.102(a) would define ``affiliate'' with respect 
to a business or an applicant as having the same meaning as described 
in 13 CFR 121.103, which is an SBA regulation titled ``How does SBA 
determine affiliation?'' This proposed definition would provide 
consistency with the Bureau's proposed approach to what constitutes a 
small business for purposes of section 1071, as discussed in the 
section-by-section analysis of proposed Sec.  1002.106(b) below. As 
discussed in the section-by-section analysis of proposed Sec.  
1002.106(b) below, the Bureau is proposing to define a small business 
by reference to the SBA's regulations (with the exception of an 
alternate size standard, as set forth in proposed Sec.  1002.106(b)). 
As discussed in the section-by-section analysis of proposed Sec.  
1002.107(a)(14), the Bureau is proposing to permit, but not require, a 
financial institution to report the gross annual revenue for the 
applicant in a manner that includes the revenue of affiliates as well. 
As discussed in the section-by-section analysis of proposed Sec.  
1002.107(a)(16), the Bureau is proposing that a financial institution, 
if asked, shall explain to the applicant that workers for affiliates of 
the applicant would only be counted if the financial institution were 
also collecting the affiliates' gross annual revenue. The Bureau is 
therefore proposing to define affiliate in subpart B for purposes of a 
business or an applicant by referring to the SBA's definition of 
affiliate.
    The Bureau seeks comment on its proposed approach to this 
definition.
102(b) Applicant
    Proposed Sec.  1002.102(b) would define ``applicant'' to mean any 
person who requests or who has received an extension of business credit 
from a financial institution. The term ``applicant'' is undefined in 
section 1071. Proposed Sec.  1002.102(b) is based on the definition of 
applicant in existing Regulation B, though for consistency with other 
parts of this proposed rule, it adds a limitation that the credit be 
business credit and uses the term financial institution instead of 
creditor. It also omits the references to other persons who are or may 
become contractually liable regarding an extension of credit such as 
guarantors, sureties, endorsers, and similar parties. The Bureau is 
concerned that including other such persons could exceed the scope of 
the data collection anticipated by section 1071. Including them could 
also make the data collection more difficult as financial institutions 
might need to report data points (such as gross annual revenue, NAICS 
code, time in business, and others) regarding multiple persons in 
connection with a single application. Collecting such information on 
guarantors, sureties, endorsers, and similar parties would likely not 
support 1071's business and community development purpose. Thus, the 
Bureau believes it is appropriate to limit the definition of applicant 
in proposed subpart B to only those persons who request, or have 
received, an extension of business credit from a financial institution.
    The Bureau seeks comment on its proposed approach to this 
definition.
102(c) Business
    Proposed Sec.  1002.102(c) would refer to proposed Sec.  
1002.106(a) for a definition of the term ``business.'' See the section-
by-section analysis of proposed Sec.  1002.106(a) for a detailed 
discussion of that definition.
102(d) Business Credit
    Proposed Sec.  1002.102(d) would refer to existing Sec.  1002.2(g) 
for a definition of the term ``business credit.'' The term ``credit'' 
is undefined in section 1071. Section 1071 does not use the term 
``business credit,'' though it does define ``small business loan'' as a 
loan made to a small business. Existing Sec.  1002.2(g) defines 
``business credit'' as ``referring to extensions of credit primarily 
for business or commercial (including agricultural) purposes, but 
excluding extensions of credit of the types described in Sec.  
1002.3(a) through (d).'' The Bureau believes it is appropriate to 
define business credit by reference to the existing definition in 
Regulation B. The Bureau's proposal uses the term business credit 
principally in defining a covered credit transaction in proposed Sec.  
1002.104(a).
    As described in the section-by-section analysis of proposed Sec.  
1002.104(a) below, loans, lines of credit, credit cards, and MCAs 
(including such credit transactions for agricultural purposes and those 
that are also covered by HMDA) would all fall under the proposed 
definition for business credit.
    The Bureau notes existing Sec.  1002.2(g) excludes public utilities 
credit, securities credit, incidental credit, and government credit 
(that is, extensions of credit made to governments or governmental 
subdivisions, agencies, or instrumentalities--not extensions of credit 
made by governments), as defined in existing Sec.  1002.3(a) through 
(d), from certain aspects of existing Regulation B.\302\ As described 
in the section-by-section analysis of proposed Sec.  1002.104(b) below, 
for the purpose of subpart B, the Bureau is proposing complete 
exclusions for public utilities credit, securities credit, and 
incidental credit from the definition of a covered credit transaction 
in proposed Sec.  1002.104(b). The Bureau is not proposing an exclusion 
for extensions of credit made to governments or governmental 
subdivisions, agencies, or instrumentalities, because governmental 
entities would not constitute small businesses under the proposed 
rule.\303\ Moreover, as described in the section-by-section analysis of 
proposed Sec.  1002.104(b) below, the Bureau believes it is appropriate 
to interpret section 1071 as not applying to factoring, leases, 
consumer-designated credit used for business purposes, or credit 
secured by certain investment properties.
---------------------------------------------------------------------------

    \302\ As explained in existing comment 3-1, under Sec.  1002.3, 
procedural requirements of Regulation B do not apply to certain 
types of credit. The comment further states that all classes of 
transactions remain subject to Sec.  1002.4(a) (the general rule 
barring discrimination on a prohibited basis) and to any other 
provision not specifically excepted.
    \303\ Government entities are not ``organized for profit'' and 
thus would not be a ``business concern'' under proposed Sec.  
1002.106(a).
---------------------------------------------------------------------------

    The Bureau seeks comment on its proposed approach to this 
definition.
102(e) Closed-End Credit Transaction
    Proposed Sec.  1002.102(e) states that a closed-end credit 
transaction means an extension of credit that is not an open-end credit 
transaction under proposed Sec.  1002.102(n). The Bureau's proposal 
specifies different requirements for collecting and reporting certain 
data points based on whether the application is for a closed-end credit 
transaction or an open-end credit transaction. See the section-by-
section analysis of proposed Sec.  1002.102(n) for a discussion of what 
constitutes an open-end credit transaction.
    The Bureau seeks comment on its proposed approach to this 
definition.
102(f) Covered Application
    Proposed Sec.  1002.102(f) would refer to proposed Sec.  1002.103 
for a definition of the term ``covered application.'' See the

[[Page 56392]]

section-by-section analysis of proposed Sec.  1002.103 for a detailed 
discussion of that definition.
102(g) Covered Credit Transaction
    Proposed Sec.  1002.102(g) would refer to proposed Sec.  1002.104 
for a definition of the term ``covered credit transaction.'' See the 
section-by-section analysis of proposed Sec.  1002.104 for a detailed 
discussion of that definition.
102(h) Covered Financial Institution
    Proposed Sec.  1002.102(h) would refer to proposed Sec.  
1002.105(b) for a definition of the term ``covered financial 
institution.'' See the section-by-section analysis of proposed Sec.  
1002.105(b) for a detailed discussion of that definition.
102(i) Credit
    Proposed Sec.  1002.102(i) would refer to existing Sec.  1002.2(j) 
for a definition of the term ``credit.'' The term ``credit'' is 
undefined in section 1071. Existing Sec.  1002.2(j), which largely 
follows the definition of credit in ECOA,\304\ defines ``credit'' to 
mean the right granted by a creditor to an applicant to defer payment 
of a debt, incur debt and defer its payment, or purchase property or 
services and defer payment therefor. The Bureau believes that referring 
to this existing definition of credit for purposes of subpart B would 
help to foster consistency with existing Regulation B. The term credit 
in proposed subpart B is used in the context of what constitutes a 
covered credit transaction--that is, whether the application is 
reportable under the section 1071 rule. See the section-by-section 
analysis of proposed Sec.  1002.104 below for more details.
---------------------------------------------------------------------------

    \304\ See 15 U.S.C. 1691a. Existing Regulation B uses the term 
``applicant'' instead of ``debtor.''
---------------------------------------------------------------------------

    The Bureau seeks comment on its proposed approach to this 
definition.
102(j) Dwelling
    Proposed Sec.  1002.102(j) would refer to Regulation C Sec.  
1003.2(f) for a definition of the term ``dwelling.'' That provision 
defines dwelling to mean a residential structure, whether or not 
attached to real property. The term includes but is not limited to a 
detached home, an individual condominium or cooperative unit, a 
manufactured home or other factory-built home, or a multifamily 
residential structure or community. Proposed comment 102(j)-1 would 
provide that Bureau interpretations that appear in supplement I to part 
1003 containing official commentary in connection with Sec.  1003.2(f) 
are generally applicable to the definition of a dwelling in proposed 
Sec.  1002.102(j). Proposed comment 102(j)-2 would clarify that the 
definition of dwelling under existing Sec.  1002.14(b)(2) applies to 
relevant provisions under existing Regulation B, and proposed Sec.  
1002.102(j) is not intended to repeal, abrogate, annul, impair, or 
interfere with any existing interpretations, orders, agreements, 
ordinances, rules, or regulations adopted or issued pursuant to 
existing Sec.  1002.14(b)(2).
    The Bureau believes that adopting the Regulation C definition of 
dwelling would streamline reporting and minimize compliance risks for 
financial institutions that are also reporting covered credit 
transactions under HMDA and would simplify data analysis for HMDA-
reportable transactions. As an alternative, the Bureau considered 
adopting the existing Regulation B definition of dwelling, which is 
similar to the Regulation C definition. The Bureau understands that the 
existing Regulation B definition of dwelling is primarily applied in 
the context of the ECOA Valuations Rule\305\ and would thus not 
streamline reporting and minimize compliance risks in the same way as 
would adopting the Regulation C definition, which is already being 
applied to data collection and reporting requirements. The existing 
Regulation B definition of dwelling is also not supported by the same 
level of clarifying commentary as the definition under Regulation C. 
The Bureau believes that proposed comment 102(j)-1 will address most if 
not all questions related to the definition of dwelling by 
incorporating the Bureau's official commentary related to Sec.  
1003.2(f). Proposed comment 102(j)-2 also seeks to avoid potential 
confusion by clarifying that proposed Sec.  1002.102(j) does not affect 
the status of existing Sec.  1002.14(b)(2), which defines the term 
``dwelling'' for purposes of existing Regulation B.
---------------------------------------------------------------------------

    \305\ See 12 CFR 1002.14.
---------------------------------------------------------------------------

    The Bureau seeks comment on its proposed approach to this 
definition.
102(k) Financial Institution
    Proposed Sec.  1002.102(l) would refer to proposed Sec.  
1002.105(a) for a definition of the term ``financial institution.'' See 
the section-by-section analysis of proposed Sec.  1002.105(a) for a 
detailed discussion of that definition.
102(l) Minority Individual
Background
    ECOA section 704B(b)(1) requires a financial institution to ask 
whether an applicant is a minority-owned business. Additionally, 
704B(h)(5) uses the term ``minority individual'' when defining the term 
minority-owned business. Although 704B(h)(5) defines the term 
``minority,'' section 1071 does not define the term ``minority 
individual.'' Section 704B(h)(4) defines the term ``minority'' as 
having the same meaning as in section 1204(c)(3) of the Financial 
Institutions Reform, Recovery, and Enforcement Act of 1989 
(FIRREA).\306\ That statute defines ``minority'' to mean any Black 
American, Native American, Hispanic American, or Asian American.\307\
---------------------------------------------------------------------------

    \306\ Public Law 101-73, section 1204(c)(3), 103 Stat. 183, 521 
(1989) (12 U.S.C. 1811 note).
    \307\ Id.
---------------------------------------------------------------------------

SBREFA Proposal Under Consideration and Feedback Received
    In the SBREFA Outline, the Bureau stated that it was considering 
proposing guidance that would clarify that a minority individual is a 
natural person who is Black or African American, Asian, American Indian 
or Alaska Native, Native Hawaiian or Other Pacific Islander, and/or 
Hispanic or Latino \308\ (i.e., would mirror the aggregate race and 
ethnicity categories in Regulation C).thnsp;\309\ The Bureau also 
stated it was considering proposing guidance clarifying that a multi-
racial person would be considered a minority individual.
---------------------------------------------------------------------------

    \308\ SBREFA Outline at 18-19.
    \309\ Appendix B to 12 CFR part 1003.
---------------------------------------------------------------------------

    Several SERs supported clarifying the meaning of minority 
individual using the aggregate categories for race and ethnicity in 
Regulation C.\310\ However, one SER suggested using the disaggregated 
categories in Regulation C, instead of the aggregate categories, for 
this purpose. Other stakeholders providing feedback on the SBREFA 
Outline generally supported using the aggregate categories when 
determining who is a minority individual for purposes of reporting 
whether a business is a minority-owned business.
---------------------------------------------------------------------------

    \310\ The SER feedback discussed in this section-by-section 
analysis can be found in the SBREFA Panel Report at 22.
---------------------------------------------------------------------------

    The SBREFA Panel recommended clarifying that, consistent with the 
aggregate categories for race and ethnicity in Regulation C, a minority 
individual is a natural person who is Black or African American, Asian, 
American Indian or Alaska Native, Native Hawaiian or Other Pacific 
Islander, and/or Hispanic or Latino.\311\
---------------------------------------------------------------------------

    \311\ Id. at 44.
---------------------------------------------------------------------------

Proposed Rule
    Consistent with the approach that the Bureau took during the SBREFA 
process, proposed Sec.  1002.102(1) would clarify that the term 
``minority

[[Page 56393]]

individual'' means a natural person who is American Indian or Alaska 
Native, Asian, Black or African American, Native Hawaiian or Other 
Pacific Islander, and/or Hispanic or Latino. The Bureau believes that 
these categories represent contemporary, more specific delineations of 
the categories described in section 1204(c)(3) of FIRREA.\312\ Proposed 
comment 102(1)-2 would clarify that a multi-racial or multi-ethnic 
person would be a minority individual. Proposed comment 102(1)-1 would 
clarify that this definition would be used only when an applicant 
determines whether it is a minority-owned business pursuant to proposed 
Sec. Sec.  1002.102(m) and 1002.107(a)(18). Proposed comment 102(1)-3 
would clarify the relationship of the definition of minority individual 
to the disaggregated subcategories used to determine a principal 
owner's ethnicity and race. The Bureau's proposed approach is 
consistent with the SBREFA Panel's recommendation discussed above.
---------------------------------------------------------------------------

    \312\ See, e.g., 80 FR 36356 (June 24, 2015) (NCUA interpretive 
ruling and policy statement implementing an identical FIRREA 
definition of minority using this same modern terminology).
---------------------------------------------------------------------------

    The Bureau believes this clarified terminology, which uses the 
aggregate ethnicity and race categories set forth in existing 
Regulation B \313\ and Regulation C,\314\ would avoid the potentially 
confusing situation where an applicant is using one set of aggregate 
race and ethnicity categories when answering questions about the 
principal owners' race and ethnicity but is asked to use a different 
set of aggregate categories when indicating whether a business is a 
minority-owned business. It also avoids creating a situation where a 
financial institution is required to use different race and ethnicity 
categories when complying with different portions of Regulation B and, 
if applicable, Regulation C. Consistency among race and ethnicity data 
collection regimes may also allow for better coordination among data 
users when reviewing data across multiple data collection regimes.\315\
---------------------------------------------------------------------------

    \313\ 12 CFR 1002.13(a)(1)(i).
    \314\ Appendix B to 12 CFR part 1003.
    \315\ For example, the OMB uses these same categories for the 
classification of Federal data on race and ethnicity. See Off. of 
Mgmt. & Budget, Revisions to the Standards for the Classification of 
Federal Data on Race and Ethnicity, 62 FR 58785 (Oct. 30, 1996).
---------------------------------------------------------------------------

    The Bureau seeks comment on its proposed approach to this 
definition, including its proposed clarification of the definition of 
minority individual, and requests comment on whether additional 
clarification is needed. Additionally, in section-by-section analysis 
of proposed Sec.  1002.107(a)(20), the Bureau is requesting comment 
regarding whether an additional category for Middle Eastern or North 
African should be added for purposes of responding to a financial 
institution's inquiry regarding a principal owner's ethnicity or race 
and, if so, how this category should be included and defined. The 
Bureau also seeks comment on whether the definition of minority 
individual should include a natural person who is Middle Eastern or 
North African, as well as whether the inclusion of a natural person who 
is Middle Eastern or North African in the definition of minority 
individual for purposes of proposed Sec.  1002.102(l) should be 
dependent on whether Middle Eastern or North African is added as an 
aggregate category for purposes of proposed Sec.  1002.107(a)(20).
102(m) Minority-Owned Business
Background
    ECOA section 704B(b)(1) requires financial institutions to inquire 
whether applicants for credit are minority-owned businesses. For 
purposes of the financial institution's inquiry under 704B(b), 
704B(h)(5) defines a business as a minority-owned business if (A) more 
than 50 percent of the ownership or control is held by one or more 
minority individuals, and (B) more than 50 percent of the net profit or 
loss accrues to one or more minority individuals. Section 1071 does not 
expressly define the related terms of ``ownership'' or ``control,'' nor 
does it describe what it means for net profits or losses to accrue to 
an individual.
SBREFA Proposal Under Consideration and Feedback Received
    In the SBREFA Outline, the Bureau stated it was considering 
proposing use of the statutory definition of ``minority-owned 
business'' (as set forth above) with further clarification of the terms 
``ownership'' and ``control.'' \316\ The Bureau considered proposing 
use of concepts set forth in the Financial Crimes Enforcement Network's 
(FinCEN) Customer Due Diligence (CDD) rule \317\ to clarify these 
terms.
---------------------------------------------------------------------------

    \316\ SBREFA Outline at 18-19.
    \317\ See 31 CFR 1010.230.
---------------------------------------------------------------------------

    Some SERs expressed concerns with certain aspects of the statutory 
definition of minority-owned business, asserting that the definition 
could cause confusion or pose particular complexities.\318\ Several 
SERs and some other stakeholders providing feedback on the SBREFA 
Outline asked that the definition of minority-owned business be revised 
to align with the definition used by other agencies, such as the SBA 
and the CDFI Fund. These SERs and other commenters recommended that the 
Bureau use a ``50 percent or more'' threshold for ownership or control, 
instead of the ``more than 50 percent'' standard in the statutory 
definition. Conversely, two SERs and several other commenters supported 
using the statutory definition of minority-owned business, including 
the ``more than 50 percent'' portion of the definition.
---------------------------------------------------------------------------

    \318\ The SER feedback discussed in this section-by-section 
analysis can be found in the SBREFA Panel Report at 22.
---------------------------------------------------------------------------

    A number of SERs recommended that the Bureau simplify the 
definition to ensure it is understandable to small business applicants 
and to thereby facilitate consistent data collection. SERs' suggestions 
included eliminating the portion of the definition that refers to 
accrual of net profits and losses, eliminating the portion of the 
definition that refers to control, and providing a simplified and 
standardized definition.
    Several SERs supported using the concepts of ownership and control 
in FinCEN's CDD rule when defining minority-owned business; one SER 
said that doing so would be logical and efficient, while another said 
it would create regulatory consistency and ease compliance burden. One 
SER said that most credit unions are familiar with the CDD rule. 
Generally, other commenters supported use of the CDD concepts to 
clarify the terms ``ownership'' and ``control.'' They stated that small 
business applicants are familiar with the concepts in the CDD rule or 
that they appreciated the consistency with existing regulatory 
requirements. However, one trade association commenter requested that 
the Bureau provide simplified applicant-facing materials without 
clarifying the definition, and two other stakeholders suggested that 
applicants might not be familiar with the CDD rule or may not 
understand the CDD rule.
    The SBREFA Panel recommended seeking comment on potential 
interpretations of the definition of minority-owned business to clarify 
the term and to ensure that small business applicants would be able to 
understand questions asking if they are minority-owned businesses.\319\
---------------------------------------------------------------------------

    \319\ Id. at 44.
---------------------------------------------------------------------------

Proposed Rule
    Proposed Sec.  1002.102(m) would define a minority-owned business 
as a business for which more than 50 percent of its ownership or 
control is held by one or more minority individuals, and more than 50 
percent of its net profits or

[[Page 56394]]

losses accrue to one or more minority individuals. This definition is 
consistent with ECOA section 704B(h)(5) and the Bureau's proposal under 
consideration in the SBREFA Outline.
    Proposed comment 102(m)-1 would explain that a business must 
satisfy both prongs of the definition to be a minority-owned business--
that is, (A) more than 50 percent of the ownership or control is held 
by one or more minority individuals, and (B) more than 50 percent of 
the net profits or losses accrue to one or more minority individuals.
    Proposed comment 102(m)-2 would clarify that the definition of 
minority-owned business is used only when an applicant determines if it 
is a minority-owned business for purposes of proposed Sec.  
1002.107(a)(18). A financial institution would provide the definition 
of minority-owned business when asking the applicant to provide 
minority-owned business status pursuant to proposed Sec.  
1002.107(a)(18), but a financial institution would not be permitted or 
required to make its own determination regarding whether an applicant 
is a minority-owned business for this purpose.
    Proposed comment 102(m)-3 would further note that a financial 
institution would be permitted to assist an applicant when determining 
whether it is a minority-owned business but would not be required to do 
so, and could provide the applicant with the definitions of ownership, 
control, and accrual of net profits or losses set forth in proposed 
comments 102(m)-4 through -6. Additionally, for purposes of reporting 
an applicant's minority-owned business status, a financial institution 
would rely on the applicant's determinations of its ownership, control, 
and accrual of net profits and losses.
    Consistent with the approach described during the SBREFA process, 
the Bureau is proposing to clarify ``ownership'' and ``control'' using 
concepts from the CDD rule. Proposed comment 102(m)-4 would clarify 
that a natural person owns a business if that natural person directly 
or indirectly, through any contract, arrangement, understanding, 
relationship or otherwise, has an equity interest in the business. 
Proposed comment 102(m)-4 would also provide examples of ownership and 
clarify that, where applicable, ownership would need to be traced or 
followed through corporate or other indirect ownership structures for 
purposes of proposed Sec. Sec.  1002.102(m) and 1002.107(a)(18). 
Proposed comment 102(m)-5 would clarify that a natural person controls 
a business if that natural person has significant responsibility to 
manage or direct the business, and would provide examples of natural 
persons who control a business. Proposed comment 102(m)-6 would clarify 
that a business's net profits and losses accrue to a natural person if 
that natural person receives the net profits or losses, is legally 
entitled or required to receive the net profits or losses, or is 
legally entitled or required to recognize the net profits or losses for 
tax purposes.
    The Bureau believes many small business applicants already respond 
to questions about who owns and who controls a business entity when 
completing CDD forms or otherwise responding to questions related to 
the CDD rule and thus should be familiar with the concepts in the CDD 
rule. Because the CDD rule does not address the second prong of the 
definition in ECOA section 704B(h)(5) (regarding accrual of net profit 
or loss), the Bureau is proposing in Sec.  1002.102(m) that this prong 
of the definition be defined to mean that one or more minority 
individuals must receive or be legally entitled to receive the net 
profits or losses or that one or more minority individuals must be 
legally required to recognize the net profits and losses. However, the 
Bureau shares some SERs' concerns that the statutory definition of 
minority-owned business might, in some cases, be difficult for 
applicants to understand, which could in turn jeopardize the accuracy 
of reported data. Thus, consistent with the SBREFA Panel's 
recommendation, the Bureau seeks comment on the proposed definition of 
minority-owned business and possible alternatives that may clarify the 
term in order to help ensure that small business applicants can 
determine whether they are minority-owned businesses for purposes of 
section 1071 data collection.
102(n) Open-End Credit Transaction
    Proposed Sec.  1002.102(n) would state that open-end credit 
transaction means an open-end credit plan as defined in Regulation Z 
Sec.  1026.2(a)(20), but without regard to whether the credit is 
consumer credit, as defined in Sec.  1026.2(a)(12), is extended by a 
creditor, as defined in Sec.  1026.2(a)(17), or is extended to a 
consumer, as defined in Sec.  1026.2(a)(11). The term ``open-end credit 
transaction'' is undefined in section 1071. The Bureau's proposal 
specifies different rules for collecting and reporting certain data 
points based on whether the application is for a closed-end credit 
transaction or an open-end credit transaction. The Bureau believes its 
proposed definition is reasonable because it aligns with the definition 
of ``open-end credit transaction'' in Regulation Z Sec.  1026.2(a)(20). 
The Bureau further believes that such alignment will minimize confusion 
and facilitate compliance.
    The Bureau seeks comment on its proposed approach to this 
definition.
102(o) Principal Owner
Background
    ECOA section 704B(e) requires financial institutions to compile and 
maintain the ethnicity, race, and sex of an applicant's principal 
owners. However, section 1071 does not expressly define who is a 
principal owner of a business.
SBREFA Proposal Under Consideration and Feedback
    In the SBREFA Outline, the Bureau stated that it was considering 
proposing to define the term ``principal owner'' in a manner consistent 
with the CDD rule.\320\ Under a definition consistent with the CDD 
rule, an individual would be a principal owner if the individual 
directly or indirectly, through any contract, arrangement, 
understanding, relationship or otherwise, owns 25 percent or more of 
the equity interests of the business.
---------------------------------------------------------------------------

    \320\ SBREFA Outline at 32.
---------------------------------------------------------------------------

    Several SERs and other stakeholders providing feedback on the 
SBREFA Outline expressed familiarity with the CDD rule, and supported 
aligning with that rule's 25 percent ownership standard for defining a 
principal owner for the section 1071 rule.\321\ One SER said that 
aligning definitions with the CDD rule would be logical and efficient. 
Another SER supported use of the CDD rule's concepts in determining who 
was a principal owner. Other SERs and stakeholders said they currently 
collect this information for beneficial owners at or above 20 percent 
in order to comply with SBA or other requirements and suggested 
aligning with that standard instead.
---------------------------------------------------------------------------

    \321\ The SER feedback discussed in this section-by-section 
analysis can be found in the SBREFA Panel Report at 30.
---------------------------------------------------------------------------

    The SBREFA Panel recommended that the Bureau propose aligning the 
definition of principal owner with concepts of ownership and control 
that exist in other Federal regulations with which financial 
institutions are already complying, to the extent possible.\322\
---------------------------------------------------------------------------

    \322\ Id. at 46.
---------------------------------------------------------------------------

Proposed Rule
    Proposed Sec.  1002.102(o) would define principal owner in a manner 
that is, in

[[Page 56395]]

part, consistent with the CDD rule. Specifically, a natural person 
would be a principal owner if the natural person directly owns 25 
percent or more of the equity interests of the business. However, as 
proposed comment 102(o)-1 would note, a natural person would need to 
directly own an equity share of 25 percent or more in the business in 
order to be a principal owner. Due to the potential complications with 
collecting a principal owner's ethnicity, race, and sex information 
when a trust or entity is an owner, the Bureau is proposing that 
entities not be considered principal owners and indirect ownership by 
individuals likewise not be considered when determining if someone is a 
principal owner for purposes of collecting and reporting principal 
owners' ethnicity, race, and sex or the number of principal owners. 
Thus, when determining who is a principal owner, ownership would not be 
traced through multiple corporate structures to determine if a natural 
person owns 25 percent or more of the applicant's equity interests. 
Additionally, because only a natural person would be a principal owner 
for the 1071 rule, entities such trusts, partnerships, limited 
liability companies, and corporations, would not be principal owners.
    Proposed comment 102(o)-2 would clarify that a financial 
institution would provide an applicant with the definition of principal 
owner when asking the applicant to provide the number of its principal 
owners pursuant to proposed Sec.  1002.107(a)(21) and the ethnicity, 
race, and sex of its principal owners pursuant to proposed Sec.  
1002.107(a)(20). If a financial institution meets in person with a 
natural person about a covered application, the financial institution 
may be required to determine if the natural person with whom it meets 
is a principal owner in order to collect and report the principal 
owner's ethnicity and race based on visual observation and/or surname. 
(See proposed comments 107(a)(20)-5 and -9.) Additionally, proposed 
comment 102(o)-2 would note that if an applicant does not provide the 
number of its principal owners in response to the financial 
institution's request pursuant to proposed Sec.  1002.107(a)(21), the 
financial institution may need to determine the number of the 
applicant's principal owners and report that information based on other 
documents or information. (See proposed comments 107(a)(21)-1 through -
3.)
    Consistent with its approach in the SBREFA Outline and with the 
SBREFA Panel's recommendation, the Bureau is proposing that the 
definition of principal owner align with the 25 percent ownership 
definition in the CDD rule. The Bureau believes that this standard, 
which aligns with another Federal regulation, is already broadly in use 
and is likely to be familiar to most financial institutions and 
applicants. Banks, credit unions, and certain other financial 
institutions must comply with the CDD rule. The Bureau believes 
applicants, as a general matter, are more likely to be familiar with 
CDD requirements than SBA or CDFI Fund requirements because they have 
to complete CDD forms before opening an initial account (i.e., loan or 
deposit account) at a bank or at certain other institutions. However, 
due to potential complications with collecting ethnicity, race, and sex 
information for principal owners, the Bureau is proposing that 
individuals that only indirectly own 25 percent or more of an 
applicant's equity interests, as well as entities and trusts, are not 
principal owners.
    The Bureau notes that it is possible under its proposed approach 
that an applicant might not identify any principal owners as being 
women or minorities but nonetheless could be a women- and/or minority-
owned business. This could occur, for example, if a white male owned 40 
percent of a business while three Asian women each owned 20 percent. 
Only the white male would be designated as a principal owner, but the 
business would be nonetheless both women-owned and minority-owned. 
While the Bureau acknowledges that some applicants could find this 
approach confusing, it is consistent with the statutory language in 
section 1071. To help mitigate against potential confusion, the Bureau 
has proposed that the questions regarding minority-owned business 
status and women-owned business status appear in the proposed sample 
data collection form before questions about the race, sex, and 
ethnicity of principal owners.
    The Bureau seeks comment on this proposed definition of a principal 
owner, including the proposal not to include individuals that only 
indirectly own 25 percent or more of an applicant's equity interests as 
principal owners. The Bureau requests comment on whether additional 
clarification on any aspect of the proposed definition is needed.
102(p) Small Business
    Proposed Sec.  1002.102(p) would refer to proposed Sec.  
1002.106(b) for a definition of the term ``small business.'' See the 
section-by-section analysis of proposed Sec.  1002.106(b) for a 
detailed discussion of that definition.
102(q) Small Business Lending Application Register
    Proposed Sec.  1002.102(q) would define the term ``small business 
lending application register'' or ``register'' as the data reported, or 
required to be reported, annually pursuant to proposed Sec.  1002.109. 
The Bureau did not include a definition of small business lending 
application register in the SBREFA Outline, though it did address 
proposals under consideration for compiling, maintaining, and reporting 
1071 data to the Bureau.\323\ See the section-by-section analysis of 
proposed Sec.  1002.109 for a detailed discussion of the proposed 
rule's provisions addressing reporting data to the Bureau, including 
feedback received from SERs and other stakeholders on that subject. The 
Bureau's proposed definition refers only to the data that is reported, 
or required to be reported, annually; it does not refer to the data 
required to be collected and maintained (prior to reporting).\324\
---------------------------------------------------------------------------

    \323\ SBREFA Outline at 39.
    \324\ In contrast, the term ``Loan/Application Register'' in 
Regulation C Sec.  1003.2(k) refers to both the record of 
information required to be collected pursuant to Sec.  1003.4 as 
well as the record submitted annually or quarterly, as applicable, 
pursuant to Sec.  1003.5(a).
---------------------------------------------------------------------------

    The Bureau seeks comment on its proposed definition of ``small 
business lending application register'' or ``register'' in proposed 
Sec.  1002.102(q).
102(r) State
    Proposed Sec.  1002.102(r) would refer to existing Sec.  1002.2(aa) 
for a definition of the term ``State.'' Existing Sec.  1002.2(aa) 
defines the term as any State, the District of Columbia, the 
Commonwealth of Puerto Rico, or any territory or possession of the 
United States. The Bureau did not include a definition of State in the 
SBREFA Outline nor did it receive any feedback on the term from SERs. 
This proposed definition of State would be consistent with existing 
Regulation B and familiar to financial institutions.
    The Bureau seeks comment on its proposed approach to this 
definition.
102(s) Women-Owned Business
Background
    ECOA section 704B(b)(1) requires financial institutions to inquire 
whether applicants for credit are women-owned businesses. For purposes 
of the financial institution's inquiry under 704B(b), 704B(h)(5) 
defines a business as a women-owned business if (A) more than 50 
percent of the ownership or control is held by one or more women, and 
(B) more than 50 percent of the net profit or loss accrues to one or 
more women.

[[Page 56396]]

Section 1071 does not expressly define the related terms of 
``ownership'' or ``control,'' nor does it describe what it means for 
net profits or losses to accrue to an individual.
SBREFA Proposal Under Consideration and Feedback Received
    In the SBREFA Outline, the Bureau stated that it was considering 
proposing use of the statutory definition of a ``women-owned business'' 
(as set forth above) with further clarification of the terms 
``ownership'' and ``control'' using concepts set forth in the CDD 
rule.\325\
---------------------------------------------------------------------------

    \325\ SBREFA Outline at 18-19.
---------------------------------------------------------------------------

    Some SERs expressed concerns with certain aspects of the statutory 
definition of women-owned business, asserting that the definition could 
cause confusion or pose particular complexities.\326\ Several SERs and 
some other stakeholders providing feedback on the SBREFA Outline asked 
that the definition of women-owned business be revised to align with 
the definition used by other agencies, such as the SBA and the CDFI 
Fund. Some SERs as well as some other commenters expressed concern that 
a business that is owned equally by a woman and a man would not be a 
``women-owned business'' under the statutory definition of women-owned 
business because the woman would not own ``more than 50 percent'' of 
the business and the woman might not control more than 50 percent of 
the business. These SERs and other commenters recommended that the 
Bureau instead use a ``50 percent or more'' threshold for ownership or 
control as the standard. Conversely, two SERs and several other 
stakeholders supported using the statutory definition of women-owned 
business, including the ``more than 50 percent'' portion of the 
definition.
---------------------------------------------------------------------------

    \326\ The SER feedback discussed in this section-by-section 
analysis can be found in the SBREFA Panel Report at 22.
---------------------------------------------------------------------------

    A number of SERs recommended that the Bureau simplify the 
definition to ensure it is understandable to small business applicants 
and to thereby facilitate consistent data collection. SERs' suggestions 
included eliminating the portion of the definition that refers to 
accrual of net profit and loss, eliminating the portion of the 
definition that refers to control, and providing a simplified and 
standardized definition.
    Several SERs supported using the concepts of ownership and control 
in the CDD rule when defining women-owned business; one SER said that 
doing so would be logical and efficient, while another said it would 
create regulatory consistency and ease compliance burden. One SER said 
that most credit unions are familiar with the CDD rule. Generally, 
other commenters supported use of the CDD concepts to clarify the terms 
``ownership'' and ``control.'' They stated that small business 
applicants are familiar with the concepts in the CDD rule or that they 
appreciated the consistency with existing regulatory requirements. 
However, one trade association commenter thought the Bureau should 
provide simplified applicant-facing materials without clarifying the 
definition, and two other stakeholders suggested that applicants might 
not be familiar with the CDD rule or may not understand the CDD rule.
    The SBREFA Panel recommended seeking comment on potential 
interpretations of the definition of women-owned business to clarify 
the term and to ensure that small business applicants would be able to 
understand questions asking if they are a women-owned business.\327\
---------------------------------------------------------------------------

    \327\ Id. at 44.
---------------------------------------------------------------------------

Proposed Rule
    Proposed Sec.  1002.102(s) would define a women-owned business as a 
business for which more than 50 percent of its ownership or control is 
held by one or more women, and more than 50 percent of its net profits 
or losses accrue to one or more women. This definition is consistent 
with ECOA section 704B(h)(6) and the Bureau's proposal under 
consideration in the SBREFA Outline.
    Proposed comment 102(s)-1 would explain that a business must 
satisfy both prongs of the definition to be a women-owned business--
that is, (A) more than 50 percent of the ownership or control is held 
by one or more women, and (B) more than 50 percent of the net profits 
or losses accrue to one or more women.
    Proposed comment 102(s)-2 would clarify that the definition of 
women-owned business is used only when an applicant determines if it is 
a women-owned business for purposes of proposed Sec.  1002.107(a)(19). 
A financial institution would provide the definition of women-owned 
business when asking the applicant to provide women-owned business 
status pursuant to proposed Sec.  1002.107(a)(19), but a financial 
institution would not be permitted or required to make its own 
determination regarding whether an applicant is a women-owned business 
for this purpose.
    Proposed comment 102(s)-3 would further note that a financial 
institution would be permitted to assist an applicant when determining 
whether it is a women-owned business but would not be required to do 
so, and could provide the applicant with the definitions of ownership, 
control, and accrual of net profits or losses set forth in proposed 
comments 102(s)-4 through -6. Additionally, for purposes of reporting 
an applicant's women-owned business status, a financial institution 
would rely on the applicant's determinations of its ownership, control, 
and accrual of net profits and losses.
    Consistent with the approach during the SBREFA process, the Bureau 
is proposing to clarify ``ownership'' and ``control'' using concepts 
from the CDD rule. Proposed comment 102(s)-4 would clarify that a 
natural person owns a business if that natural person directly or 
indirectly, through any contract, arrangement, understanding, 
relationship or otherwise, has an equity interest in the business. 
Proposed comment 102(s)-4 would also provide examples of ownership and 
clarify that, where applicable, ownership would need to be traced or 
followed through corporate or other indirect ownership structures for 
purposes of proposed Sec. Sec.  1002.102(s) and 1002.107(a)(19). 
Proposed comment 102(s)-5 would clarify that a natural person controls 
a business if that natural person has significant responsibility to 
manage or direct the business and would provide examples of natural 
persons who control a business. Proposed comment 102(s)-6 would clarify 
that a business's net profits and losses accrue to a natural person if 
that natural person receives the net profits, is legally entitled or 
required to receive the net profits or losses, or is legally entitled 
or required to recognize the net profits or losses for tax purposes.
    The Bureau believes many small business applicants already respond 
to questions about who owns and who controls a business entity when 
completing CDD forms or otherwise responding to questions related to 
the CDD rule and would be familiar with the concepts in the CDD rule. 
Because the CDD rule does not address the second prong of the 
definition in ECOA section 704B(h)(6) (regarding accrual of net profit 
or loss), the Bureau is proposing in comment 102(s)-4 that this prong 
of the definition be defined to mean that one or more women must 
receive or be legally entitled to receive the net profits or losses or 
that one or more women must be legally required to recognize the net 
profits or losses. However, the Bureau shares some SERs' concerns that 
the statutory definition of women-owned business might, in some cases, 
be difficult for applicants to

[[Page 56397]]

understand, which could in turn jeopardize the accuracy of reported 
data. Thus, consistent with the SBREFA Panel's recommendation, the 
Bureau seeks comment on the proposed definition of women-owned business 
and possible alternatives that may clarify the term in order to help 
ensure that small business applicants can determine whether they are a 
women-owned business for purposes of section 1071 data collection.
Section 1002.103 Covered Applications
    ECOA section 704B(b) requires that financial institutions collect, 
maintain, and report to the Bureau certain information regarding ``any 
application to a financial institution for credit.'' For covered 
financial institutions, the definition of ``application'' will trigger 
data collection and reporting obligations with respect to covered 
credit transactions. However, section 1071 does not expressly define 
``application.''
    The Bureau is proposing Sec.  1002.103 to define what is, and is 
not, a covered application for purposes of subpart B pursuant to its 
authority in ECOA section 704B(g)(1) to prescribe such rules and issue 
such guidance as may be necessary to carry out, enforce, and compile 
data pursuant to section 1071. Proposed Sec.  1002.103(a) would provide 
a general definition of the term ``covered application,'' followed by a 
list of the circumstances that are not covered applications in proposed 
Sec.  1002.103(b).
103(a) Covered Application
SBREFA Proposal Under Consideration and Feedback Received
    In the SBREFA Outline, the Bureau stated it was considering 
defining an ``application'' largely consistent with the definition of 
that term in existing Sec.  1002.2(f)--i.e., ``an oral or written 
request for an extension of credit that is made in accordance with 
procedures used by a creditor for the type of credit requested.''\328\ 
The Bureau considered possible alternative definitions of 
``application,'' including defining the term by using the definition of 
the term ``completed application'' in existing Sec.  1002.2(f) (when 
``a creditor has received all the information that the creditor 
regularly obtains and considers in evaluating applications for the 
amount and type of credit requested . . . ''). The Bureau also 
considered defining ``application'' as particular documents or specific 
data points that, if collected, would trigger a duty to collect and 
report data.
---------------------------------------------------------------------------

    \328\ SBREFA Outline at 22-23.
---------------------------------------------------------------------------

    SERs discussed their varied methods of defining what constitutes an 
``application'' within their institutions.\329\ Many SERs define an 
application as the point when there is enough information to make a 
credit decision. Several SERs define an application as meeting the 
requirements of a checklist, stating that obtaining all the information 
and satisfying due diligence can take a long time. Other SERs define an 
application as the submission of specific data or documents, or 
obtaining sufficient information about the borrower to pull a credit 
report. One SER explained that their in-person application process is 
iterative, not readily definable, and unique for each applicant. The 
SER also explained that a single underwriting process could be used at 
their financial institution for multiple loans requested throughout the 
year.
---------------------------------------------------------------------------

    \329\ The SER feedback discussed in this section-by-section 
analysis can be found in the SBREFA Panel Report at 24.
---------------------------------------------------------------------------

    Several SERs supported using the definition of ``application'' in 
existing Sec.  1002.2(f). One of these SERs emphasized the importance 
of capturing data that may indicate potential discouragement of 
minority-owned businesses, including discouragement that could occur in 
advance of an application being submitted for underwriting. Another SER 
stated that using the definition in existing Sec.  1002.2(f) would be 
helpful for training purposes, rather than creating a wholly new 
definition for purposes of implementing section 1071. Many SERs urged 
the Bureau in an eventual 1071 rule to define an application as a 
completed application, that is, at the point when there is sufficient 
information to render a credit decision. One SER opposed using the 
definition of ``completed application,'' explaining that it would be 
too restrictive and less aligned with the purposes of section 1071. 
Another SER opposed use of the definition of application in existing 
Sec.  1002.2(f), explaining that in a ``relationship lending'' model, 
each small business application is unique.
    SERs expressed varying views on whether withdrawn and incomplete 
applications should be captured in the 1071 data. Some SERs felt 
incomplete applications should be captured in the 1071 data as a 
potential indicator of discouragement. One SER stated that small and 
unsophisticated businesses are more likely to leave an application 
incomplete. Another SER recommended not capturing incomplete 
applications, asserting that such data would not be informative or 
useful. Another SER expressed concern about whether incomplete or 
withdrawn applications would include sufficient data for reporting.
    Other stakeholders also provided feedback on the definition of 
``application.'' The overwhelming majority of commenters, including 
both community groups and industry representatives, supported use of 
the definition of an ``application'' in existing Sec.  1002.2(f). 
Community groups, CDFIs, and a SER noted that use of the definition 
would further the purposes of 1071 by capturing applicants dissuaded 
from completing an application, potentially due to unlawful 
discouragement or other discrimination. Commenters highlighted research 
that minority-owned and women-owned businesses are disproportionately 
discouraged from applying for credit and the frequency of 
discrimination during the pre-application stage. One commenter stated 
that the definition could better identify barriers to credit, 
consistent with the community development purpose of section 1071. 
Other commenters, including many industry commenters, stated that 
financial institutions are familiar with the definition in existing 
Sec.  1002.2(f), and so use of this definition would reduce burden by 
minimizing the need for additional training or different procedures. 
Several commenters also stated that using the definition in existing 
Sec.  1002.2(f) is appropriate given that section 1071 amends ECOA, 
which is implemented by existing Regulation B. One industry commenter 
also highlighted the flexibility provided by the definition in existing 
Sec.  1002.2(f).
    Although supportive of using the definition in existing Sec.  
1002.2(f) for the 1071 rule, several industry commenters sought further 
clarification or illustrations of the definition given considerable 
variations in practices among financial institutions. One commenter 
suggested a safe harbor that allows a financial institution to define 
what constitutes an ``application.'' One industry trade representative 
expressed that many of its members have no formal ``application'' and 
so attempts to leverage existing definitions or stages to define an 
application would be unfamiliar to their members and could create an 
inflexible process.
    Several industry commenters supported triggering section 1071 data 
collection and reporting based on the ``completed application'' 
definition in existing Sec.  1002.2(f) and stated that the Bureau 
should not require data collection on withdrawn and incomplete 
applications. These commenters stated that using a

[[Page 56398]]

``completed application'' definition would provide more complete and 
meaningful data, more uniformity across products and lenders, and 
conserve resources that would otherwise be required to gather missing 
data points on incomplete or withdrawn applications. One commenter 
stated that collection of data on incomplete applications would not 
further section 1071's purposes or reflect potential discrimination, 
but rather would merely represent borrower confusion in the application 
process. One commenter suggested using a defined set of criteria to 
define an ``application.''
    Several SERs and other stakeholders also provided comments on 
applicant requests for more than one product at the same time. For 
example, in connection with the application/loan number data point 
(referred to in this proposal as the unique identifier data point), one 
SER stated that if an applicant requests more than one type of credit 
product, a separate application/loan number is assigned to each product 
request. In contrast, other SERs indicated they use a single 
application number even if multiple products are requested. Among other 
stakeholders, some commenters supported reporting separate applications 
in instances where the applicant requests multiple covered credit 
transactions at the same time, while others supported requiring 
reporting of only one application. One commenter suggested that the 
Bureau should accommodate both approaches. Another commenter remarked 
that if a business is applying for multiple products, the basic 
information is going to be the same, the only difference being that 
only one product is funded. This same commenter suggested that if these 
requests are reported as multiple applications, that will overinflate 
the data.
    Relatedly, two SERs discussed the issue of multiple extensions of 
credit resulting from a single application. One of these SERs explained 
that such multiple extensions of credit are assigned separate 
application/loan numbers at their financial institution. The other SER 
suggested that reporting in this situation will be complex, and that 
combining the separate loans that could result into a single reporting 
line would be extremely difficult.
    The SBREFA Panel recommended that, if the Bureau proposes using the 
Regulation B definition of the term ``application''\330\ for 1071 data 
collection, the Bureau consider clarifying when a completed 
application--i.e., an application sufficient to make a credit 
decision--falls within the proposed definition of the term 
``application.'' \331\ The SBREFA Panel further recommended the Bureau 
seek comment on the benefits and costs of collecting 1071 data on 
incomplete or withdrawn applications.\332\ Finally, with respect to 
lines of credit, the SBREFA Panel recommended (in the context of the 
loan/credit type and loan/credit purpose data points) that the Bureau 
seek comment on how financial institutions currently handle increases 
in lines of credit and how best to require reporting of multiple lines 
of credit within the same account.\333\
---------------------------------------------------------------------------

    \330\ 12 CFR 1002.2(f).
    \331\ SBREFA Panel Report at 45.
    \332\ Id.
    \333\ Id.
---------------------------------------------------------------------------

Proposed Rule
    The Bureau is proposing to define a covered application in Sec.  
1002.103(a) as an oral or written request for a covered credit 
transaction that is made in accordance with procedures used by a 
financial institution for the type of credit requested. This proposed 
definition of ``covered application'' is consistent with the definition 
of ``application'' that the Bureau said it was considering proposing in 
the SBREFA Outline.\334\ As noted above, the term ``application'' is 
undefined in section 1071. The Bureau believes its proposed definition 
of the term is reasonable, particularly as it aligns with the 
definition of ``application'' in existing Sec.  1002.2(f). The Bureau 
is also proposing commentary to accompany this definition. 
Circumstances that are not covered applications are addressed in the 
section-by-section analysis of proposed Sec.  1002.103(b) below. 
Pursuant to ECOA section 704B(b)(1), an ``application'' triggering data 
collection and reporting obligations occurs without regard to whether 
such application is received in person, by mail, by telephone, by 
electronic mail or other form of electronic transmission, or by any 
other means.
---------------------------------------------------------------------------

    \334\ SBREFA Outline at 22-23.
---------------------------------------------------------------------------

    Several SERs and a majority of other commenters supported use of 
this definition, noting that it best aligns with the purposes of 
section 1071 and is familiar to creditors. The Bureau agrees with 
certain SERs and other commenters that incomplete and withdrawn 
applications--which would generally be captured under proposed Sec.  
1002.103(a)--are essential to the purposes of section 1071 as a tool to 
identify potential discrimination (including through discouragement) 
and to better understand the credit market. The definition of ``covered 
application'' in proposed Sec.  1002.103(a), which is similar to the 
definition of ``application'' in existing Sec.  1002.2(f), is also 
familiar to creditors and provides flexibility to accommodate different 
application processes described by the SERs (including written and oral 
applications; online and relationship lending models; and use of 
standard forms, checklists, and other minimum requirements).\335\ 
Finally, the Bureau believes this approach strikes an appropriate 
balance by triggering 1071 collection and reporting requirements only 
after there is a request for credit (using procedures defined by the 
financial institution), but still early enough in the process to 
capture most incomplete, withdrawn, and denied applications.
---------------------------------------------------------------------------

    \335\ Business creditors should be familiar with 
operationalizing this definition based on their experience providing 
adverse action notices under existing Regulation B, which can be 
triggered in relation to an incomplete application. See Sec.  
1002.9(a)(1) and (c) (requiring notice within 30 days after taking 
adverse action on an incomplete application or 30 days after 
receiving an incomplete application). Financial institutions may 
also be familiar with Regulation C's definition of ``application,'' 
which aligns with existing Sec.  1002.2(f)'s definition of the term. 
See Sec.  1003.2(b) (generally defining an ``application'' as ``an 
oral or written request for a covered loan that is made in 
accordance with procedures used by a financial institution for the 
type of credit requested''); see also Regulation C comment 2(b)-1 
(noting that Bureau interpretations that appear in the official 
commentary to Regulation B are generally applicable to the 
definition of application under Regulation C).
---------------------------------------------------------------------------

    The Bureau recognizes that the proposed definition of ``covered 
application'' in Sec.  1002.103(a), while flexible, would mean that 
1071 data collection and reporting may be triggered at different times 
for different financial institutions and different types of covered 
credit transactions. For example, for a financial institution that 
defines an application under its procedures as the submission of a 
standard form either online or in-person, a ``covered application'' 
would be triggered when an applicant submits the form. In contrast, 
another financial institution may not use a standard form and instead 
define an application as a request for credit and authorization to pull 
a credit check on the business and principal owners. In that 
circumstance, a ``covered application'' under proposed Sec.  
1002.103(a) would not be triggered until that process is satisfied. 
Using the same example, if the financial institution orally collects 
certain information from a prospective applicant (such as gross annual 
revenue and business location) and discusses with the prospective 
applicant potential credit product options offered by the

[[Page 56399]]

financial institution, no ``covered application'' would be triggered 
until the prospective applicant indicates that it wants to proceed to 
apply for credit and authorizes the financial institution to pull a 
credit check. Similarly, if a prospective applicant merely expresses 
interest in obtaining credit--not yet focusing on any particular type 
of covered credit transaction and not submitting a ``covered 
application''--the interaction also would not be reportable. While the 
proposed definition of ``covered application'' does not provide a 
bright-line rule, the Bureau believes the proposed definition would be 
familiar to financial institutions and provide consistency with 
existing Regulation B and Regulation C.
    During SBREFA, SERs asked the Bureau to clarify when an application 
sufficient to make a credit decision would align with an 
``application'' triggering 1071 collection and reporting requirements. 
Accordingly, the Bureau notes that a ``covered application'' may align 
with the information necessary to make a credit decision or it may be 
possible to have a ``covered application'' before having information 
necessary to make a credit decision--it depends on each financial 
institution's own procedures. For example, suppose a financial 
institution defines an application under its procedures as the point 
when an applicant, or someone on the applicant's behalf, fills out 
certain key pieces of information on an application form. If the 
financial institution's process is to immediately transmit the 
application to underwriting for a decision once the form is submitted, 
1071 collection and reporting would likely be triggered at the same 
time there is sufficient information to make a credit decision. On the 
other hand, if the financial institution requires additional 
verification of documents and follow-up requests before submitting the 
loan file to underwriting, the financial institution would likely have 
a ``covered application'' before it has sufficient information to make 
a credit decision.
    Proposed comment 103(a)-1 would underscore that a financial 
institution has latitude to establish its own application process or 
procedure and to decide the type and amount of information it will 
require from applicants. Proposed comment 103(a)-2 would explain that 
the term ``procedures'' refers to the actual practices followed by a 
financial institution as well as its stated application procedures, and 
provides an example. Because the definition of ``covered application'' 
is based on a financial institution's actual practices, a financial 
institution should have little incentive to attempt to artificially 
define an ``application'' in its written procedures as occurring later 
in the process; for example, if a financial institution has near a 100 
percent approval rate because all ``applications'' have already been 
vetted earlier in the process, the financial institution's stated 
definition of an application likely does not reflect its actual 
practices. Proposed comment 103(a)-3 would provide that the commentary 
accompanying existing Sec. Sec.  1002.2(f) and 1002.9 is generally 
applicable to the proposed definition of ``covered application,'' 
except as provided otherwise in proposed Sec.  1002.103(b).
    Proposed comments 103(a)-4 through -6 would address how a financial 
institution reports multiple covered credit transaction requests at one 
time or a request for a credit transaction that results in the 
origination of multiple covered credit transactions. Proposed comment 
103(a)-4 would provide that if an applicant makes a request for two or 
more covered credit transactions at one time, the financial institution 
reports each request for a covered credit transaction as a separate 
covered application. The Bureau believes the proposed approach would 
further the purposes of section 1071 by better capturing demand for 
credit, including demand for different covered credit transactions at 
the same time. The Bureau also believes that the simplicity of this 
approach would reduce data reporting errors compared to potential 
alternatives, for example, alternatives in which the financial 
institution may sometimes report such requests as a single covered 
application or, in other circumstances, as multiple covered 
applications. Finally, the Bureau believes that concerns about 
duplicative information requests would be mitigated by permitting 
financial institutions to reuse certain previously collected data, as 
set forth in proposed Sec.  1002.107(c)(2). In response to SERs' 
feedback, proposed comment 103(a)-5 would address the circumstance 
where an initial request for a single covered credit transaction 
results in the origination of multiple covered credit transactions. 
Similarly, in response to the SBREFA Panel's recommendations, proposed 
comment 103(a)-6 would address requests for multiple lines of credit at 
one time, proposing that such requests would be reported based on the 
procedures used by the financial institution for the type of credit 
account.
    Proposed comment 103(a)-7 would address how a financial institution 
would report applications where there is a change in whether the 
applicant is requesting a covered credit transaction. If the applicant 
initially requests a covered credit transaction, but during the 
application process is offered and accepts instead a product that is 
not reportable, the Bureau is proposing to designate this circumstance 
as not a covered application, due in part to concerns that reporting in 
this scenario could affect data quality. For example, reporting on 
product types that are not covered credit transactions (for example, 
leases) could raise data quality questions if there are not appropriate 
fields to capture the terms of those transactions. Despite these 
concerns, the Bureau is also considering whether capturing such 
transactions in the 1071 data could be useful to identifying potential 
steering or other forms of discrimination, therefore furthering the 
purposes of section 1071. As noted below, the Bureau seeks comment on 
whether to require full or limited reporting in these circumstances. If 
an applicant initially requests a product that is not a covered credit 
transaction, but during the application process decides to seek instead 
a product that is a covered credit transaction, the application is a 
covered application and must be reported.
    The Bureau seeks comment on its proposed definition of a covered 
application in Sec.  1002.103(a) and associated commentary. The Bureau 
also seeks comment on the advantages and disadvantages of collecting 
data on incomplete or withdrawn applications, as well as how collection 
would or would not further the purposes of section 1071. In addition, 
the Bureau seeks comment on reporting of multiple lines of credit on a 
single credit account, including how financial institutions internally 
consider multiple lines of a credit on a single account and the 
Bureau's proposed approach in comment 103(a)-6.
    As noted above, the Bureau also seeks comment on how a financial 
institution should report applications where there is a change in 
whether the request for credit involves a covered credit transaction. 
Specifically, the Bureau seeks comment on the advantages and 
disadvantages of requiring full or limited reporting where an applicant 
initially seeks a product that is a covered credit transaction, but 
ultimately is offered and accepts a product that is not reportable. For 
example, whether in those circumstances the financial institution 
should report limited data points related to the transaction (such as 
whether the applicant is a small business; whether the applicant is a 
women-owned business or a minority-owned business;

[[Page 56400]]

the principal owners' race, sex, and ethnicity; number of principal 
owners; gross annual revenue; and loan type reported as ``Non-
reportable credit product'' or something similar). The Bureau is 
particularly interested in receiving comments on the utility of such 
data to identify potential steering or other forms of discrimination, 
the effect on data quality, and other factors related to the purposes 
of section 1071.
Alternatives Considered
    The Bureau considered several other options for defining 
``application.'' First, the Bureau considered triggering 1071 
collection and reporting based on a ``completed application,'' which is 
defined in existing Sec.  1002.2(f) as an application in which the 
creditor has received ``all the information that the creditor regularly 
obtains and considers'' in evaluating similar products. The Bureau is 
not proposing to use the definition of ``completed application'' in 
existing Sec.  1002.2(f) for its definition of covered application in 
subpart B, as doing so would exclude incomplete applications and many 
withdrawn applications that may reflect demand for credit and potential 
discrimination during the application process. While some commenters 
noted that use of this definition would provide uniformity in the data 
across financial institutions and product types, the Bureau is 
concerned about the loss of data on incomplete and withdrawn 
applications. Although some commenters suggested that the ``completed 
application'' definition could result in more accurate and complete 
data because it is collected later in the application process, the 
Bureau believes that this benefit can largely be obtained under the 
current proposal by requiring financial institutions to report, where 
available, verified applicant-provided information, as set forth in 
proposed Sec.  1002.107(b). Although some SERs and other stakeholders 
urged the Bureau to define an application based on when there is 
sufficient information to render a credit decision, as pointed out by 
another SER, such a definition may not be as effective in furthering 
the purposes of 1071. For example, it would capture few to no 
incomplete applications and a smaller share of withdrawn applications. 
Moreover, as discussed above, in certain situations--depending on a 
financial institution's application procedures--the definition of a 
covered application in proposed Sec.  1002.103(a) may align with the 
point where there is enough information to render a credit decision.
    The Bureau also considered defining ``covered application'' as a 
set of specific data points that, if collected, would trigger a duty to 
collect and report 1071 data. The Bureau is not proposing this approach 
for a few reasons. First, this approach would introduce another 
regulatory definition of ``application,'' \336\ which could cause 
confusion and hinder compliance. Second, this approach could require 
financial institutions to alter their existing practices, resulting in 
burden. Third, this approach could lead some financial institutions to 
intentionally delay the gathering of one or more data points until 
after a credit decision was made in order to avoid triggering 1071 
obligations. Last, this approach may be difficult to execute given that 
financial institutions use different data points in underwriting based 
on product type, lending model, exposure, and other factors.
---------------------------------------------------------------------------

    \336\ Although certain regulations define an ``application'' as 
a set of specific data points (e.g., name, income, property address, 
estimated property value, etc.), many of the data points in those 
regulations are specific to the mortgage context and would not be 
applicable to small business lending. These regulations also do not 
relate to data collection. See, e.g., Regulation X Sec.  1024.2(b) 
and Regulation Z Sec.  1026.2(a)(3).
---------------------------------------------------------------------------

103(b) Circumstances That Are Not Covered Applications
SBREFA Proposal Under Consideration and Feedback Received
    In the SBREFA Outline, the Bureau stated it was considering 
clarifying circumstances that would not be reportable under section 
1071, even if certain of those circumstances would otherwise be 
considered an ``application'' under existing Sec.  1002.2(f). 
Specifically, those circumstances were: (1) Inquiries/
prequalifications; (2) reevaluation, extension, and renewal requests, 
except requests for additional credit amounts; and (3) solicitations 
and firm offers of credit.\337\
---------------------------------------------------------------------------

    \337\ SBREFA Outline at 22-24.
---------------------------------------------------------------------------

    Reevaluation, extension, or renewal requests on an existing 
business credit account, unless the request seeks additional credit 
amounts. Several SERs supported the Bureau's proposal under 
consideration to exclude renewals unless additional credit is 
requested; one SER also supported excluding solicitations.\338\ Several 
SERs urged the Bureau to exclude line increases as a distinct type of 
application, explaining that financial institutions may not require a 
new application for such requests and that underwriting a line increase 
request is substantively distinct from underwriting a request for new 
credit because a line increase extensively relies on past performance 
data and prior relationships. Due to these differences, one SER 
suggested that including line increases may skew 1071 data, causing 
misinterpretations. The SBREFA Panel recommended the Bureau seek 
comment on whether to include line increases as a separate reportable 
application.\339\ The SBREFA Panel also recommended that the Bureau 
seek comment on how financial institutions currently handle increases 
in lines of credit.\340\
---------------------------------------------------------------------------

    \338\ The SER feedback discussed in this section-by-section 
analysis can be found in the SBREFA Panel Report at 24-25.
    \339\ Id. at 45-46.
    \340\ Id.
---------------------------------------------------------------------------

    A number of other industry stakeholders also supported the Bureau's 
proposal under consideration to exclude reevaluations, extensions, and 
renewal requests (except requests for additional credit amounts). The 
commenters stated that such collection would be duplicative since 
financial institutions would also be reporting data on the original 
application (perhaps in the same reporting year). The commenters also 
noted that extension requests are often short term and granted without 
a full application process, that requiring reporting could lead to 
fewer financial institutions offering extensions due to the added 
collection and reporting burden (particularly for open-ended credit), 
and that providing an exemption would be consistent with HMDA 
reporting. One commenter sought exclusion of rate adjustments. 
Community group commenters opposed exclusion of reevaluations, 
renewals, and extensions.
    Several industry commenters opposed 1071 collection and reporting 
on reevaluations, extensions, or renewals that seek additional credit 
amounts. These commenters stated that 1071 collection and reporting 
should focus on data collected at the time of origination, that 
collecting data repeatedly from the same borrowers would add burden, 
and that collecting data for line increases would make it difficult for 
financial institutions to provide timely approvals. One commenter 
suggested only reporting on additional credit amounts if the original 
note is replaced. Other industry commenters--while not explicitly 
opposing such collection--suggested the Bureau further consider whether 
increases or renewals with additional credit amounts should be an 
``application'' for purposes of the rule. The commenters noted that 
such increases/renewals are typically more streamlined than a standard 
application given the financial institution already has the applicant's 
information in its possession, and that the Bureau should carefully 
balance burden (which could

[[Page 56401]]

affect how such requests could be processed) with benefit (obtaining 
additional data on the same applicant). One industry representative 
supported collection on requests that include additional credit 
amounts. Another commenter sought clarification on what would be 
reported in such circumstances: The newly advanced funds or the entire 
outstanding amount.
    Inquiries and prequalification requests. Several SERs urged the 
Bureau not to require reporting on prequalifications or inquiries. 
These SERs explained that they encounter a high number of inquiries 
from rate shoppers asking about qualification requirements and 
potential rates, many of which are abandoned or otherwise do not 
progress to a completed application.\341\ A significant number of other 
industry commenters also supported the Bureau's proposal under 
consideration to exclude inquiries and prequalifications. These 
commenters noted that such inquiries could include countless informal 
interactions that would be difficult to collect in a consistent manner 
and that may lead to misleading or erroneous data. The commenters also 
stated that collection would be duplicative and impose significant 
burden without countervailing benefits. Community group commenters 
expressed support for collecting data on inquiries and 
prequalifications to identify discrimination that occurs before an 
application is submitted.
---------------------------------------------------------------------------

    \341\ Id. at 24-25.
---------------------------------------------------------------------------

    Solicitations and firm offers of credit. A number of industry 
commenters supported exclusion of solicitations and firm offers of 
credit. One commenter noted that excluding such data would avoid 
duplicative steps and be consistent with the purposes of section 1071.
Proposed Rule
    Proposed Sec.  1002.103(b) would identify certain circumstances 
that are not covered applications--even if they otherwise would be 
considered an application under existing Sec.  1002.2(f). Specifically, 
the Bureau is proposing that a covered application does not include (1) 
reevaluation, extension, or renewal requests on an existing business 
credit account, unless the request seeks additional credit amounts; and 
(2) inquiries and prequalification requests. As discussed below, 
solicitations and firm offers of credit would also not be ``covered 
applications'' under the proposed definition. The Bureau is also 
proposing comments 103(b)-1 through -5 to provide additional guidance 
and examples of circumstances that do and do not trigger 1071 
collection and reporting as a covered application. For example, 
proposed comment 103(b)-4 clarifies that the term ``covered 
application'' does not include evaluations or reviews of existing 
accounts initiated by the financial institution.
    Reevaluation, extension, or renewal requests on an existing 
business credit account, unless the request seeks additional credit 
amounts. The Bureau is proposing to exclude from the definition of a 
``covered application'' requests by borrowers to modify the terms or 
duration of an existing extension of credit, other than (as explained 
below) requests for additional credit amounts. The Bureau believes that 
requests to modify the terms or duration of an existing extension of 
credit, which occur with high frequency in the small business lending 
space, may add complexity and burden for financial institutions, while 
potentially providing limited additional information relevant to the 
purposes of section 1071. Moreover, broadly including requests to 
modify the terms or duration of existing extensions of credit might 
affect the quality of the data absent additional flags to distinguish 
the transactions from new originations. The Bureau is also concerned 
about the impact of adding 1071 collection and reporting requirements 
to what are otherwise streamlined evaluations, particularly given the 
limited additional data that would be gained from such reporting. The 
Bureau also notes that Regulation C takes a similar approach by 
excluding reporting of loan modifications.\342\
---------------------------------------------------------------------------

    \342\ See Regulation C comment 2(d)-2.
---------------------------------------------------------------------------

    In contrast, the Bureau is not proposing to exclude requests for 
additional credit amounts (such as line increases or new money on 
existing facilities). That is, reporting would be required for requests 
for additional credit amounts. The Bureau believes that capturing 
requests for additional credit amounts will further the purposes of 
section 1071, particularly the community development purpose, as it 
would more accurately capture demand for credit. Although several SERs 
and other commenters opposed reporting on new credit amounts--due to 
the potentially streamlined nature of such reviews (which may differ 
from underwriting of new applications) and concerns about duplicative 
reporting--the Bureau believes these factors do not outweigh the 
potential community development benefits of reporting and collection. 
Moreover, the Bureau believes that concerns about duplicative reporting 
would be mitigated by proposed Sec.  1002.107(c)(2), which would permit 
a financial institution to reuse certain data points under certain 
circumstances. In addition, under proposed Sec.  1002.107(a)(7) and 
(8), when reporting a covered application that seeks additional credit 
amounts on an existing account, the financial institution would only 
report the additional credit amount sought (and approved or originated, 
as applicable), and not the entire credit amount extended. A request to 
withdraw additional credit amounts at or below a previously approved 
credit limit amount on an existing open-end line of credit would not be 
a covered application as the request falls within the terms of a 
previously approved covered credit agreement.
    Inquiries and prequalification requests. Existing Regulation B 
recognizes that before a consumer or business requests credit in 
accordance with the procedures used by a creditor for the type of 
credit requested, a creditor may provide a prospective applicant with 
information about credit terms. Existing Regulation B comments 2(f)-3 
and 9-5 refer to these situations as inquiries and prequalification 
requests. Generally, an inquiry occurs when a consumer or business 
requests information about credit terms offered by a creditor; a 
prequalification request generally refers to a request by a consumer or 
business for a preliminary determination on whether the prospective 
applicant would likely qualify for credit under a creditor's standards 
or for what amount.\343\ Under existing Regulation B comments 2(f)-3 
and 9-5, an inquiry or prequalification request may become an 
``application'' that triggers adverse action notification requirements 
if the creditor evaluates information about the consumer or business, 
decides to decline the request, and communicates this to the consumer 
or business; otherwise, such inquiries and prequalification requests 
are generally not considered applications under existing Regulation B. 
As explained in existing comment 2(f)-3,

[[Page 56402]]

whether the inquiry or prequalification request becomes an application 
depends on how the creditor responds to the consumer or business, not 
on what the consumer or business says or asks.
---------------------------------------------------------------------------

    \343\ See also Regulation C comment 2(b)-2 (describing 
prequalification requests). In addition, a preapproval as described 
in existing comment 2(f)-5.i of Regulation B is an example of an 
application under existing Regulation B. Under that comment, a 
preapproval occurs when a creditor reviews a request under a program 
in which the creditor, after a comprehensive analysis of an 
applicant's creditworthiness, issues a written commitment valid for 
a designated period of time to extend a loan up to a specified 
amount. If a creditor's program does not provide for giving written 
commitments, requests for preapprovals are treated as 
prequalification requests.
---------------------------------------------------------------------------

    Regulation C excludes all prequalification requests from HMDA 
reporting, even if the prequalification request becomes an application 
under existing Regulation B.\344\ Regulation C does not address 
reporting of inquiries more generally.
---------------------------------------------------------------------------

    \344\ See Regulation C comment 2(b)-2.
---------------------------------------------------------------------------

    The Bureau is proposing to exclude inquiries and prequalification 
requests as a ``covered application,'' even if the inquiry or 
prequalification request may become an ``application'' under existing 
Sec.  1002.2(f) that may trigger notification requirements. The Bureau 
agrees with SERs and other commenters that requiring data collection 
for all inquiries and prequalifications could create operational 
challenges given that such interactions may be voluminous and typically 
occur before a financial institution has the relevant data or processes 
in place for tracking requests for credit. The Bureau is likewise 
concerned that requiring the collection of 1071 data for these requests 
could pose data accuracy issues, given the often informal nature of 
these interactions, which may raise the risk of missing, unavailable, 
or erroneous data. In addition, reporting of inquiries and 
prequalifications could be duplicative if the applicant subsequently 
applies for credit in accordance with the procedures designated by the 
financial institution.
    The Bureau also has concerns about requiring reporting of inquiries 
and prequalification requests only in situations that would otherwise 
be treated as an ``application'' under existing Regulation B--i.e., 
when the financial institution evaluates information about the consumer 
or business, decides to decline the request, and communicates this to 
the consumer or business. The Bureau is concerned that the logistics of 
reporting an inquiry or prequalification only in certain 
circumstances--if the institution evaluates the information, declines 
the request, and communicates it to the business--would be 
operationally challenging for financial institutions and could lead to 
data distortion as only denials would be captured. In these 
circumstances, a financial institution may prefer reporting all 
inquiries and prequalifications, which could lead to some of the 
challenges identified above. The Bureau is also considering the market 
effects of requiring reporting only for certain inquiries and 
prequalification requests, including whether it would cause financial 
institutions to restrict such interactions or services.
    The Bureau, however, remains concerned about potential 
discrimination that may occur in these early interactions with a 
financial institution. In particular, the Bureau is concerned about 
excluding data on inquiries and prequalification requests when the 
financial institution evaluates information about a business and 
declines the request, which may be useful for identifying potential 
prohibited discouragement of or discrimination against applicants or 
prospective applicants.
    On balance, the Bureau believes it is appropriate to interpret 
``application'' as used in section 1071 to exclude inquiries and 
prequalification requests given the considerations identified above, 
including the timing and often informal nature of such interactions, 
the operational challenges of implementing such a definition, and 
related concerns about the reliability of the data.
    Although the Bureau is proposing to exclude inquiries and 
prequalification requests from the definition of ``covered 
application,'' the Bureau notes that the relevant analysis of whether 
an inquiry or prequalification request is reportable focuses on how the 
financial institution structures, processes, and responds to such 
requests, not what they are called. For example, if a financial 
institution has a formalized process to screen businesses requesting 
credit and deny those it considers ineligible, a request for credit 
that goes through that process may be a ``covered application,'' even 
if the financial institution labels the review a ``prequalification'' 
request or an ``inquiry.''
    The Bureau further notes that requests for credit that meet the 
proposed definition of ``covered application'' would be reportable, 
even if the application was preceded by an inquiry or prequalification 
request. For example, if a business initially seeks information about 
potential credit offerings, the financial institution responds, and 
then the business submits an application for a covered credit 
transaction following the financial institution's procedures, the 
application would be reportable. If, on the other hand, the business 
asks about potential credit offerings, but then chooses not to submit 
an application, there is no covered application.
    Finally, the Bureau notes that inquiries and prequalification 
requests where the institution evaluates the information, declines the 
request, and communicates it to the business or consumer, are 
``applications'' under existing Regulation B, and are thus subject to 
its requirements regarding ``applications,'' including its adverse 
action notification requirements and nondiscrimination provisions. In 
no way are the exclusions in proposed Sec.  1002.103(b) intended to 
repeal, abrogate, annul, impair, change, or interfere with the scope of 
the term application in existing Sec.  1002.2(f) as applicable to 
existing Regulation B.
    Solicitations and firm offers of credit. Proposed comment 103(b)-4 
would clarify that the term covered application does not include 
solicitations and firm offers of credit; like other reviews or 
evaluations initiated by the financial institution, these 
communications do not involve an applicant requesting credit, and so 
are not ``covered applications.'' Excluding solicitations and firm 
offers of credit is also consistent with the language of ECOA section 
704B(b)(1), which provides that an application in response to a 
solicitation by a financial institution could be an application under 
section 1071, but the text is silent on solicitations without any 
applicant response. Thus, consistent with the statutory language, a 
solicitation or firm offer of credit may become a ``covered 
application'' under the proposed definition if an applicant responds to 
the solicitation or offer by requesting a covered credit transaction.
    In conclusion and for the reasons identified above, the Bureau 
believes its proposed exclusion of inquiries and prequalification 
requests is reasonable. Similarly, the Bureau believes its proposed 
exclusion of reevaluation, extension, or renewal requests on an 
existing business credit account, unless the request seeks additional 
credit amounts, is a reasonable interpretation of an ``application'' as 
used in section 1071 for the reasons described above, including that 
the original extension of credit would be collected and reported and 
further reporting would yield limited additional data. The Bureau also 
believes its proposed treatment of solicitations and firm offers of 
credit is a reasonable interpretation of an ``application'' as used in 
section 1071, as discussed above.
    The Bureau seeks comment on its proposed definition of a covered 
application in Sec.  1002.103(b) and associated commentary. The Bureau 
also seeks comment on whether instead to define a ``covered 
application,'' consistent with existing Regulation B, to include 
inquiries or prequalification requests where the financial institution 
evaluates information about the business, decides to decline the 
request,

[[Page 56403]]

and communicates this to the business. Related to this alternative 
approach, the Bureau further seeks comment on whether additional data 
fields may be necessary in order to distinguish prequalification 
requests and inquiries from other reported applications. In addition, 
if the Bureau were to require reporting of declined inquiries or 
prequalification requests (as described above), the Bureau seeks 
comment on whether financial institutions would want the option to 
report all prequalification requests and inquiries, to allow for a 
comparison with denials.
    In addition, the Bureau seeks comment on whether, alternatively, to 
define a ``covered application'' consistent with Regulation C, which 
(as discussed above) does not require a financial institution to report 
prequalification requests, even if those requests may constitute 
applications under existing Regulation B for purposes of adverse action 
notices, but does not address reporting of inquiries more generally. 
Related to this alternative approach, the Bureau also seeks comment on 
whether greater clarity could be achieved by defining, for purposes of 
proposed subpart B only, inquiries as requests for information about 
loan terms that do not become applications under existing Regulation B, 
and prequalification requests as requests that may become applications 
under existing Regulation B. In addition, the Bureau also seeks comment 
on the frequency with which financial institutions accept 
prequalification requests (as described in Regulation C comment 2(b)-2, 
but with respect to prospective business applicants) and what data are 
collected in connection with such prequalification requests, as well as 
potential effects on the market if some or all prequalification 
requests were reportable under section 1071.
    Consistent with the SBREFA Panel's recommendation, the Bureau also 
seeks comment on whether to include line increase requests as a 
``covered application'' and information on how financial institutions 
currently process requests for a line of credit increase. In addition 
to line increases, the Bureau also seeks comment on financial 
institution practices related to other types of requests for additional 
credit amounts, and whether such requests should be captured in 1071 
data.
    Lastly, the Bureau notes that Regulation C requires the reporting 
of assumptions for HMDA,\345\ but the Bureau does not have information 
on whether assumptions are similarly used in the small business lending 
context. The Bureau seeks comment on this issue, including how an 
assumption in small business lending might be structured (for example, 
whether it is typically a modification of an existing extension of 
credit or a new extension of credit), the frequency of assumptions in 
the small business lending context, and whether reporting of 
assumptions for small business lending would further the purposes of 
section 1071.
---------------------------------------------------------------------------

    \345\ See Regulation C comment 2(j)-5 (discussing when 
assumptions should be reported as home purchase loans).
---------------------------------------------------------------------------

Section 1002.104 Covered Credit Transactions and Excluded Transactions
104(a) Covered Credit Transaction
    ECOA section 704B(b) requires financial institutions to collect and 
report information regarding any application for ``credit'' made by 
women-owned, minority-owned, or small businesses. Although the term 
``credit'' is not specifically defined in section 1071, ECOA defines 
``credit'' as ``the right granted by a creditor to a debtor to defer 
payment of debt or to incur debts and defer its payment or to purchase 
property or services and defer payment therefor.'' \346\ As noted above 
in the section-by-section analysis of Sec.  1002.102(d), existing 
Regulation B further defines ``business credit'' as ``extensions of 
credit primarily for business or commercial (including agricultural) 
purposes,'' with some exclusions.\347\ As discussed in detail below, 
the Bureau is proposing to require that covered financial institutions 
report data for all applications for transactions that meet the 
definition of business credit unless otherwise excluded. Proposed Sec.  
1002.104(a) would define the term ``covered credit transaction'' as an 
extension of business credit that is not an excluded transaction under 
proposed Sec.  1002.104(b). Loans, lines of credit, credit cards, and 
MCAs (including such credit transactions for agricultural purposes and 
HMDA-reportable transactions) would all fall within the scope of this 
proposed rule, which would cover the majority of products that small 
businesses use to obtain financing.\348\ As such, the Bureau believes 
that the inclusion of these products in the Bureau's 1071 rule is 
important to fulfilling the purposes of section 1071. Pursuant to this 
approach, the Bureau notes that the products discussed below do not 
constitute an exhaustive list of covered credit transactions; other 
types of business credit not specifically described below would 
nevertheless constitute covered credit transactions unless excluded by 
proposed Sec.  1002.104(b).
---------------------------------------------------------------------------

    \346\ 15 U.S.C. 1691a(d); see also Sec.  1002.2(j).
    \347\ 12 CFR 1002.2(g).
    \348\ See White Paper at 21-22.
---------------------------------------------------------------------------

    Proposed Sec.  1002.104(b), in turn, would state that the 
requirements of subpart B do not apply to trade credit, public 
utilities credit, securities credit, and incidental credit. Associated 
commentary would make clear that the term ``covered credit 
transaction'' also does not cover factoring, leases, consumer-
designated credit used for business purposes, or credit secured by 
certain investment properties.
    For the reasons set forth below, the Bureau is proposing Sec.  
1002.104 pursuant to its authority under ECOA section 704B(g)(1) to 
prescribe such rules and issue such guidance as may be necessary to 
carry out, enforce, and compile data under section 1071.
    In the SBREFA Outline, the Bureau stated that it was considering 
proposing that a covered product under section 1071 is one that meets 
the definition of ``credit'' under ECOA and is not otherwise excluded 
from collection and reporting requirements.\349\ Specifically, the 
Bureau stated that it was considering proposing that covered products 
under section 1071 would include term loans, lines of credit, and 
credit cards. The Bureau stated that term loans, lines of credit, and 
credit cards meet the definition of ``credit'' under ECOA and these 
products collectively make up the majority of business financing 
products used by small businesses and are an essential source of 
financing for such businesses.\350\ The Bureau also proffered in the 
SBREFA Outline that the inclusion of these products in the Bureau's 
1071 rule is important to fulfilling the purposes of section 1071.\351\ 
The Bureau also stated in SBREFA Outline that it was considering 
proposing that the following products not be covered by the 1071 rule: 
consumer credit used for business purposes; leases; trade credit; 
factoring; and MCAs.\352\
---------------------------------------------------------------------------

    \349\ SBREFA Outline at 19-20.
    \350\ Id. at 20.
    \351\ Id.
    \352\ Id.
---------------------------------------------------------------------------

    SERs and other stakeholders providing feedback on the SBREFA 
Outline generally supported the Bureau's proposal under consideration 
to include term loans, lines of credit, and credit cards as covered 
products under section 1071.\353\ Many stakeholders (including roughly 
half the SERs) urged the Bureau to pursue

[[Page 56404]]

expansive product coverage in order to adequately capture small 
businesses' experiences with obtaining financing, especially for women-
owned and minority-owned small businesses. Many SERs and other 
stakeholders advocated for including MCAs within the scope of the 
eventual 1071 rule; some SERs and stakeholders also advocated for 
including factoring, and in some cases leases as well, in order to 
capture the full landscape of small business financing. Multiple 
stakeholders expressed concern that the exclusions under consideration 
for certain products (e.g., MCAs) would disproportionately burden 
traditional lenders who do not offer such products.
---------------------------------------------------------------------------

    \353\ The SER feedback discussed in this section-by-section 
analysis can be found in the SBREFA Panel Report at 22-23.
---------------------------------------------------------------------------

    As discussed below, the Bureau proposes that the 1071 rule cover 
loans, lines of credit, credit cards, and MCAs. The Bureau also 
explains below that ``covered credit transaction'' would encompass 
agricultural-purpose credit and HMDA-reportable transactions.
    Loans, lines of credit, and credit cards. As noted above, 
stakeholders generally presume and support the coverage of loans, lines 
of credit, and credit cards. These products are commonly offered to 
small business applicants (making up almost 60 percent of the aggregate 
dollar volume of various financial products used by small 
businesses).\354\ The Bureau is not proposing definitions for loans, 
lines of credit, and credit cards because the Bureau believes these 
products are generally and adequately covered by the proposed 
definition of ``credit'' in proposed Sec.  1002.102(i).\355\
---------------------------------------------------------------------------

    \354\ See id. at 21 fig. 2.
    \355\ As noted in the section-by-section analysis of proposed 
Sec.  1002.107(a)(5) below, the Bureau distinguishes between secured 
and unsecured loans and lines of credit when financial institutions 
report the type of credit product being applied for. The Bureau does 
not believe that this distinction has relevance to whether these 
products constitute ``credit.''
---------------------------------------------------------------------------

    The Bureau seeks comment on its proposed approach to covered credit 
transactions and particularly on whether it should define loans, lines 
of credit, and credit cards, and, if so, how.
    Merchant cash advances. MCAs are a form of financing for small 
businesses that purport to be structured as a sale of potential future 
income. MCAs vary in form and substance, but under a typical MCA, a 
merchant receives a cash advance and promises to repay it plus some 
additional amount or multiple of the amount advanced (e.g., 1.2 or 1.5, 
the ``payback'' or ``factor'' ``rate''). The merchant promises to repay 
by either pledging a percentage of its future revenue, such as its 
daily credit and debit card receipts (the ``holdback percentage''), or 
agreeing to pay a fixed daily withdrawal amount to the MCA provider 
until the agreed upon payment amount is satisfied. MCA contracts often 
provide for repayment directly through the merchant's card processor 
and/or via ACH withdrawals from the merchant's bank account.\356\ MCAs 
constitute the primary product under an umbrella that the Bureau refers 
to as ``sales-based financing''; generally, transactions wherein a 
financial institution extends funds to a business and repayment is 
based on the business's anticipated sales, revenue, or invoices.\357\
---------------------------------------------------------------------------

    \356\ This description is based on the Bureau's review of a 
sample of MCA contracts that the Bureau believes fairly represent 
typical MCA contracts in the market. The Bureau's review comports 
with observations made by industry and community groups regarding 
MCAs.
    \357\ As stated below, the Bureau is not proposing to 
specifically define sales-based financing in the 1071 rule because 
the Bureau believes these products are covered by the proposed 
definition of ``credit'' in proposed Sec.  1002.102(i). New York and 
California laws have recently sought to define sales-based 
financing. New York law, for example, defines ``sales-based 
financing'' as ``a transaction that is repaid by the recipient to 
the provider, over time, as a percentage of sales or revenue, in 
which the payment amount may increase or decrease according to the 
volume of sales made or revenue received by the recipient.'' N.Y. 
Fin. Serv. 801(j). New York's definition of sales-based financing 
also encompasses a true-up mechanism where the financing is repaid 
as a fixed payment but provides for a reconciliation process that 
adjusts the payment to an amount that is a percentage of sales or 
revenue. Id. California law uses a similar definition. See 10 Cal. 
Code Reg. 2057(a)(22) (defining sales-based financing as ``a 
commercial financing transaction that is repaid by a recipient to 
the financer as a percentage of sales or income, in which the 
payment amount increases and decreases according to the volume of 
sales made or income received by the recipient'' and including ``a 
true[hyphen]up mechanism'').
---------------------------------------------------------------------------

    The Bureau understands that the MCA market is generally dominated 
by nondepository lenders not subject to Federal safety and soundness 
supervision or reporting requirements. The Bureau also understands that 
MCA providers may not be required to obtain State lending licenses. As 
a result, information on MCA lending volume and practices is limited. 
The Bureau notes, however, that California recently enacted a law that 
brings providers of commercial financing options, including factoring 
and MCAs, into the California Financing Law (CFL), which will impose 
disclosure requirements.\358\ New York also enacted a law that would 
impose similar disclosure requirements upon certain New York commercial 
financing providers, including MCA providers.\359\
---------------------------------------------------------------------------

    \358\ The new law does not go so far as to amend the CFL to 
require factors or MCA providers to be licensed, but it does impose 
first-in-the-nation disclosure requirements in connection with these 
products similar to those imposed under TILA. See Cal. S.B. 1235 
(Sept. 30, 2018), https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=201720180SB1235. The law will be 
implemented through regulations, which have not been finalized yet. 
See State of Cal. Dep't of Bus. Oversight (DBO), Draft Regulations 
(July 26, 2019), https://dbo.ca.gov/wp-content/uploads/sites/296/2019/07/SB-1235-Draft-Regulations-7-26-19.pdf.
    \359\ N.Y. S.B. S5470B (Dec. 23, 2020), https://legislation.nysenate.gov/pdf/bills/2019/S5470B.
---------------------------------------------------------------------------

    Although the Bureau's 2017 White Paper estimated the MCA market 
constituted less than 1 percent of the aggregate dollar volume of 
various financial products used by small businesses in the U.S. in 
2014,\360\ the Bureau finds that more recent evidence suggests the 
industry may now be much larger. For example, the 2020 Federal Reserve 
Banks' survey of firms with 1-499 employees (``employer firms'') found 
that 8 percent of such businesses applied for and regularly used 
MCAs.\361\ Moreover, on August 18, 2019, the trade website deBanked 
reported that according to an investment bank's projections, ``the MCA 
industry will have more than doubled its small business funding to 
$19.2 billion by year-end 2019, up from $8.6 billion in 2014.'' \362\
---------------------------------------------------------------------------

    \360\ See White Paper at 21 fig. 2, 22 fig. 3.
    \361\ Fed. Reserve Banks, Small Business Credit Survey--2021 
Report on Employer Firms, at 24 (Feb. 3, 2021), https://www.fedsmallbusiness.org/medialibrary/FedSmallBusiness/files/2021/2021-sbcs-employer-firms-report (2021 Small Business Credit Survey). 
Starting in 2017, the Federal Reserve Banks began to gather specific 
data on MCAs for its annual reports on small business financing for 
employer firms--in the 2017 report, the survey found that 7 percent 
of such businesses applied for and regularly used MCAs. Fed. Reserve 
Banks, Small Business Credit Survey--2017 Report on Employer Firms, 
at 9 (Apr. 11, 2017), https://www.fedsmallbusiness.org/medialibrary/fedsmallbusiness/files/2018/sbcs-employer-firms-report.pdf (2017 
Small Business Credit Survey).
    \362\ Paul Sweeney, Gold Rush: Merchant Cash Advances Are Still 
Hot, deBanked (Aug. 18, 2019), https://debanked.com/2019/08/gold-rush-merchant-cash-advances-are-still-hot/.
---------------------------------------------------------------------------

    Based on stakeholder feedback and available data, the Bureau 
understands that MCAs are often used by merchants due to the speed and 
ease with which they can be obtained,\363\ particularly for merchants 
unable to obtain financing from more traditional sources.\364\ 
According to the 2020 Federal Reserve Banks' report regarding firms 
owned by people of color (both small employer firms and non-employer 
firms), Black-owned firms, Hispanic-owned firms, and Asian-owned firms 
were more likely to have applied for MCAs (14 percent, 10 percent, and 
10 percent

[[Page 56405]]

respectively) than white-owned firms (7 percent).\365\ The Bureau 
believes that this report supports stakeholders' assertions that 
minority-owned businesses are more likely to use MCAs.
---------------------------------------------------------------------------

    \363\ See 2021 Small Business Credit Survey at 26 (reporting 
that 84 percent of surveyed credit applicants were approved for an 
MCA, as compared to a 43 percent approval rate for personal loans).
    \364\ See id. at 22 (noting that only 7 percent of ``high credit 
risk'' applicants obtained all the financing sought).
    \365\ Small Business Credit Survey of Firms Owned by People of 
Color at 30.
---------------------------------------------------------------------------

    The Bureau believes that the higher frequency of MCA use among 
minority-owned businesses coupled with reports of problematic provider 
practices lends credence to many stakeholders' claims that MCAs may 
raise fair lending concerns. The FTC released a Staff Perspective in 
February 2020 discussing its concerns with the MCA industry \366\ and 
noting the industry's tendency to ``cater to higher-risk businesses or 
owners with low credit scores--typically offering them higher-cost 
products.'' \367\ The FTC has also filed enforcement actions against 
MCA providers and their principals, in one case alleging that they 
misrepresented the terms of MCAs that they provided, and then used 
``unfair collection practices, including sometimes threatening physical 
violence, to compel consumers to pay.'' \368\ The FTC recently obtained 
a settlement that requires an MCA provider to pay more than $9.8 
million to settle charges that it took money from businesses' bank 
accounts without permission and deceived them about the amount of 
financing business owners would receive and other features of its 
financing products.\369\ Moreover, the Bureau understands that the 
default rate amongst small businesses that use MCAs is relatively 
high--5 to 15 percent according to one estimate (compared with a 2 
percent default rate on SBA loans).\370\ The Bureau believes this high 
default rate may be explained by the fact that the typical MCA holdback 
percentage--10 to 20 percent of gross receipts or revenues--may be 
onerous for already cash-strapped small businesses.\371\ The Bureau 
also understands that it is not uncommon for small businesses that use 
MCAs to obtain new MCAs from other MCA providers (more than a quarter 
of such businesses, by one account); \372\ they also may use one MCA to 
pay off another. Firms that take on added debt loads in this way (a 
process known as ``stacking'') ``may not fully recognize the costs 
involved, which could potentially jeopardize the financial health of 
their businesses.'' \373\
---------------------------------------------------------------------------

    \366\ Fed. Trade Comm'n, `Strictly Business' Forum, Staff 
Perspective, at 6-8 (Feb. 2020), https://www.ftc.gov/system/files/documents/reports/staff-perspective-paper-ftcs-strictly-business-forum/strictly_business_forum_staff_perspective.pdf.
    \367\ See id. at 2.
    \368\ Press Release, Fed. Trade Comm'n, New York-Based Finance 
Companies Deceived Small Businesses, Non-Profits and Seized Their 
Personal and Business Assets (June 10, 2020), https://www.ftc.gov/news-events/press-releases/2020/06/new-york-based-finance-companies-deceived-small-businesses. See also Press Release, Fed. Trade 
Comm'n, FTC Alleges Merchant Cash Advance Provider Overcharged Small 
Businesses Millions (Aug. 3, 2020), https://www.ftc.gov/news-events/press-releases/2020/08/ftc-alleges-merchant-cash-advance-provider-overcharged-small.
    \369\ Press Release, Fed. Trade Comm'n, Cash Advance Firm to Pay 
$9.8M to Settle FTC Complaint It Overcharged Small Businesses (Apr. 
22, 2021), https://www.ftc.gov/news-events/press-releases/2021/04/cash-advance-firm-pay-98m-settle-ftc-complaint-it-overcharged.
    \370\ Kevin Voigt, It's the Wild West Out There: NerdWallet 
Special Report, NerdWallet (Oct. 13, 2016), https://www.nerdwallet.com/blog/small-business-special-report-mca/.
    \371\ See Bd. of Governors of the Fed. Reserve Sys., Browsing to 
Borrow: ``Mom & Pop'' Small Business Perspectives on Online Lenders, 
at 9 (June 2018), https://www.federalreserve.gov/publications/files/2018-small-business-lending.pdf (Board Small Business Perspectives) 
(noting that when asked ``about the toughest part of running their 
businesses, most participants cited the challenges of managing their 
cash flow''); id. at 5 (noting that ``[s]ome observers have argued 
that the owner's loss of control over cash flow puts some small 
businesses at risk''). The Bureau also notes that many MCA providers 
believe that they are not subject to State usury laws.
    \372\ See Opportunity Fund, Unaffordable and Unsustainable: The 
New Business Lending, at 3 (May 2016), https://www.leg.state.nv.us/App/InterimCommittee/REL/Document/13129 (stating that ``[m]ore than 
a quarter of the businesses in our dataset had loans outstanding 
with multiple alternative lenders'').
    \373\ Board Small Business Perspectives at 6.
---------------------------------------------------------------------------

    As small businesses struggle with the COVID-19 pandemic, the Bureau 
is seeing more reports of MCA providers employing aggressive collection 
practices, such as ``pursuing legal claims against owners that freeze 
their bank accounts and . . . pressing their family members, neighbors, 
insurers, distributors--even their customers.'' \374\ Given the fact 
that 84 percent of the credit applicants surveyed by the Federal 
Reserve Banks were approved for an MCA \375\ and the fact that it 
appears significantly more difficult to obtain credit as a ``high 
credit risk'' applicant during the COVID-19 pandemic,\376\ the Bureau 
believes that vulnerable small businesses are increasingly seeking MCAs 
to support their pandemic recovery.
---------------------------------------------------------------------------

    \374\ Gretchen Morgenson, FTC official: Legal `loan sharks' may 
be exploiting coronavirus to squeeze small businesses, NBC News 
(Apr. 3 2020), https://www.nbcnews.com/business/economy/ftc-official-legal-loan-sharks-may-be-exploiting-coronavirus-squeeze-n1173346.
    \375\ See 2021 Small Business Credit Survey at 26.
    \376\ Compare id. at 22 (noting that only 7 percent of ``high 
credit risk'' applicants obtained all the financing sought), with 
Fed. Reserve Banks, Small Business Credit Survey--2020 Report on 
Employer Firms, at 12 (Apr. 7, 2020), https://www.fedsmallbusiness.org/medialibrary/FedSmallBusiness/files/2020/2020-sbcs-employer-firms-report (reporting that 23 percent of ``high 
credit risk'' applicants obtained all the financing sought) (2020 
Small Business Credit Survey).
---------------------------------------------------------------------------

    In its SBREFA Outline, the Bureau stated that it was considering 
proposing that MCAs not be a covered product under section 1071 since 
including them may add additional complexity or reporting burden given 
the unique structure of the transactions.\377\
---------------------------------------------------------------------------

    \377\ SBREFA Outline at 22.
---------------------------------------------------------------------------

    During and following the SBREFA Panel meetings, many SERs advocated 
for including MCAs within the scope of the 1071 rule due, in part, to 
their widespread use by small businesses in the same way as traditional 
loans. In response to the SBREFA Outline, many other stakeholders, 
including community groups and industry representatives, urged the 
inclusion of MCAs for one or more of the following reasons:
     MCAs are widely used by small businesses and have a 
rapidly growing market share.
     MCAs are often advertised as loans even though MCA 
providers have been strongly opposed to labeling their products as 
loans.
     The complexity of MCAs is not a good reason to exclude 
them from coverage.
     Minority-owned small businesses disproportionately use 
MCAs.
     Excluding the largely unregulated MCA industry would 
create unequal regulatory burdens for entities that may compete for the 
same small business clients.
     MCAs should be considered ``credit'' for the purposes of 
section 1071.
     Small businesses do not distinguish these products from 
other forms of financing.
     Some MCA providers engage in harmful practices and should 
be subject to oversight.
    The Bureau observes that, throughout the development of the 1071 
rule, MCAs have been the focus of significant attention and a unique 
source of near-consensus among a diverse array of stakeholders--almost 
all of whom advocated for covering MCAs in the 1071 rule.\378\ The only 
commenters that have supported the exclusion of MCAs from the 1071 rule 
were MCA providers or trade associations representing MCA providers. 
These stakeholders argue that MCAs do not meet the definition of

[[Page 56406]]

credit under ECOA or State law and are instead much like traditional 
factoring arrangements, which are generally understood not to be 
credit.
---------------------------------------------------------------------------

    \378\ For instance, of the substantive responses to the 2017 
RFI, comments authored or co-authored by dozens of stakeholders 
(including community and business groups, industry, and trade 
associations) expressed explicit support for requiring the reporting 
of MCAs (and additional letters expressed support for covering 
``fintech'' or ``alternative online'' products more generally).
---------------------------------------------------------------------------

    Potential coverage of MCAs under the 1071 rule has also drawn the 
attention of government entities seeking to regulate the industry. For 
example, in response to the SBREFA Outline, the California Department 
of Financial Protection and Innovation submitted a comment letter 
stating that ``nearly all the data points would be just as easy for an 
MCA company to report as any other financial institution.'' In 
addition, FTC staff submitted a comment letter in response to the 
Bureau's Request for Information on the Equal Credit Opportunity Act 
and Regulation B \379\ noting that the FTC has brought many actions 
protecting small businesses but that detecting illegal conduct in this 
space can be challenging, particularly with regard to MCAs. The FTC 
comment letter urges the Bureau to remind small business lenders that 
whether a particular law applies depends on actual facts and 
circumstances and not solely on how one party chooses to characterize 
the transaction. FTC staff also recommends the Bureau help small 
businesses through data collection, collecting complaints, and 
education.
---------------------------------------------------------------------------

    \379\ 85 FR 46600 (Aug. 3, 2020).
---------------------------------------------------------------------------

    Upon further consideration and in light of stakeholder feedback 
provided during the SBREFA process, the Bureau is proposing to cover 
MCAs as reportable under 1071. The Bureau believes that the statutory 
term ``credit'' in ECOA is ambiguous as to whether it covers sales-
based financing products like MCAs, and existing Regulation B offers no 
further clarity except to note in commentary that factoring, as ``a 
purchase of accounts receivable,'' is not covered by ECOA or Regulation 
B.\380\ Based on its review of typical MCA arrangements and its 
expertise with respect to the nature of credit transactions, the Bureau 
believes that the better reading of the term ``credit'' is that it 
encompasses MCAs and other types of sales-based financing. As noted 
above, ECOA defines ``credit'' to mean ``the right granted by a 
creditor to a debtor to defer payment of debt or to incur debts and 
defer its payment or to purchase property or services and defer payment 
therefor.'' The Bureau is thus not proposing to specifically define 
MCAs or other sales-based financing in the 1071 rule because the Bureau 
believes these products are covered by the proposed definition of 
``credit'' in Sec.  1002.102(i). Nor does the Bureau believe that MCAs 
should be excluded from the rule as a species of factoring (as defined 
in proposed comment 104(a)-2), because MCAs are not based on accounts 
receivable from ``goods that the recipient has supplied or services 
that the recipient has rendered.''
---------------------------------------------------------------------------

    \380\ Existing comment 9(a)(3)-3.
---------------------------------------------------------------------------

    As an initial matter, the Bureau believes that MCAs do not 
constitute factoring within the meaning of the existing commentary to 
Regulation B or the definition in proposed comment 104(b)-1, discussed 
in greater detail below. In factoring transactions, entities receiving 
financing sell their legal right to payment from a third party for 
goods supplied or services rendered, and that right exists at the time 
of the transaction itself; the provider of funds seeks payment directly 
from the third party, and the transaction between the recipient and the 
provider of funds is complete at the time of the sale. In other words, 
the recipient of the financing has no remaining payment obligation, 
meaning that no payment is deferred. In contrast, at the time of the 
advance in an MCA, the recipient of the financing has no existing 
rights to payment that it can transfer. The transaction thus 
constitutes only a promise by the ``seller'' to transfer funds to the 
``buyer'' once they materialize at a later date. The Bureau believes 
that the ECOA definition of credit, by referring to the right to 
``defer'' payments, necessarily invokes this temporal consideration.
    Furthermore, the Bureau interprets ECOA's definition of credit as 
making dispositive whether one party has granted another the right to 
repay at some time subsequent to the initial transaction, without 
consideration of factors such as the existence of recourse or analysis 
of who bears the risk of loss. MCA providers grant such a right: They 
advance funds to small businesses and grant them the right to defer 
repayment by allowing them to repay over time. Additionally, as a 
practical matter, the Bureau understands that MCAs are underwritten and 
function like a typical loan (i.e., underwriting of the recipient of 
the funds; repayment that functionally comes from the recipient's own 
accounts rather than from a third party; repayment of the advance 
itself plus additional amounts akin to interest; and, at least for some 
subset of MCAs, repayment in regular intervals over a predictable 
period of time).
    Finally, the Bureau believes that the inclusion of MCAs in the 
Bureau's 1071 rule is important to fulfilling both the fair lending and 
the business and community development purposes of section 1071.\381\ 
The Bureau also believes that including MCAs would create a more level 
playing field across financial institutions that provide cash flow 
financing to small businesses as well as create a data set that better 
reflects demand for such financing by the smallest and most vulnerable 
businesses.
---------------------------------------------------------------------------

    \381\ ECOA section 704B(a).
---------------------------------------------------------------------------

    The Bureau seeks comment on its proposed approach to covered credit 
transactions, and in particular, on whether it should define MCAs and/
or other sales-based financing transactions, and if so, how.
    Agricultural-purpose credit. In the SBREFA Outline, the Bureau did 
not expressly address credit used for agricultural purposes, although 
such credit is generally covered by the broad definition of credit 
under ECOA and agricultural businesses are included in section 1071's 
definition of small business.\382\ Based on questions from SERs about 
the Bureau's intended approach, however, the SBREFA Panel recommended 
that the Bureau address in the proposed rule whether it intends to 
cover agricultural loans in the eventual 1071 rule.\383\ Moreover, in a 
July 2019 report, the U.S. Government Accountability Office (GAO) 
discussed its finding that information on the amount and types of 
agricultural credit to socially disadvantaged farmers and ranchers 
(SDFRs) \384\ is limited, and suggested that the 1071 rulemaking may be 
a way to engage in ``additional data collection and reporting for 
nonmortgage loans.'' \385\
---------------------------------------------------------------------------

    \382\ ECOA section 704B(h)(2) (defining a small business as 
having the same meaning as the term ``small business concern'' in 
section 3 of the Small Business Act (15 U.S.C. 632)''). Section 
704B(h)(2) defines small business by reference to the Small Business 
Act definition of a small business concern, which includes 
independently owned and operated ``enterprises that are engaged in 
the business of production of food and fiber, ranching and raising 
of livestock, aquaculture, and all other farming and agricultural 
related industries.'' 15 U.S.C. 632(a)(1).
    \383\ SBREFA Panel Report at 44.
    \384\ The U.S. Department of Agriculture (USDA) defines SDFRs as 
members of certain racial and ethnic minority groups and women. 
According to the GAO, USDA regulations further define SDFRs as 
belonging to the following groups: American Indians or Alaskan 
Natives, Asians, Blacks or African Americans, Native Hawaiians or 
other Pacific Islanders, Hispanics, and women. See Gov't 
Accountability Off., Agricultural Lending: Information on Credit and 
Outreach to Socially Disadvantaged Farmers and Ranchers is Limited, 
at 2 (2019), https://www.gao.gov/assets/710/700218.pdf (GAO Report). 
The Bureau notes that those five categories align with the Bureau's 
proposed categories used in the definition of ``minority 
individual'' in proposed Sec.  1002.102(l).
    \385\ GAO Report at 16.

---------------------------------------------------------------------------

[[Page 56407]]

    According to the 2017 Census of Agriculture,\386\ there are about 
3.4 million farmers and ranchers (``producers'') working on 2 million 
farming and ranching operations (``farms'') in the United States. The 
U.S. Department of Agriculture (USDA) Economic Research Service found 
that family farms (where the majority of the business is owned by the 
operator and individuals related to the operator) of various types 
together accounted for nearly 98 percent of U.S. farms in 2019.\387\ 
Small family farms (less than $350,000 in gross cash farm income 
(GCFI)) accounted for 90 percent of all U.S. farms and large-scale 
family farms ($1 million or more in GCFI) make up about 3 percent of 
farms but 44 percent of the value of production.\388\
---------------------------------------------------------------------------

    \386\ The Census of Agriculture is conducted by the USDA every 
five years and provides a detailed picture of farms and the people 
who operate them. See generally U.S. Dep't of Agric., 2017 Census of 
Agriculture (Apr. 2019), https://www.nass.usda.gov/Publications/AgCensus/2017/Full_Report/Volume_1,_Chapter_1_US/usv1.pdf.
    \387\ Econ. Research Serv., U.S. Dep't of Agric., Farming and 
Farm Income (updated May 10, 2021), https://www.ers.usda.gov/data-products/ag-and-food-statistics-charting-the-essentials/farming-and-farm-income/.
    \388\ Id.
---------------------------------------------------------------------------

    According to the 2019 Annual Report of the Farm Credit 
Administration, most agricultural lending (approximately 83 percent) is 
done by either commercial banks or the Farm Credit System (FCS), a 
network of government-sponsored entities (GSEs) regulated by the Farm 
Credit Administration, an independent government agency.\389\ The 
USDA's Farm Service Agency accounts for a small share (3 percent) of 
agricultural credit through direct loans and guarantees of loans made 
by private lenders.\390\
---------------------------------------------------------------------------

    \389\ Farm Credit Admin., 2019 Annual Report of the Farm Credit 
Administration, at 18 (2019), https://www.fca.gov/template-fca/about/2019AnnualReport.pdf.
    \390\ Id.
---------------------------------------------------------------------------

    The GAO found that, using 2015-2017 USDA survey data, SDFRs 
represented an estimated 17 percent of primary producers in the survey, 
but accounted for only an estimated 8 percent of total outstanding 
agricultural debt.\391\ Loans to purchase agricultural real estate 
accounted for most of SDFRs' outstanding debt (67 percent).\392\ Farms 
with minority or women primary producers \393\ are, on average, smaller 
and bring in less revenue than farms with a non-SDFR primary producer 
(i.e., a white male)--while SDFRs represented 30 percent of all farms, 
they operated 21 percent of total farm land and accounted for 13 
percent of the market value of agricultural products sold in 2017.\394\
---------------------------------------------------------------------------

    \391\ GAO Report at 16. ``The primary producer is the individual 
on a farm who is responsible for the most decisions. Each farm has 
only one primary producer.'' Id. at 5.
    \392\ Id. at 2.
    \393\ ``Producers'' are individuals involved in farm decision-
making. A single farm may have more than one producer.
    \394\ See GAO Report at 7.
---------------------------------------------------------------------------

    The share of minority representation in farming, particularly that 
of Black farmers, has declined sharply over the last 100 years.\395\ 
The number of female producers has increased significantly over the 
last 100 years but remains relatively small compared to male farm 
producers.\396\ Based on the disposition of numerous lawsuits alleging 
discrimination against minority farmers,\397\ the Bureau believes that 
credit discrimination may play a role in this decline. The GAO cites 
SDFR advocacy groups, which have said some SDFRs face actual or 
perceived unfair treatment in lending or may be dissuaded from applying 
for credit because of past instances of alleged discrimination.\398\ In 
addition, the GAO cites SDFR advocacy groups, lending industry 
representatives, and Federal officials in stating that SDFRs are more 
likely to operate smaller, lower-revenue farms, have weaker credit 
histories, or lack clear title to their agricultural land, which can 
make it difficult for them to qualify for loans.\399\ The Bureau 
understands that determining the ``creditworthiness'' of a farmer is 
often a judgmental process in which lending decisions are de-
centralized and involve weighing many discretionary factors, the Bureau 
believes that there are heightened fair lending risks in agricultural 
lending.
---------------------------------------------------------------------------

    \395\ In 1910, approximately 893,370 Black farmers operated 
approximately 41.1 million acres of farmland, representing 
approximately 14 percent of farmers. U.S. Census Bureau, 1910 
Census: Volume 5 (Agriculture), Statistics of Farms, Classified by 
Race, Nativity, and Sex of Farmers, at 298 (1910), https://www2.census.gov/library/publications/decennial/1920/volume-5/06229676v5ch04.pdf. In 2017, of the country's 3.4 million total 
producers, only 45,508 of them (1.3 percent) are Black and they farm 
on only 4.1 million acres (0.5 percent of total farmland); by 
comparison, 95 percent of U.S. producers are white and own 94 
percent of farmland. U.S. Dep't of Agric., 2017 Census of 
Agriculture, at 62, 72 (Apr. 2019), https://www.nass.usda.gov/Publications/AgCensus/2017/Full_Report/Volume_1,_Chapter_1_US/usv1.pdf.
    \396\ In 1910, women farmers represented approximately 4 percent 
of farm workers. See U.S. Census Bureau, 1910 Census: Volume 5 
(Agriculture), Statistics of Farms, Classified by Race, Nativity, 
and Sex of Farmers, at 340 (1910), https://www2.census.gov/library/publications/decennial/1920/volume-5/06229676v5ch04.pdf. As of 2017, 
women account for approximately 36 percent of farmers. See U.S. 
Dep't of Agric., 2017 Census of Agriculture, at 62 (Apr. 2019), 
https://www.nass.usda.gov/Publications/AgCensus/2017/Full_Report/Volume_1,_Chapter_1_US/usv1.pdf.
    \397\ See, e.g., Order, In re Black Farmers Discrimination 
Litig., No. 08-mc-0511 (D.D.C. filed Aug. 8, 2008), https://blackfarmercase.com/Documents/2008.08.08%20-%20PLF%20Consolidation%20Order_0.pdf; Pigford v. Glickman, 206 F.3d 
1212 (D.C. Cir. 2000). See also Garcia v. Vilsack, 563 F.3d 519 
(D.C. Cir. 2009); Love v. Connor, 525 F. Supp. 2d 155 (D.D.C. 2007); 
Keepseagle v. Veneman, No. 99-CIV-03119, 2001 U.S. Dist. LEXIS 25220 
(D.D.C. Dec. 12, 2001).
    \398\ GAO Report at introductory highlights. Additionally, the 
GAO cited these sources as noting that some SDFRs may not be fully 
aware of credit options and lending requirements, especially if they 
are recent immigrants or new to agriculture. Id.
    \399\ Id.
---------------------------------------------------------------------------

    In light of the above, the Bureau believes that covering 
agricultural credit in its 1071 rule is important for both of section 
1071's statutory purposes, and is not proposing to define covered 
credit in a way that would exclude agricultural credit from the rule. 
The Bureau seeks comment on the potential costs and complexities 
associated with covering such credit.
    HMDA-reportable transactions. By adopting Regulation C's definition 
of dwelling and its commentary regarding investment properties, the 
Bureau seeks to ensure consistency and minimize compliance burdens for 
financial institutions that must also report credit transactions 
covered by HMDA (that is, HMDA-reportable transactions). Based on 
Bureau calculations using the 2019 HMDA data, the Bureau found that 
close to 2,000 lenders and around 530,000 applications indicated a 
``business or commercial purpose'' and around 500,000 applications were 
used for an ``investment'' (as defined by the occupancy code) purpose. 
Of those applications, around 50,000 were for 5+ unit properties. The 
overall number of applications the Bureau expects to be reported 
annually under the proposed rule is around 26 million. Thus, the Bureau 
anticipates a relatively small but not insignificant overlap regarding 
real estate investment loans between HMDA and 1071.
    The Bureau has considered excluding all transactions that were also 
reportable under HMDA, but believes such an exclusion would add 
complexity to data analysis. The Bureau understands that requiring 
lenders to find and delete from databases that supply their 1071 
submission only those transactions that also appear in HMDA may require 
a separate scrub of the data and create additional compliance burden, 
as well as compliance risk if HMDA-reportable transactions are not 
deleted from a 1071 submission. For example, if the Bureau were to 
exclude HMDA reportable transactions from 1071 and a small business 
wants to purchase a 5+ dwelling unit property (that the financial 
institution would need to know is HMDA reportable), the

[[Page 56408]]

financial institution would have to make sure it is not collecting 
protected demographic information on principal owners, even though that 
information must be collected for every other type of loan that same 
business might apply for. The Bureau also believes that it may not be 
possible to identify loans in the HMDA data that, but for this 
exclusion, would be reported under 1071 because the financial 
institution would need to know which HMDA applications are for small 
businesses versus large businesses. Moreover, excluding HMDA-reportable 
applications could mean that a financial institution that is below the 
HMDA reporting threshold would not report these loans at all.
    Further, in addition to not being able to distinguish which 
applications are from small and not large businesses, the Bureau 
believes that excluding all transactions that were also reportable 
under HMDA may be at odds with the statutory purposes of section 1071. 
The following information will not be collected for applications only 
reported under HMDA: (1) The principal owner's race, sex, or ethnicity 
where the applicant is not a natural person; (2) minority-owned and 
women-owned business status; (3) gross annual revenue; and (4) other 
1071 data points such as pricing, NAICS code, and number of workers. 
The Bureau is concerned that not collecting this information would run 
contrary to section 1071's fair lending and business and community 
development purposes.
    For applications that would be reported under both HMDA and 1071 
(generally, business credit secured by dwellings, with the exception of 
credit secured by 1-4 individual dwelling units that the applicant or 
one or more of the applicant's principal owners does not, or will not, 
occupy), the Bureau seeks comment on whether it should require such 
applications to be flagged as such when reported under subpart B. The 
Bureau believes that for data integrity and analysis purposes, it may 
be helpful to know if a loan is in both datasets and a dual reporting 
flag may help ensure any data analysis is not double-counting certain 
applications.
104(b) Excluded Transactions
    Proposed Sec.  1002.104(b) would provide that the requirements of 
subpart B do not apply to trade credit, public utilities credit, 
securities credit, and incidental credit. Proposed comments 104(b)-1 
and -2 would make clear that the term covered credit transaction also 
does not cover factoring and leases. The proposed treatment of each of 
these types of transactions is discussed in detail below. Proposed 
comments 104(b)-3 and -4 would clarify that the term covered credit 
transaction does not include consumer-designated credit or credit 
secured by certain investment properties because, as discussed in 
detail below, such transactions are not business credit. The Bureau 
also discusses its proposed treatment of extensions of credit made to 
governments or governmental subdivisions, agencies, or 
instrumentalities and certain purchases of covered credit transactions. 
Finally, the Bureau discusses its proposed exclusions for trade credit, 
public utilities credit, securities credit, and incidental credit.
    The Bureau seeks comment on whether it should permit financial 
institutions to voluntarily collect applicants' protected demographic 
information (that is, the applicant's minority-owned business status 
and women-owned business status, and the ethnicity, race, and sex of 
the applicant's principal owners) for applications for some or all of 
the types of transactions that the Bureau is proposing not to cover, 
and to report those applications to the Bureau pursuant to proposed 
Sec.  1002.109.
    Factoring. In traditional factoring arrangements, a business in 
need of financing sells all or a portion of its accounts receivable 
(existing but unpaid invoices) to another business, known as a 
``factor.'' The factor then receives payments on the accounts 
receivable from the business's debtors or customers directly, and not 
from the business that had entered into the factoring transaction. If 
the business has sold only a portion of its invoices, then once the 
account debtors pay their invoices to the factor, the factor remits the 
remainder of the balance to the business after deducting a fee 
(specifically, a discount applied to the sold accounts receivable 
usually stated on a percentage basis).
    The Bureau understands that like the market for MCAs, the factoring 
market is generally dominated by nondepository lenders not subject to 
Federal safety and soundness supervision or reporting requirements. The 
Bureau also understands that generally, factors may not be required to 
obtain State lending licenses. As a result, information on factoring 
volume and practices is limited. The Bureau notes, however, that the 
California and New York disclosure laws mentioned above cover 
factoring.\400\
---------------------------------------------------------------------------

    \400\ See Cal. S.B. 1235 (Sept. 30, 2018), https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=201720180SB1235; N.Y. S.B. S5470B (July 
23, 2020), https://legislation.nysenate.gov/pdf/bills/2019/S5470B.
---------------------------------------------------------------------------

    The Bureau's 2017 White Paper estimated the factoring market as 
constituting around 8 percent of the number of accounts used by small 
businesses in the U.S. in 2014.\401\ Based on more recent evidence, the 
Bureau believes the industry has not significantly grown. For example, 
the 2017 and 2020 Federal Reserve Banks' surveys of firms with 1-499 
employees (``employer firms'') found that 4 percent of such businesses 
applied for and regularly used factoring.\402\ In the 2020 Small 
Business Credit Survey of Employer Firms, this figure dropped to 3 
percent of employer firms.\403\
---------------------------------------------------------------------------

    \401\ White Paper at 21 fig. 2, 22 fig. 3.
    \402\ 2020 Small Business Credit Survey; 2017 Small Business 
Credit Survey.
    \403\ See 2021 Small Business Credit Survey at 24.
---------------------------------------------------------------------------

    In the SBREFA Outline, the Bureau stated that it was considering 
excluding factoring from coverage under the 1071 rule.\404\ As a 
general matter, the Bureau received fewer comments from stakeholders 
regarding factoring compared to some other products, though some SERs 
did advocate for including factoring. Moreover, several stakeholders 
(representing both community group and industry perspectives) argued 
that factoring should be covered under section 1071: First, factoring 
is widely used by small businesses, particularly very small businesses, 
who are more likely to face heightened challenges accessing business 
credit; second, both New York and California have passed disclosure 
laws covering factoring and exclusion would potentially lead to a 
regulatory advantage for lenders offering higher-cost, less-transparent 
credit products.
---------------------------------------------------------------------------

    \404\ SBREFA Outline at 22.
---------------------------------------------------------------------------

    A community group commenter stated that the Bureau should require 
the reporting of these agreements regardless of whether there is a 
credit agreement incident to the factoring agreement under Regulation B 
(this concept is discussed in more detail below). A few commenters that 
supported the proposed exclusion under consideration of factoring did 
so on the basis that factoring is not ``credit'' under ECOA. Commenters 
did not raise fair lending concerns or concerns about predatory 
practices related to factoring.
    An existing comment in Regulation B (comment 9(a)(3)-3) provides 
that ``[f]actoring refers to a purchase of accounts receivable, and 
thus is not subject to [ECOA or Regulation B].'' Existing Regulation B 
does not offer a definition for ``accounts receivable.'' However, if 
there is a ``credit extension incident to the factoring arrangement,''

[[Page 56409]]

Regulation B's notification rules \405\ apply, as do other relevant 
sections of ECOA and Regulation B.\406\ The Bureau understands that the 
Board's treatment of credit extensions incident to factoring 
arrangements--as a type of credit but one entitled to exemptions from 
certain requirements--was motivated by its reading of congressional 
intent related to the Women's Business Ownership Act of 1988,\407\ 
which amended ECOA to extend notification and record retention 
requirements to business credit. In its proposed rule on this issue, 
the Board explained that it was treating credit extensions incident to 
factoring arrangements differently from other forms of business credit 
based on ``evidence of congressional intent that the amendments should 
not apply to . . . certain types of business credit (such as 
applications for trade credit and credit incident to factoring 
arrangements).'' \408\ Based on the Bureau's work to date and 
conversations with industry stakeholders, the Bureau understands that 
purported factoring arrangements may take various forms, including 
longer-term or revolving transactions that appear to have credit or 
credit-like features, and the Bureau believes that a subset of such 
arrangements may constitute credit incident to the factoring 
arrangement, particularly if they involve goods or services that have 
not been supplied or rendered.
---------------------------------------------------------------------------

    \405\ See existing Sec.  1002.9(a)(3)(ii) (requiring a creditor 
to notify an applicant, within a reasonable time (as opposed to 
within 30 days for credit sought by consumers and businesses with 
gross revenues of $1 million or less in preceding fiscal year), 
orally or in writing, of the action taken).
    \406\ Comment 9(a)(3)-3.
    \407\ Public Law 100-533, 102 Stat. 2689 (1988).
    \408\ 54 FR 29734, 29736 (July 14, 1989); see also 134 Cong. 
Rec. H9282-89 (daily ed. Oct 3, 1988) (explaining that the committee 
recognizes that some forms of commercial loan transactions and 
extensions of credit may ``require specialized rules,'' and that, 
for example, the committee believes that loans and credit extensions 
incidental to trade credit, factoring arrangements, and 
sophisticated asset-based loans should continue to be exempted from 
the record retention and automatic notification requirements).
---------------------------------------------------------------------------

    The Bureau is proposing to not cover factoring under the 1071 rule. 
Modeled on the definitions set forth in the New York and California 
commercial financing disclosure laws,\409\ proposed comment 104(b)-1 
would provide that factoring is an accounts receivable purchase 
transaction between businesses that includes an agreement to purchase, 
transfer, or sell a legally enforceable claim for payment for goods 
that the recipient has supplied or services that the recipient has 
rendered but for which payment has not yet been made. Proposed comment 
104(b)-1 would also clarify that an extension of business credit 
incident to a factoring arrangement is a covered credit transaction and 
that a financial institution shall report such a transaction as an 
``Other sales-based financing transaction'' under proposed Sec.  
1002.107(a)(5).
---------------------------------------------------------------------------

    \409\ See Cal. S.B. 1235 (Sept. 30, 2018), https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=201720180SB1235; N.Y. S.B. S5470B (July 
23, 2020), https://legislation.nysenate.gov/pdf/bills/2019/S5470B.
---------------------------------------------------------------------------

    The Bureau believes that, as discussed with respect to MCAs above, 
a traditional factoring agreement, as described in proposed comment 
104(b)-1, is not credit under ECOA because the provider of the funds 
does not grant the recipient the right to defer payment. Instead, the 
provider of funds seeks payment directly from a third party, and the 
transaction between the recipient and the provider of funds is complete 
at the time of the sale. The Bureau also believes that treating 
factoring as credit under the 1071 rule could create inconsistencies 
and compliance concerns related to existing Regulation B, which 
currently states that factoring (as a purchase of accounts receivable) 
is not subject to ECOA. Moreover, while a few commenters did suggest 
covering factoring as part of a broader effort to adequately capture 
small businesses' experiences with obtaining financing, the Bureau 
notes that commenters did not raise particular fair lending concerns 
related to factoring. The Bureau is proposing a more detailed 
description of what constitutes factoring in proposed comment 104(b)-1 
because it is concerned that the existing Regulation B commentary 
regarding factoring may not provide sufficient clarity for purposes of 
collecting and reporting data under section 1071 as it does not offer a 
definition for ``accounts receivable.'' Proposed comment 104(b)-1 would 
state that it is not intended to repeal, abrogate, annul, impair, or 
interfere with any existing interpretations, orders, agreements, 
ordinances, rules, or regulations adopted or issued pursuant to 
existing comment 9(a)(3)-3.
    The Bureau seeks comment on its proposed approach to factoring. The 
Bureau also seeks comment on how the subset of purported factoring 
arrangements that may in fact be credit (i.e., those that are revolving 
in nature or that cover anticipated receivables) should be reported 
under the 1071 rule. Specifically, the Bureau seeks comment on whether 
such arrangements should be reported as credit extensions incident to 
factoring (and thus reported ``other sales-based financing'') or as 
MCAs.
    Leases. A leasing transaction generally refers to an agreement in 
which a lessor transfers the right of possession and use of a good or 
asset to a lessee in return for consideration.\410\ Under a ``true'' or 
``operating'' lease, a lessee (the user) makes regular payments to a 
lessor (the owner) in exchange for the right to use an asset (such as 
equipment, buildings, motor vehicles, etc.).
---------------------------------------------------------------------------

    \410\ See UCC Art. 2A-103(1)(j) (defining a ``lease'').
---------------------------------------------------------------------------

    Leases are not expressly addressed in ECOA or Regulation B. The 
Bureau has never opined on whether ECOA and Regulation B apply to 
leases, and the Board made only one statement about the applicability 
of ECOA and Regulation B to leases, in the preamble to a final rule 
under ECOA. In that 1985 statement, the Board responded to the Ninth 
Circuit's opinion in Brothers v. First Leasing,\411\ which concluded 
that consumer leasing falls under ECOA.\412\ The Board stated that it 
believes that ``Congress did not intend the ECOA, which on its face 
applies only to credit transactions, to cover lease transactions unless 
the transaction results in a `credit sale' as defined in the Truth in 
Lending Act and Regulation Z.'' \413\ The Board then noted that it 
would continue to monitor leasing transactions and take further action 
as appropriate.\414\ The Bureau is unaware of any such further actions 
taken by the Board.
---------------------------------------------------------------------------

    \411\ 724 F.2d 789 (9th Cir. 1984).
    \412\ 50 FR 48018, 48020 (Nov. 20, 1985).
    \413\ Id.
    \414\ Id. Since then, courts have gone both ways on the issue. 
Compare Ferguson v. Park City Mobile Homes, No. 89-CIV-1909, 1989 WL 
111916, at *5 (N.D. Ill. Sept. 18, 1989) (leases are ``credit'' 
under ECOA), with Laramore v. Ritchie Realty Mgmt. Co., 397 F.3d 
544, 547 (7th Cir. 2005) (leases are not ``credit'' under ECOA).
---------------------------------------------------------------------------

    The Bureau understands that many financial institutions (such as 
equipment finance companies) offer both loans and leases to their small 
business customers and some financial institutions comply with 
Regulation B for their leases as well as their loans as a matter of 
course. Lessor stakeholders have told Bureau staff that from their 
perspective, as well as that of their customers, loans and leases are 
indistinguishable. The Bureau understands that this is particularly 
true of ``financial'' or ``capital'' leases, as defined under article 
2A of the UCC,\415\ which closely resemble (and according to some 
stakeholders, in some cases are indistinguishable from) term loans. The 
Bureau understands that financial leases

[[Page 56410]]

are treated like assets on buyers' balance sheets, whereas operating 
leases are treated as expenses that remain off the balance sheet. The 
Bureau understands that the ownership characteristics of a financial 
lease also resemble those of a loan--the financial lease term is the 
substantial economic life of the asset (as evidenced by a one dollar 
purchase option at the end of the lease term and/or lack of residual 
financial obligations at the end of the lease term) and the lessee 
claims both interest and depreciation on their taxes. The Bureau 
understands that for some financial institutions, reporting loans but 
not leases may require added cost and effort to separate them in 
databases. The Bureau also understands that because depository 
institutions currently report both loan and lease activity to other 
regulators in their Call Reports, they may prefer to maintain a 
consistent approach for section 1071.
---------------------------------------------------------------------------

    \415\ The Bureau notes that the UCC separately defines a 
``consumer lease.'' See UCC 2A-103(1)(e). The Bureau's analysis 
regarding leases does not apply to leases primarily for a personal, 
family, or household purpose.
---------------------------------------------------------------------------

    In its SBREFA Outline, the Bureau stated that it was considering 
proposing that leases not be a covered product under section 1071 
unless the product is a credit sale.\416\ The Bureau stated that for 
purposes of section 1071, it was considering proposing a definition of 
``credit sale'' similar to the Regulation Z definition of that term as 
a transaction in which the lessor is a creditor and the lessee (i) 
agrees to pay as compensation for use a sum substantially equivalent 
to, or in excess of, the total value of the property and services 
involved; and (ii) will become (or has the option to become), for no 
additional consideration or for nominal consideration, the owner of the 
property upon compliance with the agreement.\417\
---------------------------------------------------------------------------

    \416\ SBREFA Outline at 21.
    \417\ See Regulation Z Sec.  1026.2(16).
---------------------------------------------------------------------------

    In response to the SBREFA Outline, several stakeholders argued that 
leases should be covered in an eventual 1071 rule, one noting that 
leasing products make up 13 percent of the small business financing 
market share in dollar terms. A few other stakeholders stated that 
leases should not be covered. For example, a trade association stated 
that (1) given the unique structure of the transactions, including 
leases would add unnecessary, additional complexity and reporting 
burdens, and that (2) unlike credit, in a lease, the lessee does not 
have an ownership interest in the leased property and that this 
difference could lead to data integrity issues.
    The Bureau is proposing to not cover leases under the 1071 rule. 
Drawing from the UCC definition of ``lease,'' \418\ which was adopted 
by the New York and California commercial financing disclosure 
laws,\419\ proposed comment 104(b)-2 would provide that the term 
covered credit transaction does not cover leases, and that a lease, for 
purposes of proposed subpart B, is a transfer from one business to 
another of the right to possession and use of goods for a term, and for 
primarily business or commercial (including agricultural) purposes, in 
return for consideration. It would further state that a lease does not 
include a sale, including a sale on approval or a sale or return, or a 
transaction resulting in the retention or creation of a security 
interest.
---------------------------------------------------------------------------

    \418\ UCC 2A-103(1)(j) (`` `Lease' means a transfer of the right 
to possession and use of goods for a term in return for 
consideration, but a sale, including a sale on approval or a sale or 
return, or retention or creation of a security interest is not a 
lease. Unless the context clearly indicates otherwise, the term 
includes a sublease.'').
    \419\ See Cal. S.B. 1235 (Sept. 30, 2018), https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=201720180SB1235; N.Y. S.B. S5470B (July 
23, 2020), https://legislation.nysenate.gov/pdf/bills/2019/S5470B.
---------------------------------------------------------------------------

    The Bureau considered several other approaches to covering leasing, 
including referring to Regulation Z's definition of ``credit sale.'' 
The Bureau understands that financial institutions focused on offering 
leases and loans for business purposes are generally not familiar with 
the Regulation Z definition of ``credit sale,'' given that Regulation Z 
applies only to consumer credit.\420\ The Bureau thus believes that 
referring to the Regulation Z definition of ``credit sale'' could 
create confusion and would not align with current industry practices. 
The Bureau understands that such financial institutions offering leases 
primarily for business or commercial (including agricultural) purposes 
are more accustomed to applying the UCC definitions of ``lease'' \421\ 
and ``finance lease,'' \422\ and/or the generally accepted accounting 
principles (GAAP) rules issued by the Financial Accounting Standards 
Board (FASB) governing ``operating,'' ``capital,'' and ``finance'' 
leases.\423\ The Bureau believes that drawing from the UCC definition 
of lease will lead to more consistency with financial institutions' 
current practices. Nearly all U.S. jurisdictions have adopted Article 
2A of the UCC,\424\ and the Bureau understands that virtually every 
form of lease used by major leasing companies provides that it is 
governed by the laws of one of the jurisdictions that has adopted 
Article 2A.
---------------------------------------------------------------------------

    \420\ See Regulation Z Sec.  1026.2(a)(12) (defining ``consumer 
credit'' as ``credit offered or extended to a consumer primarily for 
personal, family, or household purposes'') and 1026.3(a)(1) 
(excluding extensions of credit ``primarily for a business, 
commercial or agricultural purpose'').
    \421\ Id.
    \422\ UCC 2A-103(1)(g).
    \423\ See Fin. Acct. Standards Bd., Accounting Standards Update: 
Leases (Topic 842), No. 2016-02 (Feb. 2016), https://www.fasb.org/jsp/FASB/Document_C/DocumentPage?cid=1176167901010&acceptedDisclaimer=true.
    \424\ See Ala. Code 7-2A-101 et seq.; Alaska Stat. 45.12.101 et 
seq.; Ariz. Rev. Stat. 47-2A101 et seq.; Ark. Code Ann. 4-2A-101 et 
seq.; Cal. Com. Code 10101 et seq.; Choctaw Tribal Code 26-2A-101 et 
seq.; Colo. Rev. Stat. 4-2.5-101 et seq.; Conn. Gen. Stat. 42a-2A-
101 et seq.; DC Code 28:2A-101 et seq.; Del. Code Ann. tit. 6, 2A-
101 et seq.; Fla. Stat. 680.1011 et seq.; Ga. Code Ann. 11-2A-101 et 
seq.; Haw. Rev. Stat. 490:2A-101 et seq.; Idaho Code 28-12-101 et 
seq.; 810 Ill. Comp. Stat. 5/2A-101 et seq.; Ind. Code 26-1-2.1-101 
et seq.; Iowa Code 554.13101 et seq.; Kan. Stat. Ann. 84-2a-101 et 
seq.; Ky. Rev. Stat. Ann. 355.2A-101 et seq.; Mass. Gen. Laws ch. 
106, 2A-101 et seq.; Md. Code Ann., Com. Law 2A-101 et seq.; Me. 
Stat. tit. 11, 2-1101 et seq.; Mich. Comp. Laws 440.2801 et seq.; 
Minn. Stat. 336.2A-101 et seq.; Miss. Code Ann. 75-2A-101 et seq.; 
Mo. Rev. Stat. 400.2A-101 et seq.; Mont. Code Ann. 30-2A-101 et 
seq.; N.C. Gen. Stat. 25-2A-101 et seq.; N.D. Cent. Code 41-02.1-01 
et seq.; N.H. Rev. Stat. Ann. 382-A:2A-101 et seq.; N.J. Stat. Ann. 
12A:2A-101 et seq.; N.M. Stat. Ann. 55-2A-101 et seq.; N.Y. UCC Law 
2-A-101 et seq.; Neb. Rev. Stat. UCC 2A-101 et seq.; Nev. Rev. Stat. 
104A.2101 et seq.; Ohio Rev. Code Ann. 1310.01 et seq.; Okla. Stat. 
tit. 12A, 2A-101 et seq.; Or. Rev. Stat. 72A.1010 et seq.; Pa. Cons. 
Stat. 2A101 et seq.; R.I. Gen. Laws 6A-2.1-101 et seq.; S.C. Code 
Ann. 36-2A-101 et seq.; S.D. Codified Laws 57A-2A-101 et seq.; Tenn. 
Code Ann. 47-2A-101 et seq.; Tex. Bus. & Com. Code Ann. 2A.101 et 
seq.; Utah Code Ann. 70A-2a-101 et seq.; V.I. Code Ann. tit. 11A, 
2A-101 et seq.; Va. Code Ann. 8.2A-101 et seq.; Vt. Stat. Ann. tit. 
9A, 2A-101 et seq.; W. Va. Code 46-2A-101 et seq.; Wash. Rev. Code 
62A.2A-101 et seq.; Wisc. Stat. 411.101 et seq.; Wyo. Stat. Ann. 
34.1-2.A-101 et seq.
---------------------------------------------------------------------------

    Based on its review of business-purpose leases and its expertise 
with respect to the meaning of ``credit,'' the Bureau believes that the 
better reading of the term ``credit'' is that it does not encompass 
such leases. In the business-purpose context, the Bureau understands 
that in a true lease, the lessor retains title and will receive the 
property back after the conclusion of the lease term, without any 
expectation by either party that, for example, ownership of the 
property will be transferred or that payments made pursuant to the 
lease agreement constitute anything other than payments in exchange for 
the temporary use of the property. As a result, the Bureau does not 
believe that in the business-purpose context a true lease transaction 
involves the right to incur debt and defer its payment, defer payment 
of a debt, or defer payment for goods or services.
    The Bureau is aware that there are other types of leases with 
characteristics that bear some resemblance to forms of credit like 
credit sales, such as a contemplated transfer of ownership at the end 
of the lease term. The Bureau is not proposing at this time to parse 
whether different types of leases might

[[Page 56411]]

constitute ``credit'' but notes that proposed comment 104(b)-2's 
definition of lease would not include a sale, including a sale on 
approval or a sale or return, or a transaction resulting in the 
retention or creation of a security interest. The Bureau seeks comment 
on whether there are types of leases, or leases with certain 
characteristics, that should be excluded from proposed comment 104(b)-2 
and thus treated as reportable under 1071. Based on the practical 
difficulty cited by some stakeholders of distinguishing leases from 
loans, the Bureau also seeks comment on whether financial institutions 
should be permitted to voluntarily report lease transactions.
    Consumer-designated credit. In the SBREFA Outline, the Bureau 
stated that it was considering proposing that the 1071 rule not cover 
products designated by the creditor as consumer purpose products.\425\ 
In response, several SERs asserted that consumer-designated credit is 
often an important source of financing for small businesses 
(particularly for women-owned and minority-owned small businesses, and 
sole proprietorships), and ideally should be included within the scope 
of the eventual 1071 rule. One SER stated that consumer-designated 
credit used for business purposes should be included in an eventual 
1071 rule if trends show increasing usage. However, these SERs 
acknowledged the potential complexity and burden of trying to identify 
the intended use of consumer-designated credit, such as whether a 
consumer's home equity line of credit will be used for a business 
purpose.
---------------------------------------------------------------------------

    \425\ SBREFA Outline at 20-21.
---------------------------------------------------------------------------

    Several SERs supported excluding consumer-designated credit. One 
SER asserted that including consumer credit would not support the 
purposes of section 1071. Another SER stated that including consumer-
designated credit used for business purposes would double their cost of 
complying with an eventual 1071 rule. The SBREFA Panel recommended that 
the Bureau continue to explore the potential costs to financial 
institutions associated with reporting consumer-designated credit used 
for business purposes in the 1071 rule as well as the implications of 
including such credit in a small business lending data set.\426\ The 
Panel also recommended that the Bureau seek comment in the proposed 
rule on how best to define consumer-designated credit in the event the 
Bureau determines that an exclusion for such products is 
appropriate.\427\
---------------------------------------------------------------------------

    \426\ SBREFA Panel Report at 44.
    \427\ Id. at 45.
---------------------------------------------------------------------------

    Many non-SER stakeholders supported the proposed exclusion under 
consideration of consumer-designated credit from section 1071 for one 
or more of the following reasons: First, that financial institutions 
should be able to rely on the applicant's stated purpose for the use of 
funds and institutions would not know, nor should they be expected to 
know, if a borrower instead starts or invests in a business using the 
proceeds of a personal loan. Second, that this approach would greatly 
simplify the regulatory effort necessary to define and identify 
business uses of consumer products. Third, that inclusion of consumer 
credit could vastly expand the scope of the data collected beyond 
usefulness and also greatly increase the costs of compliance.
    One credit union trade association stakeholder stated that the 
Bureau should adopt a clearer definition of consumer-designated credit 
and that it should clarify that it will not challenge a credit union's 
judgment when designating a consumer or business purpose for credit.
    The Bureau is proposing that the 1071 rule not cover products 
designated by the creditor as consumer purpose products (consumer-
designated credit). Proposed comment 104(b)-3 would make clear that the 
term covered credit transaction does not include consumer-designated 
credit used for business purposes, because such transactions are not 
business credit. Proposed comment 104(b)-3 would provide that a 
transaction qualifies as consumer-designated credit if the financial 
institution offers or extends the credit primarily for personal, 
family, or household purposes. For example, an open-end credit account 
used for both personal and business purposes is not business credit for 
the purpose of proposed subpart B unless the financial institution 
designated or intended for the primary purpose of the account to be 
business-related.
    The Bureau understands that some small business owners may use 
consumer-designated credit in order to finance their small businesses--
such as taking out a home equity line of credit or charging business 
expenses on their personal credit cards. Nonetheless, the Bureau 
believes it is appropriate to interpret section 1071 as not applying to 
this type of credit. Most notably, ECOA section 704B(b) directs 
financial institutions to collect data in the case of an application 
``for credit for women-owned, minority-owned, or small business'' 
(emphasis added). The statute thus applies only to applications for 
credit for a business; at the time of an application for consumer-
designated credit, however, the application is not for a business. 
Several policy reasons also support this approach. First, the Bureau is 
concerned about financial institutions' ability to consistently 
identify when consumer-designated credit is being used for business 
purposes. Inconsistent reporting across financial institutions could 
lead to data quality concerns. Credit sought by consumers for both 
personal and business purposes could be particularly difficult to 
separate into reportable and non-reportable portions. The Bureau 
believes the proposal to define business credit to exclude consumer-
designated credit will simplify compliance by obviating the need for 
financial institutions to identify and distinguish business uses of 
consumer-purpose credit products. Second, not including consumer-
designated credit used for business purposes within the scope of this 
rulemaking would make it clear that the applications reported will all 
be seeking credit to use for business purposes, which supports 1071's 
directive to collect and report data in the case of an application for 
credit for a business. Third, not covering consumer-designated credit 
used for business purposes would provide certainty to financial 
institutions that offer only consumer-designated credit that they would 
not be subject to this proposal's data collection and reporting 
requirements.
    As recommended by the SBREFA Panel, the Bureau seeks comment on 
this proposed interpretation, including how the Bureau has defined the 
scope of consumer-designated credit. The Bureau also seeks comment on 
whether it should permit financial institutions to voluntarily report 
consumer-designated credit when they have reason to believe the credit 
might be used for business purposes.
    Credit secured by certain investment properties. In the SBREFA 
Outline, the Bureau did not expressly discuss treatment of real estate-
secured loans used for investment purposes. Based on questions from 
SERs about the Bureau's intended approach, however, the SBREFA Panel 
recommended that the Bureau address in the proposed rule whether it 
intends to cover real estate-secured investment loans in the 1071 
rule.\428\ One SER had asked that the Bureau clarify whether loans 
covering 1-4 family properties used for investment purposes are 
business loans under section 1071, and several SERs recommended that 
the Bureau cover real estate investment loans (for both non-owner 
occupied residential property

[[Page 56412]]

and commercial property) under section 1071. Several other SERs sought 
to distinguish certain types of real estate investment loans; one SER 
remarked, for example, that owning a single non-owner occupied 
residential property as an investment may be more of a ``hobby'' but 
owning multiple properties could be considered a business.
---------------------------------------------------------------------------

    \428\ Id. at 44-45.
---------------------------------------------------------------------------

    A number of other stakeholders suggested that the Bureau should 
exclude at least some real estate investment loans under section 1071. 
A few stakeholders stated that the Bureau should consider an exemption 
for loans that are reported under another regulatory framework, such as 
HMDA and/or CRA because the effort of collecting and reporting 
information regarding such real estate loans would not be worth the 
added burden given the availability of alternative data sources. A few 
stakeholders argued that Congress did not intend to include real estate 
investment loans within the scope of section 1071. One such stakeholder 
stated that this intention is evident because many of the proposed loan 
purpose categories reflect a desire to collect data regarding credit 
offered to businesses which offer a product or service. One stakeholder 
seeking exclusion of certain real estate loans explained that most 
commercial real estate loans are made to borrowers as investments and 
not for operating their business. A few stakeholders suggested that the 
Bureau should only treat as reportable loans secured by owner-occupied 
commercial real estate where the primary source of repayment is the 
cash flow from the ongoing business operations. One stakeholder noted 
that because commercial real estate loans made to investors are 
typically made to business entities with complex ownership structures, 
their inclusion under 1071 would create additional hurdles for lenders 
seeking to determine the principal owners.
    Based on this feedback as well as its general knowledge regarding 
both consumer and commercial real estate lending, the Bureau 
understands that many financial institutions use their consumer 
mortgage lending channels to process credit applications secured by 1-4 
family residential property and used for investment purposes, while 
applications for credit secured by 5+ unit multifamily properties or 
rental portfolio loans secured by more than four 1-4 unit residential 
properties are generally processed through commercial mortgage lending 
channels. The Bureau also understands that loans made through consumer 
mortgage lending channels are often made pursuant to the guidelines of 
Fannie Mae, Freddie Mac, the Federal Housing Administration (FHA), and 
the Department of Veterans Affairs (VA), and are likely already 
reported under HMDA.
    In light of the feedback received and the Panel's recommendation, 
the Bureau is proposing that the 1071 rule not cover credit secured by 
certain investment properties, because such credit may not always be 
primarily for business or commercial purposes. Specifically, proposed 
comment 104(b)-4 would explain that a covered credit transaction does 
not include an extension of credit that is secured by 1-4 individual 
dwelling units that the applicant or one or more of the applicant's 
principal owners does not, or will not, occupy. The Bureau is not 
proposing to exclude credit secured by owner-occupied dwellings; for 
example, those secured by a dwelling occupied by a business's sole 
proprietor/principal owner. The Bureau is thus proposing to exclude 
real estate investment loans only in certain limited circumstances 
(such as when credit is secured by non-owner occupied 1-4 dwelling 
units and not 5+ dwelling units). As discussed above in the section-by-
section analysis of proposed Sec.  1002.102(j), the Bureau is proposing 
to define ``dwelling'' to have the same meaning as Regulation C Sec.  
1003.2(f). Similarly, proposed comment 104(b)-4, which would address 
what does and does not constitute an investment property, is modeled on 
Regulation C's comment 4(a)(6)-4.
    The Bureau is proposing a definition of ``covered credit 
transaction'' that does not cover certain real estate investment loans 
in the scope of a ``covered credit transaction'' pursuant to its 
authority under ECOA section 704B(g)(1) to prescribe such rules and 
issue such guidance as may be necessary to carry out, enforce, and 
compile data under section 1071. The Bureau believes that its exclusion 
of credit secured by certain investment properties will better capture 
lending to true small businesses (as opposed to consumers seeking to 
diversify their investments) and will also better align with financial 
institution lending practices. The Bureau understands that it may not 
always be easy for financial institutions to distinguish between 
business-purpose real estate investment loans and consumer-purpose real 
estate investment loans; however, covering all such loans would likely 
include some percentage of consumer-purpose loans in the 1071 rule, 
which could be contrary to section 1071's business and community 
development purpose.
    The Bureau seeks comment on its proposed approach for credit 
secured by certain investment properties, including whether it is 
appropriate to consider credit not to be business credit when it is 
secured by 1-4 individual dwelling units that the applicant or one or 
more of the applicant's principal owners does not, or will not, occupy; 
and, if not, whether a different number of dwelling units in the 
property securing the credit would be an appropriate way to make a 
distinction between business and consumer-designated credit. The Bureau 
also solicits comment on whether to permit financial institutions to 
voluntarily report real estate investment loan transactions that are 
secured by non-owner occupied 1-4 dwelling units.
    Government credit. The existing definition of business credit in 
Sec.  1002.2(g) excludes public utilities credit, securities credit, 
incidental credit, and government credit (that is, extensions of credit 
made to governments or governmental subdivisions, agencies, or 
instrumentalities--not extensions of credit made by governments), as 
defined in existing Sec.  1002.3(a) through (d), from certain aspects 
of existing Regulation B.\429\ For the purpose of proposed subpart B, 
the Bureau is proposing complete exclusions for public utilities 
credit, securities credit, and incidental credit from the definition of 
a covered credit transaction in proposed Sec.  1002.104(b), as 
discussed below.
---------------------------------------------------------------------------

    \429\ As explained in existing comment 3-1, under Sec.  1002.3, 
procedural requirements of Regulation B do not apply to certain 
types of credit. The comment further states that all classes of 
transactions remain subject to Sec.  1002.4(a) (the general rule 
barring discrimination on a prohibited basis) and to any other 
provision not specifically excepted.
---------------------------------------------------------------------------

    However, the Bureau is not proposing to exclude government credit, 
as defined in existing Sec.  1002.3(d)(1) to mean ``extensions of 
credit made to governments or governmental subdivisions, agencies, or 
instrumentalities.'' The Bureau believes that an express exclusion for 
extensions of credit made to governments or governmental subdivisions, 
agencies, or instrumentalities is not necessary because such 
governmental entities would not constitute small businesses under the 
proposed rule.\430\ The Bureau seeks comment on its approach to 
government credit.
---------------------------------------------------------------------------

    \430\ Government entities are not ``organized for profit'' and 
are thus not a ``business concern'' under proposed Sec.  
1002.106(a).
---------------------------------------------------------------------------

    Certain purchases of covered credit transactions. In the SBREFA 
Outline, the Bureau did not expressly discuss treatment of loan 
purchases, but the Bureau sought feedback on any products that should 
or should not be covered by

[[Page 56413]]

the Bureau's eventual 1071 rule.\431\ Several SERs voiced support for 
generally aligning small business lending reporting requirements for 
financial institutions with the approach taken for HMDA reporting in 
the Bureau's Regulation C. One SER stressed that imposing section 1071 
requirements for loan buyers, who play an important role in assisting 
CDFIs but do not make credit decisions, might risk their continued 
participation. Feedback from other stakeholders was limited, although a 
few stakeholders suggested that the Bureau should generally exclude 
purchased loans. The Panel did not provide a specific recommendation on 
this topic.
---------------------------------------------------------------------------

    \431\ SBREFA Outline at 19-20.
---------------------------------------------------------------------------

    The Bureau believes that this feedback may be based in part on the 
requirements that apply to HMDA, where Regulation C requires financial 
institutions to report purchases of covered loans under HMDA.\432\ This 
requirement is based on statutory language that contemplates data 
collection for loan purchases.\433\ As discussed in the section-by-
section analysis of proposed Sec.  1002.103, ECOA section 704B(b) 
requires that financial institutions collect, maintain, and report to 
the Bureau certain information regarding ``any application to a 
financial institution for credit.'' For covered financial institutions, 
the definition of ``application'' will trigger data collection and 
reporting obligations with respect to covered credit transactions. 
Under proposed subpart B, purchasing a loan does not, in itself, 
generate an obligation for a covered financial institution to report 
small business lending data. Rather, a reporting obligation may arise 
on the basis of making a final credit decision on an application. (See 
the section-by-section analysis of proposed Sec.  1002.109(a)(3) for 
additional information.) The Bureau also notes the corollary point that 
selling a covered loan would not, in itself, obviate an existing 
obligation of a covered financial institution to report small business 
lending data for that application, pursuant to proposed comment 107(a)-
1.i.
---------------------------------------------------------------------------

    \432\ See Regulation C Sec.  1003.4(a) (stating that a financial 
institution ``shall collect data regarding . . . covered loans that 
it purchases for each calendar year'').
    \433\ See 12 U.S.C. 2803(a)(1) (stating that institutions 
``shall compile and make available . . . the number and total dollar 
amount of mortgage loans which were (A) originated (or for which the 
institution received completed applications), or (B) purchased by 
that institution'').
---------------------------------------------------------------------------

    Because under this proposal purchasing a loan does not, in itself, 
generate an obligation for a covered financial institution to report 
small business lending data regarding the underlying application, the 
Bureau is not proposing a specific exclusion for these purchases.
    The Bureau seeks comment on its proposal not to expressly exclude 
the purchase of covered credit transactions in the proposed rule's 
regulatory text or commentary.
    Certain purchases of covered credit transactions--pooled loans. In 
the SBREFA Outline, the Bureau did not expressly discuss treatment of 
pooled loan purchases, but the Bureau sought feedback on any products 
that should or should not be covered by the Bureau's eventual 1071 
rule.\434\ A CDFI SER that occasionally participates in pooled loan 
purchases recommended that the Bureau ensure that reporting obligations 
for such pooled loans are clear.
---------------------------------------------------------------------------

    \434\ SBREFA Outline at 19-20.
---------------------------------------------------------------------------

    The Panel did not provide a specific recommendation on this topic. 
The Bureau believes that this feedback may be based in part on the 
requirements that apply to HMDA, where Regulation C requires financial 
institutions to report purchases of covered loans under HMDA.\435\ This 
requirement is based on statutory language that contemplates data 
collection for loan purchases.\436\ However, Regulation C exempts from 
these general reporting requirements ``[t]he purchase of an interest in 
a pool of closed-end mortgage loans or open-end lines of credit'' \437\ 
As discussed in the section-by-section analysis of proposed Sec.  
1002.103 above, ECOA section 704B(b) requires that financial 
institutions collect, maintain, and report to the Bureau certain 
information regarding ``any application to a financial institution for 
credit.'' For covered financial institutions, the definition of 
``application'' (or, as used in this proposed rule, ``covered 
application'') will trigger data collection and reporting obligations 
with respect to covered credit transactions. Under this proposed 
subpart, the purchase of an interest in a pool of loans does not, in 
itself, generate an obligation for a covered financial institution to 
report small business lending data. There is thus no need to propose a 
similar exclusion in this proposed subpart.
---------------------------------------------------------------------------

    \435\ See Regulation C Sec.  1003.4(a) (stating that a financial 
institution ``shall collect data regarding . . . covered loans that 
it purchases for each calendar year'').
    \436\ See 12 U.S.C. 2803(a)(1) (stating that depository 
institutions ``shall compile and make available . . . the number and 
total dollar amount of mortgage loans which were (A) originated (or 
for which the institution received completed applications), or (B) 
purchased by that institution'').
    \437\ 12 CFR 1003.3(c)(4).
---------------------------------------------------------------------------

    The Bureau believes that requiring covered financial institutions 
to collect and maintain data related to the purchase of an interest in 
a pool of covered credit transactions would do little to further the 
purposes of section 1071. The Bureau generally believes that a pooled 
loan purchase would arise after a final credit decision on the relevant 
loans has already been made (e.g., after the loans were originated) and 
therefore the Bureau believes that the purchaser of an interest in a 
pool of loans would understand that there would be no section 1071 
obligation. Section 1071 would already capture the lending information 
of the loans in this pool, as the application for each origination in 
the pool would already be reported (assuming it was originated by a 
covered financial institution and otherwise satisfies the requirements 
of proposed subpart B). For clarity, however, the Bureau is stating 
here that no reporting obligations arise from purchasing an interest in 
a pool of covered credit transactions, including credit-backed 
securities or real estate investment conduits. The Bureau believes that 
this clarification, similar to Regulation C comment 3(c)(4)-1, will 
assist covered financial institutions in understanding the scope of 
their obligations.
    The Bureau seeks comment on its proposal not to expressly exclude 
the purchase of an interest in a pool of covered credit transactions in 
the proposed rule's regulatory text or commentary.
    Certain purchases of covered credit transactions--partial interests 
in a covered credit transaction. In the SBREFA Outline, the Bureau did 
not specifically solicit feedback on a financial institution's 
obligation to report the purchase of a partial interest in a covered 
credit transaction (such as through participation loans, where multiple 
financial institutions fund a single origination); however, the Bureau 
did receive some feedback on this issue. One SER noted that there was 
some uncertainty with respect to how the Bureau intended to treat loan 
participations. This SER urged the Bureau not to discourage smaller 
credit unions in rural markets, who the SER stated may be likely to 
take part in loan participations, from helping their communities. The 
Panel did not provide a specific recommendation on this topic. Several 
other stakeholders also requested that the Bureau exempt participation 
loans.
    The Bureau believes that this feedback may be based in part on the 
requirements that apply to HMDA, where Regulation C requires financial 
institutions to report purchases of

[[Page 56414]]

covered loans under HMDA.\438\ This requirement is based on statutory 
language that contemplates data collection for loan purchases.\439\ 
However, Regulation C exempts from these general reporting requirements 
``[t]he purchase of a partial interest in a closed-end mortgage loan or 
open-end line of credit'' \440\ As discussed in the section-by-section 
analysis of proposed Sec.  1002.103 above, ECOA section 704B(b) 
requires that financial institutions collect, maintain, and report to 
the Bureau certain information regarding ``any application to a 
financial institution for credit.'' For covered financial institutions, 
the definition of ``application'' (or, as used in this proposed rule, 
``covered application'') will trigger data collection and reporting 
obligations with respect to covered credit transactions. Under this 
subpart, a partial purchase of a loan does not, in itself, generate an 
obligation for a covered financial institution to report small business 
lending data. There is thus no need to propose a similar exclusion in 
this subpart.
---------------------------------------------------------------------------

    \438\ See Regulation B Sec.  1003.4(a) (stating that a financial 
institution ``shall collect data regarding . . . covered loans that 
it purchases for each calendar year'').
    \439\ See 12 U.S.C. 2803(a)(1) (stating that depository 
institutions ``shall compile and make available . . . the number and 
total dollar amount of mortgage loans which were (A) originated (or 
for which the institution received completed applications), or (B) 
purchased by that institution'').
    \440\ 12 CFR 1003.3(c)(8).
---------------------------------------------------------------------------

    The Bureau believes that this approach, combined with proposed 
Sec.  1002.109(a)(3), provides sufficient clarity for financial 
institutions that choose to take part in loan participations. For 
example, Financial Institution A receives an application for a covered 
credit transaction and approves the loan, and then Financial 
Institution A elects to organize a loan participation agreement where 
Financial Institutions B and C agree to purchase a partial interest. 
This is a covered credit transaction for Financial Institution A, but 
it is not a covered credit transaction for Financial Institutions B and 
C. The Bureau believes that this approach differs from how loan 
participations are reported by banks and savings associations under the 
CRA. That is, under the CRA, if the loan originated by Financial 
Institution A met the definition of a small business loan, then if any 
(or all) of the financial institutions were CRA loan reporters the 
loans may be reported under the CRA.\441\
---------------------------------------------------------------------------

    \441\ See, e.g., 12 CFR 228.21(f) (stating that when assessing 
the record of a nonminority-owned and nonwomen-owned bank, the Board 
considers loan participation as a factor).
---------------------------------------------------------------------------

    The Bureau believes that the purposes of section 1071 counsel 
towards the broad collection of small business lending by financial 
institutions. The Bureau is further unaware of any reason why data with 
respect to such lending should not be collected because more than one 
financial institution holds an interest in a covered product. 
Conversely, the Bureau does not believe that requiring reporting by 
each financial institution with a partial interest in a covered credit 
transaction would further section 1071's purposes, and is concerned 
that having a single loan reported by multiple financial institutions 
could compromise the quality of the section 1071 dataset. Read in 
conjunction with proposed Sec.  1002.109(a)(3), however, the Bureau 
believes that the covered credit transactions at issue here will 
nonetheless generally be reported by one covered financial institution, 
the financial institution that sold portions of the loan to other 
participants.
    The Bureau seeks comment on its proposal not to expressly exclude 
the purchase of a partial interest in a covered credit transaction in 
the proposed rule's regulatory text or commentary. In particular, the 
Bureau solicits comment on how this proposed exclusion may differ from 
reporting obligations under the CRA, and if the Bureau adopted another 
approach, how overlapping reporters or data might be flagged to avoid 
double-counting certain information.
    Trade credit. Under existing Regulation B, trade credit refers to a 
``financing arrangement that involves a buyer and a seller--such as a 
supplier who finances the sale of equipment, supplies, or inventory; it 
does not apply to an extension of credit by a bank or other financial 
institution for the financing of such items.'' \442\ Thus, trade credit 
typically involves a transaction in which a seller allows a business to 
purchase its own goods without requiring immediate payment, and the 
seller is not otherwise in the financial services business. Businesses 
offering trade credit generally do so as a means to facilitate the sale 
of their own goods and not as a stand-alone financing product.
---------------------------------------------------------------------------

    \442\ Comment 9(a)(3)-2.
---------------------------------------------------------------------------

    Most of the notification requirements of existing Regulation B do 
not apply to trade credit transactions.\443\ In a typical trade credit 
transaction, the seller is not otherwise in the financial services 
business.\444\ The Bureau's White Paper estimated that trade credit 
represents approximately 21 percent of the aggregate dollar volume of 
various financial products used by small businesses.\445\ The Bureau 
understands that there are tens of thousands of merchants and 
wholesalers that extend credit to small businesses solely in connection 
with sale of goods and services by these trade creditors.
---------------------------------------------------------------------------

    \443\ See Sec.  1002.9(a)(3)(ii).
    \444\ See comment 9(a)(3)-2.
    \445\ White Paper at 21 fig. 2.
---------------------------------------------------------------------------

    In its SBREFA Outline, the Bureau stated that it was considering 
proposing that trade credit not be a covered product under section 
1071.\446\ The Bureau stated that trade credit can be offered by 
entities that are themselves very small businesses and that the Bureau 
was concerned that these entities, in particular, may incur large costs 
relative to their size to collect and report 1071 data in an accurate 
and consistent manner.\447\
---------------------------------------------------------------------------

    \446\ SBREFA Outline at 21.
    \447\ See id.
---------------------------------------------------------------------------

    The Bureau only received a few comments regarding its proposal 
under consideration to exclude trade credit. A few stakeholders 
suggested that trade credit should be covered. One commenter noted that 
trade credit is used for a significant number of agricultural finance 
transactions (equipment financing and input financing for row crop 
farmers) and suggested that the Bureau should monitor this sector of 
the agricultural finance industry. A trade association stated that the 
exclusion of trade credit should apply not only to the seller of 
inventory and businesses facilitating the sale of inventory, but also 
its affiliates and facilitators because these entities generally 
provide financing only for the seller's products and not for competing 
or unrelated products. The trade association cautioned that the 
collection and publication of data, if applied to such an affiliate, 
could significantly impact the seller's ability to maintain trade 
secrets, as these data would provide competitors a comprehensive 
insight into the seller's distribution and wholesale strategies, and it 
would also create a substantial risk to the applicants themselves due 
to privacy concerns.
    The Bureau is proposing to not cover trade credit in its 1071 rule. 
Proposed Sec.  1002.104(b)(1) would define trade credit as a financing 
arrangement wherein a business acquires goods or services from another 
business without making immediate payment to the business providing the 
goods or services. Proposed comment 104(b)(1)-1 would provide that an 
example of trade credit is one that involves a supplier that finances 
the sale of equipment,

[[Page 56415]]

supplies, or inventory. Proposed comment 104(b)(1)-1 would provide that 
an extension of business credit by a financial institution other than 
the supplier for the financing of such items is not trade credit. 
Proposed comment 104(b)(1)-2 would clarify that the definition of trade 
credit under existing comment 9(a)(3)-2 applies to relevant provisions 
under existing Regulation B, and that proposed Sec.  1002.104(b)(1) is 
not intended to repeal, abrogate, annul, impair, or interfere with any 
existing interpretations, orders, agreements, ordinances, rules, or 
regulations adopted or issued pursuant to existing comment 9(a)(3)-2.
    The Bureau is proposing a definition of ``covered credit 
transaction'' that excludes trade credit pursuant to its authority 
under ECOA section 704B(g)(1) to prescribe such rules and issue such 
guidance as may be necessary to carry out, enforce, and compile data 
under section 1071. While trade credit constitutes ``credit'' within 
the meaning of proposed Sec.  1002.102(k), the Bureau believes that 
trade credit is categorically different from products like loans, lines 
of credit, credit cards, and MCAs and that there are several reasons to 
exclude it from coverage. Trade credit is not a general-use business 
lending product--that is, trade creditors generally extend credit as a 
means to facilitate the sale of their own goods, rather than offering 
it as a stand-alone financial product. The Bureau believes that while 
trade creditors might meet the definition in section 1071 of a 
financial institution, they are not financial services providers that 
manage compliance with regulatory requirements associated with making 
extensions of credit. The Bureau understands that trade credit can be 
offered by entities that are themselves very small businesses; the 
Bureau continues to be concerned that these entities, in particular, 
may incur large costs relative to their size to collect and report 1071 
data in an accurate and consistent manner.\448\ Taken together, the 
Bureau is concerned that requiring trade credit to be reported under 
proposed subpart B may lead to significant data quality issues. The 
Bureau is also concerned that the fixed costs of coming into compliance 
with its 1071 rule could lead these businesses to reduce or cease 
offering trade credit to their small business customers, which would 
run contrary to the community development purpose of section 1071.
---------------------------------------------------------------------------

    \448\ See Leora Klapper et al., The Review of Financial Studies, 
Trade Credit Contracts, at 838-67 (vol. 25, issue 3, 2012), https://academic.oup.com/rfs/article/25/3/838/1616515, and Justin Murfin & 
Ken Njoroge, The Review of Financial Studies, The Implicit Costs of 
Trade Credit Borrowing by Large Firms, at 112-45 (vol. 28, issue 1, 
2015), https://academic.oup.com/rfs/article/28/1/112/1681329.
---------------------------------------------------------------------------

    The Bureau notes that its proposed definition of trade credit in 
Sec.  1002.104(b)(1) is focused on the business providing the goods or 
services being financed. It thus does not extend to affiliates and 
facilitators of trade creditors that provide financing, even if only 
for the trade creditor's products and not for competing or unrelated 
products. Provided that they otherwise meet the definition of a covered 
financial institution in proposed Sec.  1002.105(b), such affiliates 
and facilitators must collect and report data under the 1071 rule. The 
Bureau believes that, unlike trade creditors themselves, such 
affiliates and facilitators offer stand-alone credit products in the 
same way as other financial institutions. As such, the Bureau does not 
have the same concerns about data quality or market exit by affiliates 
and facilitators that it does about trade creditors themselves.
    The Bureau seeks comment on its proposal to exclude trade credit 
from the 1071 rule and on its proposed definition of trade credit.
    Public utilities credit. As noted above, the existing definition of 
business credit in Sec.  1002.2(g) excludes public utilities credit, 
securities credit, incidental credit, and government credit, as defined 
in existing Sec.  1002.3(a) through (d), from certain procedural 
requirements of existing Regulation B. For the purpose of proposed 
subpart B, the Bureau is proposing complete exclusions for public 
utilities credit from the definition of a covered credit transaction in 
proposed Sec.  1002.104(b).
    In the SBREFA Outline, the Bureau did not expressly discuss 
treatment of public utilities credit transactions. However, the Bureau 
sought feedback on any products that should or should not be covered by 
the Bureau's eventual 1071 rule, and did not receive any feedback 
specific to public utilities credit.
    Proposed Sec.  1002.104(b)(2) would exclude public utilities 
credit, as defined in existing Sec.  1002.3(a)(1). Existing Sec.  
1002.3(a)(1) states that the term public utilities credit refers to 
extensions of credit that involve public utility services provided 
through pipe, wire, or other connected facilities, or radio or similar 
transmission (including extensions of such facilities), if the charges 
for service, delayed payment, and any discount for prompt payment are 
filed with or regulated by a government unit. Several existing 
Regulation B requirements do not apply to public utilities credit 
transactions.\449\ Existing comment 3(a)-1 explains that the definition 
applies only to credit for the purchase of a utility service, such as 
electricity, gas, or telephone service. Credit provided or offered by a 
public utility for some other purpose--such as for financing the 
purchase of a gas dryer, telephone equipment, or other durable goods, 
or for insultation or other home improvements--would not be excepted 
under proposed Sec.  1002.104(b)(2) but may be excepted if it 
constitutes trade credit under proposed Sec.  1002.104(b)(1), or in the 
case of financing for certain home improvements, for example, if it 
does not constitute an extension of business credit under proposed 
Sec.  1002.104(a). Existing comment 3(a)-2 states in part that a 
utility company is a creditor when it supplies utility service and 
bills the user after the service has been provided.
---------------------------------------------------------------------------

    \449\ See Sec.  1002.3(a).
---------------------------------------------------------------------------

    The Bureau is proposing a definition of ``covered credit 
transaction'' that excludes public utilities credit pursuant to its 
authority under ECOA section 704B(g)(1) to prescribe such rules and 
issue such guidance as may be necessary to carry out, enforce, and 
compile data under section 1071. The Bureau believes that excluding 
public utilities credit from the 1071 rule is reasonable for the same 
reasons as the Board enumerated when it adopted exemptions from certain 
procedural requirements under subpart A. Specifically, the Bureau is 
concerned that covering public utilities credit under 1071 could 
require ``substantial changes in the forms and procedures of public 
utilities companies. Costs associated with such changes would, in all 
likelihood, be passed along to [small business owners].'' \450\ The 
Bureau notes that many of the policies and procedures of public 
utilities companies are separately regulated at the State and Municipal 
levels by public service commissions, and at the Federal level by the 
Federal Energy Regulatory Commission. The Bureau also believes that 
public utilities credit is akin to trade credit and thus is proposing 
to exclude it from coverage under subpart B for the same reasons.
---------------------------------------------------------------------------

    \450\ 40 FR 49298, 49305 (Oct. 22, 1975).
---------------------------------------------------------------------------

    The Bureau seeks comment on its proposal to exclude public 
utilities credit.
    Securities credit. As noted above, the existing definition of 
business credit in Sec.  1002.2(g) excludes public utilities credit, 
securities credit, incidental credit, and government credit, as defined 
in existing Sec.  1002.3(a) through

[[Page 56416]]

(d), from certain procedural requirements of existing Regulation B. For 
the purpose of proposed subpart B, the Bureau is proposing complete 
exclusions for securities credit from the definition of a covered 
credit transaction in proposed Sec.  1002.104(b).
    In the SBREFA Outline, the Bureau did not expressly discuss 
treatment of securities credit transactions, but the Bureau sought 
feedback on any products that should or should not be covered by the 
Bureau's eventual 1071 rule. The Bureau did not receive any feedback 
specific to securities credit.
    Proposed Sec.  1002.104(b)(3) would exclude securities credit, as 
defined in existing Sec.  1002.3(b)(1). Existing Sec.  1002.3(b)(1) 
states that the term securities credit refers to extensions of credit 
subject to regulation under section 7 of the Securities Exchange Act of 
1934 or extensions of credit by a broker or dealer subject to 
regulation as a broker or dealer under the Securities Exchange Act of 
1934. Several existing Regulation B requirements do not apply to 
securities credit transactions.\451\
---------------------------------------------------------------------------

    \451\ See Sec.  1002.3(b).
---------------------------------------------------------------------------

    The Bureau is proposing a definition of ``covered credit 
transaction'' that excludes securities credit pursuant to its authority 
under ECOA section 704B(g)(1) to prescribe such rules and issue such 
guidance as may be necessary to carry out, enforce, and compile data 
under section 1071. The Bureau is proposing to exclude securities 
credit to foster consistency with existing Regulation B.
    The Bureau seeks comment on its proposal to exclude securities 
credit.
    Incidental credit. As noted above, the existing definition of 
business credit in Sec.  1002.2(g) excludes public utilities credit, 
securities credit, incidental credit, and government credit, as defined 
in existing Sec.  1002.3(a) through (d), from certain procedural 
requirements of existing Regulation B. For the purpose of proposed 
subpart B, the Bureau is proposing complete exclusions for incidental 
credit from the definition of a covered credit transaction in proposed 
Sec.  1002.104(b).
    In the SBREFA Outline, the Bureau did not expressly discuss 
treatment of incidental credit transactions, but the Bureau sought 
feedback on any products that should or should not be covered by the 
Bureau's eventual 1071 rule. The Bureau did not receive any feedback 
specific to incidental credit.
    Proposed Sec.  1002.104(b)(4) would exclude incidental credit, as 
defined in existing Sec.  1002.3(c)(1), but without regard to whether 
the credit is consumer credit, as defined in existing Sec.  1002.2(h). 
Existing Sec.  1002.3(c)(1) states that incidental credit refers to 
extensions of consumer credit other than the types described in Sec.  
1002(a) and (b): (i) That are not made pursuant to the terms of a 
credit card account; (ii) that are not subject to a finance charge (as 
defined in Regulation Z Sec.  1026.4); and (iii) that are not payable 
by agreement in more than four installments. A number of existing 
Regulation B requirements do not apply to ``incidental credit'' 
(referring to extensions of consumer credit).\452\ Existing comment 
3(c)-1 explains that if a service provider (such as a hospital, doctor, 
lawyer, or merchant) allows the client or customer to defer the payment 
of a bill, this deferral of debt is credit for purposes of the 
regulation, even though there is no finance charge and no agreement for 
payment in installments. Because of the exceptions provided by existing 
Sec.  1002.3, however, these particular credit extensions are excepted 
from compliance with certain procedural requirements as specified in 
Sec.  1002.3(c).
---------------------------------------------------------------------------

    \452\ See Sec.  1002.3(c).
---------------------------------------------------------------------------

    The Bureau is proposing a definition of ``covered credit 
transaction'' that excludes incidental credit pursuant to its authority 
under ECOA section 704B(g)(1) to prescribe such rules and issue such 
guidance as may be necessary to carry out, enforce, and compile data 
under section 1071. The Bureau believes that the Board's reasoning with 
respect to incidental credit's limited exception under existing 
Regulation B is equally applicable and relevant here. The Board sought 
to minimize burdens on businesses that ``permit their customers to 
defer payment of debt as a convenience and are not in the business of 
extending credit.'' \453\ The Board cited the example of doctors and 
dentists that permit their patients to defer payment of fees and who 
are extending credit as incidental to their principal activity of 
health care.\454\ The Board also noted that ``[s]mall neighborhood 
businesses such as drugstores and grocery stores frequently permit 
their customers to postpone payment on an informal basis not associated 
with a formal credit plan.'' \455\ The Bureau believes that incidental 
credit, as described above, is akin to trade credit and thus is 
proposing to exclude it from coverage under subpart B for the same 
reasons.
---------------------------------------------------------------------------

    \453\ 40 FR 49298, 49304 (Oct. 22, 1975).
    \454\ Id.
    \455\ Id.
---------------------------------------------------------------------------

    The Bureau seeks comment on its proposal to exclude incidental 
credit.
Section 1002.105 Covered Financial Institutions and Exempt Institutions
    ECOA section 704B(h)(1) defines the term ``financial institution'' 
as ``any partnership, company, corporation, association (incorporated 
or unincorporated), trust, estate, cooperative organization, or other 
entity that engages in any financial activity.'' The Bureau is 
proposing to define a financial institution in Sec.  1002.105(a) 
consistent with that statutory language. The Bureau is proposing to 
define a covered financial institution in Sec.  1002.105(b) as a 
financial institution that originated at least 25 covered credit 
transactions from small businesses in each of the two preceding 
calendar years. Only those financial institutions that meet this loan-
volume threshold in the definition of a covered financial institution 
would be required to collect and report small business lending data 
pursuant to proposed subpart B.
    The Bureau's proposed definitions reflect the broad nature of the 
data collection specified in section 1071, while recognizing the risks 
that financial institutions with the lowest volume of small business 
lending might reduce or cease their small business lending activity 
because of the fixed costs of coming into compliance with this rule.
    The Bureau is proposing Sec.  1002.105 to implement ECOA section 
704B(h)(1) and pursuant to its authority under 704B(g)(1) to prescribe 
such rules and issue such guidance as may be necessary to carry out, 
enforce, and compile data pursuant to section 1071. The Bureau is also 
proposing Sec.  1002.105(b) pursuant to its authority under 704B(g)(2) 
to conditionally or unconditionally exempt any financial institution or 
class of financial institutions from the statute's requirements, as the 
Bureau deems necessary or appropriate to carry out the purposes of 
section 1071. The Bureau is proposing these provisions and proposing to 
use its exemption authority under 704B(g)(2) for the reasons set forth 
below.
105(a) Financial Institution
Background
    ECOA section 704B(h)(1) defines the term ``financial institution'' 
as ``any partnership, company, corporation, association (incorporated 
or unincorporated), trust, estate, cooperative organization, or other 
entity that engages in any financial activity.''

[[Page 56417]]

SBREFA Proposals Under Consideration and Feedback Received
    At SBREFA, the Bureau stated it was considering proposing a general 
definition of ``financial institution'' consistent with the section 
1071 definition.\456\ The Bureau noted that Regulation B, which 
implements ECOA, has not otherwise defined this term.
---------------------------------------------------------------------------

    \456\ SBREFA Outline at 10.
---------------------------------------------------------------------------

    SERs generally did not express concern regarding the general 
definition of a ``financial institution'' under consideration, although 
one SER expressed concern at the broad reach of what might be 
considered a financial activity.\457\ The SBREFA Panel did not provide 
any recommendations on the definition of a financial institution. 
Feedback on the definition of ``financial institution'' from other 
stakeholders was likewise nearly universally positive, with most 
opining that a definition that encompasses all small business lenders 
would be appropriate.
---------------------------------------------------------------------------

    \457\ The SER feedback discussed in this section-by-section 
analysis can be found in the SBREFA Panel Report at 18-20.
---------------------------------------------------------------------------

Proposed Rule
    Proposed Sec.  1002.105(a) would define a financial institution as 
any partnership, company, corporation, association (incorporated or 
unincorporated), trust, estate, cooperative organization, or other 
entity that engages in any financial activity. This proposed definition 
restates the statute and is the same definition that the Bureau stated 
it was considering proposing in the SBREFA Outline.\458\ The Bureau 
believes that this definition reflects the broad nature of small 
business lending data collection specified in section 1071. Under such 
a definition, the rule's data collection and reporting requirements 
would apply to a variety of entities that engage in small business 
lending, including depository institutions (i.e., banks, savings 
associations, and credit unions),\459\ online lenders, platform 
lenders, CDFIs, lenders involved in equipment and vehicle financing 
(captive financing companies and independent financing companies), 
commercial finance companies, governmental lending entities, and 
nonprofit, nondepository lenders.
---------------------------------------------------------------------------

    \458\ SBREFA Outline at 10.
    \459\ For purposes of this notice of proposed rulemaking, the 
Bureau is using the term depository institution to mean any bank or 
savings association defined by the Federal Deposit Insurance Act, 12 
U.S.C. 1813(c)(1), or credit union defined pursuant to the Federal 
Credit Union Act, as implemented by 12 CFR 700.2. The Bureau notes 
that the Dodd-Frank Act defines a depository institution to mean any 
bank or savings association defined by the Federal Deposit Insurance 
Act; there, that term does not encompass credit unions. 12 U.S.C. 
5301(18)(A), 1813(c)(1). To facilitate analysis and discussion, the 
Bureau is referring to banks and savings associations together with 
credit unions as depository institutions throughout this notice, 
unless otherwise specified.
---------------------------------------------------------------------------

    As noted above, one SER expressed concern at the broad reach of 
this definition. But the broad scope of what may be considered a 
``financial activity'' in the proposed definition of financial 
institution is not the principal determinative factor as to whether 
small business lending data collection and reporting is required; the 
proposed definition of a covered financial institution, the proposed 
definition of a covered application, and the proposed definition of a 
covered credit transaction, among others, all would impose limits on 
what entities could be subject to this proposed rule's data collection 
and reporting requirements.
    Proposed comment 105(a)-1 would provide a non-exhaustive list of 
examples of entities that may fit within the definition of a financial 
institution. This proposed comment would make clear that nonprofit and 
governmental entities, governmental subdivisions, or governmental 
agencies, among others, who conduct financial activity fit within the 
definition of a financial institution. The definition of the term 
``financial institution'' in ECOA section 704B(h)(1) includes the 
phrase ``or other entity.'' That term readily encompasses governments 
and government entities. Even if the term were ambiguous, the Bureau 
believes--based on its expertise and experience--that interpreting it 
to encompass governments and government entities would promote the 
purposes of section 1071. For example, the Bureau believes that it will 
be helpful to identify the business and community development needs of 
women-owned, minority-owned, and small businesses by collecting lending 
data from both a county-run assistance program for establishing new 
businesses and financial institutions that operate nationwide, like 
online lenders. The Bureau also believes that the terms ``companies'' 
or ``corporations'' under the definition of ``person,'' on their face, 
cover all companies and corporations, including government-owned or -
affiliated companies and corporations. And even if those terms were 
ambiguous, the Bureau believes--based on its expertise and experience--
that interpreting them to cover government-owned or -companies and 
corporations would promote the purposes of section 1071. The Bureau 
emphasizes that the list of examples of entities in proposed comment 
105(a)-1 is not exhaustive and that other entities not specifically 
described would nonetheless fit within the definition of a financial 
institution under proposed Sec.  1002.105(a). For example, the Bureau 
believes that an organization offering insurance premium financing, 
where the organization provides short-term loans to businesses to pay 
for property and casualty insurance, is included within the definition 
of proposed Sec.  1002.105(a), even though this specific business model 
is not described in proposed comment 105(a)-1.
    Proposed comment 105(a)-2 would refer to proposed Sec.  1002.101(a) 
to reiterate the statutory exclusion for motor vehicle dealers.
    The Bureau seeks comment on this proposed definition of a financial 
institution, and generally requests comment on whether additional 
clarification is needed.
105(b) Covered Financial Institution
Background
    The Bureau has received requests to adopt exemptions from section 
1071 collection and reporting requirements for financial institutions 
that do not frequently engage in small business lending. Reasons cited 
have included encouraging market entry, ensuring data quality, alleged 
lack of materiality of data from smaller lenders that rarely make small 
business loans, and lack of capacity by the lenders sufficient to 
justify small business lending as a line of business in light of the 
cost of complying with an eventual 1071 rule.
SBREFA Proposals Under Consideration and Feedback Received
    In the SBREFA Outline, the Bureau stated that it was considering, 
in light of section 1071's statutory purposes, proposing to exempt 
financial institutions from any collection and reporting requirements 
based on either or both a size-based and/or activity-based threshold. 
In the SBREFA Outline, the Bureau set forth several alternative 
thresholds under consideration for such an exemption.\460\
---------------------------------------------------------------------------

    \460\ SBREFA Outline at 11-13.
---------------------------------------------------------------------------

    There was a diversity of perspectives with respect to the Bureau's 
approaches under consideration regarding potential exemptions.\461\ 
While some SERs stressed the need for expansive lender coverage to 
fulfill section 1071's purposes, others suggested that such purposes 
could be fulfilled by the Bureau collecting and reporting data from 
only the largest lenders. SERs also offered varying opinions regarding 
the exemption metrics and thresholds under

[[Page 56418]]

consideration, with some SERs favoring activity-based exemptions and 
others preferring an asset-based approach. SERs uniformly supported 
clear, predictable collection and reporting exemption thresholds.
---------------------------------------------------------------------------

    \461\ The SER feedback discussed in this section-by-section 
analysis can be found in the SBREFA Panel Report at 18-20.
---------------------------------------------------------------------------

    The SBREFA Panel recommended that the Bureau continue to explore 
whether either or both a size-based or activity-based test might be 
appropriate to determine whether a financial institution must collect 
and report 1071 data or should be exempt, given section 1071's 
statutory purposes.\462\ The SBREFA Panel also recommended that the 
Bureau continue to explore whether the fixed costs of coming into 
compliance with an eventual 1071 rule might cause certain financial 
institutions to reduce or cease lending to small businesses, as it 
considers the possible exemptions for financial institutions based on 
size and/or activity, along with any alternative approaches.\463\
---------------------------------------------------------------------------

    \462\ Id. at 43.
    \463\ Id.
---------------------------------------------------------------------------

    Feedback from other stakeholders generally was in support of 
exempting certain financial institutions from 1071 collection and 
reporting obligations. Most feedback in support of pursuing exemptions 
focused on the potential burden of a new regulatory regime, with some 
stakeholders cautioning that collection and reporting obligations could 
lead to an increase in the cost of credit. A few stakeholders connected 
these potential costs with section 1071's purpose to identify community 
development needs and opportunities (chiefly arguing that costs might 
lead to higher costs of lending or lower lending volume), or otherwise 
expressed a general belief that some exemptions were consistent with 
statutory purposes. Several stakeholders, mostly community groups, 
urged caution with respect to the extent of any such exemptions, 
arguing that significant data limitations would run contrary to the 
general purposes of section 1071.
    Activity-based exemption. In the SBREFA Outline, the Bureau stated 
that it was considering whether only financial institutions that engage 
in a certain amount of small business lending activity should be 
required to collect and report 1071 data.\464\ The Bureau explained 
that in light of 1071's potentially broad application to financial 
institutions, an activity-based test to determine reporting 
responsibility might be appropriate. In particular, the Bureau 
expressed concern that financial institutions with the lowest volume of 
small business lending might reduce or cease their small business 
lending activity because of the fixed costs of coming into compliance 
with an eventual 1071 rule. The Bureau stated that this result could be 
contrary to the community development purpose of section 1071.
---------------------------------------------------------------------------

    \464\ SBREFA Outline at 12-13.
---------------------------------------------------------------------------

    The Bureau specifically mentioned three possible activity-based 
threshold levels, each defined by a financial institution's annual 
number of small business loans originated or the financial 
institution's annual total dollar value of small business loans 
originated. (That is, if either measurement is exceeded, then the 
financial institution must collect and report 1071 data.) Those three 
possible activity-based threshold levels were: Originations of at least 
25 loans or $2.5 million (Option 1 Exemption Threshold); originations 
of at least 50 loans or $5 million (Option 2 Exemption Threshold); and 
originations of at least 100 loans or $10 million (Option 3 Exemption 
Threshold). These possible activity-based thresholds could be based on 
the financial institution's lending as of the end of the last calendar 
year, or the end of each of the last two calendar years. An activity-
based exemption could apply to depository and nondepository 
institutions alike.
    Some SERs advocated for an activity-based exemption. Several of 
these SERs preferred an annual 25-loan threshold (with at least one 
expressing support specifically for the Option 1 Exemption Threshold). 
One SER preferred the Option 2 Exemption Threshold, while another 
preferred the Bureau's Option 3 Exemption Threshold. Another SER 
recommended setting a threshold of more than 100 small business 
applications (rather than originations) for two consecutive years. 
These SERs emphasized a general need for thorough data reporting from a 
wide variety of lenders, and cautioned that in many smaller and rural 
markets, larger exemptions might result in little or no data collection 
given that many lenders in those markets make very few small business 
loans annually.
    One SER suggested setting an activity-based threshold based on loan 
portfolio size rather than annual originations. Another SER suggested 
that the Bureau consider exempting certain financial institutions using 
a location test similar or identical to what is used for HMDA, which 
does not apply to institutions that do not have a home or branch office 
in a Metropolitan Statistical Area.
    There was no uniformity in the feedback from other stakeholders 
with respect to an activity-based exemption and its potential level. 
Many commenters, including lenders, trade associations, and community 
groups, expressed support for the Option 1 Exemption Threshold, 
although most explicitly supported only the 25-loan threshold. On the 
other hand, a few comments advocated for versions of the Option 3 
Exemption Threshold and many comments urged the Bureau to adopt a 
threshold higher than the Option 3 Exemption Threshold. Commenters who 
advocated for higher thresholds consisted of lenders and trade 
associations.
    Size-based exemption. In the SBREFA Outline, the Bureau stated that 
it was concerned that the smallest financial institutions might reduce 
or cease their small business lending activity because of the fixed 
costs of coming into compliance with an eventual 1071 rule, which could 
be contrary to the community development purpose of section 1071.\465\ 
Specifically, the Bureau considered whether depository institutions 
with assets under a given threshold should be exempt from collecting 
and reporting small business lending data.
---------------------------------------------------------------------------

    \465\ Id. at 11-12.
---------------------------------------------------------------------------

    The Bureau stated that it was considering proposing to exempt 
depository institutions with assets under a given threshold from 
section 1071's data collection and reporting requirements. The Bureau 
postulated that this size-based approach could provide a 
straightforward exemption for very small depository institutions and 
avoid the need for those entities to measure or monitor their small 
business lending activity in order to determine whether they would be 
exempt from the Bureau's 1071 rule. In particular, the Bureau 
considered possible asset-based exemption threshold levels of $100 
million (Option A Exemption Level) and $200 million (Option B Exemption 
Level). For purposes of this exemption, the Bureau considered proposing 
that a depository institution measure assets as of the end of the last 
calendar year, or the end of both of the last two calendar years. The 
Bureau asked SERs whether there were alternative approaches to a size-
based exemption that the Bureau should consider.
    SERs did not suggest size-based exemptions other than an asset-
based metric that would apply to depository institutions. A few SERs 
advocated that the Bureau should consider initially exempting lenders 
other than ``large'' financial institutions (which, one SER suggested, 
might be defined for depository institutions as those having more than 
$1 billion in assets). These SERs stated that this approach would 
capture the vast majority of small business loans while avoiding 
imposing

[[Page 56419]]

undue regulatory burden on smaller lenders, who might be less capable 
of absorbing such costs. They suggested that the Bureau might later 
consider whether to expand section 1071 data collection and reporting 
requirements to smaller financial institutions after first analyzing 
the available data. Several SERs cautioned that some financial 
institutions, particularly small nondepository lenders, might cease 
lending to small businesses if the eventual 1071 rule's one-time costs 
are too high.
    One SER stated that a $200 million asset-based exemption would be 
helpful to small depository lenders, and others suggested that a 
threshold of $600 million was appropriate. Another SER countered, 
however, that they were unaware of data to support an asset-based 
exemption larger than $100 million. Some SERs expressly opposed an 
asset-based exemption; one SER cautioned that an exemption based solely 
on asset size would be inadvisable because many lenders do not hold 
their loans on their balance sheet. Another SER stated that adopting an 
asset-based exemption would risk excluding the collection of nearly all 
small business lending data in certain regions.
    Input from other stakeholders was split. Many stakeholders 
supported a size-based exemption (typically an asset-based exemption), 
contending that small depository institutions faced substantial 
compliance costs and presented a lower likelihood of fair lending 
violations. Small depository institutions were also particularly 
concerned about data security issues. However, a number of other 
stakeholders counseled against a size-based exemption, arguing that 
exemptions should be based instead on lending activity, and that size-
based exemptions risked under-reporting in important markets. In 
addition, some stakeholders noted that because there was no ready 
equivalent size-based measurement for nondepository institutions, 
including an asset-based exemption in the 1071 rule would put other 
small financial institutions at a cost disadvantage.
    Combined exemption. The Bureau stated that it was exploring whether 
to combine the size- and activity-based approaches.\466\ Under a 
combined approach, a financial institution would be required to collect 
and report 1071 data if it exceeds either: (1) A given annual number of 
small business loans originated; or (2) annual total small business 
lending, measured in dollars. However, depository institutions with 
assets under a given asset threshold would be exempt from reporting, 
regardless of the number or dollar value of small business loans they 
originated during the relevant time period.
---------------------------------------------------------------------------

    \466\ Id. at 13.
---------------------------------------------------------------------------

    At least one SER supported a combined size-based and activity-based 
exemption. Some SERs also suggested other possible bases for setting 
exemption thresholds. For example, several SERs suggested that the 
Bureau focus on the number of small business loans that would be 
covered or excluded, rather than the number of financial institutions, 
in setting an exemption threshold. One SER suggested setting a 
threshold based on loan portfolio size rather than annual originations. 
As discussed above, another SER suggested that the Bureau consider 
exempting certain financial institutions using a location test similar 
or identical to what is used for HMDA, which does not apply to 
institutions that do not have a home or branch office in a Metropolitan 
Statistical Area.
    Alternative exemptions. The Bureau did not express that it was 
considering other collection and reporting exemptions. However, the 
Bureau did request feedback on alternative approaches. In particular, 
the Bureau asked whether there were certain types of financial 
institutions, such as governmental lending entities or nonprofit 
nondepository lenders, that the Bureau should consider not including 
within 1071's data collection and reporting requirements.
    One credit union SER requested that the Bureau exempt all credit 
unions from section 1071 data collection and reporting requirements, 
asserting that credit unions had not displayed what they characterized 
as a ``pattern of unfair lending.'' In contrast, another SER cautioned 
against providing exemptions for particular types of financial 
institutions, noting the risk of missing important lending data. A few 
SERs, particularly CDFIs, strongly preferred that all lenders, 
including nonprofit and government lenders, be subject to section 1071 
data collection and reporting requirements. One SER asserted that 
disparities exist in many forms of small business lending, including 
the SBA's 7(a) Loan Program, State lending programs, and funds 
distributed through the recent Coronavirus Aid, Relief, and Economic 
Security Act (CARES Act).\467\ Another SER stated that in certain parts 
of the country, such as the Midwest, Farm Credit System loans are 
available to small businesses, and thus Farm Credit institutions are in 
competition with other lenders and should be covered entities. One SER 
stated that the Bureau should consider exempting nondepository, 
nonprofit Native CDFIs because section 1071 data collection and 
reporting requirements might impose significant compliance costs and 
privacy concerns.\468\ The SBREFA Panel recommendations did not 
directly address this topic, although the Panel did recommend that the 
Bureau continue to consider alternative approaches to exemptions.\469\
---------------------------------------------------------------------------

    \467\ Public Law 116-136, 134 Stat. 281 (2020).
    \468\ Native CDFIs are organizations certified as community 
development financial institutions that primarily serve a Native 
Community and are therefore eligible for Financial Assistance and 
Technical Assistance awards provided by the Native American CDFI 
Assistance Program. CDFI Fund, Fostering Economic Self-Determination 
for Your Native Community, https://www.cdfifund.gov/sites/cdfi/files/documents/cdfi7205_fs_ni_updatedfeb20.pdf (last visited Aug. 
12, 2021).
    \469\ SBREFA Panel Report at 43.
---------------------------------------------------------------------------

    Feedback from other stakeholders included a variety of suggestions 
for other types of financial institutions that the Bureau should 
consider exempting. These suggestions were made by financial 
institutions (or their trade associations) to describe either 
themselves or portions of their membership. The Bureau received this 
feedback pertaining to CDFIs, credit unions, minority depository 
institutions, financial institutions in rural areas or low- and 
moderate-income areas, financial institutions that would themselves be 
small businesses under the rule, and motor vehicle dealers. Conversely, 
some stakeholders encouraged the Bureau not to provide any such 
categorical exemptions. One stakeholder also urged the Bureau not to 
exempt government or nonprofit lenders, arguing that they were an 
important element of achieving broad coverage in 1071 data.
Proposed Rule--Activity-Based Exemption
    Proposed Sec.  1002.105(b) would define a covered financial 
institution as a financial institution that originated at least 25 
covered credit transactions for small businesses in each of the two 
preceding calendar years. This proposed definition adopts the portion 
of the Option 1 Exemption Threshold based on number of originations 
discussed at SBREFA, using the two consecutive year approach that was 
also described at SBREFA. The Bureau believes this definition will 
facilitate compliance by describing which financial institutions are 
required to collect and report small business data. The Bureau is also 
proposing commentary to accompany proposed Sec.  1002.105(b). The 
Bureau's

[[Page 56420]]

rationale for proposing this exemption, and for not proposing any 
others, is discussed in detail below.
    In general, the Bureau believes that fulfilling the purposes of 
section 1071 necessitates collecting small business lending data from 
all sizes and types of financial institutions (other than those with a 
low volume of lending activity), particularly given the variety of 
entities identified in ECOA section 704B(h)(1). The Bureau is proposing 
to exempt certain financial institutions from its small business 
lending data collection rule because it remains concerned that 
financial institutions with the lowest volume of small business lending 
might reduce or cease their small business lending activity due to the 
fixed costs of coming into compliance with the 1071 rule. A reduction 
in access to credit would run contrary to the community development 
purpose of section 1071. Section 1071 describes its community 
development purpose as ``enabl[ing] communities, governmental entities, 
and creditors to identify business and community development needs and 
opportunities of women-owned, minority-owned, and small businesses.'' 
\470\ In the Bureau's view, such business and community development 
opportunities cannot be appropriately identified if the 1071 rule 
unduly eliminates those opportunities by reducing access to credit, 
which, as explained below, supports the Bureau's use of its exemption 
authority under 704B(g)(2) here. Feedback from SBREFA showed that a 
broad array of financial institutions, trade associations, community 
groups, and others share the Bureau's concern about the risk of 
reducing access to small business credit, particularly with respect to 
financial institutions that infrequently lend to small businesses.
---------------------------------------------------------------------------

    \470\ ECOA section 704B(a).
---------------------------------------------------------------------------

    The Bureau is proposing Sec.  1002.105(b) pursuant to its authority 
under ECOA section 704B(g)(1) to prescribe such rules and issue such 
guidance as may be necessary to carry out, enforce, and compile data 
pursuant to section 1071 and its authority under 704B(g)(2) to adopt 
exceptions to any requirement of section 1071 and, conditionally or 
unconditionally, exempt any financial institution or class of financial 
institutions from the requirements of section 1071, as the Bureau deems 
necessary or appropriate to carry out the purposes of section 1071.
    The Bureau believes that an activity-based threshold would provide 
a simple basis for financial institutions that infrequently lend to 
small businesses to determine whether they have conducted sufficient 
lending activity as to be required to collect and report data under 
proposed subpart B. With respect to setting an activity-based 
threshold, feedback favored using only originations. SERs uniformly 
supported clear, predictable collection and reporting exemption 
thresholds. With respect to feedback from other stakeholders, nearly 
all of the comments that expressed support for the Option 1 Exemption 
Threshold provided support only for the 25-loan metric, and not the 
total lending metric (and several comments explicitly urged the Bureau 
not to adopt the $2.5 million lending threshold). The Bureau believes 
that furnishing a dual activity-based threshold, under which infrequent 
lenders must ascertain both measurements to determine whether reporting 
may be required, would cut against the goal of simplifying the rule as 
lenders would then have to track two metrics, not one. The Bureau 
believes that a dual threshold would create more regulatory complexity 
as, among other things, the resulting rule would have to address issues 
such as how lines of credit and credit cards are meant to be counted 
towards the dollar volume threshold. (For example, should the rule use 
the maximum amount that could be extended or something else, like an 
average of the amount actually outstanding? If the former, how should 
changes in the limit be treated?) In contrast, tracking total annual 
small business originations does not entail such complexity.
    In particular, the Bureau believes that a primary advantage of an 
activity-based threshold--ease of compliance--would be undermined if 
the Bureau were to implement a complex, dual threshold eligibility 
test. The Bureau wishes to ensure that infrequent lenders are not 
incurring significant undue compliance costs, particularly while not 
reporting data. In general, tracking two thresholds is more complex 
than tracking one. And of these two thresholds, the Bureau believes 
that tracking total originations is simpler than tracking total 
lending. The Bureau believes it is also more likely that financial 
institutions are already tracking total originations. The Bureau 
believes that proposing an activity-based threshold that employs data 
already generally collected by financial institutions could mitigate 
the risk that section 1071, when implemented, would result in reduced 
access to credit.
    The Bureau is thus proposing to set the loan-volume threshold at 25 
covered credit transactions from small businesses in each of the past 
two years. This proposal is based, in part, on feedback received at 
SBREFA. As mentioned above, several SERs recommended an annual 25-loan 
threshold and many comments, including those from lenders, trade 
associations, and community groups, expressed support for the Option 1 
Exemption Threshold, with most explicitly supporting just the 25-loan 
threshold and not total lending.
    The Bureau continues to consider whether this loan-volume threshold 
should be set at a different level, such as 50 or 100 originations, as 
described in the SBREFA Outline.\471\ The Bureau notes that there was 
also substantial support for a much higher loan-volume threshold than 
25 originations. In addition to the SER feedback discussed above, 
several stakeholders advocated for 100 loans and many others advocated 
for an even higher threshold. However, at least to this point, the 
Bureau is not convinced, based on the feedback from SERs and other 
stakeholders, that higher thresholds would be more necessary or 
appropriate to carry out the purposes of section 1071. Rather, such 
advocacy focused either on concerns that lower thresholds would not 
exempt a particular financial institution or type of financial 
institution, such as community banks, or that higher thresholds would 
not substantially diminish overall data collection.
---------------------------------------------------------------------------

    \471\ SBREFA Outline at 12.
---------------------------------------------------------------------------

    Supporters of the 25-loan threshold and supporters of the 100-loan 
threshold each argued that such a threshold would be similar to that 
used in HMDA. The Bureau's 2015 HMDA Rule set the closed-end loan 
threshold

[[Page 56421]]

at 25 originated loans for each of the two preceding calendar 
years.\472\ However, in 2020, the Bureau increased the threshold to 100 
closed-end loans, effective the same year.\473\ The Bureau set the HMDA 
threshold pursuant to its authority to provide adjustments or 
exceptions that it judges as necessary and proper to effectuate the 
purposes of HMDA or to facilitate compliance with HMDA. In the present 
case, with respect to institutional coverage thresholds, the Bureau 
does not believe a direct comparison with HMDA is instructive because 
of differences in the relevant statutory authorities and between home 
mortgages and small business loans.
---------------------------------------------------------------------------

    \472\ See 80 FR 66127 (Oct. 28, 2015). The Bureau also provided 
a higher threshold of 100 for open-end lines of credit. Id.
    \473\ See 85 FR 28364 (May 12, 2020).
---------------------------------------------------------------------------

    The Bureau also considered how its proposed threshold of 25 covered 
credit transactions for small businesses (and the other thresholds 
under consideration at SBREFA) might affect overall collection and 
reporting of 1071 data from banks and credit unions, based on data as 
of 2019. Table 1 below provides the Bureau's estimated share of 
depository institutions, estimated share of small business loans from 
those institutions (measured in total number of loans), and estimated 
share of small business credit from those institutions (measured in 
dollars) that would be covered by a loan-volume threshold of 25, 50, or 
100 small business loans. The Bureau estimates that a depository 
institution is covered for a particular loan-volume threshold as of 
2019 if the estimated number of originations for that institution 
exceeded the threshold in both 2017 and 2018. Given the limitations of 
the source data, the Bureau cautions that these estimates are not 
intended to provide a complete sense of the possible consequences of 
adopting each particular threshold. Nonetheless, the Bureau is 
providing estimates based on these data because it is the best 
information currently available to the Bureau. Moreover, the Bureau 
emphasizes that these estimates apply only to depository institutions. 
This information is based on FFIEC and Credit Union Call Reports, as 
well as Community Reinvestment Act submissions.\474\ Under these data 
collections, banks report small loans made to businesses and farms 
(regardless of the borrower's size). Credit unions report commercial 
loans over $50,000 made to members (also, regardless of the borrower's 
size). The Bureau is unable to determine the degree to which these data 
provide an adequate proxy for the applications from small businesses 
that would be subject to 1071 reporting. The methodologies and 
assumptions used to produce these estimates are further documented in 
part VII.D below and in more detail in its Supplemental estimation 
methodology for institutional coverage and market-level cost estimates 
in the small business lending data collection notice of proposed 
rulemaking released concurrently with this proposal.\475\
---------------------------------------------------------------------------

    \474\ On the bank Call Report and in the Community Reinvestment 
Act data, for small bank and small farm loans, banks report on 
business loans with original amounts of $1 million or less and farm 
loans with original amounts of $500,000 or less. For lines of credit 
or loan commitments, banks report the size of the line of credit or 
commitment when it was most recently approved. Banks include loans 
guaranteed by the SBA and other government entities in their small 
loans to businesses. Banks do not report loans to nonprofit 
organizations in this category. Thus, these data collections would 
include loans made to purchase, for example, individual vehicles and 
pieces of equipment for the nation's largest businesses.
    \475\ This document is available at https://www.consumerfinance.gov/data-research/research-reports/supplemental-estimation-methodologies-small-business-lending-data-collection-nprm/.
[GRAPHIC] [TIFF OMITTED] TP08OC21.000


[[Page 56422]]


    Table 1 above shows that as the loan-volume threshold rises, the 
estimated share of depository institutions subject to section 1071 
decreases substantially. Likewise, the estimated share of small 
business loans and small business credit captured by the rule would 
also decrease, although those decreases are less pronounced. The Bureau 
has no information for nondepository institutions such that the Bureau 
could provide similar estimates for comment. The Bureau requests in 
response to this proposal such information and data that might bear on 
any activity-based exemption for nondepository 
institutions.476 477 478 
---------------------------------------------------------------------------

    \476\ There were 10,525 depository institutions as of December 
31, 2019, including 112 credit unions that are not federally 
insured.
    \477\ Based on FFIEC Call Report data, there were 5,177 banks 
and savings associations as of December 31, 2019.
    \478\ Based on the 2019 NCUA Call Report data, there were 5,348 
credit unions as of December 31, 2019, including 112 credit unions 
that are not federally insured.
---------------------------------------------------------------------------

    The Bureau notes that the above estimates represent small business 
lending data prior to the COVID-19 pandemic and ensuing policy 
responses. The Bureau is keenly aware that many financial institutions, 
including those that may not have historically participated actively in 
small business lending, served their communities by becoming 
participating lenders in the SBA's Paycheck Protection Program. This 
program ended on May 31, 2021. The Bureau expects that by the time its 
1071 rule is finalized and implemented, lending activity conducted 
pursuant to the SBA's Paycheck Protection Program will not be 
determinative of whether a given financial institution qualifies as a 
covered financial institution under the 1071 rule. The Bureau will 
continue to monitor the market and consider what other adjustments, if 
any, may be needed to ensure that, to the best of the Bureau's ability, 
the 1071 rulemaking is informed by up-to-date and accurate information 
about the small business lending market.
    The Bureau seeks comment on its proposed 25 originations threshold 
incorporated into the definition of a covered financial institution. 
The Bureau also solicits comment on whether this threshold should 
alternatively be set at 50 or 100 covered credit transactions.
    The Bureau is proposing to define a covered financial institution 
using a loan-volume threshold that must be achieved in each of the two 
preceding calendar years. SERs provided relatively little feedback 
directly on the measurement period, but broadly expressed a desire for 
clear, predictable collection and reporting thresholds. The Bureau 
received substantial feedback advocating for a two-year approach, but 
little feedback asking for a one-year threshold period. A few 
stakeholders also expressed interest in a measurement period longer 
than two years.
    The Bureau acknowledges that a loan-volume threshold based on a 
two-year period could create some operational complexity for some 
financial institutions. To be sure that it was not a covered financial 
institution, a financial institution would need to maintain records 
sufficient to show total small business originations for both years of 
the threshold period. The Bureau believes that two years is not a 
prohibitively long time, although it is possible that infrequent 
lenders may have smaller staff or fewer resources to reliably track 
such information for 1071 purposes. The Bureau believes that a two-year 
threshold period is advisable to eliminate uncertainty surrounding data 
collection responsibilities. Under this proposal, a financial 
institution that may not frequently lend to small businesses, but that 
experiences an unusual and unexpectedly high lending volume in a single 
year would not be a covered financial institution. As discussed in part 
VII below, in order to comply with the Bureau's proposed 1071 rule, a 
financial institution may need to undertake substantial one-time costs 
that include operational changes, such as staff training, information 
technology changes, and develop policies and procedures. Therefore, the 
Bureau believes that it is appropriate to propose a two-year threshold 
period to provide more stability around reporting responsibilities. 
Regulations that implement HMDA and the Community Reinvestment Act 
provide similar periods to determine coverage.
    The Bureau notes that employing a two-year approach would delay 
reporting for new, potentially active entrants. For example, under this 
proposal a large lender that enters the market and originates hundreds 
or even thousands of small business loans in its first two calendar 
years of lending would not report its covered applications. That is, 
under the Bureau's proposal, this financial institution would not be 
required to collect and report 1071 data on its covered applications 
for small businesses in those first two years, although the institution 
could choose to voluntarily collect and report data. The Bureau has 
concerns, however, about triggering data collection and reporting 
requirement based on lenders' estimates of their projected future 
volume.
    The proposed two-year threshold period may pose other 
considerations for financial institutions that conduct small business 
lending activity near the proposed 25 small business originations 
threshold. See the section-by-section analysis of proposed Sec.  
1002.5(a)(4) above for a discussion of proposed Sec.  
1002.5(a)(4)(viii), which would allow a financial institution to 
collect ethnicity, race, and sex information pursuant to proposed 
subpart B for a covered application under certain circumstances during 
the second year of the threshold period. See the section-by-section 
analysis of proposed Sec.  1002.114(c) below for discussion of 
additional flexibility that the Bureau is proposing regarding measuring 
lending activity prior to the rule's compliance date.
    The Bureau is proposing to set the activity-based threshold based 
on small business originations, rather than applications. The statutory 
language of 1071 generally applies to applications; however, the Bureau 
believes that using small business originations for purposes of 
defining a covered financial institution is the better approach. The 
Bureau expects that financial institutions track their small business 
application volumes in various ways, but whether an origination 
resulted is a clear and readily identifiable metric. The Bureau is 
concerned that attempting to use an exemption metric based on 
applications would impose new obligations on financial institutions 
solely for purposes of determining whether or not they are subject to 
this rule. As discussed above, the Bureau believes that proposing an 
activity-based threshold that employs data already generally collected 
by financial institutions could mitigate the risk that section 1071, 
when implemented, would result in reduced access to credit. In 
addition, even those financial institutions that track total 
applications now may not do so in a way that fully aligns with how the 
Bureau is proposing to define covered applications for purposes of 
proposed subpart B. Using originations is also consistent with the 
Bureau's Regulation C. In addition, the Bureau received limited 
feedback advocating for the use of applications to set the activity-
based threshold.
    Proposed comment 105(b)-1 would clarify the meaning of a preceding 
calendar year for purposes of the proposed activity-based exemption. 
See the section-by-section analysis of proposed Sec.  1002.114(c)(2) 
below for additional discussion regarding measuring lending activity 
prior to the rule's compliance date. Proposed

[[Page 56423]]

comment 105(b)-2 would emphasize that a financial institution qualifies 
as a covered financial institution based on total covered credit 
transactions originated for small businesses, rather than covered 
applications received from small businesses. Proposed comment 105(b)-3 
would explain that whether a financial institution is a covered 
financial institution depends on its particular small business lending 
activity in the two preceding calendar years, and that the obligations 
of a covered financial institution is an annual consideration for each 
year that data may be compiled and maintained under proposed Sec.  
1002.107(a).
    The Bureau is proposing to clarify in Sec.  1002.105(b) that for 
purposes of defining a covered financial institution, if more than one 
financial institution was involved in the origination of a covered 
credit transaction, only the financial institution that made the final 
credit decision approving the application shall count the origination. 
The Bureau believes that providing this clarifying language would 
assist financial institutions in understanding which transactions count 
towards the loan-volume threshold. This approach is consistent with the 
Bureau's proposed Sec.  1002.109(a)(3).
    Proposed comments 105(b)-4 and -5 would explain when a financial 
institution is a covered financial institution following a merger or 
acquisition. These proposed comments are largely consistent with the 
Bureau's approach to reporting obligations surrounding a merger under 
Regulation C,\479\ with modifications to reflect the nature of the 
small business lending market and to provide additional clarifications.
---------------------------------------------------------------------------

    \479\ See Regulation C comments 2(g)-3 and -4.
---------------------------------------------------------------------------

    Proposed comment 105(b)-6 would clarify that Regulation B 
(including proposed subpart B) generally does not apply to lending 
activities that occur outside the United States.
    Finally, proposed comment 105(b)-7 would address financial 
institutions that do not qualify as covered financial institutions but 
may nonetheless wish to voluntarily collect and report small business 
lending data. This proposed comment would reiterate that proposed Sec.  
1002.5(a)(4)(vii) through (ix) permits a creditor that is not a covered 
financial institution under proposed Sec.  1002.105(b) to voluntarily 
collect and report information regarding covered applications in 
certain circumstances. If a creditor is voluntarily collecting 
applicants' protected demographic information for covered applications, 
it shall do so in compliance with proposed Sec. Sec.  1002.107, 
1002.108, 1002.111, 1002.112, and 1002.114 as though it were a covered 
financial institution. Proposed comment 105(b)-7 would further state 
that if a creditor is voluntarily reporting those covered applications 
to the Bureau, it shall do so in compliance with proposed Sec. Sec.  
1002.109 and 1002.110 as though it were a covered financial 
institution.
    The Bureau seeks comment on its proposed definition of a covered 
financial institution, which uses a loan-volume threshold of 25 covered 
credit transactions from small businesses. The Bureau continues to 
consider whether this loan-volume threshold should be changed to a 
different threshold, such as 50 or 100 originations from small 
businesses, and seeks feedback and data related to any of these three 
potential thresholds. In addition, the Bureau seeks comment on whether 
an activity-based threshold should be based on the total number of 
small business applications, rather than originations. The Bureau also 
requests comment on whether additional clarification is needed for this 
proposed definition.
Alternatives Considered--Size-Based Exemption and Combined Exemptions
    The Bureau is not proposing to define a covered financial 
institution on the basis of the size of the financial institution, as 
measured by total assets for depository institutions or some other 
metric. Likewise, the Bureau is not proposing to define a covered 
financial institution with reference to the financial institution's 
size in combination with its small business lending activity.
    For the reasons discussed above, the Bureau believes that proposing 
an exemption based on a financial institution's recent small business 
lending activity would be appropriate to carry out the purposes of 
section 1071. The Bureau believes that in comparison to a size-based 
exemption, an activity-based exemption is a more compelling basis for 
exempting certain financial institutions from coverage in light of 
section 1071's community development purpose. As previously stated, the 
Bureau is concerned that certain financial institutions might reduce or 
cease their small business lending activity because of the fixed costs 
of coming into compliance with this rule, and that a reduction in 
access to credit would run contrary to the community development 
purpose of section 1071. However, the Bureau is persuaded that small 
business lending activity holds a more direct relationship to a given 
financial institution's role in the small business lending market than 
a more general measurement of the financial institution's size as 
measured in total assets. Using a size-based metric would present a 
much rougher proxy for the risk that a financial institution may reduce 
or eliminate its small business lending activities as a result of the 
one-time costs of coming into compliance with this rule.
    The Bureau also believes that proposing an activity-based exemption 
is a superior approach to proposing a size-based exemption because an 
exemption based on asset size would apply only to depository 
institutions. The Bureau is unaware of a similar size metric for 
nondepository institutions, and SERs and other stakeholders who 
provided feedback on the SBREFA Outline were not able to offer one. A 
size-based exemption approach might therefore risk distorting the 
collected data and create an uneven playing field. As noted above, 
other stakeholders explained that because there was no readily 
available equivalent size-based measurement for nondepository 
institutions, including an asset-based exemption might risk presenting 
a cost disadvantage for other small financial institutions. Moreover, 
exempting proportionately more depository institutions than 
nondepository institutions may present demographic data collection 
concerns. A recent small business credit survey revealed racial 
disparities in applications under the SBA's Paycheck Protection 
Program: the data showed white-owned firms were most likely to apply 
for a loan through a small bank (defined as under $10 billion in 
assets), while Black-owned firms were three times as likely as white-
owned firms to apply for a loan through an online lender.\480\ The 
Bureau is concerned that collecting data under different standards for 
depository institutions versus nondepository institutions would run 
contrary to the purposes of section 1071 and undermine the utility of 
the data, as well as the purposes of the Bureau, which are, in part, 
``to implement and, where applicable, enforce . . . consistently'' 
Federal laws including ECOA.\481\
---------------------------------------------------------------------------

    \480\ Small Business Credit Survey of Firms Owned by People of 
Color at 14.
    \481\ 12 U.S.C. 5511(a).
---------------------------------------------------------------------------

    The Bureau also considered whether proposing a size-based 
exemption, on the basis of total assets for depository institutions, 
would be appropriate in combination with the above-discussed activity-
based exemption. The Bureau is not persuaded that proposing such an 
additional exemption would be necessary or appropriate to carry out the

[[Page 56424]]

purposes of section 1071. In particular, the Bureau considered two 
types of depository institutions that might be exempt by virtue of a 
size-based exemption:
     An Active Small Depository Institution (ASDI), meaning any 
depository institution smaller than a particular asset size that lends 
at or above a given activity-based threshold, and
     An Inactive Small Depository Institution (ISDI), meaning 
any depository institution smaller than a particular asset size that 
lends below a given activity-based threshold.
    In examining the case for ASDIs and ISDIs, the Bureau believes that 
an additional, asset-based exemption may provide a slightly less costly 
means of ascertaining exemption status for a small number of ISDIs, but 
such an exemption would eliminate small business lending data from a 
moderate share of ASDIs that would otherwise provide valuable data in 
fulfilling both of section 1071's purposes.
    Using the same data that were compiled for the activity-based 
exemption analysis, the Bureau estimates that under its proposed 25 
originations threshold approximately 6,300 to 6,500 depository 
institutions would not be covered financial institutions, and therefore 
would be exempt from collection and reporting. The Bureau further 
estimates that proposing an asset-based exemption of $200 million would 
result in approximately 1,300 to 1,500 additional depository 
institutions not reporting (all of which, by definition, are ASDIs), 
while 5,200 to 5,400 depository institutions would already have been 
exempt, but have a somewhat lower-cost method of ascertaining this 
information (e.g., ISDIs).\482\
---------------------------------------------------------------------------

    \482\ For the purposes of this analysis, the Bureau assumes that 
the alternative proposal would have been that a depository 
institution would be required to report its small business lending 
activity for 2019 if it had more originations than the loan-volume 
threshold in 2017 and 2018 and had assets over the asset-based 
threshold on December 31, 2018. The Bureau further assumes that if 
two institutions merged in 2019 then the resulting institution would 
be required to report if the sum of the separate institutions' 
assets on December 31, 2018 exceeded the asset-based threshold. Of 
the 10,525 depository institutions that existed at the end of 2019, 
6,687 either didn't exist at the end of 2018 or had merger adjusted 
assets below $200 million.
---------------------------------------------------------------------------

    Table 2 below indicates the estimated number of ASDIs that would 
report under various loan-volume thresholds, by asset size. As shown in 
Table 2, if the Bureau proposed an asset-based exemption of $100 
million in addition to the proposed activity-based exemption of 25 
originated covered credit transactions for small businesses, 500 to 592 
more depository institutions would not be covered financial 
institutions, although these institutions originated more than 25 
covered credit transactions for small businesses in each of the 
previous two years. Likewise, if the Bureau proposed an asset-based 
exemption of $200 million in addition to the proposed 25-originations 
activity-based exemption, 1,299 to 1,466 more depository institutions 
would not be covered financial institutions, although these 
institutions originated more than 25 covered credit transactions for 
small businesses in each of the previous two years.
[GRAPHIC] [TIFF OMITTED] TP08OC21.001

    Of the estimated 5,200 to 5,400 ISDIs, as defined by a 25 
originations threshold and $200 million asset threshold, about 4,200 
are credit unions and about 1,000 or 1,200 are banks. Furthermore, the 
vast majority of these ISDI credit unions (88 percent) had either no 
small business originations in 2017 and 2018 or fewer than 10 small 
business originations in 2017 and 2018 (97 percent).\483\ The Bureau 
believes that it is likely that these institutions would be able to 
determine that they do not meet a loan-volume threshold almost as 
easily as they can determine that they do not meet an asset-based 
threshold. Only 34 credit unions with assets below $200 million had 
between 10 and 25 small business originations in both 2017 and 2018. 
The Bureau estimates that as many as 1,200 banks and 34 credit unions 
would benefit from a simpler method of determining exemption status. 
However, as stated above, the Bureau believes that such cost savings 
likely would still be minimal.
---------------------------------------------------------------------------

    \483\ However, it is possible that these credit unions have 
originated loans to small businesses with values below $50,000. 
Credit unions report commercial loans over $50,000 made to members 
(regardless of the borrower's size).
---------------------------------------------------------------------------

    The Bureau therefore believes that providing an additional, asset-
based exemption might provide a somewhat less costly means of 
ascertaining exemption status for some ISDIs, although this number may 
be relatively modest. However, the tradeoff of providing a simpler 
exemption for some depository institutions is that a $200 million 
asset-based exemption would increase the overall percent of exempt 
depository institutions by some 13 percentage points by also extending 
to ASDIs. The Bureau estimates that these ASDIs accounted for between 
171,000 and 226,000 originations in 2019, or about 2 percent of total 
covered originations under the 25 originations threshold. Exempting 
additional depository institutions by adding an asset-based exemption 
would curtail

[[Page 56425]]

both the volume of and possible variety of data, and the Bureau is 
concerned that exempting ASDIs would detract from the utility of 1071 
data in carrying out the purposes of section 1071 by removing important 
data from disclosure and review.
    The Bureau also considered feedback from SERs and other 
stakeholders who suggested that the Bureau exempt lenders other than 
``large'' financial institutions, such as depository institutions with 
more than $1 billion in assets, and then potentially extend the rule to 
smaller lenders at a later time. These SERs and stakeholders argued 
that this approach would capture the vast majority of small business 
loans while avoiding imposing undue regulatory burden on smaller 
lenders, who might be less capable of absorbing such costs. However, 
the Bureau is not currently persuaded that capturing lending data only 
from large financial institutions would be necessary or appropriate to 
carry out section 1071's statutory purposes.
    Supporters of collecting data only from large depository 
institutions argue that such depository institutions may be more 
capable of absorbing compliance costs. However, the Bureau is concerned 
that data collection from only large depository institutions may not 
provide adequate data for community development purposes, as there may 
be demographic disparities among applications by the type (and size) of 
financial institution. Likewise, data collection from only large 
depository institutions would not allow the Bureau to conduct fair 
lending analyses for other types of financial institutions. In general, 
the Bureau believes that appropriately carrying out the purposes of 
section 1071 necessitates collecting small business lending data from 
all sizes and types of financial institutions (other than those with 
the lowest volume of lending activity), particularly given the variety 
of entities identified in section 704B(h)(1), discussed above. See the 
section-by-section analysis of proposed Sec.  1002.114 below, however, 
for further discussion of a possible tiered compliance date based on 
the size of the financial institution.
    Therefore, for the reasons described above, Bureau is not proposing 
an asset-based exemption to the definition of a covered financial 
institution.
Alternative Considered--Other Exemptions
    The Bureau is not proposing to adopt alternative exemptions or 
exceptions to the definition of covered financial institution, other 
than the loan-volume threshold as described above.
    As discussed above, the Bureau believes that, in light of the text 
and purposes of section 1071, the Bureau should generally adopt the 
posture that all manner of small business lenders should be subject to 
reporting. Feedback from SERs and others generally did not provide 
compelling policy reasons or legal arguments for exempting entire 
classes of financial institutions. Moreover, the Bureau believes that 
most policy arguments that were raised in this context are better 
addressed through potential activity-based considerations.
    With respect to government lenders, the Bureau has not identified, 
nor did SERs or other stakeholders provide, policy or legal rationales 
for excluding government lenders from data collection. To the contrary, 
a few SERs, particularly CDFIs, strongly preferred that all lenders, 
including government entities, be subject to section 1071 data 
collection and reporting requirements; one stakeholder likewise urged 
the Bureau not to exempt government lenders. The Bureau believes that 
collecting information on small business lending by government entities 
furthers the purposes of section 1071. Moreover, the Bureau believes, 
as described above in the discussion of proposed comment 105(a)-1, that 
government entities are included within the phrase ``other entity'' in 
the ECOA section 704B(h)(1) definition of ``financial institution.'' 
For example, the Bureau believes that it will be helpful to identify 
the business and community development needs of women-owned, minority-
owned, and small businesses by collecting lending data from both an 
online lender and a county-run assistance program for establishing new 
businesses.
    For the same reasons, the Bureau does not believe that exempting 
not-for-profit lenders from data collection is consistent with the 
purposes of section 1071. The Bureau believes that organizations exempt 
from taxation pursuant to 26 U.S.C. 501(c) play a crucial role in 
lending to small businesses, particularly those that are women- or 
minority-owned, in certain communities.
    Those providing feedback generally argued for categorical 
exemptions because, they said, certain financial institutions (1) would 
encounter difficulty absorbing compliance costs; (2) are integral to a 
community's lending needs; and/or (3) employ business methods or offer 
products not conducive to data collection and reporting. With respect 
to compliance costs, the Bureau believes that directly considering a 
financial institution's activity is a more appropriate way to address 
this concern. With respect to a financial institution's lending 
importance for a community or region (such as low income or rural), the 
Bureau believes that such arguments emphasize the importance of 
collecting and analyzing such data to further the purposes of section 
1071 rather than justify an exemption. Finally, with respect to 
considering the particularities of certain business models, the Bureau 
is persuaded that it can most appropriately address such concerns by 
considering potentially modified reporting rules for particular 
business models and specific products. See the section-by-section 
analyses of proposed Sec. Sec.  1002.104(b) and 1002.109(a)(3). The 
Bureau is proposing comment 105(a)-1, discussed above, consistent with 
the considerations discussed here.
    Therefore, for the reasons described above, the Bureau is not 
proposing to define a covered financial institution by providing 
alternative exemptions or exceptions. The Bureau seeks comment on this 
approach, including data or information that might bear upon any such 
alternative exemptions in light of section 1071's purposes.
Section 1002.106 Business and Small Business
    ECOA section 704B(h)(2) defines the term ``small business'' as 
having the same meaning as ``small business concern'' in section 3 of 
the Small Business Act.\484\ The Bureau is proposing to define a small 
business consistent with the statutory language. In particular, the 
Bureau is proposing to define a small business concern to have the same 
meaning as the term ``small business concern'' in 15 U.S.C. 632(a), as 
implemented by 13 CFR 121.101 through 121.107. Notwithstanding the size 
standards set forth in 13 CFR 121.201, for purposes of proposed subpart 
B, the Bureau is proposing that a business is a small business if and 
only if its gross annual revenue for its preceding fiscal year is $5 
million or less. The Bureau is seeking SBA approval for this alternate 
small business size standard pursuant to the Small Business Act.\485\
---------------------------------------------------------------------------

    \484\ 15 U.S.C. 632.
    \485\ 15 U.S.C. 632(a)(2)(C).
---------------------------------------------------------------------------

    The Bureau believes it may be instructive for financial 
institutions to first consider whether an applicant may be a business 
under proposed Sec.  1002.106(a), and then to consider, if the 
applicant is a business, whether the business is small under Sec.  
1002.106(b). Furthermore, the Bureau believes that these proposed 
definitions implement the statutory language of section 1071

[[Page 56426]]

while reflecting the need for a wide variety of financial institutions 
to apply a simple, broad definition of a small business that would be 
practical across the many product types, application types, technology 
platforms, and applicants in the market.
    For the reasons set forth below, the Bureau is proposing Sec.  
1002.106 to implement ECOA section 704B(h)(2) and pursuant to its 
authority under ECOA section 704B(g)(1) to prescribe such rules and 
issue such guidance as may be necessary to carry out, enforce, and 
compile data under section 1071.
106(a) Business
Background
    ECOA section 704B(h)(2) defines the term ``small business'' as 
having the same meaning as ``small business concern'' in section 3 of 
the Small Business Act.\486\ The Small Business Act provides a general 
definition of a ``small business concern,'' authorizes SBA to establish 
detailed size standards for use by all agencies, and permits an agency 
to request SBA approval for a size standard specific to an agency's 
program. The SBA's regulations define a ``business concern'' as ``a 
business entity organized for profit, with a place of business located 
in the United States, and which operates primarily within the United 
States or which makes a significant contribution to the U.S. economy 
through payment of taxes or use of American products, materials or 
labor.'' \487\
---------------------------------------------------------------------------

    \486\ 15 U.S.C. 632.
    \487\ 13 CFR 121.105.
---------------------------------------------------------------------------

SBREFA Proposals Under Consideration and Feedback Received
    In the SBREFA Outline, the Bureau stated it was considering 
proposing to define ``small business'' by cross-referencing the SBA's 
general definition of ``small business concern'' but adopting a 
simplified size standard for purposes of its section 1071 rule.\488\ 
Thus, the Bureau explained that it was considering a proposal under 
which financial institutions would not be required to collect and 
report 1071 data for not-for-profit applicants, because they are not 
``organized for profit'' and are thus not a ``business concern.'' The 
Bureau explained that a business concern may take a number of different 
legal forms, including a sole proprietorship, partnership, LLC, 
corporation, joint venture, trust, or cooperative.\489\ The Bureau 
explained that, because the definition is limited to American 
businesses, if the Bureau adopted this definition for purposes of 1071, 
loans to foreign companies would be outside the scope of 1071 data 
collection and reporting requirements.
---------------------------------------------------------------------------

    \488\ SBREFA Outline at 14-18.
    \489\ 13 CFR 121.105(b).
---------------------------------------------------------------------------

    Feedback from stakeholders regarding the proposal under 
consideration focused primarily on how the Bureau might define a 
business size standard, addressed below.\490\ The Bureau did receive 
limited feedback, however, suggesting that the Bureau consider certain 
modifications or adjustments to the definition of a business concern, 
such as clarifying that the term does not include foreign-owned 
entities, certain trusts, and certain real estate holding companies.
---------------------------------------------------------------------------

    \490\ The SER feedback discussed in this section-by-section 
analysis can be found in the SBREFA Panel Report at 20-22.
---------------------------------------------------------------------------

Proposed Rule
    Proposed Sec.  1002.106(a) would define a business as having the 
same meaning as the term ``business concern or concern'' in 13 CFR 
121.105. This proposed definition is consistent with ECOA section 
704B(h)(2), which defines the term ``small business'' as having the 
same meaning as ``small business concern'' in section 3 of the Small 
Business Act.\491\ The SBA has issued 13 CFR 121.105, ``How does SBA 
define `business concern or concern,''' pursuant to the Small Business 
Act. The Bureau refers to the entirety of that section for additional 
information. In particular, the Bureau notes that this definition 
includes elements such as being ``a business entity organized for 
profit'' that has ``a place of business located in the United States'' 
and ``operates primarily within the United States or . . . makes a 
significant contribution to the U.S. economy.'' \492\
---------------------------------------------------------------------------

    \491\ 15 U.S.C. 632.
    \492\ 13 CFR 121.105(a)(1).
---------------------------------------------------------------------------

    The Bureau is not providing interpretations of this SBA regulation 
in proposed subpart B because the Bureau believes that existing SBA 
interpretations are responsive to the general questions posed at 
SBREFA.\493\
---------------------------------------------------------------------------

    \493\ See, e.g., 13 CFR 121.105(b), which states that a business 
concern may be in the legal form of an individual proprietorship, 
partnership, limited liability company, corporation, joint venture, 
association, trust or cooperative, except that where the form is a 
joint venture there can be no more than 49 percent participation by 
foreign business entities in the joint venture. Thus, for example, 
financial institutions would not be required to collect and report 
data under proposed subpart B for not-for-profit applicants, because 
they are not ``organized for profit'' and are thus not a ``business 
concern.''
---------------------------------------------------------------------------

    The Bureau seeks comment on this proposed definition of a business, 
and generally seeks comment on whether additional clarification is 
needed.
106(b) Small Business
Background
    Section 1071 data collection purposes, requirements, and potential 
impacts. A key component of the Bureau's fair lending work under the 
Dodd-Frank Act is to ensure fair, equitable, and nondiscriminatory 
access to credit for both individuals and their communities.\494\ 
Section 1071 of the Dodd-Frank Act, which amended ECOA, requires 
financial institutions to collect and report to the Bureau data 
regarding applications for credit for women-owned, minority-owned, and 
small businesses. ECOA section 704B(h)(2) states that ``[t]he term 
`small business' has the same meaning as the term `small business 
concern' in section 3 of the Small Business Act (15 U.S.C. 632).'' 
Section 1071 was adopted for the dual statutory purposes of 
facilitating fair lending enforcement and enabling communities, 
governmental entities, and creditors to identify business and community 
development needs and opportunities of women-owned, minority-owned, and 
small businesses.\495\
---------------------------------------------------------------------------

    \494\ See 12 U.S.C. 5493(c)(2)(A).
    \495\ ECOA section 704B(a).
---------------------------------------------------------------------------

    As set forth in section 1071, the data that financial institutions 
would be required to collect and report to the Bureau include, among 
other things, the gross annual revenue of the business in the preceding 
fiscal year, the type and purpose of the loan, the census tract for the 
applicant's principal place of business, and the race, sex, and 
ethnicity of the principal owners of the business.\496\ ECOA section 
704B(f)(2)(C) further provides that information compiled and maintained 
under the statute shall be ``annually made available to the public 
generally by the Bureau, in such form and in such manner as is 
determined by the Bureau, by regulation.'' The Bureau believes that the 
collection and subsequent publication of robust and granular data 
pursuant to section 1071 regarding credit applications for small 
businesses, including those that are women- and minority-owned, will 
provide much-needed transparency to an otherwise opaque market and 
better ensure fair, equitable, and nondiscriminatory access to credit.
---------------------------------------------------------------------------

    \496\ ECOA section 704B(e)(2).
---------------------------------------------------------------------------

    The Bureau understands that access to fair, equitable, and 
nondiscriminatory credit is crucial to the success of small businesses. 
Small businesses--including women-owned and minority-owned small 
businesses--need access to credit to smooth out business cash flows

[[Page 56427]]

and to enable entrepreneurial investments that take advantage of, and 
sustain, opportunities for growth. The market these businesses turn to 
for credit is vast, varied, and complex. Overall, small businesses have 
many options when it comes to financing, including a wide range of 
products and providers. Yet market-wide data on credit to small 
businesses remains very limited, particularly with respect to 
applicants' protected demographic information at the core of section 
1071. The Bureau believes that a section 1071 rulemaking would provide 
data that could serve as a significant resource for financial 
institutions, community groups, policy makers, and small businesses.
    SBA size standards. The Small Business Act permits the Small 
Business Administrator to prescribe detailed size standards by which a 
business concern may be categorized as a small business, which may be 
based on the number of employees, dollar volume of business, net worth, 
net income, a combination of these, or other appropriate factors.\497\
---------------------------------------------------------------------------

    \497\ 15 U.S.C. 632(a)(2)(A) and (B).
---------------------------------------------------------------------------

    As implemented by the SBA, these size standards generally hinge on 
average annual receipts or the average number of employees of the 
business concern and are customized industry-by-industry across 1,057 
6-digit NAICS codes. Specifically, the SBA typically uses two primary 
measures of business size for size standards purposes: (i) Average 
annual gross receipts \498\ for businesses in services, retail trade, 
agricultural, and construction industries, and (ii) average number of 
employees for businesses in all manufacturing, most mining and 
utilities industries, and some transportation, information and research 
and development industries. To measure business size, the SBA also uses 
financial assets for certain financial industries, and for the 
petroleum refining industry, it uses refining capacity and employees. 
The SBA's size standards are used to establish eligibility for a 
variety of Federal small business assistance programs, including for 
Federal government contracting and business development programs 
designed to assist small businesses in obtaining Federal contracts and 
for SBA's loan guarantee programs, which provide access to capital for 
small businesses that are unable to qualify for and receive 
conventional loans elsewhere. Under the Small Business Jobs Act of 2010 
(Small Business Act),\499\ the SBA is required to review all size 
standards no less frequently than once every five years.\500\ The Small 
Business Act further provides that no Federal agency may prescribe a 
size standard for categorizing a business concern as a small business 
concern unless certain conditions are met, including approval by the 
SBA's Administrator.\501\
---------------------------------------------------------------------------

    \498\ The SBA recently changed its regulations on the 
calculation of average annual receipts for all of SBA's receipts-
based size standards, and for other agencies' proposed receipts-
based size standards, from a three-year averaging period to a five-
year averaging period, outside of the SBA Business Loan and Disaster 
Loan Programs. 84 FR 66561 (Dec. 5, 2019).
    \499\ Public Law 111-240, 124 Stat. 2504 (2010).
    \500\ 15 U.S.C. 632 note.
    \501\ 15 U.S.C. 632(a)(2)(C).
---------------------------------------------------------------------------

    The SBA's rule governing its consideration of other agencies' 
requests for approval of alternate size standards requires that the 
agency seeking to adopt an alternate size standard consult in writing 
with the SBA's Division Chief for the Office of Size Standards in 
advance of issuing an NPRM containing the proposed alternate size 
standard.\502\ The Bureau has met this requirement. After issuing an 
NPRM, the agency must provide a copy of the published NPRM to the 
Division Chief for the Office of Size Standards, and the agency cannot 
adopt a final rule including its alternate size standard until the size 
standard has been approved by the SBA's Administrator.\503\
---------------------------------------------------------------------------

    \502\ 13 CFR 121.903(a)(2).
    \503\ 13 CFR 121.903(a)(5).
---------------------------------------------------------------------------

    Market considerations. A wide variety of financial institutions, 
with varying levels of sophistication and experience, extend credit to 
small businesses. As proposed, section 1071 applies to abroad range of 
financial institutions. Banks and credit unions that serve a breadth of 
customers typically organize their commercial lending operations into 
segments based on a combination of risk, underwriting, product 
offering, and customer management factors that are appropriate to each 
segment. The three most frequent organizational groupings are retail/
small business, middle market, and large corporate banking. Commercial 
customers are generally assigned based on their revenue potential and 
aggregate credit exposure, with smaller accounts assigned to the 
retail/small business banking area. The overwhelming preponderance of 
small businesses are generally found in the retail/small business 
banking group, which may also conduct consumer banking.
    Today, the distinguishing characteristic that many larger financial 
institutions (principally banks with $10 billion or more in assets) use 
to assign small businesses into the retail/small business banking group 
is gross annual revenue. While cut-offs vary by financial institution, 
the most common demarcations categorize small/retail customers as those 
below $5 million, or up to $10 million, in gross annual revenue. The 
maximum amount of a retail/small business banking term loan or credit 
line is typically $5 million or less.
    Financial institutions that do not conduct SBA lending generally do 
not collect or consider the number of employees of a small business 
applying for credit, but they often capture gross annual revenue 
information, including for regulatory compliance purposes. 
Specifically, retail/small business lenders routinely collect 
applicants' gross annual revenue information because notification 
requirements under existing Regulation B vary for business credit 
applicants depending on whether or not they ``had gross revenues of $1 
million or less in [their] preceding fiscal year.'' \504\ For a 
business applicant with gross annual revenues of $1 million or less, a 
creditor must provide a notification following an adverse action, such 
as a credit denial, that is generally similar to that provided to a 
consumer in both substance and timing.\505\ As a result, small business 
lenders often adopt compliance management systems similar to those 
found among consumer lenders.
---------------------------------------------------------------------------

    \504\ 12 CFR 1002.9(a)(3)(i).
    \505\ Id. The notification requirements for applicants with 
gross annual revenues in excess of $1 million are generally more 
flexible in substance and also do not impose a firm deadline for 
provision of a Regulation B notification. 12 CFR 1002.9(a)(3)(ii).
---------------------------------------------------------------------------

    The Bureau believes it is important for a financial institution to 
be able to quickly determine at the beginning of the application 
process whether an applicant is a ``small business'' for purposes of 
the 1071 rule. Financial institutions generally cannot inquire about an 
applicant's protected demographic information (including the race, sex, 
and ethnicity of an applicant's principal owners) without being legally 
required to do so.\506\ As discussed in the Overview of this part V, 
this proposal will only require (and thus only permit) such inquiries 
for small businesses. While the Bureau is proposing to allow financial 
institutions flexibility in when they seek this protected demographic 
information, the Bureau believes that financial institutions generally 
have the best chance of obtaining it, and supporting the purposes of 
section 1071, if they ask for it in the earlier stages of the 
application process. As a result, a

[[Page 56428]]

financial institution may need to know, even before the application is 
initiated, which application path the applicant must follow--a 1071-
governed or a non-1071-governed application path.
---------------------------------------------------------------------------

    \506\ See 12 CFR 1002.5(a).
---------------------------------------------------------------------------

    Early feedback. From very early on in its discussions with 
stakeholders regarding section 1071, the Bureau has received feedback 
focused primarily on how the Bureau might define a business size 
standard. For example, in response to the Bureau's 2017 RFI, many 
stakeholders expressed concern about the difficulties in determining 
the appropriate NAICS code for businesses and in applying the NAICS-
based standards in determining whether a business loan applicant is a 
small business. Commenters who addressed the issue of a small business 
definition were universally in favor of the Bureau adopting something 
less complex than the SBA's size standards based on 6-digit NAICS 
codes. Commenters noted that the use of these standards is relatively 
complex and would introduce burdens for the 1071 rule with limited 
benefit. There was broad support in this particular context for a 
simpler definition of small business, particularly echoing the 2017 
RFI's mention of gross annual revenue as a threshold delineation 
defining a small business. In addition to revenue, number of employees, 
loan amount, total exposure of the business, or some combination of 
those factors were also mentioned as possible bases for alternate size 
standards. While community groups supported a simpler definition, some 
cautioned that whatever definition the Bureau chooses must cover most 
small businesses in order to comport with congressional intent.
SBREFA Proposals Under Consideration and Feedback Received
    In the SBREFA Outline, the Bureau stated that it believed that 
using a simpler, more straightforward approach to the size standard 
aspect of the ``small business'' definition was a better approach for 
purposes of its 1071 rule.\507\ The Bureau further stated that such an 
approach would assist both financial institutions and applicants 
seeking to quickly understand whether a business is ``small'' and to 
employ a workable size standard for small business data collection 
without navigating the potential complexities of determining the 
appropriate 6-digit NAICS code, and then the relevant size standard 
based on that NAICS code, for each applicant.
---------------------------------------------------------------------------

    \507\ SBREFA Outline at 16.
---------------------------------------------------------------------------

    The Bureau stated in the SBREFA Outline that it was considering 
three alternative approaches to determining whether an applicant 
business is small.\508\ These three approaches, described in more 
detail below, would have used: (1) Only gross annual revenue (``SBREFA 
First Alternative Approach''); (2) either the number of employees or 
average annual receipts/gross annual revenue, depending on whether the 
business is engaged in either manufacturing/wholesale or services 
(``SBREFA Second Alternative Approach''); or (3) size standards across 
13 industry groups that correspond to 2-digit NAICS code industry 
groupings (``SBREFA Third Alternative Approach'').
---------------------------------------------------------------------------

    \508\ Id.
---------------------------------------------------------------------------

    Under the SBREFA First Alternative Approach, the Bureau considered 
proposing a size standard using the gross annual revenue of the 
applicant business in the prior year, with a potential ``small'' 
threshold of $1 million or $5 million.
    Under the SBREFA Second Alternative Approach, the Bureau considered 
proposing a size standard of a maximum of 500 employees for 
manufacturing and wholesale industries and a maximum of $8 million in 
gross annual revenue for all other industries. The Bureau selected 500 
employees as a potential threshold for manufacturing and wholesale 
industries because that figure is the most common of the SBA's 
employee-based size standards. The Bureau selected $8 million for all 
other industries because that figure is the most common size standard 
threshold for average annual receipts. The Bureau stated that it was 
considering using gross annual revenue, rather than the SBA's average 
annual receipts, for consistency with the 1071 statutorily required 
gross annual revenue data point.
    Under the SBREFA Third Alternative Approach, the Bureau considered 
proposing a size standard using gross annual revenue or the number of 
employees based on a size standard in each of 13 2-digit NAICS code 
categories that applies to the largest number of firms within each 2-
digit NAICS code category.\509\ Applying the SBA's 2019 size standards, 
the third alternative would result in eight different size standards 
across the 13 categories.
---------------------------------------------------------------------------

    \509\ Specifically, under this approach, the Bureau first 
considered the total number of employer firms in each NAICS 6-digit 
industry, based on U.S. Census Bureau data. U.S. Census Bureau, 2017 
Statistics of U.S. Businesses (2017), https://www.census.gov/data/datasets/2017/econ/susb/2017-susb.html. Next, within each NAICS 2-
digit industry, the Bureau determined how many unique size standards 
are applied within that 2-digit industry and the total number of 
employer firms to which each unique standard is applied. The 
simplified standard for each NAICS 2-digit industry is the one that 
applies to the largest number of firms within that industry.
---------------------------------------------------------------------------

    The Bureau stated it was not planning to propose requiring that 
financial institutions verify information provided by applicants 
necessary for determining whether an applicant is small, regardless of 
the Bureau's approach to a small business size standard. Rather, the 
Bureau was considering proposing that a financial institution would 
generally report the information as provided by the applicant. However, 
if the financial institution verifies such information for its own 
purposes, it would report the verified information to the Bureau.
    SERs generally preferred a simple small business definition and 
expressed concern that the SBA's approach to defining a small 
business--which bases classification on an applicant's 6-digit NAICS 
code--is relatively complex. The Bureau discusses the concerns with 
respect to the potential complexity of gathering NAICS codes in the 
section-by-section analysis of proposed Sec.  1002.107(a)(15) below, 
and the Bureau discusses the concerns with respect to the potential 
complexity using NAICS codes to determine small business status below.
    Nearly all SERs expressed some familiarity with the SBA's small 
business definition. More than half the SERs currently gather an 
applicant's NAICS code as a routine part of the application process, 
because NAICS codes are used for SBA loans and for CDFI Fund reporting. 
One SER also uses this information for tracking the concentration of 
its loans across certain industries. Some SERs gather NAICS codes from 
applicants' tax documents or business credit reports and others rely on 
information provided directly by the applicants; these SERs emphasized 
the importance of permitting reliance on applicant self-reported data.
    One SER remarked that it would be critical for the purposes of 
section 1071 to have sectoral industry information about applicants in 
some form, such as NAICS codes, in order to ensure meaningful data. The 
Bureau discusses the independent value of NAICS codes, and related 
comments from SERs regarding certain difficulties and challenges 
surrounding collecting NAICS codes from applicants, in the section-by-
section analysis of proposed Sec.  1002.107(a)(15) below. Another SER 
expressly opposed using NAICS codes to determine whether an applicant 
is a small business for purposes of section 1071. A few SERs stated 
that they did not think it would be particularly costly to collect 
NAICS codes for all of their small business loans, and one SER 
described the SBA's classification

[[Page 56429]]

approach as precise and not very burdensome.
    Some SERs supported the SBREFA First Alternative Approach for 
defining a small business, which would use an applicant's gross annual 
revenue with a potential ``small'' threshold of $1 million or $5 
million. Several SERs were supportive of this simple approach but 
thought the potential threshold should be higher. For most SERs, nearly 
all their small business customers had less than $5 million in gross 
annual revenue; most are under $1 million. Several SERs remarked that a 
$1 million gross annual revenue threshold would be too low, noting that 
it would exclude many businesses defined by SBA regulations as 
``small''; some of these SERs said that a $5 million gross annual 
revenue threshold would be acceptable. Some SERs advocated for higher 
revenue thresholds, such as $8 million or $10 million. One SER 
cautioned that a small business definition based only on gross annual 
revenue would not account for regional variations in business size. One 
SER specifically suggested that the Bureau align its small business 
definition with the $1 million standard used by certain supervisory 
agencies for CRA reporting (which requires the reporting of loans in 
original amounts of $1 million or less to businesses and, if known, 
identification of whether the business's gross annual revenue is $1 
million or less). However, this SER also supported other versions of 
the SBREFA First Alternative Approach and SBREFA Second Alternative 
Approach if the Bureau did not adopt the CRA approach. Relatedly, there 
were some concerns about capturing revenue information from small 
businesses. Some SERs do not collect these data now, or do not do so 
across all lending products. SERs also expressed a concern that some 
applicants likely would not know their gross annual revenue as a 
precise dollar amount. See the section-by-section analysis of proposed 
Sec.  1002.107(a)(14) below for a discussion of the gross annual 
revenue data point.
    Some SERs supported the Bureau's SBREFA Second Alternative 
Approach, which would distinguish between applicants in manufacturing 
and wholesale industries (500 employees) and all other industries ($8 
million in gross annual revenue). These SERs stated that while this 
approach was still relatively simple, it would nonetheless capture most 
relevant data. One SER noted a discrepancy between the thresholds, 
stating that a manufacturer with 500 employees would be much larger 
than a business with $8 million in gross annual revenue. Some SERs 
expressed concerns about how to collect data on the number of 
employees, particularly regarding how part-time and seasonal employees, 
and contractors, would be counted. One SER suggested that a small 
business be defined as having less than $10 million in annual revenue 
and 50 or fewer employees. Another SER emphasized the importance of 
including collection and reporting requirements for applicants with 
very few or no employees on payroll, stating that most minority-owned 
and women-owned small businesses have no employees. One SER opposed the 
SBREFA Second Alternative Approach, stating that it would be too 
complex and potentially confusing.
    One SER also supported the SBREFA Third Alternative Approach as 
closest to the SBA approach, stating that it reflects the SBA's 
substantially different definitions of a small business across 
different industries. This SER stated that the SBREFA First and Second 
Alternative Approaches would exclude many SBA-qualified small 
businesses. Other SERs also stated that this 2-digit NAICS code 
alternative was significantly less complex and prone to less human 
error than the SBA definition using 6-digit NAICS codes. On the other 
hand, one SER stated that the SBREFA Third Alternative Approach would 
be the most costly and difficult to implement compared to the other two 
alternatives under consideration.
    The SBREFA Panel recommended that the Bureau seek to adopt a 
definition of ``small business'' that is easy for small business 
applicants to understand and straightforward for financial institutions 
to implement, while still collecting comprehensive data regarding 
lending to small businesses.\510\ The SBREFA Panel also recommended 
that the Bureau continue to explore how information that small 
financial institutions may or may not currently collect from small 
business applicants (specifically, gross annual revenue, number of 
employees, and NAICS code) might inform the potential selection of an 
alternative for a ``small business'' size standard.\511\ The SBREFA 
Panel also recommended that the Bureau continue to explore ways to 
minimize burden on both the small financial institutions collecting 
NAICS code information as well as the small business applicants who 
need to provide it, for example the possibility of collecting the 2-
digit NAICS code rather than the 6-digit code.\512\
---------------------------------------------------------------------------

    \510\ SBREFA Panel Report at 44.
    \511\ Id.
    \512\ Id.
---------------------------------------------------------------------------

    Feedback on the SBREFA materials from stakeholders other than SERs 
showed broad support for the Bureau pursuing a simplified version of 
the SBA small business definition, focusing chiefly on the size 
standard. A diverse array of stakeholders requested that the Bureau 
provide a simplified small business definition, including a wide 
variety of lenders, trade associations, and community groups. However, 
at least one commenter explicitly urged the Bureau to adopt the SBA 
definition. Reasons for supporting a simpler definition included that 
it might lower compliance costs (and therefore, the commenters noted, 
the cost of credit), it would obviate the need for financial 
institutions to understand or track the SBA size standards, and a more 
complex definition might impact data consistency or quality (either 
because financial institutions might incorrectly report data, or 
because the data itself might not lend itself to analysis). Several 
stakeholders voiced concern with respect to the SBA's detailed approach 
to categorizing the applicant's business, arguing that NAICS codes were 
developed for procurement, contained too many categories, and were not 
familiar to many financial institutions and applicants.
    Stakeholders offered varying levels of support for the Bureau's 
proffered size standard alternatives, although in general there was 
more support for a standard using only gross annual revenue. Many 
stakeholders, including a variety of trade associations, supported the 
SBREFA First Alternative Approach; a few explicitly opposed it. Those 
voicing support generally preferred the simplicity of the approach; 
some stakeholders noted that a definition using gross annual revenue 
aligned with how lenders typically consider an applicant's size for 
other purposes. Stakeholders suggested that the Bureau select a 
specific revenue limit for small businesses including $500,000, $1 
million, $5 million, and $8 million. Some stakeholders expressing 
support for a $8 million revenue limit noted that it would better 
capture small businesses in wholesale and manufacturing, while allowing 
the Bureau to adopt a single, uniform standard. Stakeholders opposing 
the SBREFA First Alternative Approach generally expressed concern with 
using gross annual revenue, either citing concerns about its accuracy 
or because they said a uniform gross annual revenue standard would not 
account for regional variation among

[[Page 56430]]

businesses or reflect the SBA's general approach to distinguishing 
businesses by industry. One stakeholder generally expressed concern 
that the SBREFA First Alternative Approach might exclude too many small 
business applicants from the 1071 rule.
    Several stakeholders, mostly community groups, supported the SBREFA 
Second Alternative Approach; several comments from industry opposed the 
approach. Those in support of the SBREFA Second Alternative Approach 
characterized it as providing a balance between simplicity and 
providing results more closely aligned with the more comprehensive SBA 
approach, which distinguishes businesses by industry. Some stakeholders 
expressed concern with respect to distinguishing the nature of the 
applicant's business (e.g., whether it was engaged in manufacturing or 
wholesale), and others thought that there may be difficulties 
accurately measuring the number of employees.
    A few stakeholders supported the SBREFA Third Alternative Approach, 
while several explicitly opposed it. Supporters of the SBREFA Third 
Alternative Approach praised how closely the alternative aligned with 
the SBA's definition, while those in opposition criticized it as overly 
complex. In particular, those opposing this approach were concerned 
that it would still require financial institutions to have a close 
working knowledge of NAICS codes.
    A few stakeholders advocated that the Bureau consider adopting a 
small business definition that incorporated loan size. Some of these 
stakeholders suggested that the Bureau consider aligning this 
definition with standards in the CRA. One stakeholder suggested that 
the Bureau define a small business as one with gross annual revenue of 
$1 million where the business has requested a loan of $1 million or 
less.
Proposed Rule
    Proposed Sec.  1002.106(b) would define a small business as having 
the same meaning as the term ``small business concern'' in 15 U.S.C. 
632(a), as implemented in 13 CFR 121.101 through 121.107. The Bureau 
believes that adopting existing statutory and regulatory small business 
definitions, which are widely understood and already the subject of 
notice and comment, is consistent with the purposes of section 1071 and 
will facilitate compliance. Proposed Sec.  1002.106(b) would further 
state that, notwithstanding the size standards set forth in 13 CFR 
121.201, for purposes of proposed subpart B, a business is a small 
business if and only if its gross annual revenue, as defined in 
proposed Sec.  1002.107(a)(14), for its preceding fiscal year is $5 
million or less. This proposed definition largely adopts the SBREFA 
First Alternative Approach with a threshold of $5 million. The Bureau 
believes this proposed definition implements the statutory language of 
section 1071 while reflecting a need for financial institutions to 
apply a simple, broad definition of a small business. The Bureau is 
seeking SBA approval for this alternate small business size standard 
pursuant to the Small Business Act.\513\
---------------------------------------------------------------------------

    \513\ 15 U.S.C. 632(a)(2)(C).
---------------------------------------------------------------------------

    Proposed comments 106(b)-1 and 106(b)-2 would clarify the 
obligations of covered financial institutions when new information may 
arise that could change the determination of whether an applicant is a 
small business, which in turn gives rise to requirements under proposed 
subpart B and/or prohibitions under existing Regulation B. The Bureau 
acknowledges that a financial institution's understanding of an 
applicant's gross annual revenue may change as the institution proceeds 
through underwriting. Proposed comment 106(b)-1 would explain that if a 
financial institution initially determines an applicant is a small 
business as defined in proposed Sec.  1002.106 based on available 
information and obtains data required by proposed Sec.  1002.107(a)(18) 
through (20), but the financial institution later concludes that the 
applicant is not a small business, the financial institution may 
process and retain the data without violating ECOA or this regulation 
if it meets the requirements of proposed Sec.  1002.112(c)(3). Proposed 
comment 106(b)-2 would explain that if a financial institution 
initially determines that the applicant is not a small business as 
defined in proposed Sec.  1002.106, but then later concludes the 
applicant is a small business, the financial institution shall endeavor 
to compile, maintain, and report the data required under proposed Sec.  
1002.107(a) in a manner that is reasonable under the circumstances.
    Proposed comment 106(b)-3 would explain that a financial 
institution may rely on an applicant's representations regarding gross 
annual revenue (which may or may not include an affiliate's revenue) 
for purposes of determining small business status under Sec.  
1002.106(b).
    For the reasons discussed above in the section-by-section analysis 
of proposed Sec.  1002.106(a), the Bureau is proposing to define a 
small business as having the same meaning as the term ``small business 
concern'' in 15 U.S.C. 632(a), as implemented in 13 CFR 121.101 through 
121.107. However, for reasons discussed in detail below, the Bureau is 
proposing that notwithstanding the size standards set forth in 13 CFR 
121.201, for purposes of subpart B, a business is a small business if 
and only if its gross annual revenue, as defined in proposed Sec.  
1002.107(a)(14), for its preceding fiscal year is $5 million or less. 
Generally, the Bureau believes that adopting this gross annual revenue 
standard from the SBREFA First Alternative Approach is consistent with 
the purposes of section 1071 and addresses the concerns that the Bureau 
has heard with respect to determining whether applicants are small 
businesses for purposes of complying with section 1071, particularly 
with respect to the concerns regarding determining the applicant's 
NAICS code, and the implications thereof. Due to concerns expressed by 
other stakeholders, which are described above, and upon its own further 
consideration as discussed in this section-by-section analysis under 
Alternatives Considered below, the Bureau is not proposing the $1 
million gross annual revenue standard from the SBREFA First Alternative 
Approach.
    The Bureau seeks comment on this proposed definition of a small 
business, including the $5 million gross annual revenue size standard, 
as well as whether additional clarification is needed for any aspect of 
this proposed definition. The Bureau also seeks comment on whether 
another variation of the proposed size standard would better serve the 
purposes of section 1071, such as a lower revenue size standard or a 
higher one, potentially at the $8 million or $10 million level. The 
Bureau also seeks comment on whether, in addition to the above-
described gross annual revenue-based size standard, a small business 
definition that also included any business that was furnished a loan 
pursuant to an SBA program (regardless of the applicant's gross annual 
revenue) would further the purposes of 1071.
    Similarly, the Bureau seeks comment on whether the SBREFA Second 
Alternative Approach at $8 million gross annual revenue or 500 
employees (depending on the type of business) would align more closely 
with section 1071's purposes. Likewise, the Bureau seeks comment on 
whether a variation of the proposed size standard, such as using an 
applicant's average gross annual revenue averaged over two or five 
years, would better serve the purposes of section 1071. In addition, 
the Bureau seeks comment on defining

[[Page 56431]]

a small business consistent with the entirety of existing SBA 
regulations, including any advantages or disadvantages that using such 
a definition might pose specifically in the context of this rulemaking. 
Specifically, the Bureau seeks comment on how the proposed size 
standard would fit in with a financial institution's current lending or 
organization practices. If the financial institution is an SBA lender, 
the Bureau seeks comment on whether the proposed size standard would 
introduce additional difficulties or challenges.
    In order to keep pace with changes to the SBA's own size standards 
and the potential impact of future inflation, the Bureau is considering 
whether it might update its proposed $5 million gross annual revenue 
size standard over time (perhaps at the end of a calendar year in order 
to allow financial institutions to use the same threshold consistently 
throughout the year). The Bureau seeks comment on how this should be 
done and the frequency at which it should occur.
Alternatives Considered
    Gross annual revenue of $1 million. Under the SBREFA First 
Alternative Approach, the Bureau considered proposing a size standard 
using the gross annual revenue of the applicant business in the prior 
year, with a potential ``small'' threshold of $1 million or $5 
million.\514\ However, upon further consideration, the Bureau is 
concerned that the $1 million threshold considered under the SBREFA 
First Alternative Approach likely would not satisfy the SBA's 
requirements for an alternative size standard across industries and 
would exclude too many businesses designated as small under the SBA's 
size standards.
---------------------------------------------------------------------------

    \514\ SBREFA Outline at 16.
---------------------------------------------------------------------------

    Loan size. The Bureau considered defining a small business based at 
least in part on loan size. For example, one SER suggested that the 
Bureau align its small business definition with the $1 million standard 
for revenue and loan size used by certain supervisory agencies for CRA 
reporting. The Bureau also considered that under the FFIEC Call Report 
collections, banks report small loans made to businesses and farms. 
Through the Credit Union Call Report, credit unions report commercial 
loans over $50,000 made to members.
    The Bureau believes that such potential definitions do not bear a 
sufficient relationship to the size of the business or its operations. 
The above-mentioned Call Report data, for example, is reported 
regardless of the size of the business. Thus, such Call Reports would 
capture lending information regarding small loans furnished to 
businesses that may be dominant in their field. Likewise, under a 
definition similar to the CRA, application data for businesses with low 
revenue that may be applying for large loans would be excluded. The 
Bureau does not believe that adopting such an approach would further 
the purposes of section 1071. The Bureau also received some stakeholder 
feedback cautioning against using the CRA definition based on loan 
size, because such a definition would exclude substantial portions of 
small business lending.
    Existing SBA size standards. As discussed above, the Bureau is 
seeking approval from the SBA to use a $5 million gross annual revenue 
alternative size standard in defining a ``small business'' for purposes 
of this rulemaking, as the Bureau does not believe the SBA's size 
standards are suitable for this data collection initiative and prefers 
to establish a more appropriate small business definition limited to 
the section 1071 rulemaking.
    The Bureau believes that requiring application of existing SBA size 
standards for the section 1071 rule could result in many financial 
institutions having to undergo operational and/or compliance management 
system changes. The Bureau believes that it will reduce burden for 
financial institutions, particularly those without sophisticated 
compliance management systems or familiarity with SBA lending, to 
comply with a gross annual revenue size standard for the section 1071 
small business definition that better aligns with current lending 
practices.
    If the Bureau were to adopt a small business definition using the 
existing SBA size standards that vary by industry based on 6-digit 
NAICS codes, financial institutions would only be able to request an 
applicant's protected demographic information further along in the 
application process, once they have obtained the multiple pieces of 
data that would be necessary to determine whether the applicant is 
small and, therefore, the 1071 process applies. The Bureau is concerned 
that this delay would make it more difficult for financial institutions 
to collect applicants' protected demographic information that is 
important to both of section 1071's statutory purposes. The Bureau is 
particularly concerned about financial institutions' ability to collect 
these data for applications that are withdrawn or closed for 
incompleteness early in the application process. These data collection 
considerations differ from those applicable to SBA lending programs, 
whereby a lender often cannot (and should not) make an accurate 
eligibility determination for an SBA loan until later in the 
application process, often after a loan has already been initially 
decisioned and after the lender has collected information related to 
size, time in business, and other data.
    In order to allow financial institutions to quickly determine 
whether the section 1071 rule applies, the Bureau is seeking to 
minimize complexity for financial institutions in determining whether a 
covered application is reportable because the applicant business is a 
small business--a necessary determination for the 1071-based collection 
of any other information. The Bureau believes that the section 1071 
rule would benefit from a universal, easy-to-apply reporting trigger 
that does not need to be supported by additional documentation or 
research. Such a reporting trigger must be easily understood by small 
business owners who may be completing an application online, or by the 
tens of thousands of customer-facing personnel who take small business 
applications in an industry with a typical annual turnover rate of 10 
to 20 percent. The Bureau believes that a gross annual revenue 
reporting trigger will facilitate better compliance with 1071 
requirements because it aligns with current lending and organizational 
practices.
    The Bureau is concerned that requiring financial institutions to 
rely on the SBA's existing size standards for purposes of the section 
1071 data collection and reporting requirements would pose risks to the 
efficient operation of small business lending. Based on the 
overwhelmingly consistent feedback the Bureau has received from 
stakeholders on this issue, the Bureau believes that using the SBA's 
existing size standards for the purposes of section 1071--wherein the 
financial institution must quickly determine the appropriate 6-digit 
NAICS code for businesses and then apply a variety of standards, 
including potentially gathering information to determine five years of 
the applicant's average annual receipts or employee information--would 
not align with current lending and organizational practices. 
Application of the existing size standards, at the beginning of the 
application process, could slow down the application process, 
particularly at institutions that are often able to render credit 
decisions in a matter of minutes; the Bureau is concerned that 
financial institutions may be compelled to raise the cost of credit or 
originate fewer

[[Page 56432]]

covered credit transactions as a result. Such an outcome could 
needlessly affect access to credit for small businesses. Eliminating 
credit opportunities or reducing access to credit to small businesses, 
including women-owned and minority-owned small businesses, in this way 
would conflict with the statutory purpose of section 1071 to ``enable 
communities, governmental entities, and creditors to identify business 
and community development needs and opportunities of women-owned, 
minority-owned, and small businesses.'' \515\
---------------------------------------------------------------------------

    \515\ ECOA section 704B(a).
---------------------------------------------------------------------------

    The Bureau expects that many financial institutions, for 
efficiency, will bifurcate their business credit application procedures 
based on an initial determination of whether the application will be 
subject to section 1071. The Bureau therefore believes that many 
financial institutions will not proceed with taking applicant 
information until the financial institution is able to determine that 
the applicant is small (in which case, section 1071 will require the 
financial institution to collect and report the applicant's protected 
demographic information) or that the applicant is not small (where ECOA 
generally prohibits the financial institution from collecting protected 
demographic information). If this process requires determining the 
correct NAICS code for the applicant, and in many cases, requesting 
five years of average annual receipts or employee information from the 
applicant, the Bureau believes that businesses seeking access to credit 
will encounter, at a minimum, otherwise avoidable delays in processing 
applications.
    The Bureau believes that the $5 million gross annual revenue 
standard it is proposing is a more efficient and appropriate measure of 
applicant size for purposes of determining whether small business 
lending data collection is required pursuant to section 1071. The 
Bureau understands that the SBA generally bases business concern size 
standards on average annual receipts or the average number of employees 
of the business concern, as customized industry-by-industry across 
1,057 6-digit NAICS codes. The SBA typically uses two primary measures 
of business size for size standards purposes: (i) Average annual gross 
receipts \516\ for businesses in services, retail trade, agricultural, 
and construction industries, and (ii) average number of employees \517\ 
for businesses in all manufacturing industries, most mining and 
utilities industries, and some transportation, information, and 
research and development industries.\518\ The Bureau understands that 
SBA's size standards are used to establish eligibility for a variety of 
Federal small business assistance programs, including for Federal 
government contracting and business development programs designed to 
assist small businesses in obtaining Federal contracts and for SBA's 
loan guarantee programs, which provide access to capital for small 
businesses that are unable to qualify for and receive conventional 
loans elsewhere. The Bureau notes that the size standard used under 
section 1071 would only be used to determine whether small business 
lending data collection is required pursuant to section 1071, and would 
have no bearing on eligibility for Federal small business assistance. 
Moreover, the Bureau believes it is far more likely that an applicant 
will be able to readily respond to a question regarding its gross 
annual revenue for the preceding fiscal year--something already 
contemplated by existing Regulation B for all business credit to 
determine whether notice requirements apply \519\--than offer the 
closest metric currently in use by SBA regulations, which is generally 
average annual receipts for the previous five fiscal years.\520\ 
Furthermore, use of this gross annual revenue standard would be 
efficient, as a financial institution is statutorily required to 
collect and report gross annual revenue by ECOA section 704B(e)(2)(F).
---------------------------------------------------------------------------

    \516\ The Bureau understands that the SBA recently changed its 
regulations on the calculation of average annual receipts for all of 
SBA's receipts-based size standards, and for other agencies' 
proposed receipts-based size standards, from a three-year averaging 
period to a five-year averaging period, outside of the SBA Business 
Loan and Disaster Loan Programs. 84 FR 66561 (Dec. 5, 2019).
    \517\ Generally, the average number of employees of the business 
concern is used (including the employees of its domestic and foreign 
affiliates) based upon numbers of employees for each of the pay 
periods for the preceding completed 12 calendar months. See 13 CFR 
121.106(b)(1).
    \518\ To measure business size, the SBA also uses financial 
assets for certain financial industries, and for the petroleum 
refining industry, it uses refining capacity and employees.
    \519\ See 12 CFR 1002.9(a)(3).
    \520\ 13 CFR 121.104(a) and (c).
---------------------------------------------------------------------------

    The Bureau believes that section 1071 differs from other programs 
that may have been contemplated pursuant to the Small Business Act's 
provisions pertaining to the establishment of size standards. First and 
most notably, the rulemaking contemplated by section 1071 is not a 
``program'' in the traditional sense of a procurement or other Federal 
assistance program; the rule would not confer a direct benefit or 
advantage to the small business applicant or financial institution in 
terms of contract, procurement, loan guaranty, or government backed 
debenture. Rather, financial institutions will be contributing 
information about credit applications for businesses identified as 
small under section 1071--information that will be valuable to the 
Bureau, financial institutions, policymakers, and other stakeholders, 
including small businesses. Second, unlike other such alternative size 
standard requests, the Bureau notes that a size standard under section 
1071 would apply to businesses across all sectors applying for 
financing, rather than a particular industry or sector. And third, the 
Bureau believes that arriving at a simplified size standard is an 
essential element to this ``program,'' as more complex approaches may 
limit opportunities for small businesses by reducing access to credit.
    Section 1071 is also unique in that Congress specified that the 
data collection regime include a particular form of revenue for the 
businesses at issue. As discussed in the section-by-section analysis of 
proposed Sec.  1002.107(a)(14) below, section 1071 requires a financial 
institution to collect ``the gross annual revenue of the business in 
the last fiscal year of the women-owned, minority-owned, or small 
business loan applicant preceding the date of the application.'' \521\ 
The Bureau considered whether under section 1071 a financial 
institution should have to apply two different revenue-based rules 
(first, one for determining whether the business is small under the 
existing SBA size standards and therefore section 1071 data must be 
collected and reported; and, second, if the business is small, another 
for reporting the business's gross annual revenue in the last fiscal 
year), or whether applying only one revenue-based rule for section 1071 
could be sufficient. The Bureau believes that requiring financial 
institutions to apply both would be unnecessarily confusing and 
burdensome, and would also increase potential for errors in data 
collection. The Bureau does not believe it is appropriate to use only 
average annual receipts, given the language of section 1071. Moreover, 
as discussed below, section 1071 amends ECOA, which already 
incorporates gross annual revenue as implemented under existing 
Regulation B.
---------------------------------------------------------------------------

    \521\ Id.
---------------------------------------------------------------------------

    ECOA section 704B(e)(2)(G) requires a financial institution to 
collect and report the race, sex, and ethnicity of the principal owners 
of the business. Existing Regulation B generally prohibits a creditor 
from inquiring about

[[Page 56433]]

such protected demographic information in connection with a credit 
transaction unless otherwise required by Regulation B, ECOA, or other 
State or Federal law, regulation, order, or agreement.\522\ Thus, in 
order to avoid potential liability under ECOA and existing Regulation 
B, a financial institution must accurately determine that a business 
credit application is subject to section 1071 before inquiring about 
the applicant's protected demographic information. The Bureau does not 
believe the SBA's existing size standards allow for the quick and 
accurate determination of small business status required for this 1071 
data collection initiative. Specifically, the Bureau does not believe 
this determination can be quickly and accurately made if, as required 
under the SBA's existing size standards, the financial institution must 
determine the appropriate NAICS code for the business and then apply 
the NAICS-based size standards to determine whether a business loan 
applicant is a small business.
---------------------------------------------------------------------------

    \522\ Existing Sec.  1002.5(a)(2). ECOA states that it is not 
discrimination for a financial institution to inquire about women-
owned or minority-owned business status, or the race, sex, and 
ethnicity of principal owners pursuant to section 1071. 15 U.S.C. 
1691(b)(5).
---------------------------------------------------------------------------

    As discussed above, SERs and other stakeholders have expressed 
concern to the Bureau about the difficulties in determining the 
appropriate NAICS code for businesses and in applying the NAICS-based 
size standards. They generally preferred a simple small business 
definition and expressed concern that the SBA's approach to defining a 
small business--which bases classification on an applicant's 6-digit 
NAICS code--is relatively complex in this context. The Bureau believes 
that removing a NAICS-based small business determination as a step in 
determining small business status will both facilitate compliance and 
better achieve the purposes of section 1071. The Bureau understands 
that one reason that SERs and others expressed a strong desire for a 
simple approach to determining whether an applicant is small is that 
this initial determination may drive the application process. To comply 
with section 1071 requirements, financial institutions may use a 
different application process, or different or additional application 
materials, with applicants for business credit that are small 
businesses than they do with applicants that are not small businesses. 
Thus, quickly and accurately determining whether an applicant is a 
small business at the outset of the application process may be a 
crucial step, one that financial institutions would benefit from being 
able to seamlessly accomplish. Considering the requirements and 
prohibitions in ECOA with respect to protected demographic information, 
the Bureau understands the import that financial institutions have 
placed on both the speed and accuracy of this determination.
    As discussed in the section-by-section analysis of proposed Sec.  
1002.107(a)(15) below, the Bureau believes that NAICS codes possess 
considerable value for section 1071's fair lending purpose as well as 
its business and community development purpose beyond being necessary 
for determining whether an applicant is a small business under the 
SBA's size standards. The Bureau is therefore proposing that financial 
institutions be required to collect and report NAICS codes as one of 
the data fields for applications subject to section 1071. However, the 
Bureau believes that gathering NAICS code information at some point 
during the application process, while still the subject of some concern 
for financial institutions, is a different consideration from requiring 
NAICS information as a necessary step to beginning an application (and 
correctly determining which type of application to initiate).
    The Bureau also believes that this simplified alternative size 
standard will provide largely consistent reporting results, as compared 
to adopting the full SBA size standards. The Bureau used data from the 
U.S. Census's 2012 Statistics of U.S. Businesses (SUSB) and the U.S. 
Department of Agriculture's 2012 Census of Agriculture to analyze how 
each of the Bureau's contemplated alternative approaches would change 
the number of businesses defined as ``small'' relative to the SBA 
definition.\523\ If all NAICS classifications and size assessments 
could be done correctly, applying the SBA's full 6-digit NAICS code-
based size standards would result in complete coverage of small 
businesses as defined by the SBA--all applications by small businesses 
would be reported (other than those made to financial institutions that 
qualify for an exemption) and no applications made by non-small 
businesses would be reported. The Bureau estimates that 270,000 
businesses that would be small under the SBA's existing size standards 
(out of 7.2 million small employer businesses and farms) would not be 
covered by the Bureau's proposed $5 million gross revenue standard. The 
Bureau further estimates that the Bureau's proposed rule would cover 
some 77,000 businesses that would not be small under the SBA size 
standards. The Bureau believes that such variation with respect to the 
SBA's current size standards is an appropriate trade-off for the 
reasons described herein.
---------------------------------------------------------------------------

    \523\ The 2012 SUSB is the most recent Census product to have 
categories of revenue and employees granular enough to conduct this 
analysis. The Bureau constructed the 2012 equivalents of the second 
and third alternatives due to the vintage of the SUSB data available 
and used the SBA's 2012 size standards for the analysis. The 2012 
SUSB only covers employer firms or businesses with at least one 
employee.
---------------------------------------------------------------------------

    The Bureau notes, however, that a $5 million gross annual revenue 
alternative size standard would affect some industries more than 
others. That is, applications for small businesses would be reported to 
the Bureau less from some industries than others. In general, there 
will be a larger proportion of businesses whose applications would not 
be reported in industries with a higher revenue-based size standard. 
The industries most affected by this are the retail trade and 
construction industries. Other industries that would be 
disproportionately affected may include manufacturing, wholesale trade, 
health care and social assistance, and professional, scientific, and 
technical services. The Bureau received little public feedback with 
respect to such concerns, although the Bureau seeks comment with 
respect to any potential effects on particular subsets of applicants 
that may be disproportionately included or excluded on the basis of a 
gross annual revenue standard (such as those subject to employee-based 
size standards), particularly in light of section 1071's purposes.
    The Bureau also believes that a simplified size standard will be 
important for financial institutions that may not frequently engage in 
small business lending in determining whether they are covered under 
the 1071 rule. As discussed in the section-by-section analysis of 
proposed Sec.  1002.105(b), the Bureau is proposing to mandate section 
1071 small business lending data collection only from those financial 
institutions that originated at least 25 covered credit transactions 
from small businesses in each of the two preceding calendar years. 
Those financial institutions that do not frequently lend to small 
businesses will be seeking to track precisely how many covered credit 
transactions for small businesses they have originated. The Bureau 
believes that it is important to empower financial institutions to 
quickly ascertain whether a covered credit transaction was furnished to 
a small business, such that infrequent lenders can continue to monitor

[[Page 56434]]

whether section 1071 compliance is required.
    Average gross annual revenue. The Bureau considered proposing an 
approach that would use an average gross annual revenue calculated over 
an averaging or ``lookback'' period instead of using the gross annual 
revenue for the preceding fiscal year. This alternative approach would 
be similar to the SBA approach of using a five-year annual receipts 
average. The Bureau understands that the SBA expects the five-year 
average to: (i) Enable some mid-size businesses currently categorized 
above their corresponding size standards to gain or regain small 
business status and thereby qualify for participation in Federal 
assistance intended for small businesses, and (ii) allow some advanced 
and larger small businesses close to their size thresholds to lengthen 
their small business status for a longer period and thereby continue 
their participation in Federal small business programs.\524\ However, 
because the 1071 rule is not connected to eligibility for participation 
in any Federal programs for small business loans, grants, procurement, 
or otherwise, the Bureau believes that allowing financial institutions 
to consider applicants' gross annual revenue for the preceding fiscal 
year is sufficient for 1071 purposes. The Bureau also notes that using 
gross annual revenue for the preceding fiscal year is consistent with 
the notification requirements of existing Regulation B and the Bureau's 
approach in proposed Sec.  1002.107(a)(14) regarding the gross annual 
revenue data point. The Bureau believes that using this measure instead 
of an average will better align with current lending practices and will 
simplify determinations regarding 1071 reporting status.
---------------------------------------------------------------------------

    \524\ See 84 FR 66561, 66562 (Dec. 5, 2019).
---------------------------------------------------------------------------

Section 1002.107 Compilation of Reportable Data
107(a) Data Format and Itemization
Background
    ECOA section 704B(e) requires financial institutions to ``compile 
and maintain'' records of information provided by applicants ``pursuant 
to a request under subsection (b),'' and requires them to ``itemiz[e]'' 
such information to ``clearly and conspicuously disclose'' a number of 
data points; \525\ the Bureau refers to these as statutory data points. 
Section 704B(e)(2)(H) provides the Bureau with authority to require 
``any additional data that the Bureau determines would aid in 
fulfilling the purposes of [section 1071]''; the Bureau refers to data 
points adopted under this authority as discretionary data points. The 
stated statutory purposes of 1071 are twofold: (1) To facilitate 
enforcement of fair lending laws; and (2) to enable communities, 
governmental entities, and creditors to identify business and community 
development needs and opportunities of women-owned, minority-owned, and 
small businesses.\526\ The Bureau notes that ``discretionary'' in this 
context means discretionary for the Bureau to adopt, not discretionary 
for financial institutions to comply with.
---------------------------------------------------------------------------

    \525\ As discussed in greater detail above in E.2 of the 
Overview to this part V, the Bureau interprets the phrase ``pursuant 
to a request under subsection (b)'' in section 1071 as referring to 
all of the data points contemplated by ECOA section 704B(e), not 
merely whether the applicant is a minority-owned, women-owned, or 
small business.
    \526\ ECOA section 704B(a).
---------------------------------------------------------------------------

    The 1071 data collected and reported by financial institutions 
would generally be made available to the public unless the Bureau 
decides to delete or modify certain data to advance a privacy 
interest.\527\ As discussed below in part VI, the Bureau is proposing 
to use a balancing test to determine what data should be deleted or 
modified, but does not intend to apply the balancing test until 
financial institutions have reported at least a full year of 1071 data 
to the Bureau. The Bureau notes that the utility of 1071 data to 
particular groups of data users will depend on the specific data 
collected and the form, manner, and extent to which the Bureau makes 
such data available to the public.
---------------------------------------------------------------------------

    \527\ ECOA section 704B(e)(4), (f).
---------------------------------------------------------------------------

    The users of data from the Bureau's proposed 1071 rule could 
include the Bureau itself; other Federal agencies including the 
prudential banking regulators; Congress; State and local governments; 
community, consumer, and civil rights groups; researchers and 
academics; financial institutions; small businesses; and small business 
trade organizations. The comprehensive data that would be collected 
under the Bureau's rule is not available elsewhere, though some 
aggregate information for some loans to businesses--but not 
applications--exists in other sources. For example, there are several 
datasets on loans to businesses by depository institutions. The FFIEC 
Call Report data provide information on banks' and savings 
associations' total outstanding number and amount of loans to 
businesses for loans under $1 million and farms for loans under 
$500,000. The CRA requires banks and savings associations with assets 
over a specified threshold ($1.322 billion as of 2021) to report data 
on loans to businesses with origination amounts of $1 million or less 
and loans to farms with origination amounts of $500,000 or less. NCUA 
Call Reports include information on credit unions' outstanding and 
originated commercial loans to members over $50,000. Though the Bureau 
and other agencies with supervisory jurisdiction can currently 
approximate some 1071 data through requests during examinations of 
individual institutions, the agencies would only have access to data 
from a relatively small number of such institutions at any one time and 
the data obtained would not be uniform among institutions. The 
availability of uniform 1071 data across different types of financial 
institutions should significantly improve agencies' ability to focus 
limited supervisory resources on institutions with higher fair lending 
risk. Section 1071 data may also provide insight into how well the 
market is meeting the credit needs of small businesses in general, as 
well as women- and minority-owned small businesses in particular, and 
could potentially be used to identify market opportunities.
    The Bureau has received feedback relevant to the 1071 rulemaking 
from a variety of sources, including through the SBREFA process as well 
as the Bureau's 1071 Symposium and the 2017 RFI on small business 
lending. This feedback addressed, among other things, the potential 
inclusion of discretionary data points in the 1071 rulemaking, which is 
discussed further below. By discussing these potential discretionary 
data points under consideration in the SBREFA Outline, the Bureau 
obtained helpful feedback on costs and benefits from the SERs and other 
stakeholders to inform the Bureau's decision-making for purposes of 
this NPRM.
SBREFA Proposals Under Consideration and Feedback Received
    In the SBREFA Outline, the Bureau explained its understanding of 
the data points enumerated in section 1071.\528\ The Outline noted that 
ECOA section 704B(b) requires financial institutions to inquire whether 
an applicant for credit is a women-owned, minority-owned, or small 
business. In addition, the statute states that the information compiled 
and maintained by a financial institution under section 704B(e)(1) 
shall be itemized in order to clearly and conspicuously disclose a 
number of particular items that are enumerated in the statute. In the 
Outline, the Bureau

[[Page 56435]]

stated that it was considering proposing to require all of these data 
points.\529\
---------------------------------------------------------------------------

    \528\ SBREFA Outline at 24.
    \529\ Id. at 24-36.
---------------------------------------------------------------------------

    The Bureau also discussed in the SBREFA Outline its proposals under 
consideration regarding data points adopted pursuant to its 
discretionary data points authority under ECOA section 
704B(e)(2)(H).\530\ The Bureau explained that it was considering 
proposing to require that financial institutions report discretionary 
data points regarding pricing, time in business, NAICS code, and number 
of employees.
---------------------------------------------------------------------------

    \530\ Id. at 33.
---------------------------------------------------------------------------

    SERs provided feedback on nearly all aspects of the data points 
under consideration, including certain feedback applicable to all data 
points.\531\ Regarding data points generally, most SERs requested that 
the Bureau make the collection and reporting of data points as simple 
as possible. Two SERs stated that collecting and reporting the 
statutory data points would not pose any issues because they collect 
them now. A number of SERs urged the Bureau to require collection and 
reporting of a number of data points based only on information as 
provided by the applicant. One SER stated that the Bureau should be 
aware that, as with HMDA reporting, the cost of collecting and 
reporting the data points will include expensive data quality scrubs in 
order to avoid negative examination findings. Another SER stated that 
it will be challenging to standardize the data so reporting can be 
automated, and that this will likely require significant training and a 
tremendous amount of human intervention.
---------------------------------------------------------------------------

    \531\ The SER feedback discussed in this section-by-section 
analysis can be found in the SBREFA Panel Report at 25-30.
---------------------------------------------------------------------------

    Furthermore, some SERs expressed concern about asking applicants to 
provide certain information (in particular the race, sex, and ethnicity 
of principal owners), as they believed that applicants would feel 
uncomfortable providing, or even being asked about, that information, 
and that if applicants are denied credit they might feel it was because 
of the protected demographic information they provided. One SER stated 
that the collection of 1071 data could seem like an intrusion of 
privacy by the financial institution, particularly to minority 
borrowers. The SER stated that prospective applicants may decide to 
seek financing elsewhere. Another SER stated that some prospective 
applicants' distrust of the Federal government (and concern over how 
1071 data might be used) might adversely impact their ability to lend 
to the communities they serve. Other SERs that currently collect this 
information (for example, because they are CDFIs or SBA lenders) 
indicated that they generally do not have difficulty collecting 
demographic information from borrowers.
    Several SERs suggested that the Bureau develop a system to assist 
in the collection of applicants' protected demographic information, and 
possibly other applicant-provided 1071 data, that would avoid the need 
for financial institutions to request and store sensitive information 
about applicants. One SER suggested that this system could also permit 
applicants to input their addresses for geocoding.
    SERs also provided detailed feedback on the discretionary data 
points that the Bureau was considering. One SER stated that the cost of 
collecting and reporting the discretionary data points under 
consideration would be significant, and another SER stated that the 
Bureau should include as few data points as possible to avoid 
unnecessary costs. Another SER stated that the Bureau should finalize a 
rule with just the statutorily required data points and avoid adding 
any discretionary data points. That SER suggested that if the Bureau 
does include discretionary data points, the Bureau could consider 
providing an exemption from discretionary data point collecting and 
reporting for certain small 1071 reporters, similar to the partial data 
point exemption approach taken under HMDA.\532\
---------------------------------------------------------------------------

    \532\ See Regulation C Sec.  1003.3(d).
---------------------------------------------------------------------------

    Other SERs favored the inclusion of some or all of the 
discretionary data points. Two SERs stated their support for the 
inclusion of all four discretionary data points under consideration. 
One of these SERs suggested that the Bureau also collect information 
regarding the way the application was taken (in person, by phone, or 
online) in order to monitor possible discouragement of applicants. The 
other SER suggested that the Bureau also collect credit score 
information.
    Stakeholders commenting on the statutory data points and data 
points in general largely echoed the SERs' concerns. Industry 
commenters suggested that the method of collection be as clear and 
simple as possible, that the cost burden be taken into account, and 
that the Bureau not require verification of applicant-provided 
information. Community groups largely supported the Bureau's proposals 
under consideration for the statutory data points, and emphasized the 
importance of the new 1071 data collection regime.
    A large majority of industry stakeholders commenting on the SBREFA 
Outline opposed the collection of any discretionary data points, 
stating that including them would be overly burdensome and unnecessary. 
Industry commenters argued that the 1071 rule would be very burdensome 
in any case, requiring new software and onerously different business 
processes, and adding data points would only increase that burden. Some 
commenters stated that collecting and reporting the discretionary data 
points would increase compliance obligations and costs, and likely 
impact credit costs and availability for small business customers. Some 
commenters were concerned about the discretionary data points being 
made public without contextual information, potentially leading to 
damaging misinterpretations. One stakeholder stated that unnecessary 
discretionary data points would add to the already significant privacy 
concerns of financial institutions and borrowers. Several commenters 
suggested that the Bureau consider an incremental approach to expanding 
the data collection in the future should the statutory fields not be 
sufficient to accomplish the original intent of 1071. Several other 
stakeholders suggested that if the Bureau includes discretionary data 
points, it should provide an exemption from reporting them for smaller 
financial institutions.
    Community groups and several community development lenders 
supported mandatory reporting of the discretionary data points under 
consideration, saying that they would help achieve section 1071's 
purposes. One stakeholder stated that the discretionary data points 
under consideration relate to underwriting decisions and must be 
accounted for so credit providers cannot--as they said HMDA reporters 
have done for years--hide behind data not collected as justification 
for their lending disparities. A community development lender supported 
the collection of the discretionary data points, but suggested that the 
Bureau not collect number of employees. Some stakeholders suggested 
additional discretionary data points.
    Regarding data points in general, the SBREFA Panel recommended that 
the Bureau consider proposing in the NPRM that applicant-provided data 
points be self-reported by the applicant only, without an obligation 
for the financial institution to verify the information

[[Page 56436]]

provided by the applicant.\533\ Regarding the discretionary data 
points, the SBREFA Panel recommended that if time in business, number 
of employees, and NAICS code become part of the proposal, the Bureau 
continue to explore ways to minimize the burden to small financial 
institutions of collecting and reporting such data; and with respect to 
NAICS code specifically, the burden on small business applicants who 
need to provide the information.\534\ As to pricing, the Panel 
recommended that if this data point becomes part of the proposal, the 
Bureau seek comment on potential methods for avoiding 
misinterpretations of disparities.\535\
---------------------------------------------------------------------------

    \533\ SBREFA Panel Report at 46.
    \534\ Id.
    \535\ Id.
---------------------------------------------------------------------------

Proposed Rule
    The Bureau is proposing to adopt the statutory data points largely 
consistent with its proposals under consideration at SBREFA, but with 
certain changes as discussed in the section-by-section analyses of the 
individual data points below. Consistent with its approach under 
consideration in the SBREFA Outline,\536\ the Bureau is proposing 
discretionary data points relating to pricing, time in business, NAICS 
code, and number of workers. In addition, based on feedback from SERs 
and other stakeholders and in the course of developing the proposed 
rule, the Bureau identified several additional data points that it 
believes would be important to the quality and completeness of the 1071 
data collected and would aid significantly in furthering the purposes 
of section 1071. The proposed rule would adopt additional discretionary 
data points regarding application method, application recipient, denial 
reasons, and number of principal owners. In addition, the Bureau is 
relying on ECOA section 704B(e)(2)(H), as well as its authority under 
704B(g)(1), to make certain clarifications to the statutory data 
points. These data points are all discussed in detail in the section-
by-section analyses of proposed Sec.  1002.107(a)(1) through (21) 
below.
---------------------------------------------------------------------------

    \536\ SBREFA Outline at 34-35.
---------------------------------------------------------------------------

    The Bureau continues to believe that discretionary data points for 
pricing, time in business, NAICS code, and number of workers would 
serve the purposes of 1071, improve the utility of the data for 
stakeholders, and potentially reduce the occurrence of 
misinterpretations or incorrect conclusions based on analysis of an 
otherwise more limited data set. The Bureau also believes that 
discretionary data points for application method, application 
recipient, denial reasons, and number of principal owners would help to 
achieve these goals more effectively.
    In proposing these discretionary data points, the Bureau considered 
the additional operational complexity and potential reputational harm 
that collecting and reporting discretionary data points could impose on 
financial institutions. The Bureau has sought to respond to industry 
concerns regarding discretionary data points by proposing a limited 
number of discretionary data points that would offer the highest value 
in light of 1071's statutory purposes. For this reason, the Bureau is 
not proposing certain additional discretionary data points suggested by 
SERs and other stakeholders such as credit score or applicant's 
business structure (see the discussion below). In addition, the Bureau 
has not chosen to take an incremental approach to adding data points, 
as one stakeholder suggested, or permitting collecting and reporting of 
discretionary data points to be phased in over time. The Bureau 
believes the information from the proposed discretionary data points 
would further section 1071's purposes for the reasons stated above, and 
should be collected and reported as soon as possible. In addition, data 
from these discretionary data points would be an important part of the 
privacy balancing test analysis that would be conducted after the first 
year of 1071 data is received.\537\ The Bureau will consider industry 
concerns about potential reputational harm that collecting and 
reporting discretionary data points could impose on financial 
institutions when it conducts the privacy balancing test analysis.
---------------------------------------------------------------------------

    \537\ See part VI below.
---------------------------------------------------------------------------

    In regard to the specific method by which a financial institution 
would collect the 1071 data points, the proposed rule would require a 
covered financial institution to compile and maintain data regarding 
covered applications from small businesses, and require that the data 
be compiled in the manner prescribed for each data point and as 
explained in associated Official Interpretations (included in this 
proposed rule) and the Filing Instructions Guide (FIG) that the Bureau 
anticipates later providing on a yearly basis. The proposed rule would 
then explain that the data compiled shall include the items described 
in proposed Sec.  1002.107(a)(1) through (21). The Official 
Interpretations, sometimes referred to as official comments or official 
commentary, provide important guidance on compliance with the 
regulation and are discussed in this preamble in relation to each data 
point as well as other regulatory provisions. The FIG would provide 
instructions on the operational methods for compiling and reporting 
data, including which codes to report for different required 
information. The FIG would be updated yearly, as is the FIG that is 
used with HMDA compilation and reporting.\538\
---------------------------------------------------------------------------

    \538\ See generally Fed. Fin. Insts. Examination Council, The 
Home Mortgage Disclosure Act, https://ffiec.cfpb.gov/ (last visited 
July 28, 2021).
---------------------------------------------------------------------------

    The Bureau notes that some of the details contained in the proposed 
regulatory text and commentary may also be appropriate for inclusion in 
the FIG, and it anticipates that it may choose to relocate some such 
details to the FIG when issuing the final rule. For example, proposed 
Sec.  1002.107(a)(1) addresses the unique identifier data point. A 
portion of proposed comment 107(a)(1)-1 would explain that the unique 
identifier must not exceed 45 characters, and may only include standard 
numerical and/or alphabetical characters and cannot include dashes, 
other special characters, or characters with diacritics. At the final 
rule stage, the Bureau might consider removing those details from the 
commentary and addressing them instead in the FIG, in order to preserve 
flexibility in how the submission platform is ultimately designed and 
implemented.
    Proposed comment 107(a)-1 would provide general guidance on 
complying with Sec.  1002.107(a), and would explain that: (i) A covered 
financial institution reports the data even if the credit originated 
pursuant to the reported application was subsequently sold by the 
institution; (ii) a covered financial institution annually reports data 
for covered applications for which final action was taken in the 
previous calendar year; and (iii) a financial institution reports data 
for a covered application on its small business lending application 
register for the calendar year during which final action was taken on 
the application, even if the institution received the application in a 
previous calendar year. The Bureau believes that these operational 
instructions would clarify a financial institution's collection and 
reporting requirements and so facilitate compliance. The Bureau also 
believes that these instructions would help to ensure the accuracy and 
consistency of the data collected and reported.
    The Bureau crafted the proposed rule in consideration of the 
concerns and input of the SERs and other stakeholders. First, the 
proposed rule would generally not require a financial

[[Page 56437]]

institution to verify applicant-provided information, as discussed more 
fully in the section-by-section analysis of proposed Sec.  1002.107(b) 
below, and has limited the discretionary data points to those that the 
Bureau believes would be most useful for the purposes of section 1071. 
In addition, the Bureau has considered the costs, including data 
quality scrubs, automation and training, that would be imposed by the 
collection and reporting of the statutory and discretionary data 
points; these are discussed in detail in part VII below. The Bureau has 
attempted to craft the collection and reporting requirements to be as 
clear and operationally manageable as possible, and requests comment on 
potential methods for increasing clarity and manageability.
    In regard to concerns from SERs and other stakeholders about being 
required to collect applicants' protected demographic information for 
purposes of section 1071, the Bureau notes that several SERs reported 
collecting this kind of information currently (because they are CDFIs, 
or because they are participating in certain SBA or similar loan 
guarantee programs). In addition, the Bureau crafted the proposed rule 
to provide flexibility for financial institutions in the collection and 
reporting of this information. The Bureau is also not proposing an 
exemption for small financial institutions from reporting the 
discretionary data points, as suggested by some SERs and commenters. As 
explained in the section-by-section analysis of proposed Sec.  
1002.105(b) above, certain institutions with limited small business 
loan originations would be exempt from 1071 collection and reporting 
obligations. Furthermore, the Bureau is concerned that the usefulness 
of the data collected would be reduced if the data set is incomplete 
for some financial institutions. Finally, the Bureau is not proposing 
at this time to establish a Federal collection system for protected 
demographic or other information for use with 1071 reporting that would 
avoid the need for financial institutions to request and store this 
information about applicants, as suggested by several SERs.
    The Bureau seeks comment on its proposed approach to the collection 
and reporting of the 1071 data points, including the specific requests 
for input above and in the section-by-section analysis of each of the 
proposed data points below.
Proposed Rule--Other Discretionary Data Points Considered But Not 
Proposed
    As mentioned above, SERs and other stakeholders suggested some 
additional data points for the Bureau's consideration, and the Bureau 
considered others in the development of this proposed rule. Because of 
the operational complexities likely to be posed by each of these 
potential data points, as well as the reasons explained below, the 
Bureau has chosen not to propose to include any of the following data 
points in the 1071 rule. Nonetheless, the Bureau seeks comment on 
whether the following potential data points or any others would further 
the purposes of section 1071 and thus should be considered for 
inclusion in the final rule.
     Type of business/entity structure (sole proprietorship, C-
corp, LLC, partnership, etc.). This information could be useful in 
providing context to the race, sex, and ethnicity data regarding 
applicants' principal owners. However, the Bureau believes that 
collecting the number of principal owners, as proposed in Sec.  
1002.107(a)(21), would better serve this purpose.
     Credit score. Collecting credit score and other credit 
information could be particularly useful for the fair lending purpose 
of section 1071. However, because of the different types of scores and 
different situations in which a financial institution would or would 
not access scores, the Bureau believes that this data point could be 
quite complicated and involve complex sub-fields, which could pose 
operational difficulties for financial institutions in collecting and 
reporting this information. These complexities could also make it 
difficult for data users to understand and interpret credit score data.
     Credit reporting information, including whether credit 
information was accessed. This data point could also be complicated and 
involve complex sub-fields, making it difficult for financial 
institutions to collect and report. As with credit score, these 
complexities could also make it difficult for data users to understand 
and interpret these data. In addition, it is not clear that this 
information would be useful without also collecting credit score.
     Percentage ownership of each principal owner and 
percentage ownership by women and by minorities. This information could 
be useful in providing context to the ethnicity, race, and sex data 
regarding applicants' principal owners. However, the Bureau is 
concerned that requesting this type of percentage data could be 
confusing to applicants and could result in inconsistent responses 
across applicants and institutions. The Bureau believes that collecting 
the number of principal owners, as proposed in Sec.  1002.107(a)(21), 
would better serve this same purpose.
     Whether the applicant has an existing relationship with 
the financial institution and the nature of that relationship. This 
information could provide additional context for a financial 
institution's credit decision, and thus could be useful for both of 
section 1071's statutory purposes. However, the Bureau believes that 
the usefulness of the data collected may not justify the additional 
operational complexity of identifying and tracking such relationships 
for reporting.
     Customer number, and/or unique (but anonymous) 
identification number for applicants or associated persons for tracking 
of multiple applications. This information could be useful to track 
multiple applications by a single small business within a particular 
financial institution, whether submitted at one time or over the course 
of the year. However, the Bureau believes that the potential 
difficulties posed by requiring the reporting of this information--
particularly for applications that have been withdrawn or abandoned--
would not be warranted in light of the utility of the data.
107(a)(1) Unique Identifier
Background
    ECOA section 704B(e)(2)(A) requires financial institutions to 
collect and report ``the number of the application . . . .'' Regulation 
C includes a similar reporting requirement for a universal loan 
identifier (ULI),\539\ though some insured credit unions and 
depositories whose lending activity falls below applicable thresholds 
are partially exempt and only need to report a non-universal loan 
identifier (NULI).\540\ Both the ULI and the NULI use only alphanumeric 
characters, and do not allow use of identifying information about the 
applicant or borrower in the identifier. The ULI is ``unique'' in the 
national HMDA reporting market because it uses a unique legal entity 
identifier (LEI) for the reporting institution and then the identifier 
is required to be unique within that

[[Page 56438]]

institution.\541\ The ULI must be no more than 45 characters and the 
NULI must be no more than 22 characters.\542\
---------------------------------------------------------------------------

    \539\ 12 CFR 1003.4(a)(1)(i).
    \540\ 12 CFR 1003.3(d)(5).
    \541\ 12 CFR 1003.4(a)(1)(i)(A), (B)(2). The NULI is only 
required to be unique within the annual loan/application register in 
which the covered loan or application is included. 12 CFR 
1003.3(d)(5)(ii).
    \542\ The ULI length limit is included in the Bureau's yearly 
Filing Instructions Guide. See Bureau of Consumer Fin. Prot., Filing 
instructions guide for HMDA Data collected in 2021 (2021), https://s3.amazonaws.com/cfpb-hmda-public/prod/help/2021-hmda-fig.pdf. The 
limit for the NULI is in Regulation C Sec.  1003.3(d)(5).
---------------------------------------------------------------------------

SBREFA Proposals Under Consideration and Feedback Received
    The Bureau stated in the SBREFA Outline that it was considering 
proposing that financial institutions report an alphanumeric 
application or loan number of no more than 45 characters that is 
unique, within the financial institution, to the referenced extension 
(or requested extension) of credit and that remains uniform through the 
application and origination stages of the process.\543\ The financial 
institution would assign this number to an application, and the number 
would be reported as the application number if the credit applied for 
was not originated. The same number would be reported as the loan 
number if the credit applied for was originated. The application/loan 
number would not include any identifying information about the 
applicant. The Bureau stated that it was considering proposing a 
structure for the method of assigning and reporting the application/
loan number under section 1071 to follow HMDA/Regulation C formatting 
and other requirements, which might reduce initial software development 
costs.
---------------------------------------------------------------------------

    \543\ SBREFA Outline at 26.
---------------------------------------------------------------------------

    SERs reported varied practices with respect to assigning 
application and loan numbers.\544\ Some SERs stated they do not assign 
application numbers; some of those SERs indicated, however, that they 
do assign loan numbers at or before origination. Two SERs reported 
tracking applications and loans using an identification number assigned 
to the customer. One SER expressed concern about reporting actual loan 
numbers to the Bureau due to potential identity theft, and requested 
that the Bureau permit financial institutions to generate a new 
application/loan number specifically for 1071 reporting purposes. One 
SER stated that if an applicant requests more than one type of credit 
product, a separate application/loan number is assigned to each product 
request, while other SERs indicated they use a single application 
number even if multiple products are requested.
---------------------------------------------------------------------------

    \544\ SBREFA Panel Report at 26-27.
---------------------------------------------------------------------------

    The SBREFA Panel recommended that in the NPRM the Bureau consider 
proposing to permit financial institutions to report ``dummy'' 
application/loan numbers assigned specifically for 1071 reporting 
purposes, rather than the numbers they use internally.\545\
---------------------------------------------------------------------------

    \545\ Id. at 45.
---------------------------------------------------------------------------

    Feedback from other stakeholders echoed many of the SERs' concerns, 
making clear that many lenders do not assign numbers at the application 
stage and others assign them at various points in the process. One 
commenter explained that being required to assign an application number 
early would disrupt its procedures. Another commenter stated that the 
Bureau should provide flexibility in this data point to account for the 
wide range of practices.
Proposed Rule
    The Bureau is proposing to require that financial institutions 
report an alphanumeric identifier starting with the LEI of the 
financial institution. This unique alphanumeric identifier would be 
required to be unique within the financial institution to the specific 
covered application, and would be required to be usable to identify and 
retrieve the specific file corresponding to the application for or 
extension of credit. The Bureau is also proposing commentary with 
additional details, as discussed below.
    This proposed unique identifier requirement closely follows the 
SBREFA Outline approach for this data point, with certain adjustments 
and clarifications. First, the Bureau has chosen to propose the more 
precise term of ``unique identifier,'' instead of ``application/loan 
number,'' which was the term used in the SBREFA Outline. In addition, 
the Bureau had stated that its approach in the SBREFA Outline would 
follow Regulation C formatting and other requirements, but did not 
explicitly discuss the use of ``dummy'' numbers, as is done with 
HMDA.\546\ For clarity, the Bureau is including language in proposed 
comment 107(a)(1)-1 that would explain that the identifier does not 
have to be the number that the financial institution uses for the 
application internally. Proposed comment 107(a)(1)-1 would also provide 
the formatting requirements for the unique identifier. The Bureau is 
proposing an identifier of 45 characters or fewer, as is currently 
required for HMDA.
---------------------------------------------------------------------------

    \546\ SBREFA Outline at 26.
---------------------------------------------------------------------------

    The Bureau notes that the SBREFA Outline language could be read to 
suggest that the financial institution must assign a number to an 
application and then keep that number uniform throughout its subsequent 
processing of the application; this is not what was intended. The 
Bureau is making clear in the proposal that the unique identifier would 
not need to stay ``uniform'' throughout the application and subsequent 
processing. Proposed comment 107(a)(1)-1 would explain that the 
financial institution may assign the unique identifier at any time 
prior to reporting the application. Proposed comment 107(a)(1)-1 would 
also explain that refinancings or applications for refinancing must be 
assigned a different identifier than the transaction that is being 
refinanced.
    Proposed comment 107(a)(1)-2 would make clear that the unique 
identifier must not include any directly identifying information 
regarding the applicant or persons (natural or legal) associated with 
the applicant. The Bureau is aware that internal identification numbers 
assigned by the financial institution to the application or applicant 
could be considered directly or indirectly identifying information, and 
requests comment on this issue. The Bureau also notes that, as 
discussed in part VI.C.6.i, due to privacy risks the Bureau is 
proposing to not publish the unique identifier data field in unmodified 
form; the Bureau is seeking comment on potential modifications to or 
deletion of this data field in the published application-level 1071 
data.
    Proposed comment 107(a)(1)-2 would also cross-reference proposed 
Sec.  1002.111(c) and related commentary, which prohibit any personally 
identifiable information concerning any individual who is, or is 
connected with, an applicant, in records retained under proposed Sec.  
1002.111.
    As stated above, the Bureau is proposing to require that the unique 
identifier begin with the financial institution's LEI; this requirement 
was not stated in the SBREFA Outline. Pursuant to proposed Sec.  
1002.109(b)(1)(vi), any covered financial institution that does not 
currently use an LEI would be required to obtain and maintain an LEI in 
order to identify itself when reporting the 1071 data. Including the 
financial institution's LEI in the unique identifiers that it assigns 
to its applications should not cause extra operational difficulty once 
the programming to do so has been

[[Page 56439]]

implemented. The Bureau believes that including the LEI will increase 
the specificity and usefulness of the identifier and the record it 
identifies. Although a ``check digit'' is required for the HMDA ULI, 
the Bureau is not proposing to require its use in the 1071 unique 
identifier. The Bureau believes that, based on its current expectations 
for a 1071 reporting platform, a check digit would be unnecessary.
    The Bureau's proposal is intended to avoid the potential problems 
identified by SERs during the SBREFA process. The method proposed would 
accommodate different institutions' numbering systems because the 
unique identifier can be created separately from that internal system. 
The Bureau's proposed approach would also alleviate the identity theft 
concerns raised with respect to reporting actual loan numbers, though 
the Bureau is unlikely to release the unique identifier data reported 
to the Bureau publicly in any case. In regard to the issue of requests 
by the same applicant for more than one credit product at the same 
time, the Bureau proposes to treat those as separate applications. See 
the section-by-section analysis of proposed Sec.  1002.103 above.
    The Bureau seeks comment on its proposed approach to the unique 
identifier data point. In addition, the Bureau requests comment on the 
use of the LEI in the unique identifier and the possible use of a check 
digit.
107(a)(2) Application Date
Background
    ECOA section 704B(e)(2)(A) requires financial institutions to 
collect and report the ``date on which the application was received.''
SBREFA Proposal Under Consideration and Feedback Received
    In the SBREFA Outline, the Bureau stated it was considering 
proposing that financial institutions report the application date using 
either (i) the date shown on a paper or electronic application form; or 
(ii) the day on which a credit request becomes an ``application.'' 
\547\ The Bureau considered proposing that application date be reported 
with a day, month, and year. The Bureau also considered proposing that 
financial institutions have a grace period of several days on either 
side of the date reported to reduce the compliance burden of 
pinpointing an exact date on which an application was received.
---------------------------------------------------------------------------

    \547\ Id.
---------------------------------------------------------------------------

    Most SERs stated that application date would not be difficult to 
report, though some suggested different triggers for the reporting of 
application date.\548\ This feedback overlapped with feedback on the 
definition of an application. Several SERs suggested the date an 
application is completed and submitted for underwriting review should 
be the triggering date. Several other SERs expressed support for 
reporting the date based on when a credit memorandum is generated. One 
SER suggested that each financial institution be permitted to develop 
its own process for reporting application date, so long as it is done 
consistently. Another SER expressed concern with reporting application 
date as a general matter, explaining that a date is not currently 
recorded in their system as a matter of practice. Instead of 
application date, that SER suggested that financial institutions report 
the date they make a decision on the loan. Several SERs were strongly 
in favor of the Bureau providing a grace period of several days on 
either side of the date reported to reduce compliance burden.
---------------------------------------------------------------------------

    \548\ SBREFA Panel Report at 27.
---------------------------------------------------------------------------

    Other stakeholders to comment on this data point were generally in 
favor of the proposal under consideration, and particularly the grace 
period, which they expressed would reduce the compliance burden of 
pinpointing an exact date. One stakeholder suggested a 7-day grace 
period. One financial institution suggested that application date be 
assigned up through and including at closing in order to accommodate 
financing requests outside normal business hours.
    The SBREFA Panel recommended that the Bureau seek comment on how 
best to define ``application date'' in light of how it decides to 
propose defining an ``application.'' \549\
---------------------------------------------------------------------------

    \549\ Id. at 45.
---------------------------------------------------------------------------

Proposed Rule
    The Bureau is proposing to require reporting of application date in 
Sec.  1002.107(a)(2) as the date the covered application was received 
by the financial institution or the date on a paper or electronic 
application form. Proposed Sec.  1002.107(a)(2) is consistent with the 
Bureau's proposal under consideration in the SBREFA Outline, with 
revised language for clarity. Proposed comments 107(a)(2)-1 and -2 
would clarify the need for a financial institution to take a consistent 
approach when reporting application date, and provide guidance on how 
to report application date for indirect applications. In light of SER 
and other stakeholder feedback \550\ supportive of permitting a grace 
period for reporting the date of application, the Bureau is proposing a 
safe harbor in Sec.  1002.112(c)(4), which would provide that a 
financial institution does not violate proposed subpart B if it reports 
on its small business lending application register an application date 
that is within three calendar days of the actual application date 
pursuant to proposed Sec.  1002.107(a)(2).
---------------------------------------------------------------------------

    \550\ SER feedback primarily directed at how to define an 
application under section 1071, rather than the date reported for 
that application, are discussed in connection with the section-by-
section analysis of proposed Sec.  1002.103(a) above.
---------------------------------------------------------------------------

    The Bureau seeks comment on its proposed approach to collecting 
application date in Sec.  1002.107(a)(2) and associated commentary. As 
recommended by the SBREFA Panel, the Bureau also seeks comment on how 
best to define this data point in light of the Bureau's proposed 
definition of ``covered application'' in Sec.  1002.103.
107(a)(3) Application Method
    ECOA section 704B(e)(2)(H) authorizes the Bureau to require 
financial institutions to compile and maintain ``any additional data 
that the Bureau determines would aid in fulfilling the purposes of 
[section 1071].'' The Bureau believes that application method data will 
aid in fulfilling the purposes of section 1071, as explained below.
    The Bureau did not address the method of application as a potential 
data point under consideration in the SBREFA Outline. However, during 
the SBREFA process, one CDFI SER suggested collecting information 
regarding the way an application was taken (in person, by phone, or 
online) in order to monitor for possible discouragement of 
applicants.\551\ Relatedly, several SERs that took applications for 
credit primarily or entirely online asserted that such channels were 
less likely to result in discrimination and more likely to increase 
access to credit to women-owned and minority-owned small businesses.
---------------------------------------------------------------------------

    \551\ SBREFA Panel Report at 30.
---------------------------------------------------------------------------

    In light of this feedback during the SBREFA process, pursuant to 
its authority under ECOA section 704B(e)(2)(H), and for the reasons set 
forth below, the Bureau is proposing to require financial institutions 
to collect and report application method. Proposed Sec.  1002.107(a)(3) 
would define this data point as the means by which the applicant 
submitted the covered application directly or indirectly to the 
financial institution. The Bureau is also proposing commentary to 
accompany proposed Sec.  1002.107(a)(3).

[[Page 56440]]

    The Bureau believes that data on application method would improve 
the market's understanding of how applicants apply for credit which, in 
turn, would facilitate fair lending enforcement, including helping 
determine whether certain application methods are more or less likely 
to be associated with violations of fair lending laws. This proposed 
data field would also permit comparisons across financial institutions 
for a given application method. In addition, data on application method 
supports 1071's statutory purposes by assisting with an understanding 
of the business and community development needs of a particular 
geographic region. For instance, application method may help users of 
1071 data analyze the extent to which financial institutions may be 
providing access to credit online or by telephone in ``credit deserts'' 
where financial institutions do not have branch operations.
    The Bureau also believes that collecting data on application method 
will aid in analysis of multiple 1071 data points collected and 
reported by financial institutions, including the ethnicity, race, and 
sex of applicants' principal owners. First, these data will assist the 
Bureau and other data users in identifying whether applicants are more 
or less likely to provide this (and other) 1071 information in 
different application channels. This information may also assist in 
determining whether a financial institution has procedures to collect 
applicant-provided data at a time and in a manner that is reasonably 
designed to obtain a response, as would be required by proposed Sec.  
1002.107(c)(1).
    Finally, data on application method would assist in analyzing data 
reported under, and assessing compliance with, proposed Sec.  
1002.107(a)(20), which requires financial institutions to collect 
principal owners' ethnicity and race via visual observation or surname 
in certain circumstances. Having application method reporting will 
allow the Bureau and other data users to determine, for example, which 
applications could be subject to data collection via visual observation 
or surname (because the financial institution met with the applicant in 
person) and, together with information reported under proposed Sec.  
1002.107(a)(20), which of those applications did and did not have 
information collected that way.
    Proposed comment 107(a)(3)-1 would clarify that a financial 
institution complies with proposed Sec.  1002.107(a)(3) by reporting 
the means by which the applicant submitted the application from one of 
the following options: in-person, telephone, online, or mail. Proposed 
comment 107(a)(3)-1 would explain how financial institutions are to 
choose which application method to report, including via a ``waterfall 
approach'' when they have contact with an applicant in multiple ways.
    Proposed comment 107(a)(3)-1.i would provide that an financial 
institution reports the application method as ``in-person'' if the 
financial institution, or another party acting on the financial 
institution's behalf, meets with the applicant in person (for example, 
in a branch office, at the applicant's place of business, or via 
electronic media with a video component). Proposed comment 107(a)(3)-
1.ii would provide that a financial institution reports the application 
method as ``telephone'' if the financial institution, or another party 
acting on the financial institution's behalf, did not meet with the 
applicant in person as described in proposed comment 1002.107(a)(3)-1.i 
but communicated with the applicant by telephone or via electronic 
media without a video component.
    Proposed comment 107(a)(3)-1.iii would provide that a financial 
institution reports the application method as ``online'' if it, or 
another party acting on the financial institution's behalf, did not 
meet with the applicant in person and did not communicate with the 
applicant by telephone as described in proposed comments 
1002.107(a)(3)-1.i and ii but communicated with the applicant through 
an online application, electronic mail, text message, and/or some other 
form of online communication. Proposed comment 107(a)(3)-1.iv would 
provide that a financial institution reports the application method as 
``mail'' if the financial institution, or another party acting on the 
financial institution's behalf, did not meet with the applicant in 
person and did not communicate with the applicant by telephone, as 
described in proposed comments 1002.107(a)(3)-1.i and ii, but 
communicated with the applicant in writing via United States mail, 
courier or overnight service, or hand-delivery (including hand-delivery 
of documents via an overnight drop box or at a teller window).
    Proposed comment 107(a)(3)-2 would provide guidance on what 
application method a financial institution would report for 
interactions with applicants both online and by mail. In short, a 
financial institution would report application method based on the 
method by which it, or another party acting on its behalf, requested 
the ethnicity, race, and sex of the applicant's principal owners 
pursuant to proposed Sec.  1002.107(a)(20). Proposed comment 107(a)(3)-
2 also would provide separate examples of when the application method 
should be reported as ``online'' and ``mail.''
    The Bureau seeks comment on its proposed approach to this data 
point.
107(a)(4) Application Recipient
    ECOA section 704B(e)(2)(H) authorizes the Bureau to require 
financial institutions to compile and maintain ``any additional data 
that the Bureau determines would aid in fulfilling the purposes of 
[section 1071].'' Although the Bureau did not address application 
recipient as a potential data point under consideration in the SBREFA 
Outline, the Bureau believes that application recipient data would aid 
in fulfilling the purposes of section 1071, as explained below.
    Financial institutions employ a wide variety of lending models in 
extending credit to small businesses. During the SBREFA process, the 
Bureau explored section 1071's requirement to collect and report 
certain data for any ``application to a financial institution for 
credit,'' which could be read as applying to more than one financial 
institution when an intermediary provides the application to another 
financial institution that takes final action on the application.\552\ 
See the section-by-section analysis of proposed Sec.  1002.109(a)(3) 
below for a discussion of proposed reporting obligations where multiple 
financial institutions are involved in a covered credit transaction. 
Financial institutions, of course, may receive applications for credit 
directly from small businesses--depending on the institution, 
applications may be submitted online, by telephone, by mail, or in 
person at a branch location, the applicant's place of business, or some 
other place. In addition, some financial institutions may receive 
applications routed to them through third parties, such as brokers or 
vehicle or equipment dealers. Some financial institutions issue credit 
cards branded for particular retailers, for which applications are 
taken in person at the retailer's store locations. Some brokers and 
dealers may send applications to a single financial institution, while 
others may send them to multiple financial institutions at the same 
time. In these types of application scenarios involving third parties, 
the financial institution may not directly interact with the

[[Page 56441]]

applicant at all during the application process.
---------------------------------------------------------------------------

    \552\ ECOA section 704B(b).
---------------------------------------------------------------------------

    In the SBREFA Outline, the Bureau noted the wide array of small 
business lending models operating today. The Bureau noted that certain 
section 1071 requirements might apply to intermediaries in the 
application chain.\553\ As discussed in the section-by-section analysis 
of proposed Sec.  1002.109(a)(3) below, several SERs voiced support for 
aligning reporting requirements for financial institutions that are not 
the lender of record with the approach taken for HMDA reporting in the 
Bureau's Regulation C. The Bureau did not receive feedback from SERs on 
whether data concerning the existence of intermediaries should be 
collected. Other stakeholders did urge the Bureau, however, to provide 
clear rules for lenders that work with partners, including when lenders 
should, and need not, collect 1071 data. Stakeholders also urged the 
Bureau to provide clear rules that would work for a broad array of 
business models, including lenders working with partners and agents.
---------------------------------------------------------------------------

    \553\ SBREFA Outline at 13.
---------------------------------------------------------------------------

    The Bureau believes that information regarding how an application 
is received would enhance small business lending data and further the 
purposes of section 1071. Pursuant to its authority under ECOA section 
704B(e)(2)H), the Bureau is thus proposing Sec.  1002.107(a)(4), which 
would require financial institutions to collect and report the 
application recipient, meaning whether the applicant submitted the 
covered application directly to the financial institution or its 
affiliate, or whether the applicant submitted the covered application 
indirectly to the financial institution via a third party. Proposed 
comment 107(a)(4)-1 would clarify that if a financial institution is 
reporting actions taken by its agent consistent with proposed comment 
109(a)(3)-3, then the agent is considered the financial institution for 
the purposes of proposed Sec.  1002.107(a)(4).
    The Bureau believes that collecting data on application recipient, 
in combination with application method, as discussed above, would 
improve the market's understanding of how small businesses interact 
with financial institutions when applying for credit which, in turn, 
would facilitate fair lending analysis, including identifying risks in 
small business lending. Information about application method and 
whether the application was submitted directly or indirectly also would 
promote the community and business development purposes of the statute 
by improving the public's understanding of the structure of small 
business lending originations across the market, the methods by which 
credit is originated for particular groups or underserved markets, and 
trends over time (for example, to the extent applicant preferences 
shift from in-person to online interactions). It will also be helpful 
for the Bureau and data users to know the relationship between the 
covered financial institution and the applicant in the context of 
certain other collected and reported data.
    The Bureau also believes that collecting and reporting information 
on the application recipient may facilitate fair lending analysis 
because particular business models may provide more or less reliable 
information with respect to the ethnicity, race, and sex of the 
principal owners of the applicant. In addition, the Bureau believes 
that collecting and reporting information on the application recipient 
may assist with an understanding of the business and community 
development needs of an area or applicant. For instance, the proposed 
collection of application recipient may help users of 1071 data 
understand whether financial institutions making credit decisions are 
directly interacting with the applicant and/or generally operate in the 
same community as the applicant. Finally, the Bureau expects that 
financial institutions know and track how they receive applications for 
credit from small businesses and thus does not believe that this data 
point should be difficult for financial institutions to collect and 
report.
    The Bureau seeks comment on its proposed approach to this data 
point.
107(a)(5) Credit Type
Background
    Section 1071 requires financial institutions to collect and report 
``the type and purpose of the loan or other credit being applied for.'' 
\554\ (The credit purpose data point is addressed in proposed Sec.  
1002.107(a)(6).) For HMDA reporting, Regulation C requires numerous 
data points that indicate the type of credit applied for or originated: 
the type of guarantees used; lien order; loan term; the presence of 
nontraditional contract terms including balloon, interest only, and 
negative amortization payments; variable rate information; open-end 
status; and reverse mortgage status.\555\ Section 1071 provides no 
additional information or details regarding what aspects of credit type 
should be collected and reported.
---------------------------------------------------------------------------

    \554\ ECOA section 704B(e)(2)(B).
    \555\ Regulation C Sec.  1003.4(a)(2), (14), (25), (27), (28), 
(37), and (38).
---------------------------------------------------------------------------

SBREFA Proposals Under Consideration and Feedback Received
    In the SBREFA Outline, the Bureau stated it was considering 
proposing that financial institutions report the loan/credit type data 
point via three sub-components: (1) Type of Loan Product (chosen from a 
specified list); (2) Type of Guarantee (chosen from a specified list); 
and (3) Loan Term (in months, or using ``Not Applicable'' for products 
that do not have a loan term and for applications that did not specify 
a loan term). The SBREFA Outline included lists of types of loan 
product and types of guarantees.\556\
---------------------------------------------------------------------------

    \556\ SBREFA Outline at 26-27.
---------------------------------------------------------------------------

    The Bureau explained in the SBREFA Outline that a separate category 
for the presence of a guarantee was included in recognition of the fact 
that a guaranteed loan is often made as a counteroffer for either a 
requested loan by the applicant or because the applicant does not 
qualify for a conventional loan.\557\ Having guarantee status captured 
as a feature of loan type therefore would provide useful information. 
The Bureau also noted that some borrowers specifically request a 
government guaranteed loan program and/or receive a loan from a 
financial institution that only participates in such a program.\558\
---------------------------------------------------------------------------

    \557\ Id.
    \558\ Id.
---------------------------------------------------------------------------

    For reporting when an application requests more than one type of 
loan product, the Bureau stated in the SBREFA Outline that it was 
considering whether to propose that (1) financial institutions choose 
up to three items from the subcomponent lists for the Loan Type data 
point if there is only one application and multiple products/
guarantees/terms were asked for; or (2) financial institutions report 
separate applications/originations for each loan type requested or 
originated. The Bureau explained that financial institutions would be 
able to choose more than one guarantee for originated or approved but 
not accepted credit. For loan product and loan term, however, financial 
institutions would report only one of each subcomponent on originated 
credit or credit approved but not accepted.\559\
---------------------------------------------------------------------------

    \559\ Id. at 27.
---------------------------------------------------------------------------

    A number of SERs requested certain products be added to the 
``product type'' list; this feedback generally aligned with feedback 
regarding product coverage (see the section-by-section analysis of 
proposed Sec.  1002.104 above). Two SERs suggested that line increases 
should be

[[Page 56442]]

excluded. Some SERs requested that the Bureau permit multiple types of 
guarantees to be selected for a single application, and one SER 
suggested that FHA guarantees be added to the guarantee list. One SER 
explained that government guarantees and personal guarantees are 
different--the government guarantee being a credit enhancement and a 
personal guarantee being a form of collateral.
    The SBREFA Panel recommended that the Bureau consider modifying the 
product type and guarantee lists in accordance with the various 
suggestions made by SERs. The Panel also recommended that the Bureau 
seek comment on how financial institutions currently handle increases 
in lines of credit and how best to require reporting of this data point 
for multiple lines of credit within the same account.\560\
---------------------------------------------------------------------------

    \560\ SBREFA Panel Report at 45.
---------------------------------------------------------------------------

    The Bureau also received feedback from other stakeholders regarding 
this data point. A community group commenter stated that the three data 
fields making up this data point are appropriate choices because each 
is necessary separately and in combination to help determine whether 
lenders are responding to the needs for credit by offering affordable 
and sustainable products to traditionally underserved small businesses. 
Commenters requesting that additional products be covered by the rule, 
such as MCAs, likewise said those products would need to be added to 
the loan product list. Another commenter stated that the Bureau should 
also expand the number of guarantees that a financial institution can 
select because creditors will sometimes stack four or five guarantees 
on a single loan product.
    One commenter stated that the ``type and purpose of the financing'' 
are fluid in the application process, and the Bureau should make it 
clear that high-level, general, or categorical information is 
sufficient for these data points. Other commenters appreciated the 
inclusion of ``other,'' ``unknown,'' and ``other/unknown'' in the field 
lists to facilitate compliance. One commenter asked that the Bureau 
provide clear guidance on how this data point should be reported, and 
another stated that reporting this data point should not be costly if 
it is defined simply and left unchanged.
    Treatment of multiple products requested at the same time. 
Regarding how a single request for multiple loan/credit products should 
be reported, some commenters supported reporting separate applications 
while others supported requiring reporting as a single application. One 
commenter suggested that the Bureau should accommodate both approaches. 
Another commenter remarked that if a business is applying for multiple 
products, the basic information is going to be the same, the only 
difference would be which product is funded. This same commenter 
suggested that if multiple applications are reported, that will 
overinflate the data points as the business does not have three 
separate applications, but only one application for different products. 
This commenter further pointed out that there are instances where a 
business is only applying for a loan but ends up liking the terms of a 
line of credit, and asked whether that change in decision would become 
a new application.
Proposed Rule
    The Bureau is proposing in Sec.  1002.107(a)(5) to require that 
financial institutions collect and report the following information 
regarding the type of credit applied for or originated: (i) The credit 
product; (ii) The type or types of guarantees that were obtained for an 
extension of credit, or that would have been obtained if the covered 
credit transaction were originated; and (iii) The length of the loan 
term, in months, if applicable. These aspects of credit type are 
discussed in turn below. This proposal is consistent with the approach 
presented in the SBREFA Outline, and would require the financial 
institution to choose the credit product and guarantee(s) from a 
specified list. (These lists are provided in the commentary 
accompanying proposed Sec.  1002.107(a)(5).) The lists include choices 
for ``Other'' and ``Not provided by applicant and otherwise 
undetermined,'' as appropriate, to facilitate compliance. Based on the 
feedback from SERs and other stakeholders, and consistent with the 
SBREFA Panel's recommendation to consider modifying the product type 
and guarantee lists in accordance with the suggestions made by SERs, 
the Bureau has updated the lists to reflect additional credit products 
and types of guarantees. The Bureau is also proposing to use the term 
``credit type'' for this data point, rather than the SBREFA Outline 
term ``loan/credit type,'' for clarity and consistency with terminology 
used elsewhere in the proposal.
    The Bureau believes that it is reasonable to interpret the 
statutory term ``credit type'' to comprise the proposed three data 
fields, because they are critical to understanding the nature of small 
business credit applied for and provided, as explained below. For the 
reasons discussed herein, the Bureau believes that the subcategories of 
credit product (including collateral), guarantee type, and loan term 
would aid in fulfilling the purposes of section 1071. Financial 
institutions generally have all of the information required for this 
data point when they process applications (and the reporting regime 
would be sufficiently flexible when they do not), so the Bureau does 
not believe there is anything in this approach that would impose 
particular operational difficulty. Additionally, the Bureau believes it 
is reasonable to interpret type of credit ``applied for'' to include 
the type of credit actually originated when an application results in 
an extension of credit.
    The Bureau seeks comment on its proposed approach to the credit 
type data point, including the lists of products and guarantees 
proposed and the other specific requests for input below.
    Credit product. The first data field the Bureau is proposing to 
include in the credit type data point is the credit product (i.e., a 
commonly understood category of small business lending like term loans 
or lines of credit) which the Bureau considers to be an integral part 
of the statutory requirement to collect credit type. The Bureau 
believes information about the various products sought by applicants 
would further the purposes of section 1071 by demonstrating, for 
example, how small businesses of different sizes or in different 
sectors choose to pursue, or ultimately access, different forms of 
credit.
    The Bureau distinguishes between secured and unsecured term loans 
and lines of credit in its list of credit products because it believes 
that whether a term loan or line of credit is collateralized can have 
such a significant effect on things like approval rates and pricing 
that secured and unsecured products fundamentally differ in kind. For 
this reason, the Bureau believes that including information on the use 
of collateral in the credit product data field will help data users to 
avoid inaccurate interpretations of 1071 data. The Bureau believes that 
whether a loan is secured or unsecured will be part of an application 
or loan file and, as a result, should not be operationally difficult to 
report once a financial institution's 1071 compliance system is set up.
    Proposed comment 107(a)(5)-1 would present the instructions for 
collecting and reporting credit product and the proposed list of credit 
products from which financial institutions would select. Proposed 
comment 107(a)(5)-1 would explain that a financial

[[Page 56443]]

institution complies with Sec.  1002.107(a)(5)(i) by selecting the 
credit product requested from the list provided in the comment. It 
would also explain that if an applicant requests more than one credit 
product, the financial institution reports each credit product 
requested as a separate application.
    The issue of how to collect and report multiple products applied 
for at the same time affects several data points, but is most salient 
for credit type. The Bureau believes that requiring a separate 
application to be reported for each credit product requested would 
yield more complete and useful data, and that a financial institution 
should not experience operational difficulties in copying the relevant 
information, identical for most data points, to separate lines in the 
small business lending application register. This issue is discussed 
more fully in the section-by-section analysis of proposed Sec.  
1002.103(a), which also addresses the Bureau's proposed approach to 
multiple lines of credit within the same account.
    The Bureau intends the list of credit products provided in proposed 
comment 107(a)(5)-1 to align with the most common types of credit 
products in small business lending. As explained above, the list for 
credit product included in the SBREFA Outline has been amended based on 
SER and stakeholder input, as well as other considerations. 
Specifically, ``Merchant cash advance'' and ``Other sales-based 
financing transaction'' have been added to the list to correspond with 
their inclusion as covered credit transactions under proposed Sec.  
1002.104. See the section-by-section analysis of proposed Sec.  
1002.104 above for a more complete discussion of products covered by 
and excluded from the Bureau's proposal. Proposed comment 107(a)(5)-6 
would explain when ``other sales-based financing transaction'' is used 
for reporting.
    Proposed comment 107(a)(5)-1 would also explain that if the credit 
product for an application does not appear on the list of products 
provided, the financial institution selects ``other'' as the credit 
product and reports the specific product via free-form text. The Bureau 
believes that allowing financial institutions to choose ``other'' when 
the credit product for the application does not appear on the provided 
list would facilitate compliance. In addition, collecting this 
information on ``other'' credit products would assist the Bureau in 
monitoring product trends and key developments in the small business 
lending market, which the Bureau could use to inform any future 
iterations of the list.
    Proposed comment 107(a)(5)-2 would explain that, pursuant to 
proposed Sec.  1002.107(c)(1), a financial institution is required to 
maintain procedures reasonably designed to collect applicant-provided 
data, which includes credit product. However, if a financial 
institution is nonetheless unable to collect or otherwise determine 
credit product information because the applicant does not indicate what 
credit product it seeks and the application is denied, withdrawn, or 
closed for incompleteness before a credit product is identified, the 
proposed comment would explain that the financial institution reports 
that the credit product is ``not provided by applicant and otherwise 
undetermined.'' This option is similar to the ``unknown'' response 
under consideration during SBREFA, but has been revised to more 
accurately reflect the situations in which the response would be 
appropriate. The Bureau believes that permitting use of this response 
would facilitate compliance and enhance the quality of data collected. 
As discussed above, commenting stakeholders supported the flexibility 
afforded by this kind of response.
    Proposed comment 107(a)(5)-3 would explain how a financial 
institution reports a transaction that involves a counteroffer. The 
comment would state that if a financial institution presents a 
counteroffer for a different credit product than the product the 
applicant had initially requested, and the applicant does not agree to 
proceed with the counteroffer, a financial institution reports the 
application for the original credit product as denied pursuant to 
proposed Sec.  1002.107(a)(9). If the applicant agrees to proceed with 
consideration of the financial institution's counteroffer, the 
financial institution reports the disposition of the application based 
on the credit product that was offered, and does not report the 
original credit product applied for. The Bureau believes that, in the 
complex circumstances created by counteroffers, the meaning of the type 
of credit ``applied for'' is ambiguous, and it is reasonable to 
interpret the credit product ``applied for'' to mean the credit product 
considered via the applicant's response to the counteroffer. For a 
discussion of the Bureau's proposed treatment of counteroffers more 
generally, see the section-by-section analysis of proposed Sec.  
1002.107(a)(9) below.
    The Bureau notes that, under its proposal, line increases would be 
reportable so that the small business lending market can be tracked 
accurately. See the section-by-section analysis of proposed Sec.  
1002.103(a) above for additional details. However, the Bureau is not 
proposing that line increases be included as a separate item in the 
credit product list.
    The Bureau seeks comment on its proposed approach to this data 
field, including the appropriateness and usefulness of the products 
included in the list, whether there are other products that should be 
added, and the proposed treatment of counteroffers. The Bureau also 
seeks comment on how financial institutions currently handle increases 
in lines of credit and whether a line increase should be considered a 
credit product, and on whether an overdraft line of credit should be 
considered a product separate from a line of credit and thus added to 
the product list.
    Type of guarantee. The second data field the Bureau is proposing to 
include in the credit type data point is guarantee. The Bureau 
considers the guarantee obtained for an extension of credit to be part 
of the credit ``type'' because it is fundamental to the nature of the 
transaction in that it meaningfully impacts terms such as interest 
rates, such that guarantee information could help to explain potential 
disparities in outcomes and reduce inaccurate conclusions, aiding in 
fulfilling the fair lending purpose of section 1071. Indeed, in common 
parlance, small business credit transactions are often referred to 
using the name of the guarantee (e.g., ``a 7(a) loan,'' referring to 
the SBA 7(a) guarantee). Because various types of guarantees are 
available for different credit products, the Bureau believes that 
guarantee type should constitute a separate data field within the 
credit type data point, so that data users can conduct separate 
analyses with respect to credit product and guarantees, and to avoid 
excessive complexity in the credit product data field. Information on 
the distribution of government loan guarantees (such as those provided 
in SBA programs) across different geographic areas and applicant groups 
should allow a better understanding of how those programs function on 
the ground, aiding in fulfilling the business and community development 
purpose of section 1071. As with collateral, information on guarantees 
is generally a part of an application or loan file and should not be 
operationally difficult to report once a financial institution's 1071 
compliance system is set up.
    Proposed comment 107(a)(5)-4 would present the instructions for 
collecting and reporting type of guarantee and the proposed list of 
guarantees from which financial institutions would select.

[[Page 56444]]

Proposed comment 107(a)(5)-4 would explain that a financial institution 
complies with Sec.  1002.107(a)(5)(ii) by selecting the type or types 
of guarantee(s) obtained for an originated covered credit transaction, 
or that would have been obtained if the covered credit transaction were 
originated, from the list provided in the comment.
    The Bureau intends the list of guarantee types provided in proposed 
comment 107(a)(5)-4 to align with the most common types of guarantees 
used in small business lending. As explained above, the list for 
guarantee type included in the SBREFA Outline has been amended based on 
SER and stakeholder input. Specifically, ``FHA insurance'' and ``Bureau 
of Indian Affairs guarantee,'' which the Bureau believes are often used 
with small business credit, have been added.
    Proposed comment 107(a)(5)-4 would also explain that the financial 
institution may select, if applicable, up to a maximum of five 
guarantees for a single application or transaction. In the SBREFA 
Outline, the Bureau stated that it was considering allowing financial 
institutions to report more than one guarantee for an application or 
originated credit.\561\ The Bureau understands that small business 
credit may have more than one guarantee, such as an SBA guarantee and a 
personal guarantee, and believes that more complete information can be 
collected by requiring as many as five to be reported.
---------------------------------------------------------------------------

    \561\ SBREFA Outline at 27.
---------------------------------------------------------------------------

    Proposed comment 107(a)(5)-4 would also explain that if the type of 
guarantee for an application or originated transaction does not appear 
on the list of guarantees provided, the financial institution selects 
``other guarantee,'' and reports the type of guarantee as free-form 
text. As with credit product, the Bureau believes that allowing 
financial institutions to choose ``other'' when a guarantee for the 
application does not appear on the provided list will facilitate 
compliance. In addition, collecting this information on ``other'' 
guarantee types would assist the Bureau in monitoring trends in usage 
of other types of guarantees and key developments in the small business 
lending market, which the Bureau could use to inform any future 
iterations of the list.
    Finally, proposed comment 107(a)(5)-4 would provide that if no 
guarantee is obtained or would have been obtained if the covered credit 
transaction were originated, the financial institution selects ``no 
guarantee.'' Because a small business credit transaction does not 
always involve use of a guarantee, the Bureau is not proposing to 
include ``not provided by applicant and otherwise undetermined'' as an 
option. If no guarantee is identified for an application, the financial 
institution would report ``no guarantee.''
    In regard to the distinction one SER made between government and 
personal guarantees, the Bureau notes that the proposed rule would 
identify them as separate options within the data field, thereby 
allowing data users to analyze them independently.
    The Bureau seeks comment on its proposed approach to this data 
field, including the appropriateness and usefulness of the items 
listed, and whether there are other guarantees that should be added. 
The Bureau also seeks comment on whether five is the appropriate upper 
limit for reporting guarantees.
    Loan term. The third data field the Bureau is proposing to include 
in the credit type data point is the loan term. As with the consumer 
lending market, the pricing and sustainability of closed-end credit 
transactions for small businesses are associated with term length, and 
without awareness of the term of the loan, data users will have less of 
an understanding of the types of credit being made available to 
applicants. Credit with a one-month term may differ not just in degree 
but in kind from credit with a 60-month term. The Bureau thus believes 
that the length of the loan term is a fundamental attribute of the type 
of credit that applicants are seeking such that it should be treated as 
a separate data field within credit type. As with other elements of the 
credit type data point, loan term information would allow data users to 
reduce inaccurate conclusions or misinterpretations of the 1071 data, 
aiding in fulfilling both the fair lending and business and community 
development purposes of section 1071. Likewise, the loan term will be 
part of the application or loan file and should not be operationally 
difficult to report once a financial institution's 1071 compliance 
system is set up.
    Proposed comment 107(a)(5)-5 would present the instructions for 
collecting and reporting loan term. Specifically, it would explain that 
a financial institution complies with proposed Sec.  
1002.107(a)(5)(iii) by reporting the number of months in the loan term 
for the covered credit transaction, and that the loan term is the 
number of months after which the legal obligation will mature or 
terminate. The comment would further explain how to measure the loan 
term and the possible use of rounding.
    Proposed comment 107(a)(5)-5 would also make clear that if a credit 
product, such as a credit card, does not have a loan term, the 
financial institution reports loan term as ``not applicable.'' The 
financial institution also reports ``not applicable'' if the 
application is denied, withdrawn, or determined to be incomplete before 
a loan term has been identified. The Bureau believes that permitting 
the use of ``not applicable'' in these situations would facilitate 
compliance and aid in the collection of appropriate data. The Bureau 
believes that the proposed regulatory text and commentary described 
above would alleviate many of the concerns of the SERs and other 
commenting stakeholders regarding the credit type data point. The 
credit product and guarantee type lists have been updated using their 
input and continued Bureau consideration. Multiple types of guarantees 
would be permitted by the proposal, and FHA guarantees have been added 
to the list.
    The Bureau believes the statutory term ``type . . . of the loan'' 
to be ambiguous, and reasonably interprets the term to include the 
credit product, any guarantee obtained, and the term of a closed-end 
loan because an accurate and useful record of the ``type'' of loan or 
credit would include those data fields. In the alternative, ECOA 
section 704B(e)(2)(H) authorizes the Bureau to require inclusion of 
``any additional data that the Bureau determines would aid in 
fulfilling the purposes of [section 1071],'' and for the reasons 
discussed above, the Bureau has also determined that the subcategories 
of credit product (including collateral), guarantee type, and loan term 
would aid in fulfilling those purposes.
    The Bureau seeks comment on its proposed approach to this data 
field.
107(a)(6) Credit Purpose
Background
    Section 1071 requires financial institutions to collect and report 
``the type and purpose of the loan or other credit being applied for.'' 
\562\ (The credit type data point is addressed in proposed Sec.  
1002.107(a)(5).)
---------------------------------------------------------------------------

    \562\ ECOA section 704B(e)(2)(B).
---------------------------------------------------------------------------

SBREFA Proposals Under Consideration and Feedback Received
    The Bureau stated in the SBREFA Outline that it was considering 
proposing that financial institutions report the loan/credit purpose 
data point by choosing one or more purposes from a specified list. In 
addition to several specific business purposes, the list included 
choices for ``Other'' or

[[Page 56445]]

``Unknown'' to facilitate compliance. The Bureau also explained that it 
was considering proposing that financial institutions be allowed to 
choose up to three purposes when the applicant indicates more than one 
purpose.\563\
---------------------------------------------------------------------------

    \563\ SBREFA Outline at 28.
---------------------------------------------------------------------------

    Some SERs stated that they collect information on loan/credit 
purpose, although the information they collect may be different from 
that in the loan/credit purpose list in the SBREFA Outline.\564\ One 
SER did, however, suggest that the Bureau's purposes list was similar 
to their list. Some SERs made suggestions of additional loan/credit 
purposes to add to the list, including for inventory loans, 
agricultural loans, and contract financing. One SER requested that the 
Bureau clarify whether this data point is intended to capture the 
purpose of the loan or the type of collateral. Another SER recommended 
combining the categories of motor vehicle finance and equipment 
finance, explaining that certain financing can span both categories 
(such as for a truck and a trailer as a combined purchase). One of the 
SERs expressed concern about possible confusion regarding credit with 
multiple purposes, and another SER suggested that the Bureau provide 
clear instructions on this data point. Another SER suggested that the 
Bureau explain how a line of credit should be reported if there can be 
multiple lines for different purposes all within the same account.
---------------------------------------------------------------------------

    \564\ SBREFA Panel Report at 27.
---------------------------------------------------------------------------

    The SBREFA Panel recommended that the Bureau consider modifying the 
loan/credit purpose lists in accordance with the various suggestions 
made by SERs.\565\
---------------------------------------------------------------------------

    \565\ Id. at 45.
---------------------------------------------------------------------------

    Like the SERs, the other stakeholders who provided feedback on the 
SBREFA Outline stated that they often collect loan purpose information 
from applicants, but that the specific loan purposes they use differ 
somewhat from those listed in the SBREFA Outline. Stakeholders 
supported the inclusion of ``other'' and ``unknown'' in the list of 
purposes, and one suggested that the Bureau add ``Not Applicable'' for 
products, such as credit cards, that do not have a specific purpose. As 
with the SERs, these stakeholders requested clarifications and several 
changes to the loan purposes list. One commenter stated that financial 
institutions should not have to present the entire list to applicants 
where a loan product's terms do not allow the loan to be used for one 
or more of the specified purposes. That same commenter suggested that 
financial institutions should be allowed to include additional purposes 
not on the list, and in the instance an applicant selects an additional 
purpose, the financial institution would include it as ``other'' unless 
the selected purpose squarely fits within, or is a subset of, a purpose 
specified on the Bureau's list.
Proposed Rule
    The Bureau is proposing in Sec.  1002.107(a)(6) to require that 
financial institutions collect and report the purpose or purposes of 
the credit applied for or originated. The Bureau's proposed approach 
aligns with the SBREFA Outline approach, with certain adjustments. 
First, the Bureau is proposing to use the term ``credit purpose'' for 
this data point, rather than ``loan/credit purpose,'' for clarity and 
consistency with terminology used elsewhere in the proposal. In 
addition, the proposal would provide a more complete description of the 
purposes listed, which would clarify the relation between the purpose 
of the credit and the form of collateral used. The proposal also 
reflects other changes to the list of purposes presented in the SBREFA 
Outline, as explained below.
    Proposed comment 107(a)(6)-1 would present instructions for 
collecting and reporting credit purpose and would provide the proposed 
list of credit purposes from which financial institutions would select.
    The proposed list is similar to the list in the SBREFA Outline 
although, consistent with the SBREFA Panel's recommendation, the Bureau 
has made adjustments based on SERs' suggestions, as well as those of 
other stakeholders and its own further consideration. First, the items 
on the SBREFA list that described types of collateral, such as 
commercial real estate, have been updated to more clearly reflect that 
the financial institution is collecting and reporting the purpose of 
the loan, and not the form of collateral, though the form of collateral 
may be referred to in describing that purpose. In addition, the listed 
purposes involving real estate now differentiate between dwelling and 
non-dwelling real estate. The Bureau believes that this distinction 
would help in collecting more precise and useful data. To facilitate 
compliance the Bureau is also proposing to add ``not applicable'' to 
the purposes list for use when an application is for a credit product 
that generally has indeterminate or numerous potential purposes, such 
as a credit card. Proposed comment 107(a)(6)-5 would also explain the 
use of ``not applicable'' as a response. In addition to the changes 
described above, the proposed list of purposes also reflects small 
nonsubstantive edits for clarity.
    Proposed comment 107(a)(6)-2 would explain that if the applicant 
indicates or the financial institution is otherwise aware of more than 
one purpose for the credit applied for or originated, the financial 
institution would report those purposes, up to a maximum of three, 
using the list provided, in any order it chooses. Since an applicant 
may have more than one purpose for a credit transaction, the Bureau 
believes it is appropriate to require collection and reporting of more 
than one credit purpose for this data point in that situation. The 
Bureau believes that having financial institutions report up to three 
purposes would provide useful and substantive data. The Bureau also 
believes that allowing financial institutions discretion as to the 
order of the purposes would facilitate compliance.
    Proposed comment 107(a)(6)-3 would explain that if a purpose of the 
covered credit transaction does not appear on the list of purposes 
provided, the financial institution reports ``other'' as the credit 
purpose and reports the purpose as free-form text. The Bureau believes 
that allowing financial institutions to choose ``other'' when a credit 
purpose for the application does not appear on the provided list would 
facilitate compliance. In addition, collecting this information on 
``other'' credit purposes would assist the Bureau in monitoring trends 
in this area and key developments in the small business lending market, 
which the Bureau could use to inform any future iterations of the list. 
For efficiency and to facilitate compliance, proposed comment 
107(a)(6)-3 would also explain that if the application has more than 
one ``other'' purpose, the financial institution chooses the most 
significant ``other'' purpose, in its discretion, and reports that 
``other'' purpose. The comment would then explain that a financial 
institution reports a maximum of three credit purposes, including any 
``other'' purpose reported.
    Proposed comment 107(a)(6)-4 would explain that, pursuant to 
proposed Sec.  1002.107(c)(1), a financial institution shall maintain 
procedures reasonably designed to collect applicant-provided 
information, which includes credit purpose. However, if a financial 
institution is nonetheless unable to collect or determine credit 
purpose information, the financial institution would report that the 
credit purpose is ``not provided by applicant and otherwise 
undetermined.'' The Bureau believes that permitting use of this 
response would facilitate compliance

[[Page 56446]]

and enhance the quality of data collected.
    In order to facilitate compliance, the Bureau is also proposing 
comments 107(a)(6)-6 and -7. Proposed comment 107(a)(6)-6 would clarify 
that, as explained in proposed comment 104(b)-4, subpart B does not 
apply to an extension of credit that is secured by 1-4 individual 
dwelling units that the applicant or one or more of the applicant's 
principal owners does not, or will not, occupy. Proposed comment 
107(a)(6)-7 would clarify the collection and reporting obligations of 
financial institutions with respect to the credit purpose data point, 
explaining that the financial institution would be permitted, but not 
required, to present the list of credit purposes provided in comment 
107(a)(6)-1 to the applicant. Proposed comment 107(a)(6)-7 would 
further explain that the financial institution would also be permitted 
to ask about purposes not included on the list provided in proposed 
comment 107(a)(6)-1. Finally, proposed comment 107(a)(6)-7 would 
clarify that if an applicant chooses a purpose or purposes that are 
similar to purposes on the list provided, but uses different language, 
the financial institution would report the purpose or purposes from the 
list provided. The Bureau believes that minimizing use of free-form 
text here would improve the usefulness of the data collected and 
facilitate compliance.
    The Bureau believes that, with the modifications discussed above, 
the list of credit purposes provided in proposed comment 107(a)(6)-1 
appropriately aligns with the purposes of credit sought in the small 
business credit market. As explained above, the Bureau has clarified 
the distinction between the purpose of the credit and the collateral 
involved, as one SER suggested. In addition, the Bureau believes that 
the explanations and instructions in the proposed commentary 
accompanying Sec.  1002.107(a)(6) should reduce any confusion as to how 
a financial institution would comply when an application involves 
multiple purposes, and in other situations. In regard to the SER 
comment about multiple lines of credit for different purposes within 
the same account, see the discussion of ``covered application'' in the 
section-by-section analysis of proposed Sec.  1002.103(a) above.
    The Bureau seeks comment on its proposed approach to the credit 
purpose data point. In addition, the Bureau seeks comment on whether 
there are any purposes that should be added to or modified on its 
proposed list including, in particular, on the potential usefulness of 
including ``agricultural credit'' and ``overdraft line of credit'' in 
the credit purposes list. Finally, the Bureau requests comment on 
whether further explanations or instructions with respect to this data 
point would facilitate compliance.
107(a)(7) Amount Applied For
Background
    Section 1071 requires financial institutions to collect and report 
``the amount of the credit or credit limit applied for, and the amount 
of the credit transaction or the credit limit approved.'' \566\
---------------------------------------------------------------------------

    \566\ ECOA section 704B(e)(2)(C).
---------------------------------------------------------------------------

    The Bureau notes that for HMDA, Regulation C Sec.  1003.4(a)(7) 
requires reporting of ``the amount of the covered loan or the amount 
applied for, as applicable,'' which requires reporting of the amount 
applied for only when the credit is not originated. Because section 
1071 uses the conjunction ``and'' rather than ``or,'' the Bureau reads 
section 1071 to require collection and reporting of the amount applied 
for regardless of whether the application is ultimately approved or 
originated. (The amount approved or originated data point is addressed 
in proposed Sec.  1002.107(a)(8).)
SBREFA Proposals Under Consideration and Feedback Received
    The Bureau stated in the SBREFA Outline that it was considering 
requiring financial institutions to report the amount applied for data 
point using the initial amount of credit or credit limit requested by 
the applicant at the application stage, or later in the process but 
prior to the financial institution's evaluation of the credit 
request.\567\ The Bureau further explained in the SBREFA Outline that 
this method would not require reporting of amounts discussed before an 
application is made to a financial institution, but would capture the 
initial amount requested at the application stage or later, and would 
reflect the amount of the request that was evaluated by the financial 
institution in making a credit decision. In addition, if the applicant 
did not request a particular amount, but the financial institution 
underwrote the application as being for a specific amount, the 
financial institution would report the amount considered for 
underwriting. If the particular product applied for would not involve a 
specific amount requested or underwritten, the financial institution 
would report ``Not Applicable'' for this data point. Finally, the 
Bureau suggested in the SBREFA Outline \568\ that when an applicant 
responds to a ``firm offer'' that specifies an amount, which may occur 
in conjunction with a pre-approved credit solicitation, the amount 
applied for would generally be the amount of the firm offer.
---------------------------------------------------------------------------

    \567\ SBREFA Outline at 28-29.
    \568\ Id.
---------------------------------------------------------------------------

    Because of the relationship between the amount applied for and the 
amount approved or originated data points, the following summary of SER 
feedback includes input on both.\569\ One SER articulated the 
importance of capturing data on both the amount applied for and the 
amount approved, stating that both data points were necessary to 
identify potentially discriminatory practices, such as discouragement, 
in the lending process. Another SER explained that the amount applied 
for could change during the iterative application process, particularly 
with a business that may not have previously had a banking relationship 
with the financial institution, but that the amount generally stayed 
consistent through underwriting. Other SERs asserted that differences 
between the amounts requested and approved were frequent, for a variety 
of reasons. One SER stated that they notify applicants of a preliminary 
offered amount, which often changes after documentation and 
underwriting. One example offered was that disparities between the 
amount applicants applied for and the amount the lenders approved may 
be attributable to collateral being assessed at a different value than 
the amount the applicants initially requested. Some SERs also remarked 
that differences in these amounts were often attributable to financial 
institutions acting as counselors or advisors to small businesses, 
including start-ups, and going back and forth until arriving at an 
amount that is appropriate given the customer's needs.
---------------------------------------------------------------------------

    \569\ See SBREFA Panel Report at 27-28.
---------------------------------------------------------------------------

    One SER (who supported reporting the amount initially applied for 
and the amount approved) strongly opposed reporting counteroffers, 
stating that negotiation is quite prevalent in small business lending. 
Another SER suggested that the Bureau use ranges for reporting the 
amount applied for, rather than specific numbers, and that the Bureau 
allow a financial institution to report ``not applicable'' if an 
applicant does not specify an amount requested. A SER also suggested 
there could be other potential complexities in capturing data on credit 
amount/limit the applicant applied for and credit amount/limit the 
lender approved, such as simultaneous or grouped financings involving 
multiple products, different sub-limits for each product or loan, and

[[Page 56447]]

a general credit limit for an entire facility. SERs asked that these 
data points be captured in a manner that took these complexities into 
account.
    The SBREFA Panel recommended that the Bureau seek comment on 
potential methods for avoiding misinterpretations of disparities 
between the credit amount/limit applied for and the credit amount/limit 
approved.\570\
---------------------------------------------------------------------------

    \570\ Id.
---------------------------------------------------------------------------

    The Bureau also received feedback from other stakeholders regarding 
this data point. Industry stakeholders providing feedback on the SBREFA 
Outline emphasized that arriving at an applied for amount is a complex, 
iterative process and that the reporting requirement should be 
flexible. One stakeholder suggested that the Bureau propose to require 
reporting of the amount of the request that was evaluated by the 
financial institution in making the credit decision. That stakeholder 
echoed the comments of others when it explained that the amount of 
credit requested can change a great deal in formulating an application. 
The stakeholder further explained that some borrowers request a 
specific amount immediately, others may not arrive at a number until 
after two or three sessions, and still others may float multiple 
numbers during several conversations, trying to gauge a loan officer's 
reaction. Another stakeholder commented that an applicant's stated 
credit desires can be arbitrary and that comparing the initial amount 
requested against the amount approved could be misleading and is not a 
reliable measure of the health or efficacy of small business lending. 
Other stakeholders stated that an applicant will often or usually state 
a specific amount early on, but that the amount will usually change 
during the process for various appropriate reasons. One stakeholder 
explained that small business loans generally are not a quick affair 
and require substantial review by and interaction between the lender 
and borrower, and business credit that it is uncommon for a small 
business applicant's requested credit amount to stay the same from 
application to underwriting. One trade association stated that many 
small businesses will request a much higher loan amount than what is 
ultimately approved after evaluation of collateral, particularly in 
transactions involving real estate or equipment, and that for start-ups 
and sole proprietorships a lack of sophistication can also lead to 
initial requests being unrealistic. That trade association further 
explained that in these cases, the financial institution will work with 
the applicant to arrive at a more reasonable amount, which could take 
place over a period of weeks or months. The trade association then 
recommended that the Bureau allow reporting of an amount that is 
determined at a later stage than the first request. Finally, another 
industry stakeholder requested that the Bureau propose to allow 
reporting of the applied for amount using ranges of numbers, stating 
that applicants often request credit this way.
    A community group stakeholder stated that the Bureau should require 
financial institutions to report the initial amount requested at the 
time of application, explaining that the amount of credit requested is 
important for the purposes of section 1071, which it described as 
including enforcing fair lending laws and assessing whether credit 
needs are met.
    Two stakeholders supported the use of ``not applicable'' when the 
credit product does not have a specific amount or limit, and another 
stakeholder said that no ``applied for'' credit limit should be 
required for open-end products. Two other stakeholders requested that 
the Bureau allow the use of ``not applicable'' whenever an applicant 
does not request a specific amount.
Proposed Rule
    The Bureau is proposing in Sec.  1002.107(a)(7) to require that a 
financial institution collect and report ``the initial amount of credit 
or the initial credit limit requested by the applicant.'' Proposed 
comment 107(a)(7)-1 would explain that a financial institution is not 
required to report credit amounts or limits discussed before an 
application is made, but must capture the amount initially requested at 
the application stage or later. In addition, proposed comment 
107(a)(7)-1 would state that if the applicant does not request a 
specific amount, but the financial institution underwrites the 
application for a specific amount, the financial institution reports 
the amount considered for underwriting as the amount applied for. 
Finally, proposed comment 107(a)(7)-1 would instruct that if the 
applicant requests an amount as a range of numbers, the financial 
institution reports the midpoint of that range.
    The Bureau is aware that there could be complexity in pinpointing 
the specific initial amount requested by an applicant in the fluid 
process of a small business credit application, which the Bureau 
acknowledges could make this data point difficult for financial 
institutions to collect and report. Nonetheless, the statute requires 
that the amount applied for be reported, and that information could be 
important for both of section 1071's statutory purposes. The Bureau 
believes that its proposed regulatory text and commentary, described 
above, would provide a flexible compliance regime for this data point 
that would accommodate different business practices. A financial 
institution would not be required to report amounts discussed before 
the application is made, which would accommodate preliminary informal 
interactions. In addition, the proposed comment's instruction on how to 
report this data point when the applicant requests a range of numbers 
would facilitate compliance in that situation and yield data that would 
be comparable to the other data collected for this data point (i.e., 
specific numbers and not ranges of numbers). The Bureau believes that 
more precise information will be more useful and should not create 
extra difficulty for financial institutions to collect.
    Furthermore, proposed comment 107(a)(7)-1 would address the method 
for reporting when no initial amount is requested by the applicant--
that is, the financial institution reports the amount considered for 
underwriting as the amount applied for. The Bureau believes that this 
method would aid compliance and yield appropriate data by avoiding the 
need to report a preliminary number when a financial institution's 
business practices do not result in there being such a number to 
report. The Bureau understands that a specific amount is often not 
required by many financial institutions for products such as credit 
cards, as the financial institution assigns the credit limit as part of 
the credit evaluation process.
    The SER and stakeholder feedback from SBREFA suggest that mandating 
reporting of an amount applied for in all cases could impose undue 
compliance burden and complicate Regulation B compliance for entities 
that do not, for certain products, currently require that the borrower 
request a specific credit amount or credit limit as part of the 
financial institution's application process. In light of the 
complexities and concerns described by the SERs and other stakeholders, 
and the Bureau's understanding that sometimes there is no amount 
underwritten to, the Bureau believes that the amount applied for data 
point should avoid interfering with this arrangement by allowing use of 
``not applicable'' in certain instances. Thus, proposed comment 
107(a)(7)-2 would explain that if the particular product applied for 
does not involve a

[[Page 56448]]

specific amount requested or underwritten, the financial institution 
reports that the requirement is ``not applicable.''
    In addition to situations in which no amount applied for is 
requested by the financial institution or underwritten to and the 
amount applied for would be ``not applicable,'' as described above, the 
Bureau understands that there may be situations where the financial 
institution requests an amount applied for but the applicant 
nonetheless does not provide one. To address this situation, proposed 
comment 107(a)(7)-2 would explain that, in compliance with proposed 
Sec.  1002.107(c)(1), a financial institution shall maintain procedures 
reasonably designed to collect applicant-provided information, which 
includes the credit amount initially requested by the applicant. 
However, if a financial institution is nonetheless unable to collect or 
otherwise determine the amount initially requested, the financial 
institution reports that the amount applied for is ``not provided by 
applicant and otherwise undetermined.'' The Bureau believes that 
providing the reporting flexibilities in proposed comment 107(a)(7)-2, 
along with the proposed reporting of the amount presented for 
underwriting when appropriate, would facilitate compliance by 
accommodating different business practices and would also allow for 
collection of useful data.
    Proposed comment 107(a)(7)-3 would provide instructions for 
reporting the amount applied for in regard to firm offers. ``Firm 
offers'' involve solicitations to small businesses when they have been 
pre-approved for a term loan, line of credit, or credit card.\571\ 
Proposed comment 107(a)(7)-3 would explain that when an applicant 
responds to a ``firm offer'' that specifies an amount or limit, which 
may occur in conjunction with a pre-approved credit solicitation, the 
financial institution reports the amount applied for as the amount of 
the firm offer, unless the applicant requests a different amount. If 
the firm offer does not specify an amount or limit and the applicant 
does not request a specific amount, the amount applied for is the 
amount underwritten by the financial institution. The Bureau believes 
that when the applicant knows the amount of the pre-approval before 
responding, that figure could appropriately be considered as the amount 
applied for. The Bureau understands that financial institutions often 
provide an amount in such solicitations. But if no amount appears in 
the pre-approved solicitation, the Bureau considers that an applicant 
responding to the firm offer has not requested a specific amount, and 
reporting of the amount underwritten would be appropriate. The Bureau's 
proposal follows the SBREFA Outline's approach under consideration for 
handling firm offers, and the SERs and other stakeholders did not 
object to this method. The Bureau seeks comment, however, on whether it 
should handle reporting of the amount applied for in connection with 
firm offers in a different manner than as set forth in this proposed 
comment, such as by requiring reporting of ``not applicable'' in 
situations where the firm offer does not specify an amount or limit and 
the applicant does not request one.
---------------------------------------------------------------------------

    \571\ See 15 U.S.C. 1681a(l); see also Regulation B comment 
12(b)(7)-1 (describing offers of credit).
---------------------------------------------------------------------------

    Proposed comment 107(a)(7)-4 would explain that when reporting a 
covered application that seeks additional credit amounts on an existing 
account, the financial institution reports only the additional credit 
amount sought, and not any previous amounts sought or extended. The 
Bureau believes that this comment would facilitate compliance by 
providing clear guidance on reporting in this situation, and that 
avoiding double reporting of previous amounts would result in more 
appropriate and useful data. The Bureau notes that a request to 
withdraw additional credit amounts at or below a previously approved 
credit limit amount on an existing open-end line of credit would not be 
a covered application, and so proposed comment 107(a)(7)-4 would not 
apply to such a situation.
    The Bureau believes that the proposed regulatory text and 
commentary described above would alleviate many of the concerns of the 
SERs and other stakeholders providing feedback on the SBREFA Outline. 
The Bureau notes that the proposal would accommodate different business 
practices and the often fluid nature of amounts applied for in small 
business lending. In regard to concerns about disparities between the 
amount applied for and the amount approved or originated, section 1071 
requires the collection and reporting of the amount applied for, which 
is important for both of section 1071's statutory purposes.
    The Bureau seeks comment on its proposed approach to the amount 
applied for data point. The Bureau also requests comment on how best to 
require reporting of amount applied for in situations involving 
multiple products or credit lines under a single credit limit. The 
Bureau also requests comment on potential methods for avoiding 
misinterpretations of disparities between the amount applied for and 
the amount approved or originated. Finally, the Bureau requests comment 
on its proposed approach to reporting when a range of numbers is 
requested.
107(a)(8) Amount Approved or Originated
Background
    Section 1071 requires financial institutions to collect and report 
``the amount of the credit or credit limit applied for, and the amount 
of the credit transaction or the credit limit approved.'' \572\ (The 
amount applied for data point is addressed in proposed Sec.  
1002.107(a)(7).) As explained in the section-by-section analysis of 
proposed Sec.  1002.107(a)(7) above, the Bureau reads section 1071 to 
require collection and reporting of the amount or limit applied for as 
well as the amount of the credit transaction or credit limit approved.
---------------------------------------------------------------------------

    \572\ ECOA section 704B(e)(2)(C).
---------------------------------------------------------------------------

SBREFA Proposals Under Consideration and Feedback Received
    In the SBREFA Outline, the Bureau explained that it was considering 
proposing that financial institutions report (1) the amount of the 
originated loan for a closed-end origination; (2) the amount approved 
for a closed-end loan application that is approved but not accepted; 
and (3) the amount of the credit limit approved for open-end products 
(regardless of whether the open-end product is originated or approved 
but not accepted).\573\ In light of the potential meaning of the 
statutory language, the Bureau explained that it was considering 
proposing different standards for closed-end and open-end products. In 
addition, the financial institution would report ``Not Applicable'' for 
this data point for applications that are denied, closed for 
incompleteness, or withdrawn by the applicant before a credit decision 
is made.
---------------------------------------------------------------------------

    \573\ SBREFA Outline at 23.
---------------------------------------------------------------------------

    The relevant SBREFA Panel Report section summarized feedback on 
both the amount applied for and the amount approved data points. For 
ease of reading, the Bureau has included the discussion of both above 
in the section-by-section analysis of proposed Sec.  1002.107(a)(7). 
The following summary focuses more on the amount approved or originated 
data point. One SER articulated the importance of capturing data on 
both the amount applied for and the amount approved, stating that both 
data points were necessary to identify practices, such as

[[Page 56449]]

discouragement, in the lending process. Other SERs asserted that 
differences between the amounts requested and approved were frequent, 
for a variety of reasons. One SER stated that they notify applicants of 
a preliminary offered amount, which often changes after documentation 
and underwriting. One example offered was that disparities between the 
amount applicants applied for and the amount the lenders approved may 
be attributable to collateral being assessed at a different value than 
the amount the applicants initially requested.
    One SER (who supported reporting the amount initially applied for 
and the amount approved) strongly opposed reporting counteroffers, 
stating that negotiation is quite prevalent in small business 
lending.\574\ Another SER also suggested there could be other potential 
complexities in capturing data on credit amount/limit the applicant 
applied for and credit amount/limit the lender approved, such as 
simultaneous or grouped financings involving multiple products, 
different sub-limits for each product or loan, and a general credit 
limit for an entire facility. SERs asked that these data points be 
captured in a manner that took these complexities into account.
---------------------------------------------------------------------------

    \574\ The SER feedback discussed in this section-by-section 
analysis can be found in the SBREFA Panel Report at 27-28.
---------------------------------------------------------------------------

    As noted in the feedback summary above, the SBREFA Panel 
recommendation addressed both the amount applied for and the amount 
approved data points. The Panel recommended that the Bureau seek 
comment on potential methods for avoiding misinterpretations of 
disparities between the credit amount/limit applied for and the credit 
amount/limit approved.\575\
---------------------------------------------------------------------------

    \575\ Id. at 46.
---------------------------------------------------------------------------

    Few of the stakeholders who provided written feedback on the SBREFA 
Outline objected to the reporting method under consideration for amount 
approved/originated. One commenter asked that this data point be 
reported using ranges of numbers rather than specific amounts, in order 
for it to be uniform with the method it suggested for the amount 
applied for data point. Other commenters pointed out possible confusion 
as to the definitions of closed-end and open-end credit. In addition, 
commenters stated that sometimes applicants are provided more than one 
approval amount, and one commenter suggested that in such cases the 
Bureau should require reporting of the highest approval amount when the 
credit is approved but not accepted.
Proposed Rule
    The Bureau is proposing in Sec.  1002.107(a)(8) that the amount 
approved or originated data point be collected and reported as follows: 
(i) For an application for a closed-end credit transaction that is 
approved but not accepted, the financial institution collects and 
reports the amount approved by the financial institution; (ii) for a 
closed-end credit transaction that is originated, the financial 
institution collects and reports the amount of credit originated; and 
(iii) for an application for an open-end credit transaction that is 
originated or approved but not accepted, the financial institution 
collects and reports the amount of the credit limit approved.
    The Bureau's proposal follows the SBREFA Outline approach for this 
data point, with certain adjustments and clarifications. First, for 
clarity the proposed rule refers to this data point as ``amount 
approved or originated.'' In addition, the Bureau is proposing comment 
107(a)(8)-2 to explain that when a financial institution presents 
multiple approval amounts from which the applicant may choose, and the 
credit is approved but not accepted, the financial institution reports 
the highest amount approved. The Bureau believes that reporting the 
highest amount approved when credit is approved but not accepted, as 
addressed in this proposed comment, would most accurately reflect the 
amount of credit that was made available to the applicant in this 
situation.
    Proposed comment 107(a)(8)-1 would provide general instructions for 
the amount approved or originated data point, explaining that a 
financial institution would comply with proposed Sec.  1002.107(a)(8) 
by reporting the amount approved or originated for credit that is 
originated or approved but not accepted. For applications that the 
financial institution, pursuant to proposed Sec.  1002.107(a)(9), 
reports as denied, withdrawn by the applicant, or incomplete, the 
financial institution would report that the amount approved or 
originated is ``not applicable.'' The Bureau believes that these 
instructions and providing for reporting of ``not applicable'' in 
certain circumstances will facilitate compliance for this data point 
and elicit accurate and appropriate data.
    Proposed comments 107(a)(8)-3 and -4 would provide specific 
instructions for identifying and reporting the amount approved or 
originated for closed-end transactions, including refinancings. The 
Bureau believes that the instructions provided would facilitate 
compliance and elicit accurate and useful data.
    Proposed comment 107(a)(8)-5 would provide instructions regarding 
counteroffers and the amount approved or originated data point, 
explaining that if an applicant agrees to proceed with consideration of 
a counteroffer for an amount or limit different from the amount for 
which the applicant applied, and the covered credit transaction is 
approved and originated, the financial institution reports the amount 
granted. Proposed comment 107(a)(8)-5 would further explain that if an 
applicant does not agree to proceed with consideration of a 
counteroffer or fails to respond, the institution reports the action 
taken on the application as denied and reports ``not applicable'' for 
the amount approved or originated. The proposed comment would then 
provide a reference to proposed comment 107(a)(9)-2, which discusses 
the action taken data point in relation to counteroffers. For a more 
complete discussion of how the proposed rule would treat reporting 
obligations for applications involving counteroffers, see the section-
by-section analysis of proposed Sec.  1002.107(a)(9) below (action 
taken).
    Most of the SER feedback on the amount approved or originated data 
point focused on its relation to the amount applied for data point. 
That issue is discussed in the section-by-section analysis of proposed 
Sec.  1002.107(a)(7) above (amount applied for). One SER also expressed 
concern about reporting counteroffers in relation to the amount 
approved or originated data point. The Bureau believes that, as 
explained above, proposed comment 107(a)(8)-5 provides an appropriate 
and manageable method for reporting amount approved or originated in 
counteroffer situations. Other stakeholders asked that the Bureau take 
into account the complexity of multiple product or account situations. 
The Bureau has done so in relation to its treatment of covered 
applications, discussed in the section-by-section analysis of proposed 
Sec.  1002.103(a) above. In regard to the comment concerning confusion 
between closed-end and open-end credit, the Bureau is proposing to 
define these terms clearly in the regulatory text at proposed Sec.  
1002.102(e) and (n). As for the suggestion that the amount approved or 
originated data point be reported using ranges of numbers (for 
consistency with its request to report the amount applied for data 
point using ranges), the Bureau is not proposing to have financial 
institutions report the amount applied for using ranges of numbers, 
though it

[[Page 56450]]

does seek comment on this possibility in the section-by-section 
analysis of proposed Sec.  1002.107(a)(7) above.
    The Bureau reads the statutory language ``the amount of the credit 
transaction or the credit limit approved'' to require the amount of the 
credit limit approved to be reported for open-end applications, and the 
amount of the credit transaction to be reported for closed-end 
applications. The Bureau believes the phrase ``the amount of the credit 
transaction or the credit limit approved'' to be ambiguous in regard to 
closed-end transactions because the most common meaning of the word 
``transaction'' in the context for closed-end credit transactions would 
be an originated loan. Thus, the Bureau reasonably interprets the 
statute as requiring reporting of the amount originated for closed-end 
credit transactions. In the alternative, section 1071 authorizes the 
Bureau to include any ``additional data that the Bureau determines 
would aid in fulfilling the purposes of [section 1071].'' The Bureau 
has determined that for closed-end credit transactions that are 
originated, reporting of the amount originated would aid in fulfilling 
the enforcement of fair lending laws, by indicating the credit that had 
been provided to different types of applicants in actual transactions. 
The Bureau has also determined that reporting of the amount originated 
for closed-end credit transactions would aid in fulfilling the business 
and community development purpose of section 1071 by providing a more 
complete and accurate picture of the credit actually being provided to 
different businesses and communities. In addition, in the alternative, 
the Bureau believes that it is appropriate to use its exception 
authority under ECOA section 704B(g)(2) to require the amount 
originated, rather than the amount approved, for originated closed-end 
credit transactions, because collecting data on the amount approved 
instead of the amount originated for a closed-end transaction would 
compromise the utility and quality of the data being reported, thus 
inhibiting the fair lending and business and community development 
purposes of section 1071.
    Similarly, the Bureau has determined that for closed-end credit 
that is approved but not accepted, the amount approved would aid in 
fulfilling the purposes of section 1071. Primarily, reporting of the 
amount approved for closed-end credit would aid in fulfilling the 
enforcement of fair lending laws, by indicating the credit that had 
been offered to different types of applicants when the transaction does 
not close and there is no amount originated to report. Reporting of the 
amount approved for closed-end credit would also aid in fulfilling the 
business and community development purpose of section 1071 by providing 
a more complete picture of the credit being offered to different 
businesses and communities.
    The Bureau seeks comment on its proposed approach to the amount 
approved or originated data point, including on the specific requests 
for input above. As recommended by the SBREFA Panel and explained in 
the section-by-section analysis of proposed Sec.  1002.107(a)(7) above, 
the Bureau requests comment on potential methods for avoiding 
misinterpretations of disparities between the credit amount or limit 
applied for and the credit amount or limit originated or approved and 
on the possible use of ranges of numbers for reporting the amount 
applied for and amount approved or originated data points. In addition, 
the Bureau requests comment on whether it would be useful and 
appropriate to require reporting of the amount approved as well as the 
amount originated for originated closed-end credit transactions.
107(a)(9) Action Taken
Background
    ECOA section 704B(e)(2)(D) requires financial institutions to 
report the ``type of action taken'' on an application.
SBREFA Proposal Under Consideration and Feedback Received
    In the SBREFA Outline, the Bureau stated it was considering 
proposing five categories for reporting ``action taken'': Loan 
originated, application approved but not accepted, application denied, 
incomplete application (closed or denied), and application withdrawn by 
the applicant.\576\
---------------------------------------------------------------------------

    \576\ SBREFA Outline at 29-30.
---------------------------------------------------------------------------

    Action taken categories in general. Most SERs were supportive of 
the action taken categories under consideration.\577\ Several SERs 
stated that the categories align with information they currently 
collect. One SER explained that a single application could pass through 
all of these stages and expressed concern that identifying the right 
category to report may be subjective and questioned by examiners or 
auditors after the fact. Another SER asked for additional clarity on 
the difference between denied applications and incomplete applications. 
This SER also suggested adding a category for lenders to indicate if an 
applicant is rate shopping. The SBREFA Panel recommended that the 
Bureau further clarify the circumstances in which each of the action 
taken categories should be used.\578\
---------------------------------------------------------------------------

    \577\ The SER feedback discussed in this section-by-section 
analysis can be found in the SBREFA Panel Report at 28-29.
    \578\ Id. at 46.
---------------------------------------------------------------------------

    Of the other stakeholders that provided feedback on this issue, 
several supported the action taken codes set forth in the SBREFA 
Outline. One industry commenter stated that the data point would 
generally not be difficult or expensive to report and two commenters 
reported currently tracking some similar (though not identical) fields. 
One community group commenter underscored the importance of collecting 
action taken codes (including approvals and denials) in order to track 
demand for credit and identify potential discrimination. The commenter 
also noted current available data (Community Reinvestment Act data and 
surveys) on small business lending provides limited information on 
supply and demand. The commenter stated that capturing incomplete and 
withdrawn applications was important as it may reflect discouragement 
or discriminatory treatment, and that the approved but not accepted 
category could reflect less favorable pricing or loan terms. Two 
industry commenters suggested the Bureau further simplify the action 
taken categories by eliminating the approved but not accepted and 
incomplete categories, and including only originated, abandoned, and 
denied categories. One stakeholder suggested adding a field for other 
circumstances, such as rate shopping. Several community group 
commenters suggested the action taken categories be expanded to include 
all the HMDA action taken categories.
    Treatment of counteroffers. In response to a question in the SBREFA 
Outline about whether counteroffers should be separately identified in 
the 1071 data set, several SERs discussed the frequency of 
counteroffers in small business lending and the potential utility of 
capturing counteroffers in 1071 data. One SER expressed concern with 
reporting each adjustment in the application process because, they 
said, not all counteroffers are memorialized in writing. In the context 
of discussions on the amount approved data point, a SER strongly 
opposed reporting counteroffers, stating that negotiation is quite 
prevalent in small business lending. The SBREFA Panel recommended the 
Bureau seek comment on whether to capture counteroffers in 1071 data, 
and if so, the best method for doing so.\579\
---------------------------------------------------------------------------

    \579\ Id.
---------------------------------------------------------------------------

    Other stakeholders also commented on counteroffers. Several 
industry

[[Page 56451]]

commenters stated that counteroffers should not be reported. The 
commenters noted that there are often multiple rounds of back-and-forth 
communications in small business lending, that capturing counteroffers 
is unnecessary as the information is practically captured in the loan 
decision and other 1071 data (such as loan amount approved), and that 
counteroffers are not necessary to show the availability of credit. If 
reported, several industry commenters suggested use of a data flag to 
simplify reporting, avoid reporting of potentially numerous 
counteroffers in a single application, and avoid the additional costs 
for financial institutions to conduct edits and validity checks on each 
separate counteroffer. Another industry representative also urged that 
if counteroffers are reported, they should be considered a single 
application. No community groups commented on this topic.
Proposed Rule
    The Bureau is proposing in Sec.  1002.107(a)(9) to require 
reporting of the action taken by the financial institution on the 
covered application, reported as originated, approved but not accepted, 
denied, withdrawn by the applicant, or incomplete. As discussed above, 
most SERs and other stakeholders were generally supportive of these 
categories. In addition, the Bureau is proposing to categorize all 
incomplete applications as a single category of ``incomplete''; while 
this proposed approach is not consistent with Regulation C comments 
4(a)(8)(i)-4 and -6, the Bureau is concerned about potential errors in 
the data if financial institutions report incomplete denials separate 
from notices of incompleteness. There may also be some benefit for fair 
lending analysis to reserve the denied category solely for credit-
related denials, rather than denials that are based on incompleteness. 
As noted below, the Bureau seeks comment on reporting the 
``incomplete'' action taken category.
    In response to commenter suggestions, the Bureau considered 
removing or combining several action taken categories. For example, the 
Bureau considered eliminating the approved but not accepted category; 
however, because the Bureau believes data collected under this category 
would reflect demand for credit, the Bureau is retaining this category 
in its proposal. The Bureau also considered removing the category of 
incomplete applications. However, because the Bureau believes capturing 
data on incomplete applications is essential to identifying potential 
discrimination and discouragement during the application process, the 
Bureau is retaining this action taken category as well. Finally, the 
Bureau considered combining the incomplete and withdrawn categories, 
since both actions reflect an applicant's inability or affirmative 
decision not to proceed with the request for credit. However, the 
Bureau is retaining incomplete and withdrawn as separate categories, as 
a high incidence of incomplete applications could signal an issue with 
the level of assistance provided by the financial institution (for 
example, not providing reasonable support or assistance to ensure an 
applicant satisfies all credit conditions; or providing more support to 
some applicants than others). As noted below, the Bureau seeks comment 
on this issue.
    The Bureau is not proposing additional action taken categories 
beyond what was considered in the SBREFA Outline. Although some 
commenters suggested the Bureau expand the action taken codes to those 
currently used in Regulation C (including preapprovals or purchased 
loans), the Bureau does not believe those additional fields would be 
appropriate or necessary in the context of section 1071 given the 
diversity of processes and other complexities in the small business 
lending space and because section 1071, unlike HMDA, does not expressly 
reference loan purchases.
    The Bureau also considered, but is not proposing, adding an action 
taken category or flag for counteroffers. As noted by certain SERs and 
other commenters, it would be potentially infeasible to capture all of 
the proposed 1071 data fields for every back-and-forth counteroffer 
with an applicant, and attempting to do so would likely lead to 
confusion and data errors. The Bureau also agrees with commenter 
feedback that, even without a counteroffer flag or field, the proposed 
section 1071 data fields would capture many of the terms of accepted 
counteroffers (such as pricing, guarantee, etc.), as well as the amount 
initially requested by the applicant. Thus, the Bureau believes the 
addition of a counteroffer flag or field would provide limited useful 
information beyond what would be captured under the current proposal. 
Moreover, while a counteroffer flag or field might be useful as a 
screening tool for potential discrimination (for example, if women-
owned businesses or minority-owned businesses are provided 
counteroffers or denied at a higher rate than male- or non-Hispanic 
white-owned businesses), a flag alone would lack any specificity to 
provide further fair lending analysis.
    Following the SBREFA Panel's recommendation and feedback from other 
stakeholders, proposed comment 107(a)(9)-1 would provide additional 
clarity on when a financial institution should select each of the 
proposed action taken codes. The financial institution identifies the 
applicable action taken code based on final action taken on the covered 
application.
    Proposed comment 107(a)(9)-2 would provide instructions for 
reporting action taken on covered applications that involve a 
counteroffer, along with examples. The Bureau's proposed treatment of 
counteroffers aligns with how counteroffers are treated under existing 
Sec.  1002.9 notification procedures. Specifically, proposed comment 
107(a)(9)-2 would state that if a financial institution makes a 
counteroffer to grant credit on terms other than those originally 
requested by the applicant and the applicant declines to proceed with 
the counteroffer or fails to respond, the institution reports the 
action taken as a denial on the original terms requested by the 
applicant. If the applicant agrees to proceed with consideration of the 
financial institution's counteroffer, the financial institution reports 
the action taken as the disposition of the application based on the 
terms of the counteroffer. This proposed approach to reporting 
counteroffers also aligns with how they are reported under Regulation 
C.\580\
---------------------------------------------------------------------------

    \580\ Regulation C comment 4(a)(8)(i)-9.
---------------------------------------------------------------------------

    Proposed comment 107(a)(9)-3 would discuss reporting action taken 
for rescinded transactions. Proposed comment 107(a)(9)-4 would clarify 
that a financial institution reports covered applications on its small 
business lending application register for the year in which final 
action is taken. Finally, proposed comment 107(a)(9)-5 would provide 
guidance for reporting action taken if a financial institution issues 
an approval that is subject to the applicant meeting certain 
conditions.
    The Bureau seeks comment on proposed Sec.  1002.107(a)(9) that 
would require reporting of action taken and the associated commentary. 
The Bureau also specifically seeks comment on whether the ``withdrawn 
by applicant'' category should be merged with the ``incomplete'' 
category for purposes of reporting action taken. The Bureau seeks 
comment as well on whether the Bureau's proposal to categorize all 
incomplete applications as a single category of ``incomplete'' (closed 
or denied) should instead be reported consistent with the approach in

[[Page 56452]]

Regulation C, which provides separate categories for denials (including 
on the basis of incompleteness) and files closed for incompleteness (if 
the financial institution sent a written notice of incompleteness). In 
addition, the Bureau seeks comment on whether counteroffers that are 
not accepted, such as a credit offer for a lower credit amount than 
requested, should be reported as ``approved but not accepted'' rather 
than ``denied,'' in order to reflect the availability of credit. As 
recommended by the SBREFA Panel, the Bureau also seeks comment on 
whether to specifically capture counteroffers in section 1071 data, and 
if so, whether to use a counteroffer flag in the data or some other 
method.
107(a)(10) Action Taken Date
    In addition to requiring financial institutions to collect and 
report the type of action they take on an application, as discussed in 
the section-by-section analysis of proposed Sec.  1002.107(a)(9) above, 
ECOA section 704B(e)(2)(D) requires financial institutions to collect 
and report the ``date of such action.''
    In the SBREFA Outline, the Bureau indicated that it was considering 
proposing that the action taken date be reported with a day, month, and 
year, and requested feedback on potential challenges financial 
institutions may have in identifying such date for each of the action 
taken categories.\581\ The Bureau received limited comments on this 
data point during the SBREFA process.\582\ One SER suggested that the 
Bureau provide a grace period of several days before and after the 
action taken date. Another SER recommended that the date assigned as 
the action taken date be to the best of the financial institution's 
knowledge or belief given the uncertainty in assigning a particular 
date. The Bureau received similar feedback from other stakeholders. Two 
industry stakeholders suggested that a grace period or tolerance be 
provided to ease compliance burden, similar to the tolerance under 
consideration for the ``application date'' data point. One stakeholder 
recommended that the action taken date for approved and denied loans be 
the exact date such actions occurred.
---------------------------------------------------------------------------

    \581\ SBREFA Outline at 30.
    \582\ SBEFA Panel Report at 28-29.
---------------------------------------------------------------------------

    Proposed Sec.  1002.107(a)(10) would require action taken date to 
be reported as the date of the action taken by the financial 
institution. Proposed comments 107(a)(10)-1 through -5 would provide 
additional details on how to report the action taken date for each of 
the action taken categories in proposed Sec.  1002.107(a)(9). For 
example, proposed comment 107(a)(10)-1 would explain that for denied 
applications, the financial institution reports either the date the 
application was denied or the date the denial notice was sent to the 
applicant.
    The Bureau notes that its proposed approach for this data point 
largely mirrors the Regulation C approach for action taken date in 
Sec.  1003.4(a)(8)(ii) and related commentary, with modifications to 
align with the action taken categories in proposed Sec.  
1002.107(a)(9). Regarding the request from a SER and other stakeholders 
to adopt a grace period for the action taken date data point, the 
Bureau believes that a grace period or tolerance to report the action 
taken date would not be necessary, in light of the flexibility already 
provided in proposed comments 107(a)(10)-1 through -5. Further, the 
Bureau believes that financial institutions generally already have 
policies and procedures in place to capture the date an action is taken 
in the normal course of their business operations.
    Proposed comment 107(a)(10)-4 would explain that for covered credit 
transactions that are originated, a financial institution generally 
reports the closing or account opening date. That proposed comment also 
states that if the disbursement of funds takes place on a date later 
than the closing or account opening date, the institution may, 
alternatively, use the date of initial disbursement.
    The Bureau seeks comment on its proposed approach to the action 
taken date data point.
    In addition, for originated transactions, the Bureau is considering 
whether the date the application was approved should be captured in 
addition to, or instead of, the date of closing or account opening. The 
Bureau is also considering whether the date of closing or account 
opening should be reported separately from the date of disbursement of 
funds (for term loans) or funds availability (for lines of credit). 
Having these dates reported separately would permit the Bureau and 
other data users to determine the length of time elapsed between when 
an application is approved, when the closing occurred or the account 
was opened, and when the applicant actually received the loan funds or 
access to funds. Specifically, the Bureau is concerned that a lengthy 
gap between the loan approval date and the date the funds are made 
available to applicants could have adverse effects particularly on 
certain types of small businesses. For example, in agricultural lending 
where planting and harvesting seasons fall within certain time frames, 
if loan proceeds are not provided within a certain period of time after 
the financial institution receives and approves an application, the 
loan proceeds may no longer be of maximum value to the applicant. The 
Bureau seeks comment on whether it should adopt data points to capture 
application approval date and/or the date funds are disbursed or made 
available.
107(a)(11) Denial Reasons
Background
    ECOA section 704B(e)(2)(H) authorizes the Bureau to require 
financial institutions to compile and maintain ``any additional data 
that the Bureau determines would aid in fulfilling the purposes of 
[section 1071].'' In addition to requiring financial institutions to 
collect and report the action taken date for denied applications, as 
discussed in the section-by-section analysis of proposed Sec.  
1002.107(a)(10) above, the Bureau is proposing to require financial 
institutions to collect and report the principal reason or reasons an 
application was denied. The Bureau believes that collection of denial 
reason information would aid in fulfilling the purposes of section 
1071, as explained below.
SBREFA Proposal Under Consideration and Feedback Received
    In the SBREFA Outline, as part of its discussion regarding the 
action taken data point, the Bureau requested feedback on whether 
financial institutions would prefer to report denial reasons to help 
explain the decision on an application, and if so, whether reporting 
denial reasons should be mandatory or optional.\583\
---------------------------------------------------------------------------

    \583\ SBREFA Outline at 29-30.
---------------------------------------------------------------------------

    When asked whether they would prefer reporting denial reasons to 
help explain the decision on an application, some SERs expressed 
concern about reporting denial reasons.\584\ These SERs asserted that 
requiring lenders to report reasons for denial could add more burden 
than benefit, may not be useful given the number of possible reasons 
for a denial, might not shed light on the actual reasons for a denial, 
may be difficult to standardize for uniform reporting, would require 
additional processes to ensure accurate reporting, and may present 
heightened privacy concerns. One SER expressed a preference to report 
denial reasons.
---------------------------------------------------------------------------

    \584\ SBREFA Panel Report at 28-29.
---------------------------------------------------------------------------

    Feedback received from other stakeholders was mixed. Stakeholders

[[Page 56453]]

opposing reporting denial reasons expressed concerns about the privacy 
of applicants' information if such data were released to the public. 
For example, they asserted that if denial reasons were released to the 
public, such information would make it easy to identify applicants from 
small communities and expose an applicant's sensitive business 
information like insufficient cashflow. One stakeholder mentioned that 
denial reasons may encompass multiple reasons and would therefore be 
burdensome to collect and store.
    Stakeholders in favor of optional (rather than mandatory) reporting 
of denial reasons asserted that reporting this information would be 
unnecessary and burdensome and may further push small and mid-size 
financial institutions out of small business lending, and suggested 
that, if included in the rule, reporting not be made mandatory (that 
is, financial institutions would be permitted but not required to 
report such information, at the financial institution's discretion). 
One stakeholder suggested that rural community banks under $1 billion 
be exempted from reporting denial reasons due to data privacy concerns.
    Finally, stakeholders in favor of mandatory reporting of denial 
reasons asserted that such data provide regulators and the public with 
important--and currently unavailable--data necessary to uncover fair 
lending issues and identify underwriting factors that need to be 
addressed. They stressed that the collection of denial data (via the 
action taken data point) accompanied by robust denial reasons will 
provide small business applicants with useful and actionable 
information. In addition, commenters noted that these data will help 
identify barriers to credit for small businesses and provide deeper 
insight into the reasons why credit is denied. The SBREFA Panel did not 
make any recommendations related to denial reasons.
Proposed Rule
    Proposed Sec.  1002.107(a)(11) would require reporting of the 
principal reason or reasons the financial institution denied the 
covered application. Proposed comment 107(a)(11)-1 would explain that a 
financial institution complies with proposed Sec.  1002.107(a)(11) by 
reporting the principal reason or reasons it denied the application, 
indicating up to four reasons. The financial institution reports only 
the principal reason or reasons it denied the application, even if 
there are fewer than four reasons. The proposed comment provides an 
example to illustrate. The proposed comment would also state that 
reasons reported must accurately describe the principal reason or 
reasons the financial institution denied the application. Finally, the 
proposed comment provides a list of denial reasons from which financial 
institutions would select the principal reason or reasons for denying a 
covered application.
    Proposed comment 107(a)(11)-1 also explains that a financial 
institution reports the denial reason as ``other'' where none of the 
enumerated denial reasons adequately describe the principal reason or 
reasons it denied the application, and the institution reports the 
denial reason or reasons as free-form text. The Bureau believes that 
allowing financial institutions to choose ``other'' in this situation 
would facilitate compliance. In addition, collecting information on 
``other'' denials would assist the Bureau in monitoring trends in this 
area and key developments in the small business lending market, which 
the Bureau could use to inform any future iterations of the list.
    Proposed comment 107(a)(11)-2 would clarify that a financial 
institution complies with proposed Sec.  1002.107(a)(11) by reporting 
that the requirement is not applicable if the action taken on the 
application, pursuant to proposed Sec.  1002.107(a)(9), is not a 
denial, and provides an example.
    The Bureau notes that its proposed approach for this data point 
largely mirrors the Regulation C approach for denial reasons in Sec.  
1003.4(a)(16) and related commentary, with modifications to align with 
the reasons applications are denied in the small business lending 
(rather than residential mortgage lending) context.
    Pursuant to its authority under ECOA section 704B(e)(2)(H), the 
Bureau believes that data regarding denial reasons would further the 
purposes of section 1071 by allowing data users to better understand 
the rationale behind denial decisions, help identify potential fair 
lending concerns, and provide financial institutions with data to 
evaluate their business underwriting criteria and address potential 
gaps as needed. In addition, robust data on application denial reasons 
across applicants, financial institutions, products, and communities 
could help target limited resources and assistance to applicants and 
communities, thus furthering section 1071's community development 
purpose. With respect to fair lending compliance, denial reasons data 
would help data users analyze potential denial disparities.
    With regard to the potential additional compliance burdens SERs and 
other commenters referenced, the Bureau believes that, as a practical 
matter, most financial institutions are already documenting the 
principal reason or reasons for the denial in an adverse action notice, 
or should be prepared to do so if requested.\585\ However, the Bureau 
recognizes that if a financial institution is not currently covered by 
existing adverse action notice requirements under Regulation B, it may 
face greater challenges in reporting this information than financial 
institutions that currently provide adverse action notifications. The 
concerns raised by SERs and other stakeholders regarding the privacy 
implications of denial reasons are addressed in part VI.C.viii below.
---------------------------------------------------------------------------

    \585\ Existing Sec.  1002.9(a)(3) requires creditors to provide 
the specific reasons for action taken or to notify business credit 
applicants of their right to request the reasons for denying an 
application or taking other adverse action.
---------------------------------------------------------------------------

    The Bureau also believes that exempting certain financial 
institutions from the requirement to report denial reasons, or 
permitting financial institutions to report denial reasons voluntarily, 
would not be appropriate given the need for consistent and meaningful 
data to further the purposes of section 1071. In addition, the Bureau 
considered gaps in the existing small business lending data and notes 
that available survey data are often not representative across the 
industry, does not provide timely information, and does not cover all 
entities involved in small business lending.\586\ The Bureau notes that 
the 2015 HMDA Final Rule added mandatory reporting of denial reasons to 
Regulation C because the Bureau recognized that the collection of 
denial reason data could facilitate more efficient and less burdensome 
fair lending examinations.\587\
---------------------------------------------------------------------------

    \586\ See 2020 Small Business Credit Survey. The survey provides 
baseline data on the financing and credit positions of small firms 
in 2020. It delivers information on small business financing needs, 
decisions, and outcomes to policymakers, lenders, and service 
providers. However, the survey is not representative because it 
surveys only employer firms (with less than 500 employees) and is 
subject to the firms' self-reporting. Also, only aggregate denial 
reasons are provided, and further breakdowns are unavailable. In 
addition, the survey provides a very limited list of denial reasons 
to survey respondents that may not correspond to denial reasons from 
financial institutions. See also Fed. Deposit Ins. Corp., Small 
Business Lending Survey (2018), https://www.fdic.gov/bank/historical/sbls/section5.pdf.
    \587\ See 80 FR 66127, 66204-05 (Oct. 28, 2015).
---------------------------------------------------------------------------

    Finally, the Bureau is aware that certain stakeholders are 
concerned that reporting denial reason data may result in fair lending 
actions against financial institutions for potential discriminatory

[[Page 56454]]

disparities. The Bureau, however, believes that including denial 
reasons in 1071 data might actually reduce this risk, as it would allow 
financial institutions to point to potentially legitimate reasons for 
disparities.
    The Bureau seeks comment on its proposed approach to this data 
point, including regarding whether the denial reason categories listed 
and explained in proposed comment 107(a)(11)-1 sufficiently cover the 
common credit denial reasons in the small business lending industry. If 
not, the Bureau seeks input on other denial reason categories to 
consider including in the proposed list of denial reasons. The Bureau 
also requests further comment on the potential utility of denial reason 
data as well as on the potential burdens to industry in reporting 
denial reasons, in light of the denial reason categories it is 
proposing and the data's ability to aid in fulfilling the purposes of 
section 1071.
107(a)(12) Pricing Information
Background
    ECOA section 704B(e)(2)(H) authorizes the Bureau to require 
financial institutions to compile and maintain ``any additional data 
that the Bureau determines would aid in fulfilling the purposes of 
[section 1071].'' The Bureau believes that pricing data would serve to 
further both the fair lending purpose and the business and community 
development purpose of 1071. The majority of small businesses are run 
by a single owner without extensive financial experience or expert 
staff to navigate the commercial credit marketplace, which lacks many 
of the Federal protections found in consumer lending.\588\ Heightened 
risks to fair lending and small business development may arise from 
different pricing for the same products and the selective marketing of 
higher-priced or even predatory and unsustainable products. Because 
price-setting is integral to the functioning of any market, any 
analysis of the small business lending market--including to enforce 
fair lending laws or identify community and business development 
opportunities--would be less meaningful without this information.
---------------------------------------------------------------------------

    \588\ For example, TILA's standardized disclosure requirements 
and limits on linking compensation to loan terms, including pricing, 
do not apply to business loans. See, e.g., 15 U.S.C. 1639b, 
Regulation Z Sec.  1026.36 (TILA's prohibition on basing loan 
originator compensation on loan terms).
---------------------------------------------------------------------------

    Research conducted for the Department of Commerce has found that 
minority-owned businesses tend to pay higher interest rates on business 
loans than those that are not minority-owned,\589\ and a recent report 
by the Federal Reserve Bank of Atlanta found that minority-owned firms 
more frequently applied for potentially higher-cost credit products, 
and were also more likely to report challenges in applying for credit 
such as being offered high interest rates.\590\ In addition, research 
conducted for the SBA has found that Black- and Hispanic-owned 
businesses were less likely to have business bank loans and more likely 
to use more expensive credit card financing.\591\ The 2020 Small 
Business Credit Survey by a collaboration of Federal Reserve Banks 
found that small business applicants to nonbank lenders, such as online 
lenders and finance companies, were more likely to report high interest 
rates or unfavorable terms than applicants to depository 
institutions.\592\ To the extent that the recovery from the COVID-19 
pandemic and resulting economic crisis is still ongoing when the 
Bureau's final 1071 rule becomes effective, and in regard to economic 
emergencies affecting small business access to credit that may occur in 
the future, tracking pricing in this segment of the market is 
particularly important.
---------------------------------------------------------------------------

    \589\ U.S. Dep't of Com., Minority Business Development Agency, 
Disparities in Capital Access between Minority and Non-Minority-
Owned Businesses: The Troubling Reality of Capital Limitations Faced 
by MBEs, at 3, 5, 21, 36-37 (2010), https://archive.mbda.gov/page/executive-summary-disparities-capital-access-between-minority-and-non-minority-businesses.html.
    \590\ Fed. Reserve Bank of Atlanta, Report on Minority Owned 
Firms: Small Business Credit Survey (Dec. 2019), https://www.fedsmallbusiness.org/medialibrary/fedsmallbusiness/files/2019/20191211-ced-minority-owned-firms-report.pdf.
    \591\ Alicia Robb, Financing Patterns and Credit Market 
Experiences: A Comparison by Race and Ethnicity for U.S. Employer 
Firms, at 47 (2018) (prepared for Off. of Advocacy, Small Bus. 
Admin.), https://www.sba.gov/sites/default/files/Financing_Patterns_and_Credit_Market_Experiences_report.pdf.
    \592\ However, the survey noted that online lenders tended to 
receive applications with lower credit scores so applicant risk 
could play a role in higher interest rates for nonbank lenders. See 
2020 Small Business Credit Survey at 15.
---------------------------------------------------------------------------

    The Bureau believes pricing data are important because the 
statutory data points alone offer (1) limited insight into underwriting 
disparities and (2) no insight into predatory prices or pricing 
disparities. For example, they might show that a particular market 
segment is expanding and apparently filling an important need, but this 
could actually be an area with predatory conduct. Pricing information 
would allow the Bureau and others to understand the situation more 
accurately. Data collection without pricing information could have the 
unintended consequence of incentivizing irresponsible lending, as 
providers seeking to increase representation of underserved groups 
could be encouraged to adopt high-cost models of lending.
    Without information on pricing, data users would be unable to 
screen for fair lending pricing risks, and regulators would be less 
able to focus their enforcement and supervision resources appropriately 
on situations of greater possibility for questionable activities. In 
addition, if potential discriminatory conduct is monitored effectively 
in regard to loan approvals, but not in regard to pricing, industry 
compliance systems may focus solely on approvals and denials and ignore 
potential pricing disparities. Having pricing data available under 1071 
would also increase transparency and help demonstrate to lenders where 
business opportunities exist to offer credit to underserved markets. In 
addition, it could demonstrate to small businesses the availability of 
more affordable credit.
SBREFA Proposal Under Consideration and Feedback Received
    At SBREFA, the Bureau stated that it was considering proposing to 
include pricing of originated credit and credit that is approved but 
not accepted as a discretionary data point because it could further the 
fair lending purpose of section 1071 by enhancing the ability to 
effectively and efficiently enforce fair lending laws. In addition, the 
Bureau stated that pricing data could add value in promoting market 
transparency and new product development opportunities, thus furthering 
the business and community development purpose of section 1071. The 
Bureau also stated that a pricing data point could be reported on the 
basis of annual percentage rate (APR), total cost of credit (TCC), 
interest rate and total fees, or some other pricing metric. The SBREFA 
Panel recommended that, if pricing were to be part of this proposal, 
the Bureau seek comment on potential methods for avoiding 
misinterpretations of disparities in pricing data.\593\
---------------------------------------------------------------------------

    \593\ SBREFA Panel Report at 47.
---------------------------------------------------------------------------

    During the SBREFA process, SERs provided various comments on the 
inclusion of pricing data in the rule.\594\ Feedback relevant to a 
specific pricing data point is discussed in the section-by-section 
analysis of proposed Sec.  1002.107(a)(12)(i) through (vi) below. 
Immediately below, the Bureau

[[Page 56455]]

addresses feedback relevant to reporting pricing information in 
general.
---------------------------------------------------------------------------

    \594\ Id. at 31-32.
---------------------------------------------------------------------------

    Some SERs urged the Bureau to require submission of a pricing 
metric, stating, for example, that pricing data are essential to 
understanding the operation of the market and the nature of credit 
extended. Some SERs supported use of APR as a pricing metric, including 
several who stated that they currently calculate APR. One SER (a CDFI) 
stated that they disclose APR to applicants now, and that if they are 
able to easily collect and report this data point without additional 
cost and burden, other FIs should be able to do the same. Several SERs 
supported the use of APR to enable comparisons of pricing across 
various small business lending products, and suggested the Bureau look 
to State-mandated and Truth in Lending Act APR disclosures for guidance 
on methodologies. One SER supported the use of APR as the metric if 
lenders and not the Bureau did the calculation. Another SER suggested 
the Bureau collect detailed pricing information, including APR, but 
``hold harmless'' the reporting financial institutions to ensure the 
accuracy of the data. Conversely, at least two SERs opposed using APR 
as a pricing metric; one cited the burden associated with making that 
calculation and the other said pricing information based on APR would 
be confusing to small business owners. Several SERs supported reporting 
pricing information as interest rate and fees. Two SERs preferred using 
TCC. One SER suggested that the Bureau consider allowing financial 
institutions to choose which pricing metric they prefer to report.
    A large majority of industry stakeholders opposed inclusion of any 
discretionary data points, and they were particularly concerned about a 
pricing data point. Several stakeholders stated that a pricing data 
point would be complex and costly to implement across various product 
types. One stakeholder was concerned about contracts that bundle 
services with credit, stating that pricing data would not capture the 
true economics of the transaction. Several stakeholders were worried 
about reputational risk because pricing could be publicly reported 
without contextual information such as the nature of the collateral, 
credit scores, size of down payment, compensating deposit balances, 
bundled services, etc., that would explain the pricing variations. One 
commenter opposed including pricing data, but said that if the Bureau 
chose to do so it should also allow voluntary submission of some of 
this contextual information. One stakeholder stated that pricing of 
commercial loans is often complex and cannot be adequately analyzed 
with the limited factors proposed, which may lead to erroneous 
conclusions and have severe negative impacts on the financial industry 
from regulatory and reputational risk standpoints. A community bank 
stakeholder commented that community banks price risk on a case-by-case 
basis and asserted that if this ability to price risk appropriately is 
restricted by uninformed fair lending guidelines, the Bureau risks 
removing a large number of community banks from existence. The bank 
went on to opine that this could further reduce the ability of 
thousands of small businesses to access credit. Another bank stated 
that pricing data alone would provide an incomplete picture that could 
be easily distorted to suit the political agenda of the user. That bank 
was also concerned about disparate impact analysis or similar tools 
being used because this could be unfair to the bank or its borrowers 
considering the small data set that the reported data of this small 
bank represents. Another stakeholder summed up these industry concerns, 
stating that pricing is simply too varied across the spectrum of the 
industry to include in the 1071 process without sowing confusion among 
lenders, borrowers, and the general public, stifling lending activity, 
and introducing numerous unintended consequences.
    Several SERs, along with industry stakeholders, were concerned 
about the Bureau potentially making public pricing data and felt that 
this choice could be costly and challenging to carry out. They further 
asserted that bad outcomes could result from unjustified fair lending 
concerns, such as distortions to the market through interference with 
risk-based pricing. Many SERs, along with other industry stakeholders, 
noted that pricing is complex, often unique to the applicant's 
situation, and may involve extra services bundled with the loan. 
Without adequate context, therefore, pricing data could lead to 
inaccurate interpretations of the collected data and unfair 
reputational damage. One SER stated that the market for small business 
credit is price competitive and accordingly pricing information is 
unnecessary for section 1071. Another SER said that pricing for some 
products may reflect more than just the cost of the loan and may be 
high relative to other credit products if the covered financial 
institution is a supportive lender working with less established or 
higher credit risk applicants over a period of time. Similarly, the 
SBREFA Panel Report recommended that the Bureau seek comment in the 
proposed rule on potential methods for avoiding misinterpretations of 
disparities in pricing.\595\
---------------------------------------------------------------------------

    \595\ Id. at 47.
---------------------------------------------------------------------------

    Community groups, as well as some community development lenders, 
strongly favored inclusion of discretionary data points in general, and 
were particularly interested in having pricing data reported to help 
achieve 1071's purposes. One stakeholder stated that pricing 
information is a critical fair lending tool and would allow regulators, 
advocates, and industry to conduct fair lending reviews and monitor the 
market for emerging high-cost products. That commenter also stated that 
the eventual inclusion of pricing data in HMDA has been critical in 
identifying disparate pricing among protected classes. Another 
stakeholder suggested that a data collection regime designed to further 
fair lending enforcement cannot ignore information about whether high-
cost lenders are targeting business owners of color or women-owned 
businesses, or if lenders are charging more to their female borrowers 
or customers of color. One community group stated that without pricing 
data lenders flooding neighborhoods of color with high-cost loans would 
be seen as adequately serving otherwise underserved markets. Another 
commenter stated that MCAs have extremely high effective APRs, and 
added that if section 1071 data collection indicates that access to 
capital is improving but is blind to whether that capital is provided 
at 30 percent APR or 300 percent APR, Congress's intent will not be 
accomplished.
    Regarding 1071's business and community development purpose 
specifically, one stakeholder stated that merely by providing price 
transparency the Bureau could encourage the development of successful 
lending models because policymakers, community organizations, 
investors, banks seeking partnerships, and others would be able to see, 
for the first time, which business models are successful at reaching 
minority-owned, women-owned, and other underserved small businesses. 
That commenter went on to state that transparency would also attract 
investment capital and partnerships into models that work, and could 
lead to a market-based model and a pro-innovation approach to 
regulation.
    One community development lender that supported inclusion of a 
pricing data point encouraged the Bureau to identify one consistent 
pricing metric

[[Page 56456]]

that financial institutions must report on and added that because this 
could create reporting challenges, especially for smaller institutions, 
the Bureau should ensure there is clear guidance and consistency on the 
pricing data point. Of the pricing metrics asked about in the SBREFA 
Outline, a majority of the community groups and community development 
lenders who supported inclusion of a pricing data point preferred use 
of APR, though some suggested the Bureau also require reporting of rate 
and fees with the APR, as well as rate spread as reported under HMDA. 
One community development lender stated that APR is the only 
established metric that enables informed comparisons of the cost of 
capital over time and between products of different dollar amounts and 
term lengths. That lender went on to state that APR is the metric that 
people know and expect, because it is the legally required standard for 
mortgages, auto loans, credit cards, student loans and personal loans, 
including short-term loans. The lender further explained that small 
businesses seeking financing from CDFIs or mission-based lenders are 
informed about their true cost of capital through an APR disclosure, 
and if it can easily collect and report this data point without 
additional burdens and costs, other small business lenders should be 
able to. Some commenters who favored APR suggested that the Bureau 
start with the recent disclosure methods adopted in California and New 
York, and that the Bureau use those methods for pricing of MCAs and 
factoring specifically.
    Industry stakeholders stated that APR would be complicated and 
costly to implement, and that if it is used the Bureau should provide 
clear guidance, with one stakeholder suggesting the Bureau follow the 
Regulation Z method, which sets out instructions for calculating APR. 
Another stakeholder stated that for some products, such as inventory 
financing, APR would be meaningless. Some industry stakeholders 
suggested the Bureau use other metrics--one requested TCC, another 
requested rate and fees, and a third asked that the Bureau allow 
reporting of a single fixed fee as an option.
    Finally, some SERs and industry stakeholders also expressed 
privacy-related concerns regarding public disclosure of pricing 
information. The Bureau addresses these comments in part VI below 
regarding privacy considerations involving publication of the 1071 
data.
Proposed Rule
    The Bureau is proposing, in Sec.  1002.107(a)(12), to require 
financial institutions to report certain pricing information for 
covered credit transactions. Specifically, proposed Sec.  
1002.107(a)(12)(i)(A) would require financial institutions to report 
the interest rate that is or would be applicable to the covered credit 
transaction; proposed Sec.  1002.107(a)(12)(ii) would require financial 
institutions to report the total origination charges for a covered 
credit transaction; proposed Sec.  1002.107(a)(12)(iii) would require 
financial institutions to report the broker fees for a covered credit 
transaction; proposed Sec.  1002.107(a)(12)(iv) would require financial 
institutions to report the total amount of all non-interest charges 
that are scheduled to be imposed over the first annual period of the 
covered credit transaction; proposed Sec.  1002.107(a)(12)(v) would 
require financial institutions to report, for an MCA or other sales-
based financing transactions, the difference between the amount 
advanced and the amount to be repaid; and proposed Sec.  
1002.107(a)(12)(vi) would require financial institutions to report 
information about any prepayment penalties applicable to the covered 
credit transaction.
    Proposed comment 107(a)(12)-1 would clarify that, for applications 
that the financial institution reports as denied, withdrawn by the 
applicant, or incomplete, the financial institution reports pricing 
information as ``not applicable.'' Proposed Sec.  1002.107(a)(12) would 
apply only to credit transactions that either have been originated or 
have been approved by the financial institution but not accepted by the 
applicant. The Bureau believes that pricing information is generally 
available for these transactions because the financial institution 
would generally have to determine the price to approve (or originate) 
the transaction. But other applications--like those that are denied, 
withdrawn by the applicant, or incomplete--would likely have terminated 
too early in the application process for pricing information to be 
generally available.
    The Bureau is proposing to require financial institutions to report 
pricing data generally as interest rate and fees rather than APR, TCC, 
or another single pricing metric that attempts to combine multiple 
aspects of the cost of credit. The Bureau believes that interest rate 
and fees provide greater utility to data users than the formula-based 
pricing metrics described above, which will aid in fulfilling the 
purposes of section 1071. Separately enumerating the interest rate and 
certain general categories of fees will allow 1071 data users to more 
precisely analyze the components of a credit transaction's price. For 
example, 1071 data users could identify potentially discriminatory 
price disparities within upfront fees charged to borrowers at 
origination that may not be visible in a single pricing metric. 
Similarly, information about which components of a transaction's price 
may be relatively more expensive would allow users to better identify 
business and community development initiatives because they would be 
able to target their initiative at the particular component, such as 
the interest rate, that appears to be most responsible for the 
relatively high price of the transaction.
    The diversity of products in the commercial lending space may also 
undermine the utility of APR or other single pricing metrics. Many 
MCAs, for example, lack either a defined term or a periodic payment 
amount. Thus, financial institutions would have to estimate these terms 
to calculate an APR.
    The Bureau also believes that the interest rate and fees may be 
less burdensome for financial institutions to report than other single 
pricing metrics. These alternative pricing metrics involve complex 
calculations that may be difficult for financial institutions to 
perform accurately. And, as noted above, certain types of commercial 
financing would require financial institutions to assume or estimate 
parts of the pricing formula, further increasing complexity. The 
interest rate and fees, in contrast, are typically listed in the credit 
contract for a particular transaction.
    The Bureau acknowledges that some financial institutions currently 
calculate APR for commercial financing transactions, or will do so in 
the future, either as a best practice or to comply with State 
disclosure laws. In developing the pricing data points in proposed 
Sec.  1002.107(a)(12), the Bureau has reviewed definitions and concepts 
found in Regulation Z, such as the definition of ``finance charge'' in 
Sec.  1026.4. Regulation Z also forms the basis for many parts of State 
commercial financing disclosure laws. The Bureau does not intend to 
achieve a wholesale incorporation of Sec.  1026.4 into proposed Sec.  
1002.107(a)(12), with interpretations of one regulation necessarily 
controlling the meaning of the other regulation. In fact, as discussed 
below, in many places perfect alignment between proposed

[[Page 56457]]

Sec.  1002.107(a)(12) and Regulation Z would not be feasible or 
desirable. But proposed Sec.  1002.107(a)(12) adopts many concepts from 
Regulation Z. The Bureau believes that this similarity may limit burden 
for financial institutions that are calculating APR for other purposes.
    Regarding State commercial financing disclosures, the Bureau 
understands that the disclosures under development in New York and 
California \596\ rely upon Regulation Z definitions, such as the 
finance charge. These States have not fully implemented their 
disclosures at the time of this notice and may change their standards 
in the future. In addition, other States might adopt new commercial 
financing disclosures with different definitions and methodologies. The 
Bureau will continue to monitor regulatory developments in the small 
business lending market, and seeks comment on ways to reduce burden on 
financial institutions with respect to overlaps or conflicts between 
State law disclosure requirements and the Bureau's proposal.
---------------------------------------------------------------------------

    \596\ Cal. S.B. 1235 (Sept. 30, 2018), https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=201720180SB1235; 2020 N.Y. Sess. Laws 
ch. 369. The New York and California commercial financing disclosure 
laws are discussed in more detail below in relevant provisions.
---------------------------------------------------------------------------

    As a general matter, the Bureau believes that 1071 data can provide 
value to users without reflecting every factor that influences pricing. 
For comparison, HMDA data have a long history of utility for fair 
lending purposes even though they alone generally do not offer proof of 
compliance with fair lending laws.\597\ This proposed rule includes 
several important factors that influence pricing, such as the credit 
product, the type of guarantee, and the credit purpose. These data 
points will help users avoid improper comparisons when examining the 
1071 data. The Bureau seeks comment on its proposed approach to this 
data point, as well as regarding additional information that could help 
reduce misinterpretations of disparities in pricing, including 
modifications to the pricing information in proposed Sec.  
1002.107(a)(12). For example, the Bureau seeks comment on whether more 
information about the nature of the collateral securing the loan is 
necessary to understanding pricing data, such as total origination 
charges, applicable to a particular transaction.
---------------------------------------------------------------------------

    \597\ For example, the FFIEC cautions users of HMDA data that 
``HMDA data are generally not used alone to determine whether a 
lender is complying with fair lending laws.'' Bureau of Consumer 
Fin. Prot., FFIEC Announces Availability of 2020 Data on Mortgage 
Lending (2021), https://www.consumerfinance.gov/about-us/newsroom/ffiec-announces-availability-of-2020-data-on-mortgage-lending/; see 
also Bureau of Consumer Fin, Prot., Data Point: 2019 Mortgage Market 
Activity and Trends, at 36 (2020), https://files.consumerfinance.gov/f/documents/cfpb_2019-mortgage-market-activity-trends_report.pdf (explaining that when examiners for the 
Federal banking agencies evaluate an institution's fair lending 
risk, they analyze HMDA price data, loan application outcomes, and 
explanatory factors, in conjunction with other information and risk 
factors, which can be drawn directly from loan files or electronic 
records maintained by lenders, in accordance with the Interagency 
Fair Lending Examination Procedures).
---------------------------------------------------------------------------

Proposed Rule--107(a)(12)(i) Interest Rate
    Proposed Sec.  1002.107(a)(12)(i)(A) would require financial 
institutions to report the interest rate that is or would be applicable 
to the covered credit transaction. If the interest rate is adjustable, 
proposed Sec.  1002.107(a)(12)(i)(B) would require the submission of 
the margin, index value, and index name that is or would be applicable 
to the covered credit transaction at origination.\598\
---------------------------------------------------------------------------

    \598\ It should be noted that not all covered credit 
transactions include an interest rate. Proposed Sec.  
1002.107(a)(12)(v) would apply to certain covered credit 
transactions that do not include an interest rate. The discussion of 
proposed Sec.  1002.107(a)(12)(iv) below also addresses other 
covered credit transactions that may not include an interest rate.
---------------------------------------------------------------------------

    Proposed comment 107(a)(12)(i)-1 would clarify that if a covered 
credit transaction includes an initial period with an introductory 
interest rate, after which the interest rate adjusts, a financial 
institution complies by reporting information about the interest rate 
applicable after the introductory period. Proposed comment 
107(a)(12)(i)-2 would explain that a financial institution reports the 
interest rate applicable to the amount of credit approved or originated 
reported in proposed Sec.  1002.107(a)(8) if a covered credit 
transaction includes multiple interest rates applicable to different 
credit features. Lastly, proposed comment 107(a)(12)(i)-3 lists a 
number of indices to report and directs that if the index used does not 
appear on the list of indices provided, the financial institution 
reports ``other'' and provides the name of the index via free-form 
text. The Bureau believes that allowing financial institutions to 
choose ``other'' when an index that does not appear on the provided 
list is used would facilitate compliance. In addition, collecting this 
information on ``other'' indices would assist the Bureau in monitoring 
trends in this area and key developments in the small business lending 
market, which the Bureau could use to inform any future iterations of 
the list.
    The Bureau is proposing to collect the interest rate on the covered 
credit transaction because this information furthers both the fair 
lending purpose and the business and community development purpose of 
section 1071 by allowing regulators, advocates, and industry to conduct 
fair lending reviews and monitor the market for emerging high-cost 
products. In addition, the availability of this pricing metric would 
provide pricing transparency and could encourage the development of 
successful lending models because policymakers, community 
organizations, investors, banks seeking partnerships, and others would 
be able to see which business models are successful at reaching 
minority-owned, women-owned, and other underserved small businesses.
    As discussed above, research has found that minority-owned 
businesses tend to obtain, or be offered, higher interest rates on 
business credit. The collection of interest rate (along with fees) will 
allow the Bureau, other government agencies, and other data users to 
have insight into the existing market, monitor the market for 
potentially troubling trends, and conduct fair lending analyses that 
adequately take into account this important metric.
    As discussed above, during the SBREFA process, several SERs 
supported the use of APR as a pricing metric. The Bureau notes that 
certain-State level commercial lending disclosures, notably California 
and New York, require the disclosure of APR.\599\ Because the interest 
rate must be known to calculate APR, the Bureau believes that proposed 
Sec.  1002.107(a)(12)(i) may impose little burden on financial 
institutions that already include the interest rate on such disclosures 
required by State law, as well as on the contract between the financial 
institution and the applicant.
---------------------------------------------------------------------------

    \599\ Cal. S.B. 1235 (Sept. 30, 2018), https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=201720180SB1235; 2020 N.Y. Sess. Laws 
ch. 369.
---------------------------------------------------------------------------

    Proposed Sec.  1002.107(a)(12)(i)(B) would provide that, for 
adjustable interest rates based upon an index, a financial institution 
must report the margin, index value, and index name that is or would be 
applicable to the covered credit transaction at origination. Just as 
the disclosure of the interest rate for fixed rate transactions will 
allow data users to ascertain the interest rate applicable to the 
covered credit transaction throughout its cycle, the Bureau believes 
that these three elements will allow data users to do the same for 
adjustable rate transactions based upon an index and improve the

[[Page 56458]]

utility of such data. Proposed comment 107(a)(12)(i)-4 would clarify 
that a financial institution complies with proposed Sec.  
1002.107(a)(12)(i)(B) by reporting the index value at the time the 
application is approved by the financial institution. The Bureau seeks 
comment on whether the index value should be reported based on a 
different time period or if at the time of approval is the most 
appropriate measure.
    The Bureau seeks comment on proposed Sec.  1002.107(a)(12)(i) and 
its commentary, including whether a different measure of pricing would 
provide more accurate data, whether additional information about 
pricing (for example, amortization type or adjustment frequency) would 
provide beneficial data to help ascertain fair lending risk and further 
the business and community development purpose of section 1071, and 
whether there are additional indices that should be included in the 
list from which financial institutions choose to report the applicable 
index on adjustable rate transactions.
    The Bureau also seeks comment on whether there may be covered 
credit transactions where the interest rate may change after 
origination based on factors such as if the borrower maintains an 
account at the financial institution or if some other condition is met, 
and if so, whether additional commentary would be helpful to provide 
more guidance on which rate to report in that circumstance.
Proposed Rule--107(a)(12)(ii) Total Origination Charges
    Proposed Sec.  1002.107(a)(12)(ii) would require financial 
institutions to report the total origination charges for a covered 
credit transaction. Total origination charges are the total amount of 
all charges payable directly or indirectly by the applicant and imposed 
directly or indirectly by the financial institution at or before 
origination as an incident to or a condition of the extension of 
credit, expressed in dollars.
    Proposed comment 107(a)(12)(ii)-1 would clarify that charges 
imposed uniformly in cash and credit transactions are not reportable. 
Proposed comment 107(a)(12)(ii)-2 would provide guidance on reporting 
charges imposed by third parties. Proposed comment 107(a)(12)(ii)-3 
would clarify that broker fees are included in the total origination 
charges.\600\ Proposed comment 107(a)(12)(ii)-4 would provide guidance 
on reporting charges for other products or services paid at or before 
origination. And proposed comment 107(a)(12)(ii)-5 would list examples 
of reportable charges.
---------------------------------------------------------------------------

    \600\ For more information on broker fees, see the section-by-
section analysis of proposed Sec.  1002.107(a)(12)(iii) below.
---------------------------------------------------------------------------

    The Bureau understands that financial institutions charge a variety 
of fees when originating credit for small business applicants. For 
example, financial institutions may charge fees for processing an 
application, for underwriting, for filing a UCC-1 statement, for 
obtaining an appraisal, for obtaining a guarantee through a Federal 
agency program, and for other activities related to origination. 
Depending on the financial institution and the credit product, similar 
fees may take different names. One financial institution may describe a 
charge as an origination fee, while another describes a similar charge 
as an underwriting or documentation fee. Proposed Sec.  
1002.107(a)(12)(ii) would provide information about the total amount of 
all upfront fees charged for originating and extending credit, 
regardless of how such fees are denominated.
    Information about the total origination charges would benefit 1071 
data users by giving them relatively granular pricing data. Much of the 
research on access to credit in the small business lending environment 
has lacked information about upfront fees,\601\ or has used less 
granular pricing metrics.\602\ Proposed Sec.  1002.107(a)(12)(ii) would 
enable users to examine the contribution upfront costs make to the 
price of credit in the small business lending market. For example, 
users could analyze pricing disparities specifically in upfront costs 
charged to borrowers or borrowers in certain communities. Users could 
also look at total origination charges to better understand the 
relationship between the elements of credit pricing such as by 
examining the trade-offs between the interest rate and the upfront 
charges. Empowering users to engage in this level of analysis would aid 
in fulfilling the fair lending and business and community development 
purposes of the statute.
---------------------------------------------------------------------------

    \601\ See, e.g., Minority Bus. Dev. Agency, U.S. Dep't of Com., 
Disparities in Capital Access between Minority and Non-Minority-
Owned Businesses: The Troubling Reality of Capital Limitations Faced 
by MBEs, at 3, 5, 21, 36-37 (2010), https://archive.mbda.gov/page/executive-summary-disparities-capital-access-between-minority-and-non-minority-businesses.html.
    \602\ See, e.g., Opportunity Fund, Unaffordable and 
Unsustainable: The New Business Lending on Main Street (2016), 
https://aofund.org/news/unaffordable-and-unsustainable-new-business-lending/ (analyzing 150 alternative loans (i.e., from nondepository 
lenders or marketplaces, generally obtained online) to small 
businesses and finding an average APR of 94 percent).
---------------------------------------------------------------------------

    In developing the total origination charges data point, the Bureau 
considered definitions and concepts in existing regulations. In 
particular, Regulation Z Sec.  1026.4 contains a measure of the cost of 
credit: The finance charge. Regulation Z Sec.  1026.4 defines the 
finance charge as ``any charge payable directly or indirectly by the 
consumer and imposed directly or indirectly by the creditor as an 
incident to or a condition of the extension of credit.'' The finance 
charge appears in numerous regulatory provisions governing consumer 
financial services, such as disclosures to borrowers in certain 
mortgage transactions,\603\ and calculation of the APR.\604\
---------------------------------------------------------------------------

    \603\ See Regulation Z Sec.  1026.38(o)(2).
    \604\ See appendix J to Regulation Z.
---------------------------------------------------------------------------

    Proposed Sec.  1002.107(a)(12)(ii)'s description of total 
origination charges is similar to Regulation Z's definition of the 
finance charge. As with the finance charge, proposed Sec.  
1002.107(a)(12)(ii) would exclude charges imposed uniformly in cash and 
credit transactions.\605\ Proposed Sec.  1002.107(a)(12)(ii) would use 
a similar test for including fees and amounts charged by someone other 
than the financial institution.\606\ And proposed Sec.  
1002.107(a)(12)(ii) adopts the same approach toward including broker 
fees in the total origination charges that Regulation Z takes toward 
including mortgage broker fees in the finance charge.\607\ With respect 
to charges for other products or services that the applicant pays at or 
before origination, proposed comment 107(a)(12)(ii)-4 would explain 
that such charges are included in the total origination charges only if 
the financial institution requires the purchase of such other product 
or service. Regulation Z does not adopt a uniform approach to services 
bundled with the credit transaction. But charges or premiums for credit 
insurance or debt cancellation coverage are included in the finance 
charge if the creditor requires the purchase of such additional 
services.\608\
---------------------------------------------------------------------------

    \605\ Compare proposed comment 107(a)(12)(ii)-1, with Regulation 
Z comment 4(a)-1.
    \606\ Compare proposed comment 107(a)(12)(ii)-2, with Regulation 
Z Sec.  1026.4(a)(1).
    \607\ Compare proposed comment 107(a)(12)(ii)-3, with Regulation 
Z Sec.  1026.4(a)(3).
    \608\ Regulation Z Sec.  1026.4(d)(1) and (3).
---------------------------------------------------------------------------

    Proposed Sec.  1002.107(a)(12)(ii), however, differs in important 
ways from Regulation Z's definition of the finance charge. First, 
proposed Sec.  1002.107(a)(12)(ii) is narrower than the finance charge. 
The finance charge includes certain credit costs that are

[[Page 56459]]

imposed after a financial institution originates a transaction, such as 
interest and time-price differential.\609\ Proposed Sec.  
1002.107(a)(12)(ii), on the other hand, is limited to charges at or 
before origination, because other proposed pricing data points, such as 
the interest rate and initial annual charges, capture information about 
the cost of credit over the life of the transaction. Second, within its 
scope, proposed Sec.  1002.107(a)(12)(ii) is more comprehensive than 
the finance charge. The finance charge excludes many upfront costs of 
obtaining credit. For example, the finance charge excludes application 
fees charged to all applicants for credit, and numerous fees in 
transactions secured by real property.\610\ Proposed Sec.  
1002.107(a)(12)(ii) contains no similar exclusions. The Bureau believes 
that many of the upfront fees omitted from the finance charge, such as 
application fees, are typical of small business credit transactions, 
and therefore including such charges helps data users to understand 
pricing in the small business lending market. Additionally, a measure 
of origination charges with numerous exclusions may encourage financial 
institutions to shift costs to the excluded fees, where they would be 
hidden from users of the 1071 data. Finally, proposed Sec.  
1002.107(a)(12)(ii) is simpler than the Regulation Z definition of 
finance charge, which the Bureau believes may improve the likelihood 
that the information is accurately reported.
---------------------------------------------------------------------------

    \609\ Id. Sec.  1026.4(b)(1).
    \610\ Id. Sec.  1026.4(c)(1) (application fees) and (7) (real-
estate related fees).
---------------------------------------------------------------------------

    As discussed above, during the SBREFA process, some SERs supported 
use of APR as a pricing metric, including several who stated that they 
currently calculate APR. Several SERs supported the use of APR to 
enable comparisons of pricing across various small business lending 
products, and suggested the Bureau look to State-mandated and Truth in 
Lending Act APR disclosures for guidance on methodologies. Of the 
pricing metrics asked about in the SBREFA Outline, a majority of the 
community groups and community development lenders who supported 
inclusion of a pricing data point preferred use of APR, though some 
suggested the Bureau also require submission of rate and fees with the 
APR, as well as rate spread as reported under HMDA. Some commenters who 
favored APR suggested that the Bureau start with the recent disclosure 
methods adopted in California and New York, and that the Bureau use 
those methods for pricing of MCAs and factoring specifically. As 
discussed above, the Bureau is proposing to require financial 
institutions generally to report interest rate and fees, rather than 
APR. But in developing proposed Sec.  1002.107(a)(12)(ii)'s definition 
of total origination charges, the Bureau has adapted certain language 
and concepts from Regulation Z's definition of the finance charge. 
Because the finance charge must be known to calculate APR, including 
the APR that would be disclosed under California and New York law,\611\ 
the Bureau believes that proposed Sec.  1002.107(a)(12)(ii) may impose 
less burden on financial institutions and improve the likelihood that 
the information is accurately reported as compared to a measure of 
total origination charges that had no similarity to the finance charge.
---------------------------------------------------------------------------

    \611\ The New York and California disclosure laws currently add 
various costs to the Regulation Z finance charge depending on the 
credit product. See Cal. Dep't of Fin. Prot. & Innovation, Proposed 
Commercial Financing Disclosures (S.B. 1235) (Apr. 7, 2021), https://dfpi.ca.gov/wp-content/uploads/sites/337/2021/04/2021-04-07-SB-1235-With-Redlines-FINAL-for-Publication.pdf; 2020 N.Y. Sess. Laws 
ch. 369, 801(e).
---------------------------------------------------------------------------

    For the reasons given above, proposed Sec.  1002.107(a)(12)(ii) 
would require financial institutions to report the total amount of all 
charges payable directly or indirectly by the applicant and imposed 
directly or indirectly by the financial institution at or before 
origination as an incident to or a condition of the extension of 
credit, expressed in dollars. Proposed Sec.  1002.107(a)(12)(ii) would 
apply to credit transactions that either have been originated or have 
been approved by the financial institution but not accepted by the 
applicant. The Bureau seeks comment on proposed Sec.  
1002.107(a)(12)(ii) and its commentary. For example, the Bureau seeks 
comment on whether concepts and guidance adapted from Regulation Z, 
such as proposed comment 107(a)(12)(ii)-1 on comparable cash 
transactions, are applicable in the small business lending context such 
that they should be incorporated as drafted. The Bureau also seeks 
comment on whether to enumerate certain types of charges separately in 
the 1071 data, and whether to include or exclude certain types of 
charges in the total origination charges.
Proposed Rule--107(a)(12)(iii) Broker Fees
    Proposed Sec.  1002.107(a)(12)(iii) would require financial 
institutions to report the broker fees for a covered credit 
transaction. Broker fees are the total amount of all charges included 
in the total reportable origination charges that are fees paid by the 
applicant directly to a broker or to the financial institution for 
delivery to a broker, expressed in dollars.
    Proposed comment 107(a)(12)(iii)-1 would provide an example of 
reporting different types of broker fees. Proposed comment 
107(a)(12)(iii)-2 would clarify that financial institutions would use a 
``best information readily available'' standard regarding fees paid 
directly to a broker by an applicant.
    The Bureau believes that small business loan brokers are an 
important part of the small business lending market, and may feature 
more prominently in certain financing arrangements, such as MCAs. The 
existence of brokers creates opportunities for potential practices that 
inflate the cost of small business credit. For example, compensation 
that is tied to the terms of a loan may encourage brokers to steer 
applicants to financial institutions offering less favorable terms. 
Because of the potential risks involved in multi-party business 
arrangements, the FFIEC's Interagency Fair Lending Examination 
Procedures emphasize the importance of understanding the role that 
brokers play in a financial institution's lending process.\612\ These 
risks may be heightened in the small business lending market because 
applicants lack the substantive protections afforded to consumer credit 
applicants, such as the prohibition on basing loan originator 
compensation on the terms of a transaction.\613\
---------------------------------------------------------------------------

    \612\ Fed. Fin. Insts. Examination Council, Interagency Fair 
Lending Examination Procedures, at 3 (2009), https://www.ffiec.gov/PDF/fairlend.pdf (instructing examiners to consider an institution's 
organization of its credit decision-making process, including 
identification of the delegation of separate lending authorities and 
the extent to which discretion in pricing or setting credit terms 
and conditions is delegated to various levels of managers, 
employees, or independent brokers or dealers and an institution's 
loan officer or broker compensation program).
    \613\ Regulation Z Sec.  1026.36 (implementing TILA's 
prohibition on basing loan originator compensation on loan terms).
---------------------------------------------------------------------------

    Accordingly, proposed Sec.  1002.107(a)(12)(iii) would provide 
information about the broker fees associated with a transaction. 
Although broker fees are included in proposed Sec.  
1002.107(a)(12)(iii)'s definition of total origination charges, 
separately enumerating the total broker fees would allow users to 
better understand the role that brokers play in the price of small 
business credit. For example, users could analyze whether broker fees 
specifically appear to be creating fair lending risk or higher prices 
for certain

[[Page 56460]]

communities. Empowering users to engage in this level of analysis would 
aid in fulfilling the fair lending and business and community 
development purposes of the statute.
    The Bureau believes, however, that financial institutions may have 
difficulty reporting broker fees that an applicant pays directly to a 
broker. Proposed comment 107(a)(12)(iii)-2 would clarify that a 
financial institution would rely on the best information readily 
available to the financial institution at the time final action is 
taken. Information readily available could include, for example, 
information provided by an applicant or broker that the financial 
institution reasonably believes regarding the amount of fees paid by 
the applicant directly to the broker. The ``best information readily 
available'' standard is used in reporting certain HMDA data under 
Regulation C,\614\ and the Bureau believes it may also be appropriate 
for reporting fees paid directly to a broker by an applicant.
---------------------------------------------------------------------------

    \614\ See Regulation C comments 4(a)(31)-4 and 4(a)(32)-5.
---------------------------------------------------------------------------

    For the reasons given above, proposed Sec.  1002.107(a)(12)(iii) 
would require financial institutions to report the total amount of all 
charges included in proposed Sec.  1002.107(a)(12)(ii) that are fees 
paid by the applicant directly to a broker or to the financial 
institution for delivery to a broker, expressed in dollars. Proposed 
Sec.  1002.107(a)(12)(iii) would apply to credit transactions that 
either have been originated or have been approved by the financial 
institution but not accepted by the applicant. The Bureau seeks comment 
on proposed Sec.  1002.107(a)(12)(iii) and its commentary, including on 
the knowledge that financial institutions might have about direct 
broker fees and the challenges of reporting such information.
Proposed Rule--107(a)(12)(iv) Initial Annual Charges
    Proposed Sec.  1002.107(a)(12)(iv) would require financial 
institutions to report the total amount of all non-interest charges 
that are scheduled to be imposed over the first annual period of the 
covered credit transaction, expressed in dollars.
    Proposed comment 107(a)(12)(iv)-1 would provide an example of how 
to calculate the amount to report. Proposed comment 107(a)(12)(iv)-2 
would highlight that a financial institution should exclude interest 
expenses from the initial annual charges reported. Proposed comment 
107(a)(12)(iv)-3 would note that a financial institution should not 
include any charges for events that are avoidable by the applicant, 
including for example, charges for late payment, for exceeding a credit 
limit, for delinquency or default, or for paying items that overdraw an 
account. Proposed comment 107(a)(12)(iv)-4 would provide examples of 
initial annual charges that may be scheduled to be imposed during the 
initial annual period, including monthly fees, annual fees, and other 
similar charges. Finally, proposed comment 107(a)(12)(iv)-5 would 
clarify that a financial institution complies with the provision by 
reporting as the default the highest amount for a charge scheduled to 
be imposed, and provides an example of how to calculate the amount 
reported when the scheduled fee to be imposed may be reduced based upon 
a specified occurrence.
    The Bureau understands that there are a variety of ways that small 
business loans may be structured. This could include whether there is 
an interest rate imposed on the transaction, whether there are finance 
charges, and whether there are a myriad of other fees that may be 
scheduled to be paid or are contingent upon some occurrence. In 
addition, the Bureau understands from its market monitoring activity 
that covered credit transactions may include scheduled fees that 
encompass a substantial part of the cost of the covered credit product, 
and without knowledge of those fees, the cost of the credit would be 
misleading. The Bureau believes that proposed Sec.  1002.107(a)(12)(iv) 
would enable data users to have a more accurate understanding of the 
cost of the covered credit transaction than if the data lacked 
information about scheduled fees.
    As noted above, the Bureau believes that there may be small 
business loans that do not include an interest rate, but do include a 
monthly finance charge that is imposed on the covered credit 
transaction.\615\ If the financial institution were only required to 
report the interest rate on these types of transactions, the true cost 
of credit would be wholly inaccurate because the monthly finance charge 
would not be reported. In addition, small business loans, like consumer 
loans, may include a number of other fees, such as annual fees and 
other similar charges. The information collected and reported under 
proposed Sec.  1002.107(a)(12)(iv) would allow data users to have a 
more complete picture of the cost of the covered credit transaction and 
promote market transparency, thus furthering the business and community 
development purpose of section 1071. In addition, this pricing data 
could further the fair lending purpose of section 1071 as it could 
enhance the ability to effectively and efficiently enforce fair lending 
laws.
---------------------------------------------------------------------------

    \615\ Proposed comment 107(a)(12)(iv)-2 would clarify that 
financial institutions should not report the interest scheduled to 
be imposed in the first year under proposed Sec.  
1002.107(a)(12)(iv).
---------------------------------------------------------------------------

    Proposed Sec.  1002.107(a)(12)(iv) would provide that a financial 
institution only report charges scheduled to be imposed over the first 
annual period of the covered credit transaction. The Bureau believes 
that by only requiring scheduled charges to be reported (rather than 
the submission of all potential charges, some of which could be 
speculative), the data reported will be more accurate than if a 
financial institution had to make an educated guess as to what charges 
will be imposed over the first annual period. Proposed Sec.  
1002.107(a)(12)(iv) would not require a financial institution to 
itemize the charges reported thereunder. The Bureau believes that 
requiring charges to be itemized could add a considerable amount of 
complexity for financial institutions in collecting and reporting the 
initial annual charges, given the range of fees that could be charged 
and the variations in how they might be imposed. The Bureau seeks 
comment on the likelihood that FIs would schedule charges in the second 
year of a covered credit transaction and beyond specifically in an 
effort to avoid reporting the charges for purposes of 1071.
    A financial institution complies with proposed Sec.  
1002.107(a)(12)(iv) by not including charges for events that are 
avoidable by the applicant; this restriction is explained more fully in 
proposed comment 107(a)(12)(iv)-3, which would provide examples of 
types of avoidable charges. As noted above, the Bureau believes that 
the accuracy of the data reported is enhanced by only including charges 
that are scheduled to be imposed and not including potential charges 
that are contingent upon an action (or inaction) by the borrower. The 
Bureau also believes that only requiring financial institutions to 
report such charges for the first year, and not the life of the loan, 
will minimize any burden associated with reporting the data. This 
information should be included in the contract and, at most, would 
require a simple calculation to arrive at the total charges for the 
initial annual period. An example of how to calculate the initial 
annual charges for the first annual period is found in proposed comment 
107(a)(12)(iv)-1. The Bureau also seeks comment on how it should treat 
situations where the applicant has

[[Page 56461]]

informed the financial institution that it expects to regularly incur 
``avoidable charges,'' for example where an applicant intends to pay 
late each month, such that a late fee, which would otherwise be an 
avoidable charge and not reportable under this provision, is in effect 
no longer contingent. Specifically, the Bureau seeks comment on whether 
such charges should be reported as a scheduled charge.
    Proposed comment 107(a)(12)(iv)-5 would provide additional 
explanation about what amount to report when the financial institution 
provides a discount on the charge if certain conditions are met. The 
Bureau understands that some financial institutions may provide a 
discount on specific charges when certain conditions are met. For 
example, a financial institution may provide a discount on a monthly 
charge if the borrower maintains a checking account at the financial 
institution. In such a circumstance, proposed Sec.  1002.107(a)(12)(iv) 
would require the financial institution to report the non-discounted 
amount to maintain consistency across the data that is reported by all 
financial institutions.
    The collection of initial annual charges was not discussed during 
the SBREFA process. However, during that process several SERs remarked 
that pricing is complex and often unique to the applicant's situation, 
and may involve extra services bundled with the loan, and without 
adequate context pricing data could lead to inaccurate interpretations 
and reputational damage to financial institutions. The Bureau believes 
that the submission of initial annual charge data will help to decrease 
the likelihood of inaccurate interpretations and provide additional 
context by giving a more complete picture of the pricing of each 
covered credit transaction.
    For the reasons given above, proposed Sec.  1002.107(a)(12)(iv) 
would require submission of the total amount of all non-interest 
charges that are scheduled to be imposed over the first annual period 
of the covered credit transaction, expressed in dollars. The Bureau 
seeks comment on proposed Sec.  1002.17(a)(12)(iv) and its commentary, 
including whether to include or exclude certain types of charges as 
reportable under initial annual charges.
Proposed Rule--107(a)(12)(v) Additional Cost for Merchant Cash Advances 
or Other Sales-Based Financing
    Proposed Sec.  1002.107(a)(12)(v) would require financial 
institutions to report additional cost data for MCAs or other sales-
based financing transactions. Specifically, this cost is the difference 
between the amount advanced and the amount to be repaid, expressed in 
dollars. Proposed comment 107(a)(12)(v)-1 would provide an example of 
the difference between the amount advanced and the amount to be repaid 
for an MCA.
    As discussed above, the Bureau is proposing several data points to 
provide information on pricing in the small business lending market. 
These pricing data points would provide information about the interest 
rate and fees applicable to a covered credit transaction. Some types of 
commercial financing, however, contain pricing terms that are difficult 
to reflect in data points about a transaction's interest rate and fees. 
For example, under a typical MCA, a merchant receives a cash advance 
and promises to repay it (plus some additional amount) to the MCA 
provider. MCA providers generally do not provide an interest rate, and 
while they may charge fees at origination or during the first year, the 
majority of an MCA's cost comes from the additional amount repaid by 
the merchant on top of the cash advance. This additional amount may be 
expressed as a multiple of the amount advanced in the form of a factor 
rate or percentage, or it may be derived by comparing the total payback 
amount to the amount actually advanced. This additional amount is 
typically not characterized as interest, so it would not be reported 
under proposed Sec.  1002.107(a)(12)(i). Nor is this additional amount 
characterized as a fee charged at origination or scheduled to be 
imposed during the first year after the transaction, so it would not be 
reported under proposed Sec.  1002.107(a)(12)(ii) or (iv). Without an 
additional pricing data point to capture this additional amount due, 
users attempting to analyze MCA pricing for fair lending or business 
and community development purposes would miss most of the cost of 
credit associated with these transactions. Therefore, the inclusion of 
this data point would aid in fulfilling the fair lending and business 
and community development purposes of the statute.
    At the same time, the Bureau believes that information about the 
additional amount repaid by the merchant would impose relatively low 
burden on financial institutions. A typical MCA contract lists the 
amount of future revenue purchased and the purchase price. A financial 
institution could determine the additional amount repaid by computing 
the difference between these two numbers.
    For the reasons discussed above, proposed Sec.  1002.107(a)(12)(v) 
would require financial institutions to report, for an MCA or other 
sales-based financing transaction, the difference between the amount 
advanced and the amount to be repaid, expressed in dollars. Proposed 
Sec.  1002.107(a)(12)(v) would apply to credit transactions that either 
have been originated or have been approved by the financial institution 
but not accepted by the applicant. The Bureau seeks comment on proposed 
Sec.  1002.107(a)(12)(v) and proposed comment 107(a)(12)(v)-1, 
including whether to require additional pricing information for MCAs, 
and whether MCAs could be structured in ways that evade the proposed 
reporting requirement, such as by omitting or making variable the 
amount to be repaid.
Proposed Rule--107(a)(12)(vi) Prepayment Penalties
    Proposed Sec.  1002.107(a)(12)(vi)(A) would require financial 
institutions to report whether the financial institution could have 
included a prepayment penalty under the policies and procedures 
applicable to the covered credit transaction. Proposed Sec.  
1002.107(a)(12)(vi)(B) would require financial institutions to report 
whether the terms of the covered credit transaction include a charge 
imposed for paying all or part of the transaction's principal before 
the date on which the principal is due. Proposed comment 
107(a)(12)(vi)-1 would provide additional information on how to 
determine whether the applicable policies and procedures allow a 
financial institution to include prepayment penalties in the loan 
agreement.
    The Bureau understands, through its market monitoring function, 
that small business loan contracts may include prepayment penalties and 
the penalties can be sizable and structured as a percent of the 
remaining outstanding balance. The Bureau also understands that there 
may be concern among stakeholders, including community groups, that 
certain small business applicants may be steered toward loans 
containing prepayment penalty terms. The collection of data regarding 
which contracts contain a prepayment penalty and whether a prepayment 
penalty could have been imposed on specific contract types allows the 
data to be analyzed for fair lending purposes to see if certain groups 
may be steered into contracts containing prepayment penalties. Assuming 
that prepayment penalty data would be part of the publicly available 
data, from a market competition standpoint, financial institutions may 
want to know how

[[Page 56462]]

frequently their competitors are utilizing prepayment penalties. Thus, 
these data could help further the business and community development 
purpose of section 1071 by promoting market transparency and new 
product development opportunities.
    Proposed Sec.  1002.107(a)(12)(vi)(A) would require financial 
institutions to report whether the financial institution could have 
included a prepayment penalty under the policies and procedures 
applicable to the covered credit transaction, while proposed Sec.  
1002.107(a)(12)(vi)(B) would require financial institutions to report 
whether the terms of the covered credit transaction actually include a 
prepayment penalty term. The provisions would allow data users to 
determine what percentage of covered credit transactions could contain 
a prepayment penalty term, what percentage of such transactions 
actually contain the term, and, together with other data points, the 
demographic profile of borrowers whose contracts do and do not include 
the term. The Bureau believes the two provisions work together to allow 
data users to better determine whether certain borrowers are being 
steered towards covered credit transactions containing prepayment 
penalty terms.
    Proposed comment 107(a)(12)(vi)-1 would elaborate on the 
requirement to report whether financial institutions could have 
included a prepayment penalty in the covered credit transaction to 
clarify that the applicable policies and procedures are those that the 
financial institutions follows when evaluating applications for the 
specific credit type and credit purpose requested. The Bureau believes 
this provision will ensure that similar credit products are being 
analyzed together and minimize the possibility that potential fair 
lending risk is incorrectly identified.
    For the reasons given above, proposed Sec.  1002.107(a)(12)(vi)(A) 
would require financial institutions to report whether the financial 
institution could have included a prepayment penalty under the policies 
and procedures applicable to the covered credit transaction. Proposed 
Sec.  1002.107(a)(12)(vi)(B) would require financial institutions to 
report whether the terms of the covered credit transaction include a 
charge imposed for paying all or part of the transaction's principal 
before the date on which the principal is due.
    The Bureau seeks comment on proposed Sec.  1002.107(a)(12)(vi) and 
its commentary, including whether to enumerate other types of 
contingent charges separately in the 1071 data to more accurately 
reflect the cost of covered credit transactions. The Bureau also seeks 
comment on whether there are alternative data that would provide 
similar insight into whether certain borrowers are being steered into 
covered credit transactions containing prepayment penalty terms or 
other similar contingent terms.
107(a)(13) Census Tract
Background
    Section 1071 requires financial institutions to collect and report 
``the census tract in which is located the principal place of business 
of the . . . applicant.'' \616\ This provision is similar to Regulation 
C, which requires reporting of the census tract in certain 
circumstances if the property securing the loan (or proposed to secure 
the loan, if the transaction was not originated) is in a county with a 
population of more than 30,000.\617\ Under Regulation C, the financial 
institution generally finds the census tract by geocoding using the 
address of the property. Geocoding is the process of using a particular 
property address to locate its geographical coordinates and the 
corresponding census tract.
---------------------------------------------------------------------------

    \616\ ECOA section 704B(e)(2)(E).
    \617\ Regulation C Sec.  1003.4(a)(9)(ii)(C). Regulation C also 
requires reporting of the property address for all applications.
---------------------------------------------------------------------------

    CRA reporting of business loans by depository institutions also 
requires reporting of census tract. The Bureau understands that CRA 
allows reporting of a census tract based on the address or location 
where the proceeds of the credit will be principally applied.\618\
---------------------------------------------------------------------------

    \618\ See 2015 FFIEC CRA Guide at 16.
---------------------------------------------------------------------------

SBREFA Proposals Under Consideration and Feedback Received
    In the SBREFA Outline, the Bureau explained that it was considering 
proposing that financial institutions report a census tract based on an 
address collected in the application, or during review or origination 
of the loan.\619\ The financial institution would use the address where 
the loan proceeds will principally be applied, if that address is known 
to the financial institution, which the Bureau believes would be more 
useful to carry out the community development and fair lending purposes 
of section 1071. For example, if a financial institution makes a loan 
to a small business to buy or improve commercial real estate, the 
location of the real estate is more relevant to section 1071's 
statutory purposes than the location of the main office. If the 
financial institution does not possess that information, the financial 
institution would use the location of the small business borrower's 
main office or headquarters. If that, too, is unknown, the financial 
institution could use another business address associated with the 
application. The financial institution would also report which of these 
address types it is using, unless that information is unknown: (1) The 
address where the loan proceeds will principally be applied; or (2) the 
location of the small business borrower's main office or headquarters; 
or (3) some other business address, including those for which the 
financial institution is unsure about the nature of the address.
---------------------------------------------------------------------------

    \619\ SBREFA Outline at 30-31.
---------------------------------------------------------------------------

    In response to the SBREFA Outline, SERs explained that they 
generally capture the main office address of small business applicants, 
which for sole proprietors is frequently a home address; the address 
where the loan proceeds will be used is typically captured for 
commercial real estate transactions.\620\ Some of the SERs stated that 
they do not know the proceeds address, and one suggested that for 
simplicity the Bureau should use the business address only.
---------------------------------------------------------------------------

    \620\ SBREFA Panel Report at 29.
---------------------------------------------------------------------------

    A number of SERs explained that they have experience geocoding 
addresses to obtain census tract information--such as for CDFI Fund 
reporting, voluntary CRA reporting, or for reporting mortgage loans 
under HMDA--though some did not. Some SERs suggested that a requirement 
to report a geocoded census tract for financial institutions that do 
not do so now would impose costs on the financial institution and 
possibly the borrower. One SER stated that few nondepository 
institutions collect or are even familiar with census tract data. One 
SER recommended following the format used for CRA reporting of census 
tract information, rather than the slightly different format used under 
HMDA. Another SER suggested that the Bureau provide simple instructions 
for reporting census tract and employ less burdensome geocoding 
requirements than exist for HMDA. Several SERs explained that they use 
a free service available through the FFIEC to convert addresses they 
receive from applicants to census tract data. A few SERs suggested that 
the Bureau should provide or support a Federal government-sponsored 
system for the secure batch processing of address data to convert to 
census tract information that could be used to satisfy geocoding 
requirements across multiple reporting regimes including 1071.

[[Page 56463]]

    The SBREFA Panel recommended that the Bureau seek comment on the 
feasibility and ease of using existing Federal services to geocode 
addresses in order to determine census tract for 1071 reporting 
purposes (such as what is offered by the FFIEC for use in reporting 
HMDA data).\621\
---------------------------------------------------------------------------

    \621\ Id. at 46.
---------------------------------------------------------------------------

    Stakeholders commenting on the SBREFA Outline explained that 
financial institutions do not currently collect census tract 
information unless they need to report it as a CDFI, or for CRA or 
HMDA. Some commenters stated that they use the free FFIEC tool for 
geocoding, though one commenter pointed out that this service does not 
allow batch processing. One commenter requested that financial 
institutions be given a safe harbor if the tool used provides an 
incorrect coding. The comments, like the SER feedback, did not suggest 
a problem with the waterfall approach in the SBREFA Outline. There were 
concerns about proceeds locations not having addresses, and proceeds 
addresses being unknown to the financial institution, but the waterfall 
would allow them to simply use another address. One commenter stated 
that not requiring a specific type of address would help avoid 
burdening financial institutions. Another commenter stated that it had 
no reason to ask applicants about the proceeds address, and one 
requested that the Bureau make clear that a financial institution has 
no obligation to ask about the proceeds or headquarters address if it 
does not do so now. Several commenters stated that allowing use of the 
proceeds address was helpful, and would further section 1071's purposes 
and reduce burden by allowing use of the same data as reported under 
CRA. Two commenters stated that the Bureau should align this data point 
with the CRA, and one of these, a community development organization, 
stated that the CRA method for reporting census tract was easier than 
the HMDA method. This commenter provided statistical evidence 
suggesting that the CRA method also yielded more complete data than the 
HMDA method.
Proposed Rule
    The Bureau is proposing Sec.  1002.107(a)(13) to require financial 
institutions to collect and report the census tract data point using a 
``waterfall'' approach, which closely aligns with the Bureau's proposal 
under consideration in the SBREFA Outline. The proposed rule would 
require a financial institution to collect and report the census tract 
in which is located: (i) The address or location where the proceeds of 
the credit applied for or originated will be or would have been 
principally applied; or (ii) If the information in (i) is unknown, the 
address or location of the main office or headquarters of the 
applicant; or (iii) If the information in both (i) and (ii) is unknown, 
another address or location associated with the applicant. In addition, 
the proposed rule would require that the financial institution also 
indicate which one of the three types of addresses or locations listed 
in (i), (ii), or (iii) the census tract is based on. Although the 
proposed rule does not specifically require it, the Bureau assumes that 
financial institutions or their vendors would generally use a geocoding 
tool to convert the appropriate address to a census tract number.
    The Bureau believes that its proposed reporting method for the 
census tract data point leverages existing industry information 
collection practices and would result in useful information to further 
section 1071's purposes while avoiding imposing much additional burden 
on financial institutions. The waterfall method in the proposed 
regulation would achieve these goals by allowing a financial 
institution to report an address it already has, with no further 
investigation; allowing a financial institution to avoid further 
investigation when it is unsure about the nature of the address 
reported; and allowing CRA reporters to report the same address for 
1071 as they do for CRA; \622\ while also increasing the likelihood of 
the proceeds address being reported. The Bureau considers the census 
tract of the proceeds address to be particularly useful for both the 
fair lending and business and community development purposes of 1071.
---------------------------------------------------------------------------

    \622\ As explained above, the Bureau understands that CRA allows 
reporting of a census tract based on the address or location where 
the proceeds of the credit will be principally applied. The Bureau 
also believes that CRA reporting on this data point is reasonably 
flexible, and a financial institution would be able to coordinate 
the two compliance regimes to report the same census tract.
---------------------------------------------------------------------------

    First, the proposed approach would require a financial institution 
to report the census tract of the proceeds address if it is available, 
but would not require a financial institution to ask about it 
specifically. Financial institutions would be able to apply the 
waterfall approach to the addresses they are currently collecting; they 
would not be required to specifically ask for the proceeds or 
headquarters addresses. In addition, the proposed method would allow a 
financial institution to report that it is unsure about the nature of 
the address if it has no information as to the nature or function of 
the business address it possesses. This provision should address 
potential concerns about reporters spending time on complex, fact-
specific questions and unintentionally misreporting this data point 
when financial institution staff have to determine what kind of address 
they are reporting based on insufficient information. The Bureau 
believes that this option would be particularly helpful if the 
application were denied or withdrawn early in the application process 
before the nature of any address provided by the applicant is clear.
    Proposed comment 107(a)(13)-1 would provide general instructions on 
using the waterfall reporting method, with examples for guidance. The 
Bureau believes that this comment would facilitate compliance and seeks 
comment on whether any additional instructions or examples would be 
useful.
    Proposed comment 107(a)(13)-2 would explain that a financial 
institution complies with proposed Sec.  1002.107(a)(13) by identifying 
the appropriate address or location and the type of that address or 
location in good faith, using appropriate information from the 
applicant's credit file or otherwise known by the financial 
institution. The comment would also make clear that a financial 
institution is not required to investigate beyond its standard 
procedures as to the nature of the addresses or locations it collects. 
The Bureau believes that this guidance strikes the right balance by 
allowing flexibility in reporting, and also requiring appropriate good 
faith compliance in exercising that flexibility, thereby yielding 
quality data.
    Proposed comment 107(a)(13)-3 would explain that pursuant to 
proposed Sec.  1002.107(c)(1), a financial institution shall maintain 
procedures reasonably designed to collect applicant-provided 
information, which includes at least one address or location for an 
applicant for census tract reporting. However, the comment would 
further explain that if a financial institution is nonetheless unable 
to collect or otherwise determine any address or location for an 
application, the financial institution reports that the census tract 
information is ``not provided by applicant and otherwise 
undetermined.'' Based on the Bureau's understanding of how financial 
institutions currently define an application under their internal 
procedures, the Bureau believes it is highly unlikely that a financial 
institution would not obtain some type of address for the applicant.

[[Page 56464]]

Nonetheless, the Bureau is proposing to permit financial institutions 
to report this data point using the ``not provided by applicant and 
otherwise undetermined'' response in order to facilitate compliance in 
those rare instances when the financial institution does not have the 
data requested. The reference in the comment to proposed Sec.  
1002.107(c)(1) would make clear, however, that a financial institution 
must maintain procedures reasonably designed to collect at least one 
address. As with the previous comment, the Bureau believes that this 
comment would strike the right balance by facilitating compliance and 
also emphasizing the requirement to collect appropriate data.
    The Bureau is proposing a safe harbor in Sec.  1002.112(c)(1), 
which would state that an incorrect entry for census tract is not a 
violation of ECOA or subpart B if the financial institution obtained 
the census tract by correctly using a geocoding tool provided by the 
FFIEC or the Bureau. Proposed comment 107(a)(13)-4 would cross-
reference that provision.\623\ See the section-by-section analysis of 
proposed Sec.  1002.112(c)(1) below for additional discussion of this 
safe harbor.
---------------------------------------------------------------------------

    \623\ Proposed comment 112(c)(1)-1 would explain that ``this 
safe harbor provision does not extend to a financial institution's 
failure to provide the correct census tract number for a covered 
application on its small business lending application register, as 
required by Sec.  1002.107(a)(13), because the FFIEC or Bureau 
geocoding tool did not return a census tract for the address 
provided by the financial institution. In addition, this safe harbor 
provision does not extend to a census tract error that results from 
a financial institution entering an inaccurate address into the 
FFIEC or Bureau geocoding tool.''
---------------------------------------------------------------------------

    The Bureau notes that section 1071's description of the census 
tract data point refers to the census tract for the applicant's 
``principal place of business.'' \624\ The Bureau considers the 
waterfall approach in proposed Sec.  1002.107(a)(13) to be a reasonable 
interpretation of the undefined statutory term ``principal place of 
business,'' which the Bureau understands not to have a standard 
definition, and thus believes to be ambiguous. First, the Bureau 
believes that the address or location of the main office or 
headquarters of the applicant fits easily into one of the common 
meanings of ``principal place of business.'' In addition, the Bureau 
expects that, generally, the address where the loan proceeds will be 
applied will also be the main office or headquarters address.\625\ The 
primary exception to this principle would be in the case of credit 
intended for purchase, construction/, or refinancing of real estate; 
under these circumstances, the Bureau reasonably interprets the term 
``principal place of business'' to mean, in essence, the principal 
location for business activities relating to the extension of credit at 
issue. Although ``another address or location associated with the 
applicant'' may not always be the principal place of business of the 
applicant, the Bureau considers this information to be the financial 
institution's best option for reporting data on the principal place of 
business when the nature of a location is unknown.
---------------------------------------------------------------------------

    \624\ ECOA section 704B(e)(2)(E).
    \625\ According to U.S. Census 2017 SUSB data, there are 
5,976,761 firms with fewer than 500 employees (which will be used, 
for this purpose, as a rough proxy for a ``small business''); those 
firms collectively have 6,512,802 establishments (i.e., locations). 
This means that, at most, approximately 9 percent of firms with 
fewer than 500 employees could have more than one location. See U.S. 
Census Bureau, 2017 SUSB Annual Datasets by Establishment Industry, 
https://www.census.gov/programs-surveys/susb/data/tables.html (last 
visited Aug. 27, 2021). According to the U.S. Census Bureau's Non-
employer Statistics, there are 25,701,671 non-employer firms 
(regardless of revenue size). Non-employer firms account for fewer 
than 4 percent of all sales, though, and the vast majority are sole 
proprietorships. While not impossible, the Bureau believes it is 
very unlikely that non-employer firms would have more than one 
location. See U.S. Census Bureau, All Sectors: Nonemployer 
Statistics by Legal Form of Organization and Receipts Size Class for 
the U.S., States, and Selected Geographies: 2017 (2017), https://data.census.gov/cedsci/table?q=NONEMP2017.NS1700NONEMP&tid=NONEMP2017.NS1700NONEMP&hidePreview=true.
---------------------------------------------------------------------------

    In the alternative, section 1071 authorizes the Bureau to include 
any ``additional data that the Bureau determines would aid in 
fulfilling the purposes of [section 1071].'' The Bureau has determined 
that requiring reporting of the proceeds address would aid in 
fulfilling both the fair lending and business and community development 
purposes of section 1071 by providing more useful information on the 
location of the credit activity for fair lending analysis and 
understanding where the business and community development is 
occurring. Requiring reporting of another address or location 
associated with the applicant when both the proceeds address and the 
main office or headquarters address are not available would provide 
location data when otherwise none would be present, thus also aiding in 
fulfilling both the fair lending and business and community development 
purposes of section 1071 by providing more useful information on the 
location of the lending for fair lending analysis and understanding 
where the business and community development is likely occurring. In 
addition, requiring data on the nature of the address reported would 
aid in fulfilling both the fair lending and business and community 
development purposes of section 1071 by facilitating accurate analyses 
of the data reported. Also, in the alternative, the Bureau believes it 
would be appropriate to use its exception authority under 704B(g)(2) to 
provide that financial institutions would not report the ``main office 
or headquarters address'' in certain situations because the Bureau 
believes that the proceeds address and ``another address or location 
associated with the applicant'' would carry out the purposes of section 
1071 more appropriately than requiring the main office or headquarters 
address in every situation.
    As discussed above, some SERs explained that they generally collect 
the main office address of the small business, which for sole 
proprietorships will often be a home address, and are generally not 
aware of the proceeds address. The Bureau's proposed waterfall approach 
accommodates this situation by allowing financial institutions to 
report census tract using the address that they have. In regard to 
SERs' concerns about the potential burden of geocoding addresses to 
obtain census tract, the Bureau notes that there does not appear to be 
a viable alternative to collecting and reporting the statutorily 
required census tract data without geocoding. While several SERs are 
already geocoding applicants' addresses, some SERs were concerned about 
the burden associated with geocoding for HMDA and one expressed a 
preference for the CRA method of geocoding, as did several other 
stakeholders. Accordingly, the Bureau seeks comment on the difference 
between geocoding for HMDA and for CRA, and any specific advantages or 
disadvantages associated with geocoding under either method. In regard 
to a Federal government tool capable of batch processing for geocoding 
of addresses, the Bureau is considering the utility of such a tool. The 
Bureau notes that the proposed rule would provide a safe harbor for use 
of such a Bureau tool, if created, as well as for the currently 
existing FFIEC tool. As the SBREFA Panel recommended, the Bureau seeks 
comment on the feasibility and ease of using existing Federal services 
to geocode addresses in order to determine census tract for 1071 
reporting purposes (such as what is offered by the FFIEC for use in 
reporting HMDA data).
    The Bureau seeks comment on its proposed approach to the census 
tract data point. In addition to the specific requests for input above, 
the Bureau notes that the waterfall method is intended to allow CRA 
reporters to

[[Page 56465]]

provide the same data for both reporting regimes, but requests comment 
on whether the proposed method would achieve this goal and, if not, 
whether and how this data point should be further coordinated with CRA.
107(a)(14) Gross Annual Revenue
Background
    Section 1071 requires financial institutions to collect and report 
``the gross annual revenue of the business in the last fiscal year of 
the . . . applicant preceding the date of the application.'' \626\
---------------------------------------------------------------------------

    \626\ ECOA section 704B(e)(2)(F).
---------------------------------------------------------------------------

SBREFA Proposal Under Consideration and Feedback Received
    In the SBREFA Outline, the Bureau stated that it was considering 
proposing that financial institutions report the gross annual revenue 
of the applicant during its last fiscal year.\627\ The Bureau stated 
that if a financial institution verifies gross annual revenue and bases 
its credit decision on that amount, the financial institution would 
report the verified amount. If the financial institution does not 
verify gross annual revenue, it would report the amount provided by the 
applicant.
---------------------------------------------------------------------------

    \627\ SBREFA Outline at 31.
---------------------------------------------------------------------------

    Many SERs indicated that they collect gross annual revenue 
information, although they differed in how much they seek to verify 
this information.\628\ Several SERs requested clarification regarding 
how gross annual revenue would be reported for startups and other young 
businesses. A few SERs stated that they do not capture gross annual 
revenue at all or collect it only in limited circumstances. One of 
these SERs stated that collecting gross annual revenue would be 
challenging; others suggested they could likely estimate gross annual 
revenue based on information they do collect.
---------------------------------------------------------------------------

    \628\ SBREFA Panel Report at 29.
---------------------------------------------------------------------------

    Several SERs explained that they collect gross annual revenue using 
different methods and forms of verification for different types of 
credit. SERs advocated for allowing gross annual revenue to be reported 
as provided by the applicant, without an obligation for the financial 
institution to verify that information. A few SERs suggested that 
applicants often cannot provide accurate gross annual revenue 
information, although one SER suggested that in its experience 
applicants are generally able to provide reasonable estimates of gross 
annual revenue. Several SERs preferred reporting ranges rather than 
precise values. Several SERs also remarked that most businesses take 
advantage of tax filing extensions and thus typically do not have 
complete financial information for the prior year until many months 
later, and asked how that situation should be addressed when requesting 
applicants' gross annual revenue for the prior fiscal year.
    The SBREFA Panel recommended that, in light of SER feedback 
supporting the Bureau's proposal under consideration to not require 
financial institutions to verify gross annual revenue information, the 
Bureau proceed with that approach in the proposal. The SBREFA Panel 
also recommended that the Bureau explore the timing of tax and revenue 
reporting and seek comment in the proposal on how that timing can best 
be coordinated with the collection and reporting of this data 
point.\629\
---------------------------------------------------------------------------

    \629\ Id. at 46.
---------------------------------------------------------------------------

    The Bureau also received feedback from other stakeholders. Although 
one stakeholder commented that gross annual revenue is a consistent 
measure, simple to define, and easily computed, other stakeholders were 
concerned about the complexity and difficulty of reporting a 
specifically defined revenue number. One stakeholder stated that gross 
annual revenue was difficult to precisely define given differences in 
accounting and tax practices both across and within business 
subsectors. Two commenters suggested that reporting this data point 
would be complicated by the question of whether a business uses cash 
flow or accrual accounting. Other stakeholders requested the reporting 
of revenue ranges rather than specific values, and one of these 
commenters suggested that reporting a specific number may discourage 
some borrowers from applying. Another stakeholder explained that 
sometimes an application is denied or withdrawn before the revenue 
information is collected. One stakeholder stated that allowing 
flexibility in the collection and reporting of this data point would be 
very important.
    With regard to whether the revenue of affiliates is included in the 
gross annual revenue they collect and whether that information is used 
for underwriting purposes, stakeholders reported that some collect this 
information and some do not, depending on the application and specific 
product. One commenter stated that it does not collect such information 
unless the affiliate will be liable on the loan. Two stakeholders 
stated that the Bureau must require inclusion of affiliate revenue to 
make sure that a given business truly is small.
    Many stakeholders stated that they generally verify the income 
information using profit and loss statements, taxes, bank statements, 
and ``third-party technology solutions.'' Some stated that they do not 
verify revenue information for specific products, such as credit cards, 
and that sometimes it is difficult to verify the revenue of a 
particular applicant, as tax information can be complex or dated. 
Stakeholders overwhelmingly supported the Bureau's proposal under 
consideration not to require verification of revenue, and one 
stakeholder objected to requiring the reporting of verified information 
even when the lender has verified the revenue.
    Stakeholders also expressed concern about collecting gross annual 
revenue for start-ups and very small businesses that might not have 
useable or clear information. One stakeholder explained that its 
members may obtain and rely on applicant bank statements for a 
specified time period, and so should be permitted to extrapolate annual 
revenue based on partially reported revenue.
Proposed Rule
    Proposed Sec.  1002.107(a)(14) would require reporting of the gross 
annual revenue of the applicant for its preceding full fiscal year 
prior to when the information is collected. The Bureau is proposing to 
require reporting of a specific value for gross annual revenue--rather 
than a range, for which some SERs and stakeholders expressed a 
preference--to simplify the reporting of gross annual revenue 
information for financial institutions and because it believes that a 
precise value would be more useful for 1071 data users, including the 
Bureau.
    Consistent with the SBREFA Panel's recommendation and feedback from 
SERs and other stakeholders, proposed comment 107(a)(14)-1 would 
clarify that a financial institution need not verify gross annual 
revenue information provided by the applicant to comply with proposed 
Sec.  1002.107(a)(14). The proposed comment would explain that the 
financial institution may rely on statements of or information provided 
by the applicant in collecting and reporting gross annual revenue. The 
proposed comment would also state, however, that if the financial 
institution verifies the gross annual revenue provided by the applicant 
it must report the verified information. The Bureau believes that a 
requirement to verify gross annual revenue could be operationally 
difficult for many financial institutions, particularly in situations 
in which the financial institution does not collect gross annual

[[Page 56466]]

revenue currently. The Bureau also does not believe, at this time, that 
such a requirement is necessary in fulfilling either of section 1071's 
statutory purposes. However, the Bureau does believe that reporting 
verified revenue when the financial institution already possesses that 
information would not be operationally difficult, and would enhance the 
accuracy of the information collected.
    Proposed comment 107(a)(14)-1 would also provide specific language 
that a financial institution could use to ask about an applicant's 
gross annual revenue and would explain that a financial institution 
could rely on the applicant's answer. The Bureau believes this language 
would facilitate compliance for financial institutions that currently 
do not collect gross annual revenue, collect it only in limited 
circumstances, or would otherwise find its collection challenging, as 
some SERs and other stakeholders suggested.
    Overall, the Bureau believes that this approach in proposed comment 
107(a)(14)-1--clarifying that a financial institution need not verify 
applicant-provided gross annual revenue information, and providing 
language that a financial institution may use to ask for such 
information--should reduce the complexity and difficulty of collecting 
gross annual revenue information that some SERs and stakeholders 
expressed concern about.
    The Bureau believes that situations could arise in which the 
financial institution has identified that an applicant is a small 
business for the purposes of proposed Sec.  1002.106(b) through, for 
example, an initial screening question asking whether the applicant's 
gross annual revenue is below $5 million, but then the specific gross 
annual revenue amount could not be collected. Therefore, the Bureau is 
proposing comment 107(a)(14)-2, which would first clarify that pursuant 
to proposed Sec.  1002.107(c)(1), a financial institution shall 
maintain procedures reasonably designed to collect applicant-provided 
information, including the gross annual revenue of the applicant. The 
proposed comment would then state that if a financial institution is 
nonetheless unable to collect or determine the specific gross annual 
revenue of the applicant, the financial institution reports that the 
gross annual revenue is ``not provided by applicant and otherwise 
undetermined.'' The Bureau believes that permitting this reporting 
flexibility would reduce the complexity and difficulty of reporting 
gross annual revenue information, particularly when an application has 
been denied or withdrawn early in the process and the gross annual 
revenue could not be collected.
    Proposed comment 107(a)(14)-3 would clarify that a financial 
institution is permitted, but not required, to report the gross annual 
revenue for the applicant that includes the revenue of affiliates as 
well. The proposed comment would state that, for example, if the 
financial institution does not normally collect information on 
affiliate revenue, the financial institution reports only the 
applicant's revenue and does not include the revenue of any affiliates 
when it has not collected that information. The Bureau believes that 
permitting, but not requiring, a financial institution to include the 
revenue of affiliates will carry out the purposes of section 1071 while 
reducing undue burden on financial institutions in collecting gross 
annual revenue information. Proposed comment 107(a)(14)-3 would 
conclude by explaining that in determining whether the applicant is a 
small business under proposed Sec.  1002.106(b), a financial 
institution may rely on an applicant's representations regarding gross 
annual revenue, which may or may not include affiliates' revenue. The 
Bureau notes that proposed comment 106(b)-3 would follow the same 
approach to affiliate revenue for purposes of determining whether an 
applicant is a small business under proposed Sec.  1002.106(b). The 
Bureau believes that this operational equivalence between proposed 
Sec.  1002.107(a)(14) and proposed Sec.  1002.106(b) would facilitate 
compliance and enhance the consistency of 1071 data.
    As mentioned above, some SERs suggested they might be able to 
estimate gross annual revenue using information that they now collect, 
and one stakeholder suggested that it could extrapolate annual revenue 
based on partially reported revenue. The Bureau does not currently 
believe that estimation or extrapolation would be likely to result in 
sufficiently accurate data for reporting under proposed Sec.  
1002.107(a)(14). For example, a seasonal business's bank statements for 
its busy season would likely yield an inflated gross annual revenue 
when extrapolated to a full year. In addition, the Bureau believes that 
the language presented in proposed comment 107(a)(14)-1 would provide a 
manageable method for collecting full gross annual revenue when a 
financial institution does not do so now. Nonetheless, the Bureau seeks 
comment on whether financial institutions should be permitted to 
estimate or extrapolate gross annual revenue from partially reported 
revenue or other information, and how such estimation or extrapolation 
would be carried out. The Bureau also notes that estimation or 
extrapolation of gross annual revenue is sufficient for the purposes of 
determining small business status under proposed Sec.  1002.106(b), 
subject to the requirement under proposed comment 107(a)(14)-1 that a 
financial institution must report verified gross annual revenue 
information if available.
    The Bureau seeks comment on its proposed approach to the gross 
annual revenue data point, as well as the specific requests for comment 
above. As the SBREFA Panel recommended, the Bureau also seeks comment 
on how the timing of tax and revenue reporting can best be coordinated 
with the collection and reporting of gross annual revenue. In addition, 
the Bureau seeks comment on the effect of cash flow versus accrual 
accounting on reporting of gross annual revenue.
107(a)(15) NAICS Code
    ECOA section 704B(e)(2)(H) authorizes the Bureau to require 
financial institutions to compile and maintain ``any additional data 
that the Bureau determines would aid in fulfilling the purposes of 
[section 1071].'' The Bureau is proposing in Sec.  1002.107(a)(15) to 
require that financial institutions collect and report an applicant's 
6-digit NAICS code. The Bureau believes that 6-digit NAICS code data 
would aid in fulfilling the purposes of section 1071, as explained 
below.
    As described above, the SBA customizes its size standards on an 
industry-by-industry basis using 1,057 6-digit NAICS codes. The first 
two digits of a NAICS code broadly capture the industry sector of a 
business. The third digit captures the industry's subsector, the fourth 
captures the industry group, the fifth captures the industry code, and 
the sixth captures the national industry. The NAICS code thus becomes 
more specific as digits increase and the 6-digit code is the most 
specific. In its SBREFA Outline, the Bureau stated that it was 
considering proposing that financial institutions collect and report 
NAICS code as an important metric for fair lending analysis (allowing 
separation of dissimilar types of businesses to limit 
misinterpretations of the data) and assessing community development 
impacts (allowing better measurement of community development 
impact).\630\
---------------------------------------------------------------------------

    \630\ SBREFA Outline at 35.
---------------------------------------------------------------------------

    As described in detail in the section-by-section analysis of 
proposed Sec.  1002.106(b) above, SERs and other

[[Page 56467]]

stakeholders expressed concern about the difficulties in determining 
the appropriate NAICS code for businesses and in applying the NAICS-
based standards in determining whether a business loan applicant is a 
small business.\631\ In addition, several SERs stated that correctly 
classifying an applicant's NAICS code can be difficult, as the business 
may change over time, codes may have overlapping definitions, small 
businesses often do not know their NAICS code or may operate in 
multiple NAICS sectors, and classifications may be prone to human 
error. Another SER noted that NAICS codes classifications could be 
subject to change based on SBA rulemaking, and thus financial 
institutions would need to track such developments. Other SERs stated 
that the 2-digit NAICS code is significantly less complex and prone to 
less human error than the SBA definition using 6-digit NAICS codes.
---------------------------------------------------------------------------

    \631\ SBREFA Panel Report at 31.
---------------------------------------------------------------------------

    The SBREFA Panel recommended that the Bureau continue to explore 
ways to minimize burden on both the small financial institutions 
collecting NAICS code information as well as the small business 
applicants who need to provide it, for example the possibility of 
collecting the 2-NAICS code rather than the 6-digit code.\632\
---------------------------------------------------------------------------

    \632\ Id. at 46.
---------------------------------------------------------------------------

    Proposed Sec.  1002.107(a)(15) would require financial institutions 
to collect and report a 6-digit NAICS code appropriate for the 
applicant's business. Proposed comment 107(a)(15)-1 would provide 
general background on NAICS codes and would state that a financial 
institution complies with proposed Sec.  1002.107(a)(15) if it uses the 
NAICS codes in effect on January 1 of the calendar year covered by the 
small business lending application register that it is reporting. 
Proposed comment 107(a)(15)-2 would clarify that, when a financial 
institution is unable to collect or determine the applicant's NAICS 
code, it reports that the NAICS code is ``not provided by applicant and 
otherwise undetermined.''
    The Bureau is also proposing that financial institutions be 
permitted to rely on NAICS codes obtained from the applicant or certain 
other sources, without having to verify that information itself. 
Specifically, proposed comment 107(a)(15)-3 would clarify that, 
consistent with proposed Sec.  1002.107(b), a financial institution may 
rely on applicable applicant information or statements when compiling 
and reporting the NAICS code and would provide an example of an 
applicant providing a financial institution with the applicant's tax 
return that includes the applicant's reported NAICS code. Proposed 
comment 107(a)(15)-4 would provide that a financial institution may 
rely on a NAICS code obtained through the financial institution's use 
of business information products, such as company profiles or business 
credit reports, which provide the applicant's NAICS code.
    The Bureau believes that NAICS codes would considerably aid in 
fulfilling both section 1071's fair lending purpose and its business 
and community development purpose, even if having NAICS code is not 
necessary for determining whether an applicant is a small business 
under the Bureau's proposed alternative size standard. The Bureau 
believes that capturing 6-digit NAICS codes in the 1071 data would 
facilitate enforcement of fair lending laws. For example, financial 
institutions often designate certain industries as high-risk, such as 
industries that have high rates of businesses leaving the market or 
that deal primarily in cash transactions. The 6-digit NAICS codes would 
help ensure that users are comparing applicants with similar profiles, 
thereby controlling for factors that might provide non-discriminatory 
explanations for disparities in credit and pricing decisions. Moreover, 
NAICS codes would be useful for identifying business and community 
development needs and opportunities of small businesses, which may 
differ widely based on industry, even controlling for other factors. 
For example, 6-digit NAICS codes would help data users identify 
industries where small businesses face challenges accessing credit and 
understand how small businesses in different industries use credit. 
Furthermore, disclosing NAICS codes would provide for consistency and 
compatibility with other public datasets related to small business 
lending activity, which generally use NAICS codes. This ability to 
synthesize 1071 data with other datasets would help the public use the 
data in ways that advance both the business and community development 
and fair lending purposes of section 1071.
    The Bureau believes that collecting the full 6-digit NAICS code (as 
opposed to the 2-digit sector code) would better enable the Bureau and 
other stakeholders to drill down and identify whether disparities arise 
at a sector level or more specifically at a U.S. National Industry 
level and would also enable the collection of better information on the 
specific types of businesses that are accessing, or struggling to 
access, credit. For example, a wide variety of businesses, including 
those providing car washes, footwear and leather goods repair, and nail 
salons, all fall under the 2-digit sector code 81: Other Services 
(except Public Administration). Without 6-digit NAICS codes, all of 
these business types would be combined into one analysis, potentially 
masking different characteristics and different outcomes across these 
business types.
    The Bureau recognizes that, under its proposal, all financial 
institutions subject to reporting would need to gain familiarity with 
the NAICS code system, refer to NAICS classifications for all relevant 
applications, and report NAICS codes to the Bureau. To address 
commenter concerns related to the complexity of determining a correct 
NAICS code, the Bureau is proposing (1) a safe harbor to indicate that 
an incorrect NAICS code entry is not a violation of subpart B if the 
first two digits of the NAICS code are correct and the financial 
institution maintains procedures reasonably adapted to correctly 
identify the subsequent four digits (see proposed Sec.  
1002.112(c)(2)); (2) permitting a financial institution to rely on 
applicable applicant information or statements when compiling and 
reporting the NAICS code (see proposed comment 107(a)(15)-3); and (3) 
permitting a financial institution to rely on a NAICS code obtained 
through the financial institution's use of business information 
products, such as company profiles, business credit reports, or NAICS 
identification tools (see proposed comment 107(a)(15)-4). The proposed 
NAICS-specific safe harbor would be available to financial institutions 
in addition to the general bona fide error exemption under proposed 
Sec.  1002.112(b). See the section-by-section analysis of proposed 
Sec.  1002.112(c)(2) below for a detailed discussion of the proposed 
safe harbor.
    The Bureau seeks comment on its proposal to collect 6-digit NAICS 
codes together with the safe harbor described in proposed Sec.  
1002.112(c)(2). The Bureau also seeks comment on whether requiring a 3-
digit NAICS code with no safe harbor would be a better alternative.
107(a)(16) Number of Workers
Background
    ECOA section 704B(e)(2)(H) authorizes the Bureau to require 
financial institutions to compile and maintain ``any additional data 
that the Bureau determines would aid in fulfilling the purposes of 
[section 1071].'' The Bureau believes that data providing the number of 
persons

[[Page 56468]]

working for a small business applicant would aid in fulfilling the 
business and community development purpose of section 1071. These data 
would allow users to better understand the job maintenance and creation 
that small business credit is associated with and help track that 
aspect of business and community development.
SBREFA Proposal Under Consideration and Feedback Received
    In the SBREFA Outline, the Bureau stated that it was considering 
proposing that financial institutions collect and report the number of 
employees of the applicant. The Bureau stated that it was considering 
proposing that if the financial institution verifies the number of 
employees provided by the applicant, the financial institution would 
report the verified number. On the other hand, if the financial 
institution does not verify the number of employees, it would report 
the number provided by the applicant.
    Many SERs indicated that they do not collect number of 
employees.\633\ One of these SERs stated that they do not support the 
inclusion of this data point in an eventual 1071 rule, although they 
could collect this information. Several SERs suggested that there could 
be particular complexities in accurately capturing this information, 
particularly regarding how part-time and seasonal employees and 
contractors should be counted. Some SERs stated that they collect 
number of employees but do not verify that information.
---------------------------------------------------------------------------

    \633\ Id. at 31.
---------------------------------------------------------------------------

    The SBREFA Panel recommended (with respect to both the time in 
business and number of employees data points), that if these data 
points become part of the proposal, the Bureau continue to explore ways 
to minimize the burden to small financial institutions of collecting 
and reporting these data points.\634\
---------------------------------------------------------------------------

    \634\ Id. at 46.
---------------------------------------------------------------------------

    A large majority of industry stakeholders commenting on the SBREFA 
Outline opposed the inclusion of any of the discretionary data points, 
including number of employees. One trade association stated that this 
data point would frustrate small business applicants, particularly if 
they have to apply full-time employee calculation formulas. Several 
stakeholders discussed the difficulty of defining a number of employees 
data point, suggesting that complex rules would be necessary for how to 
count part-time and seasonal employees, as well as contractors. Another 
commenter suggested that verifying this information would be extremely 
difficult. Industry commenters also explained that most financial 
institutions do not collect this information now, and several pointed 
out that these data are not useful for evaluating credit risk. Another 
stated that number of employees is not a meaningful figure across 
industries, given the use of contractors and part-time employees. One 
commenter pointed out that the many sole proprietorships and non-
employee firms mean that this number will often be zero. One financial 
institution stated that it does collect this information now, but does 
not verify it.
    Community groups were strongly in favor of including a number of 
employees data point. One group stated that the number of employees 
data would help provide a greater understanding of microbusinesses, 
typically defined in terms ranging from less than five to ten 
employees, one or more of whom is the owner. Another suggested that the 
Bureau collect the total number of employees and number of owners 
separately, which it said would avoid the problem found in PPP data 
where owners mistakenly reported themselves as employees. This same 
commenter stated that user testing and guidance would be necessary to 
ensure that the number of employees is reported accurately and 
consistently. However, one community development fund that supported 
the collection of the other discretionary data points opposed 
collection of the number of employees. This stakeholder stated that 
there is little research support for direct job creation/retention as 
the primary impact of small business assistance, and that the scholarly 
consensus suggests the economic impacts of small firms are related to 
their capacity to improve local entrepreneurial networks and create 
ecosystems that are desired and sought out by bigger firms. The 
commenter then stated that by having covered financial institutions 
report on job counts, the Bureau would be implicitly reinforcing the 
inaccurate notion that employment is a key dimension of small business 
assistance.
Proposed Rule
    Proposed Sec.  1002.107(a)(16) would require financial institutions 
to report the number of non-owners working for the applicant. Although 
some SERs and other stakeholders questioned the usefulness of 
employment data for 1071's purposes, the Bureau continues to believe 
that this information would be particularly helpful in fulfilling the 
business and community development purpose of section 1071. Information 
on the number of workers should help data users assess community 
development impacts by allowing better understanding of the number of 
jobs affected. In addition, in order to avoid mistaken over-reporting 
of workers, the proposed regulation would make clear that only non-
owners would be reported as workers.
    Proposed comment 107(a)(16)-1 would discuss the collection of the 
number of workers. As discussed above, several SERs and other 
stakeholders suggested that there could be particular complexities in 
accurately capturing this information, particularly regarding how part-
time and seasonal workers and contractors should be counted. To help 
alleviate these concerns, the proposed comment would state that in 
collecting the number of workers from an applicant, the financial 
institution would explain that full-time, part-time, and seasonal 
workers, as well as contractors who work primarily for the applicant, 
would be counted as workers, but principal owners of the business would 
not. If asked, the financial institution would explain that volunteers 
would not be counted as workers. This treatment of part-time, seasonal, 
contract, and volunteer workers would follow the SBA's method for 
counting employees,\635\ with minor simplifications. The Bureau 
believes that this guidance would allow financial institutions that 
originate SBA-guaranteed loans to use the same number of workers data 
for both the loan guarantee program and 1071 reporting. The Bureau 
seeks comment on whether further modifications to the number of workers 
data point are needed to facilitate this operational simplification.
---------------------------------------------------------------------------

    \635\ See 13 CFR 121.106(a).
---------------------------------------------------------------------------

    Proposed comment 107(a)(16)-1 would also explain that workers for 
affiliates of the applicant would only be counted if the financial 
institution were also collecting the affiliates' gross annual revenue. 
The Bureau believes that this coordination between these two data 
points would facilitate compliance and yield more consistent data.
    The proposed comment would further explain that the financial 
institution may rely on statements of or information provided by the 
applicant in collecting and reporting number of workers, but if the 
financial institution verifies the number of workers provided by the 
applicant, it must report the verified information. This guidance would 
address the concerns raised about the difficulty of verification. The 
Bureau believes that allowing financial institutions to rely on 
applicant-

[[Page 56469]]

provided information will sufficiently safeguard accuracy such that the 
resulting data will aid in fulfilling the purposes of 1071. However, 
the Bureau also believes that reporting the verified number of workers 
when the financial institution already possesses that information would 
not be operationally difficult, and would enhance the accuracy of the 
information collected.
    Finally, proposed comment 107(a)(16)-1 would also provide sample 
language that a financial institution could use to ask about the number 
of workers, if it does not collect the number of workers by another 
method. The Bureau understands that, as discussed above, financial 
institutions engaged in SBA lending are already collecting employee 
information to apply the SBA's size standards. However, SBA lending 
represents only a small percentage of the small business credit market. 
Given the difficulty for financial institutions in potentially 
requesting this information of all applicants, the Bureau provides the 
sample language in the proposed comment, which implements the 
simplified version of the SBA definition presented earlier in the 
proposed comment. The Bureau believes that permitting use of the model 
question would facilitate compliance. The Bureau seeks comment on this 
method of collection, and on the specific language proposed.
    Proposed comment 107(a)(16)-2 would first clarify that a financial 
institution shall maintain procedures reasonably designed to collect 
applicant-provided information, including the number of workers of the 
applicant. The proposed comment would then state that if a financial 
institution is nonetheless unable to collect or determine the number of 
workers of the applicant, the financial institution reports that the 
number of workers is ``not provided by applicant and otherwise 
undetermined.'' The Bureau believes that this approach would reduce the 
burden on financial institutions that are unable to collect or 
determine the number of workers of the applicant, particularly when an 
application is denied or withdrawn early in the application process.
    The Bureau seeks comment on its proposed approach to the number of 
workers data point, as well as on the specific requests for comment 
above. The Bureau also seeks comment on whether financial institutions 
collect information about the number of workers from applicants using 
definitions other than the SBA's, and how the collection of this data 
point could best be integrated with those collections of information.
107(a)(17) Time in Business
Background
    ECOA section 704B(e)(2)(H) authorizes the Bureau to require 
financial institutions to compile and maintain ``any additional data 
that the Bureau determines would aid in fulfilling the purposes of 
[section 1071].'' The Bureau believes that data providing the time in 
business of a small business applicant would aid in fulfilling both the 
business and community development and fair lending purposes of section 
1071, as explained below.
SBREFA Proposal Under Consideration and Feedback Received
    In the SBREFA Outline, the Bureau stated that it was considering 
proposing to include as a discretionary data point time in business of 
the applicant (as of the date of application), expressed in years, or 
months if less than one year.\636\ The Bureau stated that time-in-
business information could help explain differences in underwriting 
risk among small business applicants and thus avoid misinterpretation 
of the section 1071 dataset by distinguishing potentially riskier new 
businesses from less risky established businesses. Time-in-business 
information could also provide a better measurement of community 
development effects, in terms of number of start-ups or other 
relatively new businesses seeking and obtaining financing. The Bureau 
stated that a financial institution may choose to verify the time in 
business provided by an applicant as part of its normal course of 
business. If the financial institution does not verify the time in 
business provided by the applicant, the financial institution would 
report the time in business provided by the applicant. If the financial 
institution does verify the time in business provided by the applicant, 
it would report the verified information.
---------------------------------------------------------------------------

    \636\ SBREFA Outline at 34-35.
---------------------------------------------------------------------------

    Many SERs currently collect time-in-business information, 
explaining that time-in-business information is valuable for measuring 
risk in underwriting.\637\ However, some SERs collect this information 
on their application forms or keep it as part of a general narrative in 
a credit memorandum about the application, but do not retain it as a 
specific data field in their systems. Some SERs capture time-in-
business information by recording the year, or month/day/year, of 
incorporation; others capture it as the number of years the applicant 
has been in business. One SER stated that they do not support the 
inclusion of time in business as a data point in the NPRM, although 
they could collect this information.
---------------------------------------------------------------------------

    \637\ SBREFA Panel Report at 31.
---------------------------------------------------------------------------

    Several SERs stated that they use State incorporation filings to 
determine or verify time in business. Some SERs explained that they 
view a business as a start-up if it has been in business either less 
than two or less than three years. For one SER, time in business is 
relevant for the specific line of business for which financing is 
sought, rather than the length of time the applicant has been in some 
business generally. Another SER suggested that the Bureau use ranges 
for time-in-business reporting, similar to a suggested method for 
collecting and reporting gross annual revenue.
    The SBREFA Panel recommended (with respect to both the time in 
business and number of employees data points), that if these data 
points become part of the proposal, the Bureau continue to explore ways 
to minimize the burden to small financial institutions of collecting 
and reporting these data points.\638\
---------------------------------------------------------------------------

    \638\ Id. at 46.
---------------------------------------------------------------------------

    Community group stakeholders supported the inclusion of the time-
in-business data point, stating that start-ups and younger businesses 
often face challenges accessing credit, and having time-in-business 
data would be especially critical to exploring gender and racial 
disparities and fostering equitable access to affordable loan capital. 
Two industry stakeholders supported inclusion, stating that time in 
business is a key underwriting factor and could explain credit 
disparities. One community group stakeholder agreed, stating that time 
in business and other discretionary data points must be accounted for 
so credit providers cannot, as they said HMDA reporters have done for 
years, hide behind data not collected as justification for their 
lending disparities.
    A large majority of industry stakeholders opposed all discretionary 
data points, including time in business. One industry stakeholder 
focused specifically on the time-in-business data point, stating that 
there are too many variables in the data point to be easily and clearly 
defined for collection. That stakeholder provided examples of 
complications in collection of the data point, such as (1) the time the 
entity has existed or existed under the current ownership, (2) how much 
experience the owners have had in this business or closely related 
fields, (3) if the

[[Page 56470]]

experience is in closely related fields how close must they be, (4) 
whether the entity has history but is being purchased using loan funds 
by ownership with little experience, and (5) whether industry should 
report how long the existing management structure has been in place. It 
then requested that the Bureau drop this data point or make the options 
very simple.
    Industry stakeholders reported different ways that they currently 
collect and use time-in-business information. Stakeholders report that 
the information is not universally collected and may be collected using 
different formats, even within a single institution. A trade 
association suggested that reporting time in business should be 
optional. One stakeholder said that it verifies the data using 
Secretary of State or other third-party information, and that an 
applicant that does not meet the time-in-business requirement for a 
product may be automatically rejected. Two other stakeholders stated 
that they focus on the overall experience of the ownership or 
management, rather than the age of the business.
Proposed Rule
    Proposed Sec.  1002.107(a)(17) would require a financial 
institution to collect and report the time the applicant has been in 
business, described in whole years, as relied on or collected by the 
financial institution. Proposed Sec.  1002.107(a)(17) would require the 
data be reported in whole years, rather than ranges of time, as 
suggested by a SER and a stakeholder, because a financial institution 
would have a definite number of years if it collects this information, 
and the Bureau believes that would make the data more granular and 
useful.
    The Bureau continues to believe that time in business would likely 
advance both statutory purposes of 1071. Research illustrates, and 
commenters have emphasized, the role that start-ups and new businesses 
play in the business ecosystem and in promoting important community 
development aims, such as creating new jobs.\639\ Financial 
institutions often have special credit policies regarding start-ups and 
other young businesses, including whether the institution will extend 
credit to start-ups at all, the type(s) of credit products start-ups 
and new businesses can apply for, and the amount of credit for which 
they can be approved. Studies generally show that start-ups experience 
greater difficulty in accessing credit,\640\ and one community group 
stakeholder made the same point. In addition, one study suggested that 
Black- and Hispanic-owned firms are under-represented in terms of firms 
that have external financing, have lower levels of liquidity in their 
early years, and have higher rates of exiting the market within the 
first three years.\641\ In regard to the facilitation of fair lending 
analyses, time-in-business data would provide a useful control in fair 
lending analyses to identify similarly situated applicants and 
eliminate some false positives, while also allowing monitoring of 
potential disparate treatment of minority- and women-owned start-ups 
and relatively new businesses. In addition, many SERs reported that 
time-in-business information is valuable for measuring risk in 
underwriting, and they did not limit this observation to start-ups and 
new businesses. The Bureau also believes that collecting time-in-
business information generally, rather than in the first few years, 
would provide useful data for understanding the relative maturity of 
small businesses in different communities.
---------------------------------------------------------------------------

    \639\ See, e.g., Small Bus. Admin., 2018 Small Business 
Profiles, at 1-2 (2018), https://www.sba.gov/advocacy/2018-small-business-profiles-states-and-territories?utm_medium=email&utm_source=govdelivery; John 
Haltiwanger et al., Who Creates Jobs? Small versus Large versus 
Young, The Review of Economics and Statistics, 95(2), at 347-61 
(2013), https://direct.mit.edu/rest/article/95/2/347/58100/Who-Creates-Jobs-Small-versus-Large-versus-Young.
    \640\ For example, a Federal Reserve Bank of New York report, 
based on data from the 2016 Small Business Credit Surveys that 
included information from 12 Federal Reserve Banks, provides 
statistics on how start-ups are less likely to receive credit as 
compared to mature businesses, even with comparable credit scores. 
See Fed. Reserve Bank of N.Y., Small Business Credit Survey: Report 
on Start-up Firms, at iv (2017), https://www.newyorkfed.org/medialibrary/media/smallbusiness/2016/SBCS-Report-StartupFirms-2016.pdf.
    \641\ J.P. Morgan Chase, Small Business Owner Race, Liquidity 
and Survival (July 2020), https://www.jpmorganchase.com/content/dam/jpmc/jpmorgan-chase-and-co/institute/pdf/institute-small-business-owner-race-report.pdf.
---------------------------------------------------------------------------

    The Bureau believes that time-in-business data would benefit data 
users, including financial institutions, policymakers, and communities. 
Such data would allow data users to better identify the proportion of 
small businesses seeking credit that are start-ups or relatively new 
businesses, the type(s) of credit that is offered and provided to 
start-ups and newer businesses, the geographic makeup of those 
businesses, the types of financial institutions that are reaching such 
businesses, and where communities might focus business development 
efforts. The data may also aid policymakers in addressing issues 
impacting the growth of small start-ups. The data, particularly as to 
unmet demand, could help interested financial institutions identify 
lending opportunities to reach more start-ups and new businesses, 
promoting both business and community development.
    In addition, as some of the stakeholders suggested, the Bureau 
believes that the inclusion of time-in-business data could help 
mitigate the concerns of data misrepresentation. For example, data 
indicating that a small business applicant is a start-up with little 
experience or financial history could provide a legitimate business 
explanation for why the financial institution denied the application or 
approved it for less credit than was applied for. Therefore, time-in-
business data may help to explain the credit decision made by a 
financial institution, which may address any concerns of data 
misrepresentation.
    The Bureau is not proposing to make this data field optional, as 
suggested by a trade association. The Bureau is concerned that, if it 
were to do so, very little data would be reported.
    As explained above, the SBREFA Panel recommended that the Bureau 
explore ways to minimize the burden on small financial institutions of 
collecting and reporting the time-in-business data point. SERs and 
industry stakeholders reported different ways that they currently 
collect and use time-in-business information, reporting that the 
information is not universally collected and may be collected using 
different formats, even within a single institution. The Bureau 
believes that by allowing financial institutions to report the time in 
business that they relied on in making their credit decisions, the 
burden on the financial institution (of any size) could be reduced, 
while the resulting information would still aid in fulfilling the 
purposes of section 1071. Although industry commenters overwhelmingly 
expressed concern about the burden associated with any discretionary 
data points as a general matter, the Bureau believes that time-in-
business information can be made relatively easy for financial 
institutions to collect if the Bureau leverages the methods currently 
in use by individual financial institutions. As the SERs and 
stakeholders explained, many or possibly most financial institutions 
already collect time-in-business information for underwriting purposes 
or to determine general eligibility, though the format and specific 
information collected vary by institution \642\ and may relate to owner

[[Page 56471]]

or management experience rather than business longevity. Therefore, the 
Bureau is proposing that financial institutions that collect time-in-
business information be required to report the time in business that 
they relied on (or would have relied on, for applications that were 
withdrawn prior to a credit decision) in making the credit decision. If 
the financial institution collects time-in-business information that 
reflects owner or management experience rather than business longevity, 
the financial institution would report time in business using the 
number it collects and relies on reflecting owner or management 
experience. If the financial institution relies on verified 
information, it reports the verified information. If it does not verify 
the information, it reports the unverified information. Requiring 
reporting of time in business ``relied on'' should avoid requiring 
financial institutions that collect some version of this information to 
change their practices or add extra procedures to collect the Bureau's 
version of time in business. In addition, the Bureau believes that 
collecting the actual information used by the financial institution to 
evaluate the application would aid fair lending analysis. Furthermore, 
the Bureau does not believe that the variations among the data 
collected by individual institutions would interfere with the business 
and community development purpose of 1071, because the information 
would still be useful in identifying new ownership, management, and 
businesses that may face credit challenges.
---------------------------------------------------------------------------

    \642\ Of a limited sample of application forms the Bureau 
reviewed from a variety of types of financial institutions, a 
majority of forms contained some type of time-in-business field. 
When the Bureau looked at lenders that have undergone a small 
business fair lending exam from the Bureau, a few (but not the 
majority) maintained data on time in business in their existing 
systems. Examples of time-in-business reference points include time 
of formation or registration, time under current ownership, and 
history of financial records, recorded as either month and year or 
just year.
---------------------------------------------------------------------------

    In addition to providing some financial institutions with the 
ability to avoid duplicative information gathering by simply reporting 
the time in business relied on, the proposed data point would also 
facilitate compliance for financial institutions that do not currently 
collect or rely on time-in-business information by allowing them to use 
the specific question provided in proposed comment 107(a)(17)-4, as 
explained below. The Bureau believes that permitting these two proposed 
methods for collection and reporting should accommodate different 
institutional practices and reduce operational difficulty for financial 
institutions in reporting this data point.
    In order to clarify the potential use of the two methods (relied on 
or collected) of reporting for the time-in-business data point, 
proposed comment 107(a)(17)-1 would provide guidance on how to report 
using either method. The proposed comment would explain that, 
regardless of which method is used, the financial institution must 
report the time in business in whole years, or indicate if a business 
has not begun operating yet, or has been in operation for less than a 
year. The Bureau believes that this reporting format would inform data 
users of the maturity of the applicant businesses and signal which are 
start-ups.
    Proposed comment 107(a)(17)-1 would further explain that when the 
financial institution relies on an applicant's time in business as part 
of a credit decision, it reports the time in business relied on in 
making the credit decision. However, the comment would further explain 
that proposed Sec.  1002.107(a)(17) would not require the financial 
institution to rely on an applicant's time in business in making a 
credit decision. The Bureau believes that this guidance would make 
clear that the requirement to collect and report applicants' time in 
business would not change the financial institution's internal business 
practices. A financial institution would only be required to report the 
time in business relied on in making the credit decision if the 
financial institution actually does rely on an applicant's time in 
business in making its credit decision.
    Proposed comment 107(a)(17)-1 would also explain that the financial 
institution may rely on statements or information provided by the 
applicant in collecting and reporting time in business; however, 
pursuant to proposed Sec.  1002.107(b), if the financial institution 
verifies the time in business provided by the applicant, it must report 
the verified information. This guidance would apply whether the 
financial institution relies on the time in business in making its 
credit decision or not, although the Bureau believes that verification 
would be very uncommon when the financial institution is not relying on 
the information. The Bureau believes that allowing financial 
institutions to rely on applicant-provided information will 
sufficiently safeguard accuracy such that the resulting data will aid 
in fulfilling the purposes of 1071. However, the Bureau also believes 
that reporting the verified time in business when the financial 
institution already possesses that information would not be 
operationally difficult, and would enhance the accuracy of the 
information collected and ensure that it was the information that the 
financial institution relied on in making the credit decision.
    Proposed comment 107(a)(17)-2 would provide instructions on how to 
report the time in business relied on in making the credit decision. 
The proposed comment would state that when a financial institution 
evaluates an applicant's time in business as part of a credit decision, 
it reports the time in business relied on in making the credit 
decision. For example, the proposed comment would further explain, if 
the financial institution relies on the number of years of experience 
the applicant's owners have in the current line of business, the 
financial institution reports that number of years as the time in 
business. Similarly, if the financial institution relies on the number 
of years that the applicant has existed, the financial institution 
reports the number of years that the applicant has existed as the time 
in business. Proposed comment 107(a)(17)-2 would then conclude by 
stating that a financial institution reports the length of business 
existence or experience duration that it relies on in making its credit 
decision, and is not required to adopt any particular definition of 
time in business. The Bureau believes that this proposed comment would 
provide useful guidance on how a financial institution complies with 
Sec.  1002.107(a)(17) when it relies on time in business and would help 
such financial institutions avoid unnecessary compliance difficulties 
by reporting information that they already possess.
    Proposed comment 107(a)(17)-3 would state that a financial 
institution relies on an applicant's time in business in making a 
credit decision if the time in business was a factor in the credit 
decision, even if it was not a dispositive factor. The comment would 
provide the example that if the time in business is one of multiple 
factors in the financial institution's credit decision, the financial 
institution has relied on the time in business even if the financial 
institution denies the application because one or more underwriting 
requirements other than the time in business are not satisfied. The 
Bureau believes that this guidance would help financial institutions to 
understand how to comply correctly with proposed Sec.  1002.107(a)(17).
    Proposed comment 107(a)(17)-4 would clarify that if the financial 
institution does not rely on time in business in considering an 
application, pursuant to proposed Sec.  1002.107(c)(1) it shall still 
maintain procedures reasonably designed to collect applicant-provided 
information, which

[[Page 56472]]

includes the applicant's time in business. The proposed comment would 
explain that in collecting time in business from an applicant, the 
financial institution complies with proposed Sec.  1002.107(a)(17) by 
asking for the number of years that the applicant has been operating 
the business it operates now. The proposed comment would further 
explain that when the applicant has multiple owners with different 
numbers of years operating that business, the financial institution 
collects and reports the greatest number of years of any owner. As 
discussed above, the Bureau believes that providing this clear 
instruction on how to collect the time in business when a financial 
institution does not do so now would avoid the potential complications 
and difficulties described by the SERs and industry stakeholders in 
collecting this data point. In addition, the Bureau notes that, as 
would be made clear in proposed comment 107(a)(17)-1, a financial 
institution would not need to verify an applicant's response to the 
inquiry. Proposed comment 107(a)(17)-4 would then conclude by making 
clear that the financial institution does not need to comply with the 
instruction if it collects and relies on the time in business by 
another method in making the credit decision.
    Proposed comment 107(a)(17)-5 would explain that pursuant to 
proposed Sec.  1002.107(c)(1) a financial institution shall maintain 
reasonable procedures to collect information provided by the applicant, 
which includes the time in business of the applicant, but if the 
financial institution is unable to collect or determine the time in 
business of the applicant, the financial institution reports that the 
time in business is ``not provided by applicant and otherwise 
undetermined.'' The Bureau believes that permitting use of this 
response would facilitate compliance, particularly in situations in 
which the application is denied or withdrawn early in the application 
process.
    The Bureau seeks comment on its proposed approach to this data 
point. The Bureau also seeks comment on whether time-in-business 
information may be less relevant or collectable for certain products or 
situations (such as retailer-branded credit cards acquired at point of 
sale) and whether reporting ``not applicable'' should be allowed in 
those instances. In addition, the Bureau seeks comment on whether there 
should be an upper limit on time in business--for example, to allow 
reporting of ``over 20 years'' for any applicant of that duration, 
rather than requiring reporting of a specific number of years.
107(a)(18) Minority-Owned Business Status
Background
    ECOA section 704B(b) requires financial institutions to inquire 
whether applicants for credit are minority-owned businesses and to 
maintain a record of the responses to that inquiry separate from the 
applications and accompanying information. Section 704B(c) provides 
that applicants for credit may refuse to provide information requested 
pursuant to 704B(b). The Bureau is proposing Sec.  1002.107(a)(18) to 
address how a financial institution would collect and report an 
applicant's minority-owned business status.
SBREFA Proposal Under Consideration and Feedback
    In the SBREFA Outline, the Bureau stated that it was considering 
proposing that financial institutions be permitted to collect and 
report minority-owned business status solely based on applicant self-
reporting and that the Bureau was not considering requiring reporting 
based on visual observation and/or surname.\643\ The Bureau also stated 
that it was considering proposing that the right to refuse under ECOA 
section 704B(c) apply to the financial institution's specific inquiries 
regarding minority-owned business status as well as women-owned status 
and the principal owners' race, sex, and ethnicity
---------------------------------------------------------------------------

    \643\ SBREFA Outline at 25-26.
---------------------------------------------------------------------------

    Several SERs supported this approach and urged the Bureau to 
require collection and reporting of minority-owned business status 
based only on the information the applicant provides (i.e., self-
reporting).\644\ SERs also expressed concerns about the difficulties 
and costs that may be associated with collecting minority-owned 
business status on some basis other than applicant self-reporting. For 
example, although many SERs indicated that they review some ownership 
information about applicants in order to obtain guarantees or for other 
reasons, most of those SERs said that they do not review the accrual of 
net profits and losses and some said that they do not review 
information related to who controls an applicant. One SER said that 
determining ownership is relatively straightforward, but the issue of 
control can be subjective. One SER said that it would not be able to 
determine who controlled an applicant and that an applicant would need 
to self-report that information. Another SER noted that some small 
business applicants do not have simple ownership structures. A 
different SER stated that some financial institutions do not meet in 
person with all of the owners of small business applicants.
---------------------------------------------------------------------------

    \644\ SBREFA Panel Report at 26.
---------------------------------------------------------------------------

    Other industry stakeholders providing feedback on the SBREFA 
Outline also supported collection and reporting of minority-owned 
business status based only on applicant self-reporting and noted 
several challenges with reporting this data point based on visual 
observation and/or surname. Some industry commenters stated that it 
would not be possible to report minority-owned business status based on 
visual observation and/or surname in at least some circumstances. 
Others expressed concerns about the cost and time required to do so. 
One industry commenter noted that the tracking of ownership and other 
information needed to report based on visual observation and/or surname 
would be laborious. Another commenter noted that some financial 
institutions do not obtain the information necessary to make the 
determinations that would underlie a visual observation requirement 
(i.e., information about ownership, control, etc.). One commenter 
specifically noted that the statute only requires financial 
institutions to ``inquire'' about minority-owned business status. 
Conversely, a community group opposed reporting based only on applicant 
self-reporting.
    Some commenters stated that financial institutions should not be 
required to collect or report this information at all, or that they 
should not be required to collect or report it in certain situations, 
such as when a trust or other entity owns or controls an applicant.
    Some SERs and a few other commenters said that the Bureau should 
create a tool or otherwise arrange for applicants to self-report, at 
least, demographic information (namely, minority-owned business status 
and women-owned business status as well as the ethnicity, race, and sex 
of principal owners) directly to the Bureau or to a third-party that 
maintains a database of such information.
    Some SERs were concerned that, if notified of their right to 
refuse, applicants may not provide protected demographic information, 
thus limiting the usefulness of 1071 data. One SER and several other 
commenters similarly agreed with the Bureau's proposal under 
consideration to limit the right to refuse to applicants' protected 
demographic information only. However, three commenters opined that the 
Bureau's approach was too limited and that the right to refuse should 
apply to small business status as well as other data

[[Page 56473]]

points. Several SERs requested that the Bureau provide sample language 
for use in any disclosure and collection forms in which an applicant's 
right to refuse is stated, so that applicants understand why lenders 
are requesting protected demographic information and how the 
information will be used. Two SERs asked that the Bureau provide sample 
language in English as well as in other languages, such as Spanish.
    The SBREFA Panel recommended that the Bureau consider creating 
sample data collection forms that, to the extent possible, simply and 
clearly explain the information being requested for purposes of this 
data point. The SBREFA Panel recommended that the Bureau consider 
developing sample disclosure language that financial institutions may 
use to provide some context as to why applicants are being asked to 
provide protected demographic information, in order to encourage 
applicants to respond. It also said that the Bureau should additionally 
consider providing these sample data collection forms in other 
languages, such as Spanish.\645\
---------------------------------------------------------------------------

    \645\ Id. at 45.
---------------------------------------------------------------------------

Proposed Rule
    Consistent with its approach during the SBREFA process, proposed 
Sec.  1002.107(a)(18) would require financial institutions to collect 
and report whether an applicant is a minority-owned business. Proposed 
Sec.  1002.107(a)(18) would also require financial institutions to 
collect and report whether minority-owned business status is being 
reported based on previously collected data pursuant to proposed Sec.  
1002.107(c)(2). It would also require that when the financial 
institution requests minority-owned business status from an applicant, 
the financial institution inform the applicant that the financial 
institution cannot discriminate on the basis of the applicant's 
minority-owned business status, or on whether the applicant provides 
this information. Finally, proposed Sec.  1002.107(a)(18) would refer 
to proposed appendix F for additional details regarding how financial 
institutions are required to collect and report minority-owned business 
status. Proposed appendix F would include a requirement that a 
financial institution inform an applicant that the applicant is not 
required to respond to the financial institution's questions regarding 
the applicant's minority-owned business status and women-owned business 
status, and a prohibition on financial institutions requiring 
applicants to provide this information.\646\ Consistent with the SBREFA 
Panel's recommendation, proposed appendix E, which is a sample data 
collection form, would include a question about minority-owned business 
status and related information to assist applicants with responding to 
the question.\647\
---------------------------------------------------------------------------

    \646\ Proposed appendix G would include a similar requirement to 
notify applicants that they are not required to provide information 
regarding principal owners' ethnicity, race, and sex and a similar 
prohibition on financial institutions requiring that applicants 
provide such information.
    \647\ The Bureau seeks additional comment regarding foreign 
language forms and notices in the section-by-section analysis of 
proposed appendix E below.
---------------------------------------------------------------------------

    Proposed comment 107(a)(18)-1 would clarify that a financial 
institution would be required to ask an applicant if it is a minority-
owned business for each covered application unless the financial 
institution is permitted to report minority-owned business status based 
on previously collected data. Additionally, the financial institution 
would be required to permit an applicant to refuse to answer the 
financial institution's inquiry and to inform the applicant that it is 
not required to provide the information. The financial institution 
would report the applicant's response, its refusal to answer the 
inquiry (such as when the applicant indicates that it does not wish to 
provide the requested information), or its failure to respond (such as 
when the applicant fails to submit a data collection form) to the 
inquiry. See proposed appendix F for additional instructions on how the 
Bureau proposes that financial institutions collect and report 
minority-owned business status.
    Proposed comment 107(a)(18)-2 would explain that a financial 
institution must inform the applicant that the financial institution 
cannot discriminate on the basis of an applicant's minority-owned 
business status or on whether the applicant provides the information. 
It would also clarify that a financial institution may combine this 
non-discrimination notice regarding minority-owned business status with 
the similar non-discrimination notices that a financial institution is 
required to provide when requesting women-owned business status and a 
principal owner's ethnicity, race, and sex if a financial institution 
requests minority-owned business status, women-owned business status, 
and/or a principal owner's ethnicity, race, and sex in the same data 
collection form or at the same time.
    Proposed comment 107(a)(18)-3 would explain how, pursuant to 
proposed Sec.  1002.111(b), financial institutions must record an 
applicant's response regarding minority-owned business status pursuant 
to proposed Sec.  1002.107(a)(18) separate from the application and 
accompanying information. This proposed comment would also provide 
examples of how responses could be recorded separately from the 
application and accompanying information.
    Proposed comment 107(a)(18)-4 would state that pursuant to proposed 
Sec.  1002.107(c)(1), a financial institution shall maintain procedures 
reasonably designed to collect applicant-provided information, which 
includes the applicant's minority-owned business status. However, if a 
financial institution does not receive a response to its inquiry, the 
financial institution would report that the applicant's minority-owned 
business status is ``not provided by applicant.''
    Proposed comment 107(a)(18)-5 would state that notwithstanding 
proposed Sec.  1002.107(b) (regarding verification of applicant-
provided information), a financial institution would report the 
applicant's response, its refusal to answer the inquiry, or its failure 
to respond to the inquiry pursuant to proposed Sec.  1002.107(a)(18), 
even if the financial institution verifies or otherwise obtains an 
applicant's minority-owned business status for other purposes. 
Moreover, as proposed in the instructions in appendix F, a financial 
institution would not be required or permitted to verify the 
applicant's response to the financial institution's inquiry pursuant to 
proposed Sec.  1002.107(a)(18) regarding minority-owned business 
status.
    Proposed comment 107(a)(18)-6 would clarify that a financial 
institution does not report minority-owned business status based on 
visual observation, surname, or any basis other than the applicant's 
response to the inquiry that the financial institution makes to satisfy 
Sec.  1002.107(a)(18) or, if the financial institution is permitted to 
report based on previously collected data, on the basis of the 
applicant's response to the inquiry that the financial institution 
previously made to satisfy Sec.  1002.107(a)(18).
    Proposed comment 107(a)(18)-7 would clarify that a financial 
institution may report minority-owned business status based on 
previously collected data if the financial institution is permitted to 
do so pursuant to proposed Sec.  1002.107(c)(2) and its commentary.
    Consistent with its approach during the SBREFA process, the Bureau 
is not proposing that financial institutions collect or report 
minority-owned

[[Page 56474]]

business status based on visual observation, surname, or any method 
other than an applicant-provided response to a specific inquiry asked 
for purposes of proposed Sec.  1002.107(a)(18). Similarly, the Bureau 
is not proposing that financial institutions be permitted or required 
to verify an applicant's response. Although the Bureau is proposing 
that financial institutions collect and report a principal owner's 
ethnicity and race based on visual observation and/or surname in 
certain circumstances, the Bureau believes that there would be 
additional complexities and difficulties with attempting to collect and 
report minority-owned business status based on visual observation and/
or surname. Some of these additional difficulties arise because the 
financial institution may need to determine who controls the applicant 
as well as who owns the applicant and who realizes the net profits and 
losses. Other difficulties arise from the fact that the financial 
institution would need to know how each natural person it meets with in 
person fits into the ownership structure of the applicant as well as 
its control and profit structures. For example, it would not be 
sufficient to know whether a natural person is an owner. The financial 
institution also would need to know what percentage of the ownership 
interest and control the natural person held and, if that ownership was 
not more than 50 percent, the institution would need to know who owned 
and controlled the remainder of the applicant. An additional 
complication, specific to this data point, arises when the financial 
institution is not able to visually observe absent owners. In these 
cases, the financial institution may not be able to determine if the 
business is a minority-owned business. Thus, even if a financial 
institution has an in-person meeting with one or more natural persons 
associated with an applicant, it may be difficult or impossible for the 
financial institution to determine if an applicant is a minority-owned 
business.
    The Bureau seeks comment on its proposed approach to this data 
point, including the proposed methods of collecting and reporting the 
data. The Bureau also requests comment on whether additional 
clarification regarding any aspect of this data point is needed. In 
particular, the Bureau seeks comment on whether applicants are likely 
to have difficulty understanding and determining the information they 
are being asked to provide and, if so, how the Bureau may mitigate such 
difficulties.
107(a)(19) Women-Owned Business Status
Background
    ECOA section 704B(b) requires financial institutions to inquire 
whether applicants for credit are women-owned businesses and to 
maintain a record of the responses to that inquiry separate from the 
applications and accompanying information. Section 704B(c) provides 
that applicants for credit may refuse to provide information requested 
pursuant to 704B(b). The Bureau is proposing Sec.  1002.107(a)(19) to 
address how a financial institution would collect and report an 
applicant's women-owned business status.
SBREFA Proposal Under Consideration and Feedback Received
    In the SBREFA Outline, the Bureau stated that it was considering 
proposing that financial institutions be permitted to collect and 
report women-owned business status solely based on applicant self-
reporting and that the Bureau was not considering requiring reporting 
based on visual observation and/or surname.\648\ The Bureau also stated 
that it was considering proposing that the right to refuse under ECOA 
section 704B(c) apply to the financial institution's specific inquiries 
regarding minority-owned business status as well as women-owned status 
and the principal owners' race, sex, and ethnicity.
---------------------------------------------------------------------------

    \648\ SBREFA Outline at 25-26.
---------------------------------------------------------------------------

    As with collecting and reporting minority-owned business status, 
several SERs supported this approach and urged the Bureau to require 
collection and reporting of women-owned business status based only on 
the information the applicant provides (i.e., self-reporting).\649\ 
SERs also expressed concerns about the difficulties and costs that may 
be associated with collecting women-owned business status on some basis 
other than applicant self-reporting. For example, although many SERs 
indicated that they review some ownership information about applicants 
in order to obtain guarantees or for other reasons, most of those SERs 
said that they do not review the accrual of net profits and losses and 
some said that they do not review information related to who controls 
an applicant. One SER said that determining ownership is relatively 
straightforward, but the issue of control can be subjective. One SER 
said that it would not be able to determine who controlled an applicant 
and that an applicant would need to self-report that information. 
Another SER noted that some small business applicants do not have 
simple ownership structures. A different SER stated that some financial 
institutions do not meet in person with all of the owners of small 
business applicants.
---------------------------------------------------------------------------

    \649\ SBREFA Panel Report at 26.
---------------------------------------------------------------------------

    As with collecting and reporting minority-owned business status, 
other industry stakeholders providing feedback on the SBREFA Outline 
also supported collection and reporting of women-owned business status 
based only on applicant self-reporting and noted several challenges 
with reporting this data point based on visual observation and/or 
surname. Some industry commenters stated that it would not be possible 
to report women-owned business status based on visual observation and/
or surname in, at least, some circumstances. Others expressed concerns 
about the cost and time required to do so. One industry commenter noted 
that the tracking of ownership and other information needed to report 
based on visual observation and/or surname would be laborious. Another 
commenter noted that some financial institutions do not obtain the 
information necessary to make the determinations that would underlie a 
visual observation requirement (i.e., information about ownership, 
control, etc.). One commenter specifically noted that the statute only 
requires financial institutions to ``inquire'' about women-owned 
business status. Conversely, a community group opposed reporting based 
only on applicant self-reporting.
    Some commenters stated that financial institutions should not be 
required to collect or report this information at all, or that they 
should not be required to collect or report it in certain situations, 
such as when a trust or other entity owns or controls an applicant.
    Some SERs and a few other commenters said that the Bureau should 
create a tool or otherwise arrange for applicants to self-report, at 
least, demographic information (namely women-owned business status and 
minority-owned business status as well as the ethnicity, race, and sex 
of principal owners) directly to the Bureau or to a third-party that 
maintains a database of such information.
    Some SERs were concerned that, if notified of their right to 
refuse, applicants may not provide protected demographic information, 
thus limiting the usefulness of 1071 data. One SER and several other 
commenters similarly agreed with the Bureau's proposal under 
consideration to limit the right to refuse to applicants' protected 
demographic information only. However, three

[[Page 56475]]

commenters opined that the Bureau's approach was too limited and that 
the right to refuse should apply to small business status as well as 
other data points. Several SERs requested that the Bureau provide 
sample language for use in any disclosure and collection forms in which 
an applicant's right to refuse is stated, so that applicants understand 
why lenders are requesting protected demographic information and how 
the information will be used. Two SERs asked that the Bureau provide 
sample language in English as well as in other languages, such as 
Spanish.
    The SBREFA Panel recommended that the Bureau consider creating 
sample data collection forms that, to the extent possible, simply and 
clearly explain the information being requested for purposes of this 
data point.\650\ The SBREFA Panel recommended that the Bureau consider 
developing sample disclosure language that financial institutions may 
use to provide some context as to why applicants are being asked to 
provide protected demographic information, in order to encourage 
applicants to respond.\651\ It also recommended that the Bureau should 
consider providing these sample data collection forms in other 
languages, such as Spanish.\652\
---------------------------------------------------------------------------

    \650\ Id. at 45.
    \651\ Id.
    \652\ Id.
---------------------------------------------------------------------------

Proposed Rule
    Consistent with its approach during the SBREFA process, proposed 
Sec.  1002.107(a)(19) would require financial institutions to collect 
and report whether an applicant is a women-owned business. Proposed 
Sec.  1002.107(a)(19) would also require financial institutions to 
collect and report whether women-owned business status is being 
reported based on previously collected data pursuant to proposed Sec.  
1002.107(c)(2). It would also require that when the financial 
institution requests women-owned business status from an applicant, the 
financial institution inform the applicant that the financial 
institution cannot discriminate on the basis of the applicant's women-
owned business status, or on whether the applicant provides this 
information. Finally, proposed Sec.  1002.107(a)(19) would refer to 
proposed appendix F for additional details regarding how financial 
institutions are required to collect and report women-owned business 
status. Proposed appendix F would include a requirement that a 
financial institution inform an applicant that the applicant is not 
required to respond to the financial institution's questions regarding 
the applicant's women-owned business status and minority-owned business 
status, and a prohibition on financial institutions requiring 
applicants to provide this information. Consistent with the SBREFA 
Panel's recommendation, proposed appendix E, which is a sample data 
collection form, would include a question about women-owned business 
status and related information to assist applicants with responding to 
the question.
    Proposed comment 107(a)(19)-1 would clarify that a financial 
institution would be required to ask an applicant if it is a women-
owned business for each covered application unless the financial 
institution is permitted to report women-owned business status based on 
previously collected data. Additionally, the financial institution 
would be required to permit an applicant to refuse to answer the 
financial institution's inquiry and to inform the applicant that it is 
not required to provide the information. The financial institution 
would report the applicant's response, its refusal to answer the 
inquiry (such as when the applicant indicates that it does not wish to 
provide the requested information), or its failure to respond (such as 
when the applicant fails to submit a data collection form) to the 
inquiry. See proposed appendix F for additional instructions on how the 
Bureau proposes that financial institutions collect and report women-
owned business status.
    Proposed comment 107(a)(19)-2 would explain that a financial 
institution must inform the applicant that the financial institution 
cannot discriminate on the basis of an applicant's women-owned business 
status or on whether the applicant provides the information. It would 
also clarify that a financial institution may combine this non-
discrimination notice regarding women-owned business status with the 
similar non-discrimination notices that a financial institution is 
required to provide when requesting minority-owned business status and 
a principal owner's ethnicity, race, and sex if a financial institution 
requests minority-owned business status, women-owned business status, 
and/or a principal owner's ethnicity, race, and sex in the same data 
collection form or at the same time.
    Proposed comment 107(a)(19)-3 would explain how, pursuant to 
proposed Sec.  1002.111(b), financial institutions must record an 
applicant's response regarding women-owned business status pursuant to 
proposed Sec.  1002.107(a)(19) separate from the application and 
accompanying information. This proposed comment would also provide 
examples of how responses could be recorded separately from the 
application and accompanying information.
    Proposed comment 107(a)(19)-4 would state that pursuant to proposed 
Sec.  1002.107(c)(1), a financial institution shall maintain procedures 
reasonably designed to collect applicant-provided information, which 
includes the applicant's women-owned business status. However, if a 
financial institution does not receive a response, the financial 
institution would report that the applicant's women-owned business 
status is ``not provided by applicant.''
    Proposed comment 107(a)(19)-5 would state that notwithstanding 
proposed Sec.  1002.107(b) (regarding verification of applicant-
provided information), a financial institution would report the 
applicant's response, its refusal to answer the inquiry, or its failure 
to respond to the inquiry pursuant to proposed Sec.  1002.107(a)(19), 
even if the financial institution verifies or otherwise obtains an 
applicant's women-owned business status for other purposes. Moreover, 
as proposed in the instructions in appendix F, a financial institution 
would not be required or permitted to verify the applicant's response 
to the financial institution's inquiry pursuant to proposed Sec.  
1002.107(a)(19) regarding women-owned business status. Thus, for 
example, under the principle articulated in proposed comment 
107(a)(19)-5, a financial institution could not second guess an 
applicant's decision to determine whether it is a women-owned business 
for purposes of proposed Sec.  1002.107(a)(19) based on the gender 
identity of the principal owners. The Bureau seeks comment on whether 
it would be useful to expressly codify this application of the 
principle in the commentary.
    Proposed comment 107(a)(19)-6 would clarify that a financial 
institution does not report women-owned business status based on visual 
observation, surname, or any basis other than the applicant's response 
to the inquiry that the financial institution makes to satisfy proposed 
Sec.  1002.107(a)(19) or, if the financial institution is permitted to 
report based on previously collected data, on the basis of the 
applicant's response to the inquiry that the financial institution 
previously made to satisfy proposed Sec.  1002.107(a)(19).
    Proposed comment 107(a)(19)-7 would clarify that a financial 
institution may report women-owned business status based on previously 
collected

[[Page 56476]]

data if the financial institution is permitted to do so pursuant to 
proposed Sec.  1002.107(c)(2) and its commentary.
    Consistent with its approach during the SBREFA process, the Bureau 
is not proposing that financial institutions collect or report women-
owned business status based on visual observation, surname, or any 
method other than an applicant-provided response to a specific inquiry 
asked for purposes of proposed Sec.  1002.107(a)(19). Similarly, the 
Bureau is not proposing that financial institutions be permitted or 
required to verify an applicant's response. Although the Bureau is 
proposing that financial institutions collect and report a principal 
owner's ethnicity and race based on visual observation and/or surname 
in certain circumstances, the Bureau believes that there would be 
additional complexities and difficulties with attempting to collect and 
report women-owned business status based on visual observation and/or 
surname. Some of these additional difficulties arise because the 
financial institution may need to determine who controls the applicant 
as well as who owns the applicant and who realizes the net profits and 
losses. Other difficulties arise from the fact that the financial 
institution would need to know how each natural person it meets with in 
person fits into the ownership structure of the applicant as well as 
its control and profit structures. For example, it would not be 
sufficient to know whether a natural person is an owner. The financial 
institution also would need to know what percentage of the ownership 
interest and control the natural person held and, if that ownership was 
not more than 50 percent, the institution would need to know who owned 
and controlled the remainder of the applicant. An additional 
complication, specific to this data point, arises when the financial 
institution is not able to visually observe absent owners. In these 
cases, the financial institution may not be able to determine if the 
business is a women-owned business. Thus, even if a financial 
institution has an in-person meeting with one or more natural persons 
associated with an applicant, it may be difficult or impossible for the 
financial institution to determine if an applicant is a women-owned 
business.
    The Bureau seeks comment on its proposed approach to this data 
point, including the proposed methods of collecting and reporting the 
data. The Bureau also requests comment on whether additional 
clarification regarding any aspect of this data point is needed. In 
particular, the Bureau seeks comment on whether applicants are likely 
to have difficulty understanding and determining the information they 
are being asked to provide and, if so, how the Bureau may mitigate such 
difficulties.
107(a)(20) Ethnicity, Race, and Sex of Principal Owners
Background
    ECOA section 704B(e)(2)(G) requires financial institutions to 
compile and maintain certain information, including the race, sex, and 
ethnicity of an applicant's principal owners. However, section 1071 
does not set out what categories should be used when collecting and 
reporting this information. The Bureau is proposing Sec.  
1002.107(a)(20) to address how a financial institution would collect 
and report the ethnicity, race, and sex of an applicant's principal 
owners. See the section-by-section analysis of proposed Sec.  
1002.102(o) above for a discussion of the definition of a principal 
owner.
SBREFA Proposal Under Consideration and Feedback
    In the SBREFA Outline, the Bureau stated that it was considering 
proposing that financial institutions use the aggregate race, sex, and 
ethnicity categories from Regulation C when requesting that applicants 
provide race, sex, and ethnicity information of principal owners.\653\
---------------------------------------------------------------------------

    \653\ SBREFA Outline at 32.
---------------------------------------------------------------------------

    SERs were generally supportive of aligning the race, sex, and 
ethnicity categories used for reporting demographic information about 
principal owners in 1071 with the aggregate categories used in 
Regulation C for HMDA.\654\ However, one SER stated that the Bureau 
should consider revisiting the use of male and female as categories for 
sex because gender is not binary. Additionally, some other 
stakeholders, including community groups and a trade association, were 
opposed to using the HMDA aggregate categories for reporting race and 
ethnicity. Generally, these commenters opposed the use of the aggregate 
categories because, they said, those categories could mask 
discrimination and do not provide sufficient detail or context. These 
commenters generally supported use of the HMDA disaggregated 
subcategories for reporting a principal owner's race and ethnicity.
---------------------------------------------------------------------------

    \654\ SBREFA Panel Report at 29-30.
---------------------------------------------------------------------------

    Additionally, in the SBREFA Outline, the Bureau stated that it was 
considering proposing that the collection and reporting of a principal 
owner's race, sex, and ethnicity be based solely on applicant self-
reporting. The Bureau stated in the SBREFA Outline that it anticipated 
that requiring reporting based on visual observation and/or surname 
could create unwarranted compliance burdens in the context of small 
business lending, although the Bureau sought feedback on the potential 
challenges, costs, and benefits of implementing such a requirement. The 
Bureau also stated in the SBREFA Outline that it was considering 
developing a sample data collection form to assist industry in 
collecting this information and to communicate an applicant's right to 
refuse to provide such information.\655\
---------------------------------------------------------------------------

    \655\ SBREFA Outline at 32.
---------------------------------------------------------------------------

    SERs generally supported applicants' self-reporting of principal 
owners' race, sex, and ethnicity and strongly preferred that financial 
institutions not be required to report based on visual observation and/
or surname. Some SERs said financial institutions should not be 
required to ``guess'' the race, sex, and ethnicity of principal owners, 
remarking, among other things, that doing so is both extremely 
difficult and ineffective, and that collecting demographic information 
based on visual observation makes staff uncomfortable. Another SER said 
that reporting demographic information based on visual observation and/
or surname is likely to introduce both error and bias to the process. 
One SER stated that financial institutions do not always meet with all 
principal owners of a business in person and that financial 
institutions occasionally meet with a manager or officer who might not 
be a principal owner. Conversely, another SER stated that when relying 
on applicants to self-report demographic information, there are higher 
rates of non-FEFF responses in the business lending context compared to 
consumer residential lending. This SER suggested that the Bureau will 
need to account for this disparity.
    Other industry and trade association stakeholders that commented on 
the SBREFA Outline also generally supported applicants' self-reporting 
of principal owners' race, sex, and ethnicity and strongly preferred 
that financial institutions not be required to report this information 
based on visual observation and/or surname. Some of these commenters 
noted that some financial institutions might not know who a business's 
principal owners are, might not collect the information necessary to 
determine who they are, or might not meet in person with principal 
owners. Others asserted that reporting

[[Page 56477]]

based on visual observation and/or surname increases the cost and time 
to process a small business loan, may result in inaccurate data, and 
may create awkward situations or customer disputes. One trade 
association argued that the statute only requires financial 
institutions to ``inquire'' about a principal owner's race, sex, and 
ethnicity. However, two community groups stated that financial 
institutions should be permitted or required to report based on visual 
observation and/or surname when an applicant does not provide the 
information, and a CDFI stated that financial institutions should be 
required to report race, sex, and ethnicity based on visual observation 
and/or surname only when an applicant does not provide the information 
and does not refuse to provide the information.
    Two industry commenters suggested that the Bureau create a tool or 
otherwise arrange for applicants to self-report, at least, demographic 
information (namely minority-owned business status and women-owned 
business status as well as the race, sex, and ethnicity of principal 
owners) directly to the Bureau or to a third-party that maintains a 
database of such information.
    Some SERs were concerned that, if notified of their right to 
refuse, applicants may not provide protected demographic information, 
thus limiting the usefulness of 1071 data. One SER and several other 
commenters similarly agreed with the Bureau's proposal under 
consideration to limit the right to refuse to applicants' protected 
demographic information only. However, three commenters opined that the 
Bureau's approach was too limited and that the right to refuse should 
apply to small business status as well as other data points. Several 
SERs requested that the Bureau provide sample language for use in any 
disclosure and collection forms in which an applicant's right to refuse 
is stated, so that applicants understand why lenders are requesting 
protected demographic information and how the information will be used. 
Two SERs asked that the Bureau provide sample language in English as 
well as in other languages, such as Spanish.
    One trade association requested that reporting of a principal 
owner's race, sex, and ethnicity not be required in certain situations, 
such as when a principal owner is a trust or another entity.
    Some SERs and other commenters requested that the Bureau develop a 
form to assist financial institutions with collecting the race, sex, 
and ethnicity of principal owners. One SER suggested developing a 
sample data collection form similar to the one used for HMDA data 
collection and including the same disclosures. One commenter noted that 
the use of a model form may increase the uniformity and consistency of 
reporting such demographic information. Another commenter suggested 
that any model form should include an explanation of why the financial 
institution is requesting the information and a statement of the 
applicant's right to refuse to provide the information.\656\
---------------------------------------------------------------------------

    \656\ For additional information related to SBREFA feedback on 
the right to refuse, see the section-by-section analyses of proposed 
Sec.  1002.107(a)(18) and (19) above.
---------------------------------------------------------------------------

    The SBREFA Panel recommended that, in order to assist both small 
financial institutions and small business applicants, the Bureau 
consider creating sample data collection forms that, to the extent 
possible, simply and clearly explain the information being requested 
for purposes of this data point. The Panel also recommended that the 
Bureau additionally consider providing such sample data collection 
forms in other languages, such as Spanish.\657\
---------------------------------------------------------------------------

    \657\ SBREFA Panel Report at 46.
---------------------------------------------------------------------------

Proposed Rule
    Proposed Sec.  1002.107(a)(20) would require financial institutions 
to collect and report the ethnicity, race, and sex \658\ of the 
applicant's principal owners as well as whether this information is 
being reported based on previously collected data pursuant to proposed 
Sec.  1002.107(c)(2). It would also require financial institutions to 
report whether the ethnicity and race are being reported by the 
financial institution on the basis of visual observation or surname. 
Proposed Sec.  1002.107(a)(20) would require financial institutions to 
collect and report ethnicity, race, and sex data as prescribed in 
proposed appendix G. Proposed appendix G would include a requirement 
that a financial institution inform an applicant that the applicant is 
not required to respond to the financial institution's questions 
regarding its principal owners' ethnicity, race or sex and would also 
include a prohibition on financial institutions requiring applicants to 
provide this information. Proposed Sec.  1002.107(a)(20) would also 
require that when the financial institution requests ethnicity, race, 
and sex information from an applicant, the financial institution inform 
the applicant that the financial institution cannot discriminate on the 
basis of a principal owner's ethnicity, race, or sex, or on whether the 
applicant provides this information. Consistent with the SBREFA Panel's 
recommendation, the Bureau is proposing a sample data collection form 
that financial institutions could use to collect ethnicity, race, and 
sex information. See proposed appendix E.
---------------------------------------------------------------------------

    \658\ While ECOA section 704B(e)(2)(G) uses ``race, sex, and 
ethnicity,'' the Bureau has reordered them to ``ethnicity, race, and 
sex'' for purposes of this proposal, so that they appear 
alphabetically and for consistency with how they appear in 
Regulation C.
---------------------------------------------------------------------------

Proposed Rule--Collecting Ethnicity, Race, and Sex, In General
    Proposed comment 107(a)(20)-1 would clarify how a financial 
institution collects ethnicity, race, and sex information. It would 
state that unless a financial institution is permitted to report 
ethnicity, race, and sex information based on previously collected data 
pursuant to proposed Sec.  1002.107(c)(2), a financial institution must 
ask an applicant to report its principal owners' ethnicity, race, and 
sex for each covered application and that the financial institution 
must permit an applicant to refuse to answer the financial 
institution's inquiry. It would require financial institutions to 
inform the applicant that it is not required to provide the 
information. Proposed comment 107(a)(20)-1 would further clarify that 
the financial institution must report the applicant's responses, its 
refusal to answer the inquiries, or its failure to respond to the 
inquiries, and explain that in certain situations, discussed in 
proposed comments 107(a)(20)-7 and -8 and in appendix G, a financial 
institution may also be required to report one or more principal 
owners' ethnicity and race (but not sex) based on visual observation 
and/or surname. Proposed comment 107(a)(20)-1 would cross-reference 
proposed appendix G for additional instructions.
    Proposed comment 107(a)(20)-2 would explain that a financial 
institution must inform the applicant that the financial institution 
shall not discriminate on the basis of a principal owner's ethnicity, 
race, or sex or on whether the applicant provides that information. It 
would also clarify that a financial institution may combine this non-
discrimination notice with the similar non-discrimination notices that 
a financial institution would be required to provide when requesting 
minority-owned business status and women-owned business status if a 
financial institution requests minority-owned business status, women-
owned business status, and/or a principal owner's ethnicity, race, and 
sex in the same data collection form or at the same time.

[[Page 56478]]

    Proposed comment 107(a)(20)-3 would explain how, pursuant to 
proposed Sec.  1002.111(b), financial institutions must record 
applicants' responses regarding a principal owner's ethnicity, race, 
and sex pursuant to Sec.  1002.107(a)(20) separate from the application 
and accompanying information. This proposed comment would also provide 
examples of how responses could be recorded separately from the 
application and accompanying information.
    Proposed comment 107(a)(20)-4 would clarify that a financial 
institution would be required to maintain procedures reasonably 
designed to collect applicant-provided information, including the 
ethnicity, race, and sex of an applicant's principal owners pursuant to 
proposed Sec.  1002.107(c)(1). However, if a financial institution is 
nonetheless unable to collect the principal owners' ethnicity, race, or 
sex from the applicant and if the financial institution is not required 
to report the principal owners' ethnicity and race based on visual 
observation and/or surname, the financial institution would report that 
the principal owner's ethnicity, race, or sex (as applicable) is ``not 
provided by applicant.''
    Proposed comment 107(a)(20)-12 would clarify that a financial 
institution would neither be required nor permitted to verify the 
ethnicity, race, or sex information that the applicant provides for 
purposes of proposed Sec.  1002.107(a)(20), even if the financial 
institution verifies or otherwise obtains the ethnicity, race, or sex 
of the applicant's principal owners for other purposes. Thus, for 
example, under the principle articulated in proposed comment 
107(a)(20)-12, a financial institution could not second guess an 
applicant's decision to provide sex information for the applicant's 
principal owners for purposes of Sec.  1002.107(a)(20) based on the 
gender identity of the principal owners. The Bureau solicits comment on 
whether it would be useful to expressly codify this application of the 
principle in the commentary.
    Additionally, the proposed comment would explain that, if an 
applicant refuses to respond to the inquiry pursuant to proposed Sec.  
1002.107(a)(20) or fails to respond to this inquiry, the financial 
institution would report that the applicant declined to provide the 
information or did not respond to the inquiry (as applicable), unless 
the financial institution is required to report ethnicity and race 
based on visual observation and/or surname. Finally, the proposed 
comment would explain that the financial institution does not report 
ethnicity, race, or sex pursuant to proposed Sec.  1002.107(a)(20) 
based on information that the financial institution collects for other 
purposes.
    Proposed comment 107(a)(20)-5 would explain that generally an 
applicant determines its principal owners and decides whether to 
provide information about principal owners. It would further state 
that, nonetheless, a financial institution may be required to report 
ethnicity and race information based on visual observation and/or 
surname and may need to determine if a natural person with whom the 
financial institution meets in person is a principal owner. It would 
explain how a financial institution determines who is a principal owner 
in the event that the financial institution may be required to report 
ethnicity and race information based on visual observation and/or 
surname. It would also provide examples of how the financial 
institution can make that determination and note that the financial 
institution is not required to verify any responses regarding whether a 
natural person is a principal owner.
    The Bureau seeks comment on these general aspects of collecting and 
reporting principal owners' ethnicity, race, and sex, including 
comments on the challenges that financial institutions may have 
implementing them.
Proposed Rule--Collecting Ethnicity and Race Using Aggregate Categories 
and Disaggregated Subcategories
    The Bureau is proposing that financial institutions request 
principal owners' ethnicity and race using both aggregate categories as 
well as disaggregated subcategories.
    With respect to ethnicity data collection, the Bureau is proposing 
to use the same aggregate categories (i.e., Hispanic or Latino and Not 
Hispanic or Latino) and disaggregated subcategories as are used in 
Regulation C. With respect to race data collection, the Bureau is 
proposing to use the same aggregate categories as are used in 
Regulation C: American Indian or Alaska Native; Asian; Black or African 
American; Native Hawaiian or Other Pacific Islander; and White. 
Regulation C also has disaggregated subcategories for the Asian race 
category and the Native Hawaiian or Other Pacific Islander race 
category. In addition, with respect to the American Indian or Alaska 
Native race category, Regulation C invites an applicant to provide the 
name of a principal or enrolled tribe. Similar to HMDA, the Bureau is 
proposing to invite an applicant to provide the name of a principal or 
enrolled tribe for each principal owner with respect to the Indian or 
Alaska Native race category and to adopt the disaggregated 
subcategories used in HMDA for the Asian race category and the Native 
Hawaiian and Other Pacific Islander race category. In addition, the 
Bureau is proposing to add disaggregated subcategories for the Black or 
African American race category, which are not used when collecting data 
pursuant to Regulation C.
    OMB has issued standards for the classification of Federal data on 
ethnicity and race.\659\ OMB's government-wide standards provide a 
minimum standard for maintaining, collecting, and presenting data on 
race and ethnicity for all Federal reporting purposes. These standards 
have been developed to provide ``a common language for uniformity and 
comparability in the collection and use of data on race and ethnicity 
by Federal agencies.'' \660\[thinsp]The OMB standards provide the 
following minimum categories for data on ethnicity and race: Two 
minimum ethnicity categories (Hispanic or Latino; Not Hispanic or 
Latino) and five minimum race categories (American Indian or Alaska 
Native; Asian; Black or African American; Native Hawaiian or Other 
Pacific Islander; and White). The aggregate categories for ethnicity 
and race in Regulation C, which the Bureau is proposing to use in 
subpart B, conform to the OMB standards.
---------------------------------------------------------------------------

    \659\ Off. of Mgmt. & Budget, Revisions to the Standards for the 
Classification of Federal Data on Race and Ethnicity, 62 FR 58782, 
58782-90 (Oct. 30, 1997) (OMB Federal Data Standards on Race and 
Ethnicity).
    \660\ See id.
---------------------------------------------------------------------------

    In addition to the minimum data categories for ethnicity and race, 
the OMB Federal Data Standards on Race and Ethnicity provide additional 
key principles. First, self-identification is the preferred means of 
obtaining information about an individual's ethnicity and race, except 
in instances where observer identification is more practical.\661\ 
Second, the collection of greater detail is encouraged as long as any 
collection that uses more detail is organized in such a way that the 
additional detail can be aggregated into the minimum aggregate 
categories for data on ethnicity and race. More detailed reporting, 
which can be aggregated to the minimum categories, may be used at the 
agencies' discretion. Lastly, Federal agencies must produce as much 
detailed information on ethnicity and race as possible; however, 
Federal agencies shall not present data on detailed categories if doing 
so would

[[Page 56479]]

compromise data quality or confidentiality standards.\662\
---------------------------------------------------------------------------

    \661\ See id.
    \662\ See id.
---------------------------------------------------------------------------

    Although OMB received comments requesting the creation of a 
separate Arab or Middle Eastern ethnicity category prior to the 
adoption of the OMB Federal Data Standards on Race and Ethnicity in 
1997, OMB accepted the Interagency Committee's recommendation not to 
include one in the 1997 minimum standards for reporting of Federal data 
on race and ethnicity. OMB noted that while it was adopting the 
Interagency Committee's recommendation, it believed additional research 
was needed to determine the best way to improve data on this population 
group.\663\
---------------------------------------------------------------------------

    \663\ 62 FR 58782 (Oct. 30, 1997).
---------------------------------------------------------------------------

    In 2017, OMB requested comment on the Federal Interagency Working 
Group for Research on Race and Ethnicity's (Working Group's) proposals 
to update the OMB Federal Data Standards on Race and Ethnicity.\664\ 
The Working Group proposed adding a Middle Eastern or North African 
classification to the Federal Data Standards on Race and Ethnicity and 
to issue specific guidelines for the collection of detailed data for 
American Indian or Alaska Native, Asian, Black or African American, 
Hispanic or Latino, Native Hawaiian or Other Pacific Islander, and 
White groups.\665\ The Working Group also considered whether race and 
ethnicity should be collected using separate questions versus a 
combined question.
---------------------------------------------------------------------------

    \664\ 82 FR 12242 (Mar. 1, 2017).
    \665\ See OMB Federal Data Standards on Race and Ethnicity.
---------------------------------------------------------------------------

    In considering what to propose that financial institutions collect 
and report with respect to the ethnicity and race of the applicant's 
principal owners, the Bureau believes it is also important to consider 
the data standards that the U.S. Census Bureau (Census Bureau) uses in 
the Decennial Census. The definition of Hispanic or Latino origin used 
in the 2010 and 2020 Census questionnaire refers to a person of Cuban, 
Mexican, Puerto Rican, South or Central American, or other Spanish 
culture or origin regardless of race.\666\ The 2010 and 2020 Census 
disaggregated the Hispanic or Latino ethnicity into four categories 
(Mexican, Mexican American, or Chicano; Puerto Rican; Cuban; and 
Another Hispanic, Latino or Spanish origin) and included an area where 
respondents could provide (i.e., write in) a specific Hispanic, Latino, 
or Spanish origin group as additional information.\667\
---------------------------------------------------------------------------

    \666\ See U.S. Census Bureau, 2010 Official Questionnaire, 
https://www.census.gov/history/pdf/2010questionnaire.pdf (2010 
Census Official Questionnaire), and U.S. Census Bureau, 2020 
Official Questionnaire, https://www2.census.gov/programs-surveys/decennial/2020/technical-documentation/questionnaires-and-instructions/questionnaires/2020-informational-questionnaire.pdf 
(2020 Census Official Questionnaire).
    \667\ See 2010 Census Official Questionnaire and 2020 Census 
Official Questionnaire.
---------------------------------------------------------------------------

    The 2010 and 2020 Census questionnaires listed three of OMB's five 
aggregate race categories (American Indian or Alaska Native; Black or 
African American; and White). Although the questionnaires do not list 
the aggregate race categories for Asian or for Native Hawaiian or Other 
Pacific Islander, they do list the related disaggregated subcategories 
for the Asian race category (i.e., Asian Indian, Chinese, Filipino, 
Japanese, Korean, Vietnamese, Other Asian), and for the Native Hawaiian 
and Other Pacific Islander race category (i.e., Native Hawaiian, 
Chamorro,\668\ Samoan, Other Pacific Islander). These questionnaires 
also included three areas where respondents could write in a specific 
race: A specific Other Asian race, a specific Other Pacific Islander 
race, or the name of an enrolled or principal tribe in the American 
Indian or Alaska Native category.\669\ Additionally, the 2020 Census 
allowed respondents to write in a specific origin for the White 
category and for the Black or African American category. For 
respondents who did not identify with any of the five minimum OMB race 
categories, the Census Bureau included a sixth race category--Some 
Other Race--on the 2010 and 2020 Census questionnaires. Respondents 
could also select one or more race categories and write-in 
options.\670\
---------------------------------------------------------------------------

    \668\ The questionnaire for the 2010 Census included ``Guamanian 
or Chamorro,'' but the questionnaire for the 2020 Census included 
only ``Chamorro.''
    \669\ See 2010 Census Official Questionnaire and 2020 Census 
Official Questionnaire.
    \670\ See id.
---------------------------------------------------------------------------

    On February 28, 2017, the Census Bureau released its 2015 National 
Content Test: Race and Ethnicity Analysis Report. The National Content 
Test (NCT) provided the U.S. Census Bureau with empirical research to 
contribute to the planning for the content of the 2020 Census' race/
ethnicity questions. The report presented findings to the Census Bureau 
Director and executive staff on research conducted to assess optimal 
design elements that could be used in question(s) on race and 
ethnicity. It noted that Americans view ``race'' and ``ethnicity'' 
differently than in decades past and that a growing number of people 
find the current race and ethnicity categories confusing, or they wish 
to see their own specific group reflected on the Census questionnaire. 
The NCT's research found that there have been a growing number of 
people who do not identify with any of the official OMB race 
categories, and that an increasing number of respondents have been 
racially classified as ``Some Other Race.'' This was primarily because 
of reporting by Hispanics who did not identify with any of the OMB race 
categories, but it also noted that segments of other populations, such 
as Afro-Caribbean and Middle Eastern or North African populations, did 
not identify with any of the OMB race categories.\671\ The 2015 
National Content Test: Race and Ethnicity Analysis Report concluded 
that optimal design elements that may increase reporting, decrease item 
non-response, and improve data accuracy and reliability include: (1) A 
combined race and ethnicity question with detailed checkbox options; 
(2) a separate ``Middle Eastern or North African'' response category; 
and (3) instructions to ``Mark all that apply'' or ``Select all that 
apply'' (instead of ``Mark [X] one or more boxes'').\672\
---------------------------------------------------------------------------

    \671\ U.S. Census Bureau, 2015 National Content Test: Race and 
Ethnicity Analysis Report, Executive Summary, at ix (Feb. 28, 2017), 
https://www2.census.gov/programs-surveys/decennial/2020/program-management/final-analysis-reports/2015nct-race-ethnicity-analysis.pdf.
    \672\ Id. at 83-85.
---------------------------------------------------------------------------

    As discussed above, the Census Bureau did not ultimately 
incorporate these design elements into the questionnaire for the 2020 
Decennial Census. Instead, the questionnaire continued to ask about 
ethnicity and race in two separate questions. While the questionnaire 
did not provide detailed check box options for the White race category 
or for the Black or African American race category, the questionnaire 
did add write-in options and noted examples. For White, it noted 
examples of German, Irish, English, Italian, Lebanese, and Egyptian. 
For Black or African American, it noted examples of African American, 
Jamaican, Haitian, Nigerian, Ethiopian, and Somali.\673\ Nonetheless, 
as discussed below, the Bureau is requesting comment on whether the 
approach and design elements set forth in the 2015 National Content 
Test: Race and Ethnicity Report Analysis (whether in whole or in part) 
would improve data collection that otherwise furthers section 1071's 
purposes, improve self-identification of race and ethnicity by 
applicants and response rates, or impose

[[Page 56480]]

burdens on financial institutions collecting and reporting this 
information.
---------------------------------------------------------------------------

    \673\ See 2020 Census Official Questionnaire.
---------------------------------------------------------------------------

    Consistent with its approach during the SBREFA process, the Bureau 
is proposing that financial institutions must permit applicants to 
provide a principal owner's ethnicity and race using the aggregate 
categories used for HMDA data collection. The Bureau also believes that 
aligning the aggregate ethnicity and race categories for 1071 data 
collection with the HMDA data collection will promote consistency and 
may reduce potential confusion for applicants, financial institutions, 
and other users of the data. As noted above, the feedback received on 
the SBREFA Outline generally showed that SERs and commenters favored 
such consistency.
    However, the Bureau is also proposing that applicants must be 
permitted to provide a principal owner's ethnicity and race using the 
disaggregated subcategories used in HMDA data collection. With respect 
to ethnicity data collection, the Bureau is proposing that applicants 
must be permitted to provide a principal owner's ethnicity using the 
disaggregated subcategories used in HMDA data collection. For race data 
collection, the Bureau is proposing that applicants must be permitted 
to provide a principal owner's race using the disaggregated 
subcategories for the Asian race category and the Native Hawaiian or 
Other Pacific Islander race category. Unlike HMDA, the Bureau is also 
proposing that applicants must be permitted to provide a principal 
owner's race using disaggregated subcategories for the Black or African 
American race category. Lastly, similar to HMDA, the Bureau is 
proposing to invite an applicant to provide the name of a principal or 
enrolled tribe for each principal owner with respect to the American 
Indian or Alaska Native race category.
    This portion of proposed Sec.  1002.107(a)(20) differs from the 
Bureau's SBREFA approach. The Bureau is proposing use of disaggregated 
subcategories for 1071 data collection, in part, for consistency with 
existing HMDA reporting requirements. Moreover, based on feedback 
received during the SBREFA process from SERs and other stakeholders, 
the Bureau believes that collection and reporting using disaggregated 
subcategories could be beneficial when attempting to identify potential 
discrimination or business and community development needs in 
particular communities. While the Bureau recognizes that disaggregated 
data may not be useful in analyzing potential discrimination where 
financial institutions do not have a sufficient number of applicants or 
borrowers within particular subgroups to permit reliable assessments of 
whether unlawful discrimination may have occurred, disaggregated data 
on ethnicity and race may help identify potentially discriminatory 
lending patterns in situations in which the numbers are sufficient to 
permit such fair lending assessments. Additionally, as suggested in the 
2015 National Content Test: Race and Ethnicity Report Analysis, the use 
of disaggregated subcategories may increase response rates.
    Nonetheless, the Bureau acknowledges the concerns that some SERs 
and other stakeholders raised regarding the collection and reporting of 
disaggregated data. In particular, the Bureau understands that 
including the disaggregated subcategories for four principal owners may 
make data collection more difficult in certain situations, such as for 
applications taken solely by telephone or for paper applications taken 
at retail locations. Given these concerns, the Bureau seeks comment on 
whether an accommodation should be made for certain application 
scenarios, for example by permitting financial institutions to collect 
ethnicity and race information using only the aggregate categories or 
to permit financial institutions to collect ethnicity, race, and sex 
information on only one principal owner in those scenarios. 
Additionally, the Bureau notes that FinCEN's CDD rule excludes from 
certain of its requirements point-of-sale transactions for the purchase 
of retail goods or services up to a limit of $50,000.\674\ For the 
reasons discussed in more detail in the section-by-section analysis of 
proposed Sec.  1002.107(c)(1) below, the Bureau is not proposing to 
take this approach for the 1071 rule given the different purposes and 
requirements of the CDD rule (as well as FinCEN's related customer 
identification program (CIP) rule) \675\ and section 1071. Nonetheless, 
the Bureau seeks comment on whether covered applications taken at 
retail locations, such as credit cards and lines of credit with a 
credit limit under a specified amount (such as $50,000), should be 
excepted from some or all of the requirement to obtain principal 
owners' ethnicity, race, and sex information. For example, should 
financial institutions only be required to ask about principal owners' 
sex along with aggregate race and ethnicity categories (but not 
disaggregated subcategories), or to ask about only one principal 
owner's ethnicity, race, and sex for such applications?
---------------------------------------------------------------------------

    \674\ 31 CFR 1010.230(h)(1)(i). The CDD exclusion for certain 
POS transactions is based on the ``very low risk posed by opening 
such accounts at [a] brick and mortar store.'' Fin. Crimes Enf't 
Network, U.S. Dep't of Treasury, Guidance: Frequently Asked 
Questions Regarding Customer Due Diligence Requirements for 
Financial Institutions, at Q 29 (Apr. 3, 2018), https://www.fincen.gov/sites/default/files/2018-04/FinCEN_Guidance_CDD_FAQ_FINAL_508_2.pdf.
    \675\ FinCEN's CIP rule does not include a point of sale 
exclusion. While the rule permits verification of customer identity 
information within a reasonable time after an account is opened, the 
collection of required customer information must occur prior to 
account opening. See 31 CFR 1020.220(a)(2)(i)(A) and (ii). For 
credit card accounts, a bank may obtain identifying information 
about a customer from a third-party source prior to extending credit 
to the customer. 31 CFR 1020.220(a)(2)(i)(C).
---------------------------------------------------------------------------

    The Bureau seeks comment on its proposed use of the HMDA aggregate 
categories, the HMDA disaggregated subcategories (including the ability 
to provide additional information if an applicant indicates that a 
principal owner is Other Hispanic or Latino, Other Asian, or Other 
Pacific Islander), and the addition of disaggregated subcategories for 
the Black or African American category. Additionally, the Bureau seeks 
comment regarding whether it would be helpful or appropriate to provide 
additional clarification or to pursue a different approach regarding 
the ability of a principal owner to identify as Other Hispanic or 
Latino, Other Asian, or Other Pacific Islander or to provide additional 
information if a principal owner is Other Hispanic or Latino, Other 
Asian, or Other Pacific Islander. The Bureau also seeks comment on 
whether any additional or different categories or subcategories should 
be used for 1071 data collection, and whether the collection and 
reporting of race and ethnicity should be combined into a single 
question for purposes of 1071 data collection and reporting. The Bureau 
further seeks comment on whether an additional category for Middle 
Eastern or North African should be added and, if so, how this category 
should be included and defined. In addition, the Bureau seeks comment 
on whether disaggregated subcategories should be added for the 
aggregate White category, and if so, what disaggregated subcategories 
should be added and whether the applicant should be permitted to write 
in or otherwise provide other disaggregated subcategories or additional 
information. The Bureau seeks comment on whether the approach and 
design elements set forth in the 2015 National Content Test: Race and 
Ethnicity Report Analysis

[[Page 56481]]

would improve data collection or otherwise further section 1071's 
purposes, as well as whether it would pose any particular burdens or 
challenges for financial institutions collecting and reporting this 
information. Finally, the Bureau seeks comment on whether, similar to 
data collection pursuant to Regulation C, financial institutions should 
be limited to reporting a specified number of aggregate categories and 
disaggregated subcategories and, if so, whether such a limitation 
should be described in the sample data collection form.
    Proposed comment 107(a)(20)-6 would explain that applicants must be 
permitted to provide a principal owner's ethnicity using aggregate 
categories and disaggregated subcategories and would also list the 
aggregate categories and disaggregated subcategories that applicants 
must be permitted to use. Proposed comment 107(a)(20)-6 would also 
explain that applicants must be permitted to select one, both, or none 
of the aggregate categories and as many disaggregated subcategories as 
the applicant chooses, even if the applicant does not select the 
corresponding aggregate category. Proposed comment 107(a)(20)-6 would 
state that, if an applicant provides ethnicity information for a 
principal owner, the financial institution reports all of the aggregate 
categories and disaggregated subcategories provided by the applicant, 
and it would provide an example. The proposed comment would state that 
a financial institution must also permit the applicant to refuse to 
provide ethnicity information for one or more principal owners and 
explain how a financial institution reports ethnicity information if an 
applicant declines to provide the information or fails to respond. 
Finally, the proposed comment would explain how a financial institution 
reports ethnicity information if an applicant has fewer than four 
principal owners, and it would provide an example.
    Proposed comment 107(a)(20)-7 would explain that applicants must be 
permitted to provide a principal owner's race using aggregate 
categories and disaggregated subcategories and would also list the 
aggregate categories and disaggregated subcategories that applicants 
must be permitted to use. Proposed comment 107(a)(20)-7 would also 
explain that applicants must be permitted to select one, more than one, 
or none of the aggregate categories and as many disaggregated 
subcategories as the applicant chooses, even if the applicant does not 
select the corresponding aggregate category. Proposed comment 
107(a)(20)-7 would explain that, if an applicant provides race 
information for a principal owner, the financial institution reports 
all of the aggregate categories and disaggregated subcategories 
provided by the applicant, and it would provide an example. The 
proposed comment would state that a financial institution must also 
permit the applicant to refuse to provide race information for one or 
more principal owners and explains how a financial institution reports 
race information if an applicant declines to provide the information or 
fails to respond. Finally, the proposed comment would explain how a 
financial institution reports race information if an applicant has 
fewer than four principal owners, and it would provide an example.
Proposed Rule--Collecting Sex
    Federal, State, and local government agencies have been moving to 
providing options for designating sex beyond the binary options of male 
or female. At the Federal level, for example, the Department of State 
has announced that it is planning to offer the option of a new gender 
marker for non-binary, intersex, and gender non-conforming persons. It 
will be available for passports and Consular Reports of Birth Abroad as 
an alternative to male or female.\676\ The Food and Drug Administration 
includes the gender options female, male, intersex, transgender, and 
``prefer not to disclose'' on certain patient forms.\677\ A number of 
States and the District of Columbia, as well as some local governments, 
offer an alternative sex or gender designation to male and female 
(e.g., ``X'') on government-issued documents and forms such as drivers' 
licenses and identification cards, and in some cases birth 
certificates.\678\
---------------------------------------------------------------------------

    \676\ See U.S. Dep't of State, Proposing Changes to the 
Department's Policies on Gender on U.S. Passports and Consular 
Reports of Birth Abroad (June 30, 2021), https://www.state.gov/proposing-changes-to-the-departments-policies-on-gender-on-u-s-passports-and-consular-reports-of-birth-abroad/ abroad/.
    \677\ See Food & Drug Admin., MedWatch forms FDA 3500 and 3500A 
(Sept. 12, 2018) (approved under OMB No. 0910-0291), https://www.fda.gov/media/76299/download and https://www.fda.gov/media/69876/download.
    \678\ See, e.g., Cal. S.B. 179, Gender identity: female, male or 
nonbinary (Oct. 16, 2017), https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=201720180SB179; State of California 
Dep't of Motor Vehicles, Driver's License or ID Card Updates, 
https://www.dmv.ca.gov/portal/driver-licenses-identification-cards/updating-information-on-your-driver-license-or-identification-dl-id-card/ (last visited July 23, 2021); Colo. Dep't of Revenue, Change 
of Sex Designation, https://drive.google.com/file/d/1PeYZd7U43ar6Flg8lFAT1Etg1EPdLVUy/view; State of Connecticut Dep't 
of Motor Vehicles, Gender Designation on a License or Identification 
Card, https://portal.ct.gov/-/media/DMV/20/29/B-385.pdf; District of 
Columbia Dep't of Motor Vehicles, Procedure For Establishing or 
Changing Gender Designation on a Driver License or Identification 
Card (June 13, 2017), https://dmv.dc.gov/sites/default/files/dc/sites/dmv/publication/attachments/DC%20DMV%20Form%20Gender%20Self-Designation%20English.pdf, DC Driver License or Identification Card 
Application (Jan. 2019), https://dmv.dc.gov/sites/default/files/dc/sites/dmv/publication/attachments/DMV%20BOE%20Application_2-25-19.pdf; Maine Bureau of Motor Vehicles, Gender Designation Form 
(Nov. 4, 2019), https://www1.maine.gov/sos/bmv/forms/GENDER%20DESIGNATION%20FORM.pdf; State of Nevada Dep't of Motor 
Vehicles, Name Changes, https://dmvnv.com/namechange.htm; State of 
New Jersey Dep't of Health, Off. of Vital Statistics and Registry, 
Request Form and Attestation (REG-L2) to Amend Sex Designation to 
Reflect Gender Identity on a Birth Certificate--Adult (Feb. 2019), 
https://www.nj.gov/health/forms/reg-l2_1.pdf; 2019 N.J. Sess. Law 
Serv. ch. 271; New Mexico Motor Vehicle Div., Request for Sex 
Designation Change, http://realfile.tax.newmexico.gov/mvd10237.pdf; 
New Mexico Dep't of Health, Request to Change Gender Designation on 
a Birth Certificate (Oct. 2019), https://www.nmhealth.org/publication/view/form/5429/; Virginia Dep't of Motor Vehicles, 
Driver's License and Identification Card Application (July 1, 2021), 
https://www.dmv.virginia.gov/webdoc/pdf/dl1p.pdf; Washington State 
Dep't of Licensing, Change of Gender Designation (Nov. 2019), 
https://www.dol.wa.gov/forms/520043.pdf; New York City Dep't of 
Homeless Services, Off. of Policy, Procedures and Training, 
Transgender, Non-binary, and Intersex Clients (July 15, 2019), 
https://www1.nyc.gov/assets/dhs/downloads/pdf/dhs_policy_on_serving_transgender_non_binary_and_intersex_clients.pdf
.
---------------------------------------------------------------------------

    The Supreme Court's opinion last year in Bostock v. Clayton County 
concluded that sex discrimination encompasses sexual orientation 
discrimination and gender identity discrimination, and that these forms 
of discrimination necessarily involve consideration of sex.\679\ It 
reached this conclusion in the context of Title VII of the Civil Rights 
Act of 1964, as amended,\680\ which prohibits sex discrimination in 
employment.\681\ Following the issuance of the Supreme Court's opinion 
and building on a 2016 letter the Bureau sent to an advocacy 
organization,\682\ the Bureau issued an interpretive rule clarifying 
that ECOA's and Regulation B's prohibition on discrimination based on 
sex protects against discrimination based on sexual orientation, gender 
identity, actual or perceived nonconformity with sex based or gender-
based stereotypes, and the sex of people associated with the 
applicant.\683\ Other Federal agencies have similarly clarified that 
other statutes that protect against

[[Page 56482]]

discrimination based on sex protect against discrimination based on 
sexual orientation and gender identity.\684\
---------------------------------------------------------------------------

    \679\ See Bostock, 140 S. Ct. 1731.
    \680\ 42 U.S.C. 2000e et seq.
    \681\ Bostock, 140 S. Ct. 1731.
    \682\ See Letter from Bureau of Consumer Fin. Prot., to Serv. & 
Advocacy for GLBT Elders (SAGE) (Aug. 30, 2016), https://files.consumerfinance.gov/f/documents/cfpb_sage-response-letter_2021-02.pdf.
    \683\ 86 FR 14363 (Mar. 16, 2021).
    \684\ See, e.g., 86 FR 32637 (June 22, 2021) (Department of 
Education interpreting Title IX of the Education Amendments of 
1972); 86 FR 27984 (May 25, 2021) (Department of Health and Human 
Services interpreting section 1557 of the Affordable Care Act); 
Memorandum from Jeanine M. Worden, Acting Assistant Secretary for 
Fair Housing and Equal Opportunity, Implementation of Executive 
Order 13988 on the Enforcement of the Fair Housing Act (Feb. 11, 
2021), https://www.hud.gov/sites/dfiles/PA/documents/HUD_Memo_EO13988.pdf (Department of Housing and Urban Development 
interpreting the Fair Housing Act).
---------------------------------------------------------------------------

    Some other Federal agencies have also begun to re-consider how they 
collect information on sex by including questions about sexual 
orientation and gender identity as part of questions about sex. For 
example, the Census Bureau released the Household Pulse Survey,\685\ 
which asked questions about sex assigned at birth, current gender 
identity, and sexual orientation. Specifically, the Household Pulse 
Survey includes the following three questions:
---------------------------------------------------------------------------

    \685\ U.S. Census Bureau, Phase 3.2 Household Pulse Survey 
(undated), http://www2.census.gov/programs-surveys/demo/technical-documentation/hhp/Phase_3.2_Household_Pulse_Survey_FINAL_ENGLISH.pdf.

    1. What sex were you assigned at birth, on your original birth 
certificate? (A respondent could provide a response of male or 
female.)
    2. Do you currently describe yourself as male, female or 
transgender? (A respondent also could provide a response of ``none 
of these.'')
    3. Which of the following best represents how you think of 
yourself?
    In response to the third question, a respondent would select 
from the following responses: (1) Gay or lesbian; (2) Straight, that 
is not gay or lesbian; (3) Bisexual; (4) Something else; or (5) I 
don't know.

    Other Federal agencies and initiatives have encouraged sexual 
orientation and gender identity data collection in health care 
settings.\686\
---------------------------------------------------------------------------

    \686\ See, e.g., Off. of Disease Prevention & Health Promotion, 
Healthy People (2020), https://www.healthypeople.gov/2020/topics-objectives/topic/lesbian-gay-bisexual-and-transgender-health; Off. 
of the Nat'l Coordinator of Health Info. Tech., 2021 
Interoperability Standards Advisory (2021), https://www.healthit.gov/isa/sites/isa/files/inline-files/2021-ISA-Reference-Edition.pdf; Ctrs. for Disease Control & Prevention, 
Collecting Sexual Orientation and Gender Identity Information (Apr. 
1, 2020), https://www.cdc.gov/hiv/clinicians/transforming-health/health-care-providers/collecting-sexual-orientation.html.
    Additionally, on April 1, 2021, the Department of Health and 
Human Services' Administration for Community Living (ACL) published 
a notice of its submission of a revised National Survey of Older 
Americans Act Participants for OMB review and clearance. ACL 
proposed to revise the existing survey to add a new rotating module 
on COVID-19. In response to an earlier notice related to the survey, 
ACL received a comment asking it to include survey response options 
that include ``transgender'' or ``other'' with a write-in option. In 
response to comments it received on an earlier notice, ACL indicated 
that it was supporting an ad hoc panel that would be reviewing 
measures and methodological issues related to measuring sex as a 
non-binary construct, gender identity, and sexual orientation. ACL 
indicated that it expected the panel to produce a consensus report 
in December 2021, and that ACL anticipated using the report as a 
basis for testing new survey questions. 86 FR 17153 (Apr. 1, 2021).
---------------------------------------------------------------------------

    In light of the Bureau's recent ECOA interpretive rule, the 
continued evolution of categories used for sex data collection purposes 
at the Federal, State, and local government levels, and feedback on the 
SBREFA Outline, the Bureau is proposing to collect information about 
sex for purposes of section 1071 more expansively than was under 
consideration in the SBREFA Outline. Specifically, the Bureau is 
proposing adding an option for ``I prefer to self-describe'' (with the 
ability of the applicant to write in or otherwise provide additional 
information) for the principal owner's sex to accompany the existing 
``male,'' ``female,'' and ``I do not wish to provide this information'' 
options currently used on the HMDA sample data collection form.
    Proposed comment 107(a)(20)-8 would explain that an applicant must 
be permitted to provide a principal owner's sex using one or more of 
the following categories: Male, Female, and/or that the principal owner 
prefers to self-describe their sex. It would further explain that, if 
an applicant indicates that a principal owner prefers to self-describe 
their sex, the financial institution would be required to permit the 
applicant to provide additional information about the principal owner's 
sex. The financial institution would report to the Bureau the 
additional information provided by the applicant as free-form text.
    Proposed comment 107(a)(20)-8 would state that a financial 
institution must permit an applicant to select as many categories as 
the applicant chooses and that the financial institution reports the 
category or categories selected by the applicant, including any 
additional information provided by the applicant, or reports that the 
applicant refused to provide the information or failed to respond. It 
would clarify that a financial institution is not permitted to report 
sex based on visual observation, surname, or any basis other than the 
applicant-provided information. Finally, proposed comment 107(a)(20)-8 
would explain how a financial institution would report sex if an 
applicant has fewer than four principal owners, provide an example, and 
direct financial institutions to proposed appendix G for additional 
information on collecting and reporting a principal owner's sex.
    The Bureau seeks comment on its proposed approach to requesting 
information about a principal owner's sex, including the opportunity 
for self-identification (by allowing the applicant to write in or 
otherwise provide additional information). The Bureau also seeks 
comment on whether the sample data collection form should list examples 
from which the applicant could choose when a principal owner self-
identifies and an applicant writes in or otherwise provides additional 
information about the principal owner's sex, such as ``intersex,'' 
``non-binary,'' or ``transgender.'' The Bureau also seeks comment on 
whether, alternatively, sex should be collected solely via the ``I 
prefer to self-describe'' option (with the ability to write in or 
otherwise provide additional information)--that is, without male and 
female being listed as options. The Bureau also seeks comment on 
whether applicants should be restricted from designating more than one 
category for a principal owner's sex (e.g., from selecting both 
``Female'' and ``I prefer to self-describe'').
    The Bureau also seeks comment on whether financial institutions 
should be required to ask separate questions regarding sex, sexual 
orientation, and gender identity and, if so, what categories should be 
offered for use in responding to each question. For example, the Bureau 
requests comment on whether the sample data collection form should 
include the three questions and related responses (described above) 
from the Pulse Household Survey questionnaire, or a check box for 
``Principal owner identifies as LGBTQ+'' with an accompanying space for 
providing additional information. The Bureau also seeks comment on 
whether it should adopt a data point to collect an applicant's lesbian, 
gay, bisexual, transgender, or queer plus (LGBTQ+)-owned business 
status, similar to the way it is proposing to collect minority-owned 
business status and women-owned business status as discussed in the 
section-by-section analysis of proposed Sec.  1002.107(a)(18) and (19) 
above. The Bureau also seeks comment on whether including such 
questions would improve data collection or otherwise further section 
1071's purposes, as well as whether it would pose any particular 
burdens or challenges for industry.
    In addition, to ensure that a financial institution's 
representation of nondiscrimination on the basis of sex information 
provided by the applicant is consistent with the protections afforded 
under ECOA and Regulation B, the Bureau seeks comment on whether 
ambiguity exists for any responses that

[[Page 56483]]

an applicant might reasonably use to self-describe a principal owner's 
sex for purposes of section 1071 (for example, intersex status) and if 
clarification may be needed.
    Finally, the Bureau also requests information on Federal, State, 
and local government initiatives, as well as private sector 
initiatives, involving the use of sex categories other than male and 
female and the inclusion of questions regarding sexual orientation and 
gender identity in demographic information.
Proposed Rule--Collecting Ethnicity and Race via Visual Observation or 
Surname in Certain Circumstances
    The Bureau is proposing that financial institutions be required to 
collect and report at least one principal owner's ethnicity and race 
based on visual observation and/or surname in certain circumstances. 
Specifically, a financial institution would be required to report at 
least one principal owner's ethnicity and race based on visual 
observation and/or surname if the financial institution meets in person 
with one or more of the applicant's principal owners and the applicant 
does not provide ethnicity, race, or sex information for at least one 
principal owner in response to the financial institution's inquiry 
pursuant to proposed Sec.  1002.107(a)(20).
    Although the Bureau indicated in the SBREFA Outline that it was not 
considering proposing that financial institutions report a principal 
owner's race, sex, and ethnicity based on visual observation and/or 
surname, the Bureau asked SERs to provide feedback about the potential 
challenges, costs, and benefits of implementing such a requirement for 
applicants who do not self-report the information. The Bureau also 
asked SERs to provide feedback about how those potential challenges and 
costs would change if reporting based on visual observation and/or 
surname was required only if the applicant is a sole proprietor but not 
if the applicant is an entity. Although many SERs and commenters 
opposed reporting ethnicity, race, or sex on the basis of visual 
observation and/or surname, some other commenters said that financial 
institutions should be required to report based on visual observation 
and/or surname in certain circumstances. Additionally, one SER 
specifically noted that the Bureau would need to account for lower 
self-reporting rates than are achieved for HMDA reporting. Consistent 
with this feedback, the Bureau notes that demographic response rates in 
the SBA's Paycheck Protection Program (PPP) data are much lower when 
compared to ethnicity, race, and sex response rates in HMDA data.\687\ 
For instance, roughly 71 percent of respondents in the PPP data did not 
provide a response for race, compared to only 14.7 percent in the HMDA 
data. Roughly 66 percent of respondents in the PPP data did not provide 
a response for ethnicity, compared to only 14.3 percent in the HMDA 
data.\688\
---------------------------------------------------------------------------

    \687\ Small Bus. Admin., Paycheck Protection Program Weekly 
Reports 2021, Version 11, at 9 (effective Apr. 5, 2021), https://www.sba.gov/sites/default/files/2021-04/PPP_Report_Public_210404-508.pdf. PPP data was taken from 2021 loans for which the collection 
form for principal owner demographics was included on the PPP 
application itself and, for most of that time, was featured on the 
first page of the application.
    \688\ Id.
---------------------------------------------------------------------------

    Without a visual observation and/or surname collection requirement, 
the Bureau believes that meaningful analysis of the 1071 principal 
owner race and ethnicity data could be difficult, significantly 
undermining section 1071's fair lending purpose. Comprehensive and 
accurate collection and reporting of data is also vital to section 
1071's business and community development purpose. Historically, one 
challenge under HMDA has been the reluctance of some applicants to 
voluntarily provide requested demographic information, such as race and 
ethnicity. The requirement in Regulation C to collect race, sex, and 
ethnicity on the basis of visual observation or surname is an important 
tool to address that challenge, and the Bureau believes that the 
requirement has resulted in more robust response rates in the HMDA 
data. The Bureau has considered the feedback in response to the SBREFA 
Outline and this related information and has determined that not 
proposing a requirement to report based on visual observation and/or 
surname could diminish the utility of the 1071 data.
    Accordingly, the Bureau has determined that the appropriate 
approach to further section 1071's purposes is to propose to require 
that financial institutions collect at least one principal owner's race 
and ethnicity (but not sex) on the basis of visual observation and/or 
surname when the applicant does not provide ethnicity, race or sex 
information for at least one principal owner and the financial 
institution meets in person with one or more principal owners. In other 
words, a financial institution would not be required to collect race 
and ethnicity via visual observation and/or surname if the applicant 
provides any demographic information regarding any principal owner. The 
Bureau is concerned that, for applicants with multiple principal 
owners, the financial institution may not be able to determine whether 
the applicant has provided the demographic information, for example the 
sex, of the principal owner who meets in person with the financial 
institution or for another principal owner. The Bureau seeks comment on 
this proposed approach. The Bureau also seeks comment on whether a 
financial institution should be required to collect a principal owner's 
ethnicity and/or race via visual observation and/or surname if the 
applicant has only one principal owner, the applicant does not provide 
the principal owner's information, and the financial institution meets 
in person with the principal owner. In this situation, the financial 
institution would be able to ``match'' any demographic information that 
the applicant provides with the correct the principal owner because 
there is only one principal owner.
    Proposed comment 107(a)(20)-9 would explain that a financial 
institution is required to report ethnicity and race (but not sex) 
based on visual observation and/or surname in certain circumstances. 
The proposed comment would explain that if a financial institution 
meets in person with one or more of an applicant's principal owners and 
the applicant does not provide ethnicity, race, or sex information for 
at least one principal owner, the financial institution must report at 
least one principal owner's ethnicity and race (but not sex) based on 
visual observation, surname, or a combination of both visual 
observation and surname. It would further explain that a financial 
institution is not required to report based on visual observation and/
or surname if the principal owner only meets in person with a third 
party through whom the applicant is submitting an application to the 
financial institution and would provide an example.
    Proposed comment 107(a)(20)-10 would clarify that a financial 
institution meets with a principal owner in person if an employee or 
officer of the financial institution or one of its affiliates has a 
meeting or discussion with the applicant's principal owner about an 
application and can visually observe the principal owner. The proposed 
comment would also provide examples of situations where the financial 
institution meets in person with a principal owner and where it does 
not. The Bureau requests comment on this approach and whether 
additional or different examples are necessary.
    Proposed comment 107(a)(20)-11 would clarify that a financial 
institution

[[Page 56484]]

uses only aggregate categories when reporting ethnicity and race based 
on visual observation and/or surname and would direct financial 
institutions to proposed appendix G for additional information on 
collecting and reporting ethnicity and race based on visual observation 
and/or surname. However, the Bureau requests comment on whether 
financial institutions should be permitted, but not required, to use 
the disaggregated subcategories (in addition to the required aggregate 
categories) when reporting race and ethnicity based on visual 
observation and/or surname.
    In addition to the specific matters identified above, the Bureau 
seeks comment on its proposed approach to this data point, the proposed 
methods of collecting and reporting the data, and requests comment on 
whether additional clarification regarding any aspect of this data 
point is needed.
107(a)(21) Number of Principal Owners
    ECOA section 704B(e)(2)(H) authorizes the Bureau to require 
financial institutions to compile and maintain ``any additional data 
that the Bureau determines would aid in fulfilling the purposes of 
[section 1071].'' The Bureau believes that collection of the number of 
principal owners of an applicant would aid in fulfilling the purposes 
of section 1071, as explained below.
    The Bureau did not address the number of principal owners as a 
potential data point under consideration in the SBREFA Outline, 
although it did seek feedback on several questions related to the 
number of applicants' principal owners.\689\ To facilitate collection 
of the ethnicity, race, and sex of applicants' principal owners 
pursuant to proposed Sec.  1002.107(a)(20), the Bureau is proposing 
that financial institutions collect and report the number of an 
applicant's principal owners.
---------------------------------------------------------------------------

    \689\ SBREFA Outline at 32-33.
---------------------------------------------------------------------------

    Section 1071 uses the term ``principal owner'' but does not define 
it. Proposed Sec.  1002.102(o) would define a principal owner as a 
natural person who directly owns 25 percent or more of the equity 
interests of a business. Thus, under this proposed definition, it is 
possible that an applicant would have no principal owners or between 
one and four principal owners.
    As explained in proposed comment 107(a)(21)-1, a financial 
institution would be able to collect an applicant's number of principal 
owners by requesting the number of principal owners from the applicant 
or by determining the number of principal owners from information 
provided by the applicant or that the financial institution otherwise 
obtains. If the financial institution asks the applicant to provide the 
number of its principal owners pursuant to proposed Sec.  
1002.107(a)(21), the financial institution must provide the definition 
of principal owner set forth in proposed Sec.  1002.102(o). If 
permitted pursuant to proposed Sec.  1002.107(c)(2), a financial 
institution could report an applicant's number of principal owners 
based on previously collected data.
    The Bureau believes that an applicant is likely to know how many 
principal owners it has and should not have significant difficulties or 
objections to providing this basic piece of information. Moreover, the 
Bureau understands that financial institutions are already obtaining 
information about principal owners. Further, this additional 
information would aid in fulfilling the purposes of section 1071 as it 
may provide necessary context for other data points. For example, if an 
applicant reports the ethnicity, race, and sex for one principal owner, 
having the total number of principal owners would permit the Bureau and 
other data users to know whether that owner's demographics represents 
the demographics of the entirety of the applicant's principal ownership 
or merely one quarter of it. This information would help data users in 
fulfilling both the fair lending and business and community development 
purposes of section 1071.
    Proposed comment 107(a)(21)-2 would clarify the relationship 
between the proposed requirement to collect and report the number of 
principal owners in proposed Sec.  1002.107(a)(21) with the proposed 
requirement to report verified information in proposed Sec.  
1002.107(b). The proposed comment would state that the financial 
institution may rely on an applicant's statements in collecting and 
reporting the number of the applicant's principal owners. The financial 
institution would not be required to verify the number of principal 
owners provided by the applicant, but if the financial institution 
verifies the number of principal owners, then the financial institution 
would be required to report the verified number of principal owners.
    Proposed comment 107(a)(21)-3 would state that pursuant to proposed 
Sec.  1002.107(c)(1), a financial institution is required to maintain 
procedures reasonably designed to collect applicant-provided 
information, which includes the applicant's number of principal owners. 
However, if a financial institution is nonetheless unable to collect or 
determine the number of principal owners of the applicant, the 
financial institution would report that the number of principal owners 
is ``not provided by applicant and otherwise undetermined.''
    The Bureau seeks comment on its proposed approach to this data 
point. The Bureau also seeks comment on whether the Bureau should 
instead, or additionally, require collection and reporting of similar 
information about owners (rather than principal owners). For example, 
should the Bureau require that financial institutions collect and 
report the number of owners that an applicant has that are not natural 
persons, in order to obtain a more complete picture of the applicant's 
ownership structure?
107(b) Verification of Applicant-Provided Information
    ECOA section 704B(e)(1) provides that ``[e]ach financial 
institution shall compile and maintain, in accordance with regulations 
of the Bureau, a record of the information provided by any loan 
applicant pursuant to a request under [section 704B(b)].'' \690\ 
Section 1071 does not impose any requirement for a financial 
institution to verify the information provided by an applicant.
---------------------------------------------------------------------------

    \690\ ECOA section 704B(e)(1).
---------------------------------------------------------------------------

    In the SBREFA Outline, the Bureau did not include a general 
statement about the issue of verification of applicant-provided data 
points. For certain data points such as time in business, however, the 
Outline did explain that the Bureau was considering proposing that if 
the financial institution did not verify the information provided by 
the applicant, the financial institution would report the information 
provided by the applicant. If the financial institution did verify the 
information provided by the applicant, the Outline explained that the 
financial institution would report the verified information. The 
Outline did not state that the Bureau was considering proposing that a 
financial institution would be required to verify any of the applicant-
provided data points.
    As explained in the section-by-section analysis of proposed Sec.  
1002.107(a) above, a number of SERs urged the Bureau to require 
collection and reporting of a number of data points based only on 
information as provided by the applicant.\691\ No SERs stated that they 
thought verification should be generally required. The industry 
stakeholders who commented on this issue asked that the Bureau not 
require

[[Page 56485]]

verification of applicant-provided information. The Bureau did not 
receive any comments on this issue from community group stakeholders.
---------------------------------------------------------------------------

    \691\ SBREFA Panel Report at 26.
---------------------------------------------------------------------------

    The Bureau is proposing in Sec.  1002.107(b) that unless otherwise 
provided in subpart B, the financial institution would be able to rely 
on statements of the applicant when compiling data unless it verifies 
the information provided, in which case it would be required to collect 
and report the verified information. Proposed comment 107(b)-1 would 
explain that a financial institution may rely on statements made by an 
applicant (whether made in writing or orally) or information provided 
by an applicant when compiling and reporting data pursuant to the 1071 
rule for applicant-provided data; the financial institution would not 
be required to verify those statements. Proposed comment 107(b)-1 would 
further explain, however, that if the financial institution does verify 
applicant statements for its own business purposes, such as statements 
relating to gross annual revenue or time in business, the financial 
institution would report the verified information. The comment would go 
on to explain that, depending on the circumstances and the financial 
institution's procedures, certain applicant-provided data could be 
collected without a specific request from the applicant. For example, 
gross annual revenue could be collected from tax return documents. In 
addition, the proposed comment would make clear that applicant-provided 
data are the data that are or could be provided by the applicant, 
including those in proposed Sec.  1002.107(a)(5) through (7), and (13) 
through (21). Finally, proposed comment 107(b)-1 would provide a cross 
reference to proposed comment 107(c)(2)-3, which would discuss the 
possible reuse of certain previously collected data.
    The Bureau believes that requiring verification of applicant-
provided data points would greatly increase the operational burden of 
the 1071 rule, and that relying on applicant-provided data would ensure 
sufficient accuracy to carry out the purposes of section 1071. As 
discussed above, section 1071 does not speak to verification; rather it 
refers only to compiling and maintaining a record of certain 
information provided by an applicant. However, the Bureau believes that 
requiring financial institutions to collect and report (for the 1071 
rule) information that they have already verified would not add 
operational difficulty, and would enhance the accuracy and usefulness 
of the data, thereby furthering the purposes of section 1071. The 
Bureau is implementing this requirement pursuant to its authority under 
ECOA section 704B(g)(1) to prescribe rules in order to carry out, 
enforce, and compile data pursuant to section 1071, and as an 
interpretation of the statutory phrase ``compile and maintain'' in ECOA 
section 704B(e)(1). In the Bureau's view, the verification that the 
financial institution chooses to carry out is part of compiling and 
maintaining the information provided by the applicant, and this 
requirement will improve the quality and usefulness of the resulting 
1071 data set.
    As discussed above, many SERs and other stakeholders opposed the 
inclusion of a verification requirement, and the Bureau has taken their 
input into account when crafting this proposed provision.
    The Bureau seeks comment on its proposed approach to verification 
of the 1071 data points, including the specific guidance that would be 
presented in comment 107(b)-1. The Bureau also seeks comment on whether 
financial institutions should be required to indicate whether 
particular data points being reported have been verified or not.
107(c) Time and Manner of Collection
107(c)(1) In General
Background
    Although the definition of ``application'' triggers a financial 
institution's duty to collect 1071 data, the application definition 
does not necessarily govern when that data must be collected. The 
language and structure of section 1071--which applies to 
``applications'' from ``applicants''--indicates that the data must be 
collected sometime during the application process, but does not provide 
further detail.\692\
---------------------------------------------------------------------------

    \692\ See, e.g., ECOA section 704B(b) (``[I]n the case of any 
application to a financial institution . . . .'') and 704B(c) (``Any 
applicant . . . may refuse to provide any information requested . . 
. .'') (emphases added)).
---------------------------------------------------------------------------

    Financial institutions have expressed concern about when applicant-
provided data must be collected, and particularly the timing of 
collecting applicants' protected demographic information (that is, 
whether the applicant is a minority-owned business or a women-owned 
business, and the ethnicity, race, and sex of the applicant's principal 
owners, pursuant to proposed Sec.  1002.107(a)(18) through (20)). 
Collecting this protected demographic information from applicants for 
purposes of section 1071 has been a particular concern for financial 
institutions, as financial institutions currently are generally 
prohibited from collecting such information except in narrow 
circumstances.\693\ As such, its required collection under section 1071 
will be a departure from current practice for most financial 
institutions.
---------------------------------------------------------------------------

    \693\ See Sec.  1002.5(b).
---------------------------------------------------------------------------

SBREFA Proposal Under Consideration and Feedback Received
    In the SBREFA Outline, the Bureau stated that it was not currently 
considering specifying a particular time period in which financial 
institutions must seek to collect 1071 data from applicants.\694\ It 
also conveyed that it was seeking to provide financial institutions 
discretion and flexibility to time their 1071 data collection at a 
point during the application process that works best for their 
processes and relationships with applicants and to avoid unnecessary 
costs, while still fulfilling section 1071's purposes. The Bureau also 
noted that it had considered possible alternatives of requiring 
financial institutions to collect 1071 data within or by a specified 
time period, such as simultaneous with the triggering of an 
``application,'' before obtaining a ``completed application,'' or 
before notifying the applicant of action taken.
---------------------------------------------------------------------------

    \694\ SBREFA Outline at 35-36.
---------------------------------------------------------------------------

    Most SERs that addressed the issue of timing for data collection 
indicated that they plan to collect 1071 data, and particularly 
applicants' protected demographic information (as would be required 
under proposed Sec.  1002.107(a)(18) through (20)), early in the 
application process and likely at the time an application is initially 
being submitted.\695\ These SERs felt that the longer they wait to 
request 1071 data, the more difficult or infeasible it will be to 
gather the information from applicants. Another SER urged the Bureau to 
give financial institutions flexibility to explore optimal timing for 
collection of 1071-required protected demographic information in order 
to maximize the response rate without discouraging applicants from 
pursuing the application. This SER suggested that protected demographic 
information should be collected during the application process, but 
before the application is considered complete. The SBREFA Panel 
recommended that the Bureau seek comment on whether it is necessary to 
specify a time period specifically for the collection of 1071-required 
protected demographic information, and if so, what would be the best 
period to designate.\696\
---------------------------------------------------------------------------

    \695\ SBREFA Panel Report at 32.
    \696\ Id. at 47.

---------------------------------------------------------------------------

[[Page 56486]]

    Nearly all industry stakeholders to comment on this issue supported 
the Bureau not specifying a time period, and instead giving financial 
institutions discretion to set their own optimal timing for the 
collection of applicant-provided 1071 data. The commenters noted that 
given the variety of products, financial institutions, and business 
models in small business lending, a one-size-fits-all approach would be 
unworkable and could disrupt financial institutions' processes. Some 
commenters also highlighted the complexity of small business lending 
applications and stated that flexible collection would provide greater 
simplicity, reduce burden, and allow for more accurate reporting, 
particularly where not all the data points are available at the time of 
collection. A few commenters sought flexibility due to concerns that if 
protected demographic information is collected early on in the process, 
an applicant would believe that information would be used to 
discriminate against them. One commenter suggested looking at FinCEN's 
customer due diligence rule, which allows for information collection at 
the time of closing. Although industry commenters generally favored 
flexibility, several stated they would likely collect 1071 data as 
early as possible in order to ensure data quality and collection. One 
stakeholder stated that applicant-provided data would be impossible to 
get if an application is withdrawn, incomplete, or denied before the 
required data are requested. Another industry commenter suggested the 
Bureau allow flexibility, but provide a safe harbor for financial 
institutions that collect applicant-provided data points on or with the 
application.
    Many of the commenters seeking flexibility stated that point-of-
sale (POS) applications would be particularly problematic with a rigid 
timing requirement. POS applications include those private label credit 
cards or other products offered through retailers in which the 
financial institution itself does not interact with the applicant at 
the time of application. POS applications are taken in a variety of 
different settings and locations, such as at the checkout line, online, 
or at customer service desks. Commenters urged that they would need 
additional flexibility for a POS application to request 1071 data, such 
as at some point reasonably following application submission. 
Commenters cited concerns about the accuracy and completeness of data 
collected in a POS application: Interactions are with retailer's 
employees who may not be able to answer questions about the data 
collection, interactions often take place in a public place (which may 
lead to erroneous answers or refusals to answer), and the person 
submitting a POS application may not have relevant knowledge to respond 
to the 1071-required questions, leading to delayed or abandoned 
applications. Commenters also expressed concern that reporting of POS 
applications would reflect the retailer's lending footprint, not the 
financial institution's, and so lead to incorrect assumptions about the 
financial institution's lending.
    A number of stakeholders, including community groups and several 
financial institutions, urged the Bureau to specify a time period for 
the collection of 1071 data, stating that failure to do so would 
undermine the accuracy of the data. The commenters stated that complete 
flexibility would result in inconsistent and unreliable data since 
financial institutions would be collecting the data at different stages 
of the application process. The commenters stated that financial 
institutions that wait to collect the data would have difficulty 
obtaining applicant-provided information if the application was 
withdrawn, incomplete, or denied. The commenters also noted that 
discrimination is likely to occur in the early stages of the 
application process, and would not be captured if financial 
institutions are permitted to delay data collection. One commenter 
stated that requiring collection at the time of application could also 
promote non-discriminatory treatment as it would impress upon lenders 
and applicants the need for fair treatment. An industry commenter 
stated that not specifying a time period may lead to financial 
institution regulatory paralysis or confusion about when to collect 
1071 data from applicants.
    Among commenters that recommended a specific time period for 
collection, many suggested collecting applicant-provided data at the 
time of an application or otherwise ``upfront.'' One commenter noted 
that 1071-required data could be built into the application itself. On 
the other hand, several commenters suggested 1071 data should be 
collected any time before an application is considered complete or, one 
commenter suggested, when financial institutions know that 1071 
collection will be required. The commenters stated that this would be 
the time period during which applicants are most likely to voluntarily 
provide the data, would ensure comparable data across lenders, and 
would still provide financial institutions flexibility to account for 
various application processes. One commenter suggested testing and 
focus groups to determine optimal timing. Otherwise, the commenter 
suggested 1071 data be collected before a financial institution 
disburses funds to the applicant.
Proposed Rule
    The Bureau is proposing Sec.  1002.107(c)(1), which would require a 
covered financial institution to maintain procedures to collect 
applicant-provided data under proposed Sec.  1002.107(a) at a time and 
in a manner that is reasonably designed to obtain a response. The 
Bureau agrees with SERs and other stakeholders about the benefits of 
providing a flexible approach concerning when applicant-provided data 
must be collected during the application process. As noted by some 
commenters, given the variety of application processes in the small 
business lending space, requiring 1071 data collection to occur within 
a narrow window may affect data quality and disrupt financial 
institution practices. On the other hand, the Bureau believes that 
safeguards are necessary to ensure that financial institutions are not 
evading or delaying their obligation to collect 1071 data in a manner 
that detrimentally affects response rates. In light of these 
considerations, the Bureau is proposing an approach that would maintain 
flexibility, but require a financial institution to maintain procedures 
to collect applicant-provided data at a time and in a manner that is 
reasonably designed to obtain a response. This proposal thus implements 
the flexible approach under consideration in the SBREFA Outline, though 
with additional safeguards.
    Proposed comments 107(c)(1)-1 and -2 would clarify the meaning of 
financial institution ``procedures'' and reiterate a financial 
institution's latitude to establish procedures concerning the timing 
and manner that it collects applicant-provided data, provided that 
those procedures are reasonably designed to collect the applicant-
provided data in proposed Sec.  1002.107(a).
    Proposed comment 107(c)(1)-3 would clarify what constitutes 
``applicant-provided data'' in proposed Sec.  1002.107(c)(1). The 
proposed comment would also clarify that applicant-provided data does 
not include data that is generated or supplied only by the financial 
institution. The Bureau believes this clarification would address 
commenter concerns that certain data points collected early in the 
process may not be as accurate (or available) as data available at a 
later time--for example,

[[Page 56487]]

information on action taken is only available late in the application 
process.
    Proposed comment 107(c)(1)-4 would provide additional guidance on 
financial institutions' procedures that are reasonably designed to 
obtain a response. As noted in proposed comment 107(c)(1)-4, a 
financial institution would assess on a periodic basis whether its 
procedures are reasonably designed. One way a financial institution may 
be able to assess whether its procedures are reasonably designed would 
be, once 1071 data are made publicly available, to compare its response 
rate with similarly situated financial institutions (for example, those 
that offer similar products, use a similar lending model, or are of a 
similar size).\697\ The Bureau also anticipates that the response rate 
will differ depending on the data point: Some applicant-provided data 
points (for example, time in business) may have a higher response rate 
than other applicant-provided data points (such as a principal owner's 
race, sex, and ethnicity). The key is for a financial institution to 
assess on a periodic basis whether its procedures are reasonably 
designed to obtain a response.
---------------------------------------------------------------------------

    \697\ As discussed in greater detail in part VI below, the 
Bureau is proposing not to determine what data to include in the 
public application-level 1071 data until after it receives at least 
one full year of 1071 data reported by financial institutions. 
Following the compliance date of the final rule, the Bureau proposes 
to issue a policy statement setting forth its intended modifications 
and deletions to the public application-level 1071 data. Of course, 
the Bureau acknowledges that the availability and robustness of a 
peer analysis would also depend on the extent to which 1071 data are 
made publicly available.
---------------------------------------------------------------------------

    Proposed comments 107(c)(1)-5 and -6 would provide examples of 
procedures that generally are and are not reasonably designed to obtain 
a response. Although the inquiry requires a fact-based determination, 
the Bureau believes providing examples and further guidance of 
practices that likely are and are not reasonably designed to obtain a 
response would facilitate compliance and promote best practices. For 
example, the Bureau believes that, as a general matter, once there is a 
``covered application,'' the earlier a financial institution seeks to 
collect applicant-provided information, the greater the likelihood of 
obtaining an applicant response (particularly for covered applications 
that are later withdrawn or left incomplete). Thus, the Bureau believes 
that, as a general matter, a procedure reasonably designed to obtain a 
response is one in which a financial institution requests applicant-
provided data at the time of a covered application. For example, it 
could request these data in connection with a written application form, 
provided any collection form requesting applicants' protected 
demographic information pursuant to proposed Sec.  1002.107(a)(18) 
through (20) is separate from the application form and other documents 
used to collect other information related to the application, as would 
be required by proposed Sec.  1002.111(b). Collecting applicant-
provided data after a covered application is submitted--for example, 
while the application is being completed through the submission of 
additional documents and verifications--may be reasonably designed to 
obtain a response depending on the particular financial institution's 
procedures, with earlier collections more likely to be reasonably 
designed. The Bureau believes providing such compliance examples would 
incentivize early collection and be consistent with the practice many 
SERs and other industry commenters indicated they planned to follow in 
any event. While some commenters stated that an applicant may be 
reluctant to respond to early collection due to concerns that the 
information may be used to discriminate against them, the Bureau 
believes those concerns can be addressed through the use of a data 
collection form (such as the sample collection form in proposed 
appendix E) that would explain to applicants the reason the information 
is being collected. Moreover, the Bureau notes that financial 
institutions regularly collect data required by HMDA and Regulation C 
at the time of application without significant issue and that the 
sample data collection form in Regulation C similarly provides an 
explanation to applicants as to the reason protected demographic 
information is being collected.
    Conversely, the Bureau believes that, as a general matter, it is 
unlikely that small business applicants will respond to data requests 
that occur simultaneous with or after notifying an applicant of action 
taken on the covered application. Depending on the particular facts, 
however, these procedures may be reasonably designed to obtain a 
response; for example, if the financial institution has evidence or a 
reason to believe that under its procedures the response rate would be 
similar to or better than other alternatives. Although a fact-based 
determination, proposed comment 107(c)(1)-6 would clarify that such 
procedures would generally not be considered ``reasonably designed.''
    Proposed comment 107(c)(1)-7 would explain that a financial 
institution reports updated applicant-provided data if it obtains more 
current data during the application process. Proposed comment 
107(c)(1)-8 would provide guidance in the event a financial institution 
changes its determination regarding an applicant's status as a small 
business.
    Many industry commenters discussed the need for additional 
flexibility specifically for POS applications. The Bureau understands 
that many (though not all) POS applications, particularly those for 
smaller credit amounts or to purchase particular goods in a store, are 
often submitted on-site at POS and decisioned in real time. Under 
proposed Sec.  1002.107(c)(1) and associated commentary, the Bureau 
anticipates that most financial institutions would generally collect 
applicant-provided 1071 data at POS, and not at some later time after 
the credit request has been decisioned and the applicant has left the 
store, as suggested by some commenters. Despite the comments on this 
issue, the Bureau is not proposing a different approach for collecting 
applicant-provided data specifically for POS applications. Commenters 
raised concerns about retail employees seeking to collect 1071 required 
data in a public setting. However, the Bureau believes that financial 
institutions can develop procedures to accommodate collection in this 
setting, including (as discussed above) by using the sample collection 
form developed by the Bureau. The Bureau also does not believe that any 
specialized knowledge is necessary to collect 1071 data, and so 
believes that retail employees can collect the information. Although it 
is possible that the accuracy of the data collected in POS applications 
may be more prone to errors, as some commenters allege, the Bureau 
believes that having such data, even with decreased accuracy, would be 
preferable to not having any applicant-provided data for such 
applications.\698\
---------------------------------------------------------------------------

    \698\ In order to help identify such transactions, the Bureau is 
proposing to collect information about the application recipient. 
See proposed Sec.  1002.107(a)(4).
---------------------------------------------------------------------------

    Several industry commenters suggested the Bureau look to FinCEN's 
customer due diligence (CDD) rule, which excludes from certain of its 
requirements POS transactions to provide credit products solely for the 
purchase of retail goods/services up to a limit of $50,000.\699\ The 
Bureau is not proposing to take this approach given the different 
purposes and requirements of the CDD rule and section 1071. The purpose 
of the CDD rule is to improve financial transparency and prevent 
criminals and terrorists from misusing companies to disguise their 
illicit activities and launder their ill-gotten

[[Page 56488]]

gains.\700\ Under the CDD rule, covered financial institutions must 
identify and verify the identity of natural persons (known as 
beneficial owners) of legal entity customers who own, control, and 
profit from companies when those companies open accounts.\701\ The CDD 
exclusion for certain POS transactions is based on the ``very low risk 
posed by opening such accounts at [a] brick and mortar store.'' \702\ 
While the CDD rule (and the customer identification program (CIP) rule 
\703\) focus on accounts (including certain originated loans), 
obtaining data on denials is essential to 1071's purposes. Moreover, 
unlike the CDD and CIP rules, which require covered financial 
institutions to collect certain essential information, section 1071 
only requires that financial institutions seek to collect applicants' 
protected demographic information, and permits applicants to refuse to 
provide that information. Given these key differences, the Bureau is 
not proposing to follow the CIP and CDD rules concerning timing of 
collection or the exclusion of certain POS applications.
---------------------------------------------------------------------------

    \699\ 31 CFR 1010.230(h)(1)(i).
    \700\ See FinCEN, Information on Complying with the Customer Due 
Diligence (CDD) Final Rule, https://www.fincen.gov/resources/statutes-and-regulations/cdd-final-rule (last visited Aug. 6, 2021).
    \701\ Id.
    \702\ FinCEN, Guidance, at Q 29 (Apr. 3, 2018), https://www.fincen.gov/sites/default/files/2018-04/FinCEN_Guidance_CDD_FAQ_FINAL_508_2.pdf.
    \703\ FinCEN's CIP rule does not include a point of sale 
exclusion. While the rule permits verification of the identity of 
the customer within a reasonable time after the account is opened, 
the collection of required customer information must occur prior to 
account opening. See 31 CFR 1020.220(a)(2)(i)(A) and (ii).
---------------------------------------------------------------------------

    The Bureau seeks comment on proposed Sec.  1002.107(c)(1) and 
associated commentary. As recommended by the SBREFA Panel, the Bureau 
seeks comment on whether it is necessary to specify a time period 
specifically for the collection of protected 1071 demographic 
information, and if so, what time period the Bureau should designate. 
The Bureau also seeks comment on the examples set forth in proposed 
comments 107(c)(1)-5 and -6, and whether it would be useful to provide 
additional examples of procedures that are and that are not reasonably 
designed to obtain a response. In addition, the Bureau seeks comment on 
its proposed approach for POS applications, including its proposal that 
would not make any particular exceptions for the timing and manner of 
1071 data collection for POS applications.
107(c)(2) Previously Collected Data
    In the SBREFA Outline, the Bureau emphasized that it was seeking to 
provide financial institutions with discretion and flexibility in the 
timing of 1071 data collection, in light of considerations including 
their relationships with applicants and the need to avoid unnecessary 
costs.\704\ The Bureau did not specifically discuss whether a financial 
institution could meet its 1071 obligations on a covered application by 
reusing certain data it had previously collected from the same 
applicant. In response to the Bureau's proposal under consideration 
concerning timing of collection of certain 1071 data, however, a 
commenter suggested financial institutions provide annual certification 
of 1071 data where there is an ongoing customer relationship. The 
commenter noted that the data are unlikely to change within a year, 
there may be multiple transactions during that time, and it would avoid 
financial institutions and applicants having to provide the information 
during the application process, saving time and expense.
---------------------------------------------------------------------------

    \704\ SBREFA Outline at 35-36.
---------------------------------------------------------------------------

    The Bureau is proposing Sec.  1002.107(c)(2), which would permit, 
but not require, a financial institution to reuse previously collected 
data to satisfy proposed Sec.  1002.107(a)(13) through (21) if the data 
were collected within the same calendar year as the current covered 
application and the financial institution has no reason to believe the 
data are inaccurate. The Bureau believes that, absent a reason to 
suspect otherwise, recently collected 1071 data are likely to be 
reliable. Additionally, the Bureau believes that a flexible approach 
giving financial institutions discretion to reuse these data is 
consistent with the approach the Bureau proposed at SBREFA. Although 
proposed Sec.  1002.107(c)(2) would apply to certain data collected 
within the same calendar year, nothing prevents a financial institution 
from confirming with the applicant whether information collected more 
than a year ago from the applicant remains accurate.
    Proposed comment 107(c)(2)-1 would provide an example of how 
certain previously collected data can be reused by a financial 
institution. Proposed comment 107(c)(2)-2 would identify the particular 
data that can be reused. The comment would also clarify that other data 
required by proposed Sec.  1002.107(a) could not be reused, as those 
data points are specific and unique to each covered application. 
Proposed comment 107(c)(2)-3 would clarify instances where data have 
not been ``previously collected'' and so cannot be reused under 
proposed Sec.  1002.107(c)(2).
    Proposed comment 107(c)(2)-4 would provide guidance on when 
information is considered collected in the same calendar year, and so 
may be reused by a financial institution in certain circumstances. In 
particular, the proposed comment discusses applications that span more 
than one calendar year.
    Proposed comment 107(c)(2)-5 would provide clarity and an example 
of when a financial institution has reason to believe data may be 
inaccurate, and so cannot be reused for a subsequent covered 
application. Finally, proposed comments 107(c)(2)-6 and -7 would 
provide guidance on when data regarding minority-owned business status, 
women-owned business status, and data on the principal owners' 
ethnicity, race, and sex may be reused by a financial institution in a 
subsequent covered application.
    The Bureau seeks comment on Sec.  1002.107(c)(2) and associated 
commentary. The Bureau also seeks comment on whether a period of one 
calendar year to reuse certain previously collected data is appropriate 
or whether it should be extended to a longer period (such as two or 
three years). In addition, the Bureau seeks comment on whether 
financial institutions should be required to notify applicants that 
information they provide (including, in particular, minority-owned 
business status, women-owned business status, and the principal owners' 
ethnicity, race, and sex) could be reused for subsequent applications.
Section 1002.108 Firewall
Background
    ECOA section 704B(d) generally restricts the access of certain 
individuals at a financial institution or its affiliates to certain 
information provided by an applicant pursuant to section 1071. The 
Bureau calls this requirement in 704B(d) a ``firewall.'' More 
specifically, 704B(d)(1) states that ``[w]here feasible,'' underwriters 
and other officers and employees of a financial institution or its 
affiliates ``involved in making any determination concerning an 
application for credit'' cannot have access to any information provided 
by the applicant pursuant to a request under 704B(b). That is, the 
statute limits access not only by underwriters and persons making an 
underwriting decision but also by anyone else involved in making any 
determination concerning an application. However, it does not expressly 
define the term ``feasible'' or provide clarification regarding what it 
means to be involved in making any

[[Page 56489]]

determination concerning an application for credit.
    Additionally, under ECOA section 704B(d)(2), if the financial 
institution determines that an underwriter, employee, or officer 
involved in making a determination ``should have access'' to any 
information provided by the applicant pursuant to a request under 
704B(b), the financial institution must provide a notice to the 
applicant of the underwriter's access to such information, along with 
notice that the financial institution may not discriminate on the basis 
of such information. Section 704B(d)(2) does not expressly define or 
describe when an underwriter, employee, or officer ``should have 
access,'' nor does it explain the relationship, if any, between when a 
financial institution determines that an individual ``should have 
access'' under 704B(d)(2) and whether it is ``feasible'' to implement 
and maintain a firewall under 704B(d)(1).
    The Bureau believes that ECOA section 704B(d) contains significant 
ambiguities with respect to how financial institutions, in practical 
terms, should determine how to implement a firewall to limit 
underwriters', employees', and officers' access to the information 
provided by applicants pursuant to section 704B(b). Indeed, based on 
feedback from SERs and other commenters, the Bureau believes that in 
many instances financial institutions that find it not ``feasible'' to 
implement and maintain a firewall will be the same institutions 
determining that relevant individuals ``should have access'' to the 
information provided by an applicant pursuant to 704B(b). The Bureau 
further believes that reading these two provisions in isolation from 
each other would result in significant confusion and challenges, 
particularly for smaller financial institutions.
    Accordingly, the Bureau believes that section 1071's firewall 
requirement is best implemented by reading the ``should have access'' 
language in ECOA section 704B(d)(2) in conjunction with the 
``feasibility'' language in 704B(d)(1). In 704B(d)(1), if it is 
feasible to implement and maintain a firewall, then underwriters, other 
employees, and officers shall not have access to the information 
subject to the firewall; but it is not feasible to implement and 
maintain a firewall if an underwriter, other employee, or officer 
subject to the firewall should have access to that information. If it 
is not feasible to implement and maintain a firewall, then that 
underwriter, other employee, or officer who should have access is 
permitted to have access so long as the financial institution provides 
a notice to the applicant.
    As discussed in greater detail above in E.2 of the Overview to this 
part V, the Bureau also believes that section 1071 is ambiguous with 
respect to the meaning of ``any information provided by the applicant 
pursuant to a request under subsection (b).'' On the one hand, ECOA 
section 704B(b)(1) directs financial institutions to inquire whether a 
business is ``a women-owned, minority-owned, or small business,'' so 
the phrase could be interpreted as referring only to those three data 
points. Section 704B(e), however, indicates that the scope of 704B(b) 
is much broader. It instructs financial institutions that ``information 
provided by any loan applicant pursuant to a request under subsection 
(b) . . . shall be itemized in order to clearly and conspicuously 
disclose'' data including the loan type and purpose, the amount of 
credit applied for and approved, and gross annual revenue, among 
others. In other words, 704B(e) designates all of the information that 
financial institutions are required to compile and maintain--not simply 
an applicant's status as a women-owned, minority-owned, or small 
business--as information provided by an applicant ``pursuant to a 
request under subsection (b).'' But information deemed provided 
pursuant to 704B(b) is subject not only to the firewall under 704B(d) 
but also to a right to refuse under 704B(c) and separate recordkeeping 
requirements under 704B(b)(2). Applying these special protections to 
many of the data points in 704B(e), such as an applicant's gross annual 
revenue or the amount applied for, would be extremely difficult to 
implement because this information is critical to financial 
institutions' ordinary operations in making credit decisions.
    In order to resolve these ambiguities, the Bureau believes that the 
best reading of the statute is to give different meanings to the phrase 
``any information provided by the applicant pursuant to a request under 
subsection (b)'' with respect to ECOA section 704B(e) as opposed to 
704B(b)(2), (c), and (d). As relevant here, with respect to the 
firewall in ECOA section 704B(d), the Bureau interprets the phrase to 
refer to the data points in proposed Sec.  1002.107(a)(18) (minority-
owned business status) and proposed Sec.  1002.107(a)(19) (women-owned 
business status), as well as proposed Sec.  1002.107(a)(20) (ethnicity, 
race, and sex of principal owners). Each of these data points require 
financial institutions to request demographic information that has no 
bearing on the creditworthiness of the applicant. Moreover, a financial 
institution could not inquire about this demographic information absent 
section 1071's mandate to collect and report the information, and ECOA 
prohibits a financial institution from discriminating against an 
applicant on the basis of the information. The Bureau accordingly 
believes that the best effectuation of congressional intent is to apply 
section 1071's special-protection provisions to apply to this 
demographic information, regardless of whether the statutory authority 
to collect it originates in 704B(b)(1) (women-owned business status and 
minority-owned business status) or 704B(e)(2)(G) (race, sex, and 
ethnicity of principal owners). The Bureau similarly believes that 
Congress did not intend these special protections to apply to any of 
the other data points proposed in Sec.  1002.107(a), which the 
financial institution is permitted to request regardless of coverage 
under section 1071, which are not the subject of Federal 
antidiscrimination law, and many of which financial institutions 
currently use for underwriting purposes.\705\
---------------------------------------------------------------------------

    \705\ As explained in the Overview to this part V, the Bureau is 
not proposing to require financial institutions to maintain and 
report a data point on small business status.
---------------------------------------------------------------------------

    The Bureau is proposing Sec.  1002.108 to implement ECOA section 
704B(d) and, pursuant to its authority in 704B(g)(1), to prescribe such 
rules and issue such guidance as may be necessary to carry out, 
enforce, and compile data pursuant to section 1071.
SBREFA Proposal Under Consideration and Feedback
    Information subject to the firewall. In the SBREFA Outline, the 
Bureau stated that it was considering proposing that financial 
institutions need only limit access under ECOA section 704B(d) to an 
applicant's responses to the financial institution's specific inquiries 
regarding women-owned and minority-owned business status and the 
ethnicity, race, and sex of principal owners, but not to an applicant's 
small business status.\706\ As discussed below, many SERs and other 
commenters suggested that restricting access to protected demographic 
information obtained to comply with section 1071 (i.e., minority-owned 
business status, women-owned business status, and the principal owners' 
ethnicity, race, and sex) would be difficult for their institutions. 
Although these SERs and other commenters generally did not comment on 
the scope of information that the Bureau considered proposing be 
subject to the firewall (other than to say

[[Page 56490]]

that liming access would be difficult), one commenter said that small 
business status should not be subject to the firewall and another 
commenter said that it should.
---------------------------------------------------------------------------

    \706\ SBREFA Outline at 36-37.
---------------------------------------------------------------------------

    The SBREFA Panel recommended that the Bureau propose clear guidance 
on what information is subject to the firewall requirement.\707\
---------------------------------------------------------------------------

    \707\ SBREFA Panel Report at 47.
---------------------------------------------------------------------------

    Feasibility of maintaining a firewall. In the SBREFA Outline, the 
Bureau also stated that it was considering how it might apply the 
feasibility standard in ECOA section 704B(d)(1) and asked several 
questions related to this standard.\708\ Several SERs that take in-
person or paper applications or that have very limited commercial 
lending staff stated that it would be costly or impossible for them to 
restrict access to applicants' protected demographic information by 
underwriters and other persons involved in making determinations 
concerning applications from small businesses.\709\ In contrast, 
several SERs that operate entirely online said that it would be 
relatively easy for them to restrict access to applicants' protected 
demographic information. Another SER said that it could restrict access 
to protected demographic information for applications received online 
(though not for paper applications), but that it would necessitate an 
overhaul of its online system.
---------------------------------------------------------------------------

    \708\ SBREFA Outline at 36-37.
    \709\ The SER feedback discussed in this section-by-section 
analysis can be found in the SBREFA Panel Report at 33-34.
---------------------------------------------------------------------------

    Many other stakeholders providing feedback on the SBREFA Outline 
said that it would not be possible to limit access to applicants' 
protected demographic information or that attempting to do so would be 
costly and time consuming. Some other commenters suggested that 
implementing and maintaining a firewall would be impossible for all 
financial institutions or certain categories of financial institutions 
(i.e., smaller financial institutions, community banks, credit unions). 
Generally, these commenters requested exemptions from the firewall 
requirement for either all financial institutions or specific 
categories of financial institutions. Generally, commenters were 
concerned about the costs associated with hiring additional staff, 
outsourcing additional functions, or making system changes to implement 
and maintain the firewall. However, some commenters indicated that 
financial institutions should not be required to change their existing 
application or other processes to maintain a firewall and noted that 
underwriters and officers who gather information from small business 
applicants also make determinations regarding such applications. 
Commenters noted that implementing a firewall would necessitate more 
points of contact between employees of the financial institution and an 
applicant and would require financial institutions to reassign job 
duties and retrain existing employees.
    Importantly, many comments from SERs and others seemed to reflect 
confusion about the intended scope of the firewall. For example, some 
SERs and other commenters seemed to think that the firewall would 
prohibit employees who were generally aware of an applicant's business 
status or of a principal owner's ethnicity, race, and sex, such as due 
to participation in outside organizations or activities, from making 
any determinations regarding applications. One commenter remarked that 
it would be impossible to comply with the firewall requirement if a 
financial institution required a principal owner to provide a driver's 
license. Additionally, some SERs and other commenters requested 
guidance on the scope and applicability of the firewall, indicating 
that the SBREFA Outline was not sufficiently clear regarding the 
firewall's scope.
    The SBREFA Panel recommended that the Bureau propose a clear 
feasibility standard that takes into account the costs of establishing 
and maintaining a firewall to limit access by underwriters and other 
persons.\710\
---------------------------------------------------------------------------

    \710\ Id. at 47.
---------------------------------------------------------------------------

    Providing a notice in lieu of the firewall. In the SBREFA Outline, 
the Bureau also stated that it was considering proposing to interpret 
ECOA section 704B(d)(2) to permit financial institutions to give 
underwriters, employees, and officers access to applicants' responses 
regarding women-owned business status, minority-owned business status 
and the principal owners' race, sex, and ethnicity when the financial 
institution determines that such access is needed for the underwriter, 
employee, or officer to perform usual and regularly assigned job 
duties.\711\ In such circumstances, the financial institution would 
need to comply with the statutory requirement to provide a notice in 
lieu of limiting access. The Bureau also stated in the SBREFA Outline 
that the financial institution could provide the notice to all small 
business applicants or the specific applicant or applicants whose 
information will or may be accessed. The Bureau also stated that it was 
considering developing sample disclosure language that financial 
institutions could use when providing the notice under 704B(d)(2) and 
that the notice under 704B(d)(2) need not include language regarding 
small business status.
---------------------------------------------------------------------------

    \711\ SBREFA Outline at 36-37.
---------------------------------------------------------------------------

    SERs and other stakeholders generally were supportive of providing 
a notice to applicants in lieu of restricting access to applicants' 
protected demographic information obtained for purposes of the 1071 
rule. Several stated that it should be permissible to provide a 
disclosure or notice to meet the firewall requirement, and others 
stated that a financial institution should be permitted to provide a 
notice to meet the firewall requirement if the financial institution 
itself determines that establishing and maintaining a firewall was not 
feasible. However, one industry commenter stated that financial 
institutions should not be required to provide a notice to comply with 
the firewall requirement, and one SER said that use of the notice 
should be optional. This SER suggested that requiring the use of a 
notice may cause confusion for the applicant and have the unintended 
consequence of causing unfounded claims of discrimination if the 
application is denied. One SER cautioned that many people do not read 
notices and disclosures, and another SER suggested that financial 
institutions would not want to provide a notice because the loan 
process already involves too much paperwork.
    Several SERs and several other stakeholders indicated a preference 
for providing a notice to all applicants, not just those specific 
applicants whose protected demographic information was likely to be 
accessed by underwriters and others making decisions regarding 
applications.
    Several stakeholders supported a model notice. One SER as well as 
two other commenters asked that, if the Bureau provided sample language 
or a model notice, that the Bureau provide it in English as well as in 
other languages, such as Spanish. SERs and other stakeholders suggested 
a variety of statements that they thought should or should not be 
included in sample language or a model notice. They also provided a 
variety of suggestions on combining the notice with other documents, 
such as the application, sample data collection form, or with other 
required notices and disclosures.
    One SER requested that the Bureau clarify when a financial 
institution would be permitted to provide a notice in lieu of 
restricting access to

[[Page 56491]]

applicants' protected demographic information. Some stakeholders 
requested additional guidance on the timing and methods for providing a 
notice.
    The SBREFA Panel recommended that the Bureau propose to permit 
financial institutions to provide a notice to applicants instead of 
restricting access to applicants' protected demographic information if 
it is not feasible for the financial institution to restrict such 
access.\712\
---------------------------------------------------------------------------

    \712\ SBREFA Panel Report at 47.
---------------------------------------------------------------------------

Proposed Rule
    The Bureau is proposing Sec.  1002.108 to implement the firewall 
provisions in ECOA section 704B(d). Proposed Sec.  1002.108(a) would 
provide certain relevant definitions, proposed Sec.  1002.108(b) would 
state the general prohibition on access to applicants' protected 
demographic information by certain persons, proposed Sec.  1002.108(c) 
would explain the exception to that prohibition, and proposed Sec.  
1002.108(d) would provide language for the notice necessary in order to 
qualify for the exception. The Bureau is also proposing commentary. The 
Bureau's proposed approach to Sec.  1002.108 is consistent with its 
approach under consideration during the SBREFA process. The Bureau's 
general rationale for how it reads the firewall provisions are set 
forth in this section-by-section analysis of proposed Sec.  1002.108 
above, under Background.
    Proposed Sec.  1002.108(b) would state that, unless the exception 
under proposed Sec.  1002.108(c) applies, an employee or officer of a 
covered financial institution or a covered financial institution's 
affiliate shall not have access to an applicant's responses to 
inquiries that the financial institution makes pursuant to this subpart 
regarding whether the applicant is a minority-owned business under 
proposed Sec.  1002.107(a)(18) or a women-owned business under proposed 
Sec.  1002.107(a)(19), and regarding the ethnicity, race, and sex of 
the applicant's principal owners under proposed Sec.  1002.107(20), if 
that employee or officer is involved in making any determination 
concerning that applicant's covered application.
    Consistent with the SBREFA Panel's recommendation, proposed comment 
108(b)-1 would clarify the information that is subject to the 
prohibition on access (i.e., the firewall) and provide examples. First, 
proposed comment 108(b)-1 would clarify that the prohibition in 
proposed Sec.  1002.108(b) would apply only to an applicant's responses 
to the inquiries that the covered financial institution makes to 
satisfy Sec.  1002.107(a)(18) through (20) and provide examples. 
Second, proposed comment 108(b)-1 would clarify that the prohibition in 
proposed Sec.  1002.108(b) does not apply to ethnicity or race 
information about principal owners that the financial institution 
collects via visual observation or surname, or to an applicant's 
responses to inquiries regarding minority-owned or women-owned business 
status, or principal owners' ethnicity, race, or sex, made for other 
purposes and provide an example. It would also clarify that the 
prohibition does not apply if an employee or officer generally knows 
that an applicant is a minority-owned business or women-owned business, 
or knows the ethnicity, race, or sex of any of the applicant's 
principal owners due to activities unrelated to the inquiries made to 
satisfy the financial institution's obligations under subpart B, as 
well as provide an example.
    In response to SBREFA feedback requesting additional clarification 
and guidance on who would be subject to the firewall, proposed comment 
108(b)-2 would clarify the scope of persons subject to the prohibition 
and provide examples.
    Additionally, the Bureau is proposing to define the phrase 
``involved in making any determination concerning a covered 
application.'' Proposed Sec.  1002.108(a)(1) would define this phrase 
to mean participating in a decision regarding the evaluation of a 
covered application, including the creditworthiness of an applicant for 
a covered credit transaction. Thus, an employee or officer who 
participates in such decision would be subject to the prohibition in 
proposed Sec.  1002.108(b), and thus could not have access to an 
applicant's responses to the covered financial institution's inquiries 
under proposed Sec.  1002.107(a)(18) through (20) with regard to that 
covered application, unless the exception in proposed Sec.  1002.108(c) 
applies.
    Proposed comment 108(a)-1 would provide additional clarification 
regarding when an employee or officer is ``involved in making any 
determination concerning a covered application.'' In particular, it 
would clarify that an employee or officer is involved in making a 
determination concerning a covered application if the employee or 
officer makes, or otherwise participates in, a decision regarding the 
evaluation of a covered application or the creditworthiness of an 
applicant for a covered credit transaction. Proposed comment 108(a)-1 
would note that this group of employees and officers includes, but is 
not limited to, employees and officers who serve as underwriters.\713\ 
Additionally, it would explain that the decision that the employee or 
officer makes or participates in must be about a specific covered 
application. An employee or officer would not be involved in making a 
determination concerning a covered application if the employee or 
officer is involved in making a decision that affects covered 
applications generally, the employee or officer interacts with small 
businesses prior to them becoming applicants or submitting a covered 
application, or the employee or officer makes or participates in a 
decision after the financial institution has taken final action on the 
application, such as decisions about servicing or collecting a covered 
credit transaction.
---------------------------------------------------------------------------

    \713\ While ECOA section 704B(d) refers to underwriters and 
other officers and employees of a financial institution, or any 
affiliate of a financial institution, who are involved in making any 
determination concerning an application, the Bureau has clarified 
that underwriters are one classification or category of employees 
and officers who are involved in making a determination concerning 
an application. The Bureau has not separately listed underwriters as 
subject to the firewall because doing so is unnecessary given their 
inclusion in the larger group of employees and officers who are 
involved in making any determination concerning an application.
---------------------------------------------------------------------------

    Consistent with the SBREFA Panel's recommendation, proposed Sec.  
1002.108(c) would state that the prohibition in proposed Sec.  
1002.108(b) shall not apply to an employee or officer if a financial 
institution determines that it is not feasible to limit that employee's 
or officer's access to one or more of an applicant's responses to the 
financial institution's inquiries under Sec.  1002.107(a)(18) through 
(20) and the financial institution provides the notice required under 
proposed Sec.  1002.108(d) to the applicant. Proposed Sec.  1002.108(c) 
would further state that it is not feasible to limit access as required 
pursuant to proposed Sec.  1002.108(b) if the financial institution 
determines that an employee or officer involved in making any 
determination concerning a covered application should have access to 
one or more applicants' responses to the financial institution's 
inquiries under proposed Sec.  1002.107(a)(18) through (20).
    Proposed comment 108(c)-1 would clarify that a financial 
institution is not required to limit the access of a particular 
employee or officer who is involved in making determinations concerning 
covered applications if the financial institution determines that the 
particular employee or officer should have access to the information 
collected

[[Page 56492]]

pursuant to proposed Sec.  1002.107(a)(18) through (20) and the 
financial institution provides the notice required by proposed Sec.  
1002.108(d). It would explain that a financial institution can 
determine that several employees and officers should have access or 
that all of a group of similarly situated employees or officers should 
have access, but that a financial institution cannot permit all 
employees and officers to have access simply because it has determined 
that one or more employees or officers should have access. It would 
also provide an example.
    Proposed Sec.  1002.108(a)(2) would define the phrase ``should have 
access'' to mean that an employee or officer may need to collect, see, 
consider, refer to, or otherwise use the information to perform that 
employee's or officer's assigned job duties. Proposed comment 108(a)-2 
would explain that a financial institution may determine that an 
employee or officer should have access for purposes of proposed Sec.  
1002.108 if that employee or officer is assigned one or more job duties 
that may require the employee or officer to collect (based on visual 
observation, surname, or otherwise), see, consider, refer to, or use 
information otherwise subject to the prohibition in proposed Sec.  
1002.108(b). The employee or officer would not have to be required to 
collect, see, consider, refer to or use such information or to actually 
collect, see, consider, refer to or use such information. It would be 
sufficient if the employee or officer might need to do so to perform 
the employee's or officer's assigned job duties. This approach is 
similar to the approach under consideration during the SBREFA process, 
though in response to feedback received, the proposed definition would 
not require that the assigned job duties be usually or regularly 
assigned. Thus, an employee or officer would not be subject to the 
prohibition if the financial institution determines that the employee 
or officer might need to see, consider, refer to, or otherwise use the 
information an applicant provided pursuant to proposed Sec.  
1002.17(a)(18) through (20) to perform the employee's or officer's 
assigned job duties, and the financial institution provides the 
required notice to the applicant. Proposed comment 108(a)-2 would 
include an example of when a financial institution would be able to 
determine that an officer should have access and would state that, if a 
financial institution determines that an employee or officer who is 
involved in making any determination concerning a covered application 
should have access for purposes of Sec.  1002.108, the financial 
institution is responsible for ensuring that the employee or officer 
only accesses and uses the protected information for lawful purposes. 
Additionally, proposed comment 108(a)-2 would explain that a financial 
institution may determine that all employees or officers with the same 
job description or assigned duties should have access for purposes of 
Sec.  1002.108 and provide an example.
    Proposed Sec.  1002.108(d) would describe the notice that a 
financial institution is required to provide to satisfy the exception 
in proposed Sec.  1002.108(c). Proposed Sec.  1002.108(d) would state 
that, in order to satisfy the exception set forth in proposed Sec.  
1002.108(c), a financial institution shall provide a notice to each 
applicant whose responses will be accessed, informing the applicant 
that one or more employees or officers involved in making 
determinations concerning the covered application may have access to 
the applicant's responses to the financial institution's inquiries 
regarding whether the applicant is a minority-owned business or a 
women-owned business, and regarding the ethnicity, race, and sex of the 
applicant's principal owners. Proposed Sec.  1002.108(d) would also 
state that the financial institution shall provide this notice when 
making the inquiries required under Sec.  1002.107(a)(18) through (20) 
and together with the notices required pursuant to Sec.  
1002.107(a)(18) through (20).
    Proposed comment 108(d)-1 would explain that if a financial 
institution determines that one or more employees or officers should 
have access pursuant to proposed Sec.  1002.108(c), then the financial 
institution must provide the required notice to, at a minimum, the 
applicant or applicants whose responses will be accessed by an employee 
or officer involved in making determinations regarding the applicant's 
or applicants' covered applications. It would also clarify that, as an 
alternative, the financial institution could provide the required 
notice to a larger group of applicants, including all applicants, if it 
determines that one or more officers or employees should have access.
    Proposed comment 108(d)-2 would describe the content of the 
required notice. It would state that the notice must inform the 
applicant that one or more employees and officers involved in making 
determinations regarding the applicant's covered application may have 
access to the applicant's responses regarding the applicant's minority-
owned business status, its women-owned business status, and its 
principal owners' ethnicity, race, and sex. Proposed comment 108(d)-2 
would note that the financial institution may, but is not required to, 
provide the notice on its data collection form. Additionally, proposed 
comment 108(d)-2 would include language for the required notice. A 
financial institution would be required to use the language set forth 
in proposed comment 108(d)-2 or substantially similar language when 
providing the notice.
    Comment 108(d)-3 would explain that if a financial institution is 
providing the notice required by proposed Sec.  1002.108(d) orally, it 
must provide the notice prior to asking the applicant if it is a 
minority-owned business or women-owned business and prior to asking for 
a principal owner's ethnicity, race, or sex. It would further explain 
that, if the notice required by proposed Sec.  1002.108(d) is provided 
on the same paper or electronic data collection form as the inquiries 
about minority-owned business status, women-owned business status, and 
the principal owners' ethnicity, race, or sex, the financial 
institution would be required to provide the notice at the top of the 
form. If the notice required by proposed Sec.  1002.108(d) is provided 
in an electronic or paper document that is separate from the data 
collection form, the financial institution would be required to provide 
the notice at the same time as the data collection form or prior to 
providing the data collection form. Additionally, proposed comment 
108(d)-3 would clarify that the notice required pursuant to proposed 
Sec.  1002.108(d) must be provided with the non-discrimination notices 
required pursuant to proposed Sec.  1002.107(a)(18) through (20) and 
would reference proposed appendix E for an example.
    The Bureau believes that its proposed approach reflects the 
feedback from most SERs and commenters who preferred to be able to give 
a notice and did not want to hire additional staff or change processes. 
While some commenters did not want to provide a notice, section 1071 
requires that a financial institution provide a specific notice to an 
applicant if the financial institution determines that an employee or 
officer should have access to information otherwise subject to the 
firewall requirement. As an alternative to providing a notice, a 
financial institution could take the steps necessary to establish and 
maintain a firewall.
    The Bureau seeks comment on its proposed approach to the firewall 
requirement and whether a different approach might result in a better 
policy outcome. The Bureau also seeks

[[Page 56493]]

comment on the scope of the proposed firewall and the exception. The 
Bureau specifically seeks comment on whether the firewall should apply 
to information about principal owners' ethnicity and race that is 
obtained via visual observation and/or surname. Finally, the Bureau 
generally requests comment on whether additional clarification is 
needed regarding the firewall requirement.
Section 1002.109 Reporting of Data to the Bureau
    Proposed Sec.  1002.109 would address several aspects of financial 
institutions' obligations to report 1071 data to the Bureau. First, 
proposed Sec.  1002.109(a) would require 1071 data to be collected on a 
calendar year basis and reported to the Bureau by June 1 of the 
following year, and would address several related issues. Second, 
proposed Sec.  1002.109(b) would detail the information that financial 
institutions must provide about themselves when reporting 1071 data to 
the Bureau. Finally, proposed Sec.  1002.109(c) would address technical 
instructions for submitting data to the Bureau.
    The Bureau is proposing Sec.  1002.109 to implement ECOA section 
704B(f)(1) and pursuant to its authority under 704B(g)(1) to prescribe 
such rules and issue such guidance as may be necessary to carry out, 
enforce, and compile data pursuant to section 1071. The Bureau is also 
proposing Sec.  1002.109(b) pursuant to 704B(e)(2)(H), which requires 
financial institutions to compile and maintain as part of their 1071 
data any additional data that the Bureau determines would aid in 
fulfilling the purposes of section 1071.
109(a) Reporting to the Bureau
109(a)(1) Annual Reporting
Background
    ECOA section 704B(f)(1) provides that ``[t]he data required to be 
compiled and maintained under [section 1071] by any financial 
institution shall be submitted annually to the Bureau.''
SBREFA Proposal Under Consideration and Feedback Received
    In the SBREFA Outline, the Bureau stated it was considering 
proposing that financial institutions collect 1071 data on a calendar 
year basis, and that financial institutions report 1071 data to the 
Bureau by a specified time after the end of each calendar year.\714\
---------------------------------------------------------------------------

    \714\ SBREFA Outline at 39-40.
---------------------------------------------------------------------------

    SERs and other stakeholders responded to various aspects of the 
Bureau's proposals under consideration in the SBREFA Outline on 
reporting 1071 data to the Bureau, including reporting frequency, 
reporting period, and submission date.\715\
---------------------------------------------------------------------------

    \715\ The SER feedback in this section-by-section analysis can 
be found in the SBREFA Panel Report at 34.
---------------------------------------------------------------------------

    Regarding reporting frequency, stakeholder comments were split. One 
SER suggested that data reporting be done on a calendar year basis, to 
avoid half-year measurements. Some other stakeholders--including 
several industry and trade association stakeholders, and a community 
group--also supported reporting no more or less frequently than once a 
year. Other stakeholders supported reporting on a more frequent basis 
than annually. In that latter group, another SER requested ongoing data 
reporting, arguing that more frequent reporting is less burdensome by 
permitting financial institutions to submit data as applications are 
received or loans are made. Three stakeholders (a community group, a 
think tank, and a community development lender trade association) also 
supported reporting more frequently than annually, especially for 
larger financial institutions, arguing that technology enables near 
real-time reporting.
    Regarding the reporting period and submission date, several trade 
associations supported collecting data on a calendar year basis. A 
community group suggested an alternative to calendar-year reporting, 
specifically a one-year collection period starting on July 1 and ending 
on June 30 the next year. The group argued that this alternative 
schedule would help financial institutions avoid overlapping 
obligations with the calendar year data collection schedule for HMDA. A 
SER cautioned against aligning the annual reporting dates for section 
1071 with the reporting dates for HMDA, noting that reporting for both 
regimes at the same time could strain resources; other stakeholders 
echoed this view. Other stakeholders requested that the Bureau 
coordinate reporting dates with other Federal agencies, including those 
responsible for collecting data from CDFI Fund participants and banks 
subject to CRA reporting.
    Regarding reporting 1071 data to the Bureau, several SERs noted 
that they already report much of the data that a 1071 rule would seem 
likely to require to the Treasury Department's CDFI Fund. One SER 
requested that the Bureau coordinate with the CDFI Fund on consistency 
of definitions, types of data collection, and timing of reporting, and 
that the agencies should consider streamlining reporting requirements 
through data sharing.
    The SBREFA Panel recommended, regarding this issue as well as other 
recordkeeping and reporting issues addressed in the SBREFA Outline, 
that the Bureau seek comment on these aspects of a 1071 rule, and how 
best to implement them in a manner that minimizes cost and burden to 
small financial institutions.\716\
---------------------------------------------------------------------------

    \716\ Id. at 47.
---------------------------------------------------------------------------

Proposed Rule
    The Bureau is proposing, in Sec.  1002.109(a)(1)(i), to require 
that by June 1 following the calendar year for which data are collected 
and maintained as required by proposed Sec.  1002.107, a covered 
financial institution shall submit its small business lending 
application register in the format prescribed by the Bureau. This 
approach to reporting frequency and reporting period is consistent with 
both the annual submission schedule specified in the statute as well as 
with the approach under consideration at SBREFA.
    Regarding reporting frequency, while several stakeholders and one 
SER advocated for more frequent reporting (especially via application 
programming interface (API)), annual reporting is consistent with what 
ECOA section 704B(f)(1) provides and with HMDA for most filers.\717\ 
The Bureau is concerned that requiring more frequent reporting for 1071 
data could be unduly onerous for financial institutions, especially 
small financial institutions and those with lower application volumes.
---------------------------------------------------------------------------

    \717\ Some financial institutions with over 60,000 covered loans 
and applications must file HMDA data on a quarterly basis. 12 CFR 
1003.5(a)(ii).
---------------------------------------------------------------------------

    Further, the Bureau is not proposing that financial institutions 
(small or otherwise) be permitted to submit their 1071 data on a real-
time basis. The Bureau believes that this would add complexity to the 
Bureau reporting system. The Bureau is concerned that this approach 
could result in financial institutions treating the Bureau as their 
official recordkeeping system for their 1071 data. Financial 
institutions that were required to update or correct their data as a 
result of an audit, examination, or compliance review would need to 
make such changes within the Bureau's system, requiring the Bureau to 
develop an infrastructure that not only accepts real-time submissions, 
but also real-time corrections to prior real-time submissions. 
Nonetheless, the Bureau is continuing to explore ways it might 
facilitate or streamline reporting, particularly for small financial

[[Page 56494]]

institutions. See the section-by-section analysis of proposed Sec.  
1002.109(c) below for additional information.
    Regarding the reporting period, the Bureau believes there are 
advantages to having data collected and reported on a calendar year 
basis. Calendar year reporting may facilitate other aspects of the rule 
that depend on data that is typically recorded on a calendar year 
basis. For instance, other parts of the rule look to annual data, such 
as proposed Sec.  1002.105(b), which would use a financial 
institution's loan volumes over the prior two calendar years to 
determine coverage. Further, the Bureau understands that financial 
institutions would generally prefer to have such data collections occur 
on a calendar year basis because such an approach would be generally 
consistent with their operations. The Bureau is concerned that 
requiring an annual reporting period other than the calendar year--such 
as July 1 to June 30--could result in additional challenges for 
financial institutions in complying with the rule, which could in turn 
make errors in collecting and reporting data to the Bureau more likely.
    As discussed in more detail below in the section-by-section 
analysis of proposed Sec.  1002.114(b) below, the Bureau is considering 
whether to require or permit the initial collection of data under the 
eventual 1071 rule to begin, following an appropriate implementation 
period, at some point during the year rather than on January 1. For 
example, if the compliance date were on July 1, 2024, the Bureau would 
permit or require all financial institutions to collect and report data 
pursuant to proposed Sec.  1002.109(a) for the period July 1 to 
December 31, 2024. After this initial partial collection year, 
financial institutions would collect data on a calendar year basis.
    Regarding the proposed submission date, several stakeholders 
(including community groups) requested a March 1 submission deadline on 
the grounds that financial institutions comply with a March 1 deadline 
for HMDA despite its relative complexity compared to 1071. The Bureau 
is proposing a June 1 submission deadline to give additional time for 
the compliance staff of financial institutions to dedicate time and 
resources focused on preparing a small business lending application 
register, after meeting other reporting obligations with earlier 
deadlines, such as under HMDA or CRA. This may be especially important 
for smaller financial institutions that will rely on the same staff to 
comply with other data reporting regimes and this 1071 rule.
    Proposed Sec.  1002.109(a)(1)(ii) would require that an authorized 
representative of the covered financial institution with knowledge of 
the data submitted certify to the accuracy and completeness of data 
submitted pursuant to proposed Sec.  1005.109(a). A similar provision 
exists in Regulation C (Sec.  1003.5(a)(i)), and the Bureau believes it 
would be appropriate to adopt it here as well. Based on the Bureau's 
experience with HMDA and Regulation C, the Bureau believes that having 
a specific person responsible for certifying to the accuracy and 
completeness of data is likely to lead to financial institutions 
providing better quality data.
    Proposed Sec.  1002.109(a)(1)(iii) would clarify that when the last 
day for submission of data prescribed under proposed Sec.  
1002.109(a)(1) falls on a date that is not a business day, a submission 
is considered timely if it is submitted no later than the next business 
day.
    The Bureau seeks comment on its proposed approach to the aspects of 
reporting addressed in proposed Sec.  1002.109(a), including that the 
reporting frequency be annual, that the reporting period be the 
calendar year, and that the submission date be June 1 of the next 
calendar year. In particular, the Bureau seeks comment with respect to 
proposed Sec.  1002.109(a)(1)(i) on whether requiring the submission of 
small business lending application registers by June 1 might give rise 
to complications for any persons or entities relying on data from the 
registers for other purposes, such as Federal regulators scheduling 
examinations.
109(a)(2) Reporting by Subsidiaries
    ECOA section 704B(f)(1) states that ``any'' financial institution 
obligated to report 1071 data to the Bureau must do so annually; the 
statute does not expressly address financial institutions that are 
themselves subsidiaries of other financial institutions. In the SBREFA 
Outline, the Bureau did not address this issue for section 1071 
reporting.
    Proposed Sec.  1002.109(a)(2) would state that a covered financial 
institution that is a subsidiary of another covered financial 
institution shall complete a separate small business lending 
application register. The subsidiary shall submit its small business 
lending application register, directly or through its parent, to the 
Bureau. Proposed comment 109(a)(2)-1 would explain that a covered 
financial institution is considered a subsidiary of another covered 
financial institution for purposes of reporting data pursuant to 
proposed Sec.  1002.109 if more than 50 percent of the ownership or 
control of the first covered financial institution is held by the 
second covered financial institution. This proposed provision mirrors 
one that exists for HMDA reporting under Regulation C in Sec.  
1003.5(a)(2). The Bureau believes that this proposed provision would 
help facilitate compliance with the 1071 rule by permitting parent 
financial institutions to coordinate the reporting of all their 
subsidiaries' small business lending data together.
    The Bureau seeks comment on this aspect of its proposal. 
Additionally, the Bureau seeks comment on proposed Sec.  1002.109(a)(2) 
in light of proposed Sec.  1002.105(b), which would define a covered 
financial institution as a financial institution that originated at 
least 25 covered credit transactions for small businesses in each of 
the two preceding calendar years. The Bureau seeks comment on whether 
this provision may risk creating ambiguity with respect to compliance 
and whether additional safeguards may be required to dissuade financial 
institutions from creating subsidiaries for the sole purpose of 
avoiding the collection and reporting or section 1071 data. The Bureau 
also seeks comment on all other aspects of this proposal.
109(a)(3) Reporting Obligations Where Multiple Financial Institutions 
Are Involved in a Covered Credit Transaction
    Section 1071's requirement to collect and report data for any 
``application to a financial institution for credit'' could be read as 
applying to more than one financial institution when an intermediary 
provides the application to another institution that takes final action 
on the application. It might also apply in cases where one application 
is simultaneously sent to multiple financial institutions. This broad 
reading may serve a useful function, such as comprehensive reporting by 
all financial institutions involved in a small business lending 
transaction, but could also generate duplicative compliance costs for 
financial institutions and potentially detract from the quality of 
reported 1071 data, increasing the risk that certain applications are 
reported multiple times.
    At SBREFA, in considering ECOA section 704B(f)(1), the Bureau 
stated that it was considering proposing that in the situation where 
more than one party is involved on the lender side of a single small 
business loan or application, section 1071's data collection and 
reporting requirements would be limited in the same manner as in

[[Page 56495]]

Regulation C. For HMDA, Regulation C provides (in Sec.  1003.4(a) and 
comment 4(a)-3) that if more than one financial institution was 
involved in the origination of a covered loan, the financial 
institution that made the final credit decision approving the 
application before closing or account opening shall report the covered 
loan as an origination. If there was an origination, then the financial 
institution making the final credit decision approving the application 
would be responsible for reporting (even if the financial institution 
used credit standards set by another party). If more than one financial 
institution approved a loan, and the loan was purchased after closing 
by one of the financial institutions approving the loan, the purchaser 
(such as an assignee) would report the loan. If there was no 
origination and multiple financial institutions received the same 
application, then any financial institution that made a credit decision 
would be responsible for reporting (even if other financial institution 
also reported on the same potential non-originated application).
    Several SERs voiced support for aligning reporting requirements for 
financial institutions that are not the lender of record with the 
approach taken for HMDA reporting in the Bureau's Regulation C. One SER 
stressed that imposing section 1071 requirements for loan buyers, who 
play an important role in assisting CDFIs but do not make credit 
decisions, might risk their continued participation. Another CDFI SER 
explained that the institution occasionally participates in pooled loan 
purchases and recommended that the Bureau ensure that reporting 
obligations for such pooled loans are clear.\718\ Other SERs expressed 
concern in adopting the Bureau's approach in Regulation C, noting the 
differences between small business and residential loan products, and 
advocated for simpler approaches. The SBREFA Panel did not provide a 
relevant recommendation.
---------------------------------------------------------------------------

    \718\ See the section-by-section analysis of proposed Sec.  
1002.104(b) above for further discussion of the proposed treatment 
of pooled loans.
---------------------------------------------------------------------------

    Comments from other stakeholders included several voicing support 
for a HMDA-like approach, praising the Bureau's consistent approach and 
interest in limiting duplicative information. However, several comments 
advocated against the HMDA approach, generally by proffering other 
ideas rather than criticizing the rules or outcomes of the HMDA 
approach. Alternative suggestions varied, but included suggesting that 
data collection and reporting should be required only for the company 
most closely interacting with the loan applicant; if a financial 
institution receives a covered application, then the application should 
be subject to reporting, regardless of outcome; the financial 
institution that funded (or would have funded) the loan should be 
required to collect and report; and the financial institution that 
conducts the underwriting and determines whether the small business 
credit applicant qualifies for credit using its underwriting criteria 
should be required to report and collect.
    Proposed Sec.  1002.109(a)(3) would provide that only one covered 
financial institution shall report each covered credit transaction as 
an origination, and that if more than one financial institution was 
involved in an origination, the financial institution that made the 
final credit decision approving the application shall report the loan 
as an origination, if the financial institution is a covered financial 
institution.
    Proposed Sec.  1002.109(a)(3) would further provide that if there 
was no origination, then any covered financial institution that made a 
credit decision shall report the application. The Bureau is aware that 
under certain lending models as they operate today, financial 
institutions may not always be aware of whether another financial 
institution originated a credit transaction. The Bureau believes that 
information on whether there was an origination should generally be 
available, or that lending models can be adjusted to provide this 
information at low cost. For example, if an applicant applies to 
Financial Institutions A and B, and then withdraws an application with 
Financial Institution A, then Financial Institution A should be able to 
ascertain whether the applicant obtained credit from Financial 
Institution B.
    Proposed comment 109(a)(3)-1 would provide general guidance on how 
to report originations and applications involving more than one 
institution. In short, if more than one financial institution was 
involved in the origination of a covered credit transaction, the 
financial institution that made the final credit decision approving the 
application shall report the covered credit transaction as an 
origination. Proposed comment 109(a)(3)-2 would offer examples 
illustrating how a financial institution should report a particular 
application or originated covered credit transaction. Proposed comment 
109(a)(3)-3 would explain that if a covered financial institution made 
a credit decision on a covered application through the actions of an 
agent, the financial institution reports the application, and provides 
an example. State law determines whether one party is the agent of 
another. While these proposed comments assume that all of the parties 
are covered financial institutions, the same principles and examples 
would apply if any of the parties is not a covered financial 
institution.
    The Bureau seeks comment on this aspect of its proposal. In 
particular, the Bureau seeks comment with respect to proposed Sec.  
1002.109(a)(3) on whether, particularly in the case of applications 
that a financial institution is treating as withdrawn or denied, the 
financial institution can ascertain if a covered credit transaction was 
originated by another financial institution without logistical 
difficulty or significant compliance cost.
109(b) Financial Institution Identifying Information
    Beginning in 1989, Regulation C required financial institutions 
reporting HMDA data to use a discrete transmittal sheet to provide 
information on themselves separate from the loan/application registers 
used to submit HMDA data.\719\ The 2015 HMDA final rule replaced the 
transmittal sheet requirement with Regulation C Sec.  1003.5(a)(3), 
which requires that a financial institution reporting HMDA data to 
provide with its submission (i) its name; (ii) the calendar year the 
data submission covers; (iii) the name and contact information of a 
person who may be contacted with questions about the institution's 
submission; (iv) its appropriate Federal agency; (v) the total number 
of entries contained in the submission; (vi) its Federal Taxpayer 
Identification Number; and (vii) its Legal Entity Identifier 
(LEI).\720\ The Bureau and FFIEC publish information on financial 
institutions that report HMDA data in the HMDA Reporter Panel, which 
includes the required submission information, provided by financial 
institutions under Sec.  1003.5(a)(3), as well as other data derived 
from this information.\721\
---------------------------------------------------------------------------

    \719\ See 54 FR 51356, 51361 (Dec. 15, 1989) (requiring 
financial institutions to use the transmittal sheet and loan/
application register in appendix A).
    \720\ 80 FR 66128, 66526 (Oct. 28, 2015) (deleting appendix A 
and relocating its substantive requirements to Sec.  1003.5(a)(3)).
    \721\ See Fed. Fin. Insts. Examination Council, HMDA Reporter 
Panel, https://www.ffiec.gov/hmdarawdata/FORMATS/HMDAReporterPanel.pdf (last visited July 27, 2021).
---------------------------------------------------------------------------

    The Bureau is proposing to collect information regarding financial 
institutions that report 1071 data, similar to the information required

[[Page 56496]]

under Regulation C. Specifically, proposed Sec.  1002.109(b) would 
require that a financial institution provide the following information 
about itself as part of its submission: (1) Its name; (2) its 
headquarters address; (3) the name and business contact information of 
a person who may be contacted with questions about the financial 
institution's submission; (4) its Federal prudential regulator, if 
applicable; (5) its Federal Taxpayer Identification Number; (6) its 
LEI; (7) its Research, Statistics, Supervision, and Discount 
identification (RSSD ID) number, if applicable; (8) its parent 
institution information, if applicable (including the name, LEI, and 
RSSD ID number of its immediate parent entity and top-holding parent 
entity, if applicable); (9) the type of financial institution, chosen 
from a list provided; and (10) whether the financial institution is 
voluntarily reporting 1071 data.
    As discussed below, the Bureau believes it would be appropriate to 
require each of these pieces of information regarding financial 
institutions reporting 1071 data. As a practical matter, the Bureau 
expects that this information might be provided by a financial 
institution when it initially sets up an account with the Bureau's 1071 
data submission platform to allow it to file 1071 data as required by 
the rule. Thus, this information might exist in the Bureau's 1071 data 
submission system and be updated by the financial institution as 
needed.
    As described in detail below, the Bureau believes that detailed 
information on the financial institutions reporting 1071 data is 
necessary to carry out, enforce, and compile data under section 1071, 
pursuant to ECOA section 704B(f)(1) and (g)(1), and would aid in 
fulfilling the purposes of section 1071, pursuant to 704B(e)(2)(H). To 
analyze 1071 data, the Bureau and other potential users of the data 
would need information on the financial institutions that are taking 
covered applications and making covered credit transactions. Fair 
lending analysis is based on a review of the decisions financial 
institutions make on applications. Similarly, an analysis of the 
business and community development needs of a given community is based 
on understanding the volume and geography of the lending activities of 
specific financial institutions.
    With the possible exception of the LEI (in proposed Sec.  
1002.109(b)(6) and (8)(ii) and (v)) in certain circumstances, the 
Bureau believes that financial institutions already have all the 
information that would be required of them under proposed Sec.  
1002.109(b), and that being required to provide this information to the 
Bureau should not pose any particular difficulties or costs on 
financial institutions.
    The Bureau seeks comment on its approach to collecting information 
on financial institutions, including each of the items listed in 
proposed Sec.  1002.109(b)(1) through (10) as well as whether the 
Bureau should require the reporting of any other information on 
financial institutions. Additional requests for comment specific to 
certain pieces of information are included below.
Paragraph 109(b)(1)
    During the SBREFA process, in the context of discussing privacy, 
some stakeholders expressed an aversion to the collection and 
publication of information on financial institutions. Some 
stakeholders, including SERs and some larger entities, commented that 
the Bureau should not publish the names of financial institutions 
reporting 1071 data, asserting that those financial institutions would 
face reputational risks. Some stakeholders even appeared to suggest 
that the Bureau not collect the names of financial institutions at all.
    Proposed Sec.  1002.109(b)(1) would require a financial institution 
to provide its name. Regulation C (Sec.  1003.5(a)(2)(i)) requires 
financial institutions to provide their names on their transmittal 
sheets when filing HMDA data, and the Bureau believes that a similar 
requirement would be appropriate here.
    The Bureau believes that collecting a financial institution's name 
(as well as all the other identifying information in proposed Sec.  
1002.109(b)) is necessary to carry out, enforce, and compile data under 
section 1071, and would aid in fulfilling the purposes of section 1071. 
For both of section 1071's statutory purposes, the identity of the 
financial institution taking covered applications and originating 
covered credit transactions is critical. Without knowing the financial 
institution's name, fair lending enforcement would not be possible. 
Analyzing business and community development needs is much improved 
when it is possible to identify which financial institutions are 
operating in specific geographic areas.
    There are additional practical considerations. Examinations for 
compliance with section 1071 would be difficult, if not impossible, 
without the name of the financial institution associated with a 
specific small business lending application register. Further, it would 
be difficult for the Bureau to administer a website for 1071 data 
submissions without creating logins assigned to specific financial 
institutions. Finally, the Bureau is proposing in Sec.  1002.110(c) 
that financial institutions' statutory obligation to make 1071 data 
available to any member of the public, upon request, pursuant to ECOA 
section 704B(f)(2)(B) would be satisfied by the institutions' directing 
the public to the Bureau's website for this information. Without the 
financial institution's name (and other relevant identifying 
information), proposed Sec.  1002.110(c) would not satisfy this 
statutory requirement.
Paragraph 109(b)(2)
    Proposed Sec.  1002.109(b)(2) would require a financial institution 
to provide the physical address of its headquarters location. The 
headquarters address of a financial institution would provide 
geographic information that would aid in fulfilling the statutory 
purposes of section 1071, including, for instance, analyses of the 
connection between a financial institution's location and the business 
and community development needs where it operates. It will also help 
identify and differentiate financial institutions, particularly 
nondepository financial institutions, that have similar names.
Paragraph 109(b)(3)
    Proposed Sec.  1002.109(b)(3) would require a financial institution 
to provide the name and business contact information of a person who 
may be contacted with questions about the financial institution's 1071 
data submission. Regulation C includes a similar requirement in Sec.  
1003.5(a)(3)(iii), and the Bureau believes it would be appropriate to 
require such information here. In general, the Bureau has found, from 
its experience with HMDA and Regulation C, that requiring the name and 
business contact information of a person who may be contacted with 
questions generally facilitates communication in the event that follow-
up on a submission is required.
Paragraph 109(b)(4)
    Proposed Sec.  1002.109(b)(4) would require a financial institution 
that is a depository institution to provide the name of its Federal 
prudential regulator, if applicable. Proposed comment 109(b)(4)-1 would 
explain how to determine which Federal prudential regulator (i.e., the 
OCC, the FDIC, the Board, or the NCUA) a financial institution should 
report. Proposed comment 109(b)(4)-2 would provide guidance on when a 
financial institution must report a new Federal prudential regulator, 
for instance, in the event of a merger or a change of charter.

[[Page 56497]]

    Regulation C includes a similar provision in Sec.  
1003.5(a)(3)(iv), requiring financial institutions to identify the 
appropriate Federal agency. In the Regulation C context, the purpose of 
this requirement is to identify the agency to which a financial 
institution must report its HMDA data--often the financial 
institution's Federal prudential regulator for depository institutions, 
and other agencies for nondepository institutions.\722\ Here, the 
Bureau believes a requirement to report a financial institution's 
Federal prudential regulator would be appropriate for different 
reasons. The reporting of a financial institution's Federal prudential 
regulator may enable analysts to more easily identify other information 
about a financial institution that its Federal prudential regulator may 
make publicly available, such as Call Report data; further, such 
additional data may be used to perform analyses of the characteristics 
of financial institution's 1071 data by regulator. Nondepository 
institutions generally do not have Federal prudential regulators and 
would not report one under this proposed requirement.
---------------------------------------------------------------------------

    \722\ 12 U.S.C. 2803(h).
---------------------------------------------------------------------------

Paragraph 109(b)(5)
    Proposed Sec.  1002.109(b)(5) would require a financial institution 
to provide its Federal Taxpayer Identification Number (TIN). Proposed 
comment 109(b)(5)-1 would explain when a financial institution should 
report a new Federal TIN in the event that it obtains a new Federal TIN 
(for instance, because the financial institution merges with another 
financial institution and adopts the Federal TIN of the other financial 
institution).
    Regulation C Sec.  1003.5(a)(3)(iv) requires financial institutions 
to report Federal TIN with their HMDA submissions, and the Bureau 
believes such a requirement would be appropriate here as well. A 
financial institution's Federal TIN may be used to identify other 
publicly available information on a financial institution, and combine 
that data with a financial institution's 1071 register to enhance the 
types of analysis that can be conducted to further the two statutory 
purposes of section 1071.
Paragraph 109(b)(6)
    Proposed Sec.  1002.109(b)(6) would require a financial institution 
to provide its LEI. Proposed comment 109(b)(6)-1 would explain what an 
LEI is and would make clear that financial institutions that do not 
currently have an LEI must obtain one, and that financial institutions 
have an ongoing obligation to maintain an LEI in order to satisfy 
proposed Sec.  1002.109(b)(6).
    An LEI is a unique, 20-digit identifier issued by an entity 
endorsed or otherwise governed by the Global LEI Foundation. Regulation 
C requires financial institutions to obtain and use an LEI, which 
facilitates the analysis of HMDA data and aids in the recognition of 
patterns by more precisely identifying financial institutions and 
affiliated companies.\723\ The LEI also helps financial institutions 
that report HMDA data generate the universal loan identifier used to 
identify application or application-level records in Regulation C. 
Similarly, in the 1071 context, a financial institution's LEI would 
also likely facilitate analyses of 1071 data,\724\ by helping the 
Bureau and other stakeholders better understand a financial 
institution's corporate structure. The Bureau would also require, in 
proposed Sec.  1002.107(a)(1), financial institutions to use their LEIs 
to create unique identifiers for covered applications. The Bureau 
believes this, in turn, would result in more sophisticated and useful 
analyses of the financial institution's 1071 data.
---------------------------------------------------------------------------

    \723\ 80 FR 66128, 66248 (Oct. 28, 2015) (noting that, despite 
the cost, the Bureau believed that the benefit of all HMDA reporters 
using an LEI justified the associated costs by improving the ability 
to identify financial institution reporting the data and link it to 
its corporate family).
    \724\ Id. (``By facilitating identification, this requirement 
will help data users achieve HMDA's objectives of identifying 
whether financial institutions are serving the housing needs of 
their communities, as well as identifying possible discriminatory 
lending patterns.'').
---------------------------------------------------------------------------

Paragraph 109(b)(7)
    Proposed Sec.  1002.109(b)(7) would require a financial institution 
to report its RSSD ID number, if applicable. An RSSD ID is a unique 
identifying number assigned to institutions, including main offices and 
branches, by the Federal Reserve System. All depository institutions 
know and regularly report their RSSD ID numbers on FFIEC regulatory 
forms. RSSD ID would help users of the 1071 data to link the data for a 
particular financial institution to other regulatory data, including 
the connections between a particular financial institution with others. 
The Bureau believes that this additional information would result in 
more sophisticated and useful analyses of the financial institution's 
1071 data.
    Proposed comment 109(b)(7)-1 would explain what a RSSD ID number is 
and how financial institutions that have one might find it. Financial 
institutions that do not have RSSD IDs, typically nondepository 
institutions, would not be required to obtain them, and would report 
``not applicable'' in that field.
Paragraph 109(b)(8)
    Proposed Sec.  1002.109(b)(8) would require a financial institution 
to provide certain information on its parent entities, if applicable. 
This information would include the name, the LEI (if available), and 
the RSSD ID (if available) of the financial institution's immediate 
parent entity and the financial institution's top-holding parent 
entity.
    Proposed comments 109(b)(8)-1 and -2 would provide guidance on how 
to identify a financial institution's immediate parent entity and a 
financial institution's top-holding parent entity. Proposed comment 
109(b)(8)-3 would explain that a financial institution would report its 
parent entities' LEIs if they have them, but that no parent entity 
would be required to obtain an LEI if it did not already have one. 
Proposed comment 109(b)(8)-4 would likewise explain that a financial 
institution would report its parent entities' RSSD ID numbers if they 
had them.
    The Bureau believes that the collection of information on a 
financial institution's structure would further both of the statutory 
purposes of section 1071. Data on a financial institution's 
organizational structure that is self-reported would be more accurate 
than generating such information from publicly available sources.\725\
---------------------------------------------------------------------------

    \725\ Currently, the Bureau, on behalf of the FFIEC and HUD, 
generates and publishes information on filers including parent 
company and top holder information. See Fed. Fin. Insts. Examination 
Council, Public Panel--Data Fields with Values and Definitions, 
https://ffiec.cfpb.gov/documentation/2021/panel-data-fields/ (last 
visited July 27, 2021).
    From 1989 to 1998, Regulation C required financial institutions 
to report their parent entity information on transmittal sheets. 54 
FR 51356, 51361, 51368 (Dec. 15, 1989) (adding the transmittal sheet 
requirement, including parent institution information, to appendix A 
to Regulation C); 63 FR 52140, 52141 (Sept. 30, 1998) (stating that 
the Board believed that the availability of information from the 
FFIEC website makes the continuation of the requirement for parent 
company information on the transmittal sheet unnecessary). In 2002, 
Regulation C again required financial institutions to report parent 
information on transmittal sheets on the grounds that data users 
asserted the importance of having the parent institution information 
associated with the HMDA data itself, rather than in a separate 
database provided by the National Information Center. 67 FR 7221, 
7232 (Feb. 15, 2002).
    In the 2014 HMDA NPRM, the Bureau proposed to continue requiring 
that financial institutions identify their parent companies. The 
Bureau stated that because information about parent companies was 
not yet available through the LEI, the Bureau believed it was 
necessary to maintain this requirement to ensure that financial 
institutions' submissions can be linked with those of their 
corporate parents. 79 FR 51731, 51861 (Aug. 29, 2014). However, 
required reporting of parent company information stopped under the 
2015 HMDA final rule on the grounds that once the LEI is fully 
implemented, parent entity information was expected to become 
available. 80 FR 66128, 66248 (Oct. 28, 2015) (citing Fin. Stability 
Bd., LEI Implementation Grp., Fourth Progress Notes on the Global 
LEI Initiative, at 4 (Dec. 11, 2012), http://www.financialstabilityboard.org/wp-content/uploads/r_121211.pdf?page_moved=1)(noting that the LEI Implementation Group 
is developing proposals for additional reference data on the direct 
and ultimate parent(s) of legal entities and on relationship data 
more generally). However, the Bureau has subsequently encountered 
difficulties using LEI to obtain parent company information, and 
thus is proposing here to require that it be provided directly by 
financial institutions.

---------------------------------------------------------------------------

[[Page 56498]]

    Better structural information would, for instance, improve the 
accuracy of peer analyses, which would facilitate fair lending 
enforcement. Further analyzing trends over time would be useful for 
identifying institutions that may give rise to fair lending risk. Given 
structural changes to institutions over time, information that enables 
the identification of institutions consistently and accurately over 
time is important to this trend analysis.
    In addition, the Bureau believes that information on a financial 
institution's structure would advance the business and community 
development purpose of section 1071 by facilitating the analysis of 
whether and how corporate structure impacts how a financial institution 
provides access to credit to small businesses. In particular, this 
structural information could be used to understand how regulation in 
one part of a corporate structure impacts unregulated entities within 
the same corporate group.
    Proposed Sec.  1002.109(b)(8) would result in more accurate and 
comprehensive corporate structure information by requiring financial 
institutions to provide not only the name of one parent entity, but the 
immediate parent entity of the financial institution as well as the 
top-holding parent of the financial institution (for some financial 
institutions, this would be a bank holding company). For the reasons 
set out in the section-by-section analyses of proposed Sec.  
1002.109(b)(6) and (7), the reporting of LEI and RSSD ID of parent 
entities would improve the ability of regulators and other stakeholders 
to map out more precisely and fully the often complex networks of a 
financial institution's corporate structure. This more detailed and 
accurate structural data, in turn, may be used to perform more 
sophisticated and useful analyses of the financial institution's 1071 
data. In addition, this information will help the Bureau confirm 
whether data are appropriately being reported by financial institutions 
on behalf of their subsidiaries pursuant to proposed Sec.  
1002.109(a)(2).
    With respect to proposed Sec.  1002.109(b)(8), the Bureau seeks 
comment on whether it should require any other parent entity 
information to be provided by financial institutions reporting 1071 
data.
Paragraph 109(b)(9)
    Proposed Sec.  1002.109(b)(9) would require a financial institution 
to report the type of financial institution it is, selecting the 
applicable type or types of institution from a list in proposed comment 
109(b)(9)-1. The comment would also explain that a financial 
institution shall select all applicable types. The list provided in the 
proposed comment includes: (i) Bank or savings association, (ii) 
minority depository institution, (iii) credit union, (iv) nondepository 
institution, (v) CDFI, (vi) other nonprofit financial institution, 
(vii) Farm Credit System institution, (viii) government lender, (ix) 
commercial finance company, (x) equipment finance company, (xi) 
industrial loan company, (xii) fintech, and (xiii) other. Proposed 
comment 109(b)(9)-2 would explain that a financial institution reports 
the type of financial institution as ``other'' where none of the 
enumerated types of financial institution appropriately describe the 
applicable type of financial institution, and the institution reports 
the type of financial institution as free-form text.
    The Bureau believes that information regarding the type of 
financial institution reporting 1071 data would greatly assist in the 
analysis conducted by the Bureau and other users of 1071 data. 
Information providing further details on types of financial 
institutions would help advance the statutory purposes of section 1071; 
fair lending analysts might use this information on the financial 
institution type (for instance, depository institution compared to 
nondepository institutions) as a control variable for their analyses. 
The inclusion of this information may also assist in an assessment of 
the business and community development needs of an area as it may 
provide analysts a means of determining what types of financial 
institutions serve certain geographic areas.
    In addition, the Bureau believes that this information, combined 
with the parent entity information required by proposed Sec.  
1002.109(b)(8), would offer more accurate and granular data on 
nondepository institutions within the same corporate group as 
depository institutions. Currently, the National Information Center 
database, which contains information on the structure of corporate 
groups that contain banks and other financial institutions, provides 
little information on nondepository institutions. As set out in the 
section-by-section analysis of proposed Sec.  1002.109(b)(8) above, 
information on corporate structure that financial institutions self-
report could fill in reporting gaps, including more specific 
information on financial institution types.
    With respect to proposed Sec.  1002.109(b)(9), the Bureau seeks 
comment on whether it should consider removing, modifying, or adding 
any types of financial institutions to the list in proposed comment 
109(b)(9)-1, including in order to manage unique privacy interests 
(such as, for example, whether a category for captive finance companies 
that lend to applicants that share the same branding should be included 
on the list). The Bureau further seeks comment on whether it should 
consider defining any of the types of financial institutions in the 
proposed list, in particular whether and how to define the term 
``fintech.''
Paragraph 109(b)(10)
    Proposed Sec.  1002.109(b)(10) would require a financial 
institution to indicate whether it is not a covered financial 
institution under proposed Sec.  1002.105(a) and is thus voluntarily 
reporting covered applications.
    The Bureau believes it is important to be able to specifically 
identify these institutions' transactions in the data set. If reporting 
were restricted to only financial institutions required to report, the 
1071 data would accurately reflect the overall population of financial 
institutions subject to 1071. However, institutions that do not meet 
the rule's loan-volume thresholds in proposed Sec.  1002.105(b) may 
choose to voluntarily report 1071 data pursuant to proposed Sec.  
1002.5(a)(4)(vii) through (ix). Those institutions that voluntarily 
report data may not be representative of all potential voluntary 
reporters and may differ from required reporters. Without a specific 
designation, it may not be possible to distinguish an institution 
voluntarily reporting data after a single year of exceeding the loan-
volume threshold from an institution reporting because it has already 
exceeded the loan-volume threshold in two consecutive years. The Bureau 
believes that users of 1071 data would benefit from being able to use 
this information as a control variable, resulting in better fair 
lending as well as business and community development analyses, to 
account for certain differences that may exist as between required and 
voluntary reporters.

[[Page 56499]]

109(c) Procedures for the Submission of Data to the Bureau
    ECOA section 704B(g)(1) authorizes the Bureau to prescribe rules 
and issue such guidance as may be necessary to carry out, enforce, and 
compile data pursuant to section 1071. Section 704B(g)(3) provides for 
the Bureau to issue guidance to facilitate compliance with the 
requirements of section 1071.
    The SBREFA Panel recommended that the Bureau seek comment on the 
recordkeeping and reporting issues addressed in the SBREFA 
Outline,\726\ including how best to implement them in a manner that 
minimizes cost and burden to small financial institutions. The Panel 
also recommended that the Bureau explore ways to streamline reporting 
for small financial institutions.
---------------------------------------------------------------------------

    \726\ SBREFA Panel Report at 47.
---------------------------------------------------------------------------

    Proposed Sec.  1002.109(c) would direct financial institutions to a 
publicly available website containing the Bureau's Filing Instructions 
Guide, which would set out technical instructions for the submission of 
data to the Bureau pursuant to proposed Sec.  1002.109. Regulation C 
Sec.  1003.5(a)(5) contains a comparable provision, which directs users 
to a Bureau website that sets out instructions for the submission of 
HMDA data, and the Bureau believes a similar approach would be 
appropriate here.
    The Bureau intends to develop a system to receive, process, and 
publish the data collected pursuant to section 1071 and proposed 
subpart B. In doing so, the Bureau will benefit from what it learned in 
its multiyear effort in developing the HMDA Platform, through which 
entities file data as required under HMDA and Regulation C. The HMDA 
Platform satisfies regulatory requirements with an entirely web-based, 
open source system,\727\ using a container-based microservices approach 
\728\ and modern cloud architectures. It was designed to be 
continuously improved to incorporate evolving technologies and better 
serve HMDA data users.\729\ Publication of the HMDA data is designed to 
meet user needs and includes, for example, a Data Browser to filter and 
download datasets and explore the data using an interactive map. As it 
did in developing the HMDA Platform, the Bureau's work in developing 
the section 1071 data submission system will focus on satisfying all 
legal requirements, promoting data accuracy, and reducing burden. Also 
as with HMDA, the Bureau anticipates providing a Filing Instructions 
Guide and related materials for financial institutions.
---------------------------------------------------------------------------

    \727\ See GitHub, CFPB/HMDA Platform, https://github.com/cfpb/hmda-platform (last visited July 22, 2021).
    \728\ See DockerHub, HMDA, https://hub.docker.com/u/hmda (last 
visited July 22, 2021).
    \729\ On March 22-26, 2021, the Bureau hosted a HMDA Virtual 
Tech Sprint to explore other potential innovations related to HMDA 
data submission and publication. See https://www.consumerfinance.gov/rules-policy/innovation/cfpb-tech-sprints/home-mortgage-disclosure-act-tech-sprint/.
---------------------------------------------------------------------------

    The Bureau seeks comment on this aspect of the proposal, including 
the provision of technical instructions for data submission via a 
Bureau website and how best to implement the provisions of this section 
in a manner that minimizes cost and burden particularly to small 
financial institutions while implementing all statutory obligations. 
The Bureau also seeks comment on ways it could streamline reporting for 
small financial institutions.
Other Reporting Issues
    Regulation C Sec.  1003.5(a)(1)(i) provides that a financial 
institution shall submit its annual loan/application register in 
electronic format to the appropriate Federal agency. Regulation C does 
not provide for the submission of HMDA data by unaffiliated third 
parties directly on behalf of financial institutions in the way that a 
parent institution may submit HMDA data on behalf of its subsidiary 
under Sec.  1003.5(a)(2) and comment 5(a)-3. The Bureau understands 
from financial institutions that report HMDA data to the Bureau that 
most institutions use third party software vendors in some way to help 
them prepare or submit their loan/application registers to the Bureau.
    The Bureau seeks comment on whether it should permit third parties 
(such as financial software vendors) to submit to the Bureau a small 
business lending application register on behalf of a financial 
institution, including whether financial institutions should be 
required to designate third parties authorized to submit registers on 
their behalf.
Section 1002.110 Publication of Data
    Proposed Sec.  1002.110 would address several issues surrounding 
publication of section 1071 data. First, proposed Sec.  1002.110(a) 
would address annual publication of application-level data on the 
Bureau's website, subject to deletions or modifications based on the 
Bureau's consideration of privacy interests. Second, proposed Sec.  
1002.110(b) would state that the Bureau may, at its discretion, compile 
and aggregate data submitted by financial institutions and may publish 
such compilations or aggregations as the Bureau deems appropriate. 
Third, proposed Sec.  1002.110(c) would require a covered financial 
institution to publish on its website a statement that its 1071 data, 
as modified by the Bureau, are or will be available on the Bureau's 
website. Finally, proposed Sec.  1002.110(d) would provide when a 
covered financial institution shall make the notice required by 
proposed Sec.  1002.110(c) available to the public and how long it 
shall maintain the notice on its website.
    The Bureau is proposing Sec.  1002.110 to implement ECOA section 
704B(f)(2)(B) and (C), which require the Bureau to adopt regulations 
addressing the form and manner that 1071 data are made available to the 
public, and pursuant to its authority under 704B(g)(1) to prescribe 
such rules and issue such guidance as may be necessary to carry out, 
enforce, and compile data pursuant to section 1071. The Bureau is also 
proposing Sec.  1002.110(b) pursuant to 704B(f)(3), which permits the 
Bureau, at its discretion, to compile and aggregate 1071 data, and to 
publish such aggregate data.
110(a) Publication of Small Business Lending Application Registers and 
Associated Financial Institution Information
    ECOA section 704B(f)(2)(C) requires that the Bureau annually make 
the 1071 data it receives from financial institutions available to the 
public in a such form and in such manner as the Bureau determines by 
regulation. The Bureau addressed this issue in the SBREFA Outline as 
part of its discussion regarding privacy considerations; \730\ SER and 
other stakeholder comments regarding privacy issues are addressed in 
part VI below. Proposed Sec.  1002.110(a) would state that the Bureau 
shall make available to the public generally the data reported to it by 
financial institutions pursuant to proposed Sec.  1002.109, subject to 
deletions or modifications made by the Bureau, at its discretion, if 
the Bureau determines that the deletion or modification of the data 
would advance a privacy interest. (The Bureau is proposing to make such 
determinations using a balancing test, as discussed in detail in part 
VI below.) The Bureau shall make such data available on an annual 
basis, by publishing it on the Bureau's website.
---------------------------------------------------------------------------

    \730\ SBREFA Outline at 40-41.
---------------------------------------------------------------------------

    The Bureau seeks comment on its proposed approach to implementing 
ECOA section 704B(f)(2)(C).

[[Page 56500]]

110(b) Publication of Aggregate Data
    ECOA section 704B(f)(3) provides that the Bureau may, at its 
discretion ``compile and aggregate data collected under this section 
for its own use'' and ``make public such compilations of aggregate 
data.'' The Bureau did not address this issue at SBREFA.
    Proposed Sec.  1002.110(b) would state that the Bureau may, at its 
discretion, compile and aggregate data submitted by financial 
institutions pursuant to proposed Sec.  1002.109, and make any 
compilations or aggregations of such data publicly available as the 
Bureau deems appropriate. The Bureau believes that publication of 
certain such compilations and aggregations may provide useful data to 
the public to supplement the Bureau's publication of application-level 
data pursuant to proposed Sec.  1002.110(a). This is especially true of 
application-level data fields that the Bureau may choose, using its 
proposed balancing test (described in parts VI.C.1 and .2 below) to 
modify or delete before publication pursuant to proposed Sec.  
1002.110(a).
    The Bureau seeks comment on this aspect of its proposal.
110(c) Statement of Financial Institution's Small Business Lending Data 
Available on the Bureau's Website and 110(d) Availability of Statements
Background
    ECOA section 704B(f)(2)(B) requires that the data compiled and 
maintained by financial institutions shall be ``made available to any 
member of the public, upon request, in the form required under 
regulations prescribed by the Bureau.''
SBREFA Proposal Under Consideration and Feedback Received
    The Bureau stated in the SBREFA Outline that it was considering 
proposing an approach in which financial institutions could satisfy 
this requirement by referring the public to the Bureau's website where 
1071 data would be available.\731\ Under this approach, the 1071 data 
would be available with any modifications or deletions required based 
on the Bureau's application of the balancing test described in part VI 
below. The Bureau also stated that it considered requiring financial 
institutions to make their own data available to the public directly, 
upon request. However, the Bureau was concerned that this approach 
could involve greater burden for financial institutions, lead to 
privacy risks resulting from errors by individual financial 
institutions implementing any modifications or deletions required by 
the Bureau, and be less efficient overall.
---------------------------------------------------------------------------

    \731\ Id. at 41-42.
---------------------------------------------------------------------------

    One SER and several industry stakeholders expressed strong support 
for the Bureau's proposal under consideration that the public be 
directed to access 1071 data via the Bureau's website, rather than 
requiring financial institutions to provide the data themselves upon 
request.\732\ These stakeholders expressed concern that a requirement 
that financial institutions themselves provide 1071 data to the public 
upon request would be burdensome, adding complexity to the process, 
making errors more likely, and giving rise to data privacy risks. One 
community group asserted that the Bureau should require financial 
institutions to provide 1071 data within 30 days of a request from the 
public and, absent this, that the Bureau should make application-level 
1071 data available to the public quarterly rather than annually.
---------------------------------------------------------------------------

    \732\ SBREFA Panel Report at 34.
---------------------------------------------------------------------------

    The SBREFA Panel recommended, regarding this issue as well as other 
recordkeeping and reporting issues addressed in the SBREFA Outline, 
that the Bureau seek comment on these aspects of a 1071 rule, and how 
best to implement them in a manner that minimizes cost and burden to 
small financial institutions.\733\
---------------------------------------------------------------------------

    \733\ Id. at 47.
---------------------------------------------------------------------------

Proposed Rule
    Proposed Sec.  1002.110(c) would require that a covered financial 
institution make available to the public on its website, or otherwise 
upon request, a statement that the covered financial institution's 
small business lending application register, as modified by the Bureau 
pursuant to proposed Sec.  1002.110(a), is or will be available on the 
Bureau's website. The Bureau is proposing this approach, which is 
consistent with its approach under consideration at SBREFA, for the 
reasons discussed above, including that this approach would reduce 
potential burdens on financial institutions associated with publishing 
modified data, would reduce privacy risks resulting from errors by 
individual financial institutions implementing any modifications or 
deletions required by the Bureau, and would be more efficient overall. 
Regulation C (Sec.  1003.5(c)(1)) implements a similar statutory 
requirement regarding the form of data reporting and requires financial 
institutions to direct any public requests for HMDA data they receive 
to the Bureau; \734\ the Bureau believes that a similar provision would 
be appropriate here to maintain continuity across reporting regimes, 
and because the Bureau believes that this provision would help ensure 
consistent implementation of any modification or deletion decisions 
that the Bureau determines would advance a privacy interest.
---------------------------------------------------------------------------

    \734\ 12 U.S.C. 2803(j)(1).
---------------------------------------------------------------------------

    Proposed Sec.  1002.110(c) would also state that a financial 
institution shall use language provided by the Bureau, or substantially 
similar language, to satisfy this requirement to provide a statement. 
Proposed comment 110(c)-1 would provide model language that financial 
institutions can use to comply with proposed Sec.  1002.110(c). 
Proposed comment 110(c)-2 would provide guidance to financial 
institutions that do not have websites.
    Proposed Sec.  1002.110(d) would provide that a covered financial 
institution shall make the notice required by proposed Sec.  
1002.110(c) available to the public on its website when it submits a 
small business lending application register to the Bureau pursuant to 
proposed Sec.  1002.110(a), and shall maintain the notice for as long 
as it has an obligation to retain its small business lending 
application registers pursuant to proposed Sec.  1002.111(a).
    The Bureau seeks comment on its proposed approach to implementing 
ECOA section 704B(f)(3), including how best to implement proposed Sec.  
1002.110(c) and (d) in a manner that minimizes cost and burden 
particularly on small financial institutions while implementing all 
statutory obligations.
Section 1002.111 Recordkeeping
    Proposed Sec.  1002.111 would address several aspects of the 
recordkeeping requirements for 1071 data. First, proposed Sec.  
1002.111(a) would require a covered financial institution to retain 
evidence of its compliance with this section, which includes a copy of 
its small business lending application register, for at least three 
years after submitting the register pursuant to proposed Sec.  
1002.109. Second, proposed Sec.  1002.111(b) would require a financial 
institution to maintain, separately from the rest of the application 
and accompanying information, an applicant's responses to a financial 
institution's inquiries required by ECOA section 704B(b)(1) (i.e., 
whether the applicant is a minority-owned business or a women-owned 
business, and regarding the ethnicity, race, and sex of the applicant's 
principal owners). Finally, proposed Sec.  1002.111(c) would require 
that, in compiling and maintaining any records under

[[Page 56501]]

proposed Sec. Sec.  1002.107 and 1002.111(b), or reporting data 
pursuant to proposed Sec.  1002.109, a financial institution shall not 
include personally identifiable information concerning any individual 
who is, or is connected with, an applicant.
    The Bureau is proposing Sec.  1002.111 to implement ECOA section 
704B(f)(2)(A), which requires financial institutions to compile and 
maintain 1071 data for at least three years; 704B(b)(2), which requires 
financial institutions to maintain a record of the responses to the 
inquiry required by 704B(b)(1), separate from the application and 
accompanying information; and 704B(e)(3), which provides that in 
compiling and maintaining 1071 data, a financial institution may not 
include personally identifiable information concerning an individual 
who is, or is connected with, an applicant. The Bureau is also 
proposing Sec.  1002.111 pursuant to its authority under 704B(g)(1) to 
prescribe such rules and issue such guidance as may be necessary to 
carry out, enforce, and compile data pursuant to section 1071.
111(a) Record Retention
    ECOA section 704B(f)(2)(A) requires that information compiled and 
maintained under section 1071 be retained for not less than three years 
after the date of preparation. In the SBREFA Outline, the Bureau stated 
that it was considering proposing that a financial institution retain 
its 1071 data for at least three years after they are submitted to the 
Bureau.\735\ The Bureau received little feedback on this issue; a few 
stakeholders opined that the three-year retention period was 
acceptable.
---------------------------------------------------------------------------

    \735\ SBREFA Outline at 39.
---------------------------------------------------------------------------

    The SBREFA Panel recommended, regarding this issue as well as other 
recordkeeping and reporting issues addressed in the SBREFA Outline, 
that the Bureau seek comment on these aspects of a 1071 rule, and how 
best to implement them in a manner that minimizes cost and burden to 
small financial institutions.\736\
---------------------------------------------------------------------------

    \736\ SBREFA Panel Report at 47.
---------------------------------------------------------------------------

    Proposed Sec.  1002.111(a) would require that a financial 
institution retain a copy of its small business lending application 
register for three years after the register is submitted to the Bureau 
pursuant to proposed Sec.  1002.109. This proposed approach is 
consistent with the approach that the Bureau considered proposing at 
SBREFA. By way of comparison, under Regulation C, financial 
institutions must retain the loan/application registers that they 
submit to the Bureau for three years.\737\ This reflects the 
requirement in HMDA itself that a LAR be retained for three years after 
it is made available.\738\
---------------------------------------------------------------------------

    \737\ Regulation C Sec.  1003.5(a)(1).
    \738\ 12 U.S.C. 2803(j)(6).
---------------------------------------------------------------------------

    Proposed comment 111(a)-1 would provide examples of what evidence 
of compliance with the proposed provision is likely to include. 
Proposed comment 111(a)-2 would require that a creditor that is 
voluntarily, under Sec.  1002.5(a)(4)(vii) and (viii), collecting 
information pursuant to subpart B but is not required to report that 
data to the Bureau, complies with proposed Sec.  1002.111(a) by 
retaining evidence of compliance with subpart B for at least three 
years after June 1 of the year following the year that data was 
collected.
    The Bureau seeks comment on its proposed approach to implementing 
ECOA section 704B(f)(2)(A), including how best to implement proposed 
Sec.  1002.111(a) in a manner that minimizes cost and burden 
particularly on small financial institutions while implementing all 
statutory obligations.
111(b) Certain Information Kept Separate From the Rest of the 
Application
    ECOA section 704B(b)(2) requires financial institutions to maintain 
a record of the ``responses to [the] inquiry'' required by 704B(b)(1) 
separate from the application and accompanying information. As 
discussed below and consistent with the approach set forth in E.2 of 
the Overview to this part V, the Bureau proposes to interpret the term 
``responses to such inquiry'' in 704B(b)(2) to be the applicant's 
responses to inquiries regarding protected demographic information--
that is, whether the applicant is a minority-owned business or a women-
owned business, and the ethnicity, race, and sex of the applicant's 
principal owners.
    In the SBREFA Outline, the Bureau discussed this statutory 
provision but did not present a proposal under consideration to address 
it. Some SERs quoted this statutory language in written feedback, but 
none provided feedback on the particular issue of keeping certain 
information separate from the rest of the application. One trade 
association stakeholder noted that, under HMDA and Regulation C, banks 
are permitted to inquire about and collect required data points (which 
include information such as the ethnicity, race, and sex of applicants' 
principal owners) on and with the application. This stakeholder urged 
the Bureau to permit the same for 1071, and further requested a safe 
harbor for a bank that inquires and collects required data points on or 
with an application.
    The SBREFA Panel recommended, regarding this issue as well as other 
recordkeeping and reporting issues addressed in the SBREFA Outline, 
that the Bureau seek comment on this aspect of a 1071 rule, and how 
best to implement it in a manner that minimizes cost and burden to 
small financial institutions.\739\
---------------------------------------------------------------------------

    \739\ SBREFA Panel Report at 47-48.
---------------------------------------------------------------------------

    Proposed Sec.  1002.111(b) would state that a financial institution 
shall maintain, separately from the rest of the application and 
accompanying information, an applicant's responses to the financial 
institution's inquiries to collect data pursuant to proposed subpart B 
regarding whether an applicant for a covered credit transaction is a 
minority-owned business under proposed Sec.  1002.107(a)(18) or a 
women-owned business under proposed Sec.  1002.107(a)(19), and 
regarding the ethnicity, race, and sex of the applicant's principal 
owners under proposed Sec.  1002.107(a)(20).
    Proposed comment 111(b)-1 would explain that a financial 
institution may satisfy this requirement by keeping an applicant's 
responses to the financial institution's request pursuant to proposed 
Sec.  1002.107(a)(18) through (20) in a file or document that is 
discrete or distinct from the application and its accompanying 
information. For example, such information could be collected on a 
piece of paper that is separate from the rest of the application form. 
In order to satisfy the requirement in proposed Sec.  1002.111(b), an 
applicant's responses to the financial institution's request pursuant 
to proposed Sec.  1002.107(a)(18) through (20) need not be maintained 
in a separate electronic system, nor need they be removed from the 
physical files containing the application. However, the financial 
institution may nonetheless need to keep this information in a 
different electronic or physical file in order to satisfy the 
requirements of proposed Sec.  1002.108.
    As discussed in detail above in E.2 in the Overview of this part V, 
the Bureau believes the best reading of the statutory provisions that 
mention the inquiry made under ECOA section 704B(b)(1)--in 704B(b)(2) 
as well as in 704B(c) regarding the right to refuse and 704B(d) 
regarding the firewall--is that they refer to applicants' responses to 
the inquiries regarding minority-owned and women-owned business status 
in proposed

[[Page 56502]]

Sec.  1002.107(a)(18) and (19), and regarding the ethnicity, race, and 
sex of applicants' principal owners in proposed Sec.  1002.107(a)(20). 
Each of these three data points require financial institutions to 
request demographic information that has no bearing on the 
creditworthiness of the applicant. Moreover, a financial institution 
could not inquire about this demographic information absent section 
1071's mandate to collect and report the information, and ECOA 
prohibits a financial institution from discriminating against an 
applicant on the basis of the information. The Bureau accordingly 
believes that the best effectuation of congressional intent is to apply 
section 1071's special-protection provisions to apply to this 
demographic information, regardless of whether the statutory authority 
to collect it originates in 704B(b)(1) (women-owned business status and 
minority-owned business status) or 704B(e)(2)(G) (race, sex, and 
ethnicity of principal owners). The Bureau similarly believes that 
Congress did not intend these special protections to apply to any of 
the other applicant-provided data points proposed in Sec.  1002.107(a), 
which the financial institution is permitted to request regardless of 
coverage under section 1071, which are not the subject of Federal 
antidiscrimination law, and many of which financial institutions 
currently use for underwriting purposes.
    With respect to the stakeholder's request that the section 1071 
rule mirror HMDA's approach to collection of ethnicity, race, and sex 
data, the Bureau notes that there is no requirement in HMDA that is 
comparable to ECOA section 704B(b)(2)'s requirement that certain 
information be kept separate from the application and accompanying 
information; Regulation C thus anticipates that the demographic 
information required under HMDA can be collected as part of the 
application.\740\ The Bureau recognizes from stakeholder comments 
identified in the section-by-section analysis of proposed Sec.  
1002.107(c)(1) above that there may be potential difficulties in 
satisfying the proposed requirements regarding the time and manner of 
collecting applicant-provided data while not being able to ask for that 
information on the application itself. Proposed comment 111(b)-1 is 
intended to clarify, and facilitate compliance with, the statutory 
directive that financial institutions must keep certain information 
separate from the credit application.
---------------------------------------------------------------------------

    \740\ See 80 FR 66128, 66192-93 (Oct. 28, 2015).
---------------------------------------------------------------------------

    The Bureau seeks comment on its proposed approach to implementing 
ECOA section 704B(b)(2), including how best to implement proposed Sec.  
1002.111(b) in a manner that minimizes cost and burden, particularly on 
small financial institutions, while implementing all statutory 
obligations. The Bureau also seeks comment on whether, for financial 
institutions that determine that underwriters or other persons should 
have access to applicants' demographic information pursuant to proposed 
Sec.  1002.108(b), it should likewise waive the requirement in proposed 
Sec.  1002.111(b) to keep that information separate from the 
application and accompanying information.
111(c) Limitation on Personally Identifiable Information Retained Under 
This Section
Background
    ECOA section 704B(e)(3) provides that in compiling and maintaining 
any record of information under section 1071, a financial institution 
may not include in such record the name, specific address (other than 
the census tract), telephone number, electronic mail address, or any 
other personally identifiable information (PII) concerning any 
individual who is, or is connected with, an applicant.
SBREFA Proposal Under Consideration and Feedback Received
    In the SBREFA Outline, the Bureau stated it was considering 
proposing a prohibition on including certain PII about any individuals 
associated with small business applicants in the small business lending 
application register a financial institution is required to compile, 
maintain, and report to the Bureau (other than the information 
specifically required to be collected and reported pursuant to section 
1071, such as the ethnicity, race, and sex of principal owners). The 
Bureau also stated that this prohibition would not apply to PII 
collected by financial institutions outside of their specific 1071 data 
records.\741\
---------------------------------------------------------------------------

    \741\ SBREFA Outline at 39.
---------------------------------------------------------------------------

    SERs and other stakeholders offered limited feedback on this 
issue.\742\ One SER requested clarification on this statutory 
provision, specifically asking whether financial institutions were 
permitted to keep PII in their own loan-level records. A trade 
association supported a ban on including PII in the 1071 data. Another 
stated that the Bureau should issue a clarifying provision for 
excluding PII in compiling and maintaining any record of information 
from the different stages in the process (e.g., bank systems, 
regulatory submission file). Two community group stakeholders supported 
a prohibition on including personally identifiable information in 1071 
data to reduce potential privacy concerns surrounding release of 1071 
data.
---------------------------------------------------------------------------

    \742\ SBREFA Panel Report at 34.
---------------------------------------------------------------------------

    Some stakeholders expressed concern regarding a different issue 
related to data privacy. Federal and State laws protect the financial 
and data privacy of individuals, typically by imposing obligations on 
financial institutions to provide their customers notice and an 
opportunity to opt out in advance of the disclosure of their nonpublic 
personal information to unaffiliated third parties.\743\ Several 
industry stakeholders expressed concern that reporting 1071 data to the 
Bureau may cause them to violate other data privacy laws, including 
State data privacy laws.
---------------------------------------------------------------------------

    \743\ See, e.g., Gramm-Leach-Bliley Act, 15 U.S.C. 6801 et seq.; 
Regulation P, 12 CFR part 1016.
---------------------------------------------------------------------------

    The SBREFA Panel recommended, regarding this issue as well as other 
recordkeeping and reporting issues addressed in the Outline, that the 
Bureau seek comment on these aspects of a 1071 rule, and how best to 
implement them in a manner that minimizes cost and burden to small 
financial institutions.\744\
---------------------------------------------------------------------------

    \744\ SBREFA Panel Report at 47.
---------------------------------------------------------------------------

Proposed Rule
    The Bureau is proposing in Sec.  1002.111(c) that in compiling and 
maintaining any records under proposed Sec.  1002.107 or Sec.  
1002.111(b), or reporting data pursuant to proposed Sec.  1002.109, a 
financial institution shall not include any name, specific address, 
telephone number, email address, or any PII concerning any individual 
who is, or is connected with, an applicant, other than as required 
pursuant to proposed Sec.  1002.107 or Sec.  1002.111(b). The 
prohibition on the inclusion of PII in ECOA section 704B(e)(3), which 
covers the ``compiling and maintaining any record of information,'' 
implicates proposed Sec. Sec.  1002.107, 1002.109, and 1002.111, which 
together would address the compilation, maintenance, and reporting of 
1071 data by financial institutions.
    Proposed comment 111(c)-1 would clarify that the prohibition in 
proposed Sec.  1002.111(c) applies to data compiled and maintained 
pursuant to Sec.  1002.107, data in the small business lending 
application register submitted by the financial institution to the 
Bureau under proposed Sec.  1002.109, the version of the

[[Page 56503]]

register that the financial institution maintains under proposed Sec.  
1002.111(a), and the separate record of certain information created 
pursuant to proposed Sec.  1002.111(b).
    Proposed comment 111(c)-2 would address the types of information 
(including PII) that a financial institution is prohibited from 
including in the data it compiles and maintains pursuant to proposed 
Sec.  1002.107, in its records under proposed Sec.  1002.111(b), or in 
data reported to the Bureau under proposed Sec.  1002.109. The examples 
of types of PII identified in proposed comment 111(c)-2 are 
illustrative and not exhaustive.
    Proposed comment 111(c)-3 would clarify that the prohibition in 
proposed Sec.  1002.111(c) does not extend to the application or any 
other records that the financial institution maintains. This comment is 
intended to address the request by a SER and another stakeholder that 
the Bureau clarify that this prohibition does not extend more broadly 
to a financial institution's application or loan-related files.
    Proposed comment 111(c)-4 would clarify that the prohibition in 
proposed Sec.  1002.111(c) does not bar financial institutions from 
providing to the Bureau, pursuant to proposed Sec.  1002.109(b)(3), the 
name and business contact information of the person who may be 
contacted with questions about the financial institution's submission.
    The Bureau seeks comment on its proposed approach to implementing 
ECOA section 704B(e)(3), including how best to implement this 
requirement in a manner that minimizes cost and burden, particularly on 
small financial institutions, while implementing all statutory 
obligations. Regarding comments by stakeholders that reporting 1071 
data to the Bureau could give rise to a potential conflict with the 
data protection and privacy laws prohibiting the disclosure of 
nonpublic personal information to unaffiliated third parties, the 
Bureau notes that such laws typically provide an exemption for 
disclosures made pursuant to Federal and State law.\745\ The Bureau 
seeks comment on whether the requirements in this proposed rule could 
conflict with other data privacy or data protection laws, and whether 
the Bureau might need to use its preemption authority under ECOA,\746\ 
Regulation B,\747\ and/or section 1041(a)(1) of the Dodd-Frank Act to 
ensure that financial institutions do not violate State law in 
reporting 1071 data to the Bureau. The Bureau also seeks comment on 
whether it should include a provision to preempt any State data privacy 
or data protection laws that would prohibit the collection, 
maintenance, and reporting to the Bureau of 1071 data.
---------------------------------------------------------------------------

    \745\ See, e.g., Gramm-Leach-Bliley Act section 502(e)(8), 15 
U.S.C. 6802(e)(8), and Regulation P Sec.  1016.15(a)(7)(i) (stating 
that the limitations on disclosing nonpublic personal information to 
unaffiliated third parties do not apply if the information is 
disclosed to comply with Federal, State, or local laws, rules and 
other applicable legal requirements); California Consumer Privacy 
Act, Cal. Civ. Code 1798.145(a)(1) (noting that the obligations 
imposed on businesses by CCPA ``shall not restrict a business' 
ability to . . . comply with federal, state, or local laws'').
    \746\ 15 U.S.C. 1691d(f).
    \747\ Existing Sec.  1002.11.
---------------------------------------------------------------------------

Section 1002.112 Enforcement
    Proposed Sec.  1002.112 would address several issues related to the 
enforcement of violations of the requirements of proposed subpart B. 
First, proposed Sec.  1002.112(a) would state that a violation of 
section 1071 or subpart B of Regulation B is subject to administrative 
sanctions and civil liability as provided in sections 704 and 706 of 
ECOA. Second, proposed Sec.  1002.112(b) would provide that a bona fide 
error in compiling, maintaining, or reporting data with respect to a 
covered application is an error that was unintentional and occurred 
despite the maintenance of procedures reasonably adapted to avoid such 
an error. This proposed provision also addresses the maintenance of 
procedures reasonably adapted to avoid such errors. Third, proposed 
Sec.  1002.112(c) would identify four safe harbors under which certain 
errors--namely, certain types of incorrect entries for census tract, 
NAICS code, small business status, and application date--would not 
constitute violations of ECOA or Regulation B.
    The Bureau is proposing Sec.  1002.112 to implement sections 704 
and 706 of ECOA, pursuant to its authority under ECOA section 
704B(g)(1) to prescribe such rules and issue such guidance as may be 
necessary to carry out, enforce, and compile data pursuant to section 
1071 and pursuant to its authority under 704B(g)(2) to adopt exceptions 
to any requirement of section 1071 and to exempt any financial 
institution or class of financial institutions from the requirements of 
section 1071, as the Bureau deems necessary or appropriate to carry out 
the purposes of section 1071.
112(a) Administrative Enforcement and Civil Liability
    A violation of section 1071 is subject to the enforcement 
provisions of ECOA, of which section 1071 is a part. ECOA contains 
administrative enforcement provisions in section 704,\748\ and it 
provides for civil liability in section 706.\749\ The enforcement 
provisions in existing Regulation B (Sec.  1002.16(a)(1) and (2)) 
cross-reference and paraphrase these administrative enforcement and 
civil liability provisions of ECOA.
---------------------------------------------------------------------------

    \748\ 15 U.S.C. 1691c.
    \749\ 15 U.S.C. 1691e.
---------------------------------------------------------------------------

    Proposed Sec.  1002.112(a) would provide that a violation of 
section 1071 or subpart B of Regulation B is subject to administrative 
sanctions and civil liability as provided in sections 704 and 706 of 
ECOA, where applicable. Regarding stakeholder concerns about private 
litigants bringing actions for non-compliance, the Bureau believes that 
its administrative enforcement mechanisms would be appropriate and 
adequate to address most instances of non-compliance by financial 
institutions that report 1071 data to the Bureau, based on its 
experience with Regulation C and HMDA. The Bureau believes that 
proposed Sec.  1002.112(b) addresses the concerns raised by 
stakeholders that requested that penalties for non-compliance not be 
assessed in the first year that 1071 data is collected, given the 
likelihood of unintentional errors as covered financial institutions 
learn how to implement this rule.
    The Bureau seeks comment on its proposed approach to administrative 
enforcement and civil liability.
112(b) Bona Fide Errors
SBREFA Proposal Under Consideration and Feedback Received
    During the SBREFA process, SERs and other industry stakeholders 
expressed concern about private litigants suing them for non-compliance 
with the 1071 rule.\750\ In addition, several SERs requested that the 
Bureau not assess penalties for the first year of 1071 data collection 
and reporting, as it did following the 2015 HMDA final rule; prior to 
the compliance date for that rule, the Bureau issued a policy statement 
announcing it would not seek penalties for errors for the first 
calendar year (2018) of data collected under the amended Regulation 
C.\751\ Stakeholders

[[Page 56504]]

asked the Bureau to emulate that approach for 1071. Other stakeholders 
expressed concern about the potential consequences of committing what 
they viewed as technical or inadvertent errors in collecting or 
reporting 1071 data. One financial institution stakeholder suggested 
that the 1071 rule adopt or emulate the good faith error provisions set 
out in Regulation C, including Sec.  1003.6(b)(1), which provides that 
an error in compiling or recording data for a covered loan or 
application is not a violation of HMDA or Regulation C if the error was 
unintentional and occurred despite the maintenance of procedures 
reasonably adapted to avoid such an error. Stakeholders also referred 
to the existing error-related exemptions in ECOA and Regulation B.\752\ 
ECOA's civil liability provision states that creditors will not be 
liable for acts done or omitted in good faith in conformity with any 
official rule, regulation, or interpretation thereof by the 
Bureau.\753\
---------------------------------------------------------------------------

    \750\ The SER feedback discussed in this section-by-section 
analysis can be found in the SBREFA Panel Report at 34-36.
    \751\ Bureau of Consumer Fin. Prot., CFPB Issues Public 
Statement On Home Mortgage Disclosure Act Compliance (Dec. 21, 
2017), https://www.consumerfinance.gov/about-us/newsroom/cfpb-issues-public-statement-home-mortgage-disclosure-act-compliance/ 
(noting that the Bureau did not intend to require data resubmission 
unless data errors were material, or assess penalties with respect 
to errors for HMDA data collected in 2018 and reported in 2019).
    \752\ See, e.g., Sec.  1002.16(c).
    \753\ 15 U.S.C. 1691e(e).
---------------------------------------------------------------------------

Proposed Rule
    Proposed Sec.  1002.112(b) would provide that a bona fide error in 
compiling, maintaining, or reporting data with respect to a covered 
application is an error that was unintentional and occurred despite the 
maintenance of procedures reasonably adapted to avoid such an error. A 
bona fide error is not a violation of ECOA or subpart B. A financial 
institution is presumed to maintain procedures reasonably adapted to 
avoid errors with respect to a given data field if the number of errors 
found in a random sample of the financial institution's submission for 
the data field does not equal or exceed a threshold specified by the 
Bureau for this purpose in proposed appendix H. However, an error is 
not a bona fide error if either there is a reasonable basis to believe 
the error was intentional or there is other evidence that the financial 
institution did not maintain procedures reasonably adapted to avoid 
such errors.
    The Bureau believes that a similar approach to Regulation C, 
modified and combined with the approach taken by Federal agencies in 
HMDA examinations, would be appropriate here. Regulation C Sec.  
1003.6(b)(1) provides that an error in compiling or recording data for 
a covered loan or application is not a violation of HMDA or Regulation 
C if the error was unintentional and occurred despite the maintenance 
of procedures reasonably adapted to avoid such an error. In an 
examination of a financial institution for compliance with Regulation 
C, a financial institution may make a certain number of unintentional 
errors in a testing sample of applications for a given data field in 
the institution's loan/application register (LAR), the HMDA analog to 
the small business lending application register, before it must 
resubmit its LAR. These tolerance thresholds are based on the number of 
loans or applications in a LAR as set out in the HMDA tolerances table 
in the FFIEC's Interagency HMDA examination procedures.\754\
---------------------------------------------------------------------------

    \754\ Fed. Fin. Insts. Examination Council, Interagency 
Examination Procedures: HMDA (Apr. 2019), https://files.consumerfinance.gov/f/documents/cfpb_supervision-and-examination-manual_hmda-exam-procedures_2019-04.pdf.
---------------------------------------------------------------------------

    For instance, as described in the HMDA tolerances table, a bank 
that submitted 45 applications is subject to a threshold of three 
inadvertent errors per data field based on the review of a random 
sample of 30 applications in the bank's LAR; a bank that submitted 
45,000 applications would be subject to a threshold of four inadvertent 
errors per data field based on a sample of 79 applications. The 
tolerances thresholds, as a percentage of the random sample of 
applications reviewed, become more stringent as the number of total 
applications rises.
    The Bureau would provide a similar table of thresholds in proposed 
appendix H and incorporate it in the bona fide error provision as set 
out in proposed Sec.  1002.112(b). Under this proposed provision and 
the table of thresholds in proposed appendix H, financial institutions 
that report a number of errors equal to or below the applicable 
thresholds are presumed to have in place procedures reasonably adapted 
to avoid errors; those that report a number of errors above the 
applicable thresholds are not presumed to have in place procedures 
reasonably adapted to avoid errors. The Bureau believes that this 
approach would be broadly consistent with the approach it has taken for 
HMDA.\755\ The Bureau also believes that this approach would address 
the concerns expressed by stakeholders regarding liability for some 
data reporting errors, especially in the earlier years of reporting, as 
processes are first being implemented. Moreover, the Bureau believes 
that this provision will help to ensure the accuracy of the data 
submitted by requiring the maintenance of appropriate procedures; at 
the same time, this provision will prevent financial institutions from 
being subjected to liability for some difficult-to-avoid errors that 
could drive those institutions from the small-business lending market. 
Therefore, the Bureau believes this provision is necessary to carry 
out, enforce, and compile data pursuant to section 1071, as well as 
necessary or appropriate to carrying out section 1071's purposes.
---------------------------------------------------------------------------

    \755\ Home Mortgage Disclosure (Regulation C), 80 FR 66128, 
66269 (Oct. 28, 2015).
---------------------------------------------------------------------------

    Proposed comment 112(b)-1 would explain that a financial 
institution is presumed to maintain procedures reasonably adapted to 
avoid errors with respect to a given data field if the number of errors 
found in a random sample of the financial institution's submission for 
the data field does not equal or exceed a threshold specified by the 
Bureau for this purpose. Proposed comment 112(b)-1 would also explain 
that the Bureau's thresholds appear in column C of the table in 
proposed appendix H, and that the size of the random sample shall 
depend on the size of the financial institution's small business 
lending application register, as shown in column A of the table in 
appendix H.
    Proposed comment 112(b)-2 would provide that, for purposes of 
determining bona fide errors under Sec.  1002.112(b), the term ``data 
field'' generally refers to individual fields, but that, with respect 
to information on the ethnicity or race of an applicant or borrower, or 
co-applicant or co-borrower, a data field group may consist of more 
than one field. If one or more of the fields within an ethnicity or 
race field group have errors, they count as one (and only one) error 
for that data field group.
    Proposed comment 112(b)-3 would provide that an error that meets 
the criteria for one of the four safe harbor provisions in proposed 
Sec.  1002.112(c) would not be counted as an error for purposes of 
determining whether a financial institution has exceeded the error 
threshold for a given data field.
    The Bureau seeks comment on its proposed approach to bona fide 
errors, including whether the tolerance levels in proposed appendix H 
are appropriate.
112(c) Safe Harbors
    Proposed Sec.  1002.112(c) would establish four safe harbor 
provisions, providing that certain types of errors would not constitute 
violations of ECOA or Regulation B. Proposed Sec.  1002.112(c)(1) would 
provide a safe harbor for an incorrect entry for census tract obtained 
by correct use of a geocoding tool provided by the FFIEC or the Bureau. 
Proposed Sec.  1002.112(c)(2) would provide a safe harbor for an 
incorrect NAICS code determined by a financial institution under 
certain circumstances. Proposed

[[Page 56505]]

Sec.  1002.112(c)(3) would provide a safe harbor for the collection of 
applicants' protected demographic information pursuant to proposed 
Sec.  1002.107(a)(18) through (20) after an initially erroneous 
determination that an applicant is a small business. Proposed Sec.  
1002.112(c)(4) would provide a safe harbor for the reporting of an 
application date that is within three calendar days of the actual 
application date.
    As described in further detail below, the Bureau is proposing the 
four safe harbors established in proposed Sec.  1002.112(c) pursuant to 
its authority under ECOA and as amended by section 1071. Section 703 of 
ECOA provides the Bureau the authority to prescribe regulations to 
carry out the purposes of ECOA, including such adjustments and 
exceptions for any class of transactions that in the judgment of the 
Bureau are necessary or proper to effectuate the purposes of ECOA, to 
prevent circumvention or evasion thereof, or to facilitate or 
substantiate compliance therewith. Section 704B(g)(1) provides that the 
Bureau shall prescribe such rules as may be necessary to carry out, 
enforce, and compile data pursuant to section 1071. Section 704B(g)(2) 
authorizes the Bureau to adopt exceptions to any requirement of section 
1071 and to exempt any financial institution or class of financial 
institutions from the requirements of section 1071, as the Bureau deems 
necessary or appropriate to carry out the purposes of section 1071.
112(c)(1) Incorrect Entry for Census Tract
    The Bureau received feedback on the SBREFA Outline,\756\ concerning 
a provision in Regulation C providing for a good faith error exemption 
in inadvertently selecting the wrong census tract for a property. In 
response, the Bureau is proposing Sec.  1002.112(c)(1), which would 
provide that an incorrect entry for census tract is not a violation of 
ECOA or this subpart if the financial institution obtained the census 
tract by correctly using a geocoding tool provided by the FFIEC or the 
Bureau. Regulation C Sec.  1003.6(b)(2) contains a similar provision, 
and the Bureau believes a similar approach would be appropriate here. 
Especially in light of the years that financial institutions have 
already been relying on the FFIEC geocoding tool in the HMDA context, 
the Bureau believes financial institutions would be justified in 
expecting not to be held liable for reporting erroneous information 
provided by the FFIEC or Bureau. Additionally, the Bureau believes that 
this proposed safe harbor will ultimately improve the accuracy of the 
data submitted by encouraging the use of reliable FFIEC geocoding 
tools, and preventing financial institutions from being subjected to 
liability for some difficult-to-avoid errors that could drive those 
institutions either to eschew these useful tools or exit the small 
business lending market. Therefore, the Bureau believes this provision 
is necessary to carry out, enforce, or compile data pursuant to section 
1071, and necessary or appropriate to carry out section 1071's 
purposes.
---------------------------------------------------------------------------

    \756\ SBREFA Outline at 41-42.
---------------------------------------------------------------------------

    Proposed comment 112(c)(1)-1 would explain that the safe harbor 
provision under proposed Sec.  1002.112(c)(1) would not extend to a 
financial institution's failure to provide the correct census tract 
number for a covered application on its small business lending 
application register, as required by proposed Sec.  1002.107(a)(13), 
because the FFIEC or Bureau geocoding tool did not return a census 
tract for the address provided by the financial institution. In 
addition, proposed comment 112(c)(1)-1 would explain that this safe 
harbor provision would not extend to a census tract error that results 
from a financial institution entering an inaccurate address into the 
FFIEC or Bureau geocoding tool.
    The Bureau seeks comment on its proposed approach to this safe 
harbor.
112(c)(2) Incorrect Entry for NAICS Code
    As discussed in the section-by-section analysis of proposed Sec.  
1002.107(a)(15) above, the Bureau is proposing to require financial 
institutions to collect an applicant's 6-digit NAICS code. A financial 
institution would be permitted to rely on an applicant's 
representations or on other information regarding its NAICS code as 
described in proposed comments 107(a)(15)-3 and -4. Proposed Sec.  
1002.112(c)(2) would apply when a financial institution does not rely 
on such information, but instead the financial institution identifies 
the NAICS code for an applicant and the identified NAICS code is 
incorrect. Specifically, proposed Sec.  1002.112(c)(2) would provide 
that the incorrect entry for that institution-identified NAICS code is 
not a violation of subpart B, provided that the first two digits of the 
NAICS code are correct and the financial institution maintains 
procedures reasonably adapted to correctly identify the subsequent four 
digits.
    The Bureau is proposing this safe harbor pursuant to its statutory 
authority under section 704B(g)(1) and (2). This safe harbor would 
address comments from several stakeholders who stated that correctly 
classifying an applicant's NAICS code can be difficult, as the business 
may change over time, codes may have overlapping definitions, small 
businesses often do not know their NAICS code, and classifications may 
be prone to human error. The Bureau believes that this proposed safe 
harbor would also alleviate concerns about NAICS codes classifications 
being subject to change based on SBA rulemaking (in situations where 
the SBA does not change the 2-digit sector code). The Bureau believes 
that this proposed safe harbor will help to ensure the accuracy of the 
data submitted by requiring the maintenance of appropriate procedures 
and requiring that the most crucial first two digits be correct in 
every instance; at the same time, the proposed safe harbor will prevent 
financial institutions from being subjected to liability for some 
difficult-to-avoid errors. Therefore, the Bureau believes this 
provision is necessary and appropriate to carry out section 1071 and 
its purposes.
    The Bureau seeks comment on its proposed approach to this safe 
harbor. As discussed in the section-by-section analysis of proposed 
Sec.  1002.107(a)(15) above, the Bureau seeks comment on its proposal 
to collect 6-digit NAICS codes with the safe harbor described in 
proposed Sec.  1002.112(c)(2). The Bureau also seeks comment on whether 
requiring a 3-digit NAICS code with no safe harbor would be a better 
alternative.
112(c)(3) Incorrect Determination of Small Business Status
    Proposed Sec.  1002.112(c)(3) would provide that a financial 
institution that initially determines that an applicant is a small 
business, as defined in proposed Sec.  1002.106(b), but then later 
concludes the applicant is not a small business, does not violate ECOA 
or Regulation B if it collected information pursuant to subpart B 
regarding whether an applicant for a covered credit transaction is a 
minority-owned business or a women-owned business, and the ethnicity, 
race, and sex of the applicant's principal owners. Proposed Sec.  
1002.112(c)(3) would further provide that a financial institution 
seeking to avail itself of this safe harbor shall comply with the 
requirements of subpart B as otherwise required pursuant to proposed 
Sec. Sec.  1002.107, 1002.108, and 1002.111 with respect to the 
collected information.
    The Bureau is proposing this safe harbor pursuant to its authority 
under

[[Page 56506]]

section 703(a) of ECOA, which allows the Bureau to provide for certain 
exceptions to Regulation B ``as in the judgment of the Bureau are 
necessary or proper to effectuate the purposes of [ECOA], to prevent 
circumvention or evasion thereof, or to facilitate or substantiate 
compliance therewith.'' The Bureau believes the proposed safe harbor is 
needed to address situations where the financial institution initially 
determines that an applicant is a small business and believes it is 
required under the 1071 rule to collect protected demographic 
information, but later concludes that the applicant is not a small 
business when it, for example, obtains updated gross annual revenue 
information. In such situations, the financial institution may be 
uncertain about whether it ``may obtain information required by a 
regulation'' under existing Sec.  1002.5(a)(2), which could deter 
financial institutions from complying with the 1071 rule. The Bureau 
believes that this safe harbor would facilitate compliance with ECOA by 
eliminating a situation in which financial institutions might be 
deterred from appropriately collecting applicants' protected 
demographic information due to the possibility that their understanding 
of an applicant's small business status might change during the course 
of the application process.
    Proposed Sec.  1002.112(c)(3) would make it clear that a financial 
institution does not violate the existing Regulation B general 
prohibition against inquiring about the race, national origin, or sex 
of an applicant as long as the financial institution complies with the 
requirements of the subpart B, including the requirements set forth in 
proposed Sec. Sec.  1002.107, 1002.108, and 1002.111 with respect to 
the collected information. Proposed comment 106(b)-1 would clarify that 
the financial institution does not report the application on its small 
business lending application register pursuant to Sec.  1002.109.
    The Bureau seeks comment on its proposed approach to this safe 
harbor.
112(c)(4) Incorrect Application Date
    Proposed Sec.  1002.107(a)(2) would require financial institutions 
to report application date. In the SBREFA Outline, the Bureau stated 
that it was considering proposing providing financial institutions a 
grace period of several days on either side of the date reported to 
reduce the compliance burden of pinpointing an exact date on which an 
application was received.\757\ As discussed in the section-by-section 
analysis of proposed Sec.  1002.107(a)(2) above, several SERs and other 
stakeholders were strongly in favor of the Bureau providing such a 
grace period to reduce compliance burden.
---------------------------------------------------------------------------

    \757\ Id. at 26.
---------------------------------------------------------------------------

    In light of SER and other stakeholder feedback, proposed Sec.  
1002.112(c)(4) would provide that a financial institution does not 
violate proposed subpart B if it reports on its small business lending 
application register an application date that is within three calendar 
days of the actual application date pursuant to proposed Sec.  
1002.107(a)(2). The Bureau believes that this proposed provision will 
ensure the level of accuracy needed for the resulting data to be useful 
in carrying out section 1071's purposes and minimize the risk that 
financial institutions will be held liable for difficult-to-avoid 
errors, which might otherwise affect their participation in the small 
business lending market. Therefore, the Bureau believes this provision 
is necessary and appropriate to carry out section 1071 and its 
purposes. The Bureau seeks comment on its proposed approach to this 
safe harbor.
Section 1002.113 Severability
    Proposed Sec.  1002.113 would provide that the provisions of 
subpart B are separate and severable from one another, and that if any 
provision is stayed or determined to be invalid, the remaining 
provisions shall continue in effect.
    This is a standard severability clause of the kind that is included 
in many regulations to clearly express agency intent about the course 
that is preferred if such events were to occur.
Section 1002.114 Effective Date, Compliance Date, and Special 
Transitional Rules
    Proposed Sec.  1002.114 would address when the proposed rule would 
be effective and when financial institutions would be required to 
comply with the rule, as well as how financial institutions could 
choose to comply with the rule during this transitional period. 
Proposed Sec.  1002.114(a) would state that this small business lending 
data collection rule would become effective 90 days after the final 
rule is published in the Federal Register. Proposed Sec.  1002.114(b) 
would provide that compliance with the rule would not be required until 
approximately 18 months after the final rule is published in the 
Federal Register. Proposed Sec.  1002.114(c)(1) would permit covered 
financial institutions to begin collecting information pursuant to 
proposed Sec.  1002.107(a)(18) through (20) beginning 12 months prior 
to the compliance date. Proposed Sec.  1002.114(c)(2) would permit a 
financial institution to use a different time period to determine 
whether it is a covered financial institution under proposed Sec.  
1002.105(b) as of the compliance date.
    The Bureau is proposing Sec.  1002.114 pursuant to its authority 
under ECOA section 704B(g)(1) to prescribe such rules and issue such 
guidance as may be necessary to carry out, enforce, and compile data 
pursuant to section 1071. The Bureau is also proposing Sec.  
1002.114(c) pursuant to its authority under section 703(a) of ECOA to 
prescribe regulations to carry out the purposes of ECOA and provide 
exceptions as in the judgment of the Bureau are necessary or proper to 
effectuate the purposes of or facilitate or substantiate compliance 
with ECOA.
114(a) Effective Date and 114(b) Compliance Date
Background
    Section 1071 does not specify an implementation period, though 
pursuant to ECOA section 704B(f)(1), financial institutions must report 
1071 data to the Bureau on an annual basis. In the SBREFA Outline, the 
Bureau noted that it sought to ensure that financial institutions have 
sufficient time to implement the 1071 rule, and stated that it was 
considering proposing that financial institutions have approximately 
two calendar years for implementation.\758\
---------------------------------------------------------------------------

    \758\ Id. at 42.
---------------------------------------------------------------------------

SBREFA Proposal Under Consideration and Feedback Received
    SER and stakeholder feedback regarding the two-year period for 
implementation under consideration was mixed.\759\ Some found the two-
year period to be adequate, some requested more time, and a few urged 
for less. Some provided related feedback about adopting a grace period 
for data errors in the first year(s) after the 1071 rule becomes 
effective.
---------------------------------------------------------------------------

    \759\ The SER feedback discussed in this section-by-section 
analysis can be found in the SBREFA Panel Report at 36-37.
---------------------------------------------------------------------------

    A number of stakeholders agreed that two years was sufficient time 
to implement a 1071 rule. SERs generally supported a two-year 
implementation period. Several SERs with completely online operations 
felt that two years was sufficient time to implement the eventual 1071 
rule; some estimated that they could do it in less time. A large number 
of industry stakeholders (including national and regional trade

[[Page 56507]]

associations, community banks, fintech lenders, and others) accepted a 
two-year implementation period as adequate or said that two years was 
the minimum amount of time needed to implement 1071 (though some of 
these stakeholders also requested more time, as discussed below). A few 
qualified their statements, however, as dependent on the Bureau not 
adopting additional data points beyond those discussed in the SBREFA 
Outline or not making further changes to the rule once it is finalized.
    A number of other stakeholders argued that two years was inadequate 
time to implement a 1071 rule. Some other SERs that do not have 
primarily online operations and do not have experience with other 
Federal data reporting regimes such as HMDA said it would be hard to 
project how long implementation would take, but that it could 
potentially take three years or more. One SER said that two years would 
not be enough as currently there are no data collection vendors for 
1071 compliance. Another SER said clear and concise definitions were 
important and expressed frustration that definitive answers to 
compliance-related questions (whether from the Bureau or third-party 
vendors) can be hard to come by, which could stymie implementation 
efforts. One SER suggested that it was overly optimistic for other SERs 
(mostly CDFIs) to say they would be able to implement 1071 quickly.
    Some of the industry stakeholders mentioned above requested more 
time, up to three years, and suggested that two years was the bare 
minimum they required to implement a 1071 rule, given the need to 
create new systems, policies and procedures, to change their products 
as needed, and to train personnel in compliance. One large bank trade 
association stakeholder requested three years coupled with a two-year 
grace period.
    Several trade associations representing community banks and credit 
unions asserted that two years was inadequate for smaller financial 
institutions that had no experience with HMDA or similar reporting 
regimes. These commenters suggested tiered implementation, with larger 
financial institutions (or HMDA reporters) reporting earlier and 
smaller financial institutions later. Similarly, two smaller trade 
associations asserted that smaller and mission-based lenders should 
have up to three years to implement 1071.
    A number of stakeholders argued that two years was too much time to 
implement a 1071 rule. Several community group stakeholders opposed a 
two-year implementation period as too long and instead supported a one-
year period. These groups opposed a longer implementation period on the 
grounds that ten years have elapsed since Dodd-Frank Act was passed and 
the need for data to analyze disparities in small business lending is 
urgent. A State-level trade association suggested a one-year period for 
larger financial institutions and a longer period for smaller financial 
institutions.
    Some stakeholders requested a grace period associated with the 
first year of implementation. A few SERs suggested that the Bureau 
adopt a grace period of some kind during which financial institutions 
would not be penalized for erring in trying to comply with a 1071 
regulation. This grace period would be akin to the first year in which 
the 2015 revisions to Regulation C were effective, when examinations 
were used to troubleshoot and perfect data reporting rather than 
penalize reporters. Two other industry stakeholders similarly requested 
a safe harbor for any data collection errors for the first one or two 
years following the rule's effective date.
    The SBREFA Panel recommended that the Bureau seek comment on the 
sufficiency of a two-year implementation period, and in particular what 
aspects of a 1071 rule might require more or less time to 
implement.\760\ The Panel further recommended that the Bureau seek 
comment on ways to facilitate implementation for small financial 
institutions, particularly those that have had no experience with any 
kind of Federal data reporting regime.
---------------------------------------------------------------------------

    \760\ Id. at 48.
---------------------------------------------------------------------------

Proposed Rule
    The Bureau is proposing in Sec.  1002.114(a) that its small 
business lending data collection rule become effective 90 days after 
the final rule is published in the Federal Register. At that time, the 
rule would become part of the Code of Federal Regulations; this would 
permit financial institutions to avail themselves of the special 
transitional rule in proposed Sec.  1002.114(c)(2), discussed below. 
However, pursuant to proposed Sec.  1002.114(b), compliance with the 
final rule would not be required until approximately 18 months after 
the final rule is published in the Federal Register.
    The Bureau's proposed approach is a compromise between the two-year 
implementation period under consideration at SBREFA that a slight 
majority of stakeholders found acceptable and the shorter one-year 
implementation period requested by certain stakeholders. The Bureau 
believes that the statutory purposes of section 1071 are better served 
by an earlier compliance date that would, in turn, result in earlier 
publication of data by the Bureau. The Bureau acknowledges the 
preference of various SERs and other stakeholders for a compliance 
period of two or more years to comply. The Bureau notes, however, that 
some SERs and other industry stakeholders said that they could be ready 
in less than two years. The Bureau agrees with the stakeholders that 
asserted that a shorter implementation period is preferable given the 
length of time that has elapsed since the passage of section 1071 of 
the Dodd-Frank Act.
    The Bureau notes that it does not anticipate setting the compliance 
date at exactly 18 months following publication of the final rule in 
the Federal Register. Rather, the Bureau expects to specify a date 
certain for a compliance date, which it anticipates will be 
approximately 18 months after the final rule is published. Thus, for 
example, if the Bureau published the final rule in June 2023, the 
Bureau would set the compliance date at January 1, 2025.
    If the final rule were published early or late in the year, because 
proposed Sec.  1002.114(b) would require compliance approximately 18 
months after publication of the final rule, the compliance date would 
be set in mid-year. For instance, if the final rule were published in 
the Federal Register in March 2023, the compliance date would be in 
September 2024. Based on this possibility, the Bureau is considering 
whether to permit or require financial institutions to collect data on 
a partial year basis in the remainder of the first year following the 
compliance date, as the section-by-section analysis of proposed Sec.  
1002.109(a)(1) addresses. For example, if the compliance date were July 
1, 2024, the Bureau would permit or require all financial institutions 
to collect and report data pursuant to proposed Sec.  1002.109(a) for 
the period July 1 to December 31, 2024, and financial institutions 
would report that data by June 1, 2025 (pursuant to proposed Sec.  
1002.109(a)(1)(i)). After 2024, financial institutions would comply 
with proposed Sec.  1002.109(a), which requires the collection of 1071 
data on a calendar year basis.
    The Bureau believes that permitting or requiring a partial year 
collection in the initial year of compliance would further the purposes 
of section 1071 by expediting the collection and, potentially, the 
publication of data to be used to further the fair lending and 
community development purposes of the statute.

[[Page 56508]]

    The Bureau seeks comment on its proposed effective date of 90 days 
following publication of an eventual final rule and its proposed 
compliance date of approximately 18 months after the publication of its 
final rule to implement section 1071. In particular, the Bureau seeks 
comment on which aspects of the Bureau's proposed rule might require 
more or less time to implement, and ways in which the Bureau could 
facilitate implementation for small financial institutions, especially 
those that have had no experience with other Federal data reporting 
regimes. The Bureau further seeks comment on two alternatives: (a) 
Whether the Bureau should adopt a compliance date of two years after 
the publication of the final rule; and (b) whether the Bureau should 
adopt different compliance dates based on the size of a financial 
institution (e.g., one year for large financial institutions, two years 
for smaller institutions).
114(c) Special Transitional Rules
    The Bureau is proposing two transitional rules in Sec.  1002.114(c) 
to facilitate the compliance of financial institutions with subpart B. 
Proposed Sec.  1002.114(c)(1) would permit covered financial 
institutions to collect information regarding applicants' minority-
owned business status, women-owned business status, and the race, sex, 
and ethnicity of applicants' principal owners under proposed Sec.  
1002.107(a)(18) through (20) beginning 12 months prior to the 
compliance date. Proposed Sec.  1002.114(c)(2) would provide that to 
determine if it is a covered financial institution as of the compliance 
date, a financial institution is permitted to use its originations of 
covered credit transactions for small businesses in the second and 
third preceding calendar years (rather than its originations in the two 
immediately preceding calendar years).
    The Bureau believes that these transitional rules are necessary to 
carry out, enforce, and compile data pursuant to section 1071, will 
carry out the purposes of ECOA, and are necessary or proper to 
effectuate the purposes of ECOA and facilitate or substantiate 
compliance therewith.
114(c)(1) Collection of Information Prior to the Compliance Date
    Proposed Sec.  1002.114(c)(1) would provide that a financial 
institution that will be a covered financial institution as of the 
compliance date in proposed Sec.  1002.114(b) is permitted, but not 
required, to collect information regarding whether an applicant for a 
covered credit transaction is a minority-owned business under proposed 
Sec.  1002.107(a)(18), a women-owned business under proposed Sec.  
1002.107(a)(19), and the ethnicity, race, and sex of the applicant's 
principal owners under proposed Sec.  1002.107(a)(20) beginning 12 
months prior to the compliance date. A financial institution collecting 
such information pursuant to proposed Sec.  1002.114(c)(1) must do so 
in accordance with the requirements set out in proposed Sec. Sec.  
1002.107(18) through (20) and 1002.108. The Bureau believes that this 
provision would give financial institutions time to test their 
procedures and systems for compiling and maintaining this information 
in advance of actually being required to collect and subsequently 
report it to the Bureau. Under this proposed provision, financial 
institutions would have time to adjust any procedures or systems that 
may result in the inaccurate compilation or maintenance of applicants' 
protected demographic information, the collection of which is required 
by section 1071 but otherwise generally prohibited under ECOA and 
Regulation B. (Financial institutions could of course collect the other 
information that would be required by this proposed rule at any time, 
without needing express permission in Regulation B to do so.) The 
Bureau believes that this provision would facilitate compliance and 
improve the quality and accuracy of the 1071 data reported to the 
Bureau and therefore is necessary to carry out, enforce, and compile 
data pursuant to section 1071, and will carry out the purposes of ECOA, 
and is necessary or proper to effectuate the purposes of ECOA and 
facilitate or substantiate compliance therewith.
    The Bureau seeks comment on the approach in this proposal.
114(c)(2) Determining Whether a Financial Institution is a Covered 
Financial Institution for Purposes of This Subpart
    Proposed Sec.  1002.114(c)(2) would provide that for purposes of 
determining whether a financial institution is a covered financial 
institution under proposed Sec.  1002.105(b) as of the compliance date 
specified in proposed Sec.  1002.114(b), a financial institution would 
be permitted, but not required, to use its originations of covered 
credit transactions for small businesses in the second and third 
preceding calendar years (rather than its originations in the two 
immediately preceding calendar years). The Bureau believes that this 
proposed provision would provide greater clarity and certainty to 
financial institutions as to whether or not they would be covered 
financial institutions as of the compliance date. This may be 
particularly important for those financial institutions that originate 
a volume of covered credit transactions close to the threshold under 
proposed Sec.  1002.105(b). The Bureau believes this provision is 
necessary to carry out, enforce, and compile data pursuant to section 
1071.
    The Bureau seeks comment on the approach in this proposal.
Appendix E to Part 1002--Sample Form for Collecting Certain Applicant-
Provided Data Under Subpart B
Background
    ECOA section 704B(b) requires financial institutions to inquire 
whether applicants are women-owned businesses, minority-owned 
businesses, or small businesses, and to maintain a record of the 
responses to that inquiry separate from the applications and 
accompanying information.
    Additionally, ECOA section 704B(e) requires financial institutions 
to compile, maintain, and report certain information, including the 
ethnicity, race, and sex of an applicant's principal owners. Section 
1071 does not set out what categories should be used when collecting 
and reporting this information.
    ECOA section 704B(c) provides that applicants for credit may refuse 
to provide information requested pursuant to 704B(b), including 
minority-owned and women-owned business status.
    Under ECOA section 704B(d)(2), if a financial institution 
determines that an underwriter, employee, or officer involved in making 
a determination ``should have access'' to any information provided by 
the applicant pursuant to a request under section 704B(b), the 
financial institution must provide a notice of ``the access of the 
underwriter to such information,'' along with notice that the financial 
institution may not discriminate on the basis of such information.
SBREFA Proposal Under Consideration and Feedback Received
    In the SBREFA Outline, the Bureau stated that it was considering 
developing a sample data collection form to assist industry in 
collecting the principal owners' ethnicity, race, and sex and to 
communicate an applicant's right to refuse to provide such information. 
The Bureau stated in the SBREFA Outline that this sample data 
collection form would also include the definition of principal owner 
and clarify that it is possible, depending on the factual 
circumstances, that no one will

[[Page 56509]]

be identified as a principal owner.\761\ It also stated that the Bureau 
was considering proposing simplified applicant-facing materials to aid 
industry in collecting minority-owned business status and women-owned 
business status. Specifically, for these applicant-facing materials and 
industry clarifications, the Bureau stated in the SBREFA Outline that 
it was considering proposing the following definitions: (1) 
``Ownership'' to mean directly or indirectly having an equity interest 
in a business (i.e., directly or indirectly, through any contract, 
arrangement, understanding, relationship, or otherwise, owning an 
equity interest in the business); (2) ``control'' of a business to 
mirror the CDD rule, where it means having significant responsibility 
to control, manage, or direct a business; and (3) the ``accrual of net 
profit or loss'' with reference to generally accepted accounting 
practices and any applicable Internal Revenue Service standards.\762\ 
Finally, the Bureau stated in the SBREFA Outline that it was 
considering developing model disclosures that financial institutions 
could use when providing the notice under ECOA section 704B(d)(2).\763\
---------------------------------------------------------------------------

    \761\ SBREFA Outline at 32.
    \762\ Id. at 19.
    \763\ Id. at 38.
---------------------------------------------------------------------------

    Some SERs requested that the Bureau develop a uniform collection 
form to assist financial institutions with the collection of reporting 
of minority-owned business status, women-owned business status, and the 
race, sex, and ethnicity of principal owners. One SER suggested 
developing a sample data collection form similar to the one used for 
HMDA data collection and including the same disclosures. One commenter 
noted that the use of a model form may increase the uniformity and 
consistency of reporting demographic information. Another commenter 
suggested that any model form should include an explanation of why the 
financial institution is requesting the information and a statement of 
the applicant's right to refuse to provide the information.
    One SER asked that, if the Bureau provided sample language for the 
notice to be provided pursuant to ECOA section 704B(d)(2), that the 
Bureau provide it in English as well as in other languages, such as 
Spanish. One SER stated that sample language for a notice should 
include a statement that underwriter access to demographic information 
is not detrimental and that such access is necessary due to the small 
size of the lender.
    The SBREFA Panel recommended that the Bureau consider creating 
sample data collection forms that, to the extent possible, simply and 
clearly explain the information being requested for purposes of the 
minority-owned business data point, the women-owned business data 
point, and the principal owners' ethnicity, race, and sex data point. 
It also said that the Bureau should additionally consider providing 
these sample data collection forms in other languages, such as 
Spanish.\764\ The Panel also recommended that the Bureau consider 
developing sample disclosure language that financial institutions could 
use to provide some context as to why applicants are being asked to 
provide demographic information, in order to encourage applicants to 
respond.\765\
---------------------------------------------------------------------------

    \764\ SBREFA Panel Report at 45-46.
    \765\ Id. at 43, 47.
---------------------------------------------------------------------------

Proposed Rule
    Consistent with the SBREFA Panel's recommendation, the Bureau is 
proposing a sample data collection form that financial institutions 
could use to collect minority-owned business status, women-owned 
business status, and principal owners' ethnicity, race, and sex. As 
suggested in the feedback from SERs, the proposed sample data 
collection form would be similar to the HMDA data collection form and 
would include a notice of the applicant's right to refuse to provide 
the information as well as an explanation of why the financial 
institution is requesting the information. The sample data collection 
form would also include the definitions of minority individual, 
minority-owned business, principal owner, and women-owned business as 
they would be defined in proposed Sec.  1002.102(l), (m), (o), and (s), 
respectively. Although the Bureau is not currently proposing a sample 
data collection form in Spanish or any language other than English, the 
Bureau requests comment on whether a sample data collection form in 
Spanish or in another language other than English would be useful to 
financial institutions in the context of their 1071 obligations.
    Additionally, to aid financial institutions with the collection of 
the information in proposed Sec.  1002.107(a)(21), the sample data 
collection form would include a question about the applicant's number 
of principal owners.
    Finally, consistent with the SBREFA Panel's recommendation, the 
Bureau is proposing that the sample data collection form would include 
language that a financial institution could use to satisfy the notice 
requirement under ECOA section 704B(d)(2) if it determines that one or 
more employees or officers should have access to the applicant's 
protected demographic information pursuant to proposed Sec.  
1002.108(b)(2).
    The Bureau is proposing appendix E pursuant to its authority under 
ECOA section 704B(g)(1) to prescribe such rules and issue such guidance 
as may be necessary to carry out, enforce, and compile data pursuant to 
section 1071, in order to facilitate compliance with the statutory 
requirements to collect minority-owned and women-owned business status, 
and the ethnicity, race, and sex of principal owners pursuant to 
704B(b)(1) and (e)(2)(G). Further, the Bureau is proposing appendix E 
pursuant to its obligation in 704B(g)(3) to issue guidance to 
facilitate compliance with the requirements of section 1071, including 
assisting financial institutions in working with applicants to 
determine whether the applicants are women-owned or minority-owned 
businesses.
    The Bureau seeks comment on the proposed sample data collection 
form, including the proposed language for the notice under ECOA section 
704B(d)(2). The Bureau generally requests comment on whether additional 
clarification regarding any aspect of the sample data collection form 
or the related notice provided pursuant to 704B(d)(2) is needed. The 
Bureau also seeks comment on whether the sample data collection form 
should identify the Bureau to applicants as a potential resource in 
connection with their applicable legal rights or for additional 
information about the data collection, including concerns regarding 
non-compliance. In addition, the Bureau seeks comment on whether 
financial institutions need additional information on how to adapt this 
form for use in digital modes of data collection, and, if so, what 
specific information would be most useful.
Appendix F to Part 1002--Instructions for Collecting and Reporting 
Small Business Applicants' Minority-Owned and Women-Owned Business 
Status Under Subpart B
    ECOA section 704B(b) requires financial institutions to inquire 
whether applicants for credit are women-owned businesses, minority-
owned businesses, or small businesses and to maintain a record of the 
responses to that inquiry separate from the applications and 
accompanying information. However, section 1071 does not include 
specific instructions on how a financial institution should collect or 
report such information.
    The Bureau is proposing appendix F to provide instructions to aid 
financial

[[Page 56510]]

institutions when collecting minority-owned business status pursuant to 
proposed Sec.  1002.107(a)(18) and women-owned business status pursuant 
to proposed Sec.  1002.107(a)(19).
    The Bureau is proposing appendix F pursuant to its authority under 
ECOA section 704B(g)(1) to prescribe such rules and issue such guidance 
as may be necessary to carry out, enforce, and compile data pursuant to 
section 1071, in order to facilitate compliance with the statutory 
requirements to collect minority-owned and women-owned business status 
pursuant to 704B(b)(1). Further, the Bureau is proposing appendix F 
pursuant to its obligation in 704B(g)(3) to issue guidance to 
facilitate compliance with the requirements of section 1071, including 
assisting financial institutions in working with applicants to 
determine whether the applicants are women-owned or minority-owned 
businesses.
    The Bureau seeks comment on the proposed instructions, and 
generally requests comment on whether additional clarification 
regarding any aspect of the proposed instructions is needed. The Bureau 
further requests comment on whether additional or different 
instructions are needed for financial institutions that choose not to 
use a paper data collection form to collect minority-owned business 
status or women-owned business status, such as collecting such 
information using a web-based or other electronic data collection form, 
or over the telephone. The Bureau also seeks comment regarding the 
challenges faced by both applicants and financial institutions by the 
data collection instructions prescribed in appendix F and specifically 
requests comment on ways to improve the data collection of minority-
owned business status and women-owned business status.
Appendix G to Part 1002--Instructions for Collecting and Reporting 
Ethnicity, Race, and Sex of Small Business Applicants' Principal Owners 
Under Subpart B
    ECOA section 704B(e) requires financial institutions to compile, 
maintain, and report certain information, including the ethnicity, 
race, and sex of an applicant's principal owners, but does not provide 
specific instructions on how a financial institution should do so.
    The Bureau is proposing appendix G to provide instructions to aid 
financial institutions when collecting principal owners' ethnicity, 
race, and sex pursuant to proposed Sec.  1002.107(a)(20). The Bureau is 
proposing appendix G pursuant to its authority under ECOA section 
704B(g)(1) to prescribe such rules and issue such guidance as may be 
necessary to carry out, enforce, and compile data pursuant to section 
1071, to facilitate compliance with the statutory requirements to 
collect the ethnicity, race, and sex of principal owners pursuant to 
704B(e)(2)(G), and pursuant to 704B(g)(3), which directs the Bureau to 
issue guidance designed to facilitate compliance with the requirements 
of section 1071.
    The Bureau seeks comment on the proposed instructions, and 
generally requests comment on whether additional clarification 
regarding any aspect of the proposed instructions is needed. The Bureau 
further requests comment on whether additional or different 
instructions are needed for financial institutions that chose not to 
use a paper data collection form to collect, principal owners' 
ethnicity, race, and sex, such as collecting such information using a 
web-based or other electronic data collection form or over the 
telephone. The Bureau also seeks comment regarding the challenges faced 
by both applicants and financial institutions by the data collection 
instructions prescribed in appendix G and specifically requests comment 
on ways to improve the data collection of principal owners' ethnicity, 
race, and sex.
Appendix H to Part 1002--Tolerances for Bona Fide Errors in Data 
Reported Under Subpart B
    The Bureau is proposing appendix H, which would set out a Threshold 
Table, as referred to in proposed Sec.  1002.112(b) and proposed 
comment 112(b)-1. As these provisions would explain, a financial 
institution is presumed to maintain procedures reasonably adapted to 
avoid errors with respect to a given data field if the number of errors 
found in a random sample of a financial institution's data submission 
for a given data field do not equal or exceed the threshold in column C 
of the Threshold Table.
    Under the Threshold Table in proposed appendix H, column A would 
list the size of the financial institution's small business lending 
application register in ranges of application register counts (e.g., 25 
to 50, 51-100, 101-130, etc.). The applicable register count range 
would then determine both the size of the random sample, under column 
B, and the applicable error threshold, under column C. The error 
threshold of column C, as proposed comment 112(b)-1 would explain, 
identifies the maximum number of errors that a particular data field in 
a financial institution's small business lending application register 
may contain such that the financial institution is presumed to maintain 
procedures reasonably adapted to avoid errors with respect to a given 
data field. Column D would be illustrative, showing the error threshold 
as a percentage of the random sample size.
    Proposed appendix H would also include examples of how financial 
institutions would use the Threshold Table.
    For the reasons set out in the section-by-section analysis of 
proposed Sec.  1002.112(b), the Bureau is proposing appendix H pursuant 
to its authority under ECOA section 704B(g)(1) to prescribe such rules 
and issue such guidance as may be necessary to carry out, enforce, and 
compile data pursuant to section 1071, and its authority under 
704B(g)(2) to adopt exceptions to any requirement of section 1071 and 
to exempt any financial institution or class of financial institutions 
from the requirements section 1071 as the Bureau deems necessary or 
appropriate to carry out the purposes of section 1071.
    The Bureau seeks comment on this proposed appendix H. In 
particular, the Bureau seeks comment on whether the register count 
ranges in column A, the random sample sizes in column B, and the error 
thresholds in column C are appropriate. The Bureau further seeks 
comment on whether a covered financial institution should be required 
to correct and resubmit data for a particular data field, if the 
institution has met or exceeded the thresholds provided in appendix H.

VI. Public Disclosure of 1071 Data

A. Introduction

    Section 1071 of the Dodd-Frank Act amended ECOA to require 
financial institutions to collect and report to the Bureau data about 
applications for credit for women-owned, minority-owned, and small 
businesses, and for those data to be subsequently disclosed to the 
public.\766\
---------------------------------------------------------------------------

    \766\ See ECOA section 704B(e)(1), (f)(2) (detailing 
requirements for compilation, maintenance, and publication of 
information).

---------------------------------------------------------------------------

[[Page 56511]]

    The Bureau is proposing that financial institutions not compile, 
maintain, or submit any name, specific address, telephone number, email 
address or any personally identifiable information concerning any 
individual who is, or is connected with, an applicant, other than as 
would be required pursuant to proposed Sec.  1002.107. Nonetheless, 
publication of the data fields proposed in Sec.  1002.107(a) in an 
unedited, application-level format could potentially affect the privacy 
interests and lead to the re-identification of, and risk of harm to, 
small businesses, related natural persons, and financial institutions.
    Section 1071 states that the Bureau may, ``at its discretion, 
delete or modify data collected under [section 1071] which is or will 
be available to the public, if the Bureau determines that the deletion 
or modification of the data would advance a privacy interest.'' \767\ 
For the reasons discussed below, the Bureau is proposing to adopt a 
balancing test as the method by which it would implement its 
``discretion'' to delete or modify data before making the data 
available to the public.
---------------------------------------------------------------------------

    \767\ ECOA section 704B(e)(4).
---------------------------------------------------------------------------

    However, the Bureau does not yet have any data under section 1071 
and the Bureau does not believe that there are any comparable datasets 
that it could use as an adequate proxy for 1071 data to which it could 
apply the balancing test at this time. The Bureau is thus setting forth 
herein a partial analysis under the balancing test, for public comment. 
With several exceptions, discussed in part VI.C.6 below, the Bureau is 
not at this time proposing specific modifications or deletions for the 
public application-level 1071 data. After the Bureau receives at least 
one full year of 1071 data from financial institutions following the 
compliance date of the final rule, the Bureau intends to issue a policy 
statement (informed by comments received on the partial analysis in 
this proposal), in which the Bureau would set forth its intended 
modifications and deletions.

B. Background

1. SBREFA Outline
    In the SBREFA Outline, the Bureau stated it was considering 
proposing to use a balancing test for purposes of deciding how to 
exercise its discretion to modify or delete data prior to 
publication.\768\ The Bureau explained that data would be modified or 
deleted if disclosure of the data in unmodified form would pose risks 
to privacy interests that are not justified by the benefits of public 
disclosure in light of the statutory purposes of section 1071. If the 
risks of disclosing unmodified data are not justified by the benefits 
under the balancing test, the Bureau explained it would determine 
whether modifications could appropriately diminish the risks. The 
Bureau further explained that it was considering proposing to apply 
this balancing test to the privacy interests of non-natural persons 
(e.g., small business applicants or financial institutions), with 
respect to protecting sensitive commercial information, as well as the 
privacy interests of natural persons (e.g., principal owners), with 
respect to protecting personal information.
---------------------------------------------------------------------------

    \768\ See SBREFA Outline at 40-41.
---------------------------------------------------------------------------

    As an alternative to a balancing test, the Bureau had considered an 
approach in which it would modify data prior to publication if an 
identified privacy risk crosses some significance threshold, without 
assessing that risk against the benefit of disclosure. The Bureau 
explained that such an approach, however, could be inconsistent with 
the express disclosure purposes of the statute.
2. SBREFA Feedback
    The Bureau received feedback on its privacy proposals under 
consideration from SERs and other commenters; \769\ the SBREFA Panel 
also made recommendations regarding privacy. Comments related to the 
design and implementation of the balancing test itself are described 
immediately below. Comments addressing general issues related to 
benefits, privacy risks, and potential modifications of data fields are 
described further below in part VI.C. Comments addressing the benefits 
of specific data fields the Bureau considered as part of the SBREFA 
process are discussed in the section-by-section analysis of proposed 
Sec.  1002.107(a), in part V above. Comments addressing the privacy 
risks and potential modifications of specific data fields are discussed 
below in part VI.C.
---------------------------------------------------------------------------

    \769\ The SER feedback discussed in this section-by-section 
analysis can be found in the SBREFA Panel Report at 34-36.
---------------------------------------------------------------------------

    With respect to the balancing test itself, several SERs expressed 
the view that it would be difficult to balance transparency and 
fairness in the marketplace with privacy interests. A SER and another 
industry commenter suggested that the balancing test described in the 
SBREFA Outline would not adequately protect privacy interests because 
it appeared to be subjective, dependent on the limitations of agency 
expertise, and subject to change. A community group commenter 
maintained that financial institution privacy did not appear to have 
been a concern for Congress in section 1071.
    One industry commenter recommended that the Bureau consider the 
alternative approach of not balancing privacy risks against the 
benefits of disclosure because of the heightened privacy risks in the 
small business market (relative to consumer privacy risks), 
particularly in geographies where re-identification risk is higher. 
Another industry commenter expressed the view that excluding community 
banks from collection and reporting would provide a more 
straightforward approach to protecting privacy. On the other hand, a 
community group maintained that the benefits of public disclosure would 
always justify any alleged privacy risks.
    Commenters also addressed information security concerns and 
potential conflicts with other privacy laws. Two SERs raised concerns 
that the transmission of 1071 data to the Bureau could give rise to the 
risk of a data security breach involving personally identifiable 
information or information that would directly identify a small 
business. One SER requested that financial institutions be held 
harmless if there were a data security breach for which the Bureau was 
responsible. Another industry commenter expressed the concern that some 
applicants would be hesitant to provide information in light of data 
security concerns. Another requested that the Bureau describe and seek 
comment on its data security safeguards.
    Commenters also addressed procedural issues surrounding the 
implementation of the Bureau's privacy analysis. Several industry 
commenters requested that the Bureau not bifurcate the analysis of 
privacy issues into a separate notice-and-comment rulemaking, which was 
the approach the Bureau took with respect to data fields reported under 
the 2015 HMDA Final Rule. One commenter stated that a full explanation 
of the balancing test design and its application would help financial 
institutions consider potential reputational risks associated with data 
disclosure. One industry stakeholder stated that the Bureau should take 
what the stakeholder described as a transparent approach to decisions 
about public disclosure. Another stakeholder stated that if privacy 
issues are raised after implementation of a rulemaking, the Bureau 
should, as the stakeholder described, promptly limit publication of 
data that might be released to the

[[Page 56512]]

public. Other industry commenters maintained that decisions about 
modifications or deletions to protect privacy should be published 
following notice-and-comment rulemaking, rather than by policy 
statement.
    The SBREFA Panel recommended that the Bureau offer more detail in 
the proposal on the balancing test and its application to the 1071 data 
fields.\770\ The Panel also recommended that the Bureau seek comment on 
how it should design and implement the balancing test. In addition, the 
Panel recommended that the Bureau seek comment on the range of privacy 
concerns articulated by SERs, including potential re-identification of 
small businesses and financial institutions, as well as the types of 
harms and sensitivities the unmodified release of 1071 data could cause 
to financial institutions and small business applicants.\771\ Finally, 
the Panel recommended that the Bureau seek comment on the potential 
benefits of publishing unmodified 1071 data.\772\
---------------------------------------------------------------------------

    \770\ See SBREFA Panel Report at 47-48.
    \771\ See id.
    \772\ See id.
---------------------------------------------------------------------------

C. Design, Implementation, and Application of Balancing Test

    In light of the feedback from SERs and other stakeholders, and for 
the reasons below, the Bureau is proposing to adopt a balancing test, 
consistent with the test described in the SBREFA Outline. As 
recommended by the SBREFA Panel, the Bureau is providing additional 
detail on the balancing test and how it would be applied to the 
proposed 1071 data points; this analysis is in Preliminary Application 
of the Balancing Test in part VI.C.6 below. As discussed under 
Implementation of the Balancing Test in part VI.C.2 below, however, the 
Bureau is not proposing specific modifications or deletions for most of 
the proposed data fields because data required for a statistical 
analysis of re-identification risk are not yet available.
1. Balancing Test Design
    Under ECOA section 704B(e)(4), the Bureau ``may, at its discretion, 
delete or modify data collected under this section which is or will be 
available to the public, if the Bureau determines that the deletion or 
modification of the data would advance a privacy interest.'' \773\ 
Congress thus provided the Bureau with broad discretion to modify or 
delete data prior to public disclosure to advance privacy interests. 
The Bureau continues to believe that a balancing test is a reasonable 
approach for exercising this discretion and would effectuate the 
purposes of section 1071 better than the alternative approaches 
discussed in the SBREFA Outline and recommended by some commenters. As 
recognized by commenters, exercising this discretion inherently 
requires that the Bureau reconcile competing policy interests. A 
balancing test approach would help the Bureau consider the privacy 
risks and benefits of disclosing data fields, tailor modifications or 
deletions of data narrowly to appropriately balance privacy risks and 
benefits in the published data, and establish a decision framework that 
is responsive to a broad set of stakeholder concerns that might evolve 
over time. The Bureau intends to engage with stakeholders, including 
through this proposal, to supplement its own expertise in evaluating 
privacy interests for these purposes.
---------------------------------------------------------------------------

    \773\ ECOA section 704B(e)(4).
---------------------------------------------------------------------------

    Alternative approaches recommended by stakeholders are summarized 
in part VI.B.2 above. The Bureau is not proposing approaches that do 
not consider the benefits of public disclosure because it is concerned 
they would result in outcomes inconsistent with the statutory purposes. 
For example, deleting all application-level data from public release 
and instead publishing aggregate data would advance privacy interests 
but would substantially undermine the public disclosure purposes of the 
statute.
    The Bureau also considered the suggestion that it exercise its 
discretion to modify or delete application-level data prior to 
publication by exempting classes of financial institutions from public 
disclosure. While this would address the privacy interests of those 
financial institutions and their customers that might arise in certain 
markets, this approach would be too narrow because privacy concerns 
that arise for these persons may also arise for others, such as small 
businesses and natural persons in other markets. The Bureau is not 
proposing an approach that assumes the benefits of disclosure will 
always justify risks to privacy interests. The commenter recommending 
this approach did not provide a basis for such a conclusion with 
respect to individual data fields, or the dataset as a whole.
    With respect to the comment that the Bureau not consider the 
privacy interests of financial institutions, section 1071 generally 
provides that the Bureau may delete or modify data if it determines 
that doing so ``would advance a privacy interest.'' \774\ The statute 
does not define the term ``privacy interest,'' however, and the Bureau 
believes it can reasonably be interpreted broadly, for purposes of 
section 1071, to include interests of non-natural persons with respect 
to certain commercial information.
---------------------------------------------------------------------------

    \774\ See ECOA section 704B(a) (statutory purposes), (e)(4) 
(deletion or modification authority), (f)(1) (reporting 
requirement), (f)(2)(C) (publication requirement).
---------------------------------------------------------------------------

    Whether a non-natural person has cognizable ``privacy interests'' 
under the Constitution or common law is not a settled legal question 
across all areas of the law. Common law recognizes that businesses have 
an interest in protecting sensitive commercial information, similar to 
the privacy interests enjoyed by natural persons.\775\ Although the 
courts have typically described these interests as property interests, 
cases sometimes describe these types of interests as privacy 
interests.\776\ Some circuits have held that non-natural persons have 
constitutionally protected privacy interests,\777\ while other circuits 
have rejected this notion.\778\ The Supreme Court has held that 
corporations do not have privacy rights on par with natural 
persons,\779\ and that corporations do not have ``personal'' privacy 
interests; \780\ however, it has not directly addressed the issue of 
whether a non-natural person has a cognizable ``privacy interest.'' The 
Bureau also understands that the interests of many small businesses may 
be closely tied to the privacy interests of natural persons.\781\
---------------------------------------------------------------------------

    \775\ See, e.g., Carpenter v. United States, 484 U.S. 19, 26 
(1987) (``Confidential information acquired or compiled by a 
corporation in the course and conduct of its business is a species 
of property to which the corporation has the exclusive right and 
benefit . . . .'') (citation omitted).
    \776\ See, e.g., Kewanee Oil Co. v. Bicron Corp., 416 U.S. 470, 
487 (1974) (``A most fundamental human right, that of privacy, is 
threatened when industrial espionage is condoned or is made 
profitable.''); E.I. duPont deNemours & Co. v. Christopher, 431 F.2d 
1012, 1016 (5th Cir. 1970) (``Commercial privacy must be protected 
from espionage which could not have been reasonably anticipated or 
prevented.'').
    \777\ See, e.g., Tavoulareas v. Wash. Post Co., 724 F.2d 1010, 
1023 (D.C. Cir. 1984), vacated on other grounds, 737 F.2d 1170 (D.C. 
Cir. 1984).
    \778\ See, e.g., Fleck & Assocs., Inc. v. City of Phoenix, 471 
F.3d 1100, 1105 (9th Cir. 2006).
    \779\ United States v. Morton Salt Co., 338 U.S. 632, 652 (1950) 
(``[C]orporations can claim no equality with individuals in the 
enjoyment of a right to privacy.'').
    \780\ FCC v. AT&T, Inc., 562 U.S. 397, 402-407 (2011). In FCC, 
the Court held that corporations lack ``personal privacy'' interests 
under FOIA Exemption 6, which uses the term ``personal privacy.'' 
The Court's opinion was based on the word ``personal'' and limited 
to the notion of ``personal privacy.'' The Court stated that it was 
not addressing the scope of a non-natural person's ``privacy 
interests'' generally under constitutional or common law. Id. at 407 
(``[T]his case does not call upon us to pass on the scope of a 
corporation's `privacy' interests as a matter of constitutional or 
common law.'').
    \781\ See, e.g., Providence J. Co. v. FBI, 460 F. Supp. 778, 785 
(D.R.I. 1978) (``While corporations have no privacy, personal 
financial information is protected, including information about 
small businesses when the individual and corporation are 
identical.''), rev'd on other grounds, 602 F.2d 1010 (1st Cir. 
1979).

---------------------------------------------------------------------------

[[Page 56513]]

    The Bureau believes it is appropriate to consider the privacy 
interests of non-natural persons under the 1071 balancing test. The 
proposed 1071 data points would reveal information about non-natural 
persons--including small businesses and financial institutions--and 
Congress did not expressly limit the privacy interests the Bureau may 
consider to those of natural persons. Nor did Congress expressly limit 
the privacy interests the Bureau may consider to those of applicants or 
borrowers, as it did in HMDA.\782\ Further, courts have recognized that 
non-natural persons have privacy interests in certain contexts. The 
Bureau seeks comment on its interpretation of ``privacy interests'' 
under section 1071 and its proposal to consider the privacy interests 
of both financial institutions and non-natural person applicants.
---------------------------------------------------------------------------

    \782\ For context, the privacy interests that may be considered 
under HMDA are limited to the interests of ``applicants and 
mortgagors'' specifically. See 12 U.S.C. 2803(h)(1)(E), (h)(3)(B), 
(j)(2)(B). In contrast, section 1071 simply uses the term ``privacy 
interest,'' without qualification. See ECOA section 704B(e)(4).
---------------------------------------------------------------------------

    Several commenters raised concerns about the information security 
implications of reporting data to the Bureau. While the Bureau's 
information security procedures are outside the scope of this 
rulemaking, the Bureau takes strong measures to mitigate and address 
any risks to the security of sensitive data it receives, consistent 
with the guidance and standards set for Federal information security 
programs, and is committed to protecting the privacy and information 
security of the 1071 data it receives from financial institutions. In 
addition, the Bureau does not believe a financial institution could be 
held legally liable for the exposure of data due to a breach at a 
government agency or for reporting data to a government agency if the 
institution was legally required to provide the data to the agency and 
did so in accordance with other applicable law.
    The Bureau acknowledges the concern raised by some SERs and other 
stakeholders that some applicants might be hesitant to provide 
information in light of data security concerns. However, the Bureau 
does not believe that such concerns will broadly discourage applicants 
from seeking credit from financial institutions that are responsible 
for reporting data to the Bureau.
    For the reasons described above, the Bureau proposes to use a 
balancing test to exercise its discretion under ECOA section 704B(e)(4) 
to delete or modify data collected under section 1071 which is or would 
be available to the public where the Bureau determines that the 
deletion or modification of the data would advance a privacy interest. 
Specifically, the Bureau proposes to modify or, as appropriate, delete 
data fields from the public application-level 1071 data where the 
release of the unmodified data would create risks to the privacy 
interests of applicants, related natural persons, or financial 
institutions that would not be justified by the benefits of such 
release to the public in light of the statutory purposes of section 
1071. In such circumstances, the need to protect the privacy interests 
of applicants, related natural persons, or financial institutions would 
require that individual data fields be modified or, as appropriate, 
deleted. Considering the public disclosure of 1071 data as a whole, the 
privacy interests of applicants, related natural persons, or financial 
institutions would arise under the balancing test only where the 
disclosure of 1071 data may both substantially facilitate the re-
identification of an applicant or related natural person, in the data 
and disclose information about such persons, or the identified 
financial institution, that is not otherwise public and may be harmful 
or sensitive. Thus, disclosure of an unmodified individual data field 
may create a risk to privacy interests if such disclosure either would 
substantially facilitate the re-identification of an applicant or 
related natural person; or would disclose information about applicants 
or related natural persons, or an identified financial institution, 
that is not otherwise public and that may be harmful or sensitive.\783\ 
This interpretation implements ECOA section 704(e)(4).
---------------------------------------------------------------------------

    \783\ The Bureau is aware that ``re-identification'' risk often 
is used in reference to risks applicable to natural persons and that 
identification of a small business in the public application-level 
1071 data could be characterized as a ``harm'' or ``sensitivity.'' 
However, for the ease of administrability, the proposed balancing 
test analyzes risks to both natural persons and small businesses as 
re-identification risks.
---------------------------------------------------------------------------

    Where the publication of unmodified application-level 1071 data may 
create risks to privacy, the proposed balancing test would require that 
the Bureau consider the benefits of disclosure in light of section 
1071's purposes and, where these benefits do not justify the privacy 
risks the disclosure would create, modify the public application-level 
dataset to appropriately balance the privacy risks and disclosure 
benefits. The Bureau would delete the data field prior to publishing 
the application-level dataset if other modifications would not 
appropriately balance the privacy risks and disclosure benefits. An 
individual data field would be a candidate for modification or deletion 
under the proposed balancing test if its disclosure in unmodified form 
would create a risk of re-identification or a risk of harm or 
sensitivity.
    The Bureau's proposed balancing test generally resembles the 
balancing test adopted in the 2015 HMDA Final Rule,\784\ with certain 
adjustments for the 1071 context. In particular, the Bureau's proposed 
1071 balancing test would consider the privacy interests of not just 
applicants, but also related natural persons who might not be 
applicants (such as principal owners of a business, where a legal 
entity is the applicant), as well as the privacy interests of financial 
institutions reporting 1071 data.
---------------------------------------------------------------------------

    \784\ See 80 FR 66127, 66133-34 (Oct. 28, 2015).
---------------------------------------------------------------------------

    The Bureau's proposed 1071 balancing test would not specifically 
consider the risks that a financial institution could be identified in 
the public application-level 1071 data. Section 1071 requires financial 
institutions to compile and maintain data and provides that such 
information be made available to the public upon request.\785\ 
Accordingly, section 1071 contemplates that the public would know what 
application data are associated with particular financial institutions. 
Because the statute directly contemplates disclosure of a financial 
institution's identity in connection with the public application-level 
dataset, the Bureau proposes to disclose financial institution 
identity; the re-identification risk element of the analysis would not 
apply to financial institutions. However, the Bureau would consider the 
risk to a financial institution that the release of 1071 data in 
unmodified form would disclose information that may be harmful or 
sensitive to a financial institution.
---------------------------------------------------------------------------

    \785\ See ECOA section 704B(e), (f)(2)(B).
---------------------------------------------------------------------------

    As recommended by the SBREFA Panel, the Bureau seeks comment on the 
design of its proposed balancing test. The Bureau also seeks comment on 
whether the balancing test should apply to the privacy interests of 
natural persons generally, rather than just those of natural persons 
related to applicants.
2. Implementation of the Balancing Test
    As noted above, the SBREFA Panel and other commenters recommended 
that the Bureau offer more detail in the proposal on how the Bureau 
intends to implement and apply its balancing test

[[Page 56514]]

to the 1071 data fields it is proposing.\786\ Several industry 
commenters requested that the Bureau apply the balancing test directly 
in the Bureau's 1071 rulemaking, rather than after the Bureau issues a 
final rule. Because of data limitations discussed below, the Bureau is 
not proposing a full application of the balancing test to most of the 
proposed data points. Instead, the Bureau is setting forth and seeking 
comment on its analysis of the benefits and harms or sensitivities that 
could arise with respect to individual data fields and the dataset as a 
whole. The Bureau is not conducting a full analysis of the risks of re-
identification; the Bureau is proposing to determine the extent of re-
identification risk after it has obtained a full year of reported 1071 
data. Accordingly, the Bureau is not proposing specific modifications 
or deletions for most of the proposed data points, but is instead 
seeking comment throughout part VI.C.5 and .6 on the types of 
techniques it is considering.
---------------------------------------------------------------------------

    \786\ See SBREFA Panel Report at 47.
---------------------------------------------------------------------------

    The Bureau is not applying the proposed balancing test fully to the 
proposed data fields because the lack of an existing 1071 dataset, or a 
sufficiently similar dataset, materially limits its ability to analyze 
re-identification risks. Unlike the balancing test elements of 
benefits, harms, and sensitivities, the Bureau would analyze the re-
identification risk element, in part, using a statistical analysis. 
Specifically, the Bureau would determine whether a particular 
combination of data fields in a dataset generates a unique set of 
records that can be accurately matched to records in another publicly 
available dataset identifying an applicant or a related natural 
person.\787\ Where certain data fields significantly contribute to re-
identification risk, the Bureau can use this type of analysis to 
determine what modifications can be made to the data fields to reduce 
re-identification risk--that is, by reducing the number of unique 
combinations produced by data fields--while maintaining as much data 
utility as possible.
---------------------------------------------------------------------------

    \787\ For purposes of this discussion of the proposed balancing 
test analysis, the term ``unique'' can refer to a combination of 
values for a particular record or a combination of values shared by 
a few records.
---------------------------------------------------------------------------

    However, the absence of an existing 1071 dataset or sufficiently 
similar data significantly impedes the Bureau's ability to 
preliminarily determine whether a proposed 1071 data field, 
individually or in combination with others, would substantially 
facilitate re-identification, or how specifically to modify data to 
reduce that risk. Because there does not exist a dataset sufficiently 
similar to what would be published under section 1071, a re-
identification analysis of data other than actual reported 1071 data 
would not provide an accurate basis on which the Bureau could apply the 
balancing test and modify or delete the data, as appropriate.\788\ 
Underestimating the degree to which a 1071 data field, individually or 
in combination with others, facilitates re-identification risk could 
unnecessarily increase privacy risks to an applicant or a related 
natural person, while overestimating re-identification risk could 
unnecessarily reduce data utility.
---------------------------------------------------------------------------

    \788\ The Bureau considered whether it could analyze re-
identification risk using data released under the SBA's Paycheck 
Protection Program (PPP) and U.S. Census data. However, estimating 
re-identification risk--and making modification and deletion 
decisions designed to reduce re-identification risk--based on 
existing public data sources would be substantively limited. First, 
the more limited scope of the PPP and Census data makes it difficult 
to accurately estimate the re-identification risk associated with 
all of the data points in the eventual 1071 data. Second, a re-
identification analysis using existing PPP and Census datasets would 
not cover the same sets of small businesses that will appear in the 
1071 data.
---------------------------------------------------------------------------

    In light of these limitations, the Bureau considered deferring all 
analysis under the proposed balancing test until after the 1071 rule is 
finalized. However, the Bureau is concerned that doing so would reduce 
opportunities for public feedback on privacy issues and their 
relationship to the general 1071 proposal. Although the Bureau lacks 
data that would allow it to perform a complete re-identification 
analysis at this time, it believes there is substantial value in 
setting forth its preliminary analysis under other aspects of the 
balancing test. Specifically, the Bureau has preliminarily analyzed the 
benefits and harms or sensitivities associated with the proposed data 
fields, the capacity and motives of third parties to match proposed 
1071 data fields to other identifiable datasets, and potential 
modification techniques it may consider to address privacy risks. The 
Bureau's preliminary analysis of these aspects of the balancing test is 
set forth below. The Bureau acknowledges that the public will not have 
an opportunity to comment on the Bureau's intentions with respect to 
specific modifications or deletions for each proposed data field before 
a 1071 rule is finalized. However, the Bureau believes this limitation 
outweighs the risks of basing modifications or deletions on a 
potentially inaccurate re-identification analysis. And while a number 
of community groups that provided feedback on the Bureau's SBREFA 
Outline asserted that privacy risks would be low, they nonetheless 
recognized the role played by modification techniques. The Bureau 
agrees that modification techniques could play an important role in 
reducing privacy risks. The Bureau's ability to design effective 
modifications, however, requires application-level data that are not 
currently available.
    As noted above, several industry commenters asserted that privacy 
decisions should be finalized by notice-and-comment rulemaking, rather 
than by policy statement. The Bureau believes, however, that a policy 
statement would be an appropriate vehicle for announcing its intentions 
with respect to modifications and deletions of 1071 data. First, under 
section 1071, the Bureau may delete or modify data at its discretion, 
in contrast to other provisions in the statute that require legislative 
rulemaking.\789\ Second, the Bureau's proposed approach with respect to 
modifications and deletions would not impose compliance obligations on 
financial institutions; as discussed in the section-by-section analysis 
of proposed Sec.  1002.110 above, the Bureau is proposing to publish 
application-level data on its website on behalf of financial 
institutions.\790\
---------------------------------------------------------------------------

    \789\ Compare ECOA section 704B(e)(4), with ECOA section 
704B(f)(2).
    \790\ Section 1071 requires financial institutions to compile 
and maintain data and provides that such information be made 
available to the public upon request. See ECOA section 704B(e), 
(f)(2)(B).
---------------------------------------------------------------------------

    Nonetheless, in the interest of obtaining public feedback on the 
qualitative aspects of its balancing test analysis, the Bureau is 
including a preliminary detailed analysis for each of the proposed data 
points, described under Preliminary Application of the Balancing Test 
in part VI.C.6 below. After the first year of 1071 data is reported to 
the Bureau, but before the Bureau releases the first year of 1071 data 
to the public, it would publish a policy statement setting forth its 
intentions with respect to modifications and deletions to the public 
application-level 1071 data. Before publishing that policy statement, 
the Bureau would conduct a balancing test analysis based on feedback to 
this proposal as well as a quantitative analysis of re-identification 
risk using reported 1071 data. At this time, the Bureau does not intend 
to re-propose its balancing test analysis for public comment prior to 
issuing the policy statement, in the interest of making data publicly 
available in a timely manner.
    While the Bureau is seeking public feedback on its analysis below, 
preserving the ability to exercise its

[[Page 56515]]

discretion to modify or delete data through policy statements allows 
the Bureau to manage the relationship between privacy risks and 
benefits of disclosure more actively. The Bureau believes this 
flexibility may be especially important in the event the Bureau becomes 
aware of developments that might contribute to privacy risks. The 
privacy landscape is constantly evolving, and risks to applicant 
privacy created by the publication of the application-level 1071 data 
may change as the result of technological advances and other external 
developments. For example, a new source of publicly available records 
may become accessible, increasing or decreasing privacy risks under the 
balancing test, or the Bureau may discover evidence suggesting that 
third parties are using the 1071 data in unforeseen, potentially 
harmful ways. Potential uses of the application-level 1071 data in 
furtherance of the statute's purposes may also evolve, such that the 
benefits associated with the disclosure of certain data may increase to 
an extent that justifies providing more information to the public in 
less modified form. As recommended by the SBREFA Panel, the Bureau 
seeks comment on its approach described above for implementing the 
balancing test.\791\
---------------------------------------------------------------------------

    \791\ See SBREFA Panel Report at 24, 33, 48.
---------------------------------------------------------------------------

3. Disclosure Benefits
    In the SBREFA Outline, the Bureau explained that, under the 
balancing test it was considering, data would be modified or deleted if 
disclosure in unmodified form would pose risks to privacy interests 
that are not justified by the benefits of public disclosure in light of 
the statutory purposes of section 1071.\792\ The Bureau sought feedback 
on the data points generally, as well as the benefits of public 
disclosure to financial institutions for each of the data points under 
consideration.\793\ Feedback on the benefits of public disclosure of 
the data points under consideration during the SBREFA process is 
described in the applicable section-by-section analysis of proposed 
Sec.  1002.107(a)(1) through (21) in part V above. Feedback on the 
benefits of public disclosure of the 1071 dataset as a whole is 
described below.
---------------------------------------------------------------------------

    \792\ See SBREFA Outline at 40-41.
    \793\ See id.
---------------------------------------------------------------------------

    Under the proposed balancing test, the Bureau would consider the 
benefits of disclosure of the application-level 1071 data to the public 
in light of the statutory purposes of section 1071. As described above, 
the 1071 data would be the most comprehensive dataset available to 
analyze trends within the U.S. small business lending industry. The 
Bureau expects that users of 1071 data would rely on this information 
to help achieve the statutory purposes of section 1071: (1) 
Facilitating the enforcement of fair lending laws; and (2) enabling 
communities, governmental entities, and creditors to identify business 
and community development needs and opportunities of women-owned, 
minority-owned, and small businesses.\794\ This would make 1071 data 
the foremost data source that governmental entities, researchers, 
economists, industry, and community groups rely on to achieve 1071's 
purposes and to analyze the small business lending market. The Bureau 
received feedback provided by SERs, other commenters, and the SBREFA 
Panel on the potential benefits of disclosure. Comments related to the 
overall benefits of data disclosure, the fair lending benefits, and 
business and community development benefits are described below.
---------------------------------------------------------------------------

    \794\ See ECOA section 704B(a).
---------------------------------------------------------------------------

    Some SERs and industry stakeholders generally supported the public 
disclosure of 1071 data to promote the monitoring of equal access to 
credit for small businesses, and narrowing the information gap between 
lenders and borrowers, community groups, and public officials. A number 
of SERs expressed the view that data transparency in the small business 
lending market is critical to advance the goals of fair lending 
enforcement and access to credit for small businesses, especially those 
that are minority-owned and women-owned. One SER stated that the data 
currently available are limited, and that section 1071 has the 
opportunity to address lending disparities. The SER also explained that 
data transparency and fairness could address lending practices that 
tend to exclude women-owned and minority-owned businesses, exacerbating 
a racial wealth gap. An industry stakeholder supported the public 
disclosure of 1071 data to promote the monitoring of equal access to 
credit for women- and minority-owned businesses.
    Several SERs also underscored the importance of public disclosure 
of 1071 data in furthering the 1071 rule's business and community 
development purpose. One SER stated that the 1071 rule could be a model 
for the marketplace and pro-innovation if implemented with checks and 
balances. Another SER said that more transparency would help 
governments and creditors understand what strategies are successful in 
reaching women-owned and minority-owned small businesses and shed light 
on the marketplace and pricing overall.\795\ Other SERs emphasized the 
importance of publishing pricing information (specifically captured as 
APR), together with product type for understanding the cost and 
availability of financing products to small businesses, the importance 
of NAICS codes or other industry information for determining which 
industries are getting funding generally, and the importance of census 
tract or other geographic information for understanding the extent of 
lending to small businesses in low-to-moderate income 
neighborhoods.\796\
---------------------------------------------------------------------------

    \795\ See SBREFA Panel Report at 36.
    \796\ See id.
---------------------------------------------------------------------------

    However, several industry commenters expressed the belief that 
there were no, or few, benefits to publishing 1071 data in general, in 
addition to raising general concerns about privacy risks, discussed 
under Risks to Privacy Interests in part VI.C.4 below. Several 
commenters maintained that the benefits of public disclosure would be 
limited due to concerns about the data points the Bureau was 
considering and the absence of other data points that could, in the 
view of these commenters, reduce the risk of misinterpretation of the 
data. SERs and industry commenters also questioned the benefits 
associated with individual data points, as described in the applicable 
section-by-section analysis of proposed Sec.  1002.107(a)(1) through 
(21) in part V above.
    Community group commenters supported public disclosure of 1071 
data. One commenter expressed the view that robust data collection 
would allow the public to gain a much greater understanding of gaps in 
lending to borrowers in the marketplace, and easily identify unmet 
borrowing needs. The commenter explained that the 1071 dataset would 
cover more types of loans from more institutions than existing CRA data 
(which had been used for similar kinds of analyses in the past), 
potentially giving the Bureau a comprehensive view of the small 
business lending market. The commenter also explained that data 
collection under the proposal would build an understanding of the 
credit needs and financing outcomes of small businesses in the lending 
marketplace through information from data fields such as amount applied 
for, action taken, and amount approved or originated. Additionally, 
several community group commenters asserted that transparency through 
public disclosure would benefit responsible financial institutions by 
allowing them

[[Page 56516]]

to distinguish themselves from others and providing a means for 
discovering and addressing problematic practices earlier.
    The Bureau has considered these comments and the ways in which 
public disclosure of the proposed 1071 data fields would facilitate the 
enforcement of fair lending laws. Market transparency through 
publication of the application-level 1071 data would help to identify 
potential fair lending violations and address discrimination in small 
business lending. For example, the ability to compare pricing is a 
central outcome in many fair lending analyses, which often aim to 
determine if similarly situated applicants face higher prices due to a 
prohibited basis under ECOA, such as ethnicity, race, and sex. In 
supporting the inclusion of pricing as a discretionary data point, one 
community group explained that collecting data on price would 
facilitate enforcement of fair lending laws by identifying 
discrimination in lending through information on whether an application 
was approved and at what price. The 1071 data would also be used by 
public officials, researchers, and community groups to identify 
potentially discriminatory lending patterns and to enforce anti-
discrimination statutes. For example, data on action taken would be 
used in fair lending analyses to identify potential disparities in 
denial rates among similarly situated applicants. Additionally, public 
disclosure of the 1071 data fields would enable data users to advocate 
that financial institutions maintain robust fair lending policies and 
practices and could also increase the prospect of self-correction when 
financial institutions conduct their own analyses to assess potential 
fair lending risks. At the same time, greater transparency could 
provide explanatory context for lending decisions, which may help 
protect responsible lenders from inaccurate assumptions based on more 
limited public data.
    Moreover, data users, such as community groups, researchers, and 
public officials, would be able to use 1071 data to help determine 
whether certain types of credit are disproportionately available to 
different groups. For example, one community group commenter explained 
that because credit cards and other types of high-interest credit are 
widely used by small businesses, information on the types of credit 
applied for or originated could reveal the extent to which women-owned 
or minority-owned small businesses can access term loans or are served 
disproportionately by credit cards or other small business credit 
products that generally carry higher interest rates. The same commenter 
also explained that data users may be able to use the 1071 data to 
investigate whether certain products or businesses are 
disproportionately supported by government guarantee programs in 
business and community development and possibly help to develop more 
targeted programs.
    The Bureau has also considered the ways in which publication of the 
application-level 1071 data would promote the business and community 
development purpose of 1071. The Bureau believes that the public 
application-level 1071 data would provide useful and robust data, 
allowing data users to appropriately and efficiently focus resources on 
particular areas of need. For example, reporting of information about 
rates of denial, and the associated reasons for denial of a business 
credit application, combined with data fields commonly used to help 
make underwriting decisions, such as gross annual revenue and time in 
business, would improve the public's ability to generally understand 
financial institutions' decision-making and to identify underserved 
areas of the market. The Bureau also believes that the public 
application-level 1071 data could yield information helpful in 
understanding the economic health of communities. NAICS codes, for 
example, could provide information about rates at which particular 
types of businesses are applying for and receiving credit in general, 
and which types of lending products are being requested, when combined 
with credit type. This information would also allow data users to 
identify trends in the small business market that could provide 
evidence as to the health of the overall economy. Understanding these 
potential indicators would also help public officials focus efforts to 
help creditors serve the lending needs of communities and give 
government officials information to efficiently distribute resources to 
vulnerable small business applicants. Finally, pricing information, 
such as total origination charges for different types of credit, would 
also allow data users to better understand pricing decisions and the 
cost of credit to small businesses. Information about credit purpose 
would allow data users to better understand why small businesses are 
using credit, thus helping communities determine whether creditors are 
serving the small business lending needs of their communities and also 
helping public officials to target public investment to better attract 
private investment and innovation. As recommended by the SBREFA Panel, 
the Bureau seeks comment on its understanding of the benefits of public 
disclosure of the 1071 data described above.\797\
---------------------------------------------------------------------------

    \797\ See id. at 48.
---------------------------------------------------------------------------

4. Risks to Privacy Interests
    The Bureau has considered the risks to privacy that may be created 
by the public disclosure of the 1071 data that would be reported to the 
Bureau under the proposal. Based on its analysis to date, the Bureau 
believes that public disclosure of the unmodified application-level 
dataset, as a whole, might create risks to privacy interests under the 
1071 balancing test. As described in more detail below, this is due to 
the presence of unique data fields in the dataset that the Bureau 
believes could create re-identification risk and the presence of 
individual data fields that the Bureau believes would create a risk of 
harm or sensitivity. Accordingly, the Bureau intends to consider 
whether modifications or deletions to the public application-level 1071 
data would reduce these risks to privacy and appropriately balance them 
with the benefits of disclosure for section 1071's purposes.
    As recommended by the SBREFA Panel, the Bureau seeks comment on the 
range of privacy concerns articulated by SERs, including potential re-
identification of small businesses and financial institutions, as well 
as the types of harms and sensitivities the unmodified release of 1071 
data could cause to financial institutions and small business 
applicants, which are described further below.\798\
---------------------------------------------------------------------------

    \798\ See id. at 47.
---------------------------------------------------------------------------

i. Re-Identification Risk
    In the Bureau's SBREFA Outline, the Bureau explained that, while 
information that directly identifies natural persons, such as name, 
address, date of birth, or Social Security number would not be 
collected pursuant to section 1071 requirements, publication of 1071 
data under consideration in an unmodified, application-level format 
potentially could be used to re-identify small business applicants and 
related natural persons or potentially harm their privacy 
interests.\799\ One SER stated that there has not been a single 
demonstrated incident of re-identification using HMDA data, and that 
privacy concerns could be addressed through modification techniques. 
However, many SERs and several industry stakeholders explained that 
1071 data would facilitate the re-

[[Page 56517]]

identification of natural persons and businesses, particularly in low-
density geographies, like rural areas. Some stakeholders stated that it 
would be difficult to predict whether re-identification could arise, 
particularly as technology evolves.
---------------------------------------------------------------------------

    \799\ See SBREFA Outline at 40.
---------------------------------------------------------------------------

    The Bureau is concerned about two re-identification scenarios. 
First, a third party may use common data fields to match a 1071 record 
to a record in another dataset that contains the identity of the 
applicant or related natural person. The Bureau uses the term 
``adversary'' when referring to such third parties.\800\ Second, an 
adversary may rely on pre-existing personal knowledge to recognize an 
applicant's record in the unmodified 1071 data.
---------------------------------------------------------------------------

    \800\ The term is not intended to indicate that the adversary's 
motives are necessarily malicious or adverse to the interests of 
others. See, e.g., Nat'l Inst. of Standards & Tech., De-
Identification of Personal Information (2015), http://nvlpubs.nist.gov/nistpubs/ir/2015/NIST.IR.8053.pdf (using the term 
``adversary'').
---------------------------------------------------------------------------

    Re-identification based on matching. Under the first scenario, it 
may be possible to match a 1071 record to an identified dataset, either 
directly or through a combination of intermediate datasets.\801\ The 
1071 data that would be reported under the proposal, like the data 
reported under HMDA and Regulation C, may contain data fields that 
create re-identification risk.\802\ However, successfully re-
identifying a 1071 record would require several steps and may present a 
significant challenge.
---------------------------------------------------------------------------

    \801\ For purposes of this discussion, an identified dataset is 
one that directly identifies a natural or non-natural person.
    \802\ HMDA data have a large number of records with unique 
combinations of data fields. See 84 FR 649, 654 n.33 (Jan. 31, 2019) 
(citing a 2005 Board study finding that more than 90 percent of the 
loan records in a given year's HMDA data are unique--that is, an 
individual lender reported only one loan in a given census tract for 
a specific loan amount).
---------------------------------------------------------------------------

    First, an adversary generally would have to isolate a record that 
is unique within the 1071 data. A 1071 record is unique when the values 
of the data fields associated with it are shared by zero or few other 
1071 records. As discussed above, the Bureau believes actual 1071 data 
are needed to perform an accurate re-identification analysis. Thus, the 
Bureau does not intend to apply the balancing test until after it has 
analyzed re-identification risk with at least a full year of reported 
1071 data.
    A 1071 record having unique combinations of values would not 
automatically result in its re-identification; an adversary would also 
have to find a record corresponding to the applicant or related natural 
person in another dataset by matching similar combinations of data 
fields. Once a 1071 record has been matched to a corresponding record, 
an adversary would possess any additional fields found in the 
corresponding record but not found in the 1071 record, such as, 
possibly, the identity of the applicant. However, even after 
accomplishing such a match, an adversary might not have accurately re-
identified the true applicant to whom the 1071 record relates. For 
example, if the corresponding record is not the only record in the 
other dataset that shares certain data fields with the unique 1071 
record, an adversary would have to make a probabilistic determination 
as to which corresponding record belongs to the applicant.
    As described below and addressed with respect to individual data 
fields in part VI.C.6 further below, the Bureau expects that the census 
tract and NAICS code data fields may significantly contribute to re-
identification risk. Geographic and industry information are publicly 
available in a variety of sources and in a form that directly 
identifies businesses or in a way that could be derived with reasonable 
accuracy. This information is also likely to produce unique instances 
in the data, both when used separately and also, especially, when 
combined. Other data fields may result in unique combinations 
(particularly when combined with census tract), but the Bureau would 
need actual 1071 data to analyze their contribution to uniqueness.
    In the 1071 context, the Bureau believes that particularly relevant 
sources of identified data for matching purposes are UCC filings, 
property records, and titles. The Bureau believes that such filings 
could pose a serious re-identification risk because of the availability 
of information about the lender, the applicant, and the date of 
transaction. The proposed 1071 data fields in unmodified form would 
identify the financial institution as well as the action taken date or 
application date. If the action taken date is on or near the UCC filing 
date, for example, an adversary might be able to use the date and 
financial institution on the UCC filings to identify the applicants of 
originated loans in the public application-level 1071 data. The UCC 
filing also typically will have the address of the borrower. 
Combinations of lender, action taken date, and census tract might 
result in unique combinations of data fields that an adversary could 
connect to a publicly available source of information to re-identify 
the applicant. Therefore, the Bureau believes identity of the financial 
institution and the action taken date (and application date, which 
could be a proxy for action taken date) may significantly contribute to 
re-identification risk. UCC filings may also, although to a lesser 
extent, contain detailed information on the type of loan and the amount 
approved.
    With respect to 1071 loans secured by residential and commercial 
property, publicly available real estate transaction records and 
property tax records would be particularly relevant sources of 
identified data, as the Bureau described in its proposed policy 
guidance on the disclosure of loan-level HMDA data.\803\ Because some 
of the data fields in such public records are also present in the 1071 
data, the Bureau believes that the publication of application-level 
1071 data without any modifications would create a risk that these 
public records could be directly matched to a 1071 record to re-
identify an applicant. In addition, a business's own website, public 
directories, or websites that review businesses typically include the 
business's location, time in business, and information that could be 
used to derive information about the business's owners.
---------------------------------------------------------------------------

    \803\ See 82 FR 44586, 44593 (Sept. 25, 2017). The Bureau 
explained that, although there is variance by jurisdiction, such 
records are often available electronically and typically identify a 
borrower through documents such as the mortgage or deed of trust. 
These documents typically include the loan amount, the financial 
institution, the borrower's name, and the property address, and may 
include other information.
---------------------------------------------------------------------------

    UCC filings also frequently include the name of the lender, the 
name of the business, and the date that the filing was submitted. 
Though the availability differs by State, UCC filings are often 
searchable in State databases, and are a source of data frequently 
mined by data brokers. UCC statements are often filed against specific 
collateral and business assets generally, especially for products like 
general lines of credit. These types of filings would be available more 
broadly than just for loans with very specific collateral (like 
equipment or vehicles). Such filings could pose a serious re-
identification risk because of the availability of information about 
the lender, the applicant, and the date of transaction.
    Identified public data records in loan-level datasets for programs 
like the SBA's 7(a), 8(a), 504, and PPP programs, as well as State-
level registries of women-owned and minority-owned businesses for 
contracting purposes, may also contribute to re-identification risk. 
These datasets include information such as loan program guarantee 
information, industry or NAICS code, demographic information about the 
business owners, time in business, and

[[Page 56518]]

number of workers. Time in business and number of workers could also 
likely significantly contribute to re-identification risk, especially 
in combination with other data fields like census tract and NAICS code.
    Other publicly available sources of data similar to those included 
in the proposed 1071 data, but only for certain types of credit, 
include loan-level performance datasets made available by the 
Government-Sponsored Enterprises (GSEs). The GSE datasets include 
information such as borrower demographic information, loan program 
guarantee information, pricing data, loan term, loan purpose, and the 
year of action taken. Asset-backed securities datasets for securitized 
mortgage and auto loans are made available by the Securities and 
Exchange Commission through the Electronic Data Gathering, Analysis, 
and Retrieval (EDGAR) system. These datasets include information about 
the lender, the date of action taken, pricing data, loan term, loan 
amount applied for and approved. These datasets are available online 
with limited restrictions on access. But these datasets do not include 
the name of the borrower; as described above, this means that an 
adversary who is able to match a record in one of these datasets to a 
record in the 1071 data would need to make an additional match to an 
identified dataset to re-identify an applicant. And some of these 
datasets contain restrictions on use, such as a prohibition on 
attempting to re-identify borrowers.
    Private datasets, which could be made available in identified or 
de-identified form, that could be matched to the 1071 data are also 
available. For example, data brokers collect information about small 
businesses from a wide range of sources and sell it for a variety of 
purposes, including marketing, identity verification, and fraud 
detection.\804\ These datasets typically include data collected from 
commercial, government, and other publicly available sources and may 
contain data about the business, including industry code, information 
about geography, and estimates of gross annual income, number of 
workers, and information about related natural persons, including the 
race and ethnicity of business owners. Some of these datasets contain 
restrictions on use, such as requiring a legitimate business purpose, 
and some may prohibit attempts to re-identify borrowers.
---------------------------------------------------------------------------

    \804\ See generally Fed. Trade Comm'n, Data Brokers: A Call for 
Transparency and Accountability (May 2014), https://www.ftc.gov/system/files/documents/reports/data-brokers-call-transparency-accountability-report-federal-trade-commission-may-2014/140527databrokerreport.pdf (describing the types of products offered 
and the data sources used by data brokers).
---------------------------------------------------------------------------

    In addition to considering the steps an adversary would need to 
complete to re-identify the 1071 data and the various data sources that 
may be required to accomplish re-identification, including their 
limitations, the Bureau also has considered the capacity, incentives, 
and characteristics of potential adversaries, including those that may 
attempt re-identification for harmful purposes. In particular, a 
potential competitor of a small business or a firm with other 
commercial interests may seek information about a business's expansion 
strategy or financial condition, including whether it was able to 
obtain credit approval. This could be part of routine market monitoring 
or to gain a specific commercial advantage.
    These potential adversaries could possess the resources to use 
private datasets in addition to publicly available records to re-
identify the 1071 data. However, the Bureau has considered the extent 
to which much of the commercial benefit to be obtained by re-
identifying the 1071 data may be more readily available from private 
datasets to which these potential adversaries already have access 
without the need for recourse to the 1071 data. In many cases, 
information from other datasets may be timelier than that found in the 
1071 data.\805\ Furthermore, some of these potential adversaries may 
refrain from re-identifying the 1071 data for reputational reasons or 
because they have agreed to restrictions on using data from the 
additional datasets described above for re-identification purposes.
---------------------------------------------------------------------------

    \805\ Cf. 82 FR 44586, 44594 (Sept. 25, 2017) (explaining that 
the delay between action taken and publication of reported HMDA data 
ranges from three to 15 months).
---------------------------------------------------------------------------

    Additionally, while some academics, researchers, and journalists 
might use de-identified 1071 data, some may be interested in re-
identifying the 1071 data for research purposes. These persons may 
differ in their capacity to re-identify an applicant in the 1071 data. 
However, as mentioned above, some private datasets may have contractual 
terms prohibiting their use for re-identification purposes and 
therefore these persons may be restricted from actually using the 1071 
data to re-identify applicants. Further, those academics or journalists 
with significant resources may be affiliated with organizations that 
have reputational or institutional interests that would not be served 
by re-identifying the 1071 data. These factors may reduce the risk of 
re-identification by such persons.
    The Bureau has considered whether parties intending to commit 
identity theft or financial fraud may have the incentive and capacity 
to re-identify the 1071 data. As discussed under Risk of Harm or 
Sensitivity in part VI.C.4.ii below, the Bureau believes that the 1071 
data would be of minimal use for these purposes. Further, these 
potential adversaries are not law abiding and may have easier, albeit 
illegal, ways to secure data for these purposes than attempting to re-
identify application-level 1071 data.
    Re-identification based on personal knowledge. In addition to the 
possibility of re-identifying applicants through matching 1071 data to 
other datasets, some potential adversaries may be able to re-identify a 
particular applicant or related natural person in the 1071 data by 
relying on personal knowledge about the applicant or natural person. 
The unmodified 1071 data would include location and demographic 
information, such as the race, sex, and ethnicity of principal owners, 
and industry information. These types of information may be likely to 
be known to a potential adversary who is familiar with a specific 
applicant or related natural person. Therefore, such a potential 
adversary may be able to re-identify a known applicant or related 
natural person without attempting to match a 1071 record to another 
data source. This potential adversary could include a customer, 
competitor, or person with other commercial ties to the applicant, or a 
neighbor or acquaintance of a related natural person, and the interest 
in re-identification may range from mere curiosity to the desire to 
embarrass or otherwise harm the applicant. These potential adversaries 
may possess a high level of specific knowledge about the 
characteristics of a particular applicant or related natural person. 
Adversaries who can re-identify an applicant or natural person based on 
personal knowledge would be able to complement their existing knowledge 
with the full 1071 application-level data, and therefore could 
contribute to risks of harm or sensitivity.
    Pre-existing personal knowledge possessed by such a potential 
adversary would be limited to information about a subset of applicants 
and related natural persons. Thus, any re-identification attempt by 
such an adversary would likely target or impact a more limited number 
of applicants or natural persons, compared to the large numbers of 
applicants or natural persons who could be re-identified by

[[Page 56519]]

adversaries possessing sophisticated matching techniques.\806\
---------------------------------------------------------------------------

    \806\ There may be more potential adversaries with personal 
knowledge than those with the ability to do any kind of 
sophisticated matching to other datasets, but it is not possible to 
predict.
---------------------------------------------------------------------------

    Although the Bureau believes that location, protected demographic 
information, and industry information may be more likely to be known 
than other information in the 1071 data, it is impossible to predict 
the exact content of any pre-existing personal knowledge that such a 
potential adversary may possess. This uncertainty creates challenges 
for evaluating the degree to which individual data fields contribute to 
the risk of re-identification by such a potential adversary. For these 
reasons, the discussions of re-identification risk in the Bureau's 
analysis of data points below generally focus on the risk of re-
identification based on matching, not on personal knowledge. The Bureau 
seeks comment on how the Bureau could assess re-identification risk 
arising from adversaries with personal knowledge.
    Applications that do not result in originations. In its final 
policy guidance on the disclosure of loan-level HMDA data, the Bureau 
explained that the risk of re-identification to applicants is 
significantly lower for applications that do not result in originated 
loans.\807\ The Bureau explained that the lack of public information 
about applications significantly reduces the likelihood that an 
adversary could match the record of a HMDA loan application that was 
not originated to an identified record in another dataset. The Bureau 
has not identified any publicly available information about 
applications for business loans. As discussed under Implementation of 
the Balancing Test in part VI.C.2 above, the Bureau lacks data 
necessary to perform a complete re-identification analysis at this 
time. However, the unmodified 1071 data might contain data fields that 
facilitate the re-identification of applicants. For example, the census 
tract and NAICS code data fields could result in unique combinations 
that an adversary could use to match to an identified public record, 
such as a business directory.\808\
---------------------------------------------------------------------------

    \807\ See 84 FR 649, 658 (Jan. 31, 2019); see also 82 FR 44586, 
44593 n.55 (Sept. 25, 2017).
    \808\ In addition, as the Bureau believed in the HMDA context, 
some of the information contained in the unmodified 1071 data for 
applicants may permit an adversary to re-identify an applicant 
despite the lack of publicly available records. For example, if an 
applicant withdraws an application and obtains a loan secured by the 
same property from another institution, it may be possible to link 
the 1071 data for the withdrawn application with the data for the 
origination, as much of the property and applicant information would 
be identical. See 84 FR 649, 658 (Jan. 31, 2019); see also 82 FR 
44586, 44593 n.55 (Sept. 25, 2017).
---------------------------------------------------------------------------

    Overlap between HMDA and 1071 data generally. As noted above in the 
section-by-section analysis of proposed Sec.  1002.104(a), the Bureau 
anticipates that some applications would be reported under both HMDA 
and 1071.\809\ The public loan-level HMDA dataset contains data fields 
in addition to, or that overlap with, the proposed 1071 data fields, 
and the proposed 1071 data includes data fields that are not included 
in the public loan-level HMDA dataset. The Bureau recognizes that, in 
cases of overlap, some 1071 data fields may require additional analysis 
with respect to risks of harm or sensitivity and re-identification 
posed by such overlap. When the Bureau performs a full re-
identification analysis, it intends to consider the potential for 
applications reported under 1071 to be matched to loans reported under 
HMDA. The Bureau seeks comment on this issue and the implications of 
potential re-identification risk and potential risk of harm or 
sensitivity for applications reported under both section 1071 and HMDA.
---------------------------------------------------------------------------

    \809\ Applications involving certain investment properties would 
be excluded from 1071 reporting. As discussed in the section-by-
section analysis of proposed Sec.  1002.104(b) above, proposed 
comment 104(b)-4 would exclude an extension of credit that is 
secured by 1-4 individual dwelling units that the applicant or one 
or more of the applicant's principal owners does not, or will not, 
occupy.
---------------------------------------------------------------------------

ii. Risk of Harm or Sensitivity
    In the SBREFA process, the Bureau sought feedback on the nature and 
scope of privacy interests of non-natural persons (e.g., small business 
applicants and financial institutions) and natural persons (e.g., 
principal owners of small businesses) that the Bureau should consider 
under its potential balancing test, including the types of sensitive 
commercial information that could be exposed by publishing the data 
points (individually or in combination) under consideration.\810\
---------------------------------------------------------------------------

    \810\ See SBREFA Outline at 40-41.
---------------------------------------------------------------------------

    A number of SERs and other stakeholders addressed the risk of harm 
or sensitivity from the disclosure of 1071 data in unmodified 
form.\811\ Several SERs and other stakeholders stated that the 
disclosure of 1071 data could create a risk of harm or sensitivity for 
small businesses and related natural persons. Several SERs stated that 
public knowledge of borrowing activity (even without any other 
potential harms) would be very concerning to some small businesses as 
some small business owners consider that information sensitive or 
deeply personal. Some stakeholders stated that the disclosure of a 
banking relationship could raise harm or sensitivity concerns because 
it might lead to adverse inferences about the business's financial 
condition. One SER stated that small business owners valued their 
privacy just as much as consumers. Several industry commenters stated 
that 1071 data might reveal information about a small business's 
strategy or financial condition, as well as information about the 
personal characteristics or financial conditions of related natural 
persons, which the commenters stated could contribute to identity 
theft.
---------------------------------------------------------------------------

    \811\ In this section, we summarize comments about harm and 
sensitivity that relate to the 1071 data generally. In the 
individual data field sections below, we summarize comments about 
risks of harm and sensitivity that relate to particular data fields.
---------------------------------------------------------------------------

    Several community group stakeholders stated, in contrast, that the 
risk of harm or sensitivity from publishing 1071 data would be minimal 
because some of the data are already publicly available. These 
stakeholders also stated that financial institutions likely exaggerate 
privacy concerns of small businesses or natural persons. With respect 
to concerns that publication of data could facilitate targeted 
marketing of predatory lending products, a community group stated that 
rather than fostering predatory practices, public disclosure would 
deter them by enabling the public to identify problematic pricing or 
loan terms and conditions and prevent them from becoming more 
widespread.
    In addition to addressing the risks of harm and sensitivity to 
small businesses, several SERs and other stakeholders addressed 
potential risks of harm and sensitivity to financial institutions from 
the disclosure of 1071 data. Several SERs stated that 1071 data could 
be used to generate marketing lists and that this would result in 
creditors taking other financial institutions' customers away. One SER 
stated that, because of this, financial institutions may stop lending 
to small businesses in certain markets. In contrast, two SERs stated 
that it was relatively easy to obtain information on other financial 
institutions' small business lending activity. Two SERs stated that 
they were more concerned about the privacy of small business applicants 
or borrowers than the privacy of financial institutions, but that both 
mattered. In addition, one industry stakeholder expressed concern that 
disclosing the type or purpose of financing and the amount applied for 
and approved could facilitate re-identification of borrowers, 
particularly in rural areas or small towns. The commenter also 
expressed concern that disclosing this information could harm

[[Page 56520]]

community banks located in such areas. The commenter stated that this 
could happen because small businesses in such areas are likely to 
perceive that this information could cause them to be re-identified, 
and that they would respond by seeking financing with a large creditor 
in another town or online, rather than their community bank.
    A few industry commenters expressed concern that the 1071 data 
could reveal information such as a financial institution's client 
lists, terms and conditions, insights about the financial institution's 
strategy in particular geographic areas, or, for certain financial 
institutions, sensitive supply management data. A community group 
commenter stated that public disclosure of 1071 data would not have 
significant negative effects on competition and could provide lenders 
with insights that could allow them to become more competitive.
    Some SERs expressed concern that 1071 data could be used against 
financial institutions in litigation by class action attorneys or to 
harm their public reputations. One SER expressed concern that public 
disclosure of 1071 data could cause financial institutions to face more 
litigation, which, in the SER's view, would increase the cost of credit 
for small businesses. Another SER expressed concern that data users 
could misinterpret pricing information. For example, according to the 
SER, data users might infer discrimination based on higher pricing for 
an applicant, when the pricing was in fact unrelated to the applicant's 
race. The SER stated that the purpose of section 1071 was to help small 
businesses and asserted that releasing full 1071 data would present an 
opportunity for third parties to sue or criticize financial 
institutions.
    Several industry commenters stated that data about loan terms would 
be sensitive because they would invite criticism of or litigation over 
disparities without accounting for various legitimate business reasons 
for disparities and increase compliance costs. Other industry 
commenters stated that publication of 1071 data would lead financial 
institutions to artificially lower prices, standardize underwriting, or 
reduce access to credit to limit exposure to fair lending litigation or 
reputational risk. One community group stated that it did not believe 
the purposes of section 1071 required the Bureau to take into account 
such financial institution concerns about litigation or reputational 
risk, compliance costs, or impacts on underwriting. One industry 
stakeholder stated that the Bureau could address these risks by 
providing clear guidance about how it would use 1071 data in its fair 
lending supervisory program.
    The Bureau has considered whether, if an application-level record 
in the public 1071 data were to be re-identified, 1071 data reported to 
the Bureau would disclose information about an applicant, related 
natural person, or financial institution that is not otherwise public 
and may be harmful or sensitive.\812\ Specifically, the Bureau has 
evaluated whether the 1071 data could be used for harmful purposes such 
as fraud or identity theft or the targeted marketing of products and 
services that may pose risks that are not apparent. The Bureau has also 
evaluated whether the 1071 data could cause competitive harm to small 
business applicants or to financial institutions. Furthermore, even 
where the disclosure of the data field is unlikely to lead to financial 
or other tangible harms, the Bureau has evaluated whether certain 1071 
data fields may be viewed as sensitive if associated with a particular 
applicant, related natural person, or financial institution. In 
evaluating the potential sensitivity of a data field, the Bureau has 
considered whether disclosure of the data field could cause dignitary 
or reputational harm to small business applicants and related natural 
persons. The Bureau has also evaluated whether disclosure of the data 
field could cause reputational harm to financial institutions.
---------------------------------------------------------------------------

    \812\ To the extent a section 1071 record could be associated 
with an identified applicant or related natural person, and 
successfully matched to another de-identified dataset to re-identify 
such a dataset, harmful or sensitive information in that dataset 
that is not otherwise public may also be disclosed.
---------------------------------------------------------------------------

    As discussed above and as noted by several community group 
stakeholders, some identifiable information about small business 
lending is currently available to the general public. Such information 
is available both in public records and in private datasets with 
varying barriers to access and restrictions on use. In evaluating the 
risk of harm or sensitivity created by the publication of the 
application-level 1071 data, the Bureau's analysis has considered the 
degree to which such disclosure would increase this risk relative to 
the risk that already exists, absent the public availability of 1071 
data. Accordingly, the Bureau has considered whether the data that 
would be reported to the Bureau are typically publicly available in an 
identifiable form. The Bureau has also considered whether there are any 
barriers to accessing such data or restrictions on its use. In general, 
the Bureau believes that, where a data field is already publicly 
available, the risk of harm or sensitivity from the disclosure of that 
data field in the 1071 data is reduced.\813\
---------------------------------------------------------------------------

    \813\ However, where a data field is already publicly available, 
disclosing that data field in the 1071 data may enable the matching 
of 1071 data to other datasets that may not be controlled by the 
Bureau, which could substantially facilitate re-identification or 
the disclosure of harmful or sensitive information.
---------------------------------------------------------------------------

    In evaluating the risk of harm or sensitivity created by the 
publication of the application-level 1071 data, the Bureau also has 
considered the likelihood that the application-level 1071 data would be 
re-identified. As discussed under Re-Identification Risk in part 
VI.C.4.i above, the Bureau generally believes that successful re-
identification of application-level 1071 data would require several 
steps and may present a significant challenge. To the extent that the 
risk that re-identification would be accomplished is low, the risk of 
disclosing harmful or sensitive information would be reduced.
    The Bureau agrees with commenters who stated that the disclosure of 
1071 data could potentially create a risk of harm or sensitivity not 
only to natural persons, such as the owner of a small business that is 
a sole proprietorship, but also to non-natural persons. As discussed 
under Balancing Test Design in part VI.C.1 above, when considering the 
risk of harm or sensitivity, the Bureau's proposed balancing test would 
consider the risks to non-natural persons, including financial 
institutions.
    The Bureau has considered whether the 1071 data could be used for 
harmful purposes such as fraud or identity theft or the targeted 
marketing of products and services that may pose risks that are not 
apparent. As noted above, several SERs and other stakeholders stated 
that the 1071 data could potentially be used for these purposes. The 
Bureau's preliminary view is that the unmodified application-level 1071 
data would be of minimal use for purposes of perpetrating identity 
theft or financial fraud against applicants or related natural persons. 
The 1071 data would not include information typically required to open 
new accounts in the name of a small business's principal owner, such as 
Social Security number, date of birth, place of birth, passport number, 
or driver's license number. Additionally, the 1071 data would not 
include information useful to perpetrate existing account fraud, such 
as account numbers or passwords.\814\
---------------------------------------------------------------------------

    \814\ As noted above, however, to the extent a section 1071 
record could be associated with an identified applicant or related 
natural person and could also successfully be matched to a de-
identified dataset to re-identify such a dataset, harmful or 
sensitive information in that dataset that is not otherwise public 
may also be disclosed.

---------------------------------------------------------------------------

[[Page 56521]]

    However, while the Bureau believes that the unmodified 1071 data 
would be of minimal use for perpetrating fraud or identity theft, the 
Bureau acknowledges that almost any information relating to a small 
business could, theoretically, be used for these purposes. As a result, 
the unmodified 1071 data could provide at least some additional data 
that could be used for these purposes. For example, the 1071 data could 
potentially be used in a phishing attack against an applicant by a 
perpetrator purporting to be the financial institution, or for 
knowledge-based authentication purposes.\815\ While much information 
that may be useful for phishing or knowledge-based authentication--such 
as the name of the financial institution and the date of action taken--
may already be available from UCC filings, the 1071 data may contain 
additional information that may be useful for such purposes, such as 
information about the type of loan and loan terms. However, some of 
this information may also be available from private data sources. The 
Bureau also notes that, based on the Bureau's expertise and analysis, 
the publication of HMDA data--which contains many data fields that are 
similar to data fields that would be disclosed under section 1071--has 
not resulted in any measurable increase in fraud or identity theft 
against mortgage applicants.
---------------------------------------------------------------------------

    \815\ Knowledge-based authentication (KBA) is a method of 
authentication which seeks to prove the identity of someone 
accessing a service, such as an account at a financial institution. 
KBA requires the knowledge of information about someone to prove 
that a person attempting to access a service is that person.
---------------------------------------------------------------------------

    As several of the SERs and other stakeholders suggested, the Bureau 
has also considered whether the unmodified application-level 1071 data 
would provide information that is not already public and could be used 
for the targeted marketing of products and services that may pose risks 
that are not apparent. Although the 1071 data could be used to market 
products and services that would be beneficial for small businesses--
perhaps increasing competition among creditors that could help small 
businesses receive better terms--they could also be used to target 
potentially vulnerable small businesses with marketing for products and 
services that may pose risks that are not apparent. While, as a 
community group stakeholder stated, the 1071 dataset may generally be 
useful for identifying predatory lending practices in the small 
business lending market, the Bureau believes that the targeted 
marketing of products that may pose risks that are not apparent is a 
harmful purpose for which 1071 data could potentially be used.
    For example, data users might perceive certain 1071 data to reveal 
negative information about an applicant's financial condition or 
vulnerability to scams relating to debt relief or credit repair. 
Information about a loan might also be used for a practice known as 
``stacking,'' in which some creditors have been alleged to obtain lead 
lists based on publicly available information and offer follow-on loans 
or advances that add to the debt burden carried by small businesses. 
Some creditors might also use the data for deceptive marketing 
practices. However, the utility of the 1071 data for predatory 
marketing practices may be limited by the delay between action taken on 
a loan and publication of the application-level 1071 data.
    As several of the SERs and other stakeholders suggested, the Bureau 
has also considered whether the unmodified 1071 data would result in 
competitive harm to small business applicants or related natural 
persons. The 1071 data, if re-identified, may disclose some general 
information about a small business's use of credit that is not 
currently available to the general public. As discussed in the 
individual data field sections below, the Bureau acknowledges that 
certain 1071 data points in unmodified form could reflect negatively on 
the financial condition of a business or its owners.
    As several of the SERs and other stakeholders recommended, the 
Bureau has also considered whether the unmodified 1071 data would 
result in competitive harm to financial institutions. As discussed 
below with respect to the financial institution identifying information 
that would be reported pursuant to proposed Sec.  1002.109(b), the 
Bureau is proposing to identify the financial institution in the public 
application-level 1071 data. Therefore, the 1071 data could reveal 
general information about a financial institution's lending practices 
that is not widely available to the general public. Data fields such as 
census tract, NAICS code, credit type, and pricing could disclose 
information about where a financial institution is doing business, what 
industries it is doing business with, what kinds of products it is 
offering, and what kinds of prices it is charging, respectively. 
Additionally, as several SERs stated, if a small business applicant 
were to be re-identified, a financial institution's competitors could 
identify the small businesses to which the financial institution is 
offering or providing credit.
    The Bureau acknowledges that the increased transparency into small 
business lending provided by 1071 data could reveal general information 
about a financial institution's lending practices that is not widely 
available to the general public, and that this information could be 
useful to others, including other financial institutions. For example, 
if the 1071 data were re-identified, a financial institution could 
potentially offer credit to a particular small business at a lower 
price than they received from another financial institution. However, 
the Bureau does not believe the unmodified application-level 1071 data 
would include key inputs for or be detailed enough to substantially 
facilitate the reverse-engineering of a financial institution's 
proprietary lending models. (For example, it would not include 
information about an applicant's credit history.) Financial institution 
concerns with disclosure of information about general lending practices 
are discussed in greater detail under Balancing Risks and Benefits in 
part VI.C.5 below.
    As noted above, an industry commenter expressed concern that 
disclosing information about applicants in rural areas could lead them 
to seek financing elsewhere. However, from the perspective of a small 
business, seeking financing with a lender in another community would 
not necessarily reduce the risk that someone in the small business's 
community may ultimately re-identify them in the 1071 data because the 
1071 data would be reported with respect to the location of the 
business, as discussed in the section-by-section analysis of proposed 
Sec.  1002.107(a)(13) above (census tract). As discussed above, with 
respect to the concern about re-identification risk to applicants and 
related natural persons, the Bureau would determine the extent of re-
identification risk when it has obtained a full year of reported 1071 
data and would state its intentions, at that time, about whether 
certain 1071 data fields should be modified or deleted prior to public 
disclosure.
    Some SERs expressed the concern, further detailed above, that 1071 
data could harm financial institutions by increasing the amount of 
litigation against financial institutions. The Bureau acknowledges this 
risk, which is discussed in greater detail under Balancing Risks and 
Benefits in part VI.C.5 below, and in part VI.C.6.xviii with respect to 
the application of the proposed balancing test to financial institution 
identifying information.
    In addition to considering whether the disclosure of a data field 
could lead to financial or other tangible harms,

[[Page 56522]]

such as those described above, the Bureau has also considered whether 
the 1071 data fields might be viewed as sensitive. As noted above, 
several SERs and other stakeholders stated that disclosure of the 
unmodified 1071 data would divulge data that may be sensitive to 
applicants, related natural persons, or financial institutions. In 
assessing whether a data field creates a risk of sensitivity, the 
Bureau has evaluated whether its disclosure could lead to dignitary or 
reputational harm to small business applicants or related natural 
persons. For example, as several industry commenters stated, if the 
1071 data were re-identified, the data could reveal information that 
casts a negative light on a small business's financial condition, such 
as the fact that a loan was denied due to a business's credit 
characteristics or cashflow. This information could be embarrassing to 
the small business and its owners.
    The Bureau has also evaluated whether the disclosure of a data 
field could cause reputational harm to financial institutions. As noted 
above, some SERs expressed concern that 1071 data could harm a 
financial institution's reputation by leading data users to draw 
unfounded inferences about discrimination. The Bureau notes that 
several of the 1071 data fields, if disclosed in unmodified form, would 
help address this concern by serving as control variables. For example, 
many financial institutions consider a small business's revenue when 
assessing the risk of extending credit. As a result, disclosing gross 
annual revenue data would help ensure that data users who are 
evaluating potential disparities in underwriting or pricing can compare 
small businesses with similar revenues, thereby controlling for a 
factor that might provide a legitimate explanation for some 
disparities. The Bureau also notes that it does not expect that 1071 
data alone could generally be used to determine whether a lender is 
complying with fair lending laws. The Bureau expects that, when 
regulators conduct fair lending examinations, they would analyze 
additional information before reaching a determination about an 
institution's compliance with fair lending laws.
    In assessing the risk of sensitivity, the Bureau has also 
considered general societal and cultural expectations with respect to 
what information is available to the general public. For example, 
disclosing gross annual revenue in unmodified form could disclose 
sensitive information because it could reflect the financial condition 
of a small business or, where a small business is a sole 
proprietorship, a natural person. This type of information about a 
business's or natural person's financial condition is typically not 
available to the general public.
    The Bureau also acknowledges the comments stating that some small 
businesses and their owners would consider the very fact that they 
sought credit sensitive, or would consider the disclosure of a banking 
relationship sensitive because others may draw adverse inferences about 
the small business's financial condition. These are concerns about 
sensitivity that would result merely from the re-identification of the 
applicant, rather than from the disclosure of particular data fields. 
The Bureau seeks to address these concerns by mitigating the risk of 
re-identification, as described under Re-Identification Risk in part 
VI.C.4.i above.
    The Bureau seeks comment on its approach to assessing the risks of 
harm and sensitivity presented by the disclosure of unmodified 1071 
data.
5. Balancing Risks and Benefits
    Under the approach described in the SBREFA Outline, the Bureau 
would delete or modify 1071 data if disclosure of the data in 
unmodified form would pose risks to privacy interests that are not 
justified by the benefits of public disclosure in light of the 
statutory purposes of section 1071.\816\ If the risks of disclosing 
unmodified data are not justified by the benefits under the balancing 
test, the Bureau would determine whether modifications or deletions 
could appropriately balance the risks and benefits. In the SBREFA 
Outline, the Bureau explained that it was considering various 
approaches that would appropriately advance privacy interests while 
still providing users with data useful to fulfilling the purposes of 
section 1071. The Bureau explained that these approaches could include 
various statistical disclosure limitation techniques when justified 
under the balancing test, such as those that mask the precise value of 
data points to prevent the disclosure of certain data elements. The 
Bureau also sought feedback generally on how it could mitigate concerns 
arising from re-identification risk.\817\
---------------------------------------------------------------------------

    \816\ See SBREFA Outline at 41.
    \817\ Id. at 40-41.
---------------------------------------------------------------------------

    Several community group commenters stated that the Bureau should 
make as much data publicly available as possible to maximize data 
utility. One commenter stated that privacy concerns could be addressed 
through the prohibition on collecting personally identifiable 
information and increasing coverage of 1071 reporters and products. But 
this commenter, several SERs, and many other industry commenters 
expressed support for modifying or deleting the data from the public 
application-level 1071 data to balance privacy risks with the benefits 
of public disclosure. Commenters provided a wide variety of feedback on 
what kind of techniques would be appropriate, including publishing data 
in ranges, aggregating data, differential privacy, and data-
swapping.\818\ In addition, several industry commenters recommended 
that the Bureau reduce rule coverage to limit harms, such as by using 
asset thresholds and exclusions for types of financial institutions. By 
contrast, a community group commenter recommended that the Bureau 
expand the rule's coverage to increase the number of observations and 
reduce re-identification risk. One SER recommended a process by which 
covered financial institutions could identify certain application 
records that might present heightened re-identification risk and 
trigger further analysis by the Bureau before full application-level 
data are published.\819\ Another SER suggested that the Bureau set a 
minimum sample size before publishing application-level data for some 
rural markets to avoid harm.\820\
---------------------------------------------------------------------------

    \818\ See SBREFA Panel Report at 35-36.
    \819\ See id. at 35.
    \820\ See id.
---------------------------------------------------------------------------

    Balancing risks and benefits generally. As noted previously, the 
Bureau intends to apply the proposed balancing test after it receives 
the first year of data reported pursuant to an eventual 1071 rule. For 
data fields the public disclosure of which the Bureau believes would 
create risks to privacy interests of applicants, related natural 
persons, or financial institutions, either because a field increases 
re-identification risk or poses a risk of harm or sensitivity, the 
Bureau intends to assess these risks against the benefits of 
disclosure. Where the Bureau determines that the disclosure of an 
individual data field, alone or in combination with other fields, would 
create risks to privacy that are not justified by the benefits of 
disclosure to 1071's purposes, the Bureau would consider whether it 
could appropriately balance the privacy risks and disclosure benefits 
through modification techniques or whether the field should be deleted 
from the public dataset. The Bureau also would evaluate the risks and 
benefits of disclosing a data field in light of modifications or 
deletions considered for other data fields.

[[Page 56523]]

    The Bureau is mindful of the connection between the risk of re-
identification and the risk of harm or sensitivity. To the extent that 
the risk of re-identification created by disclosure of the 1071 data is 
reduced, the risk of disclosing harmful or sensitive information also 
would be reduced. Conversely, to the extent that the public 
application-level 1071 data would not disclose information that is 
harmful or sensitive, the consequences of re-identification would be 
reduced. Where the Bureau determines that modification of a data field 
is appropriate, the Bureau's consideration of the available forms of 
modification for the 1071 data would also be informed by the 
operational challenges associated with various forms of modification 
and the need to make application-level data available to the public in 
a timely manner.
    The Bureau is also aware of concerns raised by SERs and other 
stakeholders, described under Risk of Harm or Sensitivity in part 
VI.C.4.ii above, that disclosing the proposed 1071 data in unmodified 
form could increase risks of litigation or reputational harm to 
financial institutions, and reveal information that could cause 
competitive harm to financial institutions. However, in applying the 
balancing test, the Bureau generally intends to give significant weight 
to the benefits of disclosure relative to these risks.
    In general, the Bureau believes that deleting or modifying data 
because the data would disclose general information about a financial 
institution's lending practices--compared with information that could 
substantially facilitate, for example, the reverse-engineering of a 
financial institution's proprietary lending models--would be 
inconsistent with section 1071. As noted above, the statute directly 
contemplates disclosure of financial institution identity in connection 
with the public application-level dataset.\821\ Each of the data fields 
prescribed by the statute--with the exception of the application 
number--could provide some insight into a financial institution's 
lending practices. If the Bureau were to exclude data on this basis, it 
would exclude virtually all of the statutorily required 1071 data 
points from the public data. This would significantly frustrate both of 
the statutory purposes of section 1071 because it would prevent the 
public from using the data to identify potential fair lending 
violations, and it would prevent communities and creditors from using 
the 1071 data to identify business and community development needs and 
opportunities of small businesses.\822\ For example, this information 
could benefit more competitive creditors, as well as small businesses 
in obtaining credit at a lower cost.
---------------------------------------------------------------------------

    \821\ See ECOA section 704B(f)(2)(B).
    \822\ See ECOA section 704B(a).
---------------------------------------------------------------------------

    While the Bureau acknowledges financial institutions' concern about 
the litigation and reputational risks involving section 1071 data, the 
Bureau does not believe that this concern justifies the exclusion of 
data from public disclosure. One of the statutory purposes of section 
1071 is to facilitate enforcement of fair lending laws, which authorize 
enforcement by parties other than the Bureau.\823\ Additionally, 
section 1071 contemplates that financial institutions would make their 
own application-level data available to the public, which necessarily 
entails their identification.\824\
---------------------------------------------------------------------------

    \823\ See, e.g., ECOA section 706 (providing for civil 
liability).
    \824\ See ECOA section 704B(f)(2).
---------------------------------------------------------------------------

    Modification techniques generally. In light of the purposes of 
section 1071, the Bureau intends to modify or delete the 1071 data only 
as needed under the balancing test prior to public disclosure. The 
Bureau recognizes, as explained by community groups, that 
modifications, to varying degrees, may negatively impact the utility of 
the data for the fair lending and business and community development 
purposes of the statute. However, the proposed balancing test is 
designed to ensure that decisions to modify or delete the public 
application-level 1071 data take these benefits into account. Below, 
the Bureau addresses general issues related to modification techniques 
in the context of this proposal. These techniques are discussed in 
greater detail with respect to specific data points further below. 
Where no specific modification technique is described with respect to 
particular data points, the Bureau has not identified an obvious 
modification technique other than potentially swapping, suppression, or 
deletion, which are discussed below under Other techniques.
    While certain information that directly identifies applicants or 
related natural persons generally would not be collected under the 
proposal, the Bureau does not believe this feature of the proposal 
would be sufficient to eliminate privacy risks that would arise from 
publishing the data in unmodified form, as discussed in greater detail 
under Risks to Privacy Interests in part VI.C.4 above. The Bureau also 
does not believe that privacy risks can be adequately resolved through 
rule coverage (e.g., using asset thresholds and exclusions for types of 
financial institutions). While some re-identification risk could be 
reduced by increasing the number of loans reported to the Bureau, the 
Bureau does not believe the effects of doing so are necessarily 
predictable because re-identification risk depends on the 
characteristics of the data. Further, increasing the number of loans 
would not address risks of harm or sensitivity to re-identified 
applicants or natural persons. Suggestions for addressing privacy risks 
through exemptions are discussed under Balancing Test Design in part 
VI.C.1 above.
    Aggregate data. The Bureau does not intend to address privacy risks 
for application-level 1071 data through aggregate disclosures at this 
time. As discussed in the section-by-section analysis of proposed Sec.  
1002.110(a) above, and as required by section 1071, the Bureau is 
proposing to make available to the public the information submitted to 
it by financial institutions pursuant to proposed Sec.  1002.109, 
subject to deletions or modifications made by the Bureau. As discussed 
in the section-by-section analysis of proposed Sec.  1002.110(b) above, 
and as authorized by the statute, the Bureau may, at its discretion, 
compile and aggregate information submitted by financial institutions 
pursuant to proposed Sec.  1002.109, and make any compilations or 
aggregations of such data publicly available as the Bureau deems 
appropriate. The Bureau initially anticipates making the data collected 
under section 1071 available at the application level--with appropriate 
potential modifications and deletions--rather than providing aggregate 
data with counts and averages for each data field. The Bureau may 
consider releasing aggregated data in the future, after it determines 
whether narrower modifications or deletions could address privacy 
risks. The Bureau received some suggestions to consider ``differential 
privacy'' techniques.\825\ Such techniques are typically used in 
connection with aggregate statistics to reduce the identifiability of 
more granular data. The Bureau seeks comment on whether differential 
privacy techniques might be appropriate for application-level data.
---------------------------------------------------------------------------

    \825\ Differential privacy provides a way to measure the 
contribution of any one record to the aggregate statistics disclosed 
in a way that makes re-identification risk easily quantifiable and 
allows those involved in the data production to keep re-
identification risk under a certain risk tolerance.
---------------------------------------------------------------------------

    Recoding. The Bureau intends to consider various methods to 
``recode'' the proposed data fields as necessary

[[Page 56524]]

under the balancing test. Recoding techniques decrease the number of 
distinct categories for a data field. In the context of the 1071 data 
fields, recoding would involve providing the value of a data field in a 
higher-level category that increases the number of records within a 
given combination. Some data fields like census tract and NAICS code 
have structures that permit recoding without developing new 1071-
specific recoding categories. For example, if the Bureau were to 
determine that the re-identification risk presented by the census tract 
data field does not justify the benefits of unmodified disclosure, the 
Bureau could instead provide geography at the county level, for 
example, since census tracts are designed to be non-overlapping 
subdivisions of a county.
    The Bureau also intends to consider recoding through the use of 
bins or intervals of values for data fields that, in unmodified form, 
would have continuous values (such as data fields for amount applied 
for, amount approved, gross annual revenue, or number of workers). 
Unmodified continuous data fields can be highly identifying, depending 
on the data field, but binning these values can reduce the risk of re-
identification substantially. An additional approach for continuous 
data fields would be to top- or bottom-code the data field to prevent 
extreme values from being released that may be particularly 
identifiable. This approach could be performed alone or in conjunction 
with recoding the data into intervals.
    Other techniques. The Bureau might also consider ``targeted 
suppression'' techniques. Targeted suppression makes certain values of 
data points unavailable for records when a certain combination of 
values is held by too few records. The Bureau might consider, for 
example, treating certain values of data points as ``not available'' if 
the application is the only small business application from a 
particular census tract. Targeted suppression can be applied in several 
ways. One way would be to remove the value of a field that makes the 
record identifiable. For example, if census tract and NAICS code 
identify a record, the microdata could delete the value of the NAICS 
code for any applications that are in cells deemed sensitive. A second 
approach could leave the census tract and NAICS code but suppress the 
values of other data points. This method would reduce the potential 
harm if the record were re-identified. A third approach could be to 
remove the record from the dataset entirely. In general, suppression is 
a more common approach for aggregate data than for application-level 
data.
    One drawback to targeted suppression is that it complicates data 
analysis for any end user. For example, with respect to the public 
application-level 1071 data, a data user would be presented with 
millions of rows, but in certain rows and for certain data points, 
values would be missing.\826\ Another drawback is that suppression 
would need to be done in a way such that the remaining unmodified data 
do not provide a user with the ability to back out the modified field, 
sometimes involving complementary suppression or deleting values of 
other applications to ensure that the missing value cannot be 
reengineered. The Bureau seeks comment on whether targeted suppression 
techniques could preserve the benefits of the public application-level 
1071 data, and, if so, what the Bureau should consider as the minimum 
cell size to implement targeted suppression.
---------------------------------------------------------------------------

    \826\ Data users would need to carefully understand the method 
behind the modifications and plan analyses to account for the fact 
that the suppressed data would necessarily not reflect all small 
business loans in a given year.
---------------------------------------------------------------------------

    The Bureau seeks comment on other modification techniques, such as 
``data swapping'' (sometimes called ``switching''). Data swapping 
involves finding two records that are similar on several dimensions and 
swapping the values for other data fields between the two records. In 
effect, data swapping would require that the Bureau preserve certain 
data fields while swapping others. Another set of techniques for 
addressing privacy risks for continuous data would involve adding 
``random noise'' to the reported values. For example, under ``additive 
noise techniques,'' a random value is added to the existing value of 
the data field. Under ``multiplicative noise techniques,'' the true 
value is multiplied by a random value. The Bureau seeks comment on 
whether such techniques would preserve the benefits of the public 
application-level 1071 data. A drawback to these approaches is that 
data would be released with values that do not match the true values of 
the underlying data.\827\ Data users would need to take such 
modifications into account when performing any analyses.\828\
---------------------------------------------------------------------------

    \827\ For example, with respect to the amount applied for data 
field, a recoding technique would release the values of the data 
field in broad categories, for instance ``$100,000-$150,000.'' In 
such case, the broader category provides less information but 
reflects the true value of the underlying data. Noise addition, by 
contrast, would involve the Bureau manipulating (in a standardized 
and documented way) the actual values of loan amount. An 
application's loan amount may be released as $85,000 in the public 
dataset when the true value was $78,000.
    \828\ Even if, for instance with additive random noise, the data 
maintain the underlying average value, users would need to take into 
account the change in the variance associated with the modification. 
While the Bureau can provide all the required information to make 
these adjustments, they would require a level of data analysis 
sophistication that may not be possessed by all potential users of 
the eventual 1071 data.
---------------------------------------------------------------------------

    The Bureau has considered the SER recommendation for allowing 
financial institutions to identify records that might present 
heightened re-identification risk. The Bureau appreciates this 
suggestion but is not proposing it because privacy risks are likely 
common to many types of applicants, related natural persons, and 
financial institutions and such risks should be addressed in a broader 
context, such as through this proposal. The Bureau's proposed process 
for obtaining public input on the balancing test is discussed under 
Implementation of the Balancing Test in part VI.C.2 above.
6. Preliminary Application of the Balancing Test to Public Application-
Level 1071 Data
    As explained above, the Bureau does not yet have data under section 
1071 and does not believe that there are comparable datasets that it 
could use as an adequate proxy for 1071 data to which it could apply 
the balancing test at this time. However, as recommended by the SBREFA 
Panel, the Bureau is providing additional detail on how it would apply 
the balancing test to the 1071 data fields as set forth in the 
proposal.\829\
---------------------------------------------------------------------------

    \829\ See SBREFA Panel Report at 48.
---------------------------------------------------------------------------

    In accordance with the proposed balancing test described above, 
privacy risks may not be justified by the benefits of disclosure if 
disclosing the data field in unmodified form would substantially 
facilitate the re-identification of applicants and related natural 
persons, or disclose information about an applicant, related natural 
persons, or a financial institution that is not otherwise public and 
may be harmful or sensitive. The Bureau has proposed modifications or 
deletions for the proposed financial institution identifying 
information (other than contact information for natural persons), and 
the proposed use of free-form text for certain data. The Bureau also is 
proposing not to disclose the proposed unique identifier in unmodified 
form. However, because the Bureau is not conducting a full re-
identification analysis at this time, it has not determined whether the 
privacy risks of disclosing the other proposed data fields

[[Page 56525]]

in unmodified form in the public application-level 1071 data would be 
justified by the benefits of disclosure. Accordingly, the Bureau has 
not yet determined whether data fields--other than those for the 
proposed unique identifier data point, the proposed financial 
institution identifying information, and the proposed free-form text 
that would be used to report some of the data--should be deleted, 
modified, or published in unmodified form.
    The Bureau is setting forth its preliminary analysis below to 
provide transparency and obtain public feedback. The Bureau seeks 
comment on its analysis of the public disclosure benefits and privacy 
risks for each data field. Specifically, the Bureau seeks comment on 
the following issues with respect to each data field, individually or 
in combination with others: (1) Whether there are additional benefits 
of unmodified public disclosure in light of the purposes of the 
statute; (2) whether disclosure in unmodified form would reveal 
additional information that might be considered harmful or sensitive by 
an applicant, related natural person, or financial institution; and (3) 
whether disclosure in unmodified form would significantly contribute to 
the risk that an applicant or related natural person might be re-
identified. The Bureau seeks comment on other modification techniques 
it could use, and whether deletion would appropriately balance the 
benefits of disclosure with privacy risks.
i. Unique Identifier
    Proposed Sec.  1002.107(a)(1) would require financial institutions 
to collect and report an alphanumeric identifier, starting with the 
legal entity identifier of the financial institution, unique within the 
financial institution to the specific covered application, and which 
can be used to identify and retrieve the specific file or files 
corresponding to the application for or extension of credit.
    Disclosing the unique identifier in the public application-level 
1071 data in unmodified form would help data users conducting fair 
lending analysis or seeking to identify business and community 
development needs or opportunities. This data field would allow data 
users to run analyses that quickly compare specific records to detect 
trends or disparities. The unique identifier would also provide data 
users a way to identify, distinguish, and organize credit and 
application data, which is invaluable for data processing.
    Disclosing the unique identifier in the 1071 data in unmodified 
form by itself would likely disclose minimal, if any, information about 
an applicant or related natural person that may be harmful or sensitive 
if such person were re-identified, or that may be harmful or sensitive 
to an identified financial institution. As noted above, section 1071 
prohibits financial institutions from including in 1071 records certain 
personally identifiable information that directly identifies a natural 
person applicant or someone connected with the applicant.\830\ In 
addition the Bureau is proposing to prohibit financial institutions 
from reporting information that would directly identify a small 
business. For these reasons, the Bureau does not expect that the unique 
identifier would be considered harmful or sensitive.
---------------------------------------------------------------------------

    \830\ ECOA section 704B(e)(3).
---------------------------------------------------------------------------

    A few industry stakeholders expressed concern that small businesses 
could be identified if application or loan numbers were added to UCC 
filings. Although publicly available datasets do not presently include 
the unique identifier data field, financial institution legal entity 
identifiers are publicly available, and the Bureau is aware of rare 
instances in which a loan number is included in UCC filings. In 
addition, as the Bureau noted in its policy guidance on the disclosure 
of loan-level HMDA data, many jurisdictions publicly disclose real 
estate transaction records in an identified form, and the Bureau 
believes many financial institutions include loan numbers on these 
publicly recorded documents.\831\
---------------------------------------------------------------------------

    \831\ See 82 FR 44586, 44599 (Sept. 25, 2017); see also 84 FR 
649, 660 (Jan. 31, 2019).
---------------------------------------------------------------------------

    The Bureau believes inclusion of the proposed unique identifier, 
rather than application or loan numbers, would limit the possibility of 
using application or loan number to match 1071 data to those publicly 
recorded documents, thus reducing risk of re-identification. However, 
there is a risk that, after financial institutions begin to report data 
under section 1071, they may replace the loan numbers currently 
assigned to small business loans with the unique identifier and, if 
they do, the unique identifier could be included on publicly recorded 
documents. Especially considering the uniqueness of the identifiers, 
this data field on a publicly recorded document could be used to match 
a 1071 record to an identified public record directly and reliably.
    In light of these potential re-identification risks, the Bureau 
proposes not to publish the proposed unique identifier data field in 
unmodified form. The Bureau seeks comment on whether there are 
modifications that would appropriately balance identified privacy risks 
and disclosure benefits. The Bureau is considering the feasibility of 
disclosing a separate unique identifier that the Bureau could create. 
The Bureau is also considering deleting the data field from the public 
application-level 1071 data, but seeks comment on whether the proposed 
deletion would create challenges for users of the data and, if so, how 
the Bureau could address those challenges other than by creating a 
separate unique identifier. The Bureau notes that some of the benefits 
of the unique identifier in analyzing the data could be achieved 
through the Bureau's proposed disclosure of LEI, as discussed in part 
VI.C.6.xviii below. The Bureau also notes that the universal loan 
identifier reported to the Bureau under HMDA, which is similar in 
function to the proposed unique identifier, is currently excluded from 
the public loan-level HMDA data.\832\
---------------------------------------------------------------------------

    \832\ See 84 FR 649, 660 (Jan. 31, 2019).
---------------------------------------------------------------------------

    The Bureau seeks comment on this analysis as well as its proposal 
not to publish the unique identifier in unmodified form.
ii. Application Date
    Proposed Sec.  1002.107(a)(2) would require financial institutions 
to collect and report the date the covered application was received by 
the financial institution or the date shown on a paper or electronic 
application form.
    Disclosing application date in the public application-level 1071 
data in unmodified form would allow data users to monitor trends over 
time in small business lending. Application date also would provide a 
disaggregated piece of temporal data that can be used to identify 
seasonality in small business lending (for example, when combined with 
the pricing data fields to show interest rates charged to applicants 
over a specific date range). In fair lending analyses, application date 
would provide data users with the means to compare level of service 
(from application date to action taken date) and identify potential 
disparities on a prohibited basis between applications. Application 
date could also act as a control for factors that may provide a 
legitimate explanation for some disparities, such as interest rates 
during different time periods or differences in general economic 
conditions or institutional practices over time.
    By itself, disclosing application date in the 1071 data in 
unmodified form would likely disclose minimal, if any, information 
about an applicant or

[[Page 56526]]

related natural person that may be harmful or sensitive if such person 
were re-identified, or that may be harmful or sensitive to an 
identified financial institution. It is conceivable that an adversary 
such as a competitor or other market participant may find it helpful to 
understand when a business is seeking credit; for example, to better 
understand the business's strategy and cash flow needs. In addition, 
marketers and creditors could use this information to target products 
to entities recently in the market for credit, either to deploy new 
funds or to refinance out of a current loan. However, the Bureau does 
not believe that disclosing the application date would otherwise 
disclose sensitive information about a small business or its owner, or 
any information that would be used for harmful purposes. Any utility of 
this data field for such purposes would be curtailed by the time lag in 
public release of the 1071 data.
    The Bureau has not identified publicly available datasets that 
include data fields an adversary could directly match to the 
application date field. However, an adversary may be able to infer a 
likely origination date based on typical time lags between application, 
credit decision, and origination, potentially enabling matching to 
other datasets that record these later dates.
    If the Bureau determines that application date should be modified, 
the Bureau may consider disclosing the application date at a higher 
level; for example, disclosing the month and year but not the specific 
date. In light of the potential re-identification risk arising from 
this data field, the Bureau seeks comment on whether there are other 
specific modifications it should consider, and whether deletion would 
balance the risks and benefits of disclosure.
    The Bureau seeks comment on this analysis.
iii. Application Method and Application Recipient
    Proposed Sec.  1002.107(a)(3) would require financial institutions 
to collect and report the means by which the applicant submitted the 
covered application directly or indirectly to the financial 
institution. A financial institution would report whether the applicant 
submitted the application in person, by telephone, by mail, or online. 
Proposed Sec.  1002.107(a)(4) would require financial institutions to 
collect and report whether the applicant submitted the covered 
application directly to the financial institution or its affiliate, or 
whether the applicant submitted the covered application indirectly to 
the financial institution via a third party.
    Disclosing application method and whether the application was 
submitted indirectly in the public application-level 1071 data would 
further the fair lending enforcement purpose of the statute. 
Application method information would allow the public to better 
understand the role of the financial institution as a creditor and 
would facilitate pricing analyses by helping the public identify 
potential factors in pricing outcomes. In addition, proposed Sec.  
1002.107(a)(20) would require the collection of race or ethnicity 
information for the applicant's principal owner(s) using visual 
observation or surname in certain circumstances. If the Bureau 
finalizes this proposal, application method information would provide 
context for the information collected.
    Information about application method and whether the application 
was submitted directly or indirectly also would promote the community 
and business development purposes of the statute. This information 
would improve the public's understanding of the structure of small 
business lending originations across the market, the methods by which 
credit is originated for particular groups or underserved markets, and 
trends over time (for example, the extent to which applicant 
preferences shift from in-person to online interactions).
    Disclosing application method and whether the application was 
submitted directly or indirectly, in unmodified form, would likely 
disclose minimal, if any, information about an applicant or related 
natural person that may be harmful or sensitive if such person were re-
identified. If applicants or related natural persons were re-
identified, application method is likely to be of relatively limited 
utility to an adversary because it conveys little information about a 
natural person's characteristics or a business's financial condition. 
While adversaries interested in targeted marketing could direct future 
marketing efforts to a business using the same application channel, it 
is likely that marketing firms already possess strategic information 
about the best methods for establishing contact. Unmodified disclosure 
of application method and whether the application was submitted 
indirectly may reveal information that financial institutions regard as 
harmful or sensitive, but, as discussed under Risk of Harm or 
Sensitivity in part VI.C.4.ii above, the Bureau does not believe that 
disclosure would permit the reverse-engineering of a financial 
institution's proprietary lending models.
    The Bureau has not identified publicly available datasets that 
include data fields an adversary could directly match to the 
application method or application recipient data fields in unmodified 
form in the public application-level 1071 data with respect to an 
applicant or related natural person. While the Bureau's HMDA data and 
the GSE loan-level datasets include acquisition channel information in 
loan-level data, these datasets do not identify applicants or related 
natural persons. Therefore, an adversary would face challenges in using 
application method or application recipient information to match a 
section 1071 record to an identified publicly available record. 
However, the Bureau seeks comment on whether there are other 
identifiable application/loan-level datasets that include this 
information or whether HMDA data or the GSE loan-level datasets could 
be matched to other identifiable datasets.
    The Bureau seeks comment on this analysis.
iv. Credit Type
    Proposed Sec.  1002.107(a)(5) would require financial institutions 
to collect and report to the Bureau certain information about the type 
of credit applied for or originated. The proposal would require 
financial institutions to report three categories of information that 
together constitute the type of credit. First, the proposal would 
require financial institutions to report the type of credit 
product.\833\ Second, the proposal would require financial institutions 
to report the type or types of guarantees that were obtained for an 
extension of credit, or that would have been obtained if the covered 
credit transaction had been originated.\834\ Third, the proposal would 
require financial institutions to report the

[[Page 56527]]

length of the loan term, in months, if applicable.
---------------------------------------------------------------------------

    \833\ A financial institution would be required to select the 
credit product requested from the following list: Term loan--
unsecured, term loan--secured, line of credit--unsecured, line of 
credit--secured, credit card, merchant cash advance, other sales-
based financing transaction, other, or not provided by applicant and 
otherwise undetermined. A financial institution reporting ``other'' 
would be required to enter the type of credit product as free-form 
text. The Bureau analyzes free-form text under the proposed 
balancing test in part VI.C.6.xix below.
    \834\ A financial institution would be required to select the 
type of guarantee from the following list: Personal guarantee--
owner(s), personal guarantee--non-owner(s), SBA guarantee--7(a) 
program, SBA guarantee--504 program, SBA guarantee--other, USDA 
guarantee, FHA insurance, Bureau of Indian Affairs guarantee, other 
Federal guarantee, State or local government guarantee, other 
guarantee, or no guarantee. A financial institution reporting 
``other guarantee'' would be required to enter the type of guarantee 
as free-form text. The Bureau analyzes the free-form text under the 
balancing test in a separate subsection below.
---------------------------------------------------------------------------

    Disclosing data about the type of credit product, type of 
guarantee, and loan term in the public application-level 1071 data in 
unmodified form would facilitate enforcement of fair lending laws by 
allowing data users to determine whether any disparities in 
underwriting or pricing may be due to differences in these features of 
a loan.
    Disclosing these data would also be useful for identifying business 
and community development needs. These data would enable the public to 
understand whether certain types of credit are disproportionately 
available to certain groups. For example, information about the 
presence or lack of collateral would provide more information about 
lending patterns in different geographic areas and for different groups 
of applicants. Furthermore, each of the credit type data fields would 
help the public avoid misinterpretations of the 1071 data. In addition, 
information on the distribution of government loan guarantees (such as 
those provided in SBA programs) across different geographic areas and 
groups of applicants could provide information about how those programs 
function on the ground, aiding in fulfilling the business and community 
development purpose of section 1071. Information about the type of 
guarantee would also allow communities, governmental entities, and 
creditors to monitor the use of personal guarantees, which carry 
additional risk to the guarantors and businesses. Finally, information 
about loan term would provide insights into the pricing and 
sustainability of closed-end credit transactions.
    The Bureau believes that data about the type of credit product, 
type of guarantee, and loan term could disclose information that may be 
harmful or sensitive to applicants or related natural persons. A 
business's competitors could use these data fields--in conjunction with 
the loan amount and pricing data fields--to draw inferences about the 
business's financial condition based on whether the business obtained 
credit on favorable or unfavorable terms. The type of guarantee data 
fields could indicate heightened credit risk for the applicant.\835\ 
Credit type data also could be used for targeted marketing of products 
and services that may pose risks that are not apparent to the business 
or related natural persons.
---------------------------------------------------------------------------

    \835\ For example, the ``SBA guarantee--7(a) program'' data 
field could indicate heightened credit risk because this program is 
intended for businesses that have been unsuccessfully applying for 
credit or have had some other difficulty in accessing credit.
---------------------------------------------------------------------------

    Disclosure of the type of credit product, type of guarantee, and 
loan term in unmodified form may reveal information that financial 
institutions regard as harmful or sensitive, such as the types of 
products they offer or the government programs in which they 
participate. However, as discussed under Risk of Harm or Sensitivity in 
part VI.C.4.ii above, the Bureau does not believe that disclosure of 
these data fields would permit the reverse-engineering of a financial 
institution's proprietary lending models. Furthermore, general 
information about the types of credit a financial institution is 
offering is widely available on creditor websites and in marketing 
materials.
    The Bureau is aware that certain identified datasets include 
application-level information on the type of credit product, type of 
guarantee, or loan term. Government lending programs, such as the SBA's 
7(a) and 504 programs, publish loan-level data that indicate the term 
of the loan and whether the loan is a term loan or a line of credit. In 
some States, UCC filings may include some information related to the 
type of collateral. In the Bureau's view, the existing public 
availability of this information decreases the potential harm or 
sensitivity of disclosing information about the type of credit product, 
type of guarantee, and loan term in the 1071 data.
    The Bureau has identified publicly available datasets that include 
data fields an adversary could directly match to the credit type data 
fields in unmodified form in the public application-level 1071 data 
with respect to an applicant or related natural person. As noted above, 
information about the type of credit product, loan term, and type of 
collateral is found in many publicly available datasets, including data 
from government lending programs and, in some States, UCC filings. 
Therefore, in many cases, an adversary could use this information, 
combined with other fields, to match a section 1071 record to an 
identified publicly available record.
    If the Bureau determines that the type of guarantee should be 
modified, the Bureau may consider disclosing values that are more 
general than the values reported to the Bureau. For example, the Bureau 
could disclose ``Federal guarantee'' instead of disclosing the specific 
program. If the Bureau determines that the loan term should be 
modified, the Bureau may consider recoding loan term data into bins--
for example, using intervals of two or five years--to reduce the 
potential for re-identification risk.
    The Bureau seeks comment on this analysis.
v. Credit Purpose
    Proposed Sec.  1002.107(a)(6) would require financial institutions 
to collect and report to the Bureau the purpose or purposes of the 
credit applied for or originated.\836\
---------------------------------------------------------------------------

    \836\ A financial institution would be required to report the 
credit purpose or purposes by selecting the purpose or purposes of 
the covered credit transaction applied for or originated from the 
following list: Purchase, construction/improvement, or refinance of 
owner-occupied dwelling(s); purchase, construction/improvement, or 
refinance of non-owner-occupied dwelling(s); purchase, construction/
improvement, or refinance of non-dwelling real estate; purchase, 
construction/improvement, or refinance of owner-occupied, non-
dwelling real estate; purchase, refinance, or rehabilitation/repair 
of motor vehicle(s) (including light and heavy trucks); purchase, 
refinance, or rehabilitation/repair of equipment; working capital 
(includes inventory or floor planning); business start-up; business 
expansion; business acquisition; refinance existing debt (other than 
refinancings listed above); line increase; other; not provided by 
applicant and otherwise undetermined; or not applicable. A financial 
institution reporting ``other'' would be required to enter the 
purpose or purposes as free-form text. The Bureau analyzes free-form 
text under the proposed balancing test in part VI.C.6.xix below.
---------------------------------------------------------------------------

    Disclosing the purpose of the credit in the public application-
level 1071 data in unmodified form would facilitate enforcement of fair 
lending laws. Because financial institutions may generally consider 
credit used for certain purposes to be riskier than credit used for 
other purposes, data about the purpose of the credit would help ensure 
that users can compare applicants with similar profiles, thereby 
controlling for factors that might provide non-discriminatory 
explanations for some disparities in credit and pricing decisions. 
Disclosing data about the purpose of the credit would also be useful 
for identifying business and community development needs and 
opportunities of small businesses. Information about the purpose of the 
credit would help the public understand whether small businesses face 
barriers accessing credit that they would be seeking to use for a 
particular purpose. In conjunction with NAICS code and census tract, 
information about the purpose of the credit could help the public 
understand whether small businesses in certain industries or in certain 
communities face unique challenges accessing credit to, for example, 
purchase equipment or expand their businesses.
    Disclosing the purpose of the credit in the 1071 data in unmodified 
form by itself would likely disclose minimal, if any, information about 
an applicant or

[[Page 56528]]

related natural person that may be harmful or sensitive if such person 
were re-identified, or that may be harmful or sensitive to an 
identified financial institution. However, information about the 
purpose of the credit could be useful to adversaries such as a small 
business's competitors, potential acquirers, or new market entrants, 
since it contains information about a business's strategy and 
performance, such as whether a business is expanding or conducting an 
acquisition. Nonetheless, this information would generally not be 
detailed enough to cause small businesses competitive harm. The value 
of this information to a small business's competitors is also likely to 
be mitigated by the delay between the date of action taken on a loan 
and the publication of the application-level 1071 data.
    Disclosure of credit purpose in unmodified form may also reveal 
information that financial institutions regard as harmful or sensitive, 
such as information that a financial institution offers credit that is 
used for certain purposes. However, as discussed under Risk of Harm or 
Sensitivity in part VI.C.4.ii above, the Bureau does not believe that 
disclosure would permit the reverse-engineering of a financial 
institution's proprietary lending models.
    The Bureau has not identified publicly available datasets that 
include data fields an adversary could directly match to the credit 
purpose data fields in unmodified form in the public application-level 
1071 data with respect to an applicant or related natural person. 
Identified public datasets pertaining to small business loans generally 
do not contain information about the purpose of the credit. Therefore, 
an adversary would have difficulty using the credit purpose data fields 
to match a section 1071 record to an identified publicly available 
record accurately.
    The Bureau seeks comment on this analysis.
vi. Amount Applied for
    Proposed Sec.  1002.107(a)(7) would require financial institutions 
to collect and report to the Bureau the initial amount of credit or the 
initial credit limit requested by the applicant.
    Disclosing amount applied for in the public application-level 1071 
data in unmodified form would help facilitate enforcement of fair 
lending laws by allowing data users to control for other variables in 
the data. Several industry representatives expressed concern that these 
data could lead to misinterpretations based on perceived disparate 
treatment as opposed to the complex nature of commercial lending. For 
example, financial institutions may consider different or additional 
underwriting criteria, depending on the amount applied for. 
Applications for large lines of credit might require an in-depth cash-
flow analysis, while a smaller line of credit may be underwritten, in 
part, based on a business's (or business owner's) credit scores. In 
conjunction with amount approved or originated, this data field would 
allow data users to determine the difference between the amount an 
applicant requested, and the amount approved or originated. This 
information would also help data users identify potentially 
discriminatory lending patterns and distinguish them from legitimate 
business factors when combined with other data. This type of 
information is important to consider in fair lending analyses since the 
amount applied for may affect the likelihood of denial or the price of 
an approved loan.
    Amount applied for would also help data users understand lending 
disparities. For example, data users would be able to identify 
potential fair lending violations where certain small businesses 
disproportionately receive less credit than applied for on a prohibited 
basis. Finally, the amount applied for would help communities, 
governmental entities, and creditors monitor the demand for credit. 
Specifically, when combined with NAICS code and census tract, the 
amount applied for could help data users assess the demand for credit 
in particular industries and communities and enable data users to 
devise strategies for narrowing or eliminating potential inequalities.
    Disclosing amount applied for in the 1071 data in unmodified form 
would likely disclose information about an applicant or related natural 
person that may be harmful or sensitive if such person were re-
identified. Business owners might view details about the amount applied 
for as sensitive, particularly where they are concerned about the risk 
of being re-identified as an applicant for credit. In addition, the 
amount applied for could also lead to targeted marketing of products or 
services that pose risks that are not apparent, because it could help 
lenders target small businesses that received less credit than they 
requested with offers for loans at higher rates or fees. The amount 
applied for is generally not included in other publicly available data, 
so it would likely not be useful to adversaries seeking to match 1071 
data with other publicly available data. However, the Bureau believes 
amount applied for would be useful to an adversary. For example, a 
significant shortfall between the amount applied for and the amount 
approved could be used either by an applicant's competitor or by a 
consumer, to infer that the business has a relatively weak financial 
position. With information on whether or not a business is granted a 
loan, an adversary might gain insight into the scale of a business's 
objectives based on the amount applied for and/or approved. The 
relative scarcity of this information at present would also increase 
the value to adversaries of re-identification. In addition, as 
discussed under Risk of Harm or Sensitivity in part VI.C.4.ii above, 
the Bureau does not believe that disclosure would permit the reverse-
engineering of a financial institution's proprietary lending models.
    The Bureau has not identified publicly available datasets that 
include data fields an adversary could directly match to the amount 
applied for data field in unmodified form in the public application-
level 1071 data with respect to an applicant or related natural person.
    If the Bureau determines that the amount applied for should be 
modified, the Bureau may consider recoding the data into bins. For 
example, the Bureau could recode the amount applied for into bins of 
$25,000.
    The Bureau seeks comment on this analysis.
vii. Amount Approved or Originated
    Proposed Sec.  1002.107(a)(8) would require financial institutions 
to collect and report to the Bureau: (i) For an application for a 
closed-end credit transaction that is approved but not accepted, the 
amount approved by the financial institution; or (ii) for a closed-end 
credit transaction that is originated, the amount of credit originated; 
or (iii) for an application for an open-end credit transaction that is 
originated or approved but not accepted, the amount of the credit limit 
approved.
    Disclosing amount approved or originated in the public application-
level 1071 data in unmodified form would allow users to identify 
potentially discriminatory lending patterns in which small business 
applicants might be receiving less credit due to a prohibited basis. 
These data would also enable data users to devise strategies for 
narrowing or eliminating these inequalities. Additionally, in 
conjunction with amount applied for, disclosure of these data fields 
would allow data users to determine if there is a difference between 
the amount requested and the amount approved or originated. This 
information would help data users identify any potentially 
discriminatory lending patterns in

[[Page 56529]]

which small businesses might disproportionately receive less credit 
than what they applied for on a prohibited basis. As described above, 
when combined with the amount applied for, these data also could 
provide significant value as a control in fair lending analysis. 
Additionally, due to the sometimes complex nature of underwriting in 
commercial lending, when combined with credit purpose these data would 
allow users to identify potential discrimination when comparing loan 
applications for similar purposes.
    The amount approved or originated would also be useful for business 
and community development purposes. Disparities with respect to the 
provision of credit can significantly impede the growth of women-owned 
and minority-owned businesses. When combined with census tract, these 
data could help users understand whether women-owned and minority-owned 
businesses are experiencing issues accessing credit in their 
communities (separate from the question of whether potential fair 
lending violations are occurring). When combined with NAICS codes, 
these data could help users understand whether women-owned and 
minority-owned businesses in particular industries are struggling to 
access credit. In addition, these data would allow data users to 
approximate the size of the small business lending market.
    Like the amount applied for data field, disclosing amount approved 
or originated in the 1071 data in unmodified form would likely disclose 
information about an applicant or related natural person that might be 
harmful or sensitive if such person were re-identified, or that might 
be harmful or sensitive to an identified financial institution. The 
Bureau believes that information about the amount approved or 
originated could be useful to potential adversaries. For example, for 
creditors, these data fields would provide some insight into 
competitors' lending practices, particularly when combined with other 
data points such as gross annual revenue, number of workers, time in 
business, and pricing. These data might allow creditors to make general 
inferences about the relative risk appetites of their competitors. 
However, as discussed under Risk of Harm or Sensitivity in part 
VI.C.4.ii above, the Bureau does not believe that disclosure would 
permit the reverse-engineering of a financial institution's proprietary 
lending models.
    The Bureau has identified publicly available datasets that include 
data fields an adversary could directly match to the amount approved or 
originated data fields in unmodified form in the public application-
level 1071 data with respect to an applicant or related natural person. 
Credit amount approved or originated is often widely available in 
public datasets, such as loan-level data for the SBA 7(a) and 504 
programs, as well as property records and UCC filings. Therefore, in 
unmodified form, adversaries would be able to match the amount of 
credit approved or originated to an existing public record.
    If the Bureau determines that the amount approved or originated 
should be modified, the Bureau may consider recoding the data into 
bins. For example, the Bureau could recode the data into bins of 
$25,000.
    The Bureau seeks comment on this analysis.
viii. Action Taken (Type) and Denial Reasons
    Proposed Sec.  1002.107(a)(9) and (11) would require financial 
institutions to collect and report to the Bureau the action taken by 
the financial institution on the covered application, reported as 
originated, approved but not accepted, denied, withdrawn by the 
applicant, or incomplete; and if applicable, for denied applications, 
the principal reason or reasons the financial institution denied the 
covered application.\837\
---------------------------------------------------------------------------

    \837\ As discussed in the section-by-section analysis of 
proposed Sec.  1002.107(a)(12) above, the list of denial reasons 
would include the following: Business credit characteristics, 
personal credit characteristics (of business owner(s) or 
guarantor(s)), use of loan proceeds (i.e., a non-permissible 
purpose), cash flow, collateral (insufficient or inappropriate or 
unacceptable), time in business, government criteria, aggregate 
exposure of business and its principal owner(s), unverifiable 
information, other, or not applicable. A financial institution 
reporting ``other'' would be required to enter the denial reason or 
reasons as free-form text. The Bureau analyzes free-form text under 
the proposed balancing test in part VI.C.6.xix below.
---------------------------------------------------------------------------

    Disclosing action taken and denial reasons in the public 
application-level 1071 data in unmodified form would provide important 
data on credit outcomes for small businesses, including women-owned and 
minority-owned small businesses, that apply for credit. Data provided 
by these data fields would allow data users to examine the rates of 
originations, approvals, denials, and incomplete and withdrawn 
applications, and whether they differ among groups protected under 
ECOA. Of the stakeholders that provided feedback on this issue, several 
supported the collection of action taken and denial reason data in 
order to track demand for credit and identify potential discrimination. 
Information that credit was originated or was approved, but not 
accepted, would help data users determine whether there are potential 
disparities in the terms and conditions received by women-owned and 
minority-owned small businesses. Information that an application was 
incomplete or withdrawn would highlight potential issues of 
discouragement, level of assistance disparities, or other 
discriminatory treatment that could cause women-owned or minority-owned 
small businesses to walk away from the lending process or otherwise 
fail to complete the application. One commenter stated that capturing 
incomplete and withdrawn applications was important as it may reflect 
discouragement or discriminatory treatment, and that the approved but 
not accepted category could reflect less favorable pricing or loan 
terms. For example, when combined with amount approved or originated, 
data users could also identify issues of possible discouragement where 
lenders have potentially under-funded loan applications from women-
owned and minority-owned businesses.
    Denial reasons would help data users examine reasons for credit 
denials particularly for women-owned and minority-owned businesses. For 
example, when combined with action taken date, denial reasons could 
help identify potential denial reasons disproportionately affecting 
protected classes, which may be useful to identify discrimination and 
enable data users to potentially develop strategies for narrowing or 
eliminating inequalities. These data would also be useful as a way to 
compare similarly situated applicants, which could be useful to both 
identify and explain potential disparities. Disclosing action taken and 
denial reasons would also be useful for business and community 
development purposes. The type of action taken would provide insights 
into the supply of credit. Data users would be able to monitor rates of 
credit denial, which can provide information on the willingness of 
creditors to lend, when combined with other data. Granular denial 
reason codes would also provide useful actionable information to small 
business applicants generally. For example, where small businesses are 
denied loans because of insufficient collateral, or time in business, 
data users could help direct programs and investment targeted 
specifically to these businesses in a particular community. When 
combined with census tract, analysis of denial reasons by geographical 
area could help identify whether small businesses in certain areas are 
experiencing higher rates of

[[Page 56530]]

denial and the specific reasons for denial.
    During the SBREFA process, stakeholders commented that disclosure 
of denial reasons would be embarrassing for applicants and might 
discourage them from applying for credit.\838\ Several industry 
commenters believed that reporting reasons for denial would reveal 
information that would be very harmful or sensitive for businesses or 
natural persons. The Bureau agrees that this information could be 
harmful or sensitive for applicants or related natural persons.
---------------------------------------------------------------------------

    \838\ See SBREFA Panel Report at 34-35.
---------------------------------------------------------------------------

    Commenters also described sensitivities associated with originated 
loans, such as concerns that some small business owners could be 
reluctant to be perceived as needing credit in the first place. One 
industry stakeholder believed that disclosure of action taken would 
allow competitors to reverse engineer a financial institution's credit 
scoring model. The Bureau does not believe disclosing the fact that 
credit was sought, in and of itself, likely would be harmful or 
sensitive to small businesses because credit is widely used by small 
businesses. Furthermore, the harm or sensitivity of disclosing 
information that credit was originated is mitigated by the publication 
of originated loan details in UCC filings, for instance. Additionally, 
as discussed under Risk of Harm or Sensitivity in part VI.C.4.ii above, 
the Bureau does not believe that disclosure of action taken would 
permit the reverse-engineering of a financial institution's proprietary 
lending models.
    The Bureau has not identified publicly available datasets that 
include data fields an adversary could directly match to data fields 
for denied applications (and reasons for denial) in unmodified form in 
the public application-level 1071 data with respect to an applicant or 
related natural person. However, at a category level, these data fields 
could tell adversaries which records it may be possible to match 
against other databases that include originated loans, as opposed to 
unoriginated loan records that cannot be matched in this way. Credit 
denials or credit offered but not originated are generally not 
disclosed to the public. Specifically, most of these data fields 
included in this data point are not found in publicly available sources 
of records that contain the identity of an applicant; the only data 
field that would be consistently available would be for originated 
loans. Without such an identified publicly available record to match 
with, there would likely be difficulty in attempting to re-identify an 
applicant by matching a 1071 record using these data fields.
    However, as discussed under Re-Identification Risk in part VI.C.4.i 
above, adversaries may be able to use other data fields, such as census 
tract, NAICS code, and identified public information, such as business 
directories, to determine the identity of an applicant or related 
natural person. Thus, if applicants and related natural persons could 
be re-identified, an adversary could learn information about 
application denials for these businesses and use this information for a 
variety of purposes.
    The Bureau seeks comment on this analysis. In light of the 
potential harm or sensitivity arising from the disclosure of 
application denials and the reasons for denial, the Bureau seeks 
comment on whether there are specific modifications it should consider, 
and whether modifying these data fields by grouping them, or deleting 
these data fields, would appropriately balance the privacy risks and 
benefits of disclosure, in light of the purposes of section 1071.
ix. Action Taken Date
    Proposed Sec.  1002.107(a)(10) would require financial institutions 
to collect and report the date of the action taken by the financial 
institution.
    Disclosing action taken date in the public application-level 1071 
data in unmodified form would allow data users to monitor trends over 
time in small business lending more precisely than they could if only 
the year were disclosed.\839\ When combined with application date, 
information about the date of action taken would enable data users to 
determine the length of time, for different groups, between when 
businesses applied for credit and when they received the credit 
decision. This information would have benefits for fair lending 
analysis, allowing data users to determine whether certain groups 
experience different processing times (for example, longer processing 
for women-owned business, or faster denials for minority-owned 
businesses). The action taken date also would help ensure that users 
evaluating potential disparities in pricing or other terms and 
conditions can compare applicants that obtained loans on similar dates, 
thereby controlling for factors that might provide a legitimate 
explanation for some disparities, such as different market interest 
rates or different institutional practices over different time periods.
---------------------------------------------------------------------------

    \839\ Whether or not the Bureau discloses the date of action 
taken, the application-level data will indicate the year in which 
action was taken, because the 1071 data would be disclosed annually 
based on the date of action taken.
---------------------------------------------------------------------------

    Disclosing action taken date in the 1071 data in unmodified form 
would likely disclose minimal, if any, information about an applicant 
or related natural person that may be harmful or sensitive if such 
person were re-identified, or that may be harmful or sensitive to an 
identified financial institution.
    The Bureau has identified publicly available datasets that include 
data fields an adversary could directly match to the action taken date 
data field in unmodified form in the public application-level 1071 data 
with respect to an applicant or related natural person. Public 
availability of the action taken date depends on the type of action 
taken. For example, the approval date of originated loans is widely 
publicly available in SBA 7(a), 504, and other program loan-level 
records that identify borrowers, and the date of executed agreements is 
often available for property records and UCC filings, which could be 
closely related to action taken date. For originated loans, action 
taken date would substantially facilitate matching with publicly 
available datasets that identify borrowers. Additionally, the 1071 data 
could identify the lender as well as the application date and action 
taken date. Where action taken date is on or near the UCC filing date, 
for example, an adversary might be able to use the date and lender on 
the UCC filings to identify the borrowers of originated loans in the 
eventual 1071 data. Action taken date may be less useful in re-
identifying applicants of loans that were not originated because the 
action taken date for such loans is rarely publicly available.
    If the Bureau determined that action taken date should be modified, 
the Bureau may consider disclosing the date at a higher level; for 
example, disclosing the month in which action was taken, but not the 
specific date. This could reduce the re-identification risk from 
sources such as UCC filings that may include the specific date of 
action taken. In light of the potential re-identification risk arising 
from this data field, the Bureau seeks comment on whether there are 
other specific modifications it should consider and whether deletion 
would balance the risks and benefits of disclosure.
    The Bureau seeks comment on this analysis.
x. Pricing Information
    Proposed Sec.  1002.107(a)(12) would require financial institutions 
to collect and report to the Bureau the following

[[Page 56531]]

information regarding the pricing of a covered credit transaction that 
is originated or approved but not accepted, as applicable: (i) The 
interest rate; \840\ (ii) total origination charges, defined as the 
total amount of all charges payable directly or indirectly by the 
applicant and imposed directly or indirectly by the financial 
institution at or before origination as an incident to or a condition 
of the extension of credit; (iii) broker fees, defined as the total 
amount of all origination charges that are fees paid by the applicant 
directly to a broker or to the financial institution for delivery to a 
broker; (iv) initial annual charges, defined as the total amount of all 
non-interest charges that are scheduled to be imposed over the first 
annual period of the covered credit transaction; (v) additional costs 
for merchant cash advances or other sales-based financing, defined as, 
for a merchant cash advance or other sales-based financing transaction, 
the difference between the amount advanced and the amount to be repaid; 
and (vi) prepayment penalties.\841\
---------------------------------------------------------------------------

    \840\ If the interest rate is fixed, the proposal would require 
the financial institution to report the interest rate that is or 
would be applicable to the covered credit transaction. If the 
interest rate is adjustable, the proposal would require the 
financial institution to report the margin, index value, and index 
name that is or would be applicable to the covered credit 
transaction at origination. The proposal would also require the 
financial institution to report the index used by selecting the 
index used from a specified list. If the index used does not appear 
on the list of indices provided, the financial institution would 
report ``other'' and provide the name of the index as free-form 
text. The Bureau analyzes free-form text under the proposed 
balancing test in part VI.C.6.xix below.
    \841\ The proposal would require the financial institution to 
report whether the financial institution could have included a 
charge to be imposed for paying all or part of the transaction's 
principal before the date on which the principal is due under the 
policies and procedures applicable to the covered credit 
transaction. The proposal also would require the financial 
institution to report whether the terms of the covered credit 
transaction include a charge imposed for paying all or part of the 
transaction's principal before the date on which the principal is 
due.
---------------------------------------------------------------------------

    The Bureau believes that these pricing data fields would serve to 
further both the fair lending purpose and the business and community 
development purpose of section 1071. The statutory data points alone 
offer limited insight into underwriting disparities and no insight into 
predatory prices or pricing disparities. For example, the statutory 
data points alone might show that a particular market segment is 
expanding and apparently filling an important need, but this could 
actually be an area with predatory conduct. Pricing information would 
allow the Bureau and others to understand the situation more 
accurately. Data collection without pricing information could have the 
unintended consequence of incentivizing irresponsible lending, as 
providers seeking to increase representation of underserved groups 
could be encouraged to adopt high-cost models of lending.
    Without information on pricing, data users would be unable to 
screen for fair lending pricing risks and prioritize fair lending 
enforcement resources. In addition, if potential discriminatory conduct 
is monitored effectively with regard to loan approvals, but not with 
regard to pricing, industry compliance systems may focus solely on 
approvals and denials and ignore potential pricing disparities. Having 
pricing data available in the public application-level 1071 data would 
also increase transparency and demonstrate to responsible lenders where 
business opportunities exist to offer credit to underserved markets. 
Pricing data could also help small businesses identify where credit may 
be available on better terms. The Bureau provides additional analysis 
of the benefits of the pricing data fields in the section-by-section 
analysis of proposed Sec.  1002.107(a)(12) above, including proposed 
Sec.  1002.107(a)(12)(i) through (vi).
    During the SBREFA process, several industry commenters expressed 
concern that pricing data could lead financial institutions to 
artificially flatten prices or create misperceptions about disparities 
among applicants, in light of the complexity of underwriting decisions. 
One industry commenter stated that pricing data could present ``privacy 
risk'' to applicants in rural communities, without specifying the 
nature of the risk. Several SERs stated that pricing data may be 
sensitive to financial institutions. One of these SERs suggested that 
even aggregate pricing information would be commercially sensitive data 
for a financial institution. While acknowledging other SERs' concerns, 
a few SERs stated that information on competitors' pricing is 
relatively easy to obtain now.
    The Bureau believes that information about the interest rates and 
fees charged in connection with credit represents basic information 
about the features of a product generally would present low risk of 
harm or sensitivity. Disclosure of pricing data in unmodified form may 
reveal information that some applicants or related natural persons may 
regard as harmful or sensitive, such as a reflection of their perceived 
credit risk. However, the Bureau received feedback during the SBREFA 
process that multiple factors contribute to pricing for small business 
credit. Disclosure of pricing data in unmodified form may also reveal 
information that financial institutions regard as harmful or sensitive, 
such as the prices a financial institution charges for certain types of 
credit. However, as discussed under Risk of Harm or Sensitivity in part 
VI.C.4.ii above, the Bureau does not believe that disclosure of pricing 
information would permit the reverse-engineering of a financial 
institution's proprietary lending models.
    The Bureau has identified publicly available datasets that include 
data fields an adversary could directly match to the pricing data 
fields in unmodified form in the public application-level 1071 data 
with respect to an applicant or related natural person. Identified data 
about the interest rate and fees charged for a given loan are available 
from a limited number of publicly available datasets, such as data for 
the SBA 7(a) and 504 programs. Additionally, the PPP loan program has a 
uniform 1 percent interest rate.
    During the SBREFA process, one industry stakeholder stated that, if 
pricing data are collected, the Bureau should publish them along with 
demographic information only in aggregate form, such as at an industry 
or multi-firm level, rather than the application level. The commenter 
stated that publication of pricing information along with demographic 
information risks creating the perception of potential fair lending 
violations that are not based on adequate analysis. The Bureau notes 
that 1071 data alone (including pricing data) generally could not be 
used to determine whether a lender is complying with fair lending laws. 
For example, HMDA data have a long history of utility for fair lending 
purposes even though they alone generally do not offer proof of 
compliance with fair lending laws. Additionally, in the section-by-
section analysis of proposed Sec.  1002.107(a)(12) above, the Bureau 
seeks comment on additional information that could help reduce 
misinterpretations of disparities in pricing, including modifications 
to the pricing information under proposed Sec.  1002.107(a)(12).
    If the Bureau determines that pricing data should be modified, the 
Bureau may consider recoding the pricing information data fields into 
bins. For example, the Bureau may consider recoding interest rates into 
bins of 0.25 percentage points or origination fees into bins of $500. 
The Bureau may also consider top-coding pricing data fields, which 
would mask particularly high values.
    The Bureau seeks comment on this analysis.

[[Page 56532]]

xi. Census Tract
    Proposed Sec.  1002.107(a)(13) would require financial institutions 
to collect and report the census tract in which is located: (1) The 
address or location where the proceeds of the credit applied for or 
originated will be or would have been principally applied; or, (2) if 
this information is unknown, the address or location of the main office 
or headquarters of the applicant; or, (3) if this information is also 
unknown, another address or location associated with the applicant. In 
addition to reporting the census tract, the financial institution would 
be required to indicate which one of these three types of addresses or 
locations the census tract is based on.
    Disclosing census tract data in the public application-level 1071 
data in unmodified form would aid in fulfilling both the fair lending 
and business and community development purposes of section 1071 by 
providing more useful information on the location of the credit 
activity for fair lending analysis and understanding where the business 
and community development is occurring. With respect to fair lending 
enforcement, a measure of geography at the neighborhood or community 
level is necessary to identify redlining--the illegal practice in which 
those in a certain area or neighborhood are denied access to credit, 
are charged higher prices, or are otherwise not given the same access 
to credit as those in other areas, on the basis of race or for some 
other prohibited reason. Additionally, because differences in the level 
of competition in the local credit market may contribute to differences 
in interest rates or approval rates for otherwise similarly situated 
small businesses, census tract data would help ensure that users can 
compare applicants with similar profiles, thereby controlling for 
factors that might provide non-discriminatory explanations for some 
disparities in credit and pricing decisions.
    The inclusion of a geographic indicator, such as census tract, that 
identifies the appropriate community--not merely the appropriate county 
or State--would further the statute's community and business 
development purposes. Census tract data would enable data users to 
monitor credit conditions in particular communities and identify 
communities that are underserved by the small business credit market. 
In addition, requiring data on the nature of the address reported would 
aid in fulfilling both the fair lending and business and community 
development purposes of section 1071 by facilitating accurate analyses 
of the data reported.
    Disclosing the census tract in the 1071 data in unmodified form 
would likely disclose minimal, if any, information about an applicant 
or related natural person that may be harmful or sensitive if such 
person were re-identified, or that may be harmful or sensitive to an 
identified financial institution. The Bureau is aware that, for sole 
proprietors, the main office address of small business applicants is 
frequently a home address. However, the actual street address would not 
be reported or disclosed. In addition, small businesses commonly make 
their locations available in the normal course of their business by 
disclosing their addresses.
    If the address reflects where the proceeds of the credit will be or 
would have been principally applied, disclosing the census tract may 
reveal some information about an applicant's business strategy, 
particularly if paired with the loan purpose data field. For example, 
the data could indicate that a small business is pursuing or was 
pursuing an expansion to a particular address. However, the value of 
this information to a small business's competitors is likely to be 
mitigated by the delay between the date of action taken on a loan and 
the publication of the application-level 1071 data. Disclosure of the 
census tract in unmodified form may also reveal information that 
financial institutions regard as harmful or sensitive, such as a 
financial institution's trade area. However, as discussed under Risk of 
Harm or Sensitivity in part VI.C.4.ii above, the Bureau does not 
believe that disclosure would permit the reverse-engineering of a 
financial institution's proprietary lending models.
    During the SBREFA process, several industry stakeholders stated 
that geographic identifiers such as census tract would have a high 
potential to contribute to the re-identification of businesses or 
natural persons, especially in small towns or rural areas, where only 
one or two businesses may be located in a census tract. Several 
industry commenters expressed concern about re-identification risks 
arising from the combination of the census tract data fields with other 
data fields, noting that it might be difficult to predict which data 
fields could contribute to re-identification. One commenter stated that 
tax assessor and UCC records could be used to re-identify businesses in 
rural areas, and that adversaries with personal knowledge of businesses 
in rural areas could learn about a business's or natural person's 
sensitive financial characteristics. Some SERs stated that the 
combination of geographic identifiers and information about a small 
business's industry could make it easy to re-identify businesses in 
remote or rural areas.\842\ Two industry stakeholders stated that 
census tract and data about the type and purpose of financing would 
contribute to the re-identification of businesses or natural persons. 
One of these commenters also stated that combining geographic 
identifiers with data on the amount applied for or approved could 
contribute to re-identification. One industry commenter stated that 
census tract, combined with gross annual revenue and NAICS code, could 
facilitate re-identification of applicants in areas with low 
populations. A community group stakeholder stated that increasing the 
universe of financial institutions reporting 1071 data would mitigate 
privacy concerns about disclosing census tract.
---------------------------------------------------------------------------

    \842\ See SBREFA Panel Report at 34-35.
---------------------------------------------------------------------------

    The Bureau has identified publicly available datasets that include 
data fields an adversary could directly match to the census tract data 
field in unmodified form in the public application-level 1071 data with 
respect to an applicant or related natural person. The Bureau expects 
that, in most cases, the census tract that financial institutions would 
report to the Bureau would be based on the address or location of the 
main office or headquarters of the applicant, either because that is 
where the proceeds of the credit will be applied or because the 
financial institution does not know the location or address where the 
proceeds of the credit will be applied, but does know the main office 
or headquarters address. The Bureau believes that, for many small 
businesses, this address or location is likely to be publicly available 
on the internet from sources such as the business's website and review 
websites. Information about a business's location is also likely 
available from loan-level data for public loan programs as well as from 
private datasets, such as from data brokers. Therefore, in many cases, 
the Bureau believes an adversary could use the census tract data 
fields, combined with other fields, to match a section 1071 record to 
an identified publicly available record.
    Disclosing the census tract is likely to produce unique instances 
in the data--particularly when combined with the 6-digit NAICS code, if 
the 6-digit NAICS code is disclosed in unmodified form. There are 
currently 73,057 census tracts and 1,057 6-digit NAICS codes,\843\

[[Page 56533]]

which produce over 77 million combinations. With so many possible 
combinations, there would likely be many instances in the 1071 data 
where the census tract and 6-digit NAICS code form a unique 
combination. Regarding the comment that increasing the universe of 
financial institutions reporting 1071 data would mitigate privacy 
concerns about disclosing census tract, the Bureau's proposals 
regarding the coverage of the 1071 rule are addressed elsewhere in this 
proposed rule.
---------------------------------------------------------------------------

    \843\ See U.S. Census Bureau, 2010 Census Tallies, https://www.census.gov/geographies/reference-files/time-series/geo/tallies.html (last visited Aug. 23, 2021) (2010 Census Tallies) 
(number of census tracts); Off. of Mgmt. & Budget, North American 
Industry Classification System (NAICS) Updates for 2022, 86 FR 
35350, 35352 (July 2, 2021) (number of 6-digit NAICS codes).
---------------------------------------------------------------------------

    During the SBREFA process, several commenters suggested ways the 
Bureau might modify census tract data to reduce privacy risk. Several 
industry commenters recommended that the Bureau disclose geographical 
data on the county or State level to reduce re-identification risk. One 
SER recommended the reporting of geographic data only at the State 
level or higher. The SER stated that even county-level data in some 
areas could potentially lead to re-identification of applicants or 
borrowers.
    A joint comment from a number of community groups recommended that 
the Bureau consider modifying data with a low number of observations in 
a census tract to be reported at the zip code or county level. One SER 
recommended that the Bureau establish a minimum sample size before 
publishing application-level data for some rural markets to avoid 
privacy risks. A community group stakeholder recommended masking 
techniques such as moving data from a census tract with few 
observations to a contiguous or nearby census tract. This commenter 
also recommended that the Bureau consider switching records for 
similarly situated applicants between nearby census tracts to make it 
impossible to reconnect individual applicants while preserving the 
benefits of the data.
    If the Bureau were to modify census tract, it might consider 
disclosing a broader location category, such as county or State. Census 
tracts are defined by the U.S. Census Bureau, and the next-largest 
geographic identifier in the Census Bureau's hierarchy of geographic 
identifiers is county. The next-largest geographic identifier after 
county is State. While likely reducing re-identification risk 
substantially, disclosing the county or State instead of the census 
tract would also reduce the utility of the 1071 data. There are 73,057 
census tracts, as noted above, but only 3,143 counties,\844\ suggesting 
a significant loss of geographic detail in modifying census tract. The 
Bureau could potentially use a geographic designation larger than 
census tract but smaller than county. However, since the use of Census 
Bureau-defined geographies is widespread, using modifications that 
already reflect standard Census Bureau-defined geographies 
significantly improves the utility of the data to data users.
---------------------------------------------------------------------------

    \844\ See 2010 Census Tallies.
---------------------------------------------------------------------------

    The Bureau seeks comment on this analysis. The Bureau seeks comment 
on how disclosing the county, State, or some other geographic 
identifier--rather than the census tract--would affect the benefits of 
disclosure, the potential for harm or sensitivity, and the potential 
for re-identification of applicants or related natural persons.
xii. Gross Annual Revenue
    Proposed Sec.  1002.107(a)(14) would require financial institutions 
to collect and report to the Bureau the gross annual revenue of the 
applicant for its preceding full fiscal year prior to when the 
information is collected.
    Disclosing gross annual revenue in the public application-level 
1071 data in unmodified form would facilitate enforcement of fair 
lending laws. Many creditors use gross annual revenue to help define 
whether a business is a small business and set revenue thresholds for 
assigning risk. Information about gross annual revenue would help 
ensure that users who are evaluating potential disparities in 
underwriting or pricing can compare small businesses with similar 
revenues, thereby controlling for a factor that might provide a 
legitimate explanation for some disparities. Disclosing gross annual 
revenue would also be useful for identifying business and community 
development needs and opportunities of small businesses. And because 
gross annual revenue is often used as a proxy for the size of a small 
business, these data could allow users to determine the availability of 
credit for small businesses of various sizes--including the very 
smallest businesses, which may face unique challenges accessing credit.
    Disclosing gross annual revenue in the 1071 data in unmodified form 
would likely disclose information about an applicant or related natural 
person that may be harmful or sensitive if such person were re-
identified. One SER stated during the SBREFA process that, in the case 
of sole proprietorships, gross annual revenue can serve as a proxy for 
the small business owner's personal income. The Bureau believes that 
disclosing gross annual revenue in unmodified form would likely 
disclose sensitive information because it could reflect the financial 
condition of a small business or, where a small business is a sole 
proprietorship, a natural person. With respect to the risk of harm or 
sensitivity to financial institutions, other creditors might use gross 
annual revenue data to learn more about the types of small businesses 
with which their competitors do business. However, as discussed under 
Risk of Harm or Sensitivity in part VI.C.4.ii above, the Bureau does 
not believe that disclosure would permit the reverse-engineering of a 
financial institution's proprietary lending models.
    Gross annual revenue data are likely to be of interest to potential 
adversaries. As described below, gross annual revenue data are not 
available on a widespread basis from identified public databases. 
Competitors of the small business, other commercial entities, 
creditors, researchers, or persons with criminal intent all may have an 
interest in using these data to monitor the size or performance of an 
applicant that may be a rival, partner, or target of inquiry, 
investigation, or illegal activity.
    The Bureau has identified publicly available datasets that include 
data fields an adversary could directly match to the gross annual 
revenue data field in unmodified form in the public application-level 
1071 data with respect to an applicant or related natural person. Gross 
annual revenue data are available from private databases. Gross annual 
revenue data are also available from data for New York State's women- 
and minority-owned business certification program, in which it is 
recoded into bins. However, these data are not available from 
identified public databases on a widespread basis.
    During the SBREFA process, a community group stakeholder 
recommended that the Bureau consider reporting gross annual revenue in 
categories rather than specific amounts. An industry commenter 
recommended that the Bureau delete gross annual revenue from the public 
application-level 1071 data to protect the privacy of an applicant or 
related natural person. If the Bureau determines that gross annual 
revenue should be modified, the Bureau may consider recoding gross 
annual revenue data into bins by, for example, disclosing the data in 
ranges of $25,000. The Bureau may also consider top-coding gross annual 
revenue, which would mask particularly high values, thereby reducing 
the identifiability of application data from businesses with especially 
high gross annual revenue.

[[Page 56534]]

    The Bureau seeks comment on this analysis.
xiii. NAICS Code
    Proposed Sec.  1002.107(a)(15) would require financial institutions 
to collect and report to the Bureau a 6-digit North American Industry 
Classification System (NAICS) code appropriate for the applicant.\845\
---------------------------------------------------------------------------

    \845\ As discussed above in the section-by-section analysis of 
proposed Sec.  1002.107(a)(15), the SBA customizes its size 
standards on an industry-by-industry basis using 1,057 6-digit NAICS 
codes. The first two digits of a NAICS code broadly capture the 
industry sector of a business. The third digit captures the 
industry's subsector, the fourth captures the industry group, and 
the fifth captures the industry code. The NAICS code thus becomes 
more specific as digits increase and the 6-digit long code is the 
most specific. For example, NAICS code 453910 describes a pet supply 
store, for which the 2-digit industry sector is the 44-45 ``Retail 
Trade'' sector. See Small Bus. Admin., Table of Small Business Size 
Standards Matched to North American Industry Classification System 
Codes, https://www.sba.gov/sites/default/files/2019-08/SBA%20Table%20of%20Size%20Standards_Effective%20Aug%2019%2C%202019_Rev.pdf.
---------------------------------------------------------------------------

    Disclosing 6-digit NAICS codes in the public application-level 1071 
data in unmodified form would be useful for identifying business and 
community development needs and opportunities of small businesses. Such 
business and community development needs and opportunities may differ 
widely based on industry, even controlling for other factors. For 
example, 6-digit NAICS codes would help data users understand how small 
businesses in different industries use credit as well as identify 
industries in which small businesses face challenges accessing credit. 
Furthermore, disclosing NAICS codes would provide for consistency and 
compatibility with other public datasets related to small business 
lending activity, which generally use NAICS codes. This ability to 
synthesize 1071 data with other datasets would help the public use the 
data in ways that would advance both the fair lending and business and 
community development purposes of section 1071.
    Disclosing 6-digit NAICS codes in the 1071 data in unmodified form 
would also facilitate enforcement of fair lending laws in other ways. 
Financial institutions often designate certain industries as high-risk, 
such as industries that have high rates of businesses leaving the 
market or that deal primarily in cash transactions. The 6-digit NAICS 
codes would help ensure that users can compare applicants with similar 
profiles, thereby controlling for factors that might provide non-
discriminatory explanations for some disparities in credit and pricing 
decisions. The Bureau also believes that using the SBA's 6-digit NAICS 
codes (as opposed to the 2-digit code) would enable the public to 
identify whether disparities arise at a sector level and would provide 
more specific information on the types of businesses that are accessing 
or struggling to access credit.\846\
---------------------------------------------------------------------------

    \846\ For example, a wide variety of businesses, including those 
providing car washes, footwear and leather goods repair, and nail 
salons all fall under the 2-digit sector code 81: Other Services 
(except Public Administration).
---------------------------------------------------------------------------

    Including 6-digit NAICS codes in the public application-level 1071 
data in unmodified form by itself would likely disclose minimal, if 
any, information about an applicant or related natural person that may 
be harmful or sensitive if such person were re-identified, or that may 
be harmful or sensitive to an identified financial institution. The 6-
digit NAICS codes are unlikely to be harmful or sensitive to a small 
business because information about a small business's industry is 
likely to be apparent to anyone interacting with it. Disclosure of the 
6-digit NAICS codes in unmodified form may reveal information that 
financial institutions regard as harmful or sensitive, such as the 
industries with which the financial institution does business. However, 
as discussed under Risk of Harm or Sensitivity in part VI.C.4.ii above, 
the Bureau does not believe that disclosure would permit the reverse-
engineering of a financial institution's proprietary lending models.
    During the SBREFA process, several industry commenters stated that 
NAICS codes would increase re-identification risk for small businesses, 
particularly in combination with geographic identifiers, such as census 
tract. The Bureau has identified publicly available datasets that 
include data fields an adversary could directly match to the NAICS code 
data field in unmodified form in the public application-level 1071 data 
with respect to an applicant or related natural person. A business's 
NAICS code is likely to be publicly available in loan-level data for 
public loan programs such as the 7(a), 8(a), or PPP programs and in 
private datasets. In addition, even where the specific NAICS code may 
not be publicly available, it could be derived with reasonable accuracy 
from other public information that is available for most businesses, 
such as business directories, a business's website, or from personal 
observation by members of the community where a business is located. 
Therefore, in many cases, an adversary could use 6-digit NAICS codes, 
combined with other fields, to match a section 1071 record to an 
identified publicly available record.
    The 6-digit NAICS code data field is likely to produce unique 
instances in the data, especially when combined with census tract, if 
census tract is disclosed in unmodified form. There are currently 
73,057 census tracts and 1,057 6-digit NAICS codes,\847\ which produce 
over 77 million combinations. With so many possible combinations, there 
would likely be many instances in the 1071 data where the census tract 
and 6-digit NAICS code form a unique combination.
---------------------------------------------------------------------------

    \847\ See 2010 Census Tallies (number of census tracts); Off. of 
Mgmt. & Budget, North American Industry Classification System 
(NAICS) Updates for 2022, 86 FR 35350, 35352 (July 2, 2021) (number 
of 6-digit NAICS codes).
---------------------------------------------------------------------------

    If the Bureau determines that the 6-digit NAICS code should be 
modified, the Bureau may consider disclosing NAICS codes at a higher 
level by disclosing the 2-digit, 3-digit, or 4-digit NAICS code instead 
of the 6-digit code. Disclosing NAICS code at a higher level would 
reduce re-identification risk but would also reduce the utility of the 
data. There are 1,057 6-digit NAICS codes, as noted above, but there 
are only 99 3-digit subsectors and 20 broad 2-digit sectors.\848\ As a 
result, disclosing NAICS code at a higher level would reduce the 
specificity of the information in the 1071 data about the small 
business's industry.
---------------------------------------------------------------------------

    \848\ Off. of Mgmt. & Budget, North American Industry 
Classification System (NAICS) Updates for 2022, 86 FR 35350, 35352 
(July 2, 2021).
---------------------------------------------------------------------------

    The Bureau seeks comment on this analysis. The Bureau specifically 
seeks comment on how disclosing the 2-, 3-, or 4-digit NAICS code--
rather than the 6-digit NAICS code--would affect the benefits of 
disclosure, the potential harm and sensitivity, and potential for re-
identification for this data field.
xiv. Number of Workers
    Proposed Sec.  1002.107(a)(16) would require financial institutions 
to collect and report to the Bureau the number of non-owners working 
for the applicant.
    Disclosing number of workers in the public application-level 1071 
data in unmodified form would be useful for identifying business and 
community development needs and opportunities of small businesses. This 
information would give the public a greater understanding of how the 
business and community development needs and opportunities of small 
businesses may differ based on the number of workers. The number of 
workers would help the public understand, for example, the extent to 
which ``non-employer'' businesses, which do not have

[[Page 56535]]

employees besides the owner, and ``microbusinesses,'' which are 
typically defined as having fewer than 10 employees, may face unique 
challenges accessing credit or may use credit in different ways. 
Identifying the number of workers would also allow data users to 
understand the number of jobs supported by loans to a business. 
Disclosing the number of workers would also advance the fair lending 
purpose of section 1071. This information would help ensure that users 
of the 1071 data who are evaluating potential disparities in 
underwriting or pricing can compare small businesses with a similar 
number of workers, thereby controlling for a factor that might provide 
a legitimate explanation for some disparities.
    Disclosing number of workers in the application-level 1071 data in 
unmodified form would likely disclose minimal, if any, information 
about an applicant or related natural person that may be harmful or 
sensitive if such person were re-identified, or that may be harmful or 
sensitive to an identified financial institution. Financial 
institutions may use data about the number of workers to learn more 
about the types of small businesses with which their competitors do 
business. However, as discussed under Risk of Harm or Sensitivity in 
part VI.C.4.ii above, the Bureau does not believe that disclosure would 
permit the reverse-engineering of a financial institution's proprietary 
lending models.
    Furthermore, information about the number of workers is also likely 
to be publicly available for many businesses. State registries of 
businesses may include information about a business's number of 
workers. Private databases also commonly include this information, 
which is often verified by the business. Further, loan-level records 
from SBA loan programs include a field for the number of jobs supported 
by a loan, which in some instances may reflect the business's number of 
workers. In the Bureau's view, the public availability of this 
information decreases any potential sensitivity or harm of disclosing 
number of workers in the application-level 1071 data. At the same time, 
the Bureau believes that the utility of number of workers data in the 
public application-level 1071 data to potential adversaries would be 
low due to the widespread public availability of this information.
    The Bureau has identified publicly available datasets that include 
data fields an adversary could directly match to the number of workers 
data field in unmodified form in the public application-level 1071 data 
with respect to an applicant or related natural person. As noted above, 
information about a business's number of workers is found in many 
publicly available datasets in which the business's name is identified, 
including State business registries, commercial databases, and loan-
level records from SBA loan programs. Therefore, in many cases, an 
adversary could use number of workers, combined with other fields, to 
match a section 1071 record to an identified publicly available record. 
Data on a business's number of workers may easily produce unique 
combinations, particularly when combined with other data fields in the 
public application-level 1071 data and particularly for businesses with 
higher numbers of workers, which are more likely to be unique in the 
dataset.
    If the Bureau determines that the number of workers data field 
should be modified, the Bureau may consider recoding the data into 
bins. The Bureau could also top-code number of workers, given that 
larger values in the 1071 data are more likely to be unique.
    The Bureau seeks comment on this analysis.
xv. Time in Business
    Proposed Sec.  1002.107(a)(17) would require financial institutions 
to collect and report to the Bureau the time the applicant has been in 
business, described in whole years, as relied on or collected by the 
financial institution.
    Disclosing time in business in the public application-level 1071 
data in unmodified form would advance both the fair lending and 
business and community development purposes of section 1071. As 
discussed in greater detail above in the section-by-section analysis of 
proposed Sec.  1002.107(a)(17), start-ups and new businesses play an 
important role in the business ecosystem, particularly with respect to 
job creation. Time in business data would allow data users to better 
identify the proportion of small businesses seeking credit that are 
start-ups or relatively new businesses, the types of credit that are 
offered and provided to start-ups and newer businesses, the geographic 
makeup of those businesses, the types of financial institutions that 
are reaching such businesses, and where communities might focus 
business development efforts. The data may also aid policymakers in 
addressing issues impacting the growth of small start-ups. The data, 
particularly as to unmet demand, could help interested financial 
institutions identify lending opportunities to reach more start-ups and 
new businesses, promoting both business and community development.
    Disclosing time in business would also facilitate the enforcement 
of fair lending laws. Because lenders generally perceive younger 
businesses as having higher credit risk, time in business data would 
help ensure that users can compare applicants with similar profiles, 
thereby controlling for factors that might provide non-discriminatory 
explanations for some disparities in credit and pricing decisions.
    Disclosing time in business in the 1071 data in unmodified form 
would likely disclose minimal, if any, information about an applicant 
or related natural person that may be harmful or sensitive if such 
person were re-identified, or that may be harmful or sensitive to an 
identified financial institution. During the SBREFA process, one 
industry commenter recommended that the Bureau delete time in business 
from the public application-level 1071 data, citing general concerns 
that the data field could facilitate re-identification and disclose 
previously non-public information to competitors.\849\ However, while 
financial institutions may use time in business data to learn more 
about the types of small businesses with which their competitors do 
business, the Bureau does not believe that disclosure would permit the 
reverse-engineering of a financial institution's proprietary lending 
models, as discussed under Risk of Harm or Sensitivity in part 
VI.C.4.ii above. Information about time in business is also likely to 
be publicly available for many businesses. Businesses typically 
disclose their date of establishment in public registration filings. 
Many commercial databases also include this information. In the 
Bureau's view, the existing public availability of this information 
decreases any potential harm or sensitivity of disclosing time in 
business in the public application-level 1071 data.
---------------------------------------------------------------------------

    \849\ The commenter did not make clear whether it was referring 
to competitors of a small business or competitors of a financial 
institution.
---------------------------------------------------------------------------

    The Bureau has identified publicly available datasets that include 
data fields an adversary could directly match to the time in business 
data field in unmodified form in the public application-level 1071 data 
with respect to an applicant or related natural person. As noted above, 
information about time in business is found in many publicly available 
datasets, including State business registries and commercial databases. 
Therefore, in many cases, an adversary could use time in business, 
combined with other fields, to match a section 1071 record to an 
identified

[[Page 56536]]

publicly available record. Time in business data may easily produce 
unique combinations, particularly when combined with other data fields 
in the public application-level 1071 data, and particularly for larger 
time in business values, which are more likely to be unique in the 
dataset.
    If the Bureau determines that the time in business data field 
should be modified, it may consider recoding time in business into 
bins--for example, using two- or five-year intervals--to reduce the 
identifiability of a specific length of time in business. The Bureau 
could also top-code time in business at a value such as 25 years, given 
that larger values are more likely to be unique. With regard to the 
industry commenter's recommendation that the Bureau delete time in 
business from the public application-level 1071 data based on re-
identification concerns, the Bureau's determination about whether this 
field should be modified or deleted will be based on the re-
identification analysis that it will conduct once it receives at least 
a full year of actual data reported by financial institutions.
    The Bureau seeks comment on this analysis. The Bureau specifically 
seeks comment on what intervals the Bureau should use if it were to 
recode time in business into bins and what value the Bureau should use 
if it were to top-code this data field.
xvi. Minority-Owned Business Status and Women-Owned Business Status
    Proposed Sec.  1002.107(a)(18) and (19) would require financial 
institutions to collect and report to the Bureau whether the applicant 
is a minority-owned business or a women-owned business and whether 
minority-owned business status or women-owned business status is being 
reported based on previously collected data pursuant to proposed Sec.  
1002.107(c)(2).\850\
---------------------------------------------------------------------------

    \850\ The collection and reporting of women-owned and minority-
owned business status is proposed to be based on applicants' self-
reporting and would rely on the meanings of ``ownership'' and 
``control'' defined in the CDD rule.
---------------------------------------------------------------------------

    Disclosing women-owned and minority-owned business status in the 
public application-level 1071 data in unmodified form is central to 
furthering the fair lending purpose of section 1071 and would promote 
the business and community development purpose of the statute by 
identifying opportunities for further development of women-owned and 
minority-owned small businesses. In fair lending analyses, knowing 
whether a business is women-owned or minority-owned would help data 
users identify potential discriminatory lending patterns. Publishing 
information on women-owned or minority-owned business status in the 
public application-level 1071 data would help data users examine and 
identify potential disparities in small business lending. For example, 
when combined with action taken, data users would be able to identify 
if women-owned and minority-owned small businesses are denied for 
credit at disproportionate rates. In addition, when combined with 
pricing information, data users would be able to identify if women-
owned and minority-owned businesses are receiving credit at higher 
prices. Additionally, these data would allow communities, governmental 
entities, and creditors to determine areas where women-owned and 
minority-owned small businesses are underserved relative to other small 
businesses and to focus resources to identify business and community 
development opportunities for women-owned and minority-owned small 
businesses. Disclosing women-owned and minority-owned business status 
could also help communities, governmental entities, and creditors 
determine whether or not initiatives to increase access to credit for 
women-owned and minority-owned businesses are succeeding.
    Disclosing women-owned and minority-owned business status in the 
1071 data in unmodified form would likely disclose minimal, if any, 
information about an applicant or related natural person that may be 
harmful or sensitive if such person were re-identified, or that may be 
harmful or sensitive to an identified financial institution. While some 
applicants or related natural persons may regard this information as 
harmful or sensitive, the Bureau believes this information generally 
would present low risk of harm or sensitivity. The Bureau also believes 
that this information already may be available to the general public, 
as discussed in the paragraph below, and that this information would 
have relatively limited utility for adversaries if an applicant or 
related natural person were re-identified.
    However, in many cases, an adversary could use women-owned or 
minority-owned business status, in combination with other 1071 data, to 
match a section 1071 record to an identified publicly available record. 
The Bureau has identified publicly available datasets that include data 
fields an adversary could directly match to the minority- or women-
owned status data fields in unmodified form in the public application-
level 1071 data with respect to an applicant or related natural person. 
Women-owned business status and minority-owned business status is 
likely to be publicly available for many businesses. Many businesses 
also publicly register or certify with the SBA or State or local 
authorities as a women-owned or minority-owned business to access 
government programs. For example, businesses are identified as woman or 
minority-owned in the public loan-level SBA 7(a) and PPP data, and 
demographic status indicators are available in loan-level 8(a) records. 
Additionally, businesses' websites may have information about their 
owners that could be used to derive women-owned and minority-owned 
business status information. Private commercial databases also often 
contain this information, either imported from public records or 
estimated using software based on owner names (or both).
    The Bureau invites comment on this analysis.
xvii. Ethnicity, Race, and Sex of Principal Owners and Number of 
Principal Owners
    Proposed Sec.  1002.107(a)(20) would require financial institutions 
to collect and report to the Bureau the ethnicity, race, and sex of the 
applicant's principal owner(s); \851\ whether ethnicity and race are 
being collected by the financial institution on the basis of visual 
observation or surname; \852\ and whether ethnicity, race, or sex are 
being reported based on previously collected data pursuant to proposed 
Sec.  1002.107(c)(2). Unless a financial institution is permitted to 
report ethnicity, race, and sex information based on previously 
collected data pursuant to proposed Sec.  1002.107(c)(2), a financial 
institution must ask an applicant about its principal owners' 
ethnicity, race, and sex for each application. A financial institution 
must permit an applicant to

[[Page 56537]]

refuse to answer the financial institution's inquiry and report its 
refusal to answer the inquiry, or its failure to respond to the 
inquiry.
---------------------------------------------------------------------------

    \851\ Financial institutions would report ethnicity and race 
using the aggregate categories and disaggregated subcategories 
listed in proposed comments 107(a)(20)-5 and -6, respectively. 
Financial institutions would report sex as described in proposed 
comment 107(a)(20)-7, which prescribes that financial institutions 
shall report sex using the following categories: ``Male,'' 
``Female,'' ``I prefer to self-describe'' (with accompanying free-
form text), and ``I do not wish to provide this information.'' The 
Bureau analyzes free-form text under the proposed balancing test in 
part VI.C.6.xix below.
    \852\ Unless a financial institution is permitted to report 
ethnicity, race, and sex information based on previously provided 
data pursuant to proposed Sec.  1002.107(c)(2), a financial 
institution would be required to ask an applicant to report its 
principal owners' ethnicity, race, and sex for each application. In 
certain situations, discussed in proposed comments 107(a)(20)-7 and 
-8 and in proposed appendix G, a financial institution may also be 
required to report the ethnicity and race of one or more principal 
owner(s) based on visual observation and/or surname.
---------------------------------------------------------------------------

    Disclosing the ethnicity, race, and sex of the applicant's 
principal owner(s) in the public application-level 1071 data in 
unmodified form would be central to furthering the fair lending purpose 
of section 1071 and would promote the business and community 
development purpose of the statute by identifying opportunities for 
further development of women-owned and minority-owned small businesses. 
In fair lending analyses, data on the ethnicity, race, and sex of an 
applicant's principal owner(s) would be used to identify potential risk 
of discrimination under fair lending laws. These data would be 
essential for this purpose when analyzed in conjunction with data 
fields such as action taken, credit amount approved or originated, and 
pricing. For example, when combined with the type of action taken, 
ethnicity, race, and sex data of an applicant's principal owner(s) 
would help data users identify whether women-owned and minority-owned 
applicants are denied at higher rates on a prohibited basis. In 
addition, as discussed above with women-owned and minority-owned 
business status, when combined with pricing information, data on 
ethnicity, race, and sex of an applicant's principal owner(s) would 
help data users identify if women-owned and minority-owned businesses 
are receiving credit at higher prices. In addition, because the Bureau 
is proposing to require that financial institutions report ethnicity 
and race using the aggregate categories and disaggregated subcategories 
listed in proposed comments 107(a)(20)-5 and -6, respectively, such 
data would enable data users to identify potential discrimination or 
challenges accessing credit by particular ethnic and racial minorities.
    Data on ethnicity, race, and sex of the applicant's principal 
owner(s) would also be essential for the business and community 
development purpose of section 1071. These data would allow 
communities, governmental entities, and creditors to determine areas 
where women-owned and minority-owned small businesses are underserved 
relative to other small businesses. In addition, such demographic 
information about small business applicants would allow communities, 
governmental entities, and creditors to focus resources to identify 
business and community development opportunities for women-owned and 
minority-owned small businesses. For example, in conjunction with NAICS 
codes, these data would help data users identify challenges facing 
women-owned businesses and businesses owned by individuals from 
different ethnic and racial groups in particular industries. This 
information could also help communities and lenders focus investment 
and resources in traditionally underserved demographic groups.
    In general, disclosing the ethnicity, race, and sex of the 
applicant's principal owner(s) in the 1071 data in unmodified form 
would likely disclose minimal, if any information about an applicant or 
related natural person that may be harmful or sensitive if such person 
were re-identified, or that may be harmful or sensitive to an 
identified financial institution. As noted similarly above for the data 
fields on women-owned and minority-owned business status, while some 
applicants or related natural persons may regard this information as 
harmful or sensitive, the Bureau believes this information generally 
would present low risk of harm or sensitivity. The Bureau also notes 
that this information may be already available to the general public, 
and that this information would have relatively limited utility for 
adversaries if an applicant or related natural person were re-
identified.
    The Bureau has identified publicly available datasets that include 
data fields an adversary could directly match to the ethnicity, race, 
and sex of the applicant's principal owner(s) data fields in unmodified 
form in the public application-level 1071 data with respect to an 
applicant or related natural person. Information about the ethnicity, 
race, and sex of the applicant's principal owner(s) is available to the 
general public in some datasets.\853\ For example, certain State 
business registries, including those required to access women-owned and 
minority-owned business programs, provide this information. Other 
public record databases such as for SBA 8(a) and PPP loan programs also 
include ethnicity, race, and sex data alongside the borrower's name. 
Private databases often include information about the owners of 
businesses, which can be used to estimate ethnicity, race, and sex 
based on owner name. Therefore, in many cases, an adversary could use 
the ethnicity, race, and sex of the applicant's principal owner(s), 
combined with other fields, to directly or indirectly match a section 
1071 record to an identified publicly available record.
---------------------------------------------------------------------------

    \853\ Regulation B generally prohibits a creditor from inquiring 
about such protected demographic information in connection with a 
credit transaction unless otherwise required by Regulation B, ECOA, 
or other State or Federal law, regulation, order, or agreement. See 
Sec.  1002.5(a)(2). Relatedly, ECOA states that it is not 
discrimination for a financial institution to inquire about women-
owned or minority-owned business status, or the race, sex, and 
ethnicity of principal owners pursuant to section 1071. 15 U.S.C. 
1691(b).
---------------------------------------------------------------------------

    As discussed in the section-by-section analysis of proposed Sec.  
1002.107(a)(20) in part V above, the Bureau is proposing that financial 
institutions would report sex as described in proposed comment 
107(a)(20)-7, which prescribes that financial institutions shall report 
sex using the following categories: ``Male,'' ``Female,'' ``I prefer to 
self-describe'' (with accompanying free-form text), and ``I do not wish 
to provide this information.'' As such, if finalized, the Bureau would 
permit an applicant to self-describe their sex by selecting ``I prefer 
to self-describe'' with using free-from text. As discussed in part 
VI.C.6.xix below, the Bureau is proposing to delete free-form text from 
the public application-level 1071 data. However, the Bureau seeks 
comment on whether there are additional specific modifications it 
should consider with regard to applicants who choose to self-describe 
their sex.
    As discussed in the section-by-section analysis of proposed Sec.  
1002.107(a)(20) in part V above, the Bureau is seeking comment in this 
proposal about the reporting of sexual orientation and gender identity 
of principal owners--specifically, whether separate questions regarding 
sex, sexual orientation, and gender identity should be asked and, if 
so, what categories should be offered on the sample data collection 
form for use by applicants in responding to each question. The Bureau 
seeks comment on whether disclosing that one or more principal owners 
of an applicant has answered any of these questions, and how, could 
cause heightened sensitivity or risk of harm and whether there are 
specific modifications the Bureau should consider if such data points 
are included in the final rule.
    The Bureau seeks comment on this analysis.
xviii. Financial Institution Identifying Information
    Proposed Sec.  1002.109(b) would require a financial institution to 
provide the Bureau with certain information with its submission of its 
small business lending application register: (1) Its name; (2) its 
headquarters address; (3) the name and business contact information of 
a person who may be contacted with questions about the financial 
institution's submission; (4) its Federal prudential regulator, if 
applicable; (5) its Federal Taxpayer Identification Number; (6) its 
LEI; (7) its RSSD ID, if applicable; (8)

[[Page 56538]]

parent entity information,\854\ if applicable; (9) the type of 
financial institution that it is, indicated by selecting the 
appropriate type or types of institution from the list provided or 
entering free-form text; \855\ and (10) whether the financial 
institution is voluntarily reporting covered applications for covered 
credit transactions.
---------------------------------------------------------------------------

    \854\ Parent entity information would include the name of the 
immediate parent entity, the LEI of the immediate parent entity, if 
available, the RSSD ID number of the immediate parent entity, if 
available, the name of the top-holding parent entity, the LEI of the 
top-holding parent entity, if available, and the RSSD ID number of 
the top-holding parent entity, if available.
    \855\ The list would include the following types: Bank or 
savings association, minority depository institution, credit union, 
nondepository institution, community development financial 
institution (CDFI), other nonprofit financial institution, Farm 
Credit System institution, government lender, commercial finance 
company, equipment finance company, industrial loan company, 
fintech, and ``other'' (reported as free-form text). The Bureau 
analyzes free-form text under the proposed balancing test in part 
VI.C.6.xix below.
---------------------------------------------------------------------------

    Regulation C requires financial institutions to report similar 
information when submitting their loan-level HMDA data. Regulation C 
also requires financial institutions to report the calendar year of 
submission and the total number of entries in their loan-level HMDA 
data. Regulation C does not require financial institutions to submit 
their headquarters address, RSSD ID, or financial institution type or 
indicate whether they are reporting data voluntarily. With the 
exception of contact information for a person who can be reached about 
the financial institution's submission, the information financial 
institutions are required to submit with their HMDA submissions under 
Sec.  1003.5(a)(3) is publicly available through the FFIEC website.
    Financial institution identifying information other than individual 
contact information. For the reasons described below, the Bureau 
preliminarily determines that the privacy risks of disclosing the 
financial institution identifying information data fields in unmodified 
form, other than data fields containing the information for the 
financial institution's point of contact for its 1071 data submission 
(i.e., the name and business contact information of a person who may be 
contacted with questions about the submission), would be justified by 
the benefits of disclosure for section 1071's purposes. As such, the 
Bureau proposes to disclose such information to the public as reported, 
without modification. The Bureau seeks comment on this determination.
    Disclosing the financial institution identifying information, other 
than individual contact information, in the public application-level 
1071 data in unmodified form would facilitate the enforcement of fair 
lending laws. The purposes of section 1071 in large part concern 
evaluating the practices of individual financial institutions and 
disclosing their identifying information allows the public to evaluate 
their lending practices. Identifying their Federal regulator would also 
facilitate fair lending enforcement by enabling the public to 
communicate with the regulator in connection with administrative 
enforcement of fair lending laws. Disclosing RSSD ID and parent 
institution information would enable the public to map corporate 
relationships for financial institutions, which is also important for 
fair lending enforcement.
    Disclosing financial institution identifying information, including 
financial institution type, would enable the public to evaluate which 
financial institutions are reaching underserved areas of the market and 
the extent to which different types of financing is available from 
different types of institutions. And as described more fully in the 
section-by-section analysis of proposed Sec.  1002.109(b) above, 
financial institution identifying information would promote the fair 
lending and community and business development purposes of the statute 
by allowing users to identify financial institutions precisely and draw 
appropriate conclusions from the data.
    Several SERs and industry commenters expressed concern that 
disclosing financial institution identifying information would lead to 
frivolous litigation and unfounded reputational risks, and would 
increase the cost of credit or limit credit availability for small 
businesses.\856\
---------------------------------------------------------------------------

    \856\ One industry commenter stated that financial institutions 
might respond to perceived reputational risks by eliminating certain 
product offerings or modifying underwriting practices in a way that 
reduces the overall diversity of small business products.
---------------------------------------------------------------------------

    Disclosing financial institution identifying information in the 
1071 data in unmodified form would likely disclose minimal, if any, 
information about an applicant or related natural person that may be 
harmful or sensitive if such person were re-identified. While some 
businesses might view their identification as an applicant as harmful 
or sensitive, the Bureau does not believe revealing the name of the 
financial institution would significantly increase such risks. In 
addition, this information is already largely available from other 
identified public records, such as UCC filings. For the same reason, 
the Bureau does not believe revealing the name of the financial 
institution would significantly increase risk of fraud or identity 
theft to businesses or related natural persons caused by adversaries 
impersonating the financial institution.
    Disclosing financial institution identifying information in the 
1071 data in unmodified form would not, by itself, reveal information 
that is harmful or sensitive, given financial institutions' commercial 
interests. Additionally, other public records, such as public HMDA 
data, tax records, and commercial databases disclose Federal Taxpayer 
Identification number, RSSD ID, and LEI.\857\ Disclosing financial 
institution identifying information in unmodified form may reveal 
information that financial institutions regard as harmful or sensitive, 
but, as discussed under Risk of Harm or Sensitivity in part VI.C.4.ii 
above, the Bureau does not believe that disclosure of the information 
in the public application-level 1071 data would permit the reverse-
engineering of a financial institution's proprietary lending models. 
The Bureau acknowledges, however, that this information could, in some 
circumstances, lead to reputational risks and increased costs for 
financial institutions, which might be passed on to their customers in 
the form of increased costs or decreased access to credit.
---------------------------------------------------------------------------

    \857\ The FFIEC publishes transmittal sheet information, 
including LEI and Federal Taxpayer Identification number, on its 
website. Fed. Fin. Insts. Examination Council, Public Transmittal 
Sheet--Schema, https://ffiec.cfpb.gov/documentation/2020/public-ts-schema/ (last visited July 23, 2021).
---------------------------------------------------------------------------

    Several SERs were concerned that publishing financial institution 
identifying information could increase re-identification risk of 
applicants and related natural persons.\858\ One industry stakeholder 
provided feedback that customers of captive wholesale finance companies 
with applicant bases limited to franchises or licensees of a particular 
distributor or manufacturer would face unique re-identification risks. 
The commenter explained that, in many instances, these applicants may 
be the financial institution's only customer in a particular State, or 
one of only a very small number of customers in the State, heightening 
the privacy concerns for publication of data tied to these financial 
institutions.
---------------------------------------------------------------------------

    \858\ See SBREFA Panel Report at 34.
---------------------------------------------------------------------------

    The Bureau has identified publicly available datasets that include 
data fields an adversary could directly match

[[Page 56539]]

to financial institution identifying information data fields in 
unmodified form in the public application-level 1071 data with respect 
to an applicant or related natural person. Other identified public 
records, such as UCC filings, disclose financial institution name. 
Therefore, in many cases, an adversary could use identifying financial 
institution data fields, combined with other 1071 data fields, to match 
a section 1071 record to an identified public record. Because the 
Bureau does not intend to perform a re-identification analysis of the 
1071 data fields until 1071 data are reported, it has not determined 
the extent to which financial institution identifying information or 
other data fields could contribute to record uniqueness.\859\
---------------------------------------------------------------------------

    \859\ As discussed under Balancing Test Design in part VI.C.1 
above, while the proposed balancing test would consider the risk of 
harm or sensitivity to financial institutions, it would not consider 
re-identification risk with respect to financial institutions 
because the statute contemplates the disclosure of their identity.
---------------------------------------------------------------------------

    With respect to concerns raised regarding captive wholesale finance 
companies, the Bureau acknowledges that financial institution 
identifying information in unmodified form in the public application-
level 1071 data could, in combination with other data fields like 
census tract, NAICS codes, and credit type or purpose, facilitate re-
identification of applicants that have a common name, without requiring 
that adversaries match 1071 records to other identified datasets. As 
discussed in the section-by-section analysis of proposed Sec.  
1002.104(b) above, the Bureau proposes to exclude trade credit and 
other transactions from the scope of covered credit transactions. This 
might eliminate some transactions involving such lenders. The Bureau 
seeks comment on the circumstances under which a transaction involving 
a captive wholesale finance company would be covered by the proposal 
notwithstanding the exemption.
    To the extent there are such transactions, the Bureau seeks comment 
on the instances in which captive wholesale finance companies lend 
exclusively to businesses that are publicly branded in a way that can 
be easily matched to the identity of the financial institution. As 
discussed in the section-by-section analysis of proposed Sec.  
1002.109(b) above, the Bureau also seeks comment on whether a final 
rule could include certain categories of financial institution types 
that would allow the Bureau to easily identify such financial 
institutions in the unmodified 1071 dataset without an application-
level analysis. Finally, the Bureau seeks comment on whether there are 
particular modification techniques that would reduce re-identification 
risks and risks of harm or sensitivity for applicants and related 
natural persons who might be re-identified in the public application-
level 1071 data.
    The Bureau has considered whether a modification of the 1071 data 
available to the public short of deleting financial institution 
identifying information (other than individual contact information) 
would appropriately balance identified privacy risks and disclosure 
benefits of this data field. Several SERs stated that a solution to 
their concerns about financial institution privacy would be for the 
Bureau not to release the names of financial institutions when 
publishing 1071 data.\860\
---------------------------------------------------------------------------

    \860\ See SBREFA Panel Report at 36.
---------------------------------------------------------------------------

    The Bureau proposes to disclose financial institution identifying 
information, other than individual contact information, to the public 
as reported, without modification. The Bureau preliminarily determines 
that risks to privacy interests from the disclosure of this data field 
in unmodified form would be justified by the benefits of disclosure for 
section 1071's purposes. As described above, while the Bureau has not 
conducted a uniqueness analysis, it is very likely that disclosure of 
financial institution identifying information would substantially 
facilitate the re-identification of applicants or related natural 
persons. If such persons were re-identified, disclosure of other 1071 
data fields would likely create a risk of harm or sensitivity. In 
addition, the disclosure of other proposed 1071 data fields in 
combination with identifying financial institution name likely would 
reveal information that may be harmful or sensitive to financial 
institutions. The Bureau nonetheless determines that these risks to 
privacy would be justified by the benefits of disclosure in light of 
section 1071's purposes.
    The Bureau also seeks comment on this analysis and its proposal to 
disclose these fields without modification in the public application-
level 1071 data.
    Individual contact information. Proposed Sec.  1002.109(b)(1)(iii) 
would require financial institutions to report the name and business 
contact information of a person who may be contacted with questions 
about the financial institution's submission. In contrast to the other 
financial institution identifying information described above, the 
Bureau preliminarily determines that the privacy risks of disclosure in 
unmodified form of this data field would not be justified by the 
benefits of disclosure for section 1071's purposes. As such, the Bureau 
proposes to delete such information from the publicly available data. 
The Bureau seeks comment on this determination.
    Disclosing individual contact information in the public 
application-level 1071 data in unmodified form would enable the public 
to contact natural persons at financial institutions about the 
technical aspects of a financial institution's submission of 
application-level data. However, the Bureau does not believe this would 
promote the fair lending or community or business development purposes 
of section 1071 because the Bureau, not the general public, will 
coordinate with this person to ensure proper submission of data. 
Moreover, the person designated by the financial institution to respond 
to questions about the submission might not necessarily be designated 
by the financial institution for engaging with the general public.
    Disclosing individual contact information in the 1071 data in 
unmodified form would likely not disclose any information about an 
applicant or related natural person if such person were re-identified. 
However, disclosing the name and contact information of natural persons 
designated by the financial institution would disclose information that 
may be harmful or sensitive to identified financial institutions and 
its employees. Financial institutions have a legitimate interest in 
protecting the identities of their employees from the public, 
consistent with their job functions, and persons identified for 
purposes of questions about the financial institution's submission to 
the Bureau might not necessarily be responsible for engaging with the 
general public.
    The Bureau has considered whether a modification of the 1071 data 
available to the public other than exclusion of individual contact 
information would appropriately balance identified privacy risks and 
disclosure benefits of this data field. Because disclosure of this data 
field in unmodified form would not promote the purposes of section 1071 
and would likely reveal information that would be harmful or sensitive 
to a financial institution and its employees, the Bureau does not 
believe there is a modification that would appropriately balance the 
privacy risks and disclosure benefits for this data field. Accordingly, 
the Bureau preliminarily determines that deleting individual contact 
information would appropriately balance the privacy risks and 
disclosure benefits of this data field.

[[Page 56540]]

    The Bureau seeks comment on this analysis as well as its proposed 
deletion.
xix. Free-Form Text
    Proposed Sec.  1002.107(a) would require financial institutions to 
use free-form text to report certain data fields where a financial 
institution reports information that is not included in a list of data 
fields provided. Under proposed Sec.  1002.107(a)(5), (6), (11), (12), 
and (20), free-form text could be used to report credit type (product 
and guarantee information); credit purpose; denial reasons; pricing 
(the interest rate index used); and ethnicity, race, and sex.\861\ 
Financial institutions also would have flexibility in describing 
identifying information that would be provided under proposed Sec.  
1002.109(b). Free-form text used to report ethnicity, race, and sex 
would be completed based on information provided by applicants; all 
other free-form text would be completed based on information provided 
by the financial institution.
---------------------------------------------------------------------------

    \861\ For example, the proposal would require financial 
institutions to report credit purpose by choosing one or more 
purposes from a specified list. Financial institutions selecting 
``other'' would be required to report that other purpose as free-
form text.
---------------------------------------------------------------------------

    Free-form text would allow the reporting of any information, 
including information that may be harmful or sensitive to applicants, 
related natural persons, and possibly the interests of financial 
institutions. Such information might also create a significant risk of 
re-identification for applicants or related natural persons. Given the 
expected amount of 1071 data reported each year, it will not be 
feasible for the Bureau to review the free-form text submitted before 
publishing the application-level 1071 data. The Bureau believes at this 
time that, under the balancing test, deleting free-form text from the 
public application-level 1071 data, other than with respect to the 
financial institution identifying information described in part 
VI.C.6.xviii above, would appropriately balance the benefits of 
disclosure with the risks to the privacy interests of applicants, 
related natural persons, and financial institutions.
    The Bureau seeks comment on this analysis as well as its proposed 
deletion.

VII. Dodd-Frank Act Section 1022(b)(2) Analysis

    The Bureau is considering the potential benefits, costs, and 
impacts of the proposed rule. The Bureau requests comment on the 
preliminary discussion presented below, as well as submissions of 
additional data that could inform the Bureau's consideration of the 
benefits, costs, and impacts of the proposed rule. In developing the 
proposed rule, the Bureau has consulted with or offered to consult with 
the prudential regulators (the Board of Governors of the Federal 
Reserve System, the Federal Deposit Insurance Corporation, the National 
Credit Union Administration, and the Office of the Comptroller of the 
Currency), the Department of Agriculture, the Department of Housing and 
Urban Development, the Department of Justice, the Department of the 
Treasury, the Economic Development Administration, the Farm Credit 
Administration, the Federal Trade Commission, the Financial Crimes 
Enforcement Network, the Minority Business Development Agency, and the 
Small Business Administration regarding, among other things, 
consistency with any prudential, market, or systemic objectives 
administered by such agencies.
    In the Dodd-Frank Act, which was enacted ``[t]o promote the 
financial stability of the United States by improving accountability 
and transparency in the financial system,'' Congress directed the 
Bureau to adopt regulations governing the collection of small business 
lending data. Under section 1071, covered financial institutions must 
compile, maintain, and submit certain specified data points regarding 
applications for credit for women-owned, minority-owned, and small 
businesses, along with ``any additional data that the Bureau determines 
would aid in fulfilling the purposes of [section 1071].'' Under the 
proposed rule, covered financial institutions would be required to 
collect and report the following data points: (1) A unique identifier, 
(2) application date, (3) application method, (4) application 
recipient, (5) credit type, (6) credit purpose, (7) amount applied for, 
(8) amount approved or originated, (9) action taken, (10) action taken 
date, (11) denial reasons, (12) pricing information, (13) census tract, 
(14) gross annual revenue, (15) NAICS code, (16) number of workers, 
(17) time in business, (18) minority-owned business status, (19) women-
owned business status, (20) ethnicity, race, and sex of principal 
owners, and (21) the number of principal owners.
    Under the proposed rule, financial institutions would be required 
to report data on small business credit applications under section 1071 
if they originated at least 25 covered credit transactions in each of 
the two preceding calendar years. The Bureau is proposing to define an 
application as an oral or written request for a covered credit 
transaction that is made in accordance with the procedures used by a 
financial institution for the type of credit requested, with some 
exceptions. The Bureau is proposing to define the term covered credit 
transaction as an extension of business credit that is not an excluded 
transaction. Loans, lines of credit, credit cards, and merchant cash 
advances (including such credit transactions for agricultural purposes 
and those that are also covered by HMDA \862\ (that is, HMDA-reportable 
transactions)) would all fall within the transactional scope of this 
proposed rule. The Bureau is broadly proposing to not cover the 
following types of transactions: Factoring, leases, consumer-designated 
credit used for business purposes, credit secured by certain investment 
properties, trade credit, public utilities credit, securities credit, 
and incidental credit. Additionally, the Bureau is proposing that a 
business is a small business if and only if its gross annual revenue 
for its preceding fiscal year is $5 million or less.
---------------------------------------------------------------------------

    \862\ 12 U.S.C. 2801 et seq.
---------------------------------------------------------------------------

A. Statement of Need

    Congress directed the Bureau to adopt regulations governing the 
collection of small business lending data. Specifically, section 1071 
of the Dodd-Frank Act amended ECOA to require financial institutions to 
compile, maintain, and submit to the Bureau certain data on 
applications for credit for women-owned, minority-owned, and small 
businesses. Congress enacted section 1071 for the purpose of 
facilitating enforcement of fair lending laws and enabling communities, 
governmental entities, and creditors to identify business and community 
development needs and opportunities of women-owned, minority-owned, and 
small businesses. The Bureau is issuing this proposed rule to implement 
the section 1071 mandate.
    Small businesses play a key role in fostering community development 
and fueling economic growth both nationally and in their local 
communities.\863\ However, comprehensive data on loans to small 
businesses currently are limited. The largest sources of information on 
lending by depository institutions are the FFIEC and NCUA Call Reports 
and reporting under the CRA. Under the FFIEC Call Report and CRA 
reporting regimes, small loans to businesses of any size are used in 
whole or in part as a proxy for loans to small businesses. The FFIEC 
Call Report captures banks'

[[Page 56541]]

and savings associations' total outstanding number and amount of small 
loans to businesses (that is, loans originated under $1 million to 
businesses of any size; small loans to farms are those originated under 
$500,000) by institution.\864\ The CRA requires banks and savings 
associations with assets over a specified threshold (currently $1.305 
billion) to report data on loans to businesses with origination amounts 
of $1 million or less; reporters are asked to indicate whether the 
borrower's gross annual revenue is $1 million or less, if they have 
that information.\865\ Under the CRA, banks and savings associations 
report aggregate numbers and values of originations at an institution 
level and at various geographic levels. The NCUA Call Report captures 
credit unions' total originations, but not applications, on all loans 
over $50,000 to members for commercial purposes, regardless of any 
indicator about the business's size.\866\ Some federally funded loan 
programs, such as the SBA's 7(a) or 504 programs and the CDFI Fund 
require reporting of loan-level data, but only for loans that received 
support under those programs. Nondepository institutions do not report 
small business lending applications under any of these reporting 
regimes. There are no similar sources of information about lending to 
small businesses by nondepository institutions.
---------------------------------------------------------------------------

    \863\ See generally White Paper.
    \864\ See FFIEC Call Report at Schedule RC-C Part II.
    \865\ See 2015 FFIEC CRA Guide at 11, 13. Small business loans 
are defined for CRA purposes as loans whose original amounts are $1 
million or less and that were reported on the institution's Call 
Report or Thrift Financial Report (TFR) as either ``Loans secured by 
nonfarm or nonresidential real estate'' or ``Commercial and 
industrial loans.'' Small farm loans are defined for CRA purposes as 
loans whose origination amounts are $500,000 or less and were 
reported as either ``Loans to finance agricultural production and 
other loans to farmers'' or ``Loans secured by farmland.''
    \866\ See Nat'l Credit Union Admin., Call Report Form 5300 (June 
2020), https://www.ncua.gov/files/publications/regulations/form-5300-june-2020.pdf.
---------------------------------------------------------------------------

    There are also a variety of non-governmental data sources, issued 
by both private and nonprofit entities, that cover small businesses 
and/or the small business financing market. These include datasets and 
surveys published by commercial data and analytics firms, credit 
reporting agencies, trade associations, community groups, and academic 
institutions. See part II.B for additional information on these 
sources. While these non-public sources of data on small businesses may 
provide a useful supplement to existing Federal sources of small 
business lending data, these private and nonprofit sources often do not 
have lending information, may rely on unverified research based on 
public internet sources, and/or narrowly limit use cases for parties 
accessing data. Further, commercial datasets are generally not free to 
public users and can be costly, raising equity issues for stakeholders 
who cannot afford access.
    Under the proposed rule, covered financial institutions would be 
required to compile, maintain, and submit data regarding the race, sex, 
and ethnicity of the principal owners of the business and whether a 
small business is women-owned or minority-owned. No other source of 
data comprehensively collects this type of demographic information on 
small business loan applications.
    Section 1071 requires financial institutions to report detailed 
application-level data to the Bureau, and to make it available to the 
public upon request. Such information will constitute a public good 
that illuminates the lending activities of financial institutions and 
the small business lending market in general. In particular, the public 
provision of application-level data will: (1) Provide small businesses 
and financial institutions with additional information to improve 
credit market outcomes and (2) allow members of the public, public 
officials, and other stakeholders to better assess compliance with 
antidiscrimination statutes.
    First, the data made public pursuant to the proposed rule will 
provide information that could help to improve credit outcomes in the 
small business lending market. As discussed above, market-wide data on 
small business credit transactions is currently limited. Neither the 
public nor private sectors provide extensive data on credit products or 
terms. Small business owners have access to very little information on 
typical rates or products offered by different lenders. As a result, 
small business owners are limited in their ability to shop for the 
credit product that best suits their needs at the best price. The 
information made public pursuant to the proposed rule will provide 
extensive data on product types and credit terms that community 
development groups or commercial services could use to provide better 
information to small businesses. For example, a commercial provider 
could provide small businesses with information on what products 
lenders typically offer and at what rates. These data will allow small 
business owners to more easily compare credit terms and evaluate credit 
alternatives. By engaging in more informed shopping, small business 
owners may achieve better credit outcomes.
    Furthermore, financial institutions can analyze data to understand 
small business lending market conditions and determine how best to 
provide credit to borrowers. However, financial institutions are not 
able to conduct very granular or comprehensive analyses because the 
data on small business lending are limited. The data made public 
pursuant to the proposed rule will allow financial institutions to 
better understand the demand for small business credit products and the 
conditions under which they are being supplied by other covered 
financial institutions. The data will help enable institutions to 
identify potentially profitable opportunities to extend credit. Small 
business owners, as a result, could benefit from increased credit 
availability.
    Second, while data made public pursuant to the proposed rule may 
not constitute conclusive evidence of credit discrimination on its own, 
the data will enable members of the public, regulators, and other 
stakeholders to better assess compliance with antidiscrimination 
statutes. Application-level data that include information on business 
owners' race, sex, and ethnicity, as well as whether the business is 
women- or minority-owned, are necessary for the public to evaluate a 
lender's practices for potential risks of violating antidiscrimination 
statutes. However, as described above, there are currently no 
application-level data comprehensive enough or that contain the 
required demographic information to enable the public to conduct these 
kinds of analyses. The data made public pursuant to the proposed rule 
will be comprehensive and contain the necessary data fields for such 
analysis. Users will be able to examine whether, for example, a lender 
denies applications from women- or minority-owned businesses at higher 
rates than those that are not or whether these businesses are charged 
higher prices. This kind of transparency can place appropriate pressure 
on lenders to ensure that there is equity in their credit provision. 
Additionally, data collected under the proposed rule will contain the 
data fields that allow users to conduct more accurate fair lending 
analyses by comparing applications for credit products with similar 
characteristics.

B. Baseline for the Consideration of Costs and Benefits

    The Bureau has discretion in any rulemaking to choose an 
appropriate scope of consideration with respect to potential benefits 
and costs and an appropriate baseline. The Bureau

[[Page 56542]]

interpreted section 1071 to mean that obligations for financial 
institutions to collect, maintain, and submit data ``do not arise until 
the Bureau issues implementing regulations and those regulations take 
effect.'' \867\ Accordingly, this analysis considers the benefits, 
costs, and impacts of the major provisions of the proposed rule against 
a pre-section 1071 rule baseline, i.e., the current state of the world 
before the Bureau's section 1071 rule is implemented. Under this 
baseline, the Bureau assumes that institutions are complying with 
regulations that they are currently subject to, including reporting 
data under HMDA and CRA. The Bureau believes that such a baseline will 
also provide the public with better information about the benefits and 
costs of this rule.
---------------------------------------------------------------------------

    \867\ See Letter from Leonard Kennedy, General Counsel, CFPB, to 
Chief Executive Officers of Financial Institutions under Section 
1071 of the Dodd-Frank Act (Apr. 11, 2011), https://files.consumerfinance.gov/f/2011/04/GC-letter-re-1071.pdf.
---------------------------------------------------------------------------

C. Basic Approach of the Bureau's Consideration of Benefits and Costs 
and Data Limitations

    Pursuant to section 1022(b)(2)(A) of the Dodd-Frank Act,\868\ in 
prescribing a rule under the Federal consumer financial laws (which 
include ECOA and title X of the Dodd-Frank Act), the Bureau is required 
to consider the potential benefits and costs to ``consumers'' and 
``covered persons,'' including the potential reduction of access by 
consumers to consumer financial products or services resulting from 
such rule, and the impact of proposed rules on covered persons as 
described under section 1026 of the Dodd-Frank Act \869\ (i.e., 
depository institutions and credit unions with $10 billion or less in 
total assets), and the impact on consumers in rural areas.
---------------------------------------------------------------------------

    \868\ 12 U.S.C. 5512(b)(2)(A).
    \869\ 12 U.S.C. 5516.
---------------------------------------------------------------------------

    As mentioned above, section 1022(b)(2)(A) refers to ``consumers'' 
and ``covered persons''; the Dodd-Frank Act defines the term 
``consumer'' as an individual or someone acting on behalf of an 
individual, while a ``covered person'' is one who engages in offering 
or providing a ``consumer financial product or service,'' which means a 
financial product or service that is provided to consumers primarily 
for ``personal, family, or household purposes.'' \870\ In the 1071 
rulemaking, however, the only parties directly affected by the rule are 
small businesses (rather than individual consumers) and the financial 
institutions from whom they seek credit (rather than covered persons). 
Accordingly, a section 1022(b)(2)(A) analysis that considers only the 
costs and benefits to individual consumers and to covered persons would 
not meaningfully capture the costs and benefits of the rule.
---------------------------------------------------------------------------

    \870\ 12 U.S.C. 5481(4) through (6).
---------------------------------------------------------------------------

    Below, the Bureau conducts the statutorily required analysis with 
respect to the rule's effects on consumers and covered persons. 
Additionally, the Bureau is electing to conduct this same analysis with 
respect to small businesses and the financial institutions required to 
compile, maintain, and submit data fields under the proposed rule. This 
discussion relies on data that the Bureau has obtained from industry, 
other regulatory agencies, and publicly available sources. However, as 
discussed further below, the data limit the Bureau's ability to 
quantify the potential costs, benefits, and impacts of the proposed 
rule.
1. Analysis With Respect to Consumers and Covered Persons
    The proposed rule implements a data collection regime in which 
certain covered financial institutions must compile, maintain, and 
submit data with respect to applicants for credit for small businesses. 
The rule does not directly impact consumers or consumers in rural 
areas, as those terms are defined by the Dodd-Frank Act. Some covered 
persons, including some that are depository institutions or credit 
unions with $10 billion or less in total assets, will be directly 
affected by the rule not in their capacity as covered persons (i.e., as 
offerors or providers of consumer financial products or services) but 
in their separate capacity as covered financial institutions that offer 
commercial credit. The costs, benefits, and impact of the rule on those 
entities are discussed below.
2. Costs to Covered Financial Institutions
    Regarding the costs to covered financial institutions, the proposed 
rule generally establishes which financial institutions, transactions, 
and data points would be covered under section 1071. In order to 
precisely quantify the costs to covered financial institutions, the 
Bureau would need representative data on the operational costs that 
financial institutions would incur to gather and report 1071 data, one-
time costs for financial institutions to update or create reporting 
infrastructure in response to the proposed rule, and information on the 
level of complexity of financial institutions' business models and 
compliance systems. Currently, the Bureau does not believe that data on 
section 1071 reporting costs with this level of granularity are 
systematically available from any source. The Bureau has made 
reasonable efforts to gather data on section 1071 reporting costs. 
Through outreach efforts with industry, community groups, and other 
regulatory agencies, the Bureau has obtained some information about 
potential ongoing operational and one-time compliance costs, and the 
discussion below uses this information to quantify certain costs of the 
proposed rule. The Bureau believes that the discussion constitutes the 
most comprehensive assessment to date of the potential costs of section 
1071 reporting by financial institutions. However, the Bureau 
recognizes that these estimations may not fully quantify the costs to 
covered financial institutions, especially given the wide variation of 
section 1071 reporting costs among financial institutions. The Bureau 
continues to seek data from available sources in order to better 
quantify the costs to covered financial institutions.
    The Bureau categorizes costs required to comply with the proposed 
rule into ``one-time'' and ``ongoing'' costs. ``One-time'' costs refer 
to expenses that the financial institution would incur initially and 
only once to implement changes required in order to comply with the 
requirements of the new rule. ``Ongoing'' costs are expenses incurred 
as a result of the ongoing reporting requirements of the rule, accrued 
on an annual basis. In considering the costs and impacts of the 
proposed rule, the Bureau has engaged in a series of efforts to 
estimate the cost of compliance by covered entities. The Bureau 
conducted a One-Time Cost Survey, discussed in more detail in part 
VII.E.1 below, to learn about the one-time implementation costs 
associated with implementing section 1071 and adapted ongoing cost 
calculations from previous rulemaking efforts. The Bureau evaluated the 
potential one-time costs of implementing the procedures necessary and 
the potential ongoing costs of annually reporting under the proposed 
rule in part VII.F.3 below. The discussion below provides details on 
the Bureau's approach in performing these institution-level analyses. 
The Bureau realizes that costs vary by institution due to many factors, 
such as size, operational structure, and product complexity, and that 
this variance exists on a continuum that is impossible to fully 
represent. In order to conduct a cost consideration that is both 
practical and meaningful, the Bureau has chosen an approach that 
focuses on three

[[Page 56543]]

representative types of financial institutions. For each type, the 
Bureau has produced reasonable estimates of the costs of compliance 
given the limitations of the available data. Part VII.F.3 below 
provides additional details on this approach. More elaboration is 
available in the SBREFA Outline and the SBREFA Panel Report.
3. Costs to Small Businesses
    The Bureau has estimated the costs to small businesses in addition 
to those for covered financial institutions. The Bureau expects the 
direct costs of the proposed rule to small businesses will be 
negligible, especially compared to the overall cost of credit. 
Therefore, the Bureau focuses its analysis on whether and how the 
Bureau expects financial institutions to pass on the costs of 
compliance with the proposed rule to small businesses and any possible 
effects on the availability of small business credit. According to 
economic theory, in a competitive framework where financial 
institutions are profit maximizers, the affected financial institutions 
would pass on to small business applicants the marginal (i.e., 
variable) cost per application or origination, and either absorb the 
one-time and increased fixed costs of complying with the rule or exit 
the market if the one-time and fixed costs are sufficiently high. As 
discussed below, the Bureau estimates that these costs would be 
relatively low. Further, the Bureau received feedback through the One-
Time Cost Survey process on how creditors might react to increased 
compliance costs due to the proposed rule. The results generally 
suggest that covered financial institutions will generally pass the 
increased cost of compliance on to small businesses and would not exit 
the market. The Bureau received similar feedback during the SBREFA 
process.
4. Benefits to Small Businesses and Covered Financial Institutions
    Quantifying benefits to small businesses presents substantial 
challenges. As discussed above, Congress enacted section 1071 for the 
purpose of facilitating enforcement of fair lending laws and enabling 
communities, governmental entities, and creditors to identify business 
and community development needs and opportunities of women-owned, 
minority-owned, and small businesses. The Bureau is unable to readily 
quantify any of these benefits with precision, both because the Bureau 
does not have the data to quantify all benefits and because the Bureau 
is not able to assess completely how effective the implementation of 
section 1071 will be in achieving those benefits. The Bureau believes 
that its proposals appropriately implement the statutory mandate of 
section 1071 to effectuate the section's stated purposes. As discussed 
further below, as a data reporting rule, most provisions of the 
proposal would benefit small businesses in indirect ways. Nevertheless, 
the Bureau believes that the impact of enhanced transparency would 
substantially benefit small businesses. For example, the proposed rule 
would facilitate the detection (and thus remediation) of 
discrimination; promote public and private investment in certain under-
served markets; and promote competitive markets. Quantifying and 
monetizing these benefits would require identifying all possible uses 
of section 1071 data, establishing causal links to the resulting public 
benefits, and then quantifying the magnitude of these benefits. The 
Bureau seeks comment on whether there are additional data sources 
available regarding the benefits to small businesses of the proposed 
rule. The Bureau is particularly interested in the quantifiable impact 
of increased transparency on financial institution behavior, and the 
need for public and private investment. The Bureau is unaware of data 
that would enable reliable quantitative estimates of all of these 
effects.
    Similar issues arise in attempting to quantify the benefits to 
covered financial institutions. Certain benefits to covered financial 
institutions are difficult to quantify. For example, the Bureau 
believes that the section 1071 data will reduce the compliance burden 
of fair lending reviews for lower risk financial institutions by 
reducing the ``false positive'' rates during fair lending 
prioritization by regulators. The Bureau also believes that data made 
public pursuant to the proposed rule will allow financial institutions 
to better understand the demand for small business credit products and 
the conditions under which they are being supplied by other covered 
financial institutions. The Bureau believes that such benefits to 
financial institutions could be substantial. Nevertheless, quantifying 
them would require data that are currently unavailable.
    In light of these data limitations, the discussion below generally 
provides a qualitative consideration of the benefits and impacts of the 
proposed rule. General economic principles, together with the limited 
data available, provide insight into these benefits and impacts. Where 
possible, the Bureau makes quantitative estimates based on these 
principles and the data that are available. The Bureau seeks comment on 
the appropriateness of the approach described above, including 
additional data relevant to the benefits to small businesses and 
covered financial institutions.

D. Coverage of the Proposed Rule

    The proposed rule provides that financial institutions (both 
depository and nondepository) that meet all the other criteria for a 
``financial institution'' in proposed Sec.  1002.105(a) would only be 
required to collect and report section 1071 data if they originated at 
least 25 covered credit transactions in each of the two preceding 
calendar years. See proposed Sec.  1002.105(b).
    As discussed above, market-wide data on small business lending are 
currently limited. The Bureau is unaware of any comprehensive data 
available on originations for all financial institutions, which would 
be needed in order to precisely identify all institutions covered by 
the rule. To estimate coverage of the proposed rule, the Bureau uses 
publicly available data for two groups of financial institutions: 
Depository and nondepository institutions.
    To estimate coverage of depository institutions, the Bureau relies 
on NCUA Call Reports to estimate coverage for credit unions, including 
for those that are not federally insured, and FFIEC Call Reports and 
the CRA data to estimate coverage for banks and savings associations. 
For the purposes of the analysis in this part VII, the Bureau estimates 
the number of depository institutions that would have been required to 
report in 2019, based on the estimated number of originations of 
covered products for each institution in 2017 and 2018.\871\ The Bureau 
accounts for mergers and acquisitions between 2017 and 2019 by assuming 
that any depository institutions that merged in those years report as 
one institution.
---------------------------------------------------------------------------

    \871\ The Bureau uses 2019 instead of 2020 to estimate coverage 
during a year unaffected by pandemic conditions.
---------------------------------------------------------------------------

    As discussed above, the NCUA Call Report captures data on all loans 
over $50,000 to members for commercial purposes, regardless of any 
indicator about the business's size and including number and dollar 
value of originations. For the purposes of estimating the impacts of 
the proposed rule, the Bureau uses the annual number of originated 
commercial loans to members reported by credit unions as a proxy for 
the annual number of originated covered credit transactions under the

[[Page 56544]]

proposed rule.\872\ These are the best data available for estimating 
the number of credit unions that may be covered by the proposed rule. 
However, the Bureau acknowledges that the true number of covered credit 
unions may be different than what is presented here. For example, this 
proxy may overestimate the number of credit unions that would be 
covered if some commercial loans to members are not covered because the 
member is taking out a loan for a large business. Alternatively, this 
proxy may underestimate the number of credit unions that would be 
covered by the proposed rule if credit unions originate a substantial 
number of covered credit transactions with origination values under 
$50,000.
---------------------------------------------------------------------------

    \872\ For this analysis, the Bureau includes all types of 
commercial loans to members except construction and development 
loans. This includes loans secured by multifamily residential 
property; loans secured by farmland; loans secured by owner-
occupied, non-farm, non-residential property; loans secured by non-
owner occupied, non-farm, non-residential property; loans to finance 
agricultural production and other loans to farmers; commercial and 
industrial loans; unsecured commercial loans; and unsecured 
revolving lines of credit for commercial purposes.
---------------------------------------------------------------------------

    As discussed above, the FFIEC Call Report captures banks' and 
savings associations' outstanding number and amount of small loans to 
businesses (i.e., loans originated under $1 million to businesses of 
any size; small loans to farms are those originated under $500,000). 
The CRA requires banks and savings associations with assets over a 
specified threshold ($1.322 billion as of 2021) \873\ to report loans 
to businesses in original amounts of $1 million or less. For the 
purposes of estimating the impacts of the proposed rule, the Bureau 
follows the convention of using small loans to businesses as a proxy 
for loans to small businesses and small loans to farms as a proxy for 
loans to small farms.\874\ These are the best data available for 
estimating the number of banks and savings associations that may be 
covered by the proposed rule. However, the Bureau acknowledges that the 
true number of covered banks and savings associations may be different 
than what is presented here. For example, this proxy would overestimate 
the number of banks and savings associations covered by the rule if a 
significant number of small loans to businesses and farms are to 
businesses or farms that are considered large under the definition of a 
small business in the proposed rule. Alternatively, this proxy would 
underestimate the number of banks and savings associations covered by 
the rule if a significant number of businesses and farms that are small 
under the proposed rule take out loans that are larger than $1 million 
or $500,000, for businesses and farms, respectively.
---------------------------------------------------------------------------

    \873\ See Fed. Fin. Insts. Examination Council, Community 
Reinvestment Act, 2021 Reporting Criteria (Dec. 16, 2020), https://www.ffiec.gov/cra/reporter21.htm.
    \874\ The FFIEC Call Reports do not collect information on small 
loans to businesses made for the purposes of funding multifamily 
property. In order to account for these loans in the coverage 
estimates, for each bank or savings association, the Bureau adds the 
number of multifamily loans originated for business purposes with 
origination amounts under $1 million reported in the HMDA data to 
the estimated number of small business lending originations. While 
multifamily loans for business purposes have been reportable in HMDA 
data for some time, these loans have only been identifiable with 
data fields available since 2018. For simplicity, the Bureau assumes 
that a bank or savings association made the same number of 
multifamily loans for business purposes with origination amounts 
under $1 million in 2017 as it did in 2018.
---------------------------------------------------------------------------

    Although banks and savings associations reporting under the CRA are 
required to report the number of originations of small loans to 
businesses and farms, the Bureau is not aware of any comprehensive 
dataset that contains originations made by banks and savings 
associations below the CRA reporting threshold. To fill this gap, the 
Bureau simulated plausible values for the annual number and dollar 
value of originations for each bank and savings association that falls 
below the CRA reporting threshold for 2017, 2018, and 2019.\875\ The 
Bureau generated simulated originations in order to account for the 
uncertainty around the exact number and value of originations for these 
banks and saving associations. To simulate these values, the Bureau 
assumes that these banks have the same relationship between outstanding 
and originated small loans to businesses and farms as banks and savings 
associations above the CRA reporting threshold. First, the Bureau 
estimated the relationship between originated and outstanding numbers 
and balances of small loans to businesses and farms for CRA reporters. 
Then the Bureau used this estimate, together with the outstanding 
numbers and balances of small loans to businesses and farms of non-CRA 
reporters, to simulate these plausible values of originations. The 
Bureau has documented this methodology in more detail in its 
Supplemental estimation methodology for institutional coverage and 
market-level cost estimates in the small business lending data 
collection notice of proposed rulemaking released concurrently with 
this proposal.\876\
---------------------------------------------------------------------------

    \875\ Based on FFIEC Call Report data as of December 2019, of 
the 5,177 banks and savings associations that existed in 2019, only 
about 11 percent were required to report under CRA. That is, only 
about 11 percent of banks and savings associations had assets below 
$1.284 billion, the CRA reporting threshold in 2019. See Fed. Fin. 
Insts. Examination Council, 2019 Reporting Criteria, https://www.ffiec.gov/cra/reporter19.htm (last visited Aug. 5, 2021).
    \876\ This document is available at https://www.consumerfinance.gov/data-research/research-reports/supplemental-estimation-methodologies-small-business-lending-data-collection-nprm/.
---------------------------------------------------------------------------

    Below, the Bureau reports a range of values for the estimated 
number of depository institutions covered under the proposed rule. The 
range represents a 95 percent confidence interval over the number of 
credit unions, banks and savings associations that would be covered 
under the proposed rule. The Bureau presents this range to reflect the 
uncertainty associated with the estimate and notes that the uncertainty 
is driven by the lack of data on originations by banks and savings 
associations below the CRA reporting threshold.
    The Bureau estimates that about 992 nondepository institutions will 
be covered by the proposed rule: About 340 nondepository CDFIs; about 
100 MCA providers; about 30 fintech companies; about 300 commercial 
finance companies; about 100 governmental lending entities; about 50 
nondepository mortgage providers; and 72 Farm Credit System 
members.\877\ See part II.D above for more detail on how the Bureau 
arrived at these estimates.
---------------------------------------------------------------------------

    \877\ The Bureau provides estimates for the majority of 
nondepository institutions but knows an exact number of members of 
the Farm Credit System.
---------------------------------------------------------------------------

    Based on 2019 data from FFIEC and NCUA Call Reports and the CRA 
data, using the methodology described above, the Bureau estimates that 
the number of depository institutions that would be required to report 
under the proposed rule would be between approximately 4,000 and 4,200. 
The Bureau estimates that between 3,600 and 3,800 banks and savings 
associations and about 400 credit unions would be required to report 
under the proposed rule.
    The Bureau has attempted to use the best available data and methods 
to estimate the number of financial institutions that would be covered 
by the proposed rule. The Bureau seeks comment on whether there are 
additional data sources that could provide better estimates of 
coverage. The Bureau also seeks comment on its Supplemental estimation 
methodology for institutional coverage and market-level cost estimates 
in the small business lending data collection notice of proposed 
rulemaking describing the methods used to estimate coverage.

[[Page 56545]]

E. Methodology for Generating Cost Estimates

    The Bureau used previous HMDA rulemaking estimates as the basis for 
its review of 1071 data collection and reporting tasks that would 
impose one-time and ongoing costs. In developing its ongoing cost 
methodology to estimate the impacts of its 2015 HMDA final rule, the 
Bureau used interviews with financial institutions to understand the 
processes of complying with a regulation that requires collecting and 
reporting credit application data and to generate estimates of how 
changes to the reporting requirements would impact the ongoing costs of 
collecting and reporting mortgage application data.\878\ To analyze the 
potential impacts of this proposed rule, the Bureau adapted its 
methodology from its HMDA rulemaking activities to the small business 
lending market.
---------------------------------------------------------------------------

    \878\ Home Mortgage Disclosure (Regulation C), 80 FR 66128, 
66269 (Oct. 28, 2015).
---------------------------------------------------------------------------

    The Bureau expects that the tasks required for data collection, 
checking for accuracy, and reporting under the proposed rule would be 
similar to those under HMDA. The similarities in data collection and 
reporting tasks allowed the Bureau to leverage its previous rulemaking 
experience in its analysis of the potential impacts of this proposed 
rule.
    However, there are significant differences between the home 
mortgage and small business lending market. For example, small business 
lending is generally less automated, and has a wider variety of 
products, smaller volumes, and smaller credit amounts. The Bureau used 
the SBREFA process, research using publicly available information, and 
the Bureau's general expertise regarding the small business lending 
market to determine how these differences would change the tasks 
required for data collection, checking for accuracy, and reporting.
    During the HMDA rulemaking process, the Bureau identified seven key 
aspects or dimensions of compliance costs with a data collection and 
reporting rule: (1) The reporting system used; (2) the degree of system 
integration; (3) the degree of system automation; (4) the tools for 
geocoding; (5) the tools for performing completeness checks; (6) the 
tools for performing edits; and (7) the compliance program. The Bureau 
assumes that financial institutions will set up their 1071 reporting in 
a manner similar to how HMDA reporting was implemented.\879\ The Bureau 
presented this list of key aspects or dimensions of compliance costs in 
its SBREFA Outline, but did not receive specific feedback or 
suggestions about these areas of compliance costs.
---------------------------------------------------------------------------

    \879\ For example, the Bureau assumes that financial 
institutions will integrate their small business data management 
system with their other data systems the same way that similar 
institutions integrated their HMDA management system.
---------------------------------------------------------------------------

    The Bureau found during the HMDA rulemaking process that, 
generally, the complexity of a financial institution's approach across 
dimensions was consistent--that is, a financial institution generally 
would not use less complex approaches on some dimensions and more 
complex approaches on others.\880\ This allowed the Bureau to classify 
financial institutions, including depository institutions and 
nondepository institutions, into three broad tiers according to the 
overall level of complexity of their compliance operations. Using very 
similar assumptions to HMDA, the Bureau's estimation of the costs of 
this proposed rule also assumed that complexity across dimensions of a 
financial institution's small business lending data collection and 
reporting system is consistent.
---------------------------------------------------------------------------

    \880\ 80 FR 66128, 66269 (Oct. 28, 2015).
---------------------------------------------------------------------------

    Table 3 below summarizes the typical approach to those seven key 
aspects or dimensions of compliance costs across three representative 
types of financial institutions based on level of complexity in 
compliance operations. Financial institutions that are Type A have the 
lowest level of complexity in compliance operations, while Type B and 
Type C have the middle and highest levels of complexity, respectively.

[[Page 56546]]

[GRAPHIC] [TIFF OMITTED] TP08OC21.002

    In previous HMDA rulemakings, the Bureau found that the number of 
loan applications received was largely correlated with overall 
complexity of financial institutions' compliance operations.\882\ The 
Bureau used this observation from HMDA, in addition to early outreach 
to financial institutions and data from Call Reports and publicly 
available data from the CDFI Fund, to generate assumptions about the 
number of annual small business lending applications processed by each 
FI type. The Bureau assumes that Type A FIs receive fewer than 300 
applications per year, Type B FIs receive between 300 and 2,000 
applications per year, and Type C FIs receive more than 2,000 
applications per year. The Bureau assumes that, for types A and B, one 
out of two small business applications will result in an origination. 
Thus, the Bureau assumes that Type A FIs originate fewer than 150 
products per year and Type B FIs originate between 150 and 1,000 
products per year. The Bureau assumes that Type C FIs originate one out 
of three applications and more than 1,000 per year.\883\
---------------------------------------------------------------------------

    \881\ The Bureau expects the development of a market for small 
business data management systems similar to HMDA management systems 
that financial institutions will license or purchase from third 
parties.
    \882\ 80 FR 66128, 66270 (Oct. 28, 2015).
    \883\ The Bureau chose the 1:2 and 1:3 application to 
origination ratios based on two sources of information. First see 
Biz2Credit, Small Business Loan Approval Rates Rebounded in May 
2020: Biz2Credit Small Business Lending Index (May 2020), https://cdn.biz2credit.com/appfiles/biz2credit/pdf/report-may-2020.pdf, 
which shows that, in December of 2019, large banks approved small 
business loans at a rate of 27.5 percent, while small banks and 
credit unions had approval rates of 49.9 percent and 40.1 percent. 
Additionally, and supported by the Bureau's data from supervisory 
exams, the Bureau chose a 33 percent approval rate as a conservative 
measure among these estimates for complex financial institutions 
(Type C FIs).
---------------------------------------------------------------------------

    The Bureau understands that costs vary by financial institution due 
to many factors, such as size, operational structure, and product 
complexity. Due to data limitations, the Bureau is unable to capture 
many of the ways in which costs vary by institution, and therefore uses 
these representative financial institutions with the above assumptions 
for its analysis. In order to aggregate costs to a market level, the 
Bureau must map financial institutions onto its types using discrete 
volume categories.
    For the ongoing costs discussion in part VII.F.3.ii below, the 
Bureau discusses costs in the context of representative institutions 
for ease of

[[Page 56547]]

exposition. The Bureau assumes that a representative Type A FI receives 
100 small business credit applications per year, a representative Type 
B FI receives 400 applications per year, and a representative Type C FI 
receives 6,000 applications per year. The Bureau further assumes that a 
representative Type A FI originates 50 covered credit transactions per 
year, a representative Type B FI originates 200 covered credit 
transactions per year, and a representative Type C FI originates 3,000 
covered credit transactions per year.
    The Bureau presented an earlier version of this cost calculation 
methodology in the SBREFA Outline and during the SBREFA process.\884\ 
In general, SERs provided minimal feedback on the overall structure of 
the categorization of financial institutions and activities required to 
collect, check, and report data under the proposed rule.\885\ The 
Bureau has made two changes to its methodology in response to SER 
feedback. One SER stated that the methodology would benefit from an 
additional category of complexity between Types B and C. To address 
this issue, while the Bureau did not add an additional category of 
complexity, it has increased the number of applications assumed for 
Type A FIs and Type B FIs so that these institutions cover more of the 
small business credit market. The Bureau has adjusted the categories of 
applications for Type A FIs and Type B FIs to 100 and 400 (from 75 and 
300, respectively). Several SERs also suggested that the ratio of 
applications per originated loans used in the SBREFA Outline was too 
high. The Bureau has accordingly updated its assumptions to assume two 
applications per origination (instead of its original three-to-one 
ratio) for Type A FIs and Type B FIs.
---------------------------------------------------------------------------

    \884\ SBREFA Outline at 52-56.
    \885\ The SER feedback discussed in this section-by-section 
analysis can be found in the SBREFA Panel Report at 37-38.
---------------------------------------------------------------------------

    The Bureau seeks comment on its methodologies, as described in this 
part VII.E (including parts VII.E.1, VII.E.2, and VII.E.3 below), for 
estimating one-time costs of implementation, estimating ongoing costs 
of implementation, and generating market-level estimates of one-time 
and ongoing costs.
1. Methodology for Estimating One-Time Costs of Implementation of the 
Proposed Rule
    The Bureau has identified the following eight categories of one-
time costs that would likely be incurred by financial institutions to 
develop the infrastructure to collect and report data under the 
proposed rule:

1. Preparation/planning
2. Updating computer systems
3. Testing/validating systems
4. Developing forms/applications
5. Training staff and third parties (such as dealers and brokers)
6. Developing policies/procedures
7. Legal/compliance review
8. Post-implementation review of compliance policies and procedures

    Conversations with financial institutions have informed the 
Bureau's understanding of one-time costs. Financial institutions will 
likely have to spend time and resources understanding the regulation, 
developing the required policies and procedures for their employees to 
follow, and engaging a legal team to review their draft policies and 
procedures. Additionally, financial institutions may require new 
equipment, such as new computer systems that can store and check the 
required data points; new or revised application forms or related 
materials to collect any data that would be required under the proposed 
rule that they do not currently collect, including minority-owned and 
women-owned business status and the ethnicity, race, and sex of 
applicants' principal owners, and to provide any related disclosures 
required by the rule. Some financial institutions mentioned that they 
may store, check, and report data using third-party providers such as 
Fiserv, Jack Henry, LaserPro, or Fidelity Information Systems (FIS), 
while others may use more manual methods of data storage, checking, and 
reporting using software applications such as Microsoft Excel. 
Financial institutions would also engage in a one-time training of all 
small business lending staff to ensure that employees understand the 
new policies and procedures. After all new policies and procedures have 
been implemented and systems/equipment deployed, financial institutions 
will likely undertake a final internal review to ensure that all the 
requirements of the section 1071 regulation have been satisfied.
    The Bureau presented the one-time cost categories in the SBREFA 
Outline and during the SBREFA process.\886\ The SERs generally 
confirmed that the eight categories listed above accurately capture the 
components of one-time costs.
---------------------------------------------------------------------------

    \886\ SBREFA Outline at 49-52.
---------------------------------------------------------------------------

    The Bureau conducted a survey regarding one-time implementation 
costs for section 1071 compliance targeted at FIs who extend small 
business credit.\887\ The Bureau developed the survey instrument based 
on guidance from industry on the potential types of one-time costs 
institutions might incur if required to report under a 1071 rule and 
tested the survey instrument on a small set of FIs, incorporating their 
feedback prior to implementation. Estimates from survey respondents 
form the basis of the Bureau's estimates for one-time costs in 
assessing the potential impact of this proposed rule. The survey was 
broadly designed to ask about the one-time costs of reporting data 
under a regime that only includes mandatory data points, uses a 
reporting structure similar to HMDA, uses the Regulation B definition 
of an ``application,'' and uses the respondent's own internal small 
business definition. The survey was divided into three sections: 
Respondent Information, One-Time Costs, and the Cost of Credit to Small 
Entities.
---------------------------------------------------------------------------

    \887\ The One-Time Cost Survey was released on July 22, 2020; 
the response period closed on October 16, 2020. The OMB control 
number for this collection is 3170-0032.
---------------------------------------------------------------------------

    In the Respondent Information section, the Bureau obtained basic 
information about the respondent, including information on the type of 
institution, its size, and its volume of small business lending. (The 
Bureau did not, however, obtain the actual name or other directly 
identifying information about respondents.) The One-Time Costs section 
of the survey measured the total hours, staff costs, and non-salary 
expenses associated with the different tasks comprising one-time costs. 
Using the reported costs of each task, the Bureau estimated the total 
one-time cost for each respondent. The Cost of Credit to Small Entities 
section dealt with the respondent's anticipated response to the 
increased compliance costs of being covered by the rule in order to 
understand the impacts of the regulation on its small business lending 
activity, including any anticipated potential changes to underwriting 
standards, volume, prices, product mix, or market participation.
    The Bureau worked with several major industry trade associations to 
recruit their members to respond to the survey. A total of 105 
financial institutions responded to the survey.
    To estimate one-time costs, the Bureau needed information on a 
financial institution's one-time costs by category and number of 
originations. Of the 105 total respondents, 49 answered these 
questions. The Bureau will henceforth refer to these respondents as the 
``cost estimation sample.'' Of these respondents, 42 (86 percent) self-

[[Page 56548]]

reported that they were a depository institution (bank or credit 
union). The remaining seven (14 percent) were nondepository 
institutions. Table 4 presents the self-reported asset size of the 42 
depository institution respondents in the cost estimation sample.\888\
---------------------------------------------------------------------------

    \888\ Nondepository institutions also reported assets. The 
Bureau separately reports asset category for depository institutions 
because asset sizes are not as comparable between depositories and 
nondepositories. The Bureau does not report asset sizes for 
nondepository respondents because there were too few respondents to 
report separately without risking re-identification of respondents.
[GRAPHIC] [TIFF OMITTED] TP08OC21.003

    For the purposes of estimating one-time costs, the Bureau 
distinguishes between depository institutions and nondepository 
institutions. The majority of nondepository institutions are not 
currently subject to any data reporting requirements, with the notable 
exception of nondepository CDFIs. The Bureau anticipates that covered 
financial institutions that are not currently subject to data reporting 
requirements will need to make more changes to their existing business 
operations in order to comply with the requirements of the new rule. 
This expectation is confirmed by the higher estimated one-time costs 
for nondepository institutions relative to depository institutions 
discussed in part VII.F.3.i.
    The Bureau categorizes depository institution respondents in the 
cost estimation sample into four groups according to the respondents' 
self-reported total originations. The first group contains the two 
depository institutions that reported fewer than 25 originations; the 
Bureau assumes these institutions would not report under the proposed 
rule. The second group contains ten depository institutions that 
reported between 25 and 149 originations. The Bureau categorizes these 
as Type A DIs (that is, a DI that is Type A as defined above.) The 
third group contains the 19 depository institutions that reported 
between 150 and 999 originations. The Bureau categorizes these as Type 
B DIs. The final group contains the 11 depository institutions that 
reported 1,000 or more originations. The Bureau categorizes these as 
Type C DIs.
    There are not enough nondepository institutions in the cost 
estimation sample to separate nondepository institutions into Types A, 
B, and C and obtain meaningful estimates. Instead, the Bureau is 
relying on the assumption that nondepository institutions (referred to 
as Non-DIs for purposes of this analysis) will incur the same one-time 
costs regardless of complexity.
    The Bureau estimated the one-time costs for each of the four 
categories of financial institutions (Type A DI, Type B DI, Type C DI, 
and Non-DI) using the following methodology.
    For each of the eight categories of one-time costs, the Bureau 
asked financial institutions to estimate and report the total number of 
hours that junior, mid-level, and senior staff would spend on each 
task, along with any additional non-salary expenses. If a respondent 
did not provide estimates for any component (i.e., staff hours or non-
salary expenses) of any category, it is not counted as part of the cost 
estimation sample. If a respondent provided estimates for some 
components but did not provide an estimate for a particular component 
(e.g., non-salary expenses for preparation/planning) then the Bureau 
assumed that the respondent estimated zero for that component.
    The Bureau asked survey respondents to report the average hourly 
wage for junior, mid-level, and senior/executive staff involved in the 
one-time cost categories. However, for the purposes of estimating one-
time costs, the Bureau assumed a constant wage across financial 
institutions for each level of staff. For junior staff, the Bureau used 
$16.18, the 10th percentile hourly wage estimate for ``loan officers'' 
according to the 2020 Occupational Employment Statistics compiled by 
the Bureau of Labor Statistics.\889\ For mid-level staff, the Bureau 
used $36.99, the mean hourly wage estimate for ``loan officers.'' For 
senior staff, the Bureau used $64.35, the 90th percentile hourly wage 
estimate for ``loan officers.'' To account for non-monetary 
compensation, the Bureau also scaled these hourly wages up by 43 
percent.\890\ The Bureau assumed a total hourly compensation of $23.14 
for junior staff, as compared to $28.76, the mean of the junior wages

[[Page 56549]]

reported by respondents. The Bureau assumed a total hourly compensation 
of $52.90 for mid-level staff, as compared to $48.94, the mean of the 
mid-level wages reported by respondents. The Bureau assumed a total 
hourly compensation of $92.02, as compared to $90.19, the mean of the 
senior/executive wages reported by respondents.
---------------------------------------------------------------------------

    \889\ See Bureau of Labor Statistics, U.S. Dep't of Labor, 
Occupational Employment and Wage Statistics (May 2020), https://www.bls.gov/oes/current/oes132072.htm.
    \890\ The March 2020 Employer Costs for Employee Compensation 
from the Bureau of Labor Statistics documents that wages and 
salaries are, on average, 70 percent of employee compensation for 
private industry workers. The Bureau inflates the hourly wage to 
account for 100 percent of employee compensation ((100/70) - 1) * 
100 = 43 percent). See Bureau of Labor Statistics, U.S. Dep't of 
Labor, Employer Costs for Employee Compensation (Mar. 2020), https://www.bls.gov/news.release/archives/ecec_06182020.pdf.
---------------------------------------------------------------------------

    For each respondent in the cost estimation sample, the Bureau 
calculated the cost of each one-time cost category as the sum of the 
junior wage multiplied by the reported junior hours, the mid-level wage 
multiplied by the reported mid-level hours, and the senior wage 
multiplied by the reported senior hours and the reported non-salary 
expenses. The total cost for the respondent was the sum of the costs 
across all eight categories.
    After calculating the total costs for each respondent, the Bureau 
identified outliers within the four groups of financial institutions 
(Type A DI, Type B DI, Type C DI, and Non-DI) using the interquartile 
range method, a standard outlier identification method. For each group 
of financial institutions, an observation is considered an outlier if 
the estimated total cost is greater than 1.5*(P75-
P25) + P75 or less than P25-
1.5*(P75-P25) where P75 and 
P25 are the 75th and 25th percentiles, respectively, of 
total costs within that group. Using this method, the Bureau identified 
one outlier in each Type A DI, Type B DI, and Type C DI group and no 
outliers in the Non-DI group.
    In addition to the total estimated one-time costs, the Bureau is 
interested in the hours, non-salary expenses, and total costs 
associated with each of the different one-time cost categories. For 
each group, the Bureau estimated each component of one-time costs by 
taking the mean of the estimated component within the group, after 
excluding outliers. For example, the estimated number of junior hours 
required by DIs of Type A to update computer systems is the mean number 
of junior hours reported by the nine DIs of Type A that were in the 
cost estimation sample, excluding one outlier. The Bureau estimated the 
cost associated with each category as the sum of the junior wage 
multiplied by the estimated junior hours, the mid-level wage multiplied 
by the estimated mid-level hours, and the senior wage multiplied by the 
estimated senior hours, and the estimated non-salary expenses.
2. Methodology for Estimating Ongoing Costs of Implementation of the 
Proposed Rule
    The Bureau identified 15 specific data collection and reporting 
activities that would impose ongoing costs. Table 5 presents the full 
list of 15 activities. Activities 1 through 3 can broadly be described 
as data collection activities: These tasks are required to intake data 
and transfer it to the financial institution's small business data 
entry system. Activities 4 through 10 are related to reporting and 
resubmission: These tasks are required to collect required data, 
conduct internal checks, and report data consistent with the proposed 
rule. Activities 11 through 13 are related to compliance and internal 
audits: Employee training, and internal and external auditing 
procedures required to ensure data consistency and reporting in 
compliance with the rule. Finally, activities 14 and 15 are related to 
1071 examinations by regulators: These tasks will be undertaken to 
prepare for and assist during regulatory compliance examinations.
BILLING CODE 4810-25-P
[GRAPHIC] [TIFF OMITTED] TP08OC21.004


[[Page 56550]]


    Table 6 provides an example of how the Bureau calculated ongoing 
compliance costs associated with each compliance task. The table shows 
the calculation for each activity and notes whether the task would be a 
``variable cost,'' which would depend on the number of applications the 
institution receives, or a ``fixed cost'' that does not depend on the 
number of applications. Table 6 shows these calculations for a Type A 
FI, or the institution with the least amount of complexity. Table 7 
below summarizes the activities whose calculation differs by 
institution complexity and shows the calculations for Type B FIs and 
Type C FIs (where they differ from those for a Type A FI).\891\
---------------------------------------------------------------------------

    \891\ In this table, the term ``variable'' means the complance 
cost depends on the number of applications. The term ``fixed'' means 
the compliance cost does not depend on the number of applications 
(even if there are other factors upon which it may vary).
[GRAPHIC] [TIFF OMITTED] TP08OC21.005

BILLING CODE 4810-25-C

[[Page 56551]]

    Many of the activities in Table 6 require time spent by loan 
officers and other financial institution employees. To account for time 
costs, the calculation used the hourly compensation of a loan officer 
multiplied by the amount of time required for the activity. The Bureau 
used a mean hourly wage of $36.99 for loan officers, based on data from 
the Bureau of Labor Statistics.\892\ To account for non-monetary 
compensation, the Bureau scaled this hourly wage by 43 percent to 
arrive at a total hourly compensation of $52.90 for use in these 
calculations.\893\ The Bureau used assumptions from its 2015 HMDA final 
rule analysis, updated to reflect differences between mortgage lending 
and small business lending, to estimate time spent on ``ongoing 
tasks.'' \894\ As an example of a time calculation, the Bureau 
estimated that transcribing the required data points would require 
approximately 11 minutes per application for a Type A FI. The 
calculation multiplied the number of minutes by the number of 
applications and the hourly compensation to arrive at the total cost, 
on an annual basis, of transcribing data. As another example, the 
Bureau estimated that ongoing training for loan officers to comply with 
a financial institution's 1071 policies and procedures would take about 
two hours per loan officer per year. The cost calculation multiplies 
the number of hours by the number of loan officers and by the hourly 
compensation.
---------------------------------------------------------------------------

    \892\ These data reflect the mean hourly wage for ``loan 
officers'' according to the 2020 Occupational Employment Statistics 
compiled by the Bureau of Labor Statistics. See Bureau of Labor 
Statistics, U.S. Dep't of Labor, Occupational Employment and Wages 
(May 2020), https://www.bls.gov/oes/current/oes132072.htm.
    \893\ The March 2020 Employer Costs for Employee Compensation 
from the Bureau of Labor Statistics documents that wages and 
salaries are, on average, 70 percent of employee compensation for 
private industry workers. The Bureau inflates the hourly wage to 
account for 100 percent of employee compensation ((100/70) - 1) * 
100 = 43 percent). Bureau of Labor Statistics, U.S. Dep't of Labor, 
Employer Costs for Employee Compensation (Mar. 2020), https://www.bls.gov/news.release/archives/ecec_06182020.pdf.
    \894\ Home Mortgage Disclosure Act (Regulation C), 80 FR 66128 
(Oct. 28, 2015).
    Some differences, for example, are reflected in the number of 
applications, the number of data points per application, and the 
number of loan officers for the representative institutions.
---------------------------------------------------------------------------

    To arrive at the amount of time required per application for each 
of the 15 tasks covered financial institutions would conduct to 
collect, check, and report 1071 data, the Bureau began with the 
assumptions made for each task for the 35 data points under the 2015 
HMDA final rule and then adjusted these required times relative to the 
number of data points required under the proposed 1071 rule. The 
proposed rule would require covered financial institutions to collect 
21 data points for each covered application. Several of these data 
points have multiple components. For example, the credit type data 
point has three subcomponents of product type, the type of guarantee, 
and the term. The data points for pricing information and the 
ethnicity, race, and sex of principal owners also have multiple 
subcomponents.
    Some activity costs in Table 6 depend on the number of 
applications. It is important to differentiate between these variable 
costs and fixed costs because the type of cost impacts whether and to 
what extent covered institutions might be expected to pass on their 
costs to small business loan applicants in the form of higher interest 
rates or fees (discussed in more detail in part VII.F.4 below). Data 
collection, reporting, and submission activities such as geocoding 
data, standard annual edits and internal checks, researching questions, 
and resolving question responses are variable costs. All other 
activities are fixed cost because they do not depend on the overall 
number of applications being processed. An example of a fixed cost 
calculation is exam preparation, where the hourly compensation is 
multiplied by the number of total hours required by loan officers to 
prepare for 1071-related compliance examinations.
    Table 7 shows where and how the Bureau assumed Type B FIs and Type 
C FIs differ from Type A FIs in its ongoing cost methodology. Type B 
FIs and Type C FIs use more automated procedures, which result in 
different cost calculations. For example, for Type B FIs and Type C 
FIs, transferring data to the data entry system and geocoding 
applications are done automatically by business application data 
management software licensed annually by the financial institution. The 
relevant address is submitted for geocoding via batch processing, 
rather than done manually for each application. The additional ongoing 
geocoding costs reflect the time spent by loan officers on ``problem'' 
applications--that is, a percentage of overall applications that the 
geocoding software misses--rather than time spent on all applications. 
However, Type B FIs and Type C FIs have the additional ongoing cost of 
a subscription to a geocoding software or service as well as a data 
management software that represents an annual fixed cost of reporting 
1071 application data. This is an additional ongoing cost that less 
complex Type A FIs will not incur. The Bureau expects that Type A FIs 
will use free geocoding software available from the FFIEC or the 
Bureau, which may include a new batch function that could be developed 
by either the FFIEC or the Bureau.
    Additionally, audit procedures differ between the three 
representative institution types. The Bureau expects a Type A FI would 
not conduct an internal audit but would pay for an annual external 
audit. A Type B FI would be expected to conduct a simple internal audit 
for data checks and also pay for an external audit on an annual basis. 
Type C FIs would have a sophisticated internal audit process in lieu of 
an external audit.
BILLING CODE 4810-25-P

[[Page 56552]]

[GRAPHIC] [TIFF OMITTED] TP08OC21.006

    Table 8 below shows major assumptions that the Bureau made for each 
activity for each type of financial institution. Table 8 provides the 
total number of hours the Bureau assumes are required for each task 
that requires labor. For example, the Bureau assumes that transcribing 
data for 100 applications will require 18 hours of labor. The table 
also shows the assumed fixed cost of software and audits, as well as 
areas where the Bureau assumes there will be cost savings due to 
technology. In several cases, the activity does not apply to financial 
institutions of a certain type, and are therefore not displayed.

[[Page 56553]]

[GRAPHIC] [TIFF OMITTED] TP08OC21.007

BILLING CODE 4810-25-C
3. Methodology for Generating Market-Level Estimates of One-Time and 
Ongoing Costs
    To generate market-level cost estimates, the Bureau relied on the 
estimates of the volume of small business lending originations 
described in part VII.D above. As with institutional coverage, the 
Bureau separates market-level cost estimates into estimates for 
depository institutions and for nondepository institutions.
    For depository institutions, the Bureau estimated which 
institutions of those that existed at the end of 2019 would likely be 
covered or not covered by the proposed rule. An institution

[[Page 56554]]

would be required to report data on applications received in 2019 if it 
originated at least 25 covered originations in each of the preceding 
two years (i.e., 2017 and 2018). If two depository institutions merged 
between the end of 2017 and the end of 2019, the Bureau assumes that 
those institutions would report as one entity. The Bureau then 
categorized each institution as a Type A DI, Type B DI, or Type C DI 
based on its originations in 2019. Depository institutions with 0 to 
149 covered originations in 2019 are categorized as Type A. Depository 
institutions with 150 to 999 covered originations are categorized as 
Type B. Depository institutions with 1,000 or more covered originations 
are categorized as Type C. For each depository institution, the Bureau 
assigns the appropriate estimated one-time cost, ongoing fixed cost, 
ongoing variable cost per application, and applications per origination 
estimates associated with its institution type. The estimated number of 
annual applications for each institution is the estimated number of 
originations multiplied by the number of applications per origination 
for that institution type. The annual ongoing cost for each institution 
is the ongoing fixed cost plus the ongoing variable cost per 
application multiplied by the estimated number of applications.
    To generate market-level estimates, the Bureau first calculates the 
estimated one-time and annual ongoing costs for each depository 
institution covered by the proposed rule based on the estimated number 
of originations for that institution in 2019. The Bureau then sums over 
the covered depository institutions to find market-level statistics of 
total costs. As with coverage estimates, the Bureau presents a range of 
estimates for market-level statistics. The range reflects the 
uncertainty associated with the estimate of costs for banks and savings 
associations below the CRA reporting threshold. The Bureau has 
documented how it calculated these ranges in its Supplemental 
estimation methodology for institutional coverage and market-level cost 
estimates in the small business lending data collection notice of 
proposed rulemaking.\895\
---------------------------------------------------------------------------

    \895\ See https://www.consumerfinance.gov/data-research/research-reports/supplemental-estimation-methodologies-small-business-lending-data-collection-nprm/.
---------------------------------------------------------------------------

    The Bureau is unaware of institution-level data on originations by 
nondepository institutions that are comprehensive enough to estimate 
costs using the same method as that for depository institutions. 
Therefore, to generate market-level estimates for nondepository 
institutions, the Bureau relies on the estimates discussed above and 
several key assumptions. The Bureau assumes that fintech lenders and 
MCAs are Type C FIs because they generally have more automated systems 
and originate more products. The Bureau assumes that the remaining 
nondepository institutions are Type B FIs. The Bureau assumes that each 
nondepository receives the same number of applications as the 
representative institution for each type, as described above. Hence, 
the Bureau assumes that fintech lenders and MCAs each receive 6,000 
applications per year and all other nondepository institutions receive 
400 applications per year. As explained above, the Bureau also assumes 
that all nondepository institutions have the same one-time costs.

F. Potential Benefits and Costs to Covered Financial Institutions and 
Small Businesses

1. Benefits to Small Businesses
    The proposed rule could benefit small businesses by collecting data 
that further the two statutory purposes of section 1071. Those purposes 
are to facilitate the enforcement of fair lending laws and enable 
communities, governmental entities, and creditors to identify business 
and community development needs and opportunities of women-owned, 
minority-owned, and small businesses. Some of the benefits to small 
businesses discussed below stem from the public release of the data 
collected under the proposed rule. As discussed in more detail in part 
VI, the Bureau is proposing to exercise its discretion under ECOA 
section 704B(e)(4) to delete or modify data collected under section 
1071 which are or will be available to the public where the Bureau 
determines that the deletion or modification of the data would advance 
a privacy interest. The below discussion considers the benefits of 
unmodified data released for public consumption, but the Bureau 
acknowledges that the benefits derived from public disclosure may be 
lower if modifications are made that reduce the utility of the public 
dataset.
    Data collected under the proposed rule would constitute the largest 
and most comprehensive data in the United States on credit availability 
for small businesses. These data would provide important insight into 
possible discriminatory lending patterns in the small business lending 
market. Regulators could use the data to gauge fair lending risks and 
prioritize examinations of lenders that have a higher likelihood of 
violating antidiscrimination statutes. This would lead to a more 
efficient use of government resources in enforcing fair lending 
provisions. Furthermore, the public nature of the dataset would allow 
for members of the public to review the public dataset for possible 
violations of antidiscrimination statutes. The increased ability to 
perform fair lending analyses would benefit women-owned and minority-
owned small businesses both directly, in the form of remediation when 
lenders ultimately are found to have violated fair lending laws, and 
indirectly, with increased access resulting from the scrutiny placed on 
financial institutions.
    Central to the fair lending benefit of the dataset is the proposed 
collection of the action taken data point. Existing datasets that 
collect transaction-level data only contain data on originated small 
business loans. Application-level data, combined with the collection of 
action taken data, could allow users to construct approval or denial 
rates, for example, for particular lenders. Such analyses could 
indicate whether, for example, women-owned or minority-owned small 
businesses are being denied credit at higher rates than other small 
businesses.
    The proposed rule would also include several data points on the 
pricing of covered credit transactions that are originated or approved 
but not accepted. Data users could examine, for example, whether women-
owned or minority-owned small businesses are charged higher interest 
rates, origination charges, or initial annual charges than similarly 
situated businesses that are not women- or minority-owned. The proposed 
rule would also require information on prepayment penalties, which is 
an area of increasing concern due to the potential for predatory 
lending practices.\896\ Users could examine whether women-owned or 
minority-owned small firms are more likely to have prepayment penalties 
on extended credit.
---------------------------------------------------------------------------

    \896\ Such concerns have led California, for example, to include 
prepayment policies as a required component of pricing disclosures 
in commercial financing (see Cal. S.B. 1235 (Sept. 30, 2018), 
https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=201720180SB1235).
---------------------------------------------------------------------------

    Several data points included in the proposed rule would contribute 
to more accurate fair lending analyses by allowing users to compare 
credit products with similar characteristics. For example, there are 
likely differences in approval rates and prices for covered credit 
transactions based on credit amount applied for and approved, all

[[Page 56555]]

three aspects of credit type (type of credit product, types of 
guarantees, and loan term), and credit purpose, since these factors 
influence the risk of extending credit. Many creditors also consider 
characteristics about the small business, such as industry, gross 
annual revenue, or time in business during their underwriting or 
pricing processes. Supply and demand for small business credit also 
varies over time and by location, so the inclusion of census tract, 
application date, and action taken date could lead to more accurate 
analyses. More accurate screening for fair lending risk would, for 
example, reduce the false positive rate observed during fair lending 
prioritization and increase the efficiency of fair lending reviews.
    Creditors would also likely use the data to understand small 
business lending market conditions more effectively and at a more 
granular level than is possible with existing data sources, such as 
Call Reports, data from public lending programs, or privately purchased 
data. Data collected under the proposed rule, combined with the 
institution's existing information on the small business lending 
market, could help creditors to identify potentially profitable 
opportunities to extend credit. For example, creditors could use the 
census tract information to find areas of high credit demand into which 
they could consider expanding. Small business owners would benefit from 
increased credit availability.
    Governmental entities will likely use the data to develop solutions 
that achieve policy objectives. For example, loan guarantees provided 
by the SBA's 7(a) and 504 programs are designed to increase the 
availability of business credit for businesses that otherwise have 
difficulty accessing credit. Governmental entities could use the 
comprehensive data on applications for covered credit transactions 
collected under the proposed rule to identify additional opportunities 
to create new--or tailor existing--programs to advance their small 
business lending policy objectives.
    The data collected under the proposed rule would be the most 
extensive data on credit access for women-owned and minority-owned 
small businesses, and such information will help various data users in 
understanding the needs and opportunities of women-owned and minority-
owned small businesses. For example, governmental entities often create 
programs that specifically target women-owned and minority-owned 
businesses, such as those that reserve government contracts, those that 
provide grants, or those specifically targeted at women-owned and 
minority-owned small firms. Governmental entities could use data 
collected under the proposed rule to alter existing programs or create 
new ones to meet the needs of these business owners. Private lenders 
could also use the data to find untapped markets of credit demand from 
women-owned and minority-owned small businesses.
    As one of the premier data sources on the small business credit 
market, data collected under the proposed rule would also facilitate 
rigorous academic research. HMDA data, which are similar in many ways 
to the data that will be collected under the proposed rule, have been 
analyzed in many scholarly publications. The data collected under 
section 1071 will provide academics and other researchers a clearer 
window into potential discrimination in the small business credit 
market, as well as a better understanding of small business credit 
market trends and dynamics. Like in the case of HMDA, data collected 
under the proposed rule will be more broadly used to understand how 
business owners make borrowing decisions, respond to higher prices, and 
respond to risk.\897\
---------------------------------------------------------------------------

    \897\ For examples of how HMDA data has facilitated research on 
the mortgage market, see, e.g., Bureau of Consumer Fin. Prot., Data 
Point: Asian American and Pacific Islanders in the Mortgage Market 
(July 2021), https://files.consumerfinance.gov/f/documents/cfpb_aapi-mortgage-market_report_2021-07.pdf; Bureau of Consumer 
Fin. Prot., Manufactured Housing Finance: New Insights from the Home 
Mortgage Disclosure Act Data (May 2021), https://files.consumerfinance.gov/f/documents/cfpb_manufactured-housing-finance-new-insights-hmda_report_2021-05.pdf; Neil Bhutta & Benjamin 
J. Keys, Moral Hazard during the Housing Boom: Evidence from Private 
Mortgage Insurance, The Review of Fin. Studies (2021), https://academic.oup.com/rfs/advance-article/doi/10.1093/rfs/hhab060/6279755; Sumit Agarwal et al., The Effectiveness of Mandatory 
Mortgage Counseling: Can One Dissuade Borrowers from Choosing Risky 
Mortgages? (Nat'l Bureau of Econ. Research, Working Paper No. 19920, 
2014), https://www.nber.org/system/files/working_papers/w19920/w19920.pdf; Alexei Alexandrov & Sergei Koulayev, No Shopping in the 
U.S. Mortgage Market: Direct and Strategic Effects of Providing 
Information (Bureau of Consumer Fin. Prot., Off. of Research Working 
Paper No. 2017-01, 2018), https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2948491.
---------------------------------------------------------------------------

    The proposed data points would provide the above benefits in 
several ways. The action taken and pricing information data points 
would allow various entities to monitor the tightness of the small 
business credit market and identify areas where there are high denial 
rates for small business credit or where it is provided only at high 
cost, especially to women-owned or minority-owned small businesses. 
Data on census tract, NAICS code, gross annual revenue, and number of 
workers will provide insight into the availability of small business 
credit by geography, industry, and business size. Credit type and 
credit purpose would provide more information on how small women-owned 
and minority-owned businesses use credit and whether their use differs 
from that of other small businesses. Time in business information would 
allow data users to understand the credit needs of young small 
businesses, and specifically young women-owned and minority-owned small 
businesses. Recent research has shown that women-owned and minority-
owned businesses face different financing challenges early in the 
business lifecycle than other firms, primarily driven by less access to 
external financing.\898\
---------------------------------------------------------------------------

    \898\ See, e.g., JPMorgan Chase & Co. Inst., Small business 
ownership and liquid wealth (Mar. 2021), https://www.jpmorganchase.com/institute/research/small-business/small-business-ownership-and-liquid-wealth-report.
---------------------------------------------------------------------------

    The Bureau seeks comment on its analysis of potential benefits to 
small businesses as described herein.
2. Benefits to Covered Financial Institutions
    The proposed rule would provide some benefits to some covered 
financial institutions--i.e., the financial institutions that would be 
required to collect and report 1071 data on small business applications 
for credit. The first is some reduction of the compliance burden of 
fair lending reviews for lower risk financial institutions, by reducing 
the ``false positive'' rates during fair lending review prioritization 
by regulators. Currently, financial institutions are subject to fair 
lending reviews by regulators to ensure that they are complying with 
the ECOA in their small business lending processes. Data reported under 
the proposed rule would allow regulators to prioritize fair lending 
reviews of financial institutions with higher risk of fair lending 
violations, which reduces the burden on institutions with lower fair 
lending risk. Covered financial institutions would also be able to use 
the data to monitor, identify, and address their own fair lending risks 
and thereby avoid liability from enforcement actions and adverse exam 
findings requiring remedial action.
    The proposed data collection could also provide an unprecedented 
window into the small business lending market, and such transparency 
may benefit financial institutions covered by the rule. Comprehensive 
information on small business credit applications and originations are 
currently unavailable.

[[Page 56556]]

The data made public pursuant to the proposed rule could allow 
financial institutions to better understand the demand for small 
business credit products and the conditions under which they are being 
supplied by other covered financial institutions.
    The Bureau seeks comment on its analysis of potential benefits to 
covered persons as described herein.
3. Costs to Covered Financial Institutions
i. One-Time Costs to Covered Financial Institutions
    Using the methodology described in part VII.E.1 above, Table 9 
shows the estimated total expected one-time costs for financial 
institutions covered by the proposed rule as well as a breakdown by the 
eight component categories that comprise the one-time costs for Type A 
DIs, Type B DIs, and Type C DIs, and Non-DIs.
    Table 10 shows the estimated number of junior, mid-level, and 
senior staff hours and non-salary expenses for each component activity 
for Type A DIs. Tables 11 through 13 show the same estimates for Type B 
DIs, Type C DIs and Non-DIs respectively. As discussed above, the 
Bureau estimates all one-time costs to covered financial institutions 
using the One-Time Cost Survey results.
BILLING CODE 4810-25-P
[GRAPHIC] [TIFF OMITTED] TP08OC21.008

[GRAPHIC] [TIFF OMITTED] TP08OC21.009


[[Page 56557]]


[GRAPHIC] [TIFF OMITTED] TP08OC21.010

[GRAPHIC] [TIFF OMITTED] TP08OC21.011


[[Page 56558]]


[GRAPHIC] [TIFF OMITTED] TP08OC21.012

BILLING CODE 4810-25-C
    The Bureau estimates that updating computer systems would be the 
biggest driver of one-time costs for Type A DIs, and Type B DIs and 
Non-DIs. Type A DIs and Type B DIs would be expected to spend similar 
amounts on updating computer systems, but Type A DIs would rely 
somewhat more on staff.
    The Bureau expects that Non-DIs would have the highest one-time 
costs and the highest costs to update computer systems. To update 
computer systems, Non-DIs would rely on mid-level staff hours and 
third-party vendors. Non-DIs would also spend relatively more on 
preparation and planning than Type A DIs or Type B DIs. These estimates 
are consistent with the expectation that Non-DIs will incur higher 
costs because they are less likely to already report data to 
regulators.
    The Bureau estimates that the biggest drivers of one-time costs for 
Type C DIs would be preparation and planning and post-implementation 
review. These depository institutions would generally rely on mid-level 
staff hours to implement the required one-time changes and, in 
particular, would rely on mid-level staff hours for these two key 
activities. The Bureau estimates that Type C DIs will spend the most of 
all financial institution types on staff hours to implement one-time 
changes and the least on non-salary expenses.
    The Bureau estimates that one-time costs would be higher for Type A 
DIs than for Type B DIs. These two types of depository institutions 
have similar estimated costs for most activities, but Type A DIs are 
expected to spend more on testing/validating systems and legal/
compliance review.
    These estimates are generally consistent with feedback from SERs 
during the SBREFA process. Several SERs stated that changes to their 
computer systems would contribute to their one-time costs.\899\ 
However, some SERs estimated larger one-time costs than the Bureau and 
others estimated smaller one-time costs. One SER (a commercial finance 
company) said that many financial institutions in their industry have 
no experience reporting data such as will be required under the 1071 
rule and that their current developer estimates that the costs just to 
develop, test, and integrate their system could be up to $200,000. 
Another SER (a fintech) stated that they do not anticipate any one-time 
costs. Two SERs estimated that one-time costs would be between $15,000 
and $25,000 without a detailed breakdown of those costs. One SER 
provided a detailed breakdown of costs and estimated that total one-
time costs would be $27,000.
---------------------------------------------------------------------------

    \899\ The SER feedback discussed in this section-by-section 
analysis can be found in the SBREFA Panel Report at 38-39.
---------------------------------------------------------------------------

    As mentioned above, the Bureau realizes that one-time costs vary by 
institution due to many factors, and that this variance exists on a 
continuum that is impossible to fully represent. The Bureau focuses on 
representative types of financial institutions in order to generate 
practical and meaningful estimates of costs. As a result, the Bureau 
expects that individual financial institutions would have slightly 
different one-time costs than the average estimates presented here.
    The One-Time Cost Survey instructed respondents to assume that 
covered institutions would be required to report data at the 
application level on small business financing that constitutes 
``credit'' for purposes of ECOA for the 13 statutorily mandated data 
points one time per year, and be responsible for validating the 
accuracy of all data. Respondents were further instructed to use their 
own institution's internal definition of small business, assume the 
Regulation B definition of an application, and assume a reporting 
structure similar to that under HMDA. Finally, respondents were 
instructed to not include any costs associated with creating a 
firewall. As such, respondents estimated one-time costs assuming that 
the proposed rule would be different in some ways from what the Bureau 
has ultimately proposed here. One SER provided feedback during the 
SBREFA Panel that it was hard to estimate one-time costs in the survey 
without knowing all the details of the proposed rule.
    The Bureau estimates that the overall market impact of one-time 
costs for depository institutions would be between $218,000,000 and 
$229,000,000.\900\ Using a 7 percent discount rate and a five-year 
amortization window, the annualized

[[Page 56559]]

one-time costs for depository institutions would be $53,200,000 to 
$55,800,000. The Bureau estimates that the overall market impact of 
one-time costs for nondepository institutions would be $94,400,000. 
Using a 7 percent discount rate and a five-year amortization window, 
the annualized one-time costs for nondepository institutions would be 
$23,000,000. As a frame of reference for these market-level one-time 
cost estimates, the estimated total non-interest expenses from the 
FFIEC and NCUA Call Reports for depository institutions that the Bureau 
estimates would be covered under the proposed rule was about $439 
billion in 2019. The upper bound estimate of total one-time costs is 
approximately 0.05 percent of the total annual non-interest expenses.
---------------------------------------------------------------------------

    \900\ The Bureau notes that the variation in this range comes 
primarily from the uncertainty in the number of originations made by 
small banks and savings associations. The range does not fully 
account for the uncertainty associated with estimates of the one-
time costs for each type of institution.
---------------------------------------------------------------------------

    The Bureau seeks comment on its analysis of one-time costs to 
covered financial institutions as described herein. In particular, the 
Bureau seeks comment on how to adjust the estimates of one-time costs 
to account for differences between what respondents to the survey were 
asked to assume and the proposed rule.
ii. Ongoing Costs to Covered Financial Institutions
    Using the methodology described in part VII.E.2, Table 14 shows the 
total expected annual ongoing costs of the proposed rule as well as a 
breakdown by the component 15 activities that comprise the ongoing 
costs for Type A FIs, Type B FIs, and Type C FIs. The bottom of the 
table shows the total estimated annual 1071 ongoing compliance cost for 
each type of institution, along with the total cost per application the 
financial institution processes. To produce the estimates in Table 14, 
the Bureau used the calculations described in Tables 6 and 7 above and 
the assumptions for each activity in Table 8. In the following 
analysis, the Bureau provides examples of these cost calculations for 
the largest drivers of ongoing costs.
[GRAPHIC] [TIFF OMITTED] TP08OC21.013

    The Bureau estimates that a representative low complexity 
institution (i.e., a Type A FI) would incur around $7,386 in total 
annual ongoing costs, or about $74 in total cost per application 
processed (assuming a representative 100 applications per year). For 
financial institutions of this type, the largest driver of ongoing 
costs is the fixed cost of the external audit, $3,500. Besides the 
audit cost, the largest drivers of the ongoing costs are activities 
that require employee time to complete. Activities like transcribing 
data, transferring data to the data management software, standard edits 
and internal checks, and training all require loan officer time. The 
Bureau expects training (activity number 11) to annually require 
approximately $638 for 6 representative loan officers to engage in two 
hours of training. The Bureau expects other time-dependent activities 
to cost around $1,000 each. For

[[Page 56560]]

example, the Bureau assumes that Type A FIs will spend around 18 hours 
transferring data to 1071 data management software (activity number 3) 
based on estimates of the required time to transfer data to HMDA data 
management software. At the assumed hourly compensation, our estimate 
is around $1,013 for the Type A FI institutions to transfer data. An 
assumption of around 17 total hours to conduct standard annual editing 
checks (activity number 5) with some savings assumed due to an online 
submission platform that automatically checks for errors, results in an 
estimated annual ongoing cost of $490.
    The Bureau estimates that a representative middle complexity 
institution (i.e., a Type B FI), which is somewhat automated, would 
incur approximately $35,476 in additional ongoing costs per year, or 
around $89 per application (assuming a representative 400 applications 
per year). The largest components of this ongoing cost are the expenses 
of the small business application management software and geocoding 
software (activity 10) in the form of an annual software subscription 
fee, and the external audit of the data (activity number 13). Using 
interviews of financial institutions conducted to determine compliance 
costs with HMDA, the Bureau found mid-range HMDA data management 
systems to be approximately $8,000 in annual costs; the Bureau believes 
that cost would be comparable in the small business lending context and 
thus applies that estimate here. This analysis assumes that the 
subscription purchase would be separate from HMDA management systems, 
but the development of a software to jointly manage HMDA and small 
business lending-related data would likely result in cost savings for 
both products. The Bureau also estimates that a Type B FI would spend 
around $5,000 on external audits of their small business loan 
application data. The Type B FI incurs employee time-related fixed 
costs conducting internal checks ($10,576), training ($3,189), and 
prepping for examinations ($4,227) but saves time and expense on data 
entry and geocoding by using data management software. As an example, 
the Bureau expects Type B FIs to have two full-time employees spend 40 
hours each to prepare for an examination (activity number 14) resulting 
in a cost of $4,227, and have employees spend around 12 hours assisting 
with an examination (activity number 15) costing $672 annually.
    The Bureau estimates a representative high complexity institution 
(i.e., a Type C FI), would incur $243,266 of annual ongoing costs, or 
$41 per application (assuming a representative 6,000 application per 
year). The largest driver of costs for a Type C FI is the employee time 
required to conduct an internal audit. The assumed 2,304 hours of 
employee time results in nearly $122,000 of ongoing costs annually. 
Exam preparation, training, and standard annual and internal checks 
would be expected to cost $25,365, $26,262, and $26,181 each year, 
respectively. The Bureau also assumes that a Type C institution would 
need a subscription to a small business data management software near 
the upper bound of the range found in interviews with financial 
institutions, of $13,271.
    The Bureau estimates that the total annual ongoing costs for 
depository institutions would be between about $310,000,000 and 
$330,000,000 per year, about $192,000,00 to $201,000,000 of which would 
be annual variable costs. The Bureau estimates that the total annual 
ongoing costs for nondepository institutions would be about 
$62,300,000, about $13,700,000 of which would be annual variable costs.
    To understand the impacts of these cost estimates on the profits of 
depository institutions, the Bureau estimates the average total net 
income across all products per small business origination for all DIs 
by type.\901\ There is no comprehensive published source of data on 
profits earned on small business credit transactions. The Bureau 
presents estimates of total net income per origination as an indication 
of a financial institution's ability to cover the additional expenses 
associated with the proposed rule. The Bureau estimates that banks and 
savings associations of Type A have an average net income per 
origination between $105,000 and $119,000. Credit Unions of Type A have 
an average net income per origination of $272,000. Assuming two 
applications per origination, a bank or savings association of Type A 
has a net income per application of approximately $53,000 to $60,000 
and a credit union of the same type has a net income per application of 
about $136,000. The Bureau estimates that banks and savings 
associations of Type B have an average net income per origination 
between $50,000 and $57,000 or a net income per application between 
$25,000 and $29,000. The Bureau estimates that credit unions of Type B 
have an average net income per origination of $218,000 or an average 
net income per application of $109,000. The Bureau estimates that banks 
and savings associations of Type C have a net income per origination 
between $237,000 and $267,000, or, assuming three applications per 
origination, a net income per application between $79,000 and $89,000. 
The Bureau estimates that credit unions of Type C have an average net 
income per origination of $8,000, and average net income per 
application of about $3,000.
---------------------------------------------------------------------------

    \901\ There are no broadly available data on profit per 
application for nondepository institutions. The Bureau uses the 
FFIEC Bank and NCUA Credit Union Call Report data from December 31, 
2019, accessed on June 25, 2021. The Bureau uses the same internal 
estimates of small business loan originations as discussed in part 
VI.B above and total net income across all products. For estimates 
of net income per origination and per application, the Bureau uses 
only net income per origination for depository institutions with 
over 25 originations in 2019.
---------------------------------------------------------------------------

    The Bureau presented early versions of these ongoing cost estimates 
in the SBREFA Outline and to SERs during the SBREFA process. Since 
then, the Bureau has adjusted its estimates to match the total number 
of data points in the proposed rule relative to the SBREFA Outline. The 
Bureau also adjusted its estimates in response to SER feedback.\902\ 
Several SERs provided feedback that audit costs in the SBREFA Outline 
were likely too low for the lowest complexity (i.e., Type A) 
institution. The Bureau adjusted the Type A FI external audit costs to 
match estimates provided to the Bureau from a SER of $3,500, an 
increase from the original $500-$1,000 expected. The Bureau continues 
to assume the representative low complexity institution employs only an 
external audit but acknowledges feedback from SERs that this is not 
necessarily true for all Type A institutions.
---------------------------------------------------------------------------

    \902\ The SER feedback discussed in this section-by-section 
analysis can be found in the SBREFA Panel Report at 39.
---------------------------------------------------------------------------

    The Bureau also seeks additional comment on the cost estimates 
above. During the Small Business Panel Review Process, several SERs 
indicated other areas where costs estimates should be adjusted. A 
number of SERs remarked that the annual training costs estimates were 
likely too low. One SER estimated that training costs should be around 
20 percent higher and several suggested that the number of employees 
the Bureau is assuming for training costs on an annual basis is too 
low. One SER, for example, stated that everyone who interacts with 
customers will need to be trained and several indicated that the scope 
of employees who will require training includes administrative and 
management staff, as well as those directly involved in the credit 
process. One SER stated that the hourly compensation the Bureau was 
using for

[[Page 56561]]

cost calculations is assuming employees are too junior given the 
complexity of the process and should be around $25 higher. Another 
suggested that the transcribing data costs estimate is too low. One SER 
remarked that researching questions and the annual subscription cost of 
1071 data management or geocoding software is too low. While the Bureau 
has not made specific changes in response to these suggestions, the 
Bureau seeks comment on its estimation methodology and cost estimates. 
In accordance with the balancing test discussed in part VI above, the 
Bureau expects to publicly release data collected under the rule, 
potentially with certain data modified or deleted. A more fulsome 
discussion of potential risks and harms from the publication of a 
public 1071 data can be found in part VI.C above, but in this section 
the Bureau acknowledges several potential costs to covered entities 
that stem from the publication of a public dataset under the proposed 
rule.
    With the publicly disclosed data, users would be able to assess 
fair lending risks at the institution and market level, furthering 
section 1071's fair lending purpose. Several commenters to the Bureau's 
2017 RFI expressed concerns, however, about costs related to these 
analyses.\903\ During the SBREFA process, some SERs were concerned that 
published 1071 data could be used against financial institutions in 
litigation by class action attorneys or to harm their public 
reputations.\904\ Depending on the extent of publicly disclosed data, 
the Bureau expects that some financial institutions could incur ongoing 
costs related to responding to reports of disparities in their small 
business lending practices. Some financial institutions could also 
experience reputational risks associated with high profile reports of 
existing disparities where more fulsome analysis of its business 
practices would conclude that the disparities do not support a finding 
of discrimination on a prohibited basis. In anticipation of needing to 
respond to outside analysis and potential reputational risks, it is 
possible that some financial institutions may choose to change their 
product offerings available to small businesses, underwriting or 
pricing practices, or overall participation in the small business 
lending market. These costs are difficult to quantify, but the Bureau 
seeks comment on the extent of the possible costs posed by litigation 
or reputational harm as a result of the proposed rule.
---------------------------------------------------------------------------

    \903\ 82 FR 22318 (May 15, 2017).
    \904\ For example, one SER was concerned that published 1071 
data could lead to increased litigation and thus a higher cost of 
credit for small businesses. Another SER expressed concern that 
pricing information could be misinterpreted by users of 1071 data 
(for example, according to the SER, higher pricing for one race 
might be used to infer discrimination when the pricing was in fact 
unrelated to the race of the applicant). Such a misinterpretation 
may cause reputational damage and consequently decrease 
applications.
---------------------------------------------------------------------------

    The Bureau also received feedback that financial institutions could 
face potential costs with the publication of a public dataset under the 
proposed rule either because potential clients would be concerned about 
their data being collected or because of the additional competitive 
pressure brought by a publicly available dataset. During the SBREFA 
process, a number of SERs were concerned that full disclosure of all 
1071 data would result in the re-identification of small business 
applicants and potentially harm their privacy interests. Several SERs 
asserted that public knowledge of borrowing activity (even without any 
other potential harms) would be very concerning to some small 
businesses as some small business owners consider that information 
sensitive or deeply personal. Relatedly, one SER said that the 
collection of 1071 data, including personal or demographic information, 
could seem like an invasion of privacy by the financial institution, 
particularly to minorities, and thus prospective applicants may decide 
to seek financing elsewhere. A number of these SERs stated that 1071 
data could be used to generate marketing lists, resulting in a 
financial institution's competitors stealing small business customers. 
Several SERs were concerned about the Bureau potentially making public 
pricing data. Several SERs were particularly focused on information 
regarding pricing and pricing structure being commercially sensitive to 
financial institutions. The Bureau seeks comment on this class of 
potential costs to covered financial institutions.
    The Bureau seeks comment on its analysis of ongoing costs to 
covered financial institutions as described herein.
4. Costs to Small Businesses
    The Bureau expects that any direct costs of the proposed rule on 
small businesses would stem from additional fields that the applicant 
may have to complete on credit applications due to the proposed rule 
compared to the baseline application process. This could include 
information such as the race, ethnicity, and sex of business owners or 
number of workers that are not typically required on business credit 
applications. However, the Bureau expects that the cost of completing 
these fields on applications to be negligible, especially compared to 
the overall cost of credit. Therefore, the Bureau focuses the rest of 
the discussion on the costs of small businesses to whether and how the 
Bureau expects financial institutions to pass on the costs of 
compliance with the proposed rule to small businesses and any possible 
effects on the availability of small business credit.
    Three types of costs (one-time, fixed ongoing, and variable 
ongoing) have the potential to influence the price and availability of 
credit to small businesses. In a competitive marketplace, standard 
microeconomics suggests that lenders will extend loans up to the point 
at which the revenue from granting an additional loan is equal to the 
additional cost associated with the financial institution providing the 
loan. One-time costs and fixed ongoing costs affect the overall 
profitability of a lender's loan portfolio but do not affect the added 
profit from extending an additional loan. Variable ongoing costs, 
however, affect the profitability of each additional loan and will 
influence the number of loans a lender provides. Based on the Bureau's 
available evidence, it expects that the variable ongoing costs will be 
passed on in full to small business credit applicants in the form of 
higher prices or fees and does not expect there to be a significant 
reduction in small businesses' ability to access credit.
    One-time and fixed ongoing costs affect the overall profitability 
of the loan portfolio and will be considered in the lender's decision 
to remain in the small business credit market or the market for 
specific small business credit products. A financial institution would 
find it worthwhile to incur the one-time costs associated with 
complying with the proposed rule if it expects to generate enough 
profit over multiple years to cover those costs. Each year, a financial 
institution would find it worthwhile to continue extending credit if 
the total expected revenue from its chosen quantity of loans is greater 
than the sum of its ongoing fixed and variable costs. A financial 
institution would find it worthwhile to exit the market, even if it had 
already incurred the one-time costs, if the total expected revenue from 
that year were less than the total expected ongoing costs. During the 
SBREFA process, the Bureau asked panelists how they would respond to 
the cost of complying with the proposed rule.\905\ One nondepository 
institution participant did indicate that smaller firms in their 
industry may stop participating if one-time costs are too

[[Page 56562]]

high, particularly if small business lending is a secondary aspect of 
their business model.\906\ Another nondepository institution 
participant indicated that significantly increasing the time between 
application and decision could occur due to the proposed requirements, 
which they said would threaten their ability to compete with other 
lenders.
---------------------------------------------------------------------------

    \905\ SBREFA Outline at 50-52.
    \906\ The SER feedback discussed herein can be found in the 
SBREFA Panel Report at 40.
---------------------------------------------------------------------------

    In the One-Time Cost Survey, the Bureau asked respondents to rank a 
list of potential actions they may take in response to the compliance 
costs of implementing section 1071. Respondents ranked the following 
list: ``Raise rates or fees on small business products''; ``Raise 
rates/fees on other credit products''; ``Accept lower profits''; ``Exit 
some geographic markets''; ``Tighten underwriting standards''; ``Offer 
fewer or less complex products''; ``No longer offer small business 
credit products''; or ``Other'' with two write-in options. Respondents 
ranked these options from ``1'' to ``9'' indicating their most to least 
likely responses, where ``1'' was the most likely.
    In order to analyze these responses, the Bureau pooled data only 
from respondents that answered both the ranking question and the number 
of originations question. The Bureau implemented these restrictions to 
the pool to eliminate responses from institutions that would not be 
required to report under the proposed rule. Of the 105 total 
respondents to the One-Time Cost Survey, 44 ranked every option and 
reported more than 25 originations in the last year. The Bureau will 
henceforth refer to these respondents as the ``impacts of 
implementation'' sample.
    Table 15 presents the potential responses to implementing section 
1071 and the average ranking assigned by respondents in the impacts of 
implementation sample. The responses are listed in order of most to 
least likely on average, where a lower average ranking number means 
that respondents ranked that response most likely. Consistent with 
economic theory, respondents reported that they would be most likely to 
raise rates or fees on small business products and other credit 
products. On average, respondents reported that they would be least 
likely to exit some geographic markets or cease offering small business 
credit products.
[GRAPHIC] [TIFF OMITTED] TP08OC21.014

    The Bureau expects that the variable ongoing costs would be passed 
on in full to small business credit applicants in the form of higher 
prices or fees. This expectation is consistent with both standard 
microeconomic theory and feedback from SERs during the SBREFA process 
and respondents to the One-Time Cost Survey. Per application, the 
variable costs are approximately $28, $24, and $7 for Type A FIs, Type 
B FIs, and Type C FIs, respectively. Even if the variable costs were 
passed on in full to small business applicants in the form of higher 
interest rates or fees associated with a loan or line of credit (or 
even applicants in the form of application fees), the Bureau expects 
that this would comprise a small portion of the total cost of the 
average loan to the small business applicant.
    As discussed above, the Bureau believes financial institutions 
would decide to remain in or exit the small business credit market 
based on the revenue generated from small business credit relative to 
the sum of one-time costs, fixed ongoing costs, and variable ongoing 
costs. The Bureau's total estimated one-time and ongoing costs are non-
negligible and could potentially result in exit from the market by 
financial institutions that do not regularly originate many covered 
credit transactions. The Bureau's proposed coverage threshold of 25 
covered credit transactions in two consecutive years could prevent some 
low-volume financial institutions from leaving the small business 
credit market in response to the compliance costs of the proposed rule. 
For example, the Bureau estimates that a Type A DI would incur one-time 
costs of $58,400 and fixed ongoing costs of $4,536. A depository 
institution that originates very few covered transactions every year 
may exit the market if it does not expect that profits, even over 
several years, would cover that one-time cost or if it does not expect 
annual revenues to exceed the annual ongoing costs. However, based on 
the net income per application estimates discussed above, the Bureau 
believes that institutions that are covered under the proposed rule 
(i.e., above the proposed coverage threshold) will earn enough revenue 
to exceed these costs. Furthermore, the Bureau's findings during the 
SBREFA process and the respondents to the One-Time Cost Survey 
(discussed above) additionally support the Bureau's conclusion that the 
increase in compliance costs will likely be passed through to customers 
in the form of increased fees, rather than result in financial 
institutions leaving the small business credit market.\907\
---------------------------------------------------------------------------

    \907\ As stated in the SBREFA Panel Report at 40, ``[g]enerally, 
SERs did not suggest that they would leave the small business 
lending market in response to increased costs under the eventual 
1071 rule.''

---------------------------------------------------------------------------

[[Page 56563]]

    The Bureau seeks comment on other potential costs to small 
businesses not discussed here. The Bureau seeks comment on its analysis 
of costs to small businesses as described herein.
5. Alternatives Considered
    This section discusses two categories of alternatives considered: 
Other methods for defining a covered financial institution and limiting 
the data points to those mandated by section 1071. The Bureau uses the 
methodologies discussed in parts VII.D and VII.E to estimate the 
impacts of these alternatives.
    First, the Bureau considered multiple reporting thresholds for 
purposes of defining a covered financial institution. In particular, 
the Bureau considered whether to exempt financial institutions with 
fewer than 50 or 100 originations in each of the two preceding calendar 
years instead of 25 originations, as proposed. The Bureau also 
considered whether to exempt depository institutions with assets under 
$100 million or $200 million from section 1071's data collection and 
reporting requirements.
    Under a 50-origination threshold, the Bureau estimates that about 
2,900 to 3,100 depository institutions would report, which is 
approximately 1,100 fewer depository institutions relative to the 
proposed threshold of 25 originations. The Bureau estimates that about 
2,700 to 2,900 banks and savings associations and about 200 credit 
unions would be covered under a 50-origination threshold. The Bureau 
does not have sufficient information to estimate how many fewer 
nondepository institutions would report under this alternative 
threshold. The Bureau estimates that the total one-time costs across 
all financial institutions associated with a 50-origination threshold 
would be about $252,000,000 to $264,000,000, a decrease of about 
$60,000,000 relative to the 25-origination threshold. The Bureau 
estimates that the total annual ongoing costs associated with this 
threshold would be about $357,000,000 to $374,000,000, a decrease of 
about $17,000,000 per year relative to the 25-origination threshold.
    Under a 100-origination threshold, the Bureau estimates that about 
1,800 to 2,000 depository institutions would report, which is 
approximately 2,200 fewer depository institutions relative to the 
proposed threshold of 25 originations. The Bureau estimates that about 
1,700 to 1,900 banks and savings associations and about 100 credit 
unions would be covered under a 100-origination threshold The Bureau 
estimates that the total one-time costs across all financial 
institutions associated with a 100-origination threshold would be about 
$192,000,000 to $203,000,000, a decrease of $120,000,000 relative to 
the 25-origination threshold. The Bureau estimates that the total 
annual ongoing costs associated with this threshold would be about 
$332,000,000 to $347,000,000, a decrease of about $40,000,000 to 
$45,000,000 per year relative to the 25-origination threshold. Again, 
the Bureau does not have sufficient information to estimate how many 
fewer nondepository institutions would be required to report under this 
alternative.
    The Bureau also considered $100 million and $200 million asset-
based thresholds for depository institutions. For the purposes of 
considering these alternatives, the Bureau estimates how institutional 
coverage and costs would be different if the Bureau required a 25-
origination threshold in addition to an asset-based threshold for 
depository institutions. The Bureau assumes that the alternative 
proposal would have been that a depository institution would be 
required to report its small business lending activity for 2019 if it 
had more than 25 originations in 2017 and 2018 and had assets over the 
asset-based threshold on December 31, 2018. The Bureau further assumes 
that if two institutions merged in 2019 then the resulting institution 
would be required to report if the sum of the separate institutions' 
assets on December 31, 2018 exceeded the asset-based threshold.
    Under a $100 million asset-based threshold, the Bureau estimates 
that between 3,500 and 3,600 depository institutions would report, 
approximately 500 to 600 fewer depository institutions relative to a 
25-origination threshold with no asset-based threshold. The Bureau 
estimates that about 3,100 to 3,300 banks and savings associations and 
about 300 credit unions would be covered under a 25-origination and 
$100 million asset-based threshold. The Bureau estimates that the total 
one-time costs across all financial institutions associated with the 
addition of a $100 million asset threshold would be about $284,000,000 
to $291,000,000, a decrease of between $28,000,000 and $32,000,000 
relative to the proposed rule. The Bureau estimates that the total 
annual ongoing costs associated with this threshold would be about 
$366,000,000 to $384,000,000, a decrease of about $7,000,000 to 
$9,000,000 per year relative to the 25-origination threshold with no 
asset-based threshold.
    Under a $200 million asset-based threshold, the Bureau estimates 
that between 2,600 and 2,700 depository institutions would report, 
approximately 1,400 to 1,500 fewer depository institutions relative to 
a 25-origination threshold with no asset-based threshold. The Bureau 
estimates that about 2,300 to 2,400 banks and savings associations and 
about 300 credit unions would be covered under a 25-origination and 
$200 million asset-based threshold. The Bureau estimates that the total 
one-time costs across all financial institutions associated with the 
addition of a $200 million asset threshold would be about $240,000,000 
to $244,000,000, a decrease of between $73,000,000 and $80,000,000 
relative to the proposed rule. The Bureau estimates that the total 
annual ongoing costs associated with this threshold would be about 
$348,000,000 to $363,000,000, a decrease of about $25,000,000 to 
$29,000,000 per year relative to the 25-origination threshold with no 
asset-based threshold.
    Second, the Bureau considered the costs and benefits for limiting 
its data collection to the data points required by the section 1071. In 
addition to the statutorily required data points enumerated in section 
1071, the statute also requires financial institutions to collect and 
report any additional data that the Bureau determines would aid in 
fulfilling the purposes of section 1071. The Bureau is proposing 
several additional data points that rely solely on this authority. 
Specifically, the Bureau is proposing to require that financial 
institutions collect and report data on application channel, 
application recipient, denial reasons (for denied applications only), 
pricing information (for applications that are originated or approved 
but not accepted), NAICS code, number of workers, time in business, and 
number of principal owners. The Bureau has considered the impact of 
instead proposing only the collection of those data points required by 
statute.
    Requiring the collection and reporting of only the statutory data 
points would result in a reduction in the fair lending benefit of the 
data compared to the proposed rule. For example, not collecting pricing 
information would obscure possible fair lending risk by covered 
financial institutions. Potential discriminatory behavior is not 
limited to the action taken on an application, but rather includes the 
terms and conditions under which applicants can access credit. If the 
Bureau did not collect pricing information, it would not be able to 
evaluate potential discriminatory behaviors on the basis of price. As

[[Page 56564]]

mentioned in part VII.F.1 above, several of the data points the Bureau 
is proposing under its ECOA section 704B(e)(2)(H) authority are useful 
in creating more accurate fair lending analyses. A reduction in the 
rule's ability to facilitate the enforcement of fair lending laws would 
negatively impact small businesses and small business owners relative 
to the proposed rule.
    Limiting the rule's data collection to only the data points 
required under the statute would also reduce the ability of the rule to 
support the business and community development purpose of the section 
1071. Not including pricing information would significantly reduce the 
ability of communities, governmental entities, and creditors to 
understand credit conditions available to small businesses. Not 
including NAICS code or time in business would reduce the ability of 
governmental entities to tailor programs that can specifically benefit 
young businesses or businesses in certain industries. This reduction in 
benefits might be disproportionately borne by women-owned and minority-
owned small businesses.
    Only requiring the collection and reporting of the statutory data 
points would have reduced the annual ongoing cost of complying with the 
proposed rule. Under this alternative, the estimated total annual 
ongoing costs for Type A FIs, Type B FIs, and Type C FIs would be 
$6,833; $34,004 and $233,209, respectively. Per application, the 
estimated ongoing cost would be $68, $85, and $39 for Type A FIs, Type 
B FIs, and Type C FIs, respectively. The estimated total annual market-
level ongoing cost of reporting would be between $363,000,000 and 
$382,000,000 or about $10,000,000 per year less than under the proposed 
rule. As discussed above, respondents to the One-Time Cost Survey were 
instructed to assume that they would only report the mandatory data 
fields. Hence, the Bureau can only estimate how ongoing costs would be 
different under this alternative.

G. Potential Impact on Depository Institutions and Credit Unions With 
$10 Billion or Less in Total Assets

    As discussed above, the proposed rule would exclude financial 
institutions with fewer than 25 originated covered credit transactions 
in both of the two preceding calendar years. The Bureau believes that 
the benefits of the proposed rule to banks, savings associations, and 
credit unions with $10 billion or less in total assets will be similar 
to the benefits to covered financial institutions as a whole, discussed 
above. Regarding costs, other than as noted here, the Bureau also 
believes that the impact of the proposed rule on banks, savings 
associations, and credit unions with $10 billion or less in total 
assets will be similar to the impact for covered financial institutions 
as a whole. The primary difference in the impact on these institutions 
is likely to come from differences in the level of complexity of 
operations, compliance systems, and software, as well as number of 
product offerings and volume of originations of these institutions.
    Based on FFIEC and NCUA Call Report data for December 2019, 10,375 
of 10,525 banks, savings associations, and credit unions had $10 
billion or less in total assets. The Bureau estimates that between 
3,900 and 4,000 of such institutions would be subject to the proposed 
rule. The Bureau estimates that the market-level impact of the proposed 
rule on annual ongoing costs for banks, savings associations, and 
credit unions with $10 billion or less in assets would be between 
$151,000,000 and $171,000,000. Regarding one-time costs, the Bureau 
estimates that the market-level impact of the proposed rule for banks, 
savings associations, and credit unions with $10 billion or less in 
assets would be between $209,000,000 and $220,000,000. Using a 7 
percent discount rate and a five-year amortization window, the 
estimated annualized one-time costs would be between $51,000,000 and 
$54,000,000.
    The Bureau seeks comment on its analysis of the potential impact on 
depository institutions and credit unions with $10 billion or less in 
total assets as described herein.

H. Potential Impact on Small Businesses in Rural Areas

    The proposed rule would not directly impact small businesses in 
rural areas. However, as with all small businesses, small businesses in 
rural areas may bear some indirect costs of the proposal. This would 
occur if financial institutions serving rural areas are covered by the 
proposed rule and if those institutions pass on some or all of their 
cost of complying with the proposed rule to small businesses.
    The source data from CRA submissions that the Bureau uses to 
estimate institutional coverage and market estimates provide 
information on the county in which small business borrowers are 
located. However, approximately 89 percent of banks did not report CRA 
data in 2019, and as a result the Bureau does not believe the reported 
data are robust enough to estimate the locations of the small business 
borrowers for the banks that do not report CRA data. The Credit Union 
Call Report data do not provide any information on the location of 
credit union borrowers. Nonetheless, the Bureau is able to provide some 
geographical estimates of institutional coverage based on depository 
institution branch locations.
    The Bureau used the FDIC's Summary of Deposits to identify the 
location of all brick and mortar bank and savings association branches 
and the NCUA Credit Union Branch Information to identify the location 
of all credit union branch and corporate offices.\908\ A bank, savings 
association, or credit union branch was defined as rural if it is in a 
rural county, as specified by the USDA's Urban Influence Codes.\909\ A 
branch is considered covered by the proposed rule if it belongs to a 
bank, savings association, or credit union that the Bureau estimated 
would be included under the proposed threshold of 25 originations in 
2017 and 2018. Using the estimation methodology discussed in part VII.D 
above, the Bureau estimates that about 90 to 92 percent of rural bank 
and savings association branches and about 95 percent of non-rural bank 
and savings association branches would be covered under the proposed 
rule. The Bureau estimates that about 27 percent of rural credit union 
branches and about 29 percent of non-rural credit union branches would 
be covered under the proposed rule.\910\
---------------------------------------------------------------------------

    \908\ See Fed. Deposit Ins. Corp., Summary of Deposits (SOD)--
Annual Survey of Branch Office Deposits (last updated June 1, 2021), 
https://www.fdic.gov/regulations/resources/call/sod.html. The NCUA 
provides data on credit union branches in the quarterly Call Report 
Data files. See Nat'l Credit Union Admin., Call Report Quarterly 
Data, https://www.ncua.gov/analysis/credit-union-corporate-call-report-data/quarterly-data (last visited Aug. 5, 2021).
    \909\ This is the same methodology as used in the Bureau's rural 
counties list. See Bureau of Consumer Fin. Prot., Rural and 
underserved counties list, https://www.consumerfinance.gov/compliance/compliance-resources/mortgage-resources/rural-and-underserved-counties-list/ (last visited July 28, 2020).
    \910\ The Bureau notes that most credit union branches do not 
belong covered credit unions because most credit unions did not 
report any small business loans in the NCUA Call Report data. Of the 
5,437 credit unions that existed in December 2019, 4,359 (or 81.5 
percent) reported no small business originations in 2017 or 2018.
---------------------------------------------------------------------------

    In a competitive framework in which financial institutions are 
profit maximizers, financial institutions would pass on variable costs 
to future small business applicants, but absorb one-time costs and 
increased fixed costs in the short run.\911\ Based on previous

[[Page 56565]]

HMDA rulemaking efforts and feedback through the SBREFA process, the 
following seven operational steps affect variable costs: Transcribing 
data, resolving reportability questions, transferring data to a data 
entry system, geocoding, researching questions, resolving question 
responses, and checking post-submission edits. Overall, the Bureau 
estimates that the impact of the proposed rule on variable costs per 
application is $28 for a Type A FI, $24 for type B FIs, and $7 for Type 
C FIs. The covered financial institutions that serve rural areas will 
attempt to pass these variable costs on to future small business 
applicants. Amortized over the life of the loan, this expense would 
represent a negligible increase in the cost of a covered credit 
transaction.
---------------------------------------------------------------------------

    \911\ If markets are not perfectly competitive or financial 
institutions are not profit maximizers, then what financial 
institutions pass on may differ. For example, they may attempt to 
pass on one-time costs and increases in fixed costs, or they may not 
be able to pass on variable costs. Furthermore, some financial 
institutions may exit the market in the long run. However, other 
financial institutions may also enter the market in the long run.
---------------------------------------------------------------------------

    The One-Time Cost Survey can shed light on how financial 
institutions that serve rural communities will respond to the proposed 
rule. The Bureau asked respondents to the survey to report whether 
their institution primarily served rural or urban communities or an 
even mix. All respondents in the impacts of implementation sample 
answered this question. Of the 44 respondents in the impacts of 
implementation sample, 13 primarily serve rural communities, 15 
primarily serve urban communities, and 16 serve an even mix. Table 16 
presents the potential responses to implementing section 1071 and the 
average ranking assigned by respondents that serve rural communities, 
urban communities, an even mix, and all of the respondents in the 
impacts of implementation sample. The responses are listed in order of 
most to least likely on average across all respondents, where a lower 
average ranking number means that respondents ranked that response most 
likely. Respondents that primarily serve rural communities or an even 
mix rank raising rates or fees on small business or other credit 
products as the most likely response. These institutions also rank 
exiting some geographic markets and no longer offering small business 
credit products as the least likely response to the proposed rule.
[GRAPHIC] [TIFF OMITTED] TP08OC21.015

    The Bureau thus does not anticipate any material adverse effect on 
credit access in the long or short term to rural small businesses.
    The Bureau seeks comment on its analysis of potential impacts on 
small businesses in rural areas as described herein.

VIII. Regulatory Flexibility Act Analysis

    The Regulatory Flexibility Act (RFA) \912\ generally requires an 
agency to conduct an initial regulatory flexibility analysis (IRFA) and 
a final regulatory flexibility analysis (FRFA) of any rule subject to 
notice-and-comment rulemaking requirements. These analyses must 
``describe the impact of the proposed rule on small entities.'' \913\ 
An IRFA or FRFA is not required if the agency certifies that the rule 
will not have a significant economic impact on a substantial number of 
small entities.\914\ The Bureau also is subject to certain additional 
procedures under the RFA involving the convening of a panel to consult 
with small business representatives prior to proposing a rule for which 
an IRFA is required.\915\ The Bureau has not certified that the 
proposed rule would not have a significant economic impact on a 
substantial number of small entities within the meaning of the RFA. 
Accordingly, the Bureau convened and chaired a Small Business Review 
Panel under SBREFA to consider the impact of the proposed rule on small 
entities that would be subject to that rule and to obtain feedback from 
representatives of such small entities. The Small Business Review Panel 
for this rulemaking is discussed below in part VIII.A. The Bureau is 
also publishing an IRFA. Among other things, the IRFA estimates the 
number of small entities that will be subject to the proposed rule and

[[Page 56566]]

describes the impact of that rule on those entities. The IRFA for this 
rulemaking is set forth below in part VIII.B.
---------------------------------------------------------------------------

    \912\ 5 U.S.C. 601 et seq.
    \913\ 5 U.S.C. 603(a). For purposes of assessing the impacts of 
the proposed rule on small entities, ``small entities'' is defined 
in the RFA to include small businesses, small not-for-profit 
organizations, and small government jurisdictions. 5 U.S.C. 601(6). 
A ``small business'' is determined by application of SBA regulations 
and reference to the NAICS classifications and size standards. 5 
U.S.C. 601(3). A ``small organization'' is any ``not-for-profit 
enterprise which is independently owned and operated and is not 
dominant in its field.'' 5 U.S.C. 601(4). A ``small governmental 
jurisdiction'' is the government of a city, county, town, township, 
village, school district, or special district with a population of 
less than 50,000. 5 U.S.C. 601(5).
    \914\ 5 U.S.C. 605(b).
    \915\ 5 U.S.C. 609.
---------------------------------------------------------------------------

A. Small Business Review Panel

    Under section 609(b) of the RFA, as amended by SBREFA and the Dodd-
Frank Act,\916\ the Bureau must seek, prior to conducting the IRFA, 
information from representatives of small entities that may potentially 
be affected by its proposed rules to assess the potential impacts of 
that rule on such small entities.\917\ Section 609(b) sets forth a 
series of procedural steps with regard to obtaining this information. 
The Bureau first notifies the Chief Counsel for Advocacy of the SBA 
(Chief Counsel) and provides the Chief Counsel with information on the 
potential impacts of the proposed rule on small entities and the types 
of small entities that might be affected.\918\ Not later than 15 days 
after receipt of the formal notification and other information 
described in section 609(b)(1) of the RFA, the Chief Counsel then 
identifies the small entity representatives, the individuals 
representative of affected small entities for the purpose of obtaining 
advice and recommendations from those individuals about the potential 
impacts of the proposed rule.\919\ The Bureau convenes a Small Business 
Review Panel for such rule consisting wholly of full-time Federal 
employees of the office within the Bureau responsible for carrying out 
the proposed rule, OIRA within the OMB, and the Chief Counsel.\920\ The 
Small Business Review Panel reviews any material the Bureau has 
prepared in connection with the SBREFA process and collects the advice 
and recommendations of each individual small entity representative 
identified by the Bureau after consultation with the Chief Counsel on 
issues related to sections 603(b)(3) through (b)(5) and 603(c) of the 
RFA.\921\ No later than 60 days after the date the Bureau convenes the 
Small Business Review Panel, the panel reports on the comments of the 
small entity representatives (SERs) and its findings as to the issues 
on which the Small Business Review Panel consulted with the SERs, and 
the report is made public as part of the rulemaking record.\922\ Where 
appropriate, the Bureau modifies the proposed rule or the IRFA in light 
of the foregoing process.\923\
---------------------------------------------------------------------------

    \916\ 5 U.S.C. 609(b).
    \917\ Id.
    \918\ 5 U.S.C. 609(b)(1).
    \919\ 5 U.S.C. 609(b)(2).
    \920\ 5 U.S.C. 609(b)(3).
    \921\ 5 U.S.C. 609(b)(4). As described in part VIII.B below, 
sections 603(b)(3) through (5) and 603(c) of the RFA, respectively, 
require a description of and, where feasible, provision of an 
estimate of the number of small entities to which the proposed rule 
will apply; a description of the projected reporting, record 
keeping, and other compliance requirements of the proposed rule, 
including an estimate of the classes of small entities which will be 
subject to the requirement and the type of professional skills 
necessary for preparation of the report or record; an 
identification, to the extent practicable, of all relevant Federal 
rules which may duplicate, overlap, or conflict with the proposed 
rule; and a description of any significant alternatives to the 
proposed rule which accomplish the stated objectives of applicable 
statutes and which minimize any significant economic impact of the 
proposed rule on small entities. 5 U.S.C. 603(b)(3) through (5), 
(c).
    \922\ 5 U.S.C. 609(b)(5).
    \923\ 5 U.S.C. 609(b)(6).
---------------------------------------------------------------------------

    On August 10, 2020, the Bureau provided the Chief Counsel (as well 
as OIRA) with the formal notification and other information required 
under section 609(b)(1) of the RFA. To obtain feedback from small 
entities to inform the Small Business Review Panel pursuant to section 
609(b)(2) and (4) of the RFA, the Bureau, in consultation with the 
Chief Counsel, identified several categories of small entities that may 
be subject to the proposed rule for purposes of the IRFA: Depository 
institutions; fintech lenders and MCA providers; commercial finance 
companies; nondepository CDFIs; nondepository lenders of other 5+ unit 
mortgages; Farm Credit System members; and governmental lending 
entities. Section 3 of the IRFA, in part VIII.B.3 below, describes in 
greater detail the Bureau's analysis of the number and types of 
entities that may be affected by the proposed rule. Having identified 
the categories of small entities that may be subject to the proposed 
rule for purposes of an IRFA, the Bureau then, in consultation with the 
Chief Counsel and OIRA, selected 20 SERs to participate in the SBREFA 
process. As discussed in section 7 of the SBREFA Panel Report,\924\ 
described below, the SERs included representatives from each of the 
categories identified by the Bureau and comprised a diverse group of 
individuals with regard to geography and type of locality (i.e., rural, 
urban, suburban, or metropolitan areas).
---------------------------------------------------------------------------

    \924\ See SBREFA Panel Report at 15.
---------------------------------------------------------------------------

    On October 15, 2020, the Bureau formally convened the Small 
Business Review Panel pursuant to section 609(b)(3) of the RFA. 
Afterwards, to collect the advice and recommendations of the SERs under 
section 609(b)(4) of the RFA, the Small Business Review Panel held a 
total of four Panel Outreach Meetings with the SERs during October 19-
22, 2020, conducted online via video conference. To help SERs and to 
facilitate an informed and detailed discussion of the proposals under 
consideration, discussion questions for the SERs were included 
throughout the Bureau's SBREFA Outline.\925\ In advance of the Panel 
Outreach Meetings, the Bureau, SBA's Office of Advocacy, and OIRA held 
a series of video conferences with the SERs to describe the Small 
Business Review Process, obtain important background information about 
each SER's current business practices, and begin discussions on 
selected portions of the proposals under consideration. All 20 SERs 
participated in the Panel Outreach Meetings. The Panel also invited 
SERs to submit written feedback by November 9, 2020; the Bureau 
received written feedback from 15 of the SERs.\926\
---------------------------------------------------------------------------

    \925\ These questions also appeared in a shorter Discussion 
Guide for Small Entity Representatives. Bureau of Consumer Fin. 
Prot., Small Business Advisory Review Panel, Consumer Financial 
Protection Bureau, Small Business Lending Data Collection 
Rulemaking, Discussion Guide for Small Entity Representatives (Sept. 
15, 2020), https://files.consumerfinance.gov/f/documents/cfpb_1071-sbrefa_discussion-guide_2020-09.pdf.
    \926\ This written feedback is attached as appendix A to the 
SBREFA Panel Report.
---------------------------------------------------------------------------

    The Bureau also invited other stakeholders to submit feedback on 
the SBREFA Outline, which was due by December 14, 2020. See generally 
SBREFA Outline. Feedback from these other stakeholders was not 
considered by the Panel and is not reflected in the Panel Report. See 
part III above for additional information.
    On December 15, 2020, the Bureau publicly released the written 
SBREFA Panel Report.\927\ The SBREFA Panel Report includes the 
following:
---------------------------------------------------------------------------

    \927\ Bureau of Consumer Fin. Prot., Consumer Financial 
Protection Bureau Releases Report on Implementing the Dodd-Frank 
Act's Small Business Lending Data Collection Requirement (Dec. 15, 
2021), https://www.consumerfinance.gov/about-us/newsroom/consumer-financial-protection-bureau-releases-report-on-implementing-the-dodd-frank-acts-small-business-lending-data-collection-requirement/.
---------------------------------------------------------------------------

    Background information on the proposals under consideration at the 
time; information on the types of small entities that would be subject 
to those proposals and on the SERs who were selected to advise the 
Panel; a summary of the Panel's outreach to obtain the advice and 
recommendations of those small entity representatives; a discussion of 
the comments and recommendations of the small entity representatives; 
and a discussion of the Panel's findings, focusing on the statutory 
elements required under section 603 of the RFA.\928\
---------------------------------------------------------------------------

    \928\ 5 U.S.C. 609(b)(5).
---------------------------------------------------------------------------

    In preparing this proposed rule and the IRFA, the Bureau has 
considered the

[[Page 56567]]

feedback from SERs through the SBREFA process and the findings and 
recommendations in the SBREFA Panel Report. The section-by-section 
analysis of the proposed rule in part V above and the IRFA discuss this 
feedback and the specific findings and recommendations of the Panel, as 
applicable. The SBREFA process provided the Panel and the Bureau with 
an opportunity to identify and explore opportunities to minimize the 
burden of the proposed rule on small entities while achieving the 
rule's purposes. It is important to note, however, that the Panel 
prepared the SBREFA Panel Report at a preliminary stage of the 
proposal's development and that the SBREFA Panel Report--in particular, 
the Panel's findings and recommendations--should be considered in that 
light. Also, any options identified in the SBREFA Panel Report for 
reducing the proposed rule's regulatory impact on small entities were 
expressly subject to further consideration, analysis, and data 
collection by the Bureau to ensure that the options identified were 
practicable, enforceable, and consistent with section 1071 of the Dodd-
Frank Act and its statutory purposes. The proposed rule and the IRFA 
reflect further consideration, analysis, and data collection by the 
Bureau.

B. Initial Regulatory Flexibility Analysis

    Under RFA section 603(a), an IRFA ``shall describe the impact of 
the proposed rule on small entities.'' \929\ Section 603(b) of the RFA 
sets forth the required elements of the IRFA. Section 603(b)(1) 
requires the IRFA to contain a description of the reasons why action by 
the agency is being considered.\930\ Section 603(b)(2) requires a 
succinct statement of the objectives of, and the legal basis for, the 
proposed rule.\931\ The IRFA further must contain a description of and, 
where feasible, an estimate of the number of small entities to which 
the proposed rule will apply.\932\ Section 603(b)(4) requires a 
description of the projected reporting, recordkeeping, and other 
compliance requirements of the proposed rule, including an estimate of 
the classes of small entities that will be subject to the requirement 
and the types of professional skills necessary for the preparation of 
the report or record.\933\ In addition, the Bureau must identify, to 
the extent practicable, all relevant Federal rules which may duplicate, 
overlap, or conflict with the proposed rule.\934\ Furthermore, the 
Bureau must describe any significant alternatives to the proposed rule 
which accomplish the stated objectives of applicable statutes and which 
minimize any significant economic impact of the proposed rule on small 
entities.\935\ Finally, as amended by the Dodd-Frank Act, RFA section 
603(d) requires that the IRFA include a description of any projected 
increase in the cost of credit for small entities, a description of any 
significant alternatives to the proposed rule which accomplish the 
stated objectives of applicable statutes and which minimize any 
increase in the cost of credit for small entities (if such an increase 
in the cost of credit is projected), and a description of the advice 
and recommendations of representatives of small entities relating to 
the cost of credit issues.\936\
---------------------------------------------------------------------------

    \929\ 5 U.S.C. 603(a).
    \930\ 5 U.S.C. 603(b)(1).
    \931\ 5 U.S.C. 603(b)(2).
    \932\ 5 U.S.C. 603(b)(3).
    \933\ 5 U.S.C. 603(b)(4).
    \934\ 5 U.S.C. 603(b)(5).
    \935\ 5 U.S.C. 603(c).
    \936\ 5 U.S.C. 603(d)(1); Dodd-Frank Act section 1100G(d)(1), 
124 Stat. 2112.
---------------------------------------------------------------------------

1. Description of the Reasons Why Agency Action Is Being Considered
    As discussed in part I above, section 1071 of the Dodd-Frank Act 
amended ECOA to require that financial institutions collect and report 
to the Bureau certain data regarding applications for credit for women-
owned, minority-owned, and small businesses.\937\ Section 1071's 
statutory purposes are (1) to facilitate enforcement of fair lending 
laws, and (2) to enable communities, governmental entities, and 
creditors to identify business and community development needs and 
opportunities of women-owned, minority-owned, and small businesses.
---------------------------------------------------------------------------

    \937\ ECOA section 704B.
---------------------------------------------------------------------------

    Section 1071 specifies a number of data points that financial 
institutions are required to collect and report, and also provides 
authority for the Bureau to require any additional data that the Bureau 
determines would aid in fulfilling its statutory purposes. Section 1071 
also contains a number of other requirements, including those that 
address restricting the access of underwriters and other persons to 
certain 1071 data, publication of 1071 data, and the Bureau's 
discretion to modify or delete data prior to publication in order to 
advance a privacy interest.
    As discussed throughout this notice, Congress amended ECOA by 
adding section 1071, which directs the Bureau to adopt regulations 
governing the collection and reporting of small business lending data. 
Section 1071 directs the Bureau to prescribe such rules and issue such 
guidance as may be necessary to carry out, enforce, and compile data 
pursuant to section 1071, and permits the Bureau to adopt exceptions to 
any requirement or to exempt financial institutions from the 
requirements of section 1071 as the Bureau deems necessary or 
appropriate to carry out the purposes of section 1071.
    In addition, as discussed in part II above, currently available 
data on small business lending are fragmented, incomplete, and not 
standardized, making it difficult to make meaningful comparisons across 
products, financial institutions, and over time. This hinders attempts 
by policymakers and other stakeholders to understand the size, shape, 
and dynamics of the small business lending marketplace, including the 
interaction of supply and demand, as well as potentially problematic 
lending practices, gaps, or trends in funding that may be holding back 
some communities.\938\
---------------------------------------------------------------------------

    \938\ While Call Report and CRA data provide some indication of 
the level of supply of small business credit, the lack of data on 
small business credit applications makes demand for credit by small 
businesses more difficult to assess, including with respect to local 
markets or protected classes.
---------------------------------------------------------------------------

    Data collected under the proposed rule would constitute the largest 
and most comprehensive data in the United States on credit availability 
for small businesses. The proposed data collection would also provide 
an unprecedented window into the small business lending market, and 
such transparency will benefit financial institutions covered by the 
rule. The public data published under the proposed rule would allow 
financial institutions to better understand the demand for small 
business credit products and the conditions under which they are being 
supplied by other lenders. Lenders would likely use the data to 
understand small business lending market conditions more effectively 
and at a more granular level than is possible with existing data 
sources, such as Call Reports, data from public lending programs, or 
privately purchased data. Data collected under the proposed rule could 
enable lenders to identify promising opportunities to extend credit.
    The proposed rule will also provide some reduction of the 
compliance burden of fair lending reviews for lower risk financial 
institutions by reducing the ``false positive'' rates during fair 
lending review prioritization by regulators. Currently, financial 
institutions are subject to fair lending reviews by regulators to 
ensure that they

[[Page 56568]]

are complying with the ECOA in their small business lending processes. 
Data reported under the proposed rule will allow regulators to 
prioritize fair lending reviews of lenders with higher risk of 
potential fair lending violations, which reduces the burden on 
institutions with lower fair lending risk.
    The proposed rule effectuates Congress's specific mandate to the 
Bureau to adopt rules to implement section 1071. For a further 
description of the reasons why agency action is being considered, see 
the background discussion for the proposed rule in part II above.
2. Succinct Statement of the Objectives of, and Legal Basis for, the 
Proposed Rule
    This rulemaking has multiple objectives. The proposed rule is 
intended to advance the two statutory purposes of section 1071, which 
are (1) facilitating enforcement of fair lending laws and (2) enabling 
communities, governmental entities, and creditors to identify business 
and community development needs and opportunities of women-owned, 
minority-owned, and small businesses. To achieve these objectives, the 
proposed rule would require covered financial institutions to collect 
and report certain data on applications for covered credit transactions 
for small businesses, including minority-owned and women-owned small 
businesses. The data to be collected and reported would include a 
number of statutorily required data fields regarding small business 
applications, as well as several additional data fields that the Bureau 
preliminarily determines would help fulfill the purposes of section 
1071. The Bureau would make available to the public, annually on the 
Bureau's website, the data submitted to it by financial institutions, 
subject to deletions or modifications made by the Bureau, at its 
discretion, if the Bureau determines that such deletions or 
modifications would advance a privacy interest.
    As described above, the Dodd-Frank Act amended ECOA by adding 
section 1071, which directs the Bureau to adopt regulations governing 
the collection and reporting of small business lending data. ECOA 
section 704B(g)(1) grants the Bureau general rulemaking authority, 
providing that the Bureau shall prescribe such rules and issue such 
guidance as may be necessary to carry out, enforce, and compile data 
pursuant to section 1071. Section 704B(g)(2) also permits the Bureau to 
adopt exceptions to any requirement of section 1071 and to 
conditionally or unconditionally exempt any financial institution or 
class of financial institutions from the requirements of section 1071, 
as the Bureau deems necessary or appropriate to carry out the purposes 
of section 1071. In addition, section 703(a) of ECOA authorizes the 
Bureau to prescribe regulations to carry out the purposes of ECOA.
    Much of section 1071 establishes requirements or obligations for 
financial institutions that the Bureau would implement in this proposed 
rule. ECOA section 704B(e)(2) requires that the information compiled 
and maintained be itemized in order to clearly and conspicuously 
disclose an enumerated list of data points. Section 704B(e)(2)(H) 
requires financial institutions to collect and report any additional 
data that the Bureau determines would aid in fulfilling the purposes of 
section 1071. Other parts of section 1071 require the Bureau to adopt 
regulations to implement certain requirements, including how financial 
institutions must compile and maintain data pursuant to section 1071, 
and the form of information made available by financial institutions to 
the public and the form and manner that the Bureau itself should make 
1071 data available to the public generally. Additional section 1071 
provisions give the Bureau the discretionary authority to delete or 
modify 1071 data before making it available to the public if the Bureau 
determines that the deletion or modification of the data would advance 
a privacy interest, and to compile and aggregate 1071 data for its own 
use, as well as to make public such compilations of aggregate data. The 
legal basis for the proposed rule is discussed in detail in the legal 
authority analysis in part IV and in the section-by-section analyses in 
part V above.
3. Description of and, Where Feasible, Provision of an Estimate of the 
Number of Small Entities to Which the Proposed Rule Will Apply
    As discussed in the SBREFA Panel Report,\939\ for the purposes of 
assessing the impacts of the proposed rule on small entities, ``small 
entities'' is defined in the RFA to include small businesses, small 
nonprofit organizations, and small government jurisdictions.\940\ A 
``small business'' is determined by application of SBA regulations in 
reference to the North American Industry Classification System (NAICS) 
classification and size standards.\941\ Under such standards, the 
Bureau identified several categories of small entities that may be 
subject to the proposed provisions: Depository institutions; fintech 
lenders and MCA providers; commercial finance companies; nondepository 
CDFIs; nondepository lenders of other 5+ unit mortgages; Farm Credit 
System members; and governmental lending entities. The NAICS codes 
covered by these categories are described below.
---------------------------------------------------------------------------

    \939\ See SBREFA Panel Report at 41-42.
    \940\ 5 U.S.C. 601(6).
    \941\ The current SBA size standards are found on SBA's website, 
Small Bus. Admin., Table of size standards (Aug. 19, 2019), http://www.sba.gov/content/table-small-businesssize-standards.
---------------------------------------------------------------------------

    The following table provides the Bureau's estimate of the number 
and types of entities that may be affected by the proposed rule:

[[Page 56569]]

[GRAPHIC] [TIFF OMITTED] TP08OC21.016

    The following paragraphs describe the categories of entities that 
the Bureau expects would be affected by the proposed rule.
    Depository institutions (banks and credit unions): The Bureau 
estimates that there are about 4,100 banks, savings associations, and 
credit unions engaged in small business lending that originate enough 
covered transactions to be covered by the proposed rule.\942\ These 
companies potentially fall into four different industry categories, 
including ``Commercial Banking'' (NAICS 522110), ``Savings 
Institutions'' (NAICS 522120), ``Credit Unions'' (NAICS 522130), and 
``Credit Card Issuing'' (NAICS 522210). All of these industries have a 
size standard threshold of $600 million in assets. The Bureau estimates 
that about 2,700 of these institutions are small entities according to 
this threshold. See part VII.D above for more detail on how the Bureau 
arrived at these estimates.
---------------------------------------------------------------------------

    \942\ The Bureau notes that the category of depository 
institutions also includes CDFIs that are also depository 
institutions.
---------------------------------------------------------------------------

    Fintech lenders and MCA providers: As discussed in more detail in 
part II.D above, the Bureau estimates that there are about 130 fintech 
lenders and MCA providers engaged in small business lending that 
originate enough covered transactions to be covered by the proposed 
rule. These companies span multiple industries, including ``All Other 
Nondepository Credit Intermediation'' (NAICS 522298), ``Consumer 
Lending'' (NAICS 522291), ``Financial Transactions, Processing, 
Reserve, and Clearinghouse Activities'' (NAICS 522320), and ``Data 
Processing, Housing and Related Services'' (NAICS 518210). All of these 
industries have a size standard threshold of $35 million in sales 
(NAICS 518210) or $41.5 million in sales (all other NAICS). The

[[Page 56570]]

Bureau assumes that about 90 percent, or 117, of these entities are 
small according to these size standards.
    Commercial finance companies: As discussed in more detail in part 
II.D above, the Bureau estimates that there are about 300 commercial 
finance companies, including captive and independent financing, engaged 
in small business lending that originate enough covered credit 
transactions to be covered by the proposed rule. These companies span 
multiple industries, including ``Software Publishers'' (NAICS 511210), 
``Commercial Air, Rail, and Water Transportation Equipment Rental and 
Leasing'' (NAICS 532411), ``Other Commercial and Industrial Machinery 
and Equipment Rental and Leasing'' (NAICS 532490), ``Sales financing'' 
(NAICS 522220) and ``Consumer Lending'' (NAICS 522291). These 
industries have size standard thresholds of $41.5 million in sales 
(NAICS 511210 and 522220) or $35 million in sales (NAICS 532411, 
532490, and 522291). The Bureau assumes that about 90 percent, or 270, 
commercial finance companies are small according to these size 
standards.
    Nondepository CDFIs: As discussed in more detail in part II.D 
above, the Bureau estimates that there are 240 nondepository CDFIs 
engaged in small business lending that originate enough covered credit 
transactions to be covered by the proposed rule. CDFIs generally fall 
into ``Activities Related to Credit Intermediation (Including Loan 
Brokers)'' (NAICS 522390), ``Miscellaneous Intermediation'' (NAICS 
523910), ``Civic and Social Organizations'' (NAICS 813410), and 
``Mortgage and Nonmortgage Loan Brokers'' (NAICS 522310). These 
industries have size standard thresholds of $8 million in sales (NAICS 
522310, 813410), $22 million in sales (NAICS 522390), and $41.5 million 
in sales (NAICS 523910). The Bureau assumes that about 95 percent, or 
228, nondepository CDFIs are small entities.
    Nondepository lenders of other 5+ unit mortgages: As discussed in 
more detail in part II.D above, the Bureau estimates that there are 
about 50 nondepository mortgage lenders engaged in small business 
lending that originate enough covered credit transactions to be covered 
by the proposed rule. These institutions are in either ``Real estate 
credit'' (NAICS 522292) or ``Mortgage and Nonmortgage Loan Brokers'' 
(NAICS 522310). These industries both have a size standard threshold of 
$41.5 million. The Bureau estimates that about 90 percent, or 45, 
nondepository mortgage lenders are small entities.
    Farm Credit System members: The Bureau estimates that there are 72 
members of the Farm Credit System (banks and associations) that are 
engaged in small business lending and that originate enough covered 
credit transactions to be covered by the proposed rule.\943\ These 
institutions are in the ``All Other Nondepository Credit 
Intermediation'' (NAICS 522298) industry. The size standard for this 
industry is $41.5 million in sales. The Bureau estimates that 18 
members of the Farm Credit System are small entities.
---------------------------------------------------------------------------

    \943\ Fed. Farm Credit Banks Funding Corp., Farm Credit 2019 
Annual Information Statement of the Farm Credit System, at 7 (Feb. 
28, 2020), https://www.farmcreditfunding.com/ffcb_live/serve/public/pressre/finin/report.pdf?assetId=395570. The Bureau notes that Farm 
Credit System banks do not report FFIEC Call Reports and are thus 
not counted in the number of banks and savings associations 
discussed above.
---------------------------------------------------------------------------

    Governmental lending entities: As discussed in more detail in part 
II.D above, the Bureau estimates that there are about 100 governmental 
lending entities engaged in small business lending that originate 
enough covered credit transactions to be covered by the proposed rule. 
``Small governmental jurisdictions'' are the governments of cities, 
counties, towns, townships, villages, school districts, or special 
districts, with a population of less than fifty thousand. The Bureau 
assumes that none of the governmental lending entities covered by the 
proposed rule are considered small.
4. Projected Reporting, Recordkeeping, and Other Compliance 
Requirements of the Proposed Rule, Including an Estimate of the Classes 
of Small Entities Which Will Be Subject to the Requirement and the Type 
of Professional Skills Necessary for the Preparation of the Report
    Reporting requirements. ECOA section 704B(f)(1) provides that 
``[t]he data required to be compiled and maintained under [section 
1071] by any financial institution shall be submitted annually to the 
Bureau.'' Section 1071 requires financial institutions to collect and 
report information regarding any application for ``credit'' made by 
women-owned, minority-owned, and small businesses. The Bureau is also 
proposing that the following transactions are not covered by the rule: 
leases, factoring, consumer-designated credit, credit secured by 
certain properties, trade credit, public utilities credit, securities 
credit, and incidental credit.
    Under the proposed rule, financial institutions would be required 
to report data on small business credit applications if they originated 
at least 25 covered transactions in each of the previous two calendar 
years. The Bureau is proposing that 1071 data collection be done on a 
calendar-year basis and submitted to the Bureau by a specified time 
after the end of each calendar year. The section-by-section analyses of 
the proposed rule in part V above discuss the required data points and 
the scope of the proposed rule in greater detail. More information is 
also available in section 3 of the SBREFA Panel Report.
    Recordkeeping requirements. ECOA section 704B(f)(2)(A) requires 
that information compiled and maintained under section 1071 be 
``retained for not less than 3 years after the date of preparation.'' 
The Bureau is proposing that financial institutions retain 1071 data 
for at least three years after it is submitted to the Bureau. Further, 
704B(f)(2) generally requires that the information compiled and 
maintained by financial institutions, and submitted annually to the 
Bureau, be made available to the public. Publication of these data 
would fill existing gaps in the public's general understanding of the 
small business lending environment and help identify potential fair 
lending concerns regarding small businesses as well as the needs and 
opportunities for both business and community development. In 
accordance with 704B(e)(3), the Bureau is also proposing a prohibition 
on including certain personally identifiable information about any 
individuals associated with small business applicants in the data that 
a financial institution is required to compile, maintain, and report to 
the Bureau, other than information specifically required to be 
collected and reported (such as the race, sex, and ethnicity of 
principal owners). Financial institutions must, unless subject to an 
exception, limit the access of a certain officers and employees to 
applicants' responses to the inquiries regarding women-owned and 
minority-owned business status, as well as the race, sex, and ethnicity 
of principal owners. In addition, applicants' responses to the 
inquiries regarding women-owned and minority-owned business status, as 
well as the race, sex, and ethnicity of principal owners, must be 
maintained separately from the application and accompanying 
information.
    Costs to small entities. The Bureau expects that the proposed rule 
may impose one-time and ongoing costs on small-entity providers of 
credit to small businesses. The Bureau has preliminarily identified 
eight categories of one-time costs that make up the components 
necessary for a financial

[[Page 56571]]

institution to develop the infrastructure to collect and report data 
required by the eventual 1071 rule. Those categories are preparation/
planning; updating computer systems; testing/validating systems; 
developing forms/applications; training staff and third parties (such 
as dealers and brokers); developing policies/procedures; legal/
compliance review; and post-implementation review of compliance 
policies and procedures. The Bureau conducted a survey regarding 
potential one-time implementation costs for section 1071 compliance 
targeted at financial institutions who extend small business credit. 
The Bureau used the results of this survey to estimate the one-time 
costs for financial institutions covered by the proposed rule using the 
methodology described in part VII.E.1 above. The Bureau estimates that 
depository institutions with the lowest level of complexity in 
compliance operations (i.e., Type A DIs) would incur one-time costs of 
$58,400. The Bureau estimates that depository institutions with a 
middle level of complexity in compliance operations (i.e., Type B DIs) 
would incur one-time costs of $44,500. The Bureau estimates that 
depository institutions with the highest level of complexity in 
compliance operations (i.e., Type C DIs) would incur one-time costs of 
$75,700. Finally, the Bureau estimates that Non-DIs would incur one-
time costs of $95,200.
    The Bureau estimates that the overall market impact of one-time 
costs for small depository institutions will be between $143,000,000 
and $153,000,000.\944\ The Bureau estimates that the overall market 
impact of one-time costs for Non-DIs will be $63,000,000.
---------------------------------------------------------------------------

    \944\ The Bureau notes that the variation in this range comes 
primarily from the uncertainty in the number of originations made by 
small banks and savings associations. The range does not fully 
account for the uncertainty associated with estimates of the one-
time costs for each type of institution.
---------------------------------------------------------------------------

    Adapting ongoing cost methodology from previous HMDA rulemaking 
efforts, the Bureau identified 15 specific data collection and 
reporting activities that would impose ongoing costs to financial 
institutions covered by the rule.\945\ The Bureau estimated that 
financial institutions with the lowest level of complexity in 
compliance operations (i.e. Type A FIs) would incur around $7,386 in 
total annual ongoing costs, or about $74 in total cost per application 
processed (assuming a representative 100 applications per year). For 
financial institutions of this type, the largest drivers of the ongoing 
costs are activities that require employee time to complete. Activities 
like transcribing data, transferring data to the data management 
software, standard edits and internal checks, and training all require 
loan officer time. The Bureau estimates that financial institutions 
with a middle level of complexity in compliance operations (i.e. Type B 
FIs), which is somewhat automated, would incur approximately $35,476 in 
additional ongoing costs per year, or around $89 per application 
(assuming a representative 400 applications per year). The largest 
components of this ongoing cost are the expenses of the small business 
application management software and geocoding software (in the form of 
an annual software subscription fee) and the external audit of the 
data. The Bureau estimates that financial institutions with the highest 
level of complexity in compliance operations (i.e. Type C FIs), which 
is significantly automated, would incur approximately $243,266 in 
additional ongoing costs per year, or around $41 per application 
(assuming a representative 6,000 applications per year). The largest 
components of this ongoing cost are the cost of an internal audit, 
transcribing data, and annual edits and internal checks.
---------------------------------------------------------------------------

    \945\ The Bureau applied the same methodology for the ongoing 
costs for small entities as that found in part VII.E.2 above.
---------------------------------------------------------------------------

    The Bureau estimates that the overall market impact of ongoing 
costs for small entities will be between $112,000,000 and $126,000,000 
per year.
    Estimate of the classes of small entities that will be subject to 
the requirement and the type of professional skills necessary for the 
preparation of the report or record. Section 603(b)(4) of the RFA also 
requires an estimate of the type of professional skills necessary for 
the preparation of the reports or records. The recordkeeping and 
compliance requirements of the proposed rule that would affect small 
entities are summarized above. Based on outreach with financial 
institutions, vendors, and governmental agency representatives, the 
Bureau classified the operational activities that financial 
institutions would likely use for Section 1071 data collection and 
reporting into 15 operational ``tasks'' which can be further grouped 
into four ``primary tasks.'' These are:
    1. Data collection: Transcribing data, resolving reportability 
questions, and transferring data to a 1071 data management system.
    2. Reporting and resubmission: Geocoding, standard annual edit and 
internal checks, researching questions, resolving question responses, 
checking post-submission edits, filing post- submission documents, and 
using vendor data management software.
    3. Compliance and internal audits: Training, internal audits, and 
external audits.
    4. Section 1071-related exams: Exam preparation and exam 
assistance.
    All these tasks are related to the preparation of reports or 
records and most of them are performed by compliance personnel in the 
compliance department of financial institutions. For some financial 
institutions, however, the data intake and transcribing stage could 
involve loan officers or processors whose primary function is to 
evaluate or process loan applications. For example, at some financial 
institutions the loan officers would take in information from the 
applicant to complete the application and input that information into 
the reporting system. However, the Bureau believes that such roles 
generally do not require any additional professional skills related to 
recordkeeping or other compliance requirements of this proposed rule 
that are not otherwise required during the ordinary course of business 
for small entities.
    The type of professional skills required for compliance varies 
depending on the particular task involved. For example, data 
transcribing requires data entry skills. Transferring data to a data 
entry system and using vendor data management software requires 
knowledge of computer systems and the ability to use them. Researching 
and resolving reportability questions requires a more complex 
understanding of the regulatory requirements and the details of the 
relevant line of business. Geocoding requires skills in using the 
geocoding software, web systems, or, in cases where geocoding is 
difficult, knowledge of the local area in which the property is 
located. Standard annual editing, internal checks, and post-submission 
editing require knowledge of the relevant data systems, data formats, 
and section 1071 regulatory requirements in addition to skills in 
quality control and assurance. Filing post-submission documents 
requires skills in information creation, dissemination, and 
communication. Training, internal audits, and external audits require 
communications skills, educational skills, and regulatory knowledge. 
Section 1071-related exam preparation and exam assistance involve 
knowledge of regulatory requirements, the relevant line of business, 
and the relevant data systems.

[[Page 56572]]

    The Standard Occupational Classification (SOC) code has compliance 
officers listed under code 13-1041. The Bureau believes that most of 
the skills required for preparation of the reports or records related 
to this proposal are the skills required for job functions performed in 
this occupation. However, the Bureau recognizes that under this general 
occupational code there is a high level of heterogeneity in the type of 
skills required as well as the corresponding labor costs incurred by 
the financial institutions performing these functions. During the 
SBREFA process, some SERs noted that, for instance, high-level 
corporate officers such as CEOs and senior vice presidents could be 
directly involved in some regulatory tasks. As such, the Bureau seeks 
comment regarding the skills required for the preparation of the 
records related to this proposed rule.
    The Bureau acknowledges the possibility that certain aspects of the 
proposed rule may require some small entities to hire additional 
compliance staff. The Bureau has no evidence that such additional staff 
will possess a qualitatively different set of professional skills than 
small entity staff employed currently for compliance purposes. It is 
possible, however, that compliance with the proposed rule may emphasize 
certain skills. For example, new data points may increase demand for 
skills involved in researching questions, standard annual editing, and 
post-submission editing. Nevertheless, the Bureau believes that 
compliance would still involve the general set of skills identified 
above. The recordkeeping and reporting requirements associated with 
this proposal would also involve skills for information technology 
system development, integration, and maintenance. Financial 
institutions required to report data under HMDA often use data 
management systems called HMDA Management Systems (HMS) for existing 
regulatory purposes. A similar software for reporting the data required 
under the proposed rule could be developed by the institution 
internally or purchased from a third-party vendor. It is possible that 
other systems used by financial institutions, such as loan origination 
systems, might also need to be upgraded to capture new data fields 
required to be collected and reported under the proposed rule. The 
professional skills required for this one-time upgrade would be related 
to software development, testing, system engineering, information 
technology project management, budgeting and operation.
5. Identification, to the Extent Practicable, of All Relevant Federal 
Rules Which May Duplicate, Overlap, or Conflict With the Proposed Rule
    The proposed rule contains requirements related to the collection 
and reporting of small business lending information by certain 
financial institutions and publication by the Bureau. In its SBREFA 
Outline, the Bureau identified certain other Federal statutes and 
regulations that relate in some fashion to these areas and has 
considered the extent to which they may duplicate, overlap, or conflict 
with this proposal.\946\ The SBREFA Panel Report included an updated 
list of these Federal statutes and regulations, as informed by SER 
feedback.\947\ Each of the statutes and regulations identified in the 
SBREFA Panel Report is discussed below.
---------------------------------------------------------------------------

    \946\ Rules are duplicative or overlapping if they are based on 
the same or similar reasons for the regulation, the same or similar 
regulatory goals, and if they regulate the same classes of industry. 
Rules are conflicting when they impose two conflicting regulatory 
requirements on the same classes of industry.
    \947\ See SBREFA Panel Report at app. C.
---------------------------------------------------------------------------

    ECOA, implemented by the Bureau's Regulation B (12 CFR part 1002), 
prohibits creditors from discriminating in any aspect of a credit 
transaction, including a business-purpose transaction, on the basis of 
race, color, religion, national origin, sex (including sexual 
orientation and gender identity), marital status, age (if the applicant 
is old enough to enter into a contract), receipt of income from any 
public assistance program, or the exercise in good faith of a right 
under the Consumer Credit Protection Act. The Bureau has certain 
oversight, enforcement, and supervisory authority over ECOA 
requirements and has rulemaking authority under the statute.
    Regulation B generally prohibits creditors from inquiring about an 
applicant's race, color, religion, national origin, or sex (including 
sexual orientation and gender identity), with limited exceptions, 
including if it is required by law. Regulation B requires creditors to 
request information about the race, ethnicity, sex, marital status, and 
age of applicants for certain dwelling-secured loans and to retain that 
information for certain periods. Regulation B requires this data 
collection for credit primarily for the purchase or refinancing of a 
dwelling occupied or to be occupied by the applicant as a principal 
residence, where the extension of credit will be secured by the 
dwelling, and requires the data to be maintained by the creditor for 25 
months for purposes of monitoring and enforcing compliance with ECOA/
Regulation B and other laws. Section 1071 of the Dodd-Frank Act amended 
ECOA to require financial institutions to compile, maintain, and submit 
to the Bureau certain data on credit applications by women-owned, 
minority-owned, and small businesses.
    The Small Business Act,\948\ administered through the SBA, defines 
a small business concern as a business that is ``independently owned 
and operated and which is not dominant in its field of operation'' and 
empowers the Administrator to prescribe detailed size standards by 
which a business concern may be categorized as a small business. The 
SBA has adopted more than one thousand industry-specific size 
standards, classified by 6-digit NAICS codes, to determine whether a 
business concern is ``small.'' In addition, the Small Business Act 
authorizes loans for qualified small business concerns for purposes of 
plant acquisition, construction, conversion, or expansion, including 
the acquisition of land, material, supplies, equipment, and working 
capital. The SBA sets the guidelines that govern the ``7(a) loan 
program,'' determining which businesses financial institutions may lend 
to through the program and the type of loans they can provide. The 
Bureau's proposed rule would include reporting on SBA lending and 
guarantee programs.
---------------------------------------------------------------------------

    \948\ 15 U.S.C. 631 et seq.
---------------------------------------------------------------------------

    The CRA, implemented through regulations issued by the OCC, the 
Board, and the FDIC, requires some institutions to collect, maintain, 
and report certain data about small business, farm, and consumer 
lending to ensure they are serving their communities. The purpose of 
the CRA is to encourage institutions to help meet the credit needs of 
the local communities in which they do business, including low- and 
moderate-income neighborhoods. The Bureau has been working with the CRA 
regulatory agencies to ensure that a 1071 rule and the CRA do not 
conflict and that 1071 data can be used as part of the CRA compliance 
process.
    The Riegle Community Development and Regulatory Improvement Act of 
1994\949\ authorized the Community Development Financial Institution 
Fund (CDFI Fund). The Department of the Treasury administers the 
regulations that govern the CDFI Fund. A certified CDFI is a 
specialized financial institution that works in markets that are 
underserved by traditional financial institutions, including regulated 
institutions such as community

[[Page 56573]]

development banks and credit unions, and non-regulated institutions 
such as loan and venture capital funds. The CDFI program includes an 
annual mandatory Certification and Data Collection Report. The Bureau 
is proposing to require that financial institutions reporting 1071 data 
identify if they are CDFIs.
---------------------------------------------------------------------------

    \949\ 12 U.S.C. 4701 et seq.
---------------------------------------------------------------------------

    HMDA, implemented by the Bureau's Regulation C (12 CFR part 1003), 
requires lenders who meet certain coverage tests to collect, report, 
and disclose detailed information to their Federal supervisory agencies 
about mortgage applications and loans at the transaction level. The 
HMDA data are a valuable source for regulators, researchers, 
economists, industry, and advocates assessing housing needs, public 
investment, and possible discrimination as well as studying and 
analyzing trends in the mortgage market for a variety of purposes, 
including general market and economic monitoring. There may be some 
overlap between what is required to be reported under HMDA and what is 
proposed to be covered by section 1071 for certain credit applications 
secured by dwellings.
    The Currency and Foreign Transactions Reporting Act,\950\ as 
amended by the USA PATRIOT Act,\951\ and commonly referred to as the 
Bank Secrecy Act, authorized the Financial Crimes Enforcement Network 
(FinCEN), a bureau of the Department of the Treasury, to combat money 
laundering and promote financial security. FinCEN regulations require 
covered financial institutions to establish and maintain written 
procedures that are reasonably designed to identify and verify 
beneficial owners of legal entity customers, which is sometimes called 
the customer due diligence (CDD) rule.
---------------------------------------------------------------------------

    \950\ Public Law 91-508, tit. II, 84 Stat. 1118 (1970).
    \951\ Public Law 107-56, 115 Stat. 272 (2001).
---------------------------------------------------------------------------

    The Federal Credit Union Act, implemented by the NCUA (12 CFR part 
1756), requires Federal credit unions to make financial reports as 
specified by the agency. The NCUA requires quarterly reports of the 
total number of outstanding loans, total outstanding loan balance, 
total number of loans granted or purchased year-to-date, total amount 
granted or purchased year-to-date for commercial loans to members, not 
including loans with original amounts less than $50,000. The NCUA also 
requires quarterly reports of the total number and total outstanding 
balance (including the guaranteed portion) of loans originated under an 
SBA loan program.
    The Federal Deposit Insurance Act,\952\ implemented by the FDIC (12 
CFR part 304), requires insured banks and savings associations to file 
Call Reports in accordance with applicable instructions. These 
instructions require quarterly reports of loans to small businesses, 
defined as loans for commercial and industrial purposes to sole 
proprietorships, partnerships, corporations, and other business 
enterprises and loans secured by non-farm non-residential properties 
with original amounts of $1 million or less. In accordance with 
amendments by the Federal Deposit Insurance Corporation Improvement Act 
of 1991,\953\ the instructions require quarterly reports of loans to 
small farms, defined as loans to finance agricultural production, other 
loans to farmers, and loans secured by farmland (including farm 
residential and other improvements) with original amounts of $500,000 
or less. The Bureau intends to work with the FDIC to ensure that a 1071 
rule and the Federal Deposit Insurance Act do not conflict.
---------------------------------------------------------------------------

    \952\ 12 U.S.C. 1811 et seq.
    \953\ Public Law 102-242, 105 Stat. 2236 (1991).
---------------------------------------------------------------------------

    The Bureau requests comment to identify any additional such Federal 
statutes or regulations that impose duplicative, overlapping, or 
conflicting requirements on financial institutions and potential 
changes to the proposed rules in light of duplicative, overlapping, or 
conflicting requirements.
6. Description of Any Significant Alternatives to the Proposed Rule 
Which Accomplish the Stated Objectives of Applicable Statutes and 
Minimize Any Significant Economic Impact of the Proposed Rule on Small 
Entities
    In drafting this proposed rule, the Bureau considered multiple 
financial institution reporting thresholds. In particular, the Bureau 
considered whether to exempt financial institutions with fewer than 50 
or 100 originations of covered credit transactions for small businesses 
in each of the two preceding calendar years, instead of 25 originations 
as proposed. The Bureau also considered whether to exempt depository 
institutions with assets under $100 million or $200 million from 
section 1071's data collection and reporting requirements. The Bureau 
understands that some burden reduction may result from a threshold 
higher than 25 loans. However, the Bureau is concerned that a higher 
threshold would result in the elimination of data that are important in 
fulfilling the purposes of section 1071. Therefore, the Bureau is 
proposing an originations threshold of at least 25 covered transactions 
in each of the previous two calendar years.
    The following table shows the estimated impact that different 
reporting thresholds the Bureau considered would have had on financial 
institution coverage. For the purposes of considering the asset-based 
threshold alternatives, the Bureau estimates how institutional coverage 
and costs would be different if the Bureau required a 25-origination 
threshold in addition to an asset-based threshold for depository 
institutions. For the asset-based threshold alternatives, the Bureau 
assumes that the alternative proposal would have been that a depository 
institution would be required to report its small business lending 
activity for 2019 if it had more than 25 originations in both 2017 and 
2018 and had assets over the asset-based threshold on December 31, 
2018. The Bureau further assumes that if two institutions merged in 
2019 then the resulting institution would be required to report if the 
sum of the separate institutions' assets on December 31, 2018 exceeded 
the asset-based threshold.

[[Page 56574]]

[GRAPHIC] [TIFF OMITTED] TP08OC21.017

    Further, the Bureau is proposing a number of discretionary data 
points (i.e., data points that are not expressly listed in section 1071 
but that the Bureau is proposing to add pursuant to its authority under 
ECOA section 704B(e)(2)(H)) in this rule. The Bureau concluded that 
seven discretionary data points (application channel, application 
recipient, pricing, number of principal owners, NAICS code, number of 
workers, and time in business) would help the data collection fulfill 
the purposes of section 1071.
    During the SBREFA process, SERs provided detailed feedback on the 
discretionary data points that the Bureau is considering.\954\ One SER 
stated that the cost of collecting and reporting the discretionary data 
points under consideration would be significant, and another SER stated 
that the Bureau should include as few data points as possible to avoid 
unnecessary costs. Another SER stated that the Bureau should finalize a 
rule with just the statutorily required data points and avoid adding 
any discretionary data points. Other SERs favored or opposed the 
inclusion of some or all of the individual discretionary data points 
under consideration during the SBREFA process.
---------------------------------------------------------------------------

    \954\ The SER feedback discussed herein can be found in the 
SBREFA Panel Report at 30-32.
---------------------------------------------------------------------------

    The Bureau understands that discretionary data points may introduce 
additional burden to small entities. However, the Bureau has 
preliminarily determined that these data points would aid in fulfilling 
the statutory purposes of section 1071--facilitating enforcement of 
fair lending laws and enabling communities, governmental entities, and 
creditors to identify business and community development needs and 
opportunities of women-owned, minority-owned, and small businesses. The 
Bureau seeks comment on the likely impact of the proposed rule on the 
compliance cost to small entities.
7. Discussion of Impact on Cost of Credit for Small Entities
    Three types of costs (one-time, fixed ongoing, and variable 
ongoing) have the potential to influence the price and availability of 
credit to small businesses. In a competitive marketplace, standard 
microeconomics suggests that lenders will extend loans up to the point 
at which the value of granting an additional loan is equal to the 
additional cost associated with the financial institution providing the 
loan. One-time costs and fixed ongoing costs affect the overall 
profitability of a lender's loan portfolio but do not affect the 
profitability of extending an additional loan. Variable ongoing costs, 
however, affect the profitability of each additional loan and will 
influence the number of loans a lender provides. Based on the Bureau's 
available evidence, it expects that the variable ongoing costs to 
comply with the proposed rule will be passed on in full to small 
business credit applicants in the form of higher prices or fees to 
small businesses.
    During the SBREFA process, the Bureau asked SERs how they would 
respond to the cost of complying with the proposals under 
consideration.\955\ One nondepository SER did indicate that smaller 
firms in their industry may stop participating if one-time costs are 
too high, particularly if small business lending is a secondary aspect 
of their business model.\956\ Another nondepository SER indicated that 
significantly increasing the time between application and decision 
could occur due to the proposed requirements, which they said would 
threaten their ability to compete with other lenders. When asked if 
they expected the costs of the eventual 1071 rule to be passed on in 
the form of higher rates and fees, a number of SERs (from banks, credit 
unions, and nondepositories) indicated that they expected to do so at 
their institutions. However, a number of other SERs indicated that they 
did not believe an eventual 1071 rule would result in higher rates or 
fees. Several depository institution SERs said that they would be able 
to absorb the costs in their operating budgets as they have with 
previous regulations.
---------------------------------------------------------------------------

    \955\ SBREFA Outline at 50.
    \956\ The SER feedback discussed in this section-by-section 
analysis can be found in the SBREFA Panel Report at 40.
---------------------------------------------------------------------------

    In the One-Time Cost Survey, the Bureau asked respondents to rank a 
list of potential actions they may take in response to the compliance 
costs of implementing section 1071.\957\ Respondents ranked the 
following list: ``Raise rates or fees on small business products''; 
``Raise rates/fees on other credit products''; ``Accept lower 
profits''; ``Exit some geographic markets''; ``Tighten underwriting 
standards''; ``Offer fewer or less complex products''; ``No longer 
offer small business credit products''; or ``Other'' with two write-in 
options. Respondents ranked these options from ``1'' to ``9'' 
indicating their most to least likely responses. Respondents also had 
the opportunity to write in their own responses. Consistent with 
economic

[[Page 56575]]

theory, respondents reported that they would be most likely to raise 
rates or fees on small business products and other credit products. On 
average, respondents reported that they would be least likely to exit 
some geographic markets or cease offering small business credit 
products. Accordingly, the Bureau expects the likely impact of an 
eventual 1071 rule on the cost of credit to small entities to be higher 
rates and fees because financial institutions pass on the variable 
ongoing costs of the required data collection. The Bureau estimates 
that $28, $24, and $7 in variable costs would be passed through per 
application to Type A, B, and C FIs, respectively. To put these values 
in context, the Bureau estimates that the per application net income is 
in a range of $53,000-$60,500; $25,000-$28,500; and $79,000-$89,000 for 
banks and savings associations of Types A, B, and C, respectively.
---------------------------------------------------------------------------

    \957\ See One-Time Cost Survey at 11.
---------------------------------------------------------------------------

IX. Paperwork Reduction Act

    Under the Paperwork Reduction Act of 1995 (PRA),\958\ Federal 
agencies are generally required to seek approval from the Office of 
Management and Budget (OMB) for information collection requirements 
prior to implementation. Under the PRA, the Bureau may not conduct nor 
sponsor, and, notwithstanding any other provision of law, a person is 
not required to respond to, an information collection unless the 
information collection displays a valid control number assigned by OMB.
---------------------------------------------------------------------------

    \958\ 44 U.S.C. 3501 et seq.
---------------------------------------------------------------------------

    As part of its continuing effort to reduce paperwork and respondent 
burden, the Bureau conducts a preclearance consultation program to 
provide the general public and Federal agencies with an opportunity to 
comment on the information collection requirements in accordance with 
the PRA. This helps ensure that the public understands the Bureau's 
requirements or instructions, respondents can provide the requested 
data in the desired format, reporting burden (time and financial 
resources) is minimized, information collection instruments are clearly 
understood, and the Bureau can properly assess the impact of 
information collection requirements on respondents.
    The proposed rule would amend 12 CFR part 1002 (Regulation B), 
which implements the ECOA. The Bureau's OMB control number for 
Regulation B is 3170-0013. This proposed rule would revise the 
information collection requirements contained in Regulation B that OMB 
has approved under that OMB control number.
    Under the proposal, the Bureau would add four information 
collection requirements to Regulation B:

    1. Compilation of reportable data (proposed Sec.  1002.107), 
including a notice requirement (in proposed Sec.  1002.107(a)(18) 
through (20)).
    2. Reporting data to the Bureau (proposed Sec.  1002.109).
    3. Firewall notice requirement (proposed Sec.  1002.108(d)).
    4. Recordkeeping (proposed Sec.  1002.111).

    The information collection requirements in this proposed rule would 
be mandatory. Certain data fields would be modified or deleted by the 
Bureau, in its discretion, to advance a privacy interest before the 
1071 data are made available to the public (as permitted by section 
1071 and the Bureau's proposed rule). The data that are not modified or 
deleted would be made available to the public and are not considered 
confidential. The rest of the data would be considered confidential if 
the information:
     Identifies any natural persons who might not be applicants 
(e.g., owners of a business where a legal entity is the applicant); or
     Implicates the privacy interests of financial 
institutions.
    The collections of information contained in this proposed rule, and 
identified as such, have been submitted to OMB for review under section 
3507(d) of the PRA. A complete description of the information 
collection requirements (including the burden estimate methods) is 
provided in the information collection request (ICR) that the Bureau 
has submitted to OMB under the requirements of the PRA. Please send 
your comments to the Office of Information and Regulatory Affairs, OMB, 
Attention: Desk Officer for the Bureau of Consumer Financial 
Protection. Send these comments by email to [email protected] 
or by fax to 202-395-6974. If you wish to share your comments with the 
Bureau, please send a copy of these comments as described in the 
Addresses section above. The ICR submitted to OMB requesting approval 
under the PRA for the information collection requirements contained 
herein is available at www.regulations.gov as well as on OMB's public-
facing docket at www.reginfo.gov.
    Title of Collection: Regulation B: Equal Credit Opportunity Act.
    OMB Control Number: 3170-0013.
    Type of Review: Revision of a currently approved collection.
    Affected Public: Private Sector; Federal and State Governments.
    Estimated Number of Respondents: 188,800.
    Estimated Total Annual Burden Hours: 5,688,000.
    Comments are invited on: (a) Whether the collection of information 
is necessary for the proper performance of the functions of the Bureau, 
including whether the information will have practical utility; (b) the 
accuracy of the Bureau's estimate of the burden of the collection of 
information, including the validity of the methods and the assumptions 
used; (c) ways to enhance the quality, utility, and clarity of the 
information to be collected; and (d) ways to minimize the burden of the 
collection of information on respondents, including through the use of 
automated collection techniques or other forms of information 
technology. Comments submitted in response to this proposal will be 
summarized and/or included in the request for OMB approval. All 
comments will become a matter of public record.
    If applicable, the notice of final rule will display the control 
number assigned by OMB to any information collection requirements 
proposed herein and adopted in the final rule.

List of Subjects in 12 CFR Part 1002

    Banks, Banking, Civil rights, Consumer protection, Credit, Credit 
unions, Marital status discrimination, National banks, Penalties.

Authority and Issuance

    For the reasons set forth in the preamble, the Bureau proposes to 
amend Regulation B, 12 CFR part 1002, as set forth below:

PART 1002--EQUAL CREDIT OPPORTUNITY ACT (REGULATION B)

0
1. The authority citation for part 1002 is revised to read as follows:

    Authority:  12 U.S.C. 5512, 5581; 15 U.S.C. 1691b. Subpart B is 
also issued under 15 U.S.C. 1691c-2.

Subpart A--General

0
2. Sections 1002.1 through 1002.16 are designated as subpart A under 
the heading set forth above.
0
3. Section 1002.5 is amended by revising paragraph (a)(4) introductory 
text and adding paragraphs (a)(4)(vii) through (ix) to read as follows:


Sec.  1002.5  Rules concerning requests for information.

    (a) General rules--
* * * * *
    (4) Other permissible collection of information. Notwithstanding 
paragraph (b) of this section, a creditor may collect

[[Page 56576]]

information under the following circumstances provided that the 
creditor collects the information in compliance with appendices F and G 
to this part, or appendix B to 12 CFR part 1003, as applicable:
* * * * *
    (vii) A creditor that was required to report small business lending 
data pursuant to Sec.  1002.109 for any of the preceding five calendar 
years but is not currently a covered financial institution under Sec.  
1002.105(b) may collect information pursuant to subpart B of this part 
for a covered application as defined in Sec.  1002.103 regarding 
whether the applicant is a minority-owned business or a women-owned 
business, and the ethnicity, race, and sex of the applicant's principal 
owners if it complies with the requirements of subpart B as otherwise 
required for covered financial institutions pursuant to Sec. Sec.  
1002.107, 1002.108, 1002.111, 1002.112, and 1002.114 for that 
application.
    (viii) A creditor that exceeded the loan-volume threshold in the 
first year of the two-year threshold period provided in Sec.  
1002.105(b) may, in the second year, collect information pursuant to 
subpart B of this part for a covered application as defined in Sec.  
1002.103 regarding whether the applicant is a minority-owned business 
or a women-owned business, and the ethnicity, race, and sex of the 
applicant's principal owners if it complies with the requirements of 
subpart B as otherwise required for covered financial institutions 
pursuant to Sec. Sec.  1002.107, 1002.108, 1002.111, 1002.112, and 
1002.114 for that application.
    (ix) A creditor that is not currently a covered financial 
institution under Sec.  1002.105(b), and is not otherwise a creditor to 
which Sec.  1002.5(a)(4)(vii) or (viii) applies, may collect 
information pursuant to subpart B of this part for a covered 
application as defined in Sec.  1002.103 regarding whether an applicant 
for a covered credit transaction is a minority-owned business or a 
women-owned business, and the ethnicity, race, and sex of the 
applicant's principal owners for a transaction if it complies with the 
requirements of subpart B as otherwise required for covered financial 
institutions pursuant to Sec. Sec.  1002.107 through 1002.112 and 
1002.114 for that application.
* * * * *
0
4. Subpart B is added to read as follows:

Subpart B--Small Business Lending Data Collection

Sec.  1002.101 Authority, purpose, and scope.
Sec.  1002.102 Definitions.
Sec.  1002.103 Covered applications.
Sec.  1002.104 Covered credit transactions and excluded 
transactions.
Sec.  1002.105 Covered financial institutions and exempt 
institutions.
Sec.  1002.106 Business and small business.
Sec.  1002.107 Compilation of reportable data.
Sec.  1002.108 Firewall.
Sec.  1002.109 Reporting of data to the Bureau.
Sec.  1002.110 Publication of data.
Sec.  1002.111 Recordkeeping.
Sec.  1002.112 Enforcement.
Sec.  1002.113 Severability.
Sec.  1002.114 Effective date, compliance date, and special 
transitional rules.


Sec.  1002.101  Authority, purpose, and scope.

    (a) Authority and scope. This subpart to Regulation B is issued by 
the Bureau pursuant to section 704B of the Equal Credit Opportunity Act 
(15 U.S.C. 1691c-2). Except as otherwise provided herein, this subpart 
Applies to covered financial institutions, as defined in Sec.  
1002.105(b), other than a person excluded from coverage of this part by 
section 1029 of the Consumer Financial Protection Act of 2010, title X 
of the Dodd-Frank Wall Street Reform and Consumer Protection Act, 
Public Law 111-203, 124 Stat. 1376, 2004 (2010).
    (b) Purpose. This subpart implements section 704B of the Equal 
Credit Opportunity Act, which is intended:
    (i) To facilitate enforcement of fair lending laws; and
    (ii) To enable communities, governmental entities, and creditors to 
identify business and community development needs and opportunities of 
women-owned, minority-owned, and small businesses.


Sec.  1002.102  Definitions.

    In this subpart:
    (a) Affiliate means, with respect to a financial institution, any 
company that controls, is controlled by, or is under common control 
with, another company, as set forth in the Bank Holding Company Act of 
1956 (12 U.S.C. 1841 et seq.). With respect to a business or an 
applicant, affiliate shall have the same meaning as in 13 CFR 121.103.
    (b) Applicant means any person who requests or who has received an 
extension of business credit from a financial institution.
    (c) Business is defined in Sec.  1002.106(a).
    (d) Business credit shall have the same meaning as in Sec.  
1002.2(g).
    (e) Closed-end credit transaction means an extension of credit that 
is not an open-end credit transaction under paragraph (n) of this 
section.
    (f) Covered application is defined in Sec.  1002.103.
    (g) Covered credit transaction is defined in Sec.  1002.104.
    (h) Covered financial institution is defined in Sec.  1002.105(b).
    (i) Credit shall have the same meaning as in Sec.  1002.2(j).
    (j) Dwelling shall have the same meaning as in Regulation C, 12 CFR 
1003.2(f).
    (k) Financial institution is defined in Sec.  1002.105(a).
    (l) Minority individual means a natural person who is American 
Indian or Alaska Native, Asian, Black or African American, Native 
Hawaiian or Other Pacific Islander, and/or Hispanic or Latino.
    (m) Minority-owned business means a business for which more than 50 
percent of its ownership or control is held by one or more minority 
individuals, and more than 50 percent of its net profits or losses 
accrue to one or more minority individuals.
    (n) Open-end credit transaction means an open-end credit plan as 
defined in Regulation Z, 12 CFR 1026.2(a)(20), but without regard to 
whether the credit is consumer credit, as defined in Sec.  
1026.2(a)(12), is extended by a creditor, as defined in Sec.  
1026.2(a)(17), or is extended to a consumer, as defined in Sec.  
1026.2(a)(11).
    (o) Principal owner means a natural person who directly owns 25 
percent or more of the equity interests of a business.
    (p) Small business is defined in Sec.  1002.106(b).
    (q) Small business lending application register or register means 
the data reported, or required to be reported, annually pursuant to 
Sec.  1002.109.
    (r) State shall have the same meaning as in Sec.  1002.2(aa).
    (s) Women-owned business means a business for which more than 50 
percent of its ownership or control is held by one or more women, and 
more than 50 percent of its net profits or losses accrue to one or more 
women.


Sec.  1002.103  Covered applications.

    (a) Covered application. Except as provided in paragraph (b) of 
this section, covered application means an oral or written request for 
a covered credit transaction that is made in accordance with procedures 
used by a financial institution for the type of credit requested.
    (b) Circumstances that are not covered applications. A covered 
application does not include:
    (1) Reevaluation, extension, or renewal requests on an existing 
business credit account, unless the request seeks additional credit 
amounts.

[[Page 56577]]

    (2) Inquiries and prequalification requests.


Sec.  1002.104  Covered credit transactions and excluded transactions.

    (a) Covered credit transaction means an extension of business 
credit that is not an excluded transaction under paragraph (b) of this 
section.
    (b) Excluded transactions. The requirements of this subpart do not 
apply to:
    (1) Trade credit. A financing arrangement wherein a business 
acquires goods or services from another business without making 
immediate payment to the business providing the goods or services.
    (2) Public utilities credit. Public utilities credit as defined in 
Sec.  1002.3(a)(1).
    (3) Securities credit. Securities credit as defined in Sec.  
1002.3(b)(1).
    (4) Incidental credit. Incidental credit as defined in Sec.  
1002.3(c)(1), but without regard to whether the credit is consumer 
credit, as defined in Sec.  1002.2(h).


Sec.  1002.105  Covered financial institutions and exempt institutions.

    (a) Financial institution means any partnership, company, 
corporation, association (incorporated or unincorporated), trust, 
estate, cooperative organization, or other entity that engages in any 
financial activity.
    (b) Covered financial institution means a financial institution 
that originated at least 25 covered credit transactions for small 
businesses in each of the two preceding calendar years. For purposes of 
this definition, if more than one financial institution was involved in 
the origination of a covered credit transaction, only the financial 
institution that made the credit decision approving the application 
shall count the origination for purposes of this paragraph (b).


Sec.  1002.106  Business and small business.

    (a) Business has the same meaning as the term ``business concern or 
concern'' in 13 CFR 121.105.
    (b) Small business has the same meaning as the term ``small 
business concern'' in 15 U.S.C. 632(a), as implemented in 13 CFR 
121.101 through 121.107. Notwithstanding the size standards set forth 
in 13 CFR 121.201, for purposes of this subpart, a business is a small 
business if and only if its gross annual revenue, as defined in Sec.  
1002.107(a)(14), for its preceding fiscal year is $5 million or less.


Sec.  1002.107  Compilation of reportable data.

    (a) Data format and itemization. A covered financial institution 
shall compile and maintain data regarding covered applications from 
small businesses. The data shall be compiled in the manner prescribed 
below and as explained in associated Official Interpretations and the 
Filing Instructions Guide for this subpart for the appropriate year. 
The data compiled shall include the items described in paragraphs 
(a)(1) through (21) of this section.
    (1) Unique identifier. An alphanumeric identifier, starting with 
the legal entity identifier of the financial institution, unique within 
the financial institution to the specific covered application, and 
which can be used to identify and retrieve the specific file or files 
corresponding to the application for or extension of credit.
    (2) Application date. The date the covered application was received 
by the financial institution or the date shown on a paper or electronic 
application form.
    (3) Application method. The means by which the applicant submitted 
the covered application directly or indirectly to the financial 
institution.
    (4) Application recipient. Whether the applicant submitted the 
covered application directly to the financial institution or its 
affiliate, or whether the applicant submitted the covered application 
indirectly to the financial institution via a third party.
    (5) Credit type. The following information regarding the type of 
credit applied for or originated:
    (i) Credit product. The credit product.
    (ii) Guarantees. The type or types of guarantees that were obtained 
for an extension of credit, or that would have been obtained if the 
covered credit transaction were originated.
    (iii) Loan term. The length of the loan term, in months, if 
applicable.
    (6) Credit purpose. The purpose or purposes of the credit applied 
for or originated.
    (7) Amount applied for. The initial amount of credit or the initial 
credit limit requested by the applicant.
    (8) Amount approved or originated. (i) For an application for a 
closed-end credit transaction that is approved but not accepted, the 
amount approved by the financial institution; or
    (ii) For a closed-end credit transaction that is originated, the 
amount of credit originated; or
    (iii) For an application for an open-end credit transaction that is 
originated or approved but not accepted, the amount of the credit limit 
approved.
    (9) Action taken. The action taken by the financial institution on 
the covered application, reported as originated, approved but not 
accepted, denied, withdrawn by the applicant, or incomplete.
    (10) Action taken date. The date of the action taken by the 
financial institution.
    (11) Denial reasons. For denied applications, the principal reason 
or reasons the financial institution denied the covered application.
    (12) Pricing information. The following information regarding the 
pricing of a covered credit transaction that is originated or approved 
but not accepted, as applicable:
    (i) Interest rate. (A) If the interest rate is fixed, the interest 
rate that is or would be applicable to the covered credit transaction; 
or
    (B) If the interest rate is adjustable, the margin, index value, 
and index name that is or would be applicable to the covered credit 
transaction at origination;
    (ii) Total origination charges. The total amount of all charges 
payable directly or indirectly by the applicant and imposed directly or 
indirectly by the financial institution at or before origination as an 
incident to or a condition of the extension of credit, expressed in 
dollars;
    (iii) Broker fees. The total amount of all charges included in 
paragraph (a)(12)(ii) of this section that are fees paid by the 
applicant directly to a broker or to the financial institution for 
delivery to a broker, expressed in dollars;
    (iv) Initial annual charges. The total amount of all non-interest 
charges that are scheduled to be imposed over the first annual period 
of the covered credit transaction, expressed in dollars;
    (v) Additional cost for merchant cash advances or other sales-based 
financing. For a merchant cash advance or other sales-based financing 
transaction, the difference between the amount advanced and the amount 
to be repaid, expressed in dollars; and
    (vi) Prepayment penalties. (A) Notwithstanding whether such a 
provision was in fact included, whether the financial institution could 
have included a charge to be imposed for paying all or part of the 
transaction's principal before the date on which the principal is due 
under the policies and procedures applicable to the covered credit 
transaction; and
    (B) Notwithstanding the response to paragraph (a)(20)(iv)(A) of 
this section, whether the terms of the covered credit transaction do in 
fact include a charge imposed for paying all or part of the 
transaction's principal before the date on which the principal is due.
    (13) Census tract. The census tract in which is located:

[[Page 56578]]

    (i) The address or location where the proceeds of the credit 
applied for or originated will be or would have been principally 
applied; or
    (ii) If the information in paragraph (a)(13)(i) of this section is 
unknown, the address or location of the main office or headquarters of 
the applicant; or
    (iii) If the information in both paragraphs (a)(13)(i) and (ii) of 
this section is unknown, another address or location associated with 
the applicant.
    (iv) The financial institution shall also indicate which one of the 
three types of addresses or locations listed in paragraphs (a)(13)(i), 
(ii), or (iii) of this section the census tract is based on.
    (14) Gross annual revenue. The gross annual revenue of the 
applicant for its preceding full fiscal year prior to when the 
information is collected.
    (15) NAICS code. A 6-digit North American Industry Classification 
System (NAICS) code appropriate for the applicant.
    (16) Number of workers. The number of non-owners working for the 
applicant.
    (17) Time in business. The time the applicant has been in business, 
described in whole years, as relied on or collected by the financial 
institution.
    (18) Minority-owned business status. Whether the applicant is a 
minority-owned business and whether minority-owned business status is 
being reported based on previously collected data pursuant to Sec.  
1002.107(c)(2). The financial institution shall collect and report 
minority-owned business status as prescribed in appendix F to this 
part. When requesting minority-owned business status from an applicant, 
the financial institution shall inform the applicant that the financial 
institution cannot discriminate on the basis of minority-owned business 
status, or on whether the applicant provides this information.
    (19) Women-owned business status. Whether the applicant is a women-
owned business and whether women-owned business status is being 
reported based on previously collected data pursuant to Sec.  
1002.107(c)(2). The financial institution shall collect and report 
women-owned business status as prescribed in appendix F to this part. 
When requesting women-owned business status from an applicant, the 
financial institution shall inform the applicant that the financial 
institution cannot discriminate on the basis of women-owned business 
status, or on whether the applicant provides this information.
    (20) Ethnicity, race, and sex of principal owners. The ethnicity, 
race, and sex of the applicant's principal owners and whether 
ethnicity, race, and sex are being reported based on previously 
collected data pursuant to Sec.  1002.107(c)(2). The data compiled for 
purposes of this paragraph (a)(20) shall also include whether ethnicity 
and race are being reported based on visual observation or surname. The 
financial institution shall collect and report principal owners' 
ethnicity, race, and sex information as prescribed in appendix G to 
this part. When requesting ethnicity, race, and sex information from an 
applicant, the financial institution shall inform the applicant that 
the financial institution cannot discriminate on the basis of a 
principal owner's ethnicity, race, or sex, or on whether the applicant 
provides this information.
    (21) Number of principal owners. The number of the applicant's 
principal owners.
    (b) Verification of applicant-provided information. Unless 
otherwise provided in this subpart, the financial institution may rely 
on statements of the applicant when compiling data unless it verifies 
the information provided, in which case it shall use the verified 
information.
    (c) Time and manner of collection--(1) In general. A covered 
financial institution shall maintain procedures to collect applicant-
provided data under paragraph (a) of this section at a time and in a 
manner that is reasonably designed to obtain a response.
    (2) Previously collected data. A covered financial institution is 
permitted, but not required, to reuse previously collected data to 
satisfy paragraphs (a)(13) through (21) of this section if:
    (i) The data were collected within the same calendar year as the 
current covered application; and
    (ii) The financial institution has no reason to believe the data 
are inaccurate.


Sec.  1002.108  Firewall.

    (a) Definitions. For purposes of this section, the following terms 
shall have the following meanings:
    (1) Involved in making any determination concerning a covered 
application means participating in a decision regarding the evaluation 
of a covered application, including the creditworthiness of an 
applicant for a covered credit transaction.
    (2) Should have access means that an employee or officer may need 
to collect, see, consider, refer to, or otherwise use the information 
to perform that employee's or officer's assigned job duties.
    (b) Prohibition on access to certain information. Unless the 
exception under paragraph (c) of this section applies, an employee or 
officer of a covered financial institution or a covered financial 
institution's affiliate shall not have access to an applicant's 
responses to inquiries that the financial institution makes pursuant to 
this subpart regarding whether the applicant is a minority-owned 
business under Sec.  1002.107(a)(18) or a women-owned business under 
Sec.  1002.107(a)(19), and regarding the ethnicity, race, and sex of 
the applicant's principal owners under Sec.  1002.107(a)(20), if that 
employee or officer is involved in making any determination concerning 
that applicant's covered application.
    (c) Exception to the prohibition on access to certain information. 
The prohibition in paragraph (b) of this section shall not apply to an 
employee or officer if the financial institution determines that it is 
not feasible to limit that employee's or officer's access to an 
applicant's responses to the financial institution's inquiries under 
Sec.  1002.107(a)(18) through (20) and the financial institution 
provides the notice required under paragraph (d) of this section to the 
applicant. It is not feasible to limit access as required pursuant to 
paragraph (b) of this section if the financial institution determines 
that an employee or officer involved in making any determination 
concerning a covered application should have access to one or more 
applicants' responses to the financial institution's inquiries under 
Sec.  1002.107(a)(18) through (20).
    (d) Notice. In order to satisfy the exception set forth in 
paragraph (c) of this section, a financial institution shall provide a 
notice to each applicant whose responses will be accessed, informing 
the applicant that one or more employees or officers involved in making 
determinations concerning the covered application may have access to 
the applicant's responses to the financial institution's inquiries 
regarding whether the applicant is a minority-owned business or a 
women-owned business, and regarding the ethnicity, race, and sex of the 
applicant's principal owners. The financial institution shall provide 
the notice required by this paragraph (d) when making the inquiries 
required under Sec.  1002.107(a)(18) through (20) and together with the 
notices required pursuant to Sec.  1002.107(a)(18) through (20).


Sec.  1002.109  Reporting of data to the Bureau.

    (a) Reporting to the Bureau--(1) Annual reporting. (i) On or before 
June 1 following the calendar year for which data are compiled and 
maintained as required by Sec.  1002.107, a covered

[[Page 56579]]

financial institution shall submit its small business lending 
application register in the format prescribed by the Bureau.
    (ii) An authorized representative of the covered financial 
institution with knowledge of the data shall certify to the accuracy 
and completeness of the data reported pursuant to this paragraph (a).
    (iii) When the last day for submission of data prescribed under 
paragraph (a)(1) falls on a date that is not a business day, a 
submission shall be considered timely if it is submitted no later than 
the next business day.
    (2) Reporting by subsidiaries. A covered financial institution that 
is a subsidiary of another covered financial institution shall complete 
a separate small business lending application register. The subsidiary 
shall submit its small business lending application register, directly 
or through its parent, to the Bureau.
    (3) Reporting obligations where multiple financial institutions are 
involved in a covered credit transaction. If a covered application 
results in an origination, only one covered financial institution shall 
report the covered credit transaction. If more than one financial 
institution is involved in the origination of a covered credit 
transaction, the financial institution that makes the final credit 
decision approving the application shall report the loan as an 
origination (if that financial institution is a covered financial 
institution). If there was no origination, then any covered financial 
institution that made a credit decision shall report the application.
    (b) Financial institution identifying information. A financial 
institution shall provide each of the following with its submission:
    (1) Its name.
    (2) Its headquarters address.
    (3) The name and business contact information of a person who may 
be contacted with questions about the financial institution's 
submission.
    (4) Its Federal prudential regulator, if applicable.
    (5) Its Federal Taxpayer Identification Number (TIN).
    (6) Its Legal Entity Identifier (LEI).
    (7) Its Research, Statistics, Supervision, and Discount 
identification (RSSD ID) number, if applicable.
    (8) Parent entity information, if applicable, including:
    (i) The name of the immediate parent entity;
    (ii) The LEI of the immediate parent entity, if available;
    (iii) The RSSD ID number of the immediate parent entity, if 
available;
    (iv) The name of the top-holding parent entity;
    (v) The LEI of the top-holding parent entity, if available; and
    (vi) The RSSD ID number of the top-holding parent entity, if 
available.
    (9) The type of financial institution that it is, indicated by 
selecting the appropriate type or types of institution from the list 
provided.
    (10) Whether the financial institution is voluntarily reporting 
covered applications for covered credit transactions.
    (c) Procedures for the submission of data to the Bureau. The Bureau 
shall make available a Filing Instructions Guide, containing technical 
instructions for the submission of data to the Bureau pursuant to this 
section, as well as any related materials, available at [a designated 
Bureau website].


Sec.  1002.110  Publication of data.

    (a) Publication of small business lending application registers and 
associated financial institution information. The Bureau shall make 
available to the public generally the data reported to it by financial 
institutions pursuant to Sec.  1002.109, subject to deletions or 
modifications made by the Bureau, at its discretion, if the Bureau 
determines that the deletion or modification of the data would advance 
a privacy interest. The Bureau shall make such data available on an 
annual basis, by publishing it on the Bureau's website at [a designated 
Bureau website].
    (b) Publication of aggregate data. The Bureau may, at its 
discretion, compile and aggregate data submitted by financial 
institutions pursuant to Sec.  1002.109, and make any compilations or 
aggregations of such data publicly available as the Bureau deems 
appropriate.
    (c) Statement of financial institution's small business lending 
data available on the Bureau's website. A covered financial institution 
shall make available to the public on its website, or otherwise upon 
request, a statement that the covered financial institution's small 
business lending application register, as modified by the Bureau 
pursuant to Sec.  1002.110(a), is or will be available on the Bureau's 
website at [a designated Bureau website]. A financial institution shall 
use language provided by the Bureau, or substantially similar language, 
to satisfy the requirement to provide a statement pursuant to this 
paragraph (c).
    (d) Availability of statements. A covered financial institution 
shall make the notice required by paragraph (c) of this section 
available to the public on its website when it submits a small business 
lending application register to the Bureau pursuant to Sec.  
1002.109(a)(1), and shall maintain the notice for as long as it has an 
obligation to retain its small business lending application registers 
pursuant to Sec.  1002.111(a).


Sec.  1002.111  Recordkeeping.

    (a) Record retention. A covered financial institution shall retain 
evidence of compliance with this subpart, which includes a copy of its 
small business lending application register, for at least three years 
after the register is required to be submitted to the Bureau pursuant 
to Sec.  1002.109.
    (b) Certain information kept separate from the rest of the 
application. A financial institution shall maintain, separately from 
the rest of the application and accompanying information, an 
applicant's responses to the financial institution's inquiries pursuant 
to this subpart regarding whether an applicant for a covered credit 
transaction is a minority-owned business under Sec.  1002.107(18) or a 
women-owned business under Sec.  1002.107(19), and regarding the 
ethnicity, race, and sex of the applicant's principal owners under 
Sec.  1002.107(20).
    (c) Limitation on personally identifiable information in records 
retained under this section. In compiling and maintaining any records 
under Sec.  1002.107 or paragraph (b) of this section, or reporting 
data pursuant to Sec.  1002.109, a financial institution shall not 
include any name, specific address, telephone number, email address, or 
any personally identifiable information concerning any individual who 
is, or is connected with, an applicant, other than as required pursuant 
to Sec.  1002.107 or paragraph (b) of this section.


Sec.  1002.112  Enforcement.

    (a) Administrative enforcement and civil liability. A violation of 
section 704B of the Act or this subpart is subject to administrative 
sanctions and civil liability as provided in sections 704 (15 U.S.C. 
1691c) and 706 (15 U.S.C. 1691e) of the Act, where applicable.
    (b) Bona fide errors. A bona fide error in compiling, maintaining, 
or reporting data with respect to a covered application is one that was 
unintentional and occurred despite the maintenance of procedures 
reasonably adapted to avoid such an error. A bona fide error is not a 
violation of the Act or this subpart. A financial institution is 
presumed to maintain procedures reasonably adapted to avoid such errors 
with respect to a given data field if the number of errors found in a 
random

[[Page 56580]]

sample of the financial institution's submission for the data field 
does not equal or exceed a threshold specified by the Bureau for this 
purpose in appendix H to this part. However, an error is not a bona 
fide error if either there is a reasonable basis to believe the error 
was intentional or there is other evidence that the financial 
institution does not or has not maintained procedures reasonably 
adapted to avoid such errors.
    (c) Safe harbors. (1) Incorrect entry for census tract. An 
incorrect entry for census tract is not a violation of the Act or this 
subpart if the financial institution obtained the census tract by 
correctly using a geocoding tool provided by the FFIEC or the Bureau.
    (2) Incorrect entry for NAICS code. If a financial institution 
identifies the NAICS code for an applicant itself, without the 
applicant or another source providing the NAICS code, and the 
identified NAICS code is incorrect, the incorrect entry for the NAICS 
code is not a violation of the Act or this subpart provided that the 
first two digits of the NAICS code are correct and the financial 
institution maintains procedures reasonably adapted to correctly 
identify the subsequent four digits.
    (3) Incorrect determination of small business status. A financial 
institution that initially determines that an applicant for a covered 
credit transaction is a small business, as defined in Sec.  
1002.106(b), but later concludes the applicant is not a small business, 
does not violate the Act or this regulation if the financial 
institution collected information pursuant to this subpart regarding 
whether an applicant for a covered credit transaction is a minority-
owned business or a women-owned business, and the ethnicity, race, and 
sex of the applicant's principal owners. A financial institution 
seeking to avail itself of this safe harbor shall comply with the 
requirements of this subpart As otherwise required pursuant to 
Sec. Sec.  1002.107, 1002.108, and 1002.111 with respect to the 
collected information.
    (4) Incorrect application date. A financial institution does not 
violate the Act or this subpart if it reports on its small business 
lending application register an application date that is within three 
calendar days of the actual application date pursuant to Sec.  
1002.107(a)(2).


Sec.  1002.113  Severability.

    The provisions of this subpart are separate and severable from one 
another. If any provision is stayed or determined to be invalid, the 
remaining provisions shall continue in effect.


Sec.  1002.114  Effective date, compliance date, and special 
transitional rules.

    (a) Effective date. The effective date for this subpart is [90 days 
after the date of publication of the final rule in the Federal 
Register].
    (b) Compliance date. The compliance date for this subpart is 
[approximately 18 months after the date of publication of the final 
rule in the Federal Register].
    (c) Special transitional rules--(1) Collection of information prior 
to the compliance date. A financial institution that will be a covered 
financial institution as of the compliance date in paragraph (b) of 
this section is permitted, but not required, to collect information 
regarding whether an applicant for a covered credit transaction is a 
minority-owned business under Sec.  1002.107(a)(18), a women-owned 
business under Sec.  1002.107(a)(19), and the ethnicity, race, and sex 
of the applicant's principal owners under Sec.  1002.107(a)(20) 
beginning [12 months prior to the compliance date]. A financial 
institution collecting such information pursuant to this paragraph 
(c)(1) must do so in accordance with the requirements set out in 
Sec. Sec.  1002.107(18) through (20) and 1002.108.
    (2) Determining whether a financial institution is a covered 
financial institution for purposes of this subpart. For purposes of 
determining whether a financial institution is a covered financial 
institution under Sec.  1002.105(b) as of the compliance date specified 
in paragraph (b) of this section, a financial institution is permitted, 
but not required, to use its to use its originations of covered credit 
transactions for small businesses in the second and third preceding 
calendar years (rather than its originations in the two immediately 
preceding calendar years).
0
5. Appendices E through H are added to read as follows:

Appendix E to Part 1002--Sample Form for Collecting Certain Applicant-
Provided Data under Subpart B

BILLING CODE 4810-25-P

[[Page 56581]]

[GRAPHIC] [TIFF OMITTED] TP08OC21.018


[[Page 56582]]


[GRAPHIC] [TIFF OMITTED] TP08OC21.019


[[Page 56583]]


BILLING CODE 4825-25-C

Appendix F to Part 1002--Instructions for Collecting and Reporting 
Small Business Applicants' Minority-Owned Business Status and Women-
Owned Business Status Under Subpart B

    Covered financial institutions are required by subpart B of this 
part to collect certain information from small business applicants 
about covered applications, including whether the applicant is a 
minority-owned business or a women-owned business. This appendix 
provides instructions for collecting that information.
    1. Unless a financial institution is reporting based on 
previously collected data as discussed in Instruction 11, the 
financial institution must ask the applicant about its minority-
owned business status and women-owned business status for each of 
the applicant's covered applications. However, the financial 
institution cannot require an applicant to provide this information.
    2. Generally, a financial institution must ask the applicant 
whether it is a minority-owned business and whether it is a women-
owned business on a paper or electronic data collection form that is 
separate from the application form and other documents used to 
collect other information related to the application. See the sample 
data collection form in appendix E for sample language. For a 
covered application taken solely by telephone or another medium that 
does not involve providing any paper or electronic documents, the 
financial institution must ask the applicant about its minority-
owned business status and women-owned business status orally if the 
financial institution is not reporting based on previously collected 
data. The financial institution may combine these business status 
questions with questions regarding principal owners' ethnicity, 
race, and sex pursuant to Sec.  1002.107(a)(20) and a question about 
the applicant's number of principal owners pursuant to Sec.  
1002.107(a)(21). See the sample data collection form in appendix E.
    3. When asking the questions regarding minority-owned business 
status and women-owned business status (regardless of whether they 
are asked on a paper form, electronically, or orally), the financial 
institution also must provide the applicant with definitions of the 
terms ``minority individual,'' ``minority-owned business,'' and 
``women-owned business'' as set forth in Sec.  1002.102(l), (m), and 
(s). The financial institution satisfies this requirement if it 
provides the definitions of minority individual, minority-owned 
business, and women-owned business set forth in the sample data 
collection form in appendix E.
    4. A financial institution may inform the applicant that Federal 
law requires it to ask for an applicant's minority-owned business 
status and women-owned business status to help ensure that all small 
business applicants for credit are treated fairly and that 
communities' small business credit needs are being fulfilled. The 
financial institution must inform the applicant that it is not 
required to respond to the financial institution's questions 
regarding the applicant's minority-owned business status and women-
owned business status. The financial institution also must inform 
the applicant that the financial institution cannot discriminate on 
the basis of minority-owned business status or women-owned business 
status, or on the basis of whether the applicant provides this 
information.
    5. A financial institution must report the answers to the 
minority-owned business status and women-owned business status 
questions that the applicant provided on the paper or electronic 
data collection form the financial institution uses to satisfy the 
requirements of Sec.  1002.107(a)(18) and (19) without regard to any 
answers provided for other purposes. If the financial institution 
asks the minority-owned business status and women-owned business 
status questions orally, the financial institution must report the 
answers the applicant provided in response to the inquiries the 
financial institution makes to satisfy the requirements of Sec.  
1002.107(a)(18) and (19) without regard to any answers provided for 
other purposes. For example, if a financial institution uses a paper 
data collection form to ask an applicant if it is a minority-owned 
business or women-owned business for purposes of Sec.  
1002.107(a)(18) and (19) and the applicant responds that it is not a 
minority-owned business or a women-owned business, the financial 
institution must report that the applicant is not a minority-owned 
business or a women-owned business, even if the applicant indicates 
that it is a minority-owned business for other purposes, such as for 
a special purpose credit program or a Small Business Administration 
program.
    6. A financial institution is neither required nor permitted to 
verify the minority-owned business status or women-owned business 
status that the applicant provides.
    7. If the applicant declines to provide information on the 
applicant's minority-owned business status or women-owned business 
status (such as by checking only the ``I do not wish to provide this 
information'' box on a paper or electronic data collection form or 
stating orally that it does not wish to provide this information), 
the financial institution must report that the applicant declined to 
provide information on the applicant's minority-owned business 
status or women-owned business status, as applicable.
    8. If the applicant does not respond to the financial 
institution's inquiry regarding its minority-owned business status 
(such as by leaving the response blank or failing to submit a data 
collection form), the financial institution must report that the 
information was not provided by the applicant. Similarly, if the 
applicant does not respond to the financial institution's inquiry 
regarding its women-owned business status, the financial institution 
must report that the information was not provided by the applicant.
    9. If the applicant both provides a substantive response to a 
question requesting business status (that is, checks either ``yes'' 
or ``no'') and also checks the ``I do not wish to provide this 
information'' box for that question, the financial institution 
reports the minority-owned business status or women-owned business 
status provided by the applicant (rather than reporting that the 
applicant declined to provide the information).
    10. A financial institution does not report minority-owned 
business status or women-owned business status based on visual 
observation, surname, or any basis other than the applicant's 
responses to the inquiries that the financial institution makes to 
satisfy Sec.  1002.107(a)(18) and (19) or, as discussed in 
Instruction 11, on the basis of the applicant's responses to the 
inquiries that the financial institution previously made to satisfy 
Sec.  1002.107(a)(18) and (19).
    11. Section 1002.107(c)(2) and its commentary set forth when a 
financial institution is permitted to report information based on 
previously collected data. If the financial institution is permitted 
to report minority-owned business status or women-owned business 
status based on previously collected data, the financial institution 
may but is not required to do so.
    12. If a financial institution reports minority-owned business 
status or women-owned business status based on previously collected 
data, the financial institution must also report that it is 
providing that information based on previously collected data.

Appendix G to Part 1002--Instructions for Collecting and Reporting 
Ethnicity, Race, and Sex of Small Business Applicants' Principal Owners 
Under Subpart B

    Covered financial institutions are required by subpart B of this 
part to collect certain information from small business applicants 
about covered applications, including the ethnicity, race, and sex 
of the applicant's principal owners. This appendix provides 
instructions for collecting that information.

General Instructions

    1. Unless a financial institution is reporting based on 
previously collected data as discussed in Instructions 26 through 
29, the financial institution must ask the applicant for the 
ethnicity, race, and sex of its principal owners for each of the 
applicant's covered applications. However, a financial institution 
cannot require an applicant or any principal owner to provide this 
information.
    2. Generally, a financial institution must ask the applicant 
about the ethnicity, race, and sex of the applicant's principal 
owners on a paper or electronic data collection form that is 
separate from the application form and other documents used to 
collect other information related to the application. See the sample 
data collection form in appendix E for sample language. For a 
covered application taken solely by telephone or another medium that 
does not involve providing any paper or electronic documents, the 
financial institution must ask the applicant for the principal 
owners' ethnicity, race, and sex orally if the financial institution 
is not reporting based on previously collected data. A financial 
institution may combine the questions regarding the principal 
owners' ethnicity, race, and sex with a question regarding the 
applicant's number of principal owners pursuant to Sec.  
1002.107(a)(21) and questions regarding the applicant's minority-
owned business status and women-owned

[[Page 56584]]

business status pursuant to Sec.  1002.107(a)(18) and (19). See the 
sample data collection form in appendix E.
    3. When asking about principal owners' ethnicity, race, and sex, 
the financial institution must also provide the applicant with the 
definition of the term ``principal owner'' as set forth in Sec.  
1002.102(o). The financial institution satisfies this requirement if 
it provides the definition of principal owner set forth in the 
sample data collection form in appendix E.
    4. A financial institution may inform the applicant that Federal 
law requires it to ask for the principal owners' ethnicity, race, 
and sex to help ensure that all small business applicants for credit 
are treated fairly and that communities' small business credit needs 
are being fulfilled. The financial institution must inform the 
applicant that the applicant is not required to respond to the 
financial institution's questions regarding the principal owner's 
ethnicity, race, and sex. The financial institution also must inform 
the applicant that the financial institution cannot discriminate on 
the basis of a principal owner's ethnicity, race, or sex, or on 
whether the applicant provides this information.
    5. If it is possible that a financial institution will meet in 
person with one or more of the applicant's principal owners and the 
financial institution is not reporting based on previously collected 
data, the financial institution must inform the applicant that if 
the applicant does not provide any ethnicity, race, or sex 
information for at least one principal owner, the financial 
institution is required to report ethnicity and race on the basis of 
visual observation and/or surname for at least one of the principal 
owners that the financial institution has met in person. If a 
financial institution collects ethnicity, race, and sex information 
using a paper or electronic data collection form, the financial 
institution may satisfy this requirement by providing a statement on 
that form. See the sample data collection form in appendix E. If a 
financial institution meets in person with a natural person 
representing an applicant but does not know if the natural person is 
a principal owner, the financial institution must ask or otherwise 
determine if that person is a principal owner. See comment 
107(a)(20)-10 for examples of when a financial institution has and 
has not met in person with one or more principal owners. As 
described in Instruction 23, financial institutions do not report a 
principal owner's sex based on visual observation or surname.

Instructions Regarding Ethnicity, Race, and Sex Categories

    6. When asking for a principal owner's sex, a financial 
institution must allow the applicant to respond using the sex 
categories set forth in the sample data collection form in appendix 
E and discussed in comment 107(a)(20)-8. These categories must 
include the option to self-identify using free-form text on a paper 
or electronic form or using language that informs the applicant of 
the opportunity to self-identify when taking the application by 
means other than a paper or electronic data collection form, such as 
by telephone.
    7. When asking for a principal owner's ethnicity and race, a 
financial institution must allow the applicant to respond using the 
aggregate and disaggregated ethnicity and race categories and 
subcategories as set forth in the sample data collection form in 
appendix E and discussed in comments 107(a)(20)-6 and -7. The 
disaggregated subcategories must include the ``other'' disaggregated 
subcategories that provide the option to self-identify using free-
form text on a paper or electronic data collection form or using 
language that informs the applicant of the opportunity to self-
identify when taking the application by means other than a paper or 
electronic data collection form, such as by telephone.
    8. A financial institution must permit an applicant to identify 
its principal owners as being of a particular Hispanic or Latino 
disaggregated subcategory (Cuban, Mexican, Puerto Rican, Other 
Hispanic or Latino) or of a particular Asian disaggregated 
subcategory (Asian Indian, Chinese, Filipino, Japanese, Korean, 
Vietnamese, Other Asian) or of a particular Native Hawaiian or Other 
Pacific Islander disaggregated subcategory (Guamanian or Chamorro, 
Native Hawaiian, Samoan, Other Pacific Islander) or of a particular 
Black or African American disaggregated subcategory (African 
American, Ethiopian, Haitian, Jamaican, Nigerian, Somali, or Other 
Black or African American) or of a particular American Indian or 
Alaska Native enrolled or principal tribe. An applicant must be 
permitted to select a disaggregated ethnicity or race subcategory 
even if the applicant does not also select the corresponding 
aggregate ethnicity or aggregate race category. For example, if an 
applicant selects only the ``Mexican'' disaggregated subcategory, 
the financial institution reports ``Mexican'' for the ethnicity of 
the applicant but does not also report ``Hispanic or Latino.''
    9. A financial institution must offer the applicant the option 
of selecting more than one ethnicity, race, and sex for each 
principal owner. If an applicant selects more than one ethnicity, 
race, or sex for a principal owner, the financial institution must 
report each selected designation. The financial institution must 
also report any additional information that the applicant has 
provided as free-form text in the appropriate data reporting field. 
For example, if the applicant chooses to self-identify a principal 
owner's sex and provides additional information, the financial 
institution must report that information as free-form text in the 
appropriate data reporting field. Similarly, if an applicant 
indicates that a principal owner is Other Asian and provides 
additional information, such as writing in Cambodian, the financial 
institution must report that information as free-form text in the 
appropriate data reporting field.
    10. If an applicant provides ethnicity, race, or sex information 
for one or more principal owners, the financial institution must 
report the ethnicity, race, and sex as provided by the applicant. 
For example, if an applicant selects ``Asian'' for a principal 
owner's race, the financial institution reports ``Asian'' for the 
race of that principal owner. Similarly, if the applicant selects 
``Asian'' and ``Native Hawaiian'' for a particular principal owner, 
the financial institution reports that principal owner's race as 
``Asian'' and ``Native Hawaiian,'' even though ``Native Hawaiian'' 
is not a disaggregated subcategory for the aggregate ``Asian'' 
category.
    11. A financial institution is neither required nor permitted to 
verify the ethnicity, race, or sex information that the applicant 
provides.

Instructions for Reporting if the Applicant Fails To Provide or 
Declines To Provide Responses to a Financial Institution's Inquiries

    12. Except as noted in Instruction 17, if the applicant declines 
to provide a principal owner's ethnicity, race, or sex (such as by 
answering these questions by checking only the ``I do not wish to 
provide this information'' box on a paper or electronic data 
collection form or stating orally that it does not wish to provide 
this information), the financial institution must report that the 
applicant declined to provide this information. The financial 
institution only reports that the applicant declined to provide 
information if the applicant specifically declines to provide that 
information. See Instruction 13 for reporting if the applicant does 
not respond rather than specifically declines to provide 
information.
    13. Except as noted in Instruction 17, if the applicant does not 
respond to a request about a principal owner's ethnicity, race, or 
sex, the financial institution must report that the information was 
not provided by the applicant. For example, if the financial 
institution provides the applicant with a paper data collection form 
and asks the applicant to complete and return the form but the 
applicant does not return it, the financial institution reports that 
the principal owner's ethnicity, race, and sex was not provided by 
the applicant. Similarly, if the financial institution provides an 
electronic data collection form, the applicant indicates that it has 
two principal owners, the applicant provides ethnicity, race, and 
sex for the first principal owner, and the applicant does not check 
any of the boxes (including the ``I do not wish to provide this 
information'' boxes) for the second principal owner's ethnicity, 
race, and sex, the financial institution reports the ethnicity, 
race, and sex that the applicant provided for the first principal 
owner and reports that ethnicity, race, and sex for the second 
principal owner were not provided by the applicant.
    14. If an applicant provides some but not all of the requested 
ethnicity, race, and sex information, the financial institution 
reports the information that was provided by the applicant and 
reports that the applicant declined to provide or did not provide 
(as applicable) the remainder of the information. For example, 
assume an applicant indicates that it has two principal owners and 
provides ethnicity, race, and sex information for the first 
principal owner and provides only ethnicity for the second principal 
owner. Further assume that the applicant does not indicate that it 
does not wish to provide race or sex information for the second 
principal owner. In this case, the financial institution reports the 
ethnicity, race, and sex

[[Page 56585]]

information provided for the first principal owner. The financial 
institution also reports the ethnicity provided for the second 
principal owner, and reports that the applicant did not provide race 
and sex information for the second principal owner.
    15. If an applicant provides any ethnicity, race, or sex 
information for any principal owner, the financial institution does 
not report any additional information based on visual observation 
and/or surname. For example, if an applicant indicates that it has 
four principal owners and provides sex information for one principal 
owner and no other ethnicity, race, or sex information, the 
financial institution reports the sex information provided for one 
principal owner. It reports either that the applicant did not 
provide or declined to provide (as applicable) the ethnicity and 
race information for one principal owner and the ethnicity, race, 
and sex information for the other principal owners. The financial 
institution does not report any ethnicity or race information based 
on visual observation or surname, even if it is has met in person 
with one or more principal owners.
    16. If an applicant provides information in response to the 
question requesting a given principal owner's ethnicity, race, or 
sex and also checks the ``I do not wish to provide this 
information'' box for that question or otherwise indicates that the 
applicant does not wish to provide the information, the financial 
institution reports the information on ethnicity, race, or sex that 
was provided by the applicant (rather than reporting that the 
applicant declined to provide the information). For example, if an 
applicant is completing a paper data collection form and provides 
information that a principal owner is female and also checks a box 
to indicate that the applicant does not wish to provide information 
regarding that principal owner's sex, the financial institution 
reports the principal owner's sex as female.

Instructions for Collecting Ethnicity and Race Information via Visual 
Observation and/or Surname if the Applicant Declines To Provide 
Information or Does Not Respond

    17. If an applicant does not provide any ethnicity, race, or sex 
information for any of its principal owners or declines to provide 
all of the requested ethnicity, race, or sex information, and during 
the application process the financial institution meets in person 
with at least one principal owner of that applicant, the financial 
institution must collect the ethnicity and race of the principal 
owner(s) with whom it meets on the basis of visual observation and/
or surname. For example, assume a financial institution provides 
electronic data collection forms to applicants, and an applicant 
fails to complete and submit the data collection form. Assume that 
the financial institution is not permitted to report based on 
previously collected data. Also, assume that the financial 
institution meets in person with two of the applicant's four 
principal owners at the same time during the application process. 
The financial institution reports the ethnicity and race information 
for the two principal owners it met with in person based on visual 
observation and/or surname. Additionally, as noted in Instruction 
21, the financial institution reports that it is reporting this 
information based on visual observation and/or surname. The 
financial institution reports that the applicant did not provide sex 
information for these two principal owners. It also reports that the 
applicant did not provide ethnicity, race, and sex information for 
the other two principal owners. For additional information on when a 
financial institution has or has not met in person with a principal 
owner, see comment 107(a)(20)-10.
    18. For purposes of determining whether reporting based on 
visual observation and/or surname is required, a financial 
institution is considered to have met in person with a principal 
owner if the financial institution has a meeting via an electronic 
medium with the principal owner and can visually observe the 
principal owner using a video component. For additional information 
on when a financial institution has or has not met in person with a 
principal owner, see comment 107(a)(20)-10. For additional 
information on when reporting based on visual observation and/or 
surname is required, see comment 107(a)(20)-9.
    19. A financial institution is not required to report ethnicity 
and race information based on visual observation and/or surname if 
the financial institution only meets in person with one or more 
principal owners after the application process is complete, for 
example, at loan closing or account opening. In those circumstances, 
the financial institution may report that the information was not 
provided by the applicant or that the applicant declined to provide 
the information, as applicable.
    20. A financial institution is required to collect race and 
ethnicity information based on visual observation and/or surname at 
only one meeting with one or more principal owners. If the financial 
institution meets in person with another principal owner at a 
different meeting, the financial institution is permitted, but not 
required, to also collect the other principal owner's race and 
ethnicity information via visual observation and/or surname. For 
example, assume that a financial institution meets in person with 
one of an applicant's principal owners on June 1 and records that 
principal owner's ethnicity and race. Also, assume that the 
financial institution meets in person with all four of the 
applicant's principal owners on June 10. The financial institution 
is permitted, but not required, to record the other principal 
owners' ethnicity and race information based on the meeting that 
occurs on June 10, because it already recorded one principal owner's 
ethnicity and race based on the meeting that occurred on June 1.
    21. If a financial institution reports ethnicity and race based 
on visual observation and/or surname and is not relying on 
previously collected data, the financial institution also must 
report that the information was collected on the basis of visual 
observation and/or surname. If a financial institution is relying on 
previously collected data that the financial institution collected 
via visual observation and/or surname, the financial institution 
reports that it is reporting the information based on previously 
collected data, and that it is providing the information based on 
visual observation and/or surname.
    22. When a financial institution reports ethnicity and race on 
the basis of visual observation and/or surname, the financial 
institution must select only from the following aggregate 
categories: Ethnicity (Hispanic or Latino; not Hispanic or Latino); 
race (American Indian or Alaska Native; Asian; Black or African 
American; Native Hawaiian or Other Pacific Islander; White).
    23. A financial institution never reports sex based on visual 
observation or surname. If an applicant declines or otherwise does 
not provide a principal owner's sex, the financial institution 
reports that the applicant declined to provide that information or 
that the information was not provided by the applicant, as 
applicable.

Instructions Regarding Persons who Are Not Principal Owners and When an 
Applicant Has Fewer Than Four Principal Owners

    24. A financial institution does not report a guarantor's 
ethnicity, race, and sex unless the guarantor is also a principal 
owner of the applicant.
    25. Because there are data reporting fields for four principal 
owners, when submitting data to the Bureau, a financial institution 
will need to report that the requirement to report ethnicity, race, 
and sex is not applicable for some principal owners if the applicant 
has fewer than four principal owners. For example, if an applicant 
has only one principal owner (i.e., only one natural person directly 
owns 25 percent or more of the applicant's equity interests), the 
financial institution reports that the requirement to report 
ethnicity, race, and sex is not applicable in the data fields for 
principal owners two through four.

Instructions for Reporting Based on Previously Collected Data

    26. Section 1002.107(c)(2) and its commentary set forth when a 
financial institution is permitted to report information based on 
previously collected data. If the financial institution is permitted 
to report ethnicity, race, or sex information based on previously 
collected data, the financial institution may but is not required to 
do so.
    27. If a financial institution reports ethnicity, race, or sex 
information based on previously collected data, the financial 
institution must also report that it is providing that information 
based on previously collected data.
    28. If a financial institution reports one or more principal 
owner's ethnicity, race, or sex information based on previously 
collected data, the financial institution does not need to collect 
any additional ethnicity, race, or sex information. However, the 
financial institution may need to report that the applicant did not 
provide or declined to provide information when the financial 
institution previously collected the data, as applicable.
    29. If a financial institution is reporting a principal owner's 
ethnicity and/or race based on data that the financial institution 
previously collected via visual observation and/or surname, the 
financial institution

[[Page 56586]]

reports that it is reporting ethnicity and race based on previously 
collected data and based on visual observation and/or surname. 
Additionally, the financial institution reports that the applicant 
declined to provide information about the principal owner's sex or 
that the applicant did not provide the principal owner's sex, as 
applicable, and reports that the financial institution is reporting 
sex based on previously collected data.

Appendix H to Part 1002--Tolerances for Bona Fide Errors in Data 
Reported Under Subpart B

    As set out in Sec.  1002.112(b) and in comment 112(b)-1, a 
financial institution is presumed to maintain procedures reasonably 
adapted to avoid errors with respect to a given data field if the 
number of errors found in a random sample of a financial 
institution's data submission for a given data field do not equal or 
exceed the threshold in column C of the following table (Table 1, 
Tolerance Thresholds for Bona Fide Errors):
[GRAPHIC] [TIFF OMITTED] TP08OC21.020

    The size of the random sample, under column B, shall depend on 
the size of the financial institution's small business lending 
application register, as shown in column A of the Threshold 
Table.\959\
---------------------------------------------------------------------------

    \959\ For a financial institution with fewer than 30 entries in 
its small business lending application register, the full sample 
size is the financial insitution's total number of entries. The 
threshold number for such financial institution's remains three. 
Accordingly, the threshold percentage will be higher for financial 
institions with fewer than 30 in their registers.
---------------------------------------------------------------------------

    The thresholds in column C of the Threshold Table reflect the 
number of unintentional errors a financial institution may make 
within a particular data field (e.g., loan amount or gross annual 
revenue) in a small business lending application register that would 
be deemed bona fide errors for purposes of Sec.  1002.112(b).
    For instance, a financial institution that submitted a small 
business lending application register containing 45 applications 
would be subject to a threshold of three errors per data field. If 
the financial institution had made two errors in reporting loan 
amount and two errors reporting gross annual income, all of these 
errors would be covered by the bona fide error provision of Sec.  
1002.112(b) and would not constitute a violation of the Act or this 
part. If the same financial institution had made four errors in 
reporting loan amount and two errors reporting gross annual income, 
the bona fide error provision of Sec.  1002.112(b) would not apply 
to the four loan amount errors but would still apply to the two 
gross annual income errors.
    Even when the number of errors in a particular data field do not 
equal or exceed the threshold in column C, if either there is a 
reasonable basis to believe that errors in that field were 
intentional or there is other evidence that the financial 
institution did not maintain procedures reasonably adapted to avoid 
such errors, then the errors are not bona fide errors under Sec.  
1002.112(b). To illustrate, assume that a financial institution has 
incorrectly coded withdrawn applications as denials to such an 
extent that it likely prevents reliable fair lending analysis of 
underwriting disparities. If so, the errors would not be deemed bona 
fide errors under Sec.  1002.112(b) and would violate the Act and 
this part.
    For purposes of determining bona fide errors under Sec.  
1002.112(b), the term ``data field'' generally refers to individual 
fields. However, with respect to information on the ethnicity or 
race of an applicant or borrower, or co-applicant or co-borrower, a 
data field group may consist of more than one field. If one or more 
of the fields within an ethnicity or race field group have errors, 
they count as one (and only one) error for that data field group.
0
6. In Supplement I to part 1002:
0
a. Under Section 1005.5--Rules Concerning Requests for Information, 
revise Paragraph 5(a)(2) by revising the heading and adding comment -4, 
and revise Paragraph 5(a)(4) including the heading.
0
b. Add Section 1002.102--Definitions; Section 1002.103--Covered 
Applications; Section 1002.104--Covered Credit Transactions and 
Excluded Transactions; Section 1002.105--Covered Financial Institutions 
and Exempt Institutions; Section 1002.106--Business and Small Business; 
Section 1002.107--Compilation of Reportable Data; Section 1002.108--
Firewall; Section 1002.109--Reporting of Data to the Bureau; Section 
1002.110--Publication of Data; Section 1002.111--Recordkeeping; and 
Section 1002.112--Enforcement.
    The revisions and additions read as follows:

Supplement I to Part 1002--Official Interpretations

Section 1002.5--Rules Concerning Requests for Information

    5(a) General rules.
* * * * *
    5(a)(2) Required collection of information.
* * * * *
    4. Information required by subpart B. Subpart B of this part 
generally requires creditors that are covered financial institutions 
as defined in Sec.  1002.105(a) to collect and report information 
about the

[[Page 56587]]

ethnicity, race, and sex of the principal owners of applicants for 
certain small business credit, as well as whether the applicant is 
minority-owned or women-owned as defined in Sec.  1002.102(m) and 
(s), respectively.
    5(a)(4) Other permissible collection of information.
    1. Other permissible collection of information. Information 
regarding ethnicity, race, and sex that is not required to be 
collected pursuant to Regulation C, 12 CFR part 1003, or subpart B 
of this part, may nevertheless be collected under the circumstances 
set forth in Sec.  1002.5(a)(4) without violating Sec.  1002.5(b). 
The information collected pursuant to 12 CFR part 1003 must be 
retained pursuant to the requirements of Sec.  1002.12. The 
information collected pursuant to subpart B of this part must be 
retained pursuant to the requirements set forth in Sec.  1002.111.
* * * * *

Section 1002.102--Definitions

    102(j) Dwelling.
    1. Consistency with Regulation C. Bureau interpretations that 
appear in supplement I to part 1003 containing official commentary 
in connection with Sec.  1003.2(f) are applicable to the definition 
of a dwelling in Sec.  1002.102(j).
    2. Dwelling under subpart A. The definition of dwelling under 
Sec.  1002.14(b)(2) applies to relevant provisions under subpart A, 
and Sec.  1002.102(j) is not intended to repeal, abrogate, annul, 
impair, or interfere with any existing interpretations, orders, 
agreements, ordinances, rules, or regulations adopted or issued 
pursuant to Sec.  1002.14(b)(2).
    102(l) Minority individual.
    1. Purpose of definition. The definition of minority individual 
is used only when an applicant determines if it is a minority-owned 
business pursuant to Sec. Sec.  1002.102(m) and 1002.107(a)(18). A 
financial institution provides an applicant with the definition of 
minority individual when asking the applicant to determine if its 
business is a minority-owned business, as defined in Sec.  
1002.102(m). An applicant determines if the natural persons who own 
and control and to whom the business's profits or losses accrue are 
minority individuals when the applicant provides its minority-owned 
business status pursuant to Sec.  1002.107(a)(18). Separately, 
pursuant to Sec.  1002.107(a)(20) and related commentary, a 
financial institution may be required to report a principal owner's 
ethnicity and race based on visual observation and/or surname. 
However, the definition of minority individual in Sec.  1002.102(l) 
is not used when determining the race or ethnicity of a principal 
owner.
    2. Multi-racial and multi-ethnic individuals. For purposes of 
subpart B of this part, a natural person who is multi-racial or 
multi-ethnic is a minority individual. For example, a natural person 
who is both Asian and White is a minority individual.
    3. Relationship to disaggregated subcategories used to determine 
ethnicity and race of principal owners. The term ``minority 
individual'' is defined in Sec.  1002.102(l) using aggregate 
ethnicity (Hispanic or Latino) and race (American Indian or Alaska 
Native, Asian, Black or African American, and Native Hawaiian or 
Other Pacific Islander) categories. Separately an applicant may 
provide a principal owner's ethnicity and race using aggregate 
categories and/or disaggregated subcategories for purposes of Sec.  
1002.107(a)(20). However, as discussed in comment 107(a)(20)-11, a 
financial institution may only use aggregate ethnicity and race 
categories when required to report a principal owner's ethnicity and 
race based on visual observation and/or surname.
    102(m) Minority-owned business.
    1. In general. In order to be a minority-owned business for 
purposes of subpart B of this part, a business must satisfy both 
prongs of the definition of minority-owned business. First, one or 
more minority individuals must own or control more than 50 percent 
of the business. However, it is not necessary that one or more 
minority individuals both own and control more than 50 percent of 
the business. For example, a business that is owned entirely by 
minority individuals, but is not controlled by any minority 
individuals satisfies the first prong of the definition. If a 
business does not satisfy this first prong of the definition, it is 
not a minority-owned business. Second, 50 percent or more of the net 
profits or losses must accrue to one or more minority individuals. 
If a business does not satisfy this second prong of the definition, 
it is not a minority-owned business, regardless of whether it 
satisfies the first prong of the definition.
    2. Purpose of definition. The definition of minority-owned 
business is used only when an applicant determines if it is a 
minority-owned business for purposes of Sec.  1002.107(a)(18). A 
financial institution provides an applicant with the definition of 
minority-owned business when asking the applicant to provide its 
minority-owned business status pursuant to Sec.  1002.107(a)(18), 
but the financial institution is neither permitted nor required to 
make its own determination regarding the applicant's minority-owned 
business status.
    3. Further clarifications of terms used in the definition of 
minority-owned business. In order to assist an applicant when 
determining whether it is a minority-owned business, a financial 
institution may provide the applicant with the definitions of 
ownership, control, and accrual of net profits or losses and related 
concepts set forth in comments 102(m)-4 through -6. A financial 
institution may assist an applicant when the applicant is 
determining its minority-owned business status but is not required 
to do so. For purposes of reporting an applicant's status, a 
financial institution relies on the applicant's determinations of 
its ownership, control, and accrual of net profits and losses.
    4. Ownership. For purposes of determining if a business is a 
minority-owned business, a natural person owns a business if that 
natural person directly or indirectly, through any contract, 
arrangement, understanding, relationship or otherwise, has an equity 
interest in the business. Examples of ownership include being the 
sole proprietor of a sole proprietorship, directly or indirectly 
owning or holding the stock of a corporation or company, directly or 
indirectly having a partnership interest in a business, or directly 
or indirectly having a membership interest in a limited liability 
company. Indirect as well as direct ownership are used when 
determining ownership for purposes of Sec. Sec.  1002.102(m) and 
1002.107(a)(18). Thus, where applicable, ownership must be traced 
through corporate or other indirect ownership structures. For 
example, assume that the applicant is company A. If company B owns 
60 percent of applicant company A and a natural person owns 100 
percent of company B, the natural person owns 60 percent of 
applicant company A. Similarly, if a natural person directly owns 20 
percent of applicant company A and is an equal partner in 
partnership B that owns the remaining 80 percent of applicant 
company A, the natural person owns 60 percent of applicant company A 
(i.e., 20 percent due through direct ownership and 40 percent 
indirectly through partnership B). A trustee is considered the owner 
of the trust. Thus, if a trust owns a business and the trust has two 
co-trustees, each co-trustee owns 50 percent of the business.
    5. Control. A natural person controls a business if that natural 
person has significant responsibility to manage or direct the 
business. A natural person controls a business if the natural person 
is an executive officer or senior manager (e.g., a chief executive 
officer, chief financial officer, chief operating officer, managing 
member, general partner, president, vice president, or treasurer) or 
regularly performs similar functions. Additionally, a business may 
be controlled by two or more minority individuals if those 
individuals collectively control the business, such as constituting 
a majority of the board of directors or a majority of the partners 
of a partnership.
    6. Accrual of net profits or losses. A business's net profits 
and losses accrue to a natural person if that natural person 
receives the net profits or losses, is legally entitled or required 
to receive the net profits or losses, or is legally entitled or 
required to recognize the net profits or losses for tax purposes.
    102(o) Principal owner.
    1. Natural person. Only a natural person can be a principal 
owner of a business for purposes of subpart B of this part. 
Entities, such as trusts, partnerships, limited liability companies, 
and corporations, are not principal owners for this purpose. 
Additionally, a natural person must directly own an equity share of 
25 percent or more in the business in order to be a principal owner. 
Unlike the determination of ownership for purposes of collecting and 
reporting minority-owned business status and women-owned business 
status, indirect ownership is not considered when determining if 
someone is a principal owner for purposes of collecting and 
reporting principal owners' ethnicity, race, and sex or the number 
of principal owners. Thus, when determining who is a principal 
owner, ownership is not traced through multiple corporate structures 
to determine if a natural person owns 25 percent or more of the 
equity interests. For example, if natural person A directly owns 20 
percent of a business, natural person B directly owns 20 percent, 
and partnership C owns 60 percent, the business does not have any 
owners who

[[Page 56588]]

satisfy the definition of principal owner set forth in Sec.  
1002.102(o), even if natural person A and natural person B are the 
only partners in the partnership C. Similarly, if natural person A 
directly owns 30 percent of a business, natural person B directly 
owns 20 percent, and trust D owns 50 percent, natural person A is 
the only principal owner as defined in Sec.  1002.102(o), even if 
natural person B is the sole trustee of trust D.
    2. Purpose of definition. A financial institution shall provide 
an applicant with the definition of principal owner when asking the 
applicant to provide the number of its principal owners pursuant to 
Sec.  1002.107(a)(21) and the ethnicity, race, and sex of its 
principal owners pursuant to Sec.  1002.107(a)(20). If a financial 
institution meets in person with a natural person about a covered 
application, the financial institution may be required to determine 
if a natural person with whom it meets is a principal owner in order 
to collect and report the principal owner's ethnicity and race based 
on visual observation and/or surname. (See comments 107(a)(20)-5 and 
-9.) Additionally, if an applicant does not provide the number of 
its principal owners in response to the financial institution's 
request pursuant to Sec.  1002.107(a)(21), the financial institution 
may need to determine and report the number of the applicant's 
principal owners based on other documents or information. (See 
comments 107(a)(21)-1 through -3.)
    102(s) Women-owned business.
    1. In general. In order to be a women-owned business for 
purposes of subpart B of this part, a business must satisfy both 
prongs of the definition of women-owned business. First, one or more 
women must own or control more than 50 percent of the business. 
However, it is not necessary that one or more women both own and 
control more than 50 percent of the business. For example, a 
business that is owned entirely by women, but is not controlled by 
any women satisfies the first prong of the definition. If a business 
does not satisfy this first prong of the definition, it is not a 
women-owned business. Second, 50 percent or more of the net profits 
or losses must accrue to one or more women. If a business does not 
satisfy this second prong of the definition, it is not a women-owned 
business, regardless of whether it satisfies the first prong of the 
definition.
    2. Purpose of definition. The definition of women-owned business 
is used only when an applicant determines if it is a women-owned 
business pursuant to Sec.  1002.107(a)(19). A financial institution 
provides an applicant with the definition of women-owned business 
when asking the applicant to provide its women-owned business status 
pursuant to Sec.  1002.107(a)(19), but the financial institution is 
neither permitted nor required to make its own determination 
regarding the applicant's women-owned business status.
    3. Further clarifications of terms used in the definition of 
women-owned business. In order to assist an applicant when 
determining whether it is a women-owned business, a financial 
institution may provide the applicant with the definitions of 
ownership, control, and accrual of net profits or losses and related 
concepts set forth in comments 102(s)-4 through -6. A financial 
institution may assist an applicant when the applicant is 
determining its women-owned business status but is not required to 
do so. For purposes of reporting an applicant's status, a financial 
institution relies on the applicant's determinations of its 
ownership, control, and accrual of net profits and losses.
    4. Ownership. For purposes of determining if a business is a 
women-owned business, a natural person owns a business if that 
natural person directly or indirectly, through any contract, 
arrangement, understanding, relationship or otherwise, has an equity 
interest in the business. Examples of ownership include being the 
sole proprietor of a sole proprietorship, directly or indirectly 
owning or holding the stock of a corporation or company, directly or 
indirectly having a partnership interest in a business, or directly 
or indirectly having a membership interest in a limited liability 
company. Indirect as well as direct ownership are used when 
determining ownership for purposes of Sec. Sec.  1002.102(s) and 
1002.107(a)(19). Thus, where applicable, ownership must be traced 
through corporate or other indirect ownership structures. For 
example, assume that the applicant is company A. If company B owns 
60 percent of the applicant company A and a natural person owns 100 
percent of company B, the natural person owns 60 percent of the 
applicant company A. Similarly, if a natural person directly owns 20 
percent of the applicant company A and is an equal partner in a 
partnership B that owns the remaining 80 percent of the applicant 
company A, the natural person owns 60 percent of applicant company A 
(i.e., 20 percent due through direct ownership and 40 percent 
indirectly through partnership B). A trustee is considered the owner 
of the trust. Thus, if a trust owns a business and the trust has two 
co-trustees, each co-trustee owns 50 percent of the business.
    5. Control. A natural person controls a business if that natural 
person has significant responsibility to manage or direct the 
business. A natural person controls a business if the natural person 
is an executive officer or senior manager (e.g., a chief executive 
officer, chief financial officer, chief operating officer, managing 
member, general partner, president, vice president, or treasurer) or 
regularly performs similar functions. Additionally, a business may 
be controlled by two more women if those women collectively control 
the business, such as constituting a majority of the board of 
directors or a majority of the partners of a partnership.
    6. Accrual of net profits or losses. A business's net profits 
and losses accrue to a natural person if that natural person 
receives the net profits or losses, is legally entitled or required 
to receive the net profits or losses, or is legally entitled or 
required to recognize the net profits or losses for tax purposes.

Section 1002.103--Covered Applications

    103(a) In general.
    1. In general. Subject to the requirements of subpart B of this 
part, a financial institution has latitude to establish its own 
application process or procedures, including designating the type 
and amount of information it will require from applicants.
    2. Procedures used. The term ``procedures'' refers to the actual 
practices followed by a financial institution as well as its stated 
application procedures. For example, if a financial institution's 
stated policy is to require all applications to be in writing on the 
financial institution's application form, but the financial 
institution also makes credit decisions based on oral requests, the 
financial institution's procedures are to accept both oral and 
written applications.
    3. Consistency with subpart A. Bureau interpretations that 
appear in this supplement I in connection with Sec. Sec.  1002.2(f) 
and 1002.9 are generally applicable to the definition of a covered 
application in Sec.  1002.103. However, the definition of a covered 
application in Sec.  1002.103 does not include inquiries and 
prequalification requests. The definition of a covered application 
also does not include reevaluation, extension, or renewal requests 
on an existing business credit account, unless the request seeks 
additional credit amounts. See Sec.  1002.103(b).
    4. Requests for multiple covered credit transactions at one 
time. Assuming the requirements of a covered application are met, if 
an applicant makes a request for two or more covered credit 
transactions at the same time, the financial institution reports 
each request for a covered credit transaction as a separate covered 
application. For example, if an applicant requests both a term loan 
and a line of credit on an application form, the financial 
institution reports each request for a covered credit transaction as 
a separate covered application. Section 1002.107(c)(2) sets forth 
the requirements for reusing certain data required under Sec.  
1002.107(a) across multiple applications.
    5. Initial request for a single covered credit transaction that 
results in the origination of multiple covered credit transactions. 
Assuming the requirements of a covered application are met, if an 
applicant initially makes a request for one covered credit 
transaction, but over the course of the application process requests 
and obtains multiple covered credit transactions, each covered 
credit transaction must be reported as a separate covered 
application.
    6. Requests for multiple lines of credit at one time. Assuming 
the requirements of a covered application are met, if an applicant 
requests multiple lines of credit on a single credit account, it is 
reported as one or more covered applications based on the procedures 
used by the financial institution for the type of credit account. 
For example, if a financial institution treats a request for 
multiple lines of credit at one time as sub-components of a single 
account, the financial institution reports the request as a single 
covered application. If, on the other hand, the financial 
institution treats each line of credit as a separate account, then 
the financial institution reports each request for a line of credit 
as a separate covered application, as set forth in comment 103(a)-4.
    7. Changes in whether there is a covered credit transaction. In 
certain circumstances, an applicant may change the type of product

[[Page 56589]]

requested during the course of the application process. Assuming 
other requirements of a covered application are met, if an applicant 
initially requests a product that is not a covered credit 
transaction, but during the application process decides to seek 
instead a product that is a covered credit transaction, the 
application is a covered application and must be reported. If, on 
the other hand, an applicant initially requests a product that is a 
covered credit transaction, but then during the application process 
decides instead to seek a product that is not a covered credit 
transaction, the application is not a covered application and thus 
is not reported. If an applicant initially requests a product that 
is a covered credit transaction, the financial institution 
counteroffers with a product that is not a covered credit 
transaction, and the applicant declines to proceed or fails to 
respond, the application is reported as a covered application. For 
example, if an applicant initially applies for a term loan, but 
then, after consultation with the financial institution, decides 
that a lease would better meet its needs and decides to proceed with 
that product, the application is not a covered application and thus 
is not reported. However, if an applicant initially applies for a 
term loan, the financial institution offers to consider the 
applicant only for a lease, and the applicant refuses, the 
transaction is a covered application that must be reported.
    103(b) Circumstances that are not covered applications.
    1. In general. The circumstances set forth in Sec.  1002.103(b) 
are not covered applications for purposes of subpart B of this part, 
even if considered applications under subpart A of this part. 
However, in no way are the exclusions in Sec.  1002.103(b) intended 
to repeal, abrogate, annul, impair, change, or interfere with the 
scope of the term application in Sec.  1002.2(f) as applicable to 
subpart A.
    2. Reevaluation, extension, or renewal requests that do not 
request additional credit amounts. An applicant's request to change 
one or more terms of an existing account does not constitute a 
covered application, unless the applicant is requesting additional 
credit amounts on the account. For example, an applicant's request 
to extend the duration on a line of credit or to remove a guarantor 
would not be a covered application.
    3. Reevaluation, extension, or renewal requests that request 
additional credit amounts. An applicant's request for additional 
credit amounts on an existing account that is a covered credit 
transaction constitutes a covered application. For example, an 
applicant's request for a line increase on an existing line of 
credit, made in accordance with a financial institution's procedures 
for the type of credit requested, would be a covered application. As 
discussed in comment 107(a)(7)-4, when reporting a covered 
application that seeks additional credit amounts on an existing 
account, the financial institution need only report the additional 
credit amount sought, and not the entire credit amount. For example, 
if an applicant currently has a line of credit account for $100,000, 
and seeks to increase the line to $150,000, the financial 
institution reports the amount applied for as $50,000.
    4. Reviews or evaluations initiated by the financial 
institution. For purposes of subpart B of this part, the term 
covered application does not include evaluations or reviews of 
existing accounts initiated by the financial institution because the 
applicant has not made the request. For example, if a creditor 
conducts periodic reviews of its existing lines of credit and 
decides to increase the applicant's line by $10,000, it is not a 
covered application because the applicant never made a request for 
the additional credit amounts. However, if such an evaluation or 
review of an existing account by a financial institution results in 
the financial institution inviting the applicant to apply for 
additional credit amounts on an existing account that is a covered 
credit transaction, and the applicant does so, the applicant's 
request constitutes a covered application for purposes of subpart B 
of this part. Similarly, the term covered application also does not 
include solicitations and firm offers of credit.
    5. Inquiries and prequalification requests. An inquiry is a 
request by a prospective applicant for information about credit 
terms offered by the financial institution. A prequalification 
request is a request by a prospective applicant for a preliminary 
determination on whether the prospective applicant would likely 
qualify for credit under a financial institution's standards or for 
a determination on the amount of credit for which the prospective 
applicant would likely qualify. Inquiry and prequalification 
requests are not covered applications under subpart B of this part, 
even though in certain circumstances inquiries and prequalification 
requests may constitute applications under subpart A.

Section 1002.104--Covered Credit Transactions and Excluded 
Transactions

    104(a) Covered credit transaction.
    1. General. The term ``covered credit transaction'' includes all 
business credit (including loans, lines of credit, credit cards, and 
merchant cash advances) unless otherwise excluded under Sec.  
1002.104(b).
    104(b) Excluded transactions.
    1. Factoring. The term ``covered credit transaction'' does not 
cover factoring as described herein. For the purpose of this 
subpart, factoring is an accounts receivable purchase transaction 
between businesses that includes an agreement to purchase, transfer, 
or sell a legally enforceable claim for payment for goods that the 
recipient has supplied or services that the recipient has rendered 
but for which payment has not yet been made. This description of 
factoring is not intended to repeal, abrogate, annul, impair, or 
interfere with any existing interpretations, orders, agreements, 
ordinances, rules, or regulations adopted or issued pursuant to 
comment 9(a)(3)-3. A financial institution shall report an extension 
of business credit incident to a factoring arrangement that is 
otherwise a covered credit transaction as a ``Other sales-based 
financing transaction'' under Sec.  1002.107(a)(5).
    2. Leases. The term ``covered credit transaction'' does not 
cover leases as described herein. A lease, for the purpose of this 
subpart, is a transfer from one business to another of the right to 
possession and use of goods for a term, and for primarily business 
or commercial (including agricultural) purposes, in return for 
consideration. A lease does not include a sale, including a sale on 
approval or a sale or return, or a transaction resulting in the 
retention or creation of a security interest.
    3. Consumer-designated credit. The term ``covered credit 
transaction'' does not include consumer-designated credit used for 
business purposes. A transaction qualifies as consumer-designated 
credit if the financial institution offers or extends the credit 
primarily for personal, family, or household purposes. For example, 
an open-end credit account used for both personal and business 
purposes is not business credit for the purpose of subpart B of this 
part unless the financial institution designated or intended for the 
primary purpose of the account to be business-related.
    4. Credit secured by certain investment properties. The term 
``covered credit transaction'' does not include an extension of 
credit that is secured by 1-4 individual dwelling units that the 
applicant (or one or more of the applicant's principal owners) does 
not, or will not, occupy. A financial institution should determine 
whether the property to which the covered credit transaction or 
application relates is or will be used as an investment property. 
For purposes of this comment, a property is an investment property 
if the applicant or one or more of the applicant's principal owners 
does not or will not occupy the property. For example, if an 
applicant purchases a property, does not occupy the property, and 
generates income by renting the property, the property is an 
investment property for purposes of this comment. Similarly, if an 
applicant purchases a property, does not occupy the property, and 
does not generate income by renting the property, but intends to 
generate income by selling the property, the property is an 
investment property. A property is an investment property if the 
applicant does not or will not occupy the property, even if the 
applicant does not consider the property as owned for investment 
purposes. For example, if a corporation purchases a property that is 
a dwelling under Sec.  1002.102(j), that it does not occupy, but 
that is for the long-term residential use of its employees, the 
property is an investment, even if the corporation considers the 
property as owned for business purposes rather than investment 
purposes, does not generate income by renting the property, and does 
not intend to generate income by selling the property at some point 
in time. If the property is for transitory use by employees, the 
property would not be considered a dwelling under Sec.  1002.102(j).
    104(b)(1) Trade credit.
    1. General. Trade credit, as defined in Sec.  1002.104(b)(1), is 
excluded from the definition of a covered credit transaction. An 
example of trade credit involves a supplier that finances the sale 
of equipment, supplies, or inventory. However, an extension of 
business credit by a financial institution other than the supplier 
for the financing of such items is not trade credit.
    2. Trade credit under subpart A. The definition of trade credit 
under comment

[[Page 56590]]

9(a)(3)-2 applies to relevant provisions under subpart A, and Sec.  
1002.104(b)(1) is not intended to repeal, abrogate, annul, impair, 
or interfere with any existing interpretations, orders, agreements, 
ordinances, rules, or regulations adopted or issued pursuant to 
comment 9(a)(3)-2.

Section 1002.105--Covered Financial Institutions and Exempt 
Institutions

    105(a) Financial institution.
    1. Examples. Section 1002.105(a) defines a financial institution 
as any partnership, company, corporation, association (incorporated 
or unincorporated), trust, estate, cooperative organization, or 
other entity that engages in any financial activity. This definition 
includes, but is not limited to, banks, savings associations, credit 
unions, online lenders, platform lenders, community development 
financial institutions, lenders involved in equipment and vehicle 
financing (captive financing companies and independent financing 
companies), commercial finance companies, organizations exempt from 
taxation pursuant to 26 U.S.C. 501(c), and governments or 
governmental subdivisions or agencies.
    2. Motor vehicle dealers. Pursuant to Sec.  1002.101(a), subpart 
B of this part excludes from coverage persons defined by section 
1029 of the Consumer Financial Protection Act of 2010, title X of 
the Dodd-Frank Wall Street Reform and Consumer Protection Act, 
Public Law 111-203, 124 Stat. 1376, 2004 (2010).
    105(b) Covered financial institution.
    1. Preceding calendar year. The definition of covered financial 
institution refers to preceding calendar years. For example, in 
2026, the two preceding calendar years are 2024 and 2025. 
Accordingly, in 2026, Financial Institution A does not meet the 
loan-volume threshold in Sec.  1002.105(b) if did not originate at 
least 25 covered credit transactions for small businesses both 
during 2024 and during 2025.
    2. Origination threshold. A financial institution qualifies as a 
covered financial institution based on total covered credit 
transactions originated for small businesses, rather than covered 
applications received from small businesses. For example, if in both 
2024 and 2025, Financial Institution B received 30 covered 
applications from small businesses and originated 20 covered credit 
transactions for small businesses, then for 2026, Financial 
Institution B is not a covered financial institution.
    3. Annual consideration. Whether a financial institution is a 
covered financial institution in a particular year depends on its 
small business lending activity in the preceding two calendar years. 
Therefore, whether a financial institution is a covered financial 
institution is an annual consideration for each year that data may 
be compiled and maintained for purposes of subpart B of this part. A 
financial institution may be a covered financial institution for a 
given year of data collection (and the obligations arising from 
qualifying as a covered financial institution shall continue into 
subsequent years, pursuant to Sec. Sec.  1002.110 and 1002.111), but 
the same financial institution may not be a covered financial 
institution for the following year of data collection. For example, 
Financial Institution C originated 30 covered transactions for small 
businesses in both 2024 and 2025. In 2026, Financial Institution C 
is a covered financial institution and therefore is obligated to 
compile and maintain applicable 2026 small business lending data 
under Sec.  1002.107(a). During 2026, Financial Institution C 
originates 10 covered transactions for small businesses. In 2027, 
Financial Institution C is not a covered financial institution with 
respect to 2027 small business lending data, and is not obligated to 
compile and maintain 2027 data under Sec.  1002.107(a) (although 
Financial Institution C may volunteer to collect and maintain 2027 
data pursuant to Sec.  1002.5(a)(4)(vii) and as explained in comment 
105(b)-7). Pursuant to Sec.  1002.109(a), Financial Institution C 
shall submit its small business lending application register for 
2026 data in the format prescribed by the Bureau by June 1, 2027 
because Financial Institution C is a covered financial institution 
with respect to 2026 data, and the data submission deadline of June 
1, 2027 applies to 2026 data.
    4. Merger or acquisition--coverage of surviving or newly formed 
institution. After a merger or acquisition, the surviving or newly 
formed financial institution is a covered financial institution 
under Sec.  1002.105(b) if it, considering the combined lending 
activity of the surviving or newly formed institution and the merged 
or acquired financial institutions (or acquired branches or 
locations), satisfies the criteria included in Sec.  1002.105(b). 
For example, Financial Institutions A and B merge. The surviving or 
newly formed financial institution meets the threshold in Sec.  
1002.105(b) if the combined previous components of the surviving or 
newly formed financial institution (A plus B) would have reported at 
least 25 covered credit transactions for small businesses for each 
of the two preceding calendar years. Similarly, if the combined 
previous components and the surviving or newly formed financial 
institution would have reported at least 25 covered transactions for 
small businesses for the year previous to the merger as well as 25 
covered transactions for small businesses for the year of the 
merger, the threshold described in Sec.  1002.105(b) would be met 
and the surviving or newly formed financial institution would be a 
covered institution under Sec.  1002.105(b) for the year following 
the merger. Comment 105(b)-5 discusses a financial institution's 
responsibilities with respect to compiling and maintaining (and 
subsequently reporting) data during the calendar year of a merger.
    5. Merger or acquisition--coverage specific to the calendar year 
of the merger or acquisition. The scenarios described below 
illustrate a financial institution's responsibilities specifically 
for data from the calendar year of a merger or acquisition. For 
purposes of these illustrations, an ``institution that is not 
covered'' means either an institution that is not a financial 
institution, as defined in Sec.  1002.105(a), or a financial 
institution that is not a covered financial institution, as defined 
in Sec.  1002.105(b).
    i. Two institutions that are not covered financial institutions 
merge. The surviving or newly formed institution meets all of the 
requirements necessary to be a covered financial institution. No 
data are required to be compiled, maintained, or reported for the 
calendar year of the merger (even though the merger creates an 
institution that meets all of the requirements necessary to be a 
covered financial institution).
    ii. A covered financial institution and an institution that is 
not covered merge. The covered financial institution is the 
surviving institution, or a new covered financial institution is 
formed. For the calendar year of the merger, data are required to be 
compiled, maintained, and reported for covered applications from the 
covered financial institution and is optional for covered 
applications from the financial institution that was previously not 
covered.
    iii. A covered financial institution and an institution that is 
not covered merge. The institution that is not covered is the 
surviving institution and remains not covered after the merger, or a 
new institution that is not covered is formed. For the calendar year 
of the merger, data are required to be compiled and maintained (and 
subsequently reported) for covered applications from the previously 
covered financial institution that took place prior to the merger. 
After the merger date, compiling, maintaining, and reporting data is 
optional for applications from the institution that was previously 
covered.
    iv. Two covered financial institutions merge. The surviving or 
newly formed financial institution is a covered financial 
institution. Data are required to be compiled and maintained (and 
subsequently reported) for the entire calendar year of the merger. 
The surviving or newly formed financial institution files either a 
consolidated submission or separate submissions for that calendar 
year.
    6. Foreign applicability. As discussed in comment 1(a)-2, 
Regulation B (including subpart B) generally does not apply to 
lending activities that occur outside the United States.
    7. Voluntary collection and reporting. Section 1002.5(a)(4)(vii) 
through (ix) permits a creditor that is not a covered financial 
institution under Sec.  1002.105(b) to voluntarily collect and 
report information regarding covered applications in certain 
circumstances. If a creditor is voluntarily collecting information 
for covered applications regarding whether the applicant is a 
minority-owned business under Sec.  1002.107(a)(18) or a women-owned 
business under Sec.  1002.107(a)(19), and regarding the ethnicity, 
race, and sex of the applicant's principal owners under Sec.  
1002.107(20), it shall do so in compliance with Sec. Sec.  1002.107, 
1002.108, 1002.111, 1002.112, and 1002.114 as though it were a 
covered financial institution. See also comment 5(a)(4)-1. If a 
creditor is voluntarily reporting those covered applications to the 
Bureau, it shall do so in compliance with Sec. Sec.  1002.109 and 
1002.110 as though it were a covered financial institution.

Section 1002.106--Business and Small Business

    106(b) Small business.

[[Page 56591]]

    1. Change in determination of small business status--business is 
ultimately not a small business. If a financial institution 
initially determines an applicant is a small business as defined in 
Sec.  1002.106 based on available information and collects data 
required by Sec.  1002.107(a)(18) through (20) but later concludes 
that the applicant is not a small business, the financial 
institution may process and retain the data without violating the 
Act or this regulation if it meets the requirements of Sec.  
1002.112(c)(3). The financial institution shall not report the 
application on its small business lending application register 
pursuant to Sec.  1002.109.
    2. Change in determination of small business status--business is 
ultimately a small business. Consistent with Sec.  1002.107(a)(14), 
a financial institution need not independently verify gross annual 
revenue. If a financial institution initially determines that the 
applicant is not a small business as defined in Sec.  1002.106, but 
later concludes the applicant is a small business, the financial 
institution shall endeavor to compile, maintain, and report the data 
required under Sec.  1002.107(a) in a manner that is reasonable 
under the circumstances. For example, if the applicant initially 
provides a gross annual revenue of $5.5 million (that is, above the 
threshold for a small business as defined in Sec.  1002.106(b)), but 
during the course of underwriting the financial institution 
discovers the applicant's gross annual revenue was in fact $4.75 
million (meaning that the applicant is within the definition of a 
small business under Sec.  1002.106(b)), the financial institution 
is required to report the covered application pursuant to Sec.  
1002.109. In this situation, the financial institution shall take 
reasonable steps upon discovery to compile, maintain, and report the 
data necessary under Sec.  1002.107(a) to comply with subpart B of 
this part for that covered application. Thus, in this example, even 
if the financial institution's procedure is typically to request 
applicant-provided data together with the application form, in this 
circumstance, the financial institution shall seek to collect the 
data during the application process necessary to comply with subpart 
B in a manner that is reasonable under the circumstances. The 
financial institution remains subject to Sec.  1002.107(c)(1) 
related to the time and manner of collecting applicant-provided 
data.
    3. Affiliate revenue. As explained in comment 107(a)(14)-3, a 
financial institution is permitted, but not required, to report the 
gross annual revenue for the applicant that includes the revenue of 
affiliates as well. As explained in comment 107(a)(14)-1, pursuant 
to Sec.  1002.107(b), if the financial institution verifies the 
gross annual revenue provided by the applicant, it must report the 
verified information. Likewise, a financial institution is permitted 
to rely on an applicant's representations regarding gross annual 
revenue (which may or may not include the affiliate's revenue) for 
purposes of determining small business status under Sec.  
1002.106(b). However, if the applicant provides updated gross annual 
revenue information (see comment 107(c)(1)-7), or the financial 
institution verifies the gross annual revenue information, the 
financial institution must use the updated or verified information 
in determining small business status.

Section 1002.107--Compilation of Reportable Data

    107(a) Data format and itemization.
    1. General. Section 1002.107(a) describes a covered financial 
institution's obligation to compile and maintain data regarding the 
covered applications it receives from small businesses.
    i. A covered financial institution reports these data even if 
the credit originated pursuant to the reported application was 
subsequently sold by the institution.
    ii. A covered financial institution annually reports data for 
covered applications for which final action was taken in the 
previous calendar year.
    iii. A financial institution reports data for a covered 
application on its small business lending application register for 
the calendar year during which final action was taken on the 
application, even if the institution received the application in a 
previous calendar year.
    2. Filing Instructions Guide. Additional details and procedures 
for compiling data pursuant to Sec.  1002.107 are included in the 
Filing Instructions Guide, which is available at [a designated 
Bureau website].
    107(a)(1) Unique identifier.
    1. Unique within the financial institution. A financial 
institution complies with Sec.  1002.107(a)(1) by compiling and 
reporting an alphanumeric application or loan identifier unique 
within the financial institution to the specific application. The 
identifier must not exceed 45 characters, and must begin with the 
financial institution's Legal Entity Identifier (LEI), as defined in 
comment 109(b)(6)-1. Separate applications for the same applicant 
must have separate identifiers. The identifier may only include 
standard numerical and/or alphabetical characters and cannot include 
dashes, other special characters, or characters with diacritics. The 
financial institution may assign the unique identifier at any time 
prior to reporting the application. Refinancings or applications for 
refinancing must be assigned a different identifier than the 
transaction that is being refinanced. A financial institution with 
multiple branches must ensure that its branches do not use the same 
identifiers to refer to multiple applications.
    2. Does not include directly identifying information. The unique 
identifier must not include any directly identifying information 
about the applicant or persons (natural or legal) associated with 
the applicant. See also Sec.  1002.111(c) and related commentary.
    107(a)(2) Application date.
    1. Consistency. Section 1002.107(a)(2) requires that, in 
reporting the date of covered application, a financial institution 
shall report the date it received the covered application, as 
defined under Sec.  1002.103, or the date shown on a paper or 
electronic application form. Although a financial institution need 
not choose the same approach for its entire small business lending 
application register, it should generally be consistent in its 
approach by, for example, establishing procedures for how to report 
this date within particular scenarios, products, or divisions. If 
the financial institution chooses to report the date shown on an 
application form and the institution retains multiple versions of 
the application form, the institution reports the date shown on the 
first application form satisfying the application definition 
provided under Sec.  1002.103.
    2. Indirect applications. For an application that was not 
submitted directly to the financial institution or its affiliate (as 
described in Sec.  1002.107(a)(4)), the institution may report the 
date the application was received by the party that initially 
received the application, the date the application was received by 
the financial institution, or the date shown on the application 
form. Although a financial institution need not choose the same 
approach for its entire small business lending application register, 
it should generally be consistent in its approach by, for example, 
establishing procedures for how to report this date within 
particular scenarios, products, or divisions.
    107(a)(3) Application method.
    1. General. A financial institution complies with Sec.  
1002.107(a)(3) by reporting the means by which the applicant 
submitted the application from one of the following options: In-
person, telephone, online, or mail.
    i. In-person. A financial institution reports the application 
method as ``in-person'' if the financial institution, or another 
party acting on the financial institution's behalf, meets with the 
applicant in person (for example, in a branch office, at the 
applicant's place of business, or via electronic media with a video 
component).
    ii. Telephone. A financial institution reports the application 
method as ``telephone'' if the financial institution, or another 
party acting on the financial institution's behalf, did not meet 
with the applicant in person as described in comment 1002.107(a)(3)-
1.i but communicated with the applicant by telephone or via audio-
based electronic media without a video component.
    iii. Online. A financial institution reports the application 
method as ``online'' if the financial institution, or another party 
acting on the financial institution's behalf, did not meet with the 
applicant in person and did not communicate with the applicant by 
telephone as described in comments 1002.107(a)(3)-1.i and ii, but 
communicated with the applicant through an online application, 
electronic mail, text message, and/or some other form of online 
communication.
    iv. Mail. A financial institution reports the application method 
as ``mail'' if the financial institution, or another party acting on 
the financial institution's behalf, did not meet with the applicant 
in person and did not communicate with the applicant by telephone, 
as described in comments 1002.107(a)(3)-1.i and ii, but communicated 
with the applicant in writing via United States mail, courier or 
overnight service, or hand-delivery (including hand-delivery of 
documents via an overnight drop box or at a teller window).
    2. Reporting for interactions with applicants involving both 
mail and online. If

[[Page 56592]]

a financial institution, or another party acting on the financial 
institution's behalf, communicated with the applicant both online as 
described in comment 1002.107(a)(3)-1.iii and by mail as described 
in 1002.107(a)(3)-1.iv, the financial institution reports the 
application method based on the method by which it, or another party 
acting on its behalf, requested the ethnicity, race, and sex of the 
applicant's principal owners pursuant to Sec.  1002.107(a)(20). For 
example, if a financial institution requests the ethnicity, race, 
and sex information through an online form, it reports the 
application method as ``online.'' If the financial institution 
requests the ethnicity, race, and sex information via a paper form 
sent to the applicant by mail, it reports the application method as 
``mail.'' If the financial institution requests the ethnicity, race, 
and sex information electronically online or via an electronic 
document that is emailed to the applicant, that the applicant then 
prints and returns to the financial institution by mail, the 
financial institution reports the application method as ``online'' 
(because that is the method by which the financial institution 
requested the ethnicity, race, and sex information).
    107(a)(4) Application recipient.
    1. Agents. If a financial institution is reporting actions taken 
by its agent consistent with comment 109(a)(3)-3, the agent is 
considered the financial institution for the purposes of Sec.  
1002.107(a)(4). For example, assume that an applicant submitted an 
application to Financial Institution A, and Financial Institution A 
made the credit decision acting as Financial Institution B's agent 
under State law. Financial Institution B reports the origination and 
indicates that the application was submitted directly to Financial 
Institution B.
    107(a)(5) Credit type.
    1. Reporting credit product--in general. A financial institution 
complies with Sec.  1002.107(a)(5)(i) by selecting the credit 
product requested from the list below. If an applicant requests more 
than one credit product, the financial institution reports each 
credit product requested as a separate application. If the credit 
product requested or originated is not included on this list, the 
financial institution selects ``other,'' and reports the credit 
specific product as free-form text.
    i. Term loan--unsecured.
    ii. Term loan--secured.
    iii. Line of credit--unsecured.
    iv. Line of credit--secured.
    v. Credit card.
    vi. Merchant cash advance.
    vii. Other sales-based financing transaction.
    viii. Other.
    ix. Not provided by applicant and otherwise undetermined.
    2. Credit product not provided by the applicant and otherwise 
undetermined. Pursuant to Sec.  1002.107(c)(1), a financial 
institution is required to maintain procedures reasonably designed 
to collect applicant-provided data, which includes credit product. 
However, if a financial institution is nonetheless unable to collect 
or otherwise determine credit product information because the 
applicant does not indicate what credit product it seeks and the 
application is denied, withdrawn, or closed for incompleteness 
before a credit product is identified, the financial institution 
reports that the credit product is ``not provided by applicant and 
otherwise undetermined.''
    3. Reporting credit product involving counteroffers. If a 
financial institution presents a counteroffer for a different credit 
product than the product the applicant had initially requested, and 
the applicant does not agree to proceed with the counteroffer, the 
financial institution reports the application for the original 
credit product as denied pursuant to Sec.  1002.107(a)(9). If the 
applicant agrees to proceed with consideration of the financial 
institution's counteroffer, the financial institution reports the 
disposition of the application based on the credit product that was 
offered and does not report the original credit product applied for. 
See comment 107(a)(9)-2.
    4. Guarantees. A financial institution complies with Sec.  
1002.107(a)(5)(ii) by selecting the type or types of guarantees that 
were obtained for an originated covered credit transaction, or that 
would have been obtained if the covered credit transaction was 
originated, from the list below. The financial institution selects, 
if applicable, up to a maximum of five guarantees for a single 
application or transaction. If the type of guarantee does not appear 
on the list, the financial institution selects ``other guarantee'' 
and reports the type of guarantee as free-form text. If no guarantee 
is obtained or would have been obtained if the covered credit 
transaction was originated, the financial institution selects ``no 
guarantee.''
    i. Personal guarantee--owner(s).
    ii. Personal guarantee--non-owner(s).
    iii. SBA guarantee--7(a) program.
    iv. SBA guarantee--504 program.
    v. SBA guarantee--other.
    vi. USDA guarantee.
    vii. FHA insurance.
    viii. Bureau of Indian Affairs guarantee
    ix. Other Federal guarantee.
    x. State or local government guarantee.
    xi. Other guarantee.
    xii. No guarantee.
    5. Loan term. A financial institution complies with Sec.  
1002.107(a)(5)(iii) by reporting the number of months in the loan 
term for the covered credit transaction. The loan term is the number 
of months after which the legal obligation will mature or terminate. 
The financial institution does not include in the loan term the time 
that elapses, if any, between the settlement of the transaction and 
the first payment period. For example, if a loan closes on April 12, 
but the first payment is not due until June 1 and includes the 
interest accrued in May (but not April), the financial institution 
does not include the month of April in the loan term. The financial 
institution may round the loan term to the nearest full month or may 
count only full months and ignore partial months, as it so chooses. 
If a credit product, such as a credit card, does not have a loan 
term, the financial institution reports that the loan term is ``not 
applicable.'' The financial institution also reports ``not 
applicable'' if the application is denied, withdrawn, or determined 
to be incomplete before a loan term has been identified.
    6. Other sales-based financing transaction. For an extension of 
business credit incident to a factoring arrangement that is 
otherwise a covered credit transaction, a financial institution 
selects ``other sales-based financing transaction'' as the credit 
product. See comment 104(b)-1.
    107(a)(6) Credit purpose.
    1. General. A financial institution complies with Sec.  
1002.107(a)(6) by selecting the purpose or purposes of the covered 
credit transaction applied for or originated from the list below.
    i. Purchase, construction/improvement, or refinance of owner-
occupied dwelling(s).
    ii. Purchase, construction/improvement, or refinance of non-
owner-occupied dwelling(s).
    iii. Purchase, construction/improvement, or refinance of non-
owner-occupied, non-dwelling real estate.
    iv. Purchase, construction/improvement, or refinance of owner-
occupied, non-dwelling real estate.
    v. Purchase, refinance, or rehabilitation/repair of motor 
vehicle(s) (including light and heavy trucks).
    vi. Purchase, refinance, or rehabilitation/repair of equipment.
    vii. Working capital (includes inventory or floor planning).
    viii. Business start-up.
    ix. Business expansion.
    x. Business acquisition.
    xi. Refinance existing debt (other than refinancings listed 
above).
    xii. Line increase.
    xiii. Other.
    xiv. Not provided by applicant and otherwise undetermined.
    xv. Not applicable.
    2. More than one purpose. If the applicant indicates or the 
financial institution is otherwise aware of more than one purpose 
for the credit applied for or originated, the financial institution 
reports those purposes, up to a maximum of three, using the list 
provided, in any order it chooses. For example, if an applicant 
refinances a non-dwelling commercial building it owns and uses the 
funds to purchase a motor vehicle and expand the business it runs in 
a part of that building, the financial institution reports that the 
three purposes of the credit are purchase, construction/improvement, 
or refinance of owner-occupied, non-dwelling real estate; purchase, 
refinance, or rehabilitation/repair of motor vehicle(s) (including 
light and heavy trucks); and business expansion. If an application 
has more than three purposes, the financial institution reports any 
three of those purposes. In the example above, if the funds were 
also used to purchase equipment, the financial institution would 
select only three of the relevant purposes to report.
    3. ``Other'' credit purpose. If a purpose of an application does 
not appear on the list of purposes provided, the financial 
institution reports ``other'' as the credit purpose and reports the 
credit purpose as free-form text. If the application has more than 
one ``other'' purpose, the financial institution chooses the most 
significant ``other'' purpose, in its discretion, and reports that 
``other'' purpose.

[[Page 56593]]

The financial institution reports a maximum of three credit 
purposes, including any ``other'' purpose reported.
    4. Credit purpose not provided by applicant and otherwise 
undetermined. Pursuant to Sec.  1002.107(c)(1), a financial 
institution shall maintain procedures reasonably designed to collect 
applicant-provided information, which includes credit purpose. 
However, if a financial institution is nonetheless unable to collect 
or determine credit purpose information, the financial institution 
reports that the credit purpose is ``not provided by applicant and 
otherwise undetermined.''
    5. Not applicable. If the application is for a credit product 
that generally has indeterminate or numerous potential purposes, 
such as a credit card, the financial institution may report credit 
purpose as ``not applicable.''
    6. Excluded dwellings. As explained in comment 104(b)-4, subpart 
B of this part does not apply to an extension of credit that is 
secured by 1-4 individual dwelling units that the applicant or one 
or more of the applicant's principal owners does not, or will not, 
occupy.
    7. Collecting credit purpose. Pursuant to Sec.  1002.107(c)(1), 
a financial institution shall maintain procedures reasonably 
designed to collect applicant-provided information, including credit 
purpose. The financial institution is permitted, but not required, 
to present the list of credit purposes provided in comment 
107(a)(6)-1 to the applicant. The financial institution is also 
permitted to ask about purposes not included on the list provided in 
comment 107(a)(6)-1. If the applicant chooses a purpose or purposes 
not included on the provided list, the financial institution follows 
the instructions in comment 107(a)(6)-3 regarding reporting of 
``other'' as the credit purpose. If an applicant chooses a purpose 
or purposes that are similar to purposes on the list provided, but 
uses different language, the financial institution reports the 
purpose or purposes from the list provided.
    107(a)(7) Amount applied for.
    1. Initial amount requested. A financial institution complies 
with Sec.  1002.107(a)(7) by reporting the initial amount of credit 
or the credit limit initially requested by the applicant. The 
financial institution is not required to report credit amounts or 
limits discussed before an application is made, but must capture the 
amount initially requested at the application stage or later. If the 
applicant does not request a specific amount, but the financial 
institution underwrites the application for a specific amount, the 
financial institution reports the amount considered for underwriting 
as the amount applied for. If the applicant requests an amount as a 
range of numbers, the financial institution reports the midpoint of 
that range.
    2. No amount requested. Pursuant to Sec.  1002.107(c)(1), a 
financial institution shall maintain procedures reasonably designed 
to collect applicant-provided information, which includes the credit 
amount initially requested by the applicant. However, if a financial 
institution is nonetheless unable to collect or otherwise determine 
the amount initially requested, the financial institution reports 
that the amount applied for is ``not provided by applicant and 
otherwise undetermined.'' If the particular product applied for does 
not involve a specific amount requested or underwritten, the 
financial institution reports that the requirement is ``not 
applicable.''
    3. Firm offers. When an applicant responds to a ``firm offer'' 
that specifies an amount or limit, which may occur in conjunction 
with a pre-approved credit solicitation, the financial institution 
reports the amount applied for as the amount of the firm offer, 
unless the applicant requests a different amount. If the firm offer 
does not specify an amount or limit and the applicant does not 
request a specific amount, the amount applied for is the amount 
underwritten by the financial institution.
    4. Additional amounts on an existing account. When reporting a 
covered application that seeks additional credit amounts on an 
existing account, the financial institution reports only the 
additional credit amount sought, and not any previous amounts 
extended. See comment 103(b)-3.
    107(a)(8) Amount approved or originated.
    1. General. A financial institution complies with Sec.  
1002.107(a)(8) by reporting the amount approved or originated for 
credit that is originated or approved but not accepted. For 
applications that the financial institution, pursuant to Sec.  
1002.107(a)(9), reports as denied, withdrawn by the applicant, or 
incomplete, the financial institution reports that the amount 
approved or originated is ``not applicable.''
    2. Multiple approval amounts. A financial institution may 
sometimes approve an applicant for more than one credit amount, 
allowing the applicant to choose which amount the applicant prefers 
for the extension or line of credit. When multiple approval amounts 
are offered for a closed-end credit transaction for which the action 
taken is approved but not accepted, and the applicant does not 
accept the approved offer of credit in any amount, the financial 
institution reports the highest amount approved. If the applicant 
accepts the offer of closed-end credit, the financial institution 
reports the amount originated. When multiple approval amounts are 
offered for an open-end credit transaction for which the action 
taken is approved but not accepted, and the applicant does not 
accept the approved offer of credit in any amount, the financial 
institution reports the highest amount approved. If the applicant 
accepts the offer of open-end credit, the financial institution 
reports the actual credit limit established.
    3. Amount approved or originated--closed-end credit transaction. 
For an originated closed-end credit transaction, the financial 
institution reports the principal amount to be repaid. This amount 
will generally be disclosed on the legal obligation.
    4. Amount approved or originated--refinancing. For a 
refinancing, the financial institution reports the amount of credit 
approved or originated under the terms of the new debt obligation.
    5. Amount approved or originated--counteroffer. If an applicant 
agrees to proceed with consideration of a counteroffer for an amount 
or limit different from the amount for which the applicant applied, 
and the covered credit transaction is approved and originated, the 
financial institution reports the amount granted. If an applicant 
does not agree to proceed with consideration of a counteroffer or 
fails to respond, the institution reports the application as denied 
and reports ``not applicable'' for the amount approved or 
originated. See comment 107(a)(9)-2.
    107(a)(9) Action taken.
    1. General. A financial institution complies with Sec.  
1002.107(a)(9) by selecting the action taken by the financial 
institution on the application from the following list: originated, 
approved but not accepted, denied, withdrawn by the applicant, or 
incomplete. A financial institution identifies the applicable action 
taken code based on final action taken on the covered application.
    i. Originated. A financial institution reports that the covered 
credit transaction was originated if the financial institution made 
a credit decision approving the application and that credit decision 
results in an extension of credit.
    ii. Approved but not accepted. A financial institution reports 
an application as approved but not accepted if the financial 
institution made a credit decision approving the application, but 
the applicant or the party that initially received the application 
fails to respond to the financial institution's approval within the 
specified time, or the covered credit transaction was not otherwise 
consummated or the account was not otherwise opened.
    iii. Denied. A financial institution reports that the 
application was denied if it made a credit decision denying the 
application before an applicant withdraws the application, before 
the file is closed for incompleteness, or before the application is 
denied for incompleteness.
    iv. Withdrawn by the applicant. A financial institution reports 
that the application was withdrawn if the application is expressly 
withdrawn by the applicant before the financial institution makes a 
credit decision approving or denying the application, before the 
file is closed for incompleteness, or before the application is 
denied for incompleteness.
    v. Incomplete. A financial institution reports incomplete if the 
financial institution took adverse action on the basis of 
incompleteness under Sec.  1002.9(c)(1)(i) or provided a written 
notice of incompleteness under Sec.  1002.9(c)(2), and the applicant 
did not respond to the request for additional information within the 
period of time specified in the notice.
    2. Treatment of counteroffers. If a financial institution makes 
a counteroffer to grant credit on terms other than those originally 
requested by the applicant (for example, for a shorter loan 
maturity, with a different interest rate, or in a different amount) 
and the applicant declines the counteroffer or fails to respond, the 
institution reports the action taken as a denial on the original 
terms requested by the applicant. If the applicant agrees to proceed 
with consideration of the financial institution's counteroffer, the 
financial institution reports the action taken

[[Page 56594]]

as the disposition of the application based on the terms of the 
counteroffer. For example, assume an applicant applies for a term 
loan and the financial institution makes a counteroffer to proceed 
with consideration of a line of credit. If the applicant declines to 
be considered for a line of credit, the financial institution 
reports the application as a denied request for a term loan. If, on 
the other hand, the applicant agrees to be considered for a line of 
credit, then the financial institution reports the action taken as 
the disposition of the application for the line of credit. For 
instance, using the same example, if the financial institution makes 
a credit decision approving the line of credit, but the applicant 
fails to respond to the financial institution's approval within the 
specified time by accepting the credit offer, the financial 
institution reports the application on the line of credit as 
approved but not accepted.
    3. Treatment of rescinded transactions. If a borrower 
successfully rescinds a transaction after closing but before a 
financial institution is required to submit its small business 
lending application register containing the information for the 
application under Sec.  1002.109, the institution reports the 
application as approved but not accepted.
    4. Treatment of pending applications. A financial institution 
does not report any application still pending at the end of the 
calendar year; it reports such applications on its small business 
lending application register for the year in which final action is 
taken.
    5. Treatment of conditional approvals. If a financial 
institution issues an approval that is subject to the applicant 
meeting certain conditions, the financial institution reports the 
action taken as provided below dependent on whether the conditions 
are solely customary commitment or closing conditions or if the 
conditions include any underwriting or creditworthiness conditions. 
Customary commitment or closing conditions include, for example, a 
clear-title requirement, proof of insurance policies, a 
subordination agreement from another lienholder, or property titling 
of associated accounts. Underwriting or creditworthiness conditions 
include, for example, conditions that constitute a counteroffer 
(such as a demand for a higher down-payment), satisfactory loan-to-
value ratios, or verification or confirmation, in whatever form the 
institution requires, that the applicant meets underwriting 
conditions concerning applicant creditworthiness, including 
documentation or verification of revenue, income or assets.
    i. Conditional approval--denial. If the approval is conditioned 
on satisfying underwriting or creditworthiness conditions, those 
conditions are not met, and the financial institution takes adverse 
action on some basis other than incompleteness, the financial 
institution reports the action taken as denied.
    ii. Conditional approval--incompleteness. If the approval is 
conditioned on satisfying underwriting or creditworthiness 
conditions that the financial institution needs to make the credit 
decision, and the financial institution takes adverse action on the 
basis of incompleteness under Sec.  1002.9(c)(1)(i), or has sent a 
written notice of incompleteness under Sec.  1002.9(c)(2) and the 
applicant did not respond within the period of time specified in the 
notice, the financial institution reports the action taken as 
incomplete.
    iii. Conditional approval--approved but not accepted. If the 
approval is conditioned on satisfying conditions that are solely 
customary commitment or closing conditions and the conditions are 
not met, the financial institution reports the action taken as 
approved but not accepted. If all the conditions (underwriting, 
creditworthiness, or customary commitment or closing conditions) are 
satisfied and the financial institution agrees to extend credit but 
the covered credit transaction is not originated (for example, 
because the applicant withdraws), the financial institution reports 
the action taken as approved but not accepted.
    iv. Conditional approval--withdrawn by the applicant. If the 
applicant expressly withdraws before satisfying all underwriting or 
creditworthiness conditions and before the institution denies the 
application or before the institution closes the file for 
incompleteness, the financial institution reports the action taken 
as withdrawn.
    107(a)(10) Action taken date.
    1. Reporting action taken date for denied applications. For 
applications that are denied, a financial institution reports either 
the date the application was denied or the date the denial notice 
was sent to the applicant.
    2. Reporting action taken date for applications withdrawn by 
applicant. For applications that are withdrawn by the applicant, the 
financial institution reports the date the express withdrawal was 
received, or the date shown on the notification form in the case of 
a written withdrawal.
    3. Reporting action taken date for applications that are 
approved but not accepted. For applications approved by a financial 
institution but not accepted by the applicant, the financial 
institution reports any reasonable date, such as the approval date, 
the deadline for accepting the offer, or the date the file was 
closed. A financial institution should generally be consistent in 
its approach to reporting by, for example, establishing procedures 
for how to report this date for particular scenarios, products, or 
divisions.
    4. Reporting action taken date for originated covered credit 
transactions. For covered credit transactions that are originated, a 
financial institution generally reports the closing or account 
opening date. If the disbursement of funds takes place on a date 
later than the closing or account opening date, the institution may, 
alternatively, use the date of initial disbursement. A financial 
institution should generally be consistent in its approach to 
reporting by, for example, establishing procedures for how to report 
this date in different scenarios, products, or divisions.
    5. Reporting action taken date for incomplete applications. For 
files closed for incompleteness or denied for incompleteness, the 
financial institution reports either the date the action was taken 
or the date the denial or incompleteness notice was sent to the 
applicant.
    107(a)(11) Denial reasons.
    1. Reason for denial--in general. A financial institution 
complies with Sec.  1002.107(a)(11) by reporting the principal 
reason or reasons it denied the application, indicating up to four 
reasons. The financial institution reports only the principal reason 
or reasons it denied the application, even if there are fewer than 
four reasons. For example, if a financial institution denies an 
application due to insufficient cashflow, unacceptable collateral, 
and unverifiable business information, the financial institution is 
required to report these three reasons. The reasons reported must 
accurately describe the principal reason or reasons the financial 
institution denied the application. A financial institution reports 
denial reasons by selecting its principal reason or reasons for 
denying the application from the following list:
    i. Credit characteristics of the business. A financial 
institution reports the denial reason as ``credit characteristics of 
the business'' if it denies the application based on an assessment 
of the business's ability to meet its current or future credit 
obligations. Examples include business credit score, history of 
business bankruptcy or delinquency, and/or a high number of recent 
business credit inquiries.
    ii. Credit characteristics of the principal owner(s) or 
guarantor(s). A financial institution reports the denial reason as 
``credit characteristics of the principal owner(s) or guarantor(s)'' 
if it denies the application based on an assessment of the principal 
owner(s) or guarantor(s)'s ability to meet its current or future 
credit obligations. Examples include principal owner(s) or 
guarantor(s)'s credit score, history of charge offs, bankruptcy or 
delinquency, low net worth, limited or insufficient credit history, 
or history of excessive overdraft.
    iii. Use of loan proceeds. A financial institution reports the 
denial reason as ``use of loan proceeds'' if it denies an 
application because, as a matter of policy or practice, it limits 
lending to certain kinds of businesses, particular product lines 
within a business class, or certain industries it has identified as 
high risk. For example, if an application for credit to establish a 
cannabis dispensary is denied by a financial institution because it 
has classified all cannabis-related business as ``high risk,'' the 
financial institution reports the reason for denial as ``use of loan 
proceeds.''
    iv. Cashflow. A financial institution reports the denial reason 
as ``cashflow'' when it denies an application due to insufficient or 
inconsistent cashflow.
    v. Collateral. A financial institution reports the denial reason 
as ``collateral'' when it denies an application due to insufficient, 
inappropriate, or unacceptable collateral.
    vi. Time in business. A financial institution reports the denial 
reason as ``time in business'' when it denies an application due to 
insufficient time or experience in a line of business. For example, 
a credit applicant establishes a business and applies for credit

[[Page 56595]]

five months later. The financial institution may determine that the 
applicant has insufficient experience in the business under the 
institution's underwriting standards and deny the application.
    vii. Government criteria. Certain loan programs are backed by 
government agencies that have specific eligibility requirements. 
When those requirements are not met by an applicant, and the 
financial institution denies the application, the financial 
institution reports the denial reason as ``government criteria.'' 
For example, if an applicant cannot meet a government-guaranteed 
loan program's requirement to provide a guarantor or proof of 
insurance, the financial institution reports the reason for the 
denial as ``government criteria.''
    viii. Aggregate exposure. Aggregate exposure is a measure of the 
total exposure or level of indebtedness of the business and its 
principal owner(s) associated with an application. A financial 
institution reports the denial reason as ``aggregate exposure'' 
where the total debt associated with the application is deemed high 
or exceeds certain debt thresholds set by the financial institution. 
For example, if an application for unsecured credit exceeds the 
maximum amount a financial institution is permitted to approve per 
applicant, as stated in its credit guidelines, and the financial 
institution denies the application for this reason, the financial 
institution reports the reason for denial as ``aggregate exposure.''
    ix. Unverifiable information. A financial institution reports 
the denial reason as ``unverifiable information'' when it is unable 
to verify information on an application, and denies the application 
for that reason. The unverifiable information must be necessary for 
the financial institution to make a credit decision based on its 
procedures for the type of credit requested. Examples include 
unverifiable assets or collateral, unavailable business credit 
report, and unverifiable business ownership composition.
    x. Other. A financial institution reports the denial reason as 
``other'' where none of the enumerated denial reasons adequately 
describe the principal reason or reasons it denied the application, 
and the institution reports the denial reason or reasons as free-
form text.
    2. Reason for denial--not applicable. A financial institution 
complies with Sec.  1002.107(a)(11) by reporting that the 
requirement is not applicable if the action taken on the 
application, pursuant to Sec.  1002.107(a)(9), is not a denial. For 
example, if the application resulted in an originated covered credit 
transaction, or the application was approved but not accepted, the 
financial institution complies with Sec.  1002.107(a)(11) by 
reporting not applicable.
    107(a)(12) Pricing information.
    1. General. For applications that a financial institution, 
pursuant to Sec.  1002.107(a)(9), reports as denied, withdrawn by 
the applicant, or incomplete, the financial institution reports that 
pricing information is ``not applicable.''
    107(a)(12)(i) Interest rate.
    1. Interest rate--introductory period. If a covered credit 
transaction includes an initial period with an introductory interest 
rate, after which the interest rate adjusts upwards or shifts from a 
fixed to variable rate, a financial institution complies with Sec.  
1002.107(a)(12)(i) by reporting information about the interest rate 
applicable after the introductory period. For example, if a 
financial institution originates a covered credit transaction with a 
fixed, initial interest rate of 0 percent for six months following 
origination, after which the interest rate will adjust according to 
a Prime index rate plus a 3 percent margin, the financial 
institution reports the 3 percent margin, Prime's value, and Prime 
as the name of the index used to adjust the interest rate.
    2. Multiple interest rates. If a covered credit transaction 
includes multiple interest rates applicable to different credit 
features, a financial institution complies with Sec.  
1002.107(a)(12)(i) by reporting the interest rate applicable to the 
amount of credit approved or originated reported in Sec.  
1002.107(a)(8). For example, if a financial institution originates a 
credit card with different interest rates for purchases, balance 
transfers, cash advances, and overdraft advances, the financial 
institution reports the interest rate applicable for purchases.
    3. Index names. A financial institution complies with Sec.  
1002.107(a)(12)(i) by selecting the index used from the following 
list: Wall Street Journal Prime, 6-month CD rate, 1-year T-Bill, 3-
year T-Bill, 5-year T-Note, 12-month average of 10-year T-Bill, Cost 
of Funds Index (COFI)-National, Cost of Funds Index (COFI)-11th 
District. If the index used does not appear on the list of indices 
provided, the financial institution reports ``other'' and provides 
the name of the index via free-form text.
    4. Index value. For covered transactions with an adjustable 
interest rate, a financial institution complies with Sec.  
1002.107(a)(12)(i)(B) by reporting the index value that is 
applicable at the time the application was approved by the financial 
institution. For covered credit transactions that include an initial 
period with an introductory interest rate, after which the interest 
rate adjusts upwards or shifts from a fixed to variable rate, a 
financial institution complies with Sec.  1002.107(a)(12)(i)(B) by 
reporting the index value applicable at the time the application was 
approved by the financial institution of the rate in effect after 
the introductory interest rate is complete.
    107(a)(12)(ii) Total origination charges.
    1. Charges in comparable cash transactions. Charges imposed 
uniformly in cash and credit transactions are not reportable under 
Sec.  1002.107(a)(12)(ii). In determining whether an item is part of 
the total origination charges, a financial institution should 
compare the covered credit transaction in question with a similar 
cash transaction. A financial institution financing the sale of 
property or services may compare charges with those payable in a 
similar cash transaction by the seller of the property or service.
    2. Charges by third parties. A financial institution includes 
fees and amounts charged by someone other than the financial 
institution in the total charges reported if the financial 
institution:
    i. Requires the use of a third party as a condition of or an 
incident to the extension of credit, even if the applicant can 
choose the third party; or
    ii. Retains a portion of the third-party charge, to the extent 
of the portion retained.
    3. Special rule; broker fees. A financial institution complies 
with Sec.  1002.107(a)(12)(ii) by including fees charged by a broker 
(including fees paid by the applicant directly to the broker or to 
the financial institution for delivery to the broker) in the total 
origination charges reported even if the financial institution does 
not require the applicant to use a broker and even if the financial 
institution does not retain any portion of the charge. For more 
information on broker fees, see commentary for Sec.  
1002.107(a)(12)(iii).
    4. Bundled services. Total origination charges include all 
charges imposed directly or indirectly by the financial institution 
at or before origination as an incident to or a condition of the 
extension of credit. Accordingly, a financial institution complies 
with Sec.  1002.107(a)(12)(ii) by including charges for other 
products or services paid at or before origination in the total 
origination charges reported if the financial institution requires 
the purchase of such other product or service as a condition of or 
an incident to the extension of credit.
    5. Origination charges--examples. Examples of origination 
charges may include application fees, credit report fees, points, 
appraisal fees, and other similar charges.
    107(a)(12)(iii) Broker fees.
    1. Amount. A financial institution complies with Sec.  
1002.107(a)(12)(iii) by including the fees reported in Sec.  
1002.107(a)(12)(ii) that are fees paid by the applicant directly to 
the broker or to the financial institution for delivery to the 
broker. For example, a covered transaction has $3000 of total 
origination charges. Of that $3000, $250 are fees paid by the 
applicant directly to a broker and an additional $300 are fees paid 
to the financial institution for delivery to the broker. The 
financial institution complies with Sec.  1002.107(a)(12)(iii) by 
reporting $550 in the broker fees reported.
    2. Fees paid directly to a broker by an applicant. A financial 
institution complies with Sec.  1002.107(a)(12)(iii) by relying on 
the best information readily available to the financial institution 
at the time final action is taken. Information readily available 
could include, for example, information provided by an applicant or 
broker that the financial institution reasonably believes regarding 
the amount of fees paid by the applicant directly to the broker.
    107(a)(12)(iv) Initial annual charges.
    1. Charges during the initial annual period. The total initial 
annual charges include all charges scheduled to be imposed during 
the initial annual period following origination. For example, if a 
financial institution originates a covered credit transaction with a 
$50 monthly fee and a $100 annual fee, the financial institution 
complies with Sec.  1002.107(a)(12)(iv) by reporting $700 in the 
initial annual charges reported.
    2. Interest excluded. A financial institution complies with 
Sec.  1002.107(a)(12)(iv) by excluding any interest expense from the 
initial annual charges reported.

[[Page 56596]]

    3. Avoidable charges. A financial institution complies with 
Sec.  1002.107(a)(12)(iv) by only including scheduled charges and 
excluding any charges for events that are avoidable by the applicant 
from the initial annual charges reported. Examples of avoidable 
charges include charges for late payment, for exceeding a credit 
limit, for delinquency or default, or for paying items that overdraw 
an account.
    4. Initial annual charges--examples. Examples of charges 
scheduled to be imposed during the initial annual period may include 
monthly fees, annual fees, and other similar charges.
    5. Scheduled charges with variable amounts. A financial 
institution complies with Sec.  1002.107(a)(12)(iv) by reporting as 
the default the highest amount for a charge scheduled to be imposed. 
For example, if a covered credit transaction has a $75 monthly fee, 
but the fee is reduced to $0 if the applicant maintains an account 
at the financial institution originating the covered credit 
transaction, the financial institution complies with Sec.  
1002.107(a)(12)(iv) by reporting $900 ($75x12) in the initial annual 
charges reported.
    107(a)(12)(v) Additional cost for merchant cash advances or 
other sales-based financing.
    1. Merchant cash advances. Section 1002.107(a)(12)(v) requires a 
financial institution to report the difference between the amount 
advanced and the amount to be repaid for a merchant cash advance or 
other sales-based financing transaction. For example, in a merchant 
cash advance, a financial institution reports the difference between 
the purchase price and the amount to be repaid, using the amounts 
provided in the contract between the financial institution and the 
applicant.
    107(a)(12)(vi) Prepayment penalties.
    1. Policies and procedures applicable to the covered credit 
transaction. The policies and procedures applicable to the covered 
credit transaction include the practices that the financial 
institution follows when evaluating applications for the specific 
credit type and credit purpose requested. For example, assume that a 
financial institution's written procedures permit it to include 
prepayment penalties in the loan agreement for its term loans 
secured by non-owner occupied commercial real estate. For such 
transactions, the financial institution includes prepayment 
penalties in some loan agreements but not others. For an application 
for, or origination of, a term loan secured by non-owner occupied 
commercial real estate, the financial institution reports under 
Sec.  1002.107(12)(vi)(A) that a prepayment penalty could have been 
included under the policies and procedures applicable to the 
transaction, regardless of whether the term loan secured by non-
owner occupied commercial real estate actually includes a prepayment 
penalty.
    107(a)(13) Census tract.
    1. General. A financial institution complies with Sec.  
1002.107(a)(13) by reporting a census tract number as defined by the 
U.S. Census Bureau, which includes State and county numerical codes. 
A financial institution complies with Sec.  1002.107(a)(13) if it 
uses the boundaries and codes in effect on January 1 of the calendar 
year covered by the small business lending application register that 
it is reporting. The financial institution reports census tract 
based on the following:
    i. Proceeds address. A financial institution complies with Sec.  
1002.107(a)(13) by reporting a census tract based on the address or 
location where the proceeds of the credit applied for or originated 
will be or would have been principally applied, if known. For 
example, a financial institution would report a census tract based 
on the address or location of the site where the proceeds of a 
construction loan will be applied.
    ii. Main office or headquarters address. If the address or 
location where the proceeds of the credit applied for or originated 
is unknown, a financial institution complies with Sec.  
1002.107(a)(13) by reporting a census tract number based on the 
address or location of the main office or headquarters of the 
applicant, if known. For example, the address or location of the 
main office or headquarters of the applicant may be the home address 
of a sole proprietor or the office address of a sole proprietor or 
other applicant.
    iii. Another address or location. If neither the address or 
location where the proceeds of the credit applied for or originated 
will be or would have been principally applied nor the address or 
location of the main office or headquarters of the applicant are 
known, a financial institution complies with Sec.  1002.107(a)(13) 
by reporting a census tract number based on another address or 
location associated with the applicant.
    iv. Type of address used. In addition to reporting the census 
tract, pursuant to Sec.  1002.107(a)(13)(iv) a financial institution 
must report which one of the three types of addresses or locations 
listed in Sec.  1002.107(a)(13)(i) through (iii) and described in 
comments 107(a)(13)-1.i through iii that the census tract is 
determined from.
    2. Financial institution discretion. A financial institution 
complies with Sec.  1002.107(a)(13) by identifying the appropriate 
address or location and the type of that address or location in good 
faith, using appropriate information from the applicant's credit 
file or otherwise known by the financial institution. A financial 
institution is not required to make inquiries beyond its standard 
procedures as to the nature of the addresses or locations it 
collects.
    3. Address or location not provided by applicant and otherwise 
undetermined. Pursuant to Sec.  1002.107(c)(1), a financial 
institution shall maintain procedures reasonably designed to collect 
applicant-provided information, which includes at least one address 
or location for an applicant for census tract reporting. However, if 
a financial institution is nonetheless unable to collect or 
otherwise determine any address or location for an application, the 
financial institution reports that the census tract information is 
``not provided by applicant and otherwise undetermined.''
    4. Safe harbor. As described in Sec.  1002.112(c)(1) and comment 
112(c)(1)-1, a financial institution that obtains an incorrect 
census tract by correctly using a geocoding tool provided by the 
FFIEC or the Bureau does not violate the Act or subpart B of this 
part.
    107(a)(14) Gross annual revenue.
    1. Collecting gross annual revenue. A financial institution may 
rely on statements of or information provided by the applicant in 
collecting and reporting gross annual revenue. However, pursuant to 
Sec.  1002.107(b), if the financial institution verifies the gross 
annual revenue provided by the applicant, it must report the 
verified information. The financial institution may use the 
following language to ask about gross annual revenue, if it does not 
collect gross annual revenue by another method, and may rely on the 
applicant's answer:
    What was the gross annual revenue of the business applying for 
credit in its last full fiscal year? Gross annual revenue is the 
amount of money the business earned before subtracting taxes and 
other expenses. You may provide gross annual revenue calculated 
using any reasonable method.
    2. Gross annual revenue not provided by applicant and otherwise 
undetermined. Pursuant to Sec.  1002.107(c)(1), a financial 
institution shall maintain procedures reasonably designed to collect 
applicant-provided information, which includes the gross annual 
revenue of the applicant. However, if a financial institution is 
nonetheless unable to collect or determine the gross annual revenue 
of the applicant, the financial institution reports that the gross 
annual revenue is ``not provided by applicant and otherwise 
undetermined.''
    3. Affiliate revenue. A financial institution is permitted, but 
not required, to report the gross annual revenue for the applicant 
that includes the revenue of affiliates as well. For example, if the 
financial institution does not normally collect information on 
affiliate revenue, the financial institution reports only the 
applicant's revenue and does not include the revenue of any 
affiliates when it has not collected that information. Similarly, in 
determining whether the applicant is a small business under Sec.  
1002.106(b), a financial institution may rely on an applicant's 
representations regarding gross annual revenue, which may or may not 
include the affiliate's revenue.
    107(a)(15) NAICS code.
    1. General. NAICS stands for North American Industry 
Classification System. The Office of Management and Budget has 
charged the Economic Classification Policy Committee with the 
maintenance and review of NAICS. A financial institution complies 
with Sec.  1002.107(a)(15) if it uses the NAICS codes in effect on 
January 1 of the calendar year covered by the small business lending 
application register that it is reporting.
    2. NAICS not provided by applicant and otherwise undetermined. 
Pursuant to Sec.  1002.107(c)(1), a financial institution shall 
maintain procedures reasonably designed to collect applicant-
provided information, which includes NAICS code. However, if a 
financial institution is nonetheless unable to collect or otherwise 
determine the applicant's NAICS code, the financial institution 
reports that the NAICS code is ``not provided by applicant and 
otherwise undetermined.''

[[Page 56597]]

    3. Reliance on statements by applicant. Consistent with Sec.  
1002.107(b), a financial institution may rely on statements of or 
information provided by the applicant in collecting and reporting 
the NAICS code. For example, a financial institution may rely on the 
NAICS code on an applicant's tax return that the applicant has 
otherwise provided to the financial institution.
    4. Reliance on other information. A financial institution may 
rely on a NAICS code obtained through the financial institution's 
use of business information products, such as company profiles or 
business credit reports, which provide the applicant's NAICS code.
    5. Safe harbor. A financial institution that identifies an 
incorrect NAICS code does not violate the Act or subpart B of this 
part under the circumstances described in Sec.  1002.112(c)(2).
    107(a)(16) Number of workers.
    1. Collecting number of workers. In collecting the number of 
workers from an applicant, a financial institution shall explain 
that full-time, part-time and seasonal employees, as well as 
contractors who work primarily for the applicant, would be counted 
as workers, but principal owners of the business would not. If 
asked, the financial institution shall explain that volunteers would 
not be counted as workers, and workers for affiliates of the 
applicant would only be counted if the financial institution were 
also collecting the affiliates' gross annual revenue. The financial 
institution may rely on statements of or information provided by the 
applicant in collecting and reporting number of workers. However, 
pursuant to Sec.  1002.107(b), if the financial institution verifies 
the number of workers provided by the applicant, it must report the 
verified information. The financial institution may use the 
following language to ask about the number of workers, if it does 
not collect the number of workers by another method, and may rely on 
the applicant's answer:
    Counting full-time, part-time and seasonal workers, as well as 
contractors who work primarily for the business applying for credit, 
but not counting principal owners of the business, how many people 
work for the business applying for credit?
    2. Number of workers not provided by applicant and otherwise 
undetermined. Pursuant to Sec.  1002.107(c)(1), a financial 
institution shall maintain procedures reasonably designed to collect 
applicant-provided information, which includes the number of workers 
of the applicant. However, if a financial institution is nonetheless 
unable to collect or determine the number of workers of the 
applicant, the financial institution reports that the number of 
workers is ``not provided by applicant and otherwise undetermined.''
    107(a)(17) Time in business.
    1. As relied on or collected. A financial institution complies 
with Sec.  1002.107(a)(17) by reporting the time the applicant has 
been in business as relied on in making the credit decision or 
collected by the financial institution. The financial institution 
must report the time in business in whole years and indicate if a 
business has not begun operating yet or has been in operation for 
less than a year. When the financial institution relies on an 
applicant's time in business as part of a credit decision, it 
reports the time in business relied on in making the credit 
decision. (See comments 107(a)(17)-2 and -3 below regarding 
reporting of the time in business relied on.) However, Sec.  
1002.107(a)(17) does not require the financial institution to rely 
on an applicant's time in business in making a credit decision. The 
financial institution may rely on statements of or information 
provided by the applicant in collecting and reporting time in 
business. However, pursuant to Sec.  1002.107(b), if the financial 
institution verifies the time in business provided by the applicant, 
it must report the verified information.
    2. Time in business relied on. When a financial institution 
evaluates an applicant's time in business as part of a credit 
decision, it reports the time in business relied on in making the 
credit decision. For example, if the financial institution relies on 
the number of years of experience the applicant's owners have in the 
current line of business, the financial institution reports that 
number of years as the time in business. Similarly, if the financial 
institution relies on the number of years that the applicant has 
existed, the financial institution reports the number of years that 
the applicant has existed as the time in business. The financial 
institution reports the length of business existence or experience 
duration that it relies on in making its credit decision, and is not 
required to adopt any particular definition of time in business.
    3. Multiple factors considered. A financial institution relies 
on an applicant's time in business in making a credit decision if 
the time in business was a factor in the credit decision, even if it 
was not a dispositive factor. For example, if the time in business 
is one of multiple factors in the financial institution's credit 
decision, the financial institution has relied on the time in 
business even if the financial institution denies the application 
because one or more underwriting requirements other than the time in 
business are not satisfied.
    4. Collecting time in business. If the financial institution 
does not rely on time in business in considering an application, 
pursuant to Sec.  1002.107(c)(1) it shall still maintain procedures 
reasonably designed to collect applicant-provided information, which 
includes the applicant's time in business. In collecting time in 
business from an applicant, the financial institution complies with 
Sec.  1002.107(a)(17) by asking for the number of years that the 
applicant has been operating the business it operates now. When the 
applicant has multiple owners with different numbers of years 
operating that business, the financial institution collects and 
reports the greatest number of years of any owner. (However, the 
financial institution does not need to comply with this instruction 
if it collects and relies on the time in business by another method 
in making the credit decision.)
    5. Time in business not provided by applicant and otherwise 
undetermined. Pursuant to Sec.  1002.107(c)(1), a financial 
institution shall maintain procedures reasonably designed to collect 
applicant-provided information, which includes the time in business 
of the applicant. However, if a financial institution is nonetheless 
unable to collect or determine the time in business of the 
applicant, the financial institution reports that the time in 
business is ``not provided by applicant and otherwise 
undetermined.''
    107(a)(18) Minority-owned business status.
    1. General. Unless a financial institution is permitted to 
report minority-owned business status based on previously collected 
data pursuant to Sec.  1002.107(c)(2), a financial institution must 
ask an applicant whether it is a minority-owned business for each 
covered application. The financial institution must permit an 
applicant to refuse to answer the financial institution's inquiry 
and must inform the applicant that the applicant is not required to 
provide the information. The financial institution must report the 
applicant's response, its refusal to answer the inquiry (such as 
when the applicant indicates that it does not wish to provide the 
requested information), or its failure to respond to the inquiry 
(such as when the applicant fails to submit a data collection form). 
See appendix F for additional instructions on collecting and 
reporting minority-owned business status.
    2. Notice of non-discrimination. When requesting minority-owned 
business status from an applicant, a financial institution must 
inform the applicant that the financial institution cannot 
discriminate on the basis of the applicant's minority-owned business 
status, or on whether the applicant provides its minority-owned 
business status. A financial institution may combine this non-
discrimination notice regarding minority-owned business status with 
the similar non-discrimination notices that a financial institution 
is required to provide when requesting women-owned business status 
and a principal owner's ethnicity, race, and sex if a financial 
institution requests minority-owned business status, women-owned 
business status, and/or a principal owner's ethnicity, race, and sex 
in the same data collection form or at the same time.
    3. Recording an applicant's response regarding minority-owned 
business status separate from the application. A financial 
institution must record an applicant's response to the financial 
institution's inquiry pursuant to Sec.  1002.107(a)(18) separate 
from the application and accompanying information. See comment 
111(b)-1. If the financial institution provides a paper or 
electronic data collection form, the data collection form must not 
be part of the application form or any other document that the 
financial institution uses to provide or collect any information 
other than women-owned business status, minority-owned business 
status, principal owners' ethnicity, race, and sex, and the number 
of the applicant's principal owners. See the sample data collection 
form in appendix E. For example, if the financial institution sends 
the data collection form via email, the data collection form should 
be a separate attachment to the email or accessed through a separate 
link in the email. If the financial

[[Page 56598]]

institution uses a web-based data collection form, the form should 
be on its own page.
    4. Minority-owned business status not provided by applicant. 
Pursuant to Sec.  1002.107(c)(1), a financial institution shall 
maintain procedures reasonably designed to collect applicant-
provided information, which includes the applicant's minority-owned 
business status. However, if a financial institution does not 
receive a response to the financial institution's inquiry for 
purposes of Sec.  1002.107(a)(18), the financial institution reports 
that the applicant's minority-owned business status is ``not 
provided by applicant.''
    5. No verification. Notwithstanding Sec.  1002.107(b), a 
financial institution must report the applicant's response, the 
applicant's refusal to answer the inquiry, or the applicant's 
failure to respond to the inquiry pursuant to Sec.  1002.107(a)(18), 
even if the financial institution verifies or otherwise obtains an 
applicant's minority-owned business status for other purposes.
    6. No reporting based on visual observation or surname. A 
financial institution does not report minority-owned business status 
based on visual observation, surname, or any basis other than the 
applicant's response to the inquiry that the financial institution 
makes to satisfy Sec.  1002.107(a)(18) or, if the financial 
institution is permitted to report based on previously collected 
data, on the basis of the applicant's response to the inquiry that 
the financial institution previously made to satisfy Sec.  
1002.107(a)(18).
    7. Previously collected data. A financial institution may report 
minority-owned business status based on previously collected data if 
the financial institution is permitted to do so pursuant to Sec.  
1002.107(c)(2) and its commentary.
    107(a)(19) Women-owned business status.
    1. General. Unless a financial institution is permitted to 
report women-owned business status based on previously collected 
data pursuant to Sec.  1002.107(c)(2), a financial institution must 
ask an applicant whether it is a women-owned business for each 
covered application. The financial institution must permit an 
applicant to refuse to answer the financial institution's inquiry 
and must inform the applicant that the applicant is not required to 
provide the information. The financial institution must report the 
applicant's response, its refusal to answer the inquiry (such as 
when the applicant indicates that it does not wish to provide the 
requested information), or its failure to respond to the inquiry 
(such as when the applicant fails to submit a data collection form). 
See appendix F for additional instructions on collecting and 
reporting women-owned business status.
    2. Notice of non-discrimination. When requesting women-owned 
business status from an applicant, a financial institution must 
inform the applicant that the financial institution cannot 
discriminate on the basis of the applicant's women-owned business 
status, or on whether the applicant provides its women-owned 
business status. A financial institution may combine this non-
discrimination notice regarding women-owned business status with the 
similar non-discrimination notices that a financial institution is 
required to provide when requesting minority-owned business status 
and a principal owner's ethnicity, race, and sex if a financial 
institution requests minority-owned business status, women-owned 
business status, and/or a principal owner's ethnicity, race, and sex 
in the same data collection form or at the same time.
    3. Recording an applicant's response regarding women-owned 
business status separate from the application. A financial 
institution must record an applicant's response to the financial 
institution's inquiry pursuant to Sec.  1002.107(a)(19) separate 
from the application and accompanying information. See comment 
111(b)-1. If the financial institution provides a paper or 
electronic data collection form, the data collection form must not 
be part of the application form or any other document that the 
financial institution uses to provide or collect any information 
other than women-owned business status, minority-owned business 
status, principal owners' ethnicity, race, and sex, and the number 
of the applicant's principal owners. See the sample data collection 
form in appendix E. For example, if the financial institution sends 
the data collection form via email, the data collection form should 
be a separate attachment to the email or accessed through a separate 
link in the email. If the financial institution uses a web-based 
data collection form, the form should be on its own page.
    4. Women-owned business status not provided by applicant. 
Pursuant to Sec.  1002.107(c)(1), a financial institution shall 
maintain procedures reasonably designed to collect applicant-
provided information, which includes the applicant's women-owned 
business status. However, if a financial institution does not 
receive a response to the financial institution's inquiry for 
purposes of Sec.  1002.107(a)(19), the financial institution reports 
that the applicant's women-owned business status is ``not provided 
by applicant.''
    5. No verification. Notwithstanding Sec.  1002.107(b), a 
financial institution must report the applicant's response, the 
applicant's refusal to answer the inquiry, or the applicant's 
failure to respond to the inquiry pursuant to Sec.  1002.107(a)(19), 
even if the financial institution verifies or otherwise obtains an 
applicant's women-owned business status for other purposes.
    6. No reporting based on visual observation or surname. A 
financial institution does not report women-owned business status 
based on visual observation, surname, any basis other than the 
applicant's response to the inquiry that the financial institution 
makes to satisfy Sec.  1002.107(a)(19) or, if the financial 
institution is permitted to report based on previously collected 
data, on the basis of the applicant's response to the inquiry that 
the financial institution previously made to satisfy Sec.  
1002.107(a)(19).
    7. Previously collected data. A financial institution may report 
women-owned business status based on previously collected data if 
the financial institution is permitted to do so pursuant to Sec.  
1002.107(c)(2) and its commentary.
    107(a)(20) Ethnicity, race, and sex of principal owners.
    1. General. Unless a financial institution is permitted to 
report ethnicity, race, and sex information based on previously 
collected data pursuant to Sec.  1002.107(c)(2), a financial 
institution must ask an applicant to report its principal owners' 
ethnicity, race, and sex for each covered application. The financial 
institution must permit an applicant to refuse to answer the 
financial institution's inquiries and must inform the applicant that 
it is not required to provide the information. The financial 
institution must report the applicant's responses, its refusal to 
answer the inquiries, or its failure to respond to the inquiries. In 
certain situations, discussed in comments 107(a)(20)-9 and -10 and 
in appendix G, a financial institution may also be required to 
report one or more principal owners' ethnicity and race based on 
visual observation and/or surname. However, a financial institution 
shall not report a principal owner's sex based on visual 
observation, surname, or any basis other than the applicant-provided 
information (including previously collected data if permitted 
pursuant to Sec.  1002.107(c)(2)). See appendix G for additional 
instructions on collecting and reporting the ethnicity, race, and 
sex of principal owners.
    2. Notice of non-discrimination. When requesting a principal 
owner's ethnicity, race, and sex from an applicant, a financial 
institution must inform the applicant that the financial institution 
cannot discriminate on the basis of a principal owner's ethnicity, 
race, or sex, or on whether the applicant provides the information. 
A financial institution may combine this non-discrimination notice 
with the similar non-discrimination notices that a financial 
institution is required to provide when requesting minority-owned 
business status and women-owned business status if a financial 
institution requests minority-owned business status, women-owned 
business status, and/or a principal owner's ethnicity, race, and sex 
in the same data collection form or at the same time.
    3. Recording an applicant's responses regarding principal 
owners' ethnicity, race, and sex separate from the application. A 
financial institution must record an applicant's response to the 
financial institution's inquiries pursuant to Sec.  1002.107(a)(20) 
separate from the application and accompanying information. See 
comment 111(b)-1. If the financial institution provides a paper or 
electronic data collection form, the data collection form must not 
be part of the application form or any other document that the 
financial institution uses to provide or collect any information 
other than women-owned business status, minority-owned business 
status, principal owners' ethnicity, race, and sex, and the number 
of the applicant's principal owners. See the sample data collection 
form in appendix E. For example, if the financial institution sends 
the data collection form via email, the data collection form should 
be a separate attachment to the email or accessed through a separate 
link in the email. If the financial institution uses a web-based 
data collection form, the form should be on its own page.
    4. Ethnicity, race, or sex of principal owners not provided by 
applicant. Pursuant to Sec.  1002.107(c)(1), a financial institution

[[Page 56599]]

shall maintain procedures reasonably designed to collect applicant-
provided information, which includes the ethnicity, race, and sex of 
an applicant's principal owners. However, if a financial institution 
is nonetheless unable to collect the principal owners' ethnicity, 
race, or sex from the applicant, and if the financial institution is 
not required to report based on visual observation or surname, the 
financial institution reports that the principal owner's ethnicity, 
race, or sex (as applicable) is ``not provided by applicant.''
    5. Determining who is a principal owner. Generally, an applicant 
determines its principal owners and decides whether to provide 
information about those principal owners. However, as discussed in 
comments 107(a)(20)-9 and -10 and appendix G, a financial 
institution may be required to report ethnicity and race information 
based on visual observation and/or surname if the applicant does not 
provide ethnicity, race, or sex information for at least one 
principal owner and the financial institution meets in person with 
one or more principal owners. Thus, a financial institution may need 
to determine if a natural person that it meets with in person is a 
principal owner. In that case, the financial institution may either 
ask the natural person who is acting on behalf of an applicant 
whether that natural person is a principal owner, or it may 
independently determine if the natural person is a principal owner. 
For example, if a financial institution has collected information 
regarding an applicant's ownership structure and obtained the name 
or identity of the natural person for other purposes, it may use 
this information to independently determine whether the natural 
person who meets in person with the financial institution is a 
principal owner. If a financial institution asks if a natural person 
is a principal owner, the financial institution can rely on an 
applicant's or natural person's response, unless the financial 
institution has knowledge to the contrary. The financial institution 
is not required to verify any responses regarding whether a natural 
person is a principal owner.
    6. Ethnicity. i. Aggregate categories. A financial institution 
must permit an applicant to provide a principal owner's ethnicity 
for purposes Sec.  1002.107(a)(20) using one or more of the 
following aggregate categories:
    A. Hispanic or Latino.
    B. Not Hispanic or Latino.
    ii. Disaggregated subcategories. A financial institution must 
permit an applicant to provide a principal owner's ethnicity for 
purposes of Sec.  1002.107(a)(20) using one or more the following 
disaggregated subcategories, regardless of whether the applicant has 
indicated that the relevant principal owner is Hispanic or Latino 
and regardless of whether the applicant selects any aggregate 
categories: Cuban; Mexican; Puerto Rican; or Other Hispanic or 
Latino. If an applicant indicates that a principal owner is Other 
Hispanic or Latino, the financial institution must permit the 
applicant to provide additional information regarding the principal 
owner's ethnicity, such as indicating, for example, that the 
principal owner is Argentinean, Colombian, Dominican, Nicaraguan, 
Salvadoran, or Spaniard. If an applicant chooses to provide 
additional information regarding a principal owner's ethnicity, such 
as indicating that a principal owner is Argentinean, a financial 
institution must report that additional information as free-form 
text in the appropriate data reporting field.
    iii. Selecting multiple categories. The financial institution 
must permit the applicant to select one, both, or none of the 
aggregate categories and as many disaggregated subcategories as the 
applicant chooses. A financial institution must permit an applicant 
to select a disaggregated subcategory even if the applicant does not 
select the corresponding aggregate category. A financial institution 
must also permit the applicant to refuse to provide ethnicity 
information for one or more principal owners. If an applicant 
provides ethnicity information for a principal owner, the financial 
institution reports all of the aggregate categories and 
disaggregated subcategories provided by the applicant. For example, 
if an applicant selects both aggregate categories and four 
disaggregated subcategories for a principal owner, the financial 
institution reports the two aggregate categories that the applicant 
selected and all four of the disaggregated subcategories that the 
applicant selected.
    iv. Information not provided by applicant. Unless a financial 
institution is required to report based on visual observation and/or 
surname (see comments 107(a)(20)-9 and -10 and appendix G), if an 
applicant refuses or fails to provide ethnicity information for a 
principal owner, the financial institution reports that the 
applicant declined to provide the information or failed to respond, 
as applicable. Because there are data reporting fields for four 
principal owners, when submitting data to the Bureau, a financial 
institution will need to report that the requirement to report 
ethnicity is not applicable for some principal owners if the 
applicant has fewer than four principal owners. For example, if an 
applicant has only one principal owner, the financial institution 
reports that the requirement to report ethnicity is not applicable 
in the data fields for principal owners two through four.
    7. Race. i. Aggregate categories. A financial institution must 
permit an applicant to provide a principal owner's race for purposes 
of Sec.  1002.107(a)(20) using one or more of the following 
aggregate categories:
    A. American Indian or Alaska Native.
    B. Asian.
    C. Black or African American.
    D. Native Hawaiian or Other Pacific Islander.
    E. White.
    ii. Disaggregated subcategories. The financial institution must 
permit an applicant to provide a principal owner's race for purposes 
of Sec.  1002.107(a)(20) using one or more of the disaggregated 
subcategories as listed in this comment 107(a)(20)-7.ii and set 
forth in the sample data collection form in appendix E, regardless 
of whether the applicant has selected the corresponding aggregate 
category.
    A. The Asian aggregate category includes the following 
disaggregated subcategories: Asian Indian; Chinese; Filipino; 
Japanese; Korean; Vietnamese; and Other Asian. An applicant must 
also be permitted to provide the principal owner's race using one or 
more of these disaggregated subcategories regardless of whether the 
applicant indicates that the principal owner is Asian and regardless 
of whether the applicant selects any aggregate categories. 
Additionally, if an applicant indicates that a principal owner is 
Other Asian, the financial institution must permit the applicant to 
provide additional information about the principal owner's race, 
such as providing information, for example, that the principal owner 
is Cambodian, Hmong, Laotian, Pakistani, or Thai.
    B. The Black or African American category includes the following 
disaggregated subcategories: African American; Ethiopian; Haitian; 
Jamaican; Nigerian; Somali; or Other Black or African American. An 
applicant must also be permitted to provide the principal owner's 
race using one or more of these disaggregated subcategories 
regardless of whether the applicant indicates that the principal 
owner is Black or African American and regardless of whether the 
applicant selects any aggregate categories. Additionally, if an 
applicant indicates that a principal owner is Other Black or African 
American, the financial institution must permit the applicant to 
provide additional information about the principal owner's race, 
such as providing information, for example, that the principal owner 
is Barbadian, Ghanaian, or South African.
    C. The Native Hawaiian or Other Pacific Islander includes the 
following disaggregated subcategories: Guamanian or Chamorro; Native 
Hawaiian; Samoan; and Other Pacific Islander. An applicant must also 
be permitted to provide the principal owner's race using one or more 
of these disaggregated subcategories regardless of whether the 
applicant indicates that the principal owner is Native Hawaiian or 
Other Pacific Islander and regardless of whether the applicant 
selects any aggregate categories. Additionally, if an applicant 
indicates that a principal owner is Other Pacific Islander, the 
financial institution must permit the applicant to provide 
additional information about the principal owner's race, such as 
providing information, for example, that the principal owner is 
Fijian or Tongan.
    D. If an applicant chooses to provide additional information 
regarding a principal owner's race, such as indicating that a 
principal owner is Cambodian, Barbadian, or Fijian, a financial 
institution must report that additional information as free-form 
text in the appropriate data reporting field.
    E. In addition to permitting an applicant to indicate that a 
principal owner is American Indian or Alaska Native, a financial 
institution must permit an applicant to provide the name of an 
enrolled or principal tribe. An applicant must be permitted to 
provide the name of an enrolled or principal tribe regardless of 
whether the applicant indicates that the principal owner is American 
Indian or Alaska Native. If an applicant chooses to provide the name 
of an enrolled or principal tribe, a financial institution must 
report that information as free-form text in the appropriate data 
reporting field.

[[Page 56600]]

    iii. Selecting multiple categories. The financial institution 
must permit the applicant to select as many aggregate categories and 
disaggregated subcategories as the applicant chooses. A financial 
institution must permit an applicant to select one or more 
disaggregated subcategories even if the applicant does not select an 
aggregate category. A financial institution must also permit the 
applicant to refuse to provide this information for one or more 
principal owners. If an applicant provides race information for a 
principal owner, the financial institution reports all of the 
aggregate categories and disaggregated subcategories provided by the 
applicant. For example, if an applicant selects two aggregate 
categories and five disaggregated subcategories for a principal 
owner, the financial institution reports the two aggregate 
categories that the applicant selected and the five disaggregated 
subcategories that the applicant selected.
    iv. Information not provided by applicant. Unless the financial 
institution is required to report based on visual observation and/or 
surname (see comments 107(a)(20)-9 and -10 and appendix G), if an 
applicant refuses or fails to provide race information for a 
principal owner, the financial institution reports that the 
applicant declined to provide the information or failed to respond, 
as applicable. Because there are data reporting fields for four 
principal owners, when submitting data to the Bureau, a financial 
institution must report that the requirement to report race is not 
applicable for some principal owners if the applicant has fewer than 
four principal owners. For example, if an applicant has only one 
principal owner (i.e., only one natural person directly owns 25 
percent or more of the applicant's equity interests), the financial 
institution reports that the requirement to report race is not 
applicable in the data reporting fields for principal owners two 
through four.
    8. Sex. A financial institution must permit an applicant to 
provide a principal owner's sex for purposes of Sec.  
1002.107(a)(20) using one or more of the following categories: Male, 
Female, and/or that the principal owner prefers to self-describe 
their sex. Additionally, if an applicant indicates that a principal 
owner prefers to self-describe their sex, the financial institution 
must permit the applicant to provide additional information about 
the principal owner's sex. A financial institution must permit an 
applicant to select as many categories as the applicant chooses. A 
financial institution reports the category or categories selected by 
the applicant, any additional information provided by the applicant 
(reported as free-form text in the appropriate data reporting 
field), or reports that the applicant refused to provide the 
information or failed to respond. A financial institution is not 
permitted to report sex based on visual observation, surname, or any 
basis other than the applicant-provided information. Because there 
are data reporting fields for four principal owners, when submitting 
data to the Bureau a financial institution must report that the 
requirement to report sex is not applicable for some principal 
owners if the applicant has fewer than four principal owners. For 
example, if an applicant has only one principal owner, the financial 
institution reports that the requirement to report sex is not 
applicable in the data fields for principal owners two through four. 
See appendix G for additional information on collecting and 
reporting a principal owner's sex.
    9. Reporting based on visual observation and/or surname. If a 
financial institution meets in person with one or more of an 
applicant's principal owners and the applicant does not provide 
ethnicity, race, or sex information for at least one principal 
owner, the financial institution must report at least one principal 
owner's ethnicity and race (but not sex) based on visual 
observation, surname, or a combination of both visual observation 
and surname. (See comment 107(a)(20)-10 for additional information 
regarding what constitutes an in-person meeting with an applicant's 
principal owners.) However, a financial institution is not required 
to report based on visual observation and/or surname if the 
principal owner only meets in person with a third party through whom 
it is submitting an application to the financial institution. For 
example, a financial institution is not required to report based on 
visual observation and/or surname when an employee or officer of an 
equipment dealer or retailer that is not an affiliate of the 
financial institution meets in person with a principal owner.
    10. Meeting in person with a principal owner. i. In-person 
meetings. A financial institution meets in person with a principal 
owner if an employee or officer of the financial institution or one 
of its affiliates has a meeting or discussion with the applicant's 
principal owner about an application and can visually observe the 
principal owner. The following provides a non-exhaustive list of 
examples to illustrate when a financial institution meets in person 
with a principal owner for purposes of the requirement to collect 
principal owners' race and ethnicity information based on visual 
observation and/or surname if not provided by the applicant:
    A. A principal owner comes to a financial institution's branch 
or office and meets with the financial institution's loan officer to 
discuss the status of a pending application.
    B. A principal owner comes to a financial institution's branch 
or office and meets in person with one or more employees or officers 
of a financial institution in order to complete an application and 
related paperwork.
    C. A principal owner contacts a financial institution's loan 
officer using an electronic communication method with a video 
component and, using the video component, meets with the loan 
officer to discuss outstanding documentation needed for a pending 
application.
    ii. Not in-person meetings. The following provides a non-
exhaustive list of examples to illustrate when a financial 
institution does not meet in person with a principal owner for 
purposes of the requirement to collect principal owners' race and 
ethnicity information via visual observation and/or surname if not 
provided by the applicant:
    A. A principal owner drops off documents at a financial 
institution's branch or office or provides the applicant's name and 
drops off documents without engaging in any discussion regarding a 
covered application.
    B. A principal owner meets in person with an employee or officer 
of the financial institution to discuss something other than a 
covered application, such as another financial product.
    C. The financial institution meets with a principal owner after 
the application process is complete, such as at account opening or 
loan closing.
    D. A financial institution meets with a principal owner before 
the applicant submits an application.
    11. Use of aggregate categories when reporting based on visual 
observation or surname. When reporting ethnicity and race based on 
visual observation and/or surname, the financial institution uses 
only the aggregate ethnicity and race categories. See appendix G for 
additional information on collecting and reporting based on visual 
observation and/or surname.
    12. No verification of ethnicity, race, and sex of principal 
owner. Notwithstanding Sec.  1002.107(b), a financial institution is 
neither required nor permitted to verify the ethnicity, race, or sex 
information that the applicant provides for purposes of Sec.  
1002.107(a)(20), even if the financial institution verifies or 
otherwise obtains the ethnicity, race, or sex of the applicant's 
principal owners for other purposes. Additionally, if an applicant 
refuses to respond to the inquiry pursuant to Sec.  1002.107(a)(20) 
or fails to respond to this inquiry, the financial institution 
reports that the applicant declined to provide the information or 
did not respond to the request to provide the information (as 
applicable), unless the financial institution is required to report 
ethnicity and race based on visual observation and/or surname. The 
financial institution does not report ethnicity, race, or sex based 
on information that the financial institution collects for other 
purposes.
    107(a)(21) Number of principal owners.
    1. General. A financial institution may request an applicant's 
number of principal owners from the applicant or may determine the 
number of principal owners from information provided by the 
applicant or that the financial institution otherwise obtains. If 
the financial institution asks the applicant to provide the number 
of its principal owners pursuant to Sec.  1002.107(a)(21), a 
financial institution must provide the definition of principal owner 
set forth in Sec.  1002.102(o). If permitted pursuant to Sec.  
1002.107(c)(2), a financial institution may also report an 
applicant's number of principal owners based on previously collected 
data.
    2. Number of principal owners provided by applicant; 
verification of number of principal owners. The financial 
institution may rely on statements or information provided by the 
applicant in collecting and reporting the number of the applicant's 
principal owners. However, pursuant to Sec.  1002.107(b), if the 
financial institution verifies the number of principal owners 
provided by the applicant, it must report the verified information. 
The financial institution is not required to verify the number of 
principal owners, but if the financial institution verifies the 
number of

[[Page 56601]]

principal owners in making the credit decision, then the financial 
institution reports the verified number of principal owners.
    3. Number of principal owners not provided by applicant and 
otherwise undetermined. Pursuant to Sec.  1002.107(c)(1), a 
financial institution shall maintain procedures reasonably designed 
to collect applicant-provided information, which includes the number 
of principal owners of the applicant. However, if a financial 
institution is nonetheless unable to collect or otherwise determine 
the applicant's number of principal owners, the financial 
institution reports that the number of principal owners is ``not 
provided by applicant and otherwise undetermined.''
    107(b) Verification of applicant-provided information.
    1. Reliance on statements or information provided by an 
applicant. A financial institution may rely on statements made by an 
applicant (whether made in writing or orally) or information 
provided by an applicant when compiling and reporting data pursuant 
to subpart B of this part for applicant-provided data; the financial 
institution is not required to verify those statements. However, if 
the financial institution does verify applicant statements for its 
own business purposes, such as statements relating to gross annual 
revenue or time in business, the financial institution reports the 
verified information. Depending on the circumstances and the 
financial institution's procedures, certain applicant-provided data 
can be collected without a specific request from the applicant. For 
example, gross annual revenue may be collected from tax return 
documents. Applicant-provided data are the data required that are or 
could be provided by the applicant, including Sec.  1002.107(a)(5) 
through (7) and (13) through (21). See comment 107(c)(2)-3.
    107(c) Time and manner of collection.
    107(c)(1) In general.
    1. Procedures. The term ``procedures'' refers to the actual 
practices followed by a financial institution as well as its stated 
policies or procedures. For example, if a financial institution's 
stated policy is to collect applicant-provided data on or with a 
paper application form, but the financial institution's employees 
encourage applicants to skip the page that asks whether the 
applicant is a minority-owned business or a women-owned business 
under Sec.  1002.107(a)(18) and (19), the financial institution's 
procedures are not reasonably designed to obtain a response.
    2. Latitude to design procedures. A financial institution has 
flexibility to establish procedures concerning the timing and manner 
that it collects applicant-provided data that work best for its 
particular lending model and product offerings, provided that those 
procedures are reasonably designed to collect the applicant-provided 
data in Sec.  1002.107(a).
    3. Applicant-provided data. Applicant-provided data are the data 
required that are or could be provided by the applicant, including 
Sec.  1002.107(a)(5) (credit type), Sec.  1002.107(a)(6) (credit 
purpose), Sec.  1002.107(a)(7) (amount applied for), Sec.  
1002.107(a)(13) (address or location for purposes of determining 
census tract), Sec.  1002.107(a)(14) (gross annual revenue), Sec.  
1002.107(a)(15) (NAICS code, or information about the business such 
that the financial institution can determine the applicant's NAICS 
code), Sec.  1002.107(a)(16) (number of workers), Sec.  
1002.107(a)(17) (time in business), Sec.  1002.107(a)(18) (minority-
owned business status), Sec.  1002.107(a)(19) (women-owned business 
status), Sec.  1002.107(a)(20) (ethnicity, race, and sex of the 
applicant's principal owners), and Sec.  1002.107(a)(21) (number of 
principal owners). Applicant-provided data does not include data 
that are generated or supplied only by the financial institution, 
including Sec.  1002.107(a)(1) (unique identifier), Sec.  
1002.107(a)(2) (application date), Sec.  1002.107(a)(3) (application 
method), Sec.  1002.107(a)(4) (application recipient), Sec.  
1002.107(a)(8) (amount approved or originated), Sec.  1002.107(a)(9) 
(action taken), Sec.  1002.107(a)(10) (action taken date), Sec.  
1002.107(a)(11) (denial reasons), Sec.  1002.107(a)(12) (pricing 
data), and Sec.  1002.107(a)(13) (census tract, based on address or 
location provided by the applicant). Depending on the circumstances 
and the financial institution's procedures, certain applicant-
provided data can be collected without a specific request from the 
applicant. For example, credit type may be collected based on the 
type of product chosen by the applicant or NAICS code may be 
collected from an applicant's tax return that the applicant has 
otherwise provided to the financial institution.
    4. Reasonably designed--generally. Whether a financial 
institution's procedures are reasonably designed to collect 
applicant-provided data depends on the financial institution's 
particular lending model and product offerings. A financial 
institution shall reassess on a periodic basis, based on available 
data, whether its procedures are reasonably designed to obtain a 
response. For example, a financial institution may be able to assess 
whether its procedures are reasonably designed by comparing its 
response rate with similarly situated financial institutions (for 
instance, those that offer similar products, use a similar lending 
model, or are of a similar size). A financial institution is 
permitted, but not required, to develop different procedures for 
different applicant-provided data, so long as the procedures used 
are reasonably designed to obtain a response. A financial 
institution is permitted, but not required, to make more than one 
attempt to obtain applicant-provided data if the applicant does not 
respond to an initial request.
    5. Examples of procedures that are generally reasonably designed 
to obtain a response. Although a fact-based determination, the 
following procedures reflect practices concerning the time or manner 
of collection that are generally reasonably designed to obtain a 
response:
    i. Timing of collection. A financial institution requests 
applicant-provided data early in the application process; for 
example, at the time of a covered application, as defined in Sec.  
1002.103. The earlier in the application process, the more likely 
the timing of collection is reasonably designed to obtain a 
response.
    ii. Manner of collection. A financial institution requests 
applicant-provided data on the same form or in connection with other 
required information. For example, a financial institution requests 
applicant-provided data as part of a written application form or on 
a separate data collection form provided with the written 
application form. See also comments 107(a)(18)-3, 107(a)(19)-3, and 
107(a)(20)-3, which discuss the use of a separate data collection 
form for collecting minority-owned business status, women-owned 
business status, and the ethnicity, race, and sex of an applicant's 
principal owners.
    6. Examples of procedures that are generally not reasonably 
designed to obtain a response. The following procedures reflect 
practices concerning the time or manner of collection that are 
generally not reasonably designed to obtain a response. Depending on 
the particular facts, however, these procedures may be reasonably 
designed to obtain a response; for example, if the financial 
institution has evidence or a reason to believe that under its 
procedures the response rate would be similar to or better than 
other alternatives.
    i. Timing of collection. A financial institution requests 
applicant-provided data simultaneous with or after notifying an 
applicant of its action taken on a covered application.
    ii. Manner of collection. A financial institution requests 
applicant-provided data in a manner that imposes unnecessary 
applicant burden or is inconsistent with the rest of its application 
process. For example, collecting application information related to 
the creditworthiness determination in electronic form, but mailing a 
paper form to the applicant seeking the data required under Sec.  
1002.107(a) that the financial institution does not otherwise need 
for its creditworthiness determination and requiring the applicant 
to mail it back.
    7. Updated applicant-provided data. A financial institution 
reports updated applicant-provided data if it obtains more current 
data during the application process. For example, if an applicant 
states it has 100 non-owners working for the business, but then the 
applicant notifies the financial institution that the number is 
actually 75, the financial institution reports 75 non-owners working 
for the business. For reporting of verified applicant-provided 
information, see Sec.  1002.107(b) and comment 107(b)-1.
    8. Change in determination of small business status. If a 
financial institution changes its determination regarding an 
applicant's status as a small business under Sec.  1002.106(b), it 
must follow the procedures described in comments 106(b)-1 and -2.
    107(c)(2) Previously collected data.
    1. In general. A financial institution may reuse certain 
previously collected data if the requirements of Sec.  
1002.107(c)(2) are met. In that circumstance, a financial 
institution need not seek to collect the data anew in connection 
with a subsequent covered application. For example, if an applicant 
applies for and is granted a term loan, and

[[Page 56602]]

then subsequently applies for a credit card in the same calendar 
year, the financial institution need not request again the data set 
forth in Sec.  1002.107(c)(2). Similarly, if an applicant applies 
for more than one covered credit transaction at one time, a 
financial institution need only ask once for the data set forth in 
Sec.  1002.107(c)(2).
    2. Data that can be reused. Subject to the requirements of Sec.  
1002.107(c)(2) and comment 107(c)(2)-3, a financial institution may 
reuse the following data: Sec.  1002.107(a)(13) (census tract), 
Sec.  1002.107(a)(14) (gross annual revenue), Sec.  1002.107(a)(15) 
(NAICS code), Sec.  1002.107(a)(16) (number of workers), Sec.  
1002.107(a)(17) (time in business), Sec.  1002.107(a)(18) (minority-
owned business status), Sec.  1002.107(a)(19) (women-owned business 
status), Sec.  1002.107(a)(20) (ethnicity, race, and sex of 
principal owners), and Sec.  1002.107(a)(21) (number of principal 
owners). A financial institution is not, however, permitted to reuse 
other data, such as Sec.  1002.107(a)(6) (credit purpose).
    3. Previously reported data without a substantive response. 
Section 1002.107(c)(2) permits a financial institution to reuse 
certain previously collected data to satisfy Sec.  1002.107(a)(13) 
through (21), if certain conditions are met. Data have not been 
``previously collected'' within the meaning of this provision if the 
applicant did not provide a substantive response to the financial 
institution's request for that data and the financial institution 
was not otherwise able to obtain the requested data (for example, 
from the applicant's credit report, tax returns, or through visual 
observation or surname collection for race and ethnicity 
information).
    4. Collection in the same calendar year. Pursuant to Sec.  
1002.107(c)(2)(i), data can be reused if they are collected in the 
same calendar year. For applications that span more than one 
calendar year, the following applies:
    i. If the data are collected in connection with a covered 
application in one calendar year, but then final action was taken on 
the application in the following calendar year, the financial 
institution may consider the data as collected in the year that 
final action was taken on the application.
    ii. If data are collected in connection with a covered 
application in one calendar year, a financial institution may reuse 
that data pursuant to Sec.  1002.107(c)(2) in a subsequent 
application initiated in the same calendar year, even if final 
action was taken on the subsequent application in the following 
calendar year.
    5. Reason to believe data are inaccurate. Whether a financial 
institution has reason to believe data are inaccurate pursuant to 
Sec.  1002.107(c)(2)(ii) depends on the particular facts and 
circumstances. For example, a financial institution may have reason 
to believe data on the applicant's women-owned business status, 
minority-owned business status, and ethnicity, race, and sex of 
principal owners may be inaccurate if it knows that the applicant 
has had a change in ownership.
    6. Minority-owned business status and women-owned business 
status. If the financial institution asked the applicant to provide 
its minority-owned business status or women-owned business status 
for purposes of Sec.  1002.107(a)(18) and (19) and the applicant 
refused to provide the information (such as by selecting ``I do not 
wish to provide this information'' on a data collection form or by 
telling the financial institution that it did not wish to provide 
the information), the financial institution may use that response 
when reporting data for a subsequent application pursuant to Sec.  
1002.107(c)(2). However, if the applicant failed to respond (such as 
by leaving the response to the question blank or by failing to 
return a data collection form), the financial institution must 
inquire about the applicant's minority-owned business status or 
women-owned business status, as applicable, because the data were 
not previously obtained.
    7. Principal owners' ethnicity, race, and sex. If the financial 
institution asked the applicant to provide its principal owners' 
ethnicity, race, or sex for purposes Sec.  1002.107(a)(20) and the 
applicant refused to provide the information (such as by selecting 
``I do not wish to provide this information'' on a data collection 
form or by telling the financial institution that it did not wish to 
provide the information) or if the financial institution reported 
ethnicity and race based on visual observation and/or surname, the 
financial institution may use these data when reporting information 
for a subsequent application under Sec.  1002.107(c)(2). However, if 
the applicant failed to respond (such as by leaving the response to 
the question blank or by failing to return a data collection form) 
and the financial institution did not report ethnicity and race 
based on visual observation and/or surname, the financial 
institution must inquire about the ethnicity, race, and sex of the 
applicant's principal owners, as applicable, because the data were 
not previously obtained.

Section 1002.108--Firewall

    108(a) Definitions.
    1. Involved in making any determination concerning a covered 
application. An employee or officer is involved in making a 
determination concerning a covered application if the employee or 
officer makes, or otherwise participates in, a decision regarding 
the evaluation of a covered application or the creditworthiness of 
an applicant for a covered credit transaction. This includes, but is 
not limited to, employees and officers serving as underwriters. The 
decision that an employee or officer makes or participates in must 
be about a specific covered application. An employee or officer is 
not involved in making a determination concerning a covered 
application if the employee or officer is involved in making a 
decision that affects covered applications generally, or interacts 
with small businesses prior to them becoming applicants or 
submitting a covered application. This group might include officers 
and employees who develop policies and procedures, program systems, 
or conduct marketing. Additionally, an employee or officer is not 
involved in making a determination concerning a covered application 
if the employee or officer makes or participates in a decision after 
the financial institution has taken final action on the application, 
such as a decision about servicing or collecting a covered credit 
transaction. Furthermore, an officer or employee is not involved in 
making a determination concerning a covered application for purposes 
of Sec.  1002.108 if the officer or employee simply uses a check box 
form to confirm whether an applicant has submitted all necessary 
documents or handles a minor or clerical matter during the 
application process, such as suggesting or selecting a time for an 
appointment with an applicant.
    2. Should have access. i. General. A financial institution may 
determine that an employee or officer should have access for 
purposes of Sec.  1002.108 if that employee or officer is assigned 
one or more job duties that may require the employee or officer to 
collect (based on visual observation, surname, or otherwise), see, 
consider, refer to, or use information otherwise subject to the 
prohibition in Sec.  1002.108(b). The employee or officer does not 
have to be required to collect, see, consider, refer to or use such 
information or to actually collect, see, consider, refer to or use 
such information. It is sufficient if the employee or officer might 
need to do so to perform the employee's or officer's assigned job 
duties. For example, if a loan officer's job description states that 
the loan officer may need to collect ethnicity and race information 
based on visual observation and/or surname or if the loan officer is 
assigned the task of assisting applicants with the completion of 
data collection forms, the financial institution may determine that 
the loan officer should have access. If a financial institution 
determines that an employee or officer who is involved in making any 
determination concerning a covered application should have access 
for purposes of Sec.  1002.108, the financial institution is 
responsible for ensuring that the employee or officer only accesses 
and uses the protected information for lawful purposes.
    ii. When a group of employees or officers should have access. A 
financial institution may determine that all employees or officers 
with the same job description or assigned duties should have access 
for purposes of Sec.  1002.108. If a job description assigns one or 
more tasks that may require access to one or more applicants' 
responses to the financial institution's inquiries under Sec.  
1002.107(a)(18) through (20), the financial institution may 
determine that all employees and officers who share that job 
description should have access for purposes of Sec.  1002.108. For 
example, if the job description for the position of loan officer 
states that a loan officer may have to distribute, collect, and help 
applicants complete a data collection form that asks about the 
applicant's minority-owned business status, women-owned business 
status, and its principal owners' ethnicity, race, and sex, the 
financial institution may determine that all employees and officers 
who have been assigned the position of loan officer should have 
access for purposes of Sec.  1002.108.
    108(b) Prohibition on access to certain information.

[[Page 56603]]

    1. Scope of information subject to the prohibition. i. When the 
prohibition applies. The prohibition in Sec.  1002.108(b) applies 
only to an applicant's responses to the inquiries that the covered 
financial institution makes to satisfy Sec.  1002.107(a)(18) through 
(20). For example, if a financial institution satisfies Sec.  
1002.107(a)(18) through (20) by using a paper data collection form 
to ask an applicant if it is a minority-owned business, if it is a 
women-owned business, and for the ethnicity, race, and sex of its 
principal owners, the prohibition applies to the responses that the 
applicant provides on the paper data collection form and any other 
paper or electronic records that the financial institution creates 
based on the applicant's responses provided on the paper data 
collection form. Similarly, if a financial institution satisfies 
Sec.  1002.107(a)(18) through (20) by asking an applicant about its 
minority-owned business status, its women-owned business status, and 
the ethnicity, race, and sex of its principal owners during a 
telephone call, the prohibition applies to the responses to those 
inquiries provided during that telephone call and to any records 
created on the basis of those responses.
    ii. When the prohibition does not apply. Because the prohibition 
in Sec.  1002.108(b) only applies to the applicant's responses to 
the inquiries that the financial institution makes to satisfy Sec.  
1002.107(a)(18) through (20), the prohibition does not apply to 
ethnicity or race information about principal owners that the 
financial institution collects via visual observation or surname. 
Additionally, the prohibition in Sec.  1002.108(b) does not apply to 
an applicant's responses to inquiries regarding minority-owned or 
women-owned business status, or principal owners' ethnicity, race, 
or sex, made for other purposes. Thus, an employee or officer who 
obtains information to determine if an applicant is eligible for a 
Small Business Administration program for women-owned businesses may 
make determinations concerning the applicant's covered application 
without regard to whether the exception in Sec.  1002.108(c) is 
satisfied. Additionally, Sec.  1002.108(b) does not prohibit an 
employee or officer from making a determination regarding a covered 
application if the employee or officer generally knows that an 
applicant is a minority-owned business or women-owned business or 
knows the ethnicity, race, or sex of any of the applicant's 
principal owners due to activities unrelated to the inquiries made 
to satisfy the financial institution's obligations under subpart B 
of this part. Thus, an employee or officer who knows, for example, 
that an applicant is a minority-owned business due to social 
relationships or other professional relationships with the applicant 
or any of its principal owners may make determinations concerning 
the applicant's covered application.
    2. Scope of persons subject to the prohibition. The prohibition 
in Sec.  1002.108(b) applies to an employee or officer of a covered 
financial institution or its affiliate if the employee or officer is 
involved in making any determination concerning a covered 
application. For example, if a financial institution is affiliated 
with company B and an employee of company B is involved in making a 
determination regarding a covered application on behalf of the 
financial institution, then the financial institution must comply 
with Sec.  1002.108 with regard to company B's employee. Section 
1002.108 does not require a financial institution to limit the 
access of employees and officers of third parties who are not 
affiliates of the financial institution. Section 1002.108 does not 
require a financial institution to limit the access of third parties 
(who are not employees or officers of the financial institution or 
its affiliates) through whom the financial institution receives 
covered applications.
    108(c) Exception to the prohibition on access to certain 
information.
    1. General. A financial institution is not required to limit the 
access of a particular employee or officer who is involved in making 
determinations concerning covered applications if the financial 
institution determines that the particular employee or officer 
should have access to the information collected pursuant to Sec.  
1002.107(a)(18) through (20) and the financial institution provides 
the notice required by Sec.  1002.108(d). A financial institution 
can also determine that several employees and officers should have 
access or that all of a group of similarly situated employees or 
officers should have access. See comment 108(a)-2. However, the 
financial institution cannot permit all employees and officers to 
have access simply because it has determined that one or more 
employees or officers should have access. For example, a financial 
institution may determine that a single compliance officer or all of 
its compliance officers should have access and then permit one or 
all of its compliance officers, respectively, to have access. 
However, the financial institution cannot permit other employees or 
officers to have access unless it independently determines that they 
should have access.
    108(d) Notice.
    1. General. If a financial institution determines that one or 
more employees or officers should have access pursuant to Sec.  
1002.108(c), the financial institution must provide the required 
notice to, at a minimum, the applicant or applicants whose responses 
will be accessed by an employee or officer involved in making 
determinations regarding the applicant's or applicants' covered 
applications. Alternatively, the financial institution may also 
provide the required notice to larger group of applicants, including 
all applicants, if it determines that one or more officers or 
employees should have access.
    2. Content of the required notice. The notice must inform the 
applicant that one or more employees and officers involved in making 
determinations regarding the applicant's covered application may 
have access to the applicant's responses regarding the applicant's 
minority-owned business status, women-owned business status, and its 
principal owners' ethnicity, race, and sex. The financial 
institution may, but is not required to, provide the notice on its 
data collection form. If the financial institution provides the 
notice on an electronic or paper data collection form, the notice 
must use language substantially similar to the following: 
``Employees and officers making determinations concerning an 
application, such as loan officers and underwriters, may have access 
to the information provided on this form.'' If the financial 
institution provides the notice orally, it must use language 
substantially similar to the following: ``Employees and officers 
making determinations concerning your application, such as loan 
officers and underwriters, may have access to your responses 
regarding your minority-owned business status, your women-owned 
business status, and your principal owners' ethnicity, race, or 
sex.''
    3. Timing for providing the notice. If the financial institution 
is providing the notice orally, it must provide the notice required 
by Sec.  1002.108(d) prior to asking the applicant if it is a 
minority-owned business or women-owned business and prior to asking 
for a principal owner's ethnicity, race, or sex. If the notice is 
provided on the same paper or electronic data collection form as the 
inquiries about minority-owned business status, women-owned business 
status, and the principal owners' ethnicity, race, or sex, the 
notice must appear at the top of the form. If the notice is provided 
in an electronic or paper document that is separate from the data 
collection form, the notice must be provided at the same time as the 
data collection form or prior to providing data collection form. 
Additionally, the notice must be provided with the non-
discrimination notices required pursuant to Sec.  1002.107(a)(18) 
through (20). See appendix E.

Section 1002.109--Reporting of Data to the Bureau

    109(a) Reporting to the Bureau.
    109(a)(2) Reporting by subsidiaries.

1. Subsidiaries. A covered financial institution is considered a 
subsidiary of another covered financial institution for purposes of 
reporting data pursuant to Sec.  1002.109 if more than 50 percent 
of the ownership or control of the first covered financial 
institution is held by the second covered financial institution.

    109(a)(3) Reporting obligations where multiple financial 
institutions are involved in a covered credit transaction.
    1. General. The following provides guidance on how to report 
originations and applications involving more than one institution. 
The discussion below assumes that all of the parties are covered 
financial institutions. However, the same principles apply if any of 
the parties is not a covered financial institution. See also comment 
109(a)(3)-2 (providing examples of transactions involving more than 
one financial institution) and comment 109(a)(3)-3 (discussing how 
to report actions taken by agents).
    i. Only one financial institution reports each originated 
covered credit transaction as an origination. If more than one 
financial institution was involved in the origination of a covered 
credit transaction, the financial institution that made the final 
credit decision approving the application reports the covered

[[Page 56604]]

credit transaction as an origination. It is not relevant whether the 
covered credit transaction closed or, in the case of an application, 
would have closed in the financial institution's name. If more than 
one financial institution approved an application prior to closing 
or account opening and one of those financial institutions purchased 
the covered credit transaction after closing, the financial 
institution that purchased the covered credit transaction after 
closing reports the covered credit transaction as an origination. If 
a financial institution reports a transaction as an origination, it 
reports all of the information required for originations, even if 
the covered credit transaction was not initially payable to the 
financial institution that is reporting the covered credit 
transaction as an origination.
    ii. In the case of an application for a covered credit 
transaction that did not result in an origination, a financial 
institution reports the action it took on that application if it 
made a credit decision on the application or was reviewing the 
application when the application was withdrawn or closed for 
incompleteness. It is not relevant whether the financial institution 
received the application directly from the applicant or indirectly 
through another party, such as a broker, or whether another 
financial institution also reviewed and reported an action taken on 
the same application.
    2. Examples. The following scenarios illustrate how a financial 
institution reports a particular application or originated covered 
credit transaction. The illustrations assume that all of the parties 
are covered financial institutions. However, the same principles 
apply if any of the parties is not a covered financial institution.
    i. Financial Institution A received a covered application from 
an applicant and forwarded that application to Financial Institution 
B. Financial Institution B reviewed the application and approved the 
covered credit transaction prior to closing. The covered credit 
transaction closed in Financial Institution A's name. Financial 
Institution B purchased the covered credit transaction from 
Financial Institution A after closing. Financial Institution B was 
not acting as Financial Institution A's agent. Since Financial 
Institution B made the final credit decision prior to closing, 
Financial Institution B reports the application as an origination. 
Financial Institution A does not report the application.
    ii. Financial Institution A received a covered application from 
an applicant and forwarded that application to Financial Institution 
B. Financial Institution B reviewed the application before the 
covered credit transaction would have closed, but the application 
did not result in an origination because Financial Institution B 
denied the application. Financial Institution B was not acting as 
Financial Institution A's agent. Since Financial Institution B made 
the credit decision, Financial Institution B reports the application 
as a denial. Financial Institution A does not report the 
application. If, under the same facts, the application was withdrawn 
before Financial Institution B made a credit decision, Financial 
Institution B would report the application as withdrawn and 
Financial Institution A would not report the application.
    iii. Financial Institution A received a covered application from 
an applicant and approved the application before closing the loan in 
its name. Financial Institution A was not acting as Financial 
Institution B's agent. Financial Institution B later purchased the 
covered credit transaction from Financial Institution A. Financial 
Institution B did not review the application before closing. 
Financial Institution A reports the application as an origination. 
Financial Institution B has no reporting obligation for this 
transaction.
    iv. Financial Institution A received a covered application from 
an applicant. If approved, the covered credit transaction would have 
closed in Financial Institution B's name. Financial Institution A 
denied the application without sending it to Financial Institution B 
for approval. Financial Institution A was not acting as Financial 
Institution B's agent. Since Financial Institution A made the credit 
decision before the loan would have closed, Financial Institution A 
reports the application. Financial Institution B does not report the 
application.
    v. Financial Institution A reviewed a covered application and 
made the credit decision to approve a covered credit transaction 
using the underwriting criteria provided by a third party (e.g., 
another financial institution or party). The third party did not 
review the application and did not make a credit decision prior to 
closing. Financial Institution A was not acting as the third party's 
agent. Financial Institution A reports the application. The third 
party has no reporting obligation for this application. Assume the 
same facts, except that Financial Institution A made a credit 
decision to approve the application, and the applicant chose not to 
accept the covered credit transaction from Financial Institution A. 
Financial Institution A reports the application as approved but not 
accepted and the third party does not report the application.
    vi. Financial Institution A reviewed and made the credit 
decision on a covered application based on the criteria of a third-
party insurer or guarantor (for example, a government or private 
insurer or guarantor). Financial Institution A reports the action 
taken on the application.
    vii. Financial Institution A received a covered application and 
forwarded it to Financial Institutions B and C. Financial 
Institution A made a credit decision, acting as Financial 
Institution D's agent, and approved the application. Financial 
Institution B made a credit decision approving the application, and 
Financial Institution C made a credit decision denying the 
application. The applicant did not accept the covered credit 
transaction from Financial Institution D. Financial Institution D 
reports the application as approved but not accepted. Financial 
Institution A does not report the application. The applicant 
accepted the offer of credit from Financial Institution B, and 
credit was extended. Financial Institution B reports the 
origination. Financial Institution C reports the application as 
denied.
    3. Agents. If a covered financial institution made a credit 
decision on a covered application through the actions of an agent, 
the financial institution reports the application. For example, 
acting as Financial Institution A's agent, Financial Institution B 
approved an application prior to closing and a covered credit 
product was originated. Financial Institution A reports the covered 
credit product as an origination. State law determines whether one 
party is the agent of another.
    109(b) Financial institution identifying information.
    Paragraph 109(b)(4).
    1. Federal prudential regulator. For purposes of Sec.  
1002.109(b)(4), Federal prudential regulator means, if applicable, 
the Federal prudential regulator for a financial institution that is 
a depository institution as determined pursuant to section 3q of the 
Federal Deposit Insurance Act (12 U.S.C. 1813(q)), including the 
Office of the Comptroller of the Currency, the Federal Deposit 
Insurance Corporation, or the Board of Governors of the Federal 
Reserve System; or the National Credit Union Administration Board 
for financial institutions that are Federal credit unions.
    2. Change in Federal prudential regulator. If the Federal 
prudential regulator for a financial institution changes (as a 
consequence of a merger or a change in the institution's charter, 
for example), the institution must identify its new Federal 
prudential regulator in its data submission under Sec.  1002.109 for 
the calendar year of the change. For example, if a financial 
institution's Federal prudential regulator changes in February 2026, 
it must identify its new Federal prudential regulator in the annual 
submission for its 2026 data (which is due by June 1, 2027) pursuant 
to Sec.  1002.109(b)(4).
    Paragraph 109(b)(5).
    1. Federal Taxpayer Identification Number. If a financial 
institution obtains a new Federal Taxpayer Identification Number 
(TIN), it should provide the new number in its subsequent data 
submission. For example, if two financial institutions that 
previously reported data under subpart B of this part merge and the 
surviving institution retained its Legal Entity Identifier but 
obtained a new TIN, then the surviving institution should report the 
new TIN with its data submission. For example, if a financial 
institution's TIN changes in February 2026, it must identify its new 
TIN in the annual submission for its 2026 data (which is due by June 
1, 2027) pursuant to Sec.  1002.109(b)(5).
    Paragraph 109(b)(6).
    1. Legal Entity Identifier (LEI). A Legal Entity Identifier is a 
utility endorsed by the LEI Regulatory oversight committee, or a 
utility endorsed or otherwise governed by the Global LEI Foundation 
(GLEIF) (or any successor of the GLEIF) after the GLEIF assumes 
operational governance of the global LEI system. A financial 
institution complies with Sec.  1002.109(b)(6) by reporting its 
current LEI number. A financial institution that does not currently 
possess an LEI number must obtain an LEI number, and has an ongoing 
obligation to maintain the LEI number. The GLEIF website provides a 
list of LEI issuing

[[Page 56605]]

organizations. A financial institution may obtain an LEI, for 
purposes of complying with Sec.  1002.109(b)(6), from any one of the 
issuing organizations listed on the GLEIF website.
    Paragraph 109(b)(7).
    1. RSSD ID number. The RSSD ID is a unique identifying number 
assigned to institutions, including main offices and branches, by 
the Board of Governors of the Federal Reserve System. A financial 
institution's RSSD ID may be found on the website of the National 
Information Center, which provides comprehensive financial and 
structure information on banks and other institutions for which the 
Federal Reserve Board has a supervisory, regulatory, or research 
interest including both domestic and foreign banking organizations 
that operate in the United States. If a financial institution does 
not have an RSSD ID, it reports that this information is not 
applicable.
    Paragraph 109(b)(8).
    1. Immediate parent entity. An entity is the immediate parent of 
a financial institution for purposes of Sec.  1002.109(b)(8)(i) 
through (iii) if it is a separate entity that directly owns more 
than 50 percent of the financial institution.
    2. Top-holding parent entity. An entity is the top-holding 
parent of a financial institution for purposes of Sec.  
1002.109(b)(8)(iv) through (vi) if it ultimately owns more than 50 
percent of the financial institution, and the entity itself is not 
controlled by any other entity. If the immediate parent entity and 
the top-holding parent entity are the same, the financial 
institution reports that Sec.  1002.109(b)(8)(iv) through (vii) are 
not applicable.
    3. LEI. For purposes of Sec.  1002.109(b)(8)(ii) and (v), a 
financial institution shall report the LEI of a parent entity if the 
parent entity has an LEI number. If a financial institution's parent 
entity does not have an LEI, the financial institution reports that 
this information is not applicable.
    4. RSSD ID numbers. For purposes of Sec.  1002.109(b)(8)(iii) 
and Sec.  1002.109(b)(8)(vi), a financial institution shall report 
the RSSD ID number of a parent entity if the entity has an RSSD ID 
number. If a financial institution's parent entity does not have an 
RSSD ID, the financial institution reports that this information is 
not applicable.
    Paragraph 109(b)(9).
    1. Type of financial institution. A financial institution 
complies with Sec.  1002.109(b)(9) by selecting the applicable type 
or types of financial institution from the list below. A financial 
institution shall select all applicable types.
    i. Bank or savings association.
    ii. Minority depository institution.
    iii. Credit union.
    iv. Nondepository institution.
    v. Community development financial institution (CDFI).
    vi. Other nonprofit financial institution.
    vii. Farm Credit System institution.
    viii. Government lender.
    ix. Commercial finance company.
    x. Equipment finance company.
    xi. Industrial loan company.
    xii. Fintech.
    xiii. Other.
    2. Use of ``other'' for type of financial institution. A 
financial institution reports type of financial institution as 
``other'' where none of the enumerated types of financial 
institution appropriately describe the applicable type of financial 
institution, and the institution reports the type of financial 
institution as free-form text. A financial institution that selects 
at least one type from the list is permitted, but not required, to 
also report ``other'' (with appropriate free-form text) if there is 
an additional aspect of its business that is not one of the 
enumerated types set out in comment 109(b)(9)-1.
    Paragraph 109(b)(10).
    1. Financial institutions that voluntarily report covered 
applications under subpart B of this part. A financial institution 
that is not a covered financial institution pursuant to Sec.  
1002.105(b) but that elects to voluntarily compile, maintain, and 
report data under Sec. Sec.  1002.107 through 1002.109 (see comment 
1002.105(b)-6) complies with Sec.  1002.109(b)(10) by selecting 
``voluntary reporter.''
    109(c) Procedures for the submission of data to the Bureau.
    1. Filing Instructions Guide. The Bureau includes in the Filing 
Instructions Guide additional details and procedures for the 
submission of data to the Bureau pursuant to Sec.  1002.109, as well 
as any related materials, which are available at [a designated 
Bureau website].

Section 1002.110--Publication of Data

    110(c) Statement of financial institution's small business 
lending data available on the Bureau's website.
    1. Statement. A financial institution shall provide the 
statement required by Sec.  1002.110(c) using the following, or 
substantially similar, language:

Small Business Lending Data Notice

    Data about our small business lending are available online for 
review at the Consumer Financial Protection Bureau's website at [a 
designated Bureau website]. The data show the geographic 
distribution of our small business lending applications; information 
about our loan approvals and denials; and demographic information 
about the principal owners of our small business applicants. The 
Bureau may delete or modify portions of our data prior to posting it 
if the Bureau determines that doing so would advance a privacy 
interest. Small business lending data for many other financial 
institutions are also available at this website.
    2. website. A financial institution without a website complies 
with Sec.  1002.110(c) by making a written statement using the 
language in comment 110(c)-1, or substantially similar language, 
available upon request.

Section 1002.111--Recordkeeping

    111(a) Record retention.
    1. Evidence of compliance. Section 1002.111(a) requires a 
financial institution to retain evidence of compliance with subpart 
B of this part for at least three years after its small business 
lending application register is required to be submitted to the 
Bureau pursuant to Sec.  1002.109. In addition to the financial 
institution's small business lending application register, such 
evidence of compliance is likely to include, but is not limited to, 
the applications for credit from which information in the register 
is drawn, as well as the files or documents that, under Sec.  
1002.111(b), are kept separate from the applications for credit.
    2. Record retention for creditors under Sec.  1002.5(a)(4)(vii) 
and (viii). A creditor that is voluntarily, under Sec.  
1002.5(a)(4)(vii) and (viii), collecting information pursuant to 
subpart B of this part complies with Sec.  1002.111(a) by retaining 
evidence of compliance with subpart B for at least three years after 
June 1 of the year following the year that data was collected.
    111(b) Certain information kept separate from the rest of the 
application.
    1. Separate from the application. A financial institution may 
satisfy the requirement in Sec.  1002.111(b) by keeping an 
applicant's responses to the financial institution's request 
pursuant to Sec.  1002.107(a)(18) through (20) in a file or document 
that is discrete or distinct from the application and its 
accompanying information. For example, such information could be 
collected on a piece of paper that is separate from the rest of the 
application form. In order to satisfy the requirement in Sec.  
1002.111(b), an applicant's responses to the financial institution's 
request pursuant to Sec.  1002.107(a)(18) through (20) need not be 
maintained in a separate electronic system, nor need they be removed 
from the physical files containing the application. However, the 
financial institution may nonetheless need to keep this information 
in a different electronic or physical file in order to satisfy the 
requirements of Sec.  1002.108.
    111(c) Limitation on personally identifiable information in 
records retained under this section.
    1. Small business lending application register. The prohibition 
in Sec.  1002.111(c) applies to data compiled and maintained 
pursuant to Sec.  1002.107, data in the small business lending 
application register submitted by the financial institution to the 
Bureau under Sec.  1002.109, the version of the register that the 
financial institution maintains under Sec.  1002.111(a), and the 
separate record of certain information created pursuant to Sec.  
1002.111(b).
    2. Examples. Section 1002.111(c) prohibits a financial 
institution from including any name, specific address (other than 
the census tract required under Sec.  1002.107(a)(13)), telephone 
number, or email address in the data it compiles and maintains 
pursuant to Sec.  1002.107, in its records under Sec.  1002.111(b), 
or in data reported to the Bureau under Sec.  1002.109. It likewise 
prohibits a financial institution from including any personally 
identifiable information concerning any individual who is, or is 
connected with, an applicant, except as required pursuant to Sec.  
1002.107 or Sec.  1002.111(b). Examples of such personally 
identifiable information that a financial institution may not 
include in its small business lending application register include, 
but are not limited to, the following: Date of birth, Social 
Security number, official government-issued driver's license or

[[Page 56606]]

identification number, alien registration number, government 
passport number, or employer or taxpayer identification number.
    3. Other records. The prohibition in Sec.  1002.111(c) does not 
extend to the application or any other records that the financial 
institution maintains.
    4. Name and business contact information for submission. The 
prohibition in Sec.  1002.111(c) does not bar financial institutions 
from providing to the Bureau, pursuant to Sec.  1002.109(b)(3), the 
name and business contact information of the person who may be 
contacted with questions about the financial institution's 
submission under Sec.  1002.109.

Section 1002.112--Enforcement

    112(b) Bona fide errors.
    1. Tolerances for bona fide errors. Section 1002.112(b) provides 
that a financial institution is presumed to maintain procedures 
reasonably adapted to avoid errors with respect to a given data 
field if the number of errors found in a random sample of the 
financial institution's data submission for the data field does not 
equal or exceed a threshold specified by the Bureau for this 
purpose. The Bureau's thresholds appear in column C of the table in 
appendix H. The size of the random sample, set out in column B, 
shall depend on the size of the financial institution's small 
business lending application register, as shown in column A of the 
table in appendix H. A financial institution has not maintained 
procedures reasonably adapted to avoid errors if either there is a 
reasonable basis to believe the error was intentional or there is 
other evidence that the financial institution has not maintained 
procedures reasonably adapted to avoid errors. To illustrate, assume 
that a financial institution has incorrectly coded withdrawn 
applications as denials to such an extent that it likely prevents 
reliable fair lending analysis of underwriting disparities. If so, 
the errors would not be deemed bona fide errors under Sec.  
1002.112(b) and would violate the Act and this Regulation.
    2. Tolerances and data fields. For purposes of determining 
whether an error is bona fide under Sec.  1002.112(b), the term 
``data field'' generally refers to individual fields. However, with 
respect to information on the ethnicity and race of an applicant's 
principal owner, a data field group consists of more than one field. 
If one or more of the fields within an ethnicity or race field group 
have errors, they count as one (and only one) error for that data 
field group. For instance, in the ethnicity data field group, if an 
applicant indicates that one of its principal owners is Cuban, but 
the financial institution reports that the principal owner is 
Mexican and Puerto Rican, the financial institution has made errors 
in two fields within the ethnicity data field group for that 
principal owner. For purposes of the error threshold table in 
appendix H, the financial institution is deemed to have made one 
error. However, a financial institution that makes, for example, one 
error in the race data field group and one error in the ethnicity 
field group regarding a particular principal owner has made two 
errors for purposes of the error threshold table in appendix H.
    3. Tolerances and safe harbors. An error that meets the criteria 
for one of the four safe harbor provisions in Sec.  1002.112(c) is 
not counted as an error for purposes of determining whether a 
financial institution has exceeded the relevant error threshold in 
appendix H for a given data field.
    112(c) Safe harbors.
    1. Information from a Federal agency--census tract. Section 
1002.112(c)(1) provides that an incorrect entry for census tract is 
not a violation of the Act or subpart B of this part, if the 
financial institution obtained the census tract using a geocoding 
tool provided by the FFIEC or the Bureau. However, this safe harbor 
provision does not extend to a financial institution's failure to 
provide the correct census tract number for a covered application on 
its small business lending application register, as required by 
Sec.  1002.107(a)(13), because the FFIEC or Bureau geocoding tool 
did not return a census tract for the address provided by the 
financial institution. In addition, this safe harbor provision does 
not extend to a census tract error that results from a financial 
institution entering an inaccurate address into the FFIEC or Bureau 
geocoding tool.
    2. Applicability of NAICS code safe harbor. A financial 
institution is permitted to rely on an applicant's representations 
or on other information regarding the NAICS code as described in 
comments 107(a)(15)-3 and -4. The safe harbor in Sec.  
1002.112(c)(2) applies when a financial institution does not rely on 
such information, but instead the financial institution identifies 
the NAICS code for an applicant and the NAICS code is incorrect. 
Where the incorrect NAICS code entry is due to an unintentional 
error, the safe harbor in Sec.  1002.112(c)(2) may apply in addition 
to the bona fide error provision in Sec.  1002.112(b), provided its 
requirements are met.
* * * * *

     Dated: August 31, 2021.
David Uejio,
Acting Director, Bureau of Consumer Financial Protection.
[FR Doc. 2021-19274 Filed 9-30-21; 4:15 pm]
 BILLING CODE 4810-25-P