[Federal Register Volume 89, Number 128 (Wednesday, July 3, 2024)]
[Rules and Regulations]
[Pages 55024-55033]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2024-14396]


=======================================================================
-----------------------------------------------------------------------

CONSUMER FINANCIAL PROTECTION BUREAU

12 CFR Part 1002

[Docket No. CFPB-2024-0018]
RIN 3170-AA09


Small Business Lending Under the Equal Credit Opportunity Act 
(Regulation B); Extension of Compliance Dates

AGENCY: Consumer Financial Protection Bureau.

ACTION: Interim final rule with request for public comment.

-----------------------------------------------------------------------

SUMMARY: In light of court orders in ongoing litigation, the Consumer 
Financial Protection Bureau (CFPB or Bureau) is amending Regulation B 
to extend the compliance dates set forth in its 2023 small business 
lending rule and to make other date-related conforming adjustments.

DATES: This interim final rule is effective August 2, 2024. Comments 
must be received on or before August 2, 2024.

ADDRESSES: You may submit comments, identified by Docket No. CFPB-2024-
0018 or RIN 3170-AA09, by any of the following methods:
     Federal eRulemaking Portal: https://www.regulations.gov. 
Follow the instructions for submitting comments. A brief summary of 
this document will be available at https://www.regulations.gov/docket/CFPB-2024-0018.
     Email: [email protected]. Include 
Docket No. CFPB-2024-0018 or RIN 3170-AA09 in the subject line of the 
message.
     Mail/Hand Delivery/Courier: Comment Intake--Small Business 
Lending Compliance Dates, c/o Legal Division Docket Manager, Consumer 
Financial Protection Bureau, 1700 G Street NW, Washington, DC 20552.
    Instructions: The CFPB encourages the early submission of comments. 
All submissions should include the agency name and docket number or 
Regulatory Information Number (RIN) for this rulemaking. Because paper 
mail is subject to delay, commenters are encouraged to submit comments 
electronically. In general, all comments received will be posted 
without change to https://www.regulations.gov.
    All submissions, including attachments and other supporting 
materials, will become part of the public record and subject to public 
disclosure. Proprietary information or sensitive personal information, 
such as account numbers or Social Security numbers, or names of other 
individuals, should not be included. Submissions will not be edited to 
remove any identifying or contact information.

FOR FURTHER INFORMATION CONTACT: George Karithanom, Regulatory 
Implementation and Guidance Program Analyst, Office of Regulations, at 
202-435-7700 or https://reginquiries.consumerfinance.gov/. If you 
require this document in an alternative electronic format, please 
contact [email protected].

SUPPLEMENTARY INFORMATION:

I. Background

    In 2010, Congress passed the Dodd-Frank Wall Street Reform and 
Consumer Protection Act (Dodd-Frank Act). Section 1071 of that Act \1\ 
amended the Equal Credit Opportunity Act (ECOA) \2\ to require that 
financial institutions collect and report to the CFPB certain data 
regarding applications for credit for women-owned, minority-owned, and 
small businesses. Section 1071's statutory purposes are to (1) 
facilitate enforcement of fair lending laws, and (2) enable 
communities, governmental entities, and creditors to identify business 
and community development needs and opportunities of women-owned, 
minority-owned, and small businesses.
---------------------------------------------------------------------------

    \1\ Public Law 111-203, tit. X, section 1071, 124 Stat. 1376, 
2056 (2010), codified at ECOA section 704B, 15 U.S.C. 1691c-2.
    \2\ 15 U.S.C. 1691 et seq.
---------------------------------------------------------------------------

    Section 1071 directs the CFPB to prescribe such rules and issue 
such guidance as may be necessary to carry out, enforce, and compile 
data pursuant to section 1071. On March 30, 2023, the CFPB issued a 
final rule to implement section 1071 by adding subpart B to Regulation 
B (2023 final rule). The 2023 final rule was published in the Federal 
Register on May 31, 2023.\3\ Further details about section 1071 and 
this rulemaking can be found in the preamble to the 2023 final rule.
---------------------------------------------------------------------------

    \3\ 88 FR 35150 (May 31, 2023).
---------------------------------------------------------------------------

    Subsequently, some lenders filed challenges to the 2023 final rule 
in the United States District Court for the Southern District of 
Texas.\4\ On July 31, 2023, the court issued an order \5\ that 
preliminarily enjoined the CFPB from implementing and enforcing the 
2023 final rule against plaintiffs and their members pending the 
Supreme Court's reversal of Community Financial Services Association of 
America, Ltd. v. CFPB, 51 F.4th 616 (5th Cir. 2022), cert. granted, 143 
S. Ct. 978 (2023) (CFSA), a trial on the merits, or until further court 
order. The court's order also stayed all deadlines for compliance with 
the requirements of the 2023 final rule for plaintiffs and their 
members pending the outcome of the Supreme Court case. The Texas court 
ordered that, in the event of a reversal in the Supreme Court case, the 
CFPB extend plaintiffs' and their members' deadlines for compliance 
with the 2023 final rule to compensate for the period stayed. Following 
motions to intervene by a number of other parties, on October 26, 2023, 
the Texas court extended the terms of its order to all covered 
financial institutions (i.e., issued a nationwide stay).\6\
---------------------------------------------------------------------------

    \4\ Texas Bankers Ass'n v. CFPB, No. 7:23-cv-00144 (S.D. Tex.).
    \5\ Order Granting-in-Part and Denying-in-Part Pls.' Mot. for 
Prelim. Injunction, Texas Bankers Ass'n, No. 7:23-cv-00144 (S.D. 
Tex. July 31, 2023), ECF No. 25, https://files.consumerfinance.gov/f/documents/cfpb_pi_order_texas_bankers.pdf.
    \6\ Order Granting Intervenors' Mots. For Prelim. Injunction, 
Texas Bankers Ass'n, No. 7:23-cv-00144 (S.D. Tex. Oct. 26, 2023), 
ECF No. 69, https://files.consumerfinance.gov/f/documents/cfpb_pi_second_order_texas_bankers.pdf.
---------------------------------------------------------------------------

    On May 16, 2024, the Supreme Court reversed the Fifth Circuit's 
ruling in CFSA.\7\
---------------------------------------------------------------------------

    \7\ CFPB v. Cmty. Fin. Servs. Ass'n of Am., Ltd., 601 U.S. 416 
(2024).
---------------------------------------------------------------------------

Summary of the Interim Final Rule

    In this interim final rule, the CFPB is extending the compliance 
dates set forth in the 2023 final rule and making conforming 
adjustments. Consistent with existing court orders, the compliance 
dates are being extended 290 days to compensate for the period the rule 
was stayed (July 31, 2023 to May 16, 2024). Thus, covered financial 
institutions must begin collecting data as follows:

[[Page 55025]]



                                 Table 1--Compliance Dates and Filing Deadlines
----------------------------------------------------------------------------------------------------------------
                                         Original compliance
           Compliance tier                       date             New compliance date     First filing deadline
----------------------------------------------------------------------------------------------------------------
Highest volume lenders...............  October 1, 2024........  July 18, 2025..........  June 1, 2026.
Moderate volume lenders..............  April 1, 2025..........  January 16, 2026.......  June 1, 2027.
Smallest volume lenders..............  January 1, 2026........  October 18, 2026.......  June 1, 2027.
----------------------------------------------------------------------------------------------------------------

    Covered financial institutions are permitted to continue using 
their small business originations from 2022 and 2023 to determine their 
compliance tier, or they may use their originations from 2023 and 2024. 
Covered financial institutions are permitted to begin collecting 
protected demographic data required under the 2023 final rule 12 months 
before their new compliance date, in order to test their procedures and 
systems. As illustrated above, the deadline for submitting small 
business lending data will remain June 1 following the calendar year 
for which data are collected. Finally, the CFPB is updating its grace 
period policy statement to reflect the revised compliance dates.
    The CFPB seeks comment on this interim final rule.

II. Legal Authority

    The CFPB adopted the 2023 final rule pursuant to its authority 
under section 1071, which directs the CFPB to adopt rules governing the 
collection and reporting of small business lending data. Some aspects 
of the 2023 final rule were also adopted under the CFPB's more general 
rulemaking authorities in ECOA. The CFPB's legal authorities are 
discussed in detail in the 2023 final rule.\8\
---------------------------------------------------------------------------

    \8\ See, e.g., 88 FR 35150, 35173-74 (May 31, 2023).
---------------------------------------------------------------------------

    The CFPB is adopting this interim final rule to extend the 2023 
final rule's compliance dates. ECOA section 704B(g)(1) grants the CFPB 
general rulemaking authority for section 1071.

III. Administrative Procedure Act

    The Administrative Procedure Act (APA) does not require notice and 
opportunity for public comment if an agency for good cause finds that 
notice and public comment are impracticable, unnecessary, or contrary 
to the public interest.\9\ The CFPB finds that prior notice and public 
comment are unnecessary because this interim final rule implements a 
court's order to extend the 2023 final rule's compliance dates and 
makes other date-related conforming adjustments. Covered financial 
institutions need to know the new compliance dates promptly so they can 
resume implementation efforts; further delay in finalizing those dates 
would be contrary to the public interest. The CFPB already solicited 
and received comment on the substance of the provisions that it is now 
amending, both during its 2020 consultation with representatives of 
small businesses pursuant to the Small Business Regulatory Enforcement 
Fairness Act \10\ and in its 2021 proposed rule.\11\
---------------------------------------------------------------------------

    \9\ 5 U.S.C. 553(b)(B).
    \10\ CFPB, Small Business Advisory Review Panel for Consumer 
Financial Protection Bureau Small Business Lending Data Collection 
Rulemaking, Outline of Proposals Under Consideration and 
Alternatives Considered (Sept. 15, 2020), https://files.consumerfinance.gov/f/documents/cfpb_1071-sbrefa_outline-of-proposals-under-consideration_2020-09.pdf; and CFPB, Final Report of 
the Small Business Review Panel on the CFPB's Proposals Under 
Consideration for the Small Business Lending Data Collection 
Rulemaking (Dec. 14, 2020), https://files.consumerfinance.gov/f/documents/cfpb_1071-sbrefa-report.pdf.
    \11\ 86 FR 56356 (Oct. 8, 2021).
---------------------------------------------------------------------------

IV. Discussion of the Final Rule

    As discussed above, the court in Texas Bankers Association v. CFPB 
directed the CFPB to extend the compliance dates set forth in the 2023 
final rule to compensate for the period the rule was stayed pending the 
Supreme Court's decision in CFSA. To facilitate compliance across all 
covered financial institutions, the CFPB is using July 31, 2023 as the 
base date to calculate the length of the compliance date extension for 
all covered financial institutions, including the initial plaintiffs 
and their members as well as the intervening parties. The CFPB is 
extending the 2023 final rule's compliance dates by 290 days (i.e., the 
number of days that elapsed between the court's July 31, 2023 order and 
the Supreme Court's decision in CFSA on May 16, 2024).

A. Changes to Compliance Date Provisions

    The 2023 final rule's compliance dates are set forth in Sec.  
1002.114(b). That section looks to a financial institution's volume of 
covered credit transactions for small businesses in each of calendar 
years 2022 and 2023 to determine the applicable compliance date. The 
2023 final rule provided that covered financial institutions that 
originated at least 2,500 covered transactions in both years were 
required to comply with the requirements of the 2023 final rule 
beginning October 1, 2024 (sometimes referred to as Tier 1 
institutions). Covered financial institutions not in Tier 1 that 
originated at least 500 covered transactions in both years were 
required to comply beginning April 1, 2025 (Tier 2), and covered 
financial institutions not in Tier 1 or Tier 2 that originated at least 
100 covered transactions in both years were required to comply 
beginning January 1, 2026 (Tier 3). The 2023 final rule also provided 
that a financial institution that did not originate at least 100 
covered transactions in both 2022 and 2023 but that subsequently 
originates at least 100 such transactions in two consecutive calendar 
years must comply with the rule in accordance with Sec.  1002.105(b), 
but in any case no earlier than January 1, 2026.
    In this interim final rule, the CFPB is extending each of the 
compliance dates set forth in Sec.  1002.114(b) by 290 days. Thus, Tier 
1 institutions now have a compliance date of July 18, 2025, Tier 2 
institutions now have a compliance date of January 16, 2026, and Tier 3 
institutions now have a compliance date of October 18, 2026. Likewise, 
institutions that did not originate at least 100 covered transactions 
in 2022 and 2023 but subsequently do in two consecutive calendar years 
are not required to comply with the rule until October 18, 2026 at the 
earliest. The CFPB is making corresponding updates throughout the 
commentary accompanying Sec.  1002.114(b), which provide additional 
guidance and examples regarding compliance dates. The CFPB is also 
revising comments 105(b)-2 and -6 and 109(b)-1, which involve examples 
of data collection occurring in years affected by the extended 
compliance dates in this interim final rule.

B. Voluntary Early Collection of Protected Demographic Data

    Section 1002.114(c) addresses several transitional issues. Section 
1002.114(c)(1) permits financial institutions to collect protected 
demographic information required under the 2023 final rule from small 
business applicants beginning 12

[[Page 55026]]

months prior to its compliance date. As this provision does not list 
any compliance dates specifically, no revisions are needed. Thus, a 
Tier 1 institution is permitted to begin collecting protected 
demographic information on or after July 18, 2024; a Tier 2 institution 
may begin on or after January 16, 2025; and a Tier 3 institution may 
begin on or after October 18, 2025, in order to test their procedures 
and systems for compiling and maintaining this information in advance 
of actually being required to collect and subsequently report it to the 
CFPB.\12\
---------------------------------------------------------------------------

    \12\ Under this provision, financial institutions will have 
time--beginning 12 months prior to their compliance date--to adjust 
any procedures or systems that may result in the inaccurate 
compilation or maintenance of applicants' protected demographic 
information, the collection of which is required by section 1071 but 
otherwise generally prohibited under ECOA and Regulation B. 
(Financial institutions could of course collect the other 
information required by the 2023 final rule at any time, without 
needing express permission in Regulation B to do so, as is needed 
for collecting protected demographic information.) See 88 FR 35150, 
35449-50 (May 31, 2023).
---------------------------------------------------------------------------

C. Alternative Period for Counting Covered Originations To Determine 
Compliance Tier

    The CFPB is adopting new Sec.  1002.114(c)(3), which permits (but 
does not require) a financial institution to use its originations of 
covered credit transactions in each of calendar years 2023 and 2024, 
rather than those in 2022 and 2023, to determine its compliance date. 
Financial institutions may use whichever set of dates they prefer 
(i.e., 2022 and 2023, or 2023 and 2024). Existing comment 114(b)-4 
provides examples illustrating how a financial institution uses its 
originations in 2022 and 2023 to determine its compliance tier; new 
comment 114(b)-4.viii illustrates using 2023 and 2024 originations to 
determine compliance tier.

D. Determining Compliance Dates for Financial Institutions That Do Not 
Collect Information Sufficient To Determine Small Business Status

    Section 1002.114(c)(2) provides that a financial institution that 
is unable to determine the number of covered credit transactions it 
originated in 2022 and 2023 for purposes of determining its compliance 
tier is permitted to use any reasonable method to estimate its 
originations to small businesses for either or both of 2022 and 2023. 
Existing comment 114(c)-5 lists several reasonable methods a financial 
institution may use to estimate its originations.
    Pursuant to new Sec.  1002.114(c)(3), which permits a financial 
institution to use its originations of covered credit transactions in 
each of calendar years 2023 and 2024 to determine its compliance date, 
financial institutions are likewise permitted to use any reasonable 
method to estimate their originations for either or both of 2023 and 
2024. The CFPB is revising comment 114(c)-5 to make this clear and 
adding new comment 114(c)-6.vii to provide an example.

E. Deadline for Annual Data Submissions

    Section 1002.109(a)(1) provides that covered financial institutions 
must submit their small business lending application registers to the 
CFPB on or before June 1 following the calendar year for which the data 
are compiled and maintained. As this provision does not list any 
compliance dates specifically, no revisions are needed. Thus, Tier 1 
institutions will make their first data submission by June 1, 2026; 
Tier 2 and Tier 3 by June 1, 2027.

V. Effective Date

    The CFPB is adopting an effective date of 30 days after the 
publication of this interim final rule in the Federal Register 
consistent with section 553(d) of the Administrative Procedure Act.\13\
---------------------------------------------------------------------------

    \13\ 5 U.S.C. 553(d).
---------------------------------------------------------------------------

VI. Grace Period Policy Statement

    In the 2023 final rule, the CFPB adopted a 12-month grace period 
during which the CFPB--for covered financial institutions under its 
supervisory and enforcement jurisdiction--would not intend to assess 
penalties for errors in data reporting, and would intend to conduct 
examinations only to diagnose compliance weaknesses, to the extent that 
these institutions engaged in good faith compliance efforts. The Grace 
Period Policy Statement set forth in the 2023 final rule explained the 
CFPB's reasons for adopting such a grace period along with how the CFPB 
intended to implement such a grace period.\14\ The CFPB is updating 
this policy statement to reflect the new compliance dates set forth in 
this interim final rule.\15\
---------------------------------------------------------------------------

    \14\ See 88 FR 35150, 35458-59 (May 31, 2023).
    \15\ This is a general statement of policy under the 
Administrative Procedure Act. 5 U.S.C. 553(b). It articulates 
considerations relevant to the CFPB's exercise of its authorities. 
It does not impose any legal requirements, nor does it confer rights 
of any kind. It also does not impose any new or revise any existing 
recordkeeping, reporting, or disclosure requirements on covered 
entities or members of the public that would be collections of 
information requiring approval by the Office of Management and 
Budget under the Paperwork Reduction Act. 44 U.S.C. 3501 through 
3521.
---------------------------------------------------------------------------

    The following discussion explains how the CFPB intends to exercise 
its supervisory and enforcement discretion for the first 12 months of 
data collected after a covered financial institution's initial 
compliance date.
    With respect to covered financial institutions subject to the 
CFPB's supervisory or enforcement jurisdiction that make good faith 
efforts to comply with the 2023 final rule, the CFPB intends to provide 
a grace period to reflect the new compliance dates as follows:

                          Table 2--Grace Period
------------------------------------------------------------------------
 Financial institutions covered by the      Dates covered by the grace
              grace period                            period
------------------------------------------------------------------------
Financial institutions with a            The data collected in 2025
 compliance date specified in Sec.        (from July 18, 2025 through
 1002.114(b)(1) (i.e., Tier 1             December 31, 2025) as well as
 institutions), as well as any            a portion of data collected in
 financial institutions that make a       2026 (from January 1, 2026
 voluntary submission for the first       through July 17, 2026).
 time for data collected in 2025.
Financial institutions with a            The data collected in 2026
 compliance date specified in Sec.        (from January 16, 2026 through
 1002.114(b)(2) (i.e., Tier 2             December 31, 2026) as well as
 institution), as well as any financial   a portion of data collected in
 institutions that make a voluntary       2027 (from January 1, 2027
 submission for the first time for data   through January 15, 2027).
 collected in 2026.

[[Page 55027]]

 
Financial institutions with a            The data collected in 2026
 compliance date specified in Sec.        (from October 18, 2026 through
 1002.114(b)(3) (i.e., Tier 3             December 31, 2026) as well as
 institution), as well as any financial   a portion of data collected in
 institutions that make a voluntary       2027 (from January 1, 2027
 submission for the first time for data   through October 17, 2027).
 collected in 2027.
------------------------------------------------------------------------

    As discussed in the 2023 final rule, the CFPB believes that a 12-
month grace period for each compliance tier will give institutions time 
to diagnose and address unintentional errors without the prospect of 
penalties for inadvertent compliance issues, and may ultimately assist 
other covered financial institutions, especially those in later 
compliance tiers, in identifying best practices. While the CFPB 
anticipates that financial institutions in each compliance tier are 
capable of fully preparing to comply with the 2023 final rule by their 
respective new compliance dates, it views this grace period as enabling 
deliberate and thoughtful compliance with the rule, while still 
providing important data regarding small business lending as soon as 
practical.
    During the grace period, if the CFPB identifies errors in a 
financial institution's initial data submissions, it does not intend to 
require data resubmission unless data errors are material. Further, the 
CFPB does not intend to assess penalties with respect to unintentional 
and good faith errors in the initial data submissions. Any examinations 
of these initial data submissions will be diagnostic and will help to 
identify compliance weaknesses. However, errors that are not the result 
of good faith compliance efforts by financial institutions, especially 
attempts to discourage applicants from providing data, will remain 
subject to the CFPB's full supervisory and enforcement authority, 
including the assessment of penalties.
    The CFPB believes that the grace period covering the initial data 
submissions will provide financial institutions an opportunity to 
identify any gaps in their implementation of the 2023 final rule and 
make improvements in their compliance management systems for future 
data submissions. In addition, a grace period will permit the CFPB to 
help financial institutions identify errors and, thereby, self-correct 
to avoid such errors in the future. The CFPB can also use data 
collected during the grace period to alert financial institutions of 
common errors and potential best practices in data collection and 
submissions under this rule.

VII. CFPA Section 1022(b) Analysis

A. Overview

    In developing the interim final rule, the CFPB has considered the 
potential benefits, costs, and impacts as required by section 
1022(b)(2) of the Consumer Financial Protection Act of 2010 (CFPA).\16\ 
Section 1022(b)(2) calls for the CFPB to consider the potential 
benefits and costs of a regulation to consumers and covered persons, 
including the potential reduction of consumer access to consumer 
financial products or services, the impact on depository institutions 
and credit unions with $10 billion or less in total assets as described 
in section 1026 of the CFPA, and the impact on consumers in rural 
areas. In addition, section 1022(b)(2)(B) directs the CFPB to consult 
with appropriate prudential regulators or other Federal agencies, 
regarding consistency with the objectives those agencies administer. 
The CFPB has accordingly consulted with the appropriate prudential 
regulators and other Federal agencies regarding consistency with any 
prudential, market, or systemic objectives administered by these 
agencies.
---------------------------------------------------------------------------

    \16\ 12 U.S.C. 5512(b)(2).
---------------------------------------------------------------------------

    In this interim final rule, the CFPB is extending by 290 days the 
compliance dates set forth in the 2023 small business lending rule and 
making several conforming adjustments. Thus, covered financial 
institutions with the highest volume of small business originations 
(Tier 1) must begin collecting data by July 18, 2025; moderate-volume 
institutions (Tier 2) by January 16, 2026; and the smallest volume 
institutions (Tier 3) by October 18, 2026. Covered financial 
institutions are permitted to continue using their small business 
originations from 2022 and 2023 to determine their compliance tier, or 
instead they may use their originations from 2023 and 2024.
    The CFPB expects covered institutions to benefit from the extension 
of the compliance dates, but expects that the impacts of this interim 
final rule on covered institutions are small relative to the overall 
impacts of the 2023 final rule it modifies. The CFPB additionally 
expects this interim final rule to have minimal impacts on small 
businesses, due to the long-term nature of the benefits of the 2023 
final rule and an expectation that the 2023 final rule will have a 
limited effect on the cost of small business credit.

B. Data Limitation and Quantification of Benefits, Costs, and Impacts

    The discussion below relies on information the CFPB has obtained 
from industry, other regulatory agencies, and publicly available 
sources. The CFPB provides estimates, to the extent possible, of the 
potential benefits, costs, and impacts to consumers and covered persons 
of this interim final rule given available data.
    To estimate the number of depository institutions covered by the 
interim final rule, the CFPB relies in part on data from publicly 
available sources, such as the Federal Financial Institutions 
Examination Council's Reports on Condition of Income (Call Reports), 
the National Credit Union Administration's Call Reports, and data 
reported under the Community Reinvestment Act. As described in detail 
in part IX.E of the 2023 final rule, information on the cost of 
compliance is derived from the CFPB's previous Home Mortgage Disclosure 
Act rulemaking activities and a One-time Cost Survey the CFPB 
administered in 2020 as part of its small business lending rule 
development process.
    There are limitations, such as limited comprehensive data on non-
depository institutions potentially subject to the 2023 final rule and 
thus this interim final rule, and limited data on which to quantify 
benefits of the interim final rule with precision. The CFPB supplements 
the data sources described above with general economic principles and 
the CFPB's expertise in consumer financial markets. The CFPB 
qualitatively describes potential benefits, costs, and impacts where 
the ability to provide quantitative estimates are impacted by these 
limitations.

C. Baseline for Analysis

    In evaluating the potential benefits, costs, and impacts of the 
interim final rule, the CFPB takes as a baseline Regulation B as 
amended by the 2023

[[Page 55028]]

final rule. Part IV above describes in detail the provisions of the 
2023 final rule. The CFPB's analysis of the potential costs, benefits, 
and impacts of this interim final rule are relative to the original 
compliance dates and other requirements of the 2023 final rule.

D. Potential Benefits and Costs to Covered Persons and Small Businesses

1. Potential Benefits and Costs to Covered Persons
    Based on the methodology used to determine coverage in the 2023 
final rule,\17\ the CFPB expects about 100 financial institutions to be 
required to report in Tier 1, about 450 to be required to report in 
Tier 2, and about 2,000 to be required to report in Tier 3.
---------------------------------------------------------------------------

    \17\ The CFPB continues to use the estimates from the 2023 final 
rule, which are based on data from 2017 through 2019. The data are 
not yet available to update the estimates to a more recent year that 
is unaffected by the COVID-19 pandemic conditions.
---------------------------------------------------------------------------

    By extending the compliance dates by 290 days for all covered 
institutions, financial institutions will benefit by the delay in the 
expected costs of compliance with the 2023 final rule. The benefit from 
the compliance date extension will differ depending on whether the cost 
was expected to be ``one-time'' or ``ongoing.'' Part IX.E of the 2023 
final rule described two categories of cost that the CFPB expected 
covered financial institutions to incur. ``One-time'' costs refer to 
expenses that the financial institution will incur initially and only 
once to implement changes required to comply with the requirements of 
the rule. ``Ongoing'' costs are expenses incurred because of the 
ongoing reporting requirements of the rule, accrued on an annual basis.
    The CFPB expects covered institutions to experience an annual 
ongoing cost of compliance in perpetuity. Therefore, extending the 
compliance dates by 290 days potentially saves financial institutions 
up to 290 days in expected annual compliance costs. In the 2023 rule, 
the CFPB detailed its methodology and estimates of this annual ongoing 
cost for institutions of different levels of complexity in their 
processes for collecting, checking, and reporting data on applications 
for small business credit. These ``types'' were Type A (least complex), 
Type B (medium complexity), and Type C (most complex) and were related 
to small business credit application volume. The 2023 final rule gave 
estimates of compliance costs for representative institutions of each 
type as well as the market-level estimate for all complying 
institutions.
    The CFPB estimated that, per application for small business credit, 
Type A institutions would incur $83 in annual ongoing costs, Type B 
institutions would incur $100, and Type C institutions would incur $46. 
Based on the CFPB's estimates of application volumes for all 
institutions, the expected market level annual ongoing cost was between 
$310 and $330 million for depository institutions and $62.3 million for 
non-depository institutions. The CFPB expects covered financial 
institutions to avoid 290 days of ongoing costs due to the compliance 
date extension. Institutions will effectively receive this benefit at 
the time they would have originally been required to start collecting 
data. Thus, Tier 3 institutions will receive this benefit farther in 
the future than Tier 2 institutions, who will receive the benefit 
farther in the future than Tier 1 institutions. In present value terms, 
Tier 1 institutions will see a proportionally larger benefit compared 
to baseline, relative to Tier 2 and Tier 3 institutions.
    This interim final rule does not change the nominal value of the 
one-time costs that will be incurred by covered institutions but does 
potentially delay the realization of those costs up to 290 days into 
the future for institutions in each compliance tier. Thus, the new one-
time costs are the baseline one-time costs discounted by 290 days. The 
present value of the benefit associated with the interim final rule's 
impact on one-time costs is the difference between the baseline one-
time costs and the new discounted costs.
    The CFPB additionally expects that the compliance date extension 
and the associated flexibility in years of origination data that can be 
used to determine coverage would confer a benefit to covered 
institutions with the additional time to prepare for compliance 
relative to the baseline.
    With the extension of the compliance dates by 290 days, this 
interim final rule delays the realization of these potential benefits 
to covered financial institutions. As enumerated in the 2023 final 
rule, benefits include more efficient fair lending review 
prioritization by regulators and the institutions' own use of small 
business lending data to better understand small business credit demand 
and the supply by their competitors.
2. Potential Benefits and Costs to Small Businesses
    As with the 2023 final rule, this interim final rule will not 
directly impact consumers, as that term is defined by the Dodd-Frank 
Act. Some consumers will be impacted in their separate capacity as sole 
owners of small businesses covered by the rule. The CFPB has elected to 
consider the costs to small businesses from this interim final rule as 
it did in the 2023 final rule.
    In part IX.F of the 2023 final rule, the CFPB described how small 
businesses would benefit from the impact of the rule on the enforcement 
of fair lending laws and on community development. In an environment 
with limited data sources on small business credit, the CFPB expects 
data collected under the rule to enable communities, governmental 
entities, and creditors to identify business and community development 
needs and opportunities for women-owned, minority-owned, and small 
businesses. The CFPB also expects data collected under the 2023 final 
rule to facilitate fair lending enforcement by Federal, State, and 
local enforcement agencies. Due to limitations on data and methodology, 
the CFPB mostly described these benefits qualitatively.
    To the extent small businesses benefit in the above ways from the 
2023 final rule, the extension of the compliance dates reduces the 
benefits accruing to small businesses by delaying the realization of 
these benefits. While compliance dates are extended by 290 days, Tier 1 
financial institutions will be required to file data one year later 
than expected under the 2023 final rule (i.e., by June 1, 2026 rather 
than June 1, 2025). The CFPB expects that the benefits of the original 
rule will primarily begin with the publication of the data. Thus, small 
businesses' and financial institutions' realizations of the benefits 
arising from the 2023 final rule will likewise be delayed by at least 
one year, reducing the real net present value of these expected future 
benefits. The CFPB is unable to readily quantify the costs associated 
with delaying future benefits because the CFPB does not have the data 
to quantify all the benefits of the 2023 final rule.
    The 2023 final rule also described that the CFPB expects financial 
institutions to pass on a portion of their annual ongoing costs to 
small business borrowers in the form of higher rates or fees. While, in 
general, the CFPB expects the magnitude of any pass-through to be a 
small portion of the total cost of the average loan to a small business 
applicant, extended compliance dates could benefit small business 
borrowers by delaying these increased costs.

[[Page 55029]]

3. Distribution of Small Business Impacts
    The differences in the impacts of this interim final rule between 
different types of small businesses is likely to be small with only 290 
days added to each of the compliance dates. Most of the distribution of 
benefits and costs are likely to be derived from whether small 
businesses are serviced by lenders in different compliance tiers and 
the difference in present discounted values.

E. Potential Impacts on Depository Institutions and Credit Unions With 
$10 Billion or Less in Total Assets, as Described in CFPA Section 1026

    Using the methodology described in the 2023 final rule, the CFPB 
estimates that between 1,700 and 1,900 banks, savings associations, and 
credit unions with $10 billion or less in total assets will be affected 
by this interim final rule. The CFPB believes that the impacts of the 
interim final rule on these small depository institutions will be 
similar to those impacts on covered financial institutions as a whole, 
discussed above. These institutions would incur benefits from up to 290 
fewer days in annual ongoing costs and the postponement of up to 290 
days of one-time costs. They would also potentially benefit from 
additional time to develop software and other resources used to comply 
with the 2023 final rule.

F. Potential Impacts on Small Businesses' Access to Credit and on Small 
Businesses in Rural Areas

    The CFPB does not expect this interim final rule to have a 
significant impact on small businesses' access to credit. In the 2023 
final rule, the CFPB described how the likeliest effect of the rule on 
access to credit would be a small increase in interest rates or fees. 
This interim final rule shifts this potential effect by 290 days 
without any additional provisions that would affect credit access.
    In part IX.H of the final rule, the CFPB described how existing 
data sources limited its ability to precisely estimate the number of 
financial institutions who serve rural areas who are covered under the 
2023 final rule. The CFPB expects that 65 to 70 percent of rural bank 
and savings associations branches and 14 percent of rural credit union 
branches would be affected by the interim final rule using this 
methodology.
    Small businesses in rural areas are expected to experience similar 
costs and benefits of small businesses more broadly. Small businesses 
in rural areas would experience a reduction in benefits via a 
postponement of the benefits of the 2023 final rule on fair lending 
enforcement and community development. These small businesses would 
also experience a benefit by the postponement of expected small 
increases in interest rates and fees.

VIII. Regulatory Flexibility Act Analysis

    The Regulatory Flexibility Act does not require an initial or final 
regulatory flexibility analysis in a rulemaking where a general notice 
of proposed rulemaking is not required.\18\ As discussed in part III 
above, the CFPB has determined that prior notice and comment is 
unnecessary for this interim final rule. As an additional basis, the 
CFPB's Director certifies that this interim final rule will not have a 
significant economic impact on a substantial number of small entities, 
and so an initial or final regulatory flexibility analysis is also not 
required for that reason.\19\ The rule will not impose significant 
costs on creditors, including small entities, for the reasons described 
in the section 1022(b) analysis in part VII above.
---------------------------------------------------------------------------

    \18\ 5 U.S.C. 603(a), 604(a).
    \19\ 5 U.S.C. 605(b).
---------------------------------------------------------------------------

IX. Paperwork Reduction Act

    Under the Paperwork Reduction Act of 1995 (PRA), Federal agencies 
are generally required to seek approval from the Office of Management 
and Budget (OMB) for information collection requirements prior to 
implementation. Under the PRA, the CFPB may not conduct or sponsor, 
and, notwithstanding any other provision of law, a person is not 
required to respond to an information collection unless the information 
collection displays a valid control number assigned by OMB. The interim 
final rule amends 12 CFR part 1002 (Regulation B), which implements the 
small business lending rule. The CFPB's OMB control number for 
Regulation B is 3170-0013; its current expiration date is August 31, 
2025.
    The interim final rule does not add to or change the collection 
requirements of the 2023 final rule; rather, it only changes the 
initial compliance dates, pursuant to court orders, and makes other 
date-related conforming adjustments. The CFPB has therefore determined 
that the interim final rule does not contain any new or substantively 
revised information collection requirements as defined by the PRA.

X. Congressional Review Act

    Pursuant to the Congressional Review Act (5 U.S.C. 801 et seq.), 
the CFPB will submit a report containing this interim final rule and 
other required information to the U.S. Senate, the U.S. House of 
Representatives, and the Comptroller General of the United States prior 
to the interim final rule taking effect. The Office of Information and 
Regulatory Affairs has designated this interim final rule as not a 
``major rule'' as defined by 5 U.S.C. 804(2).

List of Subjects

    Banks, banking, Civil rights, Consumer protection, Credit, Credit 
unions, Marital status discrimination, National banks, Penalties.

Authority and Issuance

    For the reasons set forth in the preamble, the CFPB amends 
Regulation B, 12 CFR part 1002, as follows:

PART 1002--EQUAL CREDIT OPPORTUNITY ACT (REGULATION B)

0
1. The authority citation for part 1002 continues to read as follows:

    Authority:  12 U.S.C. 5512, 5581; 15 U.S.C. 1691b. Subpart B is 
also issued under 15 U.S.C. 1691c-2.


0
2. Section 1002.14 is amended by:
0
a. In paragraph (b)(1) removing ``October 1, 2024'' and adding in its 
place ``July 18, 2025'';
0
b. In paragraph (b)(2) removing ``April 1, 2025'' and adding in its 
place ``January 16, 2026'';
0
c. In paragraphs (b)(3) and (4) removing ``January 1, 2026'' and adding 
in its place ``October 18, 2026''; and
0
d. Adding paragraph (c)(3).
    The addition reads as follows:


Sec.  1002.114  Effective date, compliance date, and special 
transitional rules.

* * * * *
    (c) * * *
    (3) Alternative time period for determining compliance dates. A 
financial institution is permitted to use its originations of covered 
credit transactions in each of calendar years 2023 and 2024 in lieu of 
calendar years 2022 and 2023 as specified in paragraphs (b) and (c)(2) 
of this section.

0
3. In Supplement I to part 1002:
0
a. Under Section 1002.105--Covered Financial Institutions and Exempt 
Institutions, revise 105(b) Covered Financial Institution;
0
b. Under Section 1002.109--Reporting of Data to the Bureau, revise 
109(b) Financial Institution Identifying Information; and
0
c. Under Section 1002.114--Effective Date, Compliance Date, and Special 
Transition Rules, revise 114(b) Compliance Date and 114(c) Special 
Transition Rules.

[[Page 55030]]

    The revisions read as follows:

Supplement I to Part 1002--Official Interpretations

* * * * *

Section 1002.105--Covered Financial Institutions and Exempt 
Institutions

* * * * *

105(b) Covered Financial Institution

    1. Preceding calendar year. The definition of covered financial 
institution refers to preceding calendar years. For example, in 
2029, the two preceding calendar years are 2027 and 2028. 
Accordingly, in 2029, Financial Institution A does not meet the 
loan-volume threshold in Sec.  1002.105(b) if did not originate at 
least 100 covered credit transactions for small businesses both 
during 2027 and during 2028.
    2. Origination threshold. A financial institution qualifies as a 
covered financial institution based on total covered credit 
transactions originated for small businesses, rather than covered 
applications received from small businesses. For example, if in both 
2026 and 2027, Financial Institution B received 105 covered 
applications from small businesses and originated 95 covered credit 
transactions for small businesses, then for 2028, Financial 
Institution B is not a covered financial institution.
    3. Counting originations when multiple financial institutions 
are involved in originating a covered credit transaction. For the 
purpose of counting originations to determine whether a financial 
institution is a covered financial institution under Sec.  
1002.105(b), in a situation where multiple financial institutions 
are involved in originating a single covered credit transaction, 
only the last financial institution with authority to set the 
material terms of the covered credit transaction is required to 
count the origination.
    4. Counting originations after adjustments to the gross annual 
revenue threshold due to inflation. Pursuant to Sec.  
1002.106(b)(2), every five years, the gross annual revenue threshold 
used to define a small business in Sec.  1002.106(b)(1) shall be 
adjusted, if necessary, to account for inflation. The first time 
such an adjustment could occur is in 2030, with an effective date of 
January 1, 2031. A financial institution seeking to determine 
whether it is a covered financial institution applies the gross 
annual revenue threshold that is in effect for each year it is 
evaluating. For example, a financial institution seeking to 
determine whether it is a covered financial institution in 2032 
counts its originations of covered credit transactions for small 
businesses in calendar years 2030 and 2031. The financial 
institution applies the initial $5 million threshold to evaluate 
whether its originations were to small businesses in 2030. In this 
example, if the small business threshold were increased to $5.5 
million effective January 1, 2031, the financial institution applies 
the $5.5 million threshold to count its originations for small 
businesses in 2031.
    5. Reevaluation, extension, or renewal requests, as well as 
credit line increases and other requests for additional credit 
amounts. While requests for additional credit amounts on an existing 
account can constitute a ``covered application'' pursuant to Sec.  
1002.103(b)(1), such requests are not counted as originations for 
the purpose of determining whether a financial institution is a 
covered financial institution pursuant to Sec.  1002.105(b). In 
addition, transactions that extend, renew, or otherwise amend a 
transaction are not counted as originations. For example, if a 
financial institution originates 50 term loans and 30 lines of 
credit for small businesses in each of the preceding two calendar 
years, along with 25 line increases for small businesses in each of 
those years, the financial institution is not a covered financial 
institution because it has not originated at least 100 covered 
credit transactions in each of the two preceding calendar years.
    6. Annual consideration. Whether a financial institution is a 
covered financial institution for a particular year depends on its 
small business lending activity in the preceding two calendar years. 
Therefore, whether a financial institution is a covered financial 
institution is an annual consideration for each year that data may 
be compiled and maintained for purposes of subpart B of this part. A 
financial institution may be a covered financial institution for a 
given year of data collection (and the obligations arising from 
qualifying as a covered financial institution shall continue into 
subsequent years, pursuant to Sec. Sec.  1002.110 and 1002.111), but 
the same financial institution may not be a covered financial 
institution for the following year of data collection. For example, 
Financial Institution C originated 105 covered transactions for 
small businesses in both 2027 and 2028. In 2029, Financial 
Institution C is a covered financial institution and therefore is 
obligated to compile and maintain applicable 2029 small business 
lending data under Sec.  1002.107(a). During 2029, Financial 
Institution C originates 95 covered transactions for small 
businesses. In 2030, Financial Institution C is not a covered 
financial institution with respect to 2030 small business lending 
data, and is not obligated to compile and maintain 2030 data under 
Sec.  1002.107(a) (although Financial Institution C may volunteer to 
collect and maintain 2030 data pursuant to Sec.  1002.5(a)(4)(vii) 
and as explained in comment 105(b)-10). Pursuant to Sec.  
1002.109(a), Financial Institution C shall submit its small business 
lending application register for 2029 data in the format prescribed 
by the Bureau by June 1, 2030 because Financial Institution C is a 
covered financial institution with respect to 2029 data, and the 
data submission deadline of June 1, 2030 applies to 2029 data.
    7. Merger or acquisition--coverage of surviving or newly formed 
institution. After a merger or acquisition, the surviving or newly 
formed financial institution is a covered financial institution 
under Sec.  1002.105(b) if it, considering the combined lending 
activity of the surviving or newly formed institution and the merged 
or acquired financial institutions (or acquired branches or 
locations), satisfies the criteria included in Sec.  1002.105(b). 
For example, Financial Institutions A and B merge. The surviving or 
newly formed financial institution meets the threshold in Sec.  
1002.105(b) if the combined previous components of the surviving or 
newly formed financial institution (A plus B) would have originated 
at least 100 covered credit transactions for small businesses for 
each of the two preceding calendar years. Similarly, if the combined 
previous components and the surviving or newly formed financial 
institution would have reported at least 100 covered transactions 
for small businesses for the year previous to the merger as well as 
100 covered transactions for small businesses for the year of the 
merger, the threshold described in Sec.  1002.105(b) would be met 
and the surviving or newly formed financial institution would be a 
covered institution under Sec.  1002.105(b) for the year following 
the merger. Comment 105(b)-8 discusses a financial institution's 
responsibilities with respect to compiling and maintaining (and 
subsequently reporting) data during the calendar year of a merger.
    8. Merger or acquisition--coverage specific to the calendar year 
of the merger or acquisition. The scenarios described below 
illustrate a financial institution's responsibilities specifically 
for data from the calendar year of a merger or acquisition. For 
purposes of these illustrations, an ``institution that is not 
covered'' means either an institution that is not a financial 
institution, as defined in Sec.  1002.105(a), or a financial 
institution that is not a covered financial institution, as defined 
in Sec.  1002.105(b).
    i. Two institutions that are not covered financial institutions 
merge. The surviving or newly formed institution meets all of the 
requirements necessary to be a covered financial institution. No 
data are required to be compiled, maintained, or reported for the 
calendar year of the merger (even though the merger creates an 
institution that meets all of the requirements necessary to be a 
covered financial institution).
    ii. A covered financial institution and an institution that is 
not covered merge. The covered financial institution is the 
surviving institution, or a new covered financial institution is 
formed. For the calendar year of the merger, data are required to be 
compiled, maintained, and reported for covered applications from the 
covered financial institution and is optional for covered 
applications from the financial institution that was previously not 
covered.
    iii. A covered financial institution and an institution that is 
not covered merge. The institution that is not covered is the 
surviving institution and remains not covered after the merger, or a 
new institution that is not covered is formed. For the calendar year 
of the merger, data are required to be compiled and maintained (and 
subsequently reported) for covered applications from the previously 
covered financial institution that took place prior to the merger. 
After the merger date, compiling, maintaining, and reporting data is 
optional for applications from the institution that was previously 
covered for the remainder of the calendar year of the merger.
    iv. Two covered financial institutions merge. The surviving or 
newly formed

[[Page 55031]]

financial institution is a covered financial institution. Data are 
required to be compiled and maintained (and subsequently reported) 
for the entire calendar year of the merger. The surviving or newly 
formed financial institution files either a consolidated submission 
or separate submissions for that calendar year.
    9. Foreign applicability. As discussed in comment 1(a)-2, 
Regulation B (including subpart B) generally does not apply to 
lending activities that occur outside the United States.
    10. Voluntary collection and reporting. Section 
1002.5(a)(4)(vii) through (x) permits a creditor that is not a 
covered financial institution under Sec.  1002.105(b) to voluntarily 
collect and report information regarding covered applications from 
small businesses in certain circumstances. If a creditor is 
voluntarily collecting information for covered applications 
regarding whether the applicant is a minority-owned business, a 
women-owned business, and/or an LGBTQI+-owned business under Sec.  
1002.107(a)(18), and regarding the ethnicity, race, and sex of the 
applicant's principal owners under Sec.  1002.107(a)(19), it shall 
do so in compliance with Sec. Sec.  1002.107, 1002.108, 1002.111, 
1002.112 as though it were a covered financial institution. If a 
creditor is reporting those covered applications from small 
businesses to the Bureau, it shall do so in compliance with 
Sec. Sec.  1002.109 and 1002.110 as though it were a covered 
financial institution.
* * * * *

Section 1002.109--Reporting of Data to the Bureau

* * * * *

109(b) Financial Institution Identifying Information

    1. Changes to financial institution identifying information. If 
a financial institution's information required pursuant to Sec.  
1002.109(b) changes, the financial institution shall provide the new 
information with the data submission for the collection year of the 
change. For example, assume two financial institutions that 
previously reported data under subpart B of this part merge and the 
surviving institution retained its Legal Entity Identifier but 
obtained a new TIN in February 2028. The surviving institution must 
report the new TIN with its data submission for its 2028 data (which 
is due by June 1, 2029) pursuant to Sec.  1002.109(b)(5). Likewise, 
if that financial institution's Federal prudential regulator changes 
in February 2028 as a result of the merger, it must identify its new 
Federal prudential regulator in its annual submission for its 2028 
data.
* * * * *

Section 1002.114--Effective Date, Compliance Date, and Special 
Transition Rules

114(b) Compliance Date

    1. Application of compliance date. The applicable compliance 
date in Sec.  1002.114(b) is the date by which the covered financial 
institution must begin to compile data as specified in Sec.  
1002.107, comply with the firewall requirements of Sec.  1002.108, 
and begin to maintain records as specified in Sec.  1002.111. In 
addition, the covered financial institution must comply with Sec.  
1002.110(c) and (d) no later than June 1 of the year after the 
applicable compliance date. For instance, if Sec.  1002.114(b)(2) 
applies to a financial institution, it must comply with Sec. Sec.  
1002.107 and 1002.108, and portions of Sec.  1002.111, beginning 
January 16, 2026, and it must comply with Sec.  1002.110(c) and (d), 
and portions of Sec.  1002.111, no later than June 1, 2027.
    2. Initial partial year collections pursuant to Sec.  
1002.114(b). i. When the compliance date of July 18, 2025 specified 
in Sec.  1002.114(b)(1) applies to a covered financial institution, 
the financial institution is required to collect data for covered 
applications during the period from July 18, 2025 to December 31, 
2025. The financial institution must compile data for this period 
pursuant to Sec.  1002.107, comply with the firewall requirements of 
Sec.  1002.108, and maintain records as specified in Sec.  1002.111. 
In addition, for data collected during this period, the covered 
financial institution must comply with Sec. Sec.  1002.109 and 
1002.110(c) and (d) by June 1, 2026.
    ii. When the compliance date of January 16, 2026 specified in 
Sec.  1002.114(b)(2) applies to a covered financial institution, the 
financial institution is required to collect data for covered 
applications during the period from January 16, 2026 to December 31, 
2026. The financial institution must compile data for this period 
pursuant to Sec.  1002.107, comply with the firewall requirements of 
Sec.  1002.108, and maintain records as specified in Sec.  1002.111. 
In addition, for data collected during this period, the covered 
financial institution must comply with Sec. Sec.  1002.109 and 
1002.110(c) and (d) by June 1, 2027.
    iii. When the compliance date of October 18, 2026 specified in 
Sec.  1002.114(b)(3) or (4) applies to a covered financial 
institution, the financial institution is required to collect data 
for covered applications during the period from October 18, 2026 to 
December 31, 2026. The financial institution must compile data for 
this period pursuant to Sec.  1002.107, comply with the firewall 
requirements of Sec.  1002.108, and maintain records as specified in 
Sec.  1002.111. In addition, for data collected during this period, 
the covered financial institution must comply with Sec. Sec.  
1002.109 and 1002.110(c) and (d) by June 1, 2027.
    3. Informal names for compliance date provisions. To facilitate 
discussion of the compliance dates specified in Sec.  
1002.114(b)(1), (2), and (3), in the official commentary and any 
other documents referring to these compliance dates, the Bureau 
adopts the following informal simplified names. Tier 1 refers to the 
cohort of covered financial institutions that have a compliance date 
of July 18, 2025 pursuant to Sec.  1002.114(b)(1). Tier 2 refers to 
the cohort of covered financial institutions that have a compliance 
date of January 16, 2026 pursuant to Sec.  1002.114(b)(2). Tier 3 
refers to the cohort of covered financial institutions that have a 
compliance date of October 18, 2026 pursuant to Sec.  
1002.114(b)(3).
    4. Examples. The following scenarios illustrate how to determine 
whether a financial institution is a covered financial institution 
and which compliance date specified in Sec.  1002.114(b) applies. 
Unless otherwise indicated, in each example the financial 
institution has chosen to use its originations in 2022 and 2023 
(rather than 2023 and 2024 as permitted by Sec.  1002.114(c)(3)) to 
determine its initial compliance tier.
    i. Financial Institution A originated 3,000 covered credit 
transactions for small businesses in calendar year 2022, and 3,000 
in calendar year 2023. Financial Institution A is in Tier 1 and has 
a compliance date of July 18, 2025.
    ii. Financial Institution B originated 2,000 covered credit 
transactions for small businesses in calendar year 2022, and 3,000 
in calendar year 2023. Because Financial Institution B did not 
originate at least 2,500 covered credit transactions for small 
businesses in each of 2022 and 2023, it is not in Tier 1. Because 
Financial Institution B did originate at least 500 covered credit 
transactions for small businesses in each of 2022 and 2023, it is in 
Tier 2 and has a compliance date of January 16, 2026.
    iii. Financial Institution C originated 400 covered credit 
transactions to small businesses in calendar year 2022, and 1,000 in 
calendar year 2023. Because Financial Institution C did not 
originate at least 2,500 covered credit transactions for small 
businesses in each of 2022 and 2023, it is not in Tier 1, and 
because it did not originate at least 500 covered credit 
transactions for small businesses in each of 2022 and 2023, it is 
not in Tier 2. Because Financial Institution C did originate at 
least 100 covered credit transactions for small businesses in each 
of 2022 and 2023, it is in Tier 3 and has a compliance date of 
October 18, 2026.
    iv. Financial Institution D originated 90 covered credit 
transactions to small businesses in calendar year 2022, 120 in 
calendar year 2023, and 90 in calendar years 2024, 2025, and 2026. 
Because Financial Institution D did not originate at least 100 
covered credit transactions for small businesses in each of 2022 and 
2023, it is not in Tier 1, Tier 2, or Tier 3. Because Financial 
Institution D did not originate at least 100 covered credit 
transactions for small businesses in subsequent consecutive calendar 
years, it is not a covered financial institution under Sec.  
1002.105(b) and is not required to comply with the rule in 2025, 
2026, or 2027.
    v. Financial Institution E originated 120 covered credit 
transactions for small businesses in each of calendar years 2022, 
2023, and 2024, and 90 in 2025. Because Financial Institution E did 
not originate at least 2,500 or 500 covered credit transactions for 
small businesses in each of 2022 and 2023, it is not in Tier 1 or 
Tier 2. Because Financial Institution E originated at least 100 
covered credit transactions for small businesses in each of 2022 and 
2023, it is in Tier 3 and has a compliance date of October 18, 2026. 
However, because Financial Institution E did not originate at least 
100 covered credit transactions for small businesses in both 2024 
and 2025, it no longer satisfies the definition of a covered

[[Page 55032]]

financial institution in Sec.  1002.105(b) at the time of the 
compliance date for Tier 3 institutions and thus is not required to 
comply with the rule in 2026.
    vi. Financial Institution F originated 90 covered credit 
transactions for small businesses in calendar year 2022, and 120 in 
2023, 2024, and 2025. Because Financial Institution F did not 
originate at least 100 covered credit transactions for small 
businesses in each of 2022 and 2023, it is not in Tier 1, Tier 2, or 
Tier 3. Because Financial Institution F originated at least 100 
covered credit transactions for small businesses in subsequent 
calendar years, Sec.  1002.114(b)(4), which cross-references Sec.  
1002.105(b), applies to Financial Institution F. Because Financial 
Institution F originated at least 100 covered credit transactions 
for small businesses in each of 2024 and 2025, it is a covered 
financial institution under Sec.  1002.105(b) and is required to 
comply with the rule beginning October 18, 2026. Alternatively, if 
Financial Institution F chooses to use its originations in calendar 
years 2023 and 2024 to determine its compliance tier pursuant to 
Sec.  1002.114(c)(3), it would be in Tier 3 and likewise required to 
comply with the rule beginning October 18, 2026.
    vii. Financial Institution G originated 90 covered credit 
transactions for small businesses in each of calendar years 2022, 
2023, 2024, 2025, and 2026, and 120 in each of 2027 and 2028. 
Because Financial Institution F did not originate at least 100 
covered credit transactions for small businesses in each of 2022 and 
2023, it is not in Tier 1, Tier 2, or Tier 3. Because Financial 
Institution G originated at least 100 covered credit transactions 
for small businesses in subsequent calendar years, Sec.  
1002.114(b)(4), which cross-references Sec.  1002.105(b), applies to 
Financial Institution G. Because Financial Institution G originated 
at least 100 covered credit transactions for small businesses in 
each of 2027 and 2028, it is a covered financial institution under 
Sec.  1002.105(b) and is required to comply with the rule beginning 
January 1, 2029.
    viii. Financial Institution H originated 550 covered credit 
transactions for small businesses in each of calendar years 2022 and 
2023, 450 in 2024, and 550 in 2025. Because Financial Institution H 
originated at least 500 covered credit transactions for small 
businesses in each of 2022 and 2023, it would be in Tier 2 and have 
a compliance date of January 16, 2026. However, Sec.  1002.114(c)(3) 
permits financial institutions to use their originations in 2023 and 
2024, rather than in 2022 and 2023, to determine compliance tier. If 
Financial Institution H elects to use its originations in 2023 and 
2024, it would be in Tier 3 and required to comply with the rule 
beginning October 18, 2026.

114(c) Special Transition Rules

    1. Collection of certain information prior to a financial 
institution's compliance date. Notwithstanding Sec.  
1002.5(a)(4)(ix), a financial institution that chooses to collect 
information on covered applications as permitted by Sec.  
1002.114(c)(1) in the 12 months prior to its initial compliance date 
as specified in Sec.  1002.114(b)(1), (2) or (3) need comply only 
with the requirements set out in Sec. Sec.  1002.107(a)(18) and 
(19), 1002.108, and 1002.111(b) and (c) with respect to the 
information collected. During this 12-month period, a covered 
financial institution need not comply with the provisions of Sec.  
1002.107 (other than Sec. Sec.  1002.107(a)(18) and (19)), 1002.109, 
1002.110, 1002.111(a), or 1002.114.
    2. Transition rule for applications received prior to a 
compliance date but final action is taken after a compliance date. 
If a covered financial institution receives a covered application 
from a small business prior to its initial compliance date specified 
in Sec.  1002.114(b), but takes final action on or after that date, 
the financial institution is not required to collect data regarding 
that application pursuant to Sec.  1002.107 nor to report the 
application pursuant to Sec.  1002.109. For example, if a financial 
institution is subject to a compliance date of July 18, 2025, and it 
receives an application on July 7, 2025 but does not take final 
action on the application until July 25, 2025, the financial 
institution is not required to collect data pursuant to Sec.  
1002.107 nor to report data to the Bureau pursuant to Sec.  1002.109 
regarding that application.
    3. Has readily accessible the information needed to determine 
small business status. A financial institution has readily 
accessible the information needed to determine whether its 
originations of covered credit transactions were for small 
businesses as defined in Sec.  1002.106 if, for instance, it in the 
ordinary course of business collects data on the precise gross 
annual revenue of the businesses for which it originates loans, it 
obtains information sufficient to determine whether an applicant for 
business credit had gross annual revenues of $5 million or less, or 
if it collects and reports similar data to Federal or State 
government agencies pursuant to other laws or regulations.
    4. Does not have readily accessible the information needed to 
determine small business status. A financial institution does not 
have readily accessible the information needed to determine whether 
its originations of covered credit transactions were for small 
businesses as defined in Sec.  1002.106 if it did not in the 
ordinary course of business collect either precise or approximate 
information on whether the businesses to which it originated covered 
credit transactions had gross annual revenue of $5 million or less. 
In addition, even if precise or approximate information on gross 
annual revenue was initially collected, a financial institution does 
not have readily accessible this information if, to retrieve this 
information, for example, it must review paper loan files, recall 
such information from either archived paper records or scanned 
records in digital archives, or obtain such information from third 
parties that initially obtained this information but did not 
transmit such information to the financial institution.
    5. Reasonable method to estimate the number of originations. The 
reasonable methods that financial institutions may use to estimate 
originations for 2022 and 2023 (or for 2023 and 2024, pursuant to 
Sec.  1002.114(c)(3)) include, but are not limited to, the 
following:
    i. A financial institution may comply with Sec.  1002.114(c)(2) 
by determining the small business status of covered credit 
transactions by asking every applicant, prior to the closing of 
approved transactions, to self-report whether it had gross annual 
revenue for its preceding fiscal year of $5 million or less, during 
the period October 1 through December 31, 2023. The financial 
institution may annualize the number of covered credit transactions 
it originates to small businesses from October 1 through December 
31, 2023 by quadrupling the originations for this period, and apply 
the annualized number of originations to both calendar years 2022 
and 2023. Pursuant to Sec.  1002.114(c)(3), a financial institution 
is permitted to use its originations in 2023 and 2024, rather than 
2022 and 2023, to determine its compliance tier. Thus, a financial 
institution may ask applicants to self-report revenue information 
during the period of October 1 through December 31, 2024, and then 
may annualize the number of covered credit transactions it 
originated to small businesses during that period and apply the 
annualized number of originations to both calendar years 2023 and 
2024.
    ii. A financial institution may comply with Sec.  1002.114(c)(2) 
by assuming that every covered credit transaction it originates for 
business customers in calendar years 2022 and 2023 (or in 2023 and 
2024) is to a small business.
    iii. A financial institution may comply with Sec.  
1002.114(c)(2) by using another methodology provided that such 
methodology is reasonable and documented in writing.
    6. Examples. The following scenarios illustrate the potential 
application of Sec.  1002.114(c)(2) to a financial institution's 
compliance date under Sec.  1002.114(b). Unless otherwise indicated, 
in each example the financial institution has chosen to estimate its 
originations for 2022 and 2023 (rather than 2023 and 2024 as 
permitted by Sec.  1002.114(c)(3)) to determine its initial 
compliance tier.
    i. Prior to October 1, 2023, Financial Institution A did not 
collect gross annual revenue or other information that would allow 
it to determine the small business status of the businesses for whom 
it originated covered credit transactions in calendar years 2022 and 
2023. Financial Institution A chose to use the methodology set out 
in comment 114(c)-5.i and as of October 1, 2023 began to collect 
information on gross annual revenue as defined in Sec.  
1002.107(a)(14) for its covered credit transactions originated for 
businesses. Using this information, Financial Institution A 
determined that it had originated 750 covered credit transactions 
for businesses that were small as defined in Sec.  1002.106. On an 
annualized basis, Financial Institution A originated 3,000 covered 
credit transactions for small businesses (750 originations * 4 = 
3,000 originations per year). Applying this annualized figure of 
3,000 originations to both calendar years 2022 and 2023, Financial 
Institution A is in Tier 1 and has a compliance date of July 18, 
2025.
    ii. Prior to July 1, 2023, Financial Institution B collected 
gross annual revenue information for some applicants for business 
credit, but such information was only noted in its paper loan files. 
Financial Institution

[[Page 55033]]

B thus does not have reasonable access to information that would 
allow it to determine the small business status of the businesses 
for whom it originated covered credit transactions for calendar 
years 2022 and 2023. Financial Institution B chose to use the 
methodology set out in comment 114(c)-5.i, and as of October 1, 
2023, Financial Institution B began to ask all businesses for whom 
it was closing covered credit transactions if they had gross annual 
revenues in the preceding fiscal year of $5 million or less. Using 
this information, Financial Institution B determined that it had 
originated 350 covered credit transactions for businesses that were 
small as defined in Sec.  1002.106. On an annualized basis, 
Financial Institution B originated 1,400 covered credit transactions 
for small businesses (350 originations * 4 = 1,400 originations per 
year). Applying this estimated figure of 1,400 originations to both 
calendar years 2022 and 2023, Financial Institution B is in Tier 2 
and has a compliance date of January 16, 2026.
    iii. Prior to April 1, 2023, Financial Institution C did not 
collect gross annual revenue or other information that would allow 
it to determine the small business status of the businesses for whom 
it originated covered credit transactions in calendar years 2022 and 
2023. Financial Institution C chose its own methodology pursuant to 
comment 114(c)-5.iii, basing it in part on the methodology specified 
in comment 114(c)-5.i. Starting on April 1, 2023, Financial 
Institution C began to ask all business applicants for covered 
credit transactions if they had gross annual revenue in their 
preceding fiscal year of $5 million or less. Using this information, 
Financial Institution C determined that it had originated 100 
covered credit transactions for businesses that were small as 
defined in Sec.  1002.106. On an annualized basis, Financial 
Institution C originated approximately 133 covered credit 
transactions for small businesses ((100 originations * 365 days)/275 
days = 132.73 originations per year). Applying this estimate of 133 
originations to both calendar years 2022 and 2023, Financial 
Institution C is in Tier 3 and has a compliance date of October 18, 
2026.
    iv. Financial Institution D did not collect gross annual revenue 
or other information that would allow it to determine the small 
business status of the businesses for whom it originated covered 
credit transactions in calendar years 2022 and 2023. Financial 
Institution D determined that it had originated 3,000 total covered 
credit transactions for businesses in each of 2022 and 2023. 
Applying the methodology specified in comment 114(c)-5.ii, Financial 
Institution D assumed that all 3,000 covered credit transactions 
originated in each of 2022 and 2023 were to small businesses. On 
that basis, Financial Institution D is in Tier 1 and has a 
compliance date of July 18, 2025.
    v. Financial Institution E did not collect gross annual revenue 
or other information that would allow it to determine the small 
business status of the businesses for whom it originated covered 
credit transactions in calendar years 2022 and 2023. Financial 
Institution E determined that it had originated 700 total covered 
credit transactions for businesses in each of 2022 and 2023. 
Applying the methodology specified in comment 114(c)-5.ii, Financial 
Institution E assumed that all such transactions in each of 2022 and 
2023 were originated for small businesses. On that basis, Financial 
Institution E is in Tier 2 and has a compliance date of January 16, 
2026.
    vi. Financial Institution F does not have readily accessible 
gross annual revenue or other information that would allow it to 
determine the small business status of the businesses for whom it 
originated covered credit transactions in calendar years 2022 and 
2023. Financial Institution F determined that it had originated 80 
total covered credit transactions for businesses in 2022 and 150 
total covered credit transactions for businesses in 2023. Applying 
the methodology set out in comment 114(c)-5.ii, Financial 
Institution F assumed that all such transactions originated in 2022 
and 2023 were originated for small businesses. On that basis, 
Financial Institution E is not in Tier 1, Tier 2 or Tier 3, and is 
subject to the compliance date provision specified in Sec.  
1002.114(b)(4).
    vii. Financial Institution G does not have readily accessible 
gross annual revenue or other information that would allow it to 
determine the small business status of the businesses for whom it 
originated covered credit transactions in calendar years 2022, 2023, 
or 2024. Financial Institution G chose to use the methodology set 
out in comment 114(c)-5.i, and as of October 1, 2024, Financial 
Institution G began to ask all businesses for whom it was closing 
covered credit transactions if they had gross annual revenue in the 
preceding fiscal year of $5 million or less. Using this information, 
Financial Institution G determined that it had originated 700 
covered credit transactions during that period for businesses that 
were small as defined in Sec.  1002.106. On an annualized basis, 
Financial Institution G originated 2,800 covered credit transactions 
for small businesses (700 originations * 4 = 2,800 originations per 
year). Applying this estimated figure of 2,800 originations to both 
calendar years 2023 and 2024, Financial Institution G is in Tier 1 
and has a compliance date of July 18, 2025.
* * * * *

Rohit Chopra,
Director, Consumer Financial Protection Bureau.
[FR Doc. 2024-14396 Filed 7-2-24; 8:45 am]
BILLING CODE 4810-AM-P