BankThink

CFPB's data collection proposal would harm the very borrowers it aims to help

Community banks support ensuring lenders meet the credit needs of all small businesses in accordance with fair lending laws, but policymakers must account for the potential harm of any new regulations on the entities they are designed to help. With community banks leading the nation in small-business lending, the Consumer Financial Protection Bureau should tailor its proposed data collection and reporting requirements for small-business loans to avoid restricting access to credit in local communities.

Section 1071 of the Dodd-Frank Act directs the CFPB to implement rules requiring lenders to collect and report data on credit applicants. The law specifies several data points financial institutions must compile on applications from women-owned, minority-owned and small businesses, including the race, sex and ethnicity of the principal owners as well as gross annual revenue.

While these requirements are mandated by law, the CFPB nevertheless has the authority to exempt any class of financial institutions from the standards it develops and to limit mandatory data points to those required by statute. To mitigate the potentially harmful impact of these new reporting burdens on small-business lending, community banks are encouraging the CFPB to exercise its authority to tailor its rulemaking.

Billions in Bank ‘Junk Fees’ to Get Scrutiny by Revived CFPB

Community banks’ fundamental concern with Section 1071 is that its standardized data collection process requires a homogenized approach that clashes with the individualized nature of community bank small-business lending. Data collection requirements would significantly degrade the ability of community banks to offer small businesses the type of credit they need in a timely and efficient manner.

The data collection and reporting mandates would also compound existing regulatory and paperwork burdens. The cost of this new mandate would be disproportionately high for community banks without the scale to spread compliance costs over a large asset base, which would ultimately harm borrowers the statute is trying to help — women-owned, minority-owned and small businesses.

Further, the collection and public disclosure of personal data raises concerns about the privacy of applicants, particularly in smaller communities. In my travels across the country, I’ve heard from community bankers concerned that some of their small-business customers are the only business of their type in their local community, such as the town dentist or auto repair shop. So even though the customer’s name would be redacted from publication, publishing specific data points — rather than aggregate data — would provide the means to reidentify loan applicants.

Recognizing these concerns, the CFPB has proposed exemptions for the smallest lenders to limit the negative impact of the proposal. Unfortunately for borrowers, the exemption would not apply to the vast majority of financial institutions.

The CFPB would exempt institutions that originated fewer than 25 covered small-business loans in each of the preceding two years — a threshold too low even for many of the nation’s smallest banks. In fact, at least 780 banks with less than $100 million in assets would exceed the 25-loan threshold.

To better balance the benefit of the reporting rule with its impact on the smallest lenders, the CFPB should use the prudential banking regulators’ asset threshold for a “small bank” as defined in Community Reinvestment Act regulations. Exempting community banks under that threshold would use an established line that distinguishes entities with more advanced compliance systems for CRA data collection.

The CFPB should also lower its gross annual revenue standard for affected small businesses to streamline the process. The bureau’s proposed rule would require data collection and reporting on businesses with gross annual revenue of $5 million or less. Defining small businesses as those with $1 million or less in gross annual revenue would align with existing regulations to support compliance while ensuring more than 90% of small-business loans are captured.

To further limit the negative impact of the rule, the CFPB should stick to congressionally mandated data points, instead of nearly doubling the number and increasing the compliance burden. The bureau could also reduce associated privacy risks by publishing a full privacy test for public comment before determining which data to make public. Finally, staggering the implementation date for the smallest community banks and basing fair- lending actions on data collected over three years would allow regulators to observe data trends and diminish the rule’s adverse impact.

Community bank small-business lending is a complex process that cannot be commoditized like consumer or mortgage lending, which would have a chilling effect on access to credit. To avoid disadvantaging community bank business customers, the CFPB should tailor its Section 1071 rule and align it with existing regulatory thresholds. 

For reprint and licensing requests for this article, click here.
Regulation and compliance Small business lending Community banking CFPB
MORE FROM AMERICAN BANKER