Small Business Lending Under the Equal Credit Opportunity Act (Regulation B); Extension of Compliance Dates

Download PDF
Federal RegisterJul 3, 2024
89 Fed. Reg. 55024 (Jul. 3, 2024)

AGENCY:

Consumer Financial Protection Bureau.

ACTION:

Interim final rule with request for public comment.

SUMMARY:

In light of court orders in ongoing litigation, the Consumer Financial Protection Bureau (CFPB or Bureau) is amending Regulation B to extend the compliance dates set forth in its 2023 small business lending rule and to make other date-related conforming adjustments.

DATES:

This interim final rule is effective August 2, 2024. Comments must be received on or before August 2, 2024.

ADDRESSES:

You may submit comments, identified by Docket No. CFPB-2024-0018 or RIN 3170-AA09, by any of the following methods:

  • Federal eRulemaking Portal: https://www.regulations.gov. Follow the instructions for submitting comments. A brief summary of this document will be available at https://www.regulations.gov/docket/CFPB-2024-0018 .
  • Email: 2024-IFR-SBLcompliancedates@cfpb.gov. Include Docket No. CFPB-2024-0018 or RIN 3170-AA09 in the subject line of the message.
  • Mail/Hand Delivery/Courier: Comment Intake—Small Business Lending Compliance Dates, c/o Legal Division Docket Manager, Consumer Financial Protection Bureau, 1700 G Street NW, Washington, DC 20552.

Instructions: The CFPB encourages the early submission of comments. All submissions should include the agency name and docket number or Regulatory Information Number (RIN) for this rulemaking. Because paper mail is subject to delay, commenters are encouraged to submit comments electronically. In general, all comments received will be posted without change to https://www.regulations.gov.

All submissions, including attachments and other supporting materials, will become part of the public record and subject to public disclosure. Proprietary information or sensitive personal information, such as account numbers or Social Security numbers, or names of other individuals, should not be included. Submissions will not be edited to remove any identifying or contact information.

FOR FURTHER INFORMATION CONTACT:

George Karithanom, Regulatory Implementation and Guidance Program Analyst, Office of Regulations, at 202-435-7700 or https://reginquiries.consumerfinance.gov/. If you require this document in an alternative electronic format, please contact CFPB_Accessibility@cfpb.gov.

SUPPLEMENTARY INFORMATION:

I. Background

In 2010, Congress passed the Dodd-Frank Wall Street Reform and Consumer Protection Act (Dodd-Frank Act). Section 1071 of that Act amended the Equal Credit Opportunity Act (ECOA) to require that financial institutions collect and report to the CFPB certain data regarding applications for credit for women-owned, minority-owned, and small businesses. Section 1071's statutory purposes are to (1) facilitate enforcement of fair lending laws, and (2) enable communities, governmental entities, and creditors to identify business and community development needs and opportunities of women-owned, minority-owned, and small businesses.

Public Law 111-203, tit. X, section 1071, 124 Stat. 1376, 2056 (2010), codified at ECOA section 704B, 15 U.S.C. 1691c-2.

15 U.S.C. 1691 et seq.

Section 1071 directs the CFPB to prescribe such rules and issue such guidance as may be necessary to carry out, enforce, and compile data pursuant to section 1071. On March 30, 2023, the CFPB issued a final rule to implement section 1071 by adding subpart B to Regulation B (2023 final rule). The 2023 final rule was published in the Federal Register on May 31, 2023. Further details about section 1071 and this rulemaking can be found in the preamble to the 2023 final rule.

88 FR 35150 (May 31, 2023).

Subsequently, some lenders filed challenges to the 2023 final rule in the United States District Court for the Southern District of Texas. On July 31, 2023, the court issued an order that preliminarily enjoined the CFPB from implementing and enforcing the 2023 final rule against plaintiffs and their members pending the Supreme Court's reversal of Community Financial Services Association of America, Ltd. v. CFPB, 51 F.4th 616 (5th Cir. 2022), cert. granted, 143 S. Ct. 978 (2023) ( CFSA), a trial on the merits, or until further court order. The court's order also stayed all deadlines for compliance with the requirements of the 2023 final rule for plaintiffs and their members pending the outcome of the Supreme Court case. The Texas court ordered that, in the event of a reversal in the Supreme Court case, the CFPB extend plaintiffs' and their members' deadlines for compliance with the 2023 final rule to compensate for the period stayed. Following motions to intervene by a number of other parties, on October 26, 2023, the Texas court extended the terms of its order to all covered financial institutions ( i.e., issued a nationwide stay).

Texas Bankers Ass'n v. CFPB, No. 7:23-cv-00144 (S.D. Tex.).

Order Granting-in-Part and Denying-in-Part Pls.' Mot. for Prelim. Injunction, Texas Bankers Ass'n, No. 7:23-cv-00144 (S.D. Tex. July 31, 2023), ECF No. 25, https://files.consumerfinance.gov/f/documents/cfpb_pi_order_texas_bankers.pdf.

Order Granting Intervenors' Mots. For Prelim. Injunction, Texas Bankers Ass'n, No. 7:23-cv-00144 (S.D. Tex. Oct. 26, 2023), ECF No. 69, https://files.consumerfinance.gov/f/documents/cfpb_pi_second_order_texas_bankers.pdf.

On May 16, 2024, the Supreme Court reversed the Fifth Circuit's ruling in CFSA.

CFPB v. Cmty. Fin. Servs. Ass'n of Am., Ltd., 601 U.S. 416 (2024).

Summary of the Interim Final Rule

In this interim final rule, the CFPB is extending the compliance dates set forth in the 2023 final rule and making conforming adjustments. Consistent with existing court orders, the compliance dates are being extended 290 days to compensate for the period the rule was stayed (July 31, 2023 to May 16, 2024). Thus, covered financial institutions must begin collecting data as follows:

Table 1—Compliance Dates and Filing Deadlines

Compliance tier Original compliance date New compliance date First filing deadline
Highest volume lenders October 1, 2024 July 18, 2025 June 1, 2026.
Moderate volume lenders April 1, 2025 January 16, 2026 June 1, 2027.
Smallest volume lenders January 1, 2026 October 18, 2026 June 1, 2027.

Covered financial institutions are permitted to continue using their small business originations from 2022 and 2023 to determine their compliance tier, or they may use their originations from 2023 and 2024. Covered financial institutions are permitted to begin collecting protected demographic data required under the 2023 final rule 12 months before their new compliance date, in order to test their procedures and systems. As illustrated above, the deadline for submitting small business lending data will remain June 1 following the calendar year for which data are collected. Finally, the CFPB is updating its grace period policy statement to reflect the revised compliance dates.

The CFPB seeks comment on this interim final rule.

II. Legal Authority

The CFPB adopted the 2023 final rule pursuant to its authority under section 1071, which directs the CFPB to adopt rules governing the collection and reporting of small business lending data. Some aspects of the 2023 final rule were also adopted under the CFPB's more general rulemaking authorities in ECOA. The CFPB's legal authorities are discussed in detail in the 2023 final rule.

See, e.g., 88 FR 35150, 35173-74 (May 31, 2023).

The CFPB is adopting this interim final rule to extend the 2023 final rule's compliance dates. ECOA section 704B(g)(1) grants the CFPB general rulemaking authority for section 1071.

III. Administrative Procedure Act

The Administrative Procedure Act (APA) does not require notice and opportunity for public comment if an agency for good cause finds that notice and public comment are impracticable, unnecessary, or contrary to the public interest. The CFPB finds that prior notice and public comment are unnecessary because this interim final rule implements a court's order to extend the 2023 final rule's compliance dates and makes other date-related conforming adjustments. Covered financial institutions need to know the new compliance dates promptly so they can resume implementation efforts; further delay in finalizing those dates would be contrary to the public interest. The CFPB already solicited and received comment on the substance of the provisions that it is now amending, both during its 2020 consultation with representatives of small businesses pursuant to the Small Business Regulatory Enforcement Fairness Act and in its 2021 proposed rule.

CFPB, Small Business Advisory Review Panel for Consumer Financial Protection Bureau Small Business Lending Data Collection Rulemaking, Outline of Proposals Under Consideration and Alternatives Considered (Sept. 15, 2020), https://files.consumerfinance.gov/f/documents/cfpb_1071-sbrefa_outline-of-proposals-under-consideration_2020-09.pdf; and CFPB, Final Report of the Small Business Review Panel on the CFPB's Proposals Under Consideration for the Small Business Lending Data Collection Rulemaking (Dec. 14, 2020), https://files.consumerfinance.gov/f/documents/cfpb_1071-sbrefa-report.pdf.

86 FR 56356 (Oct. 8, 2021).

IV. Discussion of the Final Rule

As discussed above, the court in Texas Bankers Association v. CFPB directed the CFPB to extend the compliance dates set forth in the 2023 final rule to compensate for the period the rule was stayed pending the Supreme Court's decision in CFSA. To facilitate compliance across all covered financial institutions, the CFPB is using July 31, 2023 as the base date to calculate the length of the compliance date extension for all covered financial institutions, including the initial plaintiffs and their members as well as the intervening parties. The CFPB is extending the 2023 final rule's compliance dates by 290 days ( i.e., the number of days that elapsed between the court's July 31, 2023 order and the Supreme Court's decision in CFSA on May 16, 2024).

A. Changes to Compliance Date Provisions

The 2023 final rule's compliance dates are set forth in § 1002.114(b). That section looks to a financial institution's volume of covered credit transactions for small businesses in each of calendar years 2022 and 2023 to determine the applicable compliance date. The 2023 final rule provided that covered financial institutions that originated at least 2,500 covered transactions in both years were required to comply with the requirements of the 2023 final rule beginning October 1, 2024 (sometimes referred to as Tier 1 institutions). Covered financial institutions not in Tier 1 that originated at least 500 covered transactions in both years were required to comply beginning April 1, 2025 (Tier 2), and covered financial institutions not in Tier 1 or Tier 2 that originated at least 100 covered transactions in both years were required to comply beginning January 1, 2026 (Tier 3). The 2023 final rule also provided that a financial institution that did not originate at least 100 covered transactions in both 2022 and 2023 but that subsequently originates at least 100 such transactions in two consecutive calendar years must comply with the rule in accordance with § 1002.105(b), but in any case no earlier than January 1, 2026.

In this interim final rule, the CFPB is extending each of the compliance dates set forth in § 1002.114(b) by 290 days. Thus, Tier 1 institutions now have a compliance date of July 18, 2025, Tier 2 institutions now have a compliance date of January 16, 2026, and Tier 3 institutions now have a compliance date of October 18, 2026. Likewise, institutions that did not originate at least 100 covered transactions in 2022 and 2023 but subsequently do in two consecutive calendar years are not required to comply with the rule until October 18, 2026 at the earliest. The CFPB is making corresponding updates throughout the commentary accompanying § 1002.114(b), which provide additional guidance and examples regarding compliance dates. The CFPB is also revising comments 105(b)-2 and -6 and 109(b)-1, which involve examples of data collection occurring in years affected by the extended compliance dates in this interim final rule.

B. Voluntary Early Collection of Protected Demographic Data

Section 1002.114(c) addresses several transitional issues. Section 1002.114(c)(1) permits financial institutions to collect protected demographic information required under the 2023 final rule from small business applicants beginning 12 months prior to its compliance date. As this provision does not list any compliance dates specifically, no revisions are needed. Thus, a Tier 1 institution is permitted to begin collecting protected demographic information on or after July 18, 2024; a Tier 2 institution may begin on or after January 16, 2025; and a Tier 3 institution may begin on or after October 18, 2025, in order to test their procedures and systems for compiling and maintaining this information in advance of actually being required to collect and subsequently report it to the CFPB.

Under this provision, financial institutions will have time—beginning 12 months prior to their compliance date—to adjust any procedures or systems that may result in the inaccurate compilation or maintenance of applicants' protected demographic information, the collection of which is required by section 1071 but otherwise generally prohibited under ECOA and Regulation B. (Financial institutions could of course collect the other information required by the 2023 final rule at any time, without needing express permission in Regulation B to do so, as is needed for collecting protected demographic information.) See88 FR 35150, 35449-50 (May 31, 2023).

C. Alternative Period for Counting Covered Originations To Determine Compliance Tier

The CFPB is adopting new § 1002.114(c)(3), which permits (but does not require) a financial institution to use its originations of covered credit transactions in each of calendar years 2023 and 2024, rather than those in 2022 and 2023, to determine its compliance date. Financial institutions may use whichever set of dates they prefer ( i.e., 2022 and 2023, or 2023 and 2024). Existing comment 114(b)-4 provides examples illustrating how a financial institution uses its originations in 2022 and 2023 to determine its compliance tier; new comment 114(b)-4.viii illustrates using 2023 and 2024 originations to determine compliance tier.

D. Determining Compliance Dates for Financial Institutions That Do Not Collect Information Sufficient To Determine Small Business Status

Section 1002.114(c)(2) provides that a financial institution that is unable to determine the number of covered credit transactions it originated in 2022 and 2023 for purposes of determining its compliance tier is permitted to use any reasonable method to estimate its originations to small businesses for either or both of 2022 and 2023. Existing comment 114(c)-5 lists several reasonable methods a financial institution may use to estimate its originations.

Pursuant to new § 1002.114(c)(3), which permits a financial institution to use its originations of covered credit transactions in each of calendar years 2023 and 2024 to determine its compliance date, financial institutions are likewise permitted to use any reasonable method to estimate their originations for either or both of 2023 and 2024. The CFPB is revising comment 114(c)-5 to make this clear and adding new comment 114(c)-6.vii to provide an example.

E. Deadline for Annual Data Submissions

Section 1002.109(a)(1) provides that covered financial institutions must submit their small business lending application registers to the CFPB on or before June 1 following the calendar year for which the data are compiled and maintained. As this provision does not list any compliance dates specifically, no revisions are needed. Thus, Tier 1 institutions will make their first data submission by June 1, 2026; Tier 2 and Tier 3 by June 1, 2027.

V. Effective Date

The CFPB is adopting an effective date of 30 days after the publication of this interim final rule in the Federal Register consistent with section 553(d) of the Administrative Procedure Act.

VI. Grace Period Policy Statement

In the 2023 final rule, the CFPB adopted a 12-month grace period during which the CFPB—for covered financial institutions under its supervisory and enforcement jurisdiction—would not intend to assess penalties for errors in data reporting, and would intend to conduct examinations only to diagnose compliance weaknesses, to the extent that these institutions engaged in good faith compliance efforts. The Grace Period Policy Statement set forth in the 2023 final rule explained the CFPB's reasons for adopting such a grace period along with how the CFPB intended to implement such a grace period. The CFPB is updating this policy statement to reflect the new compliance dates set forth in this interim final rule.

See88 FR 35150, 35458-59 (May 31, 2023).

This is a general statement of policy under the Administrative Procedure Act. 5 U.S.C. 553(b). It articulates considerations relevant to the CFPB's exercise of its authorities. It does not impose any legal requirements, nor does it confer rights of any kind. It also does not impose any new or revise any existing recordkeeping, reporting, or disclosure requirements on covered entities or members of the public that would be collections of information requiring approval by the Office of Management and Budget under the Paperwork Reduction Act. 44 U.S.C. 3501 through 3521.

The following discussion explains how the CFPB intends to exercise its supervisory and enforcement discretion for the first 12 months of data collected after a covered financial institution's initial compliance date.

With respect to covered financial institutions subject to the CFPB's supervisory or enforcement jurisdiction that make good faith efforts to comply with the 2023 final rule, the CFPB intends to provide a grace period to reflect the new compliance dates as follows:

Table 2—Grace Period

Financial institutions covered by the grace period Dates covered by the grace period
Financial institutions with a compliance date specified in § 1002.114(b)(1) ( i.e., Tier 1 institutions), as well as any financial institutions that make a voluntary submission for the first time for data collected in 2025 The data collected in 2025 (from July 18, 2025 through December 31, 2025) as well as a portion of data collected in 2026 (from January 1, 2026 through July 17, 2026).
Financial institutions with a compliance date specified in § 1002.114(b)(2) ( i.e., Tier 2 institution), as well as any financial institutions that make a voluntary submission for the first time for data collected in 2026 The data collected in 2026 (from January 16, 2026 through December 31, 2026) as well as a portion of data collected in 2027 (from January 1, 2027 through January 15, 2027).
Financial institutions with a compliance date specified in § 1002.114(b)(3) ( i.e., Tier 3 institution), as well as any financial institutions that make a voluntary submission for the first time for data collected in 2027 The data collected in 2026 (from October 18, 2026 through December 31, 2026) as well as a portion of data collected in 2027 (from January 1, 2027 through October 17, 2027).

As discussed in the 2023 final rule, the CFPB believes that a 12-month grace period for each compliance tier will give institutions time to diagnose and address unintentional errors without the prospect of penalties for inadvertent compliance issues, and may ultimately assist other covered financial institutions, especially those in later compliance tiers, in identifying best practices. While the CFPB anticipates that financial institutions in each compliance tier are capable of fully preparing to comply with the 2023 final rule by their respective new compliance dates, it views this grace period as enabling deliberate and thoughtful compliance with the rule, while still providing important data regarding small business lending as soon as practical.

During the grace period, if the CFPB identifies errors in a financial institution's initial data submissions, it does not intend to require data resubmission unless data errors are material. Further, the CFPB does not intend to assess penalties with respect to unintentional and good faith errors in the initial data submissions. Any examinations of these initial data submissions will be diagnostic and will help to identify compliance weaknesses. However, errors that are not the result of good faith compliance efforts by financial institutions, especially attempts to discourage applicants from providing data, will remain subject to the CFPB's full supervisory and enforcement authority, including the assessment of penalties.

The CFPB believes that the grace period covering the initial data submissions will provide financial institutions an opportunity to identify any gaps in their implementation of the 2023 final rule and make improvements in their compliance management systems for future data submissions. In addition, a grace period will permit the CFPB to help financial institutions identify errors and, thereby, self-correct to avoid such errors in the future. The CFPB can also use data collected during the grace period to alert financial institutions of common errors and potential best practices in data collection and submissions under this rule.

VII. CFPA Section 1022(b) Analysis

A. Overview

In developing the interim final rule, the CFPB has considered the potential benefits, costs, and impacts as required by section 1022(b)(2) of the Consumer Financial Protection Act of 2010 (CFPA). Section 1022(b)(2) calls for the CFPB to consider the potential benefits and costs of a regulation to consumers and covered persons, including the potential reduction of consumer access to consumer financial products or services, the impact on depository institutions and credit unions with $10 billion or less in total assets as described in section 1026 of the CFPA, and the impact on consumers in rural areas. In addition, section 1022(b)(2)(B) directs the CFPB to consult with appropriate prudential regulators or other Federal agencies, regarding consistency with the objectives those agencies administer. The CFPB has accordingly consulted with the appropriate prudential regulators and other Federal agencies regarding consistency with any prudential, market, or systemic objectives administered by these agencies.

In this interim final rule, the CFPB is extending by 290 days the compliance dates set forth in the 2023 small business lending rule and making several conforming adjustments. Thus, covered financial institutions with the highest volume of small business originations (Tier 1) must begin collecting data by July 18, 2025; moderate-volume institutions (Tier 2) by January 16, 2026; and the smallest volume institutions (Tier 3) by October 18, 2026. Covered financial institutions are permitted to continue using their small business originations from 2022 and 2023 to determine their compliance tier, or instead they may use their originations from 2023 and 2024.

The CFPB expects covered institutions to benefit from the extension of the compliance dates, but expects that the impacts of this interim final rule on covered institutions are small relative to the overall impacts of the 2023 final rule it modifies. The CFPB additionally expects this interim final rule to have minimal impacts on small businesses, due to the long-term nature of the benefits of the 2023 final rule and an expectation that the 2023 final rule will have a limited effect on the cost of small business credit.

B. Data Limitation and Quantification of Benefits, Costs, and Impacts

The discussion below relies on information the CFPB has obtained from industry, other regulatory agencies, and publicly available sources. The CFPB provides estimates, to the extent possible, of the potential benefits, costs, and impacts to consumers and covered persons of this interim final rule given available data.

To estimate the number of depository institutions covered by the interim final rule, the CFPB relies in part on data from publicly available sources, such as the Federal Financial Institutions Examination Council's Reports on Condition of Income (Call Reports), the National Credit Union Administration's Call Reports, and data reported under the Community Reinvestment Act. As described in detail in part IX.E of the 2023 final rule, information on the cost of compliance is derived from the CFPB's previous Home Mortgage Disclosure Act rulemaking activities and a One-time Cost Survey the CFPB administered in 2020 as part of its small business lending rule development process.

There are limitations, such as limited comprehensive data on non-depository institutions potentially subject to the 2023 final rule and thus this interim final rule, and limited data on which to quantify benefits of the interim final rule with precision. The CFPB supplements the data sources described above with general economic principles and the CFPB's expertise in consumer financial markets. The CFPB qualitatively describes potential benefits, costs, and impacts where the ability to provide quantitative estimates are impacted by these limitations.

C. Baseline for Analysis

In evaluating the potential benefits, costs, and impacts of the interim final rule, the CFPB takes as a baseline Regulation B as amended by the 2023 final rule. Part IV above describes in detail the provisions of the 2023 final rule. The CFPB's analysis of the potential costs, benefits, and impacts of this interim final rule are relative to the original compliance dates and other requirements of the 2023 final rule.

D. Potential Benefits and Costs to Covered Persons and Small Businesses

1. Potential Benefits and Costs to Covered Persons

Based on the methodology used to determine coverage in the 2023 final rule, the CFPB expects about 100 financial institutions to be required to report in Tier 1, about 450 to be required to report in Tier 2, and about 2,000 to be required to report in Tier 3.

The CFPB continues to use the estimates from the 2023 final rule, which are based on data from 2017 through 2019. The data are not yet available to update the estimates to a more recent year that is unaffected by the COVID-19 pandemic conditions.

By extending the compliance dates by 290 days for all covered institutions, financial institutions will benefit by the delay in the expected costs of compliance with the 2023 final rule. The benefit from the compliance date extension will differ depending on whether the cost was expected to be “one-time” or “ongoing.” Part IX.E of the 2023 final rule described two categories of cost that the CFPB expected covered financial institutions to incur. “One-time” costs refer to expenses that the financial institution will incur initially and only once to implement changes required to comply with the requirements of the rule. “Ongoing” costs are expenses incurred because of the ongoing reporting requirements of the rule, accrued on an annual basis.

The CFPB expects covered institutions to experience an annual ongoing cost of compliance in perpetuity. Therefore, extending the compliance dates by 290 days potentially saves financial institutions up to 290 days in expected annual compliance costs. In the 2023 rule, the CFPB detailed its methodology and estimates of this annual ongoing cost for institutions of different levels of complexity in their processes for collecting, checking, and reporting data on applications for small business credit. These “types” were Type A (least complex), Type B (medium complexity), and Type C (most complex) and were related to small business credit application volume. The 2023 final rule gave estimates of compliance costs for representative institutions of each type as well as the market-level estimate for all complying institutions.

The CFPB estimated that, per application for small business credit, Type A institutions would incur $83 in annual ongoing costs, Type B institutions would incur $100, and Type C institutions would incur $46. Based on the CFPB's estimates of application volumes for all institutions, the expected market level annual ongoing cost was between $310 and $330 million for depository institutions and $62.3 million for non-depository institutions. The CFPB expects covered financial institutions to avoid 290 days of ongoing costs due to the compliance date extension. Institutions will effectively receive this benefit at the time they would have originally been required to start collecting data. Thus, Tier 3 institutions will receive this benefit farther in the future than Tier 2 institutions, who will receive the benefit farther in the future than Tier 1 institutions. In present value terms, Tier 1 institutions will see a proportionally larger benefit compared to baseline, relative to Tier 2 and Tier 3 institutions.

This interim final rule does not change the nominal value of the one-time costs that will be incurred by covered institutions but does potentially delay the realization of those costs up to 290 days into the future for institutions in each compliance tier. Thus, the new one-time costs are the baseline one-time costs discounted by 290 days. The present value of the benefit associated with the interim final rule's impact on one-time costs is the difference between the baseline one-time costs and the new discounted costs.

The CFPB additionally expects that the compliance date extension and the associated flexibility in years of origination data that can be used to determine coverage would confer a benefit to covered institutions with the additional time to prepare for compliance relative to the baseline.

With the extension of the compliance dates by 290 days, this interim final rule delays the realization of these potential benefits to covered financial institutions. As enumerated in the 2023 final rule, benefits include more efficient fair lending review prioritization by regulators and the institutions' own use of small business lending data to better understand small business credit demand and the supply by their competitors.

2. Potential Benefits and Costs to Small Businesses

As with the 2023 final rule, this interim final rule will not directly impact consumers, as that term is defined by the Dodd-Frank Act. Some consumers will be impacted in their separate capacity as sole owners of small businesses covered by the rule. The CFPB has elected to consider the costs to small businesses from this interim final rule as it did in the 2023 final rule.

In part IX.F of the 2023 final rule, the CFPB described how small businesses would benefit from the impact of the rule on the enforcement of fair lending laws and on community development. In an environment with limited data sources on small business credit, the CFPB expects data collected under the rule to enable communities, governmental entities, and creditors to identify business and community development needs and opportunities for women-owned, minority-owned, and small businesses. The CFPB also expects data collected under the 2023 final rule to facilitate fair lending enforcement by Federal, State, and local enforcement agencies. Due to limitations on data and methodology, the CFPB mostly described these benefits qualitatively.

To the extent small businesses benefit in the above ways from the 2023 final rule, the extension of the compliance dates reduces the benefits accruing to small businesses by delaying the realization of these benefits. While compliance dates are extended by 290 days, Tier 1 financial institutions will be required to file data one year later than expected under the 2023 final rule ( i.e., by June 1, 2026 rather than June 1, 2025). The CFPB expects that the benefits of the original rule will primarily begin with the publication of the data. Thus, small businesses' and financial institutions' realizations of the benefits arising from the 2023 final rule will likewise be delayed by at least one year, reducing the real net present value of these expected future benefits. The CFPB is unable to readily quantify the costs associated with delaying future benefits because the CFPB does not have the data to quantify all the benefits of the 2023 final rule.

The 2023 final rule also described that the CFPB expects financial institutions to pass on a portion of their annual ongoing costs to small business borrowers in the form of higher rates or fees. While, in general, the CFPB expects the magnitude of any pass-through to be a small portion of the total cost of the average loan to a small business applicant, extended compliance dates could benefit small business borrowers by delaying these increased costs.

3. Distribution of Small Business Impacts

The differences in the impacts of this interim final rule between different types of small businesses is likely to be small with only 290 days added to each of the compliance dates. Most of the distribution of benefits and costs are likely to be derived from whether small businesses are serviced by lenders in different compliance tiers and the difference in present discounted values.

E. Potential Impacts on Depository Institutions and Credit Unions With $10 Billion or Less in Total Assets, as Described in CFPA Section 1026

Using the methodology described in the 2023 final rule, the CFPB estimates that between 1,700 and 1,900 banks, savings associations, and credit unions with $10 billion or less in total assets will be affected by this interim final rule. The CFPB believes that the impacts of the interim final rule on these small depository institutions will be similar to those impacts on covered financial institutions as a whole, discussed above. These institutions would incur benefits from up to 290 fewer days in annual ongoing costs and the postponement of up to 290 days of one-time costs. They would also potentially benefit from additional time to develop software and other resources used to comply with the 2023 final rule.

F. Potential Impacts on Small Businesses' Access to Credit and on Small Businesses in Rural Areas

The CFPB does not expect this interim final rule to have a significant impact on small businesses' access to credit. In the 2023 final rule, the CFPB described how the likeliest effect of the rule on access to credit would be a small increase in interest rates or fees. This interim final rule shifts this potential effect by 290 days without any additional provisions that would affect credit access.

In part IX.H of the final rule, the CFPB described how existing data sources limited its ability to precisely estimate the number of financial institutions who serve rural areas who are covered under the 2023 final rule. The CFPB expects that 65 to 70 percent of rural bank and savings associations branches and 14 percent of rural credit union branches would be affected by the interim final rule using this methodology.

Small businesses in rural areas are expected to experience similar costs and benefits of small businesses more broadly. Small businesses in rural areas would experience a reduction in benefits via a postponement of the benefits of the 2023 final rule on fair lending enforcement and community development. These small businesses would also experience a benefit by the postponement of expected small increases in interest rates and fees.

VIII. Regulatory Flexibility Act Analysis

The Regulatory Flexibility Act does not require an initial or final regulatory flexibility analysis in a rulemaking where a general notice of proposed rulemaking is not required. As discussed in part III above, the CFPB has determined that prior notice and comment is unnecessary for this interim final rule. As an additional basis, the CFPB's Director certifies that this interim final rule will not have a significant economic impact on a substantial number of small entities, and so an initial or final regulatory flexibility analysis is also not required for that reason. The rule will not impose significant costs on creditors, including small entities, for the reasons described in the section 1022(b) analysis in part VII above.

IX. Paperwork Reduction Act

Under the Paperwork Reduction Act of 1995 (PRA), Federal agencies are generally required to seek approval from the Office of Management and Budget (OMB) for information collection requirements prior to implementation. Under the PRA, the CFPB may not conduct or sponsor, and, notwithstanding any other provision of law, a person is not required to respond to an information collection unless the information collection displays a valid control number assigned by OMB. The interim final rule amends 12 CFR part 1002 (Regulation B), which implements the small business lending rule. The CFPB's OMB control number for Regulation B is 3170-0013; its current expiration date is August 31, 2025.

The interim final rule does not add to or change the collection requirements of the 2023 final rule; rather, it only changes the initial compliance dates, pursuant to court orders, and makes other date-related conforming adjustments. The CFPB has therefore determined that the interim final rule does not contain any new or substantively revised information collection requirements as defined by the PRA.

X. Congressional Review Act

Pursuant to the Congressional Review Act (5 U.S.C. 801 et seq.), the CFPB will submit a report containing this interim final rule and other required information to the U.S. Senate, the U.S. House of Representatives, and the Comptroller General of the United States prior to the interim final rule taking effect. The Office of Information and Regulatory Affairs has designated this interim final rule as not a “major rule” as defined by 5 U.S.C. 804(2).

List of Subjects

  • Banks, banking
  • Civil rights
  • Consumer protection
  • Credit
  • Credit unions
  • Marital status discrimination
  • National banks
  • Penalties

Authority and Issuance

For the reasons set forth in the preamble, the CFPB amends Regulation B, 12 CFR part 1002, as follows:

PART 1002—EQUAL CREDIT OPPORTUNITY ACT (REGULATION B)

1. The authority citation for part 1002 continues to read as follows:

Authority: 12 U.S.C. 5512, 5581; 15 U.S.C. 1691b. Subpart B is also issued under 15 U.S.C. 1691c-2.

2. Section 1002.14 is amended by:

a. In paragraph (b)(1) removing “October 1, 2024” and adding in its place “July 18, 2025”;

b. In paragraph (b)(2) removing “April 1, 2025” and adding in its place “January 16, 2026”;

c. In paragraphs (b)(3) and (4) removing “January 1, 2026” and adding in its place “October 18, 2026”; and

d. Adding paragraph (c)(3).

The addition reads as follows:

§ 1002.114
Effective date, compliance date, and special transitional rules.

(c) * * *

(3) Alternative time period for determining compliance dates. A financial institution is permitted to use its originations of covered credit transactions in each of calendar years 2023 and 2024 in lieu of calendar years 2022 and 2023 as specified in paragraphs (b) and (c)(2) of this section.

3. In Supplement I to part 1002:

a. Under Section 1002.105—Covered Financial Institutions and Exempt Institutions, revise 105(b) Covered Financial Institution;

b. Under Section 1002.109—Reporting of Data to the Bureau, revise 109(b) Financial Institution Identifying Information; and

c. Under Section 1002.114—Effective Date, Compliance Date, and Special Transition Rules, revise 114(b) Compliance Date and 114(c) Special Transition Rules.

The revisions read as follows:

Supplement I to Part 1002—Official Interpretations

Section 1002.105—Covered Financial Institutions and Exempt Institutions

105(b) Covered Financial Institution

1. Preceding calendar year. The definition of covered financial institution refers to preceding calendar years. For example, in 2029, the two preceding calendar years are 2027 and 2028. Accordingly, in 2029, Financial Institution A does not meet the loan-volume threshold in § 1002.105(b) if did not originate at least 100 covered credit transactions for small businesses both during 2027 and during 2028.

2. Origination threshold. A financial institution qualifies as a covered financial institution based on total covered credit transactions originated for small businesses, rather than covered applications received from small businesses. For example, if in both 2026 and 2027, Financial Institution B received 105 covered applications from small businesses and originated 95 covered credit transactions for small businesses, then for 2028, Financial Institution B is not a covered financial institution.

3. Counting originations when multiple financial institutions are involved in originating a covered credit transaction. For the purpose of counting originations to determine whether a financial institution is a covered financial institution under § 1002.105(b), in a situation where multiple financial institutions are involved in originating a single covered credit transaction, only the last financial institution with authority to set the material terms of the covered credit transaction is required to count the origination.

4. Counting originations after adjustments to the gross annual revenue threshold due to inflation. Pursuant to § 1002.106(b)(2), every five years, the gross annual revenue threshold used to define a small business in § 1002.106(b)(1) shall be adjusted, if necessary, to account for inflation. The first time such an adjustment could occur is in 2030, with an effective date of January 1, 2031. A financial institution seeking to determine whether it is a covered financial institution applies the gross annual revenue threshold that is in effect for each year it is evaluating. For example, a financial institution seeking to determine whether it is a covered financial institution in 2032 counts its originations of covered credit transactions for small businesses in calendar years 2030 and 2031. The financial institution applies the initial $5 million threshold to evaluate whether its originations were to small businesses in 2030. In this example, if the small business threshold were increased to $5.5 million effective January 1, 2031, the financial institution applies the $5.5 million threshold to count its originations for small businesses in 2031.

5. Reevaluation, extension, or renewal requests, as well as credit line increases and other requests for additional credit amounts. While requests for additional credit amounts on an existing account can constitute a “covered application” pursuant to § 1002.103(b)(1), such requests are not counted as originations for the purpose of determining whether a financial institution is a covered financial institution pursuant to § 1002.105(b). In addition, transactions that extend, renew, or otherwise amend a transaction are not counted as originations. For example, if a financial institution originates 50 term loans and 30 lines of credit for small businesses in each of the preceding two calendar years, along with 25 line increases for small businesses in each of those years, the financial institution is not a covered financial institution because it has not originated at least 100 covered credit transactions in each of the two preceding calendar years.

6. Annual consideration. Whether a financial institution is a covered financial institution for a particular year depends on its small business lending activity in the preceding two calendar years. Therefore, whether a financial institution is a covered financial institution is an annual consideration for each year that data may be compiled and maintained for purposes of subpart B of this part. A financial institution may be a covered financial institution for a given year of data collection (and the obligations arising from qualifying as a covered financial institution shall continue into subsequent years, pursuant to §§ 1002.110 and 1002.111), but the same financial institution may not be a covered financial institution for the following year of data collection. For example, Financial Institution C originated 105 covered transactions for small businesses in both 2027 and 2028. In 2029, Financial Institution C is a covered financial institution and therefore is obligated to compile and maintain applicable 2029 small business lending data under § 1002.107(a). During 2029, Financial Institution C originates 95 covered transactions for small businesses. In 2030, Financial Institution C is not a covered financial institution with respect to 2030 small business lending data, and is not obligated to compile and maintain 2030 data under § 1002.107(a) (although Financial Institution C may volunteer to collect and maintain 2030 data pursuant to § 1002.5(a)(4)(vii) and as explained in comment 105(b)-10). Pursuant to § 1002.109(a), Financial Institution C shall submit its small business lending application register for 2029 data in the format prescribed by the Bureau by June 1, 2030 because Financial Institution C is a covered financial institution with respect to 2029 data, and the data submission deadline of June 1, 2030 applies to 2029 data.

7. Merger or acquisition—coverage of surviving or newly formed institution. After a merger or acquisition, the surviving or newly formed financial institution is a covered financial institution under § 1002.105(b) if it, considering the combined lending activity of the surviving or newly formed institution and the merged or acquired financial institutions (or acquired branches or locations), satisfies the criteria included in § 1002.105(b). For example, Financial Institutions A and B merge. The surviving or newly formed financial institution meets the threshold in § 1002.105(b) if the combined previous components of the surviving or newly formed financial institution (A plus B) would have originated at least 100 covered credit transactions for small businesses for each of the two preceding calendar years. Similarly, if the combined previous components and the surviving or newly formed financial institution would have reported at least 100 covered transactions for small businesses for the year previous to the merger as well as 100 covered transactions for small businesses for the year of the merger, the threshold described in § 1002.105(b) would be met and the surviving or newly formed financial institution would be a covered institution under § 1002.105(b) for the year following the merger. Comment 105(b)-8 discusses a financial institution's responsibilities with respect to compiling and maintaining (and subsequently reporting) data during the calendar year of a merger.

8. Merger or acquisition—coverage specific to the calendar year of the merger or acquisition. The scenarios described below illustrate a financial institution's responsibilities specifically for data from the calendar year of a merger or acquisition. For purposes of these illustrations, an “institution that is not covered” means either an institution that is not a financial institution, as defined in § 1002.105(a), or a financial institution that is not a covered financial institution, as defined in § 1002.105(b).

i. Two institutions that are not covered financial institutions merge. The surviving or newly formed institution meets all of the requirements necessary to be a covered financial institution. No data are required to be compiled, maintained, or reported for the calendar year of the merger (even though the merger creates an institution that meets all of the requirements necessary to be a covered financial institution).

ii. A covered financial institution and an institution that is not covered merge. The covered financial institution is the surviving institution, or a new covered financial institution is formed. For the calendar year of the merger, data are required to be compiled, maintained, and reported for covered applications from the covered financial institution and is optional for covered applications from the financial institution that was previously not covered.

iii. A covered financial institution and an institution that is not covered merge. The institution that is not covered is the surviving institution and remains not covered after the merger, or a new institution that is not covered is formed. For the calendar year of the merger, data are required to be compiled and maintained (and subsequently reported) for covered applications from the previously covered financial institution that took place prior to the merger. After the merger date, compiling, maintaining, and reporting data is optional for applications from the institution that was previously covered for the remainder of the calendar year of the merger.

iv. Two covered financial institutions merge. The surviving or newly formed financial institution is a covered financial institution. Data are required to be compiled and maintained (and subsequently reported) for the entire calendar year of the merger. The surviving or newly formed financial institution files either a consolidated submission or separate submissions for that calendar year.

9. Foreign applicability. As discussed in comment 1(a)-2, Regulation B (including subpart B) generally does not apply to lending activities that occur outside the United States.

10. Voluntary collection and reporting. Section 1002.5(a)(4)(vii) through (x) permits a creditor that is not a covered financial institution under § 1002.105(b) to voluntarily collect and report information regarding covered applications from small businesses in certain circumstances. If a creditor is voluntarily collecting information for covered applications regarding whether the applicant is a minority-owned business, a women-owned business, and/or an LGBTQI+-owned business under § 1002.107(a)(18), and regarding the ethnicity, race, and sex of the applicant's principal owners under § 1002.107(a)(19), it shall do so in compliance with §§ 1002.107, 1002.108, 1002.111, 1002.112 as though it were a covered financial institution. If a creditor is reporting those covered applications from small businesses to the Bureau, it shall do so in compliance with §§ 1002.109 and 1002.110 as though it were a covered financial institution.

Section 1002.109—Reporting of Data to the Bureau

109(b) Financial Institution Identifying Information

1. Changes to financial institution identifying information. If a financial institution's information required pursuant to § 1002.109(b) changes, the financial institution shall provide the new information with the data submission for the collection year of the change. For example, assume two financial institutions that previously reported data under subpart B of this part merge and the surviving institution retained its Legal Entity Identifier but obtained a new TIN in February 2028. The surviving institution must report the new TIN with its data submission for its 2028 data (which is due by June 1, 2029) pursuant to § 1002.109(b)(5). Likewise, if that financial institution's Federal prudential regulator changes in February 2028 as a result of the merger, it must identify its new Federal prudential regulator in its annual submission for its 2028 data.

Section 1002.114—Effective Date, Compliance Date, and Special Transition Rules

114(b) Compliance Date

1. Application of compliance date. The applicable compliance date in § 1002.114(b) is the date by which the covered financial institution must begin to compile data as specified in § 1002.107, comply with the firewall requirements of § 1002.108, and begin to maintain records as specified in § 1002.111. In addition, the covered financial institution must comply with § 1002.110(c) and (d) no later than June 1 of the year after the applicable compliance date. For instance, if § 1002.114(b)(2) applies to a financial institution, it must comply with §§ 1002.107 and 1002.108, and portions of § 1002.111, beginning January 16, 2026, and it must comply with § 1002.110(c) and (d), and portions of § 1002.111, no later than June 1, 2027.

2. Initial partial year collections pursuant to § 1002.114(b). i. When the compliance date of July 18, 2025 specified in § 1002.114(b)(1) applies to a covered financial institution, the financial institution is required to collect data for covered applications during the period from July 18, 2025 to December 31, 2025. The financial institution must compile data for this period pursuant to § 1002.107, comply with the firewall requirements of § 1002.108, and maintain records as specified in § 1002.111. In addition, for data collected during this period, the covered financial institution must comply with §§ 1002.109 and 1002.110(c) and (d) by June 1, 2026.

ii. When the compliance date of January 16, 2026 specified in § 1002.114(b)(2) applies to a covered financial institution, the financial institution is required to collect data for covered applications during the period from January 16, 2026 to December 31, 2026. The financial institution must compile data for this period pursuant to § 1002.107, comply with the firewall requirements of § 1002.108, and maintain records as specified in § 1002.111. In addition, for data collected during this period, the covered financial institution must comply with §§ 1002.109 and 1002.110(c) and (d) by June 1, 2027.

iii. When the compliance date of October 18, 2026 specified in § 1002.114(b)(3) or (4) applies to a covered financial institution, the financial institution is required to collect data for covered applications during the period from October 18, 2026 to December 31, 2026. The financial institution must compile data for this period pursuant to § 1002.107, comply with the firewall requirements of § 1002.108, and maintain records as specified in § 1002.111. In addition, for data collected during this period, the covered financial institution must comply with §§ 1002.109 and 1002.110(c) and (d) by June 1, 2027.

3. Informal names for compliance date provisions. To facilitate discussion of the compliance dates specified in § 1002.114(b)(1), (2), and (3), in the official commentary and any other documents referring to these compliance dates, the Bureau adopts the following informal simplified names. Tier 1 refers to the cohort of covered financial institutions that have a compliance date of July 18, 2025 pursuant to § 1002.114(b)(1). Tier 2 refers to the cohort of covered financial institutions that have a compliance date of January 16, 2026 pursuant to § 1002.114(b)(2). Tier 3 refers to the cohort of covered financial institutions that have a compliance date of October 18, 2026 pursuant to § 1002.114(b)(3).

4. Examples. The following scenarios illustrate how to determine whether a financial institution is a covered financial institution and which compliance date specified in § 1002.114(b) applies. Unless otherwise indicated, in each example the financial institution has chosen to use its originations in 2022 and 2023 (rather than 2023 and 2024 as permitted by § 1002.114(c)(3)) to determine its initial compliance tier.

i. Financial Institution A originated 3,000 covered credit transactions for small businesses in calendar year 2022, and 3,000 in calendar year 2023. Financial Institution A is in Tier 1 and has a compliance date of July 18, 2025.

ii. Financial Institution B originated 2,000 covered credit transactions for small businesses in calendar year 2022, and 3,000 in calendar year 2023. Because Financial Institution B did not originate at least 2,500 covered credit transactions for small businesses in each of 2022 and 2023, it is not in Tier 1. Because Financial Institution B did originate at least 500 covered credit transactions for small businesses in each of 2022 and 2023, it is in Tier 2 and has a compliance date of January 16, 2026.

iii. Financial Institution C originated 400 covered credit transactions to small businesses in calendar year 2022, and 1,000 in calendar year 2023. Because Financial Institution C did not originate at least 2,500 covered credit transactions for small businesses in each of 2022 and 2023, it is not in Tier 1, and because it did not originate at least 500 covered credit transactions for small businesses in each of 2022 and 2023, it is not in Tier 2. Because Financial Institution C did originate at least 100 covered credit transactions for small businesses in each of 2022 and 2023, it is in Tier 3 and has a compliance date of October 18, 2026.

iv. Financial Institution D originated 90 covered credit transactions to small businesses in calendar year 2022, 120 in calendar year 2023, and 90 in calendar years 2024, 2025, and 2026. Because Financial Institution D did not originate at least 100 covered credit transactions for small businesses in each of 2022 and 2023, it is not in Tier 1, Tier 2, or Tier 3. Because Financial Institution D did not originate at least 100 covered credit transactions for small businesses in subsequent consecutive calendar years, it is not a covered financial institution under § 1002.105(b) and is not required to comply with the rule in 2025, 2026, or 2027.

v. Financial Institution E originated 120 covered credit transactions for small businesses in each of calendar years 2022, 2023, and 2024, and 90 in 2025. Because Financial Institution E did not originate at least 2,500 or 500 covered credit transactions for small businesses in each of 2022 and 2023, it is not in Tier 1 or Tier 2. Because Financial Institution E originated at least 100 covered credit transactions for small businesses in each of 2022 and 2023, it is in Tier 3 and has a compliance date of October 18, 2026. However, because Financial Institution E did not originate at least 100 covered credit transactions for small businesses in both 2024 and 2025, it no longer satisfies the definition of a covered financial institution in § 1002.105(b) at the time of the compliance date for Tier 3 institutions and thus is not required to comply with the rule in 2026.

vi. Financial Institution F originated 90 covered credit transactions for small businesses in calendar year 2022, and 120 in 2023, 2024, and 2025. Because Financial Institution F did not originate at least 100 covered credit transactions for small businesses in each of 2022 and 2023, it is not in Tier 1, Tier 2, or Tier 3. Because Financial Institution F originated at least 100 covered credit transactions for small businesses in subsequent calendar years, § 1002.114(b)(4), which cross-references § 1002.105(b), applies to Financial Institution F. Because Financial Institution F originated at least 100 covered credit transactions for small businesses in each of 2024 and 2025, it is a covered financial institution under § 1002.105(b) and is required to comply with the rule beginning October 18, 2026. Alternatively, if Financial Institution F chooses to use its originations in calendar years 2023 and 2024 to determine its compliance tier pursuant to § 1002.114(c)(3), it would be in Tier 3 and likewise required to comply with the rule beginning October 18, 2026.

vii. Financial Institution G originated 90 covered credit transactions for small businesses in each of calendar years 2022, 2023, 2024, 2025, and 2026, and 120 in each of 2027 and 2028. Because Financial Institution F did not originate at least 100 covered credit transactions for small businesses in each of 2022 and 2023, it is not in Tier 1, Tier 2, or Tier 3. Because Financial Institution G originated at least 100 covered credit transactions for small businesses in subsequent calendar years, § 1002.114(b)(4), which cross-references § 1002.105(b), applies to Financial Institution G. Because Financial Institution G originated at least 100 covered credit transactions for small businesses in each of 2027 and 2028, it is a covered financial institution under § 1002.105(b) and is required to comply with the rule beginning January 1, 2029.

viii. Financial Institution H originated 550 covered credit transactions for small businesses in each of calendar years 2022 and 2023, 450 in 2024, and 550 in 2025. Because Financial Institution H originated at least 500 covered credit transactions for small businesses in each of 2022 and 2023, it would be in Tier 2 and have a compliance date of January 16, 2026. However, § 1002.114(c)(3) permits financial institutions to use their originations in 2023 and 2024, rather than in 2022 and 2023, to determine compliance tier. If Financial Institution H elects to use its originations in 2023 and 2024, it would be in Tier 3 and required to comply with the rule beginning October 18, 2026.

114(c) Special Transition Rules

1. Collection of certain information prior to a financial institution's compliance date. Notwithstanding § 1002.5(a)(4)(ix), a financial institution that chooses to collect information on covered applications as permitted by § 1002.114(c)(1) in the 12 months prior to its initial compliance date as specified in § 1002.114(b)(1), (2) or (3) need comply only with the requirements set out in §§ 1002.107(a)(18) and (19), 1002.108, and 1002.111(b) and (c) with respect to the information collected. During this 12-month period, a covered financial institution need not comply with the provisions of § 1002.107 (other than §§ 1002.107(a)(18) and (19)), 1002.109, 1002.110, 1002.111(a), or 1002.114.

2. Transition rule for applications received prior to a compliance date but final action is taken after a compliance date. If a covered financial institution receives a covered application from a small business prior to its initial compliance date specified in § 1002.114(b), but takes final action on or after that date, the financial institution is not required to collect data regarding that application pursuant to § 1002.107 nor to report the application pursuant to § 1002.109. For example, if a financial institution is subject to a compliance date of July 18, 2025, and it receives an application on July 7, 2025 but does not take final action on the application until July 25, 2025, the financial institution is not required to collect data pursuant to § 1002.107 nor to report data to the Bureau pursuant to § 1002.109 regarding that application.

3. Has readily accessible the information needed to determine small business status. A financial institution has readily accessible the information needed to determine whether its originations of covered credit transactions were for small businesses as defined in § 1002.106 if, for instance, it in the ordinary course of business collects data on the precise gross annual revenue of the businesses for which it originates loans, it obtains information sufficient to determine whether an applicant for business credit had gross annual revenues of $5 million or less, or if it collects and reports similar data to Federal or State government agencies pursuant to other laws or regulations.

4. Does not have readily accessible the information needed to determine small business status. A financial institution does not have readily accessible the information needed to determine whether its originations of covered credit transactions were for small businesses as defined in § 1002.106 if it did not in the ordinary course of business collect either precise or approximate information on whether the businesses to which it originated covered credit transactions had gross annual revenue of $5 million or less. In addition, even if precise or approximate information on gross annual revenue was initially collected, a financial institution does not have readily accessible this information if, to retrieve this information, for example, it must review paper loan files, recall such information from either archived paper records or scanned records in digital archives, or obtain such information from third parties that initially obtained this information but did not transmit such information to the financial institution.

5. Reasonable method to estimate the number of originations. The reasonable methods that financial institutions may use to estimate originations for 2022 and 2023 (or for 2023 and 2024, pursuant to § 1002.114(c)(3)) include, but are not limited to, the following:

i. A financial institution may comply with § 1002.114(c)(2) by determining the small business status of covered credit transactions by asking every applicant, prior to the closing of approved transactions, to self-report whether it had gross annual revenue for its preceding fiscal year of $5 million or less, during the period October 1 through December 31, 2023. The financial institution may annualize the number of covered credit transactions it originates to small businesses from October 1 through December 31, 2023 by quadrupling the originations for this period, and apply the annualized number of originations to both calendar years 2022 and 2023. Pursuant to § 1002.114(c)(3), a financial institution is permitted to use its originations in 2023 and 2024, rather than 2022 and 2023, to determine its compliance tier. Thus, a financial institution may ask applicants to self-report revenue information during the period of October 1 through December 31, 2024, and then may annualize the number of covered credit transactions it originated to small businesses during that period and apply the annualized number of originations to both calendar years 2023 and 2024.

ii. A financial institution may comply with § 1002.114(c)(2) by assuming that every covered credit transaction it originates for business customers in calendar years 2022 and 2023 (or in 2023 and 2024) is to a small business.

iii. A financial institution may comply with § 1002.114(c)(2) by using another methodology provided that such methodology is reasonable and documented in writing.

6. Examples. The following scenarios illustrate the potential application of § 1002.114(c)(2) to a financial institution's compliance date under § 1002.114(b). Unless otherwise indicated, in each example the financial institution has chosen to estimate its originations for 2022 and 2023 (rather than 2023 and 2024 as permitted by § 1002.114(c)(3)) to determine its initial compliance tier.

i. Prior to October 1, 2023, Financial Institution A did not collect gross annual revenue or other information that would allow it to determine the small business status of the businesses for whom it originated covered credit transactions in calendar years 2022 and 2023. Financial Institution A chose to use the methodology set out in comment 114(c)-5.i and as of October 1, 2023 began to collect information on gross annual revenue as defined in § 1002.107(a)(14) for its covered credit transactions originated for businesses. Using this information, Financial Institution A determined that it had originated 750 covered credit transactions for businesses that were small as defined in § 1002.106. On an annualized basis, Financial Institution A originated 3,000 covered credit transactions for small businesses (750 originations * 4 = 3,000 originations per year). Applying this annualized figure of 3,000 originations to both calendar years 2022 and 2023, Financial Institution A is in Tier 1 and has a compliance date of July 18, 2025.

ii. Prior to July 1, 2023, Financial Institution B collected gross annual revenue information for some applicants for business credit, but such information was only noted in its paper loan files. Financial Institution B thus does not have reasonable access to information that would allow it to determine the small business status of the businesses for whom it originated covered credit transactions for calendar years 2022 and 2023. Financial Institution B chose to use the methodology set out in comment 114(c)-5.i, and as of October 1, 2023, Financial Institution B began to ask all businesses for whom it was closing covered credit transactions if they had gross annual revenues in the preceding fiscal year of $5 million or less. Using this information, Financial Institution B determined that it had originated 350 covered credit transactions for businesses that were small as defined in § 1002.106. On an annualized basis, Financial Institution B originated 1,400 covered credit transactions for small businesses (350 originations * 4 = 1,400 originations per year). Applying this estimated figure of 1,400 originations to both calendar years 2022 and 2023, Financial Institution B is in Tier 2 and has a compliance date of January 16, 2026.

iii. Prior to April 1, 2023, Financial Institution C did not collect gross annual revenue or other information that would allow it to determine the small business status of the businesses for whom it originated covered credit transactions in calendar years 2022 and 2023. Financial Institution C chose its own methodology pursuant to comment 114(c)-5.iii, basing it in part on the methodology specified in comment 114(c)-5.i. Starting on April 1, 2023, Financial Institution C began to ask all business applicants for covered credit transactions if they had gross annual revenue in their preceding fiscal year of $5 million or less. Using this information, Financial Institution C determined that it had originated 100 covered credit transactions for businesses that were small as defined in § 1002.106. On an annualized basis, Financial Institution C originated approximately 133 covered credit transactions for small businesses ((100 originations * 365 days)/275 days = 132.73 originations per year). Applying this estimate of 133 originations to both calendar years 2022 and 2023, Financial Institution C is in Tier 3 and has a compliance date of October 18, 2026.

iv. Financial Institution D did not collect gross annual revenue or other information that would allow it to determine the small business status of the businesses for whom it originated covered credit transactions in calendar years 2022 and 2023. Financial Institution D determined that it had originated 3,000 total covered credit transactions for businesses in each of 2022 and 2023. Applying the methodology specified in comment 114(c)-5.ii, Financial Institution D assumed that all 3,000 covered credit transactions originated in each of 2022 and 2023 were to small businesses. On that basis, Financial Institution D is in Tier 1 and has a compliance date of July 18, 2025.

v. Financial Institution E did not collect gross annual revenue or other information that would allow it to determine the small business status of the businesses for whom it originated covered credit transactions in calendar years 2022 and 2023. Financial Institution E determined that it had originated 700 total covered credit transactions for businesses in each of 2022 and 2023. Applying the methodology specified in comment 114(c)-5.ii, Financial Institution E assumed that all such transactions in each of 2022 and 2023 were originated for small businesses. On that basis, Financial Institution E is in Tier 2 and has a compliance date of January 16, 2026.

vi. Financial Institution F does not have readily accessible gross annual revenue or other information that would allow it to determine the small business status of the businesses for whom it originated covered credit transactions in calendar years 2022 and 2023. Financial Institution F determined that it had originated 80 total covered credit transactions for businesses in 2022 and 150 total covered credit transactions for businesses in 2023. Applying the methodology set out in comment 114(c)-5.ii, Financial Institution F assumed that all such transactions originated in 2022 and 2023 were originated for small businesses. On that basis, Financial Institution E is not in Tier 1, Tier 2 or Tier 3, and is subject to the compliance date provision specified in § 1002.114(b)(4).

vii. Financial Institution G does not have readily accessible gross annual revenue or other information that would allow it to determine the small business status of the businesses for whom it originated covered credit transactions in calendar years 2022, 2023, or 2024. Financial Institution G chose to use the methodology set out in comment 114(c)-5.i, and as of October 1, 2024, Financial Institution G began to ask all businesses for whom it was closing covered credit transactions if they had gross annual revenue in the preceding fiscal year of $5 million or less. Using this information, Financial Institution G determined that it had originated 700 covered credit transactions during that period for businesses that were small as defined in § 1002.106. On an annualized basis, Financial Institution G originated 2,800 covered credit transactions for small businesses (700 originations * 4 = 2,800 originations per year). Applying this estimated figure of 2,800 originations to both calendar years 2023 and 2024, Financial Institution G is in Tier 1 and has a compliance date of July 18, 2025.

Rohit Chopra,

Director, Consumer Financial Protection Bureau.

[FR Doc. 2024-14396 Filed 7-2-24; 8:45 am]

BILLING CODE 4810-AM-P