Small Business Lending Data Collection

This recipe will track the new data collection requirements the CFPB is proposing for small business lending.    


The Consumer Financial Protection Bureau (CFPB) has proposed new small business data collection requirements set forth in section 1071 of the Dodd-Frank Act.   Section 1071 amended the Equal Credit Opportunity Act (ECOA) to require that financial institutions collect and report specific data to the CFPB regarding certain business credit applications. Section 1071’s purposes are to facilitate enforcement of fair lending laws and to enable the identification of business and community development needs and opportunities for women-owned, minority-owned, and small businesses.

The reporting will apply to financial institutions that engage in small business lending and have made 25 or more small business loans over the last 2 years.  The CFPB’s proposed definition of a “small business” considers  whether the business had $5 million or less in gross annual revenue for its preceding fiscal year however the CFPB is currently working with the SBA to finalize the definition of “small business”.    

Loan Data to be Collected

First, there will be several data points that financial institutions will be required to collect and provide, including application date, application method, application recipient, the action taken by the financial institution on the application, and the action taken date. For denied applications only, there would be a data point for denial reasons. For applications that are originated or approved but not accepted, there would be data points for the amount originated or approved and for pricing information. The pricing information would include, as applicable, information regarding interest rate, total origination charges, broker fees, initial annual charges, additional cost for merchant cash advances or other sales-based financing, and prepayment penalties.

Second, there will be data points regarding the applicant, including information specifically related to the credit being applied for (i.e., credit type; credit purpose; and the amount applied for), and information related to the applicant’s business (i.e., a census tract based on an address or location provided by the applicant; gross annual revenue for the applicant’s preceding fiscal year; the six-digit North American Industry Classification System (NAICS) code appropriate for the applicant; the number of the applicant’s non-owner workers; the applicant’s time in business; and the number of the applicant’s principal owners).

Third, there will be data points that address the demographics of the applicant’s principal owners or ownership status. Generally, a financial institution would be required to ask an applicant to provide this information. These data points would include minority-owned business status, women-owned business status, and the ethnicity, race, and sex of the applicant’s principal owners.

Upload of Loan Data

The upload process will very likely mirror what credit unions do today to upload HMDA data to the following site HMDA Platform Tools (

Read the proposal summary from the CFPB:

Also from the CFPB, here are the proposed data elements: 

Status as of December 2023:  We performed initial research of the proposed requirements and how our credit unions might need to respond.  Since the final rule is not likely to be published until March of 2024 we will remain in a holding pattern for now.

Your chef for this recipe:  Jim Vilker

December 8, 2023