Overview of Comments to CFPB’s Section 1071 Small Business Lending Data Collection Proposed Rule

Section 1071 of the Dodd-Frank Act Wall Street Reform and Consumer Protection Act has awaited implementation since 2010. Twelve years later, it is on its final lap to actualization. On October 1, 2021, the Consumer Financial Protection Bureau (CFPB) issued a Notice of Proposed Rule Making (NPRM). The period for public comment ended in January 2022.

When we first explored implementation of Section 1071 (The CFPB Small Business Lending Data Collection NPRM) in September 2021, we discussed the rule, its impact and what financial institutions should expect. With the rule projected to come out in just months, it’s time to think about what you and your financial institution can do to be ready for it. Section 1071’s size and complexity will require massive preparation and review of data points already collected. Understanding its nuances, putting it on your radar now and discussing it with your compliance team or partner is the first step in enabling your financial institution to be ready when the time comes.

Now that the comment period has ended, it’s important to be aware of what pundits like ABA, ICBA and NAFCU are concerned about. We’ll take a look at a few of their reactions to the NPRM and how that may affect the final ruling.

Cost Effect on Local Banks & Credit Unions

A main issue is cost. In a joint response, NAFCU and CUNA expressed concern that the complexity and cost will “weigh disproportionately on credit unions in ways that ultimately lead to fewer and less favorable outcomes for all small business borrowers.”1 The ABA and 51 state bankers associations feel Section 1071 will “be felt most acutely by community banks – that will negatively affect their small business customers.”2 The ICBA concurred and added that if the threshold for covered financial institutions remains as is, it will, “almost certainly raise the cost of credit …, as thousands of small lenders would be forced to shoulder the significant compliance costs associated with a major new data collection requirement.”3 Until the rule is final, it is uncertain what the final cost will be.

Small Business Definition

How Section 1071 defines a small business also raised numerous red flags. The proposed rule defines a small business as one with a gross annual revenue of $5 million. While most are onboard with setting a clear threshold, they feel the threshold is too high for smaller financial institutions and suggest a lower threshold of $1 million. The ICBA feels that a lower threshold will “streamline compliance, cover the vast majority of businesses, and correspond to the public’s general understanding of a small business.”3 In addition, the ABA, NAFCU and CUNA feel that the proposed threshold will cover businesses that are not, in reality, small businesses. The ABA added that it would, “exclude 270,000 businesses deemed small under SBA size standards … and cover 77,000 businesses that are not small under those standards.”2

Covered Financial Institutions

Perhaps one of the most pressing questions is what is considered a covered financial institution. Section 1071 defines a covered institution as one that has conducted 25 covered credit transactions over the last two years. The proposed threshold is considered too low by CUNA, ABA, NAFC, ICBA and others. NAFCU and CUNA’s joint letter echoed a universal concern: “The proposed 25 covered credit transactions threshold is far too low and would unjustifiably impact many smaller participants in the commercial lending market,”1 and called for a higher threshold of 100 covered credit transactions. The ABA also suggested that the proposal “lacks a compelling rationale for a 25-loan trigger”2 however, they do not endorse the 100-loan trigger.

On another note, the CFPB will broaden the scope of fair lending to cover more than traditional financial institutions. With the rise of alternative lending sources, Section 1071 will expand fair lending enforcements to include Fintech, insurance companies, capital equity firms and online lending institutions. They hope to not only level the playing field, but also to ensure that all relevant lenders are compliant with fair lending laws and regulations. These institutions should take note of the broader scope and begin preparing now.

Conclusion

These are just a few of the concerns covered during the comment period. Whether the CFPB will incorporate them or not is yet to be seen. And once the ruling is final, this doesn’t mean your financial institution will have to drop everything to comply with Section 1071’s data gathering demands. If all runs according to plan, financial institutions may begin collecting the necessary data in January 2023. Since final rule compliance is slated for January 2024, if you start examining your process now, you will have the time to test and iron out any bugs. Keep in mind that Section 1071 is a complicated and lengthy regulation, and dates may or may not exceed the expected timeline.

Taking a preliminary look now at what your financial institution will need to do to ensure compliance on data collection will help smooth the road to implementation in the future. Having a compliance partner like Marquis on your side will help alleviate the stress and confusion that are associated with implementing new rules and regulations.

 

1 Joint NAFCU and 0CUNA 0Section 1071 Comment Letter, January 6, 2022 https://www.nafcu.org/system/files/files/Joint%20NAFCU%20and%20CUNA%20Section%201071%20Comment%20Letter.pdf

2 Joint ABA and State Bankers Association 1071 Letter to CFPB, January 6, 2022 https://www.aba.com/advocacy/policy-analysis/1071-joint-comment-letter

3 ICBA Comments On 1071 Small Business Lending Data Collection, January 6, 2022 https://www.icba.org/docs/default-source/icba/advocacy-documents/letters-to-regulators/comments-on-1071-small-business-lending-data-collection

 

The CFPB Small Business Lending Data Collection NPRM

What you need to know about the new rule of Section 1071 of the Dodd-Frank Act.

Section 1071 of the Dodd-Frank Act was intended to facilitate fair lending laws by identifying business and community development lending needs and barriers for small, women-owned and minority businesses. Section 1071 amended the Equal Credit Opportunity Act (ECOA), requiring financial institutions to:

  1. Inquire if the business is a small, women- or minority-owned business.
  2. Collect, maintain and annually report lending data.
  3. Restrict data access to relevant personnel.
  4. Make the data available for public disclosure.

It’s been more than ten years since the Dodd-Frank Wall Street Reform and Consumer Protection Act  (Dodd Frank Act) became public law. However, this is the first time Section 1071 is being fully addressed. Early this September, the Consumer Financial Protection Board published a 900+ page proposal. They also published a webpage with resources relevant to the rulemaking.

The intention is to gather data on whether the borrower is a small, women- or minority-owned business. The rule presents 23 data points, some of which you may already be collecting. If the borrower declines to self-identify, the lender should take visual or last name clues to supply the necessary data. The CFPB will also offer a Filing Instructions Guide to help simplify and streamline the data submission process.

Only covered financial institutions will be required to comply with section 1071’s data collection and reporting requirements. All other financial institutions can submit the data voluntarily in certain circumstances. But what constitutes a covered financial institution? According to the rule, a covered financial institution must have conducted at least 25 small business loans during each of the previous two years. Although a financial institution may be exempt from reporting by this definition, it may not be exempt from Home Mortgage Disclosure Act (HMDA) reporting. It’s important to know where your institution stands and not to assume that if you are exempt from one, then you are exempt from both.

A small business will be defined as a business with a gross annual revenue of less than $5 million for its preceding fiscal year. Although based on the Community Reinvestment Act (CRA), the rule relies on the definition set by the Small Business Administration (SBA).

A 90-day comment period begins once published in the Federal Register. If you have something to say, this is your opportunity to be heard. Mandatory compliance begins 18 months after the Federal Register publishes the final rule. There will be no immediate effect or need for action. However, it doesn’t hurt to start planning for this new rule now.

As Marquis Software Solutions continues to monitor the situation, we’ll learn more about the ruling. And once it is ratified, we’ll take a deep dive into what this means for financial institutions of all sizes and keep you up-to-date on what we find. By staying on top of the situation, we hope to make implementing this new rule a painless and stress-free process.

CFPB COVID-19 Policy Rescissions and What That Means to You

When COVID-19 first made its appearance, it affected every part of our lives, including our financial health and well-being. The pandemic also caused a monumental pivot on how we conducted business. The financial industry’s shift to digital and drain on resources could become a compliance nightmare as more and more people and businesses sought relief through loans and other considerations.

To alleviate the strain and ensure that funding would continue to reach those who needed it, the Consumer Financial Protection Bureau (CFPB) released seven Statements of Policy that affected how banks handle their compliance responsibilities. For example, one revision temporarily created a hold on citing or enforcing any action against a financial institution that did not keep up with reporting their Home Mortgage Disclosure Act (HMDA) data quarterly. Another stated that the CFPB “…does not intend to cite a violation in an examination or bring an enforcement action against a creditor that takes longer than required by the regulation to resolve a billing error.”

These temporary measures allowed financial institutions to tend to their customers’ needs without placing an undue burden upon their employees. Banks and credit unions would still need to acquire the same data and follow the same regulations; they just had more time and increased flexibility.

Now that the country is opening up, the CFPB has determined it is time to get back to business as usual. On April 1, 2021, the Bureau rescinded these temporary Statements of Policy. However, business as usual will not be the same as experienced over the last four years. Under the new administration, the CFPB will be looking for non-compliance issues more “actively and aggressively” than the previous administration.

What does this mean for you and your financial institution? It means that when it comes to reporting time, your data must be clean and up-to-date. From your Compliance Management System (CMS) to considerations taken on approving and declining loans, you still have to present the necessary data to support your actions. You have to identify issues occurring over the past year and a half and create a plan that addresses correcting them. You have to be able to tell your story accurately and with confidence.

As banks, credit unions and mortgage companies return to their physical facilities, the drain on resources continues. While the CDC’s eviction moratorium was slated to end on July 31, 2021, President Biden announced on July 29 that federal agencies should use their authority to extend their respective eviction moratoria. Therefore, the Federal Housing Finance Agency and the Federal Housing Administration extended their eviction moratoria through September 30 for foreclosed borrowers and other occupants. Meanwhile, more than $46 billion in emergency rental assistance has already been allocated by Congress and awaits distribution.

The influx of mortgage forbearance cases was supposed to begin in October of 2021. Financial institutions are still reallocating and training their employees as they continue to adapt to the changing landscape.

Even if your compliance team is still intact, the constantly changing regulations and Statement of Policy rescissions can put more pressure on already stressed team members. Partnering with compliance experts can help see you through the first hurdle – returning to pre-pandemic protocols and procedures.

Marquis Software Solutions offers a suite of compliance solutions to help you through your compliance issues. With CenTrax NEXT, you’ll have all you need for Fair Lending, HMDA and CRA. This Marquis flagship compliance software comes with customizable dashboards, intuitive reporting tools, advanced mapping technology, security management and demographics analysis to ensure accurate submissions and exams.

To pull everything together, Marquis compliance experts offer an array of services from HMDA/CRA file review, risk assessments, Compliance Management System reviews and self-assessments. We’ve stayed on top of how special considerations brought on by the pandemic affect compliance and what that means to your financial institution. We’ll give you all the support you need to tell your story and face regulators with confidence.

To learn more about Marquis’ comprehensive compliance solutions, contact us at [email protected].

NOTE: COVID-19 and the Delta variant continue to impact the ability of home-owners and renters to meet their obligations. Marquis will continue to monitor the situation and how that impacts your compliance efforts.

What Works? An Analysis of Campaign Results and Best Practices – Part 4 Featuring Marquis’ CMO, Dr. Tony Rizzo

 

Video Transcription 

What Works? An Analysis of Campaign Results and Best Practices.

Part 4: The Power of Triggers

Dr. Tony Rizzo, CMO, Marquis

One of the questions I get asked frequently is, “What works?” So, taking that question to heart, we executed a very extensive analysis of campaign performance throughout campaigns that we managed and produced over 2019.

Marketing automation. This is the holy grail of marketing, in my opinion. But I would add to it to even have it to be more effective. Our marketing automation takes a look at a set of predefined business rules, analyzes those business rules and acts on them every single day.

There are four categories that we look at. One I classify as market automation or triggers. It could be a credit trigger, where I’m analyzing a data set for credit activity to find those members applying for loans not with you on a daily basis. I’m going to make some type of preemptive offer.

It could be what we call good manners marketing. These are things like “Thank you” and “Happy Anniversary.”

It could be a new account trigger. “You opened a credit card yesterday. Thank you. We think you might like an auto loan.”

It could be transactional. “Yesterday, we noticed that you had an overdraft hit. Would you like overdraft protection?”

But as I went back before, and I said, you know, is it worth it? Because there’s a lot going on here, right? There’s a whole lot that goes into marketing automation. It is absolutely not “Set it, forget it and walk away.” So, we undertook another study and looked at 50,000 people. We sent them the exact same letter. One group was based on timing – when they purchased something we thought the timing was right to make a home equity offer – versus 25,000 people that we just picked a date and mailed 25,000 letters out. No time factor at all. However, both the trigger group and the non-trigger group were already predisposed based on filter criteria. So as close as we could, either group was as qualified as the other. All we did was isolate for time.

Again, same exact letter. Nothing was different. Even the envelope was the same. And here’s what we learned. For the group that received the timed letter, there was a higher response rate. Not only was there a higher response rate, but a statistically significant relationship was found between the time an offer was sent and the take rate/response rate on the offer. So, there is something to marketing automation. We’ve proved it scientifically. We’ve also proved it anecdotally through all the different campaigns that we’re doing.

Look at the different benchmarking responses across the universe. You can see, highlighted in red, combining direct mail with email had an impact on balances.

This idea of machine learning, which is really what marketing automation is, it is not set it and forget it. If you have not done this yet, and you’re looking to get into it for next year, do it slow, do it methodically – one trigger at a time. Do the trigger. Launch the trigger. Track the trigger. Go on to the next one. If you don’t follow that sage advice, you will get bogged down in too many details and your progress, your forward momentum, will stop.

Some samples.

This is marketing automation for credit. Remember, these are people that applied for credit outside of your institution.

The best product you can do this for is auto. Do an auto credit trigger 30 days after the person applied for a loan somewhere else. Why? Because if I go to the auto loan dealer, and I’m credit worthy, I’m going to get the auto loan. Might not be the best auto loan, but I’m going to get one. So, for you to try to preempt that with a letter or email sooner, it isn’t going to be very effective. What is going to be effective is, “Hey you probably have an auto loan, we’d like to lower your payment and save you some money.” That’s a better offer.

The worst product to use credit triggers for are credit cards. Why? Because people generally get a credit card for a specific reason. Could be rewards involved. Could be affinity involved. Could be because I went to Best Buy and I got some money off the TV. It was for a specific intent and purpose, by and large. To make another offer for another credit card, right after the fact, is not the best use of money.

Good manners. These are typically Thank You, Happy Birthday and Happy Anniversary. If we’re doing this approach, we’d like to stay light on offers, heavy on the “Thank you.” We’re trying to get to that point. For new accounts, same thing: “Thank you for opening the account. We appreciate your business. It’s customers like you that keep our business viable. By the way, people just like you have purchased …” or, “By the way, you purchased our checking account. You want to make sure you sign up for our access services, our mobile app.”

Transactional. Now with transactions, we’re recognizing a behavior, some type of interaction like overdraft. And we’re making an offer for, in this example, overdraft protection. Or it could be Net Promoter Score. Now here’s the thing: when you’re doing this type of work with transactional data, you have to make sure about the integrity of your data. It’s important. In other words, if you’re not 100% confident that the overdraft data points that we’re going to use are accurate, don’t use it, it will get you in more trouble with loss of confidence, complaint phone calls, those types of unpleasant member experiences. If you’re going to use transactional, make sure that you have an understanding of transactional. Don’t delegate it, because as the person in charge, you have to understand the nuances of data.

No trigger is 100% bulletproof, not one. Give me any trigger, I can poke holes in it. You’re working off probability. You’re working off, “I’m 98% confident in what I’m doing is accurate.” You’re never going to be 100%, it just isn’t realistic. You have to know, in particular, with this transactional data, what you’ve got on your hands.

What do we know? We know from this study that when we use a combination of channels, I double my balances. When I use personalization, in particular time personalization, in particular this idea of daily marketing with triggers, I’m increasing my performance by 4x over a campaign approach. Frequency and consistency – we’ve learned those are your buddies, those are your pals. That’s the way to do direct marketing. It’s not one big campaign that looks beautiful when I put it out there. It’s something I do all the time, that constant machine that’s always working for me.

What we’ve also learned, if I’m looking at direct mail, non-window, live stamp, much higher response rates than indicia-based mail. Much higher response rates than indicia-based mail that’s sent standard class. Now there’s a time to send standard class. So, you’ve got a way when you will and when you won’t spend that extra money. But we know that the non-window live stamp is a high performing package. We know that simple coded email, singular column works the best, as opposed to all the tricks and gimmicks that go on.

We’ve also learned, and I’ve learned the hard way, marketing automation isn’t automatic. Bad name. We have to monitor it. We have to look at the results. We have to make sure that our criteria are valid. We, as marketers, have to be engaged in that. Don’t delegate that. Understand it.