Most small businesses don’t have the technological capacity to collect this kind of data without incurring serious, unmitigated information security risks. Compliance demands advanced cybersecurity measures, such as: • Encrypted storage. • Secure access protocols. • Regular security audits. Yet, many small businesses lack the infrastructure and expertise to implement these safeguards, making them vulnerable to data breaches. With 61% of data breaches targeting small businesses, these capability gaps pose a real threat to data privacy. Additionally, compliance deadlines vary based on the size of the institution, meaning each must accurately assess its transaction volumes and update systems accordingly. Beyond system upgrades, significant staff training is essential to manage new data collection protocols and ensure adherence to regulations. WHO DOES SECTION 1071 AFFECT? Section 1071 aims to protect small businesses from discriminatory lending by giving regulators the data they need to monitor lending patterns. This means the rule affects two main groups: financial institutions and small businesses. Financial Institutions Banks, credit unions, and other lenders must now comply with the new data collection and reporting requirements outlined in Section 1071. They must collect and report data about small business owners when these businesses apply for credit. The requirement applies to institutions of all sizes, with specific compliance deadlines depending on their transaction volumes. Small Businesses Businesses with gross annual revenues of $5 million or less are directly impacted by Section 1071. When applying for credit, they must provide detailed information, including: • Gross annual revenue. • Owner’s demographic information, including race, ethnicity and gender. • Business size and type, such as the number of employees and whether it is a sole proprietorship, partnership or corporation. • Purpose of the credit application, such as working capital, equipment purchase or expansion. • Location of the business, including the state and zip code. WHEN DOES SECTION 1071 GO INTO EFFECT AND WHO NEEDS TO COMPLY? Section 1071 became effective 90 days after its publication, on June 28, 2023. However, the CFPB adjusted the compliance timelines, organizing them into tiers based on the volume of covered transactions to small businesses that a lender handled over the prior two calendar years. These covered transactions encompass any extensions, renewals or modifications of credit extended to small businesses. Here’s how the reporting deadline tiers break down: • July 18, 2025: Institutions with 2,500 or more covered originations. • June 1, 2027: Institutions with at least 500 covered originations. • June 1, 2027: Institutions with at least 100 covered originations. It’s important to note that nonprofit organizations and governmental entities are not considered small businesses under this rule. WHAT DATA NEEDS TO BE COLLECTED AND REPORTED? Under Section 1071, financial institutions must collect and report specific data points for small business credit applications. These include: • Demographic information of the principal owners, including race, ethnicity and sex. • Whether the business is minority-owned, women-owned or LGBTQI+-owned. • The type and purpose of the credit being applied for, such as working capital, equipment purchase or business expansion. • The amount of credit applied for and the amount approved or originated. • The action taken on the application and, if applicable, reasons for denial. • The census tract of the applicant’s principal place of business. • The applicant’s gross annual revenue. PREPARE FOR SECTION 1071 WITH FILEINVITE Section 1071 brings new challenges, but financial institutions can navigate these requirements effectively with the right tools and preparation. FileInvite offers customizable workflows and secure data management, ensuring seamless compliance and efficient data collection. With FileInvite, both financial institutions and small businesses can confidently meet regulatory standards without overburdening their staff or exceeding their budgets. SECTION 1071 BRINGS NEW CHALLENGES, BUT FINANCIAL INSTITUTIONS CAN NAVIGATE THESE REQUIREMENTS EFFECTIVELY WITH THE RIGHT TOOLS AND PREPARATION. INDEPENDENT REPORT | 21
RkJQdWJsaXNoZXIy MTg3NDExNQ==