FOUR FIVE SIX SEVEN • General process of gathering, tracking, monitoring, and reporting pertinent information to comply • Process internal controls • Reporting and conclusions on compliance • Educational expectations for current and new staff • Collection of data • Recording of data • Monitoring and interpreting the data • Staff training 4. Determine a Plan to Gather Data Points and Set Up an Identification/ Data Collection System Data points can be divided into three categories: • System basic data points such as applicant/ borrower loan number, type, purpose, pricing details, and, for denied applications, the denial reason • Data points specifically related to the credit, such as business description, gross annual revenue, census tract, NAICS code, and owner and worker counts • Demographic data points, such as minority (and women) business status, owner ethnicity, race, and sex We recommend including detailed procedures for lenders and other staff collecting this data. You may need to update your internal checklists or application to ensure a centralized and standard place to record information. As with Regulation B and HMDA, there are specific rules related to the method of data collection. For example, suppose an applicant does not provide ethnicity, race, or sex information for at least one principal owner. The proposed rule states that the financial institution or entity must collect at least one principal owner’s race and ethnicity (but not sex) via visual observation and/or surname if the financial institution meets in person, or by video, with any principal owner. The applicant must provide the minority-owned business status and/or women-owned business status. The institution would not be permitted or required to report these data points based on visual observation, surname, or any other basis if the applicant chooses not to provide the information. More details to come on instructions on how to collect and report minority-owned business status, women-owned business status, and principal owners’ ethnicity, race, and sex. This phase of the rule will require targeted and detailed training for your staff to avoid actual or perceived discriminatory treatment. 5. Begin Tracking Data on a Rule-Compliant System The final rule should include a sample tracking sheet. However, we recommend that you strongly consider automation of this function. With more than 20 data points required to be reported under the proposed small business data rule, automation is key to efficiently utilizing staff and minimizing data collection errors. Ideally, these data points should be captured during the loan application or booking process. Check with your core provider to determine if they have or are considering automating the process as data is entered directly into their system. Additionally, if you are on a loan origination platform, your provider will most likely build a data-gathering document into that system, so check with your provider in advance. What if your institution doesn’t automate this function? In that case, Excel can be a useful tool for maintaining the required data points as long as you have primary and backup staff to maintain the spreadsheet, as well as an independent reviewer to perform a periodic spot-check of the data. The 1071 rule requires that institutions collect data on a calendar-year basis and report their data to the bureau by June 1 of the following year. The proposed rule will allow the CFPB to make the data available to the public annually. 6. Set up an Audit System to Periodically Check Small Business Loans by Cross-Referencing to Tracking Document One of the primary reasons for the rule is to ensure that financial institutions are addressing the credit needs of minority small businesses and that institutions are pricing and determining other loan terms in a manner that does not discriminate against the minority-owned small business. The development of analytical reports and periodic monitoring of small business lending is essential for compliance and to identify areas of concern, mitigation, and reporting. Consider a quarterly compliance scorecard approach to identify loan pricing exceptions and set baseline performance indicators. 7. Finally, Consider Assistance From Third-Party Resources From educating and clarifying rule components to creating policies and procedures, a third-party provider can make compliance easier. Such a resource can: • Alleviate any staff bandwidth issues • Avoid interruptions in daily job requirements • Assist with best practices to gather information • Assist with the creation of or adaptation of current collection and/or loan pricing systems to ensure compliance with the rule Other considerations important for financial institutions as they implement the CFPB 1071 Rule include whether to: • Standardize small business lending loan originations, pricing, and fee structures • Develop an objective small business loan pricing model to mitigate unintentional disparate treatment resulting from lender subjectivity in interest rate, fee, and pricing structure • Automate the reporting of small business loan pricing exceptions to policy to be proactive in making future adjustments Conclusion In a recent survey of financial institution executives, the final 1071 rule was the top regulatory compliance concern — outranking BSA/AML rules, beneficial ownership requirements, and CECL obligations. With Community Reinvestment Act reform also expected to increase data collection and reporting requirements for some financial institutions, it’s prudent to plan early for the CFPB 1071 changes. Working with dedicated third-party risk management consultants or advisors is a way to ensure compliance with CFPB 1071 while minimizing institutional disruption. cbak.com 11
RkJQdWJsaXNoZXIy ODQxMjUw