The Consumer Financial Protection Bureau (CFPB) published a Small Entity Compliance Guide (“Guide”) covering the amendments to the Equal Credit Opportunity Act (ECOA) and Regulation B, which implement requirements of Section 1071 of Dodd-Frank. These amendments require that financial institutions compile and report certain data regarding certain business credit applications, as explained in our blog. The Guide includes a detailed summary of the final rule’s requirements and examples that explain how the requirements should be applied to typical facts. The Guide includes discussions of key definitions, reportable data points, guidance on collecting data, creation of an employee firewall, and treatment of data once it’s been compiled.

Some of the explanations are meant to assist financial institutions in understanding the scope of the rule. The Guide includes some examples that are not found in the final rule or Commentary. For example, the Guide demonstrates how to determine whether a financial institution meets the threshold to be a “covered financial institution.”

Example. “In 2025, Lender receives 110 covered applications from small businesses and originates 98 covered originations. In 2026, Lender receives 120 covered applications from small businesses and originates 102 covered originations. Lender is not a covered financial institution for 2027 because it did not originate at least 100 covered originations in 2025.”

Additionally, the Guide reiterates a few of the same explanations and clarifications found in the final rule pertaining to the reporting of specific data points. For example, both the Commentary within the final rule and the Guide provide information for complying with the requirement to report an “action taken date.”

“For applications that result in an origination, a covered financial institution generally reports the closing or account opening date. If the disbursement of funds takes place on a date later than the closing or account opening date, the covered financial institution may, alternatively, use the date of initial disbursement. A covered financial institution should generally be consistent in its approach to reporting by, for example, establishing procedures for how to report this date in different scenarios, products, or divisions.”

In both the final rule and the Guide, the Bureau thoroughly discusses the employee firewall requirement and outlines examples of activities that would constitute being involved in making a credit determination, which would subject the employee to the firewall. For example, the following activities, among other things, constitute making a determination and would prohibit the employee from accessing certain demographic information obtained from small business applicants pursuant to the final rule: Recommending that another decision maker approve or deny a specific reportable application, provide a specific reason for denying a reportable application, require a guarantor or collateral in order to approve a reportable application, approve a credit amount or credit limit for a covered credit transaction, set one or more other terms for a covered credit transaction, make a counteroffer regarding a reportable application, or set a specific term for such a counteroffer.

In the final pages, the Guide discusses recommendations for determining a financial institution’s compliance date tier. The compliance date tier for a financial institution is based on the number of covered originations made in 2022 and 2023. The Bureau makes a few suggestions for estimating the number of cover transactions made, if the exact number cannot be determined. These suggestions include:

  • During the period from October 1 through December 31, 2023, asking every applicant of an approved covered credit transaction, prior to the closing, to self-report whether it had gross annual revenue for its preceding fiscal year of $5 million or less. The financial institution may annualize the number of covered credit transactions it originated for small businesses from October 1 through December 31, 2023 by quadrupling the originations for this period, and apply the annualized number of originations to both calendar years 2022 and 2023.
  • Assuming that every covered credit transaction it originates for business customers in calendar years 2022 and 2023 is to a small business.