Section 1071 (CFPB Small Business Data Collection Rule)

Section 1071 of the Dodd-Frank Act (15 U.S.C. § 1691c-2) requires financial institutions to collect and report data on credit applications from small businesses and minority- and women-owned businesses. The CFPB finalized its implementing rule in March 2023 (88 Fed. Reg. 35150) to support fair-lending oversight and community development analysis. See cfpb.gov/compliance-guidance/small-business-lending for current implementation timelines.

Section 1071 amends the Equal Credit Opportunity Act (ECOA, 15 U.S.C. § 1691 et seq.) to add a small business data collection mandate modeled on HMDA mortgage reporting. Financial institutions — broadly defined to include banks, credit unions, CDFIs, online lenders, and MCAs — that originate 100 or more small business credit transactions per calendar year must collect and annually report specified data points to the CFPB. Required data points (final rule): The CFPB's March 2023 final rule (available at cfpb.gov/compliance-guidance/small-business-lending) requires collection of 81 data points per application, including: (1) application date; (2) credit type and purpose; (3) amount applied for and amount approved; (4) action taken and date; (5) census tract and NAICS code; (6) gross annual revenue; (7) number of employees; (8) time in business; (9) pricing information (interest rate/APR, origination charges, broker fees); (10) applicant's small business status; and (11) principal owners' ethnicity, race, and sex (self-reported). Firewall requirements: Section 1071 mandates a strict firewall between loan officers and the demographic data collected. The rule prohibits loan underwriters from accessing demographic information during the underwriting process — the same blind-wall model used in HMDA mortgage applications. The compliance architecture requires separate systems or data-handling workflows. Implementation timeline: The CFPB's final rule created a tiered compliance schedule based on origination volume. The D.C. Circuit Court of Appeals stayed the rule pending litigation by banking groups; check cfpb.gov for current effective dates. The broader Section 1071 framework, when fully effective, will create the first comprehensive public dataset on small business lending patterns, analogous to HMDA data for mortgage lending.

Examples

Frequently asked questions

What is Section 1071 and why does it matter for small business borrowers?

Section 1071 (15 U.S.C. § 1691c-2) requires lenders to collect and publicly report data on small business credit applications, including pricing, approval rates, and applicant demographics. When fully implemented, it will enable regulators and researchers to detect lending disparities by race, sex, or geography for the first time — similar to HMDA data for mortgages. For borrowers, it means lenders must ask demographic questions at application; you may decline to answer. See cfpb.gov/compliance-guidance/small-business-lending for current CFPB guidance.

Which lenders are covered by the Section 1071 rule?

The CFPB's final rule covers financial institutions — broadly defined to include banks, credit unions, CDFIs, online lenders, and non-bank lenders including MCA providers — that originate 100 or more covered credit transactions to small businesses per calendar year. The rule does not cover personal credit, consumer lending, or transactions with large businesses (gross annual revenue over $5M). Check cfpb.gov for the latest coverage thresholds and exemptions.

Does Section 1071 affect my loan application?

If you apply to a covered lender, you'll be asked to self-report ethnicity, race, and sex for yourself and any principal owners with 25%+ ownership. You may decline. Lenders are required to maintain a firewall between underwriters and the demographic data collected — loan decisions cannot be influenced by this information. The data is used solely for regulatory reporting and fair-lending analysis, not for underwriting.

Related terms

Further reading