In the second installment of a special three-part series, Chris Willis, Lori Sommerfield, and Caleb Rosenberg takes a deeper dive into the CFPB's Section 1071 rule's data collection requirements, including what needs to be collected, when and how, and significant new provisions, dealing with discouraging people from responding to Section 1071 information requests, particularly concerning demographic information.
Please join Troutman Pepper Partner Chris Willis and his colleagues Lori Sommerfield and Caleb Rosenberg for the second installment of a special three-part series about the Consumer Financial Protection Bureau's (CFPB) new small business lending data collection and reporting final rule — the Section 1071 rule. Part 2 takes a deeper dive into the rule's data collection requirements, including what needs to be collected, when and how, and significant new provisions, dealing with discouraging people from responding to Section 1071 information requests, particularly concerning demographic information.
Stay tuned for Part 3, which focuses on specific areas for consideration, including those especially troublesome for small business lenders.
CFS Partner Lori Sommerfield brings more than two decades of experience in representing a wide range of banks, financial institutions, and financial services companies in fair lending and responsible banking regulatory compliance. She has extensive experience in helping clients navigate fair lending examinations and supervisory issues, and she has successfully represented clients in high-stakes fair lending regulatory investigations and enforcement actions. Before joining the firm, Lori held significant legal positions in federal government, in-house, and private practice settings (including two other nationally known law firms), which she leverages to effectively represent her clients' interests.
CFS Associate Caleb Rosenberg focuses his practice on helping small business finance companies, banks, fintech companies, and licensed lenders navigate regulatory risks posed by state and federal laws. He has experience performing regulatory due diligence on financial technology companies and assisting clients in responding to regulatory inquiries.
The Consumer Finance Podcast – CFPB's Section 1071 Rule (Part 2): Deep Dive on Data Collection and Discouragement
Aired: May 16, 2023
Host: Chris Willis
Guests: Lori Sommerfield and Caleb Rosenberg
Chris Willis:
Welcome to The Consumer Finance Podcast. I'm Chris Willis, the co-leader of Troutman Pepper's Consumer Financial Services Regulatory Practice. And I'd like to welcome you to today's episode, which is part two of our three-part special series on the CFPB's Small Business Data Collection Rule or the 1071 rule as we like to refer to it. But before we jump into that, let me remind you to visit and subscribe to our blog, ConsumerFinancialServicesLawMonitor.com, where you'll read all of the daily updates we post about what's going on in the world of consumer finance.
And don't forget to check out our other podcasts, we have lots of them. We have the FCRA Focus all about credit reporting, The Crypto Exchange about all things crypto, and Unauthorized Access, which is our privacy and data security podcast. All of those are available on all the popular podcast platforms. And if you like our podcast, let us know, leave us a review on your podcast platform of choice and let us know how we're doing.
Now, as I said, today is part two of our special three-part series on the CFPB's 1071 rule, and I'm joined by two of my colleagues, my partner Lori Sommerfield, and Caleb Rosenberg who's one of the senior associates in our consumer financial services group. So, Lori, Caleb, welcome to the podcast, and I hope you're ready to talk about 1071.
Lori Sommerfield:
Thanks, Chris. Happy to be here.
Caleb Rosenberg:
Thanks, Chris.
Chris Willis:
Now, today's episode follows the last special... the first one that we did, which is sort of an overview of the rule and what had changed from the proposed rule to the final rule. Today we're going to take a deep dive on data collection and everything about data collection, both what needs to be collected, when and how, and then the significant new provisions in the final rule dealing with discouragement of people providing responses to the 1071 particularly demographic information requests. So, let's get started. Lori, let's jump in with you. Can you just give the audience a brief overview of the types of data about small business loan applications that covered 1071 reporting financial institutions are going to be required to collect and ultimately report to the CFPB?
Lori Sommerfield:
Sure, Chris. The CFPB's final rule requires covered financial institutions to collect and report three types of data concerning small business loan applications. First, institutions are required to report certain data points that the financial institution itself generates. So, these are things like the unique application identifier number and action taken on the application by the institution. Second, institutions are required to report data points that are based on information that either could be collected from the applicant or through a third-party source. Those data points include information that specifically relates to credit that's being applied for and information related to the applicant's business. Those are things like credit type, credit purpose, and the amount the applicant is applying for. Third, and this is really key from a fair lending enforcement perspective, covered institutions are required to report certain data points based solely on demographic information that's provided by the applicant.
The data points relate to the applicant status as a minority owned, a woman owned, or an LGBTQ+ plus owned business, and the race, sex, and ethnicity of the applicant's principal owners. And by the way, a principal owner is defined as an individual who directly owns 25% or more of the equity interest of a business. So as a result, an applicant would have no more than four principal owners if they're natural persons. And I'd also like to note that the final rule includes a sample data collection form that covered financial institutions can use to collect this demographic information and to provide certain required notices. And I think Caleb's going to get into that when he talks more about the data collection requirements.
Chris Willis:
Yeah. So, we promised the audience a deep dive, so now we're about to do it with you, Caleb. Lori set the stage with the three categories of data that the 1071 rule requires small business creditors if they're covered to collect. Let's go ahead and ask you to provide more detail about each of those three sets that Lori just mentioned.
Caleb Rosenberg:
Yeah, happy to Chris. The first category is information that the financial institution generates. So you must think this is going to be easy. This is information that I'm generating myself that is going to be put into a very simple format and provided to the CFPB. For some of the categories, that's true. There's a unique identifier, there's an application date, there's an application method for whether the application is online or in paper. Those are relatively easy, but there's additional information that's required when the application is approved and when it's denied, and that obviously includes for denied applications the reason that the application is being denied, and for approved applications, it's additional information about the credit and pricing.
This is where it gets much more complicated. First on the denial reason, this is something that you would already be generating. You're allowed to list up to four reasons, you’re supposed the primary reason for the denial, and all this sounds familiar to people who have followed just Reg B requirements in general, but I think people should remember that the purpose of the rule is to not just collect the data, but also to enforce fair lending requirements.
The CFPB has previously issued significant guidance about the use of AI, the use of complex algorithms in making denial decisions, and now you'll be reporting to the CFPB your reasons for denial for each of these types of credit that are covered credit. So not only are you going to have to come up with these internally and report for each denial decision exactly what that denial was, you have to know that and then report it to the CFPB.
I know a lot of companies have tried to use an “other” category when filling in forms. If they don't feel like they have one reason or one specific reason, that's not going to be probably the best approach when you're reporting that to the CFPB, and your approach needs to match what you're also telling the borrowers. This is something that for very sophisticated organizations that have been dealing with this for a long time, they've already wrestled with a lot of these things. For a lot of the startups and FinTechs especially, they're using complex algorithms. This is the time when you really need to review what the CFPB's expectations are for your reasons for denial and how you're coming up with those when you're using complex algorithms because this is something that they'll be paying attention to when you submit your data.
Chris Willis:
So, when we have a declined application, we have to report some information about it including up to several decline reasons as you just mentioned. How about if the news is good and we've approved the application, what kind of data elements does that trigger?
Caleb Rosenberg:
Again, it's all data that you already have in your possession because it's what you're coming up with, so I'm sure it will be very easy. This information includes information about pricing of the credit, so the interest rate, origination charges, broker fees, initial annual charges, prepayment penalties, and additionally for MCA, the discount the purchase price versus the purchase amount.
Chris Willis:
And by MCA you mean Merchant Cash Advance, right?
Caleb Rosenberg:
Yes. Merchant Cash Advance, which is a non-credit quasi credit product for those who are unaware, which raises other issues under 1071 that are interesting. For today's purposes, I think one of the things that's interesting that does impact merchant cash advance and other products is that the interest rate that is required to be recorded is not the APR because of commentary that the CFPB received, they declined to include APR as the interest rate to be recorded. This is a very interesting overlay with the ongoing changes with state disclosure requirements where some states have required disclosure of APR, and there was back and forth between the CFPB and market participants for this rule about whether it should be included. And the CFPB expressly acknowledges that one, MCA does not have a fixed payment period, but that also for a number of products disclosing an APR would be very complex and difficult. And this is something that the industry has been talking about for a long time as it relates to the state disclosure issues.
And so, it's an interesting overlay to see how it plays out here where the CFPB is saying that it would be difficult to report that number and instead has gone with reporting only an interest rate, whereas states are still requiring disclosure of that. And so it's just the different systems that companies are going to have to set up to comply with state disclosure requirements and with 1071 is going to be a difficult and interesting process that people need to prepare for on the backend for the lenders that are required to comply with both, many banks are not required to comply with state disclosure requirements.
Chris Willis:
Sure, but there's more and more of those state disclosure requirements coming, right?
Caleb Rosenberg:
There are. Georgia's the most recent, but there's more on the way and I'm sure we'll have other podcasts about those.
Chris Willis:
Yeah, my home state. Imagine the shock, it's like fifth in line to create these small business disclosure requirements.
Caleb Rosenberg:
Yes.
Chris Willis:
So, we've talked about this first category about aspects of the credit and application and decision process. What about the second category that Lori mentioned a few minutes ago that is data related to sort of the applicant as a business and the credit being applied for?
Caleb Rosenberg:
This is a category that will be collected either from the applicant or it could be verified from a third-party source. The broad categories are credit type, credit purpose, the amount applied for, census track, an industry code, gross revenue, the number of people working for the applicant, and the applicant's type of business. Some of these by initial label are a little bit deceptive. So credit type is not just that it's commercial credit, it's all commercial credit. That's what the rule applies to. It's going to be the type of product, so a loan, or a line of credit, or a merchant cash advance, or it's going to be the types of guarantees used. Do you have a personal guarantee and the loan term, and of course loan term can become complicated for some products including like open-end lines that do not have a set date. For each of these, as you might expect, there's very detailed guidance on exactly how it needs to be collected and exactly how it needs to be reported back to the CFPB.
The one I'd like to highlight is also credit purpose. There's detailed categories that are provided by the CFPB that can be recorded and that list can either be provided to the borrowers to the applicants or collected separately. The one place that I'd like to highlight is because these are all small businesses, many companies have assumed that their products of course are commercial products because they are frequently being signed in the application that is going to be used for a commercial purpose. If you review your own data and the purposes that people are writing in are not purchase or repair of a work truck but are purchase of Ferrari, you may want to think twice about whether your product is being appropriately marketed, whether it's being appropriately reported as commercial credit.
You might think that this is unlikely, but remember that this is all being reported to the CFPB, and if you think that they're not going to look for those things because this is only relating to fair lending concerns, I think you'll be surprised in a bad way at some point in the future if those surprises come up. So that's just one of the surprises that I think that people can look for that are not directly related to fair lending concerns. That is more related to general compliance, general processes and procedures and internal controls that people should be aware of as they're reporting huge amounts of data to the CFPB.
Chris Willis:
Well, that's too bad, Caleb. I really thought the CFPB were Ferrari fans. But I want to point out something else about the loan purpose, data element. As you noted, the official commentary gives a list of preset categories of like what's the loan purpose, working capital, or buy equipment, or stuff like that. But it also mandates that creditors leave a blank, a fill in free form write in your own if none of those purposes seem appealing to the applicant as being accurate.
We have to program our system to accept these freeform inputs, but there's an additional complication because if the applicant writes something in that freeform field that actually matches one of the preset categories that the CFPB has stated in the commentary, the creditor has to reclassify it prior to reporting it in the LAR, which I can't think of any way to do that other than manually reviewing every single loan application to make sure that it's categorized appropriately and it's one of those intensely manual processes that creditors are going to have to engage in. The rule mandates it and I think it'll be a source of significant difficulty for creditors to deal with that loan purpose field.
Caleb Rosenberg:
I agree with that. I understand what the CFPB is coming from. From a pure data scientist perspective, it's great to have all the data match up perfectly and have everything categorized perfectly, but it's going to be very difficult to do it in a meaningful way without that type of manual review. And for large companies where there's tens of thousands of applications and applicants may frequently use that, if they know exactly what they're going to be using the funds for and want to fill it in, it's going to become very difficult. I also think that it's not clear exactly how frequently that things need to be recharacterized. So, if somebody doesn't check working capital, but they say that they're going to use it for salaries or other ongoing business purposes that would fit how the CFPB is described working capital. But whether that needs to be recharacterized as part of the list as opposed to other because it's a more specific description of one of the things on the list, that's where, I think, financial institutions are going to have choices to make on their compliance.
Chris Willis:
Yeah. Got it. Well, let's not belabor the loan purpose for too long because we've got a significant other piece of the data collection requirements for you to talk about, and that's what we call the demographic information. That is the demographic information of the ownership status of the business as well as the race, ethnicity, and sex of the principal owners. So go for it. Tell us about that.
Caleb Rosenberg:
The most important thing I can say about this, there is a model form. And we'll get into exactly how things need to be presented, exactly what needs to be provided. But the CFPB in an otherwise extremely complicated rule and recording requirements is giving you exactly what needs to be reported, exactly how it needs to be provided to the applicant, and exactly how they want to see it. So, you are not required to use the model form. You could deviate in some ways. There are certain things that you have to do, but they are showing you one way to do it exactly as they want to see it in an approved way. On that model form, they're separate categories for the business ownership status with check boxes for minority owned business, woman owned business, LGBTQI+ owned business, which is a new category in comparison to the original proposed rule, and then none of those apply or I do not wish to provide this information. They're providing you with the exact categories as they want to see them in an approved way. There's a description of who that applies to, who the business is reporting and the specific definitions of minority and what the businesses will be looking at and what they need to be recording. This is a CFPB approved method of providing this information to the applicant, collecting it from the applicant, and then providing it to the CFPB. That was only one example, but it also includes information for the number of principal owners for each of the categories that are listed on the form. If my bias wasn't completely clear, I think lenders are going to get in significant trouble by trying to alter the form or using their own procedures to collect this that are different from it.
It's hard to think of a good reason why from a compliance perspective why you wouldn't use this form of course, because this is going to be impacting how you're taking applications. There's going to be an internal fight about exactly how this needs to be presented within a financial institution, with the marketing departments, the product departments who are going to want to present this in a branded way, in a way that fits with your product flow. And I would just be ready to push back against significant changes to what the CFPB is asking for. For example, they mandate the use of the term sex / gender whenever that data point is being corrected, that's something that they expressly say you cannot deviate from. So, if you're going to change anything on these forms, anything in this collection, you need to think very carefully about how the CFPB has mandated that specific collection request.
Chris Willis:
Yeah, and two other things I'd point out about the model form and the data collection in general. One is we now have a mandatory statement whenever the demographic data is being collected about the purpose of it, federal law requires us to collect this, and this is done to ensure small business applicants are treated fairly that wasn't required in the proposed rule, but is required in the final rule, and it's on the model form. And then there's another required disclosure that says essentially we can't discriminate against you, you don't have to provide this information, but if you do, we can't discriminate on the basis of it. And then there's a third mandatory disclosure if the lender is going to allow someone who is involved in the loan decision process to view the demographic data. If you wall it off under the firewall provisions of the rule, that doesn't apply, but if you had a product that's underwritten in the branch for example, you might have a situation where you have to make that third disclosure.
The other thing though that I think is going to be really confusing to small business applicants is the difference in tracing ownership between the ownership status of the business and the principal owner questions. With respect to answering whether the business is women owned, minority owned, or LGBTQI+ owned the definition states, and it's on the model form, that you trace up the ownership through any intermediate parent companies or trusts or whatever up to the individuals who ultimately own more than 50% of the business. By contrast, the principal owners on who we are supposed to collect sex, race, ethnicity information on the second part of the form can only be natural persons and they must be the direct owners of the applicant that's applying for credit. So, you don't trace up through intermediate parent company's trust or whatever. I've always found that confusing and it seems to me pretty likely that the applicants are going to find it confusing even with the instructions and the definitions on the model form, which they're there.
Caleb Rosenberg:
Yeah, I do say there is one other piece of good news that financial institution is only a conduit to pass through the information that is being collected. So if you are using the model form and you are finding that your applicants, you think that they are confused, you think that they answered something that you believe is inconsistent with your understanding of what their response should be, you are not allowed to correct that information based on your observations, based on surnames, based on a best guess, which was in the original rule, they've made very clear that the financial institution is only passing along information that is being reported by the applicant, which does provide some added safety for the financial institution about providing what they believe could be inaccurate information.
Chris Willis:
Got it. Now, that Caleb has told you all about the very complex, and believe me they are incredibly complex because there's paragraphs and paragraphs of guidance on every single one of these data points. Let's unwrap another one of the big enchiladas in this final rule, and that is the discouragement provisions. This is something that we think is incredibly important. And so, Lori, do you mind like going ahead and jumping into the discouragement provisions that are in the final rule and the associated commentary, and talk to the audience about what's going on there?
Lori Sommerfield:
Sure, Chris, I'd be happy to address that topic. So first of all, let me set the stage by talking about the provisions in the final rule that relate to the manner of collecting applicant provided data because that really gives rise to the anti-discouragement requirement. So section 1002.107 (C)(2) of the final rule contains provisions that financial institutions who are covered under the rule have to incorporate into their procedures when they collect applicant provided data. And those procedures have to ensure that they are reasonably designed to obtain a response from the applicant and they cannot discourage a response. There's some requirements around that. First of all, the request for applicant provided data must be prominently displayed or presented. The official commentary goes on to state that an applicant has to be able to actually see, hear, or otherwise be presented with the request for data. And that if the request is somehow obscured or could be overlooked by the applicant, then it's not reasonably designed to elicit a response.
Secondly, the procedures can't have the effect of discouraging applicants from responding to a request for applicant provided data. And again, the official commentary has some guidance on this. It clarifies that a covered financial institution that collects applicant provided data in a time or manner that directly or indirectly discourages or obstructs an applicant from responding or replying violates the rule. So this is really where it's getting very serious.
Finally, the procedures have to include provisions that ensure that applicants can easily respond to a request for applicant provided data. So one of the suggestions in the official commentary is that when an applicant is providing this demographic data that must be collected, they suggest that financial institutions might want to provide a return envelope that could be sealed by the applicant. So that demographic data is shielded from the view of employees who may not need to see it.
Chris Willis:
Right. In the case of a paper application, right?
Lori Sommerfield:
Correct. In a paper application context. So, with regard to discouragement then, there's really two pieces that provide guidance on this. There's not only the final rule, but also new policy guidance on discouragement. As brief background under Reg. B, creditors who either provide consumer or commercial credit are prohibited from making any oral or written statement in advertising or otherwise to applicants or prospective applicants that would discourage on a prohibited basis a reasonable person from making or pursuing an application.
So the CFPB is basically seized on this requirement as it relates to small business application process and incorporated it into the section 1071 final rule. So, it's now a requirement that any covered institutions have to develop procedures for monitoring of any indications of discouragement as part of their fair lending compliance program. And I just want to note that this focus on prospective applicants and discouragement seems to really be sort of a new theme for the CFPB. We've seen them take up this issue in amici curiae briefs that they've filed in cases. We've also seen it in the Townstone redlining case that by the way, the bureau just recently lost, but this seems to be a new theme under director Rohit Chopra's leadership.
Chris Willis:
They've taken the concept of discouragement of submitting an application, which is in Reg. B, but which is arguably inconsistent with ECOA itself. And then they've sort of taken the next step and said, okay, now it's illegal to discourage people from providing 1071 data, essentially. That's what these discouragement provisions are all about in the rule.
To me, one of the other highlights of the policy guidance that you just mentioned, Lori, is that the CFPB has basically said that there'll be a one-year grace period for 1071 reporting creditors that they won't be cited for violations in supervision or enforcement, but rather that the Bureau will use their first year of collected data as a way to help them spot inaccuracies or problems with their systems or whatever. But importantly, the one-year grace period explicitly does not apply to discouragement. So if the Bureau detects in a supervisory exam or otherwise that there was discouragement even from day one during that first one year period, they've signaled an intention to take action, potentially supervisory or enforcement action related to that discouragement if they perceive it to exist. I think that's important for the audience to know.
Lori Sommerfield:
I absolutely agree with you, Chris. I mean, it's critical that all small business lenders pay attention to this preemptive sort of supervisory and enforcement warning that the CFPB has provided, and there is no grace period for the Bureau enforcing these anti-discouragement provisions. So, it's going to be really important to figure out, obviously, how to monitor and test for discouragement.
Chris Willis:
Of course. So, speaking of monitoring and testing, the CFPB was I thought unusually prescriptive in the official commentary and in the section-by-section analysis of this final rule about exactly what kind of monitoring and testing they expect 1071 reporting creditors to do, and which presumably they will replicate themselves. So, can you talk to the audience about that kind of monitoring and testing? Because they just laid it straight out there in the commentary to the rule.
Lori Sommerfield:
Yep, absolutely. Basically, there's essentially six sets of procedures that relate to monitoring for discouragement. First of all, covered institutions have to look for low response rates, and that's basically the percentage of covered applications for which the institution has obtained some type of response to request for applicant provided data, and it includes applicant responses of, I don't wish to provide this information. The second set of procedures is looking for any significant irregularities in responses that might indicate steering, improper interference, or some other potential discouragement. So for example, again, using this concept of, I don't wish to provide this information, if an institution finds that it has relatively high rates of those types of responses, it could mean that their procedures are not, again, reasonably designed to elicit a response. Institutions also have to monitor for response rates by division, location, loan officer, or other factors to make sure that there's not discouragement going on in certain parts of the institution.
And then finally, institutions are required to provide adequate training to their employees, particularly loan officers, to make sure that no discouragement is taking place with regard to applicant provided data. They have to promptly investigate any indicia of potential discouragement that might arise from their monitoring, testing, audit process. And then they're required to take prompt remedial action if they find discouragement or any other improper conduct. By my count, this is a set of six written procedures that institutions are going to have to develop, implement, and maintain going forward. Of course, they could all be incorporated into one document, but that's still a lot.
Chris Willis:
But wait, Lori, there's more because in addition to everything you just said, there's one other monitoring step that the Bureau has mandated in the commentary that 1071 reporters engage in, and which it presumably will engage in itself. And for that, they've borrowed a concept from our old friend, the redlining case, and that is the peer analysis. The Bureau has specifically said in the commentary to this part of the rule that they expect covered 1071 reporters to look at their response rates as well as the frequency of the, I don't wish to provide this information response, and compare it against peer lenders, whoever that might be. That's a very judgmental decision about who your peer lenders are, but they mandate that reporters do that. And then of course that implies that the Bureau is going to do it too.
So just like mortgage lenders monitor for redlining by looking at their HMDA data and small business lenders will have to do that too under 1071. But in addition to monitoring for redlining, they're also required to monitor for discouragement by comparing themselves against their peers. And that's something again, a lot of small business lenders aren't used to doing because there is no data for them to monitor in terms of their peers as well. So that's an added element to the very prescriptive monitoring scheme that the CFFB has set forth for us here.
Lori Sommerfield:
That's true, Chris, but the CFPB also points out that type of data is not going to initially be available for institutions to compare themselves to peers. So that peer analysis data type of analysis will develop over time.
Chris Willis:
Right, because the very first of the 1071 reporters, the largest of the small business lenders who make more than 2,500 loans a year, they don't have to start collecting data until October of 2024, and that won't get sent into the Bureau until June of 2025 and made available publicly by the Bureau sometime after that in the presumably latter half of 2025. So you're right, initially nobody will be able to do a peer analysis, but then everybody will wake up one morning and have the ability to do it.
Lori Sommerfield:
Exactly. Exactly.
Chris Willis:
When all that information appears on the CFPB's website. Lori, thanks for all that discussion about discouragement, and I think you and I share the view, and Caleb does too, and really our whole team that this is the area where significant legal and regulatory jeopardy can come first to 1071 reporters under the rule because the CFPB has a grace period for accuracy of data and the fair lending analyses that will inevitably follow from reporting of data won't be possible until data starts to flow in. And probably not on the first three months is going to be enough to really do those analyses, but the discouragement thing will be actionable by the Bureau and detectable by the Bureau right from the get-go when the data collection becomes mandatory. So we view this as the first big danger point for the industry in terms of implementing the rule and being subjected to enforcement or supervisory action by the CFPB.
Lori Sommerfield:
I absolutely agree, Chris.
Chris Willis:
So, Caleb, I want to end on a positive note with this deep dive into data collection, and there was one thing that the CFPB did that I thought was a big favor to industry, and that was the provision in the rule about reuse of previously collected information. When you have an applicant who you've had previous dealings with, can you talk to the audience about what the final rule says there?
Caleb Rosenberg:
Yeah. And I agree with you, this was very good news for the industry, for a certain categories of data, which is data that the applicant is providing or that you're verifying from a third party source, if you receive that data from within the last 36 months for all but one category, you can reuse that data as long as you don't believe that it's inaccurate. Now, reuse, I think, is a little bit of a generous term that they use repeatedly. Really what they mean is that you can make it easy for the applicant to reaffirm the data that was previously collected. One of the examples that they talk about is that you can effectively pre-fill the form and present it to the business to reaffirm that none of the information has changed. And for many of the categories, it's unlikely that the information would've changed the industry code or the census track. It's unlikely that information would be different.
Similarly, the status of the business owner is also relatively unlikely to have changed in that amount of time, but you do need to maintain procedures to show that you are having this data reaffirmed and that there is no reason that you believe that it's an accurate, this is helpful because it can make the process of reapplication much more efficient in terms of collecting that data a second time, which will help when you're developing the process with your product teams and can give them something to show that you're trying to make this process as efficient as possible, but it's not a simple checkbox that you can skip the process with applicants that you've previously had before. You do still need to have a process in place to make sure that the information is still accurate.
Chris Willis:
Now, you said almost all the information can be reused. What's the exception to that, Caleb?
Caleb Rosenberg:
Well, first, there are a number of categories that relate specifically to the transaction being applied for that's not going to be reused because it's application specific. The other exception is the gross annual revenue that needs to be within the same calendar year. The use of calendar year raises some questions to me about what to do about early January applications. I assume that you would use a prior 12 months for that, but for reuse of data, that's the one category that needs to be within the calendar year as opposed to the larger 36-month period for the other categories.
Chris Willis:
Right. And it makes sense to me because the gross annual revenue is supposed to be the applicant's gross revenue from the preceding year. And so if you have collected it once in a year, then presumably it's not going to change later that same year. But if you bump over into January or February, now you're looking at a different year. And so that's why I think the rule is as it is, but there's one fun nuance to the reuse of information that I want to point out to the audience because although it gives creditors a 36-month window, remember there's that data element about how many years have you been in business, right? That's a required data element under the rule. Well, if you collected that two years ago and they've been in business for two years, the rule specifically requires that if you reuse that piece of information, you now add two years to it because it's been two years since you collected it.
And so that's another just like fun Easter egg to find in programming your system to comply with the rule because you can't just straight reuse that piece of information. You've got to update it because it's years in business and now there's been more years. So even in this seemingly friendly provision to the industry, and we all agree it was a nice thing to have 36 months of reuse, there's still complexity here. I think that's the message that I want to again leave the audience with is we've been talking for 30 or so minutes about one section or set of sections in the 1071 rule, but I can assure you we have only scratched the surface in terms of the incredible detail that is there in terms of how these data elements are collected, assembled, and reported to the CFPB, and then of course the discouragement stuff too.
Our goal here is to provide you with an overview, but understand there is incredible complexity in implementing the rule, which is why we would urge everybody to get started with the implementation as soon as possible, regardless of when your required data collection date is, whether it's October of 2024 or January of 2026 for the smallest of the small business reporters. Anyway, with that parting message, let me just thank you Lori and Caleb for being on the podcast today, and of course, thanks to our audience for listening as well.
Don't forget to visit us at our blog, ConsumerFinancialServicesLawMonitor.com, and hit that subscribe button so that you can get all of our daily updates about the world of consumer finance. And while you're at it, head over to troutman.com and add yourself to our email list, our consumer financial services email list so that you'll get copies of our alerts and notice of our industry only webinars. And of course, stay tuned for a great new episode of this show every Thursday afternoon. Thank you all for listening.
Copyright, Troutman Pepper Hamilton Sanders LLP. These recorded materials are designed for educational purposes only. This podcast is not legal advice and does not create an attorney-client relationship. The views and opinions expressed in this podcast are solely those of the individual participants. Troutman Pepper does not make any representations or warranties, express or implied, regarding the contents of this podcast. Information on previous case results does not guarantee a similar future result. Users of this podcast may save and use the podcast only for personal or other non-commercial, educational purposes. No other use, including, without limitation, reproduction, retransmission or editing of this podcast may be made without the prior written permission of Troutman Pepper. If you have any questions, please contact us at troutman.com.