BILLING CODE: 4810-AM-P
CONSUMER FINANCIAL PROTECTION BUREAU
12 CFR Part 1002
[Docket No. CFPB-2024-0018]
RIN 3170-AA09
Small Business Lending under the Equal Credit Opportunity Act (Regulation B);
Extension of Compliance Dates
AGENCY: Consumer Financial Protection Bureau.
ACTION: Interim final rule with request for public comment.
SUMMARY: In light of court orders in ongoing litigation, the Consumer Financial Protection
Bureau (CFPB or Bureau) is amending Regulation B to extend the compliance dates set forth in
its 2023 small business lending rule and to make other date-related conforming adjustments.
DATES: This interim final rule is effective [INSERT DATE 30 DAYS AFTER
PUBLICATION IN THE FEDERAL REGISTER]. Comments must be received on or before
[INSERT DATE 30 DAYS AFTER PUBLICATION IN THE FEDERAL REGISTER].
ADDRESSES: You may submit comments, identified by Docket No. CFPB-2024-0018 or RIN
3170-AA09, by any of the following methods:
•

Federal eRulemaking Portal: https://www.regulations.gov. Follow the instructions for
submitting comments. A brief summary of this document will be available at
https://www.regulations.gov/docket/CFPB-2024-0018.

•

Email: 2024-IFR-SBLcompliancedates@cfpb.gov. Include Docket No. CFPB-2024-0018
or RIN 3170-AA09 in the subject line of the message.

•

Mail/Hand Delivery/Courier: Comment Intake—Small Business Lending Compliance
Dates, c/o Legal Division Docket Manager, Consumer Financial Protection Bureau, 1700
G Street NW, Washington, DC 20552.

Instructions: The CFPB encourages the early submission of comments. All submissions
should include the agency name and docket number or Regulatory Information Number (RIN)
for this rulemaking. Because paper mail is subject to delay, commenters are encouraged to
submit comments electronically. In general, all comments received will be posted without
change to https://www.regulations.gov.
All submissions, including attachments and other supporting materials, will become part
of the public record and subject to public disclosure. Proprietary information or sensitive
personal information, such as account numbers or Social Security numbers, or names of other
individuals, should not be included. Submissions will not be edited to remove any identifying or
contact information.
FOR FURTHER INFORMATION CONTACT: George Karithanom, Regulatory
Implementation and Guidance Program Analyst, Office of Regulations, at 202-435-7700 or
https://reginquiries.consumerfinance.gov/. If you require this document in an alternative
electronic format, please contact CFPB_Accessibility@cfpb.gov.
SUPPLEMENTARY INFORMATION:
I. Background
In 2010, Congress passed the Dodd-Frank Wall Street Reform and Consumer Protection
Act (Dodd-Frank Act). Section 1071 of that Act1 amended the Equal Credit Opportunity Act
(ECOA)2 to require that financial institutions collect and report to the CFPB certain data
regarding applications for credit for women-owned, minority-owned, and small businesses.
Section 1071’s statutory purposes are to (1) facilitate enforcement of fair lending laws, and
(2) enable communities, governmental entities, and creditors to identify business and community
development needs and opportunities of women-owned, minority-owned, and small businesses.

Pub. L. 111-203, tit. X, section 1071, 124 Stat. 1376, 2056 (2010), codified at ECOA section 704B, 15 U.S.C.
1691c-2.
2

15 U.S.C. 1691 et seq.

Section 1071 directs the CFPB to prescribe such rules and issue such guidance as may be
necessary to carry out, enforce, and compile data pursuant to section 1071. On March 30, 2023,
the CFPB issued a final rule to implement section 1071 by adding subpart B to Regulation B
(2023 final rule). The 2023 final rule was published in the Federal Register on May 31, 2023.3
Further details about section 1071 and this rulemaking can be found in the preamble to the 2023
final rule.
Subsequently, some lenders filed challenges to the 2023 final rule in the United States
District Court for the Southern District of Texas.4 On July 31, 2023, the court issued an order5
that preliminarily enjoined the CFPB from implementing and enforcing the 2023 final rule
against plaintiffs and their members pending the Supreme Court’s reversal of Community
Financial Services Association of America, Ltd. v. CFPB, 51 F.4th 616 (5th Cir. 2022), cert.
granted, 143 S. Ct. 978 (2023) (CFSA), a trial on the merits, or until further court order. The
court’s order also stayed all deadlines for compliance with the requirements of the 2023 final
rule for plaintiffs and their members pending the outcome of the Supreme Court case. The Texas
court ordered that, in the event of a reversal in the Supreme Court case, the CFPB extend
plaintiffs’ and their members’ deadlines for compliance with the 2023 final rule to compensate
for the period stayed. Following motions to intervene by a number of other parties, on October
26, 2023, the Texas court extended the terms of its order to all covered financial institutions (i.e.,
issued a nationwide stay).6
On May 16, 2024, the Supreme Court reversed the Fifth Circuit’s ruling in CFSA.7

88 FR 35150 (May 31, 2023).

Texas Bankers Ass’n v. CFPB, No. 7:23-cv-00144 (S.D. Tex.).

Order Granting-in-Part and Denying-in-Part Pls.’ Mot. for Prelim. Injunction, Texas Bankers Ass’n, No. 7:23-cv00144 (S.D. Tex. July 31, 2023), ECF No. 25,
https://files.consumerfinance.gov/f/documents/cfpb_pi_order_texas_bankers.pdf.
Order Granting Intervenors’ Mots. For Prelim. Injunction, Texas Bankers Ass’n, No. 7:23-cv-00144 (S.D. Tex.
Oct. 26, 2023), ECF No. 69,
https://files.consumerfinance.gov/f/documents/cfpb_pi_second_order_texas_bankers.pdf.
7

CFPB v. Cmty. Fin. Servs. Ass’n of Am., Ltd., 601 U.S. 416 (2024).

Summary of the interim final rule
In this interim final rule, the CFPB is extending the compliance dates set forth in the
2023 final rule and making conforming adjustments. Consistent with existing court orders, the
compliance dates are being extended 290 days to compensate for the period the rule was stayed
(July 31, 2023 to May 16, 2024). Thus, covered financial institutions must begin collecting data
as follows:
Table 1: Compliance dates and filing deadlines
Compliance tier

Original compliance
date

New compliance
date

First filing deadline

Highest volume lenders

October 1, 2024

July 18, 2025

June 1, 2026

Moderate volume lenders

April 1, 2025

January 16, 2026

June 1, 2027

Smallest volume lenders

January 1, 2026

October 18, 2026

June 1, 2027

Covered financial institutions are permitted to continue using their small business
originations from 2022 and 2023 to determine their compliance tier, or they may use their
originations from 2023 and 2024. Covered financial institutions are permitted to begin collecting
protected demographic data required under the 2023 final rule 12 months before their new
compliance date, in order to test their procedures and systems. As illustrated above, the deadline
for submitting small business lending data will remain June 1 following the calendar year for
which data are collected. Finally, the CFPB is updating its grace period policy statement to
reflect the revised compliance dates.
The CFPB seeks comment on this interim final rule.
II. Legal Authority
The CFPB adopted the 2023 final rule pursuant to its authority under section 1071, which
directs the CFPB to adopt rules governing the collection and reporting of small business lending
data. Some aspects of the 2023 final rule were also adopted under the CFPB’s more general

rulemaking authorities in ECOA. The CFPB’s legal authorities are discussed in detail in the 2023
final rule.8
The CFPB is adopting this interim final rule to extend the 2023 final rule’s compliance
dates. ECOA section 704B(g)(1) grants the CFPB general rulemaking authority for section 1071.
III. Administrative Procedure Act
The Administrative Procedure Act (APA) does not require notice and opportunity for
public comment if an agency for good cause finds that notice and public comment are
impracticable, unnecessary, or contrary to the public interest.9 The CFPB finds that prior notice
and public comment are unnecessary because this interim final rule implements a court’s order to
extend the 2023 final rule’s compliance dates and makes other date-related conforming
adjustments. Covered financial institutions need to know the new compliance dates promptly so
they can resume implementation efforts; further delay in finalizing those dates would be contrary
to the public interest. The CFPB already solicited and received comment on the substance of the
provisions that it is now amending, both during its 2020 consultation with representatives of
small businesses pursuant to the Small Business Regulatory Enforcement Fairness Act10 and in
its 2021 proposed rule.11
IV. Discussion of the Final Rule
As discussed above, the court in Texas Bankers Association v. CFPB directed the CFPB
to extend the compliance dates set forth in the 2023 final rule to compensate for the period the
rule was stayed pending the Supreme Court’s decision in CFSA. To facilitate compliance across

See, e.g., 88 FR 35150, 35173-74 (May 31, 2023).

5 U.S.C. 553(b)(B).

CFPB, Small Business Advisory Review Panel for Consumer Financial Protection Bureau Small Business Lending
Data Collection Rulemaking, Outline of Proposals Under Consideration and Alternatives Considered (Sept. 15,
2020), https://files.consumerfinance.gov/f/documents/cfpb_1071-sbrefa_outline-of-proposals-underconsideration_2020-09.pdf; and CFPB, Final Report of the Small Business Review Panel on the CFPB’s Proposals
Under Consideration for the Small Business Lending Data Collection Rulemaking (Dec. 14, 2020),
https://files.consumerfinance.gov/f/documents/cfpb_1071-sbrefa-report.pdf.
11

86 FR 56356 (Oct. 8, 2021).

all covered financial institutions, the CFPB is using July 31, 2023 as the base date to calculate
the length of the compliance date extension for all covered financial institutions, including the
initial plaintiffs and their members as well as the intervening parties. The CFPB is extending the
2023 final rule’s compliance dates by 290 days (i.e., the number of days that elapsed between the
court’s July 31, 2023 order and the Supreme Court’s decision in CFSA on May 16, 2024).
A. Changes to Compliance Date Provisions
The 2023 final rule’s compliance dates are set forth in § 1002.114(b). That section looks
to a financial institution’s volume of covered credit transactions for small businesses in each of
calendar years 2022 and 2023 to determine the applicable compliance date. The 2023 final rule
provided that covered financial institutions that originated at least 2,500 covered transactions in
both years were required to comply with the requirements of the 2023 final rule beginning
October 1, 2024 (sometimes referred to as Tier 1 institutions). Covered financial institutions not
in Tier 1 that originated at least 500 covered transactions in both years were required to comply
beginning April 1, 2025 (Tier 2), and covered financial institutions not in Tier 1 or Tier 2 that
originated at least 100 covered transactions in both years were required to comply beginning
January 1, 2026 (Tier 3). The 2023 final rule also provided that a financial institution that did not
originate at least 100 covered transactions in both 2022 and 2023 but that subsequently originates
at least 100 such transactions in two consecutive calendar years must comply with the rule in
accordance with § 1002.105(b), but in any case no earlier than January 1, 2026.
In this interim final rule, the CFPB is extending each of the compliance dates set forth in
§ 1002.114(b) by 290 days. Thus, Tier 1 institutions now have a compliance date of July 18,
2025, Tier 2 institutions now have a compliance date of January 16, 2026, and Tier 3 institutions
now have a compliance date of October 18, 2026. Likewise, institutions that did not originate at
least 100 covered transactions in 2022 and 2023 but subsequently do in two consecutive calendar
years are not required to comply with the rule until October 18, 2026 at the earliest. The CFPB is
making corresponding updates throughout the commentary accompanying § 1002.114(b), which

provide additional guidance and examples regarding compliance dates. The CFPB is also
revising comments 105(b)-2 and -6 and 109(b)-1, which involve examples of data collection
occurring in years affected by the extended compliance dates in this interim final rule.
B. Voluntary Early Collection of Protected Demographic Data
Section 1002.114(c) addresses several transitional issues. Section 1002.114(c)(1) permits
financial institutions to collect protected demographic information required under the 2023 final
rule from small business applicants beginning 12 months prior to its compliance date. As this
provision does not list any compliance dates specifically, no revisions are needed. Thus, a Tier 1
institution is permitted to begin collecting protected demographic information on or after July 18,
2024; a Tier 2 institution may begin on or after January 16, 2025; and a Tier 3 institution may
begin on or after October 18, 2025, in order to test their procedures and systems for compiling
and maintaining this information in advance of actually being required to collect and
subsequently report it to the CFPB.12
C. Alternative Period for Counting Covered Originations to Determine Compliance Tier
The CFPB is adopting new § 1002.114(c)(3), which permits (but does not require) a
financial institution to use its originations of covered credit transactions in each of calendar years
2023 and 2024, rather than those in 2022 and 2023, to determine its compliance date. Financial
institutions may use whichever set of dates they prefer (i.e., 2022 and 2023, or 2023 and 2024).
Existing comment 114(b)-4 provides examples illustrating how a financial institution uses its
originations in 2022 and 2023 to determine its compliance tier; new comment 114(b)-4.viii
illustrates using 2023 and 2024 originations to determine compliance tier.

Under this provision, financial institutions will have time—beginning 12 months prior to their compliance date—
to adjust any procedures or systems that may result in the inaccurate compilation or maintenance of applicants’
protected demographic information, the collection of which is required by section 1071 but otherwise generally
prohibited under ECOA and Regulation B. (Financial institutions could of course collect the other information
required by the 2023 final rule at any time, without needing express permission in Regulation B to do so, as is
needed for collecting protected demographic information.) See 88 FR 35150, 35449-50 (May 31, 2023).
D. Determining Compliance Dates for Financial Institutions that Do Not Collect Information
Sufficient to Determine Small Business Status
Section 1002.114(c)(2) provides that a financial institution that is unable to determine the
number of covered credit transactions it originated in 2022 and 2023 for purposes of determining
its compliance tier is permitted to use any reasonable method to estimate its originations to small
businesses for either or both of 2022 and 2023. Existing comment 114(c)-5 lists several
reasonable methods a financial institution may use to estimate its originations.
Pursuant to new § 1002.114(c)(3), which permits a financial institution to use its
originations of covered credit transactions in each of calendar years 2023 and 2024 to determine
its compliance date, financial institutions are likewise permitted to use any reasonable method to
estimate their originations for either or both of 2023 and 2024. The CFPB is revising comment
114(c)-5 to make this clear and adding new comment 114(c)-6.vii to provide an example.
E. Deadline for Annual Data Submissions
Section 1002.109(a)(1) provides that covered financial institutions must submit their
small business lending application registers to the CFPB on or before June 1 following the
calendar year for which the data are compiled and maintained. As this provision does not list any
compliance dates specifically, no revisions are needed. Thus, Tier 1 institutions will make their
first data submission by June 1, 2026; Tier 2 and Tier 3 by June 1, 2027.
V. Effective Date
The CFPB is adopting an effective date of 30 days after the publication of this interim
final rule in the Federal Register consistent with section 553(d) of the Administrative Procedure
Act.13

5 U.S.C. 553(d).

VI. Grace Period Policy Statement
In the 2023 final rule, the CFPB adopted a 12-month grace period during which the
CFPB—for covered financial institutions under its supervisory and enforcement jurisdiction—
would not intend to assess penalties for errors in data reporting, and would intend to conduct
examinations only to diagnose compliance weaknesses, to the extent that these institutions
engaged in good faith compliance efforts. The Grace Period Policy Statement set forth in the
2023 final rule explained the CFPB’s reasons for adopting such a grace period along with how
the CFPB intended to implement such a grace period.14 The CFPB is updating this policy
statement to reflect the new compliance dates set forth in this interim final rule.15
The following discussion explains how the CFPB intends to exercise its supervisory and
enforcement discretion for the first 12 months of data collected after a covered financial
institution’s initial compliance date.
With respect to covered financial institutions subject to the CFPB’s supervisory or
enforcement jurisdiction that make good faith efforts to comply with the 2023 final rule, the
CFPB intends to provide a grace period to reflect the new compliance dates as follows:
Table 2: Grace period
Financial institutions covered by the grace period

Dates covered by the grace period

Financial institutions with a compliance date
specified in § 1002.114(b)(1) (i.e., Tier 1
institutions), as well as any financial institutions that
make a voluntary submission for the first time for
data collected in 2025.

The data collected in 2025 (from July 18, 2025
through December 31, 2025) as well as a
portion of data collected in 2026 (from January
1, 2026 through July 17, 2026).

Financial institutions with a compliance date
specified in § 1002.114(b)(2) (i.e., Tier 2 institution),
as well as any financial institutions that make a

The data collected in 2026 (from January 16,
2026 through December 31, 2026) as well as a

See 88 FR 35150, 35458-59 (May 31, 2023).

This is a general statement of policy under the Administrative Procedure Act. 5 U.S.C. 553(b). It articulates
considerations relevant to the CFPB’s exercise of its authorities. It does not impose any legal requirements, nor does
it confer rights of any kind. It also does not impose any new or revise any existing recordkeeping, reporting, or
disclosure requirements on covered entities or members of the public that would be collections of information
requiring approval by the Office of Management and Budget under the Paperwork Reduction Act. 44 U.S.C. 3501
through 3521.
Financial institutions covered by the grace period

Dates covered by the grace period

voluntary submission for the first time for data
collected in 2026.

portion of data collected in 2027 (from January
1, 2027 through January 15, 2027).

Financial institutions with a compliance date
specified in § 1002.114(b)(3) (i.e., Tier 3 institution),
as well as any financial institutions that make a
voluntary submission for the first time for data
collected in 2027.

The data collected in 2026 (from October 18,
2026 through December 31, 2026) as well as a
portion of data collected in 2027 (from January
1, 2027 through October 17, 2027).

As discussed in the 2023 final rule, the CFPB believes that a 12-month grace period for
each compliance tier will give institutions time to diagnose and address unintentional errors
without the prospect of penalties for inadvertent compliance issues, and may ultimately assist
other covered financial institutions, especially those in later compliance tiers, in identifying best
practices. While the CFPB anticipates that financial institutions in each compliance tier are
capable of fully preparing to comply with the 2023 final rule by their respective new compliance
dates, it views this grace period as enabling deliberate and thoughtful compliance with the rule,
while still providing important data regarding small business lending as soon as practical.
During the grace period, if the CFPB identifies errors in a financial institution’s initial
data submissions, it does not intend to require data resubmission unless data errors are material.
Further, the CFPB does not intend to assess penalties with respect to unintentional and good faith
errors in the initial data submissions. Any examinations of these initial data submissions will be
diagnostic and will help to identify compliance weaknesses. However, errors that are not the
result of good faith compliance efforts by financial institutions, especially attempts to discourage
applicants from providing data, will remain subject to the CFPB’s full supervisory and
enforcement authority, including the assessment of penalties.
The CFPB believes that the grace period covering the initial data submissions will
provide financial institutions an opportunity to identify any gaps in their implementation of the
2023 final rule and make improvements in their compliance management systems for future data
submissions. In addition, a grace period will permit the CFPB to help financial institutions

identify errors and, thereby, self-correct to avoid such errors in the future. The CFPB can also
use data collected during the grace period to alert financial institutions of common errors and
potential best practices in data collection and submissions under this rule.
VII. CFPA Section 1022(b) Analysis
A. Overview
In developing the interim final rule, the CFPB has considered the potential benefits, costs,
and impacts as required by section 1022(b)(2) of the Consumer Financial Protection Act of 2010
(CFPA).16 Section 1022(b)(2) calls for the CFPB to consider the potential benefits and costs of a
regulation to consumers and covered persons, including the potential reduction of consumer
access to consumer financial products or services, the impact on depository institutions and
credit unions with $10 billion or less in total assets as described in section 1026 of the CFPA,
and the impact on consumers in rural areas. In addition, section 1022(b)(2)(B) directs the CFPB
to consult with appropriate prudential regulators or other Federal agencies, regarding consistency
with the objectives those agencies administer. The CFPB has accordingly consulted with the
appropriate prudential regulators and other Federal agencies regarding consistency with any
prudential, market, or systemic objectives administered by these agencies.
In this interim final rule, the CFPB is extending by 290 days the compliance dates set
forth in the 2023 small business lending rule and making several conforming adjustments. Thus,
covered financial institutions with the highest volume of small business originations (Tier 1)
must begin collecting data by July 18, 2025; moderate-volume institutions (Tier 2) by January
16, 2026; and the smallest volume institutions (Tier 3) by October 18, 2026. Covered financial
institutions are permitted to continue using their small business originations from 2022 and 2023
to determine their compliance tier, or instead they may use their originations from 2023 and
2024.

12 U.S.C. 5512(b)(2).

The CFPB expects covered institutions to benefit from the extension of the compliance
dates, but expects that the impacts of this interim final rule on covered institutions are small
relative to the overall impacts of the 2023 final rule it modifies. The CFPB additionally expects
this interim final rule to have minimal impacts on small businesses, due to the long-term nature
of the benefits of the 2023 final rule and an expectation that the 2023 final rule will have a
limited effect on the cost of small business credit.
B. Data Limitation and Quantification of Benefits, Costs, and Impacts
The discussion below relies on information the CFPB has obtained from industry, other
regulatory agencies, and publicly available sources. The CFPB provides estimates, to the extent
possible, of the potential benefits, costs, and impacts to consumers and covered persons of this
interim final rule given available data.
To estimate the number of depository institutions covered by the interim final rule, the
CFPB relies in part on data from publicly available sources, such as the Federal Financial
Institutions Examination Council’s Reports on Condition of Income (Call Reports), the National
Credit Union Administration’s Call Reports, and data reported under the Community
Reinvestment Act. As described in detail in part IX.E of the 2023 final rule, information on the
cost of compliance is derived from the CFPB’s previous Home Mortgage Disclosure Act
rulemaking activities and a One-time Cost Survey the CFPB administered in 2020 as part of its
small business lending rule development process.
There are limitations, such as limited comprehensive data on non-depository institutions
potentially subject to the 2023 final rule and thus this interim final rule, and limited data on
which to quantify benefits of the interim final rule with precision. The CFPB supplements the
data sources described above with general economic principles and the CFPB’s expertise in
consumer financial markets. The CFPB qualitatively describes potential benefits, costs, and
impacts where the ability to provide quantitative estimates are impacted by these limitations.

C. Baseline for Analysis
In evaluating the potential benefits, costs, and impacts of the interim final rule, the CFPB
takes as a baseline Regulation B as amended by the 2023 final rule. Part IV above describes in
detail the provisions of the 2023 final rule. The CFPB’s analysis of the potential costs, benefits,
and impacts of this interim final rule are relative to the original compliance dates and other
requirements of the 2023 final rule.
D. Potential Benefits and Costs to Covered Persons and Small Businesses
1. Potential Benefits and Costs to Covered Persons
Based on the methodology used to determine coverage in the 2023 final rule,17 the CFPB
expects about 100 financial institutions to be required to report in Tier 1, about 450 to be
required to report in Tier 2, and about 2,000 to be required to report in Tier 3.
By extending the compliance dates by 290 days for all covered institutions, financial
institutions will benefit by the delay in the expected costs of compliance with the 2023 final rule.
The benefit from the compliance date extension will differ depending on whether the cost was
expected to be “one-time” or “ongoing.” Part IX.E of the 2023 final rule described two
categories of cost that the CFPB expected covered financial institutions to incur. “One-time”
costs refer to expenses that the financial institution will incur initially and only once to
implement changes required to comply with the requirements of the rule. “Ongoing” costs are
expenses incurred because of the ongoing reporting requirements of the rule, accrued on an
annual basis.
The CFPB expects covered institutions to experience an annual ongoing cost of
compliance in perpetuity. Therefore, extending the compliance dates by 290 days potentially
saves financial institutions up to 290 days in expected annual compliance costs. In the 2023 rule,
the CFPB detailed its methodology and estimates of this annual ongoing cost for institutions of

The CFPB continues to use the estimates from the 2023 final rule, which are based on data from 2017 through
2019. The data are not yet available to update the estimates to a more recent year that is unaffected by the COVID19 pandemic conditions.
different levels of complexity in their processes for collecting, checking, and reporting data on
applications for small business credit. These “types” were Type A (least complex), Type B
(medium complexity), and Type C (most complex) and were related to small business credit
application volume. The 2023 final rule gave estimates of compliance costs for representative
institutions of each type as well as the market-level estimate for all complying institutions.
The CFPB estimated that, per application for small business credit, Type A institutions
would incur $83 in annual ongoing costs, Type B institutions would incur $100, and Type C
institutions would incur $46. Based on the CFPB’s estimates of application volumes for all
institutions, the expected market level annual ongoing cost was between $310 and $330 million
for depository institutions and $62.3 million for non-depository institutions. The CFPB expects
covered financial institutions to avoid 290 days of ongoing costs due to the compliance date
extension. Institutions will effectively receive this benefit at the time they would have originally
been required to start collecting data. Thus, Tier 3 institutions will receive this benefit farther in
the future than Tier 2 institutions, who will receive the benefit farther in the future than Tier 1
institutions. In present value terms, Tier 1 institutions will see a proportionally larger benefit
compared to baseline, relative to Tier 2 and Tier 3 institutions.
This interim final rule does not change the nominal value of the one-time costs that will
be incurred by covered institutions but does potentially delay the realization of those costs up to
290 days into the future for institutions in each compliance tier. Thus, the new one-time costs are
the baseline one-time costs discounted by 290 days. The present value of the benefit associated
with the interim final rule’s impact on one-time costs is the difference between the baseline onetime costs and the new discounted costs.
The CFPB additionally expects that the compliance date extension and the associated
flexibility in years of origination data that can be used to determine coverage would confer a
benefit to covered institutions with the additional time to prepare for compliance relative to the
baseline.

With the extension of the compliance dates by 290 days, this interim final rule delays the
realization of these potential benefits to covered financial institutions. As enumerated in the 2023
final rule, benefits include more efficient fair lending review prioritization by regulators and the
institutions’ own use of small business lending data to better understand small business credit
demand and the supply by their competitors.
2. Potential Benefits and Costs to Small Businesses
As with the 2023 final rule, this interim final rule will not directly impact consumers, as
that term is defined by the Dodd-Frank Act. Some consumers will be impacted in their separate
capacity as sole owners of small businesses covered by the rule. The CFPB has elected to
consider the costs to small businesses from this interim final rule as it did in the 2023 final rule.
In part IX.F of the 2023 final rule, the CFPB described how small businesses would
benefit from the impact of the rule on the enforcement of fair lending laws and on community
development. In an environment with limited data sources on small business credit, the CFPB
expects data collected under the rule to enable communities, governmental entities, and creditors
to identify business and community development needs and opportunities for women-owned,
minority-owned, and small businesses. The CFPB also expects data collected under the 2023
final rule to facilitate fair lending enforcement by Federal, State, and local enforcement agencies.
Due to limitations on data and methodology, the CFPB mostly described these benefits
qualitatively.
To the extent small businesses benefit in the above ways from the 2023 final rule, the
extension of the compliance dates reduces the benefits accruing to small businesses by delaying
the realization of these benefits. While compliance dates are extended by 290 days, Tier 1
financial institutions will be required to file data one year later than expected under the 2023
final rule (i.e., by June 1, 2026 rather than June 1, 2025). The CFPB expects that the benefits of
the original rule will primarily begin with the publication of the data. Thus, small businesses’ and
financial institutions’ realizations of the benefits arising from the 2023 final rule will likewise be

delayed by at least one year, reducing the real net present value of these expected future benefits.
The CFPB is unable to readily quantify the costs associated with delaying future benefits because
the CFPB does not have the data to quantify all the benefits of the 2023 final rule.
The 2023 final rule also described that the CFPB expects financial institutions to pass on
a portion of their annual ongoing costs to small business borrowers in the form of higher rates or
fees. While, in general, the CFPB expects the magnitude of any pass-through to be a small
portion of the total cost of the average loan to a small business applicant, extended compliance
dates could benefit small business borrowers by delaying these increased costs.
3. Distribution of Small Business Impacts
The differences in the impacts of this interim final rule between different types of small
businesses is likely to be small with only 290 days added to each of the compliance dates. Most
of the distribution of benefits and costs are likely to be derived from whether small businesses
are serviced by lenders in different compliance tiers and the difference in present discounted
values.
E. Potential Impacts on Depository Institutions and Credit Unions With $10 Billion or Less in
Total Assets, as Described in CFPA Section 1026
Using the methodology described in the 2023 final rule, the CFPB estimates that between
1,700 and 1,900 banks, savings associations, and credit unions with $10 billion or less in total
assets will be affected by this interim final rule. The CFPB believes that the impacts of the
interim final rule on these small depository institutions will be similar to those impacts on
covered financial institutions as a whole, discussed above. These institutions would incur
benefits from up to 290 fewer days in annual ongoing costs and the postponement of up to 290
days of one-time costs. They would also potentially benefit from additional time to develop
software and other resources used to comply with the 2023 final rule.

F. Potential Impacts on Small Businesses’ Access to Credit and on Small Businesses in Rural
Areas
The CFPB does not expect this interim final rule to have a significant impact on small
businesses’ access to credit. In the 2023 final rule, the CFPB described how the likeliest effect of
the rule on access to credit would be a small increase in interest rates or fees. This interim final
rule shifts this potential effect by 290 days without any additional provisions that would affect
credit access.
In part IX.H of the final rule, the CFPB described how existing data sources limited its
ability to precisely estimate the number of financial institutions who serve rural areas who are
covered under the 2023 final rule. The CFPB expects that 65 to 70 percent of rural bank and
savings associations branches and 14 percent of rural credit union branches would be affected by
the interim final rule using this methodology.
Small businesses in rural areas are expected to experience similar costs and benefits of
small businesses more broadly. Small businesses in rural areas would experience a reduction in
benefits via a postponement of the benefits of the 2023 final rule on fair lending enforcement and
community development. These small businesses would also experience a benefit by the
postponement of expected small increases in interest rates and fees.
VIII. Regulatory Flexibility Act Analysis
The Regulatory Flexibility Act does not require an initial or final regulatory flexibility
analysis in a rulemaking where a general notice of proposed rulemaking is not required.18 As
discussed in part III above, the CFPB has determined that prior notice and comment is
unnecessary for this interim final rule. As an additional basis, the CFPB’s Director certifies that
this interim final rule will not have a significant economic impact on a substantial number of
small entities, and so an initial or final regulatory flexibility analysis is also not required for that

5 U.S.C. 603(a), 604(a).

reason.19 The rule will not impose significant costs on creditors, including small entities, for the
reasons described in the section 1022(b) analysis in part VII above.
IX. Paperwork Reduction Act
Under the Paperwork Reduction Act of 1995 (PRA), Federal agencies are generally
required to seek approval from the Office of Management and Budget (OMB) for information
collection requirements prior to implementation. Under the PRA, the CFPB may not conduct or
sponsor, and, notwithstanding any other provision of law, a person is not required to respond to
an information collection unless the information collection displays a valid control number
assigned by OMB. The interim final rule amends 12 CFR part 1002 (Regulation B), which
implements the small business lending rule. The CFPB’s OMB control number for Regulation B
is 3170-0013; its current expiration date is August 31, 2025.
The interim final rule does not add to or change the collection requirements of the 2023
final rule; rather, it only changes the initial compliance dates, pursuant to court orders, and
makes other date-related conforming adjustments. The CFPB has therefore determined that the
interim final rule does not contain any new or substantively revised information collection
requirements as defined by the PRA.
X. Congressional Review Act
Pursuant to the Congressional Review Act (5 U.S.C. 801 et seq.), the CFPB will submit a
report containing this interim final rule and other required information to the U.S. Senate, the
U.S. House of Representatives, and the Comptroller General of the United States prior to the
interim final rule taking effect. The Office of Information and Regulatory Affairs has designated
this interim final rule as not a “major rule” as defined by 5 U.S.C. 804(2).

5 U.S.C. 605(b).

List of Subjects
Banks, banking, Civil rights, Consumer protection, Credit, Credit unions, Marital status
discrimination, National banks, Penalties.
Authority and Issuance
For the reasons set forth in the preamble, the CFPB amends Regulation B, 12 CFR part
1002, as follows:
PART 1002—EQUAL CREDIT OPPORTUNITY ACT (REGULATION B)
1. The authority citation for part 1002 continues to read as follows:
Authority: 12 U.S.C. 5512, 5581; 15 U.S.C. 1691b. Subpart B is also issued under
15 U.S.C. 1691c-2.
2. Section 1002.14 is amended by
a. In paragraph (b)(1) removing “October 1, 2024” and adding in its place “July 18,
2025”;
b. In paragraph (b)(2) removing “April 1, 2025” and adding in its place “January 16,
2026”;
c. In paragraphs (b)(3) and (4) removing “January 1, 2026” and adding in its place
“October 18, 2026”; and
d. Adding paragraph (c)(3).
The addition reads as follows:
§ 1002.114 Effective date, compliance date, and special transitional rules.
*

*

*

*

*

(c) * * *
(3) Alternative time period for determining compliance dates. A financial institution is
permitted to use its originations of covered credit transactions in each of calendar years 2023 and
2024 in lieu of calendar years 2022 and 2023 as specified in paragraphs (b) and (c)(2) of this
section.
3. In Supplement I to part 1002:

a. Under Section 1002.105—Covered Financial Institutions and Exempt Institutions,
revise 105(b) Covered Financial Institution;
b. Under Section 1002.109—Reporting of Data to the Bureau, revise 109(b) Financial
Institution Identifying Information; and
c. Under Section 1002.114—Effective Date, Compliance Date, and Special Transition
Rules, revise 114(b) Compliance Date and 114(c) Special Transition Rules.
The revisions read as follows:
Supplement I to Part 1002—Official Interpretations
*

*

*

*

*

Section 1002.105—Covered Financial Institutions and Exempt Institutions
*

*

*

*

*

105(b) Covered Financial Institution
1. Preceding calendar year. The definition of covered financial institution refers to
preceding calendar years. For example, in 2029, the two preceding calendar years are 2027 and
2028. Accordingly, in 2029, Financial Institution A does not meet the loan-volume threshold in
§ 1002.105(b) if did not originate at least 100 covered credit transactions for small businesses
both during 2027 and during 2028.
2. Origination threshold. A financial institution qualifies as a covered financial institution
based on total covered credit transactions originated for small businesses, rather than covered
applications received from small businesses. For example, if in both 2026 and 2027, Financial
Institution B received 105 covered applications from small businesses and originated 95 covered
credit transactions for small businesses, then for 2028, Financial Institution B is not a covered
financial institution.
3. Counting originations when multiple financial institutions are involved in originating a
covered credit transaction. For the purpose of counting originations to determine whether a
financial institution is a covered financial institution under § 1002.105(b), in a situation where

multiple financial institutions are involved in originating a single covered credit transaction, only
the last financial institution with authority to set the material terms of the covered credit
transaction is required to count the origination.
4. Counting originations after adjustments to the gross annual revenue threshold due to
inflation. Pursuant to § 1002.106(b)(2), every five years, the gross annual revenue threshold used
to define a small business in § 1002.106(b)(1) shall be adjusted, if necessary, to account for
inflation. The first time such an adjustment could occur is in 2030, with an effective date of
January 1, 2031. A financial institution seeking to determine whether it is a covered financial
institution applies the gross annual revenue threshold that is in effect for each year it is
evaluating. For example, a financial institution seeking to determine whether it is a covered
financial institution in 2032 counts its originations of covered credit transactions for small
businesses in calendar years 2030 and 2031. The financial institution applies the initial $5
million threshold to evaluate whether its originations were to small businesses in 2030. In this
example, if the small business threshold were increased to $5.5 million effective January 1, 2031,
the financial institution applies the $5.5 million threshold to count its originations for small
businesses in 2031.
5. Reevaluation, extension, or renewal requests, as well as credit line increases and other
requests for additional credit amounts. While requests for additional credit amounts on an
existing account can constitute a “covered application” pursuant to § 1002.103(b)(1), such
requests are not counted as originations for the purpose of determining whether a financial
institution is a covered financial institution pursuant to § 1002.105(b). In addition, transactions
that extend, renew, or otherwise amend a transaction are not counted as originations. For
example, if a financial institution originates 50 term loans and 30 lines of credit for small
businesses in each of the preceding two calendar years, along with 25 line increases for small
businesses in each of those years, the financial institution is not a covered financial institution

because it has not originated at least 100 covered credit transactions in each of the two preceding
calendar years.
6. Annual consideration. Whether a financial institution is a covered financial institution
for a particular year depends on its small business lending activity in the preceding two calendar
years. Therefore, whether a financial institution is a covered financial institution is an annual
consideration for each year that data may be compiled and maintained for purposes of subpart B
of this part. A financial institution may be a covered financial institution for a given year of data
collection (and the obligations arising from qualifying as a covered financial institution shall
continue into subsequent years, pursuant to §§ 1002.110 and 1002.111), but the same financial
institution may not be a covered financial institution for the following year of data collection. For
example, Financial Institution C originated 105 covered transactions for small businesses in both
2027 and 2028. In 2029, Financial Institution C is a covered financial institution and therefore is
obligated to compile and maintain applicable 2029 small business lending data under
§ 1002.107(a). During 2029, Financial Institution C originates 95 covered transactions for small
businesses. In 2030, Financial Institution C is not a covered financial institution with respect to
2030 small business lending data, and is not obligated to compile and maintain 2030 data under
§ 1002.107(a) (although Financial Institution C may volunteer to collect and maintain 2030 data
pursuant to § 1002.5(a)(4)(vii) and as explained in comment 105(b)-10). Pursuant to
§ 1002.109(a), Financial Institution C shall submit its small business lending application register
for 2029 data in the format prescribed by the Bureau by June 1, 2030 because Financial
Institution C is a covered financial institution with respect to 2029 data, and the data submission
deadline of June 1, 2030 applies to 2029 data.
7. Merger or acquisition—coverage of surviving or newly formed institution. After a
merger or acquisition, the surviving or newly formed financial institution is a covered financial
institution under § 1002.105(b) if it, considering the combined lending activity of the surviving
or newly formed institution and the merged or acquired financial institutions (or acquired

branches or locations), satisfies the criteria included in § 1002.105(b). For example, Financial
Institutions A and B merge. The surviving or newly formed financial institution meets the
threshold in § 1002.105(b) if the combined previous components of the surviving or newly
formed financial institution (A plus B) would have originated at least 100 covered credit
transactions for small businesses for each of the two preceding calendar years. Similarly, if the
combined previous components and the surviving or newly formed financial institution would
have reported at least 100 covered transactions for small businesses for the year previous to the
merger as well as 100 covered transactions for small businesses for the year of the merger, the
threshold described in § 1002.105(b) would be met and the surviving or newly formed financial
institution would be a covered institution under § 1002.105(b) for the year following the merger.
Comment 105(b)-8 discusses a financial institution’s responsibilities with respect to compiling
and maintaining (and subsequently reporting) data during the calendar year of a merger.
8. Merger or acquisition—coverage specific to the calendar year of the merger or
acquisition. The scenarios described below illustrate a financial institution’s responsibilities
specifically for data from the calendar year of a merger or acquisition. For purposes of these
illustrations, an “institution that is not covered” means either an institution that is not a financial
institution, as defined in § 1002.105(a), or a financial institution that is not a covered financial
institution, as defined in § 1002.105(b).
i. Two institutions that are not covered financial institutions merge. The surviving or
newly formed institution meets all of the requirements necessary to be a covered financial
institution. No data are required to be compiled, maintained, or reported for the calendar year of
the merger (even though the merger creates an institution that meets all of the requirements
necessary to be a covered financial institution).
ii. A covered financial institution and an institution that is not covered merge. The
covered financial institution is the surviving institution, or a new covered financial institution is
formed. For the calendar year of the merger, data are required to be compiled, maintained, and

reported for covered applications from the covered financial institution and is optional for
covered applications from the financial institution that was previously not covered.
iii. A covered financial institution and an institution that is not covered merge. The
institution that is not covered is the surviving institution and remains not covered after the
merger, or a new institution that is not covered is formed. For the calendar year of the merger,
data are required to be compiled and maintained (and subsequently reported) for covered
applications from the previously covered financial institution that took place prior to the merger.
After the merger date, compiling, maintaining, and reporting data is optional for applications
from the institution that was previously covered for the remainder of the calendar year of the
merger.
iv. Two covered financial institutions merge. The surviving or newly formed financial
institution is a covered financial institution. Data are required to be compiled and maintained
(and subsequently reported) for the entire calendar year of the merger. The surviving or newly
formed financial institution files either a consolidated submission or separate submissions for
that calendar year.
9. Foreign applicability. As discussed in comment 1(a)-2, Regulation B (including
subpart B) generally does not apply to lending activities that occur outside the United States.
10. Voluntary collection and reporting. Section 1002.5(a)(4)(vii) through (x) permits a
creditor that is not a covered financial institution under § 1002.105(b) to voluntarily collect and
report information regarding covered applications from small businesses in certain
circumstances. If a creditor is voluntarily collecting information for covered applications
regarding whether the applicant is a minority-owned business, a women-owned business, and/or
an LGBTQI+-owned business under § 1002.107(a)(18), and regarding the ethnicity, race, and
sex of the applicant’s principal owners under § 1002.107(a)(19), it shall do so in compliance
with §§ 1002.107, 1002.108, 1002.111, 1002.112 as though it were a covered financial
institution. If a creditor is reporting those covered applications from small businesses to the

Bureau, it shall do so in compliance with §§ 1002.109 and 1002.110 as though it were a covered
financial institution.
*

*

*

*

*

Section 1002.109—Reporting of Data to the Bureau
*

*

*

*

*

109(b) Financial Institution Identifying Information
1. Changes to financial institution identifying information. If a financial institution’s
information required pursuant to § 1002.109(b) changes, the financial institution shall provide
the new information with the data submission for the collection year of the change. For example,
assume two financial institutions that previously reported data under subpart B of this part merge
and the surviving institution retained its Legal Entity Identifier but obtained a new TIN in
February 2028. The surviving institution must report the new TIN with its data submission for its
2028 data (which is due by June 1, 2029) pursuant to § 1002.109(b)(5). Likewise, if that
financial institution’s Federal prudential regulator changes in February 2028 as a result of the
merger, it must identify its new Federal prudential regulator in its annual submission for its 2028
data.
*

*

*

*

*

Section 1002.114—Effective Date, Compliance Date, and Special Transition Rules
114(b) Compliance Date
1. Application of compliance date. The applicable compliance date in § 1002.114(b) is
the date by which the covered financial institution must begin to compile data as specified in
§ 1002.107, comply with the firewall requirements of § 1002.108, and begin to maintain records
as specified in § 1002.111. In addition, the covered financial institution must comply with
§ 1002.110(c) and (d) no later than June 1 of the year after the applicable compliance date. For
instance, if § 1002.114(b)(2) applies to a financial institution, it must comply with §§ 1002.107

and 1002.108, and portions of § 1002.111, beginning January 16, 2026, and it must comply with
§ 1002.110(c) and (d), and portions of § 1002.111, no later than June 1, 2027.
2. Initial partial year collections pursuant to § 1002.114(b). i. When the compliance date
of July 18, 2025 specified in § 1002.114(b)(1) applies to a covered financial institution, the
financial institution is required to collect data for covered applications during the period from
July 18, 2025 to December 31, 2025. The financial institution must compile data for this period
pursuant to § 1002.107, comply with the firewall requirements of § 1002.108, and maintain
records as specified in § 1002.111. In addition, for data collected during this period, the covered
financial institution must comply with §§ 1002.109 and 1002.110(c) and (d) by June 1, 2026.
ii. When the compliance date of January 16, 2026 specified in § 1002.114(b)(2) applies to
a covered financial institution, the financial institution is required to collect data for covered
applications during the period from January 16, 2026 to December 31, 2026. The financial
institution must compile data for this period pursuant to § 1002.107, comply with the firewall
requirements of § 1002.108, and maintain records as specified in § 1002.111. In addition, for
data collected during this period, the covered financial institution must comply with §§ 1002.109
and 1002.110(c) and (d) by June 1, 2027.
iii. When the compliance date of October 18, 2026 specified in § 1002.114(b)(3) or (4)
applies to a covered financial institution, the financial institution is required to collect data for
covered applications during the period from October 18, 2026 to December 31, 2026. The
financial institution must compile data for this period pursuant to § 1002.107, comply with the
firewall requirements of § 1002.108, and maintain records as specified in § 1002.111. In
addition, for data collected during this period, the covered financial institution must comply with
§§ 1002.109 and 1002.110(c) and (d) by June 1, 2027.
3. Informal names for compliance date provisions. To facilitate discussion of the
compliance dates specified in § 1002.114(b)(1), (2), and (3), in the official commentary and any
other documents referring to these compliance dates, the Bureau adopts the following informal

simplified names. Tier 1 refers to the cohort of covered financial institutions that have a
compliance date of July 18, 2025 pursuant to § 1002.114(b)(1). Tier 2 refers to the cohort of
covered financial institutions that have a compliance date of January 16, 2026 pursuant to
§ 1002.114(b)(2). Tier 3 refers to the cohort of covered financial institutions that have a
compliance date of October 18, 2026 pursuant to § 1002.114(b)(3).
4. Examples. The following scenarios illustrate how to determine whether a financial
institution is a covered financial institution and which compliance date specified in
§ 1002.114(b) applies. Unless otherwise indicated, in each example the financial institution has
chosen to use its originations in 2022 and 2023 (rather than 2023 and 2024 as permitted by
§ 1002.114(c)(3)) to determine its initial compliance tier.
i. Financial Institution A originated 3,000 covered credit transactions for small businesses
in calendar year 2022, and 3,000 in calendar year 2023. Financial Institution A is in Tier 1 and
has a compliance date of July 18, 2025.
ii. Financial Institution B originated 2,000 covered credit transactions for small
businesses in calendar year 2022, and 3,000 in calendar year 2023. Because Financial Institution
B did not originate at least 2,500 covered credit transactions for small businesses in each of 2022
and 2023, it is not in Tier 1. Because Financial Institution B did originate at least 500 covered
credit transactions for small businesses in each of 2022 and 2023, it is in Tier 2 and has a
compliance date of January 16, 2026.
iii. Financial Institution C originated 400 covered credit transactions to small businesses
in calendar year 2022, and 1,000 in calendar year 2023. Because Financial Institution C did not
originate at least 2,500 covered credit transactions for small businesses in each of 2022 and
2023, it is not in Tier 1, and because it did not originate at least 500 covered credit transactions
for small businesses in each of 2022 and 2023, it is not in Tier 2. Because Financial Institution C
did originate at least 100 covered credit transactions for small businesses in each of 2022 and
2023, it is in Tier 3 and has a compliance date of October 18, 2026.

iv. Financial Institution D originated 90 covered credit transactions to small businesses in
calendar year 2022, 120 in calendar year 2023, and 90 in calendar years 2024, 2025, and 2026.
Because Financial Institution D did not originate at least 100 covered credit transactions for
small businesses in each of 2022 and 2023, it is not in Tier 1, Tier 2, or Tier 3. Because Financial
Institution D did not originate at least 100 covered credit transactions for small businesses in
subsequent consecutive calendar years, it is not a covered financial institution under
§ 1002.105(b) and is not required to comply with the rule in 2025, 2026, or 2027.
v. Financial Institution E originated 120 covered credit transactions for small businesses
in each of calendar years 2022, 2023, and 2024, and 90 in 2025. Because Financial Institution E
did not originate at least 2,500 or 500 covered credit transactions for small businesses in each of
2022 and 2023, it is not in Tier 1 or Tier 2. Because Financial Institution E originated at least
100 covered credit transactions for small businesses in each of 2022 and 2023, it is in Tier 3 and
has a compliance date of October 18, 2026. However, because Financial Institution E did not
originate at least 100 covered credit transactions for small businesses in both 2024 and 2025, it
no longer satisfies the definition of a covered financial institution in § 1002.105(b) at the time of
the compliance date for Tier 3 institutions and thus is not required to comply with the rule in
2026.
vi. Financial Institution F originated 90 covered credit transactions for small businesses
in calendar year 2022, and 120 in 2023, 2024, and 2025. Because Financial Institution F did not
originate at least 100 covered credit transactions for small businesses in each of 2022 and 2023,
it is not in Tier 1, Tier 2, or Tier 3. Because Financial Institution F originated at least 100
covered credit transactions for small businesses in subsequent calendar years, § 1002.114(b)(4),
which cross-references § 1002.105(b), applies to Financial Institution F. Because Financial
Institution F originated at least 100 covered credit transactions for small businesses in each of
2024 and 2025, it is a covered financial institution under § 1002.105(b) and is required to comply
with the rule beginning October 18, 2026. Alternatively, if Financial Institution F chooses to use

its originations in calendar years 2023 and 2024 to determine its compliance tier pursuant to
§ 1002.114(c)(3), it would be in Tier 3 and likewise required to comply with the rule beginning
October 18, 2026.
vii. Financial Institution G originated 90 covered credit transactions for small businesses
in each of calendar years 2022, 2023, 2024, 2025, and 2026, and 120 in each of 2027 and 2028.
Because Financial Institution F did not originate at least 100 covered credit transactions for small
businesses in each of 2022 and 2023, it is not in Tier 1, Tier 2, or Tier 3. Because Financial
Institution G originated at least 100 covered credit transactions for small businesses in
subsequent calendar years, § 1002.114(b)(4), which cross-references § 1002.105(b), applies to
Financial Institution G. Because Financial Institution G originated at least 100 covered credit
transactions for small businesses in each of 2027 and 2028, it is a covered financial institution
under § 1002.105(b) and is required to comply with the rule beginning January 1, 2029.
viii. Financial Institution H originated 550 covered credit transactions for small
businesses in each of calendar years 2022 and 2023, 450 in 2024, and 550 in 2025. Because
Financial Institution H originated at least 500 covered credit transactions for small businesses in
each of 2022 and 2023, it would be in Tier 2 and have a compliance date of January 16, 2026.
However, § 1002.114(c)(3) permits financial institutions to use their originations in 2023 and
2024, rather than in 2022 and 2023, to determine compliance tier. If Financial Institution H elects
to use its originations in 2023 and 2024, it would be in Tier 3 and required to comply with the
rule beginning October 18, 2026.
114(c) Special Transition Rules
1. Collection of certain information prior to a financial institution’s compliance date.
Notwithstanding § 1002.5(a)(4)(ix), a financial institution that chooses to collect information on
covered applications as permitted by § 1002.114(c)(1) in the 12 months prior to its initial
compliance date as specified in § 1002.114(b)(1), (2) or (3) need comply only with the
requirements set out in §§ 1002.107(a)(18) and (19), 1002.108, and 1002.111(b) and (c) with

respect to the information collected. During this 12-month period, a covered financial institution
need not comply with the provisions of § 1002.107 (other than §§ 1002.107(a)(18) and (19)),
1002.109, 1002.110, 1002.111(a), or 1002.114.
2. Transition rule for applications received prior to a compliance date but final action is
taken after a compliance date. If a covered financial institution receives a covered application
from a small business prior to its initial compliance date specified in § 1002.114(b), but takes
final action on or after that date, the financial institution is not required to collect data regarding
that application pursuant to § 1002.107 nor to report the application pursuant to § 1002.109. For
example, if a financial institution is subject to a compliance date of July 18, 2025, and it receives
an application on July 7, 2025 but does not take final action on the application until July 25,
2025, the financial institution is not required to collect data pursuant to § 1002.107 nor to report
data to the Bureau pursuant to § 1002.109 regarding that application.
3. Has readily accessible the information needed to determine small business status. A
financial institution has readily accessible the information needed to determine whether its
originations of covered credit transactions were for small businesses as defined in § 1002.106 if,
for instance, it in the ordinary course of business collects data on the precise gross annual
revenue of the businesses for which it originates loans, it obtains information sufficient to
determine whether an applicant for business credit had gross annual revenues of $5 million or
less, or if it collects and reports similar data to Federal or State government agencies pursuant to
other laws or regulations.
4. Does not have readily accessible the information needed to determine small business
status. A financial institution does not have readily accessible the information needed to
determine whether its originations of covered credit transactions were for small businesses as
defined in § 1002.106 if it did not in the ordinary course of business collect either precise or
approximate information on whether the businesses to which it originated covered credit
transactions had gross annual revenue of $5 million or less. In addition, even if precise or

approximate information on gross annual revenue was initially collected, a financial institution
does not have readily accessible this information if, to retrieve this information, for example, it
must review paper loan files, recall such information from either archived paper records or
scanned records in digital archives, or obtain such information from third parties that initially
obtained this information but did not transmit such information to the financial institution.
5. Reasonable method to estimate the number of originations. The reasonable methods
that financial institutions may use to estimate originations for 2022 and 2023 (or for 2023 and
2024, pursuant to § 1002.114(c)(3)) include, but are not limited to, the following:
i. A financial institution may comply with § 1002.114(c)(2) by determining the small
business status of covered credit transactions by asking every applicant, prior to the closing of
approved transactions, to self-report whether it had gross annual revenue for its preceding fiscal
year of $5 million or less, during the period October 1 through December 31, 2023. The financial
institution may annualize the number of covered credit transactions it originates to small
businesses from October 1 through December 31, 2023 by quadrupling the originations for this
period, and apply the annualized number of originations to both calendar years 2022 and 2023.
Pursuant to § 1002.114(c)(3), a financial institution is permitted to use its originations in 2023
and 2024, rather than 2022 and 2023, to determine its compliance tier. Thus, a financial
institution may ask applicants to self-report revenue information during the period of October 1
through December 31, 2024, and then may annualize the number of covered credit transactions it
originated to small businesses during that period and apply the annualized number of
originations to both calendar years 2023 and 2024.
ii. A financial institution may comply with § 1002.114(c)(2) by assuming that every
covered credit transaction it originates for business customers in calendar years 2022 and 2023
(or in 2023 and 2024) is to a small business.
iii. A financial institution may comply with § 1002.114(c)(2) by using another
methodology provided that such methodology is reasonable and documented in writing.

6. Examples. The following scenarios illustrate the potential application of
§ 1002.114(c)(2) to a financial institution’s compliance date under § 1002.114(b). Unless
otherwise indicated, in each example the financial institution has chosen to estimate its
originations for 2022 and 2023 (rather than 2023 and 2024 as permitted by § 1002.114(c)(3)) to
determine its initial compliance tier.
i. Prior to October 1, 2023, Financial Institution A did not collect gross annual revenue or
other information that would allow it to determine the small business status of the businesses for
whom it originated covered credit transactions in calendar years 2022 and 2023. Financial
Institution A chose to use the methodology set out in comment 114(c)-5.i and as of October 1,
2023 began to collect information on gross annual revenue as defined in § 1002.107(a)(14) for its
covered credit transactions originated for businesses. Using this information, Financial
Institution A determined that it had originated 750 covered credit transactions for businesses that
were small as defined in § 1002.106. On an annualized basis, Financial Institution A originated
3,000 covered credit transactions for small businesses (750 originations * 4 = 3,000 originations
per year). Applying this annualized figure of 3,000 originations to both calendar years 2022 and
2023, Financial Institution A is in Tier 1 and has a compliance date of July 18, 2025.
ii. Prior to July 1, 2023, Financial Institution B collected gross annual revenue
information for some applicants for business credit, but such information was only noted in its
paper loan files. Financial Institution B thus does not have reasonable access to information that
would allow it to determine the small business status of the businesses for whom it originated
covered credit transactions for calendar years 2022 and 2023. Financial Institution B chose to use
the methodology set out in comment 114(c)-5.i, and as of October 1, 2023, Financial Institution
B began to ask all businesses for whom it was closing covered credit transactions if they had
gross annual revenues in the preceding fiscal year of $5 million or less. Using this information,
Financial Institution B determined that it had originated 350 covered credit transactions for
businesses that were small as defined in § 1002.106. On an annualized basis, Financial

Institution B originated 1,400 covered credit transactions for small businesses (350 originations *
4 = 1,400 originations per year). Applying this estimated figure of 1,400 originations to both
calendar years 2022 and 2023, Financial Institution B is in Tier 2 and has a compliance date of
January 16, 2026.
iii. Prior to April 1, 2023, Financial Institution C did not collect gross annual revenue or
other information that would allow it to determine the small business status of the businesses for
whom it originated covered credit transactions in calendar years 2022 and 2023. Financial
Institution C chose its own methodology pursuant to comment 114(c)-5.iii, basing it in part on
the methodology specified in comment 114(c)-5.i. Starting on April 1, 2023, Financial Institution
C began to ask all business applicants for covered credit transactions if they had gross annual
revenue in their preceding fiscal year of $5 million or less. Using this information, Financial
Institution C determined that it had originated 100 covered credit transactions for businesses that
were small as defined in § 1002.106. On an annualized basis, Financial Institution C originated
approximately 133 covered credit transactions for small businesses ((100 originations * 365
days)/275 days = 132.73 originations per year). Applying this estimate of 133 originations to
both calendar years 2022 and 2023, Financial Institution C is in Tier 3 and has a compliance date
of October 18, 2026.
iv. Financial Institution D did not collect gross annual revenue or other information that
would allow it to determine the small business status of the businesses for whom it originated
covered credit transactions in calendar years 2022 and 2023. Financial Institution D determined
that it had originated 3,000 total covered credit transactions for businesses in each of 2022 and
2023. Applying the methodology specified in comment 114(c)-5.ii, Financial Institution D
assumed that all 3,000 covered credit transactions originated in each of 2022 and 2023 were to
small businesses. On that basis, Financial Institution D is in Tier 1 and has a compliance date of
July 18, 2025.

v. Financial Institution E did not collect gross annual revenue or other information that
would allow it to determine the small business status of the businesses for whom it originated
covered credit transactions in calendar years 2022 and 2023. Financial Institution E determined
that it had originated 700 total covered credit transactions for businesses in each of 2022 and
2023. Applying the methodology specified in comment 114(c)-5.ii, Financial Institution E
assumed that all such transactions in each of 2022 and 2023 were originated for small businesses.
On that basis, Financial Institution E is in Tier 2 and has a compliance date of January 16, 2026.
vi. Financial Institution F does not have readily accessible gross annual revenue or other
information that would allow it to determine the small business status of the businesses for
whom it originated covered credit transactions in calendar years 2022 and 2023. Financial
Institution F determined that it had originated 80 total covered credit transactions for businesses
in 2022 and 150 total covered credit transactions for businesses in 2023. Applying the
methodology set out in comment 114(c)-5.ii, Financial Institution F assumed that all such
transactions originated in 2022 and 2023 were originated for small businesses. On that basis,
Financial Institution E is not in Tier 1, Tier 2 or Tier 3, and is subject to the compliance date
provision specified in § 1002.114(b)(4).
vii. Financial Institution G does not have readily accessible gross annual revenue or other
information that would allow it to determine the small business status of the businesses for
whom it originated covered credit transactions in calendar years 2022, 2023, or 2024. Financial
Institution G chose to use the methodology set out in comment 114(c)-5.i, and as of October 1,
2024, Financial Institution G began to ask all businesses for whom it was closing covered credit
transactions if they had gross annual revenue in the preceding fiscal year of $5 million or less.
Using this information, Financial Institution G determined that it had originated 700 covered
credit transactions during that period for businesses that were small as defined in § 1002.106. On
an annualized basis, Financial Institution G originated 2,800 covered credit transactions for small
businesses (700 originations * 4 = 2,800 originations per year). Applying this estimated figure of

2,800 originations to both calendar years 2023 and 2024, Financial Institution G is in Tier 1 and
has a compliance date of July 18, 2025.

*

*

*

*

*

Rohit Chopra,
Director, Consumer Financial Protection Bureau.

[FR Doc. 2024-14396 Filed: 7/2/2024 8:45 am; Publication Date: 7/3/2024]