close
close

Significant regulatory changes will soon impact your training and policy management

Posted on by darion

Compliance regulations and binders Source/Shutterstock

2023 was an extremely eventful year for the financial services industry, and things are not expected to slow down in 2024. There have been several important regulatory updates that impact current training programs. As financial services leaders, it is critical to stay current and update all training programs and policies to ensure standards are met.

Both updates to Sections 1071 and 1033 impact data collection and ownership, internal training programs, and policy management.

Section 1071: Small Business Data Collection Act

Section 1071 requires credit unions and other covered financial institutions to collect and report information on small business loan applications based on certain thresholds established by statute. To be covered, a financial institution must have at least 100 covered originations in each of the two preceding calendar years. Covered financial institutions are not required to aggregate seed amounts at the parent or holding company level, nor are they required to report covered seed amounts produced by an affiliate.

Covered credit transactions are an extension of credit primarily for business, commercial, or agricultural purposes unless exempted under the final rules. Covered credit transactions include loans, lines of credit, credit cards, merchant cash advances and other credit products. These include the following types of lending activities:

  • Reassessments, extensions or renewal requests for existing business credit accounts only for credit increases;
  • All refinances, regardless of dollar amount requested;
  • Pre-qualification inquiries and applications;
  • Reviews or assessments initiated by a covered financial institution; AND
  • Invitations and any binding credit offers.

The regulation requires covered financial institutions not to discourage applicants from responding to requests for primary owner demographic information. They must maintain procedures for collecting data prior to a final credit decision and in a reasonable manner, and the request for such data must be clearly visible. Institutions must provide appropriate training to loan officers and any other persons involved in data collection. The law provides a safe harbor for covered financial institutions that initially collect demographic information about an applicant’s principal owners under the final regulations, but later determine that they should not have collected that data if the institution had reasonable grounds to believe that the applicant qualified as a small business.

Section 1033: Rights Regarding Personal Financial Information

Section 1033 requires covered entities to make available to consumers, upon request, transaction data and other information relating to consumer financial products or services that the consumer receives from the covered entity. The Consumer Financial Protection Bureau’s (CFPB) goal in Section 1033 is to provide opportunities to strengthen consumers’ access to and control over their financial data.

Open banking implements the concept that consumers should be the ultimate owners of their financial data, have the freedom to access and share it, and have the choice to obtain products and services from anyone. Covered data providers are defined as a “financial institution” under Regulation E or a “card issuer” under Regulation Z. Organizations offering digital wallets will be required to comply with these regulations. Covered accounts include any checking, savings, consumer asset or prepaid account held directly or indirectly by a financial institution and established primarily for personal, family or household purposes, as well as credit card accounts and digital wallets. Importantly, commercial or business accounts, open non-credit card accounts, and closed loan accounts are exempt from these requirements.

The six categories of information that we believe will be part of the requirements are:

  • Periodic statement information regarding transactions and settled deposits; Information regarding previous transactions and deposits that have not yet been settled;
  • Information about past transactions that are not usually shown on periodic statements or are not available on online banking systems;
  • Online banking transactions that have not yet been processed;
  • Account identification data; AND
  • Other information, such as consumer reports used to qualify a consumer for a product or service; fees, bonuses, rewards, rebates or other incentives; and security breach information that reveals a consumer’s identity or financial information.

Comments on the regulation could be submitted to the CFPB until December 29, 2023. Pursuant to the Regulations Federal Register5,956 comments were submitted, including a letter from American Credit Unions (formerly CUNA and NAFCU). If finalized, the policy will go into effect 60 days after being posted on the website Federal Register.

Regulatory updates continually impact the financial industry and require evolving training programs and procedures to help maintain this multi-faceted ecosystem. As financial services leaders who oversee the delivery of services to consumers, it is important to stay current and prioritize employee education so they can be confident in their work and recommendations.

Chris Boersma Chris Boersma

Chris Boersma is a product manager at BAI, a nonprofit financial services training and research organization based in Chicago.