Now that the Consumer Financial Protection Bureau has a permanent director in Kathy Kraninger, the agency can, at long last, pursue a path towards regular order.
After years of political football, Kraninger’s primary task will be to neutralize the rhetoric surrounding the agency and get to work on policy reforms that will protect the American consumer. She and her team at the CFPB could make huge progress by moving forward with its small-business data collection rule.
Section 1071 of the Dodd-Frank Act directs the CFPB to collect data on lending to small businesses, with the goal of better understanding the landscape for those that are owned and operated by women and minorities.
To move the process forward, the CFPB should elevate the rulemaking off the “long term” list and convene a panel of small entities early this year. The current leadership and project supervisor are well-equipped to lead the implementation of this rulemaking and mitigate any unintended negative consequences to the small business lending market.
Building a database to track small-business lending practices is a tall task with plenty of potential pitfalls, but the CFPB can do it successfully if it follows the Hippocratic Oath: Do no harm.
With that principle as a foundation, here are four guidelines to ensure that any rule governing small-business data collection is sound, effective and minimizes any risks to the small-business lending market.
First, the CFPB should conduct a rigorous cost-benefit analysis of any potential rule, and it should accept public comments on the final proposal. Doing so will give the bureau a full understanding of the practical impacts of a Section 1071 directive on small businesses and the economy. The CFPB’s Cost Benefit Office, established by former acting director Mick Mulvaney, will help minimize harm to the marketplace. Borrowers in the small-business lending market are already having a tough time accessing credit — their input will allow the CFPB to craft a rule that actually meets the needs of those it’s intended to help.
Second, the bureau should develop a definition of “small business” that is narrowly tailored and easy to understand. This is crucial for ensuring that lending officers can easily pinpoint which businesses are subject to data collection and which are not. The Small Business Administration even agrees that the definition of small business might be too difficult to understand, as evidenced by its response to the CFPB’s request for information.
Next, the bureau should collect only the data points that are mandated by the statute. In this age of ever-more-frequent data breaches, data protection needs to be an absolute priority. Asking borrowers for the information the statute requires — and nothing more — is the most prudent tactic for guarding small business owners. Plus, the more data the CFPB is required to collect, the longer the lending process takes. Time is of the essence for any growing small business.
Finally, the CFPB can protect small business borrowers by ensuring the data it collects will remain private. In addition to the aforementioned risk of data breaches, identifying a borrower by making their sensitive data public, even if their name is not attached, should be a cause for concern for small businesses.
Only with thoughtful feedback and robust cost-benefit analysis will the bureau effectively fulfill its Hippocratic Oath to small businesses, consumers and the industry.This post was originally published here