Wipfli logo
Insights - Articles, Blogs and on-demand webcasts

Articles & E-Books


Are you ready for 1071?

Mar 30, 2023

Have you and your commercial lending team started preparing for implementation of the long-anticipated Section 1071 small-business lending data collection requirements?

If you currently meet, or expect to meet, the transaction thresholds, the time is now to begin tactical steps for compliance.

Part of the Dodd-Frank Act of 2010, Section 1071 amended the Equal Credit Opportunity Act (ECOA), which will now require financial institutions, fintech companies and other lenders to begin collecting and reporting small business lending data.

While the implementation date is about a year and a half from now for large lenders and almost three years for small lenders, it will sneak up on everyone pretty quickly.

Here are some important considerations in preparing for the changes:

Get your loan application in shape

If your commercial lending team is not currently using a loan application or inquiry form, implementation may become a necessity. If an application is being used, analyze the data being collected to ensure it’s sufficient to meet the new requirements.

Your financial institution will need to capture a lot of information about the application, the action taken, the loan terms, the business and the principal owners.

Some of this information may be available from other sources, but identifying the fields that are not currently captured will help you determine what will need to be collected at application.

Also, consider how your financial institution plans to define an “application,” which will trigger the requirements for data collection, reporting and related requirements.

If your institution allows the opening of online accounts, you’ll need to consider how the required information will be captured in the online application process.

Is your data collection process adequate?

Consider your current capacity for capturing this data. Will your current system have the capability to assist with the collection of additional data? If not, contact your vendor to see whether updates will be made or if you will need to consider a manual collection process or even a new loan origination system.

Don’t forget about geocoding. You’ll need to determine whether your system can handle it or if this will also be a manual process.

Be sure you’re set up for the collection of demographic information in the application process, both in person and online, since it must be obtained at the time of application.

Accounting for applications that do not result in a loan

Just as in the Home Mortgage Disclosure Act world, applications that do not result in a loan will need to be reported. Because these require a unique identifier, you’ll need to determine whether the loan origination system will generate a number or  if it will require a manual process.

If your financial institution does not currently keep a pipeline of pending applications, consider how you will be able to ensure all applications that did not result in a loan are accounted for and reported.

Along with applications denied, you’ll need to include those that are withdrawn, incomplete or approved but not accepted. Your institution will need to consider how to capture the approved loan and pricing information. Therefore, you’ll need to determine where the source of this information will be housed.

Establish clear source documentation

Consistency is needed in noting where information is coming from. Your institution will need to consider the source documentation for areas such as loan approval information, amount approved, pricing information, guarantors and the date of action taken. Documenting your source of information for each type of action will provide the consistency required and reduce errors.

Assess your administrative needs

The process of gathering, inputting and reviewing the loan application register (LAR) will need to be administered by a person or group. The volume of lending activity may determine the needed staffing level.

Prior to submitting the LAR, a determination will need to be made about whether a second review of the information will occur (it’s a good idea) and whether that can be accomplished in house or if it will need to be outsourced.

Simply ensuring the format of the LAR is correct and accepted is not sufficient as a review. Examiners will have procedures to require correction and resubmission based on established error rates, so ensuring your data is accurate will be important.

Training will need to happen sooner rather than later to ensure all staff involved in any part of the process, from gathering to reporting, know what is expected and how to obtain and document the required information.

Establish your firewall procedures

The new rules contain a firewall provision, which states that employees or officers of the financial institutions or its affiliates who are involved in making a determination about the application should not have access to the demographic information of the principal owners, including whether the business is minority owned, women owned or LGBTQI+ owned or the ethnicity, race and sex of the principal owners.

To comply with this provision, you will have to determine how you will keep the employees or officers involved in the credit decision from seeing this information, unless you meet the exception, and provide the required notification to the applicant at the time the information is collected. Procedures for handling the firewall provision should be established.

Look at fair lending implications

Fair lending should be considered in every aspect of the lending process. Your institution should consider how or if you are going to analyze the data that is collected for fair lending implications and whether this can be conducted in house or through assistance from a third party.

Get a change management system in place

To manage regulatory change, especially one as impactful as 1071, financial institutions should have an effective change management system. You need to analyze and understand how the new requirements affect your existing processes and make modifications as appropriate.

This level of change is difficult to handle alone, making a team approach advisable.

The first step is determining who should be part of that team. Members of compliance, operations, small business lending and potentially information technology should likely be part of your team. Every institution’s structure varies, so selecting the team based on the roles and implementation needs is key.

Next, you’ll want to look at your product offerings to determine the scope of impact. Determine what lines and products this new rule will affect. You don’t want to realize too late that you missed someone or something.

Analyze your current systems. What pitfalls are there to hinder the data collection process? Make sure you are keeping up with what your vendor has in their pipeline to facilitate your data collection and reporting.

Finally, perform a gap analysis. Evaluate your covered transactions and data collection process against the requirements of Section 1071 to determine what areas are not working and where enhancements are still needed.

How Wipfli can help

While 1071 is similar to HMDA rules in some respects, the requirements constitute a significant change. Don’t navigate this complex process alone. Wipfli professionals can guide you through the implementation process to help ensure you are in compliance. Contact us to learn more about our 1071 assistance services.

Sign up to receive additional financial institutions content in your inbox or continue reading:

For additional information or to inquire about Wipfli services, please contact:


Kristen L. Eustis, CRCM
View Profile
3 coworkers collaborating in a conference room
Section 1071 support
Learn more