$166 million in annual compliance savings sounds like a win. Russ Vought, CFPB Acting Director, is calling it exactly that. What he’s really done is gut the agency’s small-business lending data collection rule so thoroughly that fair lending watchdogs say it can’t do its job.
The final rule, effective January 2028, raises the coverage threshold from 100 small-business loans per year to 1,000. That single change drops the number of affected lenders from roughly 2,500 to just 280. Meanwhile, required data points collapse from 81 to 13, with race, ethnicity, and LGBTQ+ status identifiers stripped out entirely. The definition of a small business also contracts: $1 million in gross annual revenue replaces the prior $5 million threshold, pulling more borrowers out of scope.
Here’s the compliance puzzle: Vought couldn’t kill Section 1071 outright because it’s written into the Dodd-Frank Act. Baker Donelson partner and CFPB alum Elena Babinecz put it plainly: the risks of a court forcing them to restore the rule were too high. So they revised it instead.
Critics from Americans for Financial Reform say the gutted rule will let discriminatory lending against Black, Latine, Indigenous, and women farmers persist. Even banking trade groups, generally supportive, flagged the 1,000-loan threshold as too restrictive, suggesting 250 or 500 as more workable.
The rule takes effect in January 2028. A Texas bank and the state’s banking trade group already sued once over the 2023 version. Don’t expect the current version to avoid the courts either.
— Marcus Webb