§ 1002.114 Effective date, compliance date, and special transitional rules.

1. Application of compliance date. The applicable compliance date in § 1002.114(b) is the date by which the covered financial institution must begin to compile data as specified in § 1002.107, comply with the firewall requirements of § 1002.108, and begin to maintain records as specified in § 1002.111. In addition, the covered financial institution must comply with § 1002.110(c) and (d) no later than June 1 of the year after the applicable compliance date. For instance, if § 1002.114(b)(2) applies to a financial institution, it must comply with §§ 1002.107 and 1002.108, and portions of § 1002.111, beginning January 16, 2026, and it must comply with § 1002.110(c) and (d), and portions of § 1002.111, no later than June 1, 2027.

2. Initial partial year collections pursuant to § 1002.114(b).

i. When the compliance date of July 18, 2025 specified in § 1002.114(b)(1) applies to a covered financial institution, the financial institution is required to collect data for covered applications during the period from July 18, 2025 to December 31, 2025. The financial institution must compile data for this period pursuant to § 1002.107, comply with the firewall requirements of § 1002.108, and maintain records as specified in § 1002.111. In addition, for data collected during this period, the covered financial institution must comply with §§ 1002.109 and 1002.110(c) and (d) by June 1, 2026.

ii. When the compliance date of January 16, 2026 specified in § 1002.114(b)(2) applies to a covered financial institution, the financial institution is required to collect data for covered applications during the period from January 16, 2026 to December 31, 2026. The financial institution must compile data for this period pursuant to § 1002.107, comply with the firewall requirements of § 1002.108, and maintain records as specified in § 1002.111. In addition, for data collected during this period, the covered financial institution must comply with §§ 1002.109 and 1002.110(c) and (d) by June 1, 2027.

iii. When the compliance date of October 18, 2026 specified in § 1002.114(b)(3) or (4) applies to a covered financial institution, the financial institution is required to collect data for covered applications during the period from October 18, 2026 to December 31, 2026. The financial institution must compile data for this period pursuant to § 1002.107, comply with the firewall requirements of § 1002.108, and maintain records as specified in § 1002.111. In addition, for data collected during this period, the covered financial institution must comply with §§ 1002.109 and 1002.110(c) and (d) by June 1, 2027.

3. Informal names for compliance date provisions. To facilitate discussion of the compliance dates specified in § 1002.114(b)(1), (2), and (3), in the official commentary and any other documents referring to these compliance dates, the Bureau adopts the following informal simplified names. Tier 1 refers to the cohort of covered financial institutions that have a compliance date of July 18, 2025 pursuant to § 1002.114(b)(1). Tier 2 refers to the cohort of covered financial institutions that have a compliance date of January

4. Examples. The following scenarios illustrate how to determine whether a financial institution is a covered financial institution and which compliance date specified in § 1002.114(b) applies. Unless otherwise indicated, in each example the financial institution has

i. Financial Institution A originated 3,000 covered credit transactions for small businesses in calendar year 2022, and 3,000 in calendar year 2023. Financial Institution A is in Tier 1 and has a compliance date of July 18, 2025.

ii. Financial Institution B originated 2,000 covered credit transactions for small businesses in calendar year 2022, and 3,000 in calendar year 2023. Because Financial Institution B did not originate at least 2,500 covered credit transactions for small businesses in each of 2022 and 2023, it is not in Tier 1. Because Financial Institution B did originate at least 500 covered credit transactions for small businesses in each of 2022 and 2023, it is in Tier 2 and has a compliance date of January 16, 2026.

iii. Financial Institution C originated 400 covered credit transactions to small businesses in calendar year 2022, and 1,000 in calendar year 2023. Because Financial Institution C did not originate at least 2,500 covered credit transactions for small businesses in each of 2022 and 2023, it is not in Tier 1, and because it did not originate at least 500 covered credit transactions for small businesses in each of 2022 and 2023, it is not in Tier 2. Because Financial Institution C did originate at least 100 covered credit transactions for small businesses in each of 2022 and 2023, it is in Tier 3 and has a compliance date of October 18, 2026.

iv. Financial Institution D originated 90 covered credit transactions to small businesses in calendar year 2022, 120 in calendar year 2023, and 90 in calendar years 2024, 2025, and 2026. Because Financial Institution D did not originate at least 100 covered credit transactions for small businesses in each of 2022 and 2023, it is not in Tier 1, Tier 2, or Tier 3. Because Financial Institution D did not originate at least 100 covered credit transactions for small businesses in subsequent consecutive calendar years, it is not a covered financial institution under § 1002.105(b) and is not required to comply with the rule in 2025, 2026, or 2027.

v. Financial Institution E originated 120 covered credit transactions for small businesses in each of calendar years 2022, 2023, and 2024, and 90 in 2025. Because Financial Institution E did not originate at least 2,500 or 500 covered credit transactions for small businesses in each of 2022 and 2023, it is not in Tier 1 or Tier 2. Because Financial Institution E originated at least 100 covered credit transactions for small businesses in each of 2022 and 2023, it is in Tier 3 and has a compliance date of October 18, 2026. However, because Financial Institution E did not originate at least 100 covered credit transactions for small businesses in both 2024 and 2025, it no longer satisfies the definition of a covered financial institution in § 1002.105(b) at the time of the compliance date for Tier 3 institutions and thus is not required to comply with the rule in 2026.

vi. Financial Institution F originated 90 covered credit transactions for small businesses in calendar year 2022, and 120 in 2023, 2024, and 2025. Because Financial Institution F did not originate at least 100 covered credit transactions for small businesses in each of 2022 and 2023, it is not in Tier 1, Tier 2, or Tier 3. Because Financial Institution F originated at least 100 covered credit transactions for small businesses in subsequent calendar years, § 1002.114(b)(4), which cross-references § 1002.105(b), applies to Financial Institution F. Because Financial Institution F originated at least 100 covered credit transactions for small businesses in each of 2024 and 2025, it is a covered financial institution under § 1002.105(b) and is required to comply with the rule beginning October 18, 2026. Alternatively, if Financial Institution F chooses to use its originations in calendar years 2023 and 2024 to determine its compliance tier pursuant to § 1002.114(c)(3), it would be in Tier 3 and likewise required to comply with the rule beginning October 18, 2026.

vii. Financial Institution G originated 90 covered credit transactions for small businesses in each of calendar years 2022, 2023, 2024, 2025, and 2026, and 120 in each of 2027 and 2028. Because Financial Institution F did not originate at least 100 covered credit transactions for small businesses in each of 2022 and 2023, it is not in Tier 1, Tier 2, or Tier 3. Because Financial Institution G originated at least 100 covered credit transactions for small businesses in subsequent calendar years, § 1002.114(b)(4), which cross-references § 1002.105(b), applies to Financial Institution G. Because Financial Institution G originated at least 100 covered credit transactions for small businesses in each of 2027 and 2028, it is a covered financial institution under § 1002.105(b) and is required to comply with the rule beginning January 1, 2029.

viii. Financial Institution H originated 550 covered credit transactions for small businesses in each of calendar years 2022 and 2023, 450 in 2024, and 550 in 2025. Because Financial Institution H originated at least 500 covered credit transactions for small businesses in each of 2022 and 2023, it would be in Tier 2 and have a compliance date of January 16, 2026. However, § 1002.114(c)(3) permits financial institutions to use their originations in 2023 and 2024, rather than in 2022 and 2023, to determine compliance tier. If Financial Institution H elects to use its originations in 2023 and 2024, it would be in Tier 3 and required to comply with the rule beginning October 18, 2026.

See interpretation of 114(b) Compliance Date in Supplement I

1. Collection of certain information prior to a financial institution’s compliance date. Notwithstanding § 1002.5(a)(4)(ix), a financial institution that chooses to collect information on covered applications as permitted by § 1002.114(c)(1) in the 12 months prior to its initial compliance date as specified in § 1002.114(b)(1), (2) or (3) need comply only with the requirements set out in §§ 1002.107(a)(18) and (19), 1002.108, and 1002.111(b) and (c) with respect to the information collected. During this 12-month period, a covered financial institution need not comply with the provisions of § 1002.107 (other than §§ 1002.107(a)(18) and (19)), 1002.109, 1002.110, 1002.111(a), or 1002.114.

2. Transition rule for applications received prior to a compliance date but final action is taken after a compliance date. If a covered financial institution receives a covered application from a small business prior to its initial compliance date specified in § 1002.114(b), but takes final action on or after that date, the financial institution is not required to collect data regarding that application pursuant to § 1002.107 nor to report the application pursuant to § 1002.109. For example, if a financial institution is subject to a compliance date of July 18, 2025, and it receives an application on July 7, 2025 but does not take final action on the application until July 25, 2025, the financial institution is not required to collect data pursuant to § 1002.107 nor to report data to the Bureau pursuant to § 1002.109 regarding that application.

3. Has readily accessible the information needed to determine small business status. A financial institution has readily accessible the information needed to determine whether its originations of covered credit transactions were for small businesses as defined in § 1002.106 if, for instance, it in the ordinary course of business collects data on the precise gross annual revenue of the businesses for which it originates loans, it obtains information sufficient to determine whether an applicant for business credit had gross annual revenues of $5 million or less, or if it collects and reports similar data to Federal or State government agencies pursuant to other laws or regulations.

4. Does not have readily accessible the information needed to determine small business status. A financial institution does not have readily accessible the information needed to determine whether its originations of covered credit transactions were for small businesses as defined in § 1002.106 if it did not in the ordinary course of business collect either precise or approximate information on whether the businesses to which it originated covered credit transactions had gross annual revenue of $5 million or less. In addition, even if precise or approximate information on gross annual revenue was initially collected, a financial institution does not have readily accessible this information if, to retrieve this information, for example, it must review paper loan files, recall such information from either archived paper records or scanned records in digital archives, or obtain such information from third parties that initially obtained this information but did not transmit such information to the financial institution.

5. Reasonable method to estimate the number of originations. The reasonable methods that financial institutions may use to estimate originations for 2022 and 2023 (or for 2023 and 2024, pursuant to § 1002.114(c)(3)) include, but are not limited to, the following:

i. A financial institution may comply with § 1002.114(c)(2) by determining the small business status of covered credit transactions by asking every applicant, prior to the closing of approved transactions, to self-report whether it had gross annual revenue for its preceding fiscal year of $5 million or less, during the period October 1 through December 31, 2023. The financial institution may annualize the number of covered credit transactions it originates to small businesses from October 1 through December 31, 2023 by quadrupling the originations for this period, and apply the annualized number of originations to both calendar years 2022 and 2023. Pursuant to § 1002.114(c)(3), a financial institution is permitted to use its originations in 2023 and 2024, rather than 2022 and 2023, to determine its compliance tier. Thus, a financial institution may ask applicants to self-report revenue information during the period of October 1 through December 31, 2024, and then may annualize the number of covered credit transactions it originated to small businesses during that period and apply the annualized number of originations to both calendar years 2023 and 2024.

ii. A financial institution may comply with § 1002.114(c)(2) by assuming that every covered credit transaction it originates for business customers in calendar years 2022 and 2023 (or in 2023 and 2024) is to a small business.

iii. A financial institution may comply with § 1002.114(c)(2) by using another methodology provided that such methodology is reasonable and documented in writing.

6. Examples. The following scenarios illustrate the potential application of § 1002.114(c)(2) to a financial institution’s compliance date under § 1002.114(b). Unless otherwise indicated, in each example the financial institution has chosen to estimate its originations for 2022 and 2023 (rather than 2023 and 2024 as permitted by § 1002.114(c)(3)) to determine its initial compliance tier.

i. Prior to October 1, 2023, Financial Institution A did not collect gross annual revenue or other information that would allow it to determine the small business status of the businesses for whom it originated covered credit transactions in calendar years 2022 and 2023. Financial Institution A chose to use the methodology set out in comment 114(c)-5.i and as of October 1, 2023 began to collect information on gross annual revenue as defined in § 1002.107(a)(14) for its covered credit transactions originated for businesses. Using this information, Financial Institution A determined that it had originated 750 covered credit transactions for businesses that were small as defined in § 1002.106. On an annualized basis, Financial Institution A originated 3,000 covered credit transactions for small businesses (750 originations * 4 = 3,000 originations per year). Applying this annualized figure of 3,000 originations to both calendar years 2022 and 2023, Financial Institution A is in Tier 1 and has a compliance date of July 18,

ii. Prior to July 1, 2023, Financial Institution B collected gross annual revenue information for some applicants for business credit, but such information was only noted in its paper loan files. Financial Institution B thus does not have reasonable access to information that would allow it to determine the small business status of the businesses for whom it originated covered credit transactions for calendar years 2022 and 2023. Financial Institution B chose to use the methodology set out in comment 114(c)-5.i, and as of October 1, 2023, Financial Institution B began to ask all businesses for whom it was closing covered credit transactions if they had gross annual revenues in the preceding fiscal year of $5 million or less. Using this information, Financial Institution B determined that it had originated 350 covered credit transactions for businesses that were small as defined in § 1002.106. On an annualized basis, Financial Institution B originated 1,400 covered credit transactions for small businesses (350 originations * 4 = 1,400 originations per year). Applying this estimated figure of 1,400 originations to both calendar years 2022 and 2023, Financial Institution B is in Tier 2 and has a compliance date of January 16, 2026.

iii. Prior to April 1, 2023, Financial Institution C did not collect gross annual revenue or other information that would allow it to determine the small business status of the businesses for whom it originated covered credit transactions in calendar years 2022 and 2023. Financial Institution C chose its own methodology pursuant to comment 114(c)-5.iii, basing it in part on the methodology specified in comment 114(c)-5.i. Starting on April 1, 2023, Financial Institution C began to ask all business applicants for covered credit transactions if they had gross annual revenue in their preceding fiscal year of $5 million or less. Using this information, Financial Institution C determined that it had originated 100 covered credit transactions for businesses that were small as defined in § 1002.106. On an annualized basis, Financial Institution C originated approximately 133 covered credit transactions for small businesses ((100 originations * 365 days)/275 days = 132.73 originations per year). Applying this estimate of 133 originations to both calendar years 2022 and 2023, Financial Institution C is in Tier 3 and has a compliance date of October 18, 2026.

iv. Financial Institution D did not collect gross annual revenue or other information that would allow it to determine the small business status of the businesses for whom it originated covered credit transactions in calendar years 2022 and 2023. Financial Institution D determined that it had originated 3,000 total covered credit transactions for businesses in each of 2022 and 2023. Applying the methodology specified in comment 114(c)-5.ii, Financial Institution D assumed that all 3,000 covered credit transactions originated in each of 2022 and 2023 were to small businesses. On that basis, Financial Institution D is in Tier 1 and has a compliance date of July 18, 2025.

v. Financial Institution E did not collect gross annual revenue or other information that would allow it to determine the small business status of the businesses for whom it originated covered credit transactions in calendar years 2022 and 2023. Financial Institution E determined that it had originated 700 total covered credit transactions for businesses in each of 2022 and 2023. Applying the methodology specified in comment 114(c)-5.ii, Financial Institution E assumed that all such transactions in each of 2022 and 2023 were originated for small businesses. On that basis, Financial Institution E is in Tier 2 and has a compliance date of January 16, 2026.

vi. Financial Institution F does not have readily accessible gross annual revenue or other information that would allow it to determine the small business status of the businesses for whom it originated covered credit transactions in calendar years 2022 and 2023. Financial Institution F determined that it had originated 80 total covered credit transactions for businesses in 2022 and 150 total covered credit transactions for businesses in 2023. Applying the methodology set out in comment 114(c)-5.ii, Financial Institution F assumed that all such transactions originated in 2022 and 2023 were originated for small businesses. On that basis, Financial Institution E is not in Tier 1, Tier 2 or Tier 3, and is subject to the compliance date provision specified in § 1002.114(b)(4).

vii. Financial Institution G does not have readily accessible gross annual revenue or other information that would allow it to determine the small business status of the businesses for whom it originated covered credit transactions in calendar years 2022, 2023, or 2024. Financial Institution G chose to use the methodology set out in comment 114(c)-5.i, and as of October 1, 2024, Financial Institution G began to ask all businesses for whom it was closing covered credit transactions if they had gross annual revenue in the preceding fiscal year of $5 million or less. Using this information, Financial Institution G determined that it had originated 700 covered credit transactions during that period for businesses that were small as defined in § 1002.106. On an annualized basis, Financial Institution G originated 2,800 covered credit transactions for small businesses (700 originations * 4 = 2,800 originations per year). Applying this estimated figure of 2,800 originations to both calendar years 2023 and 2024, Financial Institution G is in Tier 1 and has a compliance date of July 18, 2025.

See interpretation of 114(c) Special Transition Rules in Supplement I