In this episode, Len Suzio and Dean Stockford discuss the CFPB’s November 2025 proposed rulemaking on Section 1071 and explain how it could dramatically scale back the current small business lending data-collection requirements. Len highlights the biggest proposed changes, including moving to a single compliance date of January 1, 2028, sharply reducing the number of required data points, raising the reporting threshold from 100 to 1,000 small business loans in each of the prior two years, narrowing the definition of a small business from $5 million to $1 million in gross annual revenue, and excluding certain products like merchant cash advances, agricultural loans, and transactions of $1,000 or less. He argues that the most significant impact would come not from fewer data fields, but from the much smaller pool of covered lenders and loans, while also warning that the revised definition could create confusion with CRA reporting standards and increase the risk of errors. Brought to you by GeoDataVision and M&M Consulting

In this episode, Dean Stockford and Len Suzio discuss what compliance risk management should look like in 2026 as financial institutions face rising fraud, cyber threats, AI-related risks, third-party exposure, and an uncertain regulatory environment. Dean argues that compliance functions can no longer remain purely advisory and instead must evolve into active risk management and oversight roles, with stronger risk assessments, enhanced monitoring, root-cause analysis, more targeted training, better frontline tools, and closer alignment between risks, controls, and institutional risk appetite. He emphasizes that a strong compliance culture begins with understanding the organization’s structure, risk tolerance, and operational realities, then building a more robust compliance management system around those insights. The episode closes with Dean’s view of the biggest compliance risk areas in 2026, including data privacy and cybersecurity, AML/CTF, digital banking, AI compliance, third-party risk, regulatory fragmentation, and the growing cost of top-tier compliance talent. Brought to you by GeoDataVision and M&M Consulting

Len explains that the OCC issued a December 18, 2025 proposal to create a “Simplified Plan Process for Community Banks” to make the CRA strategic plan option easier, but he believes its real value extends beyond banks using strategic plans because it reveals how regulators think about “Satisfactory” and “Outstanding” performance under normal CRA standards. The proposal distinguishes between “custom” bank-specific goals (which Len says offers little practical guidance) and “elective” goals, which are quantifiable targets drawn from approved plans and OCC supervisory experience. Len highlights that the most useful—and historically murky— CRA test is Community Development. The OCC's proposal provides explicit benchmarks for CD lending, investing, combined lending/investing, and CD services, using ratios tied to Tier 1 capital or total assets (including notably lower investment thresholds when a bank relies heavily on donations, acknowledging their significance). He notes the proposal also introduces measurable expectations for CD service hours per employee, while offering little new insight on traditional lending tests. Although the OCC states elective goals are not “safe harbors” and not formal benchmarks outside the simplified process, Len argues they align with what regulators historically expect and can help CRA officers set internal performance targets; this is where you would provide a link to the 67 tests, performance standards and ratings. https://geodatavision.com/content/occ-proposed-elective-goals-for-cra-strategic-planning/ Brought to you by GeoDataVision and M&M Consulting