Test

By: Joel Pruis The debate on what constitutes a small business application is probably second only to the ongoing debate around centralized vs. decentralized loan authority (but we will get to that topic in a couple of blogs later).  We have a couple of topics that need to be considered in this discussion, namely:      1.      When is an application an application?      2.     Do you process an incomplete application? When is an application an application? Any request by a small business with annual sales of $1,000,000 or less falls under Reg B.  As we all know because of this regulation we have to maintain proper records of when we received an application and when a decision on the application was made as well as communicated to the client.  To keep yourself out of trouble, I recommend that there be a small business application form (paper or electronic) and that you have clearly stated the information required for a completed application in your small business application procedures.  The form removes ambiguities in the application process and helps with the compliance documentation. One thing is for certain – when you request a personal credit bureau on the small business owner(s)/guarantor(s) and you currently do not have any credit exposure to the individual(s) – you have received an application and to this there is no debate. Bottom line is that you need to define your application and do so using objective criteria.  Subjective criteria leaves room for interpretation and individual interpretation leaves doubt in the compliance area. Information requirements Whether or not you use a generic or custom small business scorecard or no scorecard at all, there are some baseline data segments that are important to collect on the small business applicant: Requested amount and purpose for the funds Collateral (if necessary based upon the product terms and conditions) General demographics on the business Name and location Business Entity type (corporation, llc, partnership, etc.) Product and/or service provided Length of time in business Current banking relationship General demographics on the owners/guarantors Names and addresses Current banking relationship Length of time with the business External data reports on the business and/or guarantors Business Report Personal Credit Bureau on the owners/guarantors Financial Statements (??) – we’ll talk about that in part II of this post. The demographics and the existing banking relationship are likely not causing any issues with anyone and the requested amount and use of funds is elementary to the process.  Probably the greatest debate is around the collection of financial information and we are going to save that debate for the next post. The non-financial information noted above provides sufficient data to pull personal credit bureaus on the owners/guarantors and the business bureau on the actual borrower.  We have even noted some additional data informing us the length of time the business has been in existence and where the banking relationship is currently held for both the business and the owners.  But what additional information should be requested or should I say required? We have to remember that the application is not only to support the ability to render a decision but also supports the ability to document the loan and maybe even serve as a portion of the loan documentation.  We need to consider the following: How standardized are the products we offer? Do we allow for customization of collateral to be offered? Do we have standard loan/fee pricing? Is automatic debit for the loan payments required?  Optional? Not available? Are personal guarantees required?  Optional? We again go back to the 80/20 rule.  Product standardization is beneficial and optimal when we have high volumes and low dollars.  The smaller the dollar size of the request/relationship the more standardized we need to have our products and as a result our application can be more streamlined.  When we do not negotiate rate, we do not need to have a space to note requested rate.  When we do not negotiate on personal guarantees we always require the personal financial information be collected on all owners of the business (some exceptions for very small ownership interests).  Auto-debit for the loan payments means we always need to have some form of a DDA account with our institution.  I think you get the point that for the highest volume of applications we standardize and thus streamline the process through the removal of ambiguity. Do you process an incomplete application? The most common argument for processing an incomplete application is that if we know we are going to decline the application based upon information on the personal credit bureau, why go through the effort of collecting and spreading the financial information.  Two significant factors make this argument moot: customer satisfaction and fair lending regulation. Customer satisfaction This is based upon the ease of doing business with the financial institution.  More specifically the number of contact points or information requests that are required during the process.  Ideally the number of contact points that are required once the applicant has decided to make a financing request should be minimal the information requirements clearly communicated up front and fully collected prior to rendering a decision.  The idea that a quick no is preferable to submitting a full application actually is working to make the declination process more efficient than the actual approval process.  So in other words we are making the process more efficient and palatable for those clients we do NOT consider acceptable versus those clients that ARE acceptable.  Secondly, if we accept and process incomplete applications, we are actually mis-prioritizing the application volume.  Incomplete applications should never be processed ahead of completed packages yet under the quick no objective, the incomplete application is processed ahead of completed applications simply based upon date and time of submission.  Consequently we are actually incenting and fostering the submission of incomplete applications by our lenders.  Bluntly this is a backward approach that only serves to make the life of the relationship manager more efficient and not the client. Fair lending regulation This perspective poses a potential issue when it comes to consistency.  In my 10 years working with hundreds of financial institutions, only a very small minority of times have I encountered a financial institution that is willing to state with absolute certainty that a particular characteristic will cause an application to e declined 100% of the time.  As a result, I wish to present this scenario: Applicant A provides an incomplete application (missing financial statements, for example).  {C}Application is processed in an incomplete status with personal and business bureaus pulled. Personal credit bureau has blemishes which causes the financial institution to decline the application Process is complete Applicant B provides a completed application package with financial statements Application is processed with personal and business bureaus pulled, financial statements spread and analysis performed Personal credit bureau has the same blemishes as Applicant A Financial performance prompts the underwriter or lender to pursue an explanation of why the blemishes occurred and the response is acceptable to the lender/underwriter. Assuming Applicant A had similar financial performance, we have a case of inconsistency due to a portion of the information that we “state” is required for an application to be complete yet was not received prior to rendering the decision.  Bottom line the approach causes doubt with respect to inconsistent treatment and we need to avoid any potential doubt in the minds of our regulators. Let’s go back to the question of financial statements.  Check back Thursday for my follow-up post, or part II, where we’ll cover the topic in greater detail. 

Within the world of cyber security, a great deal of attention has been focused lately on the escalating hazards and frequency of data breaches, with considerable discussion on the high cost of such breaches.  But as the industry has assessed the financial toll of breaches, it has never taken into account how data breaches harm reputations, brand image, and consequently a company's bottom line. Until now. A recently released Ponemon Institute study, sponsored by Experian’s Data Breach Resolution and believed to be the first of its kind, explores the “Reputation Impact of a Data Breach” to provide more context for the full scope of data breaches.  The findings draw enlightening conclusions around the financial toll that data breaches wreak upon harmed corporate reputations, including these key takeaways: Reputation is one of an organization’s most important and valuable assets. Reputation and brand image are perceived as very valuable…and highly vulnerable to negative events, including a data breach. Calculating the value of reputation and brand reveals how valuable these assets are to an organization. The average value of brand and reputation for the study’s participating organizations was determined to be approximately $1.5 billion.  Depending upon the type of information lost as a result of the breach, the average loss in the value of the brand ranged from $184 million to more than $330 million. Depending upon the type of breach, the value of brand and reputation could decline as much as 17 percent to 31 percent. Not all data breaches are equal. Some breaches are more devastating than others to an organization’s reputation and brand image, with the loss or theft of customer information ranked as the most devastating (followed by confidential financial business information and confidential non-financial business information). Data breaches occur in most organizations represented in this study and have at least a moderate or a significant impact on reputation and brand image. According to 82 percent of respondents, their organizations had a data breach involving sensitive or confidential information.  Fifty-three percent say the data breaches had a moderate impact on reputation and brand image and 23 percent say it was significant. Most organizations in the study have had a data breach involving the theft of sensitive or confidential business information. On average these types of breaches have occurred 2.9 times in surveyed organizations, with the theft or loss of confidential financial information having the most significant impact on reputation and brand. Respondents strongly believe in understanding the root cause of the breach and protecting victims from identity theft. When asked what their organizations did following a breach to preserve or restore brand and reputation, the top three steps are: conduct investigations and forensics, work closely with law enforcement and protect those affected from potential harms such as identity theft. The Ponemon study clearly shows that when data breaches occur, the collateral damage of a company’s brand and reputation become significant hard costs that must be factored into the total financial loss. Download the Ponemon Reputation Impact Study

Case studies Experian’s products help clients profitably manage and optimize their customer relationships. We regularly publish case studies highlighting our clients’ successes. »  View client case studies »  Contact us at decisionanalytics@experian.com to request a client reference   Newsletters Experian publishes newsletters on a variety of credit trends and decisioning topics, ranging from recent industry news and regulations, to exclusive offers and updates. »  View latest editions, archives and join our mailing list.   Webinars Experian provides interactive education for credit professionals. View our complimentary webinars and learn how we help you build successful relationships with your customers. »  Register for current and view past credit trends and decisioning Webinars »  View all available Experian Webinars   White papers Experian publishes regular research reports and white papers on industry-relevant topics and issues. »  Download research reports and white papers