On March 30, after years of rulemaking efforts, the Consumer Financial Protection Bureau (CFPB) issued a final rule implementing Section 1071 of the Dodd-Frank Act. Small business lenders, if they haven’t already, must put in place rigorous data collection techniques, implement security firewalls, and update employee training by their listed compliance date.