Regulators will soon have intimate access to your investment account information in a new proposal by the Financial Industry Regulatory Authority (FINRA).
Last December, FINRA proposed the development of a new system called CARDS, which would continuously collect information on balances, transactions, and holdings information from brokerage firms.
FINRA, the independent and industry-funded regulator of the investment sector in the United States, is currently seeking comments from industry participants prior to making the platform official.
CARDS will collect account information across more than 4,100 brokerage firms in the United States. FINRA will analyze the data continuously, looking for unscrupulous activity such as brokers making excessive trades, taking unreasonable commissions, overcharging fees, or taking positions in especially risky positions relative to peer accounts.
Currently, FINRA only relies partially on data analysis—it performs regular site visits to collect information manually.
The regulator said that the new rules would provide far more information to analyze, and equip it with better tools to ferret out fraudsters and protect investors from unnecessary losses.
“The information collected through CARDS will allow FINRA to run analytics that identify potential ‘red flags’ of sales practice misconduct and help us identify potential business conduct problems with firms, branches and registered representatives,” said Susan Axelrod, FINRA executive vice president of regulatory operations, in a statement.
Whenever organizations implement such large-scale data analysis, a key risk is security.
FINRA backed off its initial plan to collect personal information to match an individual’s holdings across multiple firms. Nonetheless CARDS will have the ability, for the first time, to provide regulators with a nationally centralized location of account details and trading patterns.
And that has industry constituents worried.
“We are deeply concerned that the vast amount of brokerage customer financial information sought to be collected … will make FINRA a heightened target of information security attacks and/or breaches,” said Fidelity Brokerage Services Chief Compliance Officer Norman Ashkenas, “if CARDS becomes a virtual blueprint of the financial lives of many Americans.”
The concerns are amplified by news of recent corporate data breaches—Target, for example—as well as collection of personal information by government agencies, such as the National Security Administration.
Robert McCarthy, director of regulatory policy at Wells Fargo Advisors LLC, wrote to FINRA that CARDS could create “an erosion of investor trust and confidence in the securities markets of the United States and the broker-dealer community.”
FINRA calls such concerns an overreaction. “The good that will come from the dramatically increased ability to reduce fraud will way overwhelm that extraordinarily remote risk [of security breaches],” Steven Joachim, executive vice president at FINRA, said in an interview with the Wall Street Journal.
Costs to Investors
Brokerage firms also must amend their systems to provide authorities with information required under CARDS.
“The costs associated with developing a system to retrieve information, verify accuracy, and monitor transmission would be prohibitively expensive,” wrote Oppenheimer & Co., a broker-dealer based in New York.
Typically, costs of developing and implementing systems required to report information to regulators are borne by the company, and brokers said that such costs would be passed onto consumers.
“These costs will inevitably be passed along by the clearing firms and my broker-dealer to me and my clients,” wrote Karen Flynn, a branch manager at Raymond James Financial Services in New Smyrna Beach, Fla.
CARDS, which stands for Comprehensive Automated Risk Data Systems, will go to the U.S. Securities and Exchange Commission, the industry’s top regulator, for final approval next year.