Enhanced Investor Protection? It’s In The Cards


The Financial Industry Regulatory Authority (FINRA) has issued a regulatory notice requesting comment on a proposed rule to implement the Comprehensive Automated Risk Data System (CARDS). The system would be designed to enhance investor protection as well as ensure market integrity by identifying high-risk areas and suspicious activities that might not be identified by FINRA via its current surveillance and examination programs. The proposed system would also include a quick response feature.

A Phased-In Rule

The rule proposal would be phased in with the first phase requiring carrying firms or clearing firms (which currently number about 299) to periodically submit specific information that is part of the firms’ books and records relating to their securities accounts and the securities accounts that they clear. The reporting would be undertaken through an automated, standardized format. The second phase would require fully disclosed introducing firms to submit specified account profile-related data elements either directly to FINRA or through a third party. Reporting under the CARDS rule proposal would exclude the collection of personally identifiable information for customers such as account name and address and Social Security number.

Strengthening Investor Confidence

According to a statement issued by FINRA Chairman and CEO Richard Ketchum:

“It is critical that we work together to strengthen investor confidence, and the ultimate purpose of the data and analytic capabilities to be obtained through CARDS is to help protect investors’ bottom line. Without collecting one iota of personally identifiable information, CARDS will help us quickly identify unusual trends and product concentrations — and take swift, responsive action.”

Maintaining Data Security

The FINRA announcement also emphasized that the agency is committed to the highest level of security in any future implementation of CARDS, and that information collected through the program would be sent by way of encrypted transmission, and, after receipt by FINRA, would be encrypted in a way that would not permit anyone to read or interpret the data without access to the proprietary encryption keys. FINRA’s security program is based upon industry best practices and is guided by federal and international standards. It is also compliant with relevant data security and privacy laws and regulations.

Economic Impact Considered

The FINRA notice contains an Interim Economic Impact Assessment that examines anticipated benefits as well as anticipated costs of the proposed rule. Introducing firms would not have any additional reporting obligations in phase 1 and would not incur direct costs associated with the accounts they clear through other firms. FINRA is continuing to collect and review cost-benefit information related to CARDS, and its economic impact analysis is an ongoing development as FINRA gathers more impact data. The comment period expires on December 1, 2014.