On December 23, 2013, FINRA issued Regulatory Notice 13-42, a concept proposal to develop a new Comprehensive Automated Risk Data System (“CARDS”) (the “Proposal”).1 According to FINRA, CARDS initially would collect customer account information, customer account activity, and security identification information on a standardized, automated and regular basis.2 Over time, FINRA believes that CARDS will reduce the regulatory costs and burdens on firms while allowing the regulator to automate its surveillance for potential sales practice and business conduct violations.3 FINRA requests comments from firms on the Proposal, including input on 11 sets of specific questions.4 The comment period expires on February 21, 2014.
I. FINRA’s Proposal
The Proposal, if adopted, “initially” would require clearing and self-clearing firms to submit retail customer information to CARDS,5 including:
Account Activity Information
Security Identification Information
The Proposal deliberately states that this is the “initial” data to be collected. Indeed, FINRA suggests in the Proposal that it will review the program every 12 to 18 months to decide whether to change the data being sought as rules and regulatory focus change (in all likelihood by collecting additional information).7 Under the current proposal, data would be transmitted to FINRA only by clearing and self-clearing firms, while introducing firms would be required to provide all necessary information to their clearing firms.8 Clearing firms would be required to submit the information to FINRA in a standardized format with sufficient information so that FINRA can distinguish customer accounts of an introducing firm from customer accounts of any firm for which the introducing firm is acting as an intermediary.9 In the Proposal, FINRA suggests that the information would be submitted to the regulator regularly (either daily or weekly).10
FINRA explains in the Proposal that it intends to analyze the information provided through CARDS for potential red flags concerning sales practice misconduct or potential business conduct issues as well as to benchmark individual firms against industry norms.11 FINRA also touts in the Proposal the likelihood that CARDS would streamline the examination process by allowing FINRA to review selected data to pinpoint risk areas or areas of concern in advance of an onsite exam, while eliminating “[t]he need for manual, partial, overlapping and one-time regulatory report generation...”12 FINRA claims that, in the long run, CARDS will reduce the burden and expense exams place on firms and allow the onsite exam to be more focused, and therefore, shorter.13 FINRA also notes that, in instances where there is concern about imminent or ongoing customer harm, having current data on hand will allow FINRA to act more swiftly.14 FINRA also suggests that CARDS might allow the regulator to eliminate certain other duplicative reporting processes.15
FINRA does, however, acknowledge in the Proposal that clearing firms would likely incur costs to build and maintain the appropriate reporting infrastructure and for monitoring the information that is provided to CARDS.16 FINRA also acknowledges that the frequency of information requests also could affect costs, and that introducing firms (at least initially) may incur certain costs in providing required information to their clearing firms.17
II. Requests for Industry Input
In 11 sets of questions, the Proposal seeks industry input regarding:
Implementation of the Proposal will, without doubt, mark a substantial change in the way in which FINRA monitors the industry and conducts exams. The more immediate impact of the Proposal will be the financial and compliance burden associated with collecting and properly reporting this vast amount of data to FINRA. FINRA states that it wants to identify a cost-effective approach for CARDS.19 Interested parties, therefore, should provide comments to FINRA about the costs and scope of the Proposal. Comments are due no later than February 21, 2014.
If you have any questions or would like more information on the issues discussed in this LawFlash, please contact any of the following Morgan Lewis lawyers:Kroll-Amy
1 Comprehensive Automated Risk Data System, FINRA Requests Comment on a Concept Proposal to Develop the Comprehensive Automated Risk Data System, Regulatory Notice 13-42 (“Notice”) at 1, available at http://www.finra.org/web/groups/industry/@ip/@reg/
3 Id. at 2 and 7.
4 Id. at 8-9.
5 Id. at 2.
6 Id. at 5 (endnotes omitted from original).
7 Notice at 9.
8 Id. at 2.
9 Id. at 6.
11 Id. at 2 and 7. FINRA explained that it has run two proofs of concept to help inform the Proposal, and that the regulator has piloted the data collection process with two large clearing firms. Id. at 4.
12 Notice at 7.
13 Id. at 4.
14 Id. at 3-4.
15 Id. at 7.
18 Notice at 8-9.
19 Id. at 3.
This article was originally published by Bingham McCutchen LLP.