FINRA Backs Off Collecting Personal Data in CARDS Plan

FSI applauds move but still has concerns about CARDS plan

More On Legal & Compliance

from The Advisor's Professional Library
  • Privacy Policies and Rules Whether an RIA is SEC or state-registered, the firm must have policies and procedures in effect to protect clients’ privacy. Policies and procedures should explicitly require an RIA to send out its privacy notice each year.
  • Pay-to-Play Rule Violating the pay-to-play rule can result in serious consequences, and RIAs should adopt robust policies and procedures to prevent and detect contributions made to influence the selection of the firm by a government entity.

The Financial Industry Regulatory Authority announced Tuesday that it will not collect sensitive personally identifying information from the data the self-regulator is to receive from its new Comprehensive Automated Risk Data System (CARDS).

FINRA stated that after considering the written comments on the CARDS concept proposal and the views expressed discussions with industry participants regarding investor privacy, the regulator “has concluded that the CARDS proposal will not require the submission of information that would identify to FINRA the individual account owner, particularly account name, account address or tax identification number.”

Dale Brown, president and CEO of the Financial Services Institute (FSI), said that while he applauded FINRA’s decision to not collect sensitive data, FSI still has some concerns about the CARDS plan. “Today, FINRA took an important step forward in their CARDS proposal, by announcing they will not collect sensitive personally identifying information from the data they plan to receive,” Brown said. “While we still have concerns with data security, costs and other unintended consequences of the proposal, we applaud FINRA’s response to industry concerns. We will continue to work with them as this proposal is considered.”

In December, FINRA requested comments on the concept of a new Comprehensive Automated Risk Data System. FINRA is taking comments on the CARDS proposal until March 21.

CARDS is a rule-based program that would allow FINRA to collect on a standardized, automated and regular basis, account information, as well as account activity and security identification information that a firm maintains as part of its books and records.

Reprints Discuss this story
This is where the comments go.