Consider for a moment how most regulation works today, be it the Internal Revenue Service, Health and Human Services or even the Food and Drug Administration.
First rules are proposed after what is often a lengthy process – with the initial phase typically conducted by people far removed from a deep understanding of what it takes to implement and enforce the oversight. The rule-writers often lack proper commercial knowledge of how these businesses operate, a skillset that must be continuously updated.
Finally, after the rules are implemented, resource-constrained regulators deploy kids with laptops to randomly audit these documents and engage in games of “gotchas” with company executives.
Inevitably some bad actors slip through these audits, subsequently to be discovered through a whistleblower who is paid a bounty. The public is harmed and lawyers seek ransoms. The news media hype up the failure of the regulatory system and labels the entire industry as corrupt. Congress erupts. Hearings ensue. This leads to demands for more rules and the cycle continues.
That is why when I first heard of the CARDS initiative while serving as an advisor to the Financial Industry Regulatory Authority (FINRA)—the largest independent regulator of the securities industry—I saw it as not only a first step to breaking this cycle, but as the next-generation, technology-driven model of regulation for any industry.
CARDS, or the Comprehensive Automated Risk Data System, is a proposal from FINRA that will systematically gather trading data from the 4,000 or so brokerages that serve over 110 million investor accounts. FINRA would then develop and run big data analytics on this data to assess – in real time – where fraud is happening and have the tools to react to it today, not months or years later after money has vanished and lives ruined.
If implemented as proposed, CARDS will have numerous benefits – for the regulators, and for brokers and their customers.
First, it will allow FINRA to assess systemic risk across the industry proactively by understanding what products are being sold, from both the broker and the customer perspective. FINRA’s risk analytics are being designed to specifically look for known bad behavior like pump-and -dump schemes, suitability, churning, mutual fund switching and overconcentration of high risk securities.
FINRA believes CARDS will reduce costs in the industry, especially for small firms, by reducing document requests and examinations. It will improve the efficiency of FINRA’s resource allocation by assigning enforcement teams to areas where suspect behavior may be happening, versus the current cycle and cause audits. Most importantly, it will allow FINRA to keep up with a complex and evolving industry by writing better technology algorithms versus drowning everyone with more rules and requests for information. Ultimately, and most importantly, CARDS will protect investors more effectively and efficiently.
It should come as no surprise that the proposal has its critics, among them large financial institutions and their lobbyists. Here are some of their criticisms:
First, they worry about privacy. With so much data being collected on so many investors, CARDS amounts to just another government surveillance program, they argue. In a post-Edward Snowden world, this line of reasoning can foment a sort of agitprop for those interested in less effective oversight.
The reality is that FINRA already has rights to this data and collects it manually today—CARDS simply automates and standardizes the collection of this data. What’s more, FINRA responded to concerns about privacy with a new proposal that omits personally identifiable information like account names, addresses, tax identification or Social Security numbers.
Next, CARDS opponents claim small firms, already managing the pressures of adequate compliance, will be further burdened, leading more to close up shop. If my brokerage firm is any indication, that is inaccurate.
My firm ran a cost analysis recently and found that the added expense of CARDS is minimal. CARDS might even reduce the compliance burdens of small firms and may help them improve compliance. I suspect that if other small broker-dealers took the time to look at this thoughtfully they would come to the same conclusion.
It’s a different story for large financial institutions, especially the clearing firms. They will be the ones required to submit the automated, standardized information to FINRA, so their costs will rise in the near term.
And to be fair, FINRA must work to identify other areas where this cost can be offset by reducing redundant data requests. FINRA is working with a number of large firms to determine these costs and will be reporting their findings in the next month or so. Stay tuned.
Critics also point out that an automated system could lead to a hyper-regulated environment—the so called “Minority Report” concern. In trying to combat fraud that happens because regulators are looking in the wrong places, we might have a situation where the smallest discrepancy triggers an audit.
This can be burdensome if done the wrong way, and I call on FINRA to set clear rules on how this information will be used and also on who will have access to this information. For example, if unscrupulous attorneys get their hands on this data they could use this to drive unnecessary litigation.
Finally, they point out, today’s highly regulated environment still allowed fraudsters like Bernard Madoff and Allen Sanford to falsify records and avoid detection for years. An editorial in the Wall Street Journal argued that it wasn’t a lack of information that let Madoff and Sanford elude regulators, but an inability to make sense of it.
I am puzzled how the CARDS critics who say that today’s regulatory environment needs to be scrapped in favor of something that can connect the dots are now protesting efforts that attempt a fundamental different model of regulation.
It’s a case of damned if you do and damned if you don’t. If it is about “connecting the dots”, it will be easier to integrate technology systems across regulators than to get different regulatory agencies to talk to each other.
At the end of the day, CARDS is not just an issue for FINRA, but gets to the very heart of how regulation should work in any industry. Do we want to continue on this inefficient and ineffective path or do we want to leverage technology to focus on a more efficient approach? If CARDS is done right, it can be a model for other regulators to emulate. On the concerns of Minority Report, let’s leave that for the movies.
