The massive customer-data collection system known as CARDS envisioned by Finra won’t work, the Financial Services Institute said in a comment letter Thursday.

“We are concerned the development and implementation of CARDS is simply not feasible while preserving widespread investor access to the services of independent broker-dealers and financial advisors,” the trade group said. “Therefore, FSI cannot support the creation and implementation of CARDS as currently proposed.”

The controversial CARDS proposal would download customer trade data from clearing firms and allow Finra to analyze it for compliance and exam purposes.

Finra is taking comment on the CARDS concept through Friday. The regulator has not yet developed a formal rule proposal for the project.

The FSI expressed concerns about data security and privacy, and warned that challenges with data standardization and system infrastructure might be insurmountable.

As proposed, “CARDS presents significant challenges due to its ambitious scope and massive scale,” the FSI letter said.

After industry observers raised concerns over data security, Finra this month announced that CARDS would not collect personally identifiable customer information.

But data security issues still remain with consolidated information kept by clearing firms, the FSI said.

Clearing firms currently hold customer data like names, addresses and Social Security numbers, said FSI general counsel Dave Bellaire, in an interview.

What CARDS does is require firms to provide suitability data like birthdates, income and net worth, plus business done directly with product sponsors, and consolidate all of it at clearing firms, Bellaire said. CARDS would then create “a pipeline between a clearing firm and Finra [and] when you create a door on either end, you introduce vulnerability into the system.”

In fact, both Finra and clearing firms should be subject to auditing standards for data privacy set forth by the American Institute of Certified Public Accountants, the FSI said.

Those rules would hold Finra “to the same standards as other data centers in the private sector,” the letter said, and would give broker-dealers “the ability to opt out of the CARDS submission process in the event that Finra becomes … deficient” in meeting the standards.

Additionally, “Finra should clarify that it alone would be liable in the event that its systems are compromised,” the FSI said.

Independent firms would also be challenged to provide data on transactions done directly with product providers, which clearing firms do not now collect, the FSI said. This “check and app” business is still used by many independents who deal directly with mutual funds, insurance companies and direct-participation program sponsors.

Finally, the FSI told Finra it should “conduct a thorough cost-benefit analysis of each feature and element of CARDS,” analyzing security risks, alternative approaches and the existing “resource drain on itself and broker-dealer firms from the number of ongoing large-scale data and technology initiatives it is currently undertaking.”

The FSI complained that Finra had not provided enough specifics in its CARDS concept release to allow firms to adequately estimate the full costs or benefits of CARDS.