Reading time: 7 – 12 minutes

Now that terrorists are racing to set off an atomic bomb in New York City and the New York Times has a green light on giving national secrets to the enemy — raising the odds on a successful nuclear attack — its time to consider the safety of your financial assets.

It will be too late when a mushroom cloud begins to rise above Manhattan.

Will this protect you?

Tens of millions of Americans have brokerage accounts with SIPC protection which they think means that they have government insurance of up to $500,000 on stocks and bonds in custody with a broker-dealer, plus $100,000 on cash balances — similar to the FDIC guarantee on bank accounts.

Investors that have less than $500,000 with their broker may think that if an atomic bomb goes off in New York City that their assets will be safe.

Their assets may indeed be safe, depending on the broker, but not because of SIPC protection.

The truth about SIPC guarantees

The Securities Investor Protection Corporation is a federally chartered private company (not part of the government) that offers limited protection to some customers of certain broker-dealers in the event of bankruptcy.

However,

• The SIPC program, unlike FDIC, does not have the guarantee of the federal government;
• The SIPC, as of December 2005, only had $1.4 billion in assets — a minuscule fraction of the value of securities in custody with broker-dealers — entirely inadequate for losses in the event of an atomic attack on New York City;
• Even when a broker offers SIPC protection when an account is opened, there is no assurance that this protection will be in place when needed. If a broker is deregistered by the SEC, or fails to pay into the program, the coverage lapses;
• Conditions for coverage under the SIPC program are complex, highly technical, and loaded with exceptions, difficult for most investors to understand or verify (See the Act);
• The SIPC program does not cover investment fraud;
• There is no protection for loss of market value during the many months it may take for the SIPC trustees to return securities to account holders. In the case of a margin account, inability to take defensive action during a long delay in settling a claim may not only wipe out an investor’s assets entirely, but create a substantial liability to be settled;

You must protect yourself

Without effective and unconditional guarantees from the government for recovery of securities in custody with broker-dealers in the event of destruction of the main records of a broker-dealer, the burden is upon each investor to determine whether a particular broker-dealer is safe or not.

It takes more than a vault to protect your assets

Unfortunately, most investors not only lack the technical competency and understanding of internal broker-dealer systems to judge the disaster resilience of a particular firm, but most broker-dealers do not even provide the information that clients would need to make such a determination.

Your broker needs a continuity plan

During the height of the Cold War, when massive nuclear attack was a constant threat, serious efforts were made to establish off-site storage of bank records in underground bunkers, far from New York City.

However, the Cold War ended in 1991 with the dissolution of the Soviet Union.

Over the next decade, Wall Street underwent many dramatic changes, but serious concerns about recovery plans from an atomic attack were off the front-burner.

In May 2003, Mary Ann Gadziala, Associate Director of the SEC, described the situation pre-nine-eleven:

Business continuity planning and disaster recovery in financial services are not new concepts. They have been a part of risk management for many years.

However, until recently, planning focused on localized disasters or failures — office building fires, local blackouts, computer overloads, and even rodents eating through wires. At the government level, we did conduct some business continuity planning for the financial system based on scenarios of more wide-scale disasters. However [prior to nine-eleven], this work was theoretical and generally lacked a sense of urgency.

Backups not stored in separate locations

Nick Benvenuto of Protiviti Inc in the October 2004 issue of DM Review Magazine, describes the situation post-nine-eleven, based on a NASD survey of broker-dealers:

The NASD surveyed 150 randomly selected member firms and 120 of its largest members to ascertain their ability to respond to such significant disruptions. The association noted that some of the results were encouraging, while others raised concerns.

Among the key findings from the NASD surveys were:

A significant number of randomly selected firms did not have business continuity plans. Of particular concern, many smaller and midsize firms did not store backup data and systems in a separate geographic location from primary systems and records.

Fewer than half of the randomly selected firms and three-fourths of larger firms had backup facilities in place that had the capacity to handle the same volume of trading as the primary facility. Nearly all member firms performed daily or weekly backup of records.

This giant vault may not be enough

Nearly 85 percent of larger firms had backup systems to accommodate investor communications, but fewer than half maintained such systems.

The survey suggests that a large share of companies had voluntary continuity planning programs in place, but had not developed or matured some of the more essential steps.

After nine-eleven, the SEC, NASD, the NYSE, the Federal Reserve, the Controller of the Currency, and other agencies and institutions, began to focus attention on the need for more robust business continuity planning.

SEC takes four years to issue rules

It took almost four years for securities regulators to enact rules dealing with this threat.

On April 7, 2004, the SEC approved NASD Rules 3510 and 3520 and NYSE Rule 446, which require their respective members to create and maintain business continuity plans.

In other words, all the government has done is to require broker-dealers to “have a business continuity plan” and update this plan yearly.

It does not require that the plan be implemented, or that, if implemented, the plan be independently audited and reported to customers.

Some brokers do not take rules seriously

Some brokers publish their “business continuity plan” on their web sites.

Others do not.

Some plans seem to be well-thought-out and deadly serious, while others seem to be eye-wash.

Considering that the above NASD survey showed that not all broker-dealers maintained even weekly backups of their records and that many firms did not store backup records in a separate location, the degree to which the broker-dealer industry takes disaster recovery seriously is an open question.

Some elementary precautions

Without strong government rules and supervision, investors are pretty much on their own in trying to select a broker-dealer that is likely to survive an atomic attack on New York City.

Some commonsense steps one might take are:

1. Always save a paper copy of your brokerage statements and confirmations.
   

   During the Cold War, bank record protection was very serious. Later, not so.

2. Never give in to a broker’s plea that you ‘go paperless’. (In fact, any broker that asks its clients to go paperless shows a distinct lack of comprehension of the basics of disaster recovery and client protection, putting the brokers’ short-term profits over the client’s long-term well-being.)
3. Check out your brokers website to see if a “Business Continuity Plan” is published.  If your broker does not have such information available, consider changing your broker.
4. Check out where the head office of your broker is located. Although the financial industry is highly interconnected, brokers with main offices outside of New York City may be safer, other things being equal.
5. If you own funds or securities that you plan to maintain for the long-term, consider having these assets registered in your name.

With proper regulation, strict rules, and zealous supervision, it is possible that the financial industry could implement business recovery plans that provided investors with a high degree of security, even in the event of atomic attack.

The question, however, is whether this will happen before or after the attack comes.

There are other risks, beyond atomic warfare, that also are inadequately protected by the SIPC.