A massive data collection system that Wall Street's industry-funded watchdog is pushing in order to ramp up oversight would cost clearing firms $680 million to build, plus other costs to the industry that far exceed the regulator's initial estimates, a major trade group said on Monday.

The plan, known as the Comprehensive Automated Risk Data System, or CARDS, would require firms to submit vast quantities of data to the Financial Industry Regulatory Authority (FINRA) in an ongoing stream. FINRA, which introduced the plan in late 2012, could use the data to analyze everything from securities transactions and asset movements to customers' risk tolerances and time lines.

CARDS, as proposed, is not necessary for FINRA to carry out its mission of protecting investors, wrote Ira Hammerman, general counsel of the Securities Industry and Financial Markets Association (SIFMA), which represents the largest U.S. securities brokerages. The proposed data collection would also "unnecessarily encroach upon the public's rights of liberty and privacy," Hammerman wrote in a 23-page letter in response to a FINRA request for input about the plan.

FINRA's plan has been steeped in controversy. Brokerages have criticized it for being overly broad as well as burdensome and costly. Richard Ketchum, chief executive of FINRA, sought to promote the system as a benefit to the industry that would help eliminate unfounded concerns a brokerage may have engaged in wrongdoing.

CARDS would require SEC approval.

"We will carefully review all comment letters and will provide thoughtful response in the rule filing to the SEC," a FINRA spokeswoman said.

In addition to spending $680 million to build the system, clearing firms would spend $360 million annually for maintenance and reporting, SIFMA said. The figures do not include costs for retail brokerages during a second stage of the project, SIFMA said. FINRA's initial estimates ranged from $390,000 to $8.3 million per firm.

SIFMA said FINRA's initial analysis is lacking because it does not provide a comparison of the total costs and benefits.

FINRA's database, which would include information about all U.S. brokerage accounts for individuals, would become a prime target for cyber attackers, said SIFMA, which commissioned IBM to study costs and cybersecurity concerns.

FINRA has said it would not collect customers' personal details, such as Social Security numbers and names. But savvy hackers could figure out those identities from information found in the database, such as large trades of company stock that can be traced to a company officers, Hammerman said in an interview.