SEC Approves Plan to Create Consolidated Audit Trail

FOR IMMEDIATE RELEASE
2016-240
Washington D.C., Nov. 15, 2016

The Securities and Exchange Commission today voted to approve a national market system (NMS) plan to create a single, comprehensive database known as the consolidated audit trail (CAT) that will enable regulators to more efficiently and thoroughly track all trading activity in the U.S. equity and options markets. 

"With the approval and ultimate implementation of CAT, the Commission's regulatory capacity strongly embraces 21st century technology, enabling the Commission and the SROs to harness data and technology to more effectively oversee market participants," said SEC Chair Mary Jo White.  "Through the CAT, regulators will have more timely access to a comprehensive set of trading data, enabling us to more efficiently and effectively conduct research, reconstruct market events, monitor market behavior, and identify and investigate misconduct."

The NMS plan details the methods by which SROs and broker-dealers will record and report information, including the identity of the customer, resulting in a range of data elements that together provide the complete lifecycle of all orders and transactions in the U.S. equity and options markets.  The NMS plan also sets forth how the data in the CAT will be maintained to ensure its accuracy, integrity and security.

The Commission modified several provisions of the NMS plan in response to public comments and recommendations from the SROs.  For example:

Within two months of the approval of the NMS plan the SROs must select a plan processor to build and operate the CAT.  SROs will be required to begin reporting to the CAT within one year of approval, with large broker-dealers following the next year and small broker-dealers the year after.

*   *   *
 

 

FACT SHEET

 

Approval of a National Market System Plan to Create a Consolidated Audit Trail

 

SEC Open Meeting

Nov. 15, 2016

Action

The Securities and Exchange Commission approved a national market system (NMS) plan to create a single, comprehensive database – a consolidated audit trail (CAT) – that would enable regulators to more efficiently and accurately track trading in equity and option securities throughout the U.S. markets.  The plan, submitted jointly by the national securities exchanges and the Financial Industry Regulatory Authority (FINRA) to the Commission, would increase the effectiveness of market research and monitoring, event reconstruction, and the ability to identify and investigate market misconduct.  The Commission made modifications to the original plan that would include strengthening security requirements, tightening synchronization standards and adding additional members to the governance committee.

Highlights of the Plan

Plan Processor and Central Repository

The CAT NMS plan provides that a plan processor would build a central repository that would receive, consolidate, and retain the trade and order data reported as part of the CAT.  Among other things, the plan processor would be responsible for:

Data Recording and Reporting

The CAT NMS plan would apply to NMS securities, including options, as well as to over-the-counter equity securities.  At the various stages in the lifecycle of an order–e.g., origination, routing, modification/ cancellation, and execution–the SROs and broker-dealers would be required to submit certain information about the order to the central repository, such as:

Generally, the CAT NMS plan would require the data to be recorded contemporaneously with the order event and reported to the central repository by 8:00 a.m. ET on the day following the event.  The CAT NMS plan would also require CAT data to be time-stamped in increments as granular as those used by the SROs and broker-dealers for their order handling or execution systems, but with a minimum time stamp granularity of one millisecond for all order events except manual order events and the time of allocations (in which case, the time stamp granularity must be a minimum of one second). 

Further, the CAT NMS plan would require broker-dealers to synchronize their business clocks to within 50 milliseconds of the time maintained by the National Institute of Standards and Technology (NIST).  However, business clocks used for manual orders or the time of allocation would be able to be synchronized to within one second of the time maintained by the NIST.  The plan has been amended by the Commission to require SROs to synchronize their business clocks to within 100 microseconds of the time maintained by the NIST and to assess industry standards for clock synchronization based on the type of market participant or system, rather than the industry as a whole, and reflect that refined assessment annually in a report submitted to the Commission.

The CAT NMS plan would set an initial maximum error rate of five percent for data reported to the central repository, subject to quality assurance testing, adjustments at each initial launch date for CAT reporters and periodic review by the operating committee.  The CAT NMS plan also discusses a phased approach to lowering the maximum error rate for data reported to the central repository.

To assist in reducing the error rate, the plan would provide that the plan processor, among other things, measure and report errors, provide reports to the SROs and other reporters, define educational and support programs, and provide error correction tools.

The CAT NMS plan would also reflect exemptive relief from certain requirements of Rule 613 that the SEC previously granted.  This exemptive relief provided the SROs with the flexibility to propose approaches in the CAT NMS plan that could potentially be more efficient and cost-effective than those required by Rule 613 without adversely affecting the reliability or accuracy of CAT data.  Specifically, the exemptive relief permitted the SROs to propose, that:

Governance

The SROs propose to conduct the activities of the CAT through a not-for-profit Delaware limited liability company, which they would own jointly.  An operating committee comprised of all the SROs–each with one vote–would manage the company.  In addition, an advisory committee consisting of, among others, broker-dealers of various sizes and specialties, institutional investors, a service bureau that provides CAT reporting services, an academic who is a financial economist and a person with significant regulatory experience, would provide input to the operating committee.

Regulatory Access and Use

The CAT NMS plan would provide that the SROs and the Commission would have access to the data contained in the central repository for regulatory and oversight purposes.  The CAT NMS plan provides that CAT data would be stored in a way that allows regulators to perform complex queries, such as reconstructing market events and the status of order books at various time intervals.  Regulators would have access to CAT data through both an online targeted query tool and user-defined direct queries and bulk extracts.

Data Security and Confidentiality

The CAT NMS plan would establish data security requirements regarding connectivity and data transfer, encryption, storage, access, breach management, and personally identifiable information (PII).  For example, all CAT data would be required to be encrypted both at-rest and in-flight and all data centers housing CAT systems would be required to be certified by a qualified and unaffiliated third-party auditor.

In addition, the plan processor would be required to comply with the NIST Cybersecurity Framework and the SROs would be required to maintain information security protocols with respect to their handling of CAT data that are as rigorous as those applicable to the central repository.  An annual evaluation of the information security program would be required to ensure that the program is consistent with the highest industry standards for the protection of data.  Additionally, the plan processor would be responsible for:

At the Commission, a cross-divisional steering committee of senior staff is being formed to design policies and procedures regarding Commission access to, use of, and protection of CAT data that will be comparable to those applicable to the SROs and their personnel and supplement the range of existing laws and standards applicable to Commission systems and employees. 

Retirement of Duplicative Rules and Systems

As required by Rule 613, the CAT NMS plan contains a framework for eliminating rules and systems that would be rendered duplicative by the CAT, including identification of such rules and systems.

The CAT NMS plan would state that the SROs have completed their analyses of systems identified for retirement and that the CAT would capture all necessary data to support the retirement of these systems.  The amended plan would require the SROs to file rule change proposals to eliminate duplicative rules and systems within six months of plan approval.  These proposals would provide that the retirement of any duplicative rules and systems would be effective when the CAT data meets minimum standards of accuracy and reliability.

Background

On July 11, 2012, the SEC adopted Rule 613 of Regulation NMS under the Securities Exchange Act of 1934.  Rule 613 requires the SROs to jointly submit an NMS plan to create, implement, and maintain a CAT that will capture–in a single, consolidated data source–customer and order event information for orders in NMS securities, across all markets, from the time of order inception through routing, cancellation, modification, or execution.  Rule 613 outlines a broad framework for the CAT, including the minimum elements the SEC believes are necessary for an effective CAT, while allowing the SROs to draw upon their expertise to develop the details of the CAT.  The SEC voted to publish the CAT NMS plan submitted by the SROs for public comment on April 27, 2016.

What's Next?

Within two months of SEC approval of the CAT NMS plan, the SROs would be required to select the plan processor through a two-round voting process in which each SRO has one vote.