*Letters

Data Security for the CAT

Published on:
February 4, 2022
Submitted to:
CAT
Submitted by:
SIFMA, SIFMA AMG, MFA
Issue:

Summary

SIFMA, SIFMA AMG, and MFA provided comments to the CAT on the Consolidated Audit Trail’s Customer and Account Information System. The member firms remain extremely concerned with data protection within the CAT system.

Excerpt

February 4, 2022

Mr. Michael Simon

Chair, Operating Committee

Consolidated Audit Trail, LLC

Re: Data Security for the Consolidated Audit Trail

Dear Mr. Simon:

As we approach the July 11, 2022, implementation date of the Consolidated Audit Trail’s Customer and Account Information System, the membership of the Securities Industry and Financial Market Association (“SIFMA”) SIFMA, SIFMA AMG, and MFA member firms remain extremely concerned with data protection within the CAT system. We share your interests in maintaining the strict confidentiality of data collected through CAT and welcome the opportunity to share with you our member firms’ collective expertise with respect to data protection and evolving industry standards and practices regarding data security. To ensure the CAT data set allows for appropriate regulatory use but also is subject to best-in-class data protection standards for the proprietary trading strategies (i.e., Intellectual Property) of our membership, SIFMA, SIFMA AMG, and MFA (together, the Associations) urge you to provide much greater transparency into the specific data security standards deployed by FINRA CAT and the CAT NMS Plan in seven key areas set forth below. We welcome further information regarding these seven key areas that can be made available to all industry members. We also welcome an opportunity to discuss with you in greater detail the security protocols regarding the Intellectual Property of our member firms and their clients.

In summary, the aggregation of trade data in the CAT, complete with Firm Designated IDs (FDID) associated with each trade, creates a highly proprietary database subject to a broad threat profile. We note that there are entities within the federal government accustomed to dealing with very large electronic databases that are meant to be kept secret and secure from external threat. We strongly believe that FINRA CAT should look to this model to fully leverage the best-in-class information security infrastructure employed by the federal government as well as by certain companies in the private sector. We further believe that FINRA CAT should look to adopt the security initiatives from then Commission’s August 2020 proposal on CAT data security, even in the absence of the Commission adoption of this proposal, as these initiatives would greatly enhance the security of CAT data.

Continue Reading

Details

Download

More Content

  • Letters
    Mar 17, 2026

    SEC RFI on Exchanges, ATSs, and Tokenized Securities

    SIFMA urges the SEC to support market innovation through rulemaking that protects investors, transparency, and market integrity.
  • Letters
    Mar 16, 2026

    MSRB Rule G-27 on Dealer Supervision

    SIFMA comments on MSRB Notice 2026-012, supporting rule modernization that reduces compliance burdens while protecting investors and issuers.
  • Letters
    Mar 13, 2026

    Data to Support Modernizing the Delivery Frameworks (SIFMA and SIFMA AMG)

    SIFMA and SIFMA AMG submit data supporting a proposal urging the SEC to modernize the framework for e-delivery of investor communications.

Get the latest trends, stats, and research on financial markets and securities.