What is it?
The Consolidated Audit Trail (CAT) is a central repository
commissioned by the US Securities and Exchange Commission (SEC)
intended to help regulators efficiently and accurately track
activity in the US National Market System (NMS) securities
"The CAT will track orders throughout their lifecycle and
identify the broker-dealers handling them, thus allowing
regulators to more efficiently track activity in Eligible
Securities throughout the US markets," reads the official CAT
NMS plan website. "The primary goal of SEC Rule 613 is to
improve the ability of the SEC and the Self-Regulatory
Organisations (SROs) to oversee trading in the US securities
When established, Rule 613 required US national securities
exchanges and Financial Industry Regulatory Authority (Finra)
to provide detailed information to the CAT providing
information of each quote and order in an NMS security. For
every order this is to include every single reportable event
with respect to origination, modification, cancellation,
routing, and execution.
Out of the bag: understanding the
tools of CAT
Rule 613 was established by the SEC on July 11 2012 after
the 2010 flash crash that saw the Dow Jones drop by 1,000
points in a matter of minutes. The crash happened after a
trader bought and sold hundreds of mini-futures on the CME, and
caused trillions of dollars to disappear from the system. The
CAT was conceived as a means of tracking the system to avoid
situations like this.
The SEC approved the CAT NMS plan on November 15 2016, which
set in motion the actions that broker-dealers and SROs had to
perform going forward.
What and who reports to it?
The data will be used by regulators to effectively survey
the market, allowing them to focus their reconstruction efforts
more effectively. Broker-dealers operating in the US
equity and options markets are required to report order
lifecycles for these markets on a daily basis, including
orders, quotes, cancels, routes and allocations.
Broker-dealers, SROs and securities information processors
(SIPs) — collectively the CAT reporters — are
required to provide these specific record identifiers to
support linkage processes. This list includes Finra and other
national securities exchanges, and broker-dealers of all
This will have a significant impact on broker-dealers, who
will have to adapt to be able to provide customer information
reporting capability, order lifecycle reporting capability,
synchronise clocks to an exacting standard time, and adapt
processes to abide by CAT considerations. Whereas existing
regulatory regimes like the order audit trail system (OATS) do
not require customer-identifying information, it must be
included for CAT – which has caused significant
The task of reporting is obviously a mammoth one. An
estimated 58 billion data points will be collected each day
when it is in full operation. When asked what types of specific
information are critical to include when reporting this data at
the CAT and the Future of Market Surveillance panel at the
Securities Industry and Financial Markets
Association’s (Sifma) Equity Market Structure
Conference in New York last November, senior policy
advisor at the SEC Mark Donohue said it is a question of
practical, cost and use.
From the SEC perspective, he said, one of the major uses is
market construction and understanding what happened during
times of stress, by recreating the data.
"Rejection messages are very helpful to understand market
reconstruction, but may not be as advantageous from a
surveillance standpoint," he said.
He added: "We need to keep in mind the market reconstruction
and policy components as well."
Donohue continued that he can conceive a future where data
elements get added to CAT so that policy decisions can be made
on a more informed basis. Additional elements can point you in
different directions, he concluded.
What problems is it facing?
The contract to build the CAT system was initially awarded
to a subsidiary of Thesys Technologies, Thesys CAT LLC, which
acted as plan processor. Thesys initially had just 11 months to
build the entire system from scratch.
The first deadline for data reporting to the CAT was
November 15 2017, which the SROs requested relief from.
Although they were rejected by chair Jay Clayton, no reporting
took place for another year.
A year later, several industry members released
technical specifications for participants in the CAT
to help understand their responsibilities in relation to SEC
Rule 613 and the CAT plan, and also describe requirements for
reporting CAT data such as detailed information about data
elements and the file formats of each reportable event. This
was the first time a fully-fledged, detailed specification has
been provided to the industry, only three weeks before the
already extended deadline.
In a statement, Brett Redfearn, director of the SEC division
of trading and markets, announced the SEC wouldn’t
expect to take enforcement action for failure to report data to
the CAT 'if the CAT is not sufficiently developed to receive
The big ask from the industry standpoint was a technical
legal issue that the SEC had not come out and recognised. The
plan required firms and SROs to be compliant and start
uploading data by November, but Redfearn’s
statement suggests that the staff were offering a legal pass on
that because it is impossible.
"We are dealing with compliance officers and boards of
directors at firms, and they have a legal obligation to make
sure they are meeting all of the requirements, so there has
been a longstanding request to have the SEC make a legally
binding or public statement on what happens if broker-dealers
miss the November 2018 deadline – which they
certainty will," said Gregg Berman, director of the market
analytics and regulatory structure unit of Citadel
It's unlikely that most broker-dealers would care about
that. It isn't possible to send data if the CAT
doesn’t exist, which is currently the
What happened to Thesys?
Although in January Thesys told IFLR Practice
Insight that the initial stages of reporting were
progressing as hoped after the reporting schedule started, and
that accuracy and security remain high priorities, they were
shortly replaced by the SEC – which reassigned the
task to Finra.
During a December 11 testimony before the US Senate
Committee on Banking, Housing, and Urban Affairs, however, SEC
chairman Jay Clayton said the regulator remains frustrated by
the failure of SROs to meet their obligations, as well as by
delays in the development of the CAT.
See also in Practice Insight: Market and SEC clash on CAT
The market too was uncertain. It now seems entirely possible
that the system will not function as originally intended, and
the cybersecurity issues that have surrounded it since
inception remain a significant concern.
testimony, however, Clayton explained that the SROs
responsible for developing and implementing CAT had missed
their initial November 15 2017 deadline. "While the CAT has now
begun receiving equity and options data with limited
functionality, the SROs remain out of compliance with the CAT
NMS plan today," he said.
"The SROs are making some progress, but the development and
implementation process remains slow and cumbersome due largely
to what I believe are project governance and project management
issues experienced by the SROs," he continued.
Clayton went on to say that the Commission is frustrated,
that the projected date of full delivery of March 31 2019 was
not good enough, and that SROs are not meeting obligations.
In February 2019, Thesys was fired from its role, and Finra
appointed. Finra and CAT NMS confirmed that it will be
transitioning the CAT project to a new plan processor. In doing
so, there will be a significant impact on existing
implementation plans. "While certain dates may change, there
are no material changes planned for the industry member
technical specifications," they said.
Despite this change, issues regarding data and personally
identifiable information (PII) remain. In March at another
Sifma conference, Clayton confirmed the agency is working on a
unique customer identification for the CAT, which could allay
certain fears that the industry may have – as long as
it worked with the SEC.
"There are solutions here. We'll get to a responsible place
on customer data as long as everybody remains constructive," he
See also: SEC statement on CAT delay exactly what
industry was looking for