Podcast: CAT – Concerns Remain About Investor Data Security Ahead of Testing

The Consolidated Audit Trail, or CAT, is a major regulatory initiative by the U.S. Securities and Exchange Commission and 24 self-regulatory organizations (SROs) – including FINRA, and stock and options exchanges – to significantly enhance regulators’ ability to monitor, analyze and surveil trading activity. Under the CAT, broker-dealers will be required to report every equity and options transaction, as well as certain personal information of retail and institutional clients, to a database operated by the SROs.

SIFMA and its members are supportive of the CAT and its regulatory intent. However, we have repeatedly expressed strong concerns regarding the risks to our customers’ information, including the wholesale collection of personally identifiable information, or PII.

Data security must be a paramount concern with a database this large. In this podcast, SIFMA president and CEO, Kenneth E. Bentsen, Jr., is joined by Ellen Greene, Managing Director at SIFMA, to discuss the risks posed by the CAT, who bears the liability in the event of a data breach, and why reasonable access limits are needed now.

It is critical that the SEC and the SROs tasked with implementing the CAT take the necessary steps to protect the sensitive data collected under the CAT and establish reasonable access limits with full accountability for any breaches.


Kenneth E. Bentsen, Jr. is president and CEO of SIFMA, the voice of the nation’s securities industry. He is also CEO of the Global Financial Markets Association (GFMA), of which SIFMA is the U.S. regional member.