March CAT Deadline Raises Investor Privacy Alarm: SEC Roundup

March CAT Deadline Raises Investor Privacy Alarm: SEC Roundup

Welcome to SEC Roundup, a bimonthly video series by Paul Hastings partners and former Securities and Exchange Commission senior trial counsels Nick Morgan and Tom Zaccaro exploring current SEC topics with thought leaders and industry experts.

In this episode, Morgan and Zaccaro talk with Ken Bentsen, president and CEO of the Securities Industry and Financial Markets Association, and Ellen Greene, managing director, Equity and Options Market Structure at SIFMA, about the fact that, as of March 17, investors’ personal identifiable information, or PII, becomes available via the Consolidated Audit Trail, known as the CAT, and what Bentsen and Greene say is the SEC’s failure to implement changes to protect investor privacy.

CAT is the SEC-mandated central repository of trades, quotes and orders for all U.S. exchange-listed and over-the-counter equity securities and U.S. exchange-listed options contracts across all U.S. markets and trading venues.

“The CAT was really in response to the flash crash,” Bentsen notes, and ”is also viewed as an enforcement tool” by the commission.

“We’ve had multiple concerns over the years” with the CAT, Bentsen relays. “Our members have all of the responsibility but none of the authority with respect” to the CAT. “We have to report every single trade to the Consolidated Audit Trail; we’re ultimately going to have to pay for some portion of it … Most importantly, we’re turning over our clients’ sensitive information — trade data, some PII, and yet once we hand that data over, we lose all control over that data.”

Now, says Bentsen, the SEC needs to enact data privacy rules that have been pending since 2020.

See also  Startup to Sell Life-LTC Hybrid at the Worksite

The SEC in December brought one of the first enforcement actions sourced from CAT — a $47 million front-running insider trading case, SEC v. Billimek.