SUPPLEMENTARY INFORMATION:
Table of Contents
Supplementary Information
I. Introduction
II. Background
III. Description of the Proposed Plan
1. LLC Agreement
2. Participants
3. Management
4. Initial Plan Processor Selection
5. Functions and Activities of the CAT System
6. Financial Matters
7. Amendments
8. Compliance Rule Applicable to Industry Members
9. Plan Appendices
10. Reporting Procedures
11. Timeliness of Data Reporting
12. Uniform Format
13. Symbology
14. CAT-Reporter-ID
15. Customer-ID
16. Order Allocation Information
17. Options Market Maker Quotes
18. Primary Market Transactions, Debt Securities and Futures
19. Error Rates
20. Retirement of Existing Trade and Order Data Rules and Systems
21. Regulatory Access
22. Upgrades and New Functionalities
23. Business Continuity and Disaster Recovery
24. Records and Accounting and Dissolution and Termination of the Company
25. Security of Data
26. Governing or Constituent Documents
27. Development and Implementation Phases
28. Written Understanding or Agreements Relating To Interpretation of, or Participation in, the Plan
29. Dispute Resolution
IV. Discussion and Commission Findings
A. Definitions, Effectiveness of Agreement, and Participation (Articles I, II, and III)
B. Management of the Company (Article IV)
1. Operating Committee
2. Advisory Committee
3. Officers of the Company
4. Additional Governance Provisions
C. Plan Processor Selection (Article V)
D. Functions and Activities of the CAT System (Article VI)
1. Data Recording and Reporting Requirements
2. Format
3. Reporting Timelines
4. Data Elements
5. Symbology
6. Security of CAT Data
7. Personally Identifiable Information
8. Implementation Schedule
9. Retirement of Existing Trade and Order Data Rules and Systems
10. Primary Market Transactions and Futures
11. Error Rate
12. Business Continuity and Disaster Recovery
13. Business Clock Synchronization and Timestamp Granularity
14. Upgrades and New Functionalities
15. Technical Specifications
E. Capital Accounts, Allocations of Income and Loss, and Distributions (Articles VII and VIII)
F. Funding of the Company (Article XI)
1. Funding Model Generally
2. Funding Model's Allocation of Costs
3. Message Traffic and Market Share Distinction
4. Transparency and Alternatives to the Funding Model
5. Miscellaneous
G. Dispute Resolution
H. Written Assessments, Audits and Reports
V. Economic Analysis
A. Introduction
B. Summary of Expected Economic Effects
C. Framework for Economic Analysis
1. Economic Framework
2. Existing Uncertainties
D. Baseline
1. Current State of Regulatory Activities
2. Current State of Trade and Order Data
E. Benefits
1. Improvements in Data Qualities
2. Improvements to Regulatory Activities
3. Other Provisions of the CAT NMS Plan
F. Costs
1. Analysis of Expected Costs
2. Aggregate Costs to Industry
3. Further Analysis of Costs
4. Expected Costs of Security Breaches
5. Second Order Effects
G. Efficiency, Competition, and Capital Formation
1. Competition
2. Efficiency
3. Capital Formation
4. Related Considerations Affecting Competition, Efficiency and Capital Formation
H. Alternatives
1. Timestamp Granularity
2. Error Rate
3. Error Correction Timeline
4. Requiring Listing Exchange Symbology
5. Clock Synchronization Logging Procedures
6. Data Accessibility Standards
7. Clock Synchronization Hours
8. Primary Market Transactions
9. Periodic Updates to Customer Information
10. Bulk Data Downloads by CAT Reporters
11. Alternatives to the CAT NMS Plan
12. Alternatives Discussed in the CAT NMS Plan
VI. Paperwork Reduction Act
A. Summary of Collection of Information Under Rule 613
1. Central Repository
2. Data Collection and Reporting
3. Collection and Retention of National Best Bid and National Best Offer, Last Sale Data and Transaction Reports
4. Surveillance
5. Participant Rule Filings
6. Document on Expansion to Other Securities
7. Written Assessment of Operation of the Consolidated Audit Trail
B. Proposed Use of Information
1. Central Repository
2. Data Collection and Reporting
3. Collection and Retention of NBBO, Last Sale Data and Transaction Reports
4. Surveillance
5. Document on Expansion to Other Securities
6. Written Assessment of Operation of the Consolidated Audit Trail
C. Respondents
1. National Securities Exchanges and National Securities Associations
2. Members of National Securities Exchanges and National Securities Association
D. Total Initial and Annual Reporting and Recordkeeping Burden
1. Burden on National Securities Exchanges and National Securities Associations
2. Burden on Members of National Securities Exchanges and National Securities Associations
E. Summary of Collection of Information Under the CAT NMS Plan, as Amended by the Commission
1. One-Time Reports
2. Non-Report Commission-Created Information Collections
F. Proposed Use of Information Under the CAT NMS Plan, as Amended by the Commission
1. Independent Audit of Expenses Incurred Prior to the Effective Date
2. Review of Clock Synchronization Standards
3. Coordinated Surveillance Report
4. Assessment of Industry Member Bulk Access to Reported Data
5. Assessment of Errors in Customer Information Fields
6. Report on Impact of Tiered Fees on Market Liquidity
7. Assessment of Material Systems Change on Error Rate
8. Financial Statements
9. Background Checks
G. Total Initial and Annual Reporting and Recordkeeping Burden of Information Collection Under the CAT NMS Plan, as Amended by the Commission
1. Burden on National Securities Exchanges and National Securities Associations
2. Request for Comment
H. Collection of Information Is Mandatory
I. Confidentiality
J. Recordkeeping Requirements
VII. Conclusion
I. Introduction
On February 27, 2015, pursuant to Section 11A of the Securities Exchange Act of 1934 (“Exchange Act” or “Act”) and Rules 608 and 613 of Regulation NMS thereunder, BATS Exchange, Inc. (n/k/a Bats BZX Exchange, Inc.), BATS-Y Exchange, Inc. (n/k/a Bats BYX Exchange, Inc.), BOX Options Exchange LLC, C2 Options Exchange, Incorporated, Chicago Board Options Exchange, Incorporated, Chicago Stock Exchange, Inc., EDGA Exchange, Inc. (n/k/a Bats EDGA Exchange, Inc.), EDGX Exchange, Inc. (n/k/a Bats EDGX Exchange, Inc.), Financial Industry Regulatory Authority, Inc. (“FINRA”), International Securities Exchange, LLC, ISE Gemini, LLC, Miami International Securities Exchange LLC, NASDAQ OMX BX, Inc. (n/k/a NASDAQ BX, Inc.), NASDAQ OMX PHLX LLC (n/k/a NASDAQ PHLX LLC), The NASDAQ Stock Market LLC, National Stock Exchange, Inc., New York Stock Exchange LLC, NYSE MKT LLC, and NYSE Arca, Inc. (collectively, “self-regulatory organizations”, “SROs” or “Participants”), filed with the Securities and Exchange Commission (“Commission” or “SEC”) a National Market System (“NMS”) Plan Governing the Consolidated Audit Trail (the “CAT NMS Plan,” “CAT Plan” or “Plan”). The SROs filed amendments to the CAT NMS Plan on December 24, 2015, and on February 8, 2016. The CAT NMS Plan, as amended, was published for comment in the Federal Register on May 17, 2016.
15 U.S.C. 78k-1.
17 CFR 242.608.
See Letter from Participants to Brent J. Fields, Secretary, Commission, dated February 27, 2015. Pursuant to Rule 613, the SROs were required to file the CAT NMS Plan on or before April 28, 2013. At the SROs' request, the Commission granted exemptions to extend the deadline for filing the CAT NMS Plan to December 6, 2013, and then to September 30, 2014. See Securities Exchange Act Release Nos. 69060 (March 7, 2013), 78 FR 15771 (March 12, 2013); 71018 (December 6, 2013), 78 FR 75669 (December 12, 2013). The SROs filed the CAT NMS Plan on September 30, 2014 (the “Initial CAT NMS Plan”). See Letter from the SROs, to Brent J. Fields, Secretary, Commission, dated September 30, 2014. The CAT NMS Plan filed on February 27, 2015, was an amendment to and replacement of the Initial CAT NMS Plan.
On December 24, 2015, the SROs submitted an Amendment to the CAT NMS Plan. See Letter from Participants to Brent J. Fields, Secretary, Commission, dated December 23, 2015. On February 9, 2016, the Participants filed with the Commission an identical, but unmarked, version of the February 27, 2015 CAT NMS Plan, as modified by the December 24, 2015 Amendment, as well as a copy of the request for proposal issued by the Participants to solicit Bids from parties interested in serving as the Plan Processor for the consolidated audit trail. See Letter from Participants to Brent J. Fields, Secretary, Commission, dated February 8, 2016.
The Commission voted to publish the February 9, 2016 version of the CAT NMS Plan for public comment on April 27, 2016, and this version of the Plan was published in the Federal Register on May 17, 2016. See Securities Exchange Act Release No. 77724, 81 FR 30614 (the “Notice”). Unless the context otherwise requires, the “CAT NMS Plan” shall refer to the February 27, 2015 CAT NMS Plan, as modified by the December 24, 2015 Amendment and published for comment on May 17, 2016. The Commission notes that the application of ISE Mercury, LLC (“ISE Mercury”) for registration as a national securities exchange was granted on January 29, 2016. See Securities Exchange Act Release No. 76998 (January 29, 2016), 81 FR 6066 (February 4, 2016). In addition, the application of the Investors Exchange LLC (“IEX”) for registration as a national securities exchange was granted on June 17, 2016. See Securities Exchange Act Release No. 78101 (June 17, 2016), 81 FR 41142 (June 23, 2016). ISE Mercury and IEX will become Participants in the CAT NMS Plan and are thus accounted for as Participants for purposes of this Order.
The Commission received 24 comment letters in response to the CAT NMS Plan. On July 29, 2016, the Commission extended the deadline for Commission action on the CAT NMS Plan and designated November 10, 2016 as the new date by which the Commission would be required to take action. On September 2, 2016, the Participants submitted a response to the comment letters that the Commission received in response to the CAT NMS Plan. The Participants submitted additional response letters on September 23, 2016 and October 7, 2016. On November 2 and 14, 2016, the Participants submitted additional letters. This Order approves the CAT NMS Plan, with limited changes as described in detail below. The Commission concludes that the Plan, as amended, is necessary and appropriate in the public interest, for the protection of investors and the maintenance of fair and orderly markets, to remove impediments to, and perfect the mechanism of a national market system, or is otherwise in furtherance of the purposes of the Act. A copy of the CAT NMS Plan, as adopted, is attached as Exhibit A hereto.
See Letters to Brent J. Fields, Secretary, Commission, from Kathleen Weiss Hanley, Bolton-Perella Chair in Finance, Lehigh University, et al., dated July 12, 2016 (“Hanley Letter”); Courtney Doyle McGuinn, FIX Operations Director, FIX Trading Community, dated July 14, 2016 (“FIX Trading Letter”); Kelvin To, Founder and President, Data Boiler Technologies, LLC, dated July 15, 2016 (“Data Boiler Letter”); Richard Foster, Senior Vice President and Senior Counsel for Regulatory and Legal Affairs, Financial Services Roundtable, dated July 15, 2016 (“FSR Letter”); David T. Bellaire, Executive Vice President & General Counsel, Financial Services Institute, dated July 18, 2016 (“FSI Letter”); Stuart J. Kaswell, Executive Vice President & Managing Director, General Counsel, Managed Funds Association, dated July 18, 2016 (“MFA Letter”); David W. Blass, General Counsel, Investment Company Institute, dated July 18, 2016 (“ICI Letter”); Larry E. Thompson, Vice Chairman and General Counsel, Depository Trust & Clearing Corporation, dated July 18, 2016 (“DTCC Letter”); Manisha Kimmel, Chief Regulatory Officer, Wealth Management, Thomson Reuters, dated July 18, 2016 (“TR Letter”); Theodore R. Lazo, Managing Director and Associate General Counsel, and Ellen Greene, Managing Director, Financial Services Operations, Securities Industry and Financial Markets Association, dated July 18, 2016 (“SIFMA Letter”); Anonymous, received July 18, 2016 (“Anonymous Letter I”); Mary Lou Von Kaenel, Managing Director, Financial Information Forum, dated July 18, 2016 (“FIF Letter”); Marc R. Bryant, Senior Vice President, Deputy General Counsel, Fidelity Investments, dated July 18, 2016 (“Fidelity Letter”); Mark Husler, CEO, UnaVista, and Jonathan Jachym, Head of North America Regulatory Strategy & Government Relations, London Stock Exchange Group, dated July 18, 2016 (“UnaVista Letter”); Gary Stone, Chief Strategy Officer for Trading Solutions and Global Regulatory and Policy Group, Bloomberg, L.P., dated July 18, 2016 (“Bloomberg Letter”); Bonnie K. Wachtel, Wachtel Co Inc., dated July 18, 2016 (“Wachtel Letter”); Dennis M. Kelleher, President & CEO, Stephen W. Hall, Legal Director & Securities Specialist, Lev Bagramian, Senior Securities Policy Advisor, Better Markets, dated July 18, 2016 (“Better Markets Letter”); John A. McCarthy, General Counsel, KCG Holdings, Inc., dated July 20, 2016 (“KCG Letter”); Industry Members of the Development Advisory Group (“DAG”) (including Financial Information Forum, Securities Industry and Financial Markets Association and Securities Traders Association), dated July 20, 2016 (“DAG Letter”); Joanne Moffic-Silver, EVP, General Counsel & Corporate Secretary, Chicago Board Options Exchange, Incorporated, dated July 21, 2016 (“CBOE Letter”); Elizabeth K. King, NYSE Group, Inc., dated July 21, 2016 (“NYSE Letter”); James Toes, Securities President & CEO, Securities Traders Association, dated July 25, 2016 (“STA Letter”); Anonymous, received August 12, 2016 (“Anonymous Letter II”); Scott Garrett, Member of Congress, et al., dated October 14, 2016 (“Garrett Letter”). See Exhibit B for a citation key to the comment letters received by the Commission on the proposed CAT NMS Plan.
See Securities Exchange Act Release No. 78441 (July 29, 2016), 81 FR 51527 (August 4, 2016).
See Letter from Participants to Brent J. Fields, Secretary, Commission, dated September 2, 2016 (“Response Letter I”).
See Letters from Participants to Brent J. Fields, Secretary, Commission, dated September 23, 2016 (“Response Letter II”) and October 7, 2016 (“Response Letter III”).
See Letter from Participants to Brent J. Fields, Secretary, Commission, dated November 2, 2016 (“Participants' Letter I”); Letter from Participants to Brent J. Fields, Secretary, Commission, dated November 14, 2016 (“Participants' Letter II”).
II. Background
The Commission believes that the regulatory data infrastructure on which the SROs and the Commission currently must rely generally is outdated and inadequate to effectively oversee a complex, dispersed, and highly automated national market system. In performing their oversight responsibilities, regulators today must attempt to pull together disparate data from a variety of existing information systems lacking in completeness, accuracy, accessibility, and/or timeliness —a model that neither supports the efficient aggregation of data from multiple trading venues nor yields the type of complete and accurate market activity data needed for robust market oversight.
Completeness refers to whether a data source represents all market activity of interest to regulators, and whether the data is sufficiently detailed to provide the information regulators require. While current data sources provide the trade and order data required by existing rules and regulations, those sources generally do not provide all of the information of interest to regulators in one consolidated audit trail. Accuracy refers to whether the data about a particular order or trade is correct and reliable. Accessibility refers to how the data is stored, how practical it is to assemble, aggregate, and process the data, and whether all appropriate regulators could acquire the data they need. Timeliness refers to when the data is available to regulators and how long it would take to process before it could be used for regulatory analysis. See Adopting Release, infra note 14, at 45727.
Currently, FINRA and the exchanges maintain their own separate audit trail systems for trading activity, which vary in scope, required data elements and format. In performing their market oversight responsibilities, SRO and Commission Staffs must rely heavily on data from these various SRO audit trails. However, each of these systems has shortcomings in completeness, accuracy, accessibility, or timeliness. Some of these shortcomings are a result of the disparate nature of the systems, which makes it impractical, for example, to follow orders through their entire lifecycle as they may be routed, aggregated, re-routed, and disaggregated across multiple markets. These systems also lack key information useful for regulatory oversight, such as the identity of the customers who originate orders, or that two sets of orders may have been originated by the same customer. Although SRO and Commission Staffs also have access to sources of market activity data other than SRO audit trails, these sources likewise suffer from their own drawbacks.
The Commission notes that the SROs have taken steps in recent years to update their audit trail requirements. For example, NYSE, NYSE Amex LLC (n/k/a “NYSE MKT LLC”) (“NYSE Amex”), and NYSE ARCA, Inc. (“NYSE Arca”) have adopted audit trail rules that coordinate with FINRA's Order Audit Trail System (“OATS”) requirements. See Securities Exchange Act Release No. 65523 (October 7, 2011), 76 FR 64154 (October 17, 2011) (concerning NYSE); Securities Exchange Act Release No. 65524 (October 7, 2011), 76 FR 64151 (October 17, 2011) (concerning NYSE Amex); Securities Exchange Act Release No. 65544 (October 12, 2011), 76 FR 64406 (October 18, 2011) (concerning NYSE Arca). This allows the SROs to submit their data to FINRA pursuant to a Regulatory Service Agreement (“RSA”), which FINRA can then reformat and combine with OATS data. Despite these efforts, however, significant deficiencies remain. See Notice, supra note 5, at Section IV.D.2.b.
See Notice, supra note 5, at Section IV.D.2.b (discussing the limitations of current trade and order data systems).
Recognizing these shortcomings, on July 11, 2012, the Commission adopted Rule 613 of Regulation NMS under the Act, which requires the SROs to submit an NMS plan to create, implement, and maintain a consolidated audit trail (“CAT”) that would capture customer and order event information for orders in NMS securities, across all markets, from the time of order inception through routing, cancellation, modification, or execution in a single, consolidated data source. Specifically, Rule 613 requires the Participants to “jointly file . . . a national market system plan to govern the creation, implementation, and maintenance of a consolidated audit trail and Central Repository.” The purpose of the Plan, and the creation, implementation and maintenance of a comprehensive audit trail for the U.S. securities markets described therein, is to “substantially enhance the ability of the SROs and the Commission to oversee today's securities markets and fulfill their responsibilities under the federal securities laws.” As contemplated by Rule 613, the CAT “will allow for the prompt and accurate recording of material information about all orders in NMS securities, including the identity of customers, as these orders are generated and then routed throughout the U.S. markets until execution, cancellation, or modification. This information will be consolidated and made readily available to regulators in a uniform electronic format.”
See Securities Exchange Act Release No. 67457 (July 18, 2012), 77 FR 45722 (August 1, 2012) (“Adopting Release”); see also Securities Exchange Act Release No. 62174 (May 26, 2010), 75 FR 32556 (June 8, 2010) (“Proposing Release”).
17 CFR 242.613(a)(1), (c)(1), (c)(7).
See Adopting Release, supra note 14, at 45726.
Id. The Plan also includes certain recording and reporting obligations for OTC Equity Securities.
The SROs filed the CAT NMS Plan pursuant to Rule 613, as modified by exemptive relief granted by the Commission, pursuant to Rule 0-12 under the Act, from certain requirements of Rule 613.
See supra note 4.
17 CFR 240.0-12.
See Securities Exchange Act Release No. 77265 (March 1, 2016), 81 FR 11856 (March 7, 2016) (“Exemption Order”); Letter from Participants to Brent J. Fields, Secretary, Commission, dated January 30, 2015 (“Exemptive Request Letter”). Specifically, the SROs requested exemptive relief from the Rule's requirements related to: (i) The reporting of Options Market Maker quotations, as required under Rule 613(c)(7)(ii) and (iv); (ii) the reporting and use of the Customer-ID under Rule 613(c)(7)(i)(A), (iv)(F), (viii)(B) and 613(c)(8); (iii) the reporting of the CAT-Reporter-ID, as required under Rule 613(c)(7)(i)(C), (ii)(D), (ii)(E), (iii)(D), (iii)(E), (iv)(F), (v)(F), (vi)(B), and (c)(8); (iv) the linking of executions to specific subaccount allocations, as required under Rule 613(c)(7)(vi)(A); and (v) the timestamp granularity requirement of Rule 613(d)(3) for certain manual order events subject to reporting under Rule 613(c)(7)(i)(E), (ii)(C), (iii)(C) and (iv)(C). On April 3, 2015, the SROs filed a supplement related to the requested exemption for Rule 613(c)(7)(vi)(A). See Letter from Robert Colby, FINRA, on behalf of the SROs, to Brent J. Fields, Secretary, Commission, dated April 3, 2015 (“April 2015 Supplement”). This supplement provided examples of how the proposed relief related to allocations would operate. On September 2, 2015, the SROs filed a second supplement to the Exemptive Request Letter. See Letter from the SROs to Brent J. Fields, Secretary, Commission, dated September 2, 2015 (“September 2015 Supplement”). This supplement to the Exemptive Request Letter further addressed the use of an “effective date” in lieu of a “date account opened.” Unless the context otherwise requires, the “Exemption Request” shall refer to the Exemptive Request Letter, as supplemented by the April 2015 Supplement and the September 2015 Supplement.
The CAT NMS Plan filed by the SROs incorporates the SROs' NMS plan approval process for reviewing, evaluating and ultimately selecting the Plan Processor, as set forth in a separate NMS plan submitted by the SROs and approved by the Commission (the “Selection Plan”). On February 26, 2013, the Participants published a request for proposal (“RFP”) soliciting Bids from parties interested in serving as the Plan Processor. As of the publication date of this Order, the Participants, through the process described in the Selection Plan, have narrowed the pool of Bidders to three remaining Shortlisted Bidders.
As set forth in Section 1.1 of the CAT NMS Plan, supra note 5, the Plan Processor “means the Initial Plan Processor or any other Person selected by the Operating Committee pursuant to SEC Rule 613 and Sections 4.3(b)(i) and 6.1 [to] perform the CAT processing functions required by SEC Rule 613 and set forth in [the CAT NMS Plan].” All capitalized terms not otherwise defined herein shall have the meaning ascribed to them in Rule 613, the Adopting Release, or the CAT NMS Plan, as applicable.
See Securities Exchange Act Release Nos. 70892 (November 15, 2013), 78 FR 69910 (November 21, 2013) (“Selection Plan Notice”); 75192 (June 17, 2015), 80 FR 36028 (June 23, 2015) (Order Approving Amendment No. 1 to the Selection Plan); 75980 (September 24, 2015), 80 FR 58796 (September 30, 2015) (Order Approving Amendment No. 2 to the Selection Plan); 77917 (May 25, 2016), 81 FR 35072 (June 1, 2016) (Notice of Filing and Immediate Effectiveness of Amendment No. 3 to the Selection Plan); 78477 (August 4, 2016), 81 FR 52917 (August 10, 2016) (Notice of Filing and Immediate Effectiveness of Amendment No. 4 to the Selection Plan); see also Securities Exchange Act Release Nos. 71596 (February 21, 2014), 79 FR 11152 (February 27, 2014) (“Selection Plan Approval Order”); 74223 (February 6, 2015), 80 FR 7654 (February 11, 2015) (Notice of Amendment No. 1 to the Selection Plan); 75193 (June 17, 2015), 80 FR 36006 (June 23, 2015) (Notice of Amendment No. 2 to the Selection Plan).
See Notice, supra note 5, at 30885-30952 for a complete version of the Consolidated Audit Trail National Market System Plan Request for Proposal (issued February 26, 2013, version 3.0 updated March 4, 2014). Other materials related to the RFP are available at http://catnmsplan.com/process/ . Among other things, the RFP describes the technical, business, and operational requirements for CAT and outlines the information that must be submitted by Bidders in response to the RFP.
“Shortlisted Bidders” were selected by the Selection Committee through the voting and scoring processes described in Section 5.2 of the CAT NMS Plan. See CAT NMS Plan, supra note 5, at Section 1.1; see also Section III.4, infra (describing the selection of the Plan Processor).
The CAT NMS Plan also includes an economic analysis that, as required by Rule 613, was conducted by the SROs. The Commission notes that, in the Adopting Release for Rule 613, the Commission considered the economic effects of the actions the SROs were required to undertake pursuant to Rule 613, specifically the requirement that the SROs develop an NMS plan, utilizing their own resources and undertaking their own research, that addresses the specific details, cost estimates, considerations, and other requirements of the Rule. The Commission noted in the Adopting Release that Rule 613 provided the SROs with “flexibility in how they [chose] to meet the requirements of the adopted Rule,” allowing the SROs to consider a number of different approaches in developing the CAT NMS Plan. The Commission also noted that “the costs and benefits of creating a consolidated audit trail, and the consideration of specific costs as related to specific benefits, is more appropriately analyzed once the SROs narrow the expanded array of choices they have under the adopted Rule and develop a detailed NMS plan.” Accordingly, the Commission required the SROs to conduct an economic analysis and deferred the Commission's own economic analysis of the actual creation, implementation, and maintenance of the CAT until after submission of the required NMS plan. In accordance with this approach, the Commission included its preliminary analysis and conclusions regarding the economic effects of the CAT NMS Plan when it published the CAT NMS Plan for public comment.
See Adopting Release, supra note 14, at 45726.
Id. at 45725.
See Adopting Release, supra note 14, at 45725.
III. Description of the Proposed Plan
The Commission notes that this Section III describes the CAT NMS Plan, as filed by the Participants pursuant to Rule 613 and modified by the Exemption Order, that was published for public comment by the Commission. Section IV, below, discusses the comments received as well as amendments that the Commission is making to the Plan in light of some of the comments; these amendments are marked against the proposed Plan in Exhibit A to this Order.
See Exemption Order, supra note 21.
See Notice, supra note 5.
1. LLC Agreement
The Participants propose to conduct the activities related to the CAT in a Delaware limited liability company pursuant to a limited liability company agreement, entitled the Limited Liability Company Agreement (“LLC Agreement”) of CAT NMS, LLC (“Company” or “CAT LLC”). The Participants will jointly own on an equal basis the Company. The Company will create, implement and maintain the CAT. The LLC Agreement, itself, including its appendices, is the proposed Plan, which would be a national market system plan as defined in Rule 600(b)(43) of NMS.
Id.
See CAT NMS Plan, supra note 5, at Section 3.2(d).
Id. at Section 2.6.
See Notice, supra note 5, at 30618.
2. Participants
Each national securities exchange and national securities association currently registered with the Commission would be a Participant in the Plan. The names and addresses of each Participant are set forth in Exhibit A to the Plan. Article III of the Plan provides that any entity approved by the Commission as a national securities exchange or national securities association under the Exchange Act after the Effective Date may become a Participant by submitting to the Company a completed application in the form provided by the Company and satisfying each of the following requirements: (1) Executing a counterpart of the LLC Agreement as then in effect; and (2) paying a fee to the Company in an amount determined by a Majority Vote of the Operating Committee as fairly and reasonably compensating the Company and the Participants for costs incurred in creating, implementing and maintaining the CAT (including such costs incurred in evaluating and selecting the Initial Plan Processor and any subsequent Plan Processor) and for costs the Company incurs in providing for the prospective Participant's participation in the Company, including after consideration of certain factors identified in Section 3.3(b) of the Agreement (“Participation Fee”). Amendment of the Plan reflecting the admission of a new Participant will be effective only when: (1) It is approved by the SEC in accordance with Rule 608 or otherwise becomes effective pursuant to Rule 608; and (2) the prospective Participant pays the Participation Fee.
Id.
See CAT NMS Plan, supra note 5, at Section 3.1.
“Majority Vote” means the affirmative vote of at least a majority of all of the members of the Operating Committee or any Subcommittee, as applicable, authorized to cast a vote with respect to a matter presented for a vote (whether or not such a member is present at any meeting at which a vote is taken) by the Operating Committee or any Subcommittee, as applicable (excluding, for the avoidance of doubt, any member of the Operating Committee or any Subcommittee, as applicable, that is recused or subject to a vote to recuse from such matter pursuant to Section 4.3(d) of the CAT NMS Plan). See CAT NMS Plan, supra note 5, at Section 1.1.
The “Initial Plan Processor” means the first Plan Processor selected by the Operating Committee in accordance with Rule 613, Section 6.1 and the Selection Plan. See CAT NMS Plan, supra note 5, at Section 1.1.
Id. at Section 3.3(a).
Id. at Section 3.3(a)-(b).
A number of factors are relevant to the determination of a Participation Fee. Such factors are: (1) The portion of costs previously paid by the Company for the development, expansion and maintenance of the CAT which, under generally accepted accounting principles (“GAAP”), would have been treated as capital expenditures and would have been amortized over the five years preceding the admission of the prospective Participant; (2) an assessment of costs incurred and to be incurred by the Company for modifying the CAT or any part thereof to accommodate the prospective Participant, which costs are not otherwise required to be paid or reimbursed by the prospective Participant; (3) Participation Fees paid by other Participants admitted as such after the Effective Date; (4) elapsed time from the Effective Date to the anticipated date of admittance of the prospective Participant; and (5) such other factors, if any, as may be determined to be appropriate by the Operating Committee and approved by the Commission. In the event that the Company and a prospective Participant do not agree on the amount of the Participation Fee, such amount will be subject to review by the SEC pursuant to Section 11A(b)(5) of the Exchange Act.
See Notice, supra note 5, at 30618.
See CAT NMS Plan, supra note 5, at Section 3.3(b).
Id.; see also Exchange Act Section 11A(b)(2), 15 U.S.C. 78k-l(b)(5) (which provides that a prohibition or limitation on access to services by a registered securities information processor must be reviewed by the Commission upon application by an aggrieved person).
An applicant for participation in the Company may apply for limited access to the CAT System for planning and testing purposes pending its admission as a Participant by submitting to the Company a completed Application for Limited Access to the CAT System in a form provided by the Company, accompanied by payment of a deposit in the amount established by the Company, which will be applied or refunded as described in such application. To be eligible to apply for such limited access, the applicant must have been approved by the SEC as a national securities exchange or national securities association under the Exchange Act but the applicant has not yet become a Participant of the Plan, or the SEC must have published such applicant's Form 1 Application or Form X-15AA-1 Application to become a national securities exchange or a national securities association, respectively.
“CAT System” means all data processing equipment, communications facilities, and other facilities, including equipment, utilized by the Company or any third parties acting on the Company's behalf in connection with operation of the CAT and any related information or relevant systems pursuant to the LLC Agreement. See CAT NMS Plan, supra note 5, at Section 1.1.
Id. at Section 3.3(c).
Id.
All Company Interests will have the same rights, powers, preferences and privileges and be subject to the same restrictions, qualifications and limitations. Once admitted, each Participant will be entitled to one vote on any matter presented to Participants for their consideration and to participate equally in any distribution made by the Company (other than a distribution made pursuant to Section 10.2 of the Plan). Each Participant will have a Company Interest equal to that of each other Participant.
Id. at Section 3.2(a).
Id. at Sections 3.2(b), 10.2.
Id. at Section 3.2(d).
Article III also describes a Participant's ability to Transfer a Company Interest. A Participant may only Transfer any Company Interest to a national securities exchange or national securities association that succeeds to the business of such Participant as a result of a merger or consolidation with such Participant or the Transfer of all or substantially all of the assets or equity of such Participant (“Permitted Transferee”). A Participant may not Transfer any Company Interest to a Permitted Transferee unless: (1) Such Permitted Transferee executes a counterpart of the Plan; and (2) the amendment to the Plan reflecting the Transfer is approved by the SEC in accordance with Rule 608 or otherwise becomes effective pursuant to Rule 608.
Id. at Section 3.4(b).
Id. at Section 3.4(c).
In addition, Article III addresses the voluntary resignation and termination of participation in the Plan. Any Participant may voluntarily resign from the Company, and thereby withdraw from and terminate its right to any Company Interest, only if: (1) A Permitted Legal Basis for such action exists; and (2) such Participant provides to the Company and each other Participant no less than thirty days prior to the effective date of such action written notice specifying such Permitted Legal Basis, including appropriate documentation evidencing the existence of such Permitted Legal Basis, and, to the extent applicable, evidence reasonably satisfactory to the Company and other Participants that any orders or approvals required from the SEC in connection with such action have been obtained. A validly withdrawing Participant will have the rights and obligations discussed below with regard to termination of participation.
“Permitted Legal Basis” means the Participant has become exempt from, or otherwise has ceased to be subject to, Rule 613 or has arranged to comply with Rule 613 in some manner other than through participation in the LLC Agreement, in each instance subject to the approval of the Commission. See CAT NMS Plan, supra note 5, at Section 1.1.
Id. at Section 3.6.
Id. at Sections 3.6, 3.7.
A Participant's participation in the Company, and its right to any Company Interest, will terminate as of the earliest of: (1) The effective date specified in a valid resignation notice; (2) such time as such Participant is no longer registered as a national securities exchange or national securities association; or (3) the date of termination for failure to pay fees. With regard to the payment of fees, each Participant is required to pay all fees or other amounts required to be paid under the Plan within thirty days after receipt of an invoice or other notice indicating payment is due (unless a longer payment period is otherwise indicated) (the “Payment Date”). If a Participant fails to make such a required payment by the Payment Date, any balance in the Participant's Capital Account will be applied to the outstanding balance. If a balance still remains with respect to any such required payment, the Participant will pay interest on the outstanding balance from the Payment Date until such fee or amount is paid at a per annum rate equal to the lesser of: (1) The Prime Rate plus 300 basis points; or (2) the maximum rate permitted by applicable law. If any such remaining outstanding balance is not paid within thirty days after the Payment Date, the Participants will file an amendment to the Plan requesting the termination of the participation in the Company of such Participant, and its right to any Company Interest, with the SEC. Such amendment will be effective only when it is approved by the SEC in accordance with Rule 608 or otherwise becomes effective pursuant to Rule 608.
Id. at Section 3.7(a).
Id. at Section 3.7(b).
Id.
Id.
Id.
Id.
From and after the effective date of termination of a Participant's participation in the Company, profits and losses of the Company will cease to be allocated to the Capital Account of the Participant. A terminated Participant will be entitled to receive the balance in its Capital Account as of the effective date of termination adjusted for profits and losses through that date, payable within ninety days of the effective date of termination, and will remain liable for its proportionate share of costs and expenses allocated to it for the period during which it was a Participant, for obligations under Section 3.8(c) regarding the return of amounts previously distributed (if required by a court of competent jurisdiction), for its indemnification obligations pursuant to Section 4.1, and for obligations under Section 9.6 regarding confidentiality, but it will have no other obligations under the Plan following the effective date of termination. The Plan will be amended to reflect any termination of participation in the Company of a Participant, provided that such amendment will be effective only when it is approved by the SEC in accordance with Rule 608 or otherwise becomes effective pursuant to Rule 608.
Id. at Section 3.7(c).
Id.
Id.
3. Management
Article IV of the Plan establishes the overall governance structure for the management of the Company. Specifically, the Participants propose that the Company be managed by an Operating Committee.
The Operating Committee will manage the Company except for situations in which the approval of the Participants is required by the Plan or by non-waivable provisions of applicable law. See CAT NMS Plan, supra note 5, at Article IV.
The Operating Committee will consist of one voting member representing each Participant and one alternate voting member representing each Participant who will have a right to vote only in the absence of the Participant's voting member of the Operating Committee. Each of the voting and alternate voting members of the Operating Committee will be appointed by the Participant that he or she represents, will serve at the will of the Participant appointing such member and will be subject to the confidentiality obligations of the Participant that he or she represents as set forth in Section 9.6. One individual may serve as the voting member of the Operating Committee for multiple Affiliated Participants, and such individual will have the right to vote on behalf of each such Affiliated Participant.
Id. at Section 4.2(a).
Id. at Sections 4.2(a), 9.6.
Id. at Section 4.2(a). An “Affiliated Participant” means any Participant controlling, controlled by, or under common control with another Participant. Id. at Section 1.1.
The Operating Committee will elect, by Majority Vote, one of its members to act as Chair for a term of two years. No Person may serve as Chair for more than two successive full terms, and no Person then appointed to the Operating Committee by a Participant that then serves, or whose Affiliate then serves, as the Plan Processor will be eligible to serve as the Chair. The Chair will preside at all meetings of the Operating Committee, designate a Person to act as Secretary, and perform such other duties and possess such other powers as the Operating Committee may from time to time prescribe. The Chair will not be entitled to a tie-breaking vote at any meeting of the Operating Committee.
Id. at Section 4.2(b).
Id.
Id.
Id.
Each of the members of the Operating Committee, including the Chair, will be authorized to cast one vote for each Participant that he or she represents on all matters voted upon by the Operating Committee. Action of the Operating Committee will be authorized by Majority Vote (except under certain designated circumstances), subject to the approval of the SEC whenever such approval is required under the Exchange Act and the rules thereunder. For example, the Plan specifically notes that a Majority Vote of the Operating Committee is required to: (1) Select the Chair; (2) select the members of the Advisory Committee (as described below); (3) interpret the Plan (unless otherwise noted therein); (4) approve any recommendation by the Chief Compliance Officer (“CCO”) pursuant to Section 6.2(a)(v)(A); (5) determine to hold an Executive Session of the Operating Committee; (6) determine the appropriate funding-related policies, procedures and practices consistent with Article XI; and (7) act upon any other matter specified elsewhere in the Plan (which includes the Appendices to the Plan) as requiring a vote, approval or other action of the Operating Committee (other than those matters expressly requiring a Supermajority Vote or a different vote of the Operating Committee).
Id. at Section 4.3(a).
Id.
Id.
Article IV requires a Supermajority Vote of the Operating Committee, subject to the approval of the SEC when required, for the following: (1) Selecting a Plan Processor, other than the Initial Plan Processor selected in accordance with Article V of the Plan; (2) terminating the Plan Processor without cause in accordance with Section 6.1(q); (3) approving the Plan Processor's appointment or removal of the Chief Information Security Officer (“CISO”), CCO, or any Independent Auditor in accordance with Section 6.1(b); (4) entering into, modifying or terminating any Material Contract (if the Material Contract is with a Participant or an Affiliate of a Participant, such Participant and Affiliated Participant will be recused from any vote); (5) making any Material Systems Change; (6) approving the initial Technical Specifications or any Material Amendment to the Technical Specifications proposed by the Plan Processor; (7) amending the Technical Specifications on its own motion; and (8) acting upon any other matter specified elsewhere in the Plan (which includes the Appendices to the Plan) as requiring a vote, approval or other action of the Operating Committee by a Supermajority Vote.
“Supermajority Vote” means the affirmative vote of at least two-thirds of all of the members of the Operating Committee or any Subcommittee, as applicable, authorized to cast a vote with respect to a matter presented for a vote (whether or not such a member is present at any meeting at which a vote is taken) by the Operating Committee or any Subcommittee, as applicable (excluding, for the avoidance of doubt, any member of the Operating Committee or any Subcommittee, as applicable, that is recused or subject to a vote to recuse from such matter pursuant to Section 4.3(d)); provided that if two-thirds of all of such members authorized to cast a vote is not a whole number then that number shall be rounded up to the nearest whole number. Id. at Section 1.1.
Id. at Section 4.3(b).
A member of the Operating Committee or any Subcommittee thereof (as discussed below) shall recuse himself or herself from voting on any matter under consideration by the Operating Committee or such Subcommittee if such member determines that voting on such matter raises a Conflict of Interest. In addition, if the members of the Operating Committee or any Subcommittee (excluding the member thereof proposed to be recused) determine by Supermajority Vote that any member voting on a matter under consideration by the Operating Committee or such Subcommittee raises a Conflict of Interest, such member shall be recused from voting on such matter. No member of the Operating Committee or any Subcommittee will be automatically recused from voting on any matter except matters involving Material Contracts as discussed in the prior paragraph, as otherwise specified in the Plan, and as follows: (1) If a Participant is a Bidding Participant whose Bid remains under consideration, members appointed to the Operating Committee or any Subcommittee by such Participant or any of its Affiliated Participants will be recused from any vote concerning: (a) Whether another Bidder may revise its Bid; (b) the selection of a Bidder; or (c) any contract to which such Participant or any of its Affiliates would be a party in its capacity as Plan Processor; and (2) if a Participant is then serving as Plan Processor, is an Affiliate of the Person then serving as Plan Processor, or is an Affiliate of an entity that is a Material Subcontractor to the Plan Processor, then in each case members appointed to the Operating Committee or any Subcommittee by such Participant or any of its Affiliated Participants shall be recused from any vote concerning: (a) The proposed removal of such Plan Processor; or (b) any contract between the Company and such Plan Processor.
Id. at Section 4.3(d).
Id.
“Bidding Participant” means a Participant that: (a) Submits a Bid; (b) is an Affiliate of an entity that submits a Bid; or (c) is included, or is an Affiliate of an entity that is included, as a Material Subcontractor as part of a Bid. Id. at Section 1.1.
Id. at Section 4.3(d).
Article IV also addresses meetings of the Operating Committee. Meetings of the Operating Committee may be attended by each Participant's voting Representative and its alternate voting Representative and by a maximum of two nonvoting Representatives of each Participant, by members of the Advisory Committee, by the CCO, by other Representatives of the Company and the Plan Processor, by Representatives of the SEC and by such other Persons that the Operating Committee may invite to attend. The Operating Committee, however, may, where appropriate, determine to meet in Executive Session during which only voting members of the Operating Committee will be present. The Operating Committee, however, may invite other Representatives of the Participants, of the Company, of the Plan Processor (including the CCO and the CISO) or the SEC, or such other Persons that the Operating Committee may invite to attend, to be present during an Executive Session. Any determination of the Operating Committee to meet in an Executive Session will be made upon a Majority Vote and will be reflected in the minutes of the meeting. In addition, any Person that is not a Participant but for which the SEC has published a Form 1 Application or Form X-15AA-1 to become a national securities exchange or national securities association, respectively, will be permitted to appoint one primary Representative and one alternate Representative to attend regularly scheduled Operating Committee meetings in the capacity of a non-voting observer, but will not be permitted to have any Representative attend a special meeting, emergency meeting or meeting held in Executive Session of the Operating Committee.
Article IV also addresses, among other things, different types of Operating Committee meetings (regular, special and emergency), frequency of such meetings, how to call such meetings, the location of the meetings, the role of the Chair, and notice regarding such meetings. Id. at Section 4.4.
Id. at Section 4.4(a).
Id.
Id.
Id.
Id. at Section 4.4(b).
The Operating Committee may, by Majority Vote, designate by resolution one or more Subcommittees it deems necessary or desirable in furtherance of the management of the business and affairs of the Company. For any Subcommittee, any member of the Operating Committee who wants to serve thereon may so serve. If Affiliated Participants have collectively appointed one member to the Operating Committee to represent them, then such Affiliated Participants may have only that member serve on the Subcommittee or may decide not to have only that collectively appointed member serve on the Subcommittee. Such member may designate an individual other than himself or herself who is also an employee of the Participant or Affiliated Participants that appointed such member to serve on a Subcommittee in lieu of the particular member. Subject to the requirements of the Plan and non-waivable provisions of Delaware law, a Subcommittee may exercise all the powers and authority of the Operating Committee in the management of the business and affairs of the Company as so specified in the resolution of the Operating Committee designating such Subcommittee.
Id. at Section 4.12(a).
Id.
Id.
Id.
Id.
Article IV requires that the Operating Committee maintain a Compliance Subcommittee for the purpose of aiding the CCO as necessary, including with respect to issues involving: (1) The maintenance of the confidentiality of information submitted to the Plan Processor or Central Repository pursuant to Rule 613, applicable law, or the Plan by Participants and Industry Members; (2) the timeliness, accuracy, and completeness of information submitted pursuant to Rule 613, applicable law or the Plan by Participants and Industry Members; and (3) the manner and extent to which each Participant is meeting its obligations under Rule 613, Section 3.11, and as set forth elsewhere in the Plan and ensuring the consistency of the Plan's enforcement as to all Participants.
Id. at Section 4.12(b).
Article IV also sets forth the requirements for the formation and functioning of an Advisory Committee, which will advise the Participants on the implementation, operation and administration of the Central Repository, including possible expansion of the Central Repository to other securities and other types of transactions.
Id. at Section 4.13(a), (d).
Article IV describes the composition of the Advisory Committee. No member of the Advisory Committee may be employed by or affiliated with any Participant or any of its Affiliates or facilities. The Operating Committee will select one member from representatives of each of the following categories to serve on the Advisory Committee on behalf of himself or herself individually and not on behalf of the entity for which the individual is then currently employed: (1) A broker-dealer with no more than 150 Registered Persons; (2) a broker-dealer with at least 151 and no more than 499 Registered Persons; (3) a broker-dealer with 500 or more Registered Persons; (4) a broker-dealer with a substantial wholesale customer base; (5) a broker-dealer that is approved by a national securities exchange: (a) To effect transactions on an exchange as a specialist, market maker or floor broker; or (b) to act as an institutional broker on an exchange; (6) a proprietary-trading broker-dealer; (7) a clearing firm; (8) an individual who maintains a securities account with a registered broker or dealer but who otherwise has no material business relationship with a broker or dealer or with a Participant; (9) a member of academia with expertise in the securities industry or any other industry relevant to the operation of the CAT System; (10) an institutional investor trading on behalf of a public entity or entities; (11) an institutional investor trading on behalf of a private entity or entities; and (12) an individual with significant and reputable regulatory expertise. The individuals selected to represent categories (1) through (12) above must include, in the aggregate, representatives of no fewer than three broker-dealers that are active in the options business and representatives of no fewer than three broker-dealers that are active in the equities business. In addition, upon a change in employment of any such Advisory Committee member, a Majority Vote of the Operating Committee will be required for such member to be eligible to continue to serve on the Advisory Committee. Furthermore, the SEC's Chief Technology Officer (or the individual then currently employed in a comparable position providing equivalent services) will serve as an observer of the Advisory Committee (but not be a member). The members of the Advisory Committee will have a term of three years.
Id. at Section 4.13(b).
Id.
Id.
Id.
Id.
Four of the initial twelve members of the Advisory Committee will have an initial term of one year, and another four of the initial twelve members of the Advisory Committee will have an initial term of two years. Id. at Section 4.13(c).
Members of the Advisory Committee will have the right to attend meetings of the Operating Committee or any Subcommittee, to receive information concerning the operation of the Central Repository, and to submit their views to the Operating Committee or any Subcommittee on matters pursuant to the Plan prior to a decision by the Operating Committee on such matters. A member of the Advisory Committee will not have a right to vote on any matter considered by the Operating Committee or any Subcommittee. In addition, the Operating Committee or any Subcommittee may meet in Executive Session if the Operating Committee or Subcommittee determines by Majority Vote that such an Executive Session is advisable. The Operating Committee may solicit and consider views of other stakeholders on the operation of the Central Repository in addition to those of the Advisory Committee. Although members of the Advisory Committee will have the right to receive information concerning the operation of the Central Repository, the Operating Committee retains the authority to determine the scope and content of information supplied to the Advisory Committee, which will be limited to that information that is necessary and appropriate for the Advisory Committee to fulfill its functions. Any information received by members of the Advisory Committee will remain confidential unless otherwise specified by the Operating Committee.
Id. at Section 4.13(d).
Id.
See Notice, supra note 5, at 30621 n.54.
Id.
See CAT NMS Plan, supra note 5, at Section 4.13(e).
Id.
Article IV also describes the appointment of Officers for the Company. Specifically, the CCO and the CISO, each of whom will be employed solely by the Plan Processor and neither of whom will be deemed or construed in any way to be an employee of the Company, will be Officers of the Company. Neither such Officer will receive or be entitled to any compensation from the Company or any Participant by virtue of his or her service in such capacity (other than if a Participant is then serving as the Plan Processor, compensation paid to such Officer as an employee of such Participant). Each such Officer will report directly to the Operating Committee. The CCO will work on a regular and frequent basis with the Compliance Subcommittee and/or other Subcommittees as may be determined by the Operating Committee. Except to the extent otherwise provided in the Plan, including Section 6.2, each such Officer will have such fiduciary and other duties with regard to the Plan Processor as imposed by the Plan Processor on such individual by virtue of his or her employment by the Plan Processor.
Id. at Section 4.6(a).
Id.
Id.
Id.
Id. at Sections 4.6(a), 6.2.
In addition, the Plan Processor will inform the Operating Committee of the individual who has direct management responsibility for the Plan Processor's performance of its obligations with respect to the CAT. Subject to approval by the Operating Committee of such individual, the Operating Committee will appoint such individual as an Officer. In addition, the Operating Committee by Supermajority Vote may appoint other Officers as it shall from time to time deem necessary. Any Officer appointed pursuant to Section 4.6(b) will have only such duties and responsibilities as set forth in the Plan, or as the Operating Committee shall from time to time expressly determine. No such Officer shall have any authority to bind the Company (which authority is vested solely in the Operating Committee) or be an employee of the Company, unless in each case the Operating Committee, by Supermajority Vote, expressly determines otherwise. No person subject to a “statutory disqualification” (as defined in Section 3(a)(39) of the Exchange Act) may serve as an Officer. It is the intent of the Participants that the Company have no employees.
Id. at Section 4.6(b).
Id.
Id.
Id.
Id.
Id. The Plan uses the term “statutory disqualification” as defined in Section 3(a)(39) of the Exchange Act, which addresses disqualification from membership or participation in, or association with a member of, an SRO. While Officers of the Plan are not persons associated with a member of an SRO, the Commission interprets this provision of the Plan to mean that no person that is subject to one of the statutory disqualifications set forth in Sections 3(a)(39)(A) through (F) of the Exchange Act may serve as Officer.
See CAT NMS Plan, supra note 5, at Section 4.6(b).
4. Initial Plan Processor Selection
Article V of the Plan sets forth the process for the Participants' evaluation of Bids and the selection process for narrowing down the Bids and choosing the Initial Plan Processor. The initial steps in the evaluation and selection process were and will be performed pursuant to the Selection Plan; the final two rounds of evaluation and voting, as well as the final selection of the Initial Plan Processor, will be performed pursuant to the Plan.
The Plan Processor selection process set forth in the CAT NMS Plan is identical to the post-CAT NMS Plan approval selection process set forth in the Selection Plan. See Selection Plan, supra note 23.
By its terms, the Selection Plan will terminate upon Commission approval of the Plan. Id.
As discussed above, the Selection Committee has selected the Shortlisted Bids pursuant to the Selection Plan. After reviewing the Shortlisted Bids, the Participants have identified the optimal proposed solutions for the CAT and, to the extent possible, included such solutions in the Plan. The Selection Committee will determine, by majority vote, whether Shortlisted Bidders will have the opportunity to revise their Bids. To reduce potential conflicts of interest, no Bidding Participant may vote on whether a Shortlisted Bidder will be permitted to revise its Bid if a Bid submitted by or including the Participant or an Affiliate of the Participant is a Shortlisted Bid. The Selection Committee will review and evaluate all Shortlisted Bids, including any permitted revisions submitted by Shortlisted Bidders. In performing this review and evaluation, the Selection Committee may consult with the Advisory Committee and such other Persons as the Selection Committee deems appropriate, which may include the DAG until the Advisory Committee is formed.
As noted above, the Participants stated their belief that certain exemptive relief is necessary to include in the Plan all of the provisions the Participants believe are part of the optimal solution for the CAT. The Commission notes that the request for exemptive relief was granted on March 1, 2016. See Exemption Order, supra note 21.
See CAT NMS Plan, supra note 5, at Section 5.2(c)(ii).
Id. at Section 5.1(b)(ii).
Id.
Id.
After receipt of any permitted revisions, the Selection Committee will select the Initial Plan Processor from the Shortlisted Bids in two rounds of voting where each Participant has one vote via its Voting Senior Officer in each round. No Bidding Participant, however, will be entitled to vote in any round if the Participant's Bid, a Bid submitted by an Affiliate of the Participant, or a Bid including the Participant or an Affiliate of the Participant is considered in such round. In the first round, each Voting Senior Officer, subject to the recusal provision in Section 5.2(e)(ii), will select a first and second choice, with the first choice receiving two points and the second choice receiving one point. The two Shortlisted Bids receiving the highest cumulative scores in the first round will advance to the second round. In the event of a tie, the tie will be broken by assigning one point per vote to the tied Shortlisted Bids, and the Shortlisted Bid with the most votes will advance. If this procedure fails to break the tie, a revote will be taken on the tied Bids with each vote receiving one point. If the tie persists, the Participants will identify areas for discussion, and revotes will be taken until the tie is broken.
See Notice, supra note 5, at 30623. If the proposed amendment to the Selection Plan is approved, the Selection Committee may determine to narrow the number of Shortlisted Bids prior to the two rounds of voting. Id. at 30623 n.58.
This recusal provision is included in the Plan, as well as in an amendment to the Selection Plan. See Order Approving Amendment No. 2 to the Selection Plan, supra note 23.
See CAT NMS Plan, supra note 5, at Section 5.2(e)(iii)(A).
Id. at Section 5.2(e)(iii)(C). Each round of voting throughout the Plan is independent of other rounds. See Notice, supra note 5, at 30623 n.60.
See CAT NMS Plan, supra note 5, at Section 5.2(e)(iii)(D).
Id.
Id.
Once two Shortlisted Bids have been chosen, the Voting Senior Officers of the Participants (other than those subject to recusal) will vote for a single Shortlisted Bid from the final two to determine the Initial Plan Processor. If the tie persists, the Participants will identify areas for discussion and, following these discussions, revotes will be taken until the tie is broken. As set forth in Article VI of the Plan, following the selection of the Initial Plan Processor, the Participants will file with the Commission a statement identifying the Initial Plan Processor and including the information required by Rule 608.
Id. at Section 5.2(e)(iii)(E).
Id.
Id. at Section 6.7(a)(i).
5. Functions and Activities of the CAT System
a. Plan Processor
Article VI describes the responsibilities of the selected Plan Processor. The Company, under the direction of the Operating Committee, will enter into one or more agreements with the Plan Processor obligating the Plan Processor to perform the functions and duties contemplated by the Plan to be performed by the Plan Processor, as well as such other functions and duties the Operating Committee deems necessary or appropriate.
Id. at Section 6.1(a).
As set forth in the Plan, the Plan Processor is required to develop and, with the prior approval of the Operating Committee, implement policies, procedures, and control structures related to the CAT System that are consistent with Rule 613(e)(4), Appendix C and Appendix D. The Plan Processor will: (1) Comply with applicable provisions of 15 U.S. Code § 78u-6 (Securities Whistleblower Incentives and Protection) and the recordkeeping requirements of Rule 613(e)(8); (2) consistent with Appendix D, Central Repository Requirements, ensure the effective management and operation of the Central Repository; (3) consistent with Appendix D, Data Management, ensure the accuracy of the consolidation of the CAT Data reported to the Central Repository; and (4) consistent with Appendix D, Upgrade Process and Development of New Functionality, design and implement appropriate policies and procedures governing the determination to develop new functionality for the CAT including, among other requirements, a mechanism by which changes can be suggested by Advisory Committee members, Participants, or the Commission. Such policies and procedures also shall: (1) Provide for the escalation of reviews of proposed technological changes and upgrades to the Operating Committee; and (2) address the handling of surveillance, including coordinated, Rule 17d-2 under the Exchange Act or Regulatory Surveillance Agreement(s) (“RSA”) surveillance queries and requests for data. Any policy, procedure or standard (and any material modification or amendment thereto) applicable primarily to the performance of the Plan Processor's duties as the Plan Processor (excluding any policies, procedures or standards generally applicable to the Plan Processor's operations and employees) will become effective only upon approval by the Operating Committee. The Plan Processor also will, subject to the prior approval of the Operating Committee, establish appropriate procedures for escalation of matters to the Operating Committee. In addition to other policies, procedures and standards generally applicable to the Plan Processor's employees and contractors, the Plan Processor will have hiring standards and will conduct and enforce background checks (e.g., fingerprint-based) for all of its employees and contractors to ensure the protection, safeguarding and security of the facilities, systems, networks, equipment and data of the CAT System, and will have an insider and external threat policy to detect, monitor and remedy cyber and other threats.
Id. at Section 6.1(d).
“CAT Data” means data derived from Participant Data, Industry Member Data, SIP Data, and such other data as the Operating Committee may designate as “CAT Data” from time to time. Id. at Section 1.1.
Id. at Section 6.1(d).
Id.
Id. at Section 6.1(e).
Id. at Section 6.1(f).
Id. at Section 6.1(g).
The Plan Processor will enter into appropriate Service Level Agreements (“SLAs”) governing the performance of the Central Repository, as generally described in Appendix D, Functionality of the CAT System, with the prior approval of the Operating Committee. The Plan Processor in conjunction with the Operating Committee will regularly review and, as necessary, update the SLAs, in accordance with the terms of the SLAs. As further contemplated in Appendix C, System Service Level Agreements (SLAs), and in Appendix D, System SLAs, the Plan Processor may enter into appropriate service level agreements with third parties applicable to the Plan Processor's functions related to the CAT System (“Other SLAs”), with the prior approval of the Operating Committee. The CCO and/or the Independent Auditor will, in conjunction with the Plan Processor, and as necessary the Operating Committee, regularly review and, as necessary, update the Other SLAs, in accordance with the terms of the applicable Other SLA. In addition, the Plan Processor: (1) Will, on an ongoing basis and consistent with any applicable policies and procedures, evaluate and implement potential system changes and upgrades to maintain and improve the normal day-to-day operating function of the CAT System; (2) in consultation with the Operating Committee, will, on an as needed basis and consistent with any applicable operational and escalation policies and procedures, implement such material system changes and upgrades as may be required to ensure effective functioning of the CAT System; and (3) in consultation with the Operating Committee, will, on an as needed basis, implement system changes and upgrades to the CAT System to ensure compliance with applicable laws, regulations or rules (including those promulgated by the SEC or any Participant). Furthermore, the Plan Processor will develop and, with the prior approval of the Operating Committee, implement a securities trading policy, as well as necessary procedures, control structures and tools to enforce this policy.
Id. at Section 6.1(h).
Id.
Id.
Id.
Id. at Section 6.1(i).
Id. at Section 6.1(j).
Id. at Section 6.1(k).
Id. at Section 6.1(l).
In addition, the Plan Processor will provide the Operating Committee regular reports on the CAT System's operation and maintenance. Furthermore, upon request of the Operating Committee or any Subcommittee, the Plan Processor will attend any meetings of the Operating Committee or such Subcommittee.
Id. at Section 6.1(o).
Id. at Section 6.1(p).
The Plan Processor may appoint such officers of the Plan Processor as it deems necessary and appropriate to perform its functions under the Plan and Rule 613. The Plan Processor, however, will be required to appoint, at a minimum, the CCO, the CISO, and the Independent Auditor. The Operating Committee, by Supermajority Vote, will approve any appointment or removal of the CCO, CISO, or the Independent Auditor.
Id. at Section 6.1(b).
Id.
Id.
In addition to a CCO, the Plan Processor will designate at least one other employee (in addition to the person then serving as CCO), which employee the Operating Committee has previously approved, to serve temporarily as the CCO if the employee then serving as the CCO becomes unavailable or unable to serve in such capacity (including by reason of injury or illness). Any person designated to serve as the CCO (including to serve temporarily) will be appropriately qualified to serve in such capacity based on the duties and responsibilities assigned to the CCO and will dedicate such person's entire working time to such service (or temporary service) except for any time required to attend to any incidental administrative matters related to such person's employment with the Plan Processor that do not detract in any material respect from such person's service as the CCO. Article VI sets forth various responsibilities of the CCO. With respect to all of his or her duties and responsibilities in such capacity (including those as set forth in the Plan), the CCO will be directly responsible and will directly report to the Operating Committee, notwithstanding that she or he is employed by the Plan Processor. The Plan Processor, subject to the oversight of the Operating Committee, will ensure that the CCO has appropriate resources to fulfill his or her obligations under the Plan and Rule 613. The compensation (including base salary and bonus) of the CCO will be payable by the Plan Processor, but be subject to review and approval by the Operating Committee. The Operating Committee will render the CCO's annual performance review.
Id.
Id.
Id. at Section 6.2(a)(iii).
Id. at Section 6.2(a)(ii).
Id. at Section 6.2(a)(iv).
Id. at Section 6.2(b)(i).
In addition to a CISO, the Plan Processor will designate at least one other employee (in addition to the person then serving as CISO), which employee the Operating Committee has previously approved, to serve temporarily as the CISO if the employee then serving as the CISO becomes unavailable or unable to serve in such capacity (including by reason of injury or illness). Any person designated to serve as the CISO (including to serve temporarily) will be appropriately qualified to serve in such capacity based on the duties and responsibilities assigned to the CISO under the Plan and will dedicate such person's entire working time to such service (or temporary service) except for any time required to attend to any incidental administrative matters related to such person's employment with the Plan Processor that do not detract in any material respect from such person's service as the CISO.
Id.
Id.
The Plan Processor, subject to the oversight of the Operating Committee, will ensure that the CISO has appropriate resources to fulfill the obligations of the CISO set forth in Rule 613 and in the Plan, including providing appropriate responses to questions posed by the Participants and the SEC. In performing such obligations, the CISO will be directly responsible and directly report to the Operating Committee, notwithstanding that he or she is employed by the Plan Processor. The compensation (including base salary and bonus) of the CISO will be payable by the Plan Processor, but be subject to review and approval by the Operating Committee, and the Operating Committee will render the CISO's annual performance review. Consistent with Appendices C and D, the CISO will be responsible for creating and enforcing appropriate policies, procedures, standards, control structures and real-time tools to monitor and address data security issues for the Plan Processor and the Central Repository, as described in the Plan. At regular intervals, to the extent that such information is available to the Company, the CISO will report to the Operating Committee the activities of the Financial Services Information Sharing and Analysis Center (“FS-ISAC”) or comparable bodies to the extent that the Company has joined FS-ISAC or other comparable body.
Id. at Section 6.2(b)(ii).
Id. at Section 6.2(b)(iii).
Id. at Section 6.2(b)(iv).
Id. at Section 6.2(b)(v).
Id. at Section 6.2(b)(vi).
The Plan Processor will afford to the Participants and the Commission such access to the Representatives of the Plan Processor as any Participant or the Commission may reasonably request solely for the purpose of performing such Person's regulatory and oversight responsibilities pursuant to the federal securities laws, rules, and regulations or any contractual obligations. The Plan Processor will direct such Representatives to reasonably cooperate with any inquiry, investigation, or proceeding conducted by or on behalf of any Participant or the Commission related to such purpose.
Id. at Section 6.1(u).
Id.
The Operating Committee will review the Plan Processor's performance under the Plan at least once each year, or more often than once each year upon the request of two or more Participants that are not Affiliated Participants. The Operating Committee will notify the SEC of any determination made by the Operating Committee concerning the continuing engagement of the Plan Processor as a result of the Operating Committee's review of the Plan Processor and will provide the SEC with a copy of any reports that may be prepared in connection therewith.
Id. at Section 6.1(n).
Id.
The Operating Committee, by Supermajority Vote, may remove the Plan Processor from such position at any time. However, the Operating Committee, by Majority Vote, may remove the Plan Processor from such position at any time if it determines that the Plan Processor has failed to perform its functions in a reasonably acceptable manner in accordance with the provisions of the Plan or that the Plan Processor's expenses have become excessive and are not justified. In making such a determination, the Operating Committee will consider, among other factors: (1) The reasonableness of the Plan Processor's response to requests from Participants or the Company for technological changes or enhancements; (2) results of any assessments performed pursuant to Section 6.6; (3) the timeliness of preventative and corrective information technology system maintenance for reliable and secure operations; (4) compliance with requirements of Appendix D; and (5) such other factors related to experience, technological capability, quality and reliability of service, costs, back-up facilities, failure to meet service level agreement(s) and regulatory considerations as the Operating Committee may determine to be appropriate.
Id. at Section 6.1(q).
Id. at Section 6.1(r).
Id.
In addition, the Plan Processor may resign upon two year's (or such other shorter period as may be determined by the Operating Committee by Supermajority Vote) prior written notice. The Operating Committee will fill any vacancy in the Plan Processor position by Supermajority Vote, and will establish a Plan Processor Selection Subcommittee to evaluate and review Bids and make a recommendation to the Operating Committee with respect to the selection of the successor Plan Processor.
Id. at Section 6.1(s).
Id. at Section 6.1(t).
b. Central Repository
The Central Repository, under the oversight of the Plan Processor, and consistent with Appendix D, Central Repository Requirements, will receive, consolidate, and retain all CAT Data. The Central Repository will collect (from a Securities Information Processor (“SIP”) or pursuant to an NMS plan) and retain on a current and continuing basis, in a format compatible with the Participant Data and Industry Member Data, all data, including the following: (1) Information, including the size and quote condition, on quotes, including the National Best Bid and National Best Offer for each NMS Security; (2) Last Sale Reports and transaction reports reported pursuant to an effective transaction reporting plan filed with the SEC pursuant to, and meeting the requirements of, Rules 601 and 608; (3) trading halts, Limit Up-Limit Down price bands and LULD indicators; and (4) summary data or reports described in the specifications for each of the SIPs and disseminated by the respective SIP.
Id. at Section 6.5(a)(i).
Id. at Section 6.5(a)(ii)(A).
Id. at Section 6.5(a)(ii)(B).
Id. at Section 6.5(a)(ii)(C).
Id. at Section 6.5(a)(ii)(D).
Consistent with Appendix D, Data Retention Requirements, the Central Repository will retain the information collected pursuant to paragraphs (c)(7) and (e)(7) of Rule 613 in a convenient and usable standard electronic data format that is directly available and searchable electronically without any manual intervention by the Plan Processor for a period of not less than six years. Such data, when available to the Participants' regulatory Staff and the SEC, will be linked. In addition, the Plan Processor will implement and comply with the records retention policy contemplated by Section 6.1(d)(i).
Id. at Section 6.5(b)(i).
Id. at Section 6.5(b)(ii).
Consistent with Appendix D, Data Access, the Plan Processor will provide Participants and the SEC access to the Central Repository (including all systems operated by the Central Repository), and access to and use of the CAT Data stored in the Central Repository, solely for the purpose of performing their respective regulatory and oversight responsibilities pursuant to the federal securities laws, rules and regulations or any contractual obligations. The Plan Processor will create and maintain a method of access to the CAT Data stored in the Central Repository that includes the ability to run searches and generate reports. The method in which the CAT Data is stored in the Central Repository will allow the ability to return results of queries that are complex in nature, including market reconstructions and the status of order books at varying time intervals. The Plan Processor will, at least annually and at such earlier time promptly following a request by the Operating Committee, certify to the Operating Committee that only the Participants and the SEC have access to the Central Repository (other than access provided to any Industry Member for the purpose of correcting CAT Data previously reported to the Central Repository by such Industry Member).
Id. at Section 6.5(c)(i).
Id. at Section 6.5(c)(ii).
Id. at Section 6.5(c)(ii).
Id. at Section 6.5(c)(iii); see also id. at Appendix C, The Security and Confidentiality of Information Reported to the Central Repository, and Appendix D, Data Security, describe the security and confidentiality of the CAT Data, including how access to the Central Repository is controlled.
c. Data Recording and Reporting by Participants
The Plan also sets forth the requirements regarding the data recording and reporting by Participants. Each Participant will record and electronically report to the Central Repository the following details for each order and each Reportable Event, as applicable (“Participant Data;” also referred to as “Recorded Industry Member Data”, as discussed in the next Section):
See CAT NMS Plan, supra note 5, at Section 6.3. Participants may, but are not required to, coordinate compliance with the recording and reporting efforts through the use of regulatory services agreements and/or agreements adopted pursuant to Rule 17d-2 under the Exchange Act.
See CAT NMS Plan, supra note 5, at Section 6.5(d). The CAT NMS Plan defines “Reportable Event” as “includ[ing], but . . . not limited to, the original receipt or origination, modification, cancellation, routing, execution (in whole or in part) and allocation of an order, and receipt of a routed order.” Id. at Section 1.1.
for original receipt or origination of an order: (1) Firm Designated ID(s) (FDIs) for each customer; (2) CAT-Order-ID; (3) SRO-Assigned Market Participant Identifier of the Industry Member receiving or originating the order; (4) date of order receipt or origination; (5) time of order receipt or origination (using time stamps pursuant to Section 6.8); and (6) the Material Terms of the Order.
Id. at Section 6.3(d)(i)(A).
Id. at Section 6.3(d)(i)(B).
Id. at Section 6.3(d)(i)(C).
Id. at Section 6.3(d)(i)(D).
Id. at Section 6.3(d)(i)(E).
Id. at Section 6.3(d)(i)(F). For a discussion of the Material Terms of the Order required by Rule 613, see Adopting Release, supra note 14, at 45750-52. The Commission notes that the Participants include in the Plan a requirement for the reporting of the OTC Equity Security symbol as one of the “Material Terms of the Order.” See CAT NMS Plan, supra note 5, at Section 1.1.
for the routing of an order: (1) CAT-Order-ID; (2) date on which the order is routed; (3) time at which the order is routed (using time stamps pursuant to Section 6.8); (4) SRO-Assigned Market Participant Identifier of the Industry Member or Participant routing the order; (5) SRO-Assigned Market Participant Identifier of the Industry Member or Participant to which the order is being routed; (6) if routed internally at the Industry Member, the identity and nature of the department or desk to which the order is routed; and (7) the Material Terms of the Order.
See CAT NMS Plan, supra note 5, at Section 6.3(d)(ii)(A).
Id. at Section 6.3(d)(ii)(B).
Id. at Section 6.3(d)(ii)(C).
Id. at Section 6.3(d)(ii)(D).
Id. at Section 6.3(d)(ii)(E).
Id. at Section 6.3(d)(ii)(F).
Id. at Section 6.3(d)(ii)(G).
for the receipt of an order that has been routed, the following information: (1) CAT-Order-ID; (2) date on which the order is received; (3) time at which the order is received (using time stamps pursuant to Section 6.8); (4) SRO-Assigned Market Participant Identifier of the Industry Member or Participant receiving the order; (5) SRO-Assigned Market Participant Identifier of the Industry Member or Participant routing the order; and (6) the Material Terms of the Order.
Id. at Section 6.3(d)(iii)(A).
Id. at Section 6.3(d)(iii)(B).
Id. at Section 6.3(d)(iii)(C).
Id. at Section 6.3(d)(iii)(D).
Id. at Section 6.3(d)(iii)(E).
Id. at Section 6.3(d)(iii)(F).
if the order is modified or cancelled: (1) CAT-Order-ID; (2) date the modification or cancellation is received or originated; (3) time at which the modification or cancellation is received or originated (using time stamps pursuant to Section 6.8); (4) price and remaining size of the order, if modified; (5) other changes in Material Terms, if modified; and (6) whether the modification or cancellation instruction was given by the Customer, or was initiated by the Industry Member or Participant.
Id. at Section 6.3(d)(iv)(A).
Id. at Section 6.3(d)(iv)(B).
Id. at Section 6.3(d)(iv)(C).
Id. at Section 6.3(d)(iv)(D).
Id. at Section 6.3(d)(iv)(E).
Id. at Section 6.3(d)(iv)(F).
if the order is executed, in whole or in part: (1) CAT-Order-ID; (2) date of execution; (3) time of execution (using time stamps pursuant to Section 6.8); (4) execution capacity (principal, agency or riskless principal); (5) execution price and size; (6) the SRO-Assigned Market Participant Identifier of the Participant or Industry Member executing the order; (7) whether the execution was reported pursuant to an effective transaction reporting plan or the Plan for Reporting of Consolidated Options Last Sale Reports and Quotation Information; and (8) other information or additional events as may otherwise be prescribed in Appendix D, Reporting and Linkage Requirements.
Id. at Section 6.3(d)(v)(A).
Id. at Section 6.3(d)(v)(B).
Id. at Section 6.3(d)(v)(C).
Id. at Section 6.3(d)(v)(D).
Id. at Section 6.3(d)(v)(E).
Id. at Section 6.3(d)(v)(F).
Id. at Section 6.3(d)(v)(G).
Id. at Section 6.3(d)(vi).
As contemplated in Appendix D, Data Types and Sources, each Participant will report Participant Data to the Central Repository for consolidation and storage in a format specified by the Plan Processor, approved by the Operating Committee and compliant with Rule 613. As further described in Appendix D, Reporting and Linkage Requirements, each Participant is required to record the Participant Data contemporaneously with the Reportable Event. In addition, each Participant must report the Participant Data to the Central Repository by 8:00 a.m. Eastern Time (“ET”) on the Trading Day following the day that the Participant recorded the Participant Data. Participants may voluntarily report the Participant Data prior to the 8:00 a.m. ET deadline.
Id. at Section 6.3(a); Appendix D, Section 2.1.
Id. at Section 6.3(b)(i); Appendix D, Section 3.
Id. at Section 6.3(b)(ii).
Id. at Section 6.3(b)(ii).
Each Participant that is a national securities exchange is required to comply with the above recording and reporting requirements for each NMS Security registered or listed for trading on such exchange or admitted to unlisted trading privileges on such exchange. Each Participant that is a national securities association is required to comply with the above recording and reporting requirements for each Eligible Security for which transaction reports are required to be submitted to the association.
Id. at Section 6.3(c)(i).
Id. at Section 6.3(c)(ii).
d. Data Reporting and Recording by Industry Members
The Plan also sets forth the data reporting and recording requirements for Industry Members. Specifically, subject to Section 6.4(c), and Section 6.4(d)(iii) with respect to Options Market Makers, and consistent with Appendix D, Reporting and Linkage Requirements, each Participant, through its Compliance Rule, will require its Industry Members to record and electronically report to the Central Repository for each order and each Reportable Event the information referred to in Section 6.3(d), as applicable (“Recorded Industry Member Data”)—that is, Participant Data discussed above. In addition, subject to Section 6.4(c), and Section 6.4(d)(iii) with respect to Options Market Makers, and consistent with Appendix D, Reporting and Linkage Requirements, each Participant, through its Compliance Rule, will require its Industry Members to record and report to the Central Repository the following (“Received Industry Member Data” and, collectively with the Recorded Industry Member Data, “Industry Member Data”): (1) If the order is executed, in whole or in part: (a) An Allocation Report; (b) SRO-Assigned Market Participant Identifier of the clearing broker or prime broker, if applicable; and (c) CAT-Order-ID of any contra-side order(s); (2) if the trade is cancelled, a cancelled trade indicator; and (3) for original receipt or origination of an order, information of sufficient detail to identify the Customer.
Id. at Section 6.4(d)(i).
Id. at Section 6.4(d)(ii).
Id.
With respect to the reporting obligations of an Options Market Maker with regard to its quotes in Listed Options, Reportable Events required pursuant to Sections 6.3(d)(ii) and (iv) will be reported to the Central Repository by an Options Exchange in lieu of the reporting of such information by the Options Market Maker. Each Participant that is an Options Exchange will, through its Compliance Rule, require its Industry Members that are Options Market Makers to report to the Options Exchange the time at which a quote in a Listed Option is sent to the Options Exchange (and, if applicable, any subsequent quote modifications and/or cancellation time when such modification or cancellation is originated by the Options Market Maker). Such time information also will be reported to the Central Repository by the Options Exchange in lieu of reporting by the Options Market Maker.
Id. at Section 6.4(d)(iii).
Id.
Id.
Each Participant will, through its Compliance Rule, require its Industry Members to record and report to the Central Repository other information or additional events as prescribed in Appendix D, Reporting and Linkage Requirements.
Id. at Section 6.4(d)(v).
As contemplated in Appendix D, Data Types and Sources, each Participant will require its Industry Members to report Industry Member Data to the Central Repository for consolidation and storage in a format(s) specified by the Plan Processor, approved by the Operating Committee and compliant with Rule 613. As further described in Appendix D, Reporting and Linkage Requirements, each Participant will require its Industry Members to record Recorded Industry Member Data contemporaneously with the applicable Reportable Event. In addition, consistent with Appendix D, Reporting and Linkage Requirements, each Participant will require its Industry Members to report: (1) Recorded Industry Member Data to the Central Repository by 8:00 a.m. ET on the Trading Day following the day the Industry Member records such Recorded Industry Member Data; and (2) Received Industry Member Data to the Central Repository by 8:00 a.m. ET on the Trading Day following the day the Industry Member receives such Received Industry Member Data. Each Participant will permit its Industry Members to voluntarily report Industry Member Data prior to the applicable 8:00 a.m. ET deadline.
Id. at Section 6.4(e).
Id. at Section 6.4(b)(i).
Id. at Section 6.4(b)(ii).
Id.
Each Participant that is a national securities exchange must require its Industry Members to report Industry Member Data for each NMS Security registered or listed for trading on such exchange or admitted to unlisted trading privileges on such exchange. Each Participant that is a national securities association must require its Industry Members to report Industry Member Data for each Eligible Security for which transaction reports are required to be submitted to the association.
Id. at Section 6.4(c)(i).
Id. at Section 6.4(c)(ii).
e. Written Assessment
As described in Article VI, the Participants are required to provide the Commission with a written assessment of the operation of the CAT that meets the requirements set forth in Rule 613, Appendix D, and the Plan at least every two years or more frequently in connection with any review of the Plan Processor's performance under the Plan pursuant to Section 6.1(n). The CCO will oversee this assessment and will provide the Participants a reasonable time to review and comment upon the written assessment prior to its submission to the SEC. In no case will the written assessment be changed or amended in response to a comment from a Participant; rather any comment by a Participant will be provided to the SEC at the same time as the written assessment.
See CAT NMS Plan, supra note 5, at Section 6.6(a)(i).
Id. at Section 6.6(a)(ii).
Id.
f. Business Clock Synchronization and Timestamp
Section 6.8 of the Plan discusses the synchronization of Business Clocks and timestamps.
Id. at Section 1.1. The CAT NMS Plan defines a “Business Clock” to mean “a clock used to record the date and time of any Reportable Event required to be reported under SEC Rule 613.” Id.
Each Participant is required to synchronize its Business Clocks (other than such Business Clocks used solely for Manual Order Events) at a minimum to within 50 milliseconds of the time maintained by the National Institute of Standards and Technology (“NIST”), consistent with industry standards. In addition, each Participant must, through its Compliance Rule, require its Industry Members to: (1) Synchronize their respective Business Clocks (other than such Business Clocks used solely for Manual Order Events) at a minimum to within 50 milliseconds of the time maintained by the NIST, and maintain such a synchronization; (2) certify periodically that their Business Clocks meet the requirements of the Compliance Rule; and (3) report to the Plan Processor and the Participant any violation of the Compliance Rule pursuant to the thresholds set by the Operating Committee. Furthermore, each Participant is required to synchronize its Business Clocks and, through its Compliance Rule, require its Industry Members to synchronize their Business Clocks used solely for Manual Order Events at a minimum to within one second of the time maintained by the NIST, consistent with industry standards, and maintain such synchronization. Each Participant will require its Industry Members to certify periodically (according to a schedule defined by the Operating Committee) that their Business Clocks used solely for Manual Order Events meet the requirements of the Compliance Rule. The Compliance Rule of a Participant shall require its Industry Members using Business Clocks solely for Manual Order Events to report to the Plan Processor any violation of the Compliance Rule pursuant to the thresholds set by the Operating Committee. Pursuant to Section 6.8(c) of the CAT NMS Plan, the CCO, in conjunction with the Participants and other appropriate Industry Member advisory groups, annually must evaluate and make a recommendation to the Operating Committee as to whether the industry standard has evolved such that the clock synchronization standard should be tightened.
Id. at Section 6.8(a)(i). Participants and Industry Members reviewed their respective internal clock synchronization technology practices, and reviewed the results of The Financial Information Forum (“FIF”) Clock Offset and determined that a 50 millisecond clock offset tolerance was consistent with the current industry clock synchronization standard. See CAT NMS Plan, supra note 5, at Appendix C, Section A.3(c) and D.12(p); see also Financial Information Forum, FIF Clock Offset Survey Preliminary Report (February 17, 2015), available at http://www.catnmsplan.com/industryfeedback/p602479.pdf and http://catnmsplan.com/web/groups/catnms/@catnms/documents/appsupportdocs/p602479.pdf (“FIF Clock Offset Survey”).
See CAT NMS Plan, supra note 5, at Section 6.8(a)(ii).
Id. at Section 6.8(a)(iii).
Id.
Id.
Id. at Section 6.8(c).
Appendix C discusses mechanisms to ensure compliance with the 50 millisecond clock offset tolerance. The Participants anticipate that they and Industry Members will adopt policies and procedures to verify the required clock synchronization each trading day before the market opens, as well as periodically throughout the trading day. The Participants also anticipate that they and Industry Members will document their clock synchronization procedures and maintain a log recording the time of each clock synchronization performed, and the result of such synchronization, specifically identifying any synchronization revealing any clock offset between the Participant's or Industry Member's Business Clock and the time maintained by the NIST exceeding 50 milliseconds. The CAT NMS Plan states that once both large and small broker-dealers begin reporting to the Central Repository, and as clock synchronization technology matures further, the Participants will assess, in accordance with Rule 613, tightening the CAT's clock synchronization standards to reflect changes in industry standards.
See id. at Appendix C, Section A.3(c).
See id.
See id. It was noted that such a log would include results for a period of not less than five years ending on the then current date. Id.
See id. at Appendix C, Section D.12(p).
Each Participant shall, and through its Compliance Rule require its Industry Members to, report information required by Rule 613 and the Plan to the Central Repository in milliseconds. To the extent that any Participant utilizes timestamps in increments finer than the minimum required by the Plan, the Participant is required to make reports to the Central Repository utilizing such finer increment when reporting CAT Data to the Central Repository so that all Reportable Events reported to the Central Repository could be adequately sequenced. Each Participant will, through its Compliance Rule: (1) Require that, to the extent that its Industry Members utilize timestamps in increments finer than the minimum required in the Plan, such Industry Members will utilize such finer increment when reporting CAT Data to the Central Repository; and (2) provide that a pattern or practice of reporting events outside of the required clock synchronization time period without reasonable justification or exceptional circumstances may be considered a violation of SEC Rule 613 and the Plan. Notwithstanding the preceding sentences, each Participant and Industry Member will be permitted to record and report Manual Order Events to the Central Repository in increments up to and including one second, provided that Participants and Industry Members will be required to record and report the time when a Manual Order Event has been captured electronically in an order handling and execution system of such Participant or Industry Member (“Electronic Capture Time”) in milliseconds. In conjunction with Participants' and other appropriate Industry Member advisory groups, the CCO will annually evaluate and make a recommendation to the Operating Committee as to whether industry standards have evolved such that the required synchronization should be shortened or the required timestamp should be in finer increments. The Operating Committee will make determinations regarding the need to revise the synchronization and timestamp requirements.
See id. at Section 6.8(b).
Id. at Section 6.8(b).
Id.
Id. at Section 6.8(c).
Id. at Sections 6.8(a)(ii)(C), 6.8(a)(iii).
g. Technical Specifications
Section 6.9 of the Plan establishes the requirements involving the Plan Processor's Technical Specifications. The Plan Processor will publish Technical Specifications that are at a minimum consistent with Appendices C and D, and updates thereto as needed, providing detailed instructions regarding the submission of CAT Data by Participants and Industry Members to the Plan Processor for entry into the Central Repository. The Technical Specifications will be made available on a publicly available Web site to be developed and maintained by the Plan Processor. The initial Technical Specifications and any Material Amendments thereto will require the approval of the Operating Committee by Supermajority Vote.
Id. at Section 6.9(a).
Id.
Id.
The Technical Specifications will include a detailed description of the following: (1) The specifications for the layout of files and records submitted to the Central Repository; (2) the process for the release of new data format specification changes; (3) the process for industry testing for any changes to data format specifications; (4) the procedures for obtaining feedback about and submitting corrections to information submitted to the Central Repository; (5) each data element, including permitted values, in any type of report submitted to the Central Repository; (6) any error messages generated by the Plan Processor in the course of validating the data; (7) the process for file submissions (and re-submissions for corrected files); (8) the storage and access requirements for all files submitted; (9) metadata requirements for all files submitted to the CAT System; (10) any required secure network connectivity; (11) data security standards, which will, at a minimum: (a) Satisfy all applicable regulations regarding database security, including provisions of Regulation Systems Compliance and Integrity under the Exchange Act (“Reg SCI”); (b) to the extent not otherwise provided for under the Plan (including Appendix C thereto), set forth such provisions as may be necessary or appropriate to comply with Rule 613(e)(4); and (c) comply with industry best practices; and (12) any other items reasonably deemed appropriate by the Plan Processor and approved by the Operating Committee.
Id. at Section 6.9(b).
Amendments to the Technical Specifications may be made only in accordance with Section 6.9(c). The process for amending the Technical Specifications varies depending on whether the change is material. An amendment will be deemed “material” if it would require a Participant or an Industry Member to engage in significant changes to the coding necessary to submit information to the Central Repository pursuant to the Plan, or if it is required to safeguard the security or confidentiality of the CAT Data. Except for Material Amendments to the Technical Specifications, the Plan Processor will have the sole discretion to amend and publish interpretations regarding the Technical Specifications; however, all non-Material Amendments made to the Technical Specifications and all published interpretations will be provided to the Operating Committee in writing at least ten days before being published. Such non-Material Amendments and published interpretations will be deemed approved ten days following provision to the Operating Committee unless two or more unaffiliated Participants call for a vote to be taken on the proposed amendment or interpretation. If an amendment or interpretation is called for a vote by two or more unaffiliated Participants, the proposed amendment must be approved by Majority Vote of the Operating Committee. Once a non-Material Amendment has been approved or deemed approved by the Operating Committee, the Plan Processor will be responsible for determining the specific changes to the Central Repository and providing technical documentation of those changes, including an implementation timeline.
Id. at Section 6.9(c).
Id.
Id. at Section 6.9(c)(i).
Id.
Id.
Id.
Material Amendments to the Technical Specifications require approval of the Operating Committee by Supermajority Vote. The Operating Committee, by Supermajority Vote, may amend the Technical Specifications on its own motion.
Id. at Section 6.9(c)(ii).
Id. at Section 6.9(c)(iii).
h. Surveillance
Surveillance requirements are described in Section 6.10. Using the tools provided for in Appendix D, Functionality of the CAT System, each Participant will develop and implement a surveillance system, or enhance existing surveillance systems, reasonably designed to make use of the consolidated information contained in the Central Repository. Unless otherwise ordered by the SEC, within fourteen months after the Effective Date, each Participant must initially implement a new or enhanced surveillance system(s) as required by Rule 613 and Section 6.10(a) of the Plan. Participants may, but are not required to, coordinate surveillance efforts through the use of regulatory services agreements and agreements adopted pursuant to Rule 17d-2 under the Exchange Act.
See CAT NMS Plan, supra note 5, at Section 6.10(a).
Id.
Id. at Section 6.10(b).
Consistent with Appendix D, Functionality of the CAT System, the Plan Processor will provide Participants and the SEC with access to all CAT Data stored in the Central Repository. Regulators will have access to processed CAT Data through two different methods: (1) An online targeted query tool; and (2) user-defined direct queries and bulk extracts. The online targeted query tool will provide authorized users with the ability to retrieve CAT Data via an online query screen that includes the ability to choose from a variety of pre-defined selection criteria. Targeted queries must include date(s) and/or time range(s), as well as one or more of a variety of fields. The user-defined direct queries and bulk extracts will provide authorized users with the ability to retrieve CAT Data via a query tool or language that allows users to query all available attributes and data sources.
Id. at Section 6.10(c)(i).
Id. at Section 6.10(c)(i)(A).
Id.
Id. at Section 6.10(c)(i)(B).
Extraction of CAT Data will be consistent with all permission rights granted by the Plan Processor. All CAT Data returned will be encrypted, and PII data will be masked unless users have permission to view the PII contained in the CAT Data that has been requested.
Id. at Section 6.10(c)(ii).
The proposed CAT NMS Plan defines PII as “personally identifiable information, including a social security number or tax identifier number or similar information.” Id. at Section 1.1.
Id. at Section 6.10(c)(ii).
The Plan Processor will implement an automated mechanism to monitor direct query usage. Such monitoring will include automated alerts to notify the Plan Processor of potential issues with bottlenecks or excessively long queues for queries or CAT Data extractions. The Plan Processor will provide the Operating Committee or its designee(s) details as to how the monitoring will be accomplished and the metrics that will be used to trigger alerts.
Id. at Section 6.10(c)(iii) (providing that “[s]uch monitoring shall include automated alerts to notify the Plan Processor of potential issues with bottlenecks or excessively long queues for queries or CAT Data extractions. The Plan Processor shall provide the Operating Committee or its designee(s) details as to how the monitoring will be accomplished and the metrics that will be used to trigger alerts”).
Id.
Id.
The Plan Processor will reasonably assist regulatory Staff (including those of Participants) with creating queries. Without limiting the manner in which regulatory Staff (including those of Participants) may submit queries, the Plan Processor will submit queries on behalf of regulatory Staff (including those of Participants) as reasonably requested. The Plan Processor will staff a CAT help desk, as described in Appendix D, CAT Help Desk, to provide technical expertise to assist regulatory Staff (including those of Participants) with questions about the content and structure of the CAT Data.
Id. at 6.10(c)(iv).
Id. at Section 6.10(c)(v).
Id. at Section 6.10(c)(vi).
i. Information Security Program
As set forth in Section 6.12, the Plan Processor is required to develop and maintain a comprehensive information security program for the Central Repository that contains, at a minimum, the specific requirements detailed in Appendix D, Data Security. The information security program must be approved and reviewed at least annually by the Operating Committee.
Id. at Section 6.12.
6. Financial Matters
Articles VII and VIII of the Plan address certain financial matters related to the Company. In particular, the Plan states that, subject to certain special allocations provided for in Section 8.2, any net profit or net loss will be allocated among the Participants equally. In addition, subject to Section 10.2, cash and property of the Company will not be distributed to the Participants unless the Operating Committee approves by Supermajority Vote a distribution after fully considering the reason that such distribution must or should be made to the Participants, including the circumstances contemplated under Section 8.3, Section 8.6, and Section 9.3. To the extent a distribution is made, all Participants will participate equally in any such distribution except as otherwise provided in Section 10.2.
Id. at Section 8.1.
Id. at Section 8.5(a).
Id.
Article XI addresses the funding of the Company. On an annual basis the Operating Committee will approve an operating budget for the Company. The budget will include the projected costs of the Company, including the costs of developing and operating the CAT System for the upcoming year, and the sources of all revenues to cover such costs, as well as the funding of any reserve that the Operating Committee reasonably deems appropriate for prudent operation of the Company.
Id. at Section 11.1(a).
Id.
Subject to certain funding principles set forth in Article XI, the Operating Committee will have discretion to establish funding for the Company, including: (1) Establishing fees that the Participants will pay; and (2) establishing fees for Industry Members that will be implemented by Participants. In establishing the funding of the Company, the Operating Committee will seek to: (1) Create transparent, predictable revenue streams for the Company that are aligned with the anticipated costs to build, operate and administer the CAT and the other costs of the Company; (2) establish an allocation of the Company's related costs among Participants and Industry Members that is consistent with the Exchange Act, taking into account the timeline for implementation of the CAT and distinctions in the securities trading operations of Participants and Industry Members and their relative impact upon Company resources and operations; (3) establish a tiered fee structure in which the fees charged to: (a) CAT Reporters that are Execution Venues, including Alternative Trading Systems (“ATSs”), are based upon the level of market share, (b) Industry Members' non-ATS activities are based upon message traffic, and (c) the CAT Reporters with the most CAT-related activity (measured by market share and/or message traffic, as applicable) are generally comparable (where, for these comparability purposes, the tiered fee structure takes into consideration affiliations between or among CAT Reporters, whether Execution Venues and/or Industry Members); (4) provide for ease of billing and other administrative functions; (5) avoid any disincentives such as placing an inappropriate burden on competition and a reduction in market quality; and (6) build financial stability to support the Company as a going concern. The Participants will file with the SEC under Section 19(b) of the Exchange Act any such fees on Industry Members that the Operating Committee approves, and such fees will be labeled as “Consolidated Audit Trail Funding Fees.”
Id. at Section 11.1(b).
Id. at Section 11.2.
Id. at Section 11.1(b).
To fund the development and implementation of the CAT, the Company will time the imposition and collection of all fees on Participants and Industry Members in a manner reasonably related to the timing when the Company expects to incur such development and implementation costs. In determining fees for Participants and Industry Members, the Operating Committee shall take into account fees, costs and expenses (including legal and consulting fees and expenses) incurred by the Participants on behalf of the Company prior to the Effective Date in connection with the creation and implementation of the CAT, and such fees, costs and expenses shall be fairly and reasonably shared among the Participants and Industry Members. Consistent with Article XI, the Operating Committee will adopt policies, procedures, and practices regarding the budget and budgeting process, assignment of tiers, resolution of disputes, billing and collection of fees, and other related matters. As a part of its regular review of fees for the CAT, the Operating Committee will have the right to change the tier assigned to any particular Person pursuant to this Article XI. Any such changes will be effective upon reasonable notice to such Person.
Id. at Section 11.1(c).
Id.
Id. at Section 11.1(d).
The Commission notes that Section 11.1(b) of the CAT NMS Plan states that the Participants would file fees for Industry Members approved by the Operating Committee with the Commission. The Operating Committee may only change the tier to which a Person is assigned in accordance with a fee schedule filed with the Commission.
See CAT NMS Plan, supra note 5, at Section 11.1(d).
The Operating Committee will establish fixed fees to be payable by Execution Venues as follows. Each Execution Venue that executes transactions, or, in the case of a national securities association, has trades reported by its members to its trade reporting facility or facilities for reporting transactions effected otherwise than on an exchange, in NMS Stocks or OTC Equity Securities will pay a fixed fee depending on the market share of that Execution Venue in NMS Stocks and OTC Equity Securities. The Operating Committee will establish at least two and no more than five tiers of fixed fees, based on an Execution Venue's NMS Stocks and OTC Equity Securities market share. For these purposes, market share will be calculated by share volume. In addition, each Execution Venue that executes transactions in Listed Options will pay a fixed fee depending on the Listed Options market share of that Execution Venue. The Operating Committee will establish at least two and no more than five tiers of fixed fees, based on an Execution Venue's Listed Options market share, with market share calculated by contract volume. Changes to the number of tiers after approval of the Plan would require a Supermajority Vote of the Operating Committee and Commission approval under Section 19(b) of the Exchange Act, as would the establishment of the initial fee schedule and any changes to the fee schedule within the tier structure.
Id. at Section 11.3(a)(i).
Id.
Id.
Id. at Section 11.3(a)(ii).
Id.
The Commission notes that the Participants could choose to submit the proposed fee schedule to the Commission as individual SROs pursuant to Rule 19b-4 or jointly as Participants to an NMS plan pursuant to Rule 608 of Regulation NMS. Because the proposed fee schedule would establish fees, whether the Participants individually file it pursuant to Section 19(b)(3)(A)(ii) of the Act, or jointly file it pursuant to Rule 608(b)(3)(i) of Regulation NMS, the proposed fee schedule could take effect upon filing with the Commission. See 15 U.S.C. 78s(b)(3)(A)(ii); 17 CFR 242.608(b)(3)(i); see also Section IV.F, infra.
The Operating Committee also will establish fixed fees payable by Industry Members, based on the message traffic generated by such Industry Member. The Operating Committee will establish at least five and no more than nine tiers of fixed fees, based on message traffic. For the avoidance of doubt, the fixed fees payable by Industry Members pursuant to this paragraph will, in addition to any other applicable message traffic, include message traffic generated by: (1) An ATS that does not execute orders that is sponsored by such Industry Member; and (2) routing orders to and from any ATS system sponsored by such Industry Member.
See CAT NMS Plan, supra note 5, at Section 11.3(b).
Id.
Id.
Furthermore, the Operating Committee may establish any other fees ancillary to the operation of the CAT that it reasonably determines appropriate, including: fees for the late or inaccurate reporting of information to the CAT; fees for correcting submitted information; and fees based on access and use of the CAT for regulatory and oversight purposes (and not including any reporting obligations).
As it relates to fees that the Operating Committee may impose for access and use of the CAT for regulatory and oversight purposes, the Commission interprets the provisions in the Plan relating to the collection of fees as applying only to Participants and Industry Members, and thus the Commission would not be subject to such fees. See Section IV.F, infra, for further discussion regarding the funding of the Company.
The Company will make publicly available a schedule of effective fees and charges adopted pursuant to the Plan as in effect from time to time. Such schedule will be developed after the Plan Processor is selected. The Operating Committee will review the fee schedule on at least an annual basis and will make any changes to such fee schedule that it deems appropriate. The Operating Committee is authorized to review the fee schedule on a more regular basis, but will not make any changes on more than a semi-annual basis unless, pursuant to a Supermajority Vote, the Operating Committee concludes that such change is necessary for the adequate funding of the Company.
See CAT NMS Plan, supra note 5, at Section 11.3(d).
Id.
Id.; see also supra note 309.
Id.
The Operating Committee will establish a system for the collection of fees authorized under the Plan. The Operating Committee may include such collection responsibility as a function of the Plan Processor or another administrator. Alternatively, the Operating Committee may use the facilities of a clearing agency registered under Section 17A of the Exchange Act to provide for the collection of such fees.
Id. at Section 11.4.
Id.
Id.
Each Participant will require each Industry Member to pay all applicable fees authorized under Article XI within thirty days after receipt of an invoice or other notice indicating payment is due (unless a longer payment period is otherwise indicated). If an Industry Member fails to pay any such fee when due, such Industry Member will pay interest on the outstanding balance from such due date until such fee is paid at a per annum rate equal to the lesser of: (1) The Prime Rate plus 300 basis points; or (2) the maximum rate permitted by applicable law. Each Participant will pay all applicable fees authorized under Article XI as required by Section 3.7(b).
Id.
Id.
Id.
Disputes with respect to fees the Company charges Participants pursuant to Article XI will be determined by the Operating Committee or a Subcommittee designated by the Operating Committee. Decisions by the Operating Committee on such matters shall be binding on Participants, without prejudice to the rights of any Participant to seek redress from the SEC pursuant to SEC Rule 608 or in any other appropriate forum. The Participants will adopt rules requiring that disputes with respect to fees charged to Industry Members pursuant to Article XI be determined by the Operating Committee or a Subcommittee. Decisions by the Operating Committee or Subcommittee on such matters will be binding on Industry Members, without prejudice to the rights of any Industry Member to seek redress from the SEC pursuant to SEC Rule 608 or in any other appropriate forum.
Id. at Section 11.5.
Id.
Id.
Id.
7. Amendments
Section 12.3 of the CAT NMS Plan, which governs amendments to the Plan, states that, except with respect to the addition of new Participants (Section 3.3), the transfer of Company Interest (Section 3.4), the termination of a Participant's participation in the Plan (Section 3.7), amendments to the Selection Plan (Section 5.3 [sic]) and special allocations (Section 8.2), any change to the Plan requires a written amendment authorized by the affirmative vote of not less than two-thirds of all of the Participants, or with respect to Section 3.8 by the affirmative vote of all the Participants. Such proposed amendment must be approved by the Commission pursuant to Rule 608 or otherwise becomes effective under Rule 608. Notwithstanding the foregoing, to the extent that the Commission grants exemptive relief applicable to any provision of the LLC Agreement, Participants and Industry Members will be entitled to comply with such provision pursuant to the terms of the exemptive relief so granted at the time such relief is granted irrespective of whether the LLC Agreement has been amended.
Id. at Section 12.3.
Id.
Id.
8. Compliance Rule Applicable to Industry Members
Under Article III, each Participant agrees to comply with and enforce compliance by its Industry Members with the provisions of Rule 613 and the Plan, as applicable, to the Participant and its Industry Members. Accordingly, the Participants will endeavor to promulgate consistent rules (after taking into account circumstances and considerations that may impact Participants differently) requiring compliance by their respective Industry Members with the provisions of Rule 613 and the Plan.
Id. at Section 3.11.
Id.
9. Plan Appendices
The Plan includes three appendices. Appendix A provides the Consolidated Audit Trail National Market System Plan Request for Proposal, as issued February 26, 2013 and subsequently updated. In addition, Rule 613(a)(1) requires that the Plan discuss twelve considerations that explain the choices made by the Participants to meet the requirements specified in Rule 613 for the CAT. In accordance with this requirement, the Participants have addressed each of the twelve considerations in Appendix C. Finally, Appendix D describes the technical requirements for the Plan Processor.
Appendix B is reserved for future use.
As mentioned, Appendix C discusses the various “considerations” regarding how the Participants propose to develop and implement the CAT required to be discussed by Rule 613. These considerations, include: (i) The reporting of data to the Central Repository, including the sources of the data and the manner in which the Central Repository will receive, extract, transform, load, and retain the data; (ii) the time and method by which the data in the Central Repository will be made available to regulators; (iii) the reliability and accuracy of the data reported to and maintained by the Central Repository throughout its lifecycle; (iv) the security and confidentiality of the information reported to the Central Repository; (v) the flexibility and scalability of the systems used by the Central Repository to collect, consolidate and store CAT Data; (vi) the feasibility, benefits and costs of broker-dealers reporting certain information to the CAT in a timely manner; (vii) an analysis of expected benefits and estimated costs for creating, implementing, and maintaining the CAT pursuant to the proposed CAT NMS Plan; (viii) an analysis of the proposed CAT NMS Plan's impact on competition, efficiency, and capital formation; (ix) a plan to eliminate rules and systems that will be rendered duplicative by the CAT; (x) objective milestones to assess progress toward the implementation of the proposed CAT NMS Plan; (xi) the process by which Participants solicited views of members and other parties regarding creation, implementation, and maintenance of CAT and a summary of these views and how the Participants took them into account in preparing the CAT NMS Plan; and (xii) a discussion of reasonable alternative approaches that the Participants considered to create, implement, and maintain the CAT.
See CAT NMS Plan, supra note 5, at Appendix C, Sections A.1-6, B.7-8, C.9-10.
The technical requirements discussed in Appendix D to the CAT NMS Plan, CAT NMS Plan Processor Requirements, include an outline of minimum functional and technical requirements established by the Participants of the CAT NMS Plan for the Plan Processor. Appendix D provides the Plan Processor with details and guidelines for compliance with the requirements contained in Article VI that are not expressly stated therein.
Appendix D also outlines technical architecture, capacity and data retention requirements for the Central Repository, as well as describes the types of data that would be reported to the Central Repository and the sources of such information. The Appendix outlines specific requirements relating to reporting data, linking data, validating and processing data and timing for availability to regulators. Appendix D further discusses how regulators would be able to access and use the data. It also provides requirements related to data security, and specific requirements governing how Customer and Customer Account Information must be captured and stored, separate from transactional data. Appendix D outlines requirements for the Plan Processor's disaster recovery and business continuity plans. Finally, Appendix D describes plans for technical, operational, and business support to CAT Reporters for all aspects of reporting, and describes how upgrades and new functionality would be incorporated.
Id. at Appendix D, Sections 1.1, 1.3-1.4.
Id. at Appendix D, Section 2.1.
Id. at Appendix D, Sections 3, 6.1-6.2, 7.2.
Id. at Appendix D, Section 8.1.
Id. at Appendix D, Sections 4.1, 9.1.
Id. at Appendix D, Sections 5.3-5.4.
Id. at Appendix D, Sections 10, 11.
10. Reporting Procedures
The CAT NMS Plan requires CAT Reporters to comply with specific reporting procedures when reporting CAT Data to the Central Repository. Specifically, CAT Reporters must format CAT Data to comply with the format specifications approved by the Operating Committee. CAT Reporters must record CAT Data contemporaneously with the applicable Reportable Event and report such data to the Central Repository by 8:00 a.m. ET on the next Trading Day. The obligation to report CAT Data applies to “each NMS Security registered or listed for trading on [a national securities] exchange or admitted to unlisted trading privileges on such exchange,” and “each Eligible Security for which transaction reports are required to be submitted to such [national securities] association.” Further, the Participants are required to adopt Compliance Rules that require Industry Members, subject to their SRO jurisdiction, to report CAT Data.
Id. at Sections 6.3-6.4; Appendix D, at Section 2.1.
Id. at Sections 6.3(a), 6.4(a). The CAT NMS Plan also requires that the Operating Committee-approved format must be a format specified by the Plan Processor and Rule 613 compliant.
Id. at Sections 6.3(b)(i), 6.4(b)(i).
Id. at Sections 6.3(b)(ii); 6.4(b)(ii); Appendix C, Section A.1(a)(ii). Participants may voluntarily report CAT Data prior to the 8:00 a.m. ET deadline. Id. The CAT NMS Plan defines “Trading Day” as the date “as is determined by the Operating Committee.” The CAT NMS Plan also provides that “the Operating Committee may establish different Trading Days for NMS Stocks (as defined in SEC Rule 600(b)(47), Listed Options, OTC Equity Securities, and any other securities that are included as Eligible Securities from time to time.”) Id. at Section 1.1.
See CAT NMS Plan, supra note 5, at Sections 6.3(c)(i)-(ii), 6.4(c)(i)-(ii).
The CAT NMS Plan defines the “Compliance Rule” to mean “with respect to a Participant, the rules promulgated by such Participant as contemplated by Section 3.11.” Id. at Section 1.1. Section 3.11 of the CAT NMS Plan provides that “each Participant shall comply with and enforce compliance, as required by SEC Rule 608(c), by its Industry Members with the provisions of SEC Rule 613 and of [the LLC Agreement], as applicable, to the Participant and its Industry Members. The Participants shall endeavor to promulgate consistent rules (after taking into account circumstances and considerations that may impact Participants differently) requiring compliance by their respective Industry Members with the provisions of SEC Rule 613 and [the LLC Agreement].” Id. at Section 3.11.
See id. at Section 6.4(c)(i)-(ii).
The CAT NMS Plan requires specific data elements of CAT Data that must be recorded and reported to the Central Repository upon: (i) “original receipt or origination of an order,” (ii) “routing of an order,” and (iii) “receipt of an order that has been routed.” Additionally, the CAT NMS Plan requires that a CAT Reporter must record and report data related to an “order [that] is modified or cancelled,” and an “order [that] is executed, in whole or in part,” as well as “other information or additional events as may be prescribed in Appendix D, Reporting and Linkage Requirements.” The CAT NMS Plan also requires Industry Member CAT Reporters to report additional data elements for (i) an “order [that] is executed, in whole or in part,” (ii) a “trade [that] is cancelled,” or (iii) “original receipt or origination of an order.” Further, each Participant shall, through Compliance Rules, require Industry Members to record and report to the Central Repository information or additional events as may be prescribed to accurately reflect the complete lifecycle of each Reportable Event.
For “original receipt or origination of an order,” the CAT NMS Plan specifies the following data elements: (i) Firm Designated ID(s) for each Customer; (ii) CAT-Order-ID; (iii) SRO-Assigned Market Participant Identifier of the Industry Member receiving or originating the order; (iv) date of order receipt or origination; (v) time of order receipt or origination (using timestamps pursuant to Section 6.8 of the CAT NMS Plan); and (vi) Material Terms of the Order. Id. at Section 6.3(d)(i).
For “routing of an order,” the CAT NMS Plan specifies the following data elements: (i) CAT-Order-ID; (ii) date on which the order is routed; (iii) time at which the order is routed (using timestamps pursuant to Section 6.8 of the CAT NMS Plan); (iv) SRO-Assigned Market Participant Identifier of the Industry Member or Participant routing the order; (v) SRO-Assigned Market Participant Identifier of the Industry Member or Participant to which the order is being routed; (vi) if routed internally at the Industry Member, the identity and nature of the department or desk to which the order is routed; and (vii) Material Terms of the Order. Id. at Section 6.3(d)(ii).
For “receipt of an order that has been routed,” the CAT NMS Plan specifies the following data elements: (i) CAT-Order-ID; (ii) date on which the order is received; (iii) time at which the order is received (using timestamps pursuant to Section 6.8); (iv) SRO-Assigned Market Participant Identifier of the Industry Member or Participant receiving the order; (v) SRO-Assigned Market Participant Identifier of the Industry Member or Participant routing the order; and (vi) Material Terms of the Order. Id. at Section 6.3(d)(iii).
For an “order [that] is modified or cancelled,” the CAT NMS Plan specifies the following data elements: (i) CAT-Order-ID; (ii) date the modification or cancellation is received or originated; (iii) time at which the modification or cancellation is received or originated (using timestamps pursuant to Section 6.8 of the CAT NMS Plan); (iv) price and remaining size of the order, if modified; (v) other changes in the Material Terms of the Order, if modified; and (vi) whether the modification or cancellation instruction was given by the Customer or was initiated by the Industry Member or Participant. Id. at Section 6.3(d)(iv).
For an “order [that] is executed, in whole or in part,” the CAT NMS Plan specifies the following data elements: (i) CAT-Order-ID; (ii) date of execution; (iii) time of execution (using timestamps pursuant to Section 6.8 of the CAT NMS Plan); (iv) execution capacity (principal, agency or riskless principal); (v) execution price and size; (vi) SRO-Assigned Market Participant Identifier of the Participant or Industry Member executing the order; and (vii) whether the execution was reported pursuant to an effective transaction reporting plan or the Plan for Reporting of Consolidated Options Last Sale Reports and Quotation Information. Id. at Section 6.3(d)(v).
See id. at Section 6.3(d)(vi).
For an “order [that] is executed, in whole or in part,” the CAT NMS Plan specifies the following additional data elements: (i) an Allocation Report; (ii) SRO-Assigned Market Participant Identifier of the clearing broker or prime broker, if applicable; and (iii) CAT-Order-ID of any contra-side order(s). Id. at Section 6.4(d)(ii)(A).
For a “trade [that] is cancelled,” the CAT NMS Plan specifies the following additional data element: a cancelled trade indicator. Id. at Section 6.4(d)(ii)(B).
For “original receipt or origination of an order,” the CAT NMS Plan specifies the following additional data element(s): the Firm Designated ID, Customer Account Information, and Customer Identifying Information for the relevant Customer. Id. at Section 6.4(d)(ii)(C).
Id. at Appendix D, Section 3.
11. Timeliness of Data Reporting
Section 6.3(b)(ii) of the CAT NMS Plan requires each Participant to report Participant Data to the Central Repository by 8:00 a.m. ET on the Trading Day following the day the Participant records such data. Additionally, a Participant may voluntarily report such data prior to this deadline. Section 6.4(b)(ii) states that each Participant shall, through its Compliance Rule, require its Industry Members to report Recorded Industry Member Data to the Central Repository by 8:00 a.m. ET on the Trading Day following the day the Industry Member records such data, and Received Industry Member Data to the Central Repository by 8:00 a.m. ET on the Trading Day following the day the Industry Member receives such data. Section 6.4(b)(ii) of the CAT NMS Plan also states that each Participant shall, through its Compliance Rule, permit its Industry Members to voluntarily report such data prior to the applicable 8:00 a.m. ET deadline.
Id. at Section 6.3(b)(ii); see also id. at Appendix C, Section A.1(a)(ii); Appendix D, Sections 3.1, 6.1.
Id. at Section 6.3(b)(ii).
Id. at Section 6.4(b)(ii).
Id.
12. Uniform Format
The CAT NMS Plan does not mandate the format in which data must be reported to the Central Repository. Appendix D states that the Plan Processor will determine the electronic format in which data must be reported, and that the format will be described in the Technical Specifications. Appendix C specifies that CAT Reporters could be required to report data either in a uniform electronic format, or in a manner that would allow the Central Repository to convert the data to a uniform electronic format, for consolidation and storage. Similarly, Sections 6.3(a) and 6.4(a) of the CAT NMS Plan require that CAT Reporters report data to the Central Repository in a format or formats specified by the Plan Processor, approved by the Operating Committee, and compliant with Rule 613.
Id. at Appendix C, Section D.12(f); see also id. at Appendix C, Section A.1(a).
Id. at Appendix D, Section 2.1. Appendix D states that more than one format may be allowed to support the various market participants that would report information to the Central Repository. Id.; see also id. at Section 6.9.
Id. at Appendix C, Section A.1(b).
Id. at Sections 6.3(a), 6.4(a).
The CAT NMS Plan requires that data reported to the Central Repository be stored in an electronic standard format. Specifically, Section 6.5(b)(i) of the CAT NMS Plan requires the Central Repository to retain the information collected pursuant to Rule 613(c)(7) and (e)(7) in a convenient and usable standard electronic data format that is directly available and searchable electronically without any manual intervention by the Plan Processor for a period of not less than six (6) years. Such data must be linked when it is made available to the Participant's regulatory Staff and the Commission.
Pursuant to the Plan, for data consolidation and storage, as noted above, such data must be reported in a uniform electronic format or in a manner that would allow the Central Repository to convert the data to a uniform electronic format. Id. at Appendix C, Section A.1(b).
Id. at Section 6.5(b)(i).
Id.
13. Symbology
The CAT NMS Plan also addresses the symbology that CAT Reporters must use when reporting CAT Data. The CAT NMS Plan requires CAT Reporters to report data using the listing exchange's symbology. The CAT NMS Plan requires the Plan Processor to create and maintain a symbol history and mapping table, as well as provide a tool to regulators and CAT Reporters showing the security's complete symbol history, along with a start-of-day and end-of-day list of reportable securities for use by CAT Reporters, in .csv format, by 6:00 a.m. on each trading day. The Participants will be responsible for providing the Plan Processor with issue symbol information, and issue symbol validation must be included in the processing of data submitted by CAT Reporters.
Id. at Appendix D, Section 2.
Id. at Appendix C, Section A.1(a).
14. CAT-Reporter-ID
Sections 6.3 and 6.4 of the CAT NMS Plan require CAT Reporters to record and report to the Central Repository an SRO-Assigned Market Participant Identifier for orders and certain Reportable Events to be used by the Central Repository to assign a unique CAT-Reporter-ID for purposes of identifying each CAT Reporter associated with an order or Reportable Event (the “Existing Identifier Approach”). The CAT NMS Plan requires the reporting of SRO-Assigned Market Participant Identifiers of: The Industry Member receiving or originating an order; the Industry Member or Participant from which (and to which) an order is being routed; the Industry Member or Participant receiving (and routing) a routed order; the Industry Member or Participant executing an order, if an order is executed; and the clearing broker or prime broker, if applicable, if an order is executed. An Industry Member would report to the Central Repository its existing SRO-Assigned Market Participant Identifier used by the relevant SRO specifically for transactions occurring at that SRO. Similarly, an exchange reporting CAT Reporter information would report data using the SRO-Assigned Market Participant Identifier used by the Industry Member on that exchange or its systems. Over-the-counter (“OTC”) orders and Reportable Events would be reported with an Industry Member's FINRA SRO-Assigned Market Participant Identifier.
The CAT NMS Plan defines an “SRO-Assigned Market Participant Identifier” as “an identifier assigned to an Industry Member by an SRO or an identifier used by a Participant.” Id. at Section 1.1.
Rule 613 defines a CAT-Reporter-ID as “a code that uniquely and consistently identifies [a CAT Reporter] for purposes of providing data to the central repository.” 17 CFR 242.613(j)(2).
The SROs requested exemptive relief from Rule 613 so that the CAT NMS Plan may permit the Existing Identifier Approach, which would allow a CAT Reporter to report an existing SRO-Assigned Market Participant Identifier in lieu of requiring the reporting of a universal CAT-Reporter-ID. See Exemptive Request Letter, supra note 21, at 19. The Commission granted exemptive relief on March 1, 2016 in order to allow this alternative to be included in the CAT NMS Plan and subject to notice and comment. See Exemption Order, supra note 21.
See CAT NMS Plan, supra note 5, at Sections 6.3(d)(i), 6.4(d)(i).
Id. at Sections 6.3(d)(ii), 6.4(d)(i).
Id. at Sections 6.3(d)(iii), 6.4(d)(i).
Id. at Sections 6.3(d)(v), 6.4(d)(i).
Id. at Section 6.4(d)(ii)(A)(2). Industry Members are required by the CAT NMS Plan to record and report this information. Id. at Section 6.4(d)(ii).
See Exemption Order, supra note 21, at 31-41.
See id. at 20.
Id.
The CAT NMS Plan requires the Plan Processor to develop and maintain the mechanism to assign (and to change, if necessary) CAT-Reporter-IDs. For the Central Repository to link the SRO-Assigned Market Participant Identifier to the CAT-Reporter-ID, each SRO must submit, on a daily basis, all SRO-Assigned Market Participant Identifiers used by its Industry Members (or itself), as well as information to identify the corresponding market participant (for example, a CRD number or Legal Entity Identifier (“LEI”) to the Central Repository. Additionally, each Industry Member shall be required to submit to the Central Repository information sufficient to identify such Industry Member (e.g., CRD number or LEI, as noted above). The Plan Processor would use the SRO-Assigned Market Participant Identifiers and identifying information (i.e., CRD number or LEI) to assign a CAT-Reporter-ID to each Industry Member and SRO for internal use across all data within the Central Repository. The Plan Processor would create and maintain a database in the Central Repository that would map the SRO-Assigned Market Participant Identifiers to the appropriate CAT-Reporter-ID.
See CAT NMS Plan, supra note 5, at Appendix D, Section 10.1. Changes to CAT-Reporter-IDs must be reviewed and approved by the Plan Processor. Id. The CAT NMS Plan also requires the Central Repository to generate and assign a unique CAT-Reporter-ID to all reports submitted to the system based on sub-identifiers that are currently used by CAT Reporters in their order handling and trading processes (described in the Exemption Request as SRO-assigned market participant identifiers). Id. at Appendix D, Section 3; see also Exemption Order, supra note 21, at 31-41.
See CAT NMS Plan, supra note 5, at Section 6.3(e)(i).
Id. at Section 6.4(d)(vi).
See Exemption Order, supra note 21, at 31-41.
Id. at 20.
The CAT must be able to capture, store, and maintain current and historical SRO-Assigned Market Participant Identifiers. The SRO-Assigned Market Participant Identifier must also be included on the Plan Processor's acknowledgment of its receipt of data files from a CAT Reporter or Data Submitter, on daily statistics provided by the Plan Processor after the Central Repository has processed data, and on a secure Web site that the Plan Processor would maintain that would contain each CAT Reporter's daily reporting statistics. In addition, data validations by the Plan Processor must include confirmation of a valid SRO-Assigned Market Participant Identifier.
Id. at Appendix D, Section 2.
See id. at Appendix D, Section 7.1.
See id. at Appendix D, Section 7.2.
See id. at Appendix D, Section 10.1.
See id. at Appendix D, Section 7.2. The CAT NMS Plan also notes that both the CAT-Reporter-ID and the SRO-Assigned Market Participant Identifier would be data fields for the online targeted query tool described in the CAT NMS Plan as providing authorized users with the ability to retrieve processed and/or validated (unlinked) data via an online query screen. See id. at Appendix D, Section 8.1.1.
15. Customer-ID
a. Customer Information Approach
Rule 613(c)(7)(i)(A) requires that for the original receipt or origination of an order, a CAT Reporter report the “Customer-ID(s) for each Customer.” “Customer-ID” is defined in Rule 613(j)(5) to mean “with respect to a customer, a code that uniquely and consistently identifies such customer for purposes of providing data to the Central Repository.” Rule 613(c)(8) requires that “[a]ll plan sponsors and their members shall use the same Customer-ID and CAT-Reporter-ID for each customer and broker-dealer.”
17 CFR 242.613(j)(5).
In Appendix C, the Participants describe the “Customer Information Approach,” an alternative approach to the requirement that a broker-dealer report a Customer-ID for every Customer upon original receipt or origination of an order. Under the Customer Information Approach, the CAT NMS Plan would require each broker-dealer to assign a unique Firm Designated ID to each Customer. As the Firm Designated ID, broker-dealers would be permitted to use an account number or any other identifier defined by the firm, provided each identifier is unique across the firm for each business date (i.e., a single firm may not have multiple separate customers with the same identifier on any given date). According to the CAT NMS Plan, broker-dealers would submit an initial set of Customer information to the Central Repository, including, as applicable, the Firm Designated ID, the Customer's name, address, date of birth, individual tax payer identifier number (“ITIN”)/social security number (“SSN”), individual's role in the account (e.g., primary holder, joint holder, guardian, trustee, person with power of attorney) and LEI, and/or Large Trader ID (“LTID”), if applicable, which would be updated as set forth in the CAT NMS Plan.
The SROs requested exemptive relief from Rule 613 so that the CAT NMS Plan may permit the Customer Information Approach, which would require each broker-dealer to assign a unique Firm Designated ID to each trading account and to submit an initial set of information identifying the Customer to the Central Repository, in lieu of requiring each broker-dealer to report a Customer-ID for each Customer upon the original receipt or origination of an order. See Exemptive Request Letter, supra note 21, at 12. The Commission granted exemptive relief on March 1, 2016 in order to allow this alternative to be included in the CAT NMS Plan and subject to notice and comment. See Exemption Order, supra note 21.
See CAT NMS Plan, supra note 5, at Appendix C, Section A.1(a)(iii).
Id. The CAT NMS Plan defines a “Firm Designated ID” as “a unique identifier for each trading account designated by Industry Members for purposes of providing data to the Central Repository, where each such identifier is unique among all identifiers from any given Industry Member for each business date.” See id. at Section 1.1.
Id. at Appendix C, Section A.1(a)(iii).
The CAT NMS Plan provides that where a validated LEI is available for a Customer or entity, this may obviate a need to report other identifier information (e.g., Customer name, address, EIN). Id. at Appendix C, Section A.1(a)(iii) n.31.
The CAT NMS Plan states that the Participants anticipate that Customer information that is initially reported to the CAT could be limited to Customer accounts that have, or are expected to have, CAT Reportable Event activity. For example, the CAT NMS Plan notes accounts that are considered open, but have not traded Eligible Securities in a given time frame, may not need to be pre-established in the CAT, but rather could be reported as part of daily updates after they have CAT Reportable Event activity. Id. at Appendix C, Section A.1(a)(iii) n.32.
Under the Customer Information Approach, broker-dealers would be required to report only the Firm Designated ID for each new order submitted to the Central Repository, rather than the “Customer-ID” as defined by Rule 613(c)(j)(5) and as required by Rule 613(c)(7)(i)(A), and the Plan Processor would associate specific Customers and their Customer-IDs with individual order events based on the reported Firm Designated IDs. Within the Central Repository, each Customer would be uniquely identified by identifiers or a combination of identifiers such as an ITIN/SSN, date of birth, and, as applicable, LEI and LTID. The Plan Processor would be required to use these unique identifiers to map orders to specific Customers across all broker-dealers. To ensure information identifying a Customer is updated, broker-dealers would be required to submit to the Central Repository daily updates for reactivated accounts, newly established or revised Firm Designated IDs, or associated reportable Customer information.
See id. at Appendix C, Section A.1(a)(iii). The CAT NMS Plan also requires Industry Members to report “Customer Account Information” upon the original receipt of origination of an order. See CAT NMS Plan, supra note 5, at Sections 1.1, 6.4(d)(ii)(C).
See CAT NMS Plan, supra note 5, at Appendix C, Section A.1(a)(iii).
Id.
The CAT NMS Plan notes that because reporting to the CAT is on an end-of-day basis, intra-day changes to information could be captured as part of the daily updates to the information. To ensure the completeness and accuracy of Customer information and associations, in addition to daily updates, broker-dealers would be required to submit periodic full refreshes of Customer information to the CAT. The scope of the “full” Customer information refresh would need to be further defined, with the assistance of the Plan Processor, to determine the extent to which inactive or otherwise terminated accounts would need to be reported. Id. at Appendix C, Section A.1(a)(iii) n.33.
Appendix C provides additional requirements that the Plan Processor must meet under the Customer Information Approach. The Plan Processor must maintain information of sufficient detail to uniquely and consistently identify each Customer across all CAT Reporters, and associated accounts from each CAT Reporter, and must document and publish, with the approval of the Operating Committee, the minimum list of attributes to be captured to maintain this association. In addition, the Plan Processor must maintain valid Customer and Customer Account Information for each trading day and provide a method for Participants and the Commission to easily obtain historical changes to that information (e.g., name changes, address changes). The Plan Processor also must design and implement a robust data validation process for submitted Firm Designated IDs, Customer Account Information and Customer Identifying Information, and be able to link accounts that move from one CAT Reporter to another due to mergers and acquisitions, divestitures, and other events. Under the Customer Information Approach, Industry Members will initially submit full account lists for all active accounts to the Plan Processor and subsequently submit updates and changes on a daily basis. Finally, the Plan Processor must have a process to periodically receive full account lists to ensure the completeness and accuracy of the account database.
See id. at Appendix C, Section A.1(a)(iii).
Id. Section 9.1 of Appendix D also addresses, among other things, the minimum attributes that CAT must capture for Customers and the validation process for such attributes. Id. at Appendix D, Section 9.1.
Id. at Appendix D, Section 9.1. In relevant part, “Customer Account Information” is defined in the Plan to include, but not be limited to, account number, account type, customer type, date account opened, and large trader identifier (if applicable). See id. at Section 1.1.
See id. at Appendix C, Section A.1(a)(iii).
Id. The CAT NMS Plan defines “Customer Identifying Information” to mean “information of sufficient detail to identify a Customer, including, but not limited to, (a) with respect to individuals: Name, address, date of birth, individual tax payer identification number (“ITIN”)/social security number (“SSN”), individual's role in the account (e.g., primary holder, joint holder, guardian, trustee, person with the power of attorney); and (b) with respect to legal entities: Name, address, Employer Identification Number (“EIN”)/LEI) or other comparable common entity identifier, if applicable; provided, however, where the LEI or other common entity identifier is provided, information covered by such common entity identifier (e.g., name, address) would not need to be separately submitted to the Central Repository.” See id. at Section 1.1.
Id. at Appendix C, Section A.1(a)(iii).
Id.
b. Account Effective Date vs. Account Open Date
Rule 613(c)(7)(viii)(B) requires broker-dealers to report to the Central Repository “Customer Account Information” upon the original receipt or origination of an order. The CAT NMS Plan defines “Customer Account Information” to include, in part, the Customer's account number, account type, customer type, date account opened and LTID (if applicable). The Plan, however, provides that in two limited circumstances, a broker-dealer could report the “Account Effective Date” in lieu of the date an account was opened. The first circumstance is where a relationship identifier—rather than an actual parent account—has been established for an institutional Customer relationship. In this case, no account open date is available for the institutional Customer parent relationship because there is no parent account, and for the same reason, there is no account number or account type available. Thus, the Plan provides that in this circumstance, a broker-dealer could report the “Account Effective Date” of the relationship in lieu of an account open date. Further, the Plan provides that where such an institutional Customer relationship was established before the broker-dealer's obligation to report audit trail data, the “Account Effective Date” would be either (i) the date the broker-dealer established the relationship identifier, or (ii) the date when trading began (i.e., the date the first order was received) using the relevant relationship identifier, and if both dates are available and differ, the earlier date. Where such relationships are established after the broker-dealer's obligation to report audit trail data is required, the “Account Effective Date” would be the date the broker-dealer established the relationship identifier and would be no later than the date the first order was received. Regardless of when the relationship was established for such institutional Customers, the Plan provides that broker-dealers may report the relationship identifier in place of Rule 613(c)(7)(viii)(B)'s requirement to report the “account number,” and report “relationship” in place of “account type.”
17 CFR 242.613(c)(7)(viii)(B). “Customer Account Information” is defined in Rule 613(j)(4) to “include, but not be limited to, account number, account type, customer type, date account opened, and large trader identifier (if applicable).” 17 CFR 242.613(j)(4).
See CAT NMS Plan, supra note 5, at Section 1.1.
Id. The SROs requested exemptive relief from Rule 613 so that the CAT NMS Plan may permit broker-dealers to report to the Central Repository the “effective date” of an account in lieu of requiring each broker-dealer to report the date the account was opened in certain limited circumstances. See Exemptive Request Letter, supra note 21, at 13. The Commission granted exemptive relief on March 1, 2016 in order to allow this alternative to be included in the CAT NMS Plan and subject to notice and comment. See Exemption Order, supra note 21.
See Exemption Order, supra note 21; see also September 2015 Supplement, supra note 21, at 4-5.
See September 2015 Supplement, supra note 21, at 6.
See CAT NMS Plan, supra note 5, at Section 1.1.
Id.
Id.
Id.
The second circumstance where a broker-dealer may report the “Account Effective Date” rather than the date an account was opened as required in Rule 613(c)(7)(viii)(B) is when particular legacy system data issues prevent a broker-dealer from providing an account open date for any type of account (i.e., institutional, proprietary or retail) that was established before the CAT's implementation. According to the Plan, these legacy system data issues may arise because:
Id.; see also September 2015 Supplement, supra note 21, at 7-9.
(1) A broker-dealer has switched back office providers or clearing firms and the new back office/clearing firm system identifies the account open date as the date the account was opened on the new system;
(2) A broker-dealer is acquired and the account open date becomes the date that an account was opened on the post-merger back office/clearing firm system;
(3) Certain broker-dealers maintain multiple dates associated with accounts in their systems and do not designate in a consistent manner which date constitutes the account open date, as the parameters of each date are determined by the individual broker-dealer; or
(4) No account open date exists for a proprietary account of a broker-dealer.
See CAT NMS Plan, supra note 5, at Section 1.1.
Thus, when legacy systems data issues arise due to one of the four reasons above and no account open date is available, the Plan provides that broker-dealers would be permitted to report an “Account Effective Date” in lieu of an account open date. When the legacy systems data issues and lack of account open date are attributable to above reasons (1) or (2), the “Account Effective Date” would be the date the account was established, either directly or via a system transfer, at the relevant broker-dealer. When the legacy systems data issues and lack of account open date are attributable to above reason (3), the “Account Effective Date” would be the earliest available date. When the legacy systems data issues and lack of account open date are attributable to above reason (4), the “Account Effective Date” would be (i) the date established for the proprietary account in the broker-dealer or its system(s), or (ii) the date when proprietary trading began in the account, i.e., the date on which the first order was submitted from the account.
Id.
Id.
Id.
Id.
c. Modification/Cancellation
Rule 613(c)(7)(iv)(F) requires that “[t]he CAT-Reporter-ID of the broker-dealer or Customer-ID of the person giving the modification or cancellation instruction” be reported to the Central Repository. Because the Customer Information Approach no longer requires, as permitted by the Exemption Order, that a Customer-ID be reported upon original receipt or origination of an order, and because reporting the Customer-ID of the specific person that gave the modification or cancellation instruction would result in an inconsistent level of information regarding the identity of the person giving the modification or cancellation instruction versus the identity of the Customer that originally received or originated an order, Section 6.3(d)(iv)(F) of the CAT NMS Plan modifies the requirement in Rule 613 and instead requires CAT Reporters to report whether the modification or cancellation instruction was “given by the Customer or was initiated by the Industry Member or Participant.”
17 CFR 242.613(c)(7)(iv)(F) (emphasis added).
See CAT NMS Plan, supra note 5, at Section 6.3(d)(iv)(F). The SROs requested exemptive relief from Rule 613 so that the CAT NMS Plan may permit CAT Reporters to report whether a modification or cancellation instruction was given by the Customer associated with the order, or was initiated by the broker-dealer or exchange associated with the order, in lieu of requiring CAT Reporters to report the Customer-ID of the person giving the modification or cancellation instruction. See Exemptive Request Letter, supra note 21, at 12-13. The Commission granted exemptive relief on March 1, 2016 in order to allow this alternative to be included in the CAT NMS Plan and subject to notice and comment. See Exemption Order, supra note 21.
16. Order Allocation Information
Section 6.4(d)(ii)(A)(1) of the CAT NMS Plan provides that each Participant through its Compliance Rule must require that Industry Members record and report to the Central Repository an Allocation Report that includes the Firm Designated ID when an execution is allocated in whole or part. The CAT NMS Plan defines an Allocation Report as “a report made to the Central Repository by an Industry Member that identifies the Firm Designated ID for any account(s), including subaccount(s), to which executed shares are allocated and provides the security that has been allocated, the identifier of the firm reporting the allocation, the price per share of shares allocated, the side of shares allocated, the number of shares allocated to each account, and the time of the allocation.” The CAT NMS Plan explains, for the avoidance of doubt, that an Allocation Report shall not be required to be linked to particular orders or executions.
See CAT NMS Plan, supra note 5, at Section 6.4(d)(ii)(A)(1); see also April 2015 Supplement, supra note 21. The SROs requested exemptive relief from Rule 613 so that the CAT NMS Plan may permit Industry Members to record and report to the Central Repository an Allocation Report that includes the Firm Designated ID when an execution is allocated in whole or part in lieu of requiring the reporting of the account number for any subaccount to which an execution is allocated, as is required by Rule 613. See Exemptive Request Letter, supra note 21, at 26-27. The Commission granted exemptive relief on March 1, 2016 in order to allow this alternative to be included in the CAT NMS Plan and subject to notice and comment. See Exemption Order, supra note 21.
See CAT NMS Plan, supra note 5, at Section 1.1; see also April 2015 Supplement, supra note 21.
See CAT NMS Plan, supra note 5, at Section 1.1.
17. Options Market Maker Quotes
Section 6.4(d)(iii) of the CAT NMS Plan states that, with respect to the reporting obligations of an Options Market Maker under Sections 6.3(d)(ii) and (iv) regarding its quotes in Listed Options, such quotes shall be reported to the Central Repository by the relevant Options Exchange in lieu of reporting by the Options Market Maker. Section 6.4(d)(iii) further states that each Participant that is an Options Exchange shall, through its Compliance Rule, require its Industry Members that are Options Market Makers to report to the Options Exchange the time at which a quote in a Listed Option is sent to the Options Exchange (and, if applicable, the time of any subsequent quote modification and/or cancellation where such modification or cancellation is originated by the Options Market Maker). Such time information also shall be reported to the Central Repository by the Options Exchange in lieu of reporting by the Options Market Maker.
Rule 613(c)(7) provides that the CAT NMS Plan must require reporting of the details for each order and each Reportable Event, including the routing and modification or cancellation of an order. 17 CFR 242.613(c)(7). Rule 613(j)(8) defines “order” to include “any bid or offer.” 17 CFR 242.613(j)(8).
See CAT NMS Plan, supra note 5, at Section 6.4(d)(iii). The SROs requested exemptive relief from Rule 613 so that the CAT NMS Plan may permit Options Market Maker quotes to be reported to the Central Repository by the relevant Options Exchange in lieu of requiring that such reporting be done by both the Options Exchange and the Options Market Maker, as is required by Rule 613. See Exemptive Request Letter, supra note 21, at 2. In accord with the exemptive relief requested, the SROs committed to require Options Market Makers to report to the Exchange the time at which a quote in a Listed Option is sent to the Options Exchange. Id. at 3. The Commission granted exemptive relief on March 1, 2016 in order to allow this alternative to be included in the CAT NMS Plan and subject to notice and comment. See Exemption Order, supra note 21.
See CAT NMS Plan, supra note 5, at Section 6.4(d)(iii).
Id.
18. Primary Market Transactions, Debt Securities and Futures
Rule 613 and the CAT NMS Plan do not require the reporting of audit trail data for Primary Market Transactions, debt securities, and futures. However, Rule 613(i) requires that, within six months after the effective date of the CAT NMS Plan, the SROs shall jointly provide to the Commission “a document outlining how such exchanges and associations could incorporate into the consolidated audit trail information with respect to equity securities that are not NMS securities, debt securities, primary market transactions in equity securities that are not NMS securities, and primary market transactions in debt securities, including details for each order and reportable event that may be required to be provided, which market participants may be required to provide the data, an implementation timeline, and a cost estimate.”
The CAT NMS Plan defines “Primary Market Transaction” to mean “any transaction other than a secondary market transaction and refers to any transaction where a Person purchases securities in an offering.” Id. at Section 1.1.
The Commission notes that in the CAT NMS Plan some non-NMS equities (specifically, OTC equity securities) are required to be reported. Id. at Sections 1.1, 6.3 (requiring Eligible Securities data to be reported, and where Eligible Securities is defined as all NMS securities and all OTC equity securities).
See 17 CFR 242.613(i); see also CAT NMS Plan, supra note 5, at Section 6.11. The CAT NMS Plan defines “NMS Securities” to mean “any security or class of securities for which transaction reports are collected, processed, and made available pursuant to an effective transaction reporting plan, or an effective national market system plan for reporting transactions in Listed Options.” See CAT NMS Plan, supra note 5, at Section 1.1. The CAT NMS Plan defines “OTC Equity Securities” as “any equity security, other than an NMS Security, subject to prompt last sale reporting rules of a registered national securities association and reported to one of such association's equity trade reporting facilities.” Id.
19. Error Rates
The CAT NMS Plan defines Error Rate as “the percentage of [R]eportable [E]vents collected by the [C]entral [R]epository in which the data reported does not fully and accurately reflect the order event that occurred in the market.” Under the CAT NMS Plan, the Operating Committee sets the maximum Error Rate that the Central Repository would tolerate from a CAT Reporter reporting data to the Central Repository. The Operating Committee reviews and resets the maximum Error Rate, at least annually. If a CAT Reporter reports CAT Data to the Central Repository with errors such that their error percentage exceeds the maximum Error Rate, then such CAT Reporter would not be in compliance with the CAT NMS Plan or Rule 613. As such, “the Participants as Participants or the SEC may take appropriate action for failing to comply with the reporting obligations under the CAT NMS Plan and SEC Rule 613.” The CAT NMS Plan, however, does not detail what specific compliance enforcement provisions would apply if a CAT Reporter exceeds the maximum Error Rate.
See CAT NMS Plan, supra note 5, at Section 1.1; see also Rule 613(j)(6).
Id. at Section 6.5(d)(i).
Id. at Appendix C, Section A.3(b).
Id. at Appendix C, Section A.3(b); Rule 613(g)-(h).
Id. at Appendix C, Section A.3(b).
See Notice, supra note 5, at 30645.
The CAT NMS Plan sets the initial maximum Error Rate at 5% for any data reported pursuant to subparagraphs (3) and (4) of Rule 613(c). The SROs highlight that “the Central Repository will require new reporting elements and methods for CAT Reporters and there will be a learning curve when CAT Reporters begin to submit data to the Central Repository” in support of a 5% initial rate. Further, the SROs state that “many CAT Reporters may have never been obligated to report data to an audit trail.” The SROs believe an initial maximum Error Rate of 5% “strikes the balance of making allowances for adapting to a new reporting regime, while ensuring that the data provided to regulators will be capable of being used to conduct surveillance and market reconstruction.” In the CAT NMS Plan, the Participants compared the contemplated Error Rates of CAT Reporters to the error rates of OATS reporters in the time periods immediately following three significant OATS releases in the last ten years. The Participants state that for the three comparative OATS releases : An average of 2.42% of order events did not pass systemic validations; an average of 0.36% of order events were not submitted in a timely manner; an average of 0.86% of orders were unsuccessfully matched to a trade reporting facility trade report; an average of 3.12% of OATS Route Reports were unsuccessfully matched to an exchange order; and an average of 2.44% of OATS Route Reports were unsuccessfully matched to a report by another reporting entity.
See CAT NMS Plan, supra note 5, at Section 6.5(d)(i).
Id. at Appendix C, Section A.3(b).
Id.
Id.
Id. The SROs note that the three comparative releases are known as “(1) OATS Phase III, which required manual orders to be reported to OATS; (2) OATS for OTC Securities which required OTC equity securities to be reported to OATS; and (3) OATS for NMS which required all NMS stocks to be reported to OATS.” Id.
Id. The SROs note that the calculated “combined average error rates for the time periods immediately following [the OATS] release across five significant categories for these three releases” was used in setting in the initial maximum Error Rate. Id.
Id.
The Participants, moreover, anticipate reviewing and resetting the maximum Error Rate once Industry Members (excluding Small Industry Members) begin to report to the Central Repository and again once Small Industry Members report to the Central Repository.
Id.
The Participants thus propose a phased approach to lowering the maximum Error Rates among CAT Reporters based on the period of time reporting to the Central Repository and whether the CAT Reporters are Participants, large broker-dealers or small broker-dealers. The Plan sets forth a goal of the following maximum Error Rates where “Year(s)” refers to year(s) after the CAT NMS Plan's date of effectiveness:
Id.
Id.
Table 1—Maximum Error Rates Schedule
One year (%) | Two years (%) | Three years (%) | Four years (%) | |
---|---|---|---|---|
Participants | 5 | 1 | 1 | 1 |
Large Industry Members | N/A | 5 | 1 | 1 |
Small Industry Members | N/A | N/A | 5 | 1 |
The CAT NMS Plan requires the Plan Processor to: (i) Measure and report errors every business day; (ii) provide CAT Reporters daily statistics and error reports as they become available, including a description of such errors; (iii) provide monthly reports to CAT Reporters that detail a CAT Reporter's performance and comparison statistics; (iv) define educational and support programs for CAT Reporters to minimize Error Rates; and (v) identify, daily, all CAT Reporters exceeding the maximum allowable Error Rate. To timely correct data-submitted errors to the Central Repository, the Participants require that the Central Repository receive and process error corrections at all times. Further, the CAT NMS Plan requires that CAT Reporters be able to submit error corrections to the Central Repository through a web-interface or via bulk uploads or file submissions, and that the Plan Processor, subject to the Operating Committee's approval, support the bulk replacement of records and the reprocessing of such records. The Participants, furthermore, require that the Plan Processor identify CAT Reporter data submission errors based on the Plan Processor's validation processes.
Id. The CAT NMS Plan sets forth that the Plan Processor shall provide the Operating Committee with regular Error Rate reports. Id. at Section 6.1(o)(v). The Error Rate reports shall include each of the following—if the Operating Committee deems them necessary or advisable—“Error Rates by day and by delta over time, and Compliance Thresholds by CAT Reporter, by Reportable Event, by age before resolution, by symbol, by symbol type (e.g., ETF and Index) and by event time (by hour and cumulative on the hour)[.]” Id.
See id. at Appendix C, Section A.3(b).
See id.
See id. at Appendix D, Section 10.1. The CAT NMS Plan sets forth support programs that shall include educational programs, including FAQs, a dedicated help desk, industry-wide trainings, certifications, industry-wide testing, maintaining Technical Specifications with defined intervals for new releases/updates, emailing CAT Reporter data outliers, conducting annual assessments, using test environments prior to releasing new code to production, and imposing CAT Reporter attendance requirements for testing sessions and educational and industry-wide trainings. Id.
See id. at Appendix D, Section 10.4.
See id. at Appendix C, Section A.3(b).
See id.
See id. At a minimum, the processes would include validating the data's file format, CAT Data format, type, consistency, range, logic, validity, completeness, timeliness and linkage. See id. at Appendix D, Section 7.2.
20. Retirement of Existing Trade and Order Data Rules and Systems
a. Duplicative or Partially Duplicative Rules and Systems
As required by Rule 613(a)(1)(ix), the CAT NMS Plan provides a plan to eliminate rules and systems that will be rendered duplicative by the CAT. Under the CAT NMS Plan, each Participant will initiate an analysis of its rules and systems to determine which require information that is duplicative of the information available to the Participants through the Central Repository. The CAT NMS Plan states that each Participant has begun reviewing its rulebook and is waiting for the publication of the final reporting requirements to the Central Repository to complete its analysis. According to the Plan, each Participant should complete its analysis within twelve months after Industry Members (other than Small Industry Members) are required to begin reporting data to the Central Repository (or a later date to be determined by each Participant if sufficient data is not available to complete the analysis in that timeframe).
See CAT NMS Plan, supra note 5, at Section 6.7(d); Appendix C, Section C.9.
Id. at Appendix C, Section C.9.
Similarly, the CAT NMS Plan provides that each Participant will analyze which of its rules and systems require information that is partially duplicative of the information available to the Participants through the Central Repository. According to the CAT NMS Plan, this analysis should include a determination as to: (i) Whether the Participant should continue to collect the duplicative information available in the Central Repository; (ii) whether the Participant can use the duplicative information made available in the Central Repository without degrading the effectiveness of the Participant's rules or systems; and (iii) whether the Participant should continue to collect the non-duplicative information or, alternatively, whether it should be added to information collected by the Central Repository. The CAT NMS Plan states that each Participant has begun reviewing its rulebook and is waiting for the publication of the final reporting requirements to the Central Repository to complete its analysis. According to the Plan, each Participant should complete this analysis within eighteen months after Industry Members (other than Small Industry Members) are required to begin reporting data to the Central Repository (or a later date to be determined by each Participant if sufficient data is not available to complete the analysis in that timeframe).
Id.
Id.
The CAT NMS Plan also discusses the elimination of specific trade and order data collection systems that may be duplicative or partially duplicative of CAT. With respect to FINRA's OATS, the CAT NMS Plan notes that FINRA's ability to retire OATS is dependent on whether the Central Repository contains complete and accurate CAT Data that is sufficient to ensure that FINRA can effectively conduct surveillance and investigations of its members for potential violations of FINRA rules and federal laws and regulations. Based on an analysis conducted by the Participants, there are 33 data elements currently captured in OATS that are not specified in SEC Rule 613. The Plan notes that the Participants believe it is appropriate to incorporate data elements into the Central Repository that are necessary to retire OATS, and that these additional data elements will increase the likelihood that the Central Repository will include sufficient order information to ensure that FINRA can continue to perform its surveillance with CAT Data rather than OATS data and can more quickly eliminate OATS. However, the Plan notes that OATS cannot be entirely eliminated until all FINRA members who currently report to OATS are reporting to the Central Repository, and that there will likely be some period of dual reporting until FINRA can verify that the data in the Central Repository is of sufficient quality for surveillance purposes and that data reported to the Central Repository meets the Error Rate standards set out in the CAT NMS Plan. With respect to rules and systems other than OATS, the CAT NMS Plan notes that based on preliminary industry analyses, broker-dealer recordkeeping and large trader reporting requirements under SEC Rule 17h-1 could potentially be eliminated. The Plan, however, notes that large trader self-identification and reporting responsibilities on Form 13H appear not be covered by the CAT.
Id.
Id.
Id.
Id.
Based on these analyses of duplicative or partially duplicative rules, the CAT NMS Plan provides that each Participant will prepare appropriate rule change filings to implement the rule modifications or deletions that can be made. The rule change filings should describe the process for phasing out the requirements under the relevant rule. Under the CAT NMS Plan, each Participant will file with the SEC the relevant rule change filing to eliminate or modify its rules within six months of the Participant's determination that such modification or deletion is appropriate. Similarly, the CAT NMS Plan provides that each Participant will analyze the most appropriate and expeditious timeline and manner for eliminating duplicative and partially duplicative rules and systems. Upon the Commission's approval of relevant rule changes, each Participant will implement this timeline. In developing these timelines, each Participant must consider when the quality of CAT Data will be sufficient to meet the surveillance needs of the Participants (i.e., to sufficiently replace current reporting data) before existing rules and systems can be eliminated.
Id.
Id.
Id.
b. Non-Duplicative Rules and Systems
The CAT NMS Plan provides that each Participant will conduct an analysis to determine which of its rules and systems related to monitoring quotes, orders, and executions provide information that is not rendered duplicative by the CAT. Under the CAT NMS Plan, each Participant must analyze: (i) Whether collection of such information remains appropriate; (ii) if still appropriate, whether such information should continue to be separately collected or should instead be incorporated into the consolidated audit trail; and, (iii) if no longer appropriate, how the collection of such information could be efficiently terminated, the steps the Participants would need to take to seek Commission approval for the elimination of such rules and systems, and a timetable for such elimination. Each Participant should complete this analysis within eighteen months after Industry Members (other than Small Industry Members) are required to begin reporting data to the Central Repository (or a later date to be determined by each Participant if sufficient data is not available to complete the analysis in that timeframe).
Id.
Id.
c. Elimination of SEC Rules
In addition, to the extent that the Commission eliminates rules that require information that is duplicative of information available through the Central Repository, the CAT NMS Plan provides that each Participant will analyze its rules and systems to determine whether any modifications to such rules or systems are necessary (e.g., to delete references to outdated SEC rules) to support data requests made pursuant to such SEC rules. Each Participant should complete its analysis within three months after the SEC approves the deletion or modification of an SEC rule related to the information available through the Central Repository. The CAT NMS Plan also provides that Participants will coordinate with the Commission regarding modification of the CAT NMS Plan to include information sufficient to eliminate or modify those Exchange Act rules or systems that the Commission deems appropriate.
Id.
Id.
21. Regulatory Access
Under Section 6.5(c) of the CAT NMS Plan and as discussed above, the Plan Processor must provide regulators access to the Central Repository for regulatory and oversight purposes and create a method of accessing CAT Data that includes the ability to run complex searches and generate reports. Section 6.10(c) requires regulator access by two different methods: (1) An online targeted query tool with predefined selection criteria to choose from; and (2) user-defined direct queries and bulk extractions of data via a query tool or language allowing querying of all available attributes and data sources. Additional requirements concerning regulator access appear in Section 8 of Appendix D.
Id. at Section 6.5(c). Appendix C provides objective milestones to assess progress concerning regulator access to the Central Repository. See id. at Appendix C, Section C.10(d).
Id. at Section 6.10(c). Section 6.10(c) also requires the Plan Processor to reasonably assist regulatory Staff with queries, submit queries on behalf of regulatory Staff as requested, and maintain a help desk to assist regulatory Staff with questions concerning CAT Data. Id.
See id. at Appendix D, Section 8.
The CAT NMS Plan requires that the CAT must support a minimum of 3,000 regulatory users and at least 600 such users accessing the CAT concurrently without an unacceptable decline in performance. Moreover, the CAT must support an arbitrary number of user roles and, at a minimum, include defined roles for both basic and advanced regulatory users.
Id. at Appendix D, Section 8.1.
Id.
a. Online Targeted Query Tool
Sections 8.1.1, 8.1.2, and 8.1.3 of Appendix D contain further specifications for the online targeted query tool. The tool must allow for retrieval of processed and/or validated (unlinked) data via an online query screen that includes a choice of a variety of pre-defined selection criteria. Targeted queries must include date(s) and/or time range(s), as well as one or more of a variety of fields listed in Section 8.1.1 (e.g., product type, CAT-Reporter-ID, and Customer-ID). Targeted queries would be logged such that the Plan Processor could provide monthly reports to the SROs and the SEC concerning metrics on performance and data usage of the search tool. The CAT NMS Plan further requires that acceptable response times for the targeted search be in increments of less than one minute; for complex queries scanning large volumes of data or large result sets (over one million records) response times must be available within 24 hours of the request; and queries for data within one business date of a 12-month period must return results within three hours regardless of the complexity of criteria. Under the CAT NMS Plan, regulators may access all CAT Data except for PII data (access to which would be limited to an authorized subset of Participant and Commission employees) and the Plan Processor must work with regulators to implement a process for providing them with access and routinely verifying a list of active users.
Id. at Appendix D, Sections 8.1.1-8.1.3.
Id. at Appendix D, Section 8.1.1.
Id.
Id.
Id. at Appendix D, Section 8.1.2. Appendix D, Section 8.1.2 contains further performance requirements applicable to data and the architecture of the online query tool. Id.
Id. at Appendix D, Section 8.1.3.
b. User-Defined Direct Queries and Bulk Extraction of Data
Section 8.2 of Appendix D outlines the requirements for user-defined direct queries and bulk extraction of data, which regulators would use to obtain large data sets for internal surveillance or market analysis. Under the CAT NMS Plan, regulators must be able to create, save, and schedule dynamic queries that would run directly against processed and/or unlinked CAT Data. Additionally, CAT must provide an open application program interface (“API”) that allows use of analytic tools and database drivers to access CAT Data. Queries submitted through the open API must be auditable and the CAT System must contain the same level of control, monitoring, logging, and reporting as the online targeted query tool. The Plan Processor must also provide procedures and training to regulators that would use the direct query feature. Sections 8.2.1 and 8.2.2 of Appendix D contain additional specifications for user-defined direct queries and bulk data extraction, respectively.
Id. at Appendix D, Section 8.2.
Id.
Id.
Id. Direct queries must not return or display PII data but rather display non-PII unique identifiers (e.g., Customer-ID or Firm Designated ID). The PII corresponding to these identifiers could be gathered using the PII workflow described in Appendix D, Data Security, PII Data Requirements. See id. at Appendix D, Section 4.1.6.
Id. at Appendix D, Section 8.2.
Id. at Appendix D, Sections 8.2.1 and 8.2.2.
c. Regulatory Access Schedule
Section A.2 of Appendix C addresses the time and method by which CAT Data would be available to regulators. Section A.2(a) requires that data be available to regulators any point after the data enters the Central Repository and passes basic format validations. After errors are communicated to CAT Reporters on T+1, CAT Reporters would be required to report corrected data back to the Central Repository by 8:00 a.m. ET on T+3. Regulators must then have access to corrected and linked order and Customer data by 8:00 a.m. ET on T+5. Section A.2(b) generally describes Bidders' approaches regarding regulator access and use of CAT Data and notes that although the SROs set forth the standards the Plan Processor must meet, they do not endorse any particular approach. Section A.2(c) outlines requirements the Plan Processor must meet for report building and analysis regarding data usage by regulators, consistent with, and in addition to, the specifications outlined in Section 8 of Appendix D.
Id. at Appendix C, Section A.2.
Id. at Appendix C, Section A.2(a). Appendix C, Section A.3(e) indicates this would be no later than noon EST on T+1. Id. at Appendix C, Section A.3(e).
Id. at Appendix C, Section A.1(a)(iv); Appendix D, Section 6.1.
Id. at Appendix C, Section A.2(a).
Id. at Appendix C, Section A.2(b).
Id. at Appendix C, Section A.2(c). Appendix C, Section A.2(d) addresses system service level agreements that the SROs and Plan Processor would enter into. Id. at Appendix C, Section A.2(d).
22. Upgrades and New Functionalities
Under Article VI of the CAT NMS Plan, the Plan Processor is responsible for consulting with the Operating Committee and implementing necessary upgrades and new functionalities. In particular, the Plan Processor would be required to, consistent with Appendix D, Upgrade Process and Development of New Functionality, design and implement appropriate policies and procedures governing the determination to develop new functionality for the CAT including, among other requirements, a mechanism by which changes can be suggested by Advisory Committee members, Participants, or the SEC. The Plan Processor shall, on an ongoing basis and consistent with any applicable policies and procedures, evaluate and implement potential system changes and upgrades to maintain and improve the normal day-to-day operating function of the CAT System. In consultation with the Operating Committee, the Plan Processor shall, on an as-needed basis and consistent with any applicable operational and escalation policies and procedures, implement such material system changes and upgrades as may be required to ensure effective functioning of the CAT System. Also in consultation with the Operating Committee, the Plan Processor shall, on an as-needed basis, implement system changes and upgrades to the CAT System to ensure compliance with applicable laws, regulations or rules (including those promulgated by the Commission or any Participant).
Id. at Section 6.1(d)(iv). Such policies and procedures also shall: (A) Provide for the escalation of reviews of proposed technological changes and upgrades (including as required by Section 6.1(i) and Section 6.1(j) or as otherwise appropriate) to the Operating Committee; and (B) address the handling of surveillance, including coordinated, SEC Rule 17d-2 or RSA surveillance queries and requests for data. Id.
Id. at Section 6.1(i). Section 11 of Appendix D sets out the obligations of the Plan Processor with respect to the requirements discussed above (e.g., to develop a process to add functionality to CAT, including reviewing suggestions submitted by the Commission). The Plan Processor must create a defined process for developing impact assessments, including implementation timelines for proposed changes, and a mechanism by which functional changes that the Plan Processor wishes to undertake could be reviewed and approved by the Operating Committee. Section 11 further states that the Plan Processor must implement a process to govern changes to CAT (including “business-as-usual” changes and isolated infrastructure changes). Further, Section 11 states that the Plan Processor is required to implement a process governing user testing of changes to CAT functionality and infrastructure. See id. at Appendix D, Section 11.
Id. at Section 6.1(j).
Id. at Section 6.1(k).
Appendix D provides additional detail about the obligations of the Plan Processor with respect to CAT Functional Changes, CAT Infrastructure Changes, and Testing of New Changes. In particular, the Plan Processor is required to propose a process for considering new functions, which must include a mechanism for suggesting changes to the Operating Committee from Advisory Committee members, the Participants and the Commission. The process must also include a method for developing impact assessments, including implementation timelines for proposed changes, and a mechanism by which functional changes that the Plan Processor wishes to undertake could be reviewed and approved by the Operating Committee.
Id. at Appendix D, Section 11.
Id. at Appendix D, Section 11.1.
The CAT NMS Plan also requires that the Plan Processor develop a similar process to govern the changes to the Central Repository—i.e., business-as-usual changes that could be performed by the Plan Processor with only a summary report to the Operating Committee, and infrastructure changes that would require approval by the Operating Committee. Finally, a process for user testing of new changes must be developed by the Plan Processor.
Id. at Appendix D, Section 11.2.
Id. at Appendix D, Section 11.3.
In addition, the CAT NMS Plan requires that the Plan Processor ensure that the Central Repository's technical infrastructure is scalable (to increase capacity to handle increased reporting volumes); adaptable (to support future technology developments so that new requirements could be incorporated); and current (to ensure, through maintenance and upgrades, that technology is kept current, supported, and operational).
See id. at Appendix C, Section A.5(a).
23. Business Continuity and Disaster Recovery
The CAT NMS Plan provides that the Plan Processor must develop disaster recovery and business continuity plans to support the continuation of CAT business operations. The Plan Processor is required to provide the Operating Committee with regular reports on the CAT System's operation and maintenance that specifically address Participant usage statistics for the Plan Processor and the Central Repository, including capacity planning studies and daily reports called for by Appendix D, as well as business continuity planning and disaster recovery issues for the Plan Processor and the Central Repository, taking into account the business continuity planning and disaster recovery requirements in the Business Continuity Planning/Disaster Recovery (“BCP/DR”) Process set forth in Appendix D.
Id. at Appendix D, Sections 5.3-5.4.
Id. at Section 6.1(o)(iii).
The CAT NMS Plan requires the Business Continuity Plan to address protection of data, service for data submissions, processing, data access, support functions and operations. Additionally, the Plan Processor must develop a process to manage and report breaches. A secondary site that is fully equipped for immediate use must be selected to house critical staff necessary for CAT business operations, and planning should consider operational disruption and significant staff unavailability, but the Business Continuity Plan must also establish an effective telecommuting solution for critical staff which must ensure that CAT Data may not be downloaded to equipment that is not CAT-owned or compliant with CAT security requirements. The Business Continuity Plan will include a bi-annual test of CAT operations from the secondary site, and CAT operations staff must maintain and annually test remote access to ensure smooth operations in case of a “site un-availability event.” The Business Continuity Plan must also identify critical third-party dependencies to be involved in tests on an annual basis, and the Plan Processor will develop and annually test a crisis management plan to be invoked in specified circumstances. The Plan Processor must also conduct the following: An annual Business Continuity Audit using an Independent Auditor approved by the Operating Committee; and regular third party risk assessments to verify that security controls are in accordance with NIST SP 800-53. Appendix C mandates the use of a hot-warm structure for disaster recovery, where in the event of a disaster, the software and data would need to be loaded into the backup site for it to become operational.
Id. at Appendix D, Section 5.1.
Id. at Appendix D, Section 5.2.
Id. at Appendix D, Section 5.3.
Id.
Id.
Id.
Id. at Appendix C, Section 12(o). Appendix D, Section 5, provides details on how the CAT's BCP/DR process would be structured. In part, Appendix D states, “[a] secondary processing site must be capable of recovery and restoration of services at the secondary site within a minimum of 48 hours, but with the goal of achieving next day recovery after a disaster event. The selection of the secondary site must consider sites with geographic diversity that do not rely on the same utility, telecom and other critical infrastructure services. The processing sites for disaster recovery and business continuity must adhere to the “Interagency Paper on Sound Practices to Strengthen the Resilience of the U.S. Financial System.” Id. at Appendix D, Section 5.1.
Appendix D also requires that the Plan Processor provide an industry test environment that is discrete and separate from the production environment, but functionally equivalent to the production environment. The industry test environment must have end-to-end functionality meeting the standards of the production SLA, the performance metrics of the production environment, and management with the same information security policies applicable to the production environment. The industry test environment must have minimum availability of 24x6, and must support such things as: Testing of technical upgrades by the Plan Processor, testing of CAT code releases impacting CAT Reporters, testing of changes to industry data feeds, industry-wide disaster recovery testing, individual CAT Reporter and Data Submitter testing of their upgrades against CAT interfaces and functionality, and multiple, simultaneous CAT Reporter testing. The Plan Processor must provide the linkage processing of data submitted during industry-wide testing, as well as support for industry testing.
Id. at Appendix D, Section 1.2.
Id.
Id.
24. Records and Accounting and Dissolution and Termination of the Company
Article IX of the CAT NMS Plan sets forth the Company's obligations and policies related to books and records, accounting, company funds and tax matters. The CAT NMS Plan provides that the Company must maintain complete and accurate books and records of the Company in accordance with Rule 17a-1. The CAT NMS Plan further provides that books and records will be maintained and be made available at the office of the Plan Processor and/or such other Company designated locations. The CAT NMS Plan specifies that all CAT Data and other Company books and records are the property of the Company (and not the property of the Plan Processor), and to the extent in the possession of the Plan Processor, they will be made available to the Commission upon reasonable request.
Id. at Article IX.
17 CFR 240.17a-1. Upon request, representative copies of books and records maintained under Rule 17a-1 must be furnished to the Commission. 17 CFR 240.17a-1(c); see also CAT NMS Plan, supra note 5, at Section 9.1.
See CAT NMS Plan, supra note 5, at Section 9.1.
Id.
Article IX also includes a confidentiality provision (subject to several express carve-outs) wherein the Receiving Party (the Company or a Participant) must hold in confidence information received from a Disclosing Party (the Company or any other Participant); and the Receiving Party may only disclose such information if prior written approval from the Disclosing Party is obtained. The confidentiality provision applies to information that is disclosed in connection with the CAT NMS Plan or the CAT System but expressly carves out the following: (i) CAT Data or information otherwise disclosed pursuant to the requirements of Rule 613; (ii) any information that was already lawfully in the Receiving Party's possession and, to the knowledge of the Receiving Party, free from any confidentiality obligation to the Disclosing Party at the time of receipt from the Disclosing Party; (iii) any information that is, now or in the future, public knowledge; (iv) any information that was lawfully obtained from a third party having the right to disclose it free from any obligation of confidentiality; or (v) any information that was independently developed by the Receiving Party prior to disclosure by a Disclosing Party. Finally, the CAT NMS Plan provides that the confidentiality provision does not restrict disclosures required by: (i) Applicable laws and regulations, stock market or exchange requirements or the rules of any self-regulatory organization having jurisdiction; (ii) an order, subpoena or legal process; or (iii) for the conduct of any litigation or arbitral proceeding among the Participants (and their respective representatives) and/or the Company.
Id. at Section 9.6. The CAT NMS Plan states that the information is disclosed by or on behalf of the Company or a Participant (the “Disclosing Party”) to the Company or any other Participant (the “Receiving Party”) in connection with the Agreement or the CAT System, but excludes any CAT Data or information otherwise disclosed pursuant to the requirements of Rule 613. See CAT NMS Plan, supra note 5, at Section 9.6(a).
17 CFR 242.613.
See CAT NMS Plan, supra note 5, at Section 9.6(a).
Id.
The CAT NMS Plan includes provisions relating to the dissolution of the Company. Any dissolution of the Company requires SEC approval and must be as a result of one of the following events (a “Triggering Event”): (i) Unanimous written consent of the Participants; (ii) an event makes it unlawful or impossible for the Company business to be continued; (iii) the termination of one or more Participants such that there is only one remaining Participant; or (iv) a decree of judicial dissolution. If a Triggering Event has occurred and the SEC approves the Company's dissolution, the Operating Committee would act as liquidating trustee and liquidate and distribute the Company pursuant to the following necessary steps under the CAT NMS Plan: (i) Sell the Company's assets; and (ii) apply and distribute the sale proceeds by first, paying the Company's debts and liabilities; second, establishing reasonably necessary reserves for contingent recourse liabilities and obligations; and third, making a distribution to the Participants in proportion to the balances in their positive Capital Accounts.
Id. at Article X.
Id. at Section 10.1.
Id. at Section 10.2.
25. Security of Data
The CAT NMS Plan provides that the Plan Processor is responsible for the security and confidentiality of all CAT Data received and reported to the Central Repository, including during all communications between CAT Reporters and the Plan Processor, data extraction, data manipulation and transformation, loading to and from the Central Repository, and data maintenance by the Central Repository. The Plan Processor must, among other things, require that individuals with access to the Central Repository agree to use CAT Data only for appropriate surveillance and regulatory activities and to employ safeguards to protect the confidentiality of CAT Data.
See CAT NMS Plan, supra note 5, at Section 6.5(f)(i), (iv)(A).
Id. at Section 6.5(f)(i)(A).
In addition, the Plan Processor must develop a comprehensive information security program as well as a training program that addresses the security and confidentiality of all information accessible from the CAT and the operational risks associated with accessing the Central Repository. The Plan Processor must also designate one of its employees as CISO; among other things, the CISO is responsible for creating and enforcing appropriate policies, procedures, and control structures regarding data security. The Technical Specifications, which the Plan Processor must publish, must include a detailed description of the data security standards for CAT. Appendix D of the CAT NMS Plan sets forth minimum data security requirements for CAT that the Plan Processor must meet.
Id. at Sections 6.1(m), 6.12.
Id. at Section 6.2(b)(i), (v).
Id. at Section 6.9(b)(xi).
Id. at Appendix D, Section 4.
a. General Standards
The CAT NMS Plan provides that the data security standards of the CAT System shall, at a minimum satisfy all applicable regulations regarding database security, including provisions of Reg SCI. Appendix D of the CAT NMS Plan contains a partial list of industry standards to which the Plan Processor will adhere, including standards issued by the NIST; by the Federal Financial Institutions Examination Council, and the International Organization for Standardization.
17 CFR 242.1000-1007; see also CAT NMS Plan, supra note 5, at Section 6.9(b)(xi).
Standards issued by NIST that are explicitly listed in the CAT NMS Plan include NIST Security and Privacy Controls for Federal Information Systems and Organizations (Special Publication 800-53 Rev. 4); NIST Contingency Planning Guide for Federal Information Systems (Special Publication 800-34 Rev. 1), particularly Chapters 3, 4 & 5; NIST Guidelines to Federal Organizations on Security Assurance and Acquisition/Use of Test/Evaluated Products (Special Publication 800-23); NIST Technical Guide to Information Security Testing and Assessment (Special Publication 800-115); NIST Guide to Enterprise Password Management (Special Publication 800-118); NIST Recommendation for Cryptographic Key Generation (Special Publication 800-133); and NIST Information Security Continuous Monitoring for Federal Information Systems and Organizations (Special Publication 800-137). See CAT NMS Plan, supra note 5, at Appendix D, Sections 4.2, 5.2 and 5.3.
Standards issued by the Federal Financial Institutions Examination Council that are explicitly listed in the CAT NMS Plan include FFIEC Authentication Best Practices, and the Federal Financial Institutions Examination Council, Supplement to Authentication in an Internet Banking Environment (June 22, 2011). See CAT NMS Plan, supra note 5, at Appendix D, Sections 4.1.1, 4.2.
Standards issued by the International Organization for Standardization that are explicitly listed in the CAT NMS Plan include ISO/IEC 27001—Information Security Management. See CAT NMS Plan, supra note 5, at Appendix D, Section 4.2. The CAT NMS Plan also states that the CAT System must adhere to the 2003 Interagency White Paper on Sound Practices to Strengthen the Resilience of the U.S. Financial System, Securities Exchange Act Release No. 47638 (April 8, 2003), 68 FR 17809 (April 11, 2003). See CAT NMS Plan, supra note 5, at Appendix D, Section 5.3.
The CAT NMS Plan specifies that the Plan Processor is responsible for the security and confidentiality of all CAT Data received and reported to the Central Repository, including during all communications between CAT Reporters and the Plan Processor, data extraction, data manipulation and transformation, loading to and from the Central Repository, and data maintenance by the Central Repository. The Plan Processor must also designate one of its employees as the CISO; among other things, the CISO is responsible for creating and enforcing appropriate policies, procedures, and control structures regarding data security.
See CAT NMS Plan, supra note 5, at Section 6.5(f)(i), (iv)(A).
Id. at Section 6.2(b)(i), (v).
b. Data Confidentiality
The CAT NMS Plan also requires that the Plan Processor must develop a comprehensive information security program, with a dedicated staff for the Central Repository, that employs state of the art technology, which program will be regularly reviewed by the CCO and CISO, as well as a training program that addresses the security and confidentiality of all information accessible from the CAT and the operational risks associated with accessing the Central Repository. The Plan Processor must also implement and maintain a mechanism to confirm the identity of all individuals permitted to access the CAT Data stored in the Central Repository; maintain a record of all instances where such CAT Data was accessed; and implement and maintain appropriate policies regarding limitations on trading activities of its employees and independent contractors involved with all CAT Data. The Technical Specifications, which will be published after the Plan Processor is selected, must include a detailed description of the data security standards for the CAT.
Id. at Sections 6.1(m), 6.5(f)(i)(C).
Id. at Section 6.5(f)(i)(D), (E).
Id. at Section 6.9.
According to the CAT NMS Plan, the Plan Processor must require that individuals with access to the Central Repository (including the respective employees and consultants of the Participants and the Plan Processor, but excluding employees and Commissioners of the SEC) to agree: (i) To use appropriate safeguards to ensure the confidentiality of the CAT Data stored in the Central Repository and (ii) to not use CAT Data stored in the Central Repository for purposes other than surveillance and regulation in accordance with such individual's employment duties. A Participant, however, is permitted to use the CAT Data it reports to the Central Repository for regulatory, surveillance, commercial or other purposes as permitted by applicable law, rule, or regulation. In addition, the CAT NMS Plan provides that all individuals with access to the Central Repository (including the respective employees and consultants of the Participants and the Plan Processor, but excluding employees and Commissioners of the SEC) must execute a personal “Safeguard of Information Affidavit” in a form approved by the Operating Committee providing for personal liability for misuse of data.
Id. at Section 6.5(f)(i)(A).
Id.
Id. at Section 6.5(f)(i)(B).
c. Data Security
Appendix D of the CAT NMS Plan sets forth minimum data security requirements for CAT that the Plan Processor must meet, including various connectivity, data transfer, and encryption requirements.
See CAT NMS Plan, supra note 5, at Appendix D, Section 4.
Appendix D states that the CAT Systems must have encrypted internet connectivity, and that CAT Reporters must connect to the CAT infrastructure using secure methods such as private lines or, for smaller broker-dealers, Virtual Private Network connections over public lines. Remote access to the Central Repository must be limited to authorized Plan Processor Staff and must use secure “Multi-factor Authentication” (or “MFA”) that meets or exceeds Federal Financial Institutions Examination Council security guidelines surrounding authentication best practices. Appendix D also notes that CAT databases must be deployed within the network infrastructure so that they are not directly accessible from external end-user networks. If public cloud infrastructures are used, Appendix D states that network segments or private tenant segmentation must be used to isolate CAT Data from unauthenticated public access.
Id. at Appendix D, Section 4.1.1.
Id. Multi-factor authentication, or MFA, is a method requiring a person to provide more than one factor (e.g., biometrics/personal information in addition to a password) in order to be validated by the system.). See id. at Appendix C, Section D.12(e), n.250.
See id. at Appendix D, Section 4.1.1.
Id.
Regarding data encryption, Appendix D states that all CAT Data must be encrypted in-flight using industry standard best practices (e.g., SSL/TLS). Appendix D provides that symmetric key encryption must use a minimum key size of 128 bits or greater (e.g., AES-128), though larger keys are preferable. Asymmetric key encryption (e.g., PGP) for exchanging data between Data Submitters and the Central Repository is desirable.
Id. at Appendix D, Section 4.1.2.
Id.
Id.
Appendix D further states that CAT Data stored in a public cloud must be encrypted at-rest. Non-personally identifiable information in CAT Data stored in a Plan Processor private environment is not required to be encrypted at-rest. If public cloud managed services are used that would inherently have access to the data (e.g., BigQuery, S3, Redshift), then the key management surrounding the encryption of that data must be documented (particularly whether the cloud provider manages the keys, or if the Plan Processor maintains that control). Auditing and real-time monitoring of the service for when cloud provider personnel are able to access/decrypt CAT Data must be documented, as well as a response plan to address instances where unauthorized access to CAT Data is detected. Key management/rotation/revocation strategies and key chain of custody must also be documented in detail.
Id.
Id.
Id.
Id.
Id.
Regarding CAT Data storage, the CAT NMS Plan states that data centers housing CAT Systems (whether public or private) must, at a minimum, be SOC 2 certified by an independent third-party auditor. The frequency of the audit must be at least once per year. Furthermore, CAT computer infrastructure may not be commingled with other non-regulatory systems (or tenets, in the case of public cloud infrastructure). Systems hosting the CAT processing for any applications must be segmented from other systems as far as is feasible on a network level (firewalls, security groups, ACL's, VLAN's, authentication proxies/bastion hosts and similar). In the case of systems using inherently shared infrastructure/storage (e.g., public cloud storage services), an encryption/key management/access control strategy that effectively renders the data private must be documented.
Id. at Appendix D, Section 4.1.3.
Id.
Id.
Id.
Id.
Appendix D further requires that the Plan Processor must include penetration testing and an application security code audit by a reputable (and named) third party prior to the launch of CAT as well as periodically as defined in the SLAs. Reports of the audit will be provided to the Operating Committee as well as a remediation plan for identified issues. The penetration test reviews of the Central Repository's network, firewalls, and development, testing and production systems should help the CAT evaluate the systems' security and resiliency in the face of attempted and successful systems intrusions.
Id.
Id.
Id.
The CAT NMS Plan also addresses issues surrounding access to CAT Data. Among other things, the CAT NMS Plan requires the Plan Processor to provide an overview of how access to PII and other CAT Data by Plan Processor employees and administrators is restricted. This overview must include items such as, but not limited to, how the Plan Processor will manage access to the systems, internal segmentation, MFA, separation of duties, entitlement management, and background checks. The Plan Processor must develop and maintain policies and procedures reasonably designed to prevent, detect, and mitigate the impact of unauthorized access or usage of data in the Central Repository. The CAT NMS Plan also specifically states that a Role Based Access Control (“RBAC”) model must be used to permission users with access to different areas of the CAT System. The Plan Processor must log every instance of access to Central Repository data by users. The CAT NMS Plan also has specific provisions related to passwords and logins, particularly as these relate to accessing PII in the Central Repository. Any login to the system that is able to access PII data must follow non-PII password rules and must be further secured via MFA.
Id. at Appendix D, Section 4.1.4.
Id.
Id.
Id.
Id.
See id.
Id.
Appendix D also addresses what should be done in the event there is a breach in the security systems protecting CAT Data. Appendix D requires the Plan Processor to develop policies and procedures governing its responses to systems or data breaches. Such policies and procedures will include a formal cyber incident response plan, and documentation of all information relevant to breaches. The cyber incident response plan will provide guidance and direction during security incidents, and the plan will be subject to approval by the Operating Committee.
Id. at Appendix D, Section 4.1.5.
Id.
Id.
d. Data Access and Use
The CAT NMS Plan states that the Plan Processor shall provide Participants and the Commission with access to and use of the CAT Data stored in the Central Repository solely for the purpose of performing their respective regulatory and oversight responsibilities pursuant to federal securities laws, rules and regulations or any contractual obligations. The Plan specifies that Participants shall establish, maintain and enforce written policies and procedures reasonably designed to ensure the confidentiality of the CAT Data obtained from the Central Repository and limit the use of CAT Data obtained from the Central Repository to surveillance and regulatory purposes. The CAT NMS Plan provides that Participants must adopt and enforce policies and procedures that implement effective information barriers between each Participant's regulatory and non-regulatory Staff with regard to CAT Data, permit only persons designated by Participants to have access to the CAT Data stored in the Central Repository; and impose penalties for Staff non-compliance with any of its or the Plan Processor's policies and procedures with respect to information security. However, the Plan provides that a Participant may use the Raw Data it reports to the Central Repository for “commercial or other” purposes if not prohibited by applicable law, rule or regulation.
See id. at Section 6.5(c)(i).
Id. at Section 6.5(g). The Commission notes that regulatory purposes includes, among other things, analysis and reconstruction of market events, market analysis and research to inform policy decisions, market surveillance, examinations, investigations, and other enforcement functions. See Notice, supra note 5, at 30649 n.266.
See CAT NMS Plan, supra note 5, at Section 6.5(f)(ii).
Raw Data is defined as “Participant Data and Industry Member Data that has not been through any validation or otherwise checked by the CAT System.” Id. at Section 1.1.
Id. at Section 6.5(h).
Article VI of the CAT NMS Plan requires that the Plan Processor provide regulators access to the Central Repository for regulatory and oversight purposes and create a method of accessing CAT Data that includes the ability to run complex searches and generate reports. Section 6.10(c) of the CAT NMS Plan requires regulator access by two different methods: (i) An online targeted query tool with predefined selection criteria to choose from; and (ii) user-defined direct queries and bulk extractions of data via a query tool or language allowing querying of all available attributes and data sources. Appendix D contains technical details and parameters for use by the Plan Processor in developing the systems that will allow regulators access to CAT Data.
Id. at Section 6.5(c)(i), (ii). Appendix C provides objective milestones to assess progress concerning regulator access to the Central Repository. See id. at Appendix C, Section C.10(d).
Id. at Section 6.10(c)(i). Section 6.10(c) also requires the Plan Processor to reasonably assist regulatory Staff with queries, submit queries on behalf of regulatory Staff as requested, and maintain a help desk to assist regulatory Staff with questions concerning CAT Data. Id. at 6.10(c)(iv)-(vi).
See id. at Appendix D, Section 8.
Appendix C addresses the time and method by which CAT Data would be available to regulators. Specifically, Appendix C requires that data be available to regulators any point after the data enters the Central Repository and passes basic format validations. After errors are communicated to CAT Reporters on a T+1 basis, CAT Reporters would be required to report corrected data back to the Central Repository by 8:00 a.m. ET on T+3. Regulators must then have access to corrected and linked order and Customer data by 8:00 a.m. ET on T+5. Appendix C further outlines requirements the Plan Processor must meet for report building and analysis regarding data usage by regulators, consistent with, and in addition to, the specifications outlined in Appendix D.
Id. at Appendix C, Section A.2.
Id. at Appendix C, Section A.2(a). Appendix C, Section A.3(e) indicates this would be no later than noon EST on T+1. Id. at Appendix C, Section A.3(e).
Id. at Appendix C, Section A.1(a)(iv); Appendix D, Section 6.1.
Id. at Appendix C, Section A.2(a).
Id. at Appendix C, Section A.2(c). Appendix C, Section A.2(d) addresses system service level agreements that the SROs and Plan Processor would enter into. See id. at Appendix C, Section A.2(d).
e. Personally Identifiable Information
According to the CAT NMS Plan, there are two separate categories of CAT Data for data security and confidentiality purposes: (i) PII; and (ii) other data related to orders and trades reported to the CAT. The Plan requires additional levels of protection for PII that is collected from Customers and reported to the Central Repository. For example, the CAT NMS Plan requires that all CAT Data provided to regulators must be encrypted, but that PII data shall be masked unless users have permission to view the CAT Data that has been requested. The Plan requires that all PII data must be encrypted both at-rest and in-flight, including archival data storage methods such as tape backup. Storage of unencrypted PII data is prohibited. The Plan Processor must describe how PII encryption is performed and the key management strategy (e.g., AES-256, 3DES).
See id. at Appendix C, Section A.4.
See id. at Appendix C, Section A.4(a).
See id. at Section 6.10(c)(ii).
Id. at Appendix D, Section 4.1.2
Id.
Id.
An additional protection afforded to PII concerns specific requirements for access. The CAT NMS Plan specifies that by default, users entitled to query CAT Data are not automatically authorized for PII access, and that the process by which a person becomes entitled for PII access, and how they then go about accessing PII data, must be documented by the Plan Processor. Access to PII will be based on a Role Based Access Control (“RBAC”) model, and shall follow the “least privileged” practice of limiting access as much as possible. In this regard, the CAT NMS Plan states that access will be limited to a “need-to-know” basis, and it is expected that the number of people given access to PII associated with Customers and accounts will be much lower than the number granted access to non-PII CAT Data. The CAT NMS Plan further specifies that any login system that is able to access PII must follow non-PII password rules and must be further secured via MFA. MFA authentication for all logins (including non-PII) is required to be implemented by the Plan Processor.
Id. at Appendix D, Section 4.1.6.
Id.
Id. at Appendix C, Section A.4.
Id. at Appendix D, Section 4.1.4. MFA is a method requiring a person to provide more than one factor (e.g., biometrics/personal information in addition to a password) in order to be validated by the system. See CAT NMS Plan, supra note 5, at Appendix C, Section D.12(e), n.250.
See id. at Appendix D, Section 4.1.4.
The CAT NMS Plan also requires that a designated officer or employee at each Participant and the Commission, such as the chief regulatory officer, must, at least annually, review and certify that persons with PII access have appropriately been designated to access PII in light of their respective roles. The CAT NMS Plan requires that a full audit trail of access to the PII collected at the Central Repository—which would include who accessed what data and when—must be maintained, and that the CCO and CISO shall have access to daily PII reports that list all users who are entitled for PII access, as well as the audit trail of all PII access that has occurred for the day being reported on.
Id. at Appendix D, Section 4.1.6.
Id.
The CAT NMS Plan also restricts the circumstances under which PII can be provided to an authorized person. The CAT NMS Plan provides, for example, that PII must not be included in the result set(s) from online or direct query tools, reports or bulk data extraction. Instead, the CAT NMS Plan requires any such results, reports or extractions to be displayed with “non-PII unique identifiers (e.g., Customer-ID or Firm Designated ID).” The CAT NMS Plan states that the PII corresponding to these non-PII identifiers can be gathered by using a separate “PII workflow.”
Id.
Id.
Id.
Finally, the CAT NMS Plan further protects PII by requiring that PII data be stored separately from other CAT Data. The Plan specifies that PII cannot be stored with the transactional CAT Data, and it must not be accessible from public internet connectivity.
Id.
Id.
26. Governing or Constituent Documents
Rule 608 requires copies of all governing or constituent documents relating to any person (other than a self-regulatory organization) authorized to implement or administer such plan on behalf of its sponsors. The Participants will submit to the Commission such documents related to the Plan Processor when the Plan Processor is selected.
See CAT NMS Plan, supra note 5, at Section 6.7(a)(i).
27. Development and Implementation Phases
The terms of the Plan will be effective immediately upon approval of the Plan by the Commission (the “Effective Date”). The Plan sets forth each of the significant phases of development and implementation contemplated by the Plan, together with the projected date of completion of each phase. These include the following, each of which is subject to orders otherwise by the Commission:
Effective Date is defined as “the date of approval of [the CAT NMS Plan] by the Commission.” Id. at Section 1.1.
Id. at Section 6.7, Appendix C, Section C.10.
Within two months after the Effective Date, the Participants will jointly select the winning Shortlisted Bid and the Plan Processor pursuant to the process set forth in Article V. Following the selection of the Initial Plan Processor, the Participants will file with the Commission a statement identifying the Plan Processor and including the information required by Rule 608;
Within four months after the Effective Date, each Participant will, and, through its Compliance Rule, will require its Industry Members to, synchronize its or their Business Clocks and certify to the Chief Compliance Officer (in the case of Participants) or the applicable Participant (in the case of Industry Members) that it has met this requirement;
Within six months after the Effective Date, the Participants must jointly provide to the SEC a document outlining how the Participants could incorporate into the CAT information with respect to equity securities that are not NMS Securities, including Primary Market Transactions in securities that are not NMS Securities, which document will include details for each order and Reportable Event that may be required to be provided, which market participants may be required to provide the data, the implementation timeline, and a cost estimate;
See id. at Section 6.7(a). In the Amendment to the CAT NMS Plan, Section 6.11 excludes OTC Equity Securities from the document the Participants would submit to the Commission, since the Participants plan to include OTC Equity Securities as well as NMS Securities in the initial phase in of CAT. See Notice, supra note 5, at 30634 n.82.
Within one year after the Effective Date, each Participant must report Participant Data to the Central Repository;
Within fourteen months after the Effective Date, each Participant must implement a new or enhanced surveillance system(s);
Within two years after the Effective Date, each Participant must, through its Compliance Rule, require its Industry Members (other than Small Industry Members) to report Industry Member Data to the Central Repository; and
Within three years after the Effective Date, each Participant must, through its Compliance Rule, require its Small Industry Members to provide Industry Member Data to the Central Repository.
See CAT NMS Plan, supra note 5, at Section 6.7(a).
In addition, Industry Members and Participants will be required to participate in industry testing with the Central Repository on a schedule to be determined by the Operating Committee. Furthermore, Appendix C, A Plan to Eliminate Existing Rules and Systems (Rule 613(a)(1)(ix)), and Appendix D, Data Types and Sources, set forth additional implementation details concerning the elimination of rules and systems.
The CCO will appropriately document objective milestones to assess progress toward the implementation of the CAT.
See id. at Section 6.7(b).
As required by Rule 613(a)(1)(x), the CAT NMS Plan also sets forth detailed objective milestones, with projected completion dates, towards CAT implementation. The milestones discussed in the Plan include timeframes for when the Plan Processor will publish Technical Specifications for Participants and Industry Members to report order and market maker quote data and Customer Account Information to the Central Repository, as well as timeframes for connectivity and acceptance testing for the reporting of this information. For example, the Plan Processor will publish Technical Specifications for Industry Member submission of order data one year before Industry Members are required to begin submitting this data to the Central Repository, and the Plan Processor will begin connectivity testing and accepting order data from Industry Members for testing purposes six months before Industry Members are required to begin submitting this data to the Central Repository. The Plan Processor will begin connectivity testing and accepting order and market maker quote data from Participants for testing purposes three months before Participants are required to begin reporting this data to the Central Repository and will publish Technical Specifications for Participant submission of this data six months before Participants are required to submit this data to the Central Repository. The CAT NMS Plan also includes implementation timeframes for the linkage of the lifecycle of order events, regulator access to the Central Repository, and the integration of other data (such as SIP quote and trade data) into the Central Repository.
See CAT NMS Plan, supra note 5, at Appendix C, Section C.10. The CAT NMS Plan requires the CCO to document these objective milestones to assess progress toward the implementation of CAT. See id. at Section 6.7(b).
“Customer Account Information” shall include, but not be limited to, account number, account type, customer type, date account opened, and large trader identifier (if applicable); except, however, that (a) in those circumstances in which an Industry Member has established a trading relationship with an institution but has not established an account with that institution, the Industry Member will (i) provide the Account Effective Date in lieu of the “date account opened”; (ii) provide the relationship identifier in lieu of the “account number”; and (iii) identify the “account type” as a “relationship”; (b) in those circumstances in which the relevant account was established prior to the implementation date of the CAT NMS Plan applicable to the relevant CAT Reporter (as set forth in Rule 613(a)(3)(v) and (vi)), and no “date account opened” is available for the account, the Industry Member will provide the Account Effective Date in the following circumstances: (i) Where an Industry Member changes back office providers or clearing firms and the date account opened is changed to the date the account was opened on the new back office/clearing firm system; (ii) where an Industry Member acquires another Industry Member and the date account opened is changed to the date the account was opened on the post-merger back office/clearing firm system; (iii) where there are multiple dates associated with an account in an Industry Member's system, and the parameters of each date are determined by the individual Industry Member; and (iv) where the relevant account is an Industry Member proprietary account.” See id. at Section 1.1.
See id. at Appendix C, Section C.10(a)-(b).
See id. at Appendix C, Section C.10(b).
See id.
See id. at Appendix C, Section C.10(c)-(e).
28. Written Understanding or Agreements Relating to Interpretation of, or Participation in, the Plan
The Participants have no written understandings or agreements relating to interpretations of, or participation in, the Plan other than those set forth in the Plan itself. For example, Section 4.3(a)(iii) states that the Operating Committee only may authorize the interpretation of the Plan by Majority Vote, Section 6.9(c)(i) addresses interpretations of the Technical Specifications, and Section 8.2 addresses the interpretation of Sections 8.1 and 8.2. In addition, Section 3.3 sets forth how any entity registered as a national securities exchange or national securities association under the Exchange Act may become a Participant.
See Notice, supra note 5, at 30635.
See CAT NMS Plan, supra note 5, at Sections 4.3(a)(iii), 6.9(c)(i), 8.2.
See id. at Section 3.3.
29. Dispute Resolution
The Plan does not include a general provision addressing the method by which disputes arising in connection with the operation of the Plan will be resolved. The Plan does, however, provide the means for resolving disputes regarding the Participation Fee. Specifically, Article III states that, in the event that the Company and a prospective Participant do not agree on the amount of the Participation Fee, such amount will be subject to the review by the Commission pursuant to Section 11A(b)(5) of the Exchange Act. In addition, the Plan addresses disputes with respect to fees charged to Participants and Industry Members pursuant to Article XI. Specifically, such disputes will be determined by the Operating Committee or a Subcommittee designated by the Operating Committee. Decisions by the Operating Committee or such designated Subcommittee on such matters will be binding on Participants and Industry Members, without prejudice to the rights of any Participant or Industry Member to seek redress from the Commission pursuant to Rule 608 or in any other appropriate forum.
See Notice, supra note 5, at 30635.
See CAT NMS Plan, supra note 5, at Section 3.3(b).
See id.; see also 15 U.S.C. 78k-l(b)(5).
See CAT NMS Plan, supra note 5, at Section 11.5.
Id.
IV. Discussion and Commission Findings
In 1975, Congress directed the Commission, through the enactment of Section 11A of the Act, to facilitate the establishment of a national market system. Section 11A(a)(3)(B) of the Act authorizes the Commission, “by rule or order, to authorize or require self-regulatory organizations to act jointly with respect to matters as to which they share authority under this title in planning, developing, operating, or regulating a national market system (or a subsystem thereof) or one or more facilities.” The Commission adopted Rule 613 of Regulation NMS under the Act, requiring the SROs to submit an NMS plan to create, implement, and maintain the CAT.
15 U.S.C. 78k-1.
15 U.S.C. 78k-1(a)(3)(B).
See Adopting Release, supra note 14; see also Proposing Release, supra note 14.
17 CFR 242.613(a)(1), (c)(1), (c)(7).
Rule 613 tasks the Participants with the responsibility to develop a CAT NMS Plan that achieves the goals set forth by the Commission. Because the Participants will be more directly responsible for the implementation of the CAT NMS Plan, in the Commission's view, it is appropriate that they make the judgment as to how to obtain the benefits of a consolidated audit trail in a way that is practicable and cost-effective in the first instance. The Commission's review of an NMS plan is governed by Rule 608 and, under that rule, approval is conditioned upon a finding that the proposed plan is “necessary or appropriate in the public interest, for the protection of investors and the maintenance of fair and orderly markets, to remove impediments to, and perfect the mechanism of, a national market system, or otherwise in furtherance of the purposes of the Act.” Further, Rule 608 provides the Commission with the authority to approve an NMS plan, “with such changes or subject to such conditions as the Commission may deem necessary or appropriate.” In reviewing the policy choices made by the Participants in developing the CAT NMS Plan, the Commission has sought to ensure that they are supported by an adequate rationale, do not call into question the Plan's satisfaction of the approval standard in Rule 608, and reasonably achieve the benefits of a consolidated audit trail without imposing unnecessary burdens. In addition, because of the evolving nature of the data captured by the CAT and the technology used, as well as the number of decisions still to be made in the process of implementing the CAT NMS Plan, the Commission has paid particular attention to the structures in place to guide decision-making going forward. These include the governance of the Company, the provisions made for Commission and other oversight, the standards established, and the development milestones provided for in the Plan.
17 CFR 242.608(b)(2); see also 15 U.S.C. 78k-1(a).
17 CFR 242.608(b)(2).
The Commission received 24 comment letters on the CAT NMS Plan. The commenters included, among others, national securities exchanges, technology providers, academics, broker-dealers, investors, and organizations representing industry participants. Of the comment letters received regarding the Plan, 13 expressed general support, 3 comment letters expressed opposition to the Plan, and 8 comment letters neither supported nor opposed the Plan. Many of the commenters suggested modifications to certain provisions of the Plan or identified what they believed were deficiencies in the Plan.
See supra note 6.
FSR, FSI, MFA, ICI, TR, SIFMA, FIF, Fidelity, UnaVista, CBOE, KCG, and NYSE Letters.
Better Markets, Bloomberg, and Data Boiler Letters.
Anonymous I, Anonymous II, DAG, STA, DTCC, Hanley, Wachtel, FIX Trading, and Garrett Letters.
The most significant areas raised in the comment letters pertained to: (i) The security and confidentiality of CAT Data (especially of PII); (ii) the cost and funding of the CAT; (iii) the timing of the retirement of duplicative regulatory reporting systems; (iv) the implementation time frame; (v) governance (particularly with respect to industry representation); (vi) the clock synchronization standard; (vi) error rates; and (vii) an overall lack of detail in the CAT NMS Plan.
As discussed in detail below, the Commission has determined to approve the CAT NMS Plan, as amended, pursuant to Section 11A of the Act and Rule 608. The Commission believes that the Plan is reasonably designed to improve the completeness, accuracy, accessibility and timeliness of order and execution data used by regulators. The Commission believes that the Plan will facilitate regulators' access to more complete, accurate and timely audit trail data. The Plan will also allow for more efficient and effective surveillance and analysis, which will better enable regulators to detect misconduct, reconstruct market events, and assess potential regulatory changes. As a result, the CAT NMS Plan should significantly improve regulatory efforts by the SROs and the Commission, including market surveillance, market reconstructions, enforcement investigations, and examinations of market participants. The Commission believes that improved regulatory efforts, in turn, will strengthen the integrity and efficiency of the markets, which will enhance investor protection and increase capital formation.
15 U.S.C. 78k-1.
17 CFR 242.608(b)(2).
As noted, commenters raised concerns about, and suggested alternatives to, certain Plan provisions. The Participants submitted five letters which responded to the comments and provided certain suggestions for amendments to the Plan, as discussed in detail below. After considering the proposed Plan, the issues raised by commenters, and the Participants' responses, the Commission has amended certain aspects of the Plan and has determined that the proposed Plan, as amended by the Commission, satisfies the standard of Rule 608. The Commission finds that the CAT NMS Plan is necessary or appropriate in the public interest, for the protection of investors and the maintenance of fair and orderly markets, to remove impediments to, and perfect the mechanism of a national market system, or is otherwise in furtherance of the purposes of the Act. The Commission does not believe that the remaining concerns identified by commenters individually or collectively call into question the Plan's satisfaction of the approval standard in Rule 608, or otherwise warrant a departure from the policy choices made by the Participants.
See 17 CFR 242.608(b)(2).
A. Definitions, Effectiveness of Agreement, and Participation (Articles I, II, and III)
Article I of the CAT NMS Plan sets forth definitions for certain terms used in the CAT NMS Plan, as well as principles of interpretation. Article II of the CAT NMS Plan describes the corporate structure under which the Participants will build and maintain the CAT, and Article III addresses participation in the Plan, including admission of new Participants, resignation and termination of Participants, and the obligations and liability of Participants.
See Section III.1.; Section III.2., supra.
The Commission did not receive any comments relating to Article II or III of the CAT NMS Plan, and is approving them as proposed, with certain technical conforming changes to reflect the Participants' proposal to treat the Company as a non-profit and certain Exchange Act obligations. The Commission did receive comments on three definitions: (1) Allocation Report; (2) Trading Day; and (3) Eligible Security.
See Sections IV.B and IV.F, infra.
The Commission notes that some commenters recommended changing specific provisions in the CAT NMS Plan, which would also result in modifications to certain definitions set forth in Article I (e.g., Error Rate and Primary Market Transaction). The Commission discusses such comments in the Sections below in conjunction with the relevant substantive CAT NMS Plan provisions.
TR Letter at 9.
FIF Letter at 95-96.
Anonymous Letter I at 9.
For the definition of Allocation Report, one commenter stated that “allocation time is not consistently defined or captured,” and that without further guidance, CAT Reporters may have difficulties reporting this data element. The Participants responded to this comment by explaining that the Participants have not yet determined how “time of the allocation” will be defined, but indicated that they would address this in the Technical Specifications.
The Plan defines “Allocation Report” to mean a report made to the Central Repository by an Industry Member that identifies the Firm Designated ID for any account(s), including subaccount(s), to which executed shares are allocated and provides the security that has been allocated, the identifier of the firm reporting the allocation, the price per share of shares allocated, the side of shares allocated, the number of shares allocated to each account, and the time of the allocation; provided, for the avoidance of doubt, any such Allocation Report shall not be required to be linked to particular orders or executions. See CAT NMS Plan, supra note 5, at Section 1.1.
TR Letter at 9.
Response Letter I at 25.
For the definition of Trading Day, one commenter stated that the cut-off time for Trading Day is not defined and argued that, consistent with OATS, the cut-off time should be 4:00 p.m., ET. The commenter argued a later cut-off time would compress the time CAT Reporters have to collect, validate, and report data in a timely manner. The Participants responded to this comment by explaining that a universal cut-off time for Trading Day is not recommended for the CAT because cut-off times may differ based on the different types of Eligible Securities (including the potential expansion of the security types covered in Eligible Securities). Rather, the Participants stated that the Operating Committee should determine cut-off times for the Trading Day and indicated that they would address this in the Technical Specifications.
The Plan states that “Trading Day” shall have such meaning as is determined by the Operating Committee. For the avoidance of doubt, the Operating Committee may establish different Trading Days for NMS Stocks (as defined in SEC Rule 600(b)(47), Listed Options, OTC Equity Securities, and any other securities that are included as Eligible Securities from time to time. See CAT NMS Plan, supra note 5, at Section 1.1.
FIF Letter at 95-96.
Id. at 96, 124.
Response Letter I at 31.
For the definition of Eligible Security, one commenter stated that “a full audit trail would include transactions both on and off exchange.” The Participants noted that the CAT will capture on- and off-exchange transactions for NMS Securities and OTC Equity Securities, as the CAT would “capture orders and transactions in NMS Securities and OTC Equity Securities, even if they occur in ATSs/dark pools, other trading venues or internally within broker-dealers.”
The CAT NMS Plan provides that “Eligible Security” includes (a) all NMS Securities and (b) all OTC Equity Securities. See CAT NMS Plan, supra note 5, at Section 1.1.
Anonymous Letter I at 9.
Response Letter I at 25.
The Commission believes that the definitions and principles of interpretation set forth in Article I of the CAT NMS Plan are reasonably designed to provide clarity to the terms set forth in the CAT NMS Plan. In response to the commenters that recommended modifications to the definitions of Allocation Report and Trading Day, the Commission believes it is reasonable for the Participants to address the Allocation Report and Trading Day specifics raised by commenters in the Technical Specifications to provide the CAT with necessary flexibility during its implementation, and based on the Plan's requirement that the Technical Specifications will be published no later than one year prior to when Industry Member reporting begins. With respect to Eligible Securities, the Commission believes that the commenter's concern is addressed already in the Plan.
See Section IV.D.8.a, infra.
The Commission also notes that the Participants submitted a letter to the Commission indicating that the names of certain Participants had changed and that two new exchanges have been approved by the Commission. Specifically, the Participants stated that BATS Exchange, Inc. is now known as Bats BZX Exchange, Inc.; BATS Y-Exchange, Inc. is now known as Bats BYX Exchange, Inc.; EDGA Exchange, Inc. is now known as Bats EDGA Exchange, Inc.; EDGX Exchange, Inc. is now known as Bats EDGX Exchange, Inc.; NASDAQ OMX BX, Inc. is now known as NASDAQ BX, Inc.; and NASDAQ OMX PHLX LLC is now known as NASDAQ PHLX LLC. In addition, the Participants stated that two new exchanges were approved by the Commission: ISE Mercury, LLC and Investors' Exchange, LLC. Thus, the Participants suggested that the Commission amend the Plan to reflect that ISE Mercury, LLC and Investors' Exchange LLC are Participants to the CAT NMS Plan, and to include their names on the signature block for the CAT NMS Plan (including the Plan's appendices). The Commission believes it is appropriate to amend the CAT NMS Plan to reflect the name changes of certain Participants because this will ensure that the names of those Participants are accurately reflected, and to amend the CAT NMS Plan to add ISE Mercury, LLC and Investors' Exchange, LLC as Participants to the CAT NMS Plan because all SROs are intended to be Participants to the CAT NMS Plan.
Participants' Letter I at 1.
Id.
Id.
Id.
See Notice, supra note 5, at 30618.
B. Management of the Company (Article IV)
Article IV of the CAT NMS Plan describes the management structure of CAT NMS, LLC. Many commenters raised concerns related to the governance structure set forth in the CAT NMS Plan. Most of the governance comments focused on the role, composition, obligations and powers of the Operating Committee and the Advisory Committee. A few commenters identified potential conflicts of interest (both with respect to the Officers and the Participants) as well as other governance concerns, including whether the CAT should be under the Commission's direct and sole control.
See Section III.3, supra.
FSI Letter at 3; MFA Letter at 3-4; ICI Letter at 10-13; TR Letter at 6-7; SIFMA Letter at 24-29; FIF Letter at 14, 135-37; Fidelity Letter at 6-8; Better Markets Letter at 4-6; KCG Letter at 5-7; DAG Letter at 3; NYSE Letter at 4-6; STA Letter at 1-2.
MFA Letter at 3-4; ICI Letter at 10-13; SIFMA Letter at 24-29; KCG Letter at 5-7; DAG Letter at 3; NYSE Letter at 4-6; TR Letter at 6-7; FIF Letter at 14, 135-37; see also STA Letter at 1 (supporting the DAG Letter's governance recommendations).
FSI Letter at 3; MFA Letter at 3-4; ICI Letter at 10-13; Better Markets Letter at 4-6.
1. Operating Committee
Article IV of the CAT NMS Plan provides that an Operating Committee will manage the CAT, where each Participant appoints one member of the Operating Committee, and each Participant appointee has one vote. Article IV also sets forth certain other provisions relating to the Operating Committee, including identification of those actions requiring a Majority Vote, a Supermajority Vote, or a unanimous vote; and the management of conflicts of interest. Commenters raised concerns about the composition, voting and independence of the Operating Committee.
See CAT NMS Plan, supra note 5, at Section 4.2, Appendix C, Section D.11(b).
Some commenters argued that the composition of the Operating Committee should not be limited to the SROs, arguing that non-SROs also should have full voting powers. Commenters recommended that the Operating Committee should include members who are broker-dealers, and other non-SRO and non-broker-dealer market participants, institutional investors, broker-dealers with a substantial retail base, broker-dealers with a substantial institutional base, a data management expert, and a federal agency representative with national security cybersecurity experience. Another commenter recommended including representatives of registered funds as members of the Operating Committee, noting their strong interest in ensuring the security of CAT Data and that CAT Reporter position information and trading strategies not be compromised. Two commenters argued that no legal authority bars broker-dealers or other non-SROs from serving on the Operating Committee.
MFA Letter at 3-4; ICI Letter at 10-13; SIFMA Letter at 24-26; KCG Letter at 5-7; DAG Letter at 3; see also STA Letter at 1 (supporting the DAG Letter's governance recommendations).
SIFMA Letter at 24-26; KCG Letter at 5-7; DAG Letter at 3; see also STA Letter at 1 (supporting the DAG Letter's governance recommendations).
SIFMA Letter at 25; MFA Letter at 3; DAG Letter at 3; KCG Letter at 6; see also STA Letter at 1 (supporting the DAG Letter's governance recommendations).
KCG Letter at 6; MFA Letter at 3.
MFA Letter at 3.
ICI Letter at 11. This commenter further noted that registered funds' expertise in protecting trade and order information could help formulate CAT-related data security policies. Id.
KCG Letter at 6; ICI Letter at 11.
In support of their recommendation to expand the Operating Committee's membership, commenters stressed the need for meaningful input by stakeholders with specific expertise, which they believed would improve the implementation and maintenance of the CAT. One commenter described the CAT as “a uniquely complex facility” and another commenter described the CAT as “a critical market utility designed to benefit the national market system and all market participants,” and stated that as such “the governance and operation of the CAT NMS Plan should be structured to obtain meaningful input from the broker-dealer community.” One of these commenters noted broker-dealers would have complementary “expertise and insight” to the SROs, insofar as broker-dealers would be “providing the lion's share of the reported data to the CAT.” This commenter clarified that, in recommending broker-dealer participation on the Operating Committee, the commenter “does not expect (or request) that broker-dealer representatives would have access to the surveillance patterns and other regulatory means by which the SROs will use the data collected by the CAT.”
SIFMA Letter at 25; KCG Letter at 7.
SIFMA Letter at 25.
KCG Letter at 7. KCG suggested that the Advisory Committee alone would have “almost no voice in the operation [of the] NMS plan” based on the feedback regarding the administration and operation of other NMS plans. KCG Letter at 7.
SIFMA Letter at 25; see also ICI Letter at 11 (“The perspective of other market participants—particularly given that the central repository will house their sensitive information—would help in the development and maintenance of the CAT.”); MFA Letter at 3 (“The decisions of the Operating Committee, such as those related to data security . . . will have a significant impact on market participants immediately and in the future.”). One commenter further noted that “the SROs expect the broker-dealers to help fund the costs of the CAT, and they proposed a funding model under which the vast majority of the CAT building and operating costs would be imposed on the broker-dealer firms.” SIFMA Letter at 25.
SIFMA Letter at 25.
One commenter described the industry's experience as part of the DAG as informing its belief that full industry participation on the Operating Committee is required. This commenter stated that “the SROs limited the Industry's participation in important aspects of the development process” to an extent that direct engagement with Bidders “provided a more complete and relevant picture of the proposed CAT solution than had been received through involvement in the DAG.” This commenter argued the Operating Committee should include non-SRO industry participants because it would allow them to participate in selecting a Plan Processor and developing the CAT operating procedures.
DAG Letter at 3; see also STA Letter at 1 (supporting the DAG Letter's governance recommendations).
DAG Letter at 3; see also STA Letter at 1 (supporting the DAG Letter's governance recommendations).
DAG Letter at 3; see also STA Letter at 1 (supporting the DAG Letter's governance recommendations).
One commenter recommended that the allocation of voting rights among the Participants be reevaluated, noting that the Commission's Equity Market Structure Advisory Committee (“EMSAC”) provided a similar recommendation regarding plan governance generally. This commenter also recommended limiting the number of Operating Committee actions that require unanimous voting.
Fidelity Letter at 7. The Commission also notes that although the commenter did not include the EMSAC's rationale for the reallocation of voting rights recommendation, in the EMSAC Recommendations cited by the commenter, the EMSAC explained that it recommended reallocating voting rights because the “reallocation of voting rights [among NMS plan participants] is intended to better reflect the proportional interests of NMS [p]lan participants”). See EMSAC, Recommendations Regarding Enhanced Industry Participation in Certain SRO Regulatory Matters (June 10, 2016), available at https://www.sec.gov/spotlight/emsac/emsac-trading-venues-regulation-subcommittee-recomendation-61016.pdf (“EMSAC Recommendations”).
Fidelity Letter at 7. This commenter noted that the EMSAC provided this recommendation. The Commission notes that although the commenter did not include the EMSAC's rationale for this recommendation, in the EMSAC Recommendations cited by the commenter, the EMSAC explained that it recommended the limited use of unanimous voting requirements “to prevent undue friction or delay in [p]lan voting matters.” See EMSAC Recommendations, supra note 693, at 8.
Commenters also recommended that the Operating Committee include “independent directors.” One commenter recommended that these independent directors be both non-industry and non-SRO. Other commenters argued that the “CAT governance structure should include independent directors, comprised of both non-[i]ndustry and [i]ndustry participants.”
See Better Markets Letter at 6; DAG Letter at 3; see also STA Letter at 1 (supporting the DAG Letter's governance recommendations); SIFMA Letter at 25 n.4 (noting Rule 613 does not preclude the SROs from including independent directors in the Operating Committee).
Better Markets Letter at 6.
DAG Letter at 3; see also STA Letter at 1 (supporting the DAG Letter's governance recommendations).
In response to comments regarding the composition of the Operating Committee, the Participants argued that the Operating Committee should remain as a committee solely of SROs because only SROs have a statutory obligation under the Exchange Act to create, implement and maintain the CAT and regulate securities markets, whereas broker-dealers do not. The Participants also identified potential conflicts of interest if the “subjects of surveillance [are] involved in decision-making of a plan that, at its core has SEC and [SRO] regulatory surveillance as its primary objective.” Finally, the Participants discussed their belief that the Advisory Committee, discussed below, is the appropriate forum for non-Participants to provide their views.
Response Letter I at 6; see also, NYSE Letter at 5.
Response Letter I at 6.
Id. at 7.
In response to comments regarding the allocation of voting rights among the Participants, the Participants explained that each Participant has one vote to permit equal representation among the Participants. The Participants indicated their commitment to this allocation of voting rights because each Participant independently has obligations with regard to the CAT under Rule 613, and each Participant's regulatory surveillance obligations are not constrained by revenues or market share. The Participants also noted that this voting model is common among other NMS plans.
Id.
Id.
In response to the commenter suggesting that the CAT NMS Plan should limit the number of provisions requiring a unanimous vote, the Participants highlighted that only three extraordinary circumstances require a unanimous vote under the CAT NMS Plan: (i) Obligating Participants to make a loan or capital contribution to the Company; (ii) dissolving the Company; and (iii) acting by written consent in lieu of a meeting.
The Participants explained this would impose an additional and direct financial burden on each Participant, thus each Participant's approval is important. Id. at 8.
The Participants explained this would directly impact each Participant's ability to meet its regulatory and compliance requirements, so it is critical that each Participant consent to this action. Id.
The Participants explained that this would ensure that all Operating Committee members would have knowledge of, and consider, all actions taken by the Operating Committee if an action by written consent is effected in lieu of a meeting. Id.
In response to comments recommending the CAT governance structure include independent directors, the Participants noted that many of the Participants have independent representation on their governing boards, such that each Participant's input regarding the CAT would reflect independent views.
Id. at 7.
The Commission notes that the Participants' proposed governance structure—with both an Operating Committee and an Advisory Committee—is similar to the governance structure used today by other NMS plans, and the Commission believes that this general structure is reasonably designed to allow the Participants to fulfill their regulatory obligations and, at the same time, provide an opportunity for meaningful input from the industry and other stakeholders. The Commission believes that it is reasonable for the Operating Committee to be composed exclusively of SROs. As the Participants point out, the CAT NMS Plan is the vehicle through which they will fulfill key regulatory and oversight responsibilities. The Commission notes the Participants' statutory obligations as SROs, the opportunity for Advisory Committee input on the CAT NMS Plan decisions, the opportunity for public comment on Plan amendments, and close Commission oversight, when reaching that determination.
See 17 CFR 242.613; see, e.g., Securities Exchange Act Release Nos. 77679 (April 21, 2016), 81 FR 24908 (April 21, 2016) (NMS plan regarding addressing extraordinary market volatility); 75660 (August 11, 2015), 80 FR 48940 (August 14, 2015) (NMS plan regarding the consolidated tape association); 75504 (July 22, 2015), 80 FR 45252 (July 29, 2015) (NMS plan regarding consolidated quotations); 75505 (July 22, 2015), 80 FR 45254 (July 29, 2015) (NMS plan regarding unlisted trading privileges). The Commission believes it is reasonable for the CAT NMS Plan to include a governance structure similar to that utilized by other NMS plans that the Commission previously has found to be consistent with the Act. As noted above, the Commission is separately reviewing the EMSAC recommendations. See supra note 693.
For these reasons, the Commission does not believe it is necessary to mandate independent directors in the governance of the CAT.
Furthermore, the Commission notes that the current provisions, which allocate voting rights such that each Participant has one vote, is consistent with other NMS plans and recognizes that the obligations imposed by Rule 613 on the SROs are also imposed on each SRO independently. With respect to the limited use of a unanimous voting standard, the Commission believes that the Plan is reasonably designed to facilitate effective governance and notes that only the three extraordinary Operating Committee actions specified above require unanimity, whereas all other Operating Committee actions can be accomplished with either a Majority Vote or Supermajority Vote.
The Commission notes that Commission Staff may observe all meetings (regular and special), including Executive Sessions, of the Operating Committee and Advisory Committee and receive all minutes. The Commission anticipates that only a few members of Commission Staff would observe any given meeting.
See Section IV.B.2, infra.
The Commission also notes that independent of its review of the CAT NMS Plan, the EMSAC has been reviewing, among other things, the issues surrounding NMS plan governance. On June 10, 2016, the EMSAC presented its recommendations in this area to the Commission.
See supra note 693.
Finally, the Commission is amending Section 4.4(b) of the Plan to specify that the Operating Committee's discretion to deviate from the treatment, as set forth therein, of persons submitting a Form 1 application to become a national securities exchange or persons submitting a Form X-15AA-A application to become a national securities association, must be reasonable and not impose any unnecessary or inappropriate burden on competition. The Commission is also amending Section 3.3(b)(v) of the Plan to specify that the Operating Committee's discretion, in considering other factors in determining the Participation Fee of a new Participant, must be reasonable, equitable and not unfairly discriminatory. The Commission believes these amendments are appropriate because they set forth in the CAT NMS Plan specific limitations with respect to the Operating Committee's discretion that are consistent with existing SRO obligations under the Exchange Act.
15 U.S.C. 78f(b)(4)-(5), (8).
2. Advisory Committee
Article IV of the Plan establishes an Advisory Committee charged with advising the SROs on the implementation, operation, and administration of the Central Repository. Under the Plan, the Advisory Committee has the right to attend Operating Committee and Subcommittee meetings—unless they are held in Executive Session—and submit its views prior to a decision by the Operating Committee. As proposed, the composition of the Advisory Committee includes: (i) Broker-dealers of varying sizes and types of business, including a clearing firm, (ii) an individual who maintains a securities account, (iii) an academic, (iv) institutional investors, and (v) the Commission's Chief Technology Officer (or Commission equivalent), who while not formally a member of the Advisory Committee, serves as an observer.
See Section III.3, supra; see also CAT NMS Plan, supra note 5, at Section 4.13(a), (d).
See Section III.3, supra; see also CAT NMS Plan, supra note 5, at Section 4.13(d).
See Section III.3, supra; see also CAT NMS Plan, supra note 5, at Section 4.13(b).
Most comments regarding the Advisory Committee recommended formalizing and expanding its role. Commenters made the following recommendations: (i) Change the selection process of, and expand the membership of, the Advisory Committee; (ii) form the Advisory Committee before the CAT NMS Plan is approved; (iii) formalize procedures for Advisory Committee meetings, including requiring specific documentation and written correspondence; (iv) narrow the use of Operating Committee Executive Sessions, whereby the Advisory Committee is excluded from participating; and (v) adopt in the CAT NMS Plan, the EMSAC's recommendations for NMS plan advisory committees.
DAG Letter at 3; ICI Letter at 10-13; SIFMA Letter at 26-29; FIF Letter at 14, 135-37; see also STA Letter at 1-2 (supporting the SIFMA, FIF and DAG Letters' Advisory Committee recommendations); but see NYSE Letter.
TR Letter at 6-7; SIFMA Letter at 26-27; FIF Letter at 14, 135-37; see also STA Letter at 2 (supporting the SIFMA and FIF Letters' Advisory Committee recommendations).
DAG Letter at 3; see also STA Letter at 1 (supporting the DAG Letter's governance recommendations).
SIFMA Letter at 26; ICI Letter at 10-13; see also STA Letter at 1-2 (supporting the SIFMA Letter's Advisory Committee recommendations).
One commenter suggested that the process for selecting Advisory Committee members should change to ensure that the Advisory Committee membership is independent of the SROs. The commenter noted selection of Advisory Committee members independent from the Participants is critical in light of the inherent conflict of interest the Participants face as sponsors and overseers of a Plan that will, at the same time, impose obligations on the very same Participants. This commenter also recommended that the Advisory Committee members should be selected by broker-dealer representatives—not by the SROs—and in support of this position argued that the Advisory Committee's purpose “should be to represent the interest of the industry and bring to bear the wide expertise of broker-dealers.”
SIFMA Letter at 27; see also STA Letter at 2 (supporting the SIFMA Letter's Advisory Committee recommendations).
SIFMA Letter at 27; see also STA Letter at 2 (supporting the SIFMA Letter's Advisory Committee recommendations).
SIFMA Letter at 27; see also STA Letter at 2 (supporting the SIFMA Letter's Advisory Committee recommendations).
Those commenters that advocated expanding the membership of the Advisory Committee suggested including: (i) Trade processing and order management service bureaus; (ii) registered funds; (iii) inter-dealer brokers; (iv) agency brokers; (v) retail brokers; (vi) institutional brokers; (vii) proprietary trading firms; (viii) smaller broker-dealers; (ix) firms with a floor presence; (x) and industry/trade associations. One commenter recommended expanding the Advisory Committee to 20 members, with a minimum of 12 broker-dealers. Another commenter suggested including two financial economists (preferably academic) with expertise in both econometrics and the economics of the primary market and market microstructure.
SIFMA Letter at 27; FIF Letter at 14, 135-37; TR Letter at 6-7 (arguing that a service bureau representative should be added to the Advisory Committee to offer a “collective perspective” that comes from supporting multiple clients); ICI Letter at 10-13; see also STA Letter at 1-2 (supporting the SIFMA and FIF Letters' Advisory Committee recommendations).
TR Letter at 6; SIFMA Letter at 27; FIF Letter at 135; ICI Letter at 12; see also STA Letter at 2 (supporting the SIFMA and FIF Letters' Advisory Committee recommendations).
FIF Letter at 135; see also STA Letter at 2 (supporting the FIF Letter's Advisory Committee recommendations).
Hanley Letter at 6.
Another commenter recommended forming the Advisory Committee prior to the CAT NMS Plan receiving the Commission's approval to “allow representative participation in the selection of the [Plan] Processor and in developing [o]perating procedures.”
DAG Letter at 3; see also STA Letter at 1 (supporting the DAG Letter's Advisory Committee recommendations).
Commenters suggested increasing the governance role of the Advisory Committee, with one commenter advocating that “the Advisory Committee should be involved in every aspect of the CAT,” such as budgets, fees and charges, and new requirements that may significantly burden broker-dealers.
SIFMA Letter at 27; see also ICI Letter at 11; FIF Letter at 14, 135-37; STA Letter at 2 (supporting the FIF and SIFMA Letters' Advisory Committee recommendations).
SIFMA Letter at 27; see also STA Letter at 2 (supporting the SIFMA Letter's Advisory Committee recommendations).
To facilitate increasing the Advisory Committee's role in the CAT's governance, a few commenters offered concrete recommendations for procedural safeguards. Two commenters suggested that the Operating Committee be required to document a written rationale any time the Operating Committee rejects an Advisory Committee recommendation. One of these commenters recommended that all documents prepared for or submitted to the Operating Committee by the Plan Processor also be submitted to the Advisory Committee, to keep the Advisory Committee fully informed. One commenter recommended that agendas and documentation for Operating Committee meetings be distributed to Advisory Committee members in advance of meetings.
SIFMA Letter 27-29; ICI Letter at 10-13; TR Letter at 6-7; see also STA Letter at 2 (supporting the SIFMA Letter's Advisory Committee recommendations). These recommendations are similar to the recommendations of the EMSAC.
SIFMA Letter at 28; ICI Letter at 13; see also STA Letter at 2 (supporting the SIFMA Letter's Advisory Committee recommendations).
ICI Letter at 13.
SIFMA Letter at 28; see also STA Letter at 2 (supporting the SIFMA Letter's Advisory Committee recommendations and noting its concern with the frequency and timeliness of information provided to the Advisory Committee).
A commenter also recommended that all information concerning the operation of the Central Repository be made available to the Advisory Committee, except for limited information of a confidential regulatory nature. This commenter added that when information is deemed to be of a confidential regulatory nature, the SROs should maintain a written record of what is designated confidential (and excluded from the Advisory Committee) and include an explanation of such designation.
SIFMA Letter at 28; ICI Letter at 10-13; see also STA Letter at 2 (supporting the SIFMA Letter's Advisory Committee recommendations).
SIFMA Letter at 28; see also Fidelity Letter at 7 (noting the “Operating Committee determines the scope and content of information supplied to the Advisory Committee”); STA Letter at 2 (supporting the SIFMA Letter's Advisory Committee recommendations).
Two commenters recommended revising the confidentiality policies related to the CAT to permit Advisory Committee members to “share information from the [Advisory Committee] meetings with their colleagues and with other industry participants.” One commenter further suggested that an Advisory Committee member should be allowed to make other firm personnel available that may have relevant expertise if the Advisory Committee is “tasked with evaluating issues outside the members' subject matter expertise.”
SIFMA Letter at 27, 28; DAG Letter at 3; see also STA Letter at 1-2 (supporting the SIFMA and DAG Letters' Advisory Committee recommendations).
SIFMA Letter at 27; see also STA Letter at 2 (supporting the SIFMA Letter's Advisory Committee recommendations).
Two commenters suggested that the Advisory Committee should have a right to review proposed amendments to the CAT NMS Plan that would affect CAT Reporters. One of these commenters noted that “[i]t may not be obvious to the Operating Committee when a change to the Plan impacts CAT [R]eporters in a material way.” The other commenter suggested modifying the Plan's definition of a Material Amendment to distinguish between amendments that are internal or external to the Plan Processor. This commenter recommended that both internal and external material amendments to the CAT NMS Plan be reviewed by the Advisory Committee, but be designated for different levels of review. This commenter suggested that material amendments that are “internal” to the Plan Processor would only be reviewed to ensure that that they do not materially affect CAT Reporters; whereas, amendments that are “external” to the Plan Processor would require Advisory Committee consultation and an implementation plan with reasonable time for development and testing.
TR Letter at 7; FIF Letter at 136; see also STA Letter at 2 (supporting the FIF Letter's Advisory Committee recommendations).
TR Letter at 7.
The CAT NMS Plan defines a “Material Amendment” to the Technical Specifications as an amendment that requires “a Participant or an Industry Member to engage in significant changes to the coding necessary to submit information to the Central Repository pursuant to the LLC Agreement or if it is required to safeguard the security or confidentiality of the CAT Data.” See CAT NMS Plan, supra note 5, at Section 6.9(c).
FIF Letter at 136; see also STA Letter at 2 (supporting the FIF Letter's Advisory Committee recommendations). The commenter references “external” material amendments as any change that affects the CAT Reporter Interface, such as coding or configuration changes. “Internal” material amendments are changes that do not affect the CAT Reporter interface (i.e., does not require coding or configuration changes).
FIF Letter at 136; see also STA Letter at 2 (supporting the FIF Letter's Advisory Committee recommendations).
A commenter recommended specific CAT NMS Plan governance changes to expand and clarify the role of the Advisory Committee. This commenter supported: (i) Clarifying the process for selecting Advisory Committee representatives; (ii) expanding and formalizing the role of the Advisory Committee, such as providing it formal votes on matters before the Operating Committee and the ability to initiate its own recommendations; and (iii) significantly narrowing the use of Executive Sessions for the Operating Committee. Moreover, a commenter recommended that when the Operating Committee meets in Executive Session, the SROs should maintain a written record including an explanation of why an Executive Session is required.
Fidelity Letter at 7.
Id. This commenter noted that the EMSAC provided these recommendations; see also SIFMA Letter at 28; STA Letter at 2 (supporting the SIFMA Letter's Advisory Committee recommendations).
SIFMA Letter at 28; see also Fidelity Letter at 7 (noting there are “no limitations on when the Operating Committee can call an Executive Session” and that the Operating Committee can, for any reason, “prohibit the Advisory Committee from attending any Executive Session of the Operating Committee by a majority vote”); STA Letter at 2 (supporting the SIFMA Letter's Advisory Committee recommendations).
One commenter, an SRO, stated that “the governance structure in the proposed CAT NMS Plan would establish an appropriate advisory role for the Advisory Committee that is consistent with the requirements specified by the Commission in Rule 613.” This commenter stressed that while the SROs have a legal obligation under Commission rules to create, implement and maintain a consolidated audit trail and central repository, non-SROs do not have this legal obligation. Accordingly, this commenter stated its belief that Advisory Committee members should not have a voting right with respect to Operating Committee actions. Finally, this commenter argued that having non-SRO Advisory Committee members vote in connection with the CAT NMS Plan would be incompatible with the requirements of the Exchange Act and Commission rules that squarely place the obligations to implement and enforce “the CAT NMS Plan on the shoulders of the SROs.” In this regard, the commenter highlighted the Rule 613(f) requirement that SROs “develop and implement a surveillance system, or enhance existing surveillance systems, reasonably designed to make use of the consolidated information contained in the consolidated audit trail.”
NYSE Letter at 4.
Id.
Id. at 6.
Id.
Regarding the size and composition of the Advisory Committee, the Participants recommended amending the Plan to include a service bureau representative, because service bureaus “perform audit trail reporting on behalf of their customers . . . [and] would provide a valuable perspective on how the CAT and any enhancements thereto would affect the service bureau clients, which often include a number of small and medium-sized firms.” The Participants also recommended augmenting the institutional investor representation on the Advisory Committee by including institutional investor representation by an adviser from registered funds, and increasing from two to three institutional investor representatives with at least one of the institutional investor representatives trading on behalf of an investment company or group of investment companies registered pursuant to the Investment Company Act of 1940. The Participants also suggested removing references in the Advisory Committee eligibility requirements for those institutional investors “on behalf of a public entity . . . and on behalf of a private entity,” which is in response to a comment noting the vagueness of the terms “public” and “private” with respect to institutional investors.
Response Letter I at 9.
Id. at 10.
Id.
The Participants, however, disagreed with commenters that the academic representative of the Advisory Committee should be limited to a financial economist because a general requirement that “a member of academia with expertise in the securities industry or any other industry relevant to the operation of the CAT System,” does not preclude a financial economist serving on the Advisory Committee so long as they have the relevant expertise. The Participants also disagreed with commenters that members of industry trade groups should also serve on the Advisory Committee, noting that the CAT NMS Plan includes a variety of representatives from the members of such trade groups and would provide “a meaningful opportunity for the representation of the views of industry trade groups.” Furthermore, the Participants disagreed with commenters who advocated increasing the number of broker-dealer representatives on the Advisory Committee from seven to twelve, and increasing the size of the Advisory Committee from twelve to twenty members. The Participants noted that, in “balancing the goal of having a sufficient cross section of representation with the goal of having a well-run committee,” seven broker-dealers of varying sizes and business types would provide “significant opportunity to provide [broker-dealers'] views” and increasing an Advisory Committee from twelve to twenty creates a committee structure that would “likely hamper, rather than facilitate,” discussion.
Id.
Id.
Id. at 10-12.
In response to commenters recommending a more active and participatory role in operation of the CAT for non-SRO stakeholders, the Participants stated that the Plan strikes an appropriate balance between providing the “industry with an active role in governance while recognizing the Participants' regulatory obligations with regard to the CAT.” In response to a commenter recommending that Advisory Committee members be selected by broker-dealer representatives, the Participants stated their belief that the Operating Committee should select the members, but agreed with commenters that the Advisory Committee should be permitted to advise the Operating Committee regarding potential Advisory Committee members. The Participants suggested that the CAT NMS Plan be amended to permit the Advisory Committee to advise the Operating Committee on Advisory Committee member selection, provided however, that the Operating Committee in its sole discretion would select members of the Advisory Committee.
Id. at 13-14.
Id.
Id.
In response to comments recommending formalized modes of written communication between the Operating Committee and the Advisory Committee, the Participants recommended that the CAT NMS Plan remain unchanged. In support, the Participants stated their belief that the proposed structure adequately addresses the commenters' concerns, while recognizing the need for the Participants to have the opportunity to discuss certain matters, particularly certain regulatory and security issues, without the participation of the industry. The Participants also noted that the Advisory Committee is permitted to attend all of the non-Executive Session Operating Committee meetings, where information concerning the operation of the CAT is received (subject to the Operating Committee's authority to determine the scope and content of information supplied to the Advisory Committee). Further, the Participants stated that minutes, subject to customary exceptions for confidentiality and privilege considerations, will be provided to the Advisory Committee. Finally, the Participants did not support instituting formalized modes of written communication between the Operating Committee and the Advisory Committee because such “an overly formulaic approach to [Operating Committee] interactions” would “hamper, rather than enhance, [Operating Committee] interactions with the Advisory Committee.”
Id. at 15-16.
Id. at 16.
Id.
Id.
With respect to comments recommending narrowing the use of Operating Committee Executive Sessions, the Participants stated their belief that the Operating Committee's capabilities to meet in Executive Session are appropriate and cited the Commission's statement in the Adopting Release that: “meet[ing] in [E]xecutive [S]ession without members of the Advisory Committee appropriately balances the need to provide a mechanism for industry input into the operation of the central repository, against the regulatory imperative that the operations and decisions regarding the consolidated audit trail be made by SROs who have a statutory obligation to regulate the securities markets, rather than by members of the SROs, who have no corresponding statutory obligation to oversee the securities markets.” The Participants represented that their intended use of an Executive Session is for limited purposes requiring confidentiality and offered four examples: Matters that present an actual or potential conflict of interest for Advisory Committee members (e.g., relating to member's regulatory compliance); discussion of actual or potential litigation; CAT security issues; and personnel issues. The Participants also noted that Executive Sessions must be called by a Majority Vote and that the meeting minutes are recorded, subject to confidentiality and attorney-client privilege considerations.
Id. at 15.
Id.
Finally, in response to comments that the Advisory Committee should form before the approval of the CAT NMS Plan, the Participants noted that the Plan itself provides for the establishment of the Operating Committee and the Advisory Committee and thus cannot be formed until the Commission approves the Plan. The Participants also noted that the DAG provides the Participants with “advice regarding the development of the Plan from an industry perspective.”
Id. at 16.
For reasons discussed below, the Commission finds reasonable the Participants' suggested modifications to add a service bureau representative, increase the number of institutional investor representatives on the Advisory Committee, remove terms that create vagueness for the institutional investor representative categories, and make the applicable conforming changes to Section 4.13 of the Plan. Accordingly, after considering the comments, the Commission is amending Section 4.13 of the Plan to include a service bureau representative, increase the number of institutional investor representatives from two (2) to three (3), and remove the terms that a commenter identified as creating vagueness with respect to the institutional investor category.
The Commission understands that service bureaus frequently serve a core role in reporting CAT Data on behalf of broker-dealers, and as such, the Commission finds appropriate their inclusion as an Advisory Committee member. Further, the Commission finds the increase from two to three members on the Advisory Committee representing institutional investors, as well as removing the references to “on behalf of a public entity” and “on behalf of a private entity” due to the vagueness of such terms with respect to institutional investor Advisory Committee members, to be reasonable responses to commenters seeking additional representation and clarity. The Commission also agrees with the Participants that it is reasonable to not mandate inclusion of representatives on the Advisory Committee from industry and trade associations, given the existing substantial industry representation on the Advisory Committee, which is reasonably designed to ensure a wide range of meaningful industry perspectives.
The Commission agrees with commenters who argued that the academic representative on the Advisory Committee should be a financial economist. The Commission acknowledges the Participants' response that a financial economist is not precluded from serving as the academic representative of the Advisory Committee, but the Commission believes that specifying that the academic representative must be a financial economist is appropriate to ensure the Advisory Committee and the Operating Committee have access to such expertise in assessing the CAT's operations and development. Accordingly, the Commission is amending Section 4.13(b)(ix) of the Plan to specify that the academic representative on the Advisory Committee must be a financial economist.
The Commission agrees with the Participants' suggestion, in response to commenters, to permit the Advisory Committee to recommend Advisory Committee candidates to the Operating Committee. Accordingly, the Commission is amending Section 4.13(d) of the Plan to permit the Advisory Committee to recommend Advisory Committee candidates to the Operating Committee, but notes that the Operating Committee still maintains the sole discretion to select members of the Advisory Committee.
The Commission believes the amendment is reasonably designed to ensure a robust selection process for Advisory Committee membership that identifies candidates that best represent the industry perspective. With respect to the comment suggesting that the Advisory Committee be established before the approval of the CAT NMS Plan, the Commission notes it would be premature and technically not possible to establish an advisory committee to an NMS plan before such plan has been approved by the Commission. Moreover, the Commission notes that the interests of the industry and other stakeholders have been represented through the DAG, the public comment process, and through the SROs themselves as the CAT NMS Plan has been developed.
The Commission is amending the Executive Sessions provision in Section 4.4(a) of the Plan, as well as the Advisory Committee provision in Section 4.13(b) of the Plan related to the Commission's Chief Technology Officer (or equivalent) being an observer of the Advisory Committee. As the Commission is responsible for regulatory oversight of the Participants and the CAT NMS Plan, the Commission believes that it is appropriate for the Plan to expressly provide that Commission Staff may attend all CAT NMS Plan meetings, including those held in Executive Session. Similarly, because the Commission has broad regulatory responsibility for the Plan, the Commission does not believe it is appropriate to limit to the Commission's Chief Technology Officer (or equivalent) the right to serve as an observer at Advisory Committee meetings. Accordingly, the Commission is amending Sections 4.4(a) and 4.13(b) to provide that Commission Staff may attend Executive Sessions, and to permit the Commission to select the Commission representative to observe Advisory Committee meetings. The Commission anticipates that only a few members of Commission Staff would observe any given meeting.
The Commission also is amending Section 4.13(e) of the Plan in response to comments to provide that the Advisory Committee shall receive the same documents and information concerning the operation of the Central Repository as the Operating Committee. The Operating Committee may, however, withhold such information to the extent it reasonably determines such information requires confidential treatment. Although the Plan as filed permits Advisory Committee members to attend all of the non-Executive Session Operating Committee meetings, with respect to information concerning the operation of the CAT, it allows the Operating Committee broad discretion to determine the scope and content of information supplied to the Advisory Committee. The Commission believes it is important for the Advisory Committee to fulfill its role that its members receive full information on Plan operations (other than confidential information) and that it is therefore appropriate to amend Section 4.13(e) of the Plan accordingly.
With respect to the other comments regarding authority, composition and role of the Advisory Committee, as well as the use of the Operating Committee Executive Sessions, the Commission notes that the Plan provisions relating to the Advisory Committee and the Operating Committee Executive Sessions are similar to those in other NMS plans and are, therefore, reasonable.
As previously stated, the Commission believes it is reasonable for the CAT NMS Plan to include a governance structure similar to that utilized by other NMS plans that the Commission previously has found to be consistent with the Act. As with the comments regarding the Operating Committee, some of the suggestions made by commenters regarding the Advisory Committee are mirrored in the EMSAC recommendations. As already discussed, the Commission is separately reviewing these EMSAC recommendations. See supra note 693.
3. Officers of the Company
The CAT NMS Plan requires the Company to appoint a CISO and a CCO, who shall be employees solely of the Plan Processor. The Plan acknowledges that the CISO and CCO may have fiduciary and other similar duties to the Plan Processor pursuant to their employment with the Plan Processor, and the Plan, as proposed, sets forth that to the extent permitted by law, the CISO and CCO will have no fiduciary or similar duties to the Company.
See Section III.3, supra; see also CAT NMS Plan, supra note 5, at Section 4.6(a).
See Section III.3, supra; see also CAT NMS Plan, supra note 5, at Sections 4.6(a), 4.7(c).
One commenter expressed concern that appointing a CISO and CCO who would both be officers of the Company and employees of the Plan Processor “creates a potential conflict of interest that would undermine the ability of these officers to effectively carry out their responsibilities under the CAT NMS Plan because they would owe a fiduciary duty to the Plan Processor rather than to the [Company].” This commenter recommended that the officers of the Company should be required to act in the best interest of the [Company] to avoid conflicts of interest in carrying out their oversight activities. In addition, this commenter suggested that the CAT NMS Plan impose a fiduciary duty on the CISO and CCO, or at a minimum require the Plan Processor to select individuals who do not have a fiduciary duty to the Plan Processor to serve in these roles.
FSI Letter at 3.
Id.
Id.
In response to these comments, the Participants suggested that the CAT NMS Plan be changed so that all Officers of the Company, including the CISO and CCO, have fiduciary duties to the Company in the same manner and extent as an officer of a Delaware corporation. The Participants also represented that the Operating Committee, in an agreement with the Plan Processor, will have the Plan Processor acknowledge that the Officers of the Company will owe fiduciary duties to the Company, and to the extent that the duties owed to the Company by the Officers of the Company, including the CISO or CCO, conflict with any duties owed to the Plan Processor, the duties to the Company should control.
Response Letter I at 18-19.
Id. at 18.
The Commission believes that the suggested modifications by the Participants in response to comments about potential conflicts of interest are reasonable. Accordingly, the Commission is amending Section 4.7(c) of the Plan so that each Officer shall have the same fiduciary duties and obligations to the Company as a comparable officer of a Delaware corporation and in all cases shall conduct the business of the Company and execute his or her duties and obligations in good faith and in the manner that the Officer reasonably believes to be in the best interests of the Company. Furthermore, the Commission is amending Section 4.6(a) of the Plan to codify the Participants' representation that that the Operating Committee, in an agreement with the Plan Processor, will have the Plan Processor acknowledge that the Officers of the Company will owe fiduciary duties to the Company, and to the extent that the duties owed to the Company by the Officers of the Company, including the CISO or CCO, conflict with any duties owed to the Plan Processor, the duties to the Company should control.
The Commission believes that amending the CAT NMS Plan to expressly affirm the Officers' fiduciary duties or similar duties or obligations to the Company provides clarity and assurances that the Officers will act in the best interests of the Company. The Commission also believes it is reasonable, as the Participants have suggested in their response to comments, to have the Company and the Plan Processor enter into an agreement that specifies not only that Officers have fiduciary duties and obligations to the Company, but that if such Officers may have competing duties and obligations owed to the Company and to the Plan Processor, the duties and obligations to the Company should control. At this time, it is unclear what competing duties and obligations Officers may owe to the Company and the Plan Processor. While in many cases, the Officers' duties towards the Plan Processor and the Company are likely to be aligned, there may be circumstances (e.g., related to the performance of the Plan Processor) where such duties may conflict and the Commission finds reasonable that in such circumstances, the duties to the Company should control in order to mitigate any conflict between the interests of the Plan Processor and those of the Company in administering the CAT. The Commission further notes that the CAT NMS Plan provides reasonable oversight of the Officers by the Operating Committee, for example, the Plan requires: (i) The Operating Committee to approve the CISO and CCO with a Supermajority Vote ; (ii) the CISO and CCO to devote, with minor exceptions, their entire working time to serving as the CISO and CCO ; (iii) the Operating Committee to oversee that the Plan Processor allocates appropriate resources for the CISO and CCO to fulfill their obligations ; (iv) the CISO and CCO to report directly to the Operating Committee with respect to their duties ; (v) the compensation of the CISO and CCO to be subject to the Operating Committee's review and approval ; and (vi) an annual performance review of the CISO and CCO to be conducted by the Operating Committee.
While the SROs expressly waive fiduciary obligations to the Company, the SROs are subject to statutory obligations to regulate the securities markets and to create, implement and maintain the CAT.
See CAT NMS Plan, supra note 5, at Section 6.2(a)(i), (b)(i).
See id. at Section 6.2(a)(i), (b)(i).
See id. at Section 6.2(a)(ii), (b)(ii).
See id. at Section 6.2(a)(iii), (b)(iii).
See id. at Section 6.2(a)(iv), (b)(iv).
See id. at Section 6.2(a)(iv), (b)(iv).
4. Additional Governance Provisions
Commenters raised additional governance concerns related to conflicts of interest for the Participants, whether there should be an audit committee, and whether the Participants should be required to coordinate the administration of the CAT from a legal, administrative, supervisory and enforcement perspective.
See SIFMA Letter at 27, 29; ICI Letter at 12; Better Markets Letter at 5-6; DAG Letter at 3; see also STA Letter at 1 (supporting the DAG Letter's governance recommendations).
Some commenters expressed concern that the Participants would have a conflict of interest because of the various roles they perform with respect to the CAT. One commenter stated that the Participants are “sponsors and overseers of the Plan, while at the same time, the Plan will impose obligations on [them].” Another commenter raised concerns that the Participants would “control the [O]perating [C]ommittee for the [P]lan, use CAT [D]ata for regulatory purposes, and potentially commercialize the information that they report to the CAT.” This commenter suggested that these roles may “present conflicting incentives” for Participants.
SIFMA Letter at 27.
ICI Letter at 12.
Id.
One commenter argued that the Participants should not oversee and control the CAT and recommended instead that the Commission should build and host the CAT, which would then be under the Commission's direct and sole control. In support of this view, the commenter stated the Commission's statutory mission to protect investors would make it better positioned to operate the CAT, as compared to for-profit SROs, who would seek to maximize profits from the CAT Data. The commenter suggested that the Commission could outsource the building of the CAT and fund the CAT similar to how it funds its EDGAR system. The commenter stated that CAT NMS, LLC should reorganize as a not-for-profit entity and set forth an organizational purpose aligned with the Commission's mission statement. Finally, the commenter argued that the Commission solely should control access to and usage of the CAT System.
Better Markets Letter at 5.
Id. at 5-6.
Id. at 6.
Id. The commenter recommended that the board of directors of such entity contain a super-majority of independent directors to oversee the not-for-profit CAT NMS, LLC, and that the chair of the board of directors should be non-industry and appointed by the Commission. Further, the commenter recommended that the Director of the Division of Trading and Markets permanently serve as the vice-chair of the board of directors. Better Markets Letter at 6; see also DAG Letter at 3 (arguing that the CAT corporate governance structure should have independent directors comprised of both non-industry and industry participants); STA Letter at 1 (supporting the DAG Letter's governance recommendations).
Better Markets Letter at 6.
Two commenters recommended that the Company governance structure include an audit committee. One commenter noted that the audit committee should be comprised of mostly independent directors. Another commenter stated the audit committee should be responsible for the oversight of how the CAT's revenue sources are used for regulatory purposes, and that the costs and financing of the CAT must be fully transparent and publicly disclosed in annual reports, including audited financial statements.
SIFMA Letter at 29; DAG Letter at 3; see also STA Letter at 1 (supporting the DAG Letter's governance recommendations).
DAG Letter at 3; see also STA Letter at 1 (supporting the DAG Letter's governance recommendations). The Commission notes that the commenter specified in its comment that their definition of independent director includes industry participants (i.e., broker-dealers). See DAG Letter at 3.
SIFMA Letter at 29.
Finally, one commenter suggested that the SROs should coordinate the administration of the CAT through a single centralized body from a legal, administrative, supervisory and enforcement perspective. The commenter recommended amending the Plan to require this coordination, and suggested that such coordination could be facilitated through agreements under SEC Rule 17d-2, regulatory service agreements or some combination thereof. In support of this view, the commenter noted that different CAT-related compliance requirements among the SROs might arise and subject firms to duplicative regulation and enforcement, with the accompanying inefficiencies, additional costs, and potential inconsistencies.
Id.
Id.
Id.
In response to commenters suggesting the formation of an audit committee, the Participants stated that they would have the ability to review CAT-related issues objectively because “members of the Operating Committee are not employed by the [Company] and are fulfilling mandated regulatory oversight responsibilities, and that the [Company] will not operate as a profit-making company, which may need more scrutiny as compared to a company that is operating on a break-even basis.” Further, the Participants noted that the CAT NMS Plan requires that a Compliance Subcommittee be established—and noted that the Operating Committee in the future could decide if an audit committee should be formed as a subcommittee.
Response Letter I at 8.
Id. at 9.
In response to commenters regarding the coordinated compliance and enforcement oversight of the CAT, the Participants acknowledged the benefits of having a single Participant be responsible for enforcing compliance with Rule 613 and the CAT NMS Plan through Rule 17d-2 agreements, regulatory services agreements or some other approach and represented that they would consider such an arrangement after the CAT NMS Plan's approval. As discussed in Section IV.H, the Commission is amending Section 6.6 of the Plan to require that the Participants provide the Commission within 12 months of effectiveness of the Plan, a report detailing the Participants' consideration of coordinated surveillance (e.g., entering into 17d-2 agreements or regulatory services agreements).
Id. at 17.
See Section IV.H., supra.
The Commission acknowledges the commenters' concern about the conflicts inherent in having SROs performing various roles as overseers of the Plan and at the same time enforcing compliance with Rule 613. The Commission, however, highlights that the Participants are performing roles specified pursuant to obligations under the Exchange Act and the rules thereunder and remain under the direct oversight of the Commission. With respect to comments expressing concerns that the Participants may be in a position to commercialize the respective Raw Data reported by each SRO submitting to the CAT, order and execution information is already collected by SROs from its members and they are permitted under current law to commercialize this data (e.g., direct market feeds, provided that the terms are fair and reasonable and not unreasonably discriminatory ) subject to appropriate rule filings and oversight by the Commission. Thus, the Plan does not expand the Participants' ability to commercialize their Raw Data beyond what is currently permitted.
17 CFR 242.603.
See, e.g., Securities Exchange Act Release Nos. 73918 (December 23, 2014), 79 FR 78920 (December 31, 2014) (BATS One Feed); 74128 (January 23, 2015), 80 FR 4951 (January 29, 2015) (NYSE Integrated Feed).
With respect to comments that suggested that the Participants should not oversee and control the CAT, but that instead it should be under the Commission's direct and sole control, the Commission notes that in the Adopting Release, the Commission mandated that the Participants develop an NMS plan for the development and operation of the CAT. As such, the CAT NMS Plan, as noticed, whereby the Participants directly manage the CAT, was in furtherance of Rule 613 as adopted. Additionally, because the Participants, as SROs, currently serve as front-line regulators of many aspects of the securities markets, including administering the existing sources of regulatory data, the Commission believes they are well positioned to oversee the CAT. Moreover, the Commission believes that any potential conflicts arising from the status of certain Participants as for profit enterprises are reasonably addressed through the Plan provisions and Commission oversight.
The Commission concurs with the Participants that it is reasonable for the Company not to have an audit committee at this time. Further, the Participants are permitted to form an audit committee, as a subcommittee of the Operating Committee. The Commission notes that the absence of a requirement for an audit committee is consistent with other NMS plans.
Section 9.2(a) of the Plan states that the Operating Committee shall maintain a system of accounting for the Company established and administered in accordance with GAAP (or another standard if determined appropriate by the Operating Committee). Section 9.2(a) also requires, among other things, that the Company prepare and provide to each Participant an audited balance sheet, income statement and statement of cash flow, to the extent the Operating Committee deems advisable. In addition, Section 9.2(c) of the Plan states that all matters concerning accounting procedures shall be determined by the Operating Committee. The Participants recommended that the Commission amend Section 9.2(a) to eliminate the flexibility for the Company to administer a system of accounting in accordance with non-GAAP standards, thus requiring that all financial statements or information that may be supplied to the Participants shall be prepared in accordance with GAAP. In addition, the Participants recommended amending the Plan to eliminate the discretion of the Operating Committee to provide financials only if it deems advisable and instead to require that the Company's audited annual balance sheet, income statement, and statement of cash flows be audited by an independent public accounting firm and made publicly available. The Commission believes that the changes recommended by the Participants are reasonable because they will promote greater accuracy and transparency with respect to the Company's financial accounting and is therefore amending the Plan accordingly.
Participants' Letter II at 2.
Participants' Letter II at 2.
Section 6.1(o)(vi) of the Plan states that financial statements of the Plan Processor, prepared in accordance with GAAP and audited by an independent public accounting firm or certified by the Plan Processor's Chief Financial Officer, shall be provided to the Operating Committee no later than 90 days after the Plan Processor's fiscal year end. The Participants recommended that the Commission amend the Plan to change this timeframe to 180 days after the Plan Processor's fiscal year end to provide further flexibility to the Plan Processor with respect to the preparation of its financial statements. The Commission believes that it is reasonable to provide this additional flexibility and is therefore amending the Plan accordingly.
Participants' Letter II at 1.
The Commission also agrees with the commenters and Participants that a coordinated approach to self-regulatory oversight may have benefits, such as regulatory efficiencies and consistency, but believes that it is reasonable for such an arrangement to be considered by the Participants after the CAT NMS Plan's approval rather than mandating a specific approach for SRO coordination under the Plan at this time—as the Plan Processor has not been selected nor has the CAT System been developed. The Commission nevertheless notes that, as described above, it is amending the CAT NMS Plan to require a written assessment by the Participants within 12 months of effectiveness of the Plan, considering coordinated surveillance (e.g., entering into Rule 17d-2 agreements, regulatory services agreements or other arrangements, to facilitate regulatory coordination).
See Section IV.H, infra.
Finally, the Commission notes that the CAT NMS Plan provides that books and records of the CAT LLC shall be made available to the Commission upon “reasonable request.” Because the CAT LLC is a facility of the Participants, the Commission has the right to the books and records of CAT LLC “upon request” under Exchange Act Rule 17a-1, and therefore is amending Section 9.1 of the Plan to delete the requirement that any request for the CAT LLC's books and records be “reasonable.”
See CAT NMS Plan, supra note 5, at Section 9.1.
17 CFR 240.17a-1(c).
C. Plan Processor Selection (Article V)
Article V of the CAT NMS Plan sets forth the process for selecting the Plan Processor following approval of the CAT NMS Plan. The Plan Processor selection provisions in Article V are identical to the selection process set forth in the Selection Plan.
See Section III.4, supra, for a more detailed description of the Selection Plan.
See Selection Plan, supra note 23.
The Commission received three comments suggesting that the Plan Processor selection process be accelerated, with some commenters suggesting that the Selection Plan be amended to require the selection of the Plan Processor prior to the approval of the CAT NMS Plan. According to one commenter, the earlier selection of a Plan Processor would advance the release and development of the Technical Specifications. Another commenter offered support for a specific Bidder, noting their regulatory and technical competencies. One commenter recommended that the Commission re-open the Plan Processor's agreement with CAT NMS, LLC every five years to ensure that the Plan remains state-of-the-art, and to provide a process for public input. Another commenter stated that the Plan does not set forth sufficient incentives for the Plan Processor and the Participants to incorporate new technology into or to continuously innovate and strive to reduce the costs of the CAT System.
FSR Letter at 10; TR Letter at 4-5; FIF Letter at 42-43.
TR Letter at 4-5; FIF Letter at 42-43.
TR Letter at 4-5; see also Section V.G.4, infra, for a further discussion of these comment letters.
Anonymous Letter I at 1 (advocating for FINRA's regulatory abilities related to OATS); but see Anonymous Letter II (criticizing FINRA's handling of OATS non-compliance).
Better Markets Letter at 7.
Data Boiler Letter at 17, 27.
In response to the comments to accelerate the Plan Processor selection process, the Participants acknowledged that the selection of the Plan Processor will likely affect implementation issues and related costs, but that it is not feasible to accelerate the selection of the Plan Processor prior to the Commission's approval of the Plan. The Participants noted that until the Plan is finalized and approved by the Commission, the requirements of the CAT could change, which could impact the selection of the Plan Processor. Moreover, the Participants noted that Rule 613's requirement that the Plan Processor be selected within two months after effectiveness of the Plan ensures that the selection of the Plan Processor will occur expeditiously once the Commission approves the Plan.
Response Letter I at 51.
The Participants note in Response Letter I that the Selection Plan contemplates the selection of the Plan Processor after the approval of the Plan. Id. at 52.
In response to the comment in support for a specific Bidder, the Participants stated that they determined that utilizing a competitive bidding process to select the Plan Processor was the most appropriate way to promote an innovative and efficient CAT solution. Pursuant to that process, the Participants noted that they have reduced the number of Bidders to three Shortlisted Bidders.
Response Letter I at 52.
In response to the comment to re-open the Plan Processor's agreement with the CAT LLC every five years and to provide a process for public input on the agreement, the Participants stated that they agree that it is important to ensure that the CAT solution remains effective and efficient going forward. Accordingly, the Participants noted that they have proposed a process for regularly reviewing the performance of the Plan Processor throughout the term of the Plan Processor's agreement and for modifying it if necessary to avoid an outdated CAT solution. The Participants added that, as set forth in the Plan, the Operating Committee will review the Plan Processor's performance under the Plan at least once each year, or more often than once each year upon the request of two or more Participants that are not Affiliated Participants. In addition, the Participants noted that the Plan sets forth the process for removing the Plan Processor. Specifically, the Participants noted that the Operating Committee, by Supermajority Vote, may remove the Plan Processor from such position at any time, and that the Operating Committee may, by Majority Vote, remove the Plan Processor from such position at any time if it determines that the Plan Processor has failed to perform its functions in a reasonably acceptable manner in accordance with the provisions of the Plan. The Participants stated that if they were to vote to remove the Plan Processor, the Operating Committee would select a new Plan Processor through a competitive bidding process.
Id.
See supra note 67 for a definition of “Affiliated Participants.”
In approving the Selection Plan, the Commission stated that the Selection Plan is reasonably designed to achieve its objective of facilitating the development of the CAT NMS Plan and the selection of the Plan Processor. The Commission also found that the Selection Plan is reasonably designed to govern the process by which the SROs will formulate and submit the CAT NMS Plan, including the review, evaluation, and narrowing down of Bids in response to the RFP, and ultimately choosing the Plan Processor that will build, operate, and maintain the consolidated audit trail. The Commission believes that the process set out in the Selection Plan for selecting a Plan Processor remains a reasonable approach, which will facilitate the selection of Plan Processor through a fair, transparent and competitive process and that no modifications to the Selection Plan are required to meet the approval standard. In response to the commenters recommending that the Plan Processor selection process be accelerated, the Commission agrees with the Participants that changes to the CAT NMS Plan that are being made in this Order may be relevant to the selection of the Plan Processor. The Commission believes that selecting the Plan Processor within two months of Plan approval, rather than prior to Plan approval, will allow the remaining Bidders to consider the CAT NMS Plan, as amended and approved by the Commission, and to make any necessary modifications to their Bids, which will enable the Participants to make a more fully informed decision on the Plan Processor in light of the amended and approved CAT NMS Plan. The Commission believes this timeframe to select the Plan Processor—two months following Commission approval of the Plan—will not result in the untimely release of the Technical Specifications.
See Selection Plan Approval Order, supra note 23.
See id.
In addition, the Commission notes that, pursuant to an amendment to the Selection Plan, the Participants have already narrowed the Bidders to three Shortlisted Bidders, which will facilitate the timely completion of the Plan Processor selection process. See Selection Plan, supra note 23.
In response to the comment that offered support for a specific Bidder, the Commission agrees with the Participants that the competitive bidding process to select the Plan Processor is a reasonable and effective way to choose a Plan Processor and thus believes that the process set forth in the Selection Plan should be permitted to continue. In response to the commenter that recommended that the Commission re-open the Plan Processor's agreement with the CAT LLC every five years and provide a process for public input on the agreement, the Commission believes that the CAT NMS Plan already contains provisions that permit the reevaluation—and possible replacement—of the Plan Processor. Thus, the Commission is not amending the plan to require that the Plan Processor's agreement with the CAT LLC be reevaluated every five years.
Finally, in response to the commenter that stated that the Plan does not provide sufficient incentives for the Plan Processor and the Participants to incorporate new technology, innovate and reduce the costs of the CAT System, the Commission believes that requirements for regular evaluations of the operation of the CAT, the identification of potential improvements, and the delivery of a written assessment to the Commission, as well as the Plan's provisions regarding the possible removal of the Plan Processor provide sufficient incentives for the Plan Processor and the Participants in these areas.
See CAT NMS Plan, supra note 5, at Section 4.3(b)(ii) (providing that the Operating Committee may terminate the Plan Processor without cause).
D. Functions and Activities of the CAT System (Article VI)
Article VI of the CAT NMS Plan sets forth the functions and activities of the CAT System.
See Section IV.B., supra.
1. Data Recording and Reporting Requirements
Article VI of the Plan imposes requirements regarding what data elements must be reported to the Central Repository and by when. The Commission received comments regarding to whom these requirements should apply and the appropriateness of the provisions.
One commenter recommended that firms using manual orders that are currently exempt from OATS reporting pursuant to FINRA Rule 7470 should also be exempt from the CAT reporting obligations. This commenter argued that to qualify for such an exemption, a firm would need to “eliminate many practices of regulatory concern” and have a “perfect regulatory history,” and that the exemption would have little impact on the CAT because it would exclude only the reporting of events that take place prior to delivery of an order to a market venue. The commenter argued that the exemption is necessary to keep currently-exempt firms in business due to the high costs that CAT reporting would impose. This commenter further argued that the requested exemption for OATS-exempt firms would not be the same as an exemption for “small firms,” and that wrongdoers would not fall within this exemption because of the limitations on the level of market activity, the voluntary restrictions from operations such as market making and trading with customers, the use of manual orders, and the expected high levels of compliance.
Wachtel Letter at 1-2.
Id.
Id.
Another commenter broadly stated that the data recording and reporting procedures described in the CAT NMS Plan are inappropriate and unreasonable. This commenter also stated that it may be easier for the Plan Processor to work directly with service bureaus, rather than with individual CAT Reporters, on data submission.
Data Boiler Letter at 18. Specifically, the commenter argued that to link information accurately, there must be “a robust event sequencing method,” and stated that the Plan lacks sufficient detail on this matter. The commenter further suggested that order and execution information should be represented in a meaningful way and recommended expressing this information in audio/musical notes form.
Id. at 19-20.
In response to the commenter's request that OATS-exempt firms also be exempted from reporting to the CAT, the Commission believes that completely exempting any group of broker-dealers from reporting requirements would be contradictory to the goal of Rule 613, which is to create an accurate, complete, accessible and timely audit trail. To permit such an exemption would eliminate the collection of audit trail information from a segment of broker-dealers and would thus result in an audit trail that does not capture all orders by all participants in the securities markets. The Commission believes that the CAT should contain data from all broker-dealers, including those that may appear to be at low risk for wrong-doing based on their history of compliance or business model. Regulators will not only use the CAT for surveillance and investigations, but also for market reconstructions and market analyses. Therefore, data from all broker-dealers is necessary.
The Participants did not respond to this comment.
As discussed in more detail below, the Commission believes that even if regulatory burdens reduce the number of small broker-dealers in specialized segments, overall competition in those segments may not be harmed. See Section V.G.1, infra.
The Commission believes that the data recording and reporting procedures outlined in the CAT NMS Plan meet the requirements of Rule 613 and are reasonable in that they are designed to ensure that data is recorded and reported in a manner that will provide regulators access to linked CAT Data that is timely, accurate, secure, and complete. Further, while under certain circumstances it might be efficient for the Plan Processor to work directly with service bureaus, the reporting requirements in the CAT NMS Plan apply to CAT Reporters, which are regulated entities, and therefore, it is necessary that the Plan Processor deal directly with CAT Reporters in determining matters related to reporting CAT Data.
In the Adopting Release for Exchange Act Rule 613, the Commission stated that the data recording and reporting procedures are reasonably designed “to ensure that the [CAT] will be designed in a way that provides regulators with the accurate, complete, accessible, and timely market activity data they need for robust market oversight.” See Adopting Release, supra note 14, at 45743.
The Commission notes that the CAT NMS Plan also requires the Plan Processor to measure and monitor latency within the CAT. See CAT NMS Plan, supra note 5, at Appendix D, Section 8.3.
2. Format
The CAT NMS Plan does not mandate the format in which data must be reported to the Central Repository. Rather, the Plan provides that the Plan Processor will determine the electronic format in which data must be reported, and that the format will be described in the Technical Specifications.
See CAT NMS Plan, supra note 5, at Appendix C, Section D.12(f); see also id. at Appendix C, Section A.1(a). The CAT NMS Plan states that CAT Reporters could be required to report data either in a uniform electronic format, or in a manner that would allow the Central Repository to convert the data to a uniform electronic format, for consolidation and storage. Id. at Appendix C, Section A.1(b).
Id. at Appendix D, Section 2.1. Appendix D states that more than one format may be allowed to support the various market participants that would report information to the Central Repository. Id.; see also id. at Section 6.9.
Two commenters expressed support for allowing the Plan Processor to determine the format for reporting data. One of these commenters stated that prescribing an approach in the Plan may hinder scalability and future system development.
ICI Letter at 13.
Data Boiler Letter at 9. This commenter also stated that the formatting procedures in the Plan were insufficient and recommended using an audio/musical approach. Id. at 18.
Three commenters, however, recommended that the format be specified in the Plan. One commenter argued that mandating an approach in the Plan, rather than waiting for the Technical Specifications, would give the industry more time to develop approaches to reporting using that format. The commenter also argued that if the format is not known until the Technical Specifications are published, this would limit the opportunity to make changes to the format, if necessary, without disrupting the implementation schedule. The commenter suggested that at least guidelines for a messaging protocol be included in the Plan.
FIF Letter at 90-92; FIX Trading Letter at 1; Better Markets Letter at 7 (stating that “the Commission should mandate the most widely used, open-sourced, machine-readable data format possible.”)
FIF Letter at 90-91.
Id. at 90.
Id. at 91-92.
Commenters also expressed opinions about whether the Plan Processor should allow CAT Reporters to use multiple formats or one uniform format to report CAT Data. Four commenters generally supported an approach that would allow CAT Reporters to report CAT Data using a non-uniform format. Under such an approach, the Central Repository would be responsible for normalizing the data into a uniform format to link and store the data. These commenters noted that CAT Reporters should be permitted to use any of the currently existing industry protocols widely used by industry participants, such as OATS, SWIFT or FIX. One commenter advocated for the use of its own electronic communications protocol, FIX, stating that it would result in quicker implementation times and simplify data aggregation. This commenter noted that FIX is currently used by thousands of firms in the financial services industry and that it would not make sense to require firms to convert from a FIX format to a proprietary format designed by the Plan Processor and mandated for CAT reporting. The commenter stated that FIX already tracks the lifecycle of an order both within an organization and across organizations, thus making it a good choice as the format for the CAT. It also noted that it is used globally and can be used for products beyond listed options and equities. Finally, the commenter represented that FIX can handle any identifier, including LEI, and can support the CAT NMS Plan's use of Customer-ID, average price processing, options reporting, and the daisy chain approach for reporting.
FIF Letter at 90-92; ICI Letter at 13; FIX Trading Letter at 1-2; Data Boiler Letter at 41.
ICI Letter at 13; FIX Trading Letter at 1-2; Data Boiler Letter at 41; FIF Letter at 91. FIF stated that CAT Reporters could use either an existing format or a “native” format developed by the Plan Processor. Another commenter was against trying to develop a native CAT format. Data Boiler Letter at 20. This commenter suggested preserving data in its most original format and then converting trade streams into “music formats” for ease of storage and comparison and to facilitate surveillance. Id.
FIX Trading Letter at 1-2.
Id. at 1; see also FIF Letter at 92.
FIX Trading Letter at 2.
Id. at 2-3.
One commenter stated that while mandating one uniform format would reduce the burden on the Central Repository for consolidating and storing data, it would impose a burden on CAT Reporters to accurately translate their current reporting format into a uniform CAT interface that could result in more errors than if the conversion to a uniform format occurred at the Central Repository. Conversely, another commenter cautioned that requiring one uniform format would create a monopoly.
FIF Letter at 92.
Data Boiler Letter at 36, 41.
One commenter argued that while data reported in a non-uniform format can be reliably converted into a uniform format, there are benefits to using a uniform format. Specifically, the commenter stated that using a uniform format can reduce data integrity issues within the Plan Processor, reduce data processing times, lower error correction rates between T+1 and T+3, reduce time and resources needed to on-board participants, and improve data accuracy and consistency across broker-dealers. The commenter also stated that use of a uniform format would improve data completeness because exact fields and standards would be defined.
UnaVista Letter at 2.
Id.
In their response, the Participants stated that they do not believe that the Plan should mandate a specific format for reporting to the Central Repository, but rather should allow the Bidders to use discretion in selecting the format that will work most efficiently with their solution. The Participants stated that the nature of data ingestion is key to the architecture of the CAT and therefore the Plan does not mandate a data ingestion format, but allows the Plan Processor to determine the format. The Participants also noted that the remaining three Bidders propose accepting existing messaging protocols (e.g., FIX), rather than requiring CAT Reporters to use a new format. The Participants stated that when they evaluate each Bidder's solution, they will consider whether the Bidder's proposed approach for a message format is easily understood and adoptable by the industry. The Participants also stated that they will take into consideration each Bidder's ability “to reliably and accurately convert data to a uniform electronic format for consolidation and storage, regardless of the message formats in which the CAT Reporters would be required to report data to the Central Repository.”
Response Letter I at 29.
Response Letter III at 14.
Id.
Response Letter I at 29.
The Commission believes it is reasonable to allow the Plan Processor to determine the electronic format in which data must be reported, and whether the format is uniform or whether multiple formats can be used to report CAT Data. The Commission recognizes that if a format were mandated in the CAT NMS Plan, CAT Reporters would have the information necessary to accommodate the format sooner than if they need to wait for the Plan Processor to choose the format. Although the Commission recognizes the benefit of early notice, mandating a particular format(s) in the Plan could limit the Plan Processor's options for designing the operation of the CAT as envisioned. Moreover, the Commission notes that the Participants have stated that they will consider whether a Bidder has proposed a format that is easily understood and adoptable by the industry. Further, because the Plan contemplates there will be iterations of the Technical Specifications, as well as time between publication of the Technical Specifications and the time by which data reporting must begin, the Commission believes that Industry Members will have sufficient time to comply with the ultimate format chosen by the Plan Processor. Therefore, the Commission believes that, rather than mandating the decision regarding the format for reporting in the CAT NMS Plan, it is reasonable for the format to be determined by the Plan Processor as a component of the CAT design.
Id.
3. Reporting Timelines
The CAT NMS Plan provides that CAT Reporters must report order event and trading information into the Central Repository by 8:00 a.m. ET on the Trading Day following the day the CAT Reporter records such information. A CAT Reporter must report post-trade information by 8:00 a.m. ET on the Trading Day following the day the CAT Reporter receives such information. The CAT NMS Plan provides that CAT Reporters may voluntarily report Participant Data prior to the 8:00 a.m. ET deadline.
See CAT NMS Plan, supra note 5, at Sections 6.3, 6.4.
See id. at Section 6.4. Post-trade information includes: (1) If an order is executed in whole or part: (a) An Allocation Report; (b) SRO-Assigned Market Participant Identifier of the clearing broker or prime broker, if applicable; and (c) CAT-Order-ID of any contra-side order(s); (2) if the trade is cancelled, a cancelled trade indicator; and (3) for original receipt or origination of an order, the Firm Designated ID, Customer Account Information, and Customer Identifying Information for the relevant Customer.
See id. at Sections 6.3, 6.4.
Commenters expressed opinions about the timeframe in which data should be reported by CAT Reporters to the Central Repository. One commenter expressed general support for the proposed reporting deadline, but noted that without having detailed Technical Specifications and validation rules, it could not assess the feasibility of meeting this deadline. The commenter stated that more information is needed regarding the CAT data reporting requirements to determine whether collating and formatting for the required data fields is achievable within the deadlines.
UnaVista Letter at 2.
Id.
In contrast, two commenters suggested that data should be reported in real-time, or near real-time, rather than at 8:00 a.m. ET the Trading Day following the day that the data was recorded. One commenter noted under the CAT NMS Plan's reporting deadlines, if a trade were completed at 9:30 a.m. ET on a Friday on an exchange, it would not have to be reported until Monday at 8:00 a.m. ET. The commenter stated that the CAT NMS Plan does not present a convincing reason for the 8:00 a.m. ET deadline given that market participants have access to the data in real-time and should be able to report it in seconds or less. The commenter opined that real-time, or near real-time, reporting would allow for more robust surveillance and a “quicker reaction time.” Another commenter argued that data should be reported within 50 milliseconds so that regulators can conduct real-time surveillance. The commenter recommended that CAT support real-time ingestion, processing and surveillance.
Data Boiler Letter at 18; Better Markets Letter at 6.
Better Markets Letter at 6.
Id.
Id.
Data Boiler Letter at 19.
Id. at 1. This commenter suggested that if CAT Data was going to be reported in real-time, SIP data should also be reported in real-time. See Data Boiler Letter at 42. Because the Commission does not believe that real-time reporting should be mandated by the Plan, the commenter's suggestion that SIP data be reported in real-time if CAT Data is going to be reported in real-time, is moot.
This commenter also questioned the Plan Processor's ability to receive data from all CAT Reporters at 8:00 a.m. ET, and suggested that receiving data in real-time would alleviate any potential problems in this regard. Another commenter also addressed concerns regarding CAT's capacity if a significant number of CAT Reporters choose to submit data at or around the same time, and recommended that the Plan Processor model its methodology on a system that has proven it can successfully project and manage large amounts of data, such as the Options Price Reporting Authority (“OPRA”).
Id. at 19-20.
FIF Letter at 125.
In response to these comments, the Participants noted that the Commission considered the idea of requiring real-time reporting in Rule 613, but instead imposed a reporting deadline of 8:00 a.m. ET. Therefore, the Participants are not required to file a plan containing real-time reporting. Further, in response to the commenter that stated that real-time, or near real-time, reporting would assist with surveillance and early warning of market events, the Participants noted that certain of them already have real-time surveillance tools in place that will not be affected by the implementation of the CAT.
See Adopting Release, supra note 14, at 45765.
See 17 CFR 242.613(c)(3). See Adopting Release, supra note 14, at 45765. Indeed, Rule 613 stated that the CAT NMS Plan may not impose a reporting deadline earlier than 8:00 a.m. ET on the Trading Day after the trade date. 17 CFR 242.613(c)(3).
Better Markets Letter at 6.
Response Letter I at 31, 43.
As the Participants noted, the Commission considered whether CAT Reporters should be required to report data in real-time when it adopted Rule 613 under Regulation NMS. In response to the Proposing Release which proposed that data be collected in real-time, commenters questioned the accuracy, cost, and usability of data reported in real-time. The Commission concluded that there were practical advantages to taking a more gradual approach for an undertaking such as the CAT, and acknowledged that while there might be certain advantages to receiving data intraday, the greater majority of benefits to be realized from development of the CAT do not require real-time reporting. Further, the Commission recognized that not requiring real-time reporting upon implementation would result in significant cost savings for industry participants. After reviewing the CAT NMS Plan and considering the commenters' statements, the Commission continues to adhere to that view.
See Adopting Release, supra note 14, at 45765.
Id. at 45768-69.
Id. at 45768.
Id. at 45769.
Further, in response to the commenter that questioned the feasibility of reporting data by the 8:00 a.m. ET reporting deadline without having detailed Technical Specifications and validation rules, the Commission notes that this reporting deadline is the same as that currently required for OATS reporting. Therefore, while again acknowledging the importance of timely delivery of Technical Specifications, the Commission believes many CAT Reporters already have the capability to report in compliance with the deadline proposed in the Plan and that such deadline is reasonable.
UnaVista Letter at 2.
Additionally, in response to the commenter that questioned the Plan Processor's ability to simultaneously receive data from all CAT Reporters at 8:00 a.m. ET and suggested that receiving data in real-time would alleviate potential problems resulting from an influx of all the data at one time, the Commission notes that the CAT NMS Plan requires the Plan Processor to have the capacity to handle two times the historical peak daily volume to ensure that, if CAT Reporters choose to submit data all at one time, the Plan Processor can handle the influx of data. Furthermore, because CAT Reporters have the option to report data throughout the day, the Commission anticipates that CAT Reporters, consistent with certain reporting practices, such as OATs reporting, will stagger their reports, thus alleviating concerns that a flurry of activity shortly before the 8:00 a.m. ET deadline would impose unnecessary burdens on the Plan Processor.
See CAT NMS Plan, supra note 5, at Appendix C, Section A.1.(a).(ii).
4. Data Elements
The CAT NMS Plan requires that numerous data elements be reported to the Central Repository to ensure there is sufficient information to create the lifecycle of an order, and provide regulators with sufficient detail about an order to perform their regulatory duties.
The Commission received a number of comments regarding specific data elements that CAT Reporters are required to report to the Central Repository. In addition, one commenter questioned generally if the SEC should reconsider the scope of Rule 613 and “ask whether a more broad and complete audit trail is really what regulators need to efficiently and effectively perform their duties.” This commenter also questioned whether the data being captured is “relevant to achieve the SEC's goals, or whether the data is being collected for statistical purposes and would simply overwhelm usability of the audit trail.”
Anonymous Letter I at 1.
Id. at 3.
The Commission continues to believe that the overall scope of Rule 613 is appropriate. However, the Commission has considered comments on each data element contained in the CAT NMS Plan and its necessity to achieving the goal of creating a consolidated audit trail, and has determined to amend or eliminate certain of the requirements proposed in the CAT NMS Plan as detailed below.
a. Customer-ID
(1) Customer Information Approach
Article VI of the CAT NMS Plan adopts the “Customer Information Approach” for creating and utilizing a Customer-ID and identifying a Customer, which reflects the exemptive relief granted by the Commission. Several commenters expressed general support for the Customer Information Approach. Two commenters, however, requested a modification to the Customer Information Approach to permit Customer Identifying Information and Customer Account Information to be reported as part of the “customer definition process” instead of upon the original receipt or origination of an order. One of these commenters also stated that this modification would improve the security of Customer Account Information and the CAT because sensitive customer PII data “would not need to [be] passed to order management systems or stored with the firm's CAT Reporting systems, but would remain with Customer Information Repositories which would issue the `Customer definition' CAT Report.” One commenter stated that a unique identifier for every client may not be necessary and a unique identifier could be applied to only those with a certain threshold of trading activity. Another commenter expressed general support for the Customer Information Approach, but suggested that the CAT system should tag related trade patterns with each identifiable customer and counterparties as a “fingerprint (unique ID) to a customer and/or counterparty.”
See Exemptive Request Letter, supra note 21, at 8-18; see also Section III.15, supra.
FIF Letter at 9-10, 67-72; Data Boiler Letter at 22-24; TR Letter at 8; see also UnaVista Letter at 3; DAG Letter at 2; STA Letter at 1 (supporting the DAG Letter's Exemptive Request Letter recommendations).
Under the “customer definition process,” broker-dealers would submit an initial set of information identifying the Customer to the Central Repository.
FIF Letter at 9-10, 70-71; TR Letter at 8.
FIF Letter at 67; see also DAG Letter at 2; STA Letter at 1 (supporting the DAG Letter's Exemptive Request Letter recommendations).
Anonymous Letter I at 3.
Data Boiler Letter at 23.
Several commenters commented on the specific data elements required to be reported under the Customer Information Approach. One commenter suggested that the definition of “account type” should be consistent with existing OATS definitions. Another commenter noted that it could not find the definition of “customer type” in the CAT NMS Plan or Rule 613. This commenter recommended using an existing field currently reported to the SROs or the SEC for “customer type” to minimize implementation effort. This commenter also stated that an individual's “role in the account,” required to be reported as part of Customer Identifying Information, may not be consistently maintained across firms and that population and maintenance of this data field may be an issue. As a result, this commenter believed that the field for an individual's role in the account should only be required to be reported when firms create new accounts after the implementation of reporting under the CAT.
TR Letter at 9.
Id.
Id.
Id. at 10.
Id.
One commenter requested clarification that Industry Members would only be required to report CAT Data for “active” accounts, and then offered that “active accounts would be defined as those with activity in CAT reportable securities.” One commenter discussed whether Customer Identifying Information and Customer Account Information should be “refreshed” (i.e., updated) by an Industry Member. This commenter suggested “having the functional support for a voluntary full refresh, but . . . eliminat[ing] the mandated requirement to provide full refreshes periodically,” and stated that, “the initial load, daily updates and standard error processing should be sufficient to maintain data integrity.” This commenter added that while eliminating the periodic refresh of the information used to identify a Customer “may slightly reduce the burden or cost on the broker-dealer community as well as the Plan Processor, it would eliminate the need for unneeded transmission and handling of sensitive PII data.”
FIF Letter at 10.
Id. at 122.
Id. at 93.
Another commenter noted the different data elements that identify a Customer under the Customer Information Approach and recommended that “customer information fields be categorized based on degree of importance for market surveillance and market reconstruction, so that focus can be concentrated on ensuring accuracy of the most important fields from a surveillance viewpoint.” This commenter added that “[d]ifferent criteria could be established based on the customer data categorization for correction turn-around time; e.g., customer unique identifier (LTID or social security number) would be of highest priority; zip code may be of lesser importance and not impact regulators' ability to surveil the marketplace.” This commenter requested clarification whether only “active” accounts are required to report customer identifying information as part of the customer definition process.
Id.
Id.
Id. at 10.
One commenter opposed the Customer Information Approach. This commenter stated that the Commission should require “a universal customer ID to aid in the accuracy, integrity, and consolidation of CAT Data” and that “[f]irm-based IDs will significantly increase the complexity and fragmentation of the dataset, slowing down consolidation.”
Better Markets Letter at 9.
According to the Participants, the Customer Information Approach would not have an adverse effect on the various ways in which, and purposes for which, regulators would use, access, and analyze the audit trail data reported under Rule 613 nor would it compromise the linking of order events, alter the time and method by which regulators may access the data, or limit the use of the CAT audit trail data. The Participants noted the unique nature of the existing identifiers to be used under the Customer Information Approach, which would allow the Plan Processor to create customer linkages with the same level of accuracy as the Customer-ID. The Participants also stated that the reliability and accuracy of the data reported to the Central Repository under the Customer Information Approach is the same as under the approach outlined in Rule 613 with regard to Customer-IDs because the identifiers used under the proposed Customer Information Approach are also unique identifiers. In some cases, the Participants stated that the Customer Information Approach may result in more accurate data, as errors may be minimized because broker-dealers will not have to adjust their systems to capture and maintain the additional Customer-ID data element, and only a single entity will have to perform the mapping of firm-designated account information to Customer-ID. The Participants also noted that a universal identifier that is tied to personally identifiable information could create a substantial risk of misuse and of possible identify theft as the universal identifiers are passed between the Plan Processor and each CAT Reporter.
The Participants further argued that the benefits of the Customer Information Approach outweigh any potential disadvantages. The Participants added that based upon their analysis of this issue and discussions with the industry, as detailed in the Exemptive Request Letter and the Plan, the Participants disagree that the Customer Information Approach will increase complexity or slow down consolidation. The Participants stated that utilizing a single Customer-ID within the CAT while allowing firms to report using existing identifiers would substantially reduce costs and speed implementation without limiting the regulatory use of the data. Indeed, the Participants noted that the additional cost required to comply with the Customer-ID approach set forth in the Rule, rather than with the Customer Information Approach as proposed in the CAT NMS Plan, would be at least $195 million for the largest CAT Reporters.
Response Letter I at 33.
See Exemptive Request Letter, supra note 21, at 17.
The Participants clarified in their response at what point Customer Account Information and Customer Identifying Information must be reported under the Plan. The Participants stated that the approach discussed in the Exemptive Request Letter was intended to require CAT Reporters to supply Customer Identifying Information and Customer Account Information as part of the customer definition process—that is, prior to the origination or original receipt of an order—rather than as information submitted with each order. The Participants noted that Section 6.4(d)(iv) of the Plan describes this customer definition process, which includes the process for submitting customer information and for assigning Customer-IDs for use within the CAT. According to the Participants, the operation of Sections 6.3(d)(i) and 6.4(d)(i) of the Plan clarify that a CAT Reporter is required to submit the Firm Designated IDs with the new order reports, but not the information to identify a Customer. The Participants recognized, however, that the language in Section 6.4(d)(ii)(C) of the Plan could be read to suggest that the customer identifying information must be provided with each new order report (i.e., that the Customer Account Information and Customer Identifying Information must be submitted contemporaneously with each order, rather than submitting such information pursuant to the customer definition process). The Participants proposed that the CAT NMS Plan be amended to make clear that customer information would be submitted pursuant to the customer definition process rather than with each original receipt or origination of an order.
Response Letter I at 34.
The Participants also noted that they do not believe that trading activity thresholds with respect to identifiers would be consistent with the requirements of Rule 613. The Participants stated that the use of unique IDs is essential to the effectiveness and usefulness of the CAT because these data elements will help regulatory users conduct surveillance across market centers and identify activity originating from multiple market participants.
Id. at 23.
In their response, the Participants stated that they have not yet determined how “account type” and “customer type” will be defined for purposes of reporting to the Central Repository and anticipate that they will be defined in the Technical Specifications.
Id. at 24.
With respect to limiting the reporting of a Customer's “role in the account” on a going-forward basis (i.e., after implementation of the CAT), the Participants stated that the Plan does not distinguish between legacy and new accounts with regard to this requirement and the Participants do not believe that this change is necessary.
Id. at 23.
The Participants stated in their response that the CAT NMS Plan currently anticipates that Industry Member CAT Reporters would only report information to identify a customer for “active accounts” as part of the customer definition process. Specifically, the Plan states that “broker-dealers will initially submit full account lists for all active accounts to the Plan Processor and subsequently submit updates and changes on a daily basis,” and defines “active accounts” as “accounts that have had activity within the last six months.” Moreover, the Participants noted that the Plan states that “[t]he Participants anticipate that Customer information that is initially reported to the CAT could be limited to only customer accounts that have, or are expected to have, CAT-reportable activity. For example, accounts that are considered open, but have not traded Eligible Securities in a given timeframe may not need to be pre-established in the CAT, but rather could be reported as part of daily updates after they have CAT-reportable activity.” Accordingly, the Participants suggested that the CAT NMS Plan be amended to clarify that only active accounts are required to report Customer Identifying Information during the customer definition process.
Id. at 35.
Id. at 22 (citing the CAT NMS Plan, Appendix C, Section A.1(a)(iii)).
Id. (citing the CAT NMS Plan, Appendix C, Section A.1(a)(iii), n.39).
Id. (citing the CAT NMS Plan, Appendix C, Section A.1(a)(iii), n.36).
With respect to the Plan's requirement to periodically refresh Customer Identifying Information and Customer Account Information, the Participants stated in their response that they believe that maintaining the accuracy of customer information is vital to the operation of the CAT. Therefore, the Participants noted that a periodic refresh of customer information is beneficial because it will help to ensure that all customer information remains accurate and up to date. The Participants further acknowledged the concern with maintaining the confidentiality of PII and other CAT Data. To that end, the Participants highlighted Section 6.12 of the Plan, which requires the Plan Processor to develop and maintain a comprehensive information security program that meets certain requirements set forth in the Plan, and the fact that the information security program must be approved and reviewed at least annually by the Operating Committee. The Participants stated that they continue to assess the Bidders' proposed security solutions and believe that once the CAT is operational the information security program will address the commenters' concerns regarding data security. Finally, the Participants noted that the Plan will define the scope of a “full” customer information refresh and the extent to which inactive or other accounts would need to be reported.
Id. at 31.
Id. at 32.
Id.
The Participants further stated that they do not agree that it would be appropriate to rank the importance of particular data elements reported to the Central Repository for data correction or other purposes for several reasons. First, the Participants pointed out that Rule 613 does not indicate that any data elements are more or less important for market surveillance or market reconstruction purposes. The Participants noted that Rule 613(c)(7) states that the Plan “shall require each national securities exchange, national securities association, and any member of such exchange or association to record and electronically report to the central repository details for each order and each reportable event, including, but not limited to [the information set forth in Rule 613(c)(7)(i)-(viii)]” (emphasis added). Second, the Participants noted that ranking the importance of data elements for market surveillance and market reconstruction purposes might inappropriately reveal the confidential, proprietary surveillance processes used by each Participant. Third, the Participants stated that with respect to data accuracy, the Participants have included provisions in the Plan to take into account minor and major inconsistencies in Customer information. In particular, the Participants noted that Appendix D explains that “[t]he Plan Processor must design and implement procedures and mechanisms to handle both minor and material inconsistencies in Customer information.” Additionally, material inconsistencies must be communicated to the submitting CAT Reporter(s) and resolved within the established error correction timeframe, as detailed in Sections 6-7 of Appendix D of the Plan. The Participants stated that the Central Repository also must have an audit trail showing the resolution of all errors. Finally, the Participants noted that they intend to monitor errors in the customer information fields and will consider, as appropriate, whether to prioritize the correction of certain data fields over others.
Id.
Id. at 22 (citing the CAT NMS Plan at Appendix D, Section 9.4).
Id.
Id.
The Commission believes that the clarification provided by the Participants that Customer Account Information and Customer Identifying Information are reported as part of the customer definition process, rather than with each original receipt or origination of an order, is reasonable. The Commission believes that this will clarify the process for submitting information to identify a Customer under the CAT NMS Plan and will remove any ambiguity as to the reporting responsibilities of Industry Members. The Commission further believes that this clarification also will reduce the prospect of unnecessarily passing sensitive customer PII data. Accordingly, the Commission is amending Section 6.4(d)(ii)(C) of the CAT NMS Plan to clarify that Customer Identifying Information and Customer Account Information will be reported as part of the Customer definition process, rather than upon original receipt or origination of an order.
The Commission also agrees that creating a unique Customer-ID as contemplated by the CAT NMS Plan, regardless of the Customer's trading activity threshold, is reasonable. The Commission notes that surveillance and enforcement efforts are necessary, even for accounts with low levels of trading activity.
The Commission further believes that it is reasonable to allow the Plan Processor, in conjunction with the Operating Committee, to define the specific “account types” and “customer types” in the Technical Specifications for the CAT NMS Plan. This approach will allow the Plan Processor to assess the various definitions of “account type” and “customer type” that exist among the CAT Reporters, and then make a determination as to how to appropriately classify them for purposes of CAT reporting. The Commission expects the Plan Processor will define these terms with sufficient precision so that the reporting requirements will be clear.
The Commission agrees that a Customer's role in the account should be a data element that is reported as part of the customer definition process, regardless of whether the account existed prior to implementation of the CAT or was created thereafter. The CAT NMS Plan does not distinguish between legacy and new accounts, for purposes of reporting Customer Identifying Information, and the Commission believes identifying the Customer's role in the account will facilitate surveillance and enforcement efforts.
The Commission also believes that it is reasonable to limit the reporting of Customer Identifying Information and Customer Account Information to only those accounts that are “active,” defined as a Customer account that has had activity (i.e., received or originated an order), in an Eligible Security within the last six months. This will alleviate the need for CAT Reporters to update the Customer Identifying Information or Customer Account Information for accounts that have not received or originated an order for more than six months, but still ensures that the Central Repository will collect audit trail data for Customer accounts that have any Reportable Events. The Commission notes that pursuant to the Plan and the Customer Information Approach, a CAT Reporter must upload any Customer Identifying Information and Customer Account Information to the Central Repository prior to a Customer originating an order. Because of this requirement, even if a CAT Reporter has not been updating the Customer Identifying Information and Customer Account Information for a Customer with an account with no Reportable Events for six months, if the Customer decides to submit or originate an order, the CAT Reporter would upload the required information identifying the Customer on the same day the Customer submits the order, and upon submission of the order, the Central Repository will collect the audit trail data required by Section 6.4 of the Plan. Accordingly, the Commission is amending Section 1.1 of the CAT NMS Plan to add a definition of “Active Accounts” to mean an account that has received or originated an order in an Eligible Security within the last six months. In addition, the Commission will amend Section 6.4(d)(iv) of the Plan to require that Industry Members submit an initial set of Customer Identifying Information and Customer Account Information to the Central Repository only for Active Accounts; and require Industry Members to update Customer Identifying Information and Customer Account Information only for Active Accounts.
The Commission also believes that it is reasonable for the CAT NMS Plan to require the periodic refresh of such information to ensure that the Central Repository has the most current information identifying a Customer. The Commission notes that both daily updates and periodic refreshes will require the uploading of PII, along with other CAT Data, to the Central Repository, but believes that the robust information security program to be implemented and maintained by the Plan Processor should sufficiently protect all CAT Data.
The Commission also finds it reasonable not to rank CAT data elements in terms of relative importance because importance of the CAT data elements will necessarily vary in accordance with the manner in which the data is used.
(2) Modification or Cancellation of an Order
In connection with their proposal to adopt the Customer Information Approach, as discussed above, the Participants also suggested modification to Rule 613(c)(7)(iv)(F), which requires that “[t]he CAT-Reporter-ID of the broker-dealer or Customer-ID of the person giving the modification or cancellation instruction” be reported to the Central Repository. In the CAT NMS Plan, the Participants proposed that CAT Reporters report whether a modification or cancellation instruction was given by the Customer associated with the order, or was initiated by the broker-dealer or exchange associated with the order. According to the Participants, it is most critical for regulatory purposes to ascertain whether the modification or cancellation instruction was given by the Customer or was instead initiated by the broker-dealer or exchange, rather than capturing the identity of the specific person who gave the instruction.
17 CFR 242.613(c)(7)(iv)(F) (emphasis added).
See Exemption Request Letter, supra note 21, at 12.
Id.
One commenter believed that modification and cancellation instructions are as important as other Reportable Events and, therefore, the identity of the person giving such instructions is “vital information for market surveillance purpose[s].” The commenter opposed the Participants' approach of permitting CAT Reporters to report whether a modification or cancellation of an order was given by a Customer or initiated by a broker-dealer or exchange, in lieu of requiring the reporting of the Customer-ID of the person giving the modification or cancellation instruction.
Data Boiler Letter at 24 (responding to Question 161 of the Plan Proposing Release).
See CAT NMS Plan, supra note 5, at Section 6.3(d)(iv)(F).
In their response, the Participants noted that reporting a single, specific Customer-ID for all modifications and cancellations is not possible under the Customer Information Approach because broker-dealers would not maintain Customer-IDs; instead, each broker-dealer would provide Firm-Designated IDs to the Central Repository to identify a Customer. The Participants also stated that requiring CAT Reporters to report the Customer-ID of the specific individual initiating a cancellation or modification would introduce an inconsistent level of granularity in customer information between order origination and order modifications or cancellations, because Rule 613(c)(7)(i) does not require the reporting of the specific individual originating an order.
Response Letter I at 24.
The Commission has considered the commenter's concern and the Participants' response, and believes that requiring that CAT Reporters report whether a modification or cancellation instruction was given by the Customer associated with the order, or was initiated by the broker-dealer or exchange associated with the order, is a reasonable approach to providing useful audit trail data regarding the modification or cancellation of an order. The approach set forth in the Plan also will not result an inconsistent level of granularity between the Reportable Events of origination or receipt of an order, and the modification or cancellation of the order because it would not require the identity of the person that gave the modification or cancellation instruction—which is not required under the CAT NMS Plan nor Rule 613.
(3) Reporting an Account Effective Date
In connection with their proposal to adopt the Customer Information Approach, as discussed above, the Participants also proposed an alternative method for reporting the date an account was opened, as required by Rule 613(c)(7)(viii)(B). When reporting “Customer Account Information,” an Industry Member is required to report the date an account was opened. The SROs requested an exemption to allow an “effective date” be reported in lieu of an account open date in certain limited circumstances. As a result, an Industry Member will report the date an account was opened; except, however, that (a) in those circumstances in which an Industry Member has established a trading relationship with an institution but has not established an account with that institution, the Industry Member will (i) provide the Account Effective Date in lieu of the “date account opened”; (ii) provide the relationship identifier in lieu of the “account number”; and (iii) identify the “account type” as a “relationship”; and (b) in those circumstances in which the relevant account was established prior to the implementation date of the CAT NMS Plan applicable to the relevant CAT Reporter and no “date account opened” is available for the account, the Industry Member will provide the Account Effective Date in the following circumstances: (i) Where an Industry Member changes back office providers or clearing firms and the date account opened is changed to the date the account was opened on the new back office/clearing firm system; (ii) where an Industry Member acquires another Industry Member and the date account opened is changed to the date the account was opened on the post-merger back office/clearing firm system; (iii) where there are multiple dates associated with an account in an Industry Member's system, and the parameters of each date are determined by the individual Industry Member; and (iv) where the relevant account is an Industry Member proprietary account. Several commenters supported the Participants' approach to reporting an account effective date rather than the date an account was opened, as set forth in the CAT NMS Plan, and which reflects the exemptive relief granted by the Commission. The Commission believes that the CAT NMS Plan's approach to reporting an account effective date, rather than the date an account was opened, is reasonable and will not impact the quality or usefulness of the information available to regulators.
See September 2015 Supplement, supra note 21.
See CAT NMS Plan, supra note 5, at Section 1.1.
See September 2015 Supplement, supra note 21.
The Commission notes that because “account type” will be defined in the Technical Specifications for purposes of reporting to the Central Repository, one type of “account type” will be “relationship,” See Section IV.D.4.a(1), supra.
CAT NMS Plan, supra note 5, at Section 1.1.
Data Boiler Letter at 24; TR Letter at 8; FIF Letter at 9, 81-83; see also Exemption Order, supra note 21.
(4) Identifying a Customer Using LEI
The Commission also received several comments stating that the Commission should mandate the use of LEIs whenever applicable. One commenter, also noting its support for using a global entity identifier in general and LEI specifically, stated that while it agrees that the system should provide for the capture and reporting of LEIs for customer identification, it would be appropriate to provide for a transitional approach to the collection of the LEIs. Under the commenter's recommended transitional approach, broker-dealers would provide the LEI to the CAT in each instance where the LEI is already known and collected. This commenter also believed that it would be important to establish the CAT in a way that captures the LEI as part of the initial implementation of the system, rather than having to adapt the system at a future date, and that use of LEIs is important for both risk management and operational efficiency. Another commenter, however, did not recommend that the LEI be mandated for use by broker-dealers and argued that mandating the use of LEIs would disadvantage small broker-dealers who have no business requirement at this time to use LEI.
Better Markets Letter at 8; DTCC Letter at 1; see also UnaVista Letter at 3 (supporting the use of LEIs in conjunction with other personal identifiers to identify Customers).
SIFMA Letter at 36.
Id. at 37; see also DTCC Letter at 2-4 (noting industry and regulatory support for LEIs and, that if LEIs were mandated, it would facilitate the ability for regulators to aggregate systemic risk exposures across markets).
FIF Letter at 70.
In their response, the Participants stated that based on discussions with the DAG, they agree with the commenters that it would be reasonable to require an Industry Member to report its LEI or the LEI of a Customer to the Central Repository as part of Customer Identifying Information if the Industry Member has or acquires an LEI. The Participants added that Industry Members that report LEIs would do so in addition to, rather than in lieu of, the other Customer Identifying Information required by the Plan. The Participants do not believe, however, that the Plan should require Industry Members or others to obtain an LEI for a Customer if they do not already have one.
Response Letter II at 5-6.
Response Letter III at 12.
Response Letter II at 5.
The Participants further stated that, based on discussions with the DAG, they believe that Industry Members should be permitted to provide Customer LEIs in their possession without the imposition of any due diligence obligations beyond those that may exist today with respect to information associated with an LEI. The Participants noted that, although Industry Members should not be required to perform additional due diligence with regard to the LEIs for CAT purposes, Industry Members will be required to accurately provide the LEIs in their records and may not knowingly submit inaccurate LEIs to the CAT. In addition, the Participants stated that all of the remaining Bidders have indicated that their solutions will be able to support the use of LEIs. Moreover, although the Participants believed that there are costs related to requiring Industry Members to provide an LEI if they have one, the Participants believed that the benefits outweigh the costs.
Id.
Id.
Id. at 5-6.
The Participants do not believe that the proposed use of LEIs would reduce the granularity of information provided as the proposed use of LEIs would not change the provisions related to the SRO-Assigned Market Participant Identifiers (e.g., MPIDs). See CAT NMS Plan, supra note 5, at Sections 1.1 (definition of SRO-Assigned Market Participant Identifier), 6.3 (requiring reporting of SRO-Assigned Market Participant Identifier).
The Commission has considered the commenters' views on the merits of reporting an LEI to the Central Repository as part of Customer Identifying Information and the Participants' response and believes that it is reasonable to require an Industry Member to report an LEI for its Customer if the Industry Member has or acquires the LEI for its Customer. Accordingly, the Commission is amending the definition of “Customer Identifying Information” in Section 1.1 of the Plan to require that an Industry Member report an LEI to identify a Customer that is a legal entity, if the Industry Member has or acquires the LEI of such Customer. However, the Commission is also making clear that the LEI is not reported in lieu of the other Customer Identifying Information for a legal entity (e.g., name, address, or employer identification number), but must be reported along with other Customer Identifying Information.
The Commission believes use of the LEI enhances the quality of identifying information for Customers by incorporating a global standard identifier increasingly used throughout the financial markets. The Commission notes that according to the Plan, Industry Members will still be required to report other Customer Identifying Information even if the Industry Member reports an LEI to identify a Customer; thus the LEI supplements the other information that will be used by the Central Repository to identify a Customer.
The Commission further believes that it is reasonable to not require an Industry Member to obtain an LEI for its Customer or for itself if the Industry Member does not already have an LEI for its Customer or itself because such a requirement would impose an additional burden. However, the Commission believes that requiring Industry Members to accurately provide the LEIs in their records and not knowingly submit inaccurate LEIs to the CAT is reasonable, because reporting accurate information to the CAT is a fundamental requirement of the Plan.
See CAT NMS Plan, supra note 5, at Section 6.5(d).
In response to the commenter that believed that such a requirement might disadvantage small broker-dealers, the Commission notes that the requirement to report LEIs does not mandate that a broker-dealer obtain an LEI to comply with the Plan; therefore, small broker-dealers that do not currently have an LEI will not be required to report one and thus will not be disadvantaged.
b. CAT-Reporter-ID
(1) Existing Identifier Approach
Article VI of the CAT NMS Plan reflects the “Existing Identifier Approach” for purposes of identifying each CAT Reporter associated with an order or Reportable Event. Under the Existing Identifier Approach, CAT Reporters are required to record and report to the Central Repository an SRO-Assigned Market Participant Identifier for orders and certain Reportable Events to be used by the Central Repository to assign a unique CAT-Reporter-ID to identify CAT Reporters. An Industry Member is required to report its existing SRO-Assigned Market Participant Identifier used by the relevant SRO specifically for transactions occurring on that SRO to the Central Repository. Similarly, an exchange reporting CAT Reporter information is required to report data using the SRO-Assigned Market Participant Identifier used by the Industry Member on that exchange or its systems. Off-exchange orders and Reportable Events will be reported with an Industry Member's FINRA SRO-Assigned Market Participant Identifier.
See id. at Section 6.3(e).
See Exemption Order, supra note 21, at 31-41.
See id. at 20.
Id.
For the Central Repository to link the SRO-Assigned Market Participant Identifier to the CAT-Reporter-ID, each SRO will submit, on a daily basis, all SRO-Assigned Market Participant Identifiers used by its Industry Members (or itself), as well as information sufficient to identify the corresponding market participant (e.g. a CRD number or LEI) to the Central Repository. Additionally, each Industry Member will be required to submit to the Central Repository information sufficient to identify such Industry Member (e.g., CRD number or LEI, as noted above). The Plan Processor will use the SRO-Assigned Market Participant Identifiers and identifying information (i.e., CRD number or LEI) to assign a CAT-Reporter-ID to each Industry Member and SRO for internal use within the Central Repository.
See CAT NMS Plan, supra note 5, at Section 6.3(e)(i).
Id. at Section 6.4(d)(vi).
See Exemption Order, supra note 21, at 31-41.
The reporting of an existing SRO-Assigned Market Participant Identifier differs from Rule 613 in that under Rule 613(c)(8), CAT Reporters would be required to report a universal CAT-Reporter-ID for certain Reportable Events. In the Exemptive Request Letter, the SROs requested an exemption to permit a CAT Reporter to report an existing SRO-Assigned Market Participant Identifier in lieu of requiring the reporting of a universal CAT-Reporter-ID. Specifically, the Participants stated that the Existing Identifier Approach would not negatively impact regulators' access, use, and analysis of CAT Data, and that it could allow additional levels of granularity compared to the universal CAT-Reporter-ID approach, in that SRO-Assigned Market Participant Identifiers may contain additional information not mandated by the CAT NMS Plan, such as the specific desk or department responsible for trades. The Participants also stated that they believe the reliability and accuracy of CAT Data under the Existing Identifier Approach would not be undermined, and represented that the Existing Identifier Approach could result in fewer errors and more reliable and accurate linkage of order information. Further, the Participants noted their belief—based upon discussion with the DAG—that the Existing Identifier Approach would reduce the cost and implementation burdens on CAT Reporters to comply with Rule 613, as it would allow them to continue using their current business practices and data flows instead of building new infrastructure to support the CAT-Reporter-ID requirement.
Rule 613(c)(8) requires that CAT Reporters use the same CAT-Reporter-ID for each broker-dealer. 17 CFR 242.613(c)(8). The Reportable Events for which CAT-Reporter-IDs must be reported are: The broker-dealer receiving or originating an order (17 CFR 242.613(c)(7)(i)(C)); the broker-dealer or national securities exchange from which (or to which) an order is being routed (17 CFR 242.613(c)(7)(ii)(D) and (E)); if the order is routed to a national securities association, then the CAT-Reporter-ID of that national securities association must be reported (17 CFR 242.613(c)(7)(ii)(E)); the broker-dealer or national securities exchange receiving (or routing) a routed order (17 CFR 242.613(c)(7)(iii)(D) and (E)); if a national securities association receives the routed order, then the CAT-Reporter-ID of that national securities association must be reported (17 CFR 242.613(c)(7)(iii)(D)); the broker-dealer, if applicable, giving a modification or cancellation instruction, if an order is modified or cancelled (17 CFR 242.613(c)(7)(iv)(F)); the national securities exchange or broker-dealer executing an order, if an order is executed (17 CFR 242.613(c)(7)(v)(F)); and the clearing broker or prime broker, if applicable, if an order is executed (17 CFR 242.613(c)(7)(vi)(B)).
See Exemptive Request Letter, supra note 21, at 19.
See id. at 23, 26.
Id. at 23.
Id.
Id. at 21, 22, 24.
Id. at 24.
Several commenters expressed support for the Existing Identifier Approach. Two of the commenters listed benefits of the Existing Identifier Approach over the approach required in Rule 613. One of the commenters stated that the Existing Identifier Approach would be more efficient and cost-effective than the Rule 613 approach. The other commenter listed the following benefits: The Existing Identifier Approach would allow the industry to keep its current business processes and identifiers; coordination of a single CAT-Reporter-ID to be used across all Participants to identify broker-dealers would not be necessary; CAT Reporters would not have to expand their information repositories to store and manage a new CAT-Reporter-ID; the Plan Processor would manage the translation between the SRO-Assigned Market Participant Identifiers and the CAT-Reporter-ID; since the Plan Processor would be assigning CAT-Reporter-IDs, CAT Reporters would not be subject to errors with respect to the application of CAT-Reporter-IDs; a common information technology solution would be used; the Existing Identifier Approach would allow regulators to surveil on a more granular level; and the Existing Identifier Approach would save CAT Reporters the expense of maintaining and supplying a unique CAT-Reporter-ID for every Reportable Event. Both commenters stated that the Existing Identifier Approach would not affect the accuracy, accessibility, timeliness or security and confidentiality of CAT Data over the Rule 613 approach.
See Data Boiler Letter at 22; FIF Letter at 73-74 ; TR Letter at 7-8; see also DAG Letter at 2; STA Letter at 1 (supporting the DAG Letter's Exemptive Request Letter recommendations).
Data Boiler Letter at 22; FIF Letter at 73-74.
Data Boiler Letter at 22.
FIF Letter at 73-74.
Data Boiler Letter at 22; FIF Letter at 74.
Three commenters offered recommendations for modifying the Existing Identifier Approach. Two commenters asked that the FINRA MPID be permitted for non-execution reports. One commenter stated that, regardless of whether the Existing Identifier Approach or the Rule 613 approach is used, the CAT should “tag” trade patterns with the trading desk and trader.
Data Boiler Letter; TR Letter; FIF Letter.
TR Letter at 8-9; FIF Letter at 10-11.
Data Boiler at 22.
In response to the two commenters that requested that the FINRA MPID be used for non-execution reports, the Participants stated that the practices described by the two commenters would be acceptable under the Existing Identifier Approach, explaining that a broker-dealer CAT Reporter would be permitted to use any existing SRO-Assigned Market Participant Identifier (e.g., FINRA MPID, NASDAQ MPID, NYSE Mnemonic, CBOE User Acronym and CHX Acronym) when reporting order information to the Central Repository, regardless of the eventual execution venue.
TR Letter at 8-9; FIF Letter at 10-11. The Participants did not respond to the comment suggesting the CAT should “tag” trade patterns with the trading desk and trader.
Response Letter I at 33.
Based on the Participants' representations in the Plan, the Commission believes that the Existing Identifier Approach is designed to provide the same regulatory benefits in terms of identifying CAT Reporters as would be achieved under Rule 613, at a reduced cost and implementation burden on CAT Reporters. The Existing Identifier Approach is designed to link, within the Central Repository, all SRO-Assigned Market Participant Identifiers to the appropriate CAT-Reporter-ID, and ultimately to the CAT Reporter, in a manner that is efficient, accurate, and reliable.
According to the Participants, requiring the reporting of unique CAT-Reporter-IDs of: (i) The Industry Member receiving or originating an order; (ii) the Industry Member or Participant from which (and to which) an order is being routed; (iii) the Industry Member or Participant receiving (and routing) a routed order; (iv) the Industry Member or Participant executing an order; and (v) the clearing broker or prime broker, would have imposed technical implementation difficulties on CAT Reporters and the Plan Processor alike to adopt the infrastructure to comply with the reporting, collection, and maintenance of CAT-Reporter-IDs. See Exemptive Request Letter, supra note 21, at 26. The Commission has considered the economic implications of the exemptive relief permitting the Existing Identifier Approach, as well as the other approaches in the CAT NMS Plan (options market maker quotes, Customer-ID, linking of executions to specific subaccount allocations on Allocation Reports, and timestamp granularity for Manual Order Events) that required exemptive relief from Rule 613 for inclusion in its economic analysis. See Notice, supra note 5, at 30709.
The Commission notes that one commenter recommended that the CAT be able to link trades to the responsible trading desk and trader. The Commission notes that an additional benefit of the Existing Identifier Approach is that, as the Participants have represented, it may allow for the voluntary collection of additional levels of granularity, such as responsible trading desk or trader.
Data Boiler Letter at 22.
See Exemptive Request Letter, supra note 21, at 23. Further, the Commission notes that Section 6.3(d)(ii)(F) of the CAT NMS Plan currently requires the reporting of the identity and nature of the department or desk to which an internally routed order is being routed, so the identity of a trading desk for internally routed orders will be captured through this provision.
(2) Use of LEI
Section 6.3(e)(i) of the CAT NMS Plan requires each Participant to submit, on a daily basis, all SRO-Assigned Market Participant Identifiers used by its Industry Members or itself, as well as information to identify the corresponding market participant to the Central Repository, such as a CRD number or LEI, but does not require the reporting of LEIs. Section 6.4(d)(vi) of the CAT NMS Plan requires each Industry Member to submit to the Central Repository information sufficient to identify such Industry Member, such as a CRD number or LEI, but similarly does not require the reporting of LEIs.
As discussed above in relation to the Customer-ID, several commenters recommended, or noted, the use of LEIs in lieu, or as part of the development of, a CAT-Reporter-ID. One commenter stated that it supported requiring Industry Members to provide their LEIs, as long as LEIs are already being captured by their systems. Another commenter supported the optional use of LEIs, believing that mandatory use of LEIs would unfairly burden small broker-dealers that may not currently accommodate LEIs in their systems.
FIX Letter at 2; FIF Letter at 75, Data Boiler Letter at 22; DTCC Letter at 1-6.
Data Boiler Letter at 22.
FIF Letter at 11.
In recognition of the comments that encouraged the use of LEIs in the CAT, and based on discussions with the DAG, the Participants have recommended that Sections 6.3(e)(i) and 6.4(d)(vi) of the CAT NMS Plan be amended to require a Participant to submit an Industry Member's LEI if the Participant has (or acquires) an LEI for an Industry Member, and to require Industry Members to submit to the Central Repository their LEIs if they have LEIs. This information will be reported to the Central Repository as part as the information the Plan Processor will use to assign CAT-Reporter-IDs.
Response Letter II at 6; Response Letter III at 12.
The Commission considers the suggested modifications by the Participants to Section 6.3(e)(i) and Section 6.4(d)(vi) of the CAT NMS Plan to require the Participants and Industry Members to provide Industry Member LEIs, if known, by such Participant or Industry Member to be reasonable and an improvement in the information available in the CAT with respect to CAT Reporters. Accordingly, the Commission is amending these sections to require the Participants and Industry Members to provide Industry Member LEIs, if known, by such Participant or Industry Member; however, the Commission is also amending these sections to require the submission of Participant LEIs, if a Participant has an LEI, as well as Industry Member CRD numbers. Specifically, the amendment to Section 6.3(e)(i) would require a Participant (i) for purposes of reporting information to identify itself pursuant to Section 6.3(e)(i), to submit its LEI to the Central Repository, if the Participant has an LEI; and (ii) for purposes of reporting information to identify an Industry Member pursuant to Section 6.3(e)(i), to submit the CRD number for the Industry Member, as well as the LEI of the Industry Member if the Participant has collected such LEI of the Industry Member. The amendment to Section 6.4(d)(vi) with respect to Industry Members would require an Industry Member, for purposes of reporting information to identify itself pursuant to Section 6.4(d)(vi), to submit to the Central Repository the CRD number of the Industry Member as well as the LEI of the Industry Member (if the Industry Member has an LEI).
The Commission believes these amendments are appropriate because they may enhance the quality of identifying information by requiring the submission of the LEI—a global standard identifier increasingly used throughout the financial markets—to the extent it has otherwise been obtained. Because the amendments only impose the requirement to report an LEI on Participants and Industry Members that currently have an LEI, and which is known by the CAT Reporter, it should not impose the additional burden on them to obtain an LEI. Further, the Participants have represented that the Bidders' solutions can support the reporting of LEIs. Although Section 6.3(e)(i) and Section 6.4(d)(vi) currently permit the submission of CRD numbers, the Commission believes that requiring the submission of the Industry Member CRD numbers will provide regulators with consistent identifying information about Industry Members that is useful for regulatory investigations and has significant regulatory benefit. In addition, requiring CRD numbers to be provided should not impose additional burdens on Industry Members because, as registered broker-dealers, all Industry Members currently have CRD numbers.
Response Letter II at 5-6.
c. Open/Close Indicator
Rule 613 and the CAT NMS Plan require CAT Reporters to report an open/close indicator as a “Material Term” on all orders.
Three commenters objected to the requirement that CAT Reporters report an open/close indicator for equities transactions. One of these commenters requested additional cost-benefit analysis on the open/close indicator. Another commenter argued that the open/close indicator should be reported for options only, noting that this indicator is not currently used for equities. Another commenter noted that including an open/close indicator for equities would require “significant process changes and involve parties other than CAT Reporters, such as buy-side clients, OMS/EMS vendors, and others.” This commenter stated that, if the SROs and the Commission believe that there is value in obtaining the open/close indicator for surveillance purposes with respect to equities transactions, then a rule proposal covering this request and a thorough cost-benefit analysis should be filed for public comment. Another commenter characterized the requirement to report an open/close indicator as a “market structure change” and likewise stated that the requirement should be subject to its own rulemaking process, including a cost-benefit analysis, and subject to a public comment period.
TR Letter at 9; SIFMA Letter at 35-36; FIF Letter at 83-86.
FIF Letter at 84; see also SIFMA Letter at 36.
TR Letter at 9.
SIFMA Letter at 35.
SIFMA Letter at 36; see also FIF Letter at 83-85.
FIF Letter at 85.
In response, the Participants stated that they understand that Rule 613 requires that an “open/close indicator” be reported as part of the “material terms of the order” for both equities and options transactions, but recommended that CAT Reporters not be required to report an open/close indicator for equities transactions, or for options transactions, such as for market marker options transactions, in which the open/close indicator is not captured by current industry practice.
Response Letter I at 22.
The Commission notes that Rule 613(c)(2) states only that “the plan submitted pursuant to this section” (emphasis added) must require reporting of a set of “material terms of the order,” including an open/close indicator. It does not state that the Plan as approved must include that data element. Now that the Participants have submitted a plan in compliance with Rule 613, that rule does not preclude the Commission from approving a Plan that implements the Participants' recommendation to limit the set of transactions to which the requirement to report an open/close indicator would apply. After consideration, the Commission believes that limiting the requirement to provide an open/close indicator to listed options is reasonable. The open/close indicator will provide important information about whether an order is opening or increasing a position in the option, or closing or reducing a position. While this information is useful with respect to non-market maker options activity, the Commission acknowledges the concerns in other areas, including the lack of a clear definition of the term for equities transactions, and the lack of utility of that data at the time of quote entry for options market makers.
Accordingly, as recommended by the Participants, the Commission is amending the Plan to remove the requirement that an open/close indicator be reported as part of the Material Terms of the Order for equities and Options Market Maker quotations.
“Material Terms of the Order” is defined in Section 1.1 of the CAT NMS Plan.
d. Allocations
(1) Use of Allocation Reports
The CAT NMS Plan requires that broker-dealers submit an Allocation Report following the execution of an order if such order is allocated to one or more accounts or subaccounts (the “Allocation Report Approach”). An Allocation Report must contain the following information: (i) The Firm Designated ID for any account(s), including subaccount(s), to which executed shares are allocated and the security that has been allocated; (ii) the identifier of the firm reporting the allocation; (iii) the price per share of shares allocated; (iv) the side of shares allocated; (v) the number of shares allocated to each account; and (vi) the time of the allocation.
See CAT NMS Plan, supra note 5, at Section 1.1.
The Allocation Report Approach differs from Rule 613 in that under Rule 613(c)(7)(vi)(A), each CAT Reporter would be required to record and report to the Central Repository “the account number for any subaccounts to which the execution is allocated (in whole or part).” Under Rule 613 regulators would be able to link the subaccount to which an allocation was made to a specific order. In contrast, under the Allocation Report Approach, regulators would only be able to link an allocation to the account to which it was made, and not to a specific order.
In the Exemption Request, the Participants represented that, based on discussions with the DAG, broker-dealer systems do not presently link orders with allocations of the resulting executions, and building such functionality would be complex and costly. In addition, the Participants stated that the Allocation Report Approach would not affect the various ways in which, and purposes for which, regulators would use, access, and analyze CAT Data. The Participants represented that the Allocation Report Approach would still provide regulators with the ability to associate allocations with the Customers that received them and would provide regulators with useful information without imposing undue burden on the industry. The Participants also stated that they do not believe that this approach would compromise the linking of order events, alter the time and method by which regulators may access the data, or limit the use of the data as described in the use cases contained in the Adopting Release for Rule 613.
See Exemption Request, supra note 21, at 30.
See id.
Id.; see also Adopting Release, supra note 14, at 45798-99.
Moreover, the Participants stated that they, along with the industry, believe that linking allocations to specific executions, as mandated by Rule 613, would be artificial and would not otherwise serve a legitimate purpose. The Participants argued that because the Allocation Report Approach leverages existing business processes instead of creating new workflows, it could help improve the reliability and accuracy of CAT Data as well as reduce the time CAT Reporters need to comply with the CAT reporting requirements. The Participants also stated that complying with the requirements of Rule 613(c)(7)(vi)(A) would require additional system and process changes which could potentially impact the reliability and accuracy of CAT Data.
See Exemption Request, supra note 21, at 30.
Id.
Id.
Four commenters expressed support for the Allocation Report Approach, noting that the approach would eliminate the need to re-engineer systems. One of the commenters stated that the information reported in an Allocation Report would provide regulators with sufficient information to link allocations through reference information to the Customer that placed the order, but noted that “there may not always be sufficient linkage information to relate a specific order, execution and allocation for a customer.” This commenter argued that it is not possible to link allocations to order lifecycles in the case of many-to-many orders.
See FIF Letter at 75-79; TR Letter at 8; see also DAG Letter at 2; STA Letter at 1 (supporting the DAG Letter's Exemptive Request Letter recommendations).
FIF Letter at 78, 90.
Id. at 90.
One commenter, however, disagreed with the Allocation Report Approach, stating that it would impact the completeness, accessibility and timeliness of CAT Data, and foreseeing challenges in linking the accounts and subaccounts to which an execution is allocated. This commenter believed that broker-dealers can, and should, track order allocation information, including in the case of many-to-many orders.
Data Boiler Letter at 24-25.
Id. at 40.
In response to commenters, the Participants restated their belief that the Allocation Report Approach set forth in the CAT NMS Plan appropriately weights the costs and benefits, and that “linking allocations to executions could show artificial relationships between these order events.”
Response Letter I at 36-37. The Participants estimated compliance costs related to linking orders to executions to be at least $525 million for the largest broker-dealers. Id.
The Commission believes that the Plan's Allocation Report Approach will provide regulators the necessary information to detect abuses in the allocation process without imposing undue burdens on broker-dealers. The use of Allocation Reports will provide the Central Repository the ability to efficiently, accurately, and reliably link the subaccount holder to those with authority to trade on behalf of the account, which will ultimately improve regulatory efforts by SROs and the Commission, including market surveillance, market reconstructions, enforcement investigations, and examinations of market participants. Additionally, by leveraging existing broker-dealer processes, the Plan's Allocation Report Approach could potentially reduce the time CAT Reporters need to comply with CAT reporting requirements and lower costs by using existing business processes.
See April 2015 Supplement, supra note 20 (providing examples of how the Allocation Report would be used to link the subaccount holder to those with authority to trade on behalf of the account).
(2) Time of Allocations
Under the CAT NMS Plan, CAT Reporters would need to submit the time of an allocation on the Allocation Report which, with the exception of Manual Orders, must be at a millisecond level of granularity.
See CAT NMS Plan, supra note 5, at Sections 6.4(d)(ii)(A)(1), 6.8(b).
Two commenters argued that the time of allocation should be reported with a timestamp granularity of no finer than one second. Three commenters asserted that the timestamps should not be required at all as part of the Allocation Report. One of those commenters noted that, because allocations are part of the post-trade process, the timing of such allocations is not critical, and requiring timestamps on allocations would represent “a potentially costly and misleading reporting requirement divorced from the goals of CAT.” Another commenter similarly asserted that requiring a timestamp on allocations would be costly and “will not assist the SEC in achieving the expected regulatory benefit.” This commenter explained that instructions for allocations can be communicated by phone, fax, or instant messaging or that standing instructions may be maintained for allocations. Therefore, the commenter stated, the only consistent point at which to capture a timestamp for an allocation is the time the allocation is booked into an allocation processing system.
Id. These commenters also expressed the view that Business Clocks that capture the time of allocation should be subject to a clock synchronization standard of one second. Id.
SIFMA Letter at 35; FIF Letter at 86-90; FSR Letter at 9.
SIFMA Letter at 35.
FIF Letter at 86. In support of its objection to including a timestamp in the Allocation Report, this commenter explained that, to detect wrongdoing in the collection process, one could compare the average execution price on the allocation to the market price when the allocation was submitted. If any subaccount had a total and an average profit and loss far exceeding the average profit and loss for all subaccounts of the advisor, such subaccount could be highlighted. Id.
FIF Letter at 86.
Id. This commenter also provided an analysis of the cost for adding a timestamp on allocations. The cost analysis concluded that the cost to the industry of reporting timestamps on allocations to the millisecond with a clock offset of 50 milliseconds would be $88,775,000. The cost estimate is discussed further in the economic analysis. See Section V.F.3.a(4), infra.
In response, the Participants stated that allocation timestamps would “be a significant tool for detecting regulatory issues associated with allocations, including allocation fraud,” and supported requiring them in the Plan. However, the Participants stated that the cost of changes that would be necessary to capture timestamps to the millisecond may not be justified, particularly in light of the fact that allocations tend to be a manual process. Therefore, the Participants suggested that Allocation Reports should have timestamps with a one second granularity, as is the case with similar Manual Order Events.
Response Letter I at 37.
Id. at 37-38. Similarly, the Participants also suggested that the Plan be amended to permit Industry Members to synchronize their Business Clocks used solely for reporting of the time of allocation to within one second of NIST, instead of 50 milliseconds. Id.
The Commission agrees with the Participants that inclusion of the time of an allocation as part of the data submitted in the Allocation Report is reasonable to help detect abuse that may occur if executions are allocated among subaccounts at the same time. For example, the Commission believes that the time of allocation will assist regulators in assessing regulatory issues that might arise in the allocation process, such as “cherry-picking” (systematically favoring one customer over another in connection with specific allocation decisions). Currently, investigations of potential cherry-picking require a manual, data-intensive process. The Commission believes that having access to data with the time of allocations should improve regulators' ability to spot potential abuses and assess the prevalence of allocation practices industry-wide. The Commission also believes that data with the time of allocations could assist in examining whether broker-dealers are making allocations in accordance with their policies and procedures.
See Notice, supra note 5, at Section I.e(2).
The Commission does not believe that the alternative suggested by one commenter, comparing the average execution price on the allocation to the market price when the allocation was submitted and looking for excess profits and losses, would be nearly as effective, given that the time of the actual allocation would not be available.
With regard to the appropriate level of granularity for the timestamps on Allocation Reports, the Commission agrees with the Participants that, given the manual nature of the allocation process, a timestamp granularity of one second is appropriate and would not reduce the regulatory value of the information. The Commission also believes that the clock synchronization standard for Business Clocks that capture the time of an allocation need only be to the second. This approach is consistent with the approach for Manual Order Events. The Commission does not believe that the regulatory benefit of requiring allocation times to be recorded in milliseconds (compared to seconds) and clock synchronization to 50 milliseconds (compared to one second) justifies the costs at this time.
As discussed in the economic analysis, the Commission believes that requiring a one-second timestamp instead of a one-millisecond timestamp for the allocation on Allocation Reports could save $44 million in implementation costs and $5 million in annual ongoing costs. See Section V.H.5, infra.
Accordingly, the Commission is amending Section 6.8(a)(ii) and (b) of the Plan to permit the Business Clocks used solely for the time of allocation on Allocation Reports to be synchronized to no less than within one second of the time maintained by the NIST and the time of allocation on an Allocation Report to the second.
e. Market Maker Quotes
Under the CAT NMS Plan, market maker quotations in Listed Options need to be reported as Reportable Events to the Central Repository only by the applicable Options Exchange and not by the Options Market Maker. However, under the Plan: (1) An Options Market Maker must submit to the relevant Options Exchange, along with any quotation, or any modification or cancellation thereof, the time it sent such message to the Options Exchange (“Quote Sent Time”); and (2) Options Exchanges must submit the Quote Sent Time received from Options Market Makers, along with the applicable message, to the Central Repository without change.
As used in the CAT NMS Plan, “Options Exchange” means a registered national securities exchange or automated trading facility of a registered securities association that trades Listed Options. See CAT NMS Plan, supra note 5, at Section 1.1.
See CAT NMS Plan, supra note 5, at Section 6.4(d)(iii). As used in the CAT NMS Plan, “Options Market Maker” means a broker-dealer registered with an exchange for the purpose of making markets in options contracts traded on the exchange. See id. at Section 1.1.
Id.
The requirements for reporting Options Market Maker quotes in the Plan differ from the requirements in Rule 613(c)(7), which provide that the CAT NMS Plan must require each CAT Reporter to record and electronically report to the Central Repository details for each order and each reportable event, including the routing and modification or cancellation of an order. Rule 613(j)(8) defines “order” to include “any bid or offer;” so that the details for each Options Market Maker quotation must be reported to the Central Repository by both the Options Market Maker and the Options Exchange to which it routes its quote.
See 17 CFR 242.613(c)(7).
See 17 CFR 242.613(j)(8).
In the Exemption Request, the Participants noted that requiring the applicable Options Exchange to report market maker quotations to the Central Repository would not degrade the reliability or accuracy of the CAT Data, or its security and confidentiality. Further, the Participants stated that the proposed approach would not have an adverse effect on the ways in which, and purposes for which, regulators would use, access, and analyze the CAT Data. The Participants included a cost-benefit analysis of options data reporting approaches in support of the Exemption Request. This analysis noted that the volume of options market maker quotes would be larger than any other category of data to be reported to the Central Repository, generating approximately 18 billion daily records, and that requiring duplicative reporting of this large amount of data would lead to a substantial increase in costs. The Participants argued in their cost-benefit analysis that eliminating the requirement of Rule 613(c)(7) that both Options Market Makers and Options Exchanges report nearly identical quotation data to the Central Repository would have the potential effect of reducing the projected capacity and other technological requirements of the Central Repository, which could result in significant cost savings.
See Exemption Request, supra note 21, at 8.
Id. at 7.
Id. at 6-7.
Id.
Id. at 7.
A few commenters expressed support for the provisions of the CAT NMS Plan regarding the reporting of Market Maker Quotations in Listed Options. One of these commenters stated that permitting only Option Exchanges to report Options Market Maker quote information, instead of both Options Market Makers and Options Exchanges, would not affect the completeness, timeliness, accuracy, security or confidentiality of CAT Data, and would result in a cost savings. One commenter suggested that equities market maker quotes should be handled in the same manner as Options Market Maker quotes.
FIF Letter at 62-64; TR Letter at 8; see also DAG Letter at 2; STA Letter at 1 (supporting the DAG Letter's Exemptive Request Letter recommendations).
FIF Letter at 64-65.
Id. at 65-66.
Another commenter, however, suggested that providing an exemption to Options Market Makers for reporting Options Market Maker quotes could be “detrimental to achieving the objective of capturing `complete audit trails' of all the market activities.” The commenter believed that exempting Options Market Makers from reporting their quotes to the CAT risked “overly discounted/distorted signals” for market surveillance and manipulation detection purposes.
Data Boiler Letter at 25.
Id.
In their response, the Participants disagreed that requiring only the Options Exchanges to report market maker quotations to the Central Repository would be detrimental to the CAT. The Participants noted that all data that would otherwise be reported by Options Market Makers will still be reported, including Quote Sent Time. The only difference between the requirement under Rule 613 and the approach in the Plan is the reporting party.
Response Letter I at 36.
Id.
With regard to the commenter that suggested equities market maker quotes should be handled in the same manner as Options Market Maker quotes, the Participants explained that they focused on Options Market Makers because of the significant volume of quotes they produce. The Participants stated that the volume of equities market maker quotes is much smaller than the volume of options market maker quotes, noting that there are far fewer quote updates for every trade in the equities markets, with an approximate average ratio of quotes to trades of 18 to 1 in the equities markets as compared to ratio of 8,634 to 1 for options.
Id.
Id. (noting that this is an approximation based on the equities SIP data from the Consolidated Tape Association/Consolidated Quotation System and UTP Plans from June 2014 to June 2016).
The Commission believes the proposed approach is reasonable in providing the same regulatory benefits as would be achieved under Rule 613, at a reduced cost and implementation burden on CAT Reporters. The Commission notes that the information that Options Market Makers report to Options Exchanges must be reported to the Central Repository without change, and the information that regulators would receive if Options Market Makers reported their quotation information to the Central Repository would be identical to the information that they will receive under the requirements of the CAT NMS Plan. Therefore, there will be no degradation to the audit trail. The Commission disagrees with the comment that signals for market surveillance and manipulation detection purposes could be distorted if Options Market Makers are not required to report their quotation information because the exact information that the Options Market Makers would report to the CAT will be reported on their behalf by the Options Exchanges. The Commission acknowledges the commenter who recommended that equity market makers also be exempt from reporting their quotes to the CAT, but does not believe that it is appropriate at this time to grant such an exemption. As noted above, equity market makers produce significantly fewer quotes that Options Market Makers, and the Commission has not been presented with evidence that reporting equity market maker quotes is unduly burdensome.
Data Boiler Letter at 25.
The Commission notes that, when considering whether to require Options Market Makers to report their quotes to the Central Repository, the Commission was provided a detailed cost analysis of the savings that would result if Options Market Makers were not required to directly report their quote information to the Central Repository.
f. Data Elements Not Included in the CAT
One commenter recommended a re-examination of the data elements to be collected in the CAT NMS Plan, and questioned whether a “more broad and complete audit trail” is needed. This commenter recommended that the CAT include data on the settlement of securities transactions (i.e., post-execution) from the DTCC and NSCC, short sale information, including lending/borrowing information and pre-execution short sale locate data, and creation/redemption information for Exchange Traded Funds (“ETFs”).
Anonymous Letter I at 1, 3; see also Anonymous Letter I at 9-15 (stating that CAT Reporters should include ATSs, internalizers, ELPs, clearing firms, the Depository Trust and Clearing Corporation (“DTCC”), National Securities Clearing Corporation (“NSCC”)).
Anonymous Letter I at 6.
In response to the commenter, the Participants described how the CAT NMS Plan aligns with the scope of required elements in Rule 613. The Participants generally expressed their view that the potential benefit of requiring additional elements, such as settlement information, lending/borrowing information, short sale locate data, and ETF creation/redemption data, would be outweighed by the design and implementation costs at this time. The Participants committed generally to assess whether additional information should be reported to the CAT in the future.
The Participants noted the definition of Material Terms of the Order includes whether an order is short or short exempt. Response Letter I at 26.
The Participants explained that the processes involved in the ETF creations and redemptions are distinct from those used for transactions in NMS securities, and may involve parties that are not CAT Reporters. Response Letter I at 25-26.
Response Letter I at 26.
Id. at 25.
The Commission notes that, with regard to a locate identifier on short sales, data could be readily obtained from a follow-up request to a broker-dealer if the other data required to be reported to the CAT, particularly the information relating to the customer behind the order, is included in the consolidated audit trail. With regard to lending/borrowing information, the Commission understands that some of this data can be obtained through private sources, such as service providers. The Participants stated that they do not believe that the benefits of including this information in the CAT justify the costs for requiring them to be reported. The Commission similarly believes that it is not necessary to require this information in CAT. With regard to the inclusion of information on ETF creations and redemptions, the Commission agrees with the Participants that the relevant market participants may not be included in the current scope of CAT Reporters. Therefore, the Commission is not amending the Plan to include these data elements in the CAT at this time. Nor is it amending the Plan to include information on the settlement of securities transactions from DTCC and NSCC in the CAT, as it would require participation by entities not currently party to the CAT NMS Plan, and the regulatory benefits to the Participants and the Commission would not, at this time, justify the costs.
See Proposing Release, supra note 14, at 32574.
The Commission appreciates the commenter's perspective that additional data elements may offer some regulatory benefit. However, neither Rule 613 nor the CAT NMS Plan proposed including such data elements. After considering the comments, the Commission believes that it is reasonable to not mandate the reporting of new data elements to the CAT at this time. The Commission does not believe that the benefits to the Commission and Participants justify the cost for requiring additional data elements to be reported. The Commission or the Participants may consider additional data elements in the future.
5. Symbology
The CAT NMS Plan requires CAT Reporters to report data using the listing exchange's symbology. The CAT NMS Plan requires the Plan Processor to create and maintain a symbol history and mapping table, as well as provide a tool for regulators and CAT Reporters showing a security's complete symbol history, along with a start-of-day and end-of-day list of reportable securities for use by CAT Reporters.
See CAT NMS Plan, supra note 5, at Appendix D, Section 2.
Three commenters objected to the Plan requiring listing exchange symbology to be used by CAT Reporters. One commenter recommended that CAT Reporters be permitted to use the symbology standard they currently use and that the Central Repository should be responsible for normalizing the various standards. The commenter stated that while it does not expect that allowing CAT Reporters to use existing symbology would result in a large cost savings, it believes that use of existing symbology would reduce errors.
FIF Letter at 95; Bloomberg Letter at 5-6; Data Boiler Letter at 36 (recommending the use of multiple formats and favoring use of “existing market practices/processes”).
FIF Letter at 95.
Id. The commenter also requested clarity on what symbology would be used for options. Id. This comment was not addressed by the Participants.
Another commenter expressed the view that it would be costly to use the listing exchange's symbology for reporting to the CAT and instead advocated for a standardized nomenclature or symbology across the markets, stating that without a standardized data nomenclature, the integration of a data reporting system and surveillance will be significantly more difficult. The commenter suggested use of a uniform, global, open, multi-asset identifier, such as the Financial Instrument Global Identifier (“FIGI”), a product developed by Bloomberg LP. The commenter stated that use of a standard with the characteristics of FIGI would simplify cross-asset surveillance, lower error rates and potentially lower symbology licensing costs.
Bloomberg Letter at 5.
Id. at 6.
Id.
The Participants responded that the Plan required CAT Reporters to submit data to the CAT using the listing exchange symbology based on their understanding of current reporting practices. The Participants noted that Industry Members use solutions and systems that allow them to translate symbology into the correct format of the listing exchange when submitting data to exchanges or regulatory reporting systems, such as OATS and Electronic Blue Sheets (“EBS”). The Participants further noted that all CAT Reporters subject to OATS or EBS reporting requirements use the symbology of the listing exchange when submitting such reports. Accordingly, the Participants did not agree with the comment that advocated adopting a new symbology approach, concluding that it would add significant cost and complexity for the industry. The Participants also noted that permitting CAT Reporters to use symbology other than the listing exchange symbology, and having the Plan Processor translate the symbology of different CAT Reporters to the listing exchange symbology, would require each CAT Reporter to submit regular mapping symbology information to the CAT, thereby increasing the complexity and the likelihood for errors in the CAT. The Participants stated that the requirement to use exchange symbology is the most efficient, cost-effective and least error-prone approach. The Participants, however, acknowledged that the Plan Processor may, in the future, determine whether the use of a standardized symbology, other than listing exchange symbology, would be appropriate.
Response Letter II at 7.
Response Letter III at 13.
Response Letter II at 7 (citing OATS Reporting Technical Specifications (September 12, 2016), available at http://www.finra.org/sites/default/files/TechSpec_9122016.pdf. (requiring data to be reported using symbol format published by primary listing exchange for listed securities).
Id. The Plan requires the Participants to provide the Plan Processor with issue symbol information, and the Plan Processor to maintain a complete symbology database, including historical symbology. In addition, issue symbol validation must be included in the processing of data submitted by CAT Reporters. See CAT NMS Plan, supra note 5, at Appendix C, Section A.1(a); Appendix D, Section 2.
Id.
Response Letter II at 7.
The Participants noted, based on conversations with the DAG and as noted by one commenter, certain industry messaging formats, such as some exchange binary formats, require symbology other than the primary listing exchange symbology. Id.
The Commission believes that the CAT NMS Plan's requirement that CAT Reporters report data using the listing exchange's symbol is reasonable. The Commission agrees with the Participants that allowing each CAT Reporter to determine its reporting symbology would impose burdens on, and add complexity for, the Plan Processor by requiring each CAT Reporter to regularly submit to the Plan Processor symbology mappings. Additionally, the Commission believes that using existing symbology may reduce errors, as noted by the Participants. The Commission also understands, based on the Participants' representations, that CAT Reporters that report to OATS and EBS today already have the ability to translate to the listing exchange's symbology.
6. Security of CAT Data
The CAT NMS Plan requires that the Plan Processor develop and, with the prior approval of the Operating Committee, implement, policies, procedures and control structures related to the security of the CAT System. Appendices C and D describe the general security requirements for CAT data and outline minimum data security requirements that the Plan Processor must meet.
See CAT NMS Plan, supra note 5, at Section 6.1(c); see also Sections III.26 and III.27, supra.
See CAT NMS Plan, supra note 5, at Appendix C and D.
a. CAT Information Security Program Details
Several commenters believed that the CAT NMS Plan did not provide enough details regarding the security and confidentiality of CAT Data. One commenter noted that “explicit language indicating requirements for overall security of data transmission and storage, rather than suggestions, should be included in the finalized CAT requirements.” Another commenter stated that the Plan does not provide enough granular details related to actual controls, service levels, and technical support that will be implemented by the Plan Processor. Similarly, another commenter stated that the CAT NMS Plan lacks proper guidance concerning the requirements for security and confidentiality controls of the CAT System regarding, for example, network security, firewalls, systems management and library controls, IT personnel access to the CAT System and data, system logs and archives. One commenter “urg[ed] the SEC to require the SROs to share more detailed information on [data loss prevention, business continuity plans and cyber incident response plans] as a Plan Processor is selected and the Central Repository is built.” Other commenters suggested that certain market participants be provided another opportunity to provide feedback on the security controls, policies and procedures that will be adopted by the Plan Processor. Another commenter supported having an information security officer be responsible for regular updates of the documents and processes, breach identification, and management and processes for periodic penetration tests of all applications.
SIFMA Letter at 20; see also ICI Letter at 4 (stating that “despite the highly sensitive nature of the data captured by the CAT, the proposed CAT NMS plan provides only vague details about the information security provisions for the CAT. . . . [W]e understand that certain details of the plan processor's information security program must remain confidential, but the proposed CAT NMS plan sets too low of a bar for information security”).
FSR Letter at 6; see also TR letter at 8 (seeking clarification on the service levels and liability that will be associated with data transfers between CAT Reporters and the CAT Processor, and how information security will be addressed with customer service staff at the Plan Processor that will assist CAT Reporters with troubleshooting).
FIF Letter at 131-132.
Fidelity Letter at 4.
One commenter, for example, suggested that experts from Industry Members be permitted to review and provide feedback on the security controls, policies and procedures of the Plan Processor. FIF Letter at 130. Another suggested that market participants be provided an opportunity to comment on these important details. Fidelity Letter at 4.
UnaVista Letter at 5.
In response to commenters that requested more detail regarding the security controls for CAT Data, the Participants noted that in the Adopting Release for Rule 613, the Commission stated that “an outline or overview description of the policies and procedures that would be implemented under the NMS plan submitted to the Commission for its consideration would be sufficient to satisfy the requirement of the Rule.” The Participants also reiterated the position of the Commission at the time of adoption of Rule 613 that “it is important for the NMS plan submitted to the Commission to establish the fundamental framework of these policies and procedures, but recognizes the utility of allowing the plan sponsors flexibility to subsequently delineate them in greater detail with the ability to make modifications as needed.” The Participants noted that Section 6.12 of the CAT NMS Plan requires the Plan Processor to develop and maintain a comprehensive information security program for the Central Repository, to be approved and reviewed at least annually by the Operating Committee.
Response Letter I at 53-54 (citing Adopting Release, supra note 14, at 45782).
Response Letter I at 53-54 (citing Adopting Release, supra note 14, at 45782).
Id.
The Participants also referred to Appendix D of the Plan, which discusses the fundamental framework of this program, including: (1) Appropriate solutions and controls to ensure data confidentiality and security during all communications between CAT Reporters and Data Submitters and the Plan Processor, data extraction, manipulation and transformation, loading to and from the Central Repository and data maintenance by the CAT System; (2) security controls for data retrieval and query reports by Participants and the SEC; and (3) appropriate tools, logging, auditing and access controls for all components of the CAT System. The Participants further noted the Plan provisions addressing: (1) The physical assets and personnel of the CAT; (2) training of all persons who have access to the Central Repository; (3) encryption; (4) remote access to the CAT System; (5) the handling of PII; (6) data storage (including penetration testing and third party audits); (7) access to PII and other CAT Data; breach management; and (8) the minimum industry standards that must be followed by the Plan Processor in developing and implementing the security and confidentiality policies and procedures for the Plan. The Participants also provided a high level description of the security requirements for the CAT System, which described the architecture controls, program level controls, and data usage and regulator controls applicable to the CAT. Notably, the Participants also stated that they believe that “publicly releasing too many details about the data security and information policies and procedures of the CAT System presents its own security concerns and is not advisable.”
Response Letter I at 54.
Id.
Id.
Id.
The Participants stated that they do not believe that market participants such as experts from Industry Members should be permitted to review and provide feedback on the security controls, policies and procedures of the Plan Processor because each Bidder already has provided information on the various security issues discussed in the Plan and as a result, the Plan Processor will have sufficient information from which to formulate appropriate data security and information policies and procedures. The Participants added that data security policies and procedures of the Plan Processor will be subject to the review and approval of the Operating Committee, which will seek the views of the Advisory Committee. Therefore, the Participants do not believe that it is necessary to allow Industry Members to separately review the security controls, policies and procedures of the Plan Processor.
Response Letter I at 55.
Id.
Id.
The Participants also provided additional details concerning certain security controls and protocols required of the Plan Processor. Specifically, the Participants noted that the Plan Processor must establish a penetration testing protocol and that the Participants generally would expect penetration testing to occur following major changes to system architecture (e.g., changes in the network segmentation, major system upgrades, or installation of new management level applications), or when other specific new threats are identified. The Participants also provided additional detail clarifying their threat monitoring program and stated that they expect that the Plan Processor will “adhere to industry practice for an infrastructure initiative such as the CAT, and, therefore, the Plan Processor will provide 24x7 operational monitoring, including monitoring and alerting for any potential security issues across the entire CAT environment.” Related to threat monitoring, the Participants noted that the CISO also is required to establish policies and procedures to address imminent threats. Specifically, the Participants stated that they expect the CISO to establish procedures for addressing security threats that require immediate action to prevent security threats to the CAT Data.
Response Letter III at 7.
Id.
Response Letter III at 8.
Id.
The Commission fully recognizes the importance of maintaining the security of the CAT Data and the need to have sufficient information regarding the policies, procedures and control structures that will be adopted by the Plan Processor that will apply to the security of the CAT Data. The Commission also reiterates its view, as set forth in the Adopting Release and as noted by the Participants in their response, that an outline or overview description of the policies and procedures that would be implemented by the Plan Processor regarding data security satisfies the requirements of Rule 613 and that it is reasonable for additional detail about the controls, policies and procedures applicable to the CAT's information security program to be determined and published after the Plan Processor is selected, including through the CAT's Technical Specifications, which will be publicly available. The Commission also shares the concerns articulated by the Participants that publicly releasing too many details about the technical security requirements, tools and techniques of the CAT NMS Plan could invite exploitation. The Commission believes that the CAT NMS Plan must strike a balance between setting out the fundamental framework for the security of the CAT Data while maintaining the ability of the Plan Processor to adopt additional security parameters as it sees fit, some of which the Plan Processor may not want to make public.
See CAT NMS Plan, supra note 5, at Section 6.9(a).
The Commission has considered the security provisions in the CAT NMS Plan and finds that a reasonable level of detail regarding the security and confidentiality controls has been provided in the CAT NMS Plan. However, the Commission expects that the Participants will require the Plan Processor to continuously monitor the information security program of the CAT to ensure that it is consistent with the highest industry standards for the protection of data, and to proactively implement appropriate changes to the security program to guard against any unauthorized intrusions or breaches of the Plan Processor's data security protocols and protections. The Commission also expects that, when the Plan Processor is chosen, the Plan Processor will provide more detail about the specific security requirements and attendant obligations placed on the Participants, including through the issuance of Technical Specifications, which will be publicly available; more explicit language indicating requirements for overall security of data transmission and storage; more granularity related to actual controls and service levels; and more details about the technical support that will be implemented by the Plan Processor. The Commission also notes that, as discussed in Section IV.H, the Commission is amending Section 6.6 of the Plan to require that the Participants provide the Commission with an annual evaluation of the information security program to ensure that the program is consistent with the highest industry standards for the protection of data.
See Section IV.H, supra.
The Commission also believes that, based on the CAT NMS Plan and the Participants' response, a reasonable level of detail and explicit requirements regarding the overall security of data transmission, storage, service levels, and technical support has been provided. Similarly, the Commission believes that the Plan adequately addresses network security, firewalls, systems management, data loss prevention, business continuity plans and cyber incident response plans. In response to the commenters that requested that market participants such as experts from Industry Members be permitted to review and provide feedback on the security controls, policies and procedures of the Plan Processor, the Commission believes that such review and feedback is not necessary, particularly in light of input by the Advisory Committee.
See CAT NMS Plan, supra note 5, at Appendix C, Section A.1(b) (discussing the manner in which the Central Repository will receive, extract, transform, load, and retain data); Section 6.10(c) (discussing the CAT user Help Desk).
See CAT NMS Plan, supra note 5, at Appendix D, Section 4 (Data Security); Section 5 (Business Continuity/Disaster Recovery).
In response to the commenter that supported having an information security officer be responsible for regular updates of the documents and processes, breach identification, and management and processes for periodic penetration tests of all applications, the Commission notes that the Plan provides for a CISO who has a broad range of responsibilities regarding the security of the CAT Data.
b. Security Standards for the CAT System
Several commenters put forth various industry security standards that should be adopted by the Plan Processor. One commenter stated that if the CAT System operates using a cloud infrastructure, the CAT should employ a cloud provider rated for security via the Cloud Controls Matrix from the Cloud Security Alliance. This commenter further recommended that the CAT “be subject to existing data security and privacy standards like Regulation P [Annual Privacy Notice Requirement under the Gramm-Leach-Bliley Act], FISMA [Federal Information Security Management Act] and FedRAMP [Federal Risk and Authorization Management Program].” One commenter stated that steps should be taken to ensure proper controls are in place to protect the data throughout its lifecycle using secure, authenticated and industry-accepted encryption mechanisms. Another commenter recommended the use of “pre-defined extract templates and uniform global formats such as ISO [International Organization for Standardization] 2002.” One commenter stated that at a minimum, connection to CAT infrastructure should be protected by transport layer security/secure sockets layer (“TLS/SSL”) through a secure tunnel. Another commenter suggested that the CAT NMS Plan employ the cybersecurity framework developed by NIST and the cybersecurity assessment tool created by the Federal Financial Institutions Examination Council (“FFIEC”).
SIFMA Letter at 21.
Id.
FSI Letter at 5 (citing to Government Accountability Office, High-Risk Series: An Update, GAO-15-290 at 235 (Feb. 2016)).
UnaVista Letter at 4.
FIF Letter at 133.
ICI Letter at 5.
One commenter noted the need for an ongoing assessment of the risks associated with the CAT System and data to meet the NIST industry standards referenced in the Plan. In discussing the confidentiality and sensitivity of CAT Data, a commenter noted that “[t]he emphasis shouldn't be favoring on [sic] a particular prescribed standard . . . but the key is: CAT needs independence [sic] privacy and security assessment at regular intervals. The assessment will include: Vulnerability scan and identifying system nuisances that can cause or already caused privacy and security issues.”
FIF Letter at 130-31.
Data Boiler Letter at 29.
With respect to the industry standards applicable to the CAT System, in their response, the Participants noted that at the outset of operation of the CAT, the Plan Processor will adopt all relevant standards from the NIST Cyber Security Framework, NIST 800.53 or ISO 27001 that would be appropriate to apply to the Plan Processor. The Participants added that because industry standards may evolve over time, the Participants will require that the CAT's security program align with current industry standards and best practices as they evolve in the future. To this end, the Plan requires that the Plan Processor's information security program be reviewed at least annually by the Operating Committee.
Response Letter III at 5.
Id.
Id.
Regarding security standards applicable to the Participants that access CAT Data, the Participants noted that the Plan requires the Participants to “establish, maintain and enforce written policies and procedures reasonably designed . . . to ensure the confidentiality of the CAT Data obtained from the Central Repository.” The Participants stated that “such policies and procedures will be subject to Reg SCI and oversight by the SEC.” Moreover, in their response, the Participants stated that “[i]n the event that relevant standards evolve, the proposed Plan also requires that “[e]ach Participant shall periodically review the effectiveness of the policies and procedures . . . and take prompt action to remedy deficiencies in such policies and procedures.”
Response Letter III at 8.
Id.
Response Letter III at 8.
In response to the commenters that believed that an ongoing assessment of the risks associated with the CAT System and data should meet the NIST standards in the Plan, the Participants stated that they agree that the CAT System should be regularly assessed for security risks, and that the Operating Committee must conduct an annual review of the Plan Processor's information security program. The Participants further noted that Section 6.2(a)(v)(C) of the Plan provides that the CCO, in collaboration with the CISO, will retain independent third parties with appropriate data security expertise to review and audit on an annual basis the policies, procedures, standards and real-time tools that monitor and address data security issues for the Plan Processor and the Central Repository.
Response Letter I at 61.
Response Letter III at 5.
Response Letter I at 61.
In response to the commenter that believed that the Plan Processor should be FedRAMP certified, the Participants stated that they do not believe that the Plan Processor should be required to be certified FedRAMP. The Participants stated that requiring FedRAMP certification could limit the portions of each cloud provider's solutions that each Bidder may access, while also increasing costs for the CAT. The Participants stated that furthermore, FedRAMP certification itself does not provide for additional security controls beyond those contained in the NIST standards, but rather focuses on providing a certification and evaluation process for government applications. Moreover, the Participants believe that the security controls required in the Plan and proposed by the Bidders, as well as those provided by the Bidders' cloud providers, are robust and would not be materially enhanced by requiring them to be FedRAMP certified. The Participants also pointed out that regular independent third party audits, as required by the Plan, also would help to ensure the security of the CAT and any cloud solutions in use.
Response Letter III at 5.
Response Letter III at 5.
Response Letter III at 5-6.
Id.
The Commission notes that Appendix D of the Plan addresses the security standards applicable to the CAT System. Specifically, Section 4.2 of Appendix D of the CAT NMS Plan, as proposed, states that “[t]he following industry standards, at a minimum, must be followed as such standards and requirements may be replaced by successor publications, or modified, amended, or supplemented and as approved by the Operating Committee (in the event of a conflict between standards, the more stringent standard shall apply, subject to the approval of the Operating Committee).” The Plan then lists several NIST standards (e.g., NIST 800), FFIEC's “Authentication Best Practices,” and ISO/IEC 27001's “Information Security Management. Appendix D, Section 4.2, as proposed, also states that the CAT LLC shall join the Financial Services-Information Sharing and Analysis Center (“FS-ISAC”) and comparable bodies as the Operating Committee may determine.
See CAT NMS Plan, supra note 5, at Appendix D, Section 4.2.
Moreover, in the Commission's view, the Participants' commitment in their response that, at the outset of the operation of CAT, the Plan Processor will adhere to the relevant standards from the NIST Cyber Security Framework is a reasonable step toward ensuring a robust security information program. At this time, the Commission believes that the NIST Cyber Security Framework provides a reliable and comprehensive approach to cybersecurity risks and threats, and helps to ensure that the Plan Processor will be abiding by appropriately rigorous industry standards to help identify, protect, detect, respond and recover from cyberattacks, whether internal or external, domestic or international. Accordingly, the Commission is amending Appendix D, Section 4.2 of the CAT NMS Plan to add the requirement that Plan Processor will adhere to the NIST Cyber Security Framework in its entirety. The Commission believes that adherence to the standards of the NIST Cyber Security Framework provides a reasonable approach to ensuring that security standards applicable to the CAT System will reflect high industry standards regarding the protection of CAT Data.
The Commission notes that, in contrast to the Participants' response, the Commission is amending the Plan without limitation to only “relevant standards” because the Commission believes that the NIST Cyber Security Framework already provides flexibility to ensure only relevant standards apply, and without specific reference to NIST 800-53 or ISO 27001. The Commission also is amending Appendix D, Section 4.2 of the Plan to clarify that the listed industry standards are not intended to be an exclusive list. The Commission believes this amendment is appropriate to clarify that the Participants may adhere to additional industry standards.
In light of the Participants' commitment and ongoing requirement to adhere to the NIST Cyber Security Framework—which will address the security of the CAT cloud provided by the Plan Processor—and the limitations that FedRAMP certification might impose on the cloud provider's solutions that each bidder might access should the bidder be chosen as the Plan Processor, the Commission believes that it is reasonable to not require that the Plan Processor be FedRAMP certified. In addition, the Commission believes that it is reasonable to allow the Plan Processor to evaluate whether it should adhere to the data security and privacy standards like Regulation P, FISMA and ISO 2002, and whether the connection to the CAT infrastructure should be protected by TLS/SSL.
The Commission also notes that in their response, the Participants stated that with respect to partnerships with other private or public organizations and information sharing entities, the Participants do not intend to restrict the CAT LLC's partnership only to the FS-ISAC; the Participants stated that the CAT LLC may seek to join other industry groups such as the National Cyber-Forensic & Training Alliance, the Department of Homeland Security's National Cybersecurity & Communications Integration Center, or other reputable cyber and information security alliances. The Commission believes the Participants have appropriately clarified that the provisions in Appendix D, Section 4.2 of the Plan listing the other organizations that the CAT LLC may join was not intended to be an exclusive list because the provision explicitly states that the CAT LLC shall endeavor to join other “comparable bodies as the Operating Committee may determine.”
Response Letter III at 6-7.
c. CAT User Access Administration
Many commenters discussed issues related to the administration of CAT users. One commenter stated that “[a]ppropriate policies and procedures should be in place for user access administration, including provisioning of administrators, user data management, password management and audit of user access management.” Another commenter noted the need to train employees and contractors with access to CAT Data on how to maintain the security and confidentiality of the data, while another commenter supported the establishment of processes to prevent access to sensitive data by any individuals who have not attended compliance training. One commenter stated that persons authorized to access CAT Data should have comprehensive background checks.
SIFMA Letter at 21.
ICI Letter at 9.
UnaVista Letter at 4.
FSR Letter at 5; FSI Letter at 5.
Other commenters discussed the password authentication procedures in the CAT NMS Plan that are meant to ensure that CAT Data is only accessed by credentialed personnel. One commenter stated that all persons with access to the CAT System should have their access secured via multi-factor authentication as prescribed in OMB Memorandum M-06-16. Another commenter suggested leveraging any authentication procedures at the entity that employs a person seeking access to CAT Data, stating that this approach would also allow for automated deactivation of users that leave the CAT Reporter or Participant.
MFA Letter at 6.
SIFMA Letter at 21. This commenter also generally recommended automatic deactivation for users who do not access CAT for a specified period of time (e.g., 6 months), or whose access is not re-confirmed by the entity who employs the person requesting CAT Data, or whose firm account has been deactivated. Additionally, the commenter stated that email addresses for CAT users should be immutable and should allow for change via administrative review workflow, and shared user IDs should be prohibited. Id.
In its response to commenters, the Participants noted the provisions in Appendix D of the Plan that require the Plan Processor to develop and maintain policies and procedures reasonably designed to prevent, detect and mitigate the impact of unauthorized access or usage of data in the Central Repository. The Participants further noted that the Plan requires that such policies and procedures include, at a minimum, (1) information barriers governing access to and usage of data in the Central Repository; (2) monitoring processes to detect unauthorized access to or usage of data in the Central Repository; and (3) escalation procedures in the event that unauthorized access to or usage of data is detected. The Participants also note that the Plan requires that passwords be stored according to industry best practices and recovered by secure channels, and that all logins will be subject to MFA. The Participants further note that the Plan Processor will have discretion to consider additional controls on user access in formulating the data security policies and procedures for the CAT System, including, without limitation, deactivating users who have not accessed the CAT System for a specified period of time.
Response Letter I at 55-56.
Id.
The Commission notes that certain provisions of the Plan appeared to require MFA only for access to PII. The Participants clarified in their response letter that MFA is required for all logins. Response Letter III at 6.
Response Letter I at 56.
The Commission believes that monitoring the access to CAT to ensure that only authorized persons are allowed to access the CAT System and CAT Data is critical to ensuring the security of CAT Data. The Commission agrees with the Participants that the requirements set out in Appendix D, and other provisions of the CAT NMS Plan, provide a reasonable outline of CAT user access administration (including provisioning of administrators) in general, as well as user data management and password management.
See CAT NMS Plan, supra note 5, at Appendix D, Section 4.1.4 (discussing an overview of access to CAT Data).
In response to specific commenters that believed that only individuals with appropriate training should be permitted access to CAT Data, Section 6.1(m) of the Plan states that “[t]he Plan Processor shall develop and, with the prior approval of the Operating Committee, implement a training program, which will be made available to all individuals who have access to the Central Repository on behalf of the Participants or the SEC prior to such individuals being granted access to the Central Repository, that addresses the security and confidentiality of all information accessible from the CAT, as well as the operational risks associated with accessing the Central Repository.” Appendix D of the Plan also states that the Plan Processor must provide to the Operating Committee a comprehensive security plan that covers all components of the CAT System, including physical assets and personnel, and the training of all persons who have access to the Central Repository consistent with Article VI, Section 6.1(m). Thus, the Commission believes that these Plan provisions, taken together, indicate that the Plan Processor will require that all persons that have access to CAT Data will be required to complete training prior to accessing CAT Data, and expects that only those persons that have been adequately trained will have access to CAT Data.
See CAT NMS Plan, supra note 5, at Section 6.1(m).
See CAT NMS Plan, supra note 5, at Appendix D, Section 4.1.
In response to the commenter that stated that persons authorized to access CAT Data should have comprehensive background checks, the Commission notes that the Plan provides that “in addition to other policies, procedures and standards generally applicable to the Plan Processor's employees and contractors, the Plan Processor shall have hiring standards and shall conduct and enforce background checks (e.g., fingerprint-based) for all of its employees and contractors to ensure the protection, safeguarding and security of the facilities, systems, networks, equipment and data of the CAT System. . . .” While the Commission believes that this provision sets out a reasonable approach to background checks for employees and contractors of the Plan Processor, the Commission believes that such a requirement generally should extend to Participants with respect to all of their users that have access to CAT Data and therefore is amending the Plan to require that each Participant conduct background checks for its employees and contractors that will use the CAT System. The Commission believes that this amendment to the Plan is appropriate in order to ensure that only authorized and qualified persons are using the CAT System.
See CAT NMS Plan, supra note 5, at Section 6.1(g).
See CAT NMS Plan, supra note 5, at Appendix D, Section 4.1.4.
The Commission also notes that the Participants have represented that all logins must be secured by MFA, in response to commenters concerns that authentication procedures for CAT users should ensure that only credentialed persons are accessing the CAT Data. In addition, in response to commenters that expressed concerns about the password authentication procedures of the Plan Processor, the Commission notes that the Plan addresses password guidelines such as, for example, the appropriate complexity of passwords and the recovery of lost passwords. The Commission also believes that the Plan does not prohibit the Plan Processor from considering an approach to authenticating a CAT user that would leverage the authentication procedures at the entity (either a Participant or CAT Reporter) that employs a person seeking access to CAT Data, as suggested by a commenter. The Commission believes these provisions, taken together, provide reasonable protections around CAT user administration.
See CAT NMS Plan, supra note 5, at Appendix D, Section 4.1.4 (discussing an overview of the CAT password requirements).
Finally, with respect to another aspect of CAT user access administration, in their response the Participants noted that they do not believe that memoranda of understanding or similar agreements between the CAT LLC and the Participants are necessary since the Participants will be bound by both their participation in the Plan as well as the agreement between the CAT LLC and the Plan Processor. However, the Participants stated they believe that it is important that information regarding CAT Data usage, such as contact points and escalation procedures, be shared between the Plan Processor and the Participants; therefore, the Participants state they expect to establish such information sharing agreements between the Plan Processor and the Participants once the Plan Processor is chosen. Moreover, the Participants stated, they expect that one of the CISO's responsibilities would be to make sure that this information is captured and kept up to date appropriately.
Response Letter III at 8.
Response Letter III at 9.
The Commission notes that the Plan Processor has not yet been chosen and thus the execution of such memoranda is not appropriate at this time. However, the Commission believes that explicitly memorializing issues relating to CAT Data usage between the Plan Processor and each Participant would be beneficial to the operation of the CAT System.
The Commission also notes that, with respect to access, the CAT NMS Plan provides that the Plan Processor will provide to the Participants and the Commission access to the Representatives of the Plan Processor as any Participant or the Commission may reasonably request solely for the purpose of performing such Person's regulatory and oversight responsibilities pursuant to the federal securities laws, rules, and regulations or any contractual obligations. The Plan also provides that the Plan Processor will direct its Representatives to reasonably cooperate with any inquiry, investigation, or proceeding conducted by or on behalf of any Participant or the Commission related to such purpose. As filed, this provision would allow the Plan Processor to refuse access to the Commission and/or Participants upon its own determination of “unreasonableness.” The Commission believes that Commission or Participant requests for access to Representatives of the Plan Processor should be considered reasonable, absent other circumstances. It is therefore amending the Plan to delete the requirement that the access to Plan Processor Representatives be “reasonable” and that the Representatives of the Plan Processor only be required to “reasonably” cooperate with any inquiry, investigation, or proceeding conducted by or on behalf of the Commission. The Commission expects that, even without the “reasonableness” qualifier, it and the Participants will be reasonable in requesting access to the Representatives of the Plan Processor.
See CAT NMS Plan, supra note 5, at Section 6.1(u).
Id.
d. Downloading CAT Data By Regulators
Several commenters discussed the security risks associated with the downloading of CAT Data by regulators. One commenter argued that CAT Data should never be extracted, removed, duplicated, or copied from the CAT, noting that such practices would introduce additional risk and render even the most advanced security measures ineffective. Instead, this commenter recommended allowing data to be imported into a CAT query sub-system if surveillance is needed in conjunction with external data. Another commenter similarly noted the security risk associated with extracting data from the Central Repository and stated its preference for an approach “where the data is accessible by the Regulators but the data is not extracted and stored outside the Central Repository, except for extraction of `comparable' data that would facilitate exemption from duplicative reporting and retirement of high priority duplicative systems.” This commenter added “if combined datasets surveillance is needed (with data external to CAT), the SROs should be allowed to upload external SRO data to a sandbox environment within CAT, in order to enable combined surveillance.”
SIFMA Letter at 20; see also Data Boiler Letter at 26 (stating “CAT should under ABSOLUTELY NO CIRCUMSTANCE (including BCP/DR) allow anyone the option of to download the `entire' data sets, because this essentially opens a `backdoor' to significant security risk.”).
SIFMA Letter at 20.
FIF Letter at 134.
Id.
Another commenter stated that the CAT NMS Plan's provision permitting the Commission and SROs to download entire data sets and analyze the data within the regulator's systems or the regulator's cloud, and the Plan's proposal to allow broker-dealers to “verify certain data that they have submitted to the CAT,” represent security risks to CAT Data that the SEC and SROs should avoid. This commenter further noted that having multiple points of access to CAT Data, and the ability to download CAT Data, raise “significant cybersecurity concerns and outweigh the benefit of access to processed CAT [D]ata.” Another commenter believed that CAT Data should remain in the Central Repository, but noted that if the Commission determines to permit the downloading of CAT Data, the CAT NMS Plan should only allow a user to download CAT Data if the information security measures available at the user's site equal or exceed those protecting the data at the Central Repository.
Fidelity Letter at 4.
Id.
ICI Letter at 7.
In response to commenters, the Participants noted that Rule 613 requires regulators to develop and implement a surveillance system, or enhance existing surveillance systems to make use of CAT Data. The Participants stated that regulators should have flexibility in designing such surveillance systems, including the ability to access and transfer data where necessary and consistent with appropriate data security safeguards. Such access must be via secure channels (e.g., secure FTP, API or over encrypted lines) as required in the Plan. The Participants further noted that the Plan requires that Participants have appropriate policies and procedures in place to protect such data. Specifically, the Plan requires that Participants establish, maintain and enforce written policies and procedures reasonably designed to ensure the confidentiality of CAT Data. The Participants also stated that they believed that all regulators, including the Commission, should be obligated to establish security measures to protect the security and confidentiality of CAT Data for security purposes.
Response Letter I at 56.
Id.
Id.
Id.
Id. (citing to CAT NMS Plan, supra note 5, at Section 6.5(f)(iv)).
Id.
The Participants also noted that the CAT NMS Plan requires the Plan Processor to provide regulators with the ability to perform bulk data extraction and download of CAT Data. The Participants stated they continue to believe that permitting regulators to download order/transaction data from the Central Repository for regulatory use (i.e., “bulk data extracts”) is important for their regulatory purposes, and that eliminating or limiting bulk data extracts of the CAT Data may significantly and adversely impact the Participants' ability to effectively conduct surveillance of their markets using CAT Data. The Participants stated that they also plan to enrich their existing surveillance using bulk data extracts of CAT Data.
Response Letter III at 10 (citing to Appendix D, Section 8.2 (providing that “the Central Repository must provide for direct queries, bulk extraction, and download of Data for all regulatory users.”)).
Response Letter III at 11.
Regarding the security of extracted CAT Data, the Participants stated that they “recognize the security concerns raised by bulk data extracts and any Participant-controlled systems (e.g., Participant sandboxes residing in the Plan Processor's cloud or a Participant's local system) used to store and analyze such data extracts, but the Participants believe that requiring the Participants to adopt and enforce policies and procedures to address these security issues appropriately addresses these concerns without diminishing the surveillance benefits of the CAT.” The Participants noted that the Plan requires the Participants to “establish, maintain and enforce written policies and procedures reasonably designed . . . to ensure the confidentiality of the CAT Data obtained from the Central Repository.” Accordingly, the Participants stated that Participants must have policies and procedures reasonably designed to ensure the confidentiality of CAT Data obtained through bulk data extracts and maintained in the Participants' systems. In their response, the Participants stated that their own security controls, not those of the Plan Processor, would apply to such systems as they would be outside the Plan Processor's control. The Participants' represented that their security controls would be consistent with industry standards, including security protocols that are compliant with Regulation SCI, and the Participants would periodically review the effectiveness of such controls pursuant to their policies and procedures addressing data security.
Id.
Id.
Id.
Id.
Id.
Regarding the Participants' security controls, the Participants stated that the CISO would be obligated to escalate issues that could represent a security threat to CAT Data. For example, the Participants stated that if the CISO observes activity from a CAT Reporter or Participant that suggests that there may be a security threat to the Plan Processor or the Central Repository, then the CISO, in consultation with the CCO, may escalate the matter to the Operating Committee. The Participants stated, however, that they do not envision, that “such policy enforcement [by the CISO] would involve a regulatory enforcement role with regard to the Participants.” The Participants further stated that “[t]he Plan does not give the CISO the authority to engage in such regulatory enforcement. Moreover, although the Plan permits the Operating Committee to impose fees for late or inaccurate reporting of information to the CAT, it does not authorize the Participants to oversee, or serve enforcement actions against, each other via the Plan Processor. Only the SEC has such authority under the Securities Exchange Act of 1934.”
Response Letter III at 7. Notwithstanding the foregoing example, the Participants noted that the details regarding such an escalation policy will not be determined until the Plan Processor has been selected.
Id.
Response Letter III at 8.
Id.
Id.
The Commission believes that ensuring the security and confidentiality of CAT Data is of utmost importance, and also notes the Participants' recognition that regulators should have flexibility in designing such surveillance systems, including the ability to access and transfer data where necessary and consistent with appropriate data security safeguards. As described above, the Plan Processor has the specific responsibility to develop and implement policies, procedures and control structures related to the security of the CAT System. The Plan Processor also is responsible for the security and confidentiality of all CAT Data received and reported to the Central Repository, including during all communications between CAT Reporters and the Plan Processor, data extraction, data manipulation and transformation, loading to and from the Central Repository, and data maintenance and storage by the Central Repository. The Plan Processor also must require the establishment of secure controls for data retrieval and query reports for CAT Data reported to and stored in the Central Repository.
See CAT NMS Plan, supra note 5, at Section 6.1(c).
See id. at Section 6.5(f)(i), (iv).
See id. at Section 6.5(f)(iv).
While the Plan Processor is responsible for the security of the CAT Data collected by and stored in the Central Repository, the Commission agrees with commenters that once CAT Data is extracted into a Participant's regulatory surveillance system, the Plan Processor can no longer assure the security of the CAT Data because the details, requirements and rigor of the policies and procedures regarding the security of CAT Data at each Participant are beyond the direct control of the Plan Processor. This is the case whether the CAT Data is downloaded to a Participant's local server, or downloaded into a dedicated sandbox within the CAT cloud—and whether the CAT Data that is downloaded is a subset of all the CAT Data collected by the Central Repository, or the entirety of the CAT Data (i.e., cloning the entire CAT database).
Therefore, the Commission believes that if a Participant chooses to extract CAT Data, whether into its own local server environment or into its own sandbox within the CAT cloud, the Participant must have policies and procedures regarding CAT Data security that are comparable to those implemented and maintained by the Plan Processor for the Central Repository, and that each Participant must certify and provide evidence to the CISO that its policies and procedures for the security of CAT Data meet the same security standards applicable to the CAT Data that is reported to, and collected and stored by, the Central Repository. Given the necessity of ensuring the security of CAT Data that is collected by and stored in the Central Repository, the Commission believes that this is a reasonable requirement that will ensure that CAT Data is subject to the same standards of security, whether the CAT Data is downloaded by a Participant onto the Participant's local servers, or downloaded into the Participant's sandbox within the CAT cloud, and therefore, is amending the plan accordingly.
The Commission also notes that each Participant must comply with Regulation SCI. Response Letter III at 8.
See CAT NMS Plan, supra note 5 at Section 6.2(b)(vii).
The Commission believes that it is critical to the security of the CAT Data to assign responsibility to the CISO to review the data security policies and procedures of Participants that extract CAT Data into their own systems, whether on a local server or within a sandbox within the CAT cloud, to determine whether such policies and procedures are comparable to the data security policies and procedures applicable to the Central Repository. The Commission further believes that if the CISO, in consultation with the CCO, finds that any such information security policies and procedures of a Participant are not comparable to the policies and procedures applicable to the CAT System, and the issue is not promptly addressed by the applicable Participant, the CISO, in consultation with the CCO, will be required to provide notice of any such deficiency to the Operating Committee.
See id.
e. Use of CAT Data for Regulatory and Surveillance Purposes
One commenter stated that access to CAT Data should be restricted to Commission and SRO Staff with regulatory and oversight responsibilities. Another commenter stated that the proposed model and timeframe for regulatory access to the reported data is consistent with the Commission's broader regulatory objectives. Another commenter noted that access should not be granted to the academic community. On the other hand, one commenter believed that aggregated CAT Data should be made available to the public on a limited or time-delayed basis, so as to enable more creative approaches to market surveillance, foster industry collaboration, and augment regulatory efforts.
Fidelity Letter at 4.
UnaVista Letter at 4.
MFA Letter at 6.
Data Boiler Letter at 14.
The Participants stated that they do not plan to make CAT Data available for use by the public (or academics or other third parties) at this time. The Participants noted that there may be certain benefits to this type of expanded access, such as promoting academic evaluations of the economic costs and benefits of regulatory policy. Nevertheless, the Participants believed that the privacy and security concerns raised by such public access would outweigh the potential benefits. The Participants stated that this conclusion is “in line with the SEC's statements in the adopting release for SEC Rule 613 that, in light of the privacy and security concerns, `it is premature to require that the NMS plan require the provision of data to third parties.' ”
Response Letter I at 44-45.
Id. at 45.
Id.
Id.
The Commission agrees with the Participants and believes that it is reasonable to continue to limit access to CAT Data to regulatory authorities for regulatory and surveillance use. As previously noted, the CAT is designed to be a regulatory tool. While the Commission recognizes that there may be benefits to expanding the distribution of CAT Data, the Commission also believes that limiting the use of CAT Data for regulatory and surveillance purposes is reasonable at this time, given the vast scope of the CAT Data and need to ensure the security and confidentiality of the CAT Data.
Such purposes include, among other things, analysis and reconstruction of market events, market analysis and research to inform policy decisions, market surveillance, examinations, investigations, and other enforcement functions. See supra note 586.
This limitation on the use of CAT Data for regulatory and surveillance purposes does not restrict the ability of a Participant from using the Raw Data that it reports for commercial or other purposes. See Section IV.D.6.k, infra.
Although not raised by commenters, the Commission emphasizes that under the Plan the CCO must develop and implement a notification and escalation process to resolve and remediate any alleged non-compliance with the rules of the CAT by a Participant or Industry Member, which shall include appropriate notification and order of escalation to a Participant, the Operating Committee, or the Commission. The Commission expects that any additional escalation procedures outlined by the CCO, once the CCO is selected, will adhere to this process.
See CAT NMS Plan, supra note 5, at Section 6.2(a)(v)(L).
f. Regulation SCI
Several commenters discussed the applicability of Regulation SCI to the Central Repository. One commenter stated that because the CAT is an “SCI System” and an SCI System of each of the SROs, all obligations associated with Regulation SCI must be complied with by the SROs to ensure the security and integrity of the CAT. One commenter stated that Industry Members are not subject to Regulation SCI and the CAT NMS Plan should “make clear that Regulation SCI would not be expanded to apply to an Industry Members [sic] by virtue of its reporting requirements under the CAT Plan.” Another commenter stated that because the CAT NMS Plan provides that the Plan Processor must be compliant with Regulation SCI requirements, compliance with Regulation SCI requirements should be “an explicit evaluation criterion as part of the selection process for the CAT Processor.”
See CAT NMS Plan, supra note 5, at Section 6.9(b)(xi).
SIFMA Letter at 21-22; see also MFA Letter at 4.
FSR Letter at 6. This commenter also noted that the Plan Processor should ensure access to the PII complies with Regulation SCI and any other applicable federal and state privacy laws. Id.
SIFMA Letter at 45.
The Participants noted that the Plan Processor will need to satisfy all applicable regulations involving database security, including Regulation SCI, and the Participants have discussed with the Bidders their responsibilities under Regulation SCI on numerous occasions. They added they do not believe that it is appropriate that the Plan provide details on how the Plan Processor will ensure that the Central Repository will comply with Regulation SCI.
Response Letter I at 58.
Id.
The Central Repository, as a facility of each of the Participant SROs, is an SCI Entity and the CAT System is an SCI system, and thus it must comply with Regulation SCI. The CAT NMS Plan states that data security standards of the CAT System shall, at a minimum, satisfy all applicable regulations regarding database security, including provisions of Regulation SCI. The Plan Processor thus must establish, maintain and enforce written policies and procedures reasonably designed to ensure that the CAT System has levels of capacity, integrity, resiliency, availability, and security adequate to maintain its operational capability to comply with Regulation SCI.
An “SCI Entity” means an SCI self-regulatory organization, SCI alternative trading system, plan processor, or exempt clearing agency subject to the Commission's Automated Review Program (“ARP”). 17 CFR 242.1000.
An “SCI System” means all computer network, electronic, technical, or automated, or similar systems of, or operated by or on behalf of, an SCI entity that, with respect to securities, directly support trading, clearance and settlement, order routing, market data, market regulation, or market surveillance. 17 CFR 242.1000.
See CAT NMS Plan, supra note 5, at Section 6.9(b)(xi).
According to Regulation SCI, the policies and procedures must require: (i) The establishment of reasonable current and future technology infrastructure capacity planning estimates; (ii) periodic capacity stress tests of such systems to determine their ability to process transactions in an accurate, timely, and efficient manner; (iii) a program to review and keep current systems development and testing methodology for such systems; (iv) regular reviews and testing, as applicable, of such systems, including backup systems, to identify vulnerabilities pertaining to internal and external threats, physical hazards, and natural or manmade disasters; (v) business continuity and disaster recovery plans that include maintaining backup and recovery capabilities sufficiently resilient and geographically diverse and that are reasonably designed to achieve next business day resumption of trading and two-hour resumption of critical SCI systems following a wide-scale disruption; (vi) standards that result in such systems being designed, developed, tested, maintained, operated, and surveilled in a manner that facilitates the successful collection, processing, and dissemination of market data; and (vii) monitoring of such systems to identify potential SCI events. Compliance with Regulation SCI will also require the Plan Processor to periodically review the effectiveness of the policies and procedures and take prompt action to remedy deficiencies in such policies and procedures.
17 CFR 242.1001(a)(2). “SCI event” means an event at an SCI entity that constitutes: (1) A systems disruption; (2) a systems compliance issue; or (3) a systems intrusion. 17 CFR 242.1000.
17 CFR 242.1001(a)(3).
For purposes of compliance with Regulation SCI, the Commission has stated that an SCI entity's policies and procedures shall be deemed to be reasonably designed if they are consistent with current SCI industry standards, which are required to be comprised of information technology practices that are widely available to information technology professionals in the financial sector and issued by an authoritative body that is a U.S. governmental entity or agency, association of U.S. governmental entities or agencies, or widely recognized organization, although compliance with current SCI industry standards is not the exclusive means to comply with the requirements of Regulation SCI. To assist SCI entities in developing policies and procedures consistent with “current SCI industry standards,” Staff of the Commission issued Staff Guidance which lists examples of publications describing processes, guidelines, frameworks, or standards that an SCI entity could look to in developing reasonable policies and procedures to comply with Regulation SCI. The standards under the Staff Guidance address nine subject areas, including application control; capacity planning; computer operations and production environment controls; contingency planning; information security and networking; audit; outsourcing; physical security; and systems development methodology.
See Staff Guidance on Current SCI Standards, issued on November 19, 2014, available at https://www.sec.gov/rules/final/2014/staff-guidance-current-sci-industry-standards.pdf .
Id.
The Commission believes that compliance with Regulation SCI will help to reduce the occurrence of systems issues; improve the resiliency of the technological infrastructure when systems problems do occur; and enhance the Commission's oversight of the Central Repository. In response to a concern by a commenter about the potential of the Plan to expand the scope of Regulation SCI, the Commission clarifies that Industry Members will not be subject to Regulation SCI by virtue of reporting audit trail data to the Central Repository. In addition, in response to the commenter that stated that the Participants should use compliance with Regulation SCI as an explicit evaluation criterion as part of the selection process for the CAT Processor, the Commission expects that the Participants will evaluate a Bidder's ability to comply with Regulation SCI as part of its Bidder evaluation process, as compliance with Regulation SCI is an explicit criteria of the CAT NMS Plan.
g. Physical Security of CAT Systems
The CAT NMS Plan requires the Plan Processor to provide a solution addressing physical security controls for corporate, data center and any leased facilities where any CAT Data is transmitted or stored. One commenter stated that the data centers housing the CAT System must, at a minimum, be SOC 2 certified with such certification annually attested to by a qualified third-party auditor that is not affiliated with the SROs or the Plan Processor. The Participants stated that they intended for data centers housing the CAT System to be AICPA SOC 2 certified. In addition, the Participants recommended that the auditor provision should be amended to require a qualified third-party auditor that is not an affiliate of any of the Participants or the Plan Processor.
See CAT NMS Plan, supra note 5, at Appendix C, Section A.4(a).
SIFMA Letter at 21.
Response Letter I at 58.
Id. at 58-59.
The Commission believes that assuring the physical security of the data centers that house the CAT Data, including PII Data, is a critical component of the overall security program and the Commission believes that the Participants' recommendation to amend the standards applicable to ensure the physical security of the CAT System to reflect that it will be AICPA SOC 2 certified and audited by a qualified third-party auditor that is not an affiliate of any Participant or the Plan Processor is reasonable. The Commission therefore is amending the Plan accordingly.
See CAT NMS Plan, supra note 5, at Appendix D, Section 4.1.3.
h. Encryption of CAT Data
Commenters discussed the CAT NMS Plan's provisions regarding encryption of CAT Data, including CAT Data that is PII. One commenter stated that the CAT NMS Plan's data encryption requirements alone were not sufficient to protect CAT Data at-rest and PII, and that many more detailed and technical issues must be considered for the encryption requirements for the CAT System and CAT Data to be sufficient. The commenter also recommended that the CAT Plan require data to be encrypted both at-rest and in-flight, and that particularly sensitive pieces of data be isolated and compartmentalized. Another commenter highlighted specific standards for in-transit data (e.g., asymmetric encryptions and transport layer security), data at-rest (e.g., NIST Special Publication 800-57), and data in-use (e.g., implementing data protection controls such as disclosing intended use and duration).
MFA Letter at 8.
Id.; see also SIFMA Letter at 20-21 (stating that “[t]he CAT Processor should employ strong, evolving encryption and decryption standards that are continuously updated to meet the most stringent data encryption requirements possible”).
FSR Letter at 5-6; see also FIF Letter at 125 (suggesting that if given the option WORM (write once, read man) technology may be convenient and cost effective).
One commenter requested that Section 4.1.2 of Appendix D of the Plan, which addresses the encryption of CAT Data, be amended to make clear that the monitoring, alerting, auditing, and any other requirements that apply with respect to CAT Data also apply to archival CAT Data. Another commenter opined that the encryption and decryption standards used by the Plan Processor should be continuously updated to meet the most stringent data encryption requirements possible, and designed to support end-to-end data encryption, with data decrypted at the desktop level.
MFA Letter at 8.
SIFMA Letter at 20-21.
Commenters also focused on the particular necessity of encrypting PII, both when in-transit and at-rest, to ensure it remains secure and confidential. One commenter noted the CAT NMS Plan's requirement that CAT Data provided to regulators that contains PII be “masked,” and stated that PII should be masked unless users have permission to view the PII contained in the CAT Data that has been requested, while another commenter believed that clarification is needed regarding the meaning of “masked” under the CAT NMS Plan.
FSR Letter at 5; MFA Letter at 8 (also stating that “[s]trong encryption should be at the heart of the CAT NMS Plan's efforts to protect data”).
FSR Letter at 4; see also CAT NMS Plan, supra note 5, at Section 6.10(c)(ii).
Id.
FIF Letter at 135.
The Participants stated that “given that all three remaining bidders propose cloud based solutions, all data will be encrypted in-flight and at-rest.”
Response Letter III at 5. The Commission notes that as filed, the CAT NMS Plan had stated that all CAT Data must be encrypted in-flight using industry best practices, and that PII must be encrypted both at-rest and in-flight; storage of unencrypted PII is not permissible; and non-PII CAT Data stored in a Plan Processor private environment is not required to be encrypted at-rest. See CAT NMS Plan, supra note 5, at Appendix D, Section 4.1.2; see also Response Letter I at 57.
The Commission notes that the CAT NMS Plan requires the Plan Processor to describe how PII encryption is performed and the key management strategy. The CAT NMS Plan also requires that PII encryption methods include a secure documented key management strategy such as the use of HSM(s).
The Commission agrees with commenters that encryption of CAT Data is a necessary and critically important means of protecting CAT Data, including PII. Therefore, given the role that encryption plays in maintaining the security of CAT Data, the Commission believes that all CAT Data must be encrypted and is amending the Plan accordingly.
See CAT NMS Plan, supra note 5, at Appendix D, Section 4.1.2.
In response to the commenter that believed that encryption alone was not sufficient to protect CAT Data at-rest and PII, the Commission notes that the CAT NMS Plan provides several means of protecting CAT Data in addition to encryption, including provisions addressing connectivity and data transfer requirements, parameters for the storage of CAT Data in general, and PII in particular, and limitations on access to CAT Data by authorized users only. In addition, the Plan states that the Technical Specifications, which will be published one year before Industry Members must report CAT Data to the Central Repository, will include more details about the data security for CAT. Thus, in response to the commenter that believed that more detailed and technical issues must be considered for the encryption requirements for the CAT System and CAT Data to be sufficient, the Commission believes that preparation and publication of the Technical Specifications referenced above commits the Participants to undertaking an analysis of security requirements, in addition to and as a supplement to, the existing encryption requirements. With respect to the issues raised by the commenter regarding the specific standards for in-transit data (including asymmetric encryptions and transport layer security), data at-rest (e.g., NIST Special Publication 800-57), and data in-use (e.g., implementing data protection controls such as disclosing intended use and duration), the Commission notes that, as amended by the Commission, the Plan requires the Participants to adhere to all relevant standards in the NIST Cyber Security Framework, which includes standards regarding encryption.
Id. at Section 6.9(b)(xi).
Response Letter III at 8.
In response to the commenter that stated that encryption and decryption standards used by the Plan Processor should be continuously updated to meet the most stringent data encryption requirements possible, the Commission notes that the CAT NMS Plan provides that all CAT Data must be encrypted in-flight and at-rest using industry standard best practices, and that such industry standards may be replaced by successor publications, or modified, amended, or supplemented as approved by the Operating Committee.
See CAT NMS Plan, supra note 5, at Appendix D, Sections 4.1.2 and 4.2.
In response to commenters that discussed the need that PII be “masked,” the Commission notes that the CAT NMS Plan mandates that all CAT Data that is returned in response to a regulatory inquiry will be encrypted, and that PII data returned shall be masked unless users have permission to view the CAT Data that has been requested. The Commission believes that this requirement adds an additional, reasonable requirement that protects PII from view, unless the person seeking PII is authorized to view the PII.
Id. at Section 6.10(c).
i. Connectivity
One commenter stated that accessing the CAT System must be done via secure methods, that the SROs should consider mandating the usage of private lines rather than encrypted internet connectivity, and that the CAT Processor's systems should be air-gapped from the internet, thereby eliminating access to the internet and/or any internal non-CAT systems used by the Plan Processor.
SIFMA Letter at 20.
With respect to using private lines to connect to the CAT, the Participants stated that the Plan does not require CAT Reporters to use private lines to connect to the CAT due to cost concerns, particularly for smaller broker-dealers. Noting that the Plan requires that CAT Reporters access the CAT via a secure, encrypted connection, the Participants also cited to Appendix D which states that “CAT Reporters must connect to the CAT infrastructure using secure methods such as private lines or (for smaller broker-dealers) Virtual Private Network connection over public lines.”
Response Letter III at 6.
Id.
The Participants noted that pursuant to the Bidders' solutions, the core CAT architecture would not be accessible via the public internet. The Participants cited to Appendix D, Section 4.1.1 of the Plan, which states that “[t]he CAT databases must be deployed within the network infrastructure so that they are not directly accessible from external end-user networks. If public cloud infrastructures are used, Virtual Private Networking and firewalls/access control lists or equivalent controls such as private network segments or private tenant segmentation must be used to isolate CAT Data from unauthenticated public access.”
Id.
See CAT NMS Plan, supra note 5, at Appendix D, Section 4.1.1.
The Commission believes that the CAT NMS Plan's provisions regarding connectivity to the Central Repository reflect a reasonable approach to ensuring secure access to the CAT Data residing within the Central Repository. The Commission believes that leaving the option for connection via Virtual Private Network for smaller broker-dealers is reasonable, given the potential cost of mandating use of a private line. The Commission also believes that prohibiting access to the CAT System via the public internet is appropriate, given the potential risk to the security of the CAT Data residing in the Central Repository that might be caused by allowing direct access into the CAT using an unsecure method by unauthenticated users.
j. Breach of CAT Security
Commenters also discussed the appropriate action to be taken in the event of a security breach. One commenter recommended that the Commission define a “reportable incident” that would trigger implementation of the cyber incident report plan. Three commenters recommended that the CAT NMS Plan's cyber incident report plan include notification procedures in the event of a cyber incident. One commenter specifically stated that the Plan should require that notice of an incident be provided to the Operating Committee, affected broker-dealers, other market participants and law enforcement within a designated period of time (e.g., 24 hours). Another commenter agreed, noting that the Plan should provide a clear mechanism for promptly notifying all victims of a CAT data breach, including Customers. Similarly, another commenter recommended that the Plan Processor “release a protocol document describing the specific procedures it will take upon a breach of CAT, including the procedure for notifying [P]articipants and allowing them to suspend CAT submissions temporarily in the event of an ongoing breach.” This commenter also requested that the data security plan include a process for reviewing data incidents to determine what corrective actions are required to reduce the likelihood of recurrence.
MFA Letter at 8. This commenter also suggested that the Plan Processor adopt a “bug bounty program” which awards individuals who report software bugs. Id.
SIFMA Letter at 21; ICI Letter at 8; FSI Letter at 4.
SIFMA Letter at 21.
ICI Letter at 8; see also FSI Letter at 4 (recommending that investors be notified of a breach).
FSI Letter at 4.
Id.
Some commenters discussed who should bear the cost of a data breach. One commenter stated that Industry Members should not bear the cost of a security breach that occurs on the systems of the Commission, the Participants, the Plan Processor, Central Repository, or “in-transit” amongst the various parties. Another commenter recommended that the CAT Processor, the SROs, and the Commission indemnify the broker-dealers from any and all liability in the event of a breach that is in no part the fault of the broker-dealers. Two commenters added that CAT NMS, LLC should purchase an insurance policy that covers potential breaches and extends to Industry Members and their obligations vis-à-vis their clients whose CAT Data is required to be reported by the CAT Plan.
FSR Letter at 8.
SIFMA Letter at 22; see also FSI Letter at 5 (suggesting that the Plan Processor should bear responsibility in the event of a data breach and that the Plan Processor should expressly indemnify Participants for any costs or damages incurred as a result of a data breach occurring after they have provided data to the CAT).
FSR Letter at 8; see also SIFMA Letter at 22.
In response to commenters, the Participants noted that the Plan Processor is required to work with the Operating Committee to develop a breach protocol in accordance with industry practices. However, the Participants also stated that they believe that providing more details on these processes or procedures raises security issues. Moreover, the Participants noted, the CAT System will be subject to applicable regulations involving database security, including Regulation SCI and its requirement to provide notice to the Commission and to disseminate information about SCI Events to affected CAT Reporters.
Response Letter I at 58.
Id.
Id.
With respect to breaches of the CAT System and the accompanying protocols for dealing with breaches, the Commission notes that the CAT NMS Plan provides that the Plan Processor must develop policies and procedures governing its responses to systems or data breaches, and the Participants added that the Plan Processor will work with the Operating Committee to develop a breach protocol in accordance with industry practices. According to the CAT NMS Plan, such policies and procedures will include a formal cyber incident response plan and documentation of all information relevant to breaches. The cyber incident response plan will provide guidance and direction during security incidents, and may include items such as guidance on crisis communications; security and forensic procedures; Customer notifications; “playbook” or quick reference guides that allow responders quick access to key information; insurance against security breaches; retention of legal counsel with data privacy and protection expertise; and retention of a public relations firm to manage media coverage. The CAT NMS Plan further provides that documentation of information relevant to breaches should include a chronological timeline of events from the breach throughout the duration of the investigation; relevant information related to the breach (e.g., date discovered, who made the discovery, and details of the breach); response efforts, involvement of third parties, summary of meetings/conference calls, and communication; and the impact of the breach, including an assessment of data accessed during the breach and impact on CAT Reporters.
See CAT NMS Plan, supra note 5, at Appendix D, Section 4.1.5.
Response Letter I at 58.
See CAT NMS Plan, supra note 5, at Appendix D, Section 4.1.5.
Id.
Id.
In response to commenters that requested additional detail about the CAT NMS Plan breach management protocol, such as the definition of a “reportable incident,” the Commission notes that the Plan requires the Plan Processor to develop policies and procedures to govern its responses to systems or data breaches and the Commission expects the definition of a “reportable incident” will be clearly set forth in those policies and procedures. While the Plan does not explicitly require it, in response to the commenter that requested that notice of a breach be provided to the Operating Committee, the Commission expects that the CAT NMS Plan's cyber incident response plan will incorporate notice of the breach to the Operating Committee, because the Operating Committee is the body that manages the CAT LLC. As a Regulation SCI System, the Plan Processor must also notify the Commission in the event of an SCI Event.
Pursuant to Regulation SCI, the Commission must be notified within 24 hours of an SCI Event. See 17 CFR 242.1002(b).
As for commenters that opined on the other parties that should be notified upon a breach, including affected parties such as Customers, the Commission notes that the Plan explicitly requires customer notifications to be included in the cyber incident response plan, and that the cyber incident response plan may list other market participants that will be notified upon a breach of the CAT System and the procedure for notifying relevant participants of the breach. In response to the commenter that requested that the breach protocol include a process for reviewing “data incidents” to determine what corrective actions are required to reduce the likelihood of recurrence, the Commission notes that the Plan requires that the impact of the breach be assessed, and the Commission expects that such assessment will also help identify the corrective actions that must be taken to reduce the likelihood of recurrence.
See CAT NMS Plan, supra note 5, at Appendix D, Section 4.1.5.
In response to the several commenters that discussed issues surrounding the cost of a breach, including which parties should bear the cost of a breach, and whether the Plan Processor, the Participants and the Commission should indemnify the broker-dealers from all liability in the event of a breach that is no fault of the broker, the Commission notes that the Plan requires that the Plan Processor's cyber incident response plan must address insurance issues related to security breaches and that as part of the discussions on insurance coverage and liability, further detail about the distribution of costs will be undertaken. The Commission believes that it is reasonable to require, at this stage, that the cyber incident response plan outline the key areas of breach management that must be addressed by the Plan Processor; further details on the breach management protocols, including details about who might bear the cost of a breach and under what specific circumstances, will follow once the Plan Processor is selected.
k. Use of Raw Data for Commercial or Other Purposes
Commenters also discussed the CAT NMS Plan's provision permitting a Participant to use the Raw Data it reports for commercial or other purposes as long as such use is not prohibited by applicable law, rule or regulation. One commenter believed that the Plan should be amended to state specifically when a Participant may—or more importantly, according to the commenter, may not—use Raw Data or CAT Data for commercial purposes. This commenter also noted inconsistencies in the Participants' commercial use of data. Specifically, the commenter noted that Section 6.5(f)(i)(A) of the Plan states that each SRO may use “the CAT Data it reports to the Central Repository for regulatory, surveillance, commercial or other purposes as permitted by applicable law, rule or regulation,” and Section 6.5(h) permits a Participant to “use the Raw Data it reports to the Central Repository for regulatory, surveillance, commercial or other purposes as otherwise not prohibited by applicable law, rule or regulation.” Another commenter stated that the CAT NMS Plan should be amended to clarify that Participants may not use data stored in the Central Repository—beyond the data that the SROs submit to the CAT—for their own commercial purposes. One commenter provided two recommendations designed to ensure that Participants do not use the CAT NMS Plan to “enlarge the scope of data that they commercialize.” First, the commenter believed that the Plan should specify that no Participant may commercialize customer identifying information, regardless of whether applicable law expressly prohibits its commercialization. Second, the Plan should limit the scope of data subject to commercialization by narrowing the definition of Raw Data to include only data that a Participant must report under Rule 613 or the Plan.
“Raw Data” means Participant Data and Industry Member Data that has not been through any validation or otherwise checked by the CAT System. See CAT NMS Plan, supra note 5, at Section 1.1. The Commission notes that the Section 6.5(h) of the CAT NMS Plan also limits the use by a Participant of the Raw Data that the Participant has reported to the Central Repository; a Participant may not use the Raw Data reported by another Participant.
ICI Letter at 10; SIFMA Letter at 31.
SIFMA Letter at 31.
Id.
Id.
KCG Letter at 9.
ICI Letter at 10.
Id.
In response to commenters, the Participants stated that they continue to believe that it is appropriate for the CAT NMS Plan to permit the Participants to use their Raw Data for commercial or other purposes. Therefore, the Participants do not propose to prohibit such use. Nevertheless, to address the concern raised by a commenter that the CAT NMS Plan inconsistently uses the terms “Raw Data” and “CAT Data” in Sections 6.5(f)(i)(A) Section 6.5(h) of the CAT NMS Plan, the Participants recommended that the term “Raw Data” replace the term “CAT Data” in Section 6.5(f)(i)(A) of the Plan.
Response Letter I at 43.
Id.
Id.
As an initial matter, the Commission finds that it is reasonable to amend the Plan to replace the term “CAT Data” with “Raw Data” in Section 6.5(f)(i)(A) of the Plan, to remove any inconsistency and potential confusion. The Commission also finds that the CAT NMS Plan's provisions regarding the use of Raw Data by a Participant is a reasonable approach to the use of audit trail data that is reported by the Participant itself. In response to the commenter's request that the Commission define the circumstances under which a Participant cannot use its Raw Data, the Commission finds that the CAT NMS Plan's provision that the use must not be prohibited by applicable law, rule or regulation is sufficient guidance to Participants regarding their use of the Raw Data used for commercial or other purposes. Similarly, the Commission believes that the CAT NMS Plan's definition of “Raw Data” is sufficiently clear and further addresses the comments that the Participants may expand the audit trail data that Participants may use for commercial or other purposes. The Commission notes that the CAT NMS Plan's definition of “Raw Data” limits such data to “Participant Data” or “Industry Member Data.” In this regard, in response to the commenter with concerns about a Participant commercializing customer identifying information, the Commission notes that a Participant would never be in a position to report customer identifying information itself; therefore, a Participant could not use customer identifying information for commercial or other purposes. The Commission also believes that, pursuant to the CAT NMS Plan, the Participants may not use CAT Data for commercial purposes.
See CAT NMS Plan, supra note 5, at Section 6.5(f)(i)(A).
See id. at Section 1.1.
l. Ownership of CAT Data
Several commenters discussed the ownership of CAT Data. Two commenters believed that the CAT NMS Plan should be amended to indicate that broker-dealers retain ownership rights in all of the data they report to the CAT. In response to commenters, Participants stated that Rule 613 does not address broker-dealer CAT Reporters' ownership rights with respect to the CAT Data, and the Participants do not believe that it is appropriate to address such ownership rights in the Plan.
SIFMA Letter at 30; KCG Letter at 7-8.
Response Letter I at 44.
The Commission believes that it is reasonable for the CAT NMS Plan not to address ownership rights to the data that broker-dealers report to the Central Repository. The resolution of legal questions regarding ownership rights to the data that is reported to the Central Repository by broker-dealers is not required by Rule 613; is outside the scope of Rule 613; and is not necessary to find that the Plan meets the approval standard of Rule 608.
m. Bulk Access to an Industry Member's CAT Data
A few commenters discussed whether Industry Members should be permitted access to their own reported audit trail data through bulk data exports. One commenter stated that it “would be highly beneficial for CAT Reporters to have access to their own data” to assist with error identification and correction, and stressed the importance of building such access into CAT as part of the initial design, even if CAT Reporters were not permitted such access during the initial phase of CAT. To address security concerns, the commenter suggested that retrieval of PII data should be limited to a set of CAT Reporter personnel who are responsible for entering and correcting customer information. Another commenter noted that broker-dealers should be permitted to access, export and use their data within the Central Repository at no charge and that “[a]llowing broker-dealers to access their own data will be beneficial for surveillance and internal compliance programs and may incentivize firms to make other internal improvements including, among other things, reducing potential errors.” This commenter also argued that broker-dealers should not be subject to additional fees to simply retrieve data they already submitted to the CAT, noting that CAT is the only broker-dealer regulatory reporting service for which the SROs have proposed to impose system-specific fees on broker-dealers.” Another commenter stated that “[a]llowing CAT Reporters to access their own data would be beneficial for surveillance and internal compliance programs. If data access is considered as part of the initial design of the Central Repository, we believe the benefits outweigh the cost.” One commenter argued that independent software vendors also should have fair, reasonable, and non-discriminatory access, at their client's request, to the data submitted or stored at the Central Repository on their client's behalf. In support, this commenter noted that OATS permitted access to determine reporting accuracy by “matching in both directions,” so that reporters could address matching errors.
FIF Letter at 61.
Id.
SIFMA Letter at 30. In this regard, this commenter noted that broker-dealers could use their CAT reported data to run complex searches and generate reports to (1) meet their regulatory surveillance requirements; (2) conduct best execution analysis; and (3) conduct transaction costs analysis. Id.
Id.; see also KCG Letter at 7.
TR Letter at 8.
Bloomberg Letter at 7.
Id. (noting further that independent software vendors could build sophisticated analytics to aid this).
In response to these comments, the Participants noted that during the development of the Plan, the SROs considered whether to provide Industry Members with access to their own data through bulk data exports. Based on the data security and cost considerations, the Participants stated that they determined that such access was not a cost-effective requirement for the CAT. Accordingly, the CAT NMS Plan was drafted to state that “[n]on-Participant CAT Reporters will be able to view their submissions online in a read-only, non-exportable format to facilitate error identification and correction.”
Response Letter I at 44.
Id.
See CAT NMS Plan, supra note 5, at Appendix D, Section 10.1.
In light of the comments that the Commission received and further evaluation of the issue, however, in their response, the Participants stated that they now believe that there may be merit to providing Industry Members and their vendors with bulk access to the CAT Reporters' own unlinked CAT Data. For example, the Participants stated that such access may facilitate the CAT Reporters' error analysis and internal surveillance and that it may expedite the retirement of duplicative reporting systems. However, the Participants noted, providing bulk data access also raises a variety of operational, security, cost and other issues related to the CAT. The Participants stated that they would need to address this additional functionality with the Plan Processor; in addition, the Participants stated that inclusion of this functionality would create additional burdens on the CAT and the Plan Processor and, therefore, may require additional funding from CAT Reporters for such access to the CAT Data. Therefore, the Participants stated that they will consider this issue once the CAT is operational.
Response Letter I at 44.
Id.
Id.
Id.
Id.
The Commission recognizes the commenters' desire for bulk access to their own data for surveillance and internal compliance purposes, as well as possible error correction purposes. The Commission also recognizes the Participants' initial approach of not permitting such access for security and cost purposes, as set forth in their response. Given the complexity of initially implementing the CAT, the Commission believes that the Participants' approach that limits Industry Members to only being able to view their submissions online in a read-only, non-exportable format to facilitate error identification and correction is a reasonable approach at the present time. The Commission notes the Participants' representation that they will consider offering bulk access to the audit trail data reported by Industry Members once CAT is operational. The Commission expects the Participants to fulfill this commitment and as part of their evaluation, the Commission expects that the Participants may consider whether a fee for such access would be appropriate and how such a fee might impact the funding of the CAT.
The Commission preliminarily believes that if the Participants decide to provide access to broker-dealer CAT Reporters, an amendment to the CAT Plan would be required as this would expand the Plan's restriction that CAT Data only be used by Participants for regulatory and surveillance purposes. See CAT NMS Plan, supra note 5, at Section 6.5(h).
The Commission disagrees with the commenters that recommended providing access to CAT Data for independent software vendors. Given the highly sensitive nature of the CAT Data, the Commission believes that it is reasonable to not allow access to parties other than the SROs and the Commission. If the Participants decide to propose granting such access after gaining experience with CAT operations, and are able to ensure the security of data, the Commission will consider, based on the analysis presented, whether granting access to CAT Reporters and other non-regulator industry members is reasonable.
Bloomberg Letter at 7.
The Commission also notes that, as discussed in Section IV.H, the Commission is amending Section 6.6 of the Plan to require that, within 24 months of effectiveness of the Plan, the Participants provide the Commission with a report discussing the feasibility, benefits, and risks of allowing an Industry Member to bulk download the Raw Data it submitted to the Central Repository.
See Section IV.H, supra.
n. Regulator Use Cases
One commenter noted that the Plan does not provide any details on how regulators will be able to perform their day-to-day analysis using CAT Data. Specifically, this commenter analyzed the limitations of the CAT NMS Plan in light of the regulator use cases (“Regulator Use Cases”) contained in the Adopting Release, which provided further detail about how regulators envisioned using, accessing, and analyzing audit trail data under CAT. This commenter made three recommendations that the commenter believed would provide additional clarity to the CAT NMS Plan: (i) The Plan should clearly specify the analytical capability requirements of the CAT to inform the SROs about the level and limits of the Central Repository's analytical capabilities; (ii) the Plan should precisely describe the technology enhancements required by the SROs and the Commission to effectively and efficiently use the CAT Data; and (iii) the Regulator Use Cases should be a key criteria in the selection of the Plan Processor, which would require Bidders to prove that their solution is capable of facilitating regulators' need to extract and analyze the data.
SIFMA Letter at 32-33.
Id. at 31-33.
Id. at 33.
The Commission recognizes the commenter's concerns about the lack of details in the CAT NMS Plan regarding how regulators will be able to perform their day-to-day analysis using CAT Data, in light of the Regulator Use Cases. The Commission notes, however, that in the Adopting Release the Commission stated that it was not including the Regulator Use Cases and accompanying questions to endorse a particular technology or approach to the consolidated audit trail; rather, the Regulator Use Cases and accompanying questions were designed to aid the SROs' understanding of the types of useful, specific information that the CAT NMS Plan could contain that would assist the Commission in its evaluation of the Plan. The Commission noted that its description of Regulator Use Cases includes a non-exclusive list of factors that SROs could consider when developing the NMS plan. Thus, the Commission believes that the Regulator Use Cases were not intended to serve as a list of specific requirements regarding analytical capability or technological enhancements that should be addressed by the Participants in the CAT NMS Plan. In response to the comment that the Regulator Use Cases should be a key criteria in the selection of the Plan Processor, the Commission reiterates that the Regulator Use Cases were not intended to be used as selection criteria for the Plan but were meant to elicit the types of useful information from the bidders that would assist in the Commission in its evaluation of the CAT NMS Plan.
See Adopting Release, supra note 13, at 45798.
Id.
o. Obligations on Participants and the Commission Regarding Data Security and Confidentiality
Under the CAT NMS Plan as noticed, certain obligations are imposed, or required to be imposed by the Plan Processor upon the Participants and the Commission regarding data security and confidentiality. However, Commissioners and employees of the Commission are excluded from certain of these obligations.
See CAT NMS Plan, supra note 5, at Sections 6.5(f)(i)(A)-(B), 6.5(f)(i)(D), 6.5(f)(iii), 6.5(f)(iv)(B), 6.5(g), Appendix D, Sections 4.1.4, 4.1.6, 11.3; see also supra Section III.25.
See CAT NMS Plan, supra note 5, at Section 6.5(f)(i)(A)-(B).
Two commenters opined on these provisions. One stated that “the security of the confidential data stored in the Central Repository and other CAT systems must be of the highest quality and that no authorized users with access to CAT Data should be exempt from any provisions regarding security requirements and standards set forth in the Plan.” Another commenter expressed concern that the Plan does not require Commission Staff to abide by the same security protocols for handling PII that other users of CAT Data are required to follow and urged the Commission to adopt these safeguards.
NYSE Letter at 2-4 (noting that “[i]f employees of the Commission with access to the data stored in the Central Repository or other CAT systems are subject to security standards less stringent than those applicable to other authorized users, the data obtained and held by those individuals may be subject to heightened risk of a data breach.”).
Garrett Letter at 1-2.
Specifically, one commenter objected to the exclusion of Commissioners and employees of the Commission from Section 6.5(f)(i)(A) of the Plan, which provides that the Plan Processor must require individuals with access to the Central Repository to use appropriate confidentiality safeguards and to use CAT Data only for surveillance and regulatory purposes. In addition, the commenter argued that Section 6.5(g) of the Plan, which requires the Participants to establish and enforce policies and procedures regarding CAT Data confidentiality, should also apply to the Commission. Similarly, another commenter sees no reason why the Commission should not have to follow the requirements of Section 6.5(g) and emphasized that the Commission needs to follow adequate policies and procedures when handling PII. However, the first commenter noted that it “do[es] not believe that individuals performing their employment duties should be subject to personal liability and that such liability would not reduce security risks,” and objected to Section 6.5(f)(i)(B) of the Plan, which requires the submission of a “Safeguard of Information Affidavit” providing for personal liability for misuse of data.
NYSE Letter at 3.
Id. at 3-4 (citing U.S. Government Accountability Office (“GAO”) report discussing certain weaknesses in the Commission's information security policies).
Garrett Letter at 1 (noting also that computer systems at the Federal Deposit Insurance Corporation, Internal Revenue Service, Federal Reserve, and Office of Personnel Management have all recently been compromised by cyberattacks and that an April 2016 GAO report identified several weaknesses related to the SEC's cybersecurity protocols that the Commission has not yet addressed).
NYSE Letter at 3 (also objecting to the terms “misuse” and “data” (rather than CAT Data) as overly broad and imprecise).
In response to these comments, the Participants stated that they agree that the Plan's security program must take into consideration all users with access to CAT Data, including the Commission, and noted that Commission Staff had requested the exclusion of Commission employees and Commissioners from subsections (A) and (B) of Section 6.5(f)(i) of the Plan. The Participants, nevertheless, recommended removing these exclusions and applying the requirements of Section 6.5(g) to the Commission.
Response Letter I at 60.
Id. at 60-61.
The Commission takes very seriously concerns about maintaining the security and confidentiality of CAT Data and believes that it is imperative that all CAT users, including the Commission, implement and maintain a robust security framework with appropriate safeguards to ensure that CAT Data is kept confidential and used only for surveillance and regulatory purposes. However, the Commission is not a party to the Plan. By statute, the Commission is the regulator of the Participants, and the Commission will oversee and enforce their compliance with the Plan. To impose obligations on the Commission under the Plan would invert this structure, raising questions about the Participants monitoring their own regulator's compliance with the Plan. Accordingly, the Commission does not believe it is appropriate for its security and confidentiality obligations, or those of its personnel, to be reflected through Plan provisions. Rather, the obligations of the Commission and its personnel with respect to the security and confidentiality of CAT Data should be reflected through different mechanisms than those of the Participants. The Commission reiterates that in each instance the purpose of excluding Commission personnel from these provisions is not to subject the Commission or its personnel to more lenient data security or confidentiality standards. Despite these differences in the origins of their respective obligations, the rules and policies applicable to the Commission and its personnel will be comparable to those applicable to the Participants and their personnel.
See 17 CFR 242.608(a)(1) (stating that NMS plans are filed by two or more SROs).
See 17 CFR 242.608(b)(2), (c), (d); 17 CFR 242.613(h).
Such an approach also has the potential to create tension with the existing oversight of the Commission conducted by the Office of the Inspector General and the Government Accountability Office.
Moreover, Commission employees are generally immune from personal liability for actions performed in the course of their duties. See, e.g., Gilbert v. Digress, 756 F.2d 1455, 1458 (9th Cir. 1985) (“the bar of sovereign immunity cannot be avoided by naming officers and employees of the United States as defendants”); Clark v. Library of Congress, 750 F.2d 89, 103-04 (D.C. Cir. 1984) (absent a specific waiver by the government, sovereign immunity bars constitutional suits for money damages against government employees in their official capacity, even in cases where the employee acted outside his authority); 28 U.S.C. 2679 (barring claims against government employees under the Federal Tort Claims Act).
The Commission and its personnel are subject to a number of existing federal and Commission rules and policies regarding the security and confidentiality of information that they encounter in the course of their employment. These rules and policies apply with equal force to data that Commission personnel can access in the CAT. For example, existing laws and regulations prohibit Commission personnel from disclosing non-public information without authorization. CAT Data available to Commission personnel will contain non-public information. Thus, Commission personnel who disclose or otherwise misuse this data would potentially be subject to criminal penalties (including fines and imprisonment), as well as disciplinary action (including termination of employment), civil injunction, and censure by professional associations (for attorneys and accountants). The Commission believes that the protections described above provide as strong a deterrent against the possible misuse of CAT Data by Commission personnel as would the submission of the “Safeguard of Information Affidavit” required by Section 6.5(f)(i)(B).
See, e.g., 5 CFR 2635.703(b) (“Nonpublic information is information that the employee gains by reason of Federal employment and that he knows or reasonably should know has not been made available to the general public.”).
See, e.g., 15 U.S.C. 78x(b) (“It shall be unlawful for any member, officer, or employee of the Commission to disclose to any person other than a member, officer, or employee of the Commission, or to use for personal benefit, any information contained in any application, statement, report, contract, correspondence, notice, or other document filed with or otherwise obtained by the Commission (1) in contravention of the rules and regulations of the Commission under [the Freedom of Information Act], or (2) in circumstances where the Commission has determined pursuant to such rules to accord confidential treatment to such information”); 17 CFR 200.735-3(b)(2)(i) (“A member or employee of the Commission shall not . . . [d]ivulge to any unauthorized person or release in advance of authorization for its release any nonpublic Commission document, or any information contained in any such document or any confidential information: (A) In contravention of the rules and regulations of the Commission promulgated under [the Freedom of Information Act], [the Privacy Act], and [the Sunshine Act]; or (B) in circumstances where the Commission has determined to accord such information confidential treatment”); 5 CFR 2635.703(a) (“An employee shall not engage in a financial transaction using nonpublic information, nor allow the improper use of nonpublic information to further his own private interest or that of another, whether through advice or recommendation, or by knowing unauthorized disclosure.”).
See, e.g., 18 U.S.C. 1905 (“Whoever, being an officer or employee of the United States or of any department or agency thereof . . . publishes, divulges, discloses, or makes known in any manner or to any extent not authorized by law any information coming to him in the course of his employment or official duties, . . . which information concerns or relates to the trade secrets, processes, operations, style of work, or apparatus, or to the identity, confidential statistical data, amount or source of any income, profits, losses, or expenditures of any person, firm, partnership, corporation, or association; . . . shall be fined under this title, or imprisoned not more than one year, or both; and shall be removed from office or employment”); 5 U.S.C. 552a(h)(i)(1) (“Criminal penalties—Any officer or employee of an agency, who by virtue of his employment or official position, has possession of, or access to, agency records which contain individually identifiable information the disclosure of which is prohibited by this section or by rules or regulations established thereunder, and who knowing that disclosure of the specific material is so prohibited, willfully discloses the material in any manner to any person or agency not entitled to receive it, shall be guilty of a misdemeanor and fined not more than $5,000”).
A comment from one Participant suggested that persons with access to the Central Repository—regardless of whether they are employed by the Plan Processor, the Commission, or a Participant—should not be subject to personal liability for the misuse of data. The Commission is not amending the Plan to remove personal liability from all categories of such persons. The inclusion in the Plan of a provision providing for personal liability for the misuse of data indicates that the Participants more broadly believe that this is an appropriate and potentially effective way of deterring misuse of data, including by their own employees. And, in the Commission's view, the Participants' belief is reasonable.
In addition, the Commission already has robust information security policies and procedures developed in accordance with federal directives and NIST standards that prohibit the unauthorized disclosure and inappropriate use of confidential data. Moreover, the Commission will review and update, as necessary, its existing confidentiality and data use policies and procedures to account for access to the CAT, and, like the Participants, will periodically review the effectiveness of these policies and procedures and take prompt action to remedy deficiencies in such policies and procedures. Like other information security controls over information resources that support federal operations and assets, the Commission's policies and procedures applicable to CAT must comply with the Federal Information Security Modernization Act of 2014 and the NIST standards required thereunder, and will be subject to audits by the SEC Office of Inspector General and the GAO.
Public Law 113-283 (Dec. 18, 2014); NIST, Security and Privacy Controls for Federal Information Systems and Organizations, Special Publication 800-53, revision 4 (Gaithersburg, Md.: April 2013); NIST, Contingency Planning Guide for Federal Information Systems, Special Publication 800-34, revision 1 (Gaithersburg, Md.: May 2010).
Notwithstanding the existence of these protections, in light of the scope and nature of CAT Data, the Commission recognizes the need to ensure that it has in place a comprehensive framework for CAT data security. Accordingly, a cross-divisional steering committee of senior Commission Staff is being formed to design policies and procedures regarding Commission and Commission Staff access to, use of, and protection of CAT Data. The policies and procedures will consider, but not be limited to, access controls, appropriate background checks, usage and data protection, as well as incident response. In developing these policies and procedures, the steering committee will, of necessity, take into account how the data collection and other systems are developed in connection with the creation of the CAT. The Commission will ensure that its policies and procedures impose protections upon itself and its personnel that are comparable to those required under the provisions in the Plan from which the Commission and its personnel are excluded.
For these reasons, the Commission does not believe that the Plan should be amended to remove the exclusion of “employees and Commissioners of the SEC” from Section 6.5(f)(i)(A)-(B) or to extend the requirements of Section 6.5(g) to the Commission. Similarly, the Commission does not believe that the requirements in Section 6.5(g) that Participants establish and enforce policies and procedures designed to ensure the confidentiality of CAT Data obtained from the Central Repository and to limit the use of such data to surveillance and regulatory purposes can or should be extended to the Commission. Moreover, the Commission is further amending the Plan, as set forth below, to remove the Commission from certain other obligations.
First, the Commission is amending the Plan to provide that Section 6.5(f)(iii) does not apply to the Commission or its personnel. As proposed, this provision provided that the Participants and the Commission must, as promptly as reasonably practicable, but in any event within twenty-four hours, report instances of non-compliance with policies and procedures or breaches of the security of the CAT to the CCO. The Commission received no comments on this provision. The Commission notes that, consistent with presidential directives and guidance from the OMB and the Department of Homeland Security United States Computer Emergency Readiness Team (“US-CERT”), its existing incident response policies and procedures require Commission employees to promptly convey any known instances of non-compliance with data security and confidentiality policies and procedures or breaches of the security of its systems to the CISO of the Commission, and this policy will apply to any instances of non-compliance or breaches that occur with respect to the CAT. The Commission's policies and procedures regarding the CAT will also address conveying information regarding any such incidents to the CCO when appropriate.
Second, for the reasons discussed above, the Commission is amending the Plan to clarify that Section 6.5(f)(iv)(B) does not apply to the Commission or its personnel. As proposed, this provision stated that the Plan Processor must “require the establishment of secure controls for data retrieval and query reports by Participant regulatory Staff and the Commission.” The Commission received no comments on this provision. The Commission will ensure that comparable controls governing data retrieval and query reports from the CAT will be included, as applicable, in its policies and procedures.
See CAT NMS Plan, supra note 5, at Section 6.5(f)(iv)(B).
Third, the Commission is amending the Plan to clarify that the requirement to test changes to CAT functionality in Appendix D, Section 11.3 applies only to the Participants. As proposed, this provision stated that, with respect to changes to CAT functionality and infrastructure, the Plan Processor must “[d]efine the process by which changes are to be tested by CAT Reporters and regulators.” The Commission received no comments on this provision. For the reasons discussed above, the Commission is narrowing this provision so that it is applicable only to the Participants. However, the Commission intends to take part in the testing of changes in CAT functionality or infrastructure that would affect the way Commission personnel access and use the CAT System.
Fourth, for the reasons discussed above, the Commission is amending the Plan to exclude the Commission and its personnel from certain CAT user access provisions in Appendix D, Sections 4.1.4 and 4.1.6 of the CAT NMS Plan. The Plan, as proposed, provided that the Plan Processor shall “implement and maintain a mechanism to confirm the identity of all individuals permitted to access the CAT Data stored in the Central Repository and maintain a record of all instances where such CAT Data was accessed.” Specifically, Appendix D, Section 4.1.4 of the CAT NMS Plan provides: that “[p]eriodic reports detailing the current list of authorized users and the date of their most recent access must be provided to Participants, the SEC and the Operating Committee,” that the “reports of the Participants and the SEC will include only their respective list of users,” that the “Participants and the SEC must provide a response to the report confirming that the list of users is accurate,” and that the “Plan Processor must log every instance of access to Central Repository data by users.”
See CAT NMS Plan, supra note 5, at Section 6.5(f)(i)(D).
In addition, the CAT NMS Plan provides that “[a] full audit trail of PII access (who accessed what data, and when) must be maintained,” that “[t]he Chief Compliance Officer and the Chief Information Security Officer shall have access to daily PII reports that list all users who are entitled for PII access, as well as the audit trail of all PII access that has occurred for the day being reported on,” and that “[t]he chief regulatory officer, or other such designated officer or employee at each Participant and the Commission must, at least annually, review and certify that people with PII access have the appropriate level of access for their role.”
See CAT NMS Plan, supra note 5, at Appendix D, Section 4.1.6.
For the reasons discussed above, the Commission is amending the Plan to exclude the Commission from the provisions that require the Commission to “provide a response to the report confirming that the list of users is accurate” and to “review and certify that people with PII access have the appropriate level of access for their role.” However, in accordance with Commission information security policies and procedures, the Commission will periodically review the appropriateness of CAT access by personnel and work with the Plan Processor to ensure the list of SEC users authorized to access CAT Data in the Central Repository is appropriate.
Id. at Appendix D, Sections 4.1.4 and 4.1.6.
7. Personally Identifiable Information
a. Protections Around PII, Regulatory Access to PII
A number of commenters discussed the Plan Processor's provisions to protect the PII reported to and stored in the Central Repository. Two commenters noted that PII should be held to the “highest” or “most stringent” standards of information protection.” However, one commenter stated that “the protection and security of PII in CAT is “good enough.” Another commenter recommended that the Plan provide further details as to how PII data will be treated and confidentiality maintained, specifically during extraction and transmission of the data.
TR Letter at 8; SIFMA Letter at 22; see also NYSE Letter at 3 (discussing CAT Data, including PII reported to the Central Repository, and noting that the security of the confidential data stored in the Central Repository and other CAT systems must be of the highest quality).
Data Boiler Letter at 29 (stating “PII should properly be safeguarded . . . . but nothing will be absolutely “bullet-proof.”).
SIFMA Letter at 44 (suggesting that the Bidders should be evaluated on how their proposed solutions will meet the confidentiality requirements by a technical panel of experts with representation from broker-dealers).
Commenters also discussed the Plan's provisions regarding access to PII. One commenter noted that “access to PII data should be provided only in the rarest of instances (i.e., SEC investigations for securities law violations), as regulators and other authorized users should be able to perform the majority, if not all, of their regulatory and oversight responsibilities by utilizing non-PII data, such as the CAT Customer-ID.” Another commenter stated that there should be controls, policies and procedures to prohibit the downloading of certain sensitive information, such as PII, and suggested limiting Participant access to sensitive data only to specific enforcement actions. One commenter recommended that PII data never be exported, extracted, copied or downloaded in any manner or form from the CAT environment. This commenter added that PII data should not be included in email or other electronic communications, and advocated for use of a special CAT information management tool. Another commenter believed the PII should be excluded from direct query tools, reports or bulk data extraction.
SIFMA Letter at 22.
FIF Letter at 134-135.
SIFMA Letter at 22.
Id.
FSI Letter at 3.
In their response, the Participants noted that Section 6.10(c)(i)(B) of the Plan provides that “[t]he user-defined direct queries and bulk extracts will provide authorized users with the ability to retrieve CAT Data via a query tool or language that allows users to query all available attributes and data sources.” The Participants clarified that no customer-related information, including PII, will be included in response to queries of the broader order and transaction database, nor will it be available in bulk extract form. Instead, the Participants stated that customer-related information, such as PII, will be stored in a separate database, which can be accessed only in accordance with heightened security protocols. In such case, a regulatory user would have to be specifically authorized to access the database with PII and other customer-related information. The Participants stated that they expect that the Plan Processor and the CISO will establish policies and procedures to identify abnormal usage of the database containing customer-related information, and to escalate concerns as necessary; and noted that the details regarding such policies and procedures will be determined once the Plan Processor has been selected.
Response Letter III at 10.
Id.
See CAT NMS Plan, supra note 5, at Appendix D, Section 4.1.6.
For example, in their Response Letter, the Participants noted that if a regulatory user received a tip about a particular person, such user, if he or she were appropriately authorized to do so, could search the customer-related information database and view unmasked information to identify the person's Customer-ID, and then use the Customer-ID to query the broader order and transaction database to view the relevant activity for that Customer-ID. Response Letter III at 10.
Id.
With respect to the standards of protection for PII, the Commission notes that the Plan Processor must adhere to the NIST Risk Management Framework and implement baseline security controls identified in NIST Special Publication 800-53, which the Commission believes, when applied properly, are sufficiently rigorous industry standards for the protection of sensitive data such as PII. The Commission also believes that the Participants' general approach to treating PII differently—and with more stringent protections—than other CAT Data is also reasonable, given the highly sensitive nature of PII, and the risk that an individual Customer's orders and transactions could be identified should the Central Repository's data security protections be breached. Thus, the Commission believes that the Plan's provisions which limit who can access PII and how PII can be accessed are a reasonable means of ensuring the protection of PII. Specifically, the Commission believes that requiring access to PII to follow RBAC, adhering to the “least privileged” practice of limiting access, restricting access to PII to those with a “need-to-know,” and requiring that any login system that is able to access PII must be further secured via MFA, are reasonable.
See Section IV.D.6.b, supra.
The Commission understands that the “least privileged” practice entails limiting access to the minimal level of access to PII that will allow normal functioning.
See CAT NMS Plan, supra note 5, at Appendix D, Section 4.1.4.
The Commission also believes that the Participants' approach to the use of PII is a reasonable means of protecting PII of Customers reported to the Central Repository. Specifically, the Commission believes that the Plan's provisions setting out specific parameters applicable to the inclusion of PII in queries, as described by the Participants, is a reasonable approach to controlling the disclosure of PII and helps to ensure that PII will only be used by regulators for regulatory and surveillance purposes and, as set out in the Plan, for market reconstruction and analysis.
The Commission notes that the Plan and the Participants' response affirms that access to PII data will only be provided to a limited set of authorized individuals, and only for the limited purpose of conducting regulatory and surveillance activities. The Plan also contains an explicit prohibition on the ability to bulk download sensitive information such as PII, and this protection must be reinforced through the Plan Processor's controls, policies and procedures.
The Commission notes that regulatory uses includes, among other things, analysis and reconstruction of market events, market analysis and research to inform policy decisions, market surveillance, examinations, investigations, and other enforcement functions. See supra note 586.
Thus, the Commission believes that the Plan's provisions addressing the protections of PII, and the limitations on its access and use, provide a reasonable framework for the protection of PII. While it is concluding that the Plan sets forth a reasonable framework for the protection of PII, the Commission notes that the Plan Processor will continually assess, and the CISO and Operating Committee will vigorously oversee, the adequacy of the security of CAT Data, and in particular PII, and will promptly and thoroughly address any deficiencies that are identified.
See CAT NMS Plan, supra note 5, at Section 6.1(o)(ii) (requiring the Plan Processor to provide the Operating Committee regular reports addressing, among other things, data security issues for the Plan Processor and the Central Repository taking into account the data security requirements set forth in Appendix D).
b. PII Scope: Customer Identifying Information and Customer Account Information
One commenter requested clarification on the scope of PII, stating “[t]he exact scope of PII should be defined, i.e., are all fields associated with a customer included as PII?” In their response, the Participants provided additional clarification on their interpretation of PII, as well as on the scope of the Plan's protections for all customer-related information. Specifically, the Participants clarified that they view all customer-related information—not only PII, but also Customer Identifying Information and Customer Account Information—as the type of highly sensitive information that requires the highest level of protection under the Plan. The Participants further stated that because there is some inconsistency in how these terms are used in the Plan, to the extent that any statement in the Plan, including Section 6.10(c) of the Plan, and Appendices C or D thereto, are inconsistent with the above description, the Participants recommend that the Commission amend the Plan to address any potential confusion.
FIF Letter at 135.
Response Letter III at 9-10.
Response Letter III at 9.
Response Letter III at 10.
The Commission agrees with the Participants and believes that the security of Customer Identifying Information and Customer Account Information, irrespective of whether it meets a common understanding of the definition of PII, should be subject to the highest standards of protection. Accordingly, the Commission is amending the definition of PII in Section 1.1 of the CAT NMS Plan to provide that PII means “personally identifiable information, including a social security number or tax identifier number or similar information; Customer Identifying Information and Customer Account Information.” The Commission believes that this amendment is reasonable in that it will ensure that all information that identifies a Customer will be afforded the same high levels of protection as data that the Participants initially defined as PII.
c. Storage of PII
Commenters also discussed the policies and procedures addressing storage of PII as a means to enhance the security and confidentiality of PII reported to the Central Repository. A few commenters stated that PII should be stored separately from other CAT Data. One commenter stated that “PII must be segregated from other transactional data that will be stored by the CAT Processor.” Another commenter opined that, while it does not believe that the CAT NMS Plan should mandate a particular storage method, it supported requiring PII to be stored separately, given its sensitive nature and the potential for identify theft or fraud.
FSR Letter at 4; FSI Letter at 3; SIFMA Letter at 22; see also MFA Letter at 8 (stating that particularly sensitive pieces of data should be isolated or compartmentalized).
FIF Letter at 125. Similarly, another commenter recommended that PII data not overlap with access to the other transaction data available in the CAT. See SIFMA Letter at 23.
FSI Letter at 3.
In their response, the Participants clarified that they view all customer-related information (i.e., PII, including Customer Identifying Information and Customer Account Information) as highly sensitive information that requires the highest level of protection and, as such, all customer-related information will be stored in a different, physically separated architecture.
Response Letter III at 9.
The Commission believes that the CAT NMS Plan's provisions regarding the storage of PII set forth a reasonable framework for the security of such data. The Plan further provides that the CAT infrastructure may not be commingled with other non-regulatory systems, including being segmented to the extent feasible on a network level, and data centers housing CAT systems must be AICPA SOC-2 certified by a qualified third party auditor that is not an affiliate of any Participant or the Plan Processor.
See CAT NMS Plan, supra note 5, at Appendix D, Section 4.1.3; see also Response Letter I at 58-59.
8. Implementation Schedule
The CAT NMS Plan sets forth timeframes for key CAT implementation events and milestones, such as when the Plan Processor will release the Technical Specifications, begin accepting data from Participants, begin accepting data from Industry Members for testing purposes, and when Industry Members must begin reporting to CAT.
See Section III.27, supra.
a. Specificity and Timing of Implementation Milestones
One commenter stated that the CAT NMS Plan does not provide sufficient detail to allow for implementation planning. Another commenter argued that the CAT development milestones are unacceptable because they do not promote the objective of facilitating improved market surveillance.
FIF Letter at 43.
Data Boiler Letter at 17.
Other commenters suggested extending the implementation schedule for CAT. One commenter suggested that there should be additional time to reassess and more carefully tailor the schedules and milestones that are included in the Plan to make the roll-out of the CAT as efficient as possible. Another commenter suggested extending the implementation schedule for a period of at least six to twelve months beyond the timeframe in the Plan as filed, particularly in light of the fact that many Industry Members will be working to comply with the Department of Labor's new fiduciary duty regulation as well as T+2 implementation during this same timeframe. This commenter noted that such an extended implementation timetable would also allow for additional testing and synchronization, which would result in a more accurate reporting environment on the “go-live” date. Another commenter noted that the CAT implementation schedule is more aggressive than the actual timeframes for implementing OATS for NMS or large trader reporting, which could lead to, among other things, poorly built systems and an inferior quality of data reporting. This commenter also presented a detailed alternative implementation and milestone schedule that provides more time for Industry Members to prepare for CAT reporting.
See, e.g., FSR Letter at 10 (noting that the implementation schedule should be extended to provide the industry a sufficient amount of time to comply with the new reporting structure under the CAT NMS Plan, including the ability to report CAT Data in a timely and accurate manner with a reduced error rate); FIF Letter at 7, 40-41, 45 (stating that FIF could not support the Plan's implementation milestones as proposed and that the Plan lacks appropriate risk-mitigating strategies for CAT Reporters to cope with the “aggressive” implementation schedule and suggesting several such strategies).
SIFMA Letter at 23.
FSR Letter at 10. The Commission notes that, as of the date of this Order, a T+2 standard settlement cycle has been proposed, but not adopted. See Securities Exchange Act Release No. 78962 (September 28, 2016), 81 FR 69240 (October 5, 2016).
FSR Letter at 10.
FIF Letter at 36.
Id. at 41-50. For example, FIF suggested that the Participants should select the Plan Processor prior to Plan approval and that the test environment should be available to CAT Reporters twelve months prior to the start of Industry Member reporting (rather than six months prior to the start of Industry Member reporting as proposed in the Plan). Id. at 42-43.
On the other hand, another commenter believed that the implementation schedule is too protracted, noting that the phased-in approach of requiring CAT reporting first from Participants and then from Industry Members, combined with the fact that market participants typically request additional time to create systems to comply with new recordkeeping requirements, will render the CAT system incomplete for several years.
Anonymous Letter I at 3.
Several commenters addressed the CAT NMS Plan's development and testing milestones. One commenter noted that a robust testing period should be included in the implementation schedule and that currently the Plan does not allow sufficient time for thorough testing for broker-dealers or third-party service providers. This commenter also suggested a trial period to permit industry-wide testing of CAT readiness to ensure that the Plan Processor is capable of meeting reporting and linkage requirements outlined in the Plan. Another commenter recommended that the CAT NMS Plan include “acceptance criteria” for the completion of each CAT development milestone to ensure that the implementation of the CAT and the completion of subsequent milestones are not hindered by poor quality at earlier development stages.
SIFMA Letter at 24.
Id.; see also TR Letter at 6 (emphasizing the importance of the testing period and noting that the three-month period included in the Plan for testing the customer definition process and order data process is inadequate based on the commenter's experience with projects of lesser complexity than the CAT and because continuous reporting of customer and options data will be entirely new processes).
FIF Letter at 41.
This commenter further supported an earlier start to the development of the Technical Specifications and stated that the six-month period contemplated by the CAT NMS Plan for the industry to test software that will interface with the Plan Processor is insufficient, particularly for third-party service providers and service bureaus. This commenter suggested, among other things, accelerating the availability of the CAT test environment to earlier in the implementation cycle and allowing a minimum of twelve months of access to the CAT test environment for the first group of Industry Member reporters. Another commenter proposed a twelve-month testing period with clear criteria established before moving into production, including coordinated testing across industry participants and the vendors that support them. This commenter also noted that the testing plans that will be used for any potential move to T+2 would be useful in developing industry testing for the CAT and that error rates should be consistent with OATS for reports that are currently reported to OATS. This commenter further suggested that robust testing that mirrors production will be necessary to ensure that the Plan Processor is capable of meeting the reporting and linkage requirements outlined in the Plan.
Id. at 37-38; see also id. at 38-39 (highlighting other development and testing issues, noting in particular that linkage testing across multiple CAT Reporters is one of the most complex pieces of logic for the CAT System and CAT Reporters).
FIF Letter at 39.
TR Letter at 6.
Id.
Id. at 2.
In response to these commenters, the Participants explained that in light of their experience with testing timelines for other system changes, discussions with the Bidders, and other considerations, they continue to believe that the Plan sets forth an achievable testing timeline. The Participants also acknowledged the importance of the development process for the Technical Specifications for all CAT Reporters and noted that they have emphasized this as a high priority with the Bidders.
Response Letter I at 39.
Id. at 41.
The Participants stated that they “do not propose to amend the Plan to reflect an expedited schedule for the Industry Member Technical Specifications.” In addition, the Participants indicated that while strategies to mitigate any risks in meeting the implementation milestones will be a necessary part of promoting the successful implementation of the CAT, they believe that formulating specifics regarding risk mitigation strategies will depend on the selected Plan Processor and its solution. Therefore, the Participants stated their belief that such risk mitigation strategies will be addressed as a part of the agreement between the Plan Processor and the CAT LLC, and implemented thereafter.
Id.
Id. at 39.
Id.
The Commission agrees that prompt availability of Technical Specifications that provide detailed instructions on data submission and a robust period of testing CAT reporting functionality are important factors in ensuring that Industry Members are able to timely transition to CAT reporting and accurately report data to the Central Repository. In this regard, the Commission expects the Participants to ensure that the Technical Specifications will be published with sufficient time for CAT Reporters to program their systems, and strongly encourages the Participants and the Plan Processor to provide the earliest possible release of the initial Technical Specifications for Industry Member reporting and to begin accepting Industry Member data for testing purposes as soon as practicable. In addition, the Commission is amending Appendix C, Section C.10 of the Plan to ensure that the completion dates for the Technical Specifications, testing, and other development milestones designate firm outer limits, rather than “projected” completion dates, for the completion of these milestones. For example, as amended, the Plan will provide that the Plan Processor will begin developing Technical Specifications for Industry Member submission of order data no later than fifteen months before Industry Members are required to begin reporting this data, and will publish the final Technical Specifications no later than one year before Industry Members are required to begin reporting. Moreover, the Commission is amending Appendix C, Section C.10 of the Plan to clarify that the CAT testing environment will be made available to Industry Members on a voluntary basis no later than six months prior to when Industry Members are required to report data to the CAT and that more coordinated, structured testing of the CAT System will begin no later than three months prior to when Industry Members are required to report data to the CAT.
The Commission acknowledges that the transition to CAT reporting will be a major initiative that should not be undertaken hastily, that Industry Members and service bureaus will need sufficient time to make the preparations necessary to comply with the reporting requirements of the Plan and the Technical Specifications, and the importance of thorough testing. However, the Commission does not believe that the Plan's Technical Specification and testing timeframes are unachievable. Therefore, the Commission believes it is premature—one year before the Technical Specifications for Industry Members will be finalized, eighteen months before testing will begin, and before any problem with achieving these milestones has actually arisen—to consider amending the CAT NMS Plan to mandate a more protracted implementation schedule.
Similarly, the Commission continues to believe that the implementation dates that are explicitly provided in Rule 613—for example, that Industry Members and Small Industry Members will begin reporting Industry Member data to the Central Repository within two or three years, respectively, of Plan approval —are reasonable. As discussed above, the Plan provides appropriate interim milestones, such as iterative drafts of the Technical Specifications and a testing period, which will help prepare Industry Members to transition to CAT reporting pursuant to the implementation schedule set forth in the CAT NMS Plan. No issues complying with these dates have actually arisen, and the Commission is not altering these dates at this time. In addition, with respect to the comment that strategies to mitigate the risks imposed by an “aggressive” implementation schedule—such as delays, poorly built systems, and an inferior quality of data reporting—should be included in the Plan, the Commission agrees with the Participants that formulating detailed risk mitigation strategies will depend upon the selected Plan Processor and its specific solution and will be addressed in the agreement between the Plan Processor and CAT NMS, LLC. Therefore, the Commission is not amending the Plan to require specific risk mitigation strategies at this time.
See also Adopting Release, supra note 14, at 45744, 45805 (stating that phasing CAT implementation to allow broker-dealers to begin reporting to the CAT after the SROs will “allow members additional time to, among other things, implement the systems and other changes necessary to provide the required information to the [C]entral [R]epository, including capturing customer and order information that they may not have previously been required to collect” and that “the Commission encourages plan sponsors to propose in the NMS plan a requirement that small broker-dealers report data to the [C]entral [R]epository within three years after effectiveness of the NMS plan, as the Commission believes that providing small broker-dealers a longer implementation time should assist such broker-dealers in identifying the most cost-effective and the most efficient manner in which to procure third-party software or make any systems modifications or other changes to comply with Rule 613.”).
b. Impact of Technical Specifications on Implementation Milestones
In addition, several commenters suggested that reasonable timeframes for implementing the CAT can only be established once the Plan Processor publishes—and CAT Reporters review—the Technical Specifications. Similarly, one commenter suggested that the CAT NMS Plan should establish a milestone for amending the CAT NMS Plan based on a review of the final Technical Specifications and that these amendments should set forth the CAT implementation schedule. Another commenter argued that the Plan does not currently include critical information, such as interface details and other key technical specifications, and that broker-dealers must understand these specifications in order to establish a reasonable implementation schedule.
SIFMA Letter at 23-24; FSR Letter at 10 (stating that the release of final Technical Specifications should drive the implementation timeline and that Industry Members should be provided with the Technical Specifications and given an opportunity to review and provide feedback to the Plan Processor in an effort to determine an appropriate implementation schedule); TR Letter at 3-6 (stating that rule-making should begin once final Technical Specifications are published and noting that, in keeping with the SEC's Equity Market Structure Advisory Committee's Rule Change Implementation timing recommendation, the timing of CAT implementation should be based on a review of the Technical Specifications); FIF Letter at 6-7 (recommending that an implementation schedule be established only after publication of the Technical Specifications and that the process for SRO and Commission rulemaking should begin upon publication of the final Technical Specifications).
See TR Letter at 6.
SIFMA Letter at 23-24.
Several commenters suggested that the implementation schedule should be designed to provide more time for iterative interactions between Industry Members and the Plan Processor in terms of developing and executing system specifications, particularly as those specifications relate to listed options transactions and customer information. In addition, one commenter suggested that a technical committee should be established to work with the Plan Processor on refining the specifications and making necessary adjustments or accommodations as the specifications are developed and implemented. Another commenter suggested including a “Specifications Date” in the NMS Plan, which would be the date by which final Technical Specifications are released, at which point the industry would work with the Plan Processor to assess implementation timeframes. This commenter also urged the Commission to take a data-driven approach to implementation timing, leveraging prior experience with OATS, EBS and large trader reporting to fashion an implementation plan that is achievable.
Id. at 24; see also FIF Letter at 7, 40-41 (noting that there should be more time for testing and iterative specification reviews for CAT reporting).
SIFMA Letter at 24.
TR Letter at 5.
Id. at 6.
Two commenters suggested that the Participants and the Commission, prior to the creation of the Technical Specifications, should provide the Plan Processor with additional detail on how they intend to use trade and order data. These commenters argued that this will ensure that the CAT is designed to provide all the functionality of existing systems with the initial implementation of CAT.
FIF Letter at 6; TR Letter at 3.
FIF Letter at 6; TR Letter at 3-4.
In their response, the Participants explained that while the Technical Specifications will be important drivers of the implementation timeline, Rule 613 mandates certain compliance dates. According to the Participants, delaying the assessment and definition of implementation milestones until the availability of the Technical Specifications would jeopardize the ability of the Participants to meet their obligations under Rule 613. However, the Participants also explained that “the steps leading up to the compliance dates set forth in SEC Rule 613 can be tailored to the Technical Specifications” leaving room to accommodate specific developments related to the Technical Specifications. The Participants also expect the Plan Processor to provide more specific guidance as to steps toward implementation with the Technical Specifications and, to the extent that such guidance would require an amendment to the Plan's implementation timelines, the Participants will propose to amend the Plan accordingly. With respect to the comments recommending an iterative process between broker-dealers and the Plan Processor in developing final Technical Specifications, the Participants noted that the Plan, as drafted, already contemplates the publication of iterative drafts as needed before the final Technical Specifications are published.
Response Letter I at 39-40.
Id. at 40.
Id.
Id.
Id. at 41.
As noted, the Commission does not believe it is necessary to tie completion dates for CAT implementation events or milestones to the release and review of Technical Specifications. The Commission believes that setting forth specific timeframes in the CAT NMS Plan for completing the various CAT implementation stages and tying these timeframes to the Effective Date rather than to subsequent events such as the release, review, or finalization of the Technical Specifications, is a reasonable approach to achieve a timely implementation of the CAT. Therefore, and the Commission is not deferring or reducing the specificity of these timeframes at this time.
In response to the comments suggesting that the Plan should provide for a more iterative process between Industry Members and the Plan Processor in the development of the Technical Specifications, as the Participants' response pointed out, the CAT NMS Plan provides that the Plan Processor will publish iterative drafts of the Technical Specifications as needed prior to the publication of the final Technical Specifications. However, the Commission recognizes the importance of workable Technical Specifications, and notes that the Plan requires the Participants and the Plan Processor to work with Industry Members in an iterative process, as necessary, to develop effective final Technical Specifications.
See CAT NMS Plan, supra note 5, at Appendix C, Section C.10(b).
See also Section IV.D.15, infra.
Regarding the comment that the Participants and the Commission should provide the Plan Processor, prior to the creation of the Technical Specifications, with additional details on how they use trade and order data, the Commission understands that the Participants have provided the Bidders with their use cases and those of the Commission and have indicated that they will “work with the Plan Processor and the industry to develop detailed Technical Specifications.” The Commission and its Staff will work with the Participants and the Plan Processor to facilitate the development and implementation of the Technical Specifications and the CAT System more broadly, including by providing the Plan Processor with appropriate information on its current and prospective use of trade and order data.
See Response Letter II at 27 (“[T]he Participants have provided the Bidders with specific use cases that describe the surveillance and investigative scenarios that the Participants and the SEC would require for the CAT.”).
See id. at 21.
c. Phasing of Industry Member Reporting
The CAT NMS Plan provides that Small Industry Members—broker-dealers whose capital levels are below a certain limit defined by regulation—must report Industry Member Data to the Central Repository within three years of the Effective Date, as opposed to the two years provided to other Industry Members.
See Section III.27, supra.
Several commenters noted the impact the CAT NMS Plan's implementation schedule would have on small broker-dealers, clearing firms, and service bureaus. One commenter emphasized the need for sufficient lead time to enable small firms previously exempt from OATS reporting to establish the internal structure, technical expertise, systems, and contractual arrangements necessary for CAT reporting. Other commenters suggested that only those firms that are exempt or excluded from OATS reporting obligations—rather than Small Industry Member firms based on capital levels as set forth in the CAT NMS Plan—should have an additional year to begin reporting to CAT, arguing that such a change would allow existing systems to be retired earlier at a significant cost savings. Similarly, another commenter noted the impact the phased implementation schedule would have upon third-party vendors, service bureaus, and correspondent clearing firms with both large and small clients, and suggested that dividing Industry Members based on whether or not they currently report to OATS is preferable to the capital level-based division proposed in the CAT NMS Plan.
SIFMA Letter at 23.
TR Letter at 3-4 (recommending that the definition of Small Industry Member be based on FINRA Rules 7470 and 7410(o)); see also Wachtel Letter at 1-2 (arguing that OATS-exempt firms should be granted Small Industry Member status and that metrics other than capital level such as number of registered persons, revenue, or number of orders routed may be better ways of assessing a firm's actual activity level and market impact); FIF Letter at 49 (supporting the Plan's approach to require Participants to report to the CAT first but suggesting that CAT reporting obligations be phased in first for OATS reporters and then non-OATS reporters, or, in the alternative, phasing reporting obligations based on functionality, such as equities, options and allocations); Section V.F.2.b, infra.
FIF Letter at 40 (suggesting, in the alternative, that the CAT NMS Plan should permit Small Industry Members to report concurrently with Large Industry Members).
In response to these comments, the Participants explained their understanding that the Commission permitted additional compliance time for smaller firms because “small broker-dealers may face greater financial constraints in complying with Rule 613 as compared to larger broker-dealers” and that the Participants have based the implementation timeline on that framework. However, the Participants explained that they believe that Rule 613 and the Plan already permit Small Industry Members to commence reporting to the CAT when large Industry Members begin reporting to the CAT on a voluntary basis. In addition, the Participants stated that accelerating the reporting requirements for all Small Industry Members that are OATS reporters to require them to begin reporting to the Central Repository two years after Plan approval, when Large Industry Members are required to report, may enable FINRA to retire OATS on a more expedited basis and that the Participants will consider including in their Compliance Rules a requirement to accelerate reporting for Small Industry Members that are OATS reporters.
Response Letter II at 19-20 (citing Adopting Release).
Id.
Id.
The Commission acknowledges that the capital-level based definition contained in the Plan is not the only way to define Small Industry Members for the purposes of the implementation schedule. However, this definition is derived from Exchange Act Rule 0-10, which defines small entities under the Exchange Act for purposes of the Regulatory Flexibility Act, and reflects an “existing regulatory standard that is an indication of small entities for which regulators should be sensitive when imposing regulatory burdens.” In addition, the group of firms that do not currently report to OATS is diverse, and includes some large broker-dealers and entities that—although they are not FINRA members and hence do not have regular OATS reporting obligations—nevertheless engage in a significant volume of trading activity. Therefore, the Commission continues to believe, at this time, that the definition of Small Industry Member in the Plan is a reasonable means to identify market participants for which it would be appropriate to provide, and that would benefit from, an additional year to prepare for CAT reporting due to their relatively limited resources.
17 CFR 240.0-10.
Adopting Release, supra note 14, at 45804.
See Notice, supra note 5, at 30715, 30793.
In addition, the Commission encourages the Participants and the Plan Processor to work with Small Industry Members that are also OATS reporters to enable them to begin reporting to CAT, on a voluntary basis, at the same time that large Industry Members are required to begin reporting, particularly if the Participants believe that this would facilitate more expeditious retirement of OATS. Accordingly, the Commission is amending Appendix C, Section C.9 of the Plan to require the Participants to consider, in their rule change filings to retire duplicative systems, whether the availability of certain data from Small Industry Members two years after the Effective Date would facilitate a more expeditious retirement of duplicative systems. In addition, the Commission notes that FINRA is considering whether it can integrate CAT Data with OATS data in such a way that “ensures no interruption in FINRA's surveillance capabilities,” and that FINRA will consider “exempting firms from the OATS Rules provided they report data to the Central Repository pursuant to the CAT NMS Plan and any implementing rules.” The Commission encourages the other Participants to consider similar measures to exempt firms from reporting to existing systems once they are accurately reporting comparable data to the CAT and to enable the usage of CAT Data to conduct their regulatory activities. The Commission believes that this approach will reduce or eliminate the duplicative reporting costs of Industry Members prior to the commencement of Small Industry Member reporting.
See Section IV.D.9.a(1), infra.
See CAT NMS Plan, supra note 5, at Appendix C, Section C.9.
See Section IV.D.9.a(1), infra (requiring the Participants to consider, in their rule change filings to retire duplicative systems, whether individual Industry Members can be exempted from reporting to duplicative systems once their CAT reporting meets specified accuracy and reliability standards).
The Commission remains open to other approaches to phasing in CAT reporting obligations that will promote the earlier retirement of reporting systems that will be rendered duplicative by the CAT. However, for the reasons discussed above, the Commission believes that, at this time, the Plan's definition of Small Industry Member is reasonable, and is therefore not amending the Plan to change this definition or to otherwise change the phased approach to CAT implementation.
9. Retirement of Existing Trade and Order Data Rules and Systems
a. SRO Rules and Systems
See also Section V.F.2.b, infra (discussing comments on the costs of duplicative reporting).
As discussed above, the CAT NMS Plan provides that the Participants will conduct analyses of which existing trade and order data rules and systems require the collection of information that is duplicative, partially duplicative, or non-duplicative of CAT. Among other things, the Participants, in conducting these analyses, will consider whether information collected under existing rules and systems should continue to be collected or whether that information should be incorporated into CAT, and, in the case of retiring OATS, whether the Central Repository contains complete and accurate CAT Data that is sufficient to ensure that FINRA can effectively conduct surveillance and investigations of its members for potential violations of FINRA rules and federal laws and regulations. Under the Plan, as proposed, each Participant should complete its analysis of which of its systems will be duplicative of CAT within twelve months of when Industry Members are required to report to the Central Repository, and should complete its analyses of which of its systems will be partially duplicative and non-duplicative of CAT within eighteen months of when Industry Members are required to report to the Central Repository, although these timeframes could be extended if the Participants determine that more time is needed. In addition, the Plan requires each Participant to analyze the most appropriate and expeditious timeline and manner for eliminating duplicative and partially duplicative rules and systems and to prepare rule change filings with the Commission within six months of determining that an existing system or rule should be modified or eliminated.
See Section III.20, supra.
Id.
Id.
Id.
(1) Timing
Several commenters addressed the timeframes proposed by the Participants for retiring systems that will be rendered duplicative by CAT. One commenter noted that the CAT NMS Plan does not contain a detailed approach for retiring duplicative reporting systems and thereby fails to meet the directives of Rule 613. This commenter suggested that the CAT NMS Plan should be amended to provide a detailed framework for elimination of reporting systems that will be rendered duplicative and outdated by CAT implementation, and to set forth a prioritized timetable for retirement of such duplicative systems. Similarly, another commenter expressed disappointment regarding the plan to eliminate duplicative systems, noting that the Plan merely sets forth a “loose commitment” from the Participants to complete their analyses of which rules and systems may be duplicative of CAT, rather than an actual retirement schedule.
KCG Letter at 2-3; see also DAG Letter at 2.
KCG Letter at 2-3.
DAG Letter at 2; see also STA Letter at 1 (supporting the DAG Letter's elimination of systems recommendations).
Several commenters emphasized the importance of eliminating duplicative systems as soon as possible and suggested that the current proposal to allow up to two and a half years for the Participants to consider system elimination is too long in light of the additional expenses that will be incurred during the period of duplicative reporting. One commenter noted that without a regulatory obligation driving systems retirement, the Participants lack an incentive to retire existing systems, and that the Plan should not enable the Participants to move to planning for fixed income or primary market transaction reporting prior to mapping out the elimination of redundant systems. Another commenter presented a detailed alternative schedule—with significantly more aggressive timelines—for analyzing and retiring duplicative systems.
SIFMA Letter at 5-6; Bloomberg Letter at 7; Data Boiler Letter at 16-17, 36 (noting that the timing to retire duplicative reporting systems should be “now or never” and that CAT should have a milestone target of sun-setting OATS on the first day CAT goes live); FSR Letter at 10; TR Letter at 2-3; FIF Letter at 4 (noting that lack of an aggressive, detailed and committed retirement plan will result in excessive costs for CAT Reporters); Fidelity Letter at 2, 4-5 (noting that the Plan should establish a fixed date for retiring regulatory compliance systems that overlap with the CAT or, in the alternative, duplicative rules should sunset automatically once the CAT reaches certain performance metrics).
SIFMA Letter at 5-6.
FIF Letter at 26, 31-34. For example, FIF suggests that the Participants should complete their analyses of duplicative and partially duplicative rules and systems upon approval of the CAT NMS Plan and that the Participants should file rule changes to implement rule modifications or deletions when the Technical Specifications are released. Id.
In addition, several commenters suggested replacing or modifying the duplicative reporting period with a “test period” or “trial period.” In this regard, one commenter suggested modifying the CAT NMS Plan to include a trial period of no more than six months, after which duplicative systems are retired or firms are exempted from duplicative reporting if they have met certain error rate requirements. Similarly, another commenter recommended replacing the duplicative reporting period with a trial period mirroring production, lasting no longer than six months, and providing that the actual launch of CAT functionality be linked to the retirement of existing systems and the end of the trial period. Other commenters suggested that the launch of CAT should be linked to the retirement of existing reporting systems, noting that it is important to maintain a single audit trail of record to avoid duplicative reporting.
See, e.g., FSR Letter at 10 (recommending the replacement of the currently contemplated duplicative reporting period with a test period of the new CAT reporting system).
FIF Letter at 6, 25-28, 39 (recommending that there should be no penalties, archiving requirements or regulatory inquiries related to CAT reporting during this trial period).
TR Letter at 2.
FSR Letter at 10; TR Letter at 2.
One commenter suggested that the Participants should provide detailed requirements regarding retirement of existing systems to the Plan Processor after the Plan Processor is selected to ensure that the Technical Specifications include all functionality necessary to retire existing systems. Similarly, other commenters noted that the CAT should be designed in the first instance to include all data field information necessary to allow prompt elimination of redundant systems. One commenter noted that the CAT should be so designed even if it means that CAT includes information, products, or functionality not necessary to meet the minimum initial CAT requirements under Rule 613. This commenter also proposed that the CAT should be designed to allow the ready addition of data fields over time to enhance the ability to retire other systems and capture additional necessary information.
TR Letter at 4.
SIFMA Letter at 5-6; DAG Letter at 2 (suggesting that the Technical Specifications and functional requirements should include certain data attributes to assist in retiring duplicative systems and that the inclusion of OTC equities will more readily allow for the retirement of duplicative systems) ; see also STA Letter at 1 (supporting the DAG Letter's elimination of systems recommendations).
SIFMA Letter at 5-6.
Id. at 5-6.
One commenter outlined the steps that it believes are necessary to retire OATS and COATS. This commenter stated that these systems cannot be eliminated until FINRA and CBOE can seamlessly continue performing their current surveillance on their member firms and that the relevant data elements needed by FINRA and CBOE to perform the current surveillance would need to be retained as part of CAT's Technical Specifications.
Id. at 10-12.
Id.
In response to the comments recommending that the Participants accelerate the timeline to identify their existing rules and systems that are duplicative of CAT requirements and that CAT should be designed in the first instance to include all data field information necessary to allow prompt elimination of such redundant systems, the Participants explained that they recognize the importance of eliminating duplicative reporting requirements as rapidly as possible. The Participants also stated that to expedite the retirement of duplicative systems, the Participants with duplicative systems have already completed gap analyses for systems and rules identified for retirement (in full or in part), and confirmed that data that would need to be captured by the CAT to support retirement of these systems will be included in the CAT. Specifically, the relevant Participants have evaluated each of the following systems/rules: FINRA's OATS Rules (7400 Series), COATS and associated rules, NYSE Rule 410(b), PHLX Rule 1022, CBOE Rule 8.9, EBS and associated rules, C2 Rule 8.7 and CHX BrokerPlex reporting (Rule 5). In addition, the Participants stated that a broader review of the Participants' rules intended to identify any other impact that the CAT may have on the Participants' rules and systems generally is ongoing. The Participants also explained that once the Plan Processor is selected, the Participants will work with the Plan Processor and the industry to develop detailed Technical Specifications that ensure that by the time Industry Members are required to report to the CAT, the CAT will include all data elements necessary to facilitate the rapid retirement of these duplicative systems.
Response Letter II at 21.
Id.
The Participants stated that this review also would cover the rules of other Participants that incorporate FINRA's OATS requirements. Response Letter II at 21 (citing NASDAQ Rule 7000A Series, BX Rule 6950 Series, PHLX Rule 3400 Series, NYSE Rule 7400 Series, NYSE Arca Equities Rule 7400 Series, NYSE MKT Rule 7400 Series).
Response Letter II at 21.
Id. (noting that descriptions of OATS and EBS gap analyses created on behalf of the Participants are available for public review on the CAT NMS Plan Web site and that Participants have worked to keep these gap analyses up-to-date by including newly-added data fields in these duplicative systems, such as the new OATS data fields related to the tick size pilot and ATS order book changes, in the gap analyses).
Id. at 20-21.
To reflect these efforts, the Participants recommended an acceleration of the timelines for analyzing duplicative rules and systems by recommending amendments to Appendix C of the CAT NMS Plan to change the completion dates for their analyses of: (1) Duplicative rules and systems to nine to twelve months from Plan approval (rather than 12 months from the onset of Industry Member reporting) and (2) partially duplicative and non-duplicative rules and systems to nine to twelve months from Plan approval (rather than 18 months from the onset of Industry Member reporting). However, the Participants noted that these proposed timelines are based on the Plan Processor's appropriate and timely implementation of the CAT and the CAT Data being sufficient to meet the surveillance needs of each Participant.
Id. at 22-26.
Id. at 22.
In response to the comments recommending that duplicative systems be retired on a fixed date, the Participants explained that they cannot commit to retiring any duplicative systems by a designated date because the retirement of a system depends on a variety of factors. For example, the Participants explained that they would need to ensure that the CAT Data is sufficiently extensive and of high quality before they could rely on it for regulatory oversight purposes and that they would be unable to retire any of their duplicative systems until any rule changes related to such systems retirements are approved by the Commission. The Participants also noted that the elimination of potentially duplicative requirements established by the Commission (e.g., EBS reporting pursuant to SEC Rule 17a-25 and large trader reporting pursuant to SEC Rule 13h-1) are outside the Participants' purview. In addition, in response to the comment that the Participants lack an incentive to retire duplicative systems, the Participants explained that they are incented to eliminate systems that would be extraneous for regulatory purposes after CAT is operational due to the significant costs Participants face in running such systems.
Id. at 20-21.
See id.
Id.; see also Section IV.D.9.b, infra, discussing the Commission's plans to retire certain aspects of EBS and large trader reporting and other SEC rules once CAT is operational.
Response Letter II at 20.
In response to the comments suggesting the use of a trial period to transition to the CAT, the Participants stated that they recognize the concerns regarding the potential for disciplinary actions during the commencement of reporting to the CAT when, despite good faith efforts, reporting errors may develop due to the lack of experience with the CAT. Accordingly, the Participants stated that they will take into consideration the lack of experience with the CAT when evaluating any potential regulatory concerns with CAT reporting during the first months after such reporting is required. In addition, the Participants stated that they intend to work together with Industry Members to facilitate their CAT reporting; for example, the CAT's testing environments will provide an opportunity for Industry Members to gain experience with the CAT, and the Plan Processor will provide Industry Members with a variety of resources to assist them during onboarding and once CAT reporting begins, including user support and a help desk.
Id. at 27.
Id.
Id.
The Commission acknowledges that a protracted period of duplicative reporting would impose significant costs on broker-dealers and recognizes the importance of retiring duplicative rules and systems as soon as possible and of setting forth an appropriate schedule to achieve such retirement in the CAT NMS Plan. As discussed above, although a broader review of the Participants' rules intended to identify any other impact that the CAT may have on the Participants' rules and systems generally is ongoing, the Participants have completed gap analyses for systems and rules identified for full or partial retirement, including larger systems such as OATS and COATS. The Participants have confirmed that the data needed to support the retirement of these key systems will be included in the CAT, and have proposed to accelerate the projected dates for completing these analyses of duplicative, partially duplicative, and non-duplicative rules and systems to nine to twelve months after Plan approval.
Id. at 21.
Although the Commission appreciates these efforts to accelerate the retirement of existing data reporting rules and systems that are duplicative of the CAT, the Commission believes that stronger Plan amendments than those recommended by the Participants should be made to ensure that such rules and systems are eliminated, modified, or retired as soon as practicable after the CAT is operational so that the period of duplicative reporting is kept short. Therefore, the Commission is amending Section C.9 of Appendix C of the Plan to reflect the Participants' representation that their analyses of key duplicative systems are already complete and to provide that proposed rule changes to effect the retirement of duplicative systems, effective at such time as CAT Data meets minimum standards of accuracy and reliability, shall be filed with the Commission within six months of Plan approval.
Based on the Participants' statement in their response to comments that their gap analyses are complete with respect to the major existing trade and order data reporting systems, the Commission believes that the process of assessing which systems can be retired after CAT is operational is in an advanced stage. Rather than amending the Plan to state that these analyses for duplicative systems will be complete within nine to twelve months of the Commission's approval of the CAT NMS Plan, as recommended by the Participants, the Commission believes that the milestones listed in Appendix C should include the Participants' representation that they have completed gap analyses for key rules and systems and should enumerate those specific systems because this more accurately reflects, and more prominently and clearly conveys to market participants and the public, the status of the Participants' planning for the transition from existing systems to CAT.
For these reasons, the Commission is also amending Section C.9 of Appendix C of the Plan to require the Participants to file with the Commission rule change proposals to modify or eliminate duplicative rules and systems within six months of the Effective Date. These filings will not effectuate an immediate retirement of duplicative rules and systems—the actual retirement of such rules and systems must depend upon the availability of comparable data in CAT of sufficient accuracy and reliability for regulatory oversight purposes, as specified in the Participants' rule change proposals. The Commission also is amending the Plan to require the Participants, in their rule change proposals, to discuss specific accuracy and reliability standards that will determine when duplicative systems will be retired, including, but not limited to, whether the attainment of a certain Error Rate should determine when a system duplicative of the CAT can be retired. Although these amendments were not suggested by the Participants, the Commission believes that the rule change filing milestone should be changed to six months from Plan approval given the status of the Participants' gap analyses and because the actual retirement of rules and systems will only occur once CAT Data meets minimum standards of accuracy and reliability. In addition, the Commission believes that an explicit statement in the Appendix C milestones that the retirement of systems that are duplicative of CAT shall occur once CAT Data meets minimum standards of accuracy and reliability will provide greater clarity regarding how the transition from existing reporting systems to the CAT will proceed. In addition, these amendments will better align the systems retirement schedule with the broader CAT implementation schedule. For example, requiring rule change proposals to be submitted to the Commission within six months will ensure that public comments, and Commission review of these comments, which could inform the development of the Technical Specifications, will be in progress as the Technical Specifications for Industry Member data submission are being developed (i.e., at least fifteen months before Industry Members are required to report to CAT).
The Commission believes that, taken together, these amendments may facilitate an accelerated retirement of existing data reporting rules and systems that are duplicative of CAT and thus reduce the length of the duplicative reporting period as compared to the Plan as filed. Given that their requisite analytical work is already substantially complete, the Commission believes that the milestones, as amended, are achievable without a substantial increase in the burdens imposed on the Participants. Given the importance of retiring existing systems as rapidly as possible to reduce the substantial burdens on Industry Members that come with an extended period of duplicative reporting, the Commission believes that these amendments are appropriate. The CAT NMS Plan, as amended, recognizes that the Participants' requisite analytical work is already substantially complete and explicitly conditions the elimination of duplicative reporting only on the availability of accurate and reliable CAT Data that will enable the SROs to carry out their regulatory and oversight responsibilities. The amended Plan also accelerates the initiation of the formal process of retiring duplicative rules and systems by requiring that rule change filings be filed within six months of the Effective Date.
The Commission believes that the CAT NMS Plan, as amended, contains an appropriate level of detail regarding the process of retiring duplicative rules and systems. However, the Commission is not amending the Plan to include fixed or mandatory dates for the retirement of existing rules and systems at this time. As the Participants noted in their response to comments, retiring a system depends upon many factors, including the availability of sufficiently extensive and high quality CAT Data. The Commission and the SROs will continue to rely on the information collected through existing regulatory reporting systems to reconstruct market events, conduct market analysis and research in support of regulatory decision-making, and conduct market surveillance, examinations, investigations, and other enforcement functions until sufficiently complete, accurate, and reliable data is available through CAT. Therefore, precise dates for retiring these rules and systems cannot be determined prospectively. However, the Commission agrees with the Participants that they have incentives to retire extraneous systems after CAT is operational due to the desire to avoid the costs associated with maintaining such systems; the Commission believes that these incentives will mitigate any delay that would otherwise result from the difficulty of setting forth specific system retirement dates in advance.
Response Letter II at 20.
As discussed above, the gap analyses completed by the Participants regarding the key existing trade and order data systems have confirmed that the CAT contains the data fields necessary to retire these systems, and the Commission has amended the Plan to ensure that any additional analysis related to duplicative rule and system retirement is completed in a timely manner. The Participants also explained that once the Plan Processor is selected, the Participants will work with the Plan Processor and Industry Members to develop detailed Technical Specifications that ensure that by the time Industry Members are required to report to the CAT, the CAT will include all data elements necessary to facilitate the rapid retirement of duplicative systems. The Commission agrees that the Participants should work with the Plan Processor and Industry Members in this manner and provide appropriate information about how they use trade and order data collected through existing rules and systems to ensure that the Technical Specifications are developed with these requirements in mind. In addition, with respect to the comment that CAT should be designed to permit the inclusion of additional data fields, the Commission notes that the Plan contains provisions regarding periodic reviews and upgrades to CAT that could lead to proposing additional data fields that are deemed important, and does not believe any changes to the Plan are necessary.
Id. at 20-21.
See Notice, supra note 5, at 30700.
(2) Proposed Alternative Approaches to Systems Retirement
Several commenters suggested linking the retirement of duplicative systems to the error rate or quality of data reported to CAT. For example, one commenter suggested that the CAT NMS Plan should be amended to include an exemption from duplicative reporting obligations for individual broker‐dealers based on meeting certain CAT reporting quality metrics. Similarly, another commenter suggested that a “Retirement Error Rate” should be defined as the acceptable error rate for discontinuing reporting to a duplicative system, and that the Retirement Error Rate should be based on comparable data in CAT (e.g., OATS equivalent data reported to CAT should meet the reporting and quality criteria required by FINRA, but higher error rates associated with data elements that are outside the scope of existing systems should not prevent the retirement of such systems). One commenter suggested reducing the error rate as quickly as possible to facilitate the elimination of duplicative systems by including a test period to bring reporting near a 1% error rate when CAT is launched in production. This commenter also noted that disparities in error rate tolerance between CAT and other existing regulatory reporting systems should not serve as a pretext for prolonging the lifespan of those legacy systems. Several commenters suggested that the error rates used for elimination of duplicative systems should be post-correction error rates and that when a firm meets the necessary standards, the Plan should allow for individual firm exemptions from duplicative reporting.
KCG Letter at 2-3.
FIF Letter at 5, 24-26; see also Bloomberg Letter at 8 (noting that the Commission should specify an appropriate error rate for CAT NMS reporting such that, once met, CAT reporters can retire superseded systems).
SIFMA Letter at 6-7.
Id.
Id. at 7; see also FIF Letter at 5, 24 (corrected data should be used for error rates and individual firms should be allowed to retire duplicative systems once the Retirement Error Rate is achieved); TR Letter at 5-6; FSR Letter at 9 (stating that the error rate should only apply to post-correction data on equities). Section IV.D.11, infra, discusses the Commission's response to commenters suggesting the use of post-correction error rates.
One commenter also noted that the Participants have not adequately incorporated the 14-month milestone associated with the requirement that they enhance their surveillance systems into their milestones for the retirement of existing systems, noting that if the Participants are prepared to use CAT Data after 14 months, there should be no obstacles to retiring existing systems once the Retirement Error Rates are met. If the 14-month milestone is insufficient to obligate the Participants to use CAT Data in place of existing systems, this commenter would recommend a new milestone be created such that by the end of a trial period, the Participants must use CAT Data in place of existing systems.
FIF Letter at 6, 24-25.
Id.
Several commenters expressed support for the Plan's exemption from OATS reporting for CAT Reporters as long as there would be no interruption in FINRA's surveillance capabilities and urged the SROs to consider a similar approach for firms that meet certain error rate thresholds.
DAG Letter at 2; FIF Letter at 23; see also STA Letter at 1 (supporting the DAG Letter's elimination of systems recommendations).
Similarly, one commenter suggested a “principles-based framework” for eliminating potentially duplicative systems. This framework would include: (i) A “phased” elimination program in which reporters that have achieved sufficient accuracy in CAT reporting can individually retire their systems; (ii) designing the Central Repository from the outset to include the ability to implement all of the surveillance methods and functions currently used by SROs; (iii) rather than relying on a simple field-mapping exercise to determine which systems can be eliminated, considering whether all the data elements currently reported under existing systems are really needed for the types of surveillance and other analyses typically undertaken by the Participants, whether the Central Repository can use alternative methods of surveillance or analysis that do not rely on those data elements, and whether data elements currently collected by an existing reporting system that are not available in the Central Repository could be derived or computed from data that is in the Central Repository; and (iv) requiring that questions to broker-dealers regarding their reported data should be directed though the process created for the Central Repository, not through previously-established channels based on legacy systems.
SIFMA Letter at 7-10.
Id. SIFMA also applied this framework to the retirement of OATS, EBS, and COATS. See id. at 10-12.
Several commenters suggested that the Commission should impose a moratorium on changes to existing systems to coincide with the launch of CAT to enable firms to dedicate resources to the successful launch and operation of CAT rather than the maintenance of legacy systems. In addition, several commenters suggested that the Plan should allow for elimination of individual systems as they become redundant or unnecessary once production commences in CAT.
Id. at 5-6; see also TR Letter at 5 (calling for such a moratorium to commence once the Technical Specifications are in development to ensure that the Technical Specifications are sufficiently robust and to avoid enhancing systems that will be retired); Fidelity Letter at 2, 4-5 (noting that the Plan should call for an immediate cessation of enhancements to existing broker-dealer reporting systems which will retire once the CAT is operational); KCG Letter at 3 (noting that there should be a cessation of any changes to duplicative reporting systems during the period leading up to the CAT compliance date and once broker‐dealers have to begin reporting to the CAT and any such changes should be built in to the CAT); FIF Letter at 27.
SIFMA Letter at 5-6; FSR Letter at 10 (stating that to the extent that any subset of data collected under the CAT NMS Plan is otherwise collected under a different reporting regime, the existing reporting regime should be amended as soon as possible to remove the duplicative reporting requirement).
In response to the comments recommending that exemptions be granted for individual Industry Member CAT Reporters from duplicative reporting obligations if they meet a specified data reporting quality threshold, the Participants explained that this would implicate the rules of the individual Participants and would be dependent upon the availability of extensive and high quality CAT Data, as well as Commission approval of rule change proposals by the Participants and the elimination of Commission data reporting rules such as Rules 17a-25 and 13h-1. Therefore, the Participants did not recommend an amendment to the Plan to incorporate such an exemption from the individual Participants' rules.
Response Letter II at 26.
Id.
Nevertheless, the Participants explained that they have been exploring whether the CAT or the duplicative systems would require additional functionality to permit cross-system regulatory analyses that would minimize the duplicative reporting obligations. The Participants stated that FINRA remains committed to working with the Plan Processor to integrate CAT Data with data collected by OATS if it can be accomplished in an efficient and cost effective manner. However, the Participants stated that FINRA anticipates that CAT Reporters who are FINRA members and report to OATS will need to report to both OATS and the CAT for some period until FINRA can ensure that CAT Data is of sufficient quality for surveillance purposes and FINRA is able to integrate CAT Data with the remaining OATS data in a way that permits it to continue to perform its surveillance obligations. In addition, the Participants stated that FINRA believes that requiring all current OATS reporters to submit data to the Central Repository within two years after the Commission approves the Plan may reduce the amount of time that OATS and CAT will need to operate concurrently and may help facilitate the prompt retirement of OATS.
Id.
Id. (noting that the Plan states that FINRA would consider exempting firms from the OATS requirements if the data submitted to the CAT is of sufficient quality for surveillance purposes and FINRA is able to integrate CAT Data with the remaining OATS data in a way that permits it to continue to perform its surveillance obligations).
Id.
Id.
In response to the comment that the CAT should be designed from the outset to include the ability to implement all of the surveillance methods and functions currently used by the Participants, the Participants explained that CAT is not intended to be the sole source of surveillance for each Participant, and, therefore, would not cover all surveillance methods currently employed by the Participants. However, the Participants stated that, with the goal of using the CAT rather than duplicative systems for surveillance and other regulatory purposes, the Participants have provided the Bidders with specific use cases that describe the surveillance and investigative scenarios that the Participants and the Commission would require for the CAT, and that during the bidding process each Bidder has been required to demonstrate its ability to meet these criteria. In addition, the Participants noted that they have had multiple discussions with the Bidders regarding the query capabilities that each Bidder would provide, and the Participants believe that the selected Plan Processor will have the capability to provide the necessary surveillance methods and functions to allow for the retirement of duplicative systems. The Participants also stated that the Plan Processor will provide support, including a trained help-desk staff and a robust set of testing, validation, and error correction tools, to assist CAT Reporters as they transition to CAT reporting.
Id. at 27.
Id.
Id.
Response Letter I at 38-39.
In response to comments concerning a moratorium on changes to new systems, the Participants explained that they plan to minimize the number of changes that are rolled out to duplicative systems to the extent possible. The Participants, however, cannot commit to making no changes to the duplicative systems as some changes may be necessary before these systems are retired—for example, changes to these duplicative systems may need to be made to address Commission initiatives, new order types or security-related changes.
Response Letter II at 28.
Id.
The Commission agrees with the commenters that the accuracy of the data reported to CAT, as in part measured by CAT Reporters' Error Rate, should be a factor in determining whether and when duplicative trade and order data rules and systems should be eliminated. As discussed above, the rule change proposals regarding duplicative systems retirement that the Participants will file with the Commission within six months of the Effective Date must condition the elimination of existing data reporting systems on CAT Data meeting minimum standards of accuracy and reliability. The Commission believes that this approach may incentivize accurate CAT reporting because it could potentially allow Industry Members to retire redundant, and costly to maintain, systems sooner. The Commission believes that any such improvements in accuracy, together with the amended Plan's reduction of the period for the Participants to complete their analyses of duplicative, partially duplicative, and non-duplicative rules and its acceleration of the requirement to file system elimination rule change proposals, should facilitate an earlier retirement of duplicative systems. However, the Commission does not believe that a specific Error Rate that would automatically trigger the elimination of the collection of data through an existing, duplicative system can be set in advance, through a Plan amendment at this time. Rather, the more flexible standard set forth in the Plan, as amended—that duplicative systems will be retired as soon as possible after data of sufficient accuracy and reliability to ensure that the Participants can effectively carry out their regulatory obligations is available in CAT—recognizes the primacy of ensuring that CAT Data can be used to perform all regulatory functions before existing systems are retired, and is therefore more appropriate.
In response to the comments regarding individual exemptions from reporting to duplicative systems for Industry Members whose CAT reporting meets certain quality thresholds, the Commission supports the Participants' efforts to explore whether this can be feasibly accomplished by adding functionality to permit cross-system regulatory analyses that would minimize duplicative reporting obligations or, in the case of OATS, integrating CAT Data with data collected by OATS. Accordingly, the Commission is amending Section C.9 of Appendix C of the Plan to require that the Participants consider, in their rule filings to retire duplicative systems, whether individual Industry Members can be exempted from reporting to duplicative systems once their CAT reporting meets specified accuracy standards, including, but not limited to, ways in which establishing cross-system regulatory functionality or integrating data from existing systems and the CAT would facilitate such individual Industry Member exemptions. However, the Commission does not believe that it would be appropriate, at this time, to amend the Plan to require the Participants to grant such individual exemptions because, as noted by the Participants, it may not be feasible to implement the technological and organizational mechanisms that would obviate the need for duplicative reporting by ensuring that the Participants can effectively carry out their regulatory obligations using CAT Data.
In response to the comment that the CAT should be designed from the outset to include the ability to implement all of the surveillance methods and functions currently used by the Participants, the Commission notes that the Participants have indicated that they have provided the Bidders with their surveillance and investigative use cases, that each Bidder has been required to demonstrate its ability to meet these criteria, and that the selected Plan Processor will have the capability to provide the necessary surveillance methods and functions to allow for the retirement of duplicative systems. Therefore, the Commission believes that the CAT is being designed to include the ability to implement all of the surveillance methods and functions currently used by the Participants, and is not amending the Plan in response to this comment.
In response to the commenter that suggested a specific principles-based framework for retiring duplicative systems, the Commission believes that, in general, the principles outlined in the CAT NMS Plan for retiring potentially duplicative rules and systems are reasonable. The principles outlined in the Plan recognize that the Participants and the Commission will continue to rely on information collected through existing regulatory reporting systems to reconstruct market events, conduct market analysis and research in support of regulatory decision-making, and conduct market surveillance, examinations, investigations, and other enforcement functions until analogous information is available through CAT. Some period of duplicative reporting may be necessary to ensure that regulators can obtain accurate and reliable information through CAT to carry out these functions. However, the Commission also agrees that the CAT Reporter support, testing, and validation tools created for the CAT—rather than similar tools associated with legacy reporting systems—should be used to assist Industry Members as they transition to CAT reporting.
SIFMA Letter at 7-10.
See supra notes 1403, 1430 and accompanying text.
The Commission agrees with the Participants that there cannot be a moratorium on changes to existing systems in connection with the launch of CAT. As discussed above, the Commission and the SROs use the information collected through existing regulatory reporting systems to carry out a variety of regulatory functions. Until these systems are fully retired, the Commission and the SROs will continue to rely upon these systems to obtain the information they need to perform these functions. Therefore, because changes to these systems may be necessary for the Commission or the SROs to obtain such information, the Commission does not believe a moratorium should be imposed on changes to these systems. However, the Commission supports the Participants' commitment to minimizing changes to existing systems and encourages the Participants to consider the necessity of any such changes and any additional burden such changes would impose on their members during the period in which members are transitioning to CAT reporting. Accordingly, the Commission is amending Section C.9 of Appendix C of the Plan to state that between the Effective Date and the retirement of the Participants' duplicative systems, each Participant, to the extent practicable, will attempt to minimize changes to those duplicative systems.
b. Retirement of Systems Required by SEC Rules
The CAT NMS Plan also discusses specific Commission rules that potentially can be eliminated in connection with CAT implementation. Specifically, the Plan states that, based on preliminary industry analyses, large trader reporting requirements under SEC Rule 13h-1 could be eliminated. In contrast, the Plan states that “[l]arge trader reporting responsibilities on Form 13H and self-identification would not appear to be covered by the CAT.”
See CAT NMS Plan, supra note 5, at Appendix C, Section C.9.
One commenter suggested that the Commission should eliminate requirements such as Rule 13h-1 and Form 13H regarding large trader filings, noting that Commission Staff will have access to the same information that they are receiving through Form 13H through CAT. Another commenter recommended the elimination of the EBS system, under SEC Rule 17a-25, with respect to equity and option data.
MFA Letter at 9.
17 CFR 240.17a-25.
SIFMA Letter at 10-11. This commenter also explained that in order to retire EBS, the relevant data elements that are included in an EBS report need to be retained as part of CAT's Technical Specifications and the accuracy of the CAT Data reported by member firms should meet an acceptable threshold for its error/rejection rate. Id. The commenter also noted that fixed income data, since it will not be available initially through CAT, will still need to be requested through the EBS system and that historical equity and option data will have to be retained and archived to accommodate requests for this data through EBS. Id.
In their response, the Participants noted that “the elimination of potentially duplicative requirements established by the SEC (e.g., SEC Rule 17a-25 regarding electronic submission of securities transactions [the EBS system] and SEC Rule 13h-1 regarding large traders) are outside the Participants' purview.”
Response Letter II at 21.
The Commission acknowledges that duplicative reporting will impose significant burdens and costs on broker-dealers, that certain SEC rules require the reporting of some information that will also be collected through CAT, and that certain SEC rules may need to be modified or eliminated in light of CAT. Specifically, the Commission believes that, going forward, CAT will provide Commission Staff with much of the equity and option data that is currently obtained through equity and option cleared reports and EBS, including the additional transaction data captured in connection with Rule 13h-1 concerning large traders. Accordingly, Commission Staff is directed to develop a proposal for Commission consideration, within six months of the Effective Date, to: (i) Amend Rule 17a-25 to eliminate the components of EBS that are redundant of CAT, and (ii) amend Rule 13h-1, the large trader Rule, to eliminate its transaction reporting requirements, in each case effective at such time as CAT Data meets minimum standards of accuracy and reliability. In addition, as part of this proposal, Commission Staff will recommend whether there will continue to be any need for the Commission to make requests for equity and option cleared reports, except for historical data, once CAT is fully operational and CAT Data meets minimum standards of accuracy and reliability. The Commission notes that the EBS system will still be used to collect historical equity and options data—i.e., for executions occurring before CAT is fully operational—and data on asset classes not initially covered by CAT, such as fixed income, municipal, or other government securities, and that the components of the EBS system necessary to enable such usage will need to be retained. However, to the extent that CAT is expanded to include data on additional asset classes, the Commission will consider whether the components of the EBS system related to the retention and reporting of data on these asset classes can also be eliminated.
See Notice, supra note 5, at 30660 (discussing equity and option cleared reports).
See id. (discussing the EBS system).
17 CFR 240.13h-1; see also Adopting Release, supra note 14, at 45734 (“The Commission . . . note[s] . . . that . . . aspects of Rule 13h-1 may be superseded by Rule 613. Specifically, the trade reporting requirements of Rule 13h-1 are built upon the existing EBS system. To the extent that . . . data reported to the central repository under Rule 613 obviates the need for the EBS system, the Commission expects that the separate reporting requirements of Rule 13h-1 related to the EBS system would be eliminated.”)
At this time, the Commission does not anticipate that there will be a need to make such requests.
In addition, the Commission does not anticipate that it will make requests for equity and option cleared reports, except for historical data, once CAT is fully operational.
The Commission does not agree with the comment that SEC Staff will have access through CAT to the “same information” that it receives through Form 13H. Form 13H collects information to identify a large trader, its securities affiliates, and its operations, and does not collect audit trail data on effected transactions. The self-identification and other Form 13H filing requirements of Rule 13h-1 will not be duplicated by or redundant of CAT.
To cite one example, Item 4 of Form 13H requires large traders to provide an “Organizational Chart” that will not be reported under CAT.
c. Record Retention
The CAT NMS Plan states that certain broker-dealer recordkeeping requirements could be eliminated once the CAT is operational. The Plan also requires that information reported to the Central Repository be retained in a convenient and usable standard electronic data format that is directly available and searchable electronically without any manual intervention by the Plan Processor for a period of not less than six years.
See CAT NMS Plan, supra note 5, at Appendix C, Section C.9.
See id. at Section 6.5(b).
One commenter suggested that record retention by the CAT should be established for periods long enough to satisfy regulatory requirements associated with other regulatory systems (e.g., the seven year record retention requirement for EBS) and that the Commission should consider the extent to which CAT reporting could fulfill recordkeeping obligations for a CAT Reporter.
SIFMA Letter at 5-6.
The Participants explained that the Plan's six-year retention period exceeds the record retention period applicable to national securities exchanges and national securities associations under SEC Rules 17a-1(b) and 17a-6(a), which require that documents be kept for at least five years. The Participants further explained that they do not believe that the Plan's record retention requirements should be expanded beyond six years since such expansion would impact Bidder solutions and the maintenance costs associated with the CAT. With respect to the comment regarding CAT Reporters using the CAT to satisfy their recordkeeping obligations, the Participants maintained that it would be inappropriate for CAT Reporters to fulfill their recordkeeping obligations by relying on the Central Repository in the initial phase of CAT reporting because permitting this use of the Central Repository would impose additional regulatory and resource obligations on the Central Repository. In the longer term, the Participants recognized that the Central Repository could be a useful tool to assist CAT Reporters in satisfying their recordkeeping and record retention obligations, and stated that after the implementation of CAT, the Operating Committee will review whether it may be possible for CAT Reporters to use the CAT to assist in satisfying certain recordkeeping and record retention obligations.
17 CFR 240.17a-1(b), 17a-6(a).
Response Letter I at 27.
Id.
Id.
Id.
The Commission disagrees with the suggestion from commenters that the CAT NMS Plan should be amended to extend its six-year record retention timeframe to satisfy the requirements of existing reporting systems. In addition to exceeding the five year retention period applicable to national securities exchanges and associations under Rules 17a-1(b) and 17a-6(a), as pointed out by the Participants, the Commission notes that the six-year timeframe set forth in the CAT NMS Plan reflects the six-year data retention requirement of Rule 17a-4(a). The Commission does not anticipate that any variation between the retention periods for existing systems and the CAT system will hinder the potential retirement of existing systems that are duplicative of CAT. In addition, while the Commission believes it is important to implement the initial phases of CAT reporting first, once CAT is fully operational, the Participants, the Plan Processor, and the Commission can consider further enhancements to the CAT system, including enhancements that could potentially enable the Central Repository to satisfy certain broker-dealer recordkeeping requirements, such as those set forth in Rules 17a-3 and 17a-4.
See CAT NMS Plan, supra note 5, at Appendix C, Section D.12(m).
17 CFR 240.17(a)(3)-(4).
10. Primary Market Transactions and Futures
a. Primary Market Transactions
The CAT NMS Plan provides that the Participants jointly, within six months of the CAT NMS Plan's approval by the Commission, will provide a document (the “Discussion Document”) to the Commission that will include a discussion of how Primary Market Transactions could be incorporated into the CAT. In Appendix C of the CAT NMS Plan, the Participants conclude that the Discussion Document should be limited to sub-account allocations for Primary Market Transactions. Moreover, the CAT NMS Plan does not require any specific timetable for Primary Market Transaction data to be reported to the CAT.
See CAT NMS Plan, supra note 5, at Section 6.11; see also infra note 3059. The CAT NMS Plan specifies that the Discussion Document will include details for (i) each order and Reportable Event that may be required to be provided, (ii) which market participants may be required to provide the data, (iii) the implementation timeline, and (iv) a cost estimate.
See CAT NMS Plan, supra note 5, at Appendix C, Section A.6.
The Participants explained that for Primary Market Transactions there are generally two key phases: A “book building” phase and an allocation phase (which includes top-account allocations and sub-account allocations). According to the Participants, the “book building phase involves the process by which underwriters gather and assess investor demand for an offering of securities and seek information important to their determination as to the size and pricing of an issue. Using this and other information, the underwriter will then decide how to allocate IPO shares to purchasers.” The Participants' understanding is “that these are so-called `top account' allocations—allocations to institutional clients or retail broker-dealers, and that such allocations are conditional and may fluctuate until the offering syndicate terminates. Sub-account allocations occur subsequently, and are made by top-account institutions and broker-dealers prior to settlement.”
Id.
Id.
Id.
In reaching their decision to limit Primary Market Transactions data for CAT reporting to sub-account allocations, the Participants noted that sub-account allocations are “maintained by broker-dealers in a manner that would allow for reporting to the Central Repository without unreasonable costs and could assist the Commission and the Participants in their regulatory obligations.” The Participants argued, however, that because top-account allocations are not firm and may fluctuate, reporting this information to the Central Repository “would involve significantly more costs which, when balanced against the marginal benefit, is not justified at this time.”
Id.
Id.
The Commission received two comments advocating for delaying the inclusion of all Primary Market Transactions data in the CAT (and for excluding top-account allocation data), and one comment supporting the inclusion of Primary Market Transaction data in the CAT, for both top-account and sub-account allocation data. Specifically, the two commenters who advocated that Primary Market Transactions should be delayed until OATS and other regulatory reporting systems are retired cited “mounting regulatory expenses” and limited and different resources being required to address this element. These commenters added that regulatory and surveillance requirements should be defined before adding Primary Market Transaction data to the CAT and disputed the Commission's assessment in the Notice of the CAT NMS Plan that top-account allocation should be a CAT data element. One of these commenters noted that significant analysis and data modelling would be required to effectively and efficiently include Primary Market Transaction data. The other commenter cited a DAG recommendation that if Primary Market Transaction data were required that only sub-account allocation data should be included due to operational feasibility. The same commenter also requested clarification as to what is meant by Primary Market Transaction “allocations,” and described its understanding that “allocations” under Rule 613(a)(1)(vi) only apply to the final step in the allocation process (i.e., not the preliminary book building allocations but the actual placement into a customer's account).
See SIFMA Letter at 36; FIF Letter at 13, 118-20.
See Hanley Letter.
SIFMA Letter at 36; FIF Letter at 13 (noting that “the primary market and the secondary market are inherently different . . . different rules and reporting requirements, . . . business processes, . . . vendors, . . . and systems with different technology personnel.”).
SIFMA Letter at 36; FIF Letter at 13; see also Notice, supra note 5, at 30772 (“The Commission preliminarily believes that the potential benefits of including top-account information in the CAT could be significant and that the costs of including top-account information could be lower than what is described in the CAT NMS Plan and appropriate in light of significant potential benefits. For these reasons, the Commission preliminarily believes that top-account information should not be excluded from the Discussion Document.”).
FIF Letter at 13.
SIFMA Letter at 36.
Id.
The third commenter, however, advocated for including Primary Market Transaction data (both top-account and sub-account) in the CAT. The commenter believed that regulators would benefit from having both sub-account and top-account Primary Market Transaction data, noting that such data would help regulators understand the economics of the offering process and could promote efficient capital formation. The commenter reviewed academic literature related to the book building allocation process and suggested that the collection and analysis of Primary Market Transaction data could address open questions as to potential capital formation inefficiencies, including potential manipulation and/or violations of Rule 105 and fund manipulation. The commenter stated that Form 13F data cannot fully capture primary market allocations because it is limited to institutional investment managers with investment discretion over $100 million, and because secondary market transactions may occur before the filing of Form 13F is required. The commenter also recommended that the SROs and the Commission require indications of interest during preliminary book building to be made available in an easily accessible format for both regulators and academics outside of CAT.
Hanley Letter.
Id. at 1.
Id. at 2-3.
Id. at 1 (noting “[t]op-account allocations refer to allocations during the book-building process to institutional clients and retail broker-dealers . . . the subsequent sub-account allocations to the actual accounts receiv[e] the shares”).
Id. at 5-6. The commenter, however, stated that it is not requesting that CAT include pre-offer changes in tentative allocations. Hanley Letter at 4-6 (noting that during the pre-offering stage of a book-building process, preliminary indications of interest while gathered are believed to be subject to change).
The commenter advocating for the inclusion of both top-account and sub-account allocation Primary Market Transaction data also cited and disputed a FIF estimate that it would cost broker-dealers approximately $704,200 per firm to provide initial allocation information, stating that “manually entering top-account allocation information into CAT (if available) should cost substantially less than estimated.” The commenter estimated costs to be $2,400 per offering for providing top-account allocation information, and argued such costs would be “de minimis with respect to the overall cost of issuance.” The commenter also contested FIF's cost estimate of $58.7 million for providing sub-account information, noting that if CAT were to replace EBS then the incremental cost of providing sub-account allocation information should also be de minimis.
Id. at 4.
Id. at 5.
EBS are trading records requested by the Commission and SROs from broker-dealers that are used in regulatory investigations to identify buyers and sellers of specific securities.
Hanley Letter at 5.
In response to commenters, the Participants maintained their support for including in the CAT sub-account allocations but did not support reporting, or discussing in the Discussion Document, top-account allocations. The Participants reiterated that top-account allocation reporting for Primary Market Transactions would “likely impose significant costs to CAT Reporters while only providing a marginal additional regulatory benefit over sub-account allocation data.” The Participants further stated that they have not determined a timeline for reporting Primary Market Transaction allocations, but have committed to not require it during the initial implementation phase of CAT.
Response Letter I at 49.
Id.
Id. at 50. In response to a commenter seeking clarification on the meaning of certain aspects of Primary Market Transactions, the Participants identified the relevant Plan provisions for the commenter. Id. at 50-51.
Consistent with the reasoning stated in the adoption of Rule 613, the Commission believes that the Discussion Document should discuss the potential costs and benefits of expansion of CAT to include both top-account and sub-account allocations for Primary Market Transactions. At the same time, the Commission acknowledges that mandating the inclusion of Primary Market Transaction data, either top-account or sub-account, would require Commission action following public notice and comment. The Commission discusses the Primary Market Transaction cost comments in its economic analysis below.
See Section V.H.8, infra.
b. Futures
Rule 613 and the CAT NMS Plan do not require the reporting of audit trail data on the trading of futures. One commenter, noting that the CAT NMS Plan does not require any information about stock index futures or options on index futures, stated that incorporating futures data into CAT would “create a more comprehensive audit trail, which would further enhance the SROs' and Commission's surveillance programs.”
CBOE Letter at 2; see also Better Markets Letter at 7.
As noted above, the Participants, within six months of the CAT NMS Plan's approval by the Commission, will provide the Discussion Document that will include a discussion of how additional securities and transactions could be incorporated into CAT. In their response, the Participants recognized that “the reporting of additional asset classes and types of transactions is important for cross-market surveillance.” Further, the Participants stated their belief that the Commission also recognizes “the importance of gradually expanding the scope of the CAT,” and cited the Adopting Release, wherein the Commission directed the Commission Staff “to work with the SROs, the CFTC staff, and other regulators and market participants to determine how other asset classes, such as futures, might be added to the consolidated audit trail.” Accordingly, the Participants stated that they intend to assess whether it would be appropriate to expand the scope of the CAT to include futures, at a later date.
See CAT NMS Plan, supra note 5, at Section 6.11.
Response Letter I at 26. The CAT NMS Plan specifies that the Discussion Document will include a discussion of debt securities and Primary Market Transactions, but does not expressly require that futures be in the Discussion Document. See CAT NMS Plan, supra note 5, at Section 6.11.
Response Letter I at 26-27 (citing Adopting Release, supra note 14 at 45745 n.241).
The Commission believes that the omission of futures data from the CAT NMS Plan is reasonable, particularly in light of limitations on the Commission's jurisdiction.
11. Error Rate
CAT Data reported to the Central Repository must be timely, accurate and complete. The CAT NMS Plan specifies the maximum Error Rate for CAT Reporters. As noted in Section III.19, the term Error Rate is defined as “the percentage of [R]eportable [E]vents collected by the [C]entral [R]epository in which the data reported does not fully and accurately reflect the order event that occurred in the market.” The Error Rate will apply to CAT Data as it is initially submitted to the Central Repository, before it has undergone the correction process.
See CAT NMS Plan, supra note 5, at Section 6.5(d)(2).
Id. at Section 6.5(d)(i). The Participants expect that post-correction Error Rates will be de minimis. See id. at Appendix C, Section A.3(b), n.102.
See id. at Section 1.1; see also 17 CFR 242.613(j)(6).
See CAT NMS Plan, supra note 5, at Appendix C, Section A.3(a) (stating, “[T]he initial step in ensuring the reliability and accuracy of data in the Central Repository is the validation checks made by the Plan Processor when data is received and before it is accepted into the Central Repository.”)
a. Definition of Error
Some commenters sought additional information about the meaning of the term “Error Rate” and how Error Rates would be calculated. One commenter suggested that there should be clarification as to whether all errors would be treated equally. Another commenter questioned whether there would be a minimum number of reports submitted before Error Rate calculations would take place, and whether all data submissions would be covered. One commenter suggested that Error Rates be calculated daily on a rolling average, comparing a CAT Reporter's error rate to an aggregate Error Rate, so as to take into account daily fluctuations in Error Rates. One commenter did not believe that all errors should be treated with the same severity, noting that some errors can be auto-corrected by CAT, and some errors (such as late reporting) can be immediately resolved, while other errors, such as linkage errors, are more problematic. Three commenters suggested that the Error Rate should apply only to post-correction, not pre-correction, data. One of these commenters expressed support for the eventual goal of a de minimis post-correction Error Rate, but could not predict how long this would take to be achieved.
SIFMA Letter at 6.
UnaVista Letter at 4.
FIF Letter at 51.
Id. at 57. This commenter also stated that importance of data quality could consider whether the same data is available from multiple sources, noting that if two or more CAT Reporters are supplying the same information, regulators could effectively surveil if only one source of the data was correct. S ee id. at 58.
FSR Letter at 9; SIFMA Letter at 7; FIF Letter at 51.
FIF Letter at 52, 60. The commenter also noted that currently OATS does not have a de minimis error rate, and questioned how the CAT Plan Processor could detect errors that OATS cannot correct. Id. at 60.
The Participants responded by explaining that the CAT NMS Plan adopted the definition of Error Rate from Rule 613, which does not distinguish among order events and focuses on cases where data “does not fully and accurately reflect the order event that occurred in the market.” The Participants stated that they believe this definition is appropriate. The Participants disagreed with commenters who suggested that the maximum Error Rate should be based on post-correction data, and noted that a maximum Error Rate based on pre-corrected data is intended to encourage CAT Reporters to submit accurate data initially and to reduce the need for error corrections, as well as allow regulators more timely access to accurate data.
Response Letter I at 45 (citing 17 CFR 242.608(j)(6)).
Id.
FSR Letter at 9; SIFMA Letter at 7; FIF Letter at 51.
Response Letter I at 47.
The Commission believes that the proposed, uniform definition of Error Rate is reasonable. The Commission also agrees with the Participants that Error Rates should be calculated based on pre-correction, and not post-correction, data. The Commission believes that assessing Error Rates on a pre-correction basis is important to ensure that CAT Reporters submit CAT Data in compliance with the Plan and applicable rules of the Participants, and develop and maintain their reporting systems in a way that minimizes errors. In addition, focusing on Error Rates for pre-corrected data should reduce reliance on the error correction process, and improve the accuracy of the “uncorrected” CAT Data available to regulators in circumstances where immediate action is required. The Commission also believes it critical that the error correction process be effective, so that errors in post-correction CAT Data will be de minimis, as contemplated by the Participants.
b. Maximum Error Rate
Several commenters expressed opinions regarding the initial maximum Error Rate. Two commenters supported a 5% initial maximum Error Rate. One of these commenters believed that a 5% Error Rate would permit an appropriate level of flexibility for CAT Reporters while still ensuring that CAT Data would be useable for market reconstructions. Another commenter, however, disagreed and argued that, given the industry's experience with OATS, the maximum Error Rates should be lower than those proposed by the Participants.
UnaVista Letter at 3-4; FSR Letter at 9.
UnaVista Letter at 3.
Better Markets Letter at 9.
Several commenters expressed views on how the initial maximum Error Rate should be adjusted over time. Two commenters supported the Plan's requirement to evaluate Error Rates at least annually. One of these commenters also believed that lowering the maximum Error Rate to 1% after one year of reporting was acceptable based on the current OATS error rates and the commenter's own experience with regulatory reporting. Another commenter stated that it was difficult to assess whether a maximum Error Rate of 1% after one year of reporting was appropriate, and indicated that it would prefer a more gradual rate decrease. The commenter recommended that the Operating Committee establish maximum Error Rates for the second and third years of reporting after reviewing the first year's Error Rate data. Two commenters recommended that the maximum Error Rate be reviewed whenever there are significant changes to the CAT (e.g., the addition of security classes) or applicable regulations.
UnaVista Letter at 3-4, Better Markets Letter at 9, FIF Letter at 50-52, SIFMA Letter at 6; FSR Letter at 9; see also Section IV.D.9, supra, for a summary of comment letters that discuss how error rates impact the retirement of duplicative systems.
UnaVista Letter at 3-4; FSR Letter at 9.
UnaVista Letter at 3-4.
FIF Letter at 56, 58.
Id. The commenter stated the objective should be an Error Rate that meets the regulators' surveillance objectives, and is achievable by CAT Reporters at a reasonable cost. Id. at 57.
Id. at 52, 55.
UnaVista Letter at 4.
In response to concerns that the Participants do not have sufficient information or experience to determine the initial maximum Error Rate, the Participants explained that they established this maximum Error Rate after performing a detailed analysis of OATS error rates over time, and believed that such analysis provided a sound basis for their determination. The Participants stressed the importance of evaluating a CAT Reporter's actual experience, in setting an appropriate maximum Error Rate, and noted that the CAT NMS Plan requires the Operating Committee to review the maximum Error Rate at least annually.
FIF Letter at 50, SIFMA Letter at 6-7.
Response Letter I, at 45-46. This analysis considered the initial error rates for reporting by market participants that were reporting audit trail information to OATS for the first time, and assumed a similar learning curve would be experienced by CAT Reporters who have not previously reported audit trail information, such as options market participants.
Id.
With respect to the comments recommending that the maximum Error Rate also be reviewed upon significant changes to the CAT or regulations, the Participants noted that the required testing and other management processes surrounding CAT systems changes should mitigate concerns about their impact on Error Rates, and that the periodic updates on Error Rates provided to the Operating Committee should alert them if there is a need to change the maximum Error Rate.
Id. at 46-47.
The Commission believes that the proposed 5% initial maximum Error Rate is reasonable and strikes an appropriate balance between: (1) Ensuring that the initial submissions to the Central Repository by CAT Reporters are sufficiently accurate for regulatory use; and (2) providing CAT Reporters with time to adjust to the new more comprehensive regulatory reporting mechanism. The Commission understands that the Participants considered relevant historical information related to OATS reporting error rates, particularly when new reporting requirements were introduced, and believes this is a reasonable basis for setting the initial maximum Error Rates for CAT Data. The Commission understands that CAT Reporters who currently report to OATS report with a significantly lower Error Rate, but recognizes that more flexibility may be necessary during the transition, and notes the 1% maximum Error Rate applicable to each CAT Reporter one year after their reporting obligation has begun is comparable to current OATS reporting error rates.
Participants have considered the industry's experience with the OATS system over the last 10 years, including three significant additions to OATS: (1) Requirement that manual orders be reported to OATS; (2) requirement that OTC Equity Securities be reported to OATS; and (3) requirement that all NMS stocks be reported to OATS. Each of these changes resulted in significant updates to the required formats which required OATS reporters to update and test their reporting systems and infrastructure. See CAT NMS Plan, supra note 5, at Appendix C, Section A.3(b).
See id. at Appendix C, Section A.3(b), n.99.
The Commission also believes that the process established by the CAT NMS Plan for reducing the maximum Error Rate over time is reasonable, and emphasizes the important roles of both the Plan Processor and the Operating Committee in ensuring that Error Rates are steadily reduced over time. The Plan requires the Plan Processor regularly to provide information and recommendations regarding Error Rates to the Operating Committee, and requires the Operating Committee to review and reset the maximum Error Rate at least on an annual basis. Given the importance to regulators of audit trail information that meets high standards of accuracy, the Commission expects the Plan Processor and Participants to closely monitor Error Rates, particularly in the early stages of CAT implementation, so that steps can be taken to reduce the maximum Error Rate as promptly as possible. The Commission also encourages the Plan Processor and Participants to assess the impact of significant changes to the CAT or applicable regulations on the maximum Error Rate, at least on a transitional basis, and provide additional flexibility as warranted. As described in Section IV.H, the Commission is amending Section 6.6 of the Plan to require that, prior to the implementation of any Material Systems Change, the Participants provide the Commission with an assessment of the projected impact of any Material Systems Change on the maximum Error Rate.
Id. at Appendix C, Section A.3(b).
See id. at Section 6.5(d)(i); Appendix C, Section A.3(b).
c. Different Error Rates for Different Products and Data Elements
The CAT NMS Plan imposes the same Error Rate on all products and data elements. Commenters suggested differentiation in this area. One commenter recommended that the Error Rate only apply to equities. Another commenter suggested that Error Rates for equities, options and customer data should be calculated separately. A third commenter expressed the view that, as new products are covered by CAT, they should be subject to a more liberal Error Rate for an appropriate transition period. Two commenters did not believe there is enough information to set an appropriate maximum Error Rate for options market making, customer information or allocations, given that there is little or no reporting history for them, and suggested applying the Error Rate on a post-correction basis for these products and data elements, at least for a transitional period.
FSR Letter at 9.
SIFMA Letter at 6.
FIF Letter at 52.
FIF Letter at 51, SIFMA Letter at 6-7.
In response, the Participants stated that they continue to believe that a single overall Error Rate for all products and data elements is appropriate. They acknowledged the importance of gathering more granular information about Error Rates, including differences among products, and noted that the CAT NMS Plan requires the Plan Processor to provide the Operating Committee with regular reports that show more detailed Error Rate data.
Response Letter I at 47.
Id. (referencing CAT NMS Plan Section 6.1(o)(v)).
The Commission believes that it is reasonable, at this time, to apply the same maximum Error Rate to all products and data elements, in the Plan filed by the Participants. The Commission notes that the initial 5% maximum Error Rate, which substantially exceeds the OATS error rates, was established in recognition of the fact that certain products (e.g., options) and data elements (e.g., market maker quotes, customer information) had not previously been reported in OATS. The Commission, however, notes that the Participants may assess, as the CAT is developed and implemented, whether it is appropriate to impose Error Rates that vary depending on the product, data element, or other criteria. As discussed in Section IV.H, the Commission is amending the Plan to require that the Participants provide the Commission with an annual evaluation that addresses the application of Error Rates based on product, data elements or other criteria.
Section 6.5(d) of the CAT NMS Plan contemplates a single Error Rate for all data. If the Participants determine that it is appropriate to establish different Error Rates for different products, data elements, or other criteria, a Plan amendment, subject to notice and comment, would be required.
d. Compliance With Maximum Error Rate During the Initial Implementation Period
Two commenters suggested that CAT Reporters not be required to comply with the maximum Error Rate during the initial implementation period for the CAT. One of these commenters explained that this would provide CAT Reporters a window of time to better understand the types of errors that are being returned by the CAT, and adjust their processes accordingly, without incurring liability for exceeding the maximum Error Rate. Another commenter stressed the importance of receiving feedback from the Plan Processor so that CAT Reporters can identify weaknesses and improve the accuracy of their CAT reporting. This commenter recommended that the Plan Processor provide CAT Reporters with a detailed daily error report, as well as monthly report cards.
SIFMA Letter at 6-7, UnaVista Letter at 4. One commenter also stated that small broker-dealers should not be excused from error rate requirements if they begin reporting voluntarily at the same time large broker-dealers begin reporting. This commenter argued that if small broker-dealers are permitted to report to CAT with limitless errors during the phase designed for large broker-dealers to report without being subject to an error rate, the utility of CAT will be diminished. See Better Markets Letter at 9. The Commission believes that a maximum Error Rate would apply to anyone reporting to CAT, whether mandated to do so to be in accordance with the CAT NMS Plan or voluntarily.
SIFMA Letter at 6.
FIF Letter at 52.
FIF Letter at 54; see also SIFMA Letter at 7. This commenter also recommended that the CAT include a robust toolset and customer service model to assist CAT Reporters in meeting the established error rates. See FIF Letter at 126-127.
The Participants responded by noting that Rule 613(g) requires the Participants to enforce compliance by their members with the provisions of the Plan at all times it is in effect. The Participants also pointed out that the Plan provides that CAT Reporters will be provided tools to facilitate testing and error correction, as well as have access to user support. With respect to the importance of feedback from the Plan Processor, the Participants noted that the Plan requires the Plan Processor to provide CAT Reporters with error reports, including details on the reasons for rejection, as well as daily and monthly statistics from which CAT Reporters can compare their performance with their peers. As discussed in Section IV.H, the Commission is amending the Plan to require that the Participants provide the Commission with an annual evaluation of how the Plan Processor and the Participants are monitoring Error Rates.
Response Letter I at 47-48.
FIF Letter at 52, 55, 57.
See Response Letter I at 48 (referencing CAT NMS Plan, Appendix D, Section 1.2).
The Commission believes that the implementation period for Error Rates is reasonable and that it is not necessary to establish a grace period, as suggested by commenters, during which Error Rates would not apply. Ensuring the accuracy of CAT Data is critical to regulators and, as noted above, the initial maximum Error Rates have been set at levels to accommodate the fact that CAT Reporters will be adjusting to a new regulatory reporting system. In addition, the Commission notes that the CAT NMS Plan provides for testing periods, as well as tools and other support, to facilitate initial compliance by CAT Reporters. As noted by the Participants, the Plan Processor will provide regular feedback to CAT Reporters with respect to their reporting weaknesses to assist them in reducing their Error Rates.
In response to the commenter that noted that if two or more CAT Reporters are supplying the same information, regulators could effectively surveil if only one source of the data was correct, see FIF Letter at 58, the Commission believes that it is important that the audit trail contains consistently accurate information from all sources obligated to report data and that errors not be permitted to exist in the audit trail just because they were correctly reported by one party.
See Section IV.D.8, supra, for a description of testing periods.
The Plan requires the Plan Processor to define and design a process to efficiently and effectively communicate with CAT Reporters to identify errors, so that they can work to ensure that they get feedback to improve their reporting. See CAT NMS Plan, supra note 5, at Appendix C, Section A(3)(b).
e. Error Correction Timeline
The CAT NMS Plan sets forth a timeline with deadlines for providing raw data and corrected data to the CAT. CAT Reporters must submit data to the CAT by 8:00 a.m. ET on T+1. By 12:00 p.m. ET on T+1, the CAT must perform checks for initial validations and lifecycle linkages, and communicate errors to CAT Reporters. CAT Reporters must resubmit corrected data to the CAT by 8:00 a.m. ET on T+3. The Plan Processor must ensure that regulators have access to corrected and linked order and Customer data by 8:00 a.m. ET on T+5.
See id. at Sections 6.3(b)(ii), 6.4(b)(ii).
Id. at Appendix C, Section A.1(a)(iv).
Id.
Id. at Appendix C, Section A.2(a).
Two commenters believed the error correction timeline was too aggressive, and that at least initially, the CAT should use the current error correction timelines for systems such as OATS, which is T+5. One commenter specifically suggested that the timeline for error corrections should remain at T+5 for the first year of CAT reporting. This commenter also noted that, because the Plan Processor is required to communicate errors to CAT Reporters by 5:00 p.m. ET on T+1, staffing adjustments may be necessary to ensure that the appropriate personnel are available after 5:00 p.m. ET to analyze and correct data, and if communications with a customer were necessary to correct an error, the CAT Reporter could not satisfy the 8:00 a.m. ET T+2 timeline for providing corrected data. This commenter also recommended that the Plan Processor identify errors in customer information data by noon on T+1, the same time as the Plan Processor identifies errors in transaction reports, instead of by 5:00 p.m. ET on T+1, to assist with prompt analysis of linking errors. Another commenter suggested that the use of “pre-validation checks,” prior to the formal submission of data to the CAT, could enhance the accuracy and integrity of the CAT Data.
KCG Letter at 9; FIF Letter at 52.
FIF Letter at 52. The commenter also noted that CAT Reporters do not have access to their reported data using a bulk extract format, which would facilitate error validation and correction. Id. The commenter also suggested that the five-day error correction timeline begin from the time the CAT Reporter receives a reject message. Id. at 53.
Id. at 53. The Commission notes that time by which a CAT Reporter must report corrected Customer data is 5:00 p.m. ET on T+3.
Id. This commenter also suggested that CAT provide an “incident” error functionality, similar to the one available for OATS. This functionality would allow CAT Reporters that are experiencing a systematic issue with reporting to submit an incident report to CAT and receive a case number, so the CAT Reporter's data reported could be tracked and referenced when considering the Reporter's error rate compliance. See FIF Letter at 130.
UnaVista Letter at 4. The commenter also noted that a T+5 timeframe for regulatory access is feasible but that uniform formatting or pre-validation checks may reduce the timeframe for regulatory access. Id.
In response to commenters who believed the timeframe for correction of CAT Data was too short, the Participants stressed the importance to regulators of the prompt availability of accurate data. The Participants stated that the three day window for correction provided in the CAT NMS Plan appropriately balances the need for regulators to have prompt access to accurate data with the burdens imposed on the industry by the shorter error correction timeframe. The Participants noted that the shorter three-day error correction timeframe would allow better regulatory surveillance and market oversight in accordance with Rule 613. In response to the commenter that requested additional time to correct errors in customer data, the Participants expressed the view that the two-day timeframe provided by the Plan is sufficient to accommodate any communications with customers that might be necessary to correct errors in customer data. With respect to the suggestion to use pre-validation checks, the Participants acknowledged their value, and stated that they have discussed with the Bidders making tools, such as pre-validation checks, available to CAT Reporters to assist with data submission.
Response Letter I at 30.
Id.
Id.
Id.
Id.
The Commission believes that the error correction timeline set forth in the CAT NMS Plan is reasonable. Improved accuracy and timeliness of regulatory data are key goals of Rule 613 and the CAT NMS Plan. In response to commenters that suggested that the error correction timeline is too aggressive, the Commission believes that the error correction tools and processes to be established by the Plan Processor, and the accommodations to facilitate the use of existing systems by CAT Reporters, should ease the burden of complying with shorter error correction timelines than exist today in OATS. The Commission believes any incremental compliance burden in this area is offset by the benefits of faster availability to regulators of corrected CAT Data for important regulatory purposes, such as surveillance, oversight and enforcement, as well as market reconstructions, in today's high-speed electronic markets.
See Adopting Release, supra note 13, at 45727.
The timeline in the CAT NMS Plan improves the timeliness of regulators' access to data they use for much of their surveillance by several days because the corrected and linked CAT Data would be accessible on T+5, compared to OATS Data, which is not available until T+8.
In response to the commenter that stated that additional staffing may be needed to assist in addressing error correction information that is received from the Plan Processor at 5:00 p.m. ET on T+1, the Commission believes, as noted above, the regulatory benefits of a shorter error correction timeframe justify the incremental compliance costs, including the potential hiring of additional staff in some cases. The Commission also believes that CAT Reporters would have sufficient time to contact customers in the event customer feedback was necessary to correct errors. In this regard, the Commission notes that the CAT NMS Plan provides that corrected order data is not required to be reported until 8:00 a.m. ET on T+3, and corrected Customer data is not required to be reported until 5:00 p.m. ET on T+3.
See Section V.F.3.a(7), infra.
FIF Letter at 53.
In Response Letter I, the Participants noted an inadvertent error in Appendix D relating the Error Rate correction time. Specifically, the Plan incorrectly states that the Plan Processor must validate customer data and generate error reports no later than 5:00 p.m. ET on T+3. The Plan should state that such validations and error reports must occur no later than 5:00 p.m. ET on T+1. The Commission is amending the Plan to correct this error.
12. Business Continuity and Disaster Recovery
The CAT NMS Plan requires the Plan Processor to implement efficient and cost-effective business continuity and disaster recovery capabilities that will ensure no loss of data and will support the data availability requirements and anticipated volumes of the Central Repository.
See CAT NMS Plan, supra note 5, at Appendix C, Section A.3(f); Appendix D, Sections 5.1-5.4.
Commenters discussed the CAT NMS Plan's provisions regarding business continuity and disaster recovery for the CAT. One commenter noted that the Plan does not include an explanation of how the primary and the secondary sites will remain synchronized at all times to provide a seamless transition from primary site to secondary site in the event of a failure. This commenter suggested that the Plan should specify additional details regarding the expected elapsed time for the secondary site to become live if the primary site goes down due to a technical failure or a disaster. The commenter also noted that the requirement for disaster recovery plans does not address whether regulators will have uninterrupted access to the CAT Data, although the commenter acknowledged that it can be inferred that the secondary site should provide all the functionalities of the primary site in the event of primary site outage. Further, the commenter recommended that while the CAT NMS Plan states that the goal of disaster recovery is to achieve next day recovery after an event, the Plan should provide a list of scenarios and the expectation of the recovery times for each scenario.
SIFMA Letter; Data Boiler Letter (also noting that, if the markets deem acceptable that exchanges experience downtime without going into a contingency mode or halting trading, then standards comparable to those required of exchanges, but not tighter, are sufficient, due to cost); FSI Letter; FIF Letter. One commenter requested clarification of the requirement for a bi-annual test of the CAT systems at the disaster recovery site. This commenter noted that “bi-annual” is commonly understood to mean twice a year, but can also mean once every two years. The commenter believed that clarification is necessary to ensure that the site is tested twice a year. It also believed that secondary equipment and critical personnel should be tested at least once a year. See FSI Letter at 5. In their response, the Participants affirmed that the bi-annual disaster recovery test of CAT operations at the secondary facility is required to be conducted twice a year. See Response Letter I at 51.
SIFMA Letter at 45.
Id.
Id.
Id.
One commenter recommended that the CAT NMS Plan state that the Plan Processor must support 24x7 production and test environments, provide test and validation tools to result in a higher quality audit trail, provide a consistent and comprehensive data security program, and provide an adequate level of help desk staffing, especially during industry testing and when Industry Members are being on-boarded. This commenter also stated that large firms that already have the staffing capability for a 24x7 operating schedule could benefit from 24x7 production support, explaining that it would permit added flexibility in error processing or recovery scenarios, as well as the use of off-shore staffing. Another commenter recommended that the CAT NMS Plan should not mandate a particular industry testing process, stating that “appropriate management flexibilities/discretions are needed.”
FIF Letter at 13, 49, 125-26.
Id. at 123.
Data Boiler Letter at 42.
The Participants argued that the Plan provisions with respect to business continuity and disaster recovery are appropriate, but did note that they intend to discuss with the Bidders requiring test environments to be available 24x7 instead of 24x6.
See Response Letter I at 51.
The Commission has considered the business continuity and disaster recovery requirements set forth in the CAT NMS Plan, as well as the comments received addressing these requirements and believes that the Participants' approach is reasonable. The Commission believes that the CAT NMS Plan's business continuity and disaster recovery provisions establish a framework that is reasonably designed to ensure that the CAT business processes can continue despite a failure or disaster scenario. In particular, the CAT will be subject to all applicable requirements of Regulation SCI, as it will be an “SCI system” of each of the Participants, and the Participants, as “SCI entities,” are required to establish, maintain and enforce written policies and procedures for their SCI systems that comply with the technology standards and other requirements of Regulation SCI, including with respect to the business continuity and disaster recovery plans for the CAT. In addition, the CAT will be subject to certain additional requirements with respect to business continuity and disaster recovery that are set forth in the CAT NMS Plan.
See CAT NMS Plan, supra note 5, at Appendix D, Section 5.4.
See supra note 1173.
See supra note 1172.
17 CFR 242.1001(a)(2). See Section IV.D.6.f, supra, for a discussion of Regulation SCI.
For example, Appendix D requires a bi-annual test of CAT operations from the secondary site; an effective telecommuting solution for all critical CAT operations staff; and a secondary site with the same level of availability, capacity, throughput and security (physical and logical) as the primary site. See CAT NMS Plan, supra note 5, at Sections 5.3 and 5.4.
With respect to the commenter that noted that the Plan does not explain how the primary and the secondary sites will remain synchronized, and that additional detail should be provided regarding the failover times between primary and secondary sites, the CAT NMS Plan expressly requires recovery and restoration of services within 48 hours, but with a goal of next-day recovery. While data will not be synchronized in real time, sufficient synchronization will be maintained to support these recovery timeframes. Although, as noted above, the Commission believes the Participants' approach is reasonable, the Commission encourages the Plan Processor and Participants to strive to reduce the time it will take to restore and recover CAT Data at a backup site. As discussed in Section IV.H., the Commission is amending the Plan to require the Participants to submit to the Commission an annual evaluation of the time necessary to restore and recover CAT Data at a back-up site.
SIFMA Letter at 45.
Id.
With respect to the commenter that recommended that the Plan Processor support 24x7 testing and production environments, the Commission recognizes that this could facilitate disaster recovery and other important processes by Industry Members, and believes that the Participants' commitment to discuss requiring test environments to be available 24x7 with the Bidders is reasonable.
FIF Letter at 13, 49. In response to the commenter's suggestions that the Plan Processor provide a consistent and comprehensive data security program, and an adequate level of help desk staffing, especially during industry testing and on-boarding, the Commission notes that the Plan Processor will support industry testing and provide help desk support during industry testing, and that the same information security policies applicable to the production environment will apply to the industry test environment. See CAT NMS Plan, supra note 5, at Appendix D, Section 1.2.
Response Letter I at 51.
13. Business Clock Synchronization and Timestamp Granularity
a. Business Clock Synchronization
(1) Industry Standard
Rules 613(d)(1) and (2) require CAT Reporters to synchronize their Business Clocks to the time maintained by NIST, consistent with industry standards. In the CAT NMS Plan, the Participants determined that the industry standard for the synchronization of Business Clocks is within 50 milliseconds of the time maintained by NIST, except for Manual Order Events. For Business Clocks used solely for Manual Order Events, the Participants determined that the industry standard for clock synchronization is within one second of NIST. To ensure that clock synchronization standards remain consistent with industry standards, as they evolve, the CAT NMS Plan requires the Operating Committee to annually review the clock synchronization standard to determine whether it should be shortened.
For purposes of the CAT NMS Plan, “Business Clock” means a clock used to record the date and time of any Reportable Event required to be reported under SEC Rule 613. See CAT NMS Plan, supra note 5, at Section 1.1.
See Exemption Order, supra note 21. In this Order, the Commission is also amending the Plan to allow Business Clocks used solely for the time of an allocation to synchronize to within one second of NIST. See Section IV.D.4.d, supra.
In determining the current industry standard for clock synchronization, the Participants and Industry Members reviewed their respective clock synchronization technology practices, and the results of a clock synchronization survey conducted by FIF. After completing these reviews, the Participants concluded that a 50 millisecond clock synchronization standard represented an aggressive, but achievable, standard.
CAT NMS Plan, supra note 5, at Appendix C, Section D.12(p).
Id. at Appendix C, n.236. See FIF Clock Offset Survey, supra note 247.
Id. at Appendix C, Section D.12(p).
The Commission received a number of comments on the CAT NMS Plan's provisions relating to clock synchronization. Several commenters agreed with the Participants that 50 milliseconds was a reasonable standard. Four commenters specifically recommended that the clock synchronization standard for OATS—also 50 milliseconds—and CAT should be aligned for regulatory reporting purposes. One commenter argued for a finer standard for Industry Members, noting that they accept data feeds from exchanges that have more precise clock synchronization, some to the microsecond.
SIFMA Letter at 34-35; FIF Letter at 110-111, 115; TR Letter at 7; Data Boiler Letter at 9, 20; FSR Letter at 8-9. Three of these commenters stated that there should be a uniform clock synchronization standard for Industry Members. SIFMA Letter at 34; FIF Letter at 97-98; FSR Letter at 8.
Data Boiler Letter at 9 (noting that FINRA's current clock synchronization for Industry Members is 50 milliseconds); TR Letter at 7; SIFMA Letter at 34; FSR Letter at 8.
Better Markets Letter at 8. The commenter recommended that exchanges and Industry Members should be required to use the same—presumably finer—clock synchronization standard for CAT purposes as they use for internal or commercial purposes.
Other commenters opposed mandating a standard finer than the 50 millisecond clock synchronization standard. One commenter argued that a finer synchronization standard could not be met without dramatically increasing costs, and expressed the view that the 50 millisecond standard is reasonable given the geographically dispersed market. In particular, this commenter believed that, while a finer standard may create the illusion of a more accurate time sequence of events, in practice geographically dispersed market events could still be sequenced incorrectly. This commenter stated that it is better to allow for clock synchronization standards to be tightened voluntarily, based on business needs rather than regulatory requirements. Finally, one commenter expressed the view that clock synchronization was less important for certain types of orders, and suggested that the clock synchronization standard for manual orders, orders that have both a manual and electronic component, and orders that are not time-critical (e.g., post-trade events such as allocations) should be one second rather than 50 milliseconds.
FIF Letter at 102, TR Letter at 7.
FIF Letter at 110. This commenter revisited the cost estimates for clock synchronization presented in the commenter's Clock Offset Survey, noting in particular that the industry will face increased costs with a finer clock synchronization standard as industry has already been working toward a clock synchronization standard of 50 milliseconds, and would need another two years of lead time to comply with a finer standard than 50 milliseconds. FIF Letter at 108, 114; see also SIFMA Letter at 34.
FIF Letter at 99, 110-111. FIF recommended a pilot study be conducted to test the boundaries of clock synchronization and its accuracies across a broad geographic region at different tolerances for the purpose of event sequencing. Id. at 100, 112.
Id. at 102. FIF also noted that timestamps together with the daisy chain approach to linking orders and events will allow sequencing of events. Id. at 101.
Id. at 104-05. This commenter also argued that Industry Member CAT Reporters that synchronize their clocks to a finer standard voluntarily should not be required to maintain that clock synchronization under CAT as it would create an uneven playing field. Id. at 99, 112, 115. Similarly, another commenter noted that finer standards are already in place at exchanges and ATSs that maintain an order book and since they are already in place for commercial reasons, there is no reason to mandate them. TR Letter at 7.
SIFMA Letter at 34-35.
One commenter noted that stricter clock synchronization standards are already in place at exchanges and ATSs. Another commenter stated that, if exchanges maintained finer clock synchronization standards than currently required by the CAT NMS Plan, the ability to sequence Reportable Events that occur across markets could be improved.
TR Letter at 7.
FIF Letter at 97.
In their response, the Participants stated that they continue to believe that the clock synchronization standard for Industry Members should be within 50 milliseconds of the time maintained by NIST, except for with regard to Manual Order Events. The Participants noted that they discussed this topic with Industry Members and conducted a survey of Industry Members to better understand current clock synchronization practices. The Participants represented that they considered various clock synchronization options, which ranged from microseconds to one second, before settling on a 50 millisecond standard, which they believe represents the current industry standard for Industry Members. The Participants stated that, based on their analysis, imposing a finer clock synchronization standard for Industry Members as part of the initial implementation of the CAT would significantly increase the cost of compliance for some segments of the industry, but emphasized that the Operating Committee will be reviewing the synchronization standard annually and will reduce the standard as appropriate.
Response Letter II at 4.
Id.
Id. In response to the commenters that suggested that the CAT clock synchronization should be same as the OATS standard, the Participants agreed that there is value in consistency between these standards. See Response Letter I at 20. See also Securities Exchange Act Release No. 77565 (April 8, 2016), 72 FR 22136 (April 14, 2016) (approving a 50 millisecond clock synchronization requirement for FINRA members).
Response Letter II at 4 (noting CAT NMS Plan Appendix C, Section D.12(p)).
Response Letter II at 4 (noting CAT NMS Plan Section 6.8(c)).
The Participants, however, represented that they all currently operate pursuant to a clock synchronization standard that is within 100 microseconds of the time maintained by NIST, at least with respect to their electronic systems. Accordingly, the Participants recommended that the Commission amend the Plan to require that Participants adhere to the 100 microsecond standard of clock synchronization with regard to their electronic systems, but not their manual systems, such as the manual systems operated on the trading floor, manual order entry devices, and certain other systems.
Response Letter II at 4-5. In response to the commenters that argued that CAT Reporters would need lead time to address any changes made to the clock synchronization in the future, the Participants explained that Section 6.8(c) of the CAT NMS Plan requires that, in conjunction with Participants' and other appropriate Industry Member advisory groups, the CCO must annually evaluate and recommend to the Operating Committee whether technology has evolved such that the standard should be shortened. The Participants further explained they will take the time required for CAT Reporters to update and test their systems for any changes to the clock synchronization standard into consideration when determining when changes to the standard are necessary. Response Letter I at 21.
After reviewing the CAT NMS Plan, and considering the commenters' statements and the Participants' response thereto, the Commission believes that it is appropriate for the Participants to consider the type of CAT Reporter (e.g., Participant, Industry Member), the type of Industry Member (e.g., ATS, small broker-dealer), and type of system (e.g., order handling, post-execution) when establishing appropriate industry standards. The Commission does not believe that one industry standard should apply across all CAT Reporters and systems. Therefore, the Commission is amending Section 6.8(c) of the Plan to state that industry standards for purposes of clock synchronization should be determined based on the type of CAT Reporter, type of Industry Member and type of system.
For the initial implementation of the CAT, however, the Commission believes a 50 millisecond clock synchronization standard for Industry Members is reasonable at this time. While the Commission believes that regulators' ability to sequence orders accurately in certain cases could improve if the clock synchronization for Industry Members were finer, the Commission is sensitive to the costs associated with requiring a finer clock synchronization for Industry Members at this time, and believes that a standard of 50 milliseconds for Industry Members will allow regulators to sequence orders and events with a level of accuracy that is acceptable for the initial phases of CAT reporting.
Although the Commission understands that certain Industry Members, such as ATSs and broker-dealers that internalize off-exchange order flow, today adhere to a finer clock synchronization standard, the Commission is not imposing a finer standard than 50 milliseconds for such Industry Members at this time. The Commission believes that it is reasonable to expect that finer clock synchronization for Industry Members, or certain categories or systems thereof, will evolve over time. As described in Section IV.H, the Commission is amending the Plan to require that the Participants provide the Commission an assessment of clock synchronization standards, including consideration of industry standards based on the type of Industry Member or type of system, within six (6) months of effectiveness of the Plan.
With regard to the Participants, however, the Commission notes that the Participants have acknowledged that they currently synchronize their Business Clocks to within 100 microseconds of NIST, and recommended that the Commission amend the Plan to require the Participants to adhere to that finer standard for their non-manual systems. Accordingly, the Commission is amending Section 6.8(a)(i) of the Plan, consistent with this recommendation, to impose a clock synchronization standard of 100 microseconds on exchanges' electronic systems. The Commission believes that because the Participants already synchronize their clocks to this standard, any costs to comply with this standard are not likely to be substantial. In addition, the Commission believes that a finer clock synchronization requirement for exchanges generally should allow regulators to better sequence orders and order events across multiple exchanges. The Commission agrees with the Participants that it would not be appropriate to impose this finer standard with regard to Participants' manual systems, given that the timing of manual events is inherently less precise and the timestamp requirement for manual events is only to the second. Accordingly, the Commission believes the one-second clock synchronization standard set forth in the Plan with respect to Manual Order Events, whether generated by the Participants or Industry Members, is reasonable.
Response Letter II at 4-5. In the Notice, the Commission explained that, according to FIF, all exchange matching engines meet a clock synchronization standard of 50 milliseconds, and NASDAQ stated that all exchanges that trade NASDAQ securities have clock offset tolerances of 100 microseconds or less. See Notice, supra note 5, at 30760.
Response Letter II at 4-5.
See Section V.F.3.a(5), infra.
See Section V.E.1.b(3)B, infra. A commenter agreed, noting that if exchanges were required to maintain finer clock synchronization standards than what the CAT NMS Plan currently requires, sequencing of the events in the lifecycle of an order across firms could be improved. FIF Letter at 97.
See Section IV.D.13.b(1), infra.
The Commission believes the requirement that the Participants annually review the clock synchronization standard to determine whether it should be shortened, in light of the evolution of technology, is reasonable to ensure that clock synchronization standards remain as tight as practicable in light of technological developments. In particular, as technology advances over time, the Commission believes that it will be appropriate for the Participants to consider whether some CAT Reporters should be required to maintain a finer clock synchronization than required by the Plan today. As the Participants conduct their annual reviews, the Commission expects them to consider proposing new clock synchronization standards whenever they determine the industry standard for CAT Reporters, or certain categories or systems thereof, has become more granular than required by the Plan at that time. As discussed in Section IV.H., the Commission is amending Section 6.6 of the Plan to require that the Participants provide the Commission with a copy of the annual assessment performed by the Plan Processor pursuant to Section 6.8(c) of the Plan.
The Participants should consider the amount of time the industry may need to implement and test a newly imposed clock synchronization standard, and notes that any change to the clock synchronization standard will need to be submitted to the Commission as a proposed amendment to the Plan pursuant to Rule 608. 17 CFR 242.608(a)(ii)(A) and (B), (b)(1). Therefore, the Commission, as well as commenters, will have an opportunity to assess any proposed change to the clock synchronization requirements, including the related implementation time frames.
Compliance with the clock synchronization standards is vital to the accuracy of the CAT. To this end, the Operating Committee is required to adopt policies and procedures, including standards, that require that the CAT Data reported be timely, accurate, and complete, and to ensure the integrity of CAT Data. The Plan Processor is responsible for implementing these policies and procedures, and the CCO is tasked with regularly monitoring them. The Participants represented that they are developing their clock synchronization compliance rules, and will keep the industry informed as their efforts progress.
See CAT NMS Plan, supra note 5, at Section 6.5(d)(ii).
Id.
Id. at Section 6.2(a)(v)(k).
Response Letter I at 20-21.
(2) Documentation Requirements
The CAT NMS Plan also requires CAT Reporters to document their clock synchronization procedures, and maintain a log of each time they synchronize their clocks and the results of such synchronization. This log must specifically identify each synchronization event and note whenever the time of the CAT Reporter's Business Clock and the time maintained by the NIST differs by more than the permitted amount.
See CAT NMS Plan, supra note 5, at Appendix C, Section A.3.(c).
One commenter objected to the requirement that each instance of clock synchronization be logged, and took the position that doing so would be costly. This commenter instead suggested that CAT Reporters should only be required to log instances of clock synchronization exceptions, and not all clock synchronization events. In response, the Participants reaffirmed that the Plan requires each Participant and Industry Member to maintain a log of all instances of clock synchronization.
FIF Letter at 108.
Id. This commenter also recommended that reasonable policies and procedures be in place to ensure compliance with the clock synchronization requirements. See id. at 104-05. As noted above, the Plan requires that the Operating Committee adopt policies and procedures, including standards, that require that the CAT Data reported be timely, accurate, and complete, and to ensure the integrity of CAT Data.
Response Letter I at 20.
The Commission acknowledges that there could be cost savings if the Plan did not require CAT Reporters to log every clock synchronization event, but it believes that having this information at the outset of the operation of the CAT should facilitate compliance with, and oversight of, the clock synchronization standards. To the extent the Participants find that a complete log of clock synchronization events is not required to effectively surveil for compliance with these standards, they may at a later date seek to amend the Plan to reduce the logging obligation as appropriate.
See Section V.H.5, supra.
b. Timestamp Granularity
The CAT NMS Plan reflects the requirements in Rule 613 regarding timestamps, as modified by an exemption for Manual Order Events granted by the Commission. Specifically, the Plan requires CAT Reporters to record and report the time of each Reportable Event using timestamps reflecting current industry standards (which must be at least to the millisecond) or, if a CAT Reporter uses timestamps in increments finer than milliseconds, such finer increments, when reporting to the Central Repository. For Manual Order Events, the Plan provides that such events must be recorded in increments up to and including one second, provided that CAT Reporters record and report the time the event is captured electronically in an order handling and execution system (“Electronic Capture Time”) in milliseconds (“Manual Order Event Approach”). Under the CAT NMS Plan, the CCO, in conjunction with the Participants and Industry Member advisory groups, must annually review the timestamp granularity requirements of the CAT and determine whether to require finer timestamp granularity in light of the evolution of industry standards.
See Exemption Order, supra note 21, at 51. For purposes of the CAT NMS Plan, “Manual Order Event” is defined as a non-electronic communication of order-related information for which CAT Reporters must record and report the time of the event.
See CAT NMS Plan, supra note 5, at Section 6.8(b); see also Exemption Order, supra note 21. In this Order, the Commission is amending the Plan to allow the time of an allocation reported on an Allocation Report to be timestamped to the second. See Section IV.D.4.d, supra.
See CAT NMS Plan, supra note 5, at Section 6.8(c).
(1) Manual Order Event Approach
According to the Participants, the Manual Order Event Approach would not have an adverse effect on the various ways in which, and purposes for which, regulators would use, access, and analyze the CAT Data. In particular, the Participants stated that they do not believe that the Manual Order Event Approach will compromise the linking of order events, or alter the time and method by which regulators may access the data. The Participants also stated that the Manual Order Event Approach would not negatively impact the reliability and accuracy of the CAT Data. Further, the Participants represented that one second is the industry standard for reporting the time of Manual Order Events. The Participants conducted a cost-benefit analysis of the Manual Order Event Approach and concluded that this approach would impose a much smaller cost burden, if any, on market participants, than would transitioning to technology that has the capability to record timestamps for Manual Order Events to the millisecond.
See Exemption Request, supra note 21, at 36.
See id. at 36.
See id. at 35.
See id. at 32.
See id. at 36-37.
Two commenters supported the CAT NMS Plan's requirement that Manual Order Events be recorded and reported with a timestamp granularity of up to and including one second. One commenter stated that the requirement to record timestamps at one-second levels for manual orders was appropriate, and that it was not logical to require a finer timestamp given that attempting to record Manual Order Events at subsecond increments would be inherently imprecise. Another commenter stated that a manual order timestamped to the second coupled with a daisy chain of other order events timestamped to the millisecond should create “a fairly clear sequence of events with the order lifecycle for the regulator.”
DAG Letter at 2; see also STA Letter at 1 (supporting the DAG Letter's Exemptive Request Letter recommendations). These commenters also supported a clock synchronization standard of one second for Manual Order Events. See Section IV.D.13, supra.
SIFMA Letter at 35.
FIF Letter at 80. The commenter supported use of a daisy chain approach for linking orders, noting that it is successfully used by OATS and its logic is well-known by the industry. Id. at 96-97.
One commenter expressed the view that there would be cost savings if a less stringent timestamp requirement for manual orders was imposed. Another commenter suggested using a more relaxed timestamp initially for manual orders, and to consider tightening the standard in the future. Another commenter suggested that anti-gaming provisions should be developed to ensure that CAT Reporters do not program their systems to generate orders that imitate manual orders to take advantage of the one second timestamp requirement.
Id. at 79, 116-117.
Data Boiler Letter at 21-22.
Better Markets Letter at 8.
The Commission believes it is reasonable to permit Manual Order Events to be timestamped to the second, provided that CAT Reporters record and report the Electronic Capture Time in milliseconds. The Commission understands that the timing of Manual Order Events is inherently imprecise, and believes that requiring a timestamp to a level of granularity finer than one second is not likely to provide any additional information that will be useful to regulators. The Commission believes, however, that requiring the timestamp for the Electronic Capture Time to be recorded to the millisecond would not be burdensome and would help facilitate the reconstruction of Manual Order Events once the order is handled by an electronic system. While the Commission is not aware of any credible means or rationale to disguise electronic orders as manual orders to take advantage of the one second timestamp granularity, as suggested by a commenter, the Commission believes that the Participants should address potential methods of avoiding compliance generally as they develop their Compliance Rules.
See CAT NMS Plan, supra note 5, at Section 3.11.
(2) Millisecond (or Finer) Timestamp Requirement for All Other Order Events
Commenters generally supported the proposed requirement that the timestamps for non-Manual Order Events be recorded to the millisecond. Two commenters also agreed with the requirement to provide timestamps in increments finer than milliseconds, to the extent a CAT Reporter already uses more granular timestamps. Two other commenters disagreed, however, arguing that costly systems changes would be required for regulatory reporting of these finer timestamps used in its normal practice, and that they would not be useful for regulatory purposes. Finally, two commenters took the position that certain post-trade events should not be required to have a timestamp, or have a less granular timestamp than a millisecond, as this information is less time-sensitive than fully-electronic trading events.
SIFMA Letter at 35; DAG Letter at 2; see also FIF Letter at 12, 80; STA Letter at 1 (supporting the DAG Letter's Exemptive Request Letter recommendations).
Better Markets Letter at 8; Data Boiler Letter at 21-22.
SIFMA Letter at 35; FIF Letter at 12. One commenter also requested clarification that the timestamp granularity requirement would be based on the functionality of the applicable CAT reporting system. See TR Letter at 7.
FIF Letter at 79, 99, 111, 116-17; SIFMA Letter at 35. FIF listed Reportable Events in a descending level of sensitivity: (1) Fully electronic trading events; (2) electronic orders requiring manual intervention; (3) manual order events; (4) post-trade events. See FIF Letter at 116. However, another commenter stated that no one particular reportable event is more time-sensitive than the others for surveillance purposes. See Data Boiler Letter at 21.
In response, the Participants maintained that the Plan's timestamp requirements for non-Manual Order Events were appropriate, but also noted that as CAT Reporters incorporate finer timestamps in their systems, the quality of CAT Data will increase correspondingly.
Response Letter I at 29.
The Commission believes that requiring that non-manual Reportable Events be reported with timestamp of at least a millisecond in granularity will help ensure that regulators can sequence events with a reasonable degree of accuracy. Given the speed with which the industry currently handles orders and executes trades, it is important that the CAT utilize a timestamp that will enable regulators to reasonably sequence the order in which Reportable Events occur. The Commission believes that timestamps in increments greater than a millisecond would undermine the improved ability to sequence events with any reasonable degree of reliability. In response to commenters' suggestions that timestamps should not be required on manual orders and other post-execution events, the Commission notes that it has provided flexibility for Manual Order Events and for post-execution allocations to be reported with one second timestamps.
For example, the ability to reconstruct market activity, perform other detailed market analyses, or determine whether a series of orders rapidly entered by a particular market participant is manipulative or otherwise violates SRO rules or federal securities laws requires the audit trail to sequence each order and event accurately.
See Adopting Release, supra note 14, at 45762.
FIF Letter at 79, 99, 111, 116-17; SIFMA Letter at 35.
See Section IV.D.4.d, supra.
In response to the commenters that stated it would be costly for CAT Reporters to report using timestamps to the same granularity they use in their normal practice, the Commission believes it is appropriate to make a clarifying change to the Plan. The CAT NMS Plan provides that to the extent that any CAT Reporter utilizes timestamps in increments finer than one millisecond such CAT Reporter must utilize such finer increment when reporting CAT Data to the Central Repository. Rule 613(d)(3), however, required that a finer increment must be used only to the extent that “the relevant order handling and execution systems of any CAT Reporter utilizes timestamps finer that a millisecond.” Accordingly, the Commission is amending Section 6.8(b) of the Plan to limit the circumstances in which a CAT Reporter must report using an increment finer than a millisecond to when a CAT Reporter utilizes a finer increment for its order handling and execution systems. The Commission finds that, this modification is appropriate in light of the increased burdens placed on CAT Reporters by the additional systems changes that would otherwise be required in order to report in finer increments. With this modification, reporting in a finer increment than a millisecond would not be a costly undertaking, and the Commission therefore believes that this approach will improve the accuracy of order event records, particularly those occurring rapidly across multiple markets, without imposing undue burdens on market participants.
SIFMA Letter at 35; FIF Letter at 12.
See CAT NMS Plan, supra note 5, at Section 6.8(b).
17 CFR 242.613(d)(3).
14. Upgrades and New Functionalities
Under Article VI of the CAT NMS Plan, the Plan Processor is responsible, in consultation with the Operating Committee, for establishing policies and procedures for implementing potential changes and upgrades to the CAT System and infrastructure, including “business as usual” changes and the addition of new functionalities. The CAT NMS Plan also requires that the Plan Processor ensure that the technical infrastructure is scalable from a capacity standpoint, adaptable to future technology developments, and technologically current.
See CAT NMS Plan, supra note 5, at Sections 6.1(d)(iv), (h)(i), (j), and (k). Appendix D provides additional detail about the obligations of the Plan Processor with respect to CAT Functional Changes, CAT Infrastructure Changes, and Testing of New Changes. See id. at Appendix D, Section 11.
See id. at Appendix C, Section A.5(a).
The Commission received two comments on the Plan provisions pertaining to upgrades and new functionalities. The first commenter expressed concern that the Plan provisions apply only to infrastructure improvements and not also to regulatory tools. The second commenter, noting the importance of scalability, suggested that the Plan Processor be required to meet certain capacity requirements recommended by Industry Members. The Participants did not respond to these comments.
See Data Boiler Letter at 34.
See SIFMA Letter at 45.
The Commission believes that the Plan's provisions with respect to potential upgrades and new functionalities are reasonable. The Commission notes that the Plan Processor is responsible for overseeing the day-to-day operations of CAT and, as such, should be well-positioned and informed to consider whether and when systems changes or upgrades are necessary, subject to consultation and approval by the Operating Committee. With respect to the development of new regulatory tools, the Commission notes that the Participants, as SROs, are responsible for developing appropriate regulatory tools and, to the extent they identify necessary enhancements to the CAT, the Commission expects the Participants to direct the Plan Processor to implement them. With respect to a commenter's recommendation that the Plan Processor be required to meet certain capacity requirements to assure scalability, the Commission notes that one of the key considerations for the CAT is that it be flexible and scalable, and that the CAT NMS Plan already requires that the Plan Processor ensure that the Central Repository's infrastructure is scalable to handle increased reporting volumes and enhancements to technology over time. As discussed in Section IV.H, the Commission is amending Section 6.6 of the Plan to require the Participants to submit to the Commission an annual evaluation of potential technology upgrades based on a review of technological developments over the preceding year, drawing on internal or external technological expertise.
See CAT NMS Plan, supra note 5, at Section 6.1(i)-(k), Appendix D, Section 11.
Rule 613(f) requires the Participants to develop and implement a surveillance system, or enhance existing surveillance systems that are reasonably designed to make use of the CAT Data. 17 CFR 242.613(f); see also CAT NMS Plan, supra note 5, at Section 6.9(c), Appendix D, Section 11.
See CAT NMS Plan, supra note 5, at Appendix C, Section 5.
See id. at Appendix C, Section A.5(a).
15. Technical Specifications
The CAT NMS Plan provides that the Plan Processor will publish Technical Specifications regarding the submission of data to the Central Repository that must be consistent with the requirements of Appendices C and D of the Plan. Under the Plan, as filed, the Plan Processor (i) will begin developing Technical Specifications for the submission of order data by Industry Members fifteen months before Industry Members are required to begin reporting to the Central Repository, (ii) will publish these Technical Specifications one year before Industry Members are required to begin reporting to the Central Repository, and (iii) will begin connectivity testing and accepting order data from Industry Members for testing purposes six months before Industry Members are required to begin reporting to the Central Repository. With respect to Customer Account Information, the Plan Processor will publish the Technical Specifications six months before Industry Members are required to report data to the Central Repository, and will begin connectivity and acceptance testing three months before Industry Members are required to report data to the Central Repository. The development of Technical Specifications for Participant submission of order data will commence ten months before Participants are required to report to the Central Repository, and will be published six months before Participants are required to report to the Central Repository. Commenters raised several concerns regarding the Technical Specifications.
See id. at Section 6.9.
See id. at Appendix C, Section C.10(b).
See id. at Appendix C, Section C.10(a).
See id. at Appendix C, Section C.10(b).
FIF Letter at 36-38, 43-44; TR Letter at 4-6; UnaVista Letter at 2; Fidelity Letter at 3, 5-6.
a. Industry Input and Timing of Technical Specifications
One commenter emphasized the importance of having comprehensive Technical Specifications that incorporate feedback from industry. Another commenter stated that because CAT is new and complex, time should be built into the schedule to permit two iterative reviews of the Technical Specifications before they are considered final. This commenter suggested that this review period should be no less than six months, arguing that the current timeframes to develop and test the Technical Specifications for the reporting of information to identify a Customer, in particular, are insufficient. Another commenter suggested that the review process with respect to Technical Specifications for reporting order data and information to identify a Customer should begin two months after a Plan Processor is selected and continue for nine months.
TR Letter at 4.
FIF Letter at 37, 43-44. More specifically, the commenter recommended that the Plan Processor provide technical specifications for order processes and Customer and allocation reporting within two months after the Effective Date and allow CAT Reporters six months to review and comment on the Technical Specifications before they are finalized. FIF Letter at 37-38.
FIF Letter at 38.
TR Letter at 5. Thomson Reuters noted the review of Technical Specifications related to the expansion of OATS to all NMS equities took four months, and specifications for changes to EBS to support large trader reporting took ten months to finalize. Id.
One commenter recommended that the Technical Specifications for Industry Members be prepared concurrently with the Technical Specifications for Participants to provide them with more time to review and implement any necessary changes, particularly with regard to interfaces that the Participants and Industry Members will use. The commenter also recommended that the implementation schedule address allocation reporting and suggested that Technical Specifications for allocation reporting be provided at the same time as those for reporting order data and information to identify a Customer. The commenter also stated that very detailed and timely information regarding CAT interfaces, message, and file formats in the Technical Specifications are essential due to the aggressive timeline for implementation of CAT.
FIF Letter at 36, 37-38; see also SIFMA Letter at 24.
FIF Letter at 37.
Id. at 91.
In response to these commenters, the Participants acknowledged the importance of the development process for the Technical Specifications for all CAT Reporters and emphasized that in their discussions with the Bidders, they have made development of Technical Specifications a high priority. Although the Participants noted that the Plan would not prohibit the Plan Processor from concurrently developing the Participant and Industry Member Technical Specifications, they explained that “in light of various practical issues raised by the pending decisions regarding the selection of the Plan Processor, the Participants do not propose to amend the Plan to reflect an expedited schedule for the Industry Member Technical Specifications.”
Response Letter I at 41.
Id.
In their response to comments regarding industry input on the Technical Specifications, the Participants stated that they believe that iterative interactions regarding the Technical Specifications would be beneficial in optimizing the efficiency and quality of the final Technical Specifications. The Participants further explained that Appendix C of the Plan contemplates the publication of iterative drafts of the Technical Specifications, with respect to the submission of order data, as needed before the final Technical Specifications are published, noting that this language provides the flexibility for iterative drafts, as necessary.
Id.
Id.
In their response to comments, the Participants also recommended amendments to the Plan to better align the milestones related to the submission of order data to the Central Repository with the milestones for the submission of Customer Account Information to the Central Repository. Specifically, the Participants recommended explicitly including milestones for the beginning of the Plan Processor's development of Technical Specifications for the submission of Customer Account Information and for the publication of iterative drafts of such Technical Specifications. However, the Participants did not recommend aligning the timeframe for the publication of Technical Specifications for the submission of Customer Account Information (six months prior to when Industry Members are required to begin reporting to the Central Repository) with the timeframe for the publication of Technical Specifications for the submission of order data (one year prior to when Industry Members are required to begin reporting to the Central Repository), explaining that reporting order data to the CAT will be a significantly more complex process than reporting Customer Account Information and that therefore it is appropriate to allow Industry Members more time to review Technical Specifications and to begin testing their systems with regard to order data.
Response Letter II at 7-8.
Response Letter III at 12-13.
The Commission recognizes the importance of providing sufficient opportunity for CAT Reporters to provide input as the Technical Specifications are developed. As noted by the Participants, Appendix C of the CAT NMS Plan, as recommended to be amended by the Participants in their response to comments, provides that, for the submission processes for both order data and information to identify a Customer, the Plan Processor will begin developing the Technical Specifications fifteen months prior to Industry Member reporting and will publish iterative drafts of the Technical Specifications as needed prior to the publication of the final Technical Specifications. In addition, the Participants stated that they will “work with the Plan Processor and the industry to develop detailed Technical Specifications.”
See supra note 1663 and accompanying text.
See CAT NMS Plan, supra note 5, at Appendix C, Section C.10.
Response Letter II at 21.
Based on these provisions of the Plan and the Participants' statements in their response, the Commission understands that the Participants will work with and consider input from Industry Members during the Technical Specification drafting and development processes. The Commission further understands that the milestones in the Plan regarding the development of the Technical Specifications will keep Industry Members reasonably informed as to the status and content of the Technical Specifications and will permit Industry Members, whether through the Advisory Committee or other, more informal mechanisms, to provide input on the Technical Specifications as they are being developed. As discussed above, the Plan requires the Participants and the Plan Processor to work with Industry Members in an iterative process, as necessary, to develop effective final Technical Specifications. However, the Commission believes that providing the Plan Processor with some flexibility regarding the mechanics of the Technical Specification development process is appropriate, and that it would be premature at this time to provide for mandatory iterative interactions or to require a specific number of iterations.
See Section IV.D.8.b, supra.
In addition, the Commission believes it will be beneficial for the milestones for the submission of order data and information to identify a Customer to be as aligned as possible so that all stakeholders can identify issues and present solutions on these related processes simultaneously. The Commission believes that the Participants' recommendations to include specific milestones for the commencement of the development of Technical Specifications for the submission of Customer Account Information and for the publication of iterative drafts of such Technical Specifications are reasonable, and is therefore amending the Plan accordingly. Although not specifically recommended in the Participant's response, the Commission is also amending the Plan to clarify that the milestones for the submission of information to identify a Customer apply to Customer Identifying Information as well as Customer Account Information. The Commission understands that the term Customer Identifying Information was inadvertently omitted from Appendix C, Section C.10(a), and therefore believes it is appropriate to amend the Plan to add this term to the milestones applicable to the development of Technical Specifications for Customer data submission.
Specifically, the Commission is amending Appendix C, Section C.10(a) of the Plan to state that the Plan Processor will begin developing the Technical Specifications for Industry Member reporting of Customer Account Information and Customer Identifying Information no later than fifteen months before Industry Members are required to begin reporting data to the Central Repository. The Plan Processor will also begin developing the Technical Specifications for order data reporting at that time. In addition, the Commission is amending Appendix C, Section C.10(a) of the Plan to state that the Plan Processor will publish iterative drafts of the Technical Specifications for Industry Member reporting of Customer Account Information and Customer Identifying Information, as well as Industry Member reporting of order data, as needed before the final versions of these Technical Specifications are published.
The milestones listed in Appendix C, Section C.10(a) apply to the customer definition process described in Section 6.4(d)(iv), which requires Industry Members to submit both Customer Account Information and Customer Identifying Information. See Section IV.D.4.a(1), supra.
The Commission agrees with the Participants that the reporting of order data to the Central Repository is likely to be significantly more complex than the reporting of Customer Account Information and Customer Identifying Information to the Central Repository because of the greater number of data elements and reporting requirements for order data. Therefore, the Commission believes it is reasonable for the milestones in Appendix C of the Plan to state that the Plan Processor will publish the Technical Specifications for the submission of order data prior to the publication of Technical Specifications for the submission of Customer Account Information and Customer Identifying Information to permit Industry Members to spend additional time reviewing the order data Technical Specifications and testing their order data submission systems and processes.
See Section III.5.d, supra.
In response to the comments recommending that Technical Specifications for Participants and Industry Members be developed concurrently, the Commission agrees with the Participants that the completion dates associated with the development, iterative drafting, and final release of the Technical Specifications for both Participants and Industry Members set forth outer limits on when such milestones must be completed, which would not preclude the concurrent development of Participant and Industry Member Technical Specifications. The Commission further agrees that such concurrent development could be beneficial since it would permit all stakeholders to be apprised of issues and to offer solutions simultaneously and, accordingly, encourages the Participants and the Plan Processor to develop the Technical Specifications in this manner, if feasible. However, given that the Plan Processor, which will be primarily responsible for developing the Technical Specifications, will not be selected until after the Plan is approved, and that the Plan Processor has a variety of other responsibilities related to the development of the CAT, the Commission believes that providing the Plan Processor with flexibility regarding the mechanics of the Technical Specification development process is reasonable and is not amending the Plan to require concurrent development of Participant and Industry Member Technical Specifications. Moreover, the Commission believes that the sequencing of Technical Specification milestones in the Plan—for example, that development of Technical Specifications for Participant reporting of order data to the Central Repository should begin ten months before Participants are required to begin reporting data to the Central Repository while development of Technical Specifications for Industry Member reporting of order data to the Central Repository should begin fifteen months before Industry Members are required to begin reporting data to the Central Repository —reflects a reasonable prioritization in light of the phased implementation of Participant and Industry Member reporting.
See Section IV.D.8.a, supra (discussing Commission amendments to the Technical Specifications and other milestones set forth in Section C.10 of Appendix C).
See CAT NMS Plan, supra note 5, at Appendix C, Section C.10.
Similarly, with respect to the period of time that Industry Members will have to review and provide input on the Technical Specifications for Industry Member data reporting, the Commission notes that, because the Plan Processor may begin developing the Technical Specifications earlier than fifteen months prior to Industry Member reporting, and because the Plan Processor may seek Industry Member comment on draft Technical Specifications, there may in effect be a period of Technical Specification review that is longer than suggested by a strict interpretation of the milestones in Appendix C. Therefore, the Commission is not amending the Plan to revise these timeframes.
However, as discussed above, the Commission expects that the Technical Specifications will be published with sufficient time for CAT Reporters to program their systems to satisfy their reporting obligations under the Plan and is amending Appendix C, Section C.10 of the Plan to ensure that the completion dates for the Technical Specification development milestones designate firm outer limits, rather than “projected” completion dates, for the completion of these milestones. Therefore, the Commission is amending the Plan to provide for a minimum period of three months during which the Plan Processor and Industry Members will work together to develop the Technical Specifications.
See Section IV.D.8.a, supra.
As amended, the Plan will require that the Plan Processor will begin developing Technical Specifications for Industry Member submission of order data no later than fifteen months before Industry Members are required to begin reporting this data and will publish the final Technical Specifications no later than one year before Industry Members are required to begin reporting. Id.
b. Impact on Industry Members
One commenter stated that changes that SROs require of their members' systems and processes can be costly in terms of both dollars and human capital. The commenter also noted that these changes are often subject to short implementation time periods and there is a lack of opportunity for discussion of concerns about the extent to which such new requirements can potentially expose the markets and investors to unnecessary risk. This commenter recommended that any new CAT requirements that will be imposed by the Participants on broker-dealers should be done through the SRO rulemaking process to afford market participants the opportunity to discuss any proposed changes with the Participants and the Commission, and to provide a sufficient lead time to implement necessary systems and coding changes.
Fidelity Letter at 6.
Id. at 3, 5-6.
Id.
The Participants explained in their response that they do not believe, generally, that the Technical Specifications are required to be filed with the Commission under Rule 608, and cautioned that requiring rule filings may introduce significant delays in the process of developing the Technical Specifications. The Participants stated that in the normal course they do not intend to file the Technical Specifications with the Commission, but noted that to the extent that a change to the Technical Specifications is significant enough to require a change to the Plan, then such an amendment to the Plan would be filed pursuant to Rule 608.
The Participants noted that technical specifications for other NMS plans, such as the Tick Size Pilot Plan, have not been filed with the SEC. Response Letter I at 42.
Response Letter I at 42.
As discussed above, the Commission recognizes the importance of providing sufficient opportunity for all CAT Reporters to provide input as the initial Technical Specifications are developed, and believes that the Technical Specification development process outlined in the Plan, as amended—including the iterative interactions discussed above—will provide such an opportunity. The Commission believes that the completion dates for the availability of final Technical Specifications—e.g., no later than one year before Industry Members are required to report data to the Central Repository for the release of Technical Specifications governing Industry Member reporting of order data—are reasonable and provide Industry Members with sufficient lead time to adjust their systems or make other preparations necessary to comply with the Technical Specifications, particularly since drafts of the Technical Specifications will likely have been available even earlier and Industry Members will have been involved in the process of developing the Technical Specifications.
See Section IV.D.15.a, supra.
See CAT NMS Plan, supra note 5, at Appendix C, Section C.10. The Commission also believes that the details regarding data reporting and recording included in the CAT NMS Plan itself are sufficient for CAT Reporters to begin the process of preparing their systems for CAT reporting.
The Commission recognizes that there may be costs associated with complying with technical or operational changes in reporting requirements. The Commission notes that Material Amendments to the Technical Specifications—i.e., amendments that would “require a Participant or an Industry Member to engage in significant changes to the coding necessary to submit information to the Central Repository”—must be approved by a Supermajority Vote of the Operating Committee, so the Plan provides additional controls with respect to changes to the Technical Specifications that could potentially be costly. In addition, the Advisory Committee, which includes Industry Member representation, will be able to raise Industry Member concerns regarding any unexpected or costly requirements in the Technical Specifications with the Operating Committee. Moreover, while the Commission agrees with the Participants that changes to the Technical Specifications generally will not be required to be filed with the Commission, the Participants must comply with the CAT NMS Plan as approved by the Commission, which constrains the ability of the Operating Committee to approve major changes that would alter the scope of the CAT NMS Plan through Technical Specifications. In addition, the Commission will oversee the Participants' compliance with the Plan, which provides an additional protection against the Participants or Plan Processor attempting to include changes in the Technical Specifications that properly should be filed as Plan amendments.
See id. at Section 6.9(c).
17 CFR 242.613(h)(1).
See 17 CFR 242.608(b)(2), (c), (d); 17 CFR 242.613(h).
c. Technical Specifications Content
Several commenters noted that the Technical Specifications for CAT must be robust and comprehensive. Some commenters recommended that specific elements be included in the Technical Specifications. One commenter recommended that the Participants ensure the Technical Specifications include provisions to ensure that multiple service providers are able to connect to CAT to report CAT Data. Another commenter stressed the importance of including connectivity requirements in the Technical Specifications. This commenter also stated that achievement of the CAT NMS Plan's reporting requirement would be dependent on the details in the Technical Specifications. Another commenter stated that while it supports the reporting procedures identified in the CAT NMS Plan, “clearly defined technical guidelines for field specifications under different trading scenarios” are also needed. A different commenter stated that the items to be included in the Technical Specifications “inappropriately constrain” the design of the CAT system to “too rigidly follow a traditional SQL database design” to the exclusion of more sophisticated analytical approaches.
TR Letter at 5; FIF Letter at 91; UnaVista Letter at 2.
TR Letter at 5 (recommending that the CAT Technical Specifications should include all scenarios currently covered in the OATS technical specification as well as additional scenarios on new processes related to the Customer definition process and options order reporting and that all scenarios required to meet the CAT NMS Plan Appendix D, Reporting & Linkage Requirements should be considered including step-outs, cancel-rebills, bunched orders and manual order processing); UnaVista Letter at 2.
TR Letter at 5.
FIF Letter at 124, 128.
Id. at 124.
UnaVista Letter at 2 (noting further that CAT certification courses, webinars, user groups and a forum for FAQs may improve knowledge transfer).
Data Boiler Letter at 9-10.
In response, the Participants explained that they believe that each of these items are more appropriately addressed in the Technical Specifications, and should not be incorporated as requirements of the Plan. Nevertheless, the Participants explained that they believe that each of the elements identified by the commenters will be incorporated into the Technical Specifications developed by the Plan Processor.
Response Letter I at 40.
The Commission acknowledges the importance of timely, comprehensive, and detailed Technical Specifications that will provide all CAT Reporters with effective guidance on how to report data to the Central Repository. The Commission notes that the CAT NMS Plan specifies a number of parameters for what the Technical Specifications must contain, including specifications for the layout of files and records submitted to the Central Repository and the process for file submissions. The Commission believes that it may be beneficial to include the elements referenced by the commenters, such as details regarding the submission of data for the Customer definition process and options order reporting, in the Technical Specifications, but believes that it is reasonable to allow the Plan Processor, with input from Industry Members during the iterative drafting process, to have some flexibility in determining these details of the Technical Specifications. In addition, the Participants have indicated that the elements referenced by the commenters will be incorporated into the Technical Specifications, and therefore the Commission does not believe it is necessary to amend the Plan to require these elements.
See CAT NMS Plan, supra note 5, at Section 6.9(b).
In response to the comment that the Plan's parameters regarding the content of the Technical Specifications are too rigid and limit the ability of the Plan Processor to offer certain design solutions, the Commission believes that the parameters strike an appropriate balance between providing the Bidders flexibility to offer a variety of solutions on the one hand and including some baseline requirements for the Technical Specifications on the other, and does not believe these parameters will inappropriately constrain the solutions that the Plan Processor can develop.
E. Capital Accounts, Allocations of Income and Loss, and Distributions (Articles VII and VIII)
As filed, the CAT NMS Plan provides that the Operating Committee must approve by Supermajority Vote a distribution of cash and property of the Company to the Participants. To the extent a distribution is made, all Participants must participate equally in any such distribution, except as otherwise provided in the CAT NMS Plan. The CAT NMS Plan, as filed, also includes provisions relating to each Participant's Capital Account, and how net profits and net losses (and any other item allocable to the Participants) shall be allocated to the Participants.
See CAT NMS Plan, supra note 5, at Section 8.5(a).
Id.
See id. at Article VIII.
Three commenters raised concerns about the CAT NMS Plan's proposed allocations of profit and loss, particularly concerning the ability of the Participants to profit from CAT. Two commenters argued that the CAT NMS Plan should be amended to state that any profits arising out of the CAT may not be used to fund the Participants' other operations. One of the commenters also stated that the CAT should operate at-cost and that funding related to the CAT should not create a surplus for the Participants.
SIFMA Letter; KCG Letter; DAG Letter.
SIFMA Letter at 19; DAG Letter at 5.
SIFMA Letter at 29.
Id. at 14.
Another commenter noted that the proposed funding model would allocate net profits or net losses only to Participants, even though both Participants and broker-dealers would be funding the Central Repository. The commenter deemed this inequitable and suggested that any profits should be distributed back to all entities that fund the CAT, not just the Participants. This commenter believed that the CAT should function as a non-profit industry utility, distributing profits to all entities funding the CAT and raising fees if there are any losses.
KCG Letter at 5.
Id.
Id.
In response, the Participants stated that the Company is expected to be operated on a “break-even” basis, with fees imposed to cover costs and an appropriate reserve, and explained that any surpluses would be treated as an operational reserve to offset future fees and would not be distributed to the Participants as profits. In addition, the Participants stated that they received advice from counsel to CAT NMS, LLC that the Company could qualify for tax exempt status as a “business league” under Section 501(c)(6) of the Internal Revenue Code and decided to have the Company apply for such status to allow it to establish reserves from the fees paid to the Company without incurring income taxes on those amounts. Accordingly, to ensure that the Company can qualify for the business league exemption, the Participants proposed that the Commission amend the Plan so that the Company is treated as a corporation for U.S. tax purposes, that distributions, if any, are made consistent with the purposes of Section 501(c)(6) of the Internal Revenue Code, and that certain other Plan provisions related to distributions to the Participants or to the taxation of the Company as a partnership for U.S. tax purposes be eliminated. In particular, the Participants suggested that the Commission amend the Plan to delete in its entirety Article VII, which pertains to Capital Accounts maintained by the Company for each Participant, and to replace Article VIII, which pertains to allocations of income and loss and distributions, with a provision stating that the Company intends to operate in a manner such that it qualifies as a business league within the meaning of Section 501(c)(6) of the Internal Revenue Code, and requiring the Operating Committee to submit an application to the Internal Revenue Service to attain such status for the Company.
Participants' Letter I at 1.
Id.
Id.
See id. The Participants also suggested conforming amendments to: Article I, to remove the definition of Capital Account; Article II, to state that the Company's activities also shall be consistent with its tax exempt status; Articles III, IX, and XII and Appendix C to eliminate certain references to the Participants' Capital Accounts and provisions regarding the Company's potential taxation as a partnership and its distributions and allocations; and Article X, to state that certain distributions after an event of dissolution shall be made to such persons or institutions as is consistent with the purposes of the Company and with Section 501(c)(6) of the Internal Revenue Code. See id.
The Commission believes that the Participants' stated intent to operate the CAT on a break-even basis is appropriate. Inasmuch as the CAT is a regulatory tool mandated under Rule 613, it should not be used to fund the SROs' other operations. To ensure the CAT is operated in this manner, the Commission is amending Section 11.1(c) of the CAT NMS Plan to require that any surplus of the Company's revenues over its expenses will be treated as an operational reserve to offset future fees. The Commission believes this amendment is reasonable because it formalizes the representation made by the Participants, and provides certainty that the Participants' operation of the CAT will not contribute to the funding of their other operations. The Commission notes that, under the Exchange Act, any fees proposed to be charged by the Participants to fund the CAT must be filed as proposed rule changes pursuant to Rule 19b-4(f)(2) or filed pursuant to Rule 608(b)(3)(i) with the Commission, published for public comment, and meet statutory standards with respect to reasonableness, equitable allocation, and other matters.
See 15 U.S.C. 78s(b)(3)(A)(ii); 17 CFR 242.608(b)(3)(i). The Commission notes that, although Section 11.1(b) of the CAT NMS Plan states that the Participants will file fees for Industry Members pursuant to Section 19(b) of the Exchange Act, the Participants could choose to submit the proposed fee schedule to the Commission as individual SROs pursuant to Rule 19b-4 under the Exchange Act or jointly as Participants to an NMS plan pursuant to Rule 608 of Regulation NMS. See 17 CFR 240.19b-4; 17 CFR 242.608. Because the proposed fee schedule would establish fees, whether the Participants individually file it pursuant to Section 19(b)(3)(A)(ii) of the Act, or jointly file it pursuant to Rule 608(b)(3)(i) of Regulation NMS, the proposed fee filings will be eligible for immediate effectiveness. See 15 U.S.C. 78s(b)(3)(A)(ii); 17 CFR 242.608(b)(3)(i). The Commission also notes that publication will be subject to the filing of the fee proposal by the Participants that satisfies the requirements of the Exchange Act. If the Participants file the proposed fee schedule pursuant to Rule 19b-4(f)(2) and the Commission deems such fees not to meet applicable statutory standards, the Commission summarily may temporarily suspend the fees if it appears to the Commission that such action is necessary or appropriate in the public interest, for the protection of investors, or otherwise in furtherance of the purposes of the Exchange Act. See 15 U.S.C. 78s(b)(3)(C). If the Commission takes such action, the Commission shall institute proceedings under Section 19(b)(2)(B) to determine whether the proposed rule should be approved or disapproved. See 15 U.S.C. 78s(b)(3)(A). If the Participants file the proposed fee schedule pursuant to Rule 608(b)(3)(i), the Commission may summarily abrogate the fees and require them to be refiled in accordance with Rule 608(a)(1) and reviewed in accordance with Rule 608(b)(2) if it appears to the Commission that such action is necessary or appropriate in the public interest, for the protection of investors, or the maintenance of fair and orderly markets, to remove impediments to, and perfect the mechanisms of, a national market system or otherwise in furtherance of the purposes of the Exchange Act. See 17 CFR 242.608(b)(3)(iii).
Id.
The Commission believes that it is reasonable to amend the Plan as filed by the Participants to treat CAT NMS, LLC as a tax exempt business league under Section 501(c)(6) of the Internal Revenue Code. The Commission believes that allowing the Company to establish reserves from the fees paid to the Company without incurring income taxes on those reserves would be more efficient and could potentially make more funding available to pay for the development and operation of the CAT or reduce fees. Further, the Commission believes that that the Company's application for Section 501(c)(6) business league status addresses issues raised by commenters about the Plan's proposed allocations of profit and loss by mitigating concerns that the Company's earnings could be used to benefit individual Participants. Accordingly, the Commission is amending the Plan as filed by the Participants to delete in its entirety Article VII, which pertains to Capital Accounts maintained by the Company for each Participant, and to replace Article VIII, which pertains to allocations of income and loss and distributions, with a provision stating that the Company intends to operate in a manner such that it qualifies as a business league and that the Operating Committee will apply to attain such status for the Company. The Commission is also amending the Plan to make the conforming amendments to Articles I-III, IX, X, and XII and Appendix C as suggested by the Participants.
The Commission defers, however, to the Internal Revenue Service regarding whether CAT NMS, LLC meets all the necessary requirements to so qualify.
To qualify as a business league, an organization must “not [be] organized for profit and no part of the net earnings of [the organization can] inure[ ] to the benefit of any private shareholder or individual.” 26 U.S.C. 501(c)(6).
See supra note 1708.
F. Funding of the Company (Article XI)
The CAT NMS Plan contemplates a bifurcated funding model, where costs associated with building and operating the Central Repository would be borne by (1) Participants and Industry Members that are “Execution Venues” through fixed tier fees, and (2) Industry Members (other than ATSs), through fixed tier fees based on message traffic. With respect to Execution Venues, the Operating Committee will establish at least two, and no more than five, tiers of fixed fees based on the Execution Venue's NMS Stock and OTC Equity Securities market share, as calculated by share volume. Execution Venues that execute transactions in Listed Options will pay a fixed fee depending on the Listed Options market share of such Execution Venue, with the Operating Committee establishing at least two, and no more than five, tiers of fixed fees based on an Execution Venue's Listed Options market share, as calculated by contract volume. With respect to Industry Members, the Plan provides that the Operating Committee will establish fixed fees to be payable by Industry Members based on the message traffic generated by such Industry Member. In addition to the message traffic fees for the non-ATS activities of Industry Members, the Plan provides that message traffic fees will be assessed on message traffic generated by: (i) An ATS that does not execute orders and that is sponsored by such Industry Member; and (ii) routing orders to and from any ATS sponsored by such Industry Member. The Operating Committee will establish at least five, and no more than nine, tiers of fixed fees based on message traffic.
The CAT NMS Plan defines “Execution Venue” as “a Participant or an alternative trading system (“ATS”) (as defined in Rule 300 of Regulation ATS) that operates pursuant to Rule 301 of Regulation ATS (excluding any such ATS that does not execute orders).” See CAT NMS Plan, supra note 5, at Section 1.1. The CAT NMS Plan categorizes FINRA as an Execution Venue because it has trades reported by its members to its trade reporting facilities (“TRFs”) for reporting transactions effected otherwise than on an exchange. See id. at Section 11.3(i).
See id. at Section 11.3(a)(i)-(ii); Section 11.3(b); Appendix C, at Section B.7(b)(iv)(B).
See id. at Section 11.3(a)(i).
See id. at Section 11.3(a)(ii).
See id. at Section 11.3(b); Appendix C, Section B.7(b)(iv)(B).
1. Funding Model Generally
Several commenters argued that the proposed funding model unfairly or inappropriately allocates costs to Industry Members and away from Participants. One commenter believed that the Commission should consider whether Industry Members should fund the costs of CAT at all.
KCG Letter at 3; DAG Letter at 4; see also FSR Letter at 9-10 (noting the ultimate cost of the CAT will be in the billions of dollars, “which will be passed-down to the Industry Members and investors through new fees”).
DAG Letter at 4; see also STA Letter at 1 (supporting the DAG Letter's cost and funding recommendations).
Some commenters stated that requiring the creation and maintenance of a Participant-owned and -operated system like CAT to be partially funded by Industry Members would be a significant departure from the funding models currently used for existing regulatory systems. One of these commenters believed that the Participants should justify the need for Industry Members to fund the creation and ongoing costs of the CAT. The commenter opposed any Participant-imposed fee for the CAT, and stated that the CAT NMS Plan does not distinguish between the costs of the CAT that are associated with Industry Member data reporting and costs associated with the Participants' regulatory uses. This commenter further stated that the funding authority of the CAT should extend only to expenses directly related to the reasonable implementation and operating costs of the CAT system, such as costs related to the management of the business of the CAT, and the direct costs of building and maintaining of the Central Repository. The commenter specifically opposed the Participants' proposal to recover the costs of the creation or development of the CAT NMS Plan, such as legal and consulting costs, and expressed the view that these costs are solely the responsibility of the Participants as part of their regulatory cost of doing business. Further, this commenter suggested that the governance structure include an audit committee to assure that the CAT's revenue is used for regulatory purposes.
SIFMA Letter at 14 (noting that the Participants fund similar systems like OATS themselves and then a portion of those costs are borne by Industry Members through fees); DAG Letter at 5.
SIFMA Letter at 14.
Id.
Id. at 17. The commenter further noted that the Plan does not address how new costs resulting from regulatory research needs are allocated, providing as an example if the Commission requested a significant increase in the Central Repository's processing capability to facilitate a large-scale analysis related to a market structure study, opining that it would be inappropriate to require Industry Members to pay for Participant-specific system enhancements through the general allocation of CAT costs. Id. at 18.
Id. at 15.
Id.; see also DAG Letter at 4-5.
SIFMA Letter at 29.
Finally, two commenters believed that, to the extent the CAT generates cost savings for the Participants, that cost savings should be used first to fund the CAT before fees are imposed on Industry Members.
SIFMA Letter, DAG Letter; see also STA Letter at 1 (supporting the DAG Letter's cost and funding recommendations).
In response, the Participants stated that Rule 613 specifically contemplated the allocation of the costs of the creation, implementation and maintenance of the CAT among both the Participants and their members, and that the Adopting Release for Rule 613 discussed and permitted the recovery of such costs by Participants from their members. Additionally, with respect to the comments that objected to Participants using fees under the Plan to recover development costs of the Plan, and in particular legal and consulting costs, the Participants explained that Rule 613 permitted the Participants to propose to recover such costs. The Participants stated their belief that it is equitable that the Industry Members as well as Participants contribute to the funding of the CAT, including the development of the Plan governing the CAT, because both benefit from the enhanced market oversight afforded regulators by the CAT, and noted that adopting CAT-specific fees would provide greater transparency for market participants than a general regulatory fee.
Response Letter II at 9-10 (citing 17 CFR 242.613(a)(1)(vii)(D) and Adopting Release, supra note 14, at 45795).
Response Letter II at 13.
Id.
Id. at 10.
Id.
In response to the commenters that suggested that the CAT be funded, at least in part, by cost savings, the Participants acknowledged that cost savings from retiring existing systems will partially offset their expenses associated with the CAT, but declined to make any specific funding commitments.
SIFMA Letter at 17-18; DAG Letter at 4.
Response Letter II at 16. Specifically, the Participants stated that they expect to realize approximately $10.6 million in cost savings associated with the retirement of existing systems when moving to the CAT. However, they also said that they will incur approximately $17.9 million in expenses associated with complying with the CAT reporting requirements, and an additional $23.2 million in expenses related to the implementation of surveillance programs.
The Participants, as SROs, have traditionally recovered their regulatory costs through the collection of fees from their members, and such fees are specifically contemplated by the Exchange Act. The Participants currently collect certain regulatory and other fees, dues and assessments from their members to fund their SRO responsibilities in market and member regulation; such fees must be consistent with applicable statutory standards under the Exchange Act, including being reasonable, equitably allocated and not unfairly discriminatory.
Sections 6(b)(1) and 15A(b)(2) of the Exchange Act require that an exchange or association have the capacity to be able to carry out the purposes of the Exchange Act, the rules and regulations thereunder, and the rules of the exchange or association. 15 U.S.C. 78f(b)(1); 15 U.S.C. 78o-3(b)(2). See e.g., Schedule A to the By-Laws of FINRA, Section 1(a) (stating “FINRA shall, in accordance with this section, collect member regulatory fees that are designed to recover the costs to FINRA of the supervision and regulation of members, including performing examinations, financial monitoring, and policy, rulemaking, interpretive, and enforcement activities”). As SROs, the Participants have an obligation to be so organized and have the capacity to be able to carry out the purposes of the Exchange Act, and to enforce compliance by their members with the Exchange Act and their rules. 15 U.S.C. 78f(b)(1); 15 U.S.C. 78o-3(b)(2).
15 U.S.C. 78f(b)(4); 15 U.S.C. 78o-3(b)(5).
15 U.S.C. 78f(b)(5); 15 U.S.C. 78o-3(b)(6).
The Commission believes that the proposed funding model reflects a reasonable exercise of the Participants' funding authority to recover the Participants' costs related to the CAT. The CAT is a regulatory facility jointly owned by the Participants and, as noted above, the Exchange Act specifically permits the Participants to charge members fees to fund their self-regulatory obligations. The Commission further believes that the proposed funding model is designed to impose fees reasonably related to the Participants' self-regulatory obligations because the fees would be directly associated with the costs of establishing and maintaining the CAT, and not unrelated SRO services. The Commission emphasizes that the CAT NMS Plan does not set forth, and the Commission is not hereby approving, the specific fees to be charged by the Participants; rather, such fee proposals later will be separately filed with the Commission by the Participants, published for public comment, and assessed by the Commission for consistency with applicable Exchange Act standards, including whether they are reasonable and equitably allocated, and not unfairly discriminatory.
15 U.S.C. 78f(b)(5); 15 U.S.C. 78o-3(b)(6).
2. Funding Model's Allocation of Costs
Several commenters expressed concern about the proposed allocation of CAT costs between the Participants and Industry Members. Some expressed concern that the majority of the costs of the CAT would be allocated to Industry Members, with some estimating that Industry Members would pay approximately 88% of the ongoing annual costs of the CAT. One commenter stated that the funding model is “excessively and unjustifiably weighted to broker-dealers,” and requested to review proposed CAT fees to ensure they are reasonable and equitable. Another commenter expressed concern that the costs and funding of CAT might not be allocated equitably among Industry Members and Participants, given that the Participants are sole voting members of the Plan.
KCG Letter; SIFMA Letter; Fidelity Letter; FSR Letter; DAG Letter; Data Boiler Letter; Wachtel Letter.
See DAG Letter at 4 (noting that the CAT NMS Plan estimates that 88% of the annual costs of CAT would be allocated to Industry Members, and that the Participants additionally intend to require Industry Members to help fund the creation and ongoing costs of CAT, significantly increasing the burden on Industry Members); KCG Letter at 4; SIFMA Letter at 12-13 (noting that the total estimated annual cost of the CAT NMS Plan would be $1.7 billion, of which $1.5 billion, or 88% of the costs for the operation of CAT, would be borne by Industry Members). One of these commenters stated that, although not mentioned in the CAT NMS Plan, it believed the Participants anticipate allocating 75% of CAT Central Repository build and operational costs to Industry Members and 25% to Execution Venues, thereby shifting the majority of CAT costs away from the SROs and on the Industry Members, and increasing the Industry Member portion of annual CAT-related costs from approximately 88% to more than 96%. KCG Letter at 4. That commenter stated that “[t]his methodology is inequitable and serves to underscore the inherent conflicts of interest the SROs face with respect to CAT funding and the effects of precluding broker-dealers from meaningfully participating in management of the CAT.” KCG Letter at 4-5.
SIFMA Letter at 13.
Id. at 18.
Fidelity Letter at 5.
More generally, two commenters believed that the CAT NMS Plan's funding model lacks sufficiently detailed information. One of the commenters stated that the Plan's funding model does not adequately represent the industry feedback that the group provided to the Participants, and noted that the CAT NMS Plan lacks an analysis of how a CAT fee would fit into the existing funding model for regulation, including whether FINRA trading activity fees would be reduced after OATS is retired. Another commenter stated that the information made publicly available in the CAT NMS Plan is insufficient for it to provide meaningful analysis on the funding model.
SIFMA Letter; DAG Letter.
DAG Letter at 5.
SIFMA Letter at 16. This commenter noted that the CAT NMS Plan provides only a high-level description of a funding model that reflects no input from broker-dealers and contains very little information on how costs will be allocated between broker-dealers and Participants. Id. at 13.
The Participants disputed the estimate quoted by several commenters that Industry Members would bear 88% of the costs of the CAT, stating that this calculation referred to Industry Member compliance costs, and does not directly reflect CAT fees to be imposed pursuant to the Plan.
Response Letter II at 10. The Participants stated that the funding model provides a framework for the recovery of the costs to create, develop and maintain the CAT, and is not meant to address the cost of compliance for Industry Members and Participants with the reporting requirements of Rule 613.
In response to the commenter that asked whether existing regulatory fees would be reduced once the CAT is implemented, the Participants stated that each SRO will consider potential revisions to its existing regulatory fees once the CAT begins operation and legacy systems are retired. The Participants also disagreed with the commenters that expressed concern that the funding model does not adequately reflect industry input, and stressed that the funding model was discussed with the DAG many times and that the funding model was developed taking into account their input.
DAG Letter at 5.
Response Letter II at 17-18.
SIFMA Letter at 13; DAG Letter at 4.
Response Letter II at 18.
The Commission believes that the proposed funding model is reasonably designed to allocate the costs of the CAT between the Participants and Industry Members. The Commission notes that the proposed funding model set forth in the Plan does not specify that the Participants or Industry Members would bear any particular percentage allocation of the costs associated with building and operating the Central Repository. As noted above, the Participants are permitted to recoup their regulatory costs under the Exchange Act through the collection of fees from their members, as long as such fees are reasonable, equitably allocated and not unfairly discriminatory, and otherwise are consistent with Exchange Act standards. The Commission will have the opportunity, at a later date, to review, and Industry Members and other interested persons will have the opportunity to comment upon, the specific fees the Participants intend to impose pursuant to the general funding model discussed herein.
15 U.S.C. 78f(b)(5); 15 U.S.C. 78o-3(b)(6).
See Section IV.F.1, supra.
3. Message Traffic and Market Share Distinction
Two commenters addressed the proposed allocation of costs between Execution Venues and Industry Members based on market share and message traffic, respectively. One of the commenters questioned the allocation of costs to Industry Members by message-traffic tiers, noting that market makers in exchange-traded products (“ETPs”) could incur much greater allocated costs than market makers in corporate stocks, given that market makers in ETPs may generate ten times the amount of message traffic per executed trade as market makers in corporate stocks. The commenter also noted that Industry Members that primarily take liquidity do not generate significant quote-message traffic, so that “any mechanism that allocates costs to broker-dealers strictly based on message traffic would unfortunately disadvantage broker-dealers that typically provide liquidity compared to those that may only take liquidity,” thereby discouraging the display of quotes. The commenter expressed concern that the Plan does not explain how much the Participants would charge per message or per market share percentage, or how they would assign the fixed-fee tiers to exchanges and Industry Members.
SIFMA Letter at 16-17; Data Boiler Letter at 15; see also DAG Letter at 5 (urging additional transparency related to the funding model based on market share and message traffic).
SIFMA Letter at 17.
Id.
Id. at 16.
This commenter also noted that the CAT NMS Plan does not distinguish between costs of the CAT that are related to Industry Member data collection and processing, and costs of the CAT related to SRO surveillance and research, and expressed the view that allocating CAT costs simply based on message traffic or market share would make Industry Members subsidize Participant surveillance systems and other regulatory functions that currently are funded by the Participants through other regulatory fees imposed on Industry Members. Finally, this commenter stated that the CAT NMS Plan does not explain why the SROs propose to allocate costs by message-traffic tiers for non-ATS Industry Members and by market share for exchanges and ATSs, and expressed concern that the market share approach applicable to exchanges and ATSs is primarily driven by their ability to pay, as opposed to the actual costs they impose on the Central Repository.
Id. at 17-18.
Id. at 16-17. The commenter urged the Participants to explain why they would not use the market share method of allocation for non-ATS Industry Members.
Another commenter expressed the view that the proposed allocation of fees among Participants, other types of Execution Venues and Industry Members is not fair, and that assessing fees based on message traffic and market share is not appropriate or reasonable. This commenter stated that charging for message traffic would amount to a “financial transaction tax” that would negatively impact the financial markets, and recommended that charges instead be based on “quarantine or red-flag of suspicious trade messages.”
Data Boiler Letter at 15.
Id.
Id.
In response, the Participants explained that “[i]n designing a funding model, the Participants have sought to ensure an equitable allocation of fees such that large broker-dealers or broker-dealer complexes and large Participants or Participant complexes pay more than small broker-dealers and small exchanges.” The Participants believe that there is a strong correlation between message traffic and the size of an Industry Member, and that Industry Members increase their message traffic volume as they grow. The Participants stated that message traffic is a key component of the costs of operating the CAT, so they believe that message traffic is an appropriate criterion for placing Industry Members in a certain fee tier. The Participants also expressed the view that the correlation between message traffic and size does not apply to Execution Venues, which they describe as producing similar amounts of message traffic regardless of size. They explained that charging Execution Venues based on message traffic would make large and small Execution Venues pay comparable fees, which they believe would be an inequitable result, so the Participants decided to treat Execution Venues differently from Industry Members in the funding model. The Participants estimated that the result of the funding model would be that fees for the smallest Execution Venues would be comparable to the largest Industry Members, and that aggregate fees for Participant complexes would be at least comparable to those of large Industry Members.
Response Letter II at 11.
Id.
Id.
Id.
Id. at 12.
“Participant complexes” refers to Affiliated Participants, which include single entities that hold self-regulatory licenses for multiple exchanges. The Plan defines “Affiliated Participant” as “any Participant controlling, controlled by, or under common control with another Participant.” See CAT NMS Plan, supra note 5, at Section 1.1.
Response Letter II at 12.
In response to the commenter that stated that the funding model should distinguish between the costs of Industry Member data collection and processing and the costs related to SRO surveillance and research, and to the commenter that recommended that fees be based on suspicious trade messages, the Participants noted that the Bidders cited data ingestion and processing as the primary driver of CAT costs and thus believe that data collection and processing requirements are a reasonable basis for allocating costs to CAT Reporters. As to concerns that a fee based on message traffic would discourage the display of quotes, the Participants explained that “one of the reasons for proposing a tiered, fixed fee funding model was to limit the disincentives to providing liquidity to the market,” as might be the case with a strictly variable funding model.
SIFMA Letter at 17-18.
Data Boiler Letter at 15.
Response Letter II at 14.
SIFMA Letter at 17.
Response Letter II at 16. As an example, the Participants stated that a firm with a large volume of quotes would likely be categorized by the proposed funding model in an upper fee tier instead of being assessed a fee for its message traffic directly as it would be under “a more directly metered model.”
The Commission expressed concern in the Notice that the structure of the funding model could provide a competitive advantage to exchanges over ATSs. Under the proposed funding model, for an execution occurring on an exchange, the exchange would pay an Execution Venue fee based on its market share to the CAT. For an execution that occurs on an ATS, the Industry Member operating the ATS would pay an Execution Venue fee based on its market share and the national securities association also would pay an Execution Venue fee based on its market share when the ATS trade is reported to it. In the Notice, the Commission expressed concern that, under the Plan, ATS volume would effectively be charged once to the Industry Member operating the ATS and a second time to FINRA, which would result in ATS volumes contributing twice as much to CAT funding as exchange volumes. The Commission further inquired whether the funding model would disadvantage ATSs relative to registered exchanges, and whether trading volume could migrate to exchanges in response.
See Notice, supra note 5, at 30740.
The Commission notes that the Industry Member that operates an ATS also will be subject to message traffic fees. Section 11.3(b) of the CAT NMS Plan states: “The Operating Committee will establish fixed fees to be payable by Industry Members, based on the message traffic generated by such Industry Member. . . . For the avoidance of doubt, the fixed fees payable by Industry Members pursuant to this paragraph shall, in addition to any other applicable message traffic, include message traffic generated by: (i) An ATS that does not execute orders that are sponsored by such Industry Member, and (ii) routing orders to and from any ATS sponsored by such Industry Member.” See CAT NMS Plan, supra note 5, at Section 11.3(b).
Section 11.3(a)(i) of the CAT NMS Plan states: “Each Execution Venue that: (A) Executes transactions; or (B) in the case of a national securities association, has trades reported by its members to its trade reporting facility or facilities for reporting transactions effected otherwise than on an exchange, in NMS Stock or OTC Equity Securities will pay a fixed fee depending on the market share of that Execution Venue in NMS Stock and OTC Equity Securities . . .” Section 11.3(b) applies to Execution Venues transacting in Listed Options, stating: “Each Execution Venue that executes transactions in Listed Options will pay a fixed fee depending on the Listed Options market share of that Execution Venue . . .” See CAT NMS Plan, supra note 5, at Section 11.3(a)(i)-(ii).
See Notice, supra note 5, at 30740. The Commission solicited comment on two Commission-proposed alternatives pertaining to fees imposed on ATSs. In the first alternative, the Commission proposed excluding ATS volume from TRF volume. The Commission stated that this alternative would allow SROs that operate TRFs (currently only FINRA) to avoid paying Execution Venue fees for volume originating from an ATS execution and would avoid double-counting ATS volume as share volume. See id. at 30768. The Commission also solicited comment on not charging Industry Members for message traffic to and from their ATSs while still assessing fees to ATSs as Execution Venues or exchange Industry Members for their message traffic. The Commission explained that this alternative would mitigate incentives for Industry Members to route their orders in order to minimize costs under the proposed funding model. Id.
To address this concern, the Participants recommended modifying the proposed funding model to exclude from the charges applicable to a national securities association any market share attributable to transactions reported to it by an ATS.
Response Letter II at 13.
The Commission finds reasonable the suggested modification to the funding model by the Participants and, accordingly, is amending Section 11.3(a)(i) of the CAT NMS Plan so that the share volume of trades in NMS Stocks or OTC Equity Securities reported by an ATS to a national securities association shall not be included in the calculation of the national securities association's market share for purposes of determining its Execution Venue fee. The Commission believes this amendment helps to mitigate concerns that this aspect of the proposed funding model, by effectively double-counting ATS transactions, would result in an inequitable allocation of fees, unfair discrimination and an unnecessary burden on competition.
With this change, the Commission believes that the funding model set forth in the CAT NMS Plan is reasonable. The Participants have offered a credible justification for using different criteria to charge Execution Venues (market share) and Industry Members (message traffic). The Participants also have offered a reasonable basis for establishing a funding model based on broad tiers, in that it may be easier to implement and less likely to have an incremental deterrent effect on liquidity provision.
Further, the Commission believes that the tiered fee structure effectively mitigates a concern expressed by a commenter that charging for message traffic would amount to a “financial transaction tax” that would negatively impact the financial markets. See Data Boiler Letter at 15.
In response to concerns that the funding model could make Industry Members subsidize Participant surveillance systems and functions that currently are funded through regulatory fees on Industry Members, the Commission reiterates that the Exchange Act permits the Participants to assess fees among their members to recoup their regulatory costs, as long as such fees meet the applicable Exchange Act standards, including that they be reasonable and equitably allocated, and are not unfairly discriminatory. When such fee proposals are filed with the Commission, they will be published for public comment, and the Commission will have the opportunity to assess the fees.
SIFMA Letter at 17-18.
See supra note 1709.
4. Transparency and Alternatives to the Funding Model
Five commenters advocated for greater transparency into CAT funding. One commenter recommended that the CAT's costs and financing be completely transparent and that the CAT should have “publicly disclosed annual reports, audited financial statements, and executive compensation disclosure.” The commenter also recommended that the Participants engage an independent third party to design the funding model, determine any CAT fees to be charged by Participants, and audit their regulatory revenues and the allocation thereof. It also believed that the Commission should publish the results of the audit. Another commenter similarly recommended that the Commission require the Participants to engage an independent third party to review and make recommendations for a transparent and equitable funding model. Another commenter urged transparency in the process of calculating any fees assessed on Participants to make sure they are related to the costs to build, operate, and administer the CAT. One commenter suggested a greater role in CAT NMS Plan governance for Industry Members and institutional investors to help ensure that the costs and funding of CAT are allocated equitably among Industry Members and SROs.
SIFMA Letter; FSI Letter; KCG Letter; Fidelity Letter at 5; DAG Letter. One commenter generally supported additional transparency into the funding model with respect to market share and message traffic. See DAG Letter at 5; see also STA Letter at 1 (supporting the DAG Letter's cost and funding recommendations).
SIFMA Letter at 29.
Id. at 14.
Id.
KCG Letter at 5.
FSI Letter at 6.
Fidelity Letter at 5.
Two commenters offered alternative funding models. One commenter suggested that CAT fees be set by an independent advisory committee, rather than by the Operating Committee. The other commenter recommended a centralized funding mechanism for the CAT, with the Participants collectively charging Industry Members a single CAT fee instead of each creating their own independent fees, believing it to be the most efficient and consistent way to collect CAT fees. The commenter also suggested that, before the Participants impose any CAT fees on Industry Members, they should provide a public accounting of their current revenues and how that money is spent.
Data Boiler Letter; SIFMA Letter.
Data Boiler Letter at 15.
SIFMA Letter at 18.
Id.
Four commenters recommended imposing certain specific fees to fund the CAT. Three of the commenters suggested that the Participants and the Commission pay a user fee for the CAT, since they are direct beneficiaries of the system. Another commenter suggested that the costs of building and maintaining the CAT should be borne by CAT Reporters through a filing or technology fee, and recommended charging CAT Reporters with high cancellation rates and those that add “noise” to the CAT system a special usage fee.
SIFMA Letter; Better Markets Letter; FSR Letter; DAG Letter; see also STA Letter at 1 (supporting the DAG Letter's cost and funding recommendations).
SIFMA Letter at 18, 30 (stating that if Industry Members must pay a user fee to access their own CAT data, then there should be also be a user fee for the Participants); FSR Letter at 10; DAG Letter at 5; see also STA Letter at 1 (supporting the DAG Letter's cost and funding recommendations).
Better Markets Letter at 5.
Id. at 6.
In response, the Participants stated that they did not believe that an independent third party should be hired to evaluate CAT fees, noting that all CAT fees would be filed with the Commission pursuant to the Exchange Act, so that Industry Members and other interested persons would have an opportunity to comment, and the Commission would evaluate whether they are consistent with the statutory standards. The Participants also noted that the funding model is intended to operate the CAT on a break-even basis, without creating profits for individual Participants. In addition, the Participants stressed that they are prohibited from using regulatory fees for commercial purposes. The Participants concluded that employing an independent third party would be unnecessary in light of these provisions.
Response Letter II at 17.
Id.
Id. at 17 n.60.
Id. at 17.
In response to the commenter that recommended a centralized funding mechanism, the Participants indicated that they intend for fees to be billed and collected centrally through the CAT LLC, so that each Industry Member will receive one invoice instead of separate invoices from each Participant. In response to the suggestion that the Participants charge a regulatory usage fee, the Participants noted that the CAT NMS Plan authorizes the imposition of such a fee, and stated that they plan to evaluate the implementation of usage fees within a year after the Participants begin using the CAT.
SIFMA Letter at 15.
Response Letter II at 15.
Id.
The Commission believes that the funding model proposed by the Participants, as amended by the Commission, is consistent with Rule 613(a)(1)(vii)(D) and is reasonable. Rule 613(a)(1)(vii)(D) requires the Participants to discuss in the CAT NMS Plan how they propose to fund the creation, implementation and maintenance of the CAT, including the proposed allocation of estimated costs among the Participants, and between the Participants and Industry Members. In the CAT NMS Plan, the Participants set forth a funding model that establishes a framework for the allocation of CAT costs across Participants and Industry Members. At this time, the Commission believes that the Exchange Act rule filing process, described above, will provide sufficient transparency into the fees charged by the Participants that are associated with CAT.
See 17 CFR 240.19b-4(f)(2); see also 15 U.S.C. 78s(b)(3)(A); 17 CFR 242.608; supra note 1756.
With respect to the suggested imposition of a regulatory user fee, a fee for high cancellation rates and “noise,” or a specific technology fee, the Commission notes that nothing in the Plan prohibits such fees from being charged and, if the Participants determine such fees to be appropriate, they may file a proposed rule change that would be subject to public comment and Commission review.
SIFMA Letter at 18; FSR Letter at 10, DAG Letter at 5; see also STA Letter at 1 (supporting the DAG Letter's cost and funding recommendations).
Better Markets Letter at 6.
Id. at 5.
See Section V.F.3.b, infra, for additional discussion of these comments. As it relates to fees that the Operating Committee may impose for access to and use of the CAT for regulatory and oversight purposes, the Commission interprets the provisions in the Plan relating to the collection of fees as applying only to Participants and Industry Members, and thus the Commission would not be subject to such fees.
5. Miscellaneous
The Commission notes that it is amending Section 11.1(d) of the CAT NMS Plan, which currently states that the Operating Committee shall adopt policies, procedures, and practices regarding, among other matters, the assignment of fee tiers, and that, as part of its regular review of fees for the CAT, the Operating Committee shall have the right to change the tier assigned to any particular Person in accordance with Article XI, and such changes will be effective upon reasonable notice to such Person. The Commission is amending this section to provide that the Operating Committee shall have the right to change the tier assigned to any particular Person in accordance with fee schedules previously filed with the Commission by the Operating Committee that are reasonable, equitable and not unfairly discriminatory and subject to notice and comment. The Commission believes this amendment to Section 11.1(d) is appropriate because it limits the discretion of the Operating Committee to change the tier assigned to a particular Person to objective standards previously filed with the Commission that are consistent with Exchange Act standards, and provides notice of any changes to the objective standards and the opportunity for public comment.
G. Dispute Resolution
As noted above, the Plan does not include a general provision addressing the method by which disputes arising in connection with the operation of the Plan will be resolved. The Plan does, however, provide the means for resolving disputes regarding the Participation Fee in Articles III and XI of the Plan. The Commission did not receive any comments regarding these general dispute resolution provisions. However, the Commission is amending Article III to make it consistent with Article XI.
See Notice, supra note 5, at 30635.
CAT NMS Plan, supra note 5, at Section 3.3.
Specifically, Article III, Section 3.3(b) of the Plan states that, in the event that the Company and a prospective Participant do not agree on the amount of the Participation Fee, such amount will be subject to the review by the Commission. The Plan currently cites to Section 11A(b)(5) of the Exchange Act as the authority by which the Commission can review such disputes. However, Section 11A(b)(5) of the Exchange Act is not the appropriate authority for Commission review under these circumstances because the CAT is not a “registered securities information processor.” Accordingly, the Commission is making a technical amendment to the Plan (consistent with Article XI, Section 11.5) to provide that in the event that the Company and a prospective Participant do not agree on the amount of the Participation Fee, such amount will be subject to review by the Commission pursuant to SEC Rule 608 or in any other appropriate forum.
See id. at Section 3.3(b); see also, Exchange Act Section 11A(b)(5), 15 U.S.C. 78k-l(b)(5) (which provides that a prohibition or limitation on access to services by a registered securities information processor must be reviewed by the Commission upon application by an aggrieved person).
H. Written Assessments, Audits and Reports
Section 6.6 of the Plan as filed, pursuant to Rule 613(b)(6), requires the Participants to provide the Commission with a written assessment of the operation of the CAT at least every two years or more frequently in connection with any review of the Plan Processor's performance. The Plan requires that such written assessment include, at a minimum: (i) An evaluation of the Plan Processor's performance; (ii) a detailed plan for any potential improvements to its performance; (iii) an estimate of the costs associated with any such potential improvements; and (iv) an estimated implementation timeline for any such potential improvements.
See CAT NMS Plan, supra note 5, at Section 6.6.
Id.
The Commission believes that it is important that the CAT keep pace with technological developments and changes to industry business practices, which can occur very rapidly. As such, the Commission believes that assessments more frequent than biannually of the CAT's standards and processes could ensure that the Plan Processor and the Participants remain current in their knowledge of technological and business developments and facilitate enhancements to the CAT as appropriate. The Commission believes that the preparation of reports and assessments on an annual basis, rather than a biannual basis, will help ensure that CAT technology and operations continue to provide timely, accurate, complete and accessible data, and that it is collected in a cost-effective manner. Accordingly, the Commission is amending Section 6.6 of the Plan to change the frequency of the assessment contemplated by Rule 613(b)(6) from biannual to annual.
The Commission is also amending Section 6.6 of the Plan to provide further detail regarding elements of the written assessment to be conducted by the Participants. Specifically, as amended, the Participants' annual written assessment must also include: (1) An evaluation of the information security program of the CAT to ensure that the program is consistent with the highest industry standards for protection of data; (2) an evaluation of potential technological upgrades based upon a review of technological developments over the preceding year, drawing on necessary technological expertise, whether internal or external; (3) an assessment of efforts to reduce the time to restore and recover CAT Data at a back-up site; (4) an assessment of how the Plan Processor and SROs are monitoring Error Rates and addresses the application of Error Rates based on product, data element or other criteria; (5) a copy of the evaluation required by Section 6.8(c) of the Plan as to whether industry standards have evolved such that: (i) The clock synchronization standard in Section 6.8(a) should be shortened; or (ii) the required timestamp in Section 6.8(b) should be in finer increments; and (6) an assessment of whether any data elements should be added, deleted or changed. The Commission believes that requiring these specific issues to be addressed in the Participants' annual assessment will focus the Plan Processor and Participants on critical technological and other developments, and should help ensure that CAT technology is up-to-date, resilient and secure, and provides accurate CAT Data.
See Section IV.D.6.a, supra.
See Section IV.D.14, supra.
See Section IV.D.12, supra.
See Section IV.D.11, supra.
See Section IV.D.13, supra.
Section 6.6 of the Plan as filed also requires the Participants to provide an estimate of the costs associated with any potential improvements to the performance of the CAT, including an assessment of the potential impact on competition, efficiency and capital formation. The Commission believes, however, that it is important that the Participants consider not just the costs but also the potential benefits associated with any improvements to the performance of the CAT, including the impact on investor protection. Accordingly, the Commission is also amending Section 6.6 of the Plan to require the annual assessment to consider the benefits of potential improvements to the CAT, including to investor protection.
The Commission is further amending Section 6.6 of the Plan to require that the Participants provide the Commission with certain written reports on a one-time basis. First, the Participants must provide the Commission, and make public, at least one month prior to submitting any rule filing to establish initial fees for CAT Reporters, an independent audit of the fees, costs, and expenses incurred by the Participants on behalf of the Company prior to the Effective Date of the Plan. The Commission notes that any such filing will be published for public notice and comment. As the Commission understands that the Participants intend to recover through CAT fees the amounts spent on the development of the CAT to date, to facilitate public comment and Commission review of such fee filings, the Commission believes it is appropriate for the Participants to obtain an audit of the fees, costs and expenses incurred by the Participants on behalf of the Company prior to the Effective Date.
See Section III.6., supra.
See supra note 1709.
Second, the Commission is amending the Plan to require the Participants to provide the Commission with a written assessment of the clock synchronization standards in the Plan within six months of effectiveness of the Plan. As noted above, the Commission believes that the Participants should consider the type of CAT Reporter, the type of Industry Member, and type of system when determining industry standards, and is amending the Plan to clarify this more granular approach. The Commission believes the Participants should consider the Plan's clock synchronization standards in light of this clarification promptly, and propose any appropriate amendments, and that a six-month timeframe to do so is reasonable.
See Section IV.D.13, supra.
Third, the Commission is amending the Plan to require the Participants to provide the Commission with a written report that discusses the Participants' assessment of implementing coordinated surveillance, whether through 17d-2 agreements, RSAs, or some other approach, within 12 months of effectiveness of the Plan. The Commission notes that the CAT is designed to facilitate the ability of regulators to conduct cross-market surveillances and to review conduct that occurs across the market. As a result, the Commission believes that it may be efficient for the Participants to coordinate to conduct cross-market surveillances.
See Section IV.B.4., supra. This assessment can be provided in conjunction with an annual written assessment required by Rule 6.6 of the Plan.
Fourth, the Commission is amending the Plan to require the Participants to submit to the Commission a written report, within 24 months of effectiveness of the Plan, discussing the feasibility, benefits, and risks of allowing an Industry Member to bulk download the Raw Data that it has submitted to the Central Repository. Commenters expressed a desire to have bulk access to their own data for surveillance and internal compliance purposes, as well as to facilitate the error correction process. While, the Participants did not permit such access in the Plan, citing security and cost concerns, they did represent that they would consider allowing bulk access to the audit trail data reported by Industry Members once CAT is operational. The Commission believes it is important to consider the potential efficiencies of allowing Industry Members bulk access to their own CAT data, so long as such access does not impact the security of the CAT Data, and accordingly believes that requiring a report discussing this issue by the date Industry Members first begin reporting to the CAT, is appropriate.
See Section IV.D.6.m, supra. This report may be provided in conjunction with an annual written assessment required by Rule 6.6 of the Plan.
Fifth, the Commission is amending the Plan to require the Participants to provide the Commission with a written assessment, within 36 months of effectiveness of the Plan, of the nature and extent of errors in the Customer information submitted to the Central Repository and whether the correction of certain data fields over others should be prioritized. The Commission believes that requiring such an assessment, which will coincide with the date all Industry Members are reporting to the CAT, could help ensure that the accuracy of CAT Data is achieved in the most prompt and efficient manner.
See Section IV.D.4.a, supra. This assessment may be provided in conjunction with an annual written assessment required by Rule 6.6 of the Plan.
Sixth, the Commission is amending the Plan to require the Participants to provide the Commission with a written report, 36 months after effectiveness of the Plan, on the impact of tiered fees on market liquidity, including an analysis of the impact of the tiered-fee structure on Industry Members' provision of liquidity. One commenter expressed concern that use of a tiered fee structure could discourage displayed quotes and, in response, the Participants explained that one of the reasons they chose to use a tiered-fee funding model was to limit disincentives to provide liquidity. To help determine whether the Plan's funding model actually achieves the Participants' stated objective, the Commission believes it appropriate to require them to prepare such an assessment of the impact of tiered fees once the CAT becomes fully operational.
See Section IV.F.3., supra.
Finally, the Commission is amending the Plan to require the Participants to provide the Commission a written assessment of the projected impact of any Material Systems Change on the Maximum Error Rate, prior to the implementation of any Material Systems Change. The Commission believes that Material Systems Changes either could result in new challenges for CAT Reporters or simplify the means for reporting data. In either case, the appropriateness of the Maximum Error Rate could be impacted, and thus warrant a change. Accordingly, the Commission believes it appropriate to require the Participants to provide the Commission an assessment of the projected impact on the Maximum Error Rate, including any recommended changes thereto, prior to the implementation of any Material Systems Change.
See Section IV.D.11.b., supra.
V. Economic Analysis
A. Introduction
The Commission is sensitive to the economic effects of the CAT NMS Plan, including its costs and benefits and its impact on efficiency, competition and capital formation. In accordance with the approach articulated by the Commission in the Adopting Release, the Commission published its preliminary economic analysis of the CAT NMS Plan in the Notice, and solicited comment on its analysis and on all aspects of the proposed Plan. The Commission has considered the comments received, along with the Participants' responses, and has modified certain aspects of the Plan, as discussed above.
See CAT NMS Plan, supra note 5.
This Section reflects the Commission's analysis and conclusions regarding the economic effects of the creation, implementation and maintenance of the CAT pursuant to the details in the CAT NMS Plan, as amended and hereby approved by the Commission. The analysis is divided into seven topics: (1) A summary of the expected economic effects of approving the CAT NMS Plan; (2) a description of the economic framework for analyzing the economic effects of approving the CAT NMS Plan; (3) a discussion of the current, or “Baseline,” audit trail data available to regulators, and the sources of such data; (4) a discussion of the potential benefits of approving the CAT NMS Plan; (5) a discussion of the potential costs of approving the CAT NMS Plan; (6) a discussion of the CAT NMS Plan's potential impact on efficiency, competition, and capital formation; and (7) a discussion of alternatives to various features of the CAT NMS Plan and to the CAT NMS Plan itself.
B. Summary of Expected Economic Effects
The Commission has analyzed the expected economic effects of the CAT NMS Plan in light of the existing shortcomings in the regulatory data infrastructure and the goal of improving the ability of SROs and the Commission to perform their regulatory activities to the benefit of investors and the markets. In general, the Commission believes that the CAT NMS Plan will result in benefits by improving the quality of the data available to regulators in four areas that affect the ultimate effectiveness of core regulatory efforts—completeness, accuracy, accessibility and timeliness. The Commission believes that the improvements in these data qualities that will be realized from approval of the CAT NMS Plan will substantially improve regulators' ability to perform analysis and reconstruction of market events, market analysis and research to inform policy decisions, and other regulatory activities including market surveillance, examinations, investigations, and other enforcement functions. Regulators depend on data for many of these activities and the improvements in the data qualities will thus improve the efficiency and effectiveness of such regulatory activities. As explained further below, these improvements could benefit investors by giving regulators more and better regulatory tools to provide investors with a more effectively regulated trading environment, which could increase capital formation, liquidity, and price efficiency. Data improvements could enhance regulators' ability to provide investors and the public with more timely and accurate analysis and reconstruction of market events, and to develop more effective responses to such events. Improved understanding of emerging market issues resulting from enhanced market analysis and research could inform regulatory policies that improve investor protection through better market quality, more transparency, and more efficient prices. Improvements in quality and quantity of order events could lead to improvements in developing and targeting policy approaches to ensure a fair and orderly market.
The Commission noted current SRO audit trail limitations in the Proposing Release and the Adopting Release. See Proposing Release, supra note 14, at 32563-68; Adopting Release, supra note 14, at 45726-30. Rule 613 is designed to address these limitations.
See Adopting Release, supra note 14, at 45727 (discussing four “qualities” of trade and order data that impact the effectiveness of core SRO and Commission regulatory efforts: Accuracy, completeness, accessibility, and timeliness); see also Section V.E. infra, for a detailed discussion of the expected benefits of the CAT NMS Plan.
See Section V.E.2, infra.
In terms of completeness, the Plan requires the reporting of certain additional data fields, events, and products. More importantly, the CAT NMS Plan requires data elements useful for regulatory analysis to be available from a single data source. Having relevant data elements available from a single source will simplify and expedite regulators' data collection process and facilitate more efficient analyses and surveillances that incorporate cross-market and cross-product data.
See CAT NMS Plan, supra note 5, at Sections 6.3, 6.4; see also 17 CFR 242.613(c)(7).
With respect to the accuracy of available data, the Commission believes that the requirements in the Plan will improve data accuracy significantly. For example, the Commission expects that the requirements to store the CAT Data in a uniform linked format and the use of consistent identifiers for customers and market participants will result in fewer inaccuracies as compared to current data sources. These accuracy improvements should significantly reduce the time regulators spend processing the data and finding solutions when faced with inaccurate data. The Commission believes that the requirements in the Plan for clock synchronization and timestamp granularity will improve the accuracy of data with respect to the timing of market events. The Commission believes that the Plan will improve regulators' ability to determine the sequence of some market events relative to all surrounding events.
The CAT NMS Plan requires that CAT Reporters who are Industry Members synchronize their business clocks to within 50 milliseconds of the time maintained by the NIST, which will increase the precision of the timestamps provided by the 39% of broker-dealers who currently synchronize their clocks with less precision than what is called for by the Plan. See FIF Clock Offset Survey, supra note 247. Further, the Commission has amended the Plan to require exchanges to synchronize their business clocks to within 100 microseconds. While this is similar to current practice, this requirement should still provide the greater ability for regulators to sequence unrelated events in a market reconstruction by anchoring lifecycles to events at exchanges. Independent of the potential time clock synchronization benefits, the order linking data that will be captured in CAT should increase the proportion of events that could be sequenced accurately. This reflects the fact that some records pertaining to the same order could be sequenced by their placement in an order lifecycle (e.g., an order submission must have occurred before its execution) without relying on timestamps. This information may also be used to partially sequence surrounding events, particularly with the Plan modifications.
The Commission also believes that the Plan will increase the accessibility of data for SROs and the Commission, because regulators will be able to access the CAT Data directly. This, coupled with the improvements in completeness, will vastly increase the scope of information readily available to regulators and significantly reduce the number of data requests from the several hundred thousand requests regulators make each year. The increased scope of readily available information should facilitate more data-driven regulatory policy decisions, broaden the potential surveillances, expand the opportunities for SRO and Commission analysis to help target broker-dealers and investment advisers for examinations and help to perform those examinations.
See CAT NMS Plan, supra note 5, at Appendix C, Section A.2, Appendix D, Section 8.1; see also 17 CFR 242.613(e)(2).
Finally, the Commission believes that the CAT NMS Plan will improve the timeliness of available data. Because regulators will be able to access uncorrected data the day after an order event and will be able to access corrected and linked data five days after an order event, many data elements will be available to regulators more quickly than they are currently. Accordingly, the amount of time regulators would need to acquire and process data before running analyses would be reduced. For example, the corrected and linked data available on T+5 will identify the customer account associated with all order events, information that currently takes ten days or longer for regulators to obtain and then need to link to other data sources for use. These improvements in timeliness, combined with improvements in completeness, accessibility, and accuracy discussed above, will improve the efficiency of regulatory analysis and reconstruction of market events, as well as market analysis and research that informs policy decisions, and make market surveillance, examinations, investigations, and other enforcement functions more efficient, allowing, for example, the SROs and the Commission to review tips and complaints more effectively.
CAT Data will be reported by 8:00 a.m. ET on T+1 and made available to regulators in raw form after it is received and passes basic formatting validations with an error correction process completed by 8:00 a.m. ET on T+5. While the Plan does not specify exactly when these validations would be complete, the requirement to link records by 12:00 p.m. ET on T+1 gives a practical upper bound on this timeline. See CAT NMS Plan, supra note 5, at Appendix C, Sections A.2(a), A.3(a), Appendix D, Section 6.2.
The Commission notes that the Plan lacks information regarding the details of certain elements of the Plan likely to affect the costs and benefits associated with it, primarily because those details have not yet been determined, and this lack of information creates some uncertainty about the expected economic effects. As discussed further below, lack of specificity surrounding the processes for converting data formats and linking related order events creates uncertainty as to the anticipated improvements in accuracy because such processes have the potential to create new data inaccuracies. Lack of specificity surrounding the process for regulators to access the CAT Data also creates uncertainty around the expected improvements in accessibility. For example, while the Plan indicates that regulators would have an online targeted query tool and a tool for user-defined direct queries or bulk extraction, the Plan itself does not provide an indication for how user-friendly the tools would be or the particular skill set needed to use the tools for user-defined direct queries. However, the Commission has analyzed the expected economic effects of the Plan to the extent possible with the information available, noting areas of uncertainty in its analysis where applicable. The Commission has also considered whether certain provisions related to the operation and administration of the Plan could mitigate some of the uncertainties.
Id. at Appendix D, Sections 8.1.1, 8.1.2.
See Section V.E.3.d, infra.
The Commission also believes that more effective and efficient regulation of securities markets and market participants resulting from implementation of the CAT NMS Plan could significantly benefit investors and the integrity of the market. For example, the Commission believes that more effective and efficient surveillance and enforcement should detect a higher proportion of violative market activity. This additional detection could not only reduce violative behavior through potential enforcement actions, but through deterrence if market participants believe violative activities are more likely to be detected. Because violative activity degrades market quality and imposes costs on investors and market participants, reductions in violative activity would benefit investors and market integrity. Likewise, more effective and efficient risk assessment and risk-based examinations should facilitate the selection of market participants for examination who have characteristics that elevate their risk of violating the rules. Decreasing the amount of violative activity by targeting exams in this way should provide investors with a more effectively regulated trading environment and hence better market quality. Further, access to audit trail data that is comprehensive, accurate, and timely should improve regulatory reconstruction of market events, market analysis, and research, resulting in an improved understanding of emerging market issues and regulatory policies that better encourage industry competition, thus improving investor protection through better transparency and more efficient prices. Regulatory initiatives that are based on a more thorough understanding of underlying events and their causes, and that are narrowly tailored to address any market deficiency, should improve market quality and benefit investors. Access to more complete and linked audit trail data will improve regulators' ability to analyze and reconstruct market events, allowing regulators to provide investors and the public with more accurate explanations of market events, to develop more effective responses to such events, and to use the information to assist in retrospective analyses of their rules and pilots.
See Section V.E.2, infra.
The Commission has also evaluated the potential costs that will result from the approval of the CAT NMS Plan. The Commission's cost analysis is based on the preliminary analysis in the Notice, which analyzed information included in the Plan, information gathered from market participants through discussions, surveys of market participants, and other relevant information to estimate the potential costs associated with building and maintaining the Central Repository as well as the costs to report data to the Central Repository. The Commission has considered the comments received on its preliminary analysis, the Participants' response to the comments, and the impact of the Commission's modifications to the Plan and has revised its analysis and estimates accordingly. Currently, the 21 Participants spend $170.3 million annually on reporting regulatory data and performing surveillance, while the approximately 1,800 broker-dealers anticipated to have CAT reporting responsibilities spend $1.6 billion annually on regulatory data reporting, for total current industry costs of $1.7 billion annually for regulatory data reporting and surveillance by SROs. Having considered the comments, the Participants' response and the Commission's modifications to the Plan, the Commission now estimates the cost of the Plan as approximately $2.4 billion in initial aggregate implementation costs and recurring annual costs of $1.7 billion. Furthermore, the Commission acknowledges that during the period of duplicative reporting, during which CAT Reporters will report to both current regulatory data reporting systems and CAT, industry will face duplicative reporting costs that the Commission estimates at $1.7 billion per year, the cost of industry's current data reporting.
See Section V.F.1 and Section V.F.2, infra for discussion of comments received on cost estimates, and revisions the Commission made to those estimates in response.
See Section V.F.2, infra.
Commenters had numerous comments on individual estimates of costs, particularly as they related to requirements to report allocation timestamps in milliseconds, the costs of duplicative reporting, and generally about the uncertainty surrounding cost estimates. The primary driver of the annual costs is the data reporting cost for broker-dealers, which is estimated to be $1.5 billion per year. For both large and small broker-dealers, the primary driver of both the current $1.6 billion reporting costs and projected $1.5 billion CAT reporting costs is costs associated with staffing. Bidder estimates of the costs to build the Central Repository vary from $37.5 million to $65 million and annual operating costs range from $36.5 to $55 million. The eventual magnitude of Central Repository costs depends on the Participants' selection of the Plan Processor, and may ultimately differ from estimates discussed above if Bids are revised as the bidding process progresses. Furthermore, the Plan anticipates a period of duplicative reporting responsibilities preceding the retirement of potentially duplicative regulatory data reporting systems; these duplicative reporting costs are likely to be significant.
The economic analysis discusses duplicative reporting costs in Section V.F.2, infra.
Drawing from the discussion in the CAT NMS Plan, the comments received, and the Participants' response to the comments, the Commission expects that the Plan will have a number of additional economic effects, including effects on efficiency, competition, and capital formation. The Commission believes that the Plan generally promotes competition. However, the Commission recognizes that the Plan could increase barriers to entry because of the costs to comply with the Plan. Further, the Commission's analysis identifies several limiting factors to competition; however, Plan provisions and Commission oversight could mitigate such limiting factors. The Commission believes that the Plan will result in significant improvements in efficiency related to how regulatory data is collected and used. Specifically, the approval of the Plan will result in improved data becoming available to regulators, which will increase the efficiency of regulatory activities such as market surveillance, examinations, investigations, and other enforcement functions that could enhance market efficiency by reducing violative activity that harms market efficiency. In addition, the availability of this data should improve regulatory analysis and reconstruction of market events, as well as market analysis and research that informs policy decisions. Finally, the Commission believes that the Plan could have positive effects on capital formation and allocative efficiency and that the threat of a security breach at the Central Repository is unlikely to significantly harm capital formation. The Commission recognizes that the Plan's likely effects on competition, efficiency and capital formation are dependent to some extent on the performance and decisions of the Plan Processor and the Operating Committee in implementing the Plan, and thus there is necessarily some uncertainty in the Commission's analysis. Nonetheless, the Commission believes that the Plan contains certain governance provisions, as well as provisions relating to the selection and removal of the Plan Processor, that mitigate this uncertainty by promoting decision-making that could, on balance, have positive effects on competition, efficiency, and capital formation.
See CAT NMS Plan, supra note 5, at Appendix C, Section B.8; see also Section V.G, infra.
As part of its economic analysis, the Commission has also considered the likely economic effects of a number of alternatives to the approaches taken in the CAT NMS Plan. The Commission has analyzed certain alternatives that could have a direct and significant impact on costs or benefits deriving from at least one of the four data qualities discussed above: Accuracy, completeness, accessibility, and timeliness. This analysis includes alternatives proposed by commenters.
C. Framework for Economic Analysis
As discussed above, the Commission has conducted an economic analysis of the CAT NMS Plan, including the modifications made by the Commission, as anticipated in the Adopting Release for Rule 613. In particular, the Commission has carefully evaluated the information in the CAT NMS Plan, including the twelve considerations required by Rule 613 and the details of the decisions left to the discretion of the SROs. The Commission has also considered information drawn from outside the Plan, but that was included in its preliminary economic analysis in the Notice and subject to public comment, in order to assess potential economic effects not addressed therein. Finally, the Commission considered comments submitted in response to its Notice. To provide context for this analysis, this Section describes the economic framework for the analysis and seeks to identify uncertainties within that framework.
See Adopting Release, supra note 14, at 45789.
See Notice, supra note 5, at 30651-30797.
The framework for the Commission's final economic analysis is largely the same as the framework set out in the economic analysis of the Notice, though the Commission has revised its discussion of uncertainty to recognize comments. This Section includes a high-level summary of those comments, which are addressed in the economic analysis to follow.
Id. at 30654-30656.
See Data Boiler Letter at 9, 30; SIFMA Letter at 6, 13, 15-16, 23-24,32, 39, 40, 42, 44-45; FSR Letter at 9-10; Fidelity Letter at 6; TR Letter at 4; FSI Letter at 5-6; DAG Letter at 5; UnaVista Letter at 2.
1. Economic Framework
a. Benefits
The CAT NMS Plan will create a new data source that should modernize and eventually replace the use of some disparate current data sources for many regulatory activities. As such, the economic benefits of the CAT NMS Plan will come from any expanded and more efficient regulatory activities facilitated by improvements to the data regulators use. Therefore, the framework for examining benefits in this economic analysis involves first considering whether and to what degree the CAT Data will improve on the Baseline of current trading and order data in terms of the four qualities of accuracy, completeness, accessibility, and timeliness.
See Adopting Release, supra note 14, at 45727.
Through these improvements in the data, the economic analysis then considers the degree to which the Plan will result in improvements to regulatory activities such as the analysis and reconstruction of market events, in addition to market analysis and research conducted by SROs and Commission Staff, as well as market surveillance, examinations, investigations, and other enforcement functions. These potential improvements, based on the regulatory objectives of the CAT NMS Plan described in the Adopting Release, relate to the overall goal of substantially enhancing the ability of the SROs and the Commission to oversee securities markets and fulfill their regulatory responsibilities under the securities laws. The economic framework explores how the improvements to these regulatory activities provide economic benefits to investors and the market. Among other things, potential benefits that could result from the CAT NMS Plan include benefits rooted in changes in the behavior of market participants. For example, requirements to report certain data elements or events to the CAT could have the beneficial effect of detecting and deterring rule violations because the inclusion of certain data fields and improvements in the ability to surveil for violations could increase the perceived costs of violating rules and regulations. Potential benefits could also stem from improved investor protection, such as from more effective surveillance and more informed, data-driven rulemaking. In addition, potential benefits could stem from future reduced costs due to more targeted, data-driven policy choices.
Id. at 45730.
(1) Data Qualities
In assessing the potential benefits of the CAT NMS Plan, the Commission's economic analysis compares the data that will be available under the Plan to the trading and order data currently available to regulators to determine whether and to what degree the Plan will improve the available data with respect to the four qualities of accuracy, completeness, accessibility, and timeliness.
Id. at 45727. Accuracy refers to whether the data about a particular order or trade is correct and reliable. Completeness refers to whether a data source represents all market activity of interest to regulators, and whether the data is sufficiently detailed to provide the information regulators require. While current data sources provide the trade and order data required by existing rules and regulations, those sources generally do not provide all of the information of interest to regulators in one consolidated audit trail. Accessibility refers to how the data is stored, how practical it is to assemble, aggregate, and process the data, and whether all appropriate regulators could acquire the data they need. Timeliness refers to when the data is available to regulators and how long it would take to process before it could be used for regulatory analysis. As explained in the Baseline, Section V.D.2, infra, the trading and order data currently available to regulators suffers from deficiencies in all four dimensions.
(2) Regulatory Activities
Any economic benefits will derive from how such improved data will affect regulatory activities. Therefore, to analyze the potential benefits of the CAT NMS Plan, the economic analysis also evaluates the potential of the CAT NMS Plan to meet the regulatory objectives set out in the Adopting Release for Rule 613. The objectives are: Improvements in the analysis and reconstruction of broad-based market events; improvements in market analysis in support of regulatory decisions; and improvements in market surveillance, investigations, and other enforcement activities.
See Adopting Release, supra note 14, at 45730.
A. Analysis and Reconstruction of Broad-Based Market Events
The economic analysis considers whether and to what extent the CAT NMS Plan will facilitate regulators' performance of analysis and reconstruction of market events, potentially helping to better inform both regulators and investors about such market events and speeding the regulatory response following market events. Regulators perform reconstructions of market events so that they and the public can be informed by an accurate accounting of what happened (and, possibly, why it happened). As discussed in the Benefits Section, market reconstructions currently can take a significant amount of time, in large measure due to various deficiencies in the currently available trading and order data. The sooner regulators complete a reconstruction and analysis of a market event, the sooner investors can be informed and the sooner regulators can begin reviewing the event to determine what happened, who was affected and how, and whether the analysis supports potential regulatory responses. In addition, the improved ability for regulators to generate prompt and complete market reconstructions could provide improved market knowledge, which could assist regulators in conducting retrospective analysis of their rules and pilots.
See Section V.E.2.a, infra.
See Section V.D.2.b, infra.
See Adopting Release, supra note 14, at 45732.
B. Market Analysis in Support of Regulatory Decisions
The economic analysis considers whether and to what extent the CAT NMS Plan will enhance the ability of the SROs and the Commission to conduct market analysis and research, including analysis of market structure, and the degree to which it will improve regulators' market knowledge and facilitate consideration of policy questions of interest. The SROs and Commission Staff conduct data-driven analysis on market structure, in direct support of both rulemaking and other regulatory decisions such as SRO rule approvals. The Commission also relies on such analysis to improve understanding of market structure in ways that could inform policy. Finally, SROs conduct market analysis and research on their own regulatory initiatives. Improvements in the ability to conduct market analysis could further improve analysis related to regulatory decisions and potentially influence those regulatory decisions to the benefit of investors and the markets more generally.
C. Market Surveillance and Investigations
The economic analysis examines whether the CAT NMS Plan will improve market surveillance and investigations, potentially resulting in more effective oversight of trading, better investor protection, and deterrence of violative behavior. As described in more detail in the Baseline Section, both SROs and the Commission conduct market surveillance, examinations, investigations, and other enforcement functions targeting illegal activities such as insider trading, wash sales, or manipulative practices. Improvements in market surveillance and investigations could come in the form of “facilitating risk-based examinations, allowing more accurate and faster surveillance for manipulation, improving the process for evaluating tips, complaints, and referrals . . . , and promoting innovation in cross-market and principal order surveillance.”
See Section V.D.1.c.(1) and Section V.D.1.c.(3), infra.
See Adopting Release, supra note 14, at 45730.
b. Costs
The economic analysis evaluates the costs of building and operating the Central Repository; the costs of CAT reporting for Participants, broker-dealers, and service bureaus; and other CAT-related costs. Where the CAT NMS Plan provides estimates of these costs, the economic analysis evaluates those estimates and re-estimates them when necessary. The economic analysis also discusses the drivers of these costs, and whether broker-dealers may or may not pass these costs down to their customers. As a part of its consideration of the costs of the CAT NMS Plan, the economic analysis considers costs from duplicative reporting for some period of time as well as potential cost savings from the retirement of duplicative regulatory reporting systems.
Rule 613 requires the Plan to discuss “[a] plan to eliminate existing rules and systems (or components thereof) that would be rendered duplicative by the consolidated audit trail.” 17 CFR 242.613(a)(1)(ix); see also CAT NMS Plan, supra note 5, at Appendix C Section C.9.
The economic analysis also considers whether the CAT NMS Plan could result in second order effects, such as changes to the behavior of market participants, that impose certain costs. For example, the CAT NMS Plan's tiered funding model could lead to efforts by market participants to try to control their tiers in order to affect their fee payments, such as reducing activity levels near the end of an activity level measuring period to avoid being classified as a higher activity level firm. In addition, Participants, their members, and investors could incur costs if their private information were accessed in the event of a security breach of the Central Repository. The economic analysis considers these and other elements of the Plan that could lead to distortions in behavior by market participants.
2. Existing Uncertainties
In the Notice, the Commission described how it analyzed the information in the CAT NMS Plan, as well as other relevant data, in order to assess the economic effects of the Plan. As discussed throughout the analysis in the Notice, in certain cases the Commission lacked information needed to evaluate all of the potential economic effects of the CAT NMS Plan, creating uncertainty in some potential benefits and costs. The primary drivers of uncertainty included the fee schedule applicable to funding the Central Repository (the “Funding Model”), which has not yet been finalized, the deferral of decisions on certain discretionary elements including the Technical Specifications applicable to the CAT, and a lack of detailed information that would enable the Commission to assess certain economic effects with greater precision. The Notice discussed implications of each primary area of uncertainty.
In addition to the CAT NMS Plan, the economic analysis in the Notice analyzed, for example, the Exemptive Relief Letter (see supra note 21), a survey of clock synchronization practices and costs (see supra note 247), discussions with members of the industry and service bureaus (see Section V.F.1.c and Section V.F.1.d, infra), data from FINRA (see Section V.F.1.c.(2).B., infra), and academic literature. See Notice, supra note 5, at 30655-56.
As discussed below, the Commission notes that many of the uncertainties that existed at the time of the Notice will continue upon approval of the Plan. For example, the Funding Model and Technical Specifications will be determined after a Plan Processor is selected.
See Notice, supra note 5, at 30655-56.
First, the economic analysis in the Notice evaluated information provided in the CAT NMS Plan on the economic effects of the Plan, as well as information drawn from outside of the Plan. However, the Commission lacked detailed information regarding some of the individual costs and discretionary decisions in the Plan, including the Funding Model. Specifically, the Plan does not outline the proportion of CAT costs that will be allocated to Participants versus broker-dealers. This uncertainty limited the Commission's ability to evaluate the economic effects of the Plan in some cases. However, the Commission analyzed the expected economic effects of the Plan to the extent possible with the information available, and where the Commission identified such areas of uncertainty, the economic analysis addressed this uncertainty.
Second, the Commission pointed out that certain elements of the CAT NMS Plan will not be finalized until after the selection of a “Plan Processor.” Among these are the security and confidentiality procedures of the Central Repository, the precise methods by which regulators will access data in the Central Repository, and the complete Technical Specifications. The Plan also provides the Plan Processor the “sole discretion” to publish interpretations of the Technical Specifications, including interpretations of permitted values in data elements.
See CAT NMS Plan, supra note 5, at Article VI. The Plan Participants have engaged in a bidding process to select a Plan Processor, and the leading candidate bidders have proposed different solutions. In certain instances, the Plan Participants have decided to adopt the solutions proposed by whichever bidder they select.
See Section V.F.4.b, infra, for additional discussion of risks and uncertainties related to data security.
Rule 613(e)(1) requires the CAT NMS Plan to create a Central Repository to collect, link, and store CAT Data and to make that data available to regulators. See 17 CFR 242.613(e)(1).
The CAT NMS Plan contains minimum standards and principles for setting many of Technical Specifications, see CAT NMS Plan, supra note 5, at Section 6.9, and the Commission's economic analysis reflects those minimum standards and principles. However, because the detailed Technical Specifications are not yet finalized by the Participants, the Commission cannot fully assess any corresponding costs and benefits.
Id. at Section 6.9.
Because these and other elements of the Plan had not yet been finalized, the Commission could not assess how and to what extent the elements could affect the overall economic effects of the Plan. The Commission's economic analysis was therefore limited to the extent that the economic effects of the Plan depend on decisions that will be made after approval of the Plan. However, the Commission identified these areas of uncertainty and assessed the economic effects of the Plan to the best of its ability in light of these existing uncertainties.
Given the range of possible outcomes with respect to both the costs and benefits of the CAT NMS Plan that depend on future decisions, the Commission also recognized in the Notice the importance of provisions of the Plan related to the operation and administration of the CAT. In particular, the Commission stated that governance provisions of the Plan related to voting by the Operating Committee and the involvement of the Advisory Committee may help promote better decision-making by the relevant parties. Such provisions could mitigate concerns about potential uncertainty in the economic effects of the Plan by giving the Commission greater confidence that its expected benefits would be achieved in an efficient manner and that costs resulting from inefficiencies will be avoided. Nevertheless, commenters rightly observed that uncertainties remain, and will continue to remain until selection of the Plan Processor, the publication of Technical Specifications, and/or the implementation of CAT reporting.
Many commenters identified uncertainties related to the economic effects of the Plan that were consistent with those mentioned in the Notice. See SIFMA Letter at 6, 13, 15-16, 23, 32, 39, 40, 42, 44, 45; FIF Letter at 36, 50, 84-85, 86-90; FSI Letter at 5-6; FSR Letter at 9-10; DAG Letter at 5; UnaVista Letter at 2; TR Letter at 4; Fidelity Letter at 6; Data Boiler Letter at 9, 26, 30. Commenters also discussed several implications of the uncertainty in the Plan that were consistent with the Commission's statement in the Notice that it cannot assess how and to what extent these elements of the Plan could affect the overall economic effects of the Plan. See FSR Letter at 9; FSI Letter at 5-6; TR at 4. Others highlighted implications for the Commission to consider. See, e.g., Fidelity Letter at 6; SIFMA Letter at 23-24, 44.
The Commission has considered the comments it received relevant to the potential uncertainties in its analysis of the economic effects of the CAT NMS Plan, the Participants' response, and the effect of Plan modifications on such uncertainties and has revised its economic analysis accordingly. Throughout this economic analysis, the Commission recognizes these uncertainties, including the ones raised by commenters. In particular, the economic analysis described below recognizes uncertainties as they relate to the baseline, benefits, and costs and as they relate to the analysis of alternatives, efficiency, competition, and capital formation. In some cases, the Plan modifications and the Participants' response letters reduce the uncertainty in the Commission's analysis. However, the Commission continues to believe that governance provisions of the Plan could mitigate concerns about many of the sources of potential uncertainty in the economic effects of the Plan.
For a full discussion of the governance provisions and how they may mitigate concerns about many of the sources of potential uncertainty in the economic effects of the Plan, see Section V.E.3.d, infra.
D. Baseline
To assess the overall economic impact of the CAT NMS Plan, the economic analysis in the Notice used as the Baseline the current state of regulatory activity and the current state of trade and order data. The Baseline discussed the currently available sources of data, limitations in available data that could impact regulatory activity, how regulators currently use the available data, and the burden that producing that data imposes on SROs and broker-dealers. As discussed in more detail below, the Commission has revised certain aspects of its Baseline to incorporate new information from commenters, but the Baseline remains largely the same as that described in the Notice.
See Notice, supra note 5, at 30656-59.
1. Current State of Regulatory Activities
As addressed in detail in the Notice, SROs and the Commission use data to analyze and reconstruct market events, conduct market analysis and research in support of regulatory decision-making, and conduct market surveillance, examinations, investigations, and other enforcement functions. The trend in this area is to use more automated and data-intensive methods as regulators' activities adjust to the data and technology available. The Notice described these regulatory activities and how regulators currently use data. While the Commission did not receive any comments on its description of the current state of regulatory activities, the Participants did confirm the use of real-time surveillance and monitoring tools by SROs. The Commission continues to believe that the current state of regulatory activity, as described in detail in the Notice and as summarized below, reflects the Baseline for the CAT NMS Plan.
Id.
a. Analysis and Reconstruction of Market Events
In the Notice, the Commission discussed how regulators currently analyze and reconstruct market events. In terms of market reconstructions, currently, regulators aim to provide an accurate and factual accounting of what transpired during a market event of interest by conducting a thorough analysis of the available market data. Market events often encompass activity in many securities across multiple trading venues, and analysis and reconstruction of these market events requires linking data from multiple sources. Examples of recent market reconstructions include the Commodity Futures Trading Commission (“CFTC”) and SEC's analysis of the May 6, 2010 “Flash Crash,” analysis of equity market volatility on August 24, 2015, and the multi-agency report on the U.S. Treasuries market on October 15, 2014.
Id. at 30656-57.
Id.
Id. Examples of recent market reconstructions include the Commodity Futures Trading Commission (“CFTC”) and SEC's analysis of the May 6, 2010 “Flash Crash,” analysis of equity market volatility on August 24, 2015, and the multi-agency report on the U.S. Treasuries market on October 15, 2014.
See Findings Regarding the Market Events of May 6, 2010: Report of the Staffs of the CFTC and SEC to the Joint Advisory Committee on Emerging Regulatory Issues (September 30, 2010) (“Flash Crash Analysis”), available at http://www.sec.gov/news/studies/2010/marketevents-report.pdf.
See Staff of the Office of Analytics and Research, Division of Trading and Markets, Research Note: Equity Market Volatility on August 24, 2015 (Dec. 2015), available at http://www.sec.gov/marketstructure/research/equity_market_volatility.pdf;; see also Austin Gerig and Keegan Murphy, The Determinants of ETF Trading Pauses on August 24th, 2015, White Paper (February 2016), available at http://www.sec.gov/marketstructure/research/determinants_eft_trading_pauses.pdf.
See U.S. Department of the Treasury, Board of Governors of the Federal Reserve System, Federal Reserve Bank of New York, U.S. Securities and Exchange Commission, and U.S. Commodity Futures Trading Commission, Joint Staff Report: The U.S. Treasury Market on October 15, 2014 (July 13, 2015), available at http://www.sec.gov/reportspubs/special-studies/treasury-market-volatility-10-14-2014-joint-report.pdf.
b. Market Analysis and Research
In the Notice, the Commission discussed how regulators currently perform market analysis and research. In terms of market analysis and research, as addressed in detail in the Notice, the Commission and SRO Staffs currently conduct data-driven analysis on market structure, in direct support of both rulemaking and other regulatory decisions such as SRO rule approvals as well as retrospective analyses of rules and pilots. The Commission relies on data analysis to inform its market structure policy, and SROs also conduct market analysis and research on their own regulatory initiatives. Examples of data-driven market analysis include reports on OTC trading, small capitalization stock trading, the Limit Up-Limit Down Pilot, short selling, and high frequency trading.
See Notice, supra note 5, at 30657.
Id.
See Laura Tuttle, Alternative Trading Systems: Description of ATS Trading in National Market System Stocks (October 2013) available at http://www.sec.gov/divisions/riskfin/whitepapers/alternative-trading-systems-10-2013.pdf;; Laura Tuttle, OTC Trading: Description of Non-ATS OTC Trading in National Market System Stocks (March 2014), available at http://www.sec.gov/dera/staff-papers/white-papers/otc-trading-white-paper-03-2014.pdf.
See Securities Exchange Act Release No. 74892, Order Approving the National Market System Plan to Implement a Tick Size Pilot Program (May 6, 2015), 80 FR 27514, 27534, 27541 (May 13, 2015); see also Charles Collver, A Characterization of Market Quality for Small Capitalization US Equities (September 2014), available at http://www.sec.gov/marketstructure/research/small_cap_liquidity.pdf.
See SRO Supplemental Joint Assessment, available at http://www.sec.gov/comments/4-631/4-631.shtml;; Memo to File from the Division of Economic and Risk Analysis regarding the Cornerstone Analysis of the Impact of Straddle States on Options Market Quality (February 8, 2016), available at http://www.sec.gov/comments/4-631/4631-42.pdf;; see also Gerig and Murphy, supra note 1881.
See Memo to Chairman Christopher Cox from Daniel Aromi and Cecilia Caglio regarding an Analysis of Short Selling Activity during the First Weeks of September 2008, (December 16, 2008), available at http://www.sec.gov/comments/s7-08-09/s70809-369.pdf;; Memo to Chairman Christopher Cox from Daniel Aromi and Cecilia Caglio regarding an Analysis of a Short Sale Price Test Using Intraday Quote and Trade Data (December 17, 2008), available at http://www.sec.gov/comments/s7-08-09/s70809-368.pdf;; Memo from the Office of Economic Analysis regarding an Analysis of the July Emergency Order Requiring a Pre-borrow on Short Sales (January 14, 2009) available at http://www.sec.gov/spotlight/shortsales/oeamemo011409.pdf.
See Austin Gerig, High-Frequency Trading Synchronizes Prices in Financial Markets, (January 2015), available at http://www.sec.gov/dera/staff-papers/working-papers/dera-wp-hft-synchronizes.pdf;; see also Staff of the Office of Analytics and Research, Division of Trading and Markets, Research Note: Equity Market Volatility on August 24, 2015 (December 2015), available at http://www.sec.gov/marketstructure/research/equity_market_volatility.pdf.
c. Market Surveillance and Investigations
As explained in detail in the Notice, regulators perform market surveillance and investigation functions that rely on access to multiple types of market data. The following Sections summarize the discussion from the Notice describing the current state of SRO surveillance and SRO and Commission examinations and enforcement investigations.
See Notice, supra note 5, at 30657-59.
(1) Current SRO Surveillance
Rule 613(f) requires the SROs to develop and implement a surveillance system, or enhance existing surveillance systems, reasonably designed to make use of the CAT Data. For the purposes of the economic analysis in the Notice, the Commission considered surveillance to involve SROs running automated processes on routinely collected or in-house data to identify potential violations of rules or regulations. For instance, SROs use surveillance systems, developed internally or by a third party, to detect violations of trading rules, market abuse, or unusual behavior, in real time, within one day, or within a few weeks of the activity in question. As discussed in the Notice, SRO surveillance can help protect investors by detecting fraudulent behavior and anomalous trading.
See Notice, supra note 5, at 30657-58.
Currently, exchange-operating SROs use surveillance systems and are responsible for surveillance of their own market. As discussed in the Notice, FINRA conducts off-exchange and cross-market surveillance and oversees and regulates OTC trading of exchange-listed and non-exchange-listed securities, as well as trading in corporate and municipal debt instruments and other fixed income instruments. FINRA also provides surveillance services to U.S. equity and options exchanges through regulatory services agreements with nearly every equity market and all options exchanges. Additional surveillance is conducted by exchange-operating SROs and some of this additional surveillance is conducted as trading activity occurs. This surveillance can include detection of market manipulation, violations of trading rules, and other unusual behavior.
FINRA conducts cross-market surveillance for approximately 99% of the listed equity market and approximately 70% of the listed options market. See Notice, supra note 5, at 30657.
While there were no explicit comments pertaining to the current practices regarding SRO surveillance, the Participants' responses confirm that they have real-time surveillance and monitoring tools in place for their respective markets.
Response Letter I at 31.
(2) Examinations
In the Notice, the Commission discussed how regulators currently perform examinations. As addressed in detail in the Notice, SROs currently conduct exams of broker-dealers for violations of trading-related federal laws, rules, and regulations and for violations of SRO rules and regulations. In 2015, FINRA's Member Regulation Department conducted approximately 2,400 broker-dealer examinations. Currently, the Commission conducts exams of broker-dealers, transfer agents, investment advisers, investment companies, municipal advisers, clearing agencies, the national securities exchanges, other SROs such as FINRA and the Municipal Securities Rulemaking Board, and the Public Company Accounting Oversight Board (“PCAOB”). For example, the Commission conducted 493 broker-dealer examinations in 2014 and 484 in 2015, and 70 exams of the national securities exchanges and FINRA in 2014 and 21 in 2015. In addition, the Commission conducted 1,237 investment adviser and investment company examinations in 2014 and 1,358 in 2015. Virtually all investment adviser examinations and a significant proportion of the Commission's other examinations involve analysis of trading and order data. Examinations of broker-dealers and investment advisers involve intensive analysis of trading data. Examinations seek to determine whether the entity being examined is: Conducting its activities in accordance with the federal securities laws, rules adopted under these laws, and SRO rules; adhering to the disclosures it has made to its clients, customers, the general public, SROs and/or the Commission; and implementing supervisory systems and/or compliance policies and procedures that are reasonably designed to ensure that the entity's operations are in compliance with the applicable legal requirements. In order to select candidates for examination, the Commission and certain SROs, including FINRA, use a risk-based approach. “Risk-based examinations” seek to increase regulatory efficiency by using preliminary data analysis to direct examination resources towards entities and activities where risks of violative or illegal activity are the highest. The Commission uses risk and data analysis before opening an exam to identify broker-dealers and investment advisers for areas of focus such as suspicious trading, as well as during an exam to identify the particular activities of a broker-dealer or investment adviser that could trigger certain compliance and supervisory risks.
See Notice, supra note 5, at 30658.
Id.
Id. This estimate was based on Staff discussions with FINRA. See also FINRA Overview of Member Regulation, available at http://www.finra.org/industry/member-regulation.
Id.
See SEC, Examination Information for Entities Subject to Examination or Inspection by the Commission (June, 2014), available at http://www.sec.gov/about/offices/ocie/ocie_exambrochure.pdf.
FINRA conducts regulatory examinations by contract on behalf of all the options and equities exchanges, except for the Chicago Stock Exchange, Inc. (“CHX”) and the National Stock Exchange, Inc. (“NSX”). Accordingly most exchanges also employ a risk-based approach to examination selection and scope. CHX examines members on a cycle basis. NSX recently resumed operations in December 2015. See Securities Exchange Act Release No. 76640 (December 14, 2015), 80 FR 79122 (December 18, 2015).
(3) Enforcement Investigations
In the Notice, the Commission discussed how regulators currently approach enforcement investigations. As explained in detail in the Notice, the Commission and SROs undertake numerous investigations to enforce the securities laws and related rules and regulations, including investigations of market manipulation, insider trading, and issuer repurchase violations. The Commission estimates that 30-50% of enforcement investigations use trade and order data. In 2015, the Commission filed 807 enforcement actions, including 39 related to insider trading, 43 related to market manipulation, 124 related to broker-dealers, 126 related to investment advisers/investment companies, and one related to exchange or SRO duties. In 2014, the Commission filed 755 enforcement actions, including 52 related to insider trading, 63 related to market manipulation, 166 related to broker-dealers, and 130 related to investment advisers/investment companies, many of which involved trade and order data.
See Notice, supra note 5, at 30658.
Id. Examples of investigations of market manipulations include marking the close, order layering and spoofing, wash sales, and trading ahead. Layering and spoofing are manipulations where orders are placed close to the best buy or sell price with no intention to trade in an effort to falsely overstate the liquidity in a security.
The Commission initiates enforcement investigations when SROs or others submit reliable tips, complaints, or referrals, or when the Commission becomes aware of anomalies indicative of manipulation. After the detection of potential anomalies, a tremendous amount of time and resources are expended in gathering and interpreting trade and order data to construct an accurate picture of when trades were actually executed, what market conditions were in effect at the time of the trade, which traders participated in the trade, and which beneficial owners were affected by the trade. The Commission also explained in the Notice that SROs rely primarily on surveillance to initiate investigations based on anomalies in the trading of securities. FINRA brought 1,397 disciplinary actions in 2014 and 1,512 in 2015.
(4) Tips and Complaints
In the Notice, the Commission discussed how regulators currently analyze and investigate tips and complaints. Market participants or those with experience in analyzing market data sometimes notice atypical trading or quoting patterns in publicly available market data, and these observations sometimes result in a tip or complaint to a regulator. As the Commission discussed in the Notice, regulators investigate thousands of tips and complaints each year. In fiscal years 2014 and 2015, the Commission received around 15,000 entries in its Tips, Complaints and Referrals (“TCR”) system, approximately one third of which related to manipulation, insider trading, market events, or other trading and pricing issues. Analysis of tips and complaints generally follow three stages. First, regulators ensure that the tip or complaint contains sufficient information to facilitate analysis. Second, regulators use directly accessible data or make phone calls and other informal queries to determine if the tip or complaint is credible. Third, for tips and complaints that seem credible, regulators then perform a more in-depth investigation or examination, which follows the processes described above for examinations and enforcement investigations.
See Notice, supra note 5, at 30659.
Id.
2. Current State of Trade and Order Data
To assess how and to what degree the CAT NMS Plan would affect the trade and order data available to regulators, the economic analysis in the Notice considered what data regulators use currently and the limitations in that data. The Commission did not receive any comments on its description of the current sources of trade and order data. The Commission received some comments on its description of the current limitations on trade and order data, which are discussed below. However, the Commission continues to believe that the current state of trade and order data, as described in detail in the Notice and as summarized below, reflects the relevant baseline for its economic analysis of the CAT NMS Plan.
a. Current Sources of Trade and Order Data
In the Notice, the Commission stated that SROs and the Commission currently use a range of trading and order data sources for their regulatory activities. The types of data and ease of use of these sources of data can vary widely. The Notice reviewed the primary sources of data currently available to regulators, describing the content of the data provided and examples of their specialized uses.
Id. at 30659-62.
(1) SRO Data
As discussed in detail in the Notice, SROs maintain audit trails that contain trade and order data that they obtain from their members. Currently, regulators have access to at least three sources of audit trail data. First, the National Association of Securities Dealers (“NASD”) established its OATS in 1998, which required NASD (n/k/a FINRA) members to report certain trade and order data regarding NASDAQ-listed equity securities. OATS was later expanded to include OTC Equity Securities and all NMS stocks. Second, beginning in 2000, several of the current options exchanges implemented the Consolidated Options Audit Trail System (“COATS”). Finally, each equities and options exchange keeps an audit trail of orders and trades that occur on its market.
Id. at 30659.
The Commission explained that for each of these stages in the life of an order, FINRA Rule 7440 requires the recording and reporting of the following information, as applicable, including but not limited to: For the receipt or origination of the order, the date and time the order was first originated or received by the reporting member, a unique order identifier, the market participant symbol of the receiving reporting member, and the material terms of the order; for the internal or external routing of an order, the unique order identifier, the market participant symbol of the member to which the order was transmitted, the identification and nature of the department to which the order was transmitted if transmitted internally, the date and time the order was received by the market participant or department to which the order was transmitted, the material terms of the order as transmitted, the date and time the order was transmitted, and the market participant symbol of the member who transmitted the order; for the modification or cancellation of an order, a new unique order identifier, original unique order identifier, the date and time a modification or cancellation was originated or received, and the date and time the order was first received or originated; and for the execution of an order, in whole or in part, the unique order identifier, the designation of the order as fully or partially executed, the number of shares to which a partial execution applies and the number of unexecuted shares remaining, the date and time of execution, the execution price, the capacity in which the member executed the transaction, the identification of the market where the trade was reported, and the date and time the order was originally received. FINRA Rule 7440 also requires reporting of the account type, the identification of the department or terminal where an order is received from a customer, the identification of the department or terminal where an order is originated by a reporting member, and the identification of a reporting agent if the agent has agreed to take on the responsibilities of a reporting member under Rule 7450.
Id. at 30659-60. The Notice provided further details on the reporting requirements of FINRA Rule 7440. Id. at 30659-60 nn.354-57.
The Commission also explained that a majority of options exchanges require their members to provide the following information with respect to orders entered onto their exchange: (1) The material terms of the order; (2) order receipt time; (3) account type; (4) the time a modification is received; (5) the time a cancellation is received; (6) execution time; and (7) the clearing member identifier of the parties to the transaction.
Id. at 30660. The Notice provided further details on the reporting requirements of options exchanges. Id. at 30660 nn.358-59. The Notice also outlined the reporting requirements of other SRO audit trails. Id. at 30660 n.364.
As discussed in the Notice, SRO audit trail data is used for market reconstructions and market analyses, and to inform policy decisions, both by the Commission and by SROs. Regulators also use SRO audit trail data extensively for surveillance, examinations, investigations, and other enforcement functions. Current SRO market surveillance relies primarily on data from the SRO audit trails, generated directly from the exchange servers and from OATS. Likewise, SRO examinations and investigations pull information from their own audit trails before seeking data from others. Commission examinations and investigations also rely heavily on SRO audit trails to start the process of tracing a particular trade from its execution to the order initiation and customer information, and the audit trails can be useful for manipulation investigations or other regulatory activities that require analyses of microcap securities trading activity.
Id. at 30660.
(2) Equity and Option Cleared Reports
The SROs and the Commission also have access to equity and option cleared reports. In the Notice, the Commission noted that clearing broker-dealers report their equity and option cleared data on a daily basis and the NSCC and the OCC aggregate the data across the market and generate the reports. Equity and option cleared reports provide a way for regulators to directly access a dataset to see how much trading volume is accounted for by a particular clearing broker. As such, these data are often used at the beginning of an examination or investigation to start identifying the market participants that may have additional data needed to pinpoint a particular activity.
Equity and option cleared reports show “the number of trades and daily cleared trade and share volume, by clearing member, for each equity and listed option security in which transactions took place. Regulators can query these reports directly through an internal online system that interfaces with the Depository Trust and Clearing Corporation (“DTCC”) data by security name and CUSIP number.” A CUSIP number is a “unique alphanumeric identifier assigned to a security and facilitates the clearance and settlement of trades in the security.” Id.
(3) Electronic Blue Sheets
As the Commission discussed in the Notice, broker-dealers also provide detailed data to regulators in the form of Electronic Blue Sheets (“EBS”). The EBS data, provided pursuant to Rule 17a-25 under the Act, facilitate investigations by the SROs and Commission Staff, particularly in the areas of insider trading and market manipulations. The EBS system provides certain detailed execution information in its electronic format upon request by SRO or Commission Staff. This information often includes the employer of the beneficial owner of an account, which can be important to insider trading investigations, and in some cases, a tax identification number.
Id. at 30661. The Notice provided further details on Rule 17a-25 and its reporting requirements. Id. at 30661, notes 368-369.
The EBS system also provides additional information on market participants who meet the definition of “large traders” and have self-identified to the Commission as required by Rule 13h-1. Large trader data provide the Commission with a way to acquire information about the activities of large traders and allow the activities of large traders to be more readily aggregated across or partitioned by multiple broker-dealers.
Id. The Notice provided the definition of a “large trader” and further details on the reporting requirements of Rule 13h-1. Id.
(4) Trade Blotters and Order Tickets
As the Commission addressed in detail in the Notice, investment advisers and broker-dealers also maintain data in the form of order tickets and trade blotters that regulators can obtain on request. Order tickets are in-house records maintained by investment advisers and broker-dealers that provide order details, including timestamps of order initiation and placement, special order types, any special instructions for the order, and plans for the allocation of shares and prices across accounts and subaccounts. Order tickets also identify account owners. Commission Staff collects order tickets regularly for examinations, and occasionally also for market manipulation investigations.
Id.
The Commission discussed the fact that broker-dealers maintain data in trade blotters that are similar to EBS. However, the trade blotters also contain more information, including the commissions paid in executing each order, timestamps of when an order is received and when it is executed (and the number of fills), and the pricing information for all executions in the order. SROs use trade blotters in examinations of their members. Commission Staff uses trade blotters frequently for examinations, including in almost every broker-dealer, investment adviser, and hedge fund examination, as well as for insider trading and market manipulation investigations. Regulators use trade blotter data to determine the order entry time and execution time for trades by a particular customer in examinations and enforcement investigations. Trade blotters are also the primary data source used in regulatory investigations for which subaccount allocation information is important for determining violative behavior, such as cherry-picking and front-running cases.
Id.
As the Commission discussed in the Notice, broker-dealers and exchanges collect and maintain records of activity in their order handling systems and internal matching systems. Some of the data that is collected and maintained in these systems exceeds the scope of information captured in EBS, SRO audit trail, trade blotter, or order ticket data and may include data on order receipt, modification or routing information not otherwise reported to SROs. Regulators use these trading and order handling system data in investigations and examinations to further analyze issues discovered during their analysis of data from other sources.
“Internal matching systems of broker-dealers may include Alternative Trading Systems (“ATSs”) or automated trading systems that provide liquidity to received orders without interacting on a registered exchange. The Commission understands that some broker-dealers rely on their clearing firms to collect and maintain records relating to routed orders on their behalf. Broker-dealers that operate their own internal matching systems are more likely to collect and maintain their own records.” Id. at 30662.
Id.
(5) Public Data
As discussed in detail in the Notice, exchanges and SROs make some data available to the public and regulators can access these data for their regulatory activities. One type of public data is “consolidated” data feeds that are disseminated by registered Securities Information Processors (“SIPs”) pursuant to joint SRO plans. For a fee, the SIPs distribute consolidated market data on recent equity and option transactions and the prevailing best quotes at each exchange to market data subscribers. Additionally, all exchanges also make data available through direct data feeds. These feeds contain all data included in the SIP feed, but also include depth of book information and, depending on the exchange, may include additional data, such as the submission, cancellation and execution of all displayed orders and auction imbalance information on the exchange, among other things. Furthermore, at the request of Commission Staff, most equities exchanges also produce and make public two datasets with information on short sales: A file of short selling volume by stock, which contains the short selling and total volume on that exchange by symbol, and a file of short selling transactions, which contains trade information such as time, volume, and price for each transaction involving a short sale.
Id.
The Commission and SROs use these publicly available trade and order data to conduct market analyses, market reconstructions, examinations, and investigations. Due to the accessibility and ease of use of the public data, regulators often use it as a starting point or a basis of comparison to other data sources. For example, real-time surveillance can rely on SIP data, and some insider trading surveillance relies on information from other publicly available sources such as news sources. Further, investigations into short sale market manipulation sometimes start with an analysis of the short selling data.
Id.
b. Current Limitations of Trade and Order Data
As the Commission addressed in detail in the Notice, while regulators have access to trade and order data from the sources described above, the available data are, for various reasons, limited in terms of the four qualities discussed above. In terms of completeness, current sources do not represent all of the market activity of interest in sufficient detail in one consolidated audit trail. In terms of accuracy, current sources may reflect data errors, insufficiently granular clock synchronization and timestamps, errors introduced in the process of combining data from different sources, a lack of consistent customer and broker-dealer identifiers, and data that is too aggregated at the record level to provide the information regulators need. In terms of accessibility, the SROs and Commission lack direct access to most of the data sources described above, and with respect to timeliness, obtaining trade and order data from current sources and converting the data into a form in which they can be analyzed can involve a significant delay from the time of a particular event of interest. Due to these limitations on current data sources, as the Commission addressed in detail in the Notice, regulators are limited in their ability to perform the activities outlined in Section V.D.1, above. Table 1 summarizes the key characteristics of the currently available data sources, the limitations of which are discussed in more detail below.
See Section V.D.2(a), supra.
See Notice, supra note 5, at 30662-74.
Table 1
As proposed, the CAT NMS Plan also requires CAT Reporters to synchronize their time clocks to the time maintained by the NIST with an allowable drift of 50 milliseconds. See CAT NMS Plan, supra note 5, at Section 6.8. According to a survey conducted by the FIF, 39% of responding broker-dealers currently synchronize their clocks with less precision than what is called for by the CAT NMS Plan. Thus, the CAT NMS Plan would also increase the accuracy of the timestamps used by certain broker-dealers. See FIF Clock Offset Survey, supra note 247.
Off-exchange activity includes currently reportable events that are not handled by a registered securities exchange.
In this instance, “timeliness” refers to when the data are compiled at the source in question (e.g., when OATS receives data from reporting broker-dealers), not when they become available to regulators because that timeline can vary depending on the regulator in question. As shown in the “Direct Access for Regulators” column, it may still take several days, weeks, or months for regulators to be able to access the data. For example, while OATS reporters provide the data at T+1, the SEC must request OATS data in order to access it, which may take several days or weeks. This narrower definition of timeliness is not used throughout this economic analysis.
Guidance from FINRA indicates that broker-dealers must “identify the party to the trade” through EBS fields such as “Primary Party Identifier,” but that party may be another broker-dealer rather than the ultimate customer. See FINRA, Electronic Blue Sheet Submissions, FINRA and ISG Extend Effective Date for Certain Electronic Blue Sheet Data Elements, Regulatory Notice 12-47 (Oct. 2012), available at https://www.finra.org/sites/default/files/NoticeDocument/p194655.pdf . Similarly, under the large trader rule, persons exercising “investment discretion” are reported through EBS, but in some cases such persons are investment advisers rather than their customers. See Notice, supra note 5, at note 372 and accompanying text (discussing the large trader rule).
(1) Completeness
“Completeness” refers to whether the data represents all market activity of interest or just a subset, and whether the data is sufficiently detailed to provide the required information. As addressed in detail in the Notice, while current data sources provide trade and order data specified by existing rules and regulations, those sources do not contain all market activity that might be required for certain market inquiries, in sufficient detail, within one consolidated audit trail. The Commission explained in the Notice that, to obtain information regarding a particular market event, regulators may have to piece together information from different data sources and that some data is not required to be reported at all under existing regulations. Therefore, as described below, current data sources either cover only a limited number of events and products, or lack some data fields that would be useful to regulators, each of which impedes effective market surveillance.
Id. at 30664.
Id.
One commenter agreed with the Commission's analysis by stating that “[t]he fragmented nature of current data sources does pose significant challenges to regulators seeking complete data.”
Data Boiler Letter at 30.
A. Events and Products
As the Commission addressed in detail in the Notice, there is currently no single data source that covers all market activities. EBS data contains executed trades but does not contain information on orders or quotes (and thus does not provide information on routes, modifications, or cancellations). Similarly, trade blotters and order tickets contain only information recorded by the particular broker-dealer or investment adviser that generated them and may contain limited information about full order lifecycles. SRO audit trail data are limited to identifying the activity of their members, can have incomplete information concerning their members, lack order lifecycle information occurring prior to receipt by an exchange, and may not contain information regarding principal trading. Furthermore, although public consolidated and direct data feeds provide data about the entire market, they lack information regarding non-displayed orders and do not provide sufficient information to identify the different lifecycle events of a single order.
See Notice, supra note 5, at 30664.
The Commission also discussed individual SRO audit trails. While extensive, they contain only activity of their own members, and many SRO audit trails are incomplete in their coverage of the activities of those members. For example, FINRA's OATS data does not include proprietary orders originated by a trading desk in the ordinary course of a member's market making activities, or options data. And while OATS collects data from FINRA members with respect to orders and trades involving NMS and OTC stocks, OATS does not include trade or order activity that occurs on exchanges or at broker-dealers that are not FINRA members. In addition, while broker-dealers who are not members of FINRA must be members of an exchange SRO, an individual exchange SRO's audit trail data is generally limited to activity taking place on that exchange. The Commission noted that because broker-dealers who are not members of FINRA may engage in trading activity in off-exchange markets, a substantial portion of the trading activity that an exchange SRO supervises is not reported to the supervising SRO. The Commission also discussed the fact that not all FINRA members are obligated to report to OATS. FINRA's rules exclude from reporting certain members that engage in a non-discretionary order routing process. Additionally, FINRA has the authority to exempt the manual orders of other members who meet specific criteria from the OATS recording and reporting requirements.
Id.
Id. (citing FINRA Rule 7470). At the time of the Notice, FINRA had granted approximately 50 such exemptions.
The Commission also explained that some SRO audit trails do not include and are not required to include activity associated with principal trading, such as market-making activity. This may result in the exclusion of a significant amount of activity, particularly for firms with substantial market-making business activities.
Id. at 30665.
Finally, the Commission discussed the fact that no single current data source integrates both equities and options, and that the lack of any combined equity and options audit trail data is a significant impediment to regulators performing cross-product surveillance.
Id.
B. Data Fields
As addressed in detail in the Notice, each of the currently available data sources discussed above is missing certain data fields that are useful for conducting a variety of regulatory activities. Furthermore, certain valuable data fields are not contained in any of the data sources discussed above.
Id.
Most notably, as the Commission explained in detail in the Notice, the identity of the customer is not available from any of the current data sources that are reported to regulators on a routine basis. As discussed in the Notice, a unique customer identifier could be useful for many types of investigations and examinations such as market manipulation investigations and examinations of investment advisers. The Commission also explained that although some data sources—specifically large trader reports, EBS, trade blotters, and order tickets—identify customers, these data sources are not reported on a routine basis, provide only one part of the order lifecycle, and have other inherent limitations.
Id.
The Commission explained that because there is currently no data source that includes customer identities across multiple parts of an order lifecycle, regulators must seek and link multiple sources of data, which can be a burdensome and imperfect process. For example, trade blotter and order ticket data that identify customers from one broker-dealer may only include customer names and thus may not be readily matched to similar data from another broker-dealer, or may require substantial time, effort, and uncertainty to reconcile across firms. Further, EBS data's limited coverage of trading activity and lack of some detailed trade information raises costs and reduces the timeliness of insider trading investigations.
Id. for a full discussion of the impact on insider trading investigations.
As the Commission addressed in detail in the Notice, some valuable data fields, such as modifications that make an order non-displayed and other special handling instructions are consistently available on only a few data sources or require linking different data sources. The Commission explained that the lack of direct, consistent access to order display information and special handling instructions creates inefficiencies in surveillances, examinations, and investigations that examine hidden liquidity and the treatment of customer orders.
In the Notice, the Commission provided further details on the reporting of order display information (i.e., whether the size of the order is displayed or non-displayed) and special handling instructions in OATS data. The Commission also noted that this data is not directly available to all regulators, and that the Commission must request this data from FINRA. Id. at 30666 n.412.
Id. at 30666.
The Commission noted that data that are not directly accessible by regulators at all include buy-to-cover information and subaccount allocation information, including the allocation time. The Commission explained that regulators could use buy-to-cover information to better understand short selling and for investigations of short sale manipulation. However, no current data source allows regulators to directly identify when someone is buying to cover a short sale.
Id.
As the Commission discussed in the Notice, subaccount allocation information needed for regulatory activities can be difficult for regulators to collect and compile because SRO audit trails currently do not require allocation reports and broker-dealers may not have records of the time of a subaccount allocation. The Commission explained that when regulators require an understanding of subaccount allocations for a regulatory task, they generally request and sift through trade blotter or EBS data in an attempt to identify allocations and the details of those allocations. However, current trade blotter data contains limited customer information on allocations and is not required to contain allocation time information at the subaccount level.
While the Commission is sometimes able to acquire allocation time on trade blotters, not all broker-dealers keep records in a manner that facilitates efficient regulatory requests for allocation time information. Id.
The Commission explained that the difficulty in obtaining allocation information and the difficulty in reconstructing allocations with data from broker-dealers limits the efficiency of certain surveillances and examinations. In particular, allocation time at the subaccount level is critical for determining whether some customers are systematically given more favorable allocation treatment than others. For example, when a broker-dealer places an order or series of orders for multiple customer accounts that generates multiple executions at multiple prices, it is possible that different customers receive different prices in the allocation process. However, if some customers systematically receive less favorable prices than others when they should be receiving the same prices for their executions, this could indicate that the broker-dealer is handling allocations improperly.
Id.
Three commenters noted that the open/close indicator is currently not captured for equities. In their response, the Participants agreed with this assessment. In addition, the Participants indicated that, pursuant to current industry practice, the open/close indicator is also not captured for some options transactions.
TR Letter at 9; SIFMA Letter at 35; FIF Letter at 83.
Response Letter I at 22.
Response Letter I at 22.
The Commission has considered the comments it received regarding the current limitations of trade and order data in terms of completeness. The open/close indicator would provide information about whether a transaction is undertaken to open or increase a position in the security, or to close or reduce a position in the security, such as a buy-to-cover a short sale, which the Commission in the Notice stated was information not directly accessible to regulators today. Therefore, the commenters expressing that the open/close indicator is not currently captured for equities are consistent with the baseline discussed in the Notice; the open/close indicator is one type of a broader category of information that the Commission recognized is lacking from current audit trails. In addition, although the Commission did not discuss this issue in the Notice, the Commission now recognizes that the open/close indicator is currently not captured for certain options transactions.
See Notice, supra note 5, at 30680.
(2) Accuracy
In the Notice, the Commission carefully considered the accuracy of data currently used by regulators in order to consider whether and to what degree the CAT NMS Plan would provide more accurate data. As discussed in more detail below, the Commission considered several forms of data inaccuracy, including data errors, inaccurate event sequencing, the inability to link data accurately, inconsistent identifiers, and obfuscating levels of irreversible data aggregation.
Id. at 30666-71.
A. Data Errors
With respect to data errors, the Commission stated its preliminary belief that data errors affect most current data used by regulators and can persist even after corrections. The Commission specifically noted instances where information was inaccurately reported by broker-dealers and discussed various errors in data translated from back-office systems, errors in data from trading systems, and errors in audit trail data. Furthermore, the Commission noted that the CAT NMS Plan reports that 2.42% of order events submitted to OATS fail validation checks. Although FINRA sends these records back to its members to correct, significant error rates in event linking post-correction are common because OATS limits error correction requests to records with internal inconsistencies within a given member's submission and there is no cross-participant error resolution process. FINRA estimates that 0.5% of OATS routing reports directed to another FINRA member broker-dealer cannot currently be linked. Also, as stated in the Notice, the CAT NMS Plan reports that, following the rollouts of three major updates to OATS, 0.86% of Trade Reporting Facility reported trades could not be matched to OATS execution reports, 3.12% of OATS route reports could not be matched to exchange orders, and 2.44% of inter-firm routes could not be matched to a record of the receiving firm's receipt of a routed order.
As used herein, the term “data errors” refers to instances where data reflect false information or are missing information such that they do not reflect order events that occurred in the market fully and accurately. Under this definition of “data errors,” a trading error or an order entry error would not be a “data error.” For example, if a trader submitted an order to an exchange with an order size of 100,000, an accurate order record would contain an order size of 100,000. If the trader actually intended to enter the order size as 1,000, the accurate order record would still be 100,000 because that would reflect the actual state of the market at the time. In other words, the 100,000 order size is not a “data error.” If the trader later corrected the order size, accurate data would reflect the subsequent corrections while still preserving the accurate state of the market at the time.
Id. at 30666-67.
Id.
Id.
The Commission received several comment letters that discussed the current state of errors in data used by regulators. One commenter did not believe that OATS data currently achieves “de minimis” errors. The commenter further stated that there are instances where errors cannot be corrected in OATS and gave true duplicates and non-reportable symbols as examples. The commenter further detailed the classification scheme currently used to categorize OATS errors. According to the commenter, these errors are currently classified as: Rejects; unmatched executions; unmatched exchange routes; inter firm received unmatched; inter firm sent unmatched; out of sequence; and late reports.
Anonymous Letter I at 9-10; Anonymous Letter II at 1-2; FIF Letter at 55, 60.
FIF Letter at 60.
FIF Letter at 55.
FIF Letter at 54.
Another commenter stated in two separate letters that there are OATS reporters that are repeatedly non-compliant, both in omitting to report required data and reporting inaccurate data to FINRA. The commenter contended that the extent of this non-compliance is significant and is magnified by the lengthy period of time before the errors are discovered and corrected by FINRA. Also, there is no way to know the magnitude of noncompliance that is never detected and therefore never corrected. The non-compliance by reporters may cause the error rates reported by OATS to be higher than reported.
Anonymous Letter I at 9-10; Anonymous Letter II at 1-2.
The Commission has considered the comments received. The Commission agrees with the commenter that stated there are instances where OATS data does not fail validation checks, but does contain errors. As mentioned in the Notice, OATS validation checks are limited to detecting errors that can be discovered by a concise set of logical rules and OATS limits error correction requests to records with internal inconsistencies within a given member's submission. The Commission also recognizes the comment that some OATS reporters fail to send and/or send inaccurate reports to FINRA and is updating its analysis to take into account that current data errors in OATS may be larger than initially considered due to this non-compliance. Finally, the Commission now considers the error classifications provided by a commenter in its baseline.
See Notice, supra note 5, at 30667.
B. Event Sequencing
With respect to event sequencing, as the Commission addressed in detail in the Notice, the ability to sequence market events is crucial to the efficacy of detecting and investigating some types of manipulation, and the sequencing of order events requires both sufficient clock synchronization across market participants and timestamps that are granular enough for accurate sequencing, but the current clock synchronization standards make this process difficult.
In the Notice, the Commission discussed that current rules require most broker-dealers to synchronize their system clocks to within one second. The Commission further noted that “in practice” some broker-dealers currently synchronize their clocks to smaller clock offset tolerances. The Commission cited the FIF Clock Offset Survey where 29% of respondents report they currently synchronize their clock to permit a maximum clock offset of one second from NIST, 10% of respondents permit a maximum offset of 50 milliseconds to one second, 21% of respondents permit a 50 millisecond maximum offset, and 18% of respondents permit a maximum offset less than 50 milliseconds. The remaining 22% of respondents report they utilize multiple clock offset tolerances across their systems ranging from five microseconds to one second. In addition, the Commission discussed that FINRA had filed a proposed rule change that would reduce the clock offset tolerance for members' computer clocks that are used to record events in NMS securities from within one second of the NIST atomic clock to within 50 milliseconds of the NIST atomic clock. Furthermore, the Commission discussed that if the rule change was approved, more entities would record timestamps with data at a 50 millisecond clock offset tolerance regardless of whether the CAT NMS Plan is approved.
Id. at 30669.
See FIF Clock Offset Survey, supra note 247.
See Notice, supra note 5, at 30668.
Id. at 30683.
For clock synchronization on exchanges, the Commission discussed in the Notice that exchanges trading NASDAQ securities currently adhere to clock synchronization standards at or below 100 microseconds, and the Commission understands that the NYSE, the options exchanges, and the SIAC SIP have comparable clock synchronization standards. In addition, the Commission noted that Participants stated “that absolute clock offset on exchanges averages 36 microseconds.”
Id. at 30669.
Also in the Notice, Commission Staff conducted an analysis of the frequency of order events using MIDAS data which identified whether for each order event, an event in the same security at another venue occurred within a given time range. 97.95% of order events for listed equities and 91% of order events for listed options occurred within one second of another unrelated order event in the same security. 14.44% of the unrelated order events for listed equities and 3.12% of the unrelated order events for listed options in the same security occurred within 5 microseconds of another order event in the same security. The Commission noted that the analysis underestimates the true frequency of unrelated events within the given time frames because it includes only order events that are included in the MIDAS data, and furthermore stated that the analysis illustrates how the current frequency of order events makes sequencing unrelated order events difficult. With respect to the granularity of timestamps, the Commission discussed in the Notice that regulators need sufficiently granular timestamps to sequence events across orders and within order lifecycles, and that the current lack of uniform and granular timestamps can limit the ability of regulators to sequence events accurately and link data with information from other data sources. In addition, the Commission discussed that current data sources have different timestamp granularity standards, and that many public data sources report time in seconds or milliseconds, and some, including direct data feeds, report time in microseconds or nanoseconds. As examples, the Commission stated that OPRA allows for timestamps in nanoseconds and that the other SIPs require timestamps in microseconds for equity trades and quotes, whereas the short sale transactional data released by exchanges contains timestamps in seconds. In addition, the Commission stated that OATS requires timestamps in milliseconds for firms that capture time in milliseconds, but does not require members to capture time in milliseconds.
Id. at 30669-70.
Id.
Id.
One commenter discussed the Commission's analysis of the frequency of order events in the context of the Commission's baseline assessment of clock synchronization and timestamp granularity. The commenter pointed out that the Commission's analysis “used primarily SIP data, reflecting exchange only recording of events, which is a tightly controlled, co-located and specialized environment” and that the analysis “does not reflect the broader broker-dealer communities' recording of events . . . in a distributed environment, a much less controlled and less precise environment.” That commenter also stated that “[w]ithin every order lifecycle, the events leading up to the execution can be [sequenced] due to daisy chaining.”
FIF Letter at 118.
FIF Letter at 118.
Id.
As noted above, commenters recognized that lower tolerances were already mandated by some exchanges as well as ATSs that maintain an order book. One commenter noted that some firms receive direct feeds from exchanges as precise as 1 microsecond. The Participants and another commenter explained that the marketplace is segmented such that broker-dealers operate under a different business model and regulatory environment than ATSs and exchanges. While microsecond tolerances for exchanges and ATSs are already standard practice, broker-dealers have no standard practice across the industry and are precluded from using matching engines, which are capable of the lowest level of granularity.
TR Letter at 7; FIF Letter at 97-99.
Better Markets Letter at 8.
Response Letter II at 4; FIF Letter 97-99, 116.
Id.
One commenter noted the imprecise business process of handling manual orders. Another commenter noted that manual intervention can take over a second because it involves several steps, which impact timestamp capture.
FIF Letter at 118.
SIFMA Letter at 35. Specifically, this commenter explained that manual order taking involves taking an order via phone, fax, or email and then manually entering the order into an electronic order management system.
The Participants' response provided new information on the current clock synchronization standards of Participants. Specifically, the response clarified that all Participants currently operate pursuant to a clock synchronization standard of 100 microseconds with regard to their electronic systems.
Response Letter II at 4-5.
Id.
The Commission has considered these comments and, as discussed below, has updated its analysis of the baseline of clock synchronization as set out in the Notice.
In the Notice, the Commission explained that its analysis of the frequency of order events used MIDAS data, recognized the limitations that its use of MIDAS data could impose, and explained how the limitations reflected the Commission's assessment of the baseline. The Commission therefore agrees with the commenter that its analysis reflects a disproportionate number of exchange events relative to off-exchange events. But because the commenter did not explain how the limitations of the Commission's analysis could make the analysis less useful or what statistical biases could result from these limitations, the Commission believes that, despite its limitations, the analysis “still provides useful insights” and “illustrates how the current frequency of order events makes sequencing unrelated order events difficult.”
See Notice, supra note 5, at 30669.
Id.
The Commission generally agrees that events can be sequenced due to daisy chaining, but notes that for most regulatory activities, it is crucial for the regulators to be able to accurately sequence events from different orders. Furthermore, the Commission believes that such sequencing requires both sufficient clock synchronization across market participants and sufficiently granular timestamps.
Id. at 30667.
With respect to comments regarding manual orders, the Commission believes the new insights provided by commenters are consistent with the baseline in the Notice.
The Commission is updating its economic baseline to include the new information provided by the Participants and also to include the approval of a FINRA rule amendment. Specifically, the Commission now believes that all Participants currently operate pursuant to a clock synchronization standard of 100 microseconds. Also, the Commission approved the proposed rule change by FINRA that was discussed in the Notice that reduces the synchronization tolerance for computer clocks to 50 milliseconds for member firms that record events in NMS Securities. Accordingly, FINRA members that record events in NMS Securities currently operate, or in the near future will operate, pursuant to a clock synchronization standard of 50 milliseconds for their computer clocks.
See Securities Exchange Act Release No. 77565 (April 8, 2016), 81 FR 22136 (April 14, 2016).
C. Data Linking and Combining
Regarding data linking, as the Commission addressed in detail in the Notice, regulators analyzing an event or running a surveillance pattern often need to link data. As examples, the Commission stated that cross-market examinations require the cumbersome and time-consuming task of linking many different data sources; that regulators that are determining whether rule violations have occurred will combine trading data from sources such as public feeds, SRO audit trails, EBS data, and trade blotters; and that the analysis and reconstruction of market events could require linking many different data sources, such as a dozen SRO audit trails.
Id. at 30670.
Id.
The Commission discussed that merging different data sources often involves translating the data sources into the same format, which can be a complex process that is prone to error. In addition, the Commission discussed that linking records within or across data sources requires the sources to share “key fields” that facilitate linkage, but that regulators may be unable to link some data source combinations accurately because the data sources do not have key fields in common or the key fields are not sufficiently granular; also, different data sources may have key fields in common but the relationship between the fields is not straightforward so the algorithm to link them may be necessarily complex and not entirely successful. Furthermore, the Commission discussed that within a single order lifecycle, the order number may change when a broker-dealer routes the order to another broker-dealer or exchange or even to another desk at the same broker-dealer. Finally, the Commission discussed that the inability to link all records affects the accuracy of the resulting data and can force an inefficient manual linkage process that would delay the completion of the data collection and analysis portion of an examination, investigation, or reconstruction.
Id.
Id.
Id.
D. Customer and Broker-Dealer Identification
With respect to market participant identifiers (“MPIDs”), the Commission explained that trade and order data currently available to the Commission lack consistent customer and broker-dealer identifiers, which limit regulators' ability to track the activity of one client or broker-dealer across the market. In the case of broker-dealers, the Commission stated that identifiers are inconsistent and that no centralized database exists. In addition, although SROs generally identify their members using MPIDs, those MPIDS are not standardized across venues. The Commission further stated that aggregating a broker-dealer's activity across venues requires verifying the MPIDs assigned to a broker-dealer on each venue, usually referencing the broker-dealer by its Central Registration Depository (“CRD”) number. Finally, the Commission stated that in the course of manual data analysis, Commission Staff have experienced challenges in identifying broker-dealers using CRD numbers, but that the Commission and the SROs have generally overcome these challenges in the context of automated regulatory data analysis.
Id. at 30670-71.
Id.
In the case of broker-dealer customers, the Commission stated that identifying customer account owners across multiple broker-dealers is difficult and prone to error. As an example, the Commission discussed that although the EBS system provides the names associated with each account traded, these names are drawn from separate records of each broker-dealer providing data to the EBS system, and the same party may be identified by a different name across multiple broker-dealers.
Id.
One commenter discussed the difficulty in tracking market participant activity using MPIDs, stating that “[w]ith regard to trade identifiers used by market access providers, some clearing firms have used one or more MPIDs to conceal the identity of other participants/clients using these services to manipulate markets.” The Commission agrees that tracking market participant activity using MPIDs can be difficult because of sponsored or direct market access arrangements whereby broker-dealers allow customers to trade electronically using the broker-dealer's MPID. In cases where the sponsored or direct market access customer is not a FINRA member, the EBS system allows regulators to observe the identity of trading parties that may be concealed by MPIDs, but, as discussed in the Notice, it is difficult to consistently identify trading parties across multiple broker-dealers because they may use different names across these broker-dealers. In addition, as discussed in the Notice, EBS data is cumbersome to use for broad analysis because of fragmentation of the data. However, in cases where the sponsored or direct market access customer is a FINRA member, OATS reporting obligations require both the customer broker-dealer and the sponsoring broker-dealer to generate reports that, when linked correctly, allow regulators to observe the identity of the trading party.
Anonymous Letter I at 12.
See Notice, supra note 5, at 30661.
See OATS Compliance FAQ at C84 available at www.finra.org/industry/faq-oats-compliance-faq .
E. Aggregation
Regarding data aggregation, as addressed in detail in the Notice, the practice used in some data records of bundling together data from different orders and trades can make it difficult to distinguish the different orders and trades in a given bundle. That aggregation reduces the usefulness of equity and options cleared reports, because the reports do not have detailed trade information and do not include activity that does not require clearing. In the Notice, the Commission presented as an example the frequent use of average-price accounts by brokers to execute and aggregate multiple trades for one or more customers. The Commission discussed that for these cases, and with EBS data, the system does not reflect the details of each individual trade execution. Furthermore, the Commission discussed that information on trade allocations aggregate the trade information to such an extent that it is difficult for regulators to identify when particular clients may be afforded preferential treatment because it is challenging to link subaccount allocations to orders and trades.
See Notice, supra note 5, at 30688-89.
Id. at 30671.
Id.
In addition, as the Commission discussed in the Notice, issuer repurchase information is aggregated at the monthly and quarterly level, and this level of aggregation limits the use of such data in investigations of the timing of issuer repurchases and issuer stock price manipulation and in analysis of the use of the Rule 10b-18 issuer repurchase safe harbor.
(3) Accessibility
As addressed in detail in the Notice, the SROs and the Commission also lack direct access—i.e., the ability to log into a system in a manner that would allow them to gather and analyze the data they need—to many of the data sources described above. SROs generally have direct access only to their own audit trails and the public data feeds. The Commission has direct access only to the public data feeds and the equity and option cleared data; it lacks direct access to information provided in EBS or contained in trade blotters, order tickets, order handling data, SRO audit trails, and OATS data.
FINRA does receive data from certain SROs on a daily basis and subsequently has direct access to that data. Id. at 30671 n.453.
Id. at 30671-72.
The Commission explained that if a regulator does not have direct access to data it needs, the regulator would request it, and that this can result in many burdensome requests to broker-dealers, SROs, and others. The Commission recognized that data requests could impose burdens on the entities responding to the requests, in addition to the burden on the regulators making the requests. In particular, broker-dealers, investment advisers, and SROs responding to a data request must incur costs in order to produce, store, and transmit the data for the Commission or SRO.
Id. at 30672.
The Commission explained that, to complete just one analysis, regulators may need to request data from many different data providers because of fragmentation in the data. The Commission discussed the fact that fragmentation in trade and order data can take many forms. First, an analysis may require the same type of data from many market participants. For example, while ATSs and dealers report order events in equities to OATS, each of the 12 equities exchanges has its own audit trail. As a result, a market reconstruction for a single security may involve data requests to multiple exchanges as well as to FINRA.
Id.
Second, the required data fields for an analysis may be reflected in different types of data. For example, for investigations that require tracing a single trade or a set of trades back to an investor or investors, regulators would first need to request data from the exchanges or market participants executing trades to find out which members, subscribers, or broker-dealers sent the orders that led to the executions. Then, regulators would need to ask the members, subscribers, and broker-dealers for information on the orders and repeat that process until they get to the broker-dealer who initiated the order to see the customer behind the order.
Id.
Third, an analysis may require data on different products covered in separate data sources. For example, some regulatory activities require data on both equities and options. And because current data sources do not contain information regarding both equities and options, regulators needing data on both types of securities would need to make several data requests.
Id.
As the Commission discussed in the Notice, data fragmentation also results in disparate requirements for industry members to record and report the same information in multiple formats. Because each SRO has its own data requirements, a market participant that is a member of multiple SROs may be required to report audit trail data in numerous formats and interact with multiple regulators in response to normal data queries.
Id.
(4) Timeliness
As addressed in detail in the Notice, currently, obtaining trade and order data and converting the data into a form in which they can be analyzed can involve a significant delay from the time of a particular event of interest. In some cases the length of time from when an event occurs until regulators can use relevant data in an investigation or analysis can be weeks or months. This is especially true for trading data that includes customer information.
Id. at 30673. The Commission noted that some of the data sources described above can be accessed by SROs and the Commission without significant delay. For example, SROs and the Commission have some real-time direct access to public data and, through MIDAS, the Commission has next-day direct access to analytics that are based on public data, such as volumes over various time horizons. Furthermore, the Commission noted that FINRA receives audit trail data from exchanges pursuant to Regulatory Services Agreements at the end of each trading day. Id.
The Commission explained in the Notice that corrected FINRA OATS data may be available less than two weeks after an event and uncorrected data on T+1. In particular, FINRA members submit OATS data on a daily basis, submitting end-of-day files by 8:00 a.m. ET the following day or they are marked late by FINRA. FINRA acknowledges receipt of the data an hour after the member submits it, before running its validation process. FINRA then takes approximately four hours after acknowledging receipt of OATS data to determine if the data contain any syntax errors. In addition to the four hours needed to identify errors within a report, it takes another 24 hours for context checking, which identifies duplicates or secondary events without an originating event. Once a context rejection is available, the member has up to five business days to repair the rejection. Reports for files that contain internally inconsistent information about processing, linking, and routing orders may be available within two business days. FINRA attempts to match the inconsistent information against any additional data received up to T+2 for linking errors and T+3 for routing errors. The timing for surveillance programs varies depending on the type of surveillance being performed; data is assumed to be completely processed and corrected at T+8.
Id.
The Commission also explained that because market participants generally do not report or compile datasets immediately after an order event, there is a delay before regulators may access some data sources. For example, the compilation of equity and option cleared reports occurs on T+1 for options and T+3 for equities (i.e., the clearing day) and the electronic query access for equities is available from the Securities Information Automation Corporation (“SIAC”) on T+3. Additionally, when broker-dealers receive a request for EBS, the firm must first fill in the EBS report and then, if it does not self-clear, pass the reports on to its clearing firm to compile and send to SIAC. The EBS submission process can take up to ten business days. More immediate requests for cleared options data can be submitted to FINRA, but even this process takes up to two days. Because EBS data do not contain order entry time and order execution time, regulators must obtain this information from firms and brokers using either data requests or subpoenas, and this process generally can take from two to four weeks depending on the size of the request.
Id. The Commission also noted that it has been the Commission's experience that trade blotter data requests can take weeks or in excess of a month depending on the scope of the request and how accustomed the broker-dealer is with fulfilling such requests. Id.
In addition, the Commission noted that the lack of direct access to most data sources may further delay the ability of regulators to use data in certain cases. When regulators have direct access to a data source, the time needed to receive data is only the time it takes for a query to run. On the other hand, when regulators lack direct access, their data requests can consume significant time, including both the time required to put the request together and response times from the SROs, broker-dealers, and others producing the data. For example, obtaining complete responses from each broker-dealer for an EBS request can take days or weeks depending on the scope of the request. Likewise, responses from the Intermarket Surveillance Group (“ISG”) for SRO audit trail data can take days or weeks. As the Commission discussed in the Notice, once regulators receive the requested data, the data often have to be processed into a form in which they can be analyzed. The Commission explained that it can take considerable time for regulators to combine data from different sources and link records from within or across data sources. Furthermore, the lack of consistency in format adds complexity to projects involving data from multiple data sources, even when the project does not involve linking of these different data.
Id.
Id.
The Commission further discussed that those who use regulatory data also typically take time to ensure the accuracy of the data. The Commission explained that when regulators question the accuracy of data, they often check several alternative sources until they are comfortable that their data are accurate. This checking of data accuracy and augmentation process adds time to an investigation or analysis.
Id. at 30674.
E. Benefits
In the Notice, the Commission discussed its belief that the economic benefits of the CAT NMS Plan would come from any expanded or more efficient regulatory activities facilitated by improvements to the data regulators use. This is because the Plan will create a new consolidated data source—CAT Data—that should replace the use of some current data sources for many regulatory activities. Therefore, the Benefits Section described how CAT Data compares to data regulators currently use for regulatory activities, how the CAT Data would improve regulatory activities, and how these improvements would benefit investors, market participants, and markets in general.
Id.
Id. at 30674-30708.
In the Notice, the Commission discussed its preliminary belief that the CAT NMS Plan would produce data that would improve on current data sources because CAT Data would result in regulators having direct access to consolidated audit trail data, which would in turn improve many of the regulatory activities discussed in the Baseline Section. As summarized in Table 2, the Commission preliminarily concluded that the Plan would generate improvements in the quality of data that regulators would have access to in the areas of completeness, accuracy, accessibility, and timeliness. The Commission discussed its preliminary belief that the improvements in the quality of regulatory data within these categories would significantly improve the ability of regulators to perform a wide range of regulatory activities, which would lead to benefits for investors and markets. In addition, the Commission preliminarily believed that certain provisions in the Plan—those related to future upgrades of the Central Repository, the promotion of the accuracy of CAT Data, the promotion of the timeliness of CAT Data, and the inclusion of specific governance provisions identified by the Commission in the Adopting Release for Rule 613—would increase the likelihood that the potential benefits of the CAT NMS Plan would be realized.
Id. at 30674-77.
In the category of completeness, the Commission discussed its belief that the ability for regulators to access more material data elements from a consolidated source would enable regulators to more efficiently carry out investigations, examinations, and analyses because regulators could acquire data from a single source that they would otherwise need to compile from many data sources. In the category of accuracy, the Commission discussed its belief that the Plan would substantially improve data accuracy by requiring CAT Data to be collected, compiled, and stored in a uniform, linked format using consistent identifiers for customers and market participants. In the category of accessibility, the Commission discussed its belief that the Plan would substantially improve the access to data for regulators because the Plan requires regulators to have direct access to CAT Data and this direct access would dramatically reduce the hundreds of thousands of requests that regulators must make each year in order to obtain data, thus reducing the burden on the industry. Finally, in the category of timeliness, the Commission discussed its belief that the Plan, if approved as noticed, would significantly improve the timeliness of data acquisition and use, which could improve the timeliness of regulatory actions that use data.
The Commission discussed its expectation that regulatory activities such as surveillance, investigations, examinations, analysis and reconstruction of market events, and analysis in support of rulemaking initiatives would benefit from improved data quality as part of CAT. The Commission explained that data is essential to all of these regulatory activities, and therefore substantial improvements in the quality of the regulatory data should result in substantial improvements in the efficiency and effectiveness of these regulatory activities, which should translate into benefits to investors and markets. For example, improved data could lead to more effective and efficient surveillance that better protects investors and markets from violative behavior and facilitates more efficient and effective risk-based investigations and examinations that more effectively protect investors. The Commission stated that together, these improved activities could better deter violative behavior of market participants, which could improve market efficiency. Furthermore, this increase in directly accessible data should improve regulators' understanding of the markets, leading to more informed public policy decisions that better address market deficiencies to the benefit of investors and markets. The Commission also discussed the fact that the Plan lacked information regarding the details of certain elements of the Plan likely to affect the benefits of the Plan, primarily because many of those details had not yet been determined, which creates some uncertainty about the expected economic effects.
Id. at 30675-76.
Id. at 30676.
The Commission has considered the comments it received regarding the likely benefits of the CAT NMS Plan and continues to believe that the CAT NMS Plan would generate improvements in the quality of data that regulators would have access to in the areas of completeness, accuracy, accessibility, and timeliness. The Commission also continues to believe that improvements in the quality of regulatory data within these categories would significantly improve the ability of regulators to perform a wide range of regulatory activities, which would lead to benefits for investors and markets. In addition, the Commission continues to believe that certain provisions in the Plan—those related to future upgrades of the Central Repository, the promotion of the accuracy of CAT Data, the promotion of the timeliness of CAT Data, and the inclusion of specific governance provisions identified by the Commission in the Adopting Release for Rule 613—increase the likelihood that the potential benefits of the CAT NMS Plan described below will be realized. As set out in more detail below, the Commission has taken into account the modifications that have been made to the Plan where they are relevant to the Commission's analysis of the benefits of the Plan, and has updated its analysis accordingly.
Table 2
As proposed, the CAT NMS Plan also requires CAT Reporters to synchronize their time clocks to the time maintained by the NIST with an allowable drift of 50 milliseconds. See CAT NMS Plan, supra note 5, at Section 6.8. According to a survey conducted by the Financial Information Forum (FIF), 39% of responding broker-dealers currently synchronize their clocks with less precision than what is called for by the CAT NMS Plan. Thus, the CAT NMS Plan would also increase the accuracy of the timestamps used by certain broker-dealers. See FIF Clock Offset Survey, supra note 247.
Off-exchange activity includes currently reportable events that are not handled by a registered securities exchange.
In this instance, “timeliness” refers to when the data are compiled at the source in question (e.g., when OATS receives data from reporting broker-dealers), not when they become available to regulators because that timeline can vary depending on the regulator in question. As shown in the “Direct Access for Regulators” column, it may still take several days, weeks, or months for regulators to be able to access the data. For example, while OATS reporters provide the data at T+1, the SEC must request OATS data in order to access it, which may take several days or weeks. This narrower definition of timeliness is not used throughout this economic analysis.
Guidance from FINRA indicates that broker-dealers must “identify the party to the trade” through EBS fields such as “Primary Party Identifier,” but that party may be another broker-dealer rather than the ultimate customer. See FINRA, Electronic Blue Sheet Submissions, FINRA and ISG Extend Effective Date for Certain Electronic Blue Sheet Data Elements, Regulatory Notice 12-47 (Oct. 2012), available at https://www.finra.org/sites/default/files/NoticeDocument/p194655.pdf . Similarly, under the large trader rule, persons exercising “investment discretion” are reported through EBS, but in some cases such persons are investment advisers rather than their customers. See supra note 1912 and accompanying text (discussing the large trader rule).
1. Improvements in Data Qualities
Consistent with the Adopting Release, the Commission identified in the Notice four qualities of trade and order data that impact the effectiveness of core SRO and Commission regulatory efforts: Accuracy, completeness, accessibility, and timeliness. In assessing the potential benefits of the CAT NMS Plan, the Commission's economic analysis compared the data that would be available under the Plan to the trading and order data currently available to regulators. The Commission preliminarily believed that the Plan would improve data in terms of all four qualities, but that uncertainty remained as to the expected degree of improvement in some areas. The Commission has considered the comments received, the Participants' response, and the modifications to the Plan, and continues to believe that the Plan will improve accuracy, completeness, accessibility, and timeliness of trade and order data relative to the Baseline, with some uncertainty as to the degree of improvement.
See Adopting Release, supra note 14, at 45727.
Changes in all four data qualities affect certain data-driven regulatory activities. The benefits of the Plan derive from the changes to these regulatory activities.
See Notice, supra note 5, at 30678.
a. Completeness
In the Notice, the Commission discussed how the CAT NMS Plan, if approved, would result in regulators having direct access to a single data source that would be more complete than any current data source. The Commission discussed its belief that the CAT Data would be more complete than other data sources because, compared to existing SRO audit trails and other data sources, the CAT Data would contain data from a greater number of broker-dealers on more event types, products, and data fields. While some current data sources contain many of the elements that would be included in CAT Data, the Commission explained that CAT Data would consolidate that data into one source that would be much more complete than any existing source, and that CAT Data would also include some elements that are not available from any current data source. In the Commission's view, having this data consolidated in a single source would provide numerous benefits.
Id. at 30678-81.
Id. at 30678.
(1) Events and Products
In the Notice, the Commission discussed the fact that the CAT Data would include events and products from all current SRO audit trails, combined into a single data source. In addition, it would include some off-exchange activity not captured on current SRO audit trails, as well as proprietary orders originated by a trading desk in the ordinary course of a member's market making activities (or “principal activity”), and information on equities, options and OTC Equity Securities.
The Commission noted that SRO audit trails currently do not include the activity of firms that are not members of that SRO. And, currently only FINRA requires its members to report their off-exchange activity. While broker-dealers that trade off-exchange must be members of FINRA unless their activity fits the terms of the exemption in Rule 15b9-1, firms that qualify for the exemption in that rule and that are not FINRA members do not report their off-exchange activity to OATS. This exemption covers a large percentage of off-exchange activity. Broker-dealers that are not FINRA Members accounted for 48% of orders sent directly to ATSs in 2014, 40% in 2013, and 32% in 2012. Because all SROs are Participants in the Plan, under the Plan all broker-dealers with Reportable Events, including off-exchange, would be required to report the required CAT Data to the Central Repository. Id. at 30678-79.
Id. at Section IV.D.2.b(1)A.
“OTC Equity Security” is defined in the Plan as “any equity security, other than an NMS Security, subject to prompt last sale reporting rules of a registered national securities association and reported to one of such association's equity trade reporting facilities.” Id. at 30679.
Four commenters believed that the CAT NMS Plan would result in a data source that is not complete enough and argued that CAT should be significantly expanded in scope to include additional event types, such as additional short selling information, clearing information, and ETF creation and redemption data; additional product types, such as stock index futures and options on index futures; or other types of regulatory submissions or metrics reports, such as CCAR/DFAST, TLAC, Volcker, Basel III, or BCBS-283.
Anonymous Letter at 6-9, 12-14, 17; Better Markets Letter at 7; Data Boiler Letter at 1,10-13, 17-18, 31; CBOE Letter at 1-2.
The Commission recognizes that at least some of these expansions could potentially make CAT Data more complete and responds to each of the suggestions above in Section IV.D.4.f. At the same time, the Commission continues to believe that the CAT NMS Plan will result in regulators having direct access to a single data source that will be more complete than any current data source. Furthermore, the Commission continues to believe that the CAT Data will be more complete than other data sources because it will contain data from a greater number of broker-dealers on more event types and products when compared to existing SRO audit trails and other data sources.
(2) Data Fields
In the Notice, the Commission also explained that the Plan would consolidate, in a single source, fields that currently may not be available from all data sources, including some fields that are difficult for regulators to compile. It discussed its belief that, in particular, the inclusion of consistent, unique customer information in the CAT Data represents a significant improvement over current SRO audit trails in terms of completeness because very few current data sources contain customer information, and those that do are limited in terms of the completeness and accuracy of this information, which significantly limits regulatory efficiency. As proposed in the Notice, CAT Data would also include other data fields not available from current SRO audit trails, including allocation information such as allocation time, open/close information, Quote Sent Time, and information on whether a Customer gave a modification or cancellation instruction. With respect to the rest of the data fields included in CAT Data, the Commission discussed the fact that certain of them are included in some or all current SRO audit trails but that no single current source contains all of them. For example, the inclusion of order display information (i.e., whether the size of the order is displayed or non-displayed) and special handling instructions in CAT Data improve completeness because they are not always mandatory in SRO audit trail data and therefore may not be consistently available without data requests to broker-dealers.
See Notice, supra note 5, at 30679-81.
Id. at Section IV.D.2.a(1) and Section IV.D.2.b.(1)b, supra. As discussed in the Notice, SRO audit trails typically do not provide customer information, but a recent FINRA rule change would require its members to report to OATS non-FINRA member customers who are broker-dealers.
“Quote Sent Time” refers to the time that an Options Market Maker routes its quote, or any modification or cancellation thereof, to an exchange. Id. at 30755.
The Commission discussed its belief that, while the costs and benefits of including particular fields can change due to technological advances and/or changes in the nature of markets, the Plan contains provisions regarding periodic reviews and upgrades to CAT that could lead to proposing additional data fields that are deemed important. In addition, the Commission noted that it had reviewed gap analyses that examine whether the CAT Data would contain all important data elements in current data sources, and that the Commission identified some potential data gaps. However, the Commission discussed the fact that the Plan provides that prior to the retirement of existing systems, CAT Data must contain data elements sufficient to ensure the same regulatory coverage provided by existing systems that are anticipated to be retired. The Commission discussed its expectation that, therefore, any missing elements that are material to regulators would be incorporated into the CAT Data prior to the retirement of the systems that currently provide those data elements to regulators.
See Notice, supra note 5, at Section IV.E.3.a for a discussion of adding new data fields and other requirements for upgrading the CAT Data after approval.
In the Notice, the Commission acknowledged that the Participants are continuing to study gaps between current regulatory data sources and the Plan as filed. See Notice, supra note 5, at 30680-81; see also SEC Rule 613—Consolidated Audit Trail (CAT) OATS-CAT Gap Analysis and SEC Rule 613—Consolidated Audit Trail (CAT) Revised EBS-CAT GAP Analysis, available at http://www.catnmsplan.com/gapanalyses/index.html .
See Notice, supra note 5, at 30680-81.
Three commenters questioned the benefits of timestamps in the Allocation Report. One of the commenters stated that a requirement to report allocation time would be “divorced from the goals of CAT.” Similarly, another commenter noted that allocation time would not provide the regulatory completeness benefit that the Commission is seeking because one likely definition would not capture what regulators would want. This commenter further argued that if the main regulatory purpose of including allocation timestamps is to detect cherry-picking, there could be alternate approaches that achieve the same result using existing data fields.
FSR Letter at 9; SIFMA Letter at 35; FIF Letter at 3-4, 11, 86-89.
SIFMA Letter at 35.
FIF Letter at 11.
FIF Letter at 89.
Three commenters suggested that the open/close indicator for equities would be a new data field. However, these comments did not address the benefits of the open/close indicator that the Commission discussed in the Notice.
FIF Letter at 84; TR Letter at 9; SIFMA Letter at 25.
One commenter discussed possible data gaps between CAT and current data sources. The commenter indicated that the OATS-CAT Gap Analysis, published in May 2015, is out of date because it does not reflect changes that have been incorporated into OATS since 2015 including additional fields to accommodate the Tick Size Pilot and ATS Order Book Reporting. The commenter also argued that gaps between OATS and CAT may widen further if changes to OATS continue to be made without corresponding changes to the CAT Plan for the initial phase. Furthermore, the commenter noted that other regulatory systems may indirectly impact CAT reporting requirements; for example, recent NYSE changes to the Account Type Indicator will require EBS changes, which in turn impacts CAT.
FIF Letter at 28-29.
FIF Letter at 29.
In their response, the Participants agreed with the Commission's analysis in the Notice and expressed their belief that there are benefits associated with including time-stamps in the Allocation Report, including the detection of allocation fraud. With respect to the open/close indicator, the Participants noted that this data field is not captured pursuant to current industry practices for equities or some options transactions. The Participants also responded to the comment regarding the OATS-CAT Gap Analysis, stating that the gap analysis has been updated by including newly-added data fields in these duplicative systems, such as the new OATS data fields related to the Tick Size Pilot and ATS Order Book Reporting changes.
Response Letter I at 37-38.
Response Letter I at 21-22.
Response Letter II at 21.
The Commission has considered the comments it received and the Participants' response regarding the potential benefits of the CAT NMS Plan in terms of data completeness. The Commission disagrees with the comments that allocation timestamps are outside the goal of CAT and that they will not provide the Commission with the regulatory benefit that it is seeking. As discussed in the Notice and below, the Commission believes that allocation time is an important data field because it is critical in investigations of violations such as market manipulation and cherry-picking, and because allocation time is currently more difficult to acquire than the other information on the Allocation Report. The inclusion of this data field will improve the efficiency and efficacy of enforcement investigations for regulators, and this benefit is one of the goals of the CAT NMS Plan. With respect to the commenter who argued that alternate approaches that do not rely upon allocation timestamps can be used to detect cherry picking, the Commission notes that the commenter's example requires an allocation time.
See Notice, supra note 5, at 30679; see also Section V.E.2.c(3), infra.
Regarding the possibility of data gaps between CAT and current data sources, the Commission recognizes that there may be other gaps between current regulatory data sources and the Plan, in addition to those that the Commission mentioned in the Notice. The Commission also recognizes that the number and the scope of these gaps can change over time due to new regulatory developments. However, as discussed above, the Participants have stated that they have completed the gap analysis. As set out in the Notice (and discussed above), the Plan specifically provides that, prior to the retirement of existing systems, CAT Data must contain data elements sufficient to ensure the same regulatory coverage as the coverage provided by these systems. Therefore, the Commission continues to believe that any missing elements that are important to regulators would be incorporated into the CAT Data prior to the retirement of the systems that currently provide these data elements.
See Section IV.D.9, supra.
The Commission is updating its analysis of these benefits to recognize two modifications to the Plan. First, modifications to the Plan to require the reporting of LEIs for Customers and Industry Members in certain circumstances should result in regulators having access to more complete information identifying Customers and Industry Members. Second, the Plan has been modified to eliminate the requirement to report an open/close indicator for equities and Options Market Markers. The inclusion of this indicator for equities and Options Market Makers would have assisted regulators in determining when an investor was buying to cover a short sale in equities or identifying whether options market makers engage in aggressive risk-taking trading. Such information would have been useful in detecting certain market manipulations, violations of rules such as Rule 105, short sale marking rules, and Rule 204. The Commission now notes that, due to the elimination of the requirement to report an open/close indicator for equities and Option Market Makers as part of CAT, these benefits will no longer be realized. However, the Commission is approving the Plan with this modification for the reasons discussed in Section IV.D.4.c, above.
See Section IV.D.4.a.(4) and Section IV.D.4.b.(2), supra, for a description of the LEI reporting requirements in the Plan.
b. Accuracy
In the Notice, the Commission analyzed the expected effect of the CAT NMS Plan on the accuracy of data available to regulators. The Commission preliminarily believed that the requirements in the CAT NMS Plan for collecting, consolidating, and storing the CAT Data in a uniform linked format, the use of consistent identifiers for Customers, and the focus on sequencing would promote data accuracy. However, in regard to certain Plan requirements, the Commission preliminary believed that improvements in data accuracy would be limited. For example, the Commission discussed its belief that the proposed clock synchronization requirements in the Plan would only lead to modest improvements in the percentage of sequenceable order events. Also, the Commission noted that the full extent of improvement that will result from the Plan was uncertain, because the Plan defers many decisions relevant to accuracy until the Plan Processor publishes the Technical Specifications and interpretations.
See Notice, supra note 5, at 30681-89.
Id.
See CAT NMS Plan, supra note 5, at Section 6.9.
(1) Definitions
As previously stated, the Plan defers many decisions relevant to accuracy until the Plan Processor publishes the Technical Specifications and interpretations. In particular, the CAT NMS Plan specifies that the “Technical Specifications shall include a detailed description of . . . each data element, including permitted values, in any type of report submitted to the Central Repository” and “the Plan Processor shall have sole discretion to amend and publish interpretations regarding the Technical Specifications.” In the Notice, the Commission explained that this leaves open precise definitions and parameters for the data fields to be included in CAT Data. Nonetheless, the Commission discussed its preliminary belief that the Plan provides some procedural protections to mitigate this uncertainty and help promote accuracy. For example, the Plan requires that, at a minimum, the Technical Specifications be “consistent with [considerations and minimum standards discussed in] Appendices C and D,” and that the initial Technical Specifications and any Material Amendments thereto must be provided to the Operating Committee for approval by Supermajority Vote. Further, all non-Material Amendments and all published interpretations must be provided to the Operating Committee in writing at least ten days before publication, and shall be deemed approved unless two or more unaffiliated Participants call the matter for a vote of the full Operating Committee.
Id. at Section 6.9(b)(v).
The CAT NMS Plan provides details regarding how the responsibility for these decisions would be shared between the Operating Committee and the Plan Processor, with the Plan Processor having responsibility for data definitions and interpretations. Id. at Section 6.9(c)(i).
For example, the Completeness section in the Notice noted that the open/close indicator for equities does not exist in current data sources. See Notice, supra note 5, at 30681. The accuracy of the open/close indicator for equities would have been subject to Plan Processor discretion, because the Plan Processor would have had responsibility for defining the permitted values and interpreting when CAT Reporters would use such permitted values and the Plan Processor would not have had guidance from previous data sources on how to define or interpret such a field.
See CAT NMS Plan, supra note 5, at Section 6.9(a). The Commission notes that the standards in Appendices C and D do not cover all decisions that would affect the accuracy of the data.
Id. at Section 6.9(c)(i).
The Commission received comments about the lack of definitions for data fields in the Plan such as the open/close indicator, allocation time, account type, and customer type. Commenters argued that it is currently uncertain whether the Plan Processor will select definitions that are the most beneficial to regulators. For example, one commenter suggested that allocation time may be challenging to define, stating that “the industry does not have a standard business flow which consistently captures time at the same point in the allocation process.” This commenter further pointed out that if allocation time is defined as the time the allocation is booked, “it will not provide the regulatory benefit expected by the SEC,” and provided an example of a way to detect allocation fraud using the time “when the allocation was submitted to move the shares into the intended subaccounts.” The Participants responded to the comments regarding the definitions of allocation time, account type, and customer type by saying that the definitions will be addressed in the Technical Specifications.
FIF Letter at 85.
TR Letter at 9; FIF Letter at 86.
TR Letter at 9.
TR Letter at 9.
FIF Letter at 86.
FIF Letter at 86, 89.
The Participants responded to the comments on open/close more generally by requesting that the Commission clarify that the open/close indicator should not apply to equities, and did not respond regarding the definition. As noted elsewhere, modifications to the Plan will remove the open/close indicator for equities. See Section IV.D.4.c, supra.
The Commission has considered the comments and believes they are consistent with the Commission's assessment in the Notice that leaving open precise definitions, parameters, and interpretations for the data fields to be included in CAT Data creates uncertainty about the full extent of improvements in data accuracy. The Commission is cognizant of the complexity of certain data fields, such as allocation time. These complexities mean that the accuracy of the data fields depends on Plan Processor discretion, because the Plan Processor would have responsibility for defining the permitted values and interpreting when CAT Reporters would use such permitted values, and sometimes would not have guidance from previous data sources on how to define or interpret such a field. Although the Commission agrees that uncertainty exists in the selection of data definitions and that definitions ultimately selected may not promote accuracy as much as certain alternatives, as discussed in Section V.G.4.a.(2), the Commission continues to believe that the existing process trades off the need for certainty with the benefits of an efficient process going forward. Further, for reasons discussed above in Section IV.B. and below in Section V.E.3.d, the Commission continues to believe that the Plan provides some procedural protections to mitigate this uncertainty and help promote accuracy.
See Notice, supra note 5, at n.537. While the Commission would ultimately be able to correct such misinterpretations, regulators may not detect such a misinterpretation until the misinterpretation harms an investigation, exam, or other analysis.
(2) Data Errors
In the Notice, the Commission discussed the fact that the CAT NMS Plan specifies a high-level process for handling errors that includes target Error Rates for data initially submitted by CAT Reporters and a correction process and timeline, but explained that it is difficult to conclude whether the Error Rates and processes in the CAT NMS Plan would constitute an accuracy improvement as compared to current data sources. Specifically, because the current OATS error rate is below 1% and the Plan states that 5% is an appropriate initial Error Rate, the Commission preliminarily believed that the initial percentage of errors in CAT would be higher than the current percentage of errors in OATS, though the OATS error rate may not be directly comparable to the Error Rate in the Plan. As discussed in the Notice, Error Rates for CAT Data may not be comparable to error rates in OATS because of the increased scope and level of linkages specified in the Plan and the new, large, and untested system.
Id. at 30681-82.
Id.
In the Notice, the Commission also discussed that the Plan contains some uncertainty about the level of the maximum Error Rate because the initial 5% rate is subject to a quality assurance testing period and subject to change again before each new batch of CAT Reporters are brought online. The Commission noted that in time, the rate could be lowered, but it also could be raised. Finally, the Commission discussed that the Plan specifies an error correction process and indicates that practically all errors identifiable by the validations used would be corrected by 8:00 a.m. ET on T+5, but that the Plan does not provide the level of detail necessary to verify whether the CAT validation process would run the same validations as OATS, whether current validations would be relevant, and what validations, if any, would be added.
Id.
Id.
Although the Commission received several letters regarding data error rates, only a few letters discussed the effect of Error Rates on the accuracy of CAT Data. While supporting the goal of a “de minimis” post correction error rate, one commenter suggested that the errors in CAT Data would not be “de minimis” even after the error correction process because OATS currently does not achieve “de minimis” errors. For example, this commenter stated that there are instances where errors cannot be corrected in OATS and gave true duplicates and non-reportable symbols as examples. The commenter stated that it is unreasonable to expect CAT Data to be any different than OATS data, especially because the industry has no experience with reporting and error correcting the new data types required by the Plan. Another commenter expanded on this concern by questioning why accuracy problems persist in OATS today and argued that the improvements to accuracy from the Plan depend on eliminating the inaccurate/problematic reporting that exists today.
See Section IV.D.11, supra for a complete summary of comments and the Commission's discussion of those comments. Further, the Commission responds to comments relevant to alternatives that would reduce error rates below in Section V.H.2, infra.
FIF Letter at 50-60; Anonymous Letter II at 2; SIFMA Letter at 6.
FIF Letter at 60.
FIF Letter at 55.
FIF Letter at 60.
Anonymous Letter II at 2.
Other commenters expressed uncertainty regarding whether CAT Reporters would be able to achieve the initial Error Rate of 5%. One commenter indicated that there is not enough information at this time to assess the Error Rate and that “Error Rate” is not specifically defined. Another commenter echoed this sentiment saying that there is no history of reporting error rates for options, market making, customer information, or allocations and the Plan provides “little or no information . . . regarding the types of errors that will be identified, and if and how those errors can be corrected.” The commenter also cited uncertainties related to the inexperience of some CAT Reporters, unknown interfaces, a lack of information on test tools and correction tool kits, and an unknown linkage logic.
FIF Letter at 50; SIFMA Letter at 6.
SIFMA Letter at 6.
FIF Letter at 50.
FIF Letter at 50.
Finally, one commenter agreed with the Commission's analysis that OATS error rates may not be directly comparable to a CAT Error Rate. In particular, this commenter stated that OATS would be a sufficient comparison base for equities data only, but not for options, allocations, Customer Information, or market making reporting.
FIF Letter at 55.
In response to the comments on uncertainty in the definition of Error Rate, the Participants disagreed, pointing to the current definition in the Plan and in Rule 613(j)(6). The Participants further stated that they intend to keep the definition of Error Rate the same as in Rule 613 and noted that it is the Compliance Thresholds that relate to the CAT reporting performance of individual CAT Reporters. In response to commenters expressing uncertainty about the ability to achieve the Error Rates, the Participants explained that they performed a detailed analysis that not only considered current and historical OATS error rates, but also considered the magnitude of the new reporting requirements and the fact that many CAT Reporters had never previously been obligated to report data for audit trail purposes. The Participants, however, acknowledged that actual experience with CAT itself will provide more accurate and applicable data for determining the appropriate Error Rate and pointed out that the Plan provides for various opportunities for the Error Rate to be reevaluated and reset.
Response Letter I at 45.
The Error Rate reports shall include each of the following—if the Operating Committee deems them necessary or advisable—“Error Rates by day and by delta over time, and Compliance Thresholds by CAT Reporter, by Reportable Event, by age before resolution, by symbol, by symbol type (e.g., ETF and Index) and by event time (by hour and cumulative on the hour)[.]” See CAT NMS Plan, supra note 5, at Section 6.1(o)(v).
Response Letter I at 46.
Response Letter I at 46.
The Commission has considered the comment letters received and the Participants' response and continues to believe that it is difficult to determine whether the Error Rates and processes in the Plan would constitute an accuracy improvement compared to current data. The Commission recognizes the uncertainty regarding the ability to achieve a “de minimis” post-correction Error Rate discussed by a commenter and notes that post-correction errors are the ones more pertinent to the accuracy of data used in regulatory activities. While the Commission is concerned with the effect of the post-correction Error Rate on accuracy, it notes that, while uncertain, the Plan does require the Plan Processor to perform validations within three specific categories: File Validations (confirmation that the file is received in the correct format); Validation of CAT Data (checks of format, data type, consistency, range/logic, data validity, completeness, and timeliness); and Linkage Validation (checking the “daisy chain”). Specifically, in regard to Linkage Validation, the Plan seems to require validations that are more comprehensive than what FINRA runs on OATS data, where, as stated in the Notice, significant error rates in event linking are common because there is no cross-participant error resolution process. Further, the OATS error types described in the Baseline above also suggest that the Plan's validations will be more comprehensive than the validations run on OATS data.
See CAT NMS Plan, supra note 5, at Appendix D, Section 7.2.
See Notice, supra note 5, at 30667.
See Section V.D.2.b(2)A, supra, which lists error types as rejects, unmatched exchange routes, inter firm received unmatched, inter-firm sent unmatched, out of sequence, and late reports.
The Commission agrees with the commenters that expressed uncertainty about whether CAT would be able to achieve the 5% initial Error Rate, but also agrees with the Participants' response. In the Participants' analysis, the Participants considered the magnitude of the new reporting requirements and the fact that many CAT Reporters had never previously been obligated to report data for an audit trail when they set the initial Error Rate. Furthermore, as mentioned in the Notice, the Plan provides for various opportunities for the Error Rate to be reevaluated and reset after CAT Reporters have more experience with CAT.
Id. at 30682.
Finally, the Commission agrees with the comment that OATS error rates may not be comparable to a CAT Error Rate because there is currently no reporting regime comparable to OATS for options, allocations, Customer Information, or market making reporting. In the Notice, the Commission discussed uncertainty in comparing OATS error rates to CAT Error Rates due, in part, to the increased scope of the CAT NMS Plan.
Id.
(3) Event Sequencing
A. Timestamp Granularity
In the Notice, the Commission discussed its preliminary belief that the minimum timestamp granularity required by the Plan would result in some improvement in data accuracy, but that the level of improvement could be limited. The CAT NMS Plan requires timestamps to the millisecond. This is consistent with Rule 613, which requires timestamps to reflect current industry standards and be at least to the millisecond. Further, pursuant to Rule 613, if a CAT Reporter's system already utilizes timestamps in increments less than the minimum required by the Plan, the CAT Reporter must record timestamps in such finer increments.
See CAT NMS Plan, supra note 5, at Section 6.8(b).
17 CFR 242.613(d)(3). This requirement does not apply to certain Manual Order Events, which are exempted from the requirement and are captured at one-second increments. Timestamp granularity on Manual Order Events is discussed separately in the Alternatives section.
Id.
As the Commission discussed in the Notice, many of the systems from which regulators currently obtain data already capture timestamps in increments of milliseconds or less, meaning that there would be no improvement in timestamp granularity as compared to those systems. However, to the extent that some current data sources report timestamps in increments coarser than a millisecond, which is the case for 12% of OATS records and all EBS records, the Commission noted that it expected the CAT millisecond timestamp requirement to improve data granularity, and thereby allow regulators to more accurately determine the sequence of market events relative to surrounding events. However, the Commission also explained that the benefits from the more granular timestamps could be limited by the level of clock synchronization required by the Plan. In particular, the Commission explained that timestamp granularity would not be the limiting factor in sequencing accuracy, because recording events with timestamps with resolutions of less than one millisecond cannot help to sequence events occurring on different venues with clocks that may be 100 milliseconds out of sync due to clock synchronization offsets. Therefore, the benefits of timestamping order events at increments finer than a millisecond would be limited without also improving the clock synchronization standards of the Plan.
For example, OPRA allows for timestamps in nanoseconds, and the other SIPs require timestamps in microseconds for equity trades and quotes. S ee Notice, supra note 5, at Section IV.D.2.b.(2).
Current OATS rules require timestamps to be expressed to the nearest second, unless the member's system expresses time in finer increments. As of September 2014, approximately 12% of OATS records contain timestamps greater than one millisecond. EBS records either do not contain times or express timestamps in seconds. Id.
For example, under the requirements in the Plan, an order event at Broker-Dealer A could have a timestamp that is 1 millisecond sooner than an order event at Broker-Dealer B even if the event at Broker-Dealer B actually occurred 99 milliseconds sooner. This could occur if Broker-Dealer A's systems are recording times 50 milliseconds ahead of NIST while Broker-Dealer B's systems are recording times 50 milliseconds behind NIST. Both broker-dealers' systems would be within the Plan's allowable clock synchronization tolerance.
The Commission discussed the benefits of the one second timestamp on manual orders and stated that it preliminarily believed that timestamp granularity of one second would be appropriate for manual orders, rather than a millisecond granularity, because recording Manual Order Events at the millisecond level would be ultimately arbitrary or imprecise due to human interaction.
See Notice, supra note 5, at 30684.
Two commenters thought that a millisecond timestamp would be sufficient to achieve improvements in event sequencing. One of these commenters suggested that requiring timestamps that are more granular than one millisecond for CAT Reporters who capture timestamps more granular than a millisecond would not yield regulatory benefits as it will result in a false sense of accuracy on event sequencing. An additional commenter did not support this requirement, stating that it would be inequitable and would not serve a regulatory purpose. On the other hand, two commenters supported the requirement that CAT Reporters report sub-millisecond timestamps if they capture them. One commenter stated their belief that timestamp granularity “should go hand-in-hand with how fast a market participant is allowed to conduct their HFT activities.” The other commenter stated that a “significant portion of today's trades occur at microsecond intervals,” and that the Plan's timestamp resolution “will be insufficient to show the precise time of the reportable activities.” The commenter further stated that “[f]or some practices, such as cancellations, stuffing, and other “noisy” behaviors, the Plan should “require a more precise granularity to more comprehensibly and accurately capture the frequency and scale of such practices.” One commenter stated their belief that stricter tolerances for the granularity of timestamps are already in effect at exchanges and ATSs that maintain an orderbook and did not believe it necessary to mandate timestamp tolerances for these entities since they already adhere to stricter tolerances for commercial reasons.
FIF Letter at 112; Data Boiler Letter at 21.
FIF Letter at 12.
SIFMA Letter at 35.
Data Boiler Letter at 21; Better Markets Letter at 8.
Data Boiler Letter at 21.
Better Markets Letter at 8.
Better Markets Letter at 8.
TR Letter at 7
Two commenters indicated that timestamp granularity and clock-offset tolerance for allocation timestamps should be at one second. One commenter argued that the benefits of allocation time would not require millisecond precision while three commenters argued that allocations are not time-critical.
SIFMA Letter at 35; FIF Letter at 87, 89.
FSR Letter at 9; SIFMA Letter at 35; FIF Letter at 89.
One commenter expressed that the irregularity in manual orders made it difficult to set a tolerance applicable to all manual orders and suggested that initially a timestamp tolerance of more than one second be allowed for manual orders. However, several other commenters stated that one second is a reasonable standard for manual orders.
Data Boiler Letter at 21-22.
FIF Letter at 115; SIFMA Letter at 34; Better Markets Letter at 8; Response Letter I at 38. However, Better Markets expressed the concern that gaming of the system could occur by writing algorithms to make automated orders appear as manual orders.
In their response, the Participants stated their belief that CAT Reporters should be required “to report timestamps to the CAT at the granularity at which they are captured, even if that is more granular than that required by the Plan.” They further stated their belief that capturing such granularity would increase the quality of data reported to the CAT. With respect to the timestamps on Allocation Reports, the Participants recognized the practical issues raised by requiring timestamps for Allocation Reports and proposed to amend the Plan to permit CAT Reporters to report allocation timestamps with a granularity of one second. With respect to manual order timestamps, the Participants stated that they continued to believe their proposed approach to Manual Order Events is appropriate.
Response Letter I at 28.
Response Letter I at 37.
Response Letter I at 38.
The Commission has considered the comment letters received and the Participants' response, and as discussed in more detail above, has amended the Plan so that Participants are required to adhere to a more stringent clock synchronization standard of 100 microseconds and allocation timestamps need only be reported in seconds instead of milliseconds. The Commission is updating its economic analysis to incorporate these modifications to the Plan. The Commission agrees with the commenter who pointed out that millisecond timestamps are insufficient to show the precise timestamp of certain activities and disagrees with commenters who stated that millisecond precision is sufficient to sequence events. As stated in the Notice, the Commission believes that a 1 millisecond timestamp granularity offers benefits over the Baseline, but that a more granular timestamp requirement, coupled with a more stringent clock synchronization requirement, would be needed to completely sequence the majority of unrelated market events. In response to the commenters who questioned the benefits of reporting the sub-millisecond timestamps if CAT Reporters capture them, the Commission agrees with the Participants that such a requirement will increase the quality of data reported to the CAT.
See Section IV.D.13, supra.
Modifications to the Plan now require Participants to adhere to a more stringent clock synchronization standard of 100 microseconds (or less), and CAT Reporters to record timestamps in finer increments than 1 millisecond if their systems utilize timestamps in such finer increments. Because, as discussed above, Participants already operate pursuant to a clock synchronization standard of 100 microseconds with regard to their electronic systems, and because many Participants already report timestamps in microseconds and nanoseconds in their direct feeds and are currently required to report timestamps in microseconds for equity trades and quotes, the Commission does not believe the clock synchronization amendment to the Plan will result in large accuracy improvements over current standards for timestamp granularity. However, the Commission is approving the Plan without further modifications for the reasons discussed in Section IV.D.13, above.
See Section IV.D.13.a(1), supra.
In the Notice, the Commission did not explicitly consider timestamp granularity or clock synchronization standards for timestamps in Allocation Reports. However, in response to comments and modifications to the timestamp on Allocation Reports, the Commission now analyzes whether the modifications limit the improvements to accuracy. Based on the experience of its Staff, the Commission understands that allocations are conducted after a trade and that the allocation time can aid regulators in ways that do not require millisecond-level timestamps (or 50 millisecond clock offset tolerance). Further, the Commission agrees with the commenter's argument that allocations are not time-sensitive and the benefits from allocation timestamps do not require millisecond precision. Therefore, the Commission believes that requiring allocation times to be recorded in milliseconds (with 50 millisecond offset tolerance) compared to seconds (with one second tolerance) would provide little, if any, additional regulatory benefit. Therefore, the Commission does not believe that this modification materially reduces the improvements to accuracy.
B. Clock Synchronization
In the Notice, the Commission discussed its belief that the clock synchronization standards in the CAT NMS Plan are reasonably designed to improve the accuracy of market activity sequencing, but that the improvements to the percentage of sequenceable order events by Plan standards are modest and the requirements of the Plan may not be sufficient to completely sequence the majority of market events relative to all other events. In particular, the Commission conducted an analysis using MIDAS data that found that the current FINRA one-second clock offset tolerance allows only an estimated 1.31% of unrelated order events for listed equities and 6.97% of unrelated order events for listed options to be sequenced. By comparison, the proposed 50 millisecond clock offset tolerance could accurately sequence an estimated 7.84% of unrelated order events for listed equities and 18.83% of unrelated order events for listed options. Also, by comparison, the analysis found that a 100 microsecond clock offset tolerance, if applied to all reporters, could accurately sequence an estimated 42.47% of unrelated order events for listed equities and 78.42% of unrelated order events for listed options. In the Notice, the Commission discussed its preliminary belief that the analysis suggests the standards required by the Plan do represent an improvement over the current standard but that the majority of unrelated market events would remain impossible to sequence based on the Plan's required clock synchronization standards.
See Notice, supra note 5, at 30669 for a definition of unrelated order events as it relates to this analysis and the analysis described there.
Id. at 30683. The Commission discussed that these estimates were upwardly biased.
Id. The Commission discussed that these estimates were upwardly biased.
A 100 microsecond clock offset tolerance will now be required of Participants due to an amendment to the Plan.
The Commission noted that the Plan itself states “[f]or unrelated events, e.g., multiple unrelated orders from different broker-dealers, there would be no way to definitively sequence order events within the allowable clock drift as defined in Article 6.8,” and that this limitation “in turn limits the benefits of CAT in regulatory activities that require event sequencing, such as the analysis and reconstruction of market events, as well as market analysis and research in support of policy decisions, in addition to examinations, enforcement investigations, cross-market surveillance, and other enforcement functions.” See Notice, supra note 5, at 30683.
The Commission also discussed in the Notice that, independent of the potential time clock synchronization benefits, order linking data captured in CAT should increase the proportion of order events that are accurately sequenced. This is because some records pertaining to the same order can be sequenced by their placement in an order lifecycle (e.g., an order submission must have occurred before its execution) without relying on timestamps.
See Notice, supra note 5, at n. 555.
Although the Commission received several comment letters related to clock synchronization, which are discussed in detail in Section IV.D.13.a above, only two letters commented on the effects of clock synchronization standards on event sequencing. Both commenters agreed with the Commission's assessment that provisions in the CAT NMS Plan related to event sequencing would provide improvements in accuracy compared to what is currently achievable. However, one of these commenters further stated their belief that unrelated events may not be sequenceable and stated that it is unclear what the regulatory relevance is of sequencing unrelated events across market centers. The commenter went on to say that there was no evidence that lower clock synchronization tolerances would increase the accuracy of the audit trail; however, the commenter also stated that “more precise timestamps provided by exchanges may be of benefit to the audit trail as corroborating evidence when sequencing events that terminate at an exchange.”
FIF Letter at 97-111; Data Boiler Letter at 31.
FIF Letter at 101; Data Boiler Letter at 31.
FIF Letter at 101.
FIF Letter at 111.
FIF Letter at 98.
The Commission has considered the comment letters received, the Participants' response, and amendments to the Plan. As explained below, the Commission continues to believe that requirements in the Plan related to event sequencing would provide improvements in accuracy compared to what is currently achievable, but that improvements are modest and the requirements to the Plan may not be sufficient to completely sequence the majority of market events relative to all other events. Orders sent from different broker-dealers to different CAT Reporters can only be sequenced in CAT Data according to their timestamp. If the clocks of CAT Reporters are not synchronized with sufficient precision, it is impossible to definitively sequence these events. The Plan acknowledges this limitation and states, “[f]or unrelated events, e.g., multiple unrelated orders from different broker-dealers, there would be no way to definitively sequence order events within the allowable clock drift as defined in Article 6.8.” The Commission disagrees with the comment that sequencing unrelated market events has no regulatory relevance. As discussed in the Notice, the ability to sequence market events is crucial to the efficacy of detecting and investigating some types of manipulation, particularly those involving high frequency trading, those in liquid stocks in which many order events can occur within microseconds, and those involving orders spread across various markets. The Commission also disagrees with this commenter's assessment that more stringent clock synchronization standards would not increase the accuracy of the audit trail. As demonstrated by the Commission's analysis in the Notice, if clock synchronization standards were made more stringent, some of the many market events at separate market centers that occur within small time windows would become sequenceable, which would increase the accuracy of the audit trail.
See CAT NMS Plan, supra note 5, at Appendix C-25.
As discussed in more detail above, the Commission has amended the Plan so that Participants are required to adhere to a more stringent clock synchronization standard of 100 microseconds with regard to electronic systems, excluding certain manual systems. In the Participants' response, they noted that all Participants currently operate pursuant to a clock synchronization standard of 100 microseconds with regard to their electronic systems, so that the amended requirement is already met by the Participants. In addition, as discussed in more detail above, the Commission has approved a proposed rule change by FINRA that reduces the synchronization tolerance for computer clocks of firms that record events in NMS Securities to 50 milliseconds. Because broker-dealers that are FINRA members are currently required to adhere to a clock synchronization standard of 50 milliseconds, and because Participants already adhere to a clock synchronization standard of 100 microseconds, the Commission does not believe the 50 millisecond clock synchronization requirement of CAT Reporters and the more stringent clock synchronization requirement of 100 microseconds for Participants, as specified in the amended Plan, would substantially change the ability of regulators to accurately sequence unrelated market events over what is currently achievable using timestamps alone. However, the Commission is approving the Plan without further modifications for the reasons discussed in Section IV.D.13, above. Further, to the extent CAT captures more events than are currently captured, such as CAT Reportable Events by broker-dealers that are not FINRA members (see Section V.E.1.a.(1)), regulators will be able to accurately sequence a proportion of those events, which will increase the overall number of sequenced events. In addition, the Commission continues to believe that, independent of the potential clock synchronization benefits, the order linking data that would be captured by the CAT should increase the proportion of events that could be sequenced accurately.
See Section IV.D.13, supra.
Response Letter II at 4-5.
See Section IV.D.13.a(1), supra.
See Securities Exchange Act Release No. 77565 (April 8, 2016), 81 FR 22136 (April 14, 2016).
Although not currently required in the Plan, the Commission believes there would be additional benefit to event sequencing if off-exchange execution venues, including alternative trading systems and broker-dealer internalizers, were required to adhere to a more stringent clock synchronization standard. As discussed in Section IV.D.13.a, the Commission understands that certain Industry Members, such as ATSs and broker-dealers that internalize off-exchange order flow, today adhere to a finer clock synchronization standard. As the Participants conduct their annual reviews, the Commission expects them to consider proposing new clock synchronization standards whenever they determine the industry standard for CAT Reporters, or certain categories or systems thereof, has become more granular than required by the Plan at that time. In determining the appropriate industry standards for clock synchronization, the Commission has amended the Plan so that the SROs should apply industry standards based on the type of CAT Reporter or system, rather than the industry as a whole. Varied requirements would segment the broker-dealer community, and one commenter stated a desire to “avoid unnecessary market segmentation” with regard to clock synchronization. See FSR Letter at 8. See also Section IV.D.13.a(1), supra. The Commission notes, however, that these venues are already segmented with respect to their position within the broker-dealer and also with respect to other broker-dealers that do not provide these services.
Note that broker-dealers that are not FINRA members are not subject to FINRA's clock synchronization requirements and do not submit reports to OATS. Currently, their activity, to the extent it is captured, is captured and timestamped by exchanges and other FINRA members that receive their orders.
As discussed in the Notice, this reflects the fact that some records pertaining to the same order could be sequenced by their placement in an order without relying on timestamps. This information may also be used to partially sequence surrounding events. See Notice, supra note 5, at n.555.
(4) Linking and Combining Data
In the Notice, the Commission discussed its preliminary belief that the requirements of Rule 613 and the Plan related to data linking would result in improvements to the accuracy of the data available to regulators, but the extent of the improvement would depend on the accuracy of the linking algorithm and the reformatting process that the Plan Processor would eventually develop. Specifically, the Commission discussed its belief that the requirement that data be stored in a uniform format would eliminate the need for regulators to reformat the data, and that storing data in a linked format removes the need for regulators to link information from multiple lifecycle events of an order or orders themselves, which could further reduce errors and increase the usability of the data. Furthermore, the Commission discussed its belief that the Plan would significantly improve the ability of regulators to link order events compared to OATS, and would link this activity to specific customers, unlike current audit trail data. However, the Commission also noted that the CAT NMS Plan does not provide sufficiently detailed information for the Commission to estimate the likely error rates associated with the linking process required by the CAT NMS Plan. Accordingly, while the centralized linking should generally promote efficiencies and accuracies, the Commission stated that these uncertainties make it difficult to gauge the degree to which the process for linking orders across market participants and SROs would improve accuracy compared to existing data, including OATS.
While the 5% Error Rate covers data from CAT Reporters, the Plan Processor could create errors as well, for example, through the linking process. Further, the Plan does not include details on how the Plan Processor would perform the linking process, identify broken linkages, and seek corrected reports from CAT Reporters to correct broken linkages. Instead, the Plan defers key decisions regarding the validation process until the selection of a Plan Processor and the development of Technical Specifications. The CAT NMS Plan describes the Plan Processor's responsibility for creating the Technical Specifications. See CAT NMS Plan, supra note 5, at Section 6.9.
The Commission notes that the Plan Processor is required to create a quality assurance testing environment in which, during industry-wide testing, the Plan Processor provides linkage processing of data submitted, the results of which are reported back to Participants and to the Operating Committee for review. Id. at Appendix D, Section 1.2. This may help identify challenges in the linking process and allow for their early resolution.
The Commission also explained that uncertainties prevented it from determining whether the process for converting data into a uniform format at the Central Repository would improve the accuracy of the data over existing audit trail accuracy rates. The Plan includes two alternative approaches to data conversion. In the first, called Approach 1, CAT Reporters would submit data to the Central Repository in an existing industry standard protocol of their choice such as the Financial Information eXchange (“FIX”) protocol. In Approach 2, CAT Reporters would submit data to the Central Repository in single mandatory specified format, such as an augmented version of the OATS protocol. Under Approach 1, the data must be converted into a uniform format at the Central Repository in a second step. Under Approach 2, the data is already in a uniform format at the time of submission. The Plan defers the decision regarding which approach to take until the selection of a Plan Processor and the development of Technical Specifications. The Commission explained its preliminary belief that Approach 1 would likely result in a lower Error Rate than Approach 2 because of increased efficiency and accuracy due to specialization by the Plan Processor. However, because of uncertainties regarding expected Error Rates and error rates in current data, the Commission was unable to evaluate the degree to which the approach would improve data accuracy relative to currently available data.
See Notice, supra note 5, at 30686.
Id.
Id.
The Commission also discussed its belief that the Plan's requirement for standardized Allocation Reports that consistently and uniquely identify Customers and CAT Reporters should improve the linkability of allocation information compared to current data, despite the limitation of direct linkage to order lifecycles, particularly in scenarios where potentially violative conduct is carried out by market participants operating through multiple broker-dealers. The Commission stated that this moderate improvement in the linkability of allocation data should improve regulators' ability to identify market participants who commit violations related to improper subaccount allocations.
Id.
The Commission received two comment letters that agreed with the Commission's assessment that Plan provisions related to data linking would increase the overall accuracy of data available to regulators. One of these commenters stated that, “the provisions in the CAT NMS Plan (linkage requirements, daisy chains, Firm Designated ID) will result in a more complete and accurate linking of order events across market participants and SROs.” The other commenter agreed that data accuracy would improve.
FIF Letter at 96.
Data Boiler Letter at 31.
Commenters also opined on whether data should be stored in a standardized format and on the relative economic effects of different approaches to data ingestion formats. One commenter stated that the Plan's requirement to store data in a standardized format would increase accuracy within that format, but on the other hand, transformation by CAT Reporters could introduce errors during the data submission process. The commenter further stated that using original data reduces the chance of introducing noise. Several commenters indicated that existing and widely used formats or protocols for data ingestion would promote better data accuracy. Some also noted that without a uniform data ingestion format, data quality would suffer.
Data Boiler Letter at 31.
Data Boiler Letter at 18.
FIF Letter at 90-91; FIX Letter at 1; ICI Letter at 13; Better Markets Letter at 7-8.
Better Markets Letter at 7-8; UnaVista Letter at 2-3.
The Commission received one comment related to the ability to link allocations under the Plan. Specifically, the commenter stated that an allocation report is “undeniably useful for analytic[al] purpose[s],” but noted challenges in linking account and subaccount information to which an execution is allocated.
Data Boiler Letter at 24-25.
The Commission has considered the comment letters received, and continues to believe that the requirements of the Plan related to data linking would result in improvements to the accuracy of the data available to regulators. The Commission agrees with the commenter who stated that transforming data into a uniform format can introduce errors, but the Commission believes such errors will be less common and severe than those introduced currently by multiple regulators independently linking together many different data sources with different formats. The Commission agrees with the commenters that stated requiring existing and widely used formats for data ingestion would promote the accuracy of data. Because the Plan does not mandate an ingestion format, uncertainty exists as to what ingestion format (or formats) will be required and whether the ingestion format(s) ultimately selected will promote accuracy as much as alternatives. The Commission acknowledges this uncertainty. In response to the commenters that stated that data quality would suffer without a uniform data ingestion format, as specified in Approach 2, the Commission continues to believe that the benefits to data accuracy are potentially greater using Approach 1, where data is ingested in an existing industry standard protocol of the submitter's choice and subsequently converted to a uniform format at the Central Repository. The Commission believes this approach is more likely to benefit data accuracy because, as stated by a commenter, allowing the use of original data eliminates the introduction of errors and specialization by the Plan Processor should keep to a minimum the number of errors introduced during the conversion process.
See Section V.D.2.b.(2).C, supra.
With regards to the commenter who noted the challenges in linking allocation and sub-account information with executions using the Plan's approach, the Commission agrees that this approach may result in certain drawbacks, such as having access to less accurate allocation linkages compared to the approach under Rule 613, which required a link between allocations and executions. However, the Commission continues to believe, as set out in the Notice, that the Plan's Allocation approach will provide regulators with the necessary information to detect abuses in the allocation process without placing undue burdens on broker-dealers.
In the Notice, the Commission discussed an alternative that would require the Rule 613 approach to allocation reporting linking. The Commission stated that linking allocations to order lifecycles would improve accuracy for many situations, particularly in one-to-one, one-to-many, and many-to-one allocations. Further, the Commission explained that broker-dealers likely already maintain records that allow them to ensure that the allocations receive fair prices based on market executions, and requested comment on whether those systems could provide a key to accurately link allocations to lifecycles in many-to-many allocations. See Notice, supra note 5, at 30757-58. One commenter, however, stated that the “many-to-many relationships [between executions and allocations] do not allow unique linkages for all situations.” See FIF Letter at 90. This commenter did not refute the accuracy improvements that could come from linking allocations to order lifecycles. Another commenter opined that broker-dealers should and can track order allocation information, including in the many-to-many situation. See Data Boiler at 40. Therefore, the Commission continues to believe that such linking would be beneficial relative to the Plan. However, the Commission also believes that allocation linking would be costly to implement, a belief supported by the commenter who provided additional information on the source of such costs. See FIF Letter at 90.
(5) Customer and Reporter IDs
In the Notice, the Commission discussed its preliminary belief that the inclusion of the unique Customer and CAT Reporter Identifiers described in the CAT NMS Plan would increase the accuracy of customer and broker-dealer information in data regulators use and provide benefits to a broad range of regulatory activities that involve audit trail data. The Commission explained that it is currently difficult for regulators to identify the trading of a single customer across multiple market participants because many existing data sources use inconsistent definitions and mappings across market centers. In addition, the Commission discussed how the Customer Information Approach specified in the CAT NMS Plan requires the Plan Processor to create a unique Customer-ID that would be consistent across that Customer's activity regardless of the originating broker-dealer. The Commission discussed its preliminary belief that the Customer-ID approach constitutes a significant improvement relative to the Baseline because it would consistently identify the Customer responsible for market activity, obviating the need for regulators to collect and reconcile Customer Identifying Information from multiple broker-dealers.
See Notice, supra note 5, at 30686-88.
Id.
Id.
Also, in the Notice, the Commission discussed the challenges that regulators face in tracking broker-dealers' activities across markets due to inconsistent identifiers and a lack of a centralized database. The CAT NMS Plan calls for the use of CAT-Reporter-IDs, which would be assigned to each CAT Reporter by the Plan Processor in the CAT Data. In the Notice, the Commission stated that it preliminarily believed that the existing identifier approach specified in the CAT NMS Plan would improve the accuracy of tracking information regarding entities with reporting obligations, namely broker-dealers and SROs.
Id.
Id.
One commenter stated that there are “flaws to the approaches of CAT Customer and Reporter Identifiers, thus it has little benefit to improve the accuracy of information.” The commenter, however, did not list these flaws and did not provide specific reasons why the identifiers would not improve data accuracy. Another commenter stated that assigning a unique ID to “every person that ever trades a security” could render the data difficult to use, and that greater difficulties could arise from allowing broker-dealers to assign their own unique customer IDs. However, the commenter did not specify in detail what difficulties would arise or why the data would be difficult to use. That commenter noted that unique IDs for every client might be unnecessary, and suggested applying them only to those with a certain threshold of trading activity. Two commenters suggested that the use of the LEI would improve the accuracy of Customer Identifying Information. One commenter suggested that using LEIs would allow market participants to be “easily identified,” and also suggested that the LEI should be used to identify customers in conjunction with other recognized personal identifiers, to promote accurate identification. Another stated that using the LEI would allow for “unambiguous identification” of entities submitting information to the CAT system and would allow the SEC “to be clear about the identity of entities it is monitoring.”
Data Boiler Letter at 31.
Anonymous Letter I at 3.
Anonymous Letter I at 3.
UnaVista Letter at 3.
SIFMA Letter at 37.
In their response, the Participants stated that, based on discussions with the DAG, they agreed with the commenters that it would be reasonable to require an Industry Member to provide its own LEI and the LEIs of its customers to the CAT if the Industry Member has or acquires such LEIs. As discussed above, the Commission agrees with the commenters and the Participants and has modified the Plan to require the reporting of LEIs for Customers and Industry Members in certain circumstances.
Response Letter II at 5.
See Sections IV.D.4.a.(4) and IV.D.4.b.(2), supra, for a description of the LEI reporting requirements in the Plan.
The Commission has considered the comment letters received, the Participants' response, and modifications to the Plan. The Commission believes that limiting unique customer IDs to clients meeting a certain threshold of trading activity would significantly limit the benefits of the Plan in terms of accuracy. As discussed in more detail below, the Commission expects consistent Customer IDs to improve the ability of regulators to identify insider trading, manipulation and other potentially violative activity. The commenter that stated that assigning a unique ID to “every person that ever trades a security” could render the data difficult to use did not explain in detail what difficulties might arise. Similarly, the commenter that suggested that the accuracy benefits of the Plan would be limited due to “flaws to the approaches of CAT Customer and Reporter Identifiers” likewise did not provide any details as to these flaws or how they would affect the accuracy of the CAT Data. In light of the lack of specificity in these comment letters, the Commission continues to believe that the inclusion of unique Customer and Reporter Identifiers as described in the CAT NMS Plan would increase the accuracy of customer and broker-dealer information in data used by regulators.
Anonymous Letter I at 3.
See Section IV.E.2.c., infra.
Anonymous Letter I at 3.
Data Boiler Letter at 31.
The Commission is, however, updating its economic analysis to recognize modifications to the Plan to require the reporting of LEI as part of the Customer Identifying Information if the Customer has an LEI and the Industry Member has collected it, and as a part of identifying information for Industry Members in addition to the CRD number, if the Industry Member has an LEI. Currently, none of the sources of trade and order data discussed above in the Baseline include LEIs for Customers or Industry Members. Based on information provided by commenters who suggested the inclusion of LEI, supplemented by Commission Staff experience, the Commission believes that the inclusion of an LEI in CAT Data will improve the accuracy of CAT Data by enabling the linking of the data to other data sources such as foreign jurisdictions and domestic data not included in CAT at this time (e.g., futures and security-based swaps), as LEIs become more widely used by regulators and the financial industry. In addition, the Commission expects the modification to improve the accuracy of the data by providing more information about the identities of Industry Members and Customers, including—as the LEI system starts to collect parent and subsidiary information—their relationships with other entities. The Commission notes, however, that the benefits of the LEI information will be limited insofar as the reporting of an LEI is required for Industry Members only where the Members already have an LEI, and for Customers only where the Customer has an LEI and the Industry Member has or acquires the LEI.
See Sections IV.D.4.a and IV.D.4.b, supra.
SIFMA Letter at 36-37; DTCC Letter at 1-6; UnaVista Letter at 3; Better Markets Letter at 8; Data Boiler Letter at 22.
SIFMA Letter at 37.
See Sections IV.D.4.a.(4) and IV.D.4.b.(2), supra.
(6) Aggregation
In the Notice, the Commission discussed its belief that most CAT Data would be disaggregated data and that therefore the CAT Data would not suffer from the limitations of the aggregated data sources that regulators must currently use. Currently, subaccount allocation data and issuer repurchase data exist in forms that are aggregated and thus these data sources are limited for use in certain regulatory activities and interests. In particular, neither data type may necessarily indicate the individual executions. The Commission discussed its preliminary belief that the CAT NMS Plan would improve the accuracy of allocation data compared to existing data available to regulators, because it would provide disaggregated information on the identity of the security, the number of shares and price allocated to each subaccount, when the allocation took place, and how each Customer subaccount is associated with the master account. This would more accurately reflect which Customer ultimately received the shares that were purchased in a particular trade. The Commission anticipated that regulators may use CAT Data for some purposes that they use cleared data for now because the CAT Data would be significantly less aggregated. Finally, the Commission discussed its belief that because the Plan would require that the Plan Processor link Customer information to the order lifecycle and the report would identify as Customers those issuers that are repurchasing their stock in the open market, CAT Data would be more accurate and more granular and there would be more data than what is available currently for open market issuer repurchases, which consists of monthly aggregations of those issuer repurchases.
See Notice, supra note 5, at 30688-89.
Id. at Section IV.D.2.b.(2)E. Item 703 of Regulation S-K requires issuers to report aggregated issuer repurchase data to the Commission on an annual and quarterly basis in Forms 10-K and 10-Q. 17 CFR 229.703.
See CAT NMS Plan, supra note 5, at Section 6.4(d)(iv).
The Commission did not receive any comments regarding its analysis of data aggregation in the Notice, the Participants' response did not specifically address its analysis of data aggregation, and the Commission does not believe that modifications to the Plan warrant changes to this aspect of the economic analysis. The Commission continues to believe that CAT Data would constitute an improvement over current data sources because it would be disaggregated data that would not suffer from the limitations that characterize some of the aggregated data sources that regulators must currently use. Specifically, the Commission continues to believe that the Plan would promote more effective and efficient investigation by regulators of subaccount allocation issues and issuer repurchase activity.
c. Accessibility
In the Notice, the Commission discussed its belief that the Plan, if approved, would substantially improve the accessibility of regulatory data by providing regulators with direct access to the consolidated CAT Data, including some data elements that currently take weeks or months to obtain. However, the Commission also explained that there is some uncertainty regarding the process for regulatory access under the Plan, which creates uncertainty as to the degree of the expected improvement.
Accessibility refers to “how the data is stored, how practical it is to assemble, aggregate, and process the data, and whether all appropriate regulators could acquire the data they need.” See Notice, supra note 5, at 30689.
Id. at 30689-91.
(1) Direct Access to Data
The Commission recognized in the Notice that improving accessibility of regulatory data relative to the Baseline requires ensuring that enough SRO and Commission Staff members are able to use the direct access system supplied by the Central Repository when they need it. The Commission discussed its belief that the ability to use the direct access system depends, among other things, on how user-friendly the system is, whether it has enough capacity for the expected use of the system, and whether it contains the functionality that the SRO and Commission Staff require. However, the Commission preliminarily believed that “the minimum requirements for the direct access system ensure that the Plan will improve on the Baseline of access to current data, including the process of requesting data.
Id. at 30689.
In the Notice, the Commission discussed in detail the minimum functional and technical requirements, as set out in Appendix D of the Plan. In terms of capacity, the Commission noted, among other things, that the Central Repository must be able to support a minimum of 3,000 regulatory users within the system, 600 of which might be accessing the system concurrently (which must be possible without an unacceptable decline in system performance). In terms of functionality, the Commission noted that two types of query interfacing must be supported—an online targeting query tool and a user-defined direct query tool that allows for bulk extraction. The Commission further noted that all queries must be able to be run against raw (i.e., unlinked) or processed data, or both, and that a variety of minimum performance metrics apply to those queries.
Id. at 30689-90, citing CAT NMS Plan, supra note 5, at Appendix D, Section 8.
The Commission further explained that the online targeting query tool must include a date or time range, or both, and allow users to choose from a broad menu of 26 pre-defined selection criteria (e.g., data type, listing market, size, price, CAT-Reporter-ID, Customer-ID, or CAT-Order-ID), with more to be defined at a later date. Results must be viewable in the tool or downloadable in a variety of formats and support at least a result size of 5,000 or 10,000 records, respectively, with a maximum result size to be determined by the Plan Processor. With the user-defined direct query or bulk extraction, CAT must be able to support at least 3,000 daily queries, including 1,800 concurrently, and up to 300 simultaneous query requests, with no performance degradation. See Notice, supra note 5, at 30689-90.
The Commission noted that the direct access facilitated by provisions of the CAT NMS Plan is reasonably designed to substantially reduce the number of ad hoc data requests and provide access to substantial data without the delays and costly time and knowledge investments associated with the need to create and respond to data requests. The Commission believed that this would dramatically reduce the hundreds of thousands of requests that regulators must make each year in order to obtain data, thus reducing the burden on the industry. For example, the Commission noted that regulators do not have direct access to EBS or trade blotter data and therefore they must request such data when needed for regulatory tasks. As a result, in 2014 the Commission made 3,722 EBS requests that generated 194,696 letters to broker-dealers for EBS data. Likewise, the Commission understood that FINRA requests generate about half this number of letters. In addition, the Commission noted that for examinations of investment advisers and investment companies, it makes approximately 1,200 data requests per year. The Commission also discussed its belief that, in addition to decreasing the amount of time currently required for regulators to access data sources, direct access to the CAT Data should decrease the costs that many regulators and market participants incur in either requesting data or fulfilling requests for data. Furthermore, the Commission discussed its belief that the Plan would also permit regulators to directly access customer information, which could improve the ability of SROs to conduct surveillance.
Id. at 30690.
Id.
The Commission also discussed its belief that in some dimensions of accessibility, uncertainties exist that could affect the degree of the expected improvement to accessibility. In particular, while the Plan provides detail on the method of access and the types of queries that regulators could run, many of the decisions regarding access have been deferred until after the Plan Processor is selected and finalizes the Technical Specifications. For instance, decisions regarding exactly how regulators would access the data beyond providing them with query tools; how user-friendly these tools will be; whether the Plan Processor would host a server workspace that regulators could use; and whether regulators can perform dynamic searches, data extraction, and offline analysis have not yet been decided. Nonetheless, the Commission stated that the requirements included in the Plan describe a system that, once implemented, would result in the ability to query consolidated data sources, which represents a significant improvement over the currently available systems. This substantial reduction in data delays and costly data investments would permit regulators to complete market reconstructions, analyses, and research projects, as well as investigations and examinations, more effectively and efficiently, and would lead to improved productivity in the array of regulatory matters that rely on data, which should lead to improved investor protection.
Id. at 30691.
Id.
One commenter argued that “the online targeted query tool and user-defined direct queries and bulk extracts methods will not enable regulatory staff to use the data.” This is because these methods do not embed real-time analytics that would allow the system to automatically red-flag suspicious trade activities. The same commenter agreed that the direct access regulators will have to CAT Data “would help reduce the number of ad-hoc data requests.” The commenter estimated that such a reduction in the number of data requests would result in cost savings of “about 5%, but definitely not over 10%.” However, the commenter did not provide any additional information or details to support that estimate.
Data Boiler Letter at 26.
Data Boiler Letter at 10-13.
Data Boiler Letter at 31.
Data Boiler Letter at 38.
A second commenter also agreed that the reduction in ad hoc data requests would result in cost savings, stating that the costs associated with responding to EBS requests “will be reduced over time as regulators would no longer need to make EBS inquiries for data that already resides in CAT.” However, that commenter did not provide any specific estimates of these savings.
FIF Letter at 34-35.
Two commenters agreed with the Commission that there is some uncertainty regarding the process for regulatory access to CAT Data. In particular, one commenter stated that the Plan does not provide details of the technical or procedural mechanisms on how the regulators will access the online targeted query tool or submit user-defined direct queries. The commenter noted that the Plan does not provide any specifics on the types of technologies or systems that would be required for regulators to download the data or connect to the API to be made available by the Plan Processor. Furthermore, the commenter pointed out that although the Plan Processor is required to support a minimum of 300 simultaneous query requests with no performance degradation, the Plan does not define a baseline performance for dynamic search against which the performance degradation could be compared. The commenter noted that the Plan requires the Plan Processor to provide such details at least six months before the Participants begin reporting data to the Central Repository. The commenter stated that there is a risk that six months will be insufficient for regulators to implement any changes necessary in order to be able to use the tools offered by the Plan Processor, and that this could delay regulators' ability to access the CAT Data. The other commenter noted generally that there are insufficient details regarding how regulators would access, use and analyze CAT Data, and how regulators' end-use requirements would be addressed.
SIFMA Letter at 32, 39-41; Data Boiler Letter at 26.
SIFMA Letter at 39.
SIFMA Letter at 41.
SIFMA Letter at 40.
SIFMA Letter at 39.
Id.
Data Boiler Letter at 26.
In their response, the Participants argued that the Plan does provide sufficient detail regarding regulatory access to CAT Data. In particular, the Participants noted that Section 8 of Appendix D of the Plan describes various tools that will be used for surveillance and analytics. In addition, the Participants noted that the Plan states that the Plan Processor will provide an open API that allows regulators to use analytic tools and will permit regulators to use ODBC/JDBC drivers to access the CAT Data.
Response Letter I at 42.
Response Letter I at 42, citing CAT NMS Plan, supra note 5, at Appendix D, Section 8.2. A discussion of the types of data tools that Bidders proposed to support can be found in Appendix C, Section A.2(b) of the Plan. ODBC (Open Database Connectivity) is an open standard API (Application Programming Interface) for accessing a database. JDBC (Java Database Connectivity) is an API for the programming language Java, which defines how a client may access a database.
The Commission has considered the comments it received regarding the potential benefits of the CAT NMS Plan in terms of the accessibility of regulatory data, as well as the Participants' response. Commenters did not provide any additional information or analysis that changes the Commission's conclusions as set out in the Notice, and there have been no modifications to the Plan that would warrant changes.
With respect to the comment that an online targeted query tool and a user-defined direct query tool will not enable regulatory Staff to use CAT Data, the Commission disagrees with the commenter's assertion that regulators cannot benefit from direct access to CAT Data unless CAT embeds real-time analytics. In the Notice, the Commission discussed two ways in which regulators could benefit from having direct access to CAT Data facilitated by the availability of an online targeted query tool and a user-defined direct query tool. First, direct access to CAT Data could substantially reduce the number of ad hoc data requests and decrease the costs that many regulators currently incur in requesting data. Second, the Plan would permit regulators to directly access customer information, which could improve the ability of SROs to conduct surveillance, among other benefits discussed below. Because these benefits of direct access do not depend on the ability of CAT to embed real-time analytics, the Commission continues to believe that the methods of direct access specified in the Plan will improve the accessibility of regulatory data relative to the Baseline.
Data Boiler Letter at 10-13, 26.
See Notice, supra note 5, at 30690.
See Section V.E.2, infra, for a discussion of various regulatory activities that direct access to data will improve.
With respect to the comment that the reduction in the number of data requests would result in cost savings to SROs of “about 5%,” but “definitely not more than 10%,” the Commission notes that the commenter did not explain the basis for its estimate. The Commission acknowledged in the Notice that it lacks the necessary information to estimate the magnitude of these cost savings, and this continues to be the case, as the Commission has not received any additional information it can use to estimate the savings. However, the Commission continues to believe that direct access to CAT Data should decrease the costs that many regulators and market participants incur in either requesting data or fulfilling requests for data.
Data Boiler Letter at 38.
With respect to the comments about uncertainties regarding the process for regulatory access to CAT Data, the Commission agrees with the commenter that, as discussed in the Notice, there is some uncertainty regarding the process for regulatory access under the Plan. The Commission notes that while the Plan provides detail on the method of access and the type of queries that regulators could run, many of the decisions regarding access have been deferred until after the Plan Processor is selected and finalizes the Technical Specifications. In particular, as discussed in the Notice, the details of functionality and performance of the final CAT System are still to be determined. The Commission continues to believe that these functionality and performance uncertainties create some uncertainty regarding the degree of improvement in regulatory access that will result from the Plan. The Commission agrees that is possible that, as one commenter noted, the deferral of these decisions could result in a delay in regulators' ability to access the CAT Data. However, the Commission continues to believe that the Plan will substantially improve the accessibility of regulatory data relative to the Baseline by providing regulators with direct access to the CAT Data.
SIFMA Letter at 32, 39-41.
See Notice, supra note 5, at 30691.
SIFMA Letter at 39.
Accessibility refers to “how the data is stored, how practical it is to assemble, aggregate, and process the data, and whether all appropriate regulators could acquire the data they need.” See Notice, supra note 5, at 30689.
(2) Consolidation of Data
In the Notice, the Commission stated that it preliminarily believed that the Plan would improve accessibility by consolidating various data elements into one combined source, reducing data fragmentation. Currently, audit trail data for securities that are traded on multiple venues (multiple exchanges or off-exchange venues) is fragmented across multiple data sources, with each regulator generally having direct access only to data generated on the trading venues it regulates. The Commission explained that the Plan would bring audit trail data related to trading on all venues into the Central Repository where it could be accessed by all regulators. Additionally, the Commission noted that Rule 613 requires that the Plan include both equity and options data. Because no existing regulatory audit trail data source includes both options and equities data, the Notice discussed the fact that collecting this data and providing access would allow regulators to monitor and run surveillance on the activity of market participants in related instruments, such as when a market participant has activity in both options and the options' underlying assets. The Commission noted that the Plan would also marginally increase the accessibility of historical exchange data. In particular, Section 6.5(b)(i) of the Plan requires that the Central Repository make historical data available for not less than six years, in a manner that is directly accessible and searchable electronically without manual intervention by the Plan Processor.
Id. at 30690.
The Commission recognizes that FINRA collects data from exchanges for which it provides regulatory services. However, this data is sent to FINRA by the exchanges with a delay, and the data formats are not standardized prior to receipt at FINRA.
17 CFR 242.613(c)(5), (c)(6).
See CAT NMS Plan, supra note 5, at Section 6.5(b)(i). Currently, broker-dealers retain data for six years, but exchanges are only required to retain data for five years. In practice, the Commission understands that most exchanges generally retain data for at least six years, but at least one exchange does not retain data for six or more years. Therefore, the CAT NMS Plan would improve the historical data available from at least one exchange.
The Commission did not receive any comments on this aspect of accessibility, and there have not been any modifications to the Plan related to this aspect of the Commission's analysis. The Commission therefore continues to believe that the Plan will improve accessibility relative to the Baseline by consolidating various data elements into one combined source, reducing data fragmentation.
d. Timeliness
In the Notice, the Commission discussed its belief that, if approved, the CAT NMS Plan would significantly improve the timeliness of reporting, compiling, and accessing regulatory data, which would benefit a wide array of regulatory activities that use or could use audit trail data. The Commission discussed its belief that the timeline for compiling and reporting data pursuant to the Plan would constitute an improvement over the processes currently in place for many existing data sources and that, relative to some data sources, the improvement would be dramatic. Specifically, under the Plan, CAT Data would be compiled and made ready for access faster than is the case today for some data, both in raw and in corrected form; regulators would be able to query and manipulate the CAT Data without going through a lengthy data request process; and the data would be in a format to make it more immediately useful for regulatory purposes.
Timeliness refers to when the data is available to regulators and how long it would take to process before it could be used for regulatory analysis. See Notice, supra note 5, at 30691.
Id.
In terms of initial access to the data, the Commission discussed its belief that the Plan would require CAT Reporters to report data to the Central Repository at times that are on par with current audit trails that require reporting, but the Central Repository would compile the data for initial access sooner than some other such data. For example, equity and option clearing data currently are not compiled and reported to the NSCC and the OCC until T+3, and data in EBS reports are not compiled and reported to a centralized database until a request is received. OATS data is initially reported to FINRA by 8:00 a.m. ET on the calendar day following the reportable event, and it takes approximately 24 hours for FINRA to run validation checks on the file, though SROs do not currently access OATS information for regulatory purposes until after the error correction process is complete.
Compiling data refers “to a process that aggregates individual data records into a data set. This could occur when regulators request data and when the regulators receive data from multiple providers. This is different from the act of reporting data.” Id.
Id. at 30691-92.
Id.
Id.
Furthermore, the Commission discussed the fact that, to the extent that access to the raw (i.e., uncorrected and unlinked) data would be useful for regulatory purposes, the CAT NMS Plan provides a way for SROs and the Commission to access the uncorrected and unlinked data on T+1 by 12:00 p.m. ET at the latest. Under the Plan, this access would be at least several days sooner than OATS is available to non-FINRA regulators. In the Notice, the Commission acknowledged that the Plan would not necessarily improve the timeliness of audit trail data in every case or for every regulator. For example, exchange SROs already have real-time access to their own audit trail data. However, regulators at other SROs or the Commission do not have real-time access to that audit trail data, and therefore the Commission stated that it preliminarily believed that CAT Data could be more timely for these other regulators to access and use than obtaining that exchange's audit trail data through other means.
Id. at 30691.
Under the Plan, SROs that are exchanges would still have the same real-time access to their own audit trail data as they currently do. The Commission does not expect that all SRO audit trails will be retired on implementation of the Plan because exchanges may use such audit trails to implement their CAT reporting responsibilities. CAT reporting requirements would require that exchanges collect and report audit trail information from their systems even if they elect to replace their current audit trails. However, CAT requirements may improve the completeness of real-time exchange audit trail data if the information that exchanges collect under the Plan is more complete than what they currently collect.
As noted, the SROs are generally currently able to access their own audit trail data on the same day of an event and the Commission is currently able to access some public data, like SIP and MIDAS, on the same day as an event. Further, OATS is available to FINRA at 8 a.m. on the day following an event. The Commission preliminarily does not expect the CAT NMS Plan would affect these regulators' access to most of these respective data sources.
In terms of timeliness of access to error-corrected data, the Commission stated in the Notice that it preliminarily believed that the error correction process required by the CAT NMS Plan is reasonably designed to provide additional improvements in timeliness for corrected data. The Plan specifies that the initial data validation and communication of errors to CAT Reporters must occur by noon on T+1 and that corrections of these errors must be submitted by the CAT Reporters to the Central Repository by 8:00 a.m. ET on T+3, with the corrected data made available to the regulators by 8:00 a.m. ET on T+5. During this interim time period between initial processing and corrected data availability, “all iterations” of processed data must be available for regulatory use. The Central Repository must be able to receive error corrections at any time, even if late; if corrections are received after T+5, the Plan Processor must notify the SEC and SROs of this fact and describe how re-processing of the data (to be determined in conjunction with the Operating Committee) would be completed. Customer information (i.e., information containing PII) is processed along a slightly different timeline, but the outcome—corrected data available by 8:00 a.m. ET on T+5—is the same. One exception to this timeline is if the Plan Processor has not received a significant portion of the data, as determined according to the Plan Processor's monitoring, in which case the Plan Processor could determine to halt processing pending submission of that data. The Commission noted that the error resolution process for OATS is limited to five business days from the date a rejection becomes available. The CAT NMS Plan requires a three-day repair window for the Central Repository. Accordingly, the Commission stated that if the Plan were approved, regulators would generally be able to access partially and fully corrected data earlier than they would for OATS.
See CAT NMS Plan, supra note 5, at Appendix C, Section A.2(a), Appendix D, Section 6.1.
Id. at Appendix D, Section 6.2.
Id. at Appendix C, Section A.3.(b), Appendix D, Section 7.4.
Id. at Appendix D, Section 6.2.
Id.
Id. at Appendix D, Section 6.1.
See Notice, supra note 5, at Section IV.D.2.b.(4) and n.465.
Id. at Appendix C, Section A.2(a).
CAT Data being available on T+5 may be later than for other current SRO audit trails.
In the Notice, the Commission discussed its belief that improvements to timeliness would also result from the ability of regulators to directly access CAT Data. The Commission discussed the fact that most current data sources do not provide direct access to most regulators and explained that data requests can take as long as weeks or even months to process. Other data sources provide direct access with queries that can sometimes generate results in minutes—for example, running a search on all MIDAS message traffic in one day can take up to 30 minutes —but only for a limited subset of the data to be available in CAT and generally only for a limited number of regulators. Accordingly, the Commission stated that it preliminarily believed that the ability of regulators to directly access and analyze the scope of audit trail data that would be stored in the Central Repository should reduce the delays that are currently associated with requesting and receiving data. Furthermore, the Commission discussed its belief that direct access to CAT Data should reduce the costs of making ad hoc data requests, including costs arising from extensive interactions with data liaisons and IT staff at broker-dealers, SROs, and vendors, developing specialized knowledge of varied formats, data structures, and systems, and reconciling data.
See Notice, supra note 5, at 30692 (citing CAT NMS Plan, supra note 5, Section 6.5(c)).
See Notice, supra note 5, at Section IV.D.2.b.(4) and n.468.
The Commission also stated that it preliminarily expected that the CAT NMS Plan would reduce the time required to process data before analysis. The Commission explained that currently, regulators can spend days and up to months processing data they receive into a useful format. Part of this delay is due to the need to combine data across sources that could have non-uniform formats and to link data about the same event both within and across data sources. These kinds of linking processes can require sophisticated data techniques and substantial assumptions and can result in imperfectly linked data. The Commission noted that the Plan addresses this issue by stating that the Plan Processor must store the data in a linked uniform format. Specifically, the Commission discussed how the Central Repository will use a “daisy chain” approach to link and reconstruct the complete lifecycle of each Reportable Event, including all related order events from all CAT Reporters involved in that lifecycle. Therefore, regulators accessing the data in a linked uniform format would no longer need to take additional time to process the data into a uniform format or to link the data. Accordingly, the Commission stated that it preliminarily believed that the Plan would reduce or eliminate the delays associated with merging and linking order events within the same lifecycle and that the Plan would improve the timeliness of FINRA's access to the data it uses for much of its surveillance by several days because the corrected and linked CAT Data would be accessible on T+5 compared to FINRA's T+8 access to its corrected and linked data combining OATS with exchange audit trails.
See Notice, supra note 5, at 30693.
See Table 1, Section V.D.2.b, supra.
See CAT NMS Plan, supra note 5, at Section 6.5(b)(i). The CAT NMS Plan does not link allocations to order events. See also 17 CFR 242.613(e)(1).
The daisy chain approach is used to link and reconstruct the complete lifecycle of each Reportable Event in CAT. According to this approach, CAT Reporters assign their own identifiers to each order event that the Plan Processor later replaces with a single identifier (the CAT Order-ID) for all order events pertaining to the same order. See Notice, supra note 5, at 30691.
Id. at 30693.
The Commission also discussed its belief that the expected improvements to data accuracy could result in an increase in the timeliness of data that is ready for analysis, although uncertainty exists regarding the extent of this benefit. The Commission explained that regulators currently take significant time to ensure data is accurate beyond the time that it takes data sources to validate data and that, in some cases, data users may engage in a lengthy iterative process involving a back and forth with the staff of a data provider in order to obtain accurate data necessary for a regulatory inquiry. Accordingly, the Commission stated that, to the extent that the Central Repository's validation process is sufficiently reliable and complete, the duration of the error resolution process regulators would perform with CAT Data may be shorter than for current data. Further, to the extent that the Central Repository's linking and reformatting processes are sufficiently successful, the SROs and Commission may not need a lengthy process to ensure the receipt of accurate data. However, the Commission noted that it lacked sufficient information on the validations, linking, and reformatting processes needed to draw a strong conclusion as to whether users would take less time to validate CAT Data than they take on current data. Nonetheless, the Commission preliminarily believed that the linking and reformatting processes at the Central Repository would be more accurate than the current decentralized processes such that it would reduce the time that regulators spend linking and reformatting data prior to use.
The Commission received comments on the improvements in timeliness from the Plan. Two commenters suggested that CAT Data would not be timely enough because it is reported too late. One commenter called the reporting deadline (8:00 a.m. ET on T+1) an “extraordinarily lax reporting time frame.” Another commenter argued that the T+5 schedule for regulatory access to corrected CAT Data is “useless in terms of effective market surveillance in prevention of threats to the U.S. financial stability” because a “huge loss can be accumulated within [a] split-second” and “market collapse does not take more than one day.” Furthermore, although the commenter agreed that “CAT offers the regulators on-demand query of delayed data that saves them multiple trips to request data from the financial institutions,” he opined that this “does not necessarily mean timeliness improvement.”
Data Boiler Letter at 18; Better Markets Letter at 6.
Better Markets Letter at 6.
Data Boiler Letter at 26.
Data Boiler Letter at 32.
The Participants' response provided additional information on error correction timelines for customer information and PII. Specifically, the Participants' response identified an errant discussion of these error correction timelines in the Plan, and clarified that the Plan Processor must validate customer data and generate error reports no later than 5:00 p.m. ET on T+1, and stated that they believe the two day period for error correction is sufficient for CAT Reporters to correct errors in customer data.
Response Letter I at 30.
The Commission has considered the comments it received regarding the potential of the Plan to improve timeliness. As discussed below, the commenters did not provide any additional information or analysis that the Commission believes would warrant changes to its analysis or conclusions as set out in the Notice.
The Commission disagrees with the commenter that characterized the next day reporting of CAT Data as an “extraordinarily lax reporting time frame,” and with the commenter that argued that the T+5 schedule for regulatory access to corrected CAT Data is insufficient. As discussed further above, the Commission considered whether CAT Reporters should be required to report data in real-time when it adopted Rule 613 under Regulation NMS. While the Commission acknowledged that there might be advantages to receiving data intraday, the Commission stated that the greater majority of benefits that may be realized from development of the CAT do not require real-time reporting. Furthermore, many SROs have real-time access to data generated on exchanges they operate, and can and do use this data for real-time surveillance of activity occurring on those exchanges As discussed in the Notice, the T+5 schedule improves the timeliness of regulatory access to corrected data relative to the Baseline in two ways. First, corrected OATS data is currently available to FINRA at T+8. Under the Plan, regulators will be able to access corrected CAT Data three days earlier than that (i.e., T+5). Second, the ability of regulators to directly access CAT Data will improve timeliness. Most current data sources do not provide direct access to most regulators, and data requests can take as long as weeks or even months to process. Therefore, for many purposes, the T+5 schedule for regulatory access to corrected CAT Data will be up to many weeks more timely relative to the Baseline.
Data Boiler Letter at 26.
See Section IV.D.3, supra.
See Adopting Release, supra note 13, at 45765. Indeed, Rule 613 stated that the CAT NMS Plan may not impose a reporting deadline earlier than 8:00 a.m. ET. 17 CFR 242.613(c)(3).
Id.
See Notice, supra note 5, at Section IV.E.1.d(2) and Section IV.E.1.d(3).
Id. at 30673.
Id. at 30692.
The Commission also disagrees with the comment that the ability of regulators to directly access CAT Data will not result in improvement in timeliness. The comment does not dispute that data requests can take time to process and it does not provide any specificity in arguing that direct access would not improve timeliness that undermines the Commission's belief that direct access will make CAT Data up to many weeks more timely. This represents an important improvement in timeliness over the Baseline.
Data Boiler Letter at 32.
Regarding the Participants' response, the Commission does not believe the clarification regarding the timeline for communication of errors for customer and account information would warrant changes to its analysis or conclusions regarding timeliness. The Commission notes that the Plan states that 5:00 p.m. ET on T+1 is the deadline for communication of errors for customer and account information, including PII. In separate exposition, the Plan mistakenly discussed 12:00 p.m. ET on T+3 as the deadline for validation of data and generation of error reports for CAT PII data. These two statements are in conflict because they describe different reporting deadlines for the same types of errors. However, the Commission is amending the Plan to correct that error. In the Notice, the Commission states that customer information has a separate error correction timeline with the same outcome in terms of the availability of corrected data to regulators; this analysis was not dependent on the time at which error messages were sent to CAT Reporters. Consequently, the clarification of this timeline does not affect the Commission's analysis. Furthermore, the Commission notes that commenters did not raise questions on the mistake and seem to have understood that the deadline for error reports on PII was 5:00 p.m. ET on T+1.
See CAT NMS Plan, supra note 5, at Appendix D, Section 6.2.
Id.
See note 1555, supra.
See Notice, supra note 5, at 30692.
2. Improvements to Regulatory Activities
In the Notice, the Commission discussed its preliminary belief that improvements in the quality of available data have the potential to result in improvements in the analysis and reconstruction of market events; market analysis and research in support of regulatory decisions; and market surveillance, examinations, investigations, and other enforcement functions. The Commission discussed its belief that the ability of regulators to perform analyses and reconstruction of market events would likely improve if the CAT NMS Plan were approved, because it would allow regulators to provide investors and other market participants with more timely and accurate explanations of market events, and to develop more effective responses to such events. Furthermore, availability of CAT Data would benefit market analysis and research in support of regulatory decisions, by facilitating an improved understanding of markets that will inform potential policy decisions. The Commission also discussed how regulatory initiatives that are based on an accurate understanding of underlying events and are narrowly tailored to address any market deficiency should improve market quality and benefit investors.
Id. at 30693-99.
The Commission also explained that, in its preliminary view, the Plan would substantially improve both the efficiency and effectiveness of SRO broad market surveillance, which could benefit investors and market participants by allowing SROs to more quickly and precisely identify and address a higher proportion of market violations that occur, as well as prevent violative behavior through deterrence.
The Commission discussed in the Notice its expectation that CAT Data would enhance the SROs' and the Commission's abilities to effectively target risk-based examinations of market participants who are at elevated risk of violating market rules, as well as their abilities to conduct those examinations efficiently and effectively, which could also contribute to the identification and resolution of a higher proportion of violative behavior in the markets. Accordingly, the reduction of violative behavior in the market should benefit investors by providing them with a safer environment for allocating their capital and making financial decisions, and it could also benefit market participants whose business activities are harmed by the violative behavior of other market participants. The Commission further discussed how more targeted examinations could benefit market participants by resulting in proportionately fewer burdensome examinations of compliant market participants.
The Commission also explained that a significant percentage of Commission enforcement actions involve trade and order data, and that it preliminarily believed CAT Data would significantly improve the efficiency and efficacy of enforcement investigations by the Commission and SROs, including insider trading and manipulation investigations.
In 2015, the Commission filed 807 enforcement actions, including 39 related to insider trading, 43 related to market manipulation, 124 related to broker-dealers, 126 related to investment advisers/investment companies, and one related to exchange or SRO duties, many of which involved trade and order data. In 2014, the Commission filed 755 enforcement actions, including 52 related to insider trading, 63 related to market manipulation, 166 related to broker-dealers, and 130 related to investment advisers/investment companies, many of which also involved trade and order data. See Year-by-Year SEC Enforcement Statistics, available at https://www.sec.gov/news/newsroom/images/enfstats.pdf. The total number of actions filed is not necessarily the same as the number of investigations. An investigation may result in no filings, one filing, or multiple filings. Additionally, trade and order data may be utilized in enforcement investigations that do not lead to any filings. Based on these numbers, the Commission estimates that 30-50% of its enforcement actions incorporate trading or order data. A portion of FINRA's 1,397 disciplinary actions in 2014 and 1,512 in 2015 also involved trading or order data. See http://www.finra.org/newsroom/statistics.
The Commission also stated that it as well as the SROs anticipated additional benefits associated with enhanced abilities to handle tips, complaints and referrals, and improvements in the speed with which they could be addressed, particularly in connection with the significant number of tips, complaints, and referrals that relate to manipulation, insider trading, or other trading and pricing issues. The Commission explained that the benefits to investor protection of an improved tips, complaints, and referrals system would largely mirror the benefits to investor protection that would accrue through improved surveillance and examinations efficiency.
In fiscal years 2014 and 2015, the Commission received around 15,000 entries in its TCR system, approximately one third of which related to manipulation, insider trading, market events, or other trading and pricing issues.
As discussed more fully below, the Commission has considered the comments it received regarding the likely benefits to regulatory activities, the Participants' response, and modifications to the Plan, and continues to believe that the CAT NMS Plan would generate improvements to regulatory activities, particularly in the analysis and reconstruction of market events; market analysis and research in support of regulatory decisions; and market surveillance, examinations, investigations, and other enforcement activities.
a. Analysis and Reconstruction of Market Events
In the Notice, the Commission discussed the reasons for its preliminary belief that the Plan would improve regulators' ability to perform analysis and reconstruction of market events. As noted in the Adopting Release, the sooner regulators can complete a market reconstruction, the sooner regulators can begin reviewing an event to determine what happened, who was affected and how, if any regulatory responses might be required to address the event, and what shape such responses should take. Furthermore, the improved ability for regulators to generate prompt and complete market reconstructions could provide improved market knowledge, which could assist regulators in conducting retrospective analysis of their rules and pilots.
See Notice, supra note 5, at 30694-95.
See Adopting Release, supra note 14, at 45732.
The Commission discussed how the fragmented nature of current audit trail data and the lack of direct access to such data renders market reconstructions cumbersome and time-consuming. Currently, the information needed to perform these analyses is spread across multiple audit trails, with some residing in broker-dealer order systems and trade blotters. Requesting the data necessary for a reconstruction of a market event often takes weeks or months and, once received, regulators then need weeks to reconcile disparate data formats used in different data sources. Some of the most detailed data sources, including sources like EBS and trade blotters that identify customers, are impractical for broad-based reconstructions of market events. In particular, including EBS data for a reconstruction of trading in the market for even one security on one day could involve many, perhaps hundreds, of requests, and would require linking that to SRO audit trail data or public data. Further, because EBS data lacks timestamps for certain trades, the Commission discussed how the use of EBS data in market reconstructions requires supplementation with data from other sources, such as trade blotters.
During the financial crisis in 2008, the lack of direct access to audit trail data resulted in the Commission being unable to quickly and efficiently reconstruct market events. The state of OATS data in 2008 also limited FINRA's ability to analyze and reconstruct the market during the financial crisis because FINRA could not yet augment its OATS data with exchange data and OATS did not include market maker quotations. As a result, regulators had little information about the role of short sellers in market events and the identity of short sellers during the financial crisis, for example. See Notice, supra note 5, at 30694-95.
Id. at Section IV.E.2.a (noting that in 2014, the SEC made 3,722 EBS requests which generated 194,696 letters to broker-dealers requesting EBS data). The Commission understands that FINRA makes about half this number of requests.
Large traders who file Form 13H with the Commission are assigned a “large trader identification number” by the Commission and must provide that number to their brokers for inclusion in the EBS records that are maintained by the clearing brokers. Rule 13h-1, subject to relief granted by the Commission, requires that execution time be captured (to the second) for certain categories of large traders. Id. at Section IV.D.2.a(3) and Section IV.D.2.b (discussing the EBS system and large trader reports and the limitations of these data sources in performing market reconstructions).
The Commission stated that it expected that improvements in data completeness and accuracy from the Plan would enhance regulators' ability to perform analyses and to reach conclusions faster in the wake of a market event by reducing the time needed to collect, consolidate and link the data. Specifically, the inclusion of Customer-IDs and consistent CAT-Reporter-IDs in the CAT Data would allow regulators to more effectively and efficiently identify market participants that submit orders through several broker-dealers and execute on multiple exchanges and whose activity may warrant further analysis. The Commission discussed its belief that this would be useful if regulators were interested in determining if a particular trader or category of traders had some role in causing the market event, or how they might have adjusted their behavior in response to the event, which could amplify the effects of the root cause or causes. Furthermore, the Commission discussed how the clock synchronization requirements of the Plan would improve the ability of regulators to sequence some events that happened in different market centers to better identify the causes of market events. Overall, the Commission stated that it preliminarily believed that the CAT NMS Plan would dramatically improve the ability of regulators to identify the market participants involved in market events.
The Commission stated that the lack of readily available trade and order data resulted in delays and gaps in the Commission's analysis of the events of the Flash Crash. It was also unable to quickly and efficiently conduct analysis and reconstruction of markets events, particularly around the financial crisis. Furthermore, the Commission and SROs have faced similar challenges when reconstructing events around the May 2012 Facebook IPO, the August 2012 Knight Securities “glitch,” and the August 2013 NASDAQ SIP outage. Id. at 30694-95.
The Commission also preliminarily believed that better data accessibility from the Plan would significantly improve the ability of regulators to analyze and reconstruct market events. Because CAT Data would link Reportable Events, the Plan could allow regulators to respond to market events more rapidly because they would not need to process corrected and linked data before starting their analyses.
The Commission received one comment on the fragmented nature of current audit trail data and the potential benefits of CAT Data to improve the ability of regulators to perform analysis and reconstructions of market events. That commenter agreed with the Commission that the fragmented nature of current data sources poses challenges to regulators seeking complete data, however, the commenter also stated that the potential benefits that CAT Data would provide regulators in terms of conducting analysis and market reconstructions are minimal. The Participants did not provide responses to these concerns.
Data Boiler Letter at 30.
Data Boiler Letter at 33.
In the Commission's view, this comment did not provide any additional information or analysis that warrants changes to the analysis or conclusions in the Notice. The commenter stated that “the plan is majoring in the minors (i.e., overemphasis on storage, and not enough coverage of pattern recognition).” The Commission disagrees. While the Commission has emphasized aspects of storage as in the Notice, the Commission has also emphasized that improvements in data completeness and accuracy would greatly assist regulators in performing analyses and reconstructing market events. The inclusion of Customer-IDs and CAT-Reporter-IDs would assist regulators in determining if particular traders had some role in causing a market event, and further, inclusion of these IDs could help regulators study patterns in customer-specific trading behavior. Further, enhanced clock synchronization requirements would assist regulators in sequencing events that happened in different market centers and help them to better identify the causes of market events. As such, the Commission continues to believe that the CAT NMS Plan would provide benefits in terms of performing analysis and reconstructing market events.
Id.
See Notice, supra note 5, at Sections III.B.3, III.B.12.
Changes to the Plan do affect data completeness and accuracy, as well as regulators' ability to analyze and reconstruct market events. First, the Commission has modified the Plan to require the reporting of LEIs for Customers and Industry Members in certain circumstances. These requirements will result in a greater ability of regulators to accurately identify traders that cause market events. Second, removing the open/close indicator for equities and Options Market Makers may reduce the completeness of CAT Data and may reduce the benefits that this potentially provides in terms of analysis and market reconstructions. Third, requiring exchanges to synchronize their clocks within 100 microseconds of NIST should enhance regulators' abilities to sequence events and reconstruct market events to a greater degree than initially stated in the Notice, though as discussed above in Section V.E.1.b.(3), the Commission does not expect a large improvement relative to what was described in the Notice.
See Section IV.D.4.a.(4) and Section IV.D.4.b.(2), supra, for a description of the LEI reporting requirements in the Plan.
See Section V.E.1.b(5), supra for a discussion of how LEIs can increase the accuracy of identifications; see also SIFMA Letter at 37.
b. Market Analysis and Research
In the Notice, the Commission discussed the reasons for its preliminary belief that the CAT NMS Plan would benefit the quality of market analysis and research that is produced to increase regulatory knowledge and support policy decisions and would lead to a more thorough understanding of current markets and emerging issues. The Commission discussed how improvements in regulatory market analysis and research aimed at informing regulatory decisions would benefit investors and market participants by improving regulators' understanding of the intricacies of dynamic modern markets and how different market participants behave in response to policies and information. These more nuanced and more thorough insights would help regulators to identify the need for regulation that specifically tailors policy to the diverse landscape of market participants and conditions that characterize current financial markets, as well as assist them in conducting retrospective analysis of their rules and pilots.
For example, this includes understanding the role and impact of high-frequency trading strategies; understanding how broker-dealers route their customer orders and studying “whether access fees and rebates drive routing decisions as much as execution quality considerations;” understanding the nature of short selling; and more generally, understanding how entities trade and the market impact of their trading. See Notice, supra note 5, at 30695-97.
As described in the Notice, the lack of direct access to necessary data, along with inaccuracies in the data that are available, currently limits the types of analyses that regulators can conduct. These data limitations constrain the information available to regulators when they are considering the potential effects of regulatory decisions. The CAT NMS Plan would provide direct access to data that currently requires an often lengthy and labor-intensive effort to request, compile, and process, including data that regulators could use to more directly study issues such as high frequency trading, maker-taker pricing structures, short selling, issuer repurchases, and ETF trading. Furthermore, the Commission discussed how CAT Data would better inform SROs and the Commission in rulemakings and assist them in conducting retrospective analysis of their rules and pilots, and how it would allow SROs to examine whether a rule change on another exchange was in the interest of investors and whether to propose a similar rule on their own exchange.
The Commission received two comments regarding the potential benefits of the CAT NMS Plan to help the Commission perform market analyses and conduct research. One commenter misinterpreted what accessibility to CAT Data means for the Commission, stating that access to the CAT system and data is limited to its regulatory functions and could exclude analytical or academic needs. Another commenter disagreed with the Commission's findings and stated that the CAT Plan would provide little benefit to facilitating market analysis and research absent real-time access to intra-day feeds.
Better Markets Letter at 4.
Data Boiler Letter at 33.
Commenters did not provide any additional information or analysis, however, and the Participants did not provide responses providing information relevant to this issue. The Commission is not changing its analysis and conclusions in light of the aforementioned comments for several reasons. First, one of the commenters assumes a narrow definition of “regulatory functions” but that CAT Data would serve the Commission and SROs in their analytical needs to conduct market analysis and academic research. Second, the Commission believes that even without real-time access to intra-day feeds, access to CAT Data would nonetheless benefit regulators since the quality of market analysis and research that is produced to increase regulatory knowledge would improve relative to the Baseline. Furthermore, the Commission continues to believe its statement in the Adopting Release that the majority regulatory benefits gained from the creation of a consolidated audit trail, as described in the Proposing Release, do not require real-time reporting. Specifically, the Commission notes that market analysis and research does not require contemporaneous access to CAT Data, and therefore, it is not necessarily the case that real-time access to CAT Data, as opposed to the Plan requirement of access to corrected data at T+5, would provide more benefit to market analysis and research by regulators. As such, the Commission continues to believe that CAT Data would provide significant improvements to market analysis and research conducted by regulators.
See Notice, supra note 5, at 30695-97 for a list of examples of market analysis and research that could be conducted by SROs and the Commission with access to CAT Data.
See Proposing Release, supra note 14, at 45768.
Id.
The Commission notes, however, that changes to the CAT NMS Plan do alter the analysis regarding the benefits for regulators in terms of conducting market analysis and research. In our view, the modifications to the Plan to require the reporting of LEIs for Customers and Industry Members in certain circumstances should result in a greater ability of regulators to conduct analysis and research involving individual market participants. Specifically, the reporting of LEI would also make it possible to merge CAT Data with other data sources that are currently not part of CAT (e.g., futures and security-based swaps), and this could potentially help with market reconstructions involving these products. Furthermore, more granular clock synchronization requirements for exchanges would mean that regulators could sequence events with greater granularity, which could potentially benefit analysis that requires sequencing events and research surrounding high frequency traders. However, because the Plan no longer contains an open/close indicator for equities, regulators will not be able to distinguish buying activity that covers short positions from buying activity that establishes or increases long positions and, therefore, regulators would not be able to examine, for example, how long particular types of traders hold a short position, as indicated in the Notice.
See Sections IV.D.4.a.(4) and IV.D.4.b.(2), supra, for a description of the LEI reporting requirements in the Plan.
See Section V.E.1.b(5), supra for a discussion of how LEIs can increase the accuracy of identifications; see also SIFMA Letter at 37.
See Notice, supra note 5, at 30696.
c. Surveillance and Investigations
In the Notice, the Commission explained the reasons for its preliminary belief that the enhanced surveillance and investigations made possible by the implementation of the CAT NMS Plan could allow regulators to more efficiently identify and investigate violative behavior in the markets and could also lead to market participants that currently engage in violative behavior reducing or ceasing such behavior, to the extent that such behavior is not already deterred by current systems. The Commission discussed how potential violators' expected probability of being caught influences their likelihood of committing a violation. If market participants believe that the existence of CAT, and the improved regulatory activities that result from improvements in data and data processes, increase the likelihood of regulators detecting violative behavior, they could reduce or eliminate the violative activity in which they engage to avoid incurring the costs associated with detection, such as fines, legal expenses, and loss of reputation. Such a reduction in violative behavior would benefit investor protection and the market as investors would no longer bear the costs of the violative behavior that would otherwise exist in the current system. Many of the improvements that would result from CAT could also allow regulators to identify violative activity, such as market manipulation, more quickly and reliably, which could improve market efficiency by deterring market manipulation and identifying and addressing it more quickly and more often when it occurs.
Id. at 30697-99.
It is well established in the economics and political science literature that common knowledge among market actors can lead to the deterrence of behaviors. See, e.g., Schelling, Thomas, “The Strategy of Conflict: Prospectus for a Reorientation of Game Theory,” Journal of Conflict Resolution, Vol. 2 No.3 (1958) and Ellsberg, Daniel, “The Crude Analysis of Strategic Choices,” American Economic Review, Vol. 51, No. 2 (1961). Therefore, market participants with knowledge of improvements in the efficiency of market surveillance, investigations, and enforcement, and consequently the increased probability of incurring a costly penalty, could be deterred from participating in violative behavior.
The Plan would allow regulators to more efficiently conduct cross-market and cross-product surveillance relative to surveillance using current data sources, and the requirement that data be consolidated in a single database would assist regulators in detecting violative (but not obvious) activity. To the extent that market participants are aware of the current challenges to regulators in performing cross-market surveillance and aggregating data across venues, and to the extent that they believe that their violative behavior is more likely to be detected if regulators' ability to perform those activities improves, they may reduce or eliminate violative behavior if the CAT Plan is approved. See Notice, supra note 5, at Section IV.E.2.c(1).
The Commission received several comments on the potential benefits of the CAT NMS Plan to improve SRO surveillance, risk-based examinations, enforcement activity, and the process for evaluating tips and complaints; and the Participants also responded to some of the comments raised in the comment letters. As discussed below, the Commission is not changing its analysis and conclusions in light of these comments and the Participants' responses; however, changes to the Plan affect the analysis that the Commission laid out in the Notice.
(1) SRO Surveillance
Rule 613(f) requires SROs to implement surveillances reasonably designed to make use of the CAT Data. Further, data improvements resulting from the Plan would improve regulators' ability to perform comprehensive and efficient surveillance. As the Commission explained in detail in the Notice, these benefits would encompass a number of improvements including: detection of insider trading; surveillance of principal orders; and cross-market and cross-product surveillance; and other market surveillance activities, which are each described in more detail below.
First, the Commission noted that CAT Data would include additional fields not currently available in data used for surveillance. Since currently available data does not include customer identifiers, SROs performing insider trading and manipulation surveillance are unable to identify some suspicious trading and must undertake multiple steps to request additional information after identifying suspect trades. The inclusion of Customer-IDs in the CAT would significantly improve these surveillance capabilities. The ability to link uniquely identified customers with suspicious trading behavior would provide regulators with a better opportunity to identify the distribution of suspicious trading instances by a customer as well as improve regulators' ability to utilize customer-based risk assessment.
The Commission understands that SRO surveillances on topics such as insider trading and market manipulation do not incorporate data that identifies customers. Based on alerts from their surveillances, SROs may open a review that runs through several stages of data requests before identifying a customer. The Commission notes that SRO audit trails typically do not provide customer information but a recent FINRA rule change would require its members to report to OATS non-FINRA member customers who are broker-dealers. See Notice, supra note 5, at 30697.
Second, the Commission noted that some current data sources used for SRO surveillance exclude unexecuted principal orders, limiting the surveillance for issues such as wash sales. As a result, many surveillance patterns are unable to detect certain rule violations involving principal orders. The inclusion of principal orders of Industry Members in the CAT would therefore enable regulators to better identify rule violations by broker-dealers that have not previously had to provide audit trail data on unexecuted principal orders.
Third, the Commission noted that the Plan would improve regulators' efficiency in conducting cross-market and cross-product surveillance, and enable any regulator to surveil the trading activity of market participants in both equity and options markets and across multiple trading venues without data requests. Regulators would also have access to substantially more information about market participants' activity, and the requirement that the data be consolidated in a single database would assist regulators in detecting activity that may appear permissible without evaluating data from multiple venues. The Commission explained that because market data are fragmented across many data sources and because audit trail data lacks consistent customer identifiers, regulators currently cannot run cross-market surveillance tracking particular customers. Furthermore, routine cross-product surveillance is generally not possible with current data. The Commission concluded that the potential enhancements in market surveillance enabled by the CAT NMS Plan are likely to result in more capable and efficient surveillance which could reduce violative behavior and protect investors from harm.
For example CAT Data would include Customer information, subaccount allocation information, exchange quotes, trade and order activity that occurs on exchanges, trade and order activity that occurs at broker-dealers that are not FINRA members, and trade and order activity that occurs at FINRA members who are not currently required to report to OATS. In addition CAT Data would require reporters to report data in milliseconds and would be directly available to non-FINRA regulators much faster than OATS is currently available to them. Id. at 30698.
See Section V.E.2.c(3), infra. The Commission notes that while this is a benefit allowed by consolidation of data in the Central Repository, linked data would not be available in the Central Repository until T+5, which may delay the completion of surveillance activities.
As noted above, SROs currently do not conduct routine surveillance that tracks particular customers because data currently used for surveillance does not include customer information.
Two commenters stated that the Commission is overly optimistic as to the benefits that the Plan would provide to SRO surveillance activities, with one of the commenters also mentioning that the Commission is overly optimistic with respects to the benefits to surveillance. One of the commenters argued that benefits are exaggerated because the Plan lacks an analytical framework embedded in its design. The same commenter mentioned that the lack of an analytical framework embedded in the design of CAT reduces the ability to identify false positives (i.e., detection of behaviors that are not violative), and false negatives (i.e., not detecting behaviors that are violative). The commenter also specifically raised concerns that the current accessibility and functionality requirements of CAT Data would be rendered unusable for regulators because the methods for querying data and performing bulk extracts are “generic” and not fit for financial market surveillance.
Anonymous Letter I at 3; Data Boiler Letter at 33.
Data Boiler Letter at 33.
Data Boiler Letter at 33.
Data Boiler Letter at 33.
Data Boiler Letter at 13, 27.
Two commenters stated that CAT should encompass real-time reporting functionality, because without it, it is hard to conduct meaningful surveillance. Additionally, one commenter mentioned that the Plan does not provide details on how regulators would use CAT Data.
Data Boiler Letter at 30; Better Markets Letter at 6-7.
SIFMA Letter at 32.
The Participants responded to these comments and noted that they already have real-time surveillance and monitoring tools in place for the respective markets that will not be affected by CAT. Furthermore, the Participants noted that the Plan Processor will provide sufficient data access tools as well as analytical tools in the CAT for the Participants to satisfy their obligations as set forth in Rule 613(f). But the Participants did note that surveillance methods and techniques could vary over time and across Participants, potentially yielding some degree of uncertainty in how benefits to surveillance activities would accrue to SROs, investors and market participants. The Participants also noted that CAT is not intended to be the sole source of surveillance for each Participant, and therefore, would not cover all surveillance methods currently employed by the Participants.
Response Letter I at 31, 43.
Response Letter I at 42.
Response Letter I at 42.
Response Letter II at 27.
The Commission considered these comments and the Participants' responses and believes that they would not warrant changes to the Commission's preliminary conclusions of the benefits that the Plan would provide to SRO surveillance. But the Commission does acknowledge that there is some uncertainty particularly regarding how exactly the SROs will incorporate CAT into their surveillance activities. First, while the Commission agrees that surveillance methods differ across Participants and this could generate uncertainty in the benefits, the Commission disagrees with the commenters that stated that the Commission is overly optimistic as to the benefits. Access to CAT Data would result in substantial benefits to SRO surveillance for the reasons mentioned earlier in this Section, none of which are undermined by the comments. Second, the Commission disagrees with the commenter that stated that the benefits that would accrue to surveillance are exaggerated due to the Plan's lack of an analytical framework embedded in its design. The commenter assumes that if the Plan had an analytical framework, the benefits of CAT would be more realistic. The Commission notes that the Plan does have an analytical framework embedded in its design. The Plan states specifically that the Plan Processor will provide the following analytical framework—namely an API that allows regulators to use analytical tools (e.g., R, SAS, Python, Tableau) and permit regulators to use ODBC/JDBC drivers to access CAT Data. This analytical framework would benefit SROs in conducting surveillance, which would benefit investors and market participants by allowing regulators to more quickly and precisely identify and address a higher proportion of market violations that occur, as well as prevent violative behavior through deterrence. Third, this analytical framework could allow regulators to code computer programs using CAT Data to detect trading patterns indicative of violative behavior. While there might be potential errors in detecting violative behavior using these programs, that is, false positives (detecting non-violative behavior) and false negatives (not detecting violative behavior), having access to more detailed CAT Data in a consolidated source including timestamps, principal orders, non-member activity, and subaccount allocations could minimize those errors. Fourth, the Commission disagrees with the commenter that the methods for querying data and performing bulk extracts are “generic” and not fit for financial market surveillance. The Commission expects these query methods, generic or not, will facilitate the direct access necessary for SROs to build improved surveillances. For instance, the Plan states that CAT will support two types of query interfacing, and specifies that all queries must be able to be run against raw (i.e., unlinked) or processed data, or both. Furthermore, by using the query interfacing supported by CAT, regulators would be able to directly query Customer-IDs, which could improve the ability for SROs to conduct surveillance, contrary to what the commenter stated.
See CAT NMS Plan, supra note 5, at Appendix D, Section 8.2.
Id. at Appendix D, Section 8.1.1.
See Section V.E.1.d(3), supra for additional information.
The Commission considered the comments on real-time surveillance, and understands that from the Participants' response, some SROs already have real-time surveillance. Further, the Commission expects the Plan to improve on SROs' real-time surveillances because the Plan will result in exchanges receiving, even at a later date, additional fields in the Material Terms of the Order, such as special order handling instructions, and additional order events, such as principal orders, that some SROs currently do not have available for any surveillance, real-time or otherwise.
As noted in Section V.D.1.c, this economic analysis considers surveillance to be SROs running processing on routinely collected or in-house data to identify potential violations of rules or regulations.
Finally, in response to the commenter that claimed the Plan did not provide enough details on how regulators would use CAT Data, the Commission acknowledges that there is uncertainty as to how the SROs will incorporate CAT Data into their surveillance activities. The Commission believes that even if there is uncertainty in this regard, the SROs nonetheless would still be able to conduct “meaningful” surveillance with the opportunity to improve on their current surveillances. In this regard, the Commission notes that Rule 613(f) states that national securities exchanges should create surveillances that are “reasonably designed to make use of consolidated information in the consolidated audit trail.” In addition, the Plan will improve the ability of regulators to perform cross-market and cross-product surveillance because regulators will have direct access to consistent data that includes comprehensive trade and order data in markets for multiple products.
The Commission also notes that the changes to the Plan to require the reporting of LEIs for Customers and Industry Members in certain circumstances should facilitate improved SRO surveillance by enabling SROs to identify traders and their clients with more accuracy. The reporting of LEIs would also make it possible to merge CAT Data with markets not included in CAT at this time (e.g., futures and security-based swaps), which could potentially assist with surveillance activities involving these products. Therefore, the inclusion of LEI for Customers and Industry Members could result in greater benefits to SRO surveillance than those described in the Notice.
See Section IV.D.4.a.(4) and Section IV.D.4.b.(2), supra, for a description of the LEI reporting requirements in the Plan.
See Section V.E.1.b(5), supra, for a discussion of how LEIs can increase the accuracy of identifications; see also SIFMA Letter at 37.
(2) Examinations
In the Notice, the Commission discussed its preliminary belief that the availability of CAT Data would also improve examinations by the Commission and SROs and that these improvements would benefit investor protection, and the market in general, by resulting in more effective supervision of market participants. The Commission conducted 493 broker-dealer examinations in 2014 and 484 in 2015, 70 exams of the national securities exchanges and FINRA in 2014 and 21 in 2015. In addition, the Commission conducted 1,237 investment adviser and investment company examinations in 2014 and 1,358 in 2015. Virtually all investment adviser examinations and a significant proportion of the Commission's other examinations involved analysis of trading and order data. Currently some data that would be useful to conduct risk-based selection for examinations, such as trade blotters, are not available in data sources available for pre-exam analysis. Further, the Commission explained that data available during exams often require regulatory Staff to link multiple data sources to analyze customer trading. For example, some customer identities are present in EBS data, but timestamps are not. To evaluate the execution price a customer received, it is necessary to know the time of the trade to compare the price of the customer's execution with the prevailing market prices at that time, which requires linking the EBS data with another data source that contains trades with timestamps (such as the trade blotter). These linking processes can be labor-intensive and require the use of algorithms that may not link with 100% accuracy.
See Notice, supra note 5, at 30698-99.
Regulators can obtain detailed equity transaction data by requesting a trade blotter from a particular firm; however, the data would only show the activity of that firm.
The Commission explained in the Notice that the expected improvements in the data qualities discussed above would enhance the ability of regulators to select market participants for focused examinations on the basis of risk. Having direct access to consolidated data in the Central Repository would improve regulators' ability to efficiently conduct analyses in an attempt to select broker-dealers and investment advisers for more intensive examinations based on identified risk. Additionally, the Commission discussed its belief that regulators would be able to conduct certain types of exams more efficiently because of the inclusion of Customer-IDs in CAT. Moreover, the clock synchronization provisions of the Plan could aid regulators in sequencing some events more accurately, thereby facilitating more informed exams. The Commission believed that the Plan would allow the data collection portion of examinations to be completed more quickly with fewer formal data requests, and that more efficient examinations would help regulators better protect investors from the violative behavior of some market participants and could reduce examination costs for market participants who would have otherwise faced examinations that are less focused and more lengthy.
One commenter suggested that without “red-flagging” suspicious activities using the commenter's recommended approach (using real-time analytics), it would not be possible to facilitate the ability of regulators to conduct risk-based examinations. The same commenter stated that the Commission has an overly optimistic assessment of the economic effects to examinations, mainly due to the Plan lacking an analytical framework embedded in its design. The Participants did not provide a response to this comment.
Part of the commenter's recommended approach to conducting surveillance involves using sensors to perform real-time analytics over streamed data. See Data Boiler Letter at 10-13.
Data Boiler Letter at 32.
Data Boiler Letter at 33.
The Commission considered these comments, but believes that they do not warrant changes to the Commission's preliminary conclusions of the benefits that the Plan would provide to performing risk-based examinations. First, the Commission disagrees with the commenter that stated “red-flagging” suspicious activity using their recommended approach (using real-time analytics) is the only way to facilitate risk-based examinations. As discussed above, having access to Customer-IDs would assist the Commission in flagging suspicious activity for their risk-based examinations, and assist the Commission in effectively targeting risk-based examinations of market participants who are at elevated risk of violating market rules. Furthermore, the Commission could also conduct more informed risk-based exams under the Plan because enhanced clock synchronization provisions could aid the Commission in sequencing some events more accurately. Second, regarding the commenter who stated that the Commission's assessment of the effects to examinations are optimistic because the Plan lacks an analytical framework, the Commission disagrees with this commenter for similar reasons to those stated above.
See Section V.E.2.c(1), supra; supra n.2284.
While the commenters did not provide any additional information that would warrant changes to the Commission's analysis or conclusions as set out in the Notice, changes in the Plan do alter the Commission's preliminary analysis. Requiring CAT Reporters to report their LEI for Customers and Industry Members in certain circumstances should result in a greater ability for regulators to identify traders for the purposes of risk-based examinations. Additionally, more stringent clock synchronization requirements for exchanges should enhance regulators' abilities to sequence events, thereby facilitating more informed risk-based exams. As such, the Commission believes that changes to the Plan could generate additional benefits over and above those stated in the Notice.
See Sections IV.D.4.a.(4) and IV.D.4.b.(2), supra, for a description of the LEI reporting requirements in the Plan.
See Section V.E.1.b(5), supra, for a discussion of how LEIs can increase the accuracy of identifications; see also SIFMA Letter at 37.
(3) Enforcement Investigations
In the Notice, the Commission explained that the improvements in data qualities that would result from the CAT NMS Plan would significantly improve the efficiency and efficacy of enforcement investigations, including insider trading and manipulation investigations. The Commission discussed how more efficient and effective enforcement activity is beneficial to both investors and market participants because it deters violative behavior that degrades market quality and that imposes costs on investors and market participants.
See Notice, supra note 5, at 30699.
The Commission discussed its expectation that dramatic benefits would come from improvements to the accessibility, timeliness, accuracy, and completeness of the data. First, compiling the data to support an investigation often requires a tremendous amount of time and resources, multiple requests to multiple data sources and significant data processing efforts, for both SROs and the Commission. While SROs have direct access to the data from their own markets, their investigations and investigations by the Commission often require access to the data of other SROs because firms trade across multiple venues. Some enforcement investigations, including those on insider trading and manipulation, require narrow market reconstructions that allow investigators to view actions and reactions across the market. Data fragmentation and the time it takes to receive requested data currently make these market reconstructions cumbersome and time-consuming. The Commission discussed its view that having access to CAT Data would help regulators analyze and reconstruct market events, and could in turn help them detect violative behavior during enforcement investigations.
Second, the Commission explained that it currently takes weeks or longer to process, link and make data available for analysis in an enforcement investigation. Under the CAT NMS Plan, data for an enforcement investigation initiated five days or more after an event would be processed, linked, and available for analysis within 24 hours of a query. The Commission discussed how the enhanced timeliness of data can improve the Commission's chances of preventing asset transfers from manipulation schemes, because regulators could use even uncorrected data (between T+1 and T+5) to detect the manipulation and identify the suspected manipulators.
Third, the Commission explained in the Notice that currently, identifying the activity of a single market participant across the market is cumbersome and prone to error. The inclusion and expected improvement in the accuracy of Customer Identifying Information in the CAT NMS Plan could allow regulators to review the activity of specific market participants more effectively. The Commission also explained that this information would be helpful in identifying insider trading, manipulation and other potentially violative activity that depends on the identity of market participants. Additionally, the Commission explained that improved accuracy with respect to timestamp granularity could increase the proportion of market events that could be sequenced under the CAT NMS Plan. This could yield some benefits in enforcement investigations, including investigations of insider trading, manipulation, and compliance with Rule 201 of Regulation SHO and Rule 611 of Regulation NMS.
Benefits associated with the ability to sequence events may be limited in some cases because many order events would not be able to be sequenced completely with the standards established in the CAT NMS Plan. See Section V.D.2.b(2)B.i, supra.
Finally, the Commission explained that the expected improvements in completeness could also benefit investigations by allowing regulators to observe in a consolidated data source relevant data that are not available in some or all current data sources, including timestamps, principal orders, non-member activity, customer information, allocations, and an open/close indicator, which would identify whether a trade increases or decreases an existing position. This data could be important, for example, when investigating allegations of market manipulation or cherry-picking in subaccounts.
One commenter agreed that the CAT Plan would slightly improve the efficiency of regulators' enforcement activities because CAT will save them multiple trips to request data from financial institutions; however, this commenter argued that such benefits would be minimal because they do not help to identify misconduct and/or recognize patterns of market manipulation in real-time. The commenter mentioned that the CAT Plan would not effectively and efficiently deter violative behavior, thereby only resulting in marginal improvements to enforcement. The Commission also received a comment stating that the Plan is overly-focused on best execution, which requires parsing bid and offer information on a minute scale, and that this may overwhelm the system and thereby prevent the capture of relevant information and frustrate the generally stated goals of CAT. One commenter also stated that the Commission is overly optimistic with respect to the benefits of CAT to enforcement activity, mainly due to the Plan lacking an analytical framework embedded in its design. The Participants did not specifically provide a response to the commenters' concerns.
Data Boiler Letter at 32.
Id.
Id. at 33.
Anonymous Letter I at 3.
Data Boiler Letter at 33.
The Commission considered these comments and believes that they do not warrant changes to the Commission's preliminary conclusions of the benefits that the Plan would provide to enforcement investigations. First, while the Commission acknowledges that CAT Data will not assist the Commission in recognizing patterns of market manipulation in real-time, the Commission nonetheless believes that the benefits of CAT Data to performing enforcement activities relative to the Baseline are significant. For instance, Customer Identifying Information in CAT Data would be particularly helpful in identifying a single market participant across the market, which would be useful in identifying insider trading, manipulation and other potentially violative activity that depends on the identity of market participants. Second, in light of the comment on best execution, the Commission believes that while the Plan will facilitate enforcement of best execution, including on Rule 611, this will not prevent the Plan from improving regulators' ability to investigate other types of violations, including market manipulation and insider trading. Furthermore, by parsing information on a granular scale, the Commission believes that the CAT Plan would increase the proportion of events that can be sequenced, yielding benefits in enforcement investigations. Third, regarding the commenter who stated that the Commission's assessment of the effects to enforcement investigations are optimistic because the Plan lacks an analysis framework, the Commission disagrees with this commenter for similar reasons to those stated above.
See Section V.E.2.c(1), supra; supra n.2284.
While the Commission is not altering its analysis of the benefits in response to the comments it received, the Commission is updating its analysis to recognize modifications to the Plan. Requiring CAT Reporters to report LEIs for Customers and Industry Members in certain circumstances should result in a greater ability for regulators to identify traders for the purposes of enforcement activity. This potentially improved data completeness could result in greater benefits to enforcement than stated in the Notice. Benefits to data completeness could also be potentially diminished by Plan modifications that remove the open-close indicator for equities and Options Market Makers. Such information would have been useful in detecting certain market manipulations and violations of rules such as Rule 105, short sale marking rules, and Rule 204 in equities and in identifying whether options market makers engage in aggressive risk-taking trading. The Commission now notes that due to the elimination of the requirement to report an open/close indicator for equities and Options Market Makers as part of CAT, these benefits will no longer be realized. However, the Commission is approving the Plan with this modification for the reasons discussed in Section IV.D.4.c, above. With regards to modifications to the timestamps on Allocation Reports, the Commission now understands that allocations are conducted after a trade and that the allocation time can aid regulators in ways that do not require millisecond-level timestamps. Therefore, modifications to the Plan that now require second-level timestamps would not result in a significant loss of benefits to the Commission. In spite of these modifications to the Plan, the Commission nonetheless believes that the efficiency and efficacy of enforcement investigations will be improved to a greater degree than anticipated in the Notice.
See Sections IV.D.4.a.(4) and IV.D.4.b.(2), supra, for a description of the LEI reporting requirements in the Plan.
See Section V.E.1.b(5), supra, for a discussion of how LEIs can increase the accuracy of identifications; see also SIFMA Letter at 37.
(4) Tips and Complaints
In the Notice, the Commission explained why it believed that the CAT NMS Plan, would improve the process for evaluating tips and complaints by allowing regulators to more effectively triage tips and complaints, which could focus resources on behavior that is most likely to be violative. Specifically, the availability of CAT Data would drastically increase the detail of data available to regulators for the purposes of tip assessment. This would assist the SROs and Commission in identifying which tips and complaints are credible, would help ensure that regulators open investigations or examinations on credible tips and complaints, and would limit regulatory resources spent on unreliable tips and complaints.
See Notice, supra note 5, at 30699; see also SEC Office of the Whistleblower, What Happens to Tips, available at https://www.sec.gov/about/offices/owb/owb-what-happens-to-tips.shtml.
The Commission did not receive any comments regarding the benefits that would accrue to investors with regards to how regulators respond to tips and complaints. However, changes to the Plan affect the Commission's analysis from the Notice; namely, requiring LEI reporting; enhanced clock synchronization requirements for exchanges; less granular timestamps for allocation reports; and removing the open/close indicator for equities and for Options Market Makers. As discussed above in Sections V.E.2.c.(2) and (3), these changes could affect risk based examinations and enforcement investigations, and could thereby affect the ability of regulators to effectively triage tips and complaints. In light of these modifications to the CAT NMS Plan, the Commission continues to believe that benefits would accrue to regulators allowing them to more effectively triage tips and complaints by focusing resources on behavior that is most likely to be violative, thereby resulting in benefits that would also accrue to investors and market participants.
3. Other Provisions of the CAT NMS Plan
In the Notice, the Commission noted that there are a number of provisions of the CAT NMS Plan that provide for features that are uniquely applicable to a consolidated audit trail or otherwise lack a direct analog in existing data systems. Therefore, rather than analyze the benefits of these provisions as compared to existing NMS Plans or data systems, the Commission analyzed these provisions in comparison to a CAT NMS Plan without these features. The Commission preliminarily believed that these provisions of the CAT NMS Plan would increase the likelihood that the potential benefits of the CAT NMS Plan described above would be realized.
Id. at 30699-30708.
As discussed below, the Commission has revised its analysis in response to comments, the Participants' response, and the Commission's modifications to the Plan.
a. Future Upgrades
In the Notice, the Commission discussed several Plan provisions that seek to ensure that the CAT Data would continually be updated to keep pace with technological and regulatory developments. For example, the Plan would require that the CCO review the completeness of CAT Data periodically, that the Central Repository be scalable to efficiently adjust for new requirements and changes in regulations, and that Participants provide the Commission with a document outlining how the Participants could incorporate information on select additional products and related Reportable Events. The Commission preliminarily believed these provisions would allow the CAT to be updated if and when the applicable technologies and regulations change.
Id. at 30700. Examples of these provisions include, requiring “the Chief Compliance Officer to review completeness of CAT Data periodically;” requiring that “the Central Repository be scalable to efficiently adjust for new requirements and changes in regulations;” and requiring Participants “to provide the Commission with a document outlining how Participants could incorporate information on selecting additional products and related Reportable Events.” Id.
See CAT NMS Plan, supra note 5, at Sections 4.12(b)(ii), 6.2(a)(v)(E). The CCO would be required to perform reviews on matters including the completeness of information submitted to the Plan Processor or Central Repository and report findings periodically to the Operating Committee.
Id. at Appendix D, Section 1.1.
Id. at Section 6.11. This document is due within six months of the Effective Date of the CAT NMS Plan.
The Commission noted that these provisions are designed to ensure that the Participants consider enhancing and expanding CAT Data shortly after initial implementation of the CAT NMS Plan and that the Participants consider improvements regularly continuing forward. The Commission preliminarily expected that, in addition to these provisions, the CCO review would further facilitate proactive expansion of CAT to account for regulatory changes or changes in how the market operates, or in response to a regulatory need for access to new order events or new information about particular order events. To the extent that the Participants determine that an expansion is necessary and it is approved by the Commission, the Plan's scalability provision promotes the efficient implementation of that expansion such that it could be completed at lower cost and/or in a timely manner.
Taken together, the Commission believed that these provisions could also provide a means for the Commission to ensure that improvements to CAT functionality are considered so as to preserve its existing benefits, or that the expansion of CAT functionality is undertaken in order to create new benefits. The Commission recognized some uncertainty with respect to how effectively these provisions would operate to ensure that improvements to CAT functionality are considered in a way that would maximize the benefits of the Plan, but noted that the Commission does retain the ability to modify the Plan, if such a step becomes necessary to ensure that future upgrades are undertaken as necessary. Moreover, the focus on scalability, adaptability, and timely maintenance and upgrades promotes a system that could be readily adapted over time. The Commission preliminarily believed that the provisions outlined above would allow the CAT Data to be continually updated to keep pace with technological and regulatory developments.
The Commission received one comment disagreeing that future upgrades would increase the likelihood that potential future benefits would be realized. The commenter stated that the provisions about future upgrades are infrastructure related, rather than quality improvements in the sense of timely insights to regulators. Another commenter stated that the proposal for the CCO to be an officer of the CAT LLC as well as an employee of the Plan Processor creates a conflict of interest that would undermine the ability of this officer to carry out his or her responsibilities effectively under the Plan because he or she would owe a fiduciary duty to the Plan Processor rather than the CAT LLC. The Commission notes that the Plan accords the CCO certain responsibilities related to future upgrades; for example, as noted above, the CCO is responsible for reviewing the completeness of CAT Data periodically and providing the SEC with a document outlining how the Participants could incorporate information on select additional products and related Reportable Events.
Data Boiler Letter at 34.
FSI Letter at 3.
The Plan delegates these tasks to the CCO. See CAT NMS Plan, supra note 5, at Sections 4.12(b)(ii), 6.11, 6.2(a)(v)(E).
In response to that comment, the Participants recommended a change to the Plan that would require that the CCO have fiduciary duties to the CAT LLC in the same manner and extent as an officer of a Delaware corporation, and that, to the extent those duties conflict with duties the CCO has to the Plan Processor, the duties to the CAT LLC should control. As discussed in more detail in the Discussion Section, the Commission agrees with this suggestion and has modified the Plan to incorporate this change.
Response Letter I at 17-18.
The Commission has considered the comments received, the Participants' response, and the modifications the Commission has made to the Plan. The Commission disagrees with the commenter that stated that the future upgrades would not help to provide “timely insights to regulators” because the provisions are “infrastructure related.” As discussed above, the upgrades should improve the completeness of the CAT Data by potentially allowing for its expansion to include information on select additional products and related Reportable Events, and access to more complete data should improve regulatory activities. Additionally, the required scalability of the Central Repository infrastructure and the mechanism to accept suggested changes from the Advisory Committee and regulators will permit the CAT to meet the needs of the regulators—such as enhancements benefiting their oversight of the markets—and be modifiable and adaptable to future technology changes.
Data Boiler Letter at 34.
See Sections V.E.1.a and V.E.2, supra, for a discussion of how more complete data is expected to improve the analysis and reconstruction of market events, market analysis and research in support of regulatory decisions, and market surveillance, examinations, investigations, and other enforcement functions.
See Section IV.D.15, supra.
In response to the comment noting that the proposal for the CCO to be an officer of the CAT LLC as well as an employee of the Plan Processor creates a conflict of interest, the Commission notes that the potential for a conflict of interest would create additional uncertainty as to whether the provisions of the Plan requiring the CCO to review the completeness of CAT Data periodically and to provide the Commission with a document outlining how the Participants could incorporate information on select additional products and related Reportable Events will be carried out in a way that will maximize the benefits of the Plan. However, the modification to the Plan requiring the CCO to have fiduciary duties to the CAT LLC in the same manner and extent as an officer of a Delaware corporation should reduce that uncertainty. Therefore, the Commission continues to believe that those provisions will allow the CAT to be updated efficiently if and when the applicable technologies and regulations change.
FSI Letter at 3.
Furthermore, the Plan has been modified to require an annual evaluation of potential technological upgrades based upon a review of technological advancements over the preceding year, drawing on Participants' technology expertise, whether internal or external. The Plan has also been modified to require an annual assessment of whether any data elements should be added, deleted or changed to the CAT Data. Because these amendments result in more frequent evaluations (compared to biannually), and require the evaluations to review technological advancements as well as the usefulness of the data elements in CAT, these amendments should further allow the Participants to consider the appropriate time to make technological upgrades and decisions regarding the inclusion, deletion or modification of data elements.
See Section IV.D.14, supra.
In summary, the Commission continues to believe that the Plan provides a means for the Commission to ensure that improvements to CAT functionality are considered so as to preserve its existing benefits, or that the expansion of CAT functionality is undertaken in order to create new benefits.
b. Promotion of Accuracy
In the Notice, the Commission discussed specific Plan provisions designed to generally promote the accuracy of information contained in the Central Repository. The CCO is required, among other responsibilities, to perform reviews related to the accuracy of information submitted to the Central Repository and report to the Operating Committee with regard thereto, and there is a special Compliance Subcommittee of the Operating Committee, which is established to aid the CCO with regard to, among other things, issues involving the accuracy of information. The Plan also contains certain other provisions intended to monitor and address Error Rates.
See Notice, supra note 5, at 30700-01.
See CAT NMS Plan, supra note 5, at Section 6.2(a)(v)(E).
Id. at Section.4.12(b).
Id. at Appendix C, Section A.3(b).
The Commission discussed its preliminary belief that the provisions were reasonably designed to improve the overall accuracy of CAT Data relative to the exclusion of such provisions. It noted, however, that certain procedures outlined in the Plan might not incentivize all firms to further improve the quality of the data they report. Specifically, because the Plan only discusses penalties or fines for CAT Reporters with excessive Error Rates, the Commission explained that it is not clear what incentive, if any, would be provided to firms with median Error Rates to improve their regulatory data reporting processes, and that this lack of incentive could collectively limit industry's incentives to reduce Error Rates.
See Notice, supra note 5, at 30701.
In addition, the Commission noted that the Plan includes provisions requiring the establishment of a symbology database that will also foster accuracy. The Commission noted that Participants and their Industry Members will each be required to maintain a five-year running log documenting the time of each clock synchronization performed and the result of such synchronization, and that these requirements should provide a clearer foundation for evaluating the standards set in the Plan upon which future improvements could be considered.
The Commission received several comments regarding the promotion of accuracy in the Plan. One comment letter stated that there are insufficient incentives provided by the Plan for CAT Reporters to reduce Error Rates. The commenter did not provide any additional information as to why the existing incentives are insufficient or any specific suggestions to improve the incentives. Another commenter recommended a “positive reinforcement” approach to incentivize the reduction of Error Rates, where firms would be exempted from duplicative reporting systems if their Error Rate for “comparable” data in CAT reaches a certain threshold. In addition, the commenter suggested that customer information fields should be categorized based on the degree of their importance for market surveillance and market reconstruction purposes, so that CAT Reporters can focus on ensuring accuracy of the fields most important for market surveillance. That commenter seemed to agree that an annual review of error rates would promote accuracy, stating that an annual review is “reasonable.” The same commenter also noted that detailed error reporting statistics for CAT Reporters will assist in minimizing the error rate over time. Another commenter stated their belief that CAT Reporters should have an opportunity to reduce their error rate prior to onboarding on CAT, and furthermore, should receive a grace period before error correction rates are disseminated to regulators. The commenter stated that such provisions, “would provide them [CAT Reporters] with a window to better understand the data being returned by the CAT, and how it is evaluating data submissions.” An additional commenter stated that error rate monitoring is an effective way of ensuring firms put in place pre-validation checks, and that such checks can be an effective method of protecting the integrity and accuracy of the data being reported. The Commission received three comment letters that appeared to support the idea that the annual review of clock synchronization and timestamp standards would promote accuracy. One commenter noted that the annual review would permit a consideration of “the current state and cost of clock synch technology, and what the current industry practices are regarding adoption of these technologies,” and a second generally agreed with that observation. A third supported regular review to assess whether the standard might be introducing “noise and/or overly distorted signals.” In their response, the Participants stated that with respect to data accuracy, the Participants have included provisions in the Plan to take into account minor and major inconsistencies in customer information. In particular, the Participants noted that Appendix D explains that “[t]he Plan Processor must design and implement procedures and mechanisms to handle both minor and material inconsistencies in customer information.” They also noted that material inconsistencies must be communicated to the submitting CAT Reporter(s) and resolved within the established error correction timeframe. The Participants stated that the Central Repository also must have an audit trail showing the resolution of all errors. Finally, the Participants noted that they intend to monitor errors in the customer information fields and will consider, as appropriate, whether to prioritize the correction of certain data fields over others.
Data Boiler Letter at 34. The commenter generally suggests an alternative approach to data reporting involving a “dynamic analytical framework” where “sensors directly conduct real-time analytics over streamed data where it was originated.” Id.
FIF Letter at 58.
FIF Letter at 11, 93.
FIF Letter at 57.
FIF Letter at 52.
SIFMA Letter at 7.
SIFMA Letter at 7.
UnaVista Letter at 4.
FIF Letter at 106; SIFMA Letter at 34; Data Boiler Letter at 21.
FIF Letter at 106. This commenter recommended that any clock synchronization should stay in place for three years because it is costly to the industry and distributive to the industry to change the standard, and such changes could take two years to implement. Id.
SIFMA Letter at 34.
Data Boiler Letter at 21.
Response Letter I at 22, citing the CAT NMS Plan at Appendix D, Section 9.4.
Id.
Id.
Another commenter suggested that a CAT Reporter's performance of pre-validation checks prior to submitting data to the CAT can be an effective way to preserve data integrity and accuracy. In their response, the Participants noted that, in recognition of their potential value in ensuring accurate data submissions, they have discussed with the Bidders various tools that will be made available to CAT Reporters to assist with their data submission, including pre-validation checks.
UnaVista Letter at 4.
Response Letter I at 49.
Finally, as discussed in more detail above, another commenter stated that the proposal for the CCO to be an officer of the CAT LLC as well as an employee of the Plan Processor creates a conflict of interest. The Commission notes that the Plan accords the CCO certain responsibilities related to the promotion of accuracy; for example, as noted above, the CCO is responsible for reviews related to the accuracy of information submitted to the Central Repository and reporting to the Operating Committee with regard thereto. In response to that comment, the Participants proposed a change to the Plan which would require that the CCO have fiduciary duties to the CAT LLC in the same manner and extent as an officer of a Delaware corporation. As discussed in more detail in the Discussion Section, the Commission agrees with this suggestion and has modified the Plan to incorporate this change.
See Section V.E.3.a, supra.
FSI Letter at 3.
Response Letter I at 17-18.
The Commission has considered the comments and the Participants' response and is revising its economic analysis as indicated below. In response to the commenter that suggested the prioritization of customer information fields, the Commission notes that it is amending the Plan to require the SROs to submit an assessment of errors in the customer information fields and whether to prioritize the correction of certain data fields over others, within 36 months of Plan Approval. The Commission agrees with the Participants, however, that the provisions of the Plan requiring the Plan Processor to design and implement procedures and mechanisms to handle both minor and material inconsistencies in customer information, requiring material inconsistencies to be resolved within the established error correction timeframe, and requiring the Central Repository to have an audit trail showing the resolution of all errors should help to promote accuracy, as well. Nonetheless, the Commission believes that, the assessment will help to identify any unanticipated issues with the accuracy of the customer information fields and, in addition to the provisions discussed in the Notice and summarized above, should promote the overall accuracy of CAT Data.
See Section IV.D.4.a.(1), supra.
The Plan states that minor inconsistencies, such as variations in road name abbreviations in searches, would be resolved within the Plan Processor. Material inconsistencies, such as two different people with the same SSN, must be communicated to the submitting CAT Reporters and resolved within the error correction timeframe described in Section 2.2.4 of the Plan. See CAT NMS Plan, supra note 5, at D-35.
In response to the commenter that suggested CAT Reporters should have an opportunity to reduce their error rate prior to onboarding on CAT, the Commission agrees and believes that such an opportunity exists during the testing periods, particularly as specified in the amended Plan. The Commission is also amending the Plan to require that the CAT testing environment will be made available to Industry Members on a voluntary basis no later than six months prior to when Industry Members are required to report and that more coordinated, structured testing of the CAT System will begin no later than three months prior to when Industry Members are required to report data to CAT. The ability to use a testing environment prior to reporting will promote accuracy of data going forward.
Id. at Appendix C.
See Section IV.D.8.a, supra.
In response to the comment noting that the proposal for the CCO be an officer of the CAT LLC as well as an employee of the Plan Processor creates a conflict of interest, the Commission notes that the potential for a conflict of interest would create additional uncertainty as to whether the reviews related to the accuracy of information submitted to the Central Repository and reports to the Operating Committee with regard thereto, both of which are delegated to the CCO under the Plan, will be carried out in a way that will maximize the benefits of the Plan. However, the modification to the Plan requiring the CCO to have fiduciary duties to the CAT LLC in the same manner and extent as an officer of a Delaware corporation should reduce that uncertainty.
FSI Letter at 3.
The Commission also believes that, if they are made available to CAT Reporters, pre-validation checks could promote the accuracy of data in the Central Repository prior to T+5 by reducing errors. However, the Commission notes that the availability of these tools is uncertain.
While the Commission continues to believe that the lack of incentives for firms with median Error Rates to improve their regulatory data reporting processes could collectively limit industry's incentives to reduce Error Rates, the Commission agrees with the commenter that suggested that positive reinforcement with respect to error rates may help promote accuracy. The Commission notes that, as discussed above, the overall elimination of existing data reporting systems will be conditioned on the availability of quality data in CAT, which may incentivize accurate CAT reporting. While the Commission agrees that allowing CAT Reporters to stop reporting to existing data systems on an individual basis according to their error rates would incentivize CAT Reporters to reduce their error rates, the Commission notes that this approach may not promote the accuracy of CAT Data as a whole, because it could entail a division of market data across multiple data sources that would obligate regulators to merge multiple data sources to conduct their regulatory activities. However, as discussed above, the Commission has amended the Plan to require Participants to consider, in their rule filings to retire duplicative systems, whether individual Industry Members can be exempted from reporting to duplicative systems once their CAT reporting meets specified accuracy standards. This should provide further analysis regarding whether individual reporting exemptions based on meeting data quality standards can incentivize fewer errors while, ensuring that regulators can effectively carry out their obligations using CAT Data.
FIF Letter at 58.
See Section IV.D.9, supra.
Id. (explaining that the Commission is amending Section C.9 of Appendix C of the Plan to require that the Participants consider, in their rule filings to retire duplicative systems, whether individual Industry Members can be exempted from reporting to duplicative systems once their CAT reporting meets specified accuracy standards, including, but not limited to, ways in which establishing cross-system regulatory functionality or integrating data from existing systems and the CAT would facilitate such individual Industry Member exemptions).
The Commission believes that three additional reports and reviews will further promote lower data error rates by focusing attention on the sources of data errors. First, the Plan has also been modified to require an annual evaluation of how the Plan Processor and SROs are monitoring Error Rates and exploring the imposition of Error Rates based on product, data element or other criteria. By increasing the frequency of the evaluation and specifically including this Error Rate information, this analysis will enable the SROs to better understand the factors that generate Error Rates. Second, the Plan has been amended to require an assessment in connection with any Material Systems Changes to the CAT of its potential impact on the maximum Error Rate. This will facilitate understanding of how a particular Material Systems Change would impact Error Rates and whether to temporarily adjust the Error Rates around that Material Systems Change. Third, the Plan has been modified to require the SROs to provide an assessment of the feasibility, benefits and risks and advisability of permitting Industry Members to have bulk access to their reported data. Such an assessment would provide further information on the tradeoffs of bulk extracts, which could allow Industry Members to more efficiently identify and correct data errors.
See Section IV.D.11.c, supra.
See Section IV.D.11.b, supra.
The Plan has also been modified to require a report detailing the SROs' consideration of engaging in coordinated surveillance (e.g., entering into Rule 17d-2 agreements, RSAs or some other approach to coordinate compliance and enforcement oversight of the CAT), within 12 months of Plan Approval. This analysis will promote accuracy by focusing the SROs on ensuring that their members comply with requirements in the Plan.
See Section IV.B.4, supra.
Other amendments could promote accuracy by promoting finer timestamps and shorter clock offset tolerances. The Plan has been modified so that the SROs should apply industry standards related to clock synchronization based on the type of CAT Reporter, type of Industry Member, or type of system, rather than the industry as a whole. In addition, the Plan has been amended to require that the Plan Processor review clock synchronization standards by type of entity and system type six months after effectiveness of the Plan and on an annual basis thereafter. These amendments to the Plan should focus attention on areas where improvements to the clock synchronization and timestamp standards could improve the accuracy of the data at lower cost.
c. Promotion of Timeliness
In addition to the specific timeliness benefits discussed in the foregoing Sections, in the Notice the Commission discussed some Plan provisions that promote performance of the Central Repository, and that therefore could indirectly improve the timeliness of regulator access to or use of the CAT Data. These are found in capacity requirements for the Plan Processor, disaster recovery requirements to ensure the availability of the system, and in supervision and reporting of timeliness issues.
First, the Plan Processor must measure and monitor Latency within the Central Repository's systems, must establish acceptable levels of Latency with the approval of the Operating Committee, and must establish policies and procedures to ensure that data feed delays are communicated to CAT Reporters, the Commission, and Participants' regulatory Staff. Second, the Plan Processor must develop disaster recovery and business continuity plans to support the continuation of CAT business operations. Third, the Chief Compliance Officer of the Plan Processor must conduct regular monitoring of the CAT System for compliance with the Plan, including with respect to the reporting and linkage requirements in Appendix D. Moreover, the Plan Processor must provide the Operating Committee with regular reports on the CAT System's operations and maintenance, including its capacity and performance, as set out in Appendix D.
See CAT NMS Plan, supra note 5, at Appendix D, Section 8.3
Id. at Section 6.2(a)(v)(J).
Id. at Appendix D, Section 6.2(a)(v)(J).
Id. at Appendix D, Section 6.1(o)(i).
Furthermore, the Commission discussed that one caveat on the foregoing discussion is that system performance would in part be dependent on a series of SLAs to be negotiated between the Plan Participants and the eventual Plan Processor, including with respect to linkage and order event processing performance, query performance and response times, and system availability. As these have not yet actually been negotiated, some of the key timeliness benefits anticipated to accrue from implementation of the Plan could be subject to negotiation.
Id. at Appendix D, Section 8.5.
The Commission received several comments on the development of disaster recovery and continuity plans. One commenter stated that it is not clear that the current disaster recovery plan would provide uninterrupted access to CAT data in the case of an event that calls for the plan to be activated. Another commenter requested clarification that the bi-annual disaster recovery test of CAT operations at its secondary facility would be conducted twice a year, rather than once every two years. In their response, the Participants clarified that disaster recovery tests would be conducted twice a year.
SIFMA Comment Letter at 45.
FSI Letter at 5.
Response Letter I at 51.
As discussed in more detail above, another commenter stated that the proposal for the CCO to be an officer of the CAT LLC as well as an employee of the Plan Processor creates a conflict of interest. The Commission notes that the Plan accords the CCO certain responsibilities related to the promotion of timeliness; for example, as noted above, the CCO is responsible for conducting regular monitoring of the CAT System for compliance, including with respect to compliance with the timelines for reporting and linkage of the data set out in Appendix D of the Plan, which could help ensure that the CAT Data is made available to regulators in accordance with the timelines discussed in Section V.E.1.d. In response to that comment, the Participants proposed a change to the Plan which would require that the CCO have fiduciary duties to the CAT LLC in the same manner and extent as an officer of a Delaware corporation. As discussed in more detail in the Discussion Section, the Commission agrees with this suggestion and has modified the Plan to incorporate this change. The Commission has considered the comments, the Participants' response and the modification to the Plan, and continues to believe that the provisions discussed in the Notice and summarized above promote performance of the Central Repository, and therefore could indirectly improve the timeliness of regulator access to or use of the CAT Data.
See Section IV.B.3, supra.
FSI Letter at 3.
See CAT NMS Plan, supra note 5, at Appendix D, Section 6.2(a)(v)(J).
In response to the comment noting that the proposal for the CCO to be an officer of the CAT LLC as well as an employee of the Plan Processor creates a conflict of interest, the Commission notes that the potential for a conflict of interest would create additional uncertainty as to whether regular monitoring of the CAT System for compliance, which is the responsibility of the CCO under the Plan, will be carried out in a way that will maximize the benefits of the Plan. However, the modification to the Plan requiring the CCO to have fiduciary duties to the CAT LLC in the same manner and extent as an officer of a Delaware corporation should reduce that uncertainty.
FSI Letter at 3.
In response to the comment regarding the frequency of testing, the Commission notes that the Participants have clarified that testing will take place twice a year, which will promote the effectiveness of the disaster recovery plan relative to less frequent testing. In response to the comment regarding uninterrupted access to CAT Data in the case of an event that calls for the disaster recovery plan to be activated, the Commission recognizes that regulators may not have uninterrupted access to CAT Data in the event the disaster recovery plan is activated, which may limit the extent to which the disaster recovery plan promotes timeliness relative to a plan that provided for uninterrupted access. However, the Commission notes that the CAT NMS Plan states that the disaster recovery capability will ensure no loss of data and that a secondary processing site must be capable of recovery and restoration of services within 48 hours, but with the goal of next-day recovery. As noted in the Discussion Section, the Commission also expects that, given the importance of the Central Repository, the Plan Processor will strive to reduce the time it will take to restore and recover CAT Data at a backup site. Further, the Commission's amendment to the Plan to require an annual review of efforts to reduce the time to restore and recover CAT Data at a back-up site should promote timeliness. Specifically, any enhancements with respect to restoration and backup of data resulting from these reviews will help to further ensure that access to CAT Data after an outage would be timely.
FSI Letter at 5.
SIFMA Letter at 45.
See CAT NMS Plan, supra note 5, at Appendix D, Section 5.4.
d. Operation and Administration of the CAT NMS Plan
In the Notice, the Commission stated its preliminary belief that certain elements of the CAT NMS Plan's governance are uniquely applicable to a consolidated audit trail and that, as compared to a CAT NMS Plan without these features, these provisions of the CAT NMS Plan increase the likelihood that the potential benefits of the CAT NMS Plan would be realized.
See Notice, supra note 5, at 30702.
(1) Introduction
In the Notice, the Commission stated that, in adopting Rule 613, the Commission established certain requirements for the governance of the CAT NMS Plan, stating that those “requirements are important to the efficient operation and practical evolution of the [CAT] and are responsive to many commenters' concerns about governance structure, cost allocations, and the inclusion of SRO members as part of the planning process.” Moreover, the Commission did not establish detailed parameters for the governance of the CAT NMS Plan, but rather allowed the SROs to develop specific governance arrangements, subject to a small number of requirements. For those requirements, the Commission stated that the governance provisions identified in the Adopting Release—relating to Operating Committee voting and the Advisory Committee—continue to be important to the efficient operation and practical evolution of the Plan, particularly given that there are a range of possible outcomes with respect to both the costs and benefits of the Plan that depend on future decisions. Further, the way in which the identified governance provisions have been incorporated into the Plan could help facilitate better decision-making by the relevant parties. This, in turn, means that the Commission could have greater confidence that the benefits resulting from implementation of the Plan would be achieved in an efficient manner and that costs resulting from inefficiencies would be avoided.
Id. (quoting the Adopting Release, supra note 14, at 45787).
Id.
Id.
Id.
(2) Key Factors Relating to Governance
Two factors identified by the Commission in the Rule 613 Adopting Release as “important to the efficient operation and practical evolution of the [CAT]” are voting within the Operating Committee and the role and composition of the Advisory Committee. Specifically, voting thresholds that result in Operating Committee decision-making that balances the ability of minority members to have alternative views considered with the need to move forward when appropriate to implement needed policies can promote achievement of the Plan's benefits in an efficient manner. Similarly, an Advisory Committee that is balanced in terms of membership size and composition, as well as in its ability to present views to the Operating Committee, can result in better performance of its informational role, and thus more efficient achievement of the benefits of the Plan.
Id. at 30703.
Id.
A. Voting
In adopting Rule 613, the Commission stated that “an alternate approach” to voting involving “the possibility of a governance requirement other than unanimity, or even super-majority approval, for all but the most important decisions” should be considered, as it “may be appropriate to avoid a situation where a significant majority of plan sponsors—or even all but one plan sponsor—supports an initiative but, due to a unanimous voting requirement, action cannot be undertaken.” The Notice states that the Plan generally eschews a unanimous voting threshold, except for three clearly-defined circumstances—and that by contrast “[m]ajority approval of the Operating Committee is sufficient to approve routine matters, arising in the ordinary course of business, while non-routine matters, outside the ordinary course of business, would require a supermajority (two-thirds) vote of the Operating Committee to be approved.” As the Notice discusses, majority voting avoids the hold-out problem of unanimity, but can result in decisions that bear less concern for the interests of the minority members—which in turn may depend on the ease with which a majority coalition can be formed, whether those coalitions are fluid or static, and whether in practice decision-making is collegial or contentious. The Notice also recognizes that “Participant SROs that are affiliated with one another could vote as a block by designating a single individual to represent them on the Committee,” thereby permitting those individuals to exercise more influence, but still short of control over voting outcomes. And the Notice states that the Plan's supermajority voting requirement for more important matters represents an intermediate ground between majority and unanimous voting.
Id. at 30703.
Id.
Id. at 30703-04.
Id.
Id. at 30704.
One commenter stated that it supports the EMSAC recommendations regarding changes to NMS Plan governance, which include limiting NMS Plan provisions requiring a unanimous vote and instead requiring two-thirds supermajority voting for substantive changes, plan amendments, and fees, with a simple majority vote for administrative or technical matters and argued that the recommendations should be included in the CAT NMS Plan. The same commenter also supported the recommendation that would involve “revisit[ing] allocation of voting rights among SROs” to replace the “one vote per exchange registration” model with a model of one vote per exchange family (except if the exchange family has a consolidated market share of 10% or more, then two votes) and recommended that it be applied to the CAT NMS Plan.
Fidelity Letter at 7-8; see also EMSAC Recommendation, supra note 693, at 3. The recommendation recognizes changes in the environment with respect to exchange competition. See Transcript, Equity Market Structure Advisory Committee Meeting (April 26, 2016) at 106 (“EMSAC April 26 Transcript”), available at https://www.sec.gov/spotlight/emsac/emsac-042616-transcript.txt.
Fidelity Letter at 7-8; see also EMSAC Recommendation, supra note 693 at 3. The recommendation recognizes that the number of exchange licenses that an exchange may have is related to the flexibility to provide for different pricing arrangements, rather than relating to what is appropriate for NMS Plan voting. See EMSAC April 26 Transcript, supra note 2388, at 106-07.
With respect to unanimous voting, the Participants' response noted that the Plan already significantly limits the use of unanimous voting to three well-defined circumstances, and that the Plan differs from other NMS Plans in this regard. With respect to allocation of voting to exchanges or exchange families, the Participants stated that because each Participant has obligations under Rule 613, each Participant should receive a vote. The Participants also noted that this approach is consistent with other NMS Plans.
Response Letter I at 7-8.
Response Letter I at 7.
The Commission has analyzed the comments received and discusses them in turn below, focusing on the CAT NMS Plan, and specifically on the question of whether the governance structure as amended in this Notice would decrease Plan uncertainty for purposes of the Commission's approval of the CAT NMS Plan.
The analysis therefore does not relate to whether changes at a later point to NMS Plan governance more broadly, which could include changes to CAT NMS Plan governance, would be appropriate at such time; see also infra note 2442 and associated text; Section IV.B, supra.
With respect to voting thresholds, the Commission believes that the CAT NMS Plan already anticipated the need for a voting structure that differs from other NMS Plans in following the Commission's recommendation to seek an “alternative approach.” The CAT NMS Plan requires unanimous voting only in three specific instances and otherwise relies on supermajority or majority votes, which the Commission notes is generally consistent with the suggestions made by the commenters. With respect to allocation of votes, the Commission believes that the exchange family approach could potentially give smaller or unaffiliated exchanges a more significant voice in Operating Committee decision-making, but it is already the case under the Plan that no single exchange family or even pair of exchange families can themselves control voting outcomes, even at a majority voting threshold. Thus, the determinants of whether majority voting would result in adequate attention to the rights of minority members continues to turn on the factors set out in the economic analysis accompanying the Notice.
Unanimous voting is required for: (i) Obligating Participants to make a loan or capital contribution to the Company; (ii) dissolving the Company; and (iii) acting by written consent in lieu of a meeting. See Section IV.B.1, supra.
See infra note 2811.
B. Advisory Committee
The Commission in the Notice further stated that in implementing the requirements of Rule 613—which requires that the Plan designate an Advisory Committee to advise plan sponsors on the implementation, operation, and administration of the Central Repository, and which must include representatives of member firms of the Plan sponsors (broker-dealers)—the Plan requires the Advisory Committee to have diverse membership: A minimum of six broker-dealers of diverse types and six representatives of entities that are not broker-dealers. The Notice elaborates that, given the primary purpose of the Advisory Committee as a forum to communicate important information to the Operating Committee, which the Operating Committee could then use to ensure its decisions are fully-informed, the Plan's choices in implementing Rule 613 do reflect some tradeoffs. Specifically, one factor in the ability of the Advisory Committee to collect relevant information for the Operating Committee is the quality and depth of the expertise, and the diversity of viewpoints, of the Advisory Committee's membership. The Notice states that the Plan balances these considerations by providing the Advisory Committee with sufficient membership to be able to generate useful information and advice for the Operating Committee, while being at a sufficiently low size and diversity level to permit the members to be able to work together. Moreover, another factor in the ability of the Advisory Committee to advise the Operating Committee is whether the Advisory Committee, having assembled a diverse set of views, could effectively communicate those views to the Operating Committee. The Notice states that two Plan provisions, relating to the staggering of member terms and the limits on participation of the Advisory Committee under Rule 613, bear on this communication. Finally, one other determinant bears on the effectiveness of the Advisory Committee in ensuring that the Operating Committee makes decisions in light of diverse information—whether the Operating Committee actually takes into account the facts and views of the Advisory Committee before making a decision. Here, the Notice states that the Plan does not contain a mechanism to ensure that the Operating Committee considers the views of the Advisory Committee.
See Notice, supra note 5, at 30704. The Notice also makes clear that the “[t]erms of Advisory Committee members would not exceed three years, and memberships would be staggered so that a third of the Committee would be replaced each year.” Id.
Id.
Id.
Id.
Id.
Id. at 30705. The Notice clarifies that staggering of terms could “enhance the cohesion of the Advisory Committee, and thereby its effectiveness in communicating member viewpoints to the Operating Committee.” But, “the Operating Committee members may exclude Advisory Committee members from Executive Sessions.” Id.
Id.
Id. Such a mechanism could include, per the Notice, “requiring the Operating Committee to respond to the Advisory Committee's views, formally or informally, in advance of or following a decision by the Operating Committee.” Id.
A number of commenters raised concerns about the extent of input from entities other than plan sponsors into the governance of the Plan. Several of these commenters cited what they perceived to be governance shortcomings with other NMS Plans that have a governance structure similar to that of the CAT NMS Plan—i.e., those that also have an Operating Committee limited to SRO members, and an Advisory Committee for generating input from a broader set of interested parties. In addition to generalized concerns about Advisory Committees having a lack of “visibility,” “voice,” or “authority,” commenters raised a number of ways in which they believe Advisory Committees' ability to provide effective input into Operating Committees' decision-making has been limited: Executive sessions of Operating Committees are overused to exclude Advisory Committee participation; robust information-sharing was not practiced; and other similar obstacles. These and other commenters expressed the view that voting representation for certain types of entities on the Plan's Operating Committee was necessary to promote fully-informed and high-quality decision-making, to enhance transparency and mitigate plan sponsor conflicts of interest, or to ensure adequate incentives exist to drive future improvements to the CAT.
SIFMA Letter at 25 (“The existing governance structure for other NMS Plans, which is being imported into the Plan, is ineffective and will provide broker-dealers with no meaningful participation in the development or operation of the CAT.”); Fidelity Letter at 7 (noting that the Plan's governance structure is similar to that of other NMS Plans, which structure has largely been unchanged since the 1970s, despite significant market changes; stating that “we do not believe that the governance structure in the Proposed Plan permits CAT Advisory Committee members an opportunity to participate meaningfully in the implementation, operation, and administration of the CAT . . . .”); KCG Letter at 7 (“Feedback related to the administration and operation of other NMS Plans . . . indicates that Advisory Committee members have limited visibility into the actions of the Operating Committee and almost no voice in the operation [of the] NMS Plan”); ICI Letter at 10 (“[T]he governance structure . . ., similar to other NMS plans, deprives a broad range of market participants, including registered funds and their advisers, of any meaningful voice in plan operations . . . .”). Cf. DAG Letter at 3 (noting that Industry's experience as a part of the CAT's DAG was that “SROs limited the Industry's participation in important aspects of the development process”); STA Letter at 1 (seconding the DAG Letter's conclusions).
SIFMA Letter at 26; KCG Letter at 7; ICI Letter at 10; Fidelity Letter at 7.
SIFMA Letter at 26 (“[T]he SROs have a long history of conducting all meaningful NMS Plan business in executive session, from which Advisory Committee members are excluded.”); Fidelity Letter at 7; KCG Letter at 7.
SIFMA Letter at 26 (“[T]he Operating Committees have refused to share even routine documents.”); cf. Fidelity Letter at 7.
SIFMA Letter at 26 (citing also the exclusion of Advisory Committee members from meetings of “subcommittees” of the Operating Committee, the circulation of agendas with limited opportunity to prepare views and the requirement that an SRO “sponsor” an agenda item raised by the Advisory Committee, and the absence of a mechanism for an individual member of an Advisory Committee to solicit and represent the views of broader constituencies).
SIFMA Letter at 25 (broker-dealers); DAG Letter at 3 (“Industry members”); ICI Letter at 11 (representatives of registered funds and other non-SRO participants); STA Letter at 1 (seconding the DAG Letter); KGC Letter at 6 (broker-dealers); MFA Letter at 3 (“an institutional investor, a broker-dealer with a substantial retail base, a broker-dealer with a substantial institutional base, a data management expert, and . . . a representative from a federal agency experienced with cybersecurity concerns as they relate to national security”).
SIFMA Letter at 25 (noting that (1) the CAT is complex and broker-dealer insight will bring perspectives of those who will be doing the bulk of the reporting; (2) broker-dealer participation will ensure the burden of systems changes is shared between broker-dealers and SROs; and (3) broker-dealers will, under the CAT funding model, be expected to bear the vast majority of costs); DAG Letter at 3 (“[F]iltering [Industry] input through SROs, who face a different set of reporting challenges than Industry members, has proven to be an imperfect mechanism for communicating and addressing concerns[;] . . . the Industry remains too far removed from decision-making processes.”); STA Letter at 1 (seconding the DAG Letter); ICI Letter at 11 (stating that “[t]he perspective of other market participants—particularly given that the central repository will house their sensitive information—would help in the development and maintenance of the CAT” and noting further that registered funds' and their advisers' views would make the Operating Committee “far better informed” particularly with respect to the impact of CAT on trading and order management practices of funds, and on CAT data security); MFA Letter at 3 (suggesting representation for market participants who will be most significantly impacted by the Operating Committee's decisions).
ICI Letter at 12 (stating that the SROs have an incentive to make regulatory use of and to potentially commercialize the information that they report to the CAT, whereas registered funds would be solely interested in the “security, confidentiality, and appropriate use of all data reported to the CAT”); KCG Letter at 7; MFA Letter at 3-4.
MFA Letter at 4.
Some commenters argued for improving the effectiveness of the Advisory Committee—on its own merits, in addition to changes to the Operating Committee, or as a second-best alternative to Operating Committee changes. Along these lines, several commenters asserted that the membership of the Advisory Committee should be expanded to include more or additional types of entities. Commenters also suggested that the Advisory Committee should be involved in every aspect of CAT decision-making, with procedural protections put in place to ensure a robust role for the Advisory Committee in the operation and administration of the CAT. Finally, some commenters called for additional enhanced governance features, such as independent directors, an audit committee, or publicly-released financial and other disclosures.
See infra n.161-162 & associated text; see also SIFMA Letter at 26 (while stating that the Advisory Committee is not a substitute for direct voting rights, offering comments “in the alternative” on the Plan's proposed Advisory Committee structure); FIF Letter at 135 (recommending “defining the Advisory Committee to reflect a more participatory, active role in the formulation of decisions and directions being reviewed by the SROs”). But cf. KCG Letter at 7 (stating that the Advisory Committee is “not an adequate substitute for providing non-SROs with full voting power on the CAT NMS Plan Operating Committee”).
Hanley Letter at 6 (add two financial economists); SIFMA Letter at 27 (“the makeup of the Advisory Committee should include participants with an appropriate representation of firm sizes and business models, such as: Inter-dealer brokers, agency brokers, retail brokers, institutional brokers, proprietary trading firms, smaller broker-dealers, firms with a floor presence, and trade associations”—to be selected by broker-dealer representatives, rather than SROs); DAG Letter at 3 (the “Advisory Committee should have a strong Industry continent and [] this contingent should be formed prior to the approval of the plan”); STA Letter at 1 (seconding the DAG Letter); FIF Letter at 135-136 (“the composition of the Advisory Committee should be widened to 20 participants with a minimum of 12 broker-dealer firms represented”; “[c]ategories of participants that should be added are trade processing and order management service bureaus, as well as the industry associations, such as FIF and SIFMA”); ICI Letter at 12 (“more investor representation, including representation from registered funds” and clarify that existing slot for “institutional” investor would include “advisers to registered funds”); Reuters at 6 (add service bureau representation; service bureaus can offer the view of multiple of their audit trail reporting clients); see also Fidelity Letter at 7 (recommending adoption of the EMSAC recommendations, which includes nomination of new candidates for Advisory Committee membership by the Advisory Committee, to be confirmed by a majority vote of the Operating Committee).
SIFMA Letter at 27-28 (stating that the role of the Advisory Committee must include every aspect of the CAT, including every discussion and meeting of the Operating Committee, and every key issue; procedural safeguards would include (1) establishing written criteria for, and written justifications for invoking, executive sessions, (2) written responses to or documentation for any rejection by the Operating Committee of a written recommendation of the Advisory Committee, (3) circulation of agendas and documentation with sufficient time to prepare for meetings, and (4) broad access by Advisory Committee members to information regarding the performance of the central repository); ICI Letter at 13 (stating that the CAT NMS Plan should include (1) a requirement that the Operating Committee respond in writing to Advisory Committee recommendations, (2) a right for the Advisory Committee to have broad access to documents, and (3) a right to be present in all discussions about data security, including receiving all reports from the CCO and CISO that the Operating Committee receives); Reuters at 7 (stating that the Advisory Committee should have input on Plan amendments that impact CAT Reporters, as well as on decisions on “funding and other aspects of CAT operations”); Fidelity Letter at 7 (supporting changes to Advisory Committee structure proposed by the EMSAC). Cf. DAG Letter at 3 (the Advisory Committee's Industry contingent should be formed prior to the approval of the Plan to permit the Advisory Committee to provide input to the selection of the Processor and developing Operating Procedures); FIF Letter at 136-37 (an active and collaborative Advisory Committee is necessary to ensure a high-quality CAT; the scope of the Advisory Committee should include the CAT System in addition to the Central Repository; and the Advisory Committee should have input into all amendments—material and non-material (with material amendments redefined to include “External Material Amendments” and “Internal Material Amendments”); NYSE Letter at 4-6.
SIFMA Letter at 29 (requesting that the CAT be operated at-cost, with fully transparent, publicly-disclosed annual reports, audited financial statements, and executive compensation disclosure; an audit committee should ensure that revenue is used for regulatory purposes—these would be appropriate to the “regulatory undertaking” and “industry utility” that the CAT should be, with SROs' regulatory decisions “made outside the governance and operation of the CAT itself”); DAG Letter at 3 (calling for the CAT governance structure to include independent directors (with both non-Industry and Industry participants) and a majority-independent audit committee); STA Letter at 1 (seconding the DAG Letter).
One commenter objected wholesale to the governance structure of the Plan, asserting that the “governance of the CAT must not be riddled with conflicts of interest” and that therefore the CAT should either be controlled entirely by the Commission, or that the CAT governance structure should be radically altered, in order for it to be more consistent with the public interest and the SEC's mission.
Better Markets Letter at 4-6 (with respect to the latter option, the CAT would need to be a not-for-profit, led by a Board with a supermajority of independent directors (including an independent Chair), and with SEC representation, with ultimate SEC control over the access to and usage of the CAT).
On the other hand, one commenter expressed a view that the CAT NMS Plan's governance structure, including the provision limiting Operating Committee voting membership to Plan sponsors, was appropriate, given that Rule 613 places the responsibility for creating and maintaining the CAT NMS Plan on the Plan sponsors, and that the Plan sponsors, as SROs, are subject to obligations under Rules 608 and 613, as well as Section 6(b)(1) and 15A(b)(2) of the Exchange Act—obligations to which Advisory Committee members are not subject.
NYSE Letter at 4-5 (citing the Commission's statement in the Adopting Release that the structure of the Operating Committee and the Advisory Committee, including the ability of the Operating Committee to meet in executive session, “appropriately balances the need to provide a mechanism for industry input . . . against the regulatory imperative that the operations and decisions regarding the [CAT] be made by SROs who have a statutory obligation to regulate the securities markets, rather than by members of the SROs, who have no corresponding statutory obligation . . . .”). But cf. KCG Letter at 6 (stating that the SRO-only Operating Committee is “contrary to the public interest and fails to recognize the CAT system as a core market utility meant to benefit all market participants”).
Id. at 6 (the latter are the obligations to comply, and enforce its members' compliance with, the Exchange Act).
In their responses, Participants responded to many of the concerns raised by the commenters. First, the Participants stated that the composition of the Operating Committee is consistent with Rule 613, and including non-SROs on the Committee could give rise to conflicts of interest as entities that are the subject of market surveillance would be given a role in determining how such market surveillance would operate. Moreover, the Advisory Committee would provide non-SROs with an “appropriate and meaningful forum” in which to make their views known.
Response Letter I at 6.
Id. at 7.
With respect to the Advisory Committee, the Participants agreed with certain commenters who had called for additional entities to be added to the membership of the Advisory Committee, and therefore proposed a Plan amendment to add a service bureau representative, along with an additional institutional investor representative (while requiring one of the three institutional investor representatives to represent registered funds). However, the Participants disagreed with adding financial economists, as there is already an academic who could be a financial economist; trade groups, as there are already individual members thereof represented; or additional broker-dealers, as there are already several representatives from different segments of the industry—and adding so many additional people would “likely hamper, rather than facilitate, discussion.” With respect to the appointment of Advisory Committee members, the Participants rejected the suggestion that the broker-dealer members of the Advisory Committee be permitted to make appointments, but determined to amend the Plan to provide the Advisory Committee an opportunity to advise the Operating Committee on candidates before the Operating Committee makes an appointment.
Id. at 9-10.
Id. at 10-11.
Id. at 13-14.
With respect to the activities of the Advisory Committee, the Participants stated that the existing structure provided under Rule 613 already provides the Advisory Committee with an appropriate, active role in governance, and that no changes are needed. Similarly, the Participants did not believe that a change to provisions governing consideration of Material Amendments was necessary to provide the Advisory Committee with a more robust role.
Response Letter I at 13. The Participants also declined to form the Advisory Committee prior to the approval of the Plan in response to the commenter who wanted the Industry contingent to the Advisory Committee to be formed early to have input on selection of the Plan Processor and the formation of operating procedures, stating that they have, and will continue, to engage with the DAG in order to receive the views of industry members prior to the approval of the Plan. Id. at 16-17.
Id. at 19-20.
With respect to the additional procedural protections for the effectiveness of the Advisory Committee, the Participants asserted that, first, with respect to Executive Sessions, Rule 613 and the Plan strike the right balance, as the Plan Participants need the opportunity to discuss certain matters, including certain regulatory and security issues, without the participation of the industry, and that maintaining flexibility in determining when to meet in Executive Session is important. But Participants nonetheless clarified that they intend to limit Executive Sessions to “limited purposes requiring confidentiality.” Second, Participants asserted that similarly the right balance has been struck with respect to the treatment of Advisory Committee requests and recommendations, as the commenters' proposed procedural protections are formulaic, and could hamper interactions. The Participants also affirmed their belief that “as a matter of good corporate governance, the Operating Committee should take into consideration the Advisory Committee's input regarding the CAT.”
Id. at 14-16. The purposes requiring confidentiality for which an Executive Session could be appropriate were further elaborated as including “(1) matters that present an actual or potential conflict of interest for Advisory Committee members (e.g., relating to Industry Members' regulatory compliance); (2) discussion of actual or potential litigation; (3) CAT security issues; and (4) personnel issues.” Id. at 15.
Id. at 15-16. Response Letter I did not directly address the comments regarding agenda timing, or broad informational access.
Finally, with respect to the other governance features requested by commenters, the Participants declined to make any changes. With respect to independent directors, according to Participants, the composition of the Operating Committee as set forth in the Plan is consistent with Rule 613, and adding independent directors is unnecessary, given existing independent representation on SRO boards. Moreover, they asserted that an audit committee is unnecessary, because the CAT will operate on a break-even (versus for-profit) basis, the Operating Committee members can act objectively, and the Compliance Subcommittee can aid the CCO in much the same way as an independent audit committee would. Finally, the Participants noted that financial transparency is accomplished through Advisory Committee members' right to access information about the operation of the CAT and their receipt of minutes from meetings; also, financial information related to the CAT will be disclosed in fee filings with the Commission.
Id. at 7.
Id. at 8-9. However, Participants also stated that the Operating Committee could decide to add an audit committee at a later date. Id. at 9.
Id. at 17.
The Commission has considered the comments it received regarding governance issues but believes that the economic benefits and tradeoffs of the CAT NMS Plan governance structure examined in the Notice continue to apply. The Commission in the Notice stated that the governance provisions of the CAT could “help promote better decision-making by the relevant parties” and thereby “could mitigate concerns about potential uncertainty in the economic effects of the Plan by giving the Commission greater confidence that its expected benefits would be achieved in an efficient manner and that costs resulting from inefficiencies would be avoided.” While commenters have not raised issues that would cause the Commission to fundamentally reconsider that assessment, commenters have called attention to ways in which they believe NMS Plan governance could be improved to increase the likelihood that the benefits of the plan would be achieved in an efficient manner and that costs resulting from inefficiencies would be avoided. These are discussed in turn below, along with the changes the Participants recommended making to the Plan, and which the Commission has made, in response to certain comments. As above, the discussion is specific to the CAT NMS Plan, and specifically, the question of whether the governance structure as amended would decrease Plan uncertainty for purposes of the Commission's approval of the CAT NMS Plan.
See Notice, supra note 5, at 30705.
The Notice did not expressly address the possibility of adding non-SRO members to the Operating Committee, given that the Commission in the Adopting Release for Rule 613 cited the “regulatory imperative” that the operations and decisions regarding the CAT be made by SROs, who have the statutory obligation to oversee the securities markets. The Commission believes that adding non-SROs to the Operating Committee, as advocated by some commenters, could give rise to the types of tradeoffs that are similar to those the Commission identified in the Notice with respect to expanding or diversifying the Advisory Committee: A larger and more diverse Operating Committee could result in better-informed Operating Committee decision-making, but it could also decrease the ability of Operating Committee members to coordinate effectively in decision making. In particular, non-SROs may have significantly different interests than SRO members, given that non-SROs lack the statutory obligation to oversee the securities markets, and their inclusion could give rise to potential conflicts of interest or recusal issues if the Operating Committee were to discuss regulatory surveillance issues. Thus, the Commission believes that adding non-SRO members to the Operating Committee at this time would increase rather than decrease the uncertainty around achieving the benefits of the Plan.
Id. at 30704.
Similarly, adding an independent board or audit committee to the Plan's governance structure could provide additional oversight of Plan decision-making and mitigate potential concerns about Plan Participants' conflicts of interest, but it could also decrease coordination in decision-making required for efficiently achieving the regulatory benefits of the Plan. Aside from the potential costs, the incremental benefits of these and other enhanced governance features (e.g., additional disclosure requirements) may be narrow in light of the other provisions discussed in the Notice, including the Commission's ability to monitor whether the benefits of the CAT are being achieved and the provisions limiting the incentive and ability of Operating Committee members to serve the private interests of their employers, including rules regarding recusal of Operating Committee members from voting on matters that raise a conflict of interest. Id. at 30741.
Commenters did not challenge the nature of the tradeoffs that apply to the membership of the Advisory Committee, but rather where the particular balance was struck. A larger, more diverse committee as advocated by some commenters could provide additional views that could lead to better-informed decision-making; however, such a committee could also lack cohesion and have difficulty making decisions in a timely manner, which would impede the efficiency of the decision-making process under the CAT NMS Plan. Adding a small number of diverse voices as Participants propose to do in response to comments could enhance the quality of Advisory Committee decision-making by increasing the diversity of views that are represented, but risks decreasing the quality of decision-making by making the Advisory Committee larger and less cohesive. It is difficult to determine where the exact tipping point lies, but the changes the Participants propose making to the Plan we believe would on net increase the quality of Plan decision-making: The value of the additional diverse viewpoints appears likely to justify any additional unwieldiness the two additional members might cause. Along these same lines, the Commission further believes that adding the unique perspectives of a financial economist would also increase the quality of the Advisory Committee discussions without unduly burdening its operations, and the Commission has therefore amended the Plan to add to the Advisory Committee an academic who is a financial economist. However, adding a large number of additional members, or members whose views could be expected to largely coincide with those of existing members, as certain commenters sought, makes it more likely that the marginal benefits of expansion would be outweighed by the increase in coordination difficulties.
Id. at 30705.
For example, while there are many diverse types of broker-dealers, it is not clear that increasing the number of broker-dealers representatives from 7 to 12 would add significantly to the diversity of views represented on the Advisory Committee, and by constituting a majority of Advisory Committee members, may give rise to a risk that broker-dealer voices would dominate Advisory Committee discussions, which could limit the diversity of views transmitted to the Operating Committee and thereby worsen Plan decision-making.
With respect to the Advisory Committee membership, one commenter suggested that the appointments be made by the broker-dealer members of the Advisory Committee, rather than by the Operating Committee; Participants asserted that the Operating Committee should have selection responsibility. The question of who to vest with appointment power embodies certain tradeoffs: Increasing the independence of the Advisory Committee by vesting appointment power in Advisory Committee members may promote more diverse or robust presentation of views to the Operating Committee. On the other hand, it increases the possibility that the Advisory Committee would operate in a manner adversarial to the Operating Committee, and could diminish the likelihood that the Operating Committee would be open to persuasion following consideration of the Advisory Committee's views. Moreover, vesting appointment powers solely in the broker-dealer members of the Advisory Committee, as opposed to all members of the Advisory Committee, could result in Advisory Committee membership that overweighs the views of broker-dealers. As a compromise position, the Participants propose to formalize a role for the Advisory Committee in advising the Operating Committee on membership selections. This is not the only compromise position that could balance the interests of SROs and non-SROs and ensure the representation of a diverse set of views to promote well-informed decision-making—for example, one commenter's alternative would provide slightly more power to the Advisory Committee by vesting nominating authority in the Advisory Committee, while providing a veto right to the Operating Committee through the majority vote it would take to confirm a new member. But the Plan, as amended, would promote better-informed decision-making by ensuring the views of existing Advisory Committee members are considered as part of the selection of new members. This should promote membership in the Advisory Committee that is more independent, rather than intellectually-aligned with either the Operating Committee or Advisory Committee (or some subset thereof), and thereby better-able to bring diverse views to the Operating Committee's attention in Plan decision-making.
While, as amended, the Plan would provide a role with respect to Advisory Committee membership selection to the Advisory Committee, the Participants did not propose an additional expansion of the activities of the Advisory Committee, as some commenters had sought. It is not clear that procedural changes such as having the Advisory Committee formally vote on matters that the Operating Committee is voting on, as opposed to a less formal way of providing the Operating Committee with the Advisory Committee's views with respect to those votes, would materially improve Plan decision-making and thereby reduce uncertainty that benefits would be achieved. Similarly, the Plan's current definition of Material Amendment seems appropriately calibrated to bring the most robust decision-making processes to bear on the matters of the greatest importance. Altering the balance to add more process under Section 6.9(c) (i.e., to require affirmative approval by Supermajority Vote (Material Amendments) versus a right of objection vested solely in Participants plus a Majority Vote (non-Material Amendments)) could improve the quality of those decisions by making them better-informed—i.e., by requiring debate and subjecting them to a Supermajority Vote, versus only triggering debate at the option of Participants —but the additional delay imposed on decision-making with respect to less significant matters would likely not justify any marginal gains in decisional quality.
Similarly, constituting the industry portion of the Advisory Committee early, so that industry may have a greater voice with respect to selection of the Plan Processor and the operating procedures of the CAT, would not improve Plan decision-making where those views could be solicited from industry via the DAG.
It is not clear the extent to which the Advisory Committee would have the opportunity to have input into a non-Material Amendment during the 10 day window before the non-Material Amendment is deemed approved, but, as noted above in Section IV.B.2, the Commission amendment to the Plan would provide the Advisory Committee with the same information regarding non-Material Amendments as the Operating Committee would have.
Similarly, the Notice discussed several of the issues raised by commenters, including that the Advisory Committee members are permitted to attend Operating Committee meetings but are excluded from Executive Sessions; that the Advisory Committee's access to information is subject to scope and content determinations made by the Operating Committee; and that there is no mechanism under the Plan to ensure that the Operating Committee does in fact consider the views of the Advisory Committee when engaged in Plan decision-making. Changing any of these features as commenters suggested would pose certain economic tradeoffs. Commenters did not assert that the Advisory Committee system as currently constructed is unable to function appropriately, but rather in their experience that it does not—and therefore that additional protections are needed. Cooperation in good faith under the existing structure of the Plan could ensure that Advisory Committee members have access to the information they need to contribute meaningfully to discussions and that Advisory Committee members' recommendations are taken seriously; absent good faith cooperation, processes would be needed to promote these outcomes. While additional processes could provide protections, they would also increase inflexibility. Thus, adding formal mechanisms where informal mechanisms would have sufficed would add costs, delay, and lack of adaptability with little or no corresponding benefit.
See Notice, supra note 5, at 30705.
In their response, Participants stated that they “recognize the benefit and purpose of the Advisory Committee and intend to use the Executive Session for limited purposes requiring confidentiality” and further that “as a matter of good corporate governance, the Operating Committee should take into consideration the Advisory Committee's input regarding the CAT.” The Commission agrees, and in light of the Participants' assurances, believes that the protections sought by some commenters are generally not necessary to achieve the Plan's benefits and could be counterproductive at this time.
Response Letter I at 15-16.
However, the Commission is amending the Plan in two ways that respond, at least in part, to certain of commenters' concerns. First, the Commission is amending the Plan to require that SEC Staff be able to attend Executive Sessions. In addition to the direct oversight benefits that would accrue from SEC Staff attendance at Executive Sessions, SEC Staff would be able to monitor whether Participants are complying with their stated intent of limiting Executive Sessions to purposes requiring confidentiality. The direct and indirect costs of permitting SEC Staff attendance should be low, but potential indirect costs do exist. For example, it may chill the free exchange of ideas in an executive session if the presence of the Participants' regulator causes the Participants to engage in a less robust conversation, which could diminish the effectiveness of the Plan's governance. Similarly, the additional imposition on Executive Sessions may prompt the Participants to seek alternative, informal methods of communication and debate outside the formal governance mechanisms established by the Plan, which could ultimately disadvantage Advisory Committee members if decisions are made informally, without the benefit of their input.
Second, the Commission is amending the Plan to require that the Advisory Committee members receive the same materials and information as the Operating Committee receives (absent confidentiality concerns with respect to such information). This new procedural protection will put Advisory Committee members on an equal informational footing with the Operating Committee, and should thereby allow the Advisory Committee to produce recommendations that are better-informed. The procedural protection should have low direct costs: It does not require the preparation of new materials but simply the dissemination of information that is already prepared for the Operating Committee. However, there could be indirect costs and tradeoffs. Principally, Operating Committee members who are no longer able to exclude certain materials from dissemination to the Advisory Committee members (e.g., materials that are sensitive in some way but do not fall within the confidentiality exception in the Plan) could choose to withhold such materials entirely, thereby making the Operating Committee's deliberations less well-informed, or they could seek to hold sensitive discussions in a less formal or less well-documented venue, which could pose the same problems as discussed above with respect to SEC presence in Executive Sessions.
With respect to the remaining requested protections for which no Plan amendment is being made, the Commission will be alert to future suggestions that cooperation between the Advisory Committee and the Operating Committee is lacking, and will assess, as appropriate, whether additional procedural protections are needed.
With respect to the additional governance features for which some commenters advocated—an independent board, audit committee, and financial transparency—the economic analysis in the Notice did not specifically discuss these items. The Commission believes that, on balance, commenters advocating for these issues have not raised concerns that would cause the Commission to alter its economic analysis. Having an independent board or audit committee would add an additional layer of complication to Plan decision-making—triangulating among the Operating Committee, Advisory Committee, and the independent board, thereby increasing the likelihood of untimely decision-making. There do not appear to be significant offsetting benefits at this time, as alternative mechanisms already exist to advance the purposes that these governance enhancements would seek to serve. If the purpose is that there be an external check on potential conflicts of interest, the Advisory Committee can serve in that role, given its ability to receive documents. Similarly, to the extent that independent board members or an audit committee could serve a monitoring function, such a monitoring function could already be accomplished through the Compliance Subcommittee that the Plan establishes to aid the CCO. Because the functions that the additional governance features would fulfill are already performed, at least in some extent, by existing features of Plan governance, adding them does not appear necessary at this time to ensure that the Plan's governance is such that uncertainties under the Plan would be diminished.
In addition, as the Notice makes clear, the Commission can modify the Plan as it may deem necessary or appropriate, and has the right to attend meetings of the Operating Committee, as well as receive specified documents. See Notice, supra note 5 at 30702. The Commission can thus serve as an additional external check on potential conflicts.
Similarly, the Commission's amendment to the Plan to require that CAT LLC financial statements be prepared in compliance with GAAP and audited by an independent public accounting firm may substitute to a certain extent for the added financial transparency sought by commenters. See CAT NMS Plan, supra note 5, at Section 9.2; see also Section IV.B.4; Participants' Letter II.
With respect to the commenter who advocated a radically different method for Plan governance, where the CAT would be controlled by the Commission to avoid conflicts of interest, the Commission notes that SROs are entrusted with regulatory and oversight responsibilities by the Exchange Act; to the extent their commercial interests create an actual or potential conflict of interest, the Advisory Committee is able to monitor and advise the Operating Committee on Plan decision-making, acting as a counter-weight; and to the extent there are any residual unmitigated conflicts, the Commission has authority to intervene. The Commission believes that the CAT NMS Plan approach to balancing and offsetting the conflicts of interest can achieve the regulatory benefits of the CAT.
At this time, given the analysis above, the Commission believes that the governance structure in the Plan as modified increases the likelihood that the benefits of the Plan will be achieved. The Commission notes that more significant changes to NMS Plan governance structures could potentially produce better overall Plan outcomes, but could also lead to additional coordination problems or have unintended consequences. Thus, while the Commission believes that the reduction in uncertainty relating to the achievement of Plan benefits can at this time best be achieved through the Plan's approach to governance, the Commission will continue to assess the governance of NMS Plans generally and the tradeoffs between the quality and efficiency of the decision-making processes of NMS Plans.
See, e.g., Fidelity Letter at 7-8 (“We also agree that the SEC should engage in formal administrative rulemaking to revise Rule 608 of Regulation NMS to specify that NMS Plans must contain governance provisions consistent with the objectives specified in the EMSAC recommendations . . . .”). Cf. ICI Letter at 12 (noting that “every NMS Plan . . . at least should include an advisory committee comprising a broad range of industry participants that lack operating committee representation” (emphasis added)); see also supra Section IV.B.
Finally, one commenter asserted that the CAT should be administered by a single centralized body from a legal, administrative, supervisory, and enforcement perspective, rather than by nineteen separate SROs. According to that commenter, while the Plan “contains permissive language” that would allow the SROs to enter into agreements with one another, nothing requires the SROs to enter into 17d-2 agreements, Regulatory Services Agreements, or some combination thereof. Thus, SROs could interpret the CAT's requirements differently, or apply them to duplicative enforcement, which would be “inefficient and unworkable for firms that are members of several of the SROs.” Coordination, by contrast, “will create efficiencies and avoid regulatory duplication, potential inconsistent interpretations and interpretive guidance, and unnecessary compliance costs.” The Participants stated that they recognize the potential efficiencies to be achieved through coordination, and plan to consider a Rule 17d-2 agreement. The Commission agrees that coordination of efforts can produce efficiencies, but notes that alternative mechanisms for coordination of efforts, including the Operating Committee, also exist. Requiring delegation of authority to one SRO also would not necessarily lead to a better outcome, if such a one-size-fits-all approach were to inhibit the ability to tailor programs to a particular SRO or its members. However, in light of the potential efficiencies, the Commission believes it important that the Participants consider mechanisms for regulatory cooperation, and has therefore amended the Plan to require a report detailing the Participants' considerations. Thus, the permissive approach taken in the Plan—where SROs can execute agreements but are not required to do so, particularly where coupled with the Participants' assertion that they are exploring whether it would in fact be efficient to enter into those agreements and the Plan's requirement that they report on whether they have done so—still promotes the achievement of the Plan's regulatory benefits.
SIFMA Letter at 29 (suggesting that a single SRO take the lead, and others execute agreements to transfer responsibility for enforcement to that SRO).
Id.
Response Letter I at 17.
(3) Conclusion
In the Notice, the Commission concluded by stating its preliminary belief that the governance provisions discussed therein could help promote better decision-making by the relevant parties and, in turn, could mitigate concerns about potential uncertainty in the economic effects of the Plan by giving the Commission greater confidence that its expected benefits would be achieved in an efficient manner and that costs resulting from inefficiencies would be avoided. For the reasons discussed above, the Commission continues to believe that this is the case after considering the comments on its analysis, the Participants' response, and modifications to the Plan.
Id.
F. Costs
In the Notice, the Commission preliminarily estimated current costs related to regulatory data reporting, anticipated costs associated with building and maintaining the Central Repository, and the anticipated costs to report CAT Data to the Central Repository. These preliminary estimates were calculated from information provided in the CAT NMS Plan as amended on February 27, 2015 as well as supplemental information. The Commission discussed the Plan's estimate that the 20 Participants spend $154.1 million annually on reporting regulatory data and performing surveillance. The Notice also reported that the approximately 1,800 broker-dealers anticipated to have CAT reporting responsibilities currently spend $1.6 billion annually on regulatory data reporting. The Commission estimated that the cost of the Plan would be approximately $2.4 billion in initial aggregate implementation costs and $1.7 billion in ongoing annual costs. Furthermore, the Notice discussed that market participants would have duplicative audit trail data reporting responsibilities for a period of up to a maximum of 2.5 years preceding the retirement of potentially duplicative regulatory data reporting schemes. The Commission estimated that duplicative audit trail data reporting could cost broker-dealers $1.6 billion per year or more and could cost the Participants up to $6.9 million per year. The Notice also treated all costs of developing the Plan (estimated at $8.8 million at the time the Plan was filed) as sunk costs, excluding them from costs to industry if the Plan were adopted.
See Notice, supra note 5, at 30708-30.
The number of Participants has changed since the Plan was filed. Adjustments to cost numbers to account for new Participants is discussed in Section V.F.1.b, infra.
In the Notice, the Commission discussed its belief, however, that there is significant uncertainty surrounding the actual implementation costs of CAT and the actual ongoing broker-dealer data reporting costs if the Plan were approved. The Commission explained that the methodology and data limitations used to develop these cost estimates could result in imprecise estimates that may significantly differ from actual costs.
In the Notice, the Commission considered which elements of the CAT NMS Plan are likely to be among the most significant contributors to CAT costs. The Commission discussed its preliminary belief that significant sources of costs would include the requirement to report customer information, the requirement to report certain information as part of the Material Terms of the Order, the requirement to use listing exchange symbology, and possibly, the inclusion of Allocation Reports.
Id. at 30730-32.
The Commission also recognized that a number of second-order effects could result from the approval of the Plan. These included market-participant actions designed to avoid direct costs of a security breach; changes to CAT Reporter behavior due to increased surveillance; changes in CAT Reporter behavior to switch from one funding tier to another to qualify for lower fees; and changes in broker-dealer routing practices related to fee differentials across Execution Venues. The Commission also recognized that investors and market participants could face significant costs if CAT Data security were breached.
Id. at 30733-34.
See Section V.C.8, supra and Section VI.F.2.b, infra.
The Commission has considered the comments received, the Participants' response, and the modifications to the Plan, and has updated and revised its analysis of costs accordingly. The Commission's updated cost estimates presented below consider a change in the number of Participants, updated cost information for the Central Repository provided by the Participants, and modifications to the Plan that include: A requirement that exchanges synchronize their clocks to within 100 microseconds of NIST; changes to the Funding Model regarding the manner in which ATSs are assessed Central Repository costs; and updated milestones regarding the retirement of duplicative systems. The updated estimates also recognize that the Participants plan to recover some portion of their Plan development costs from industry.
See Section V.F.3.a(5), infra.
The Commission's revised cost estimates cover 21 Participants, rather than 19 as were covered by the Participants Study. Consequently, the Commission has increased its estimate of the Participants' aggregate implementation costs from $41.1 million to $47.7 million, and increased its estimate of the Participants' ongoing annual costs from $102.4 million to $118.9 million. Although these changes also increase the Commission's estimate of the implementation and ongoing costs of the Plan to industry, the increases do not change the rounded totals presented in the Notice. The Commission now estimates that the cost of the Plan is approximately $2.4 billion in initial aggregate implementation costs, $55 million in system retirement costs, and $1.7 billion in ongoing annual costs.
See Section VI.1.b, infra.
The Commission expands on the analysis of the estimated costs above by exploring individual components of the CAT NMS Plan. In general, the CAT NMS Plan does not break down its cost estimates as a function of particular CAT NMS Plan requirements. Therefore, the Commission discusses the costs of particular requirements separately from the aggregate costs and costs by Participant, and qualitatively discusses costs the Commission is unable to estimate. The Commission has revised its analysis of particular requirements from that in the Notice in three ways. First, the Commission now discusses the uncertainty in its analysis of these costs in more detail. Second, in response to information provided by commenters, the Commission now recognizes that some costs, namely costs associated with reporting Allocation Time and Quote Sent Time, were not included in the estimated costs in the Notice. The Commission now includes these costs in the total costs for broker-dealers where estimates are available or otherwise recognizes them as additional to the existing estimates. Third, the Commission no longer judges whether quantified costs attributable to specific elements of the Plan represent a significant contribution to total costs. The Commission is cognizant that some of the costs for particular elements may be significant in isolation even if they are not a large proportion of the aggregate costs of the Plan.
The Commission recognizes that Allocation Time may also increase the costs of the Central Repository and that Quote Sent Time may increase the costs of the Central Repository and to Participants. However, the Commission lacks sufficient information to add these costs to the existing estimates in these categories. Consequently, the Commission discusses the modifications qualitatively.
The Commission continues to believe that direct costs in the event of a CAT security breach could be significant, but that certain provisions of Rule 613 and the CAT NMS Plan appear reasonably designed to mitigate the risk of a security breach. Furthermore, the Commission notes that the Plan amendments and the Participants' response provide more details about the required security provisions and more clarity on the applicability of Regulation SCI standards. The Commission believes that these clarifications address some commenters' concerns by providing more assurances that the security procedures are reasonably designed to prevent security breaches and that customers will be notified in the event of a breach; nevertheless, the Commission acknowledges that the costs of a breach could be quite large.
As discussed further below, the Commission's analysis of the second-order effects that could result from the approval of the Plan is largely unchanged from what was published in the Notice. However, the Commission has revised its analysis to reflect that the Plan will change so that ATS volume is not charged first to broker-dealers operating the ATS and then again to FINRA, which would pass through the fee costs to their members (which include ATSs). Further, the Commission recognizes certain second-order effects that it did not address in the Notice.
1. Analysis of Expected Costs
The Plan divided the analysis of CAT cost estimates into costs associated with: Building and operating the Central Repository; data reporting and surveillance performed by Participants; data reporting by broker-dealers; and CAT implementation costs borne by service providers. The Notice's analysis of the cost estimates of the Plan followed this approach, and the Commission's updated analysis presented here also divides the analysis of costs in this way, incorporating comments, the Participants' responses, and Plan amendments into each analysis.
There were a number of comments on the Commission's cost estimates, which are discussed below in their appropriate subsections. However, one commenter had general comments on uncertainties in cost estimates and the scope of what was covered by cost estimates presented in the Plan, stating, “. . . the overarching theme throughout the analysis is that these estimates may not be an accurate reflection of actual costs.” The commenter further stated, “the Proposal does not adequately explain what is included in the calculation of “costs” of the system.” The Commission continues to believe that the cost estimates it provided in the Notice were reliable, though it acknowledges that uncertainties related to the scope and magnitude of the estimated costs remain. The Commission further acknowledges that many cost estimates from the Notice reflect market participants' estimates of total costs of implementing and maintaining CAT reporting; the Commission agrees with the commenter that the Plan lacks a certain amount of detail on the cost of individual elements that contribute to the total costs of the Plan that will be borne by market participants.
FSR Letter at 9.
By characterizing estimates as “reliable,” the Commission is stating its belief that the methodology used to create the estimates is likely to result in estimates that are representative of the costs industry will actually incur, and that the magnitude of the estimates appears to be reasonable. However, the Commission is not suggesting such estimates are free of uncertainty. Indeed, the Commission recognizes a degree of uncertainty—in some cases a large degree—surrounding estimates it is characterizing as “reliable.”
See Notice, supra note 5, at 30708.
The Commission attempts to address the individual components of the costs separately below in the Further Analysis of Costs Section. The Commission has also updated and revised certain cost estimates in response to comments and modifications in the Plan, and explains each of those changes below. The Commission acknowledges that, in light of the predictive nature of the analysis and limitations in the available data, uncertainties remain. The Commission believes, however, that the estimates are reliable in that the methodology used to create the estimates is representative of the costs industry will actually incur, and that the magnitude of the estimates appears to be reasonable. The Commission also notes that, while a commenter criticized the uncertainty in the estimates provided in the Notice, the commenter did not offer additional data and did not fault the Commission's analysis of the information it did have.
See Section V.F.3, infra for a discussion of some of the individual components of the costs.
a. Costs of Building and Operating the Central Repository
In the Notice, the Commission's estimates of costs to build and operate the Central Repository relied on information presented in the Plan as amended on February 27, 2015. At the time of the Notice, the Plan's estimates of the costs to build the Central Repository were based on Bids that varied in a range as high as $92 million. The Plan's estimates of annual operating costs at that same time were based on Bids that varied in a range up to $135 million. To estimate the one-time total cost to build the Central Repository, the Plan used the Bids of the final six Shortlisted Bidders. The eventual magnitude of Central Repository costs is dependent on the Participants' selection of the Plan Processor, and may ultimately differ from estimates discussed in the Plan if Bids are revised as the bidding process progresses. The Plan as filed also provided information based on the Bids on the total five-year operating costs for the Central Repository because the annual costs to operate and maintain the Central Repository are not independent of the build cost. Across the six Shortlisted Bidders, the total five-year costs to build and maintain CAT, according to the Plan at the time of the Notice, ranged from $159.8 million to $538.7 million. In the Notice, the Commission stated its preliminary belief that estimating Central Repository costs using estimates from the Bids was reliable because they are the result of a competitive bidding process, although the Commission recognized that the Bids are not legally binding on Bidders.
See Notice, supra note 5, at 30709-11.
See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(i)(B). The Plan does not reflect any more specific cost ranges that result from narrowing the range of Bidders from six to three.
Id. at Appendix C, Section B.7(b)(i)(B).
See Notice, supra note 5, at 30709. The Notice further explains this position.
As discussed in the Notice, the Commission believed that a range of factors will drive the ultimate costs associated with building and operating the Central Repository and who will bear those costs. Furthermore, the Commission was mindful that the cost estimates associated with building and operating the Central Repository were subject to a number of additional uncertainties. First, the Participants had not yet selected a Plan Processor, and the Shortlisted Bidders had submitted a wide range of cost estimates for building and operating the Central Repository. Second, the individual Bids submitted by the Shortlisted Bidders were not yet final, as Participants could allow Bidders to revise their Bids before the final selection of the Plan Processor. Third, neither the Bidders nor the Commission could anticipate the evolution of technology and market activity with complete prescience.
Id. at 30709-30710.
One commenter provided an alternate estimate for Central Repository ongoing costs. The commenter stated, “[w]e estimate the on-going costs for the CAT infrastructure (inclusive of [Business Continuity Plan/Disaster Recovery] costs), to be about $28 million to $36 million annually assuming a low-latency platform running at about 50 millisecond speed.” The commenter did not provide additional information or analysis to support this estimate, but the Commission believes it is possible it was derived based on comparisons to costs expected from the Volcker Rule because the commenter cited a study of those costs in support of estimates for costs to broker-dealers. As discussed below, the requirements of the Plan are significantly different than the requirements of the Volcker Rule, which is primarily focused on restricting certain trading activities and investments of banking entities, rather than the centralization and standardization of regulatory data reporting. The Commission also notes that the estimates provided in the Notice and updated in the Participants' response are the result of a competitive bidding process specific to CAT and the Commission deems them reliable.
Data Boiler Letter at 15.
Data Boiler Letter at 15.
See Section V.F.2.a, infra.
The Commission is updating and revising its economic analysis to incorporate updated estimates in the Participants' Response Letter III, a modification to the Plan to establish the Company as a 501(c)(6) non-profit entity, and a requirement that the Company's financials be in compliance with GAAP and audited by an independent public accounting firm. The Participants' Response Letter III contains estimates of the costs of building and operating the Central Repository from those discussed in the Notice to reflect the fact the that Participants have narrowed the number of Bidders to the final three and the range of potential cost estimates is therefore narrower as well. Based on this updated information, the Commission now believes that the costs to build the Central Repository range from $37.5 million to $65 million and annual operating costs range from $36.5 million to $55 million. The Participants also clarified that costs from Bids do not include additional expenses that might be incurred such as insurance, operating reserves or third-party costs such as accounting and legal expenses. The Commission further acknowledges that these cost estimates for the Central Repository do not include Quote Sent Time reporting by Option Market Makers and the capture of Allocation Time in Allocation Reports. The Commission does not have cost estimates of, and lacks sufficient information to estimate, the costs to the Central Repository of these fields and the Plan does not include this information and commenters did not offer estimates. The Commission does not believe these costs will significantly impact the costs of building or operating the Central Repository because the addition of these fields does not significantly impact the size or scope of the Central Repository. Further, the Commission notes that costs from the Company that will be passed on to Industry Members will be slightly reduced by organizing the Company as a non-profit entity because reserve funds will not be taxable as they would have been under the Plan as filed. The Commission notes, however, that CAT fees—the sole revenue source for the Company—are not expected to exceed the Company's expenses, so the Commission believes these savings will be minor.
See Participants' Letter II.
The Commission uses the upper end of cost ranges for its estimates of aggregate costs to industry, as discussed in Section V.F.2.a, infra.
Response Letter III at 15.
These fields were included in the Plan, but because the bidding process began before the Exemptive Requests were submitted and approved, it is possible that Bids did not include expenses related to collecting and storing these fields. See Section V.F.3(6), infra and Section V.F.3(4), infra.
Overall, the Commission continues to believe that estimating Central Repository costs using estimates from the Bids is reliable and is therefore updating its cost estimates to reflect updates provided in the Participants' Response Letter III.
Response Letter III at 15.
b. Costs to Participants
In the Notice, the Commission stated its preliminary belief that the Plan's estimates of costs for Participants to report CAT Data and of surveillance costs were reasonable and explained the reasoning behind this determination. At the time, the Plan estimated costs for the Participants as an aggregate across all Participants (the five single-license Participants and the five Affiliated Participant Groups). The implementation cost estimate for Participants was $17.9 million. Annual ongoing costs were estimated to be $14.7 million.
See Notice, supra note 5, at 30711.
In its discussion of Participants' costs, the Notice errantly discussed six single license Participants and five Affiliated Participant Groups. See Notice, supra note 5, at 30711. At the time of the notice, there were five single license Participants and six Affiliated Participant Groups. Because Participant costs were aggregated across all Participants in the Plan, this correction does not affect the Commission's estimate of the Participants' costs of the Plan. At this time, there are six single-license Participants and four Affiliated Participant Groups. See infra note V.G.1.a(1)B.
See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(iii)(B)(2).
Id.
Id.
In the Notice, the Commission estimated that the Participants that filed the Plan currently spend $6.9 million annually on data reporting, based on estimates the Participants provided in the Plan. The Notice also states that Participants currently spend approximately $154 million per year on data reporting and surveillance activities. The Participants estimate that they would incur $41 million in CAT implementation costs, and $14.7 million in annual ongoing costs to report CAT Data. In addition to data reporting costs, Participants face costs associated with developing and implementing a surveillance system reasonably designed to make use of the information contained in CAT Data as required by Rule 613(f). The Notice discussed the Plan's estimates of the costs to Participants to implement surveillance programs using data stored in the Central Repository. The Plan provided an estimate of $23.2 million to implement surveillance systems for CAT, and ongoing annual costs of $87.7 million. At the time, the Plan did not provide information on why Participants' data reporting costs would substantially increase nor did it provide information on why surveillance costs would decrease.
See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(iii)(B)(2). Rule 613 requires the SROs to file updated surveillance plans within 14 months of CAT implementation. See 17 CFR 242.613(f). The Commission assumes that the CAT NMS Plan's estimate is limited to adapting current surveillance programs to the Central Repository.
Finally, in the Notice, the Commission assumed that cost estimates presented in the Plan were limited to costs the Participants would incur if the Plan is approved, and that the cost estimates did not include other costs related to development of the Plan that the Participants have incurred previously, or will incur regardless of approval. The Plan separately reports that Participants have spent $8.8 million in development costs to date. Because these development costs do not depend on approval of the Plan, the Commission treated them as sunk costs in the Notice and did not include them in the costs to the Participants.
The Participants may have incurred obligations that would generate expenses if the Plan were not approved, such as expenses to terminate contracts entered or employees hired in expectation of approval of the Plan. The Commission is not aware of the existence of or details of such obligations.
See Notice, supra note 5, at 30711, n.848.
Id.
The Commission received several comments regarding the estimates of Participants' data reporting costs in the Notice. One commenter stated that estimates of current data reporting costs to Participants are “grossly underestimated,” but did not provide further detail or alternate estimates. The same commenter stated the implementation cost estimate of $17.9 million for Participants was “not too far off,” but felt the Participants' estimated costs for legal and consulting services and additional employees were not reliable. The Commenter stated that these costs could be far lower with different technological approaches to capturing audit trail data.
Data Boiler Letter at 35.
The Commission also received comments on the estimates of surveillance costs the Participants would incur to incorporate the CAT Data into their surveillance. One commenter implied that savings on surveillance were unlikely, and stated that the lack of an analytical framework did not facilitate the identification of suspicious activities. The commenter seemed to express doubt that CAT would reduce ad hoc data requests, calling this idea “hype.” The commenter further seemed to imply that the comparable magnitude of annual CAT reporting costs and current regulatory data reporting costs raised questions about the reliability of the Commission's analysis of costs. A second commenter, however, stated that “[t]he consolidated nature of the CAT also should allow the SROs to conduct their market surveillance activities more efficiently, allowing for additional cost savings . . . .” The commenter did not provide additional detail on what the source of additional efficiencies or cost savings would be. Another commenter noted that uncertainties in the manner in which regulators will access data in the Central Repository create significant cost uncertainties, especially if SROs must use bulk extraction to create copies of CAT Data for analysis within their own infrastructure.
Data Boiler Letter at 35.
SIFMA Letter at 18.
SIFMA Letter at 33.
A few commenters questioned the apparent inclusion or exclusion of certain costs related to the fee model and development costs. One commenter noted that the Participant cost estimates do not include the “per-message toll charge in the CAT funding model.” The Commission received several comments on the $8.8 million Participants incurred in developing the Plan. One Commenter stated that treating all costs related to the development of the Plan as sunk costs “. . . may sound conservative”, and is a preferred approach if a broad alternative to the Plan is adopted instead of the Plan as noticed.
Data Boiler Letter at 35.
See Notice, supra note 5, at 30737; see also Data Boiler Letter at 37.
The Participants restated their intention to recoup implementation costs in Participants' Response Letter II. Furthermore, they cited an expectation of $10.6 million in savings from retiring existing systems. The Participants further stated that these savings would offset costs of implementing CAT.
Response Letter II at 13.
The Commission considered the comments, the Participants' responses, and modifications to the Plan and, as explained below, is updating its analysis of Participants' CAT costs. These changes acknowledge a change in the number of Participants, the addition of Quote Sent Times for option market maker quotes, requirements to produce additional reports and add more specificity in current reports, as well as producing current reports more frequently, the requirement to conduct an independent audit of expenses for the development of the Plan, annual audit expense for the Company, and a modification to the clock synchronization requirement for exchanges. The Commission is also acknowledging system retirement costs that the Participants will incur when duplicative reporting systems are retired. Further, in response to a comment and the Participants' response, the Commission is also revising its cost estimates to change how it treats the costs already incurred by Participants to develop the Plan.
The Commission has considered the comments it received regarding cost estimates for Participants in the Plan and continues to believe that Participant cost estimates presented in the Plan are reliable. As discussed in the Notice, all 19 SROs responded to the Participants Study, and most SROs have experience collecting audit trail data, familiarity with the requirements of CAT, and expertise in their business practices. The commenter that challenged the current data reporting costs provided no reasoning or estimates to indicate that the Participants are unable to reasonably estimate their own costs. Regarding the comment that its estimates did not fully incorporate the “per-message” fees that Participants will face, the Commission notes that the Plan's funding model does not charge Participants for message-traffic. Further, the Commission's analysis acknowledged that Central Repository costs will be passed on to both Participants and Industry Members by an unidentified formula, thus it accounted for funding model costs separately in its analysis of total costs of the Plan.
There were 19 participants at the time the Participants conducted the study.
Regarding the comment concerning the inclusion of an analytical framework in surveillance cost estimates in the Plan, the Plan does incorporate an analytical framework. Therefore, the Commission believes that Participant cost estimates already account for an analytical framework. Regarding the uncertainties in Participant costs related to bulk extraction causing SROs to host their own copies of CAT Data, while the Plan requires a bulk extraction tool, it also requires analytical tools for manipulating and analyzing data within the Central Repository. The Commission believes that the requirement for a method of bulk downloading data does not necessarily imply that multiple copies of CAT Data will be hosted on SRO systems. The Commission acknowledges that if SROs use the bulk download feature to replicate some or all CAT Data on their own systems, their costs are likely to increase because hosting large databases is costly. However, the Commission believes that SROs are likely to consider the cost implications when contemplating replicating large portions of the Central Repository within their IT infrastructure and presumably will only do so when it is efficient for them to do so.
See Section V.E.2.c.(1), supra.
See Notice, supra note 5, at Appendix D, Section 8.2.
The Commission recognizes, however, that the Plan calls for recovery of some or all of the CAT development costs from Industry Members. And, based on the Participants' response, the Commission now believes that the expectation the Participants will recoup these costs will effectively reduce the SROs' future costs while increasing future costs of Industry Members. The Commission therefore is adding the development costs for CAT to the implementation costs of broker-dealers, as indicated in the following Section, and subtracting them from Participants' implementation costs as in Table 3 below. Overall, as detailed in the Aggregate Costs Section below, the Commission also believes the recovery of these costs from Industry Members would constitute a transfer from Industry Members to Participants, but would not affect the total cost of CAT to market participants in aggregate.
The Commission is revising its Participant cost estimates to account for additional requirements that result from modifications made to the Plan by the Commission. These requirements include a number of reports, some produced one time, some produced on an ongoing basis. Each of these requirements is discussed briefly below. In aggregate, the Commission estimates they have a one-time cost of $1.1 million and annual, ongoing costs of $1.1 million.
First, the Plan as amended requires a written assessment of the operation of the CAT on an annual, rather than biannual basis, and requires the assessment to provide more specificity. The Commission estimates the production of this report will cost $870,000 annually.
The assessment is now required to include the following: (1) An evaluation of the information security program of the CAT to ensure that the program is consistent with the highest industry standards for protection of data; (2) an evaluation of potential technological upgrades based upon a review of technological developments over the preceding year, drawing on necessary technological expertise, whether internal or external; (3) an assessment of efforts to reduce the time to restore and recover CAT Data at a back-up site; (4) an assessment of how the Plan Processor and SROs are monitoring Error Rates and address the application of Error Rates based on product, data element or other criteria; and (5) a copy of the evaluation required by Section 6.8(c) as to whether industry standards have evolved such that: (i) the clock synchronization standard in Section 6.8(a) should be shortened; or (ii) the required timestamp in Section 6.8(b) should be in finer increments; and (6) an assessment of whether any data elements should be added, deleted or changed. See Section IV.H., supra. Although the bi-annual assessment was required under the Plan and its costs would thus have been included in the Participants' cost estimates presented in the Plan, the requirements have changed such that the report is both produced more frequently and is presented in greater detail. Consequently, the Commission assumes that the majority of the cost of this report would not be covered by cost estimates presented in the Plan as filed, and is adding the cost of this reporting to its final cost estimates. To the extent that a less detailed bi-annual report was already included in the Participants' cost estimates, the revised cost estimate overestimates this reporting cost.
Detailed cost estimates are discussed in Section VI.D.1.f.B, infra.
Second, the Plan now requires an independent audit of expenses incurred prior to the Effective Date. The Commission believes that this one-time audit will cost approximately $5,000.
To arrive at this estimate, the Commission relied on an industry source for the costs of an audit per dollar of revenue, and assumed that the audit cost per unit of revenue would be comparable to the audit cost per unit of development costs, which were approximately $8.8 million. See infra note 2503. $8.8 × $479 = $4,215 ~ $5,000.
Third, the Plan now requires a review of clock synchronization standards, including consideration of industry standards based on the type of CAT Reporter, Industry Member and type of system within six months of the Effective Date. The Commission estimates that the production of this study will have a one-time cost of approximately $133,000.
See Section VI.G.1.b, infra.
Fourth, the Plan now requires the Participants to submit a report detailing the Participants' consideration of coordinated surveillance (e.g., entering into Rule 17d-2 agreements or regulatory services agreements), within 12 months of effectiveness of the Plan. The Commission estimates this report will entail a one-time cost of $445,000.
See Section VI.G.1.c, infra. The Commission assumes an hourly labor rate of $235.75 that is based on the FTE annual cost provided by the Participants in the Plan and an assumption of 1,800 hours annually. See Notice, supra note 5 at 30762 n.1243. $424,350/1800 hours = $235.75.
The Plan now also requires the Participants to provide a report discussing the feasibility, benefits, and risks of allowing an Industry Member to bulk download the Raw Data it submitted to the Central Repository, within 24 months of effectiveness of the Plan. The Commission estimates this requirement will entail a total one-time cost of approximately $147,000.
See Section VI.G.1.d, infra.
The Plan now also requires the Participants to submit an assessment of errors in the customer information submitted to the Central Repository that considers whether to prioritize the correction of certain data fields over others, within 36 months of effectiveness of the Plan. The Commission estimates this requirement will entail an approximate one-time cost of $186,000.
See Section VI.G.1.e, infra.
The Plan now requires the Participants to submit a report to study the impact of tiered-fees on market liquidity, including an analysis of the impact of the tiered-fee structure on Industry Members' provision of liquidity, within 36 months of effectiveness of the Plan. The Commission estimates this requirement will have a one-time external cost of $110,000.
See Section VI.G.1.f, infra. The Commission assumes an hourly labor rate of $235.75 that is based on the FTE annual cost provided by the Participants in the Plan and an assumption of 1,800 hours annually. See Notice, supra note 5 at 30762 n.1243. $424,350/1800 hours = $235.75.
The Plan now requires an assessment of the impact on the maximum Error Rate in connection with any Material Systems Change to the CAT; the Commission assumes that the CAT may have four Material Systems Changes per year. The Commission estimates this requirement will entail an ongoing annual cost of $138,000.
See Section VI.G.1.g, infra.
The Plan now requires that the Advisory Committee members receive the same materials as the Operating Committee absent confidentiality concerns with respect to such information. The Commission estimates this will require an aggregate annual cost of $2,400.
See Section VI.G.1.h, infra.
The Plan now requires that the CAT LLC financials (i) be in compliance with GAAP, (ii) be audited by an independent public accounting firm, and (iii) be made publicly available. The Commission estimates these requirements to entail costs of $65,000 annually.
See Section IV.B.4, supra; see also Participants' Letter II.
To estimate this number, the Commission drew from a recent Commission adopting release and an industry report. Specifically, the Commission's Crowdfunding Adopting Release estimated that the audit costs for affected issuers would be $2,500 to $30,000. See Securities Act Release No. 9974 (October 30, 2015), 80 FR 71499 (November 16, 2015). The Commission believes this estimate could be reasonable if the Company's financials are of the same level of complexity as the larger issuers affected by the Crowdfunding rule, which is realistic because the Company is not publicly traded, is organized as a “business league”, and has a limited and predictable revenue stream. As an alternative estimate, the Commission estimated an audit cost of approximately $65,000 using an industry estimate of $479 in audit costs per $1 million in revenue, using the assumption that Company revenue will just offset expected costs of $139 million. See Audit Analytics report “Audit Fees and Non-Audit Fees: A Twelve Year Trend,” October 9, 2014, available at http://www.auditanalytics.com/blog/audit-fees-and-non-audit-fees-a-twelve-year-trend/ . $479 × $139 = $64,665 ~ $65,000. The Commission incorporates the higher estimate from the two methodologies ($65,000) into its cost estimates.
Finally, the Plan now requires that each Participant conduct background checks of its employees and contractors that will use the CAT System. The Commission estimates that this requirement would entail an initial cost of $60,000, with ongoing annual costs of $14,000.
See Section VI.G.1.i, infra.
The Commission is also revising its Participant cost estimates to account for the addition of two additional Participants that were not covered by the Participants Study. The Commission assumes the new Participants will have similar costs to the 19 Participants that provided cost estimates summarized in the Plan. Consequently, the Commission has increased its estimates of Participants costs by 10.53%. The Commission now estimates that the 21 Participants spend $8 million annually for data reporting, and $162.7 million for surveillance. The Commission estimates that implementation of CAT Data reporting will cost the Participants $19.8 million, and implementation of surveillance using data in the Central Repository will cost the Participants $25.6 million. The Commission estimates that Participants will spend $16.2 million annually to maintain CAT Data reporting, and $96.9 million annually on surveillance. The Commission is also recognizing that the Participants will recoup $8.8 million in Plan development costs, as discussed above. The Commission estimates that Participants will spend approximately $1.1 million to produce one-time reports required by amendments to the Plan, and $1.1 million annually to produce additional periodic reports required by amendments to the Plan. Furthermore, the Commission is recognizing $343,000 in system retirement costs, as discussed below. The Commission is unable to update cost estimates to account for the modifications to the clock synchronization standards for exchanges, but, as discussed below, the Commission does not believe that the modifications will result in substantial cost increases for exchanges. The Commission acknowledges that the addition of quote sent times to option market maker quotes may increase costs to options exchanges. Based on comments received, the Commission believes that Participant cost estimates from the Participants Study are unlikely to include the additional expense Participants will incur capturing and processing the Quote Sent Time field. The Commission lacks information to estimate these costs for Participants because the Plan does not include this information and commenters did not offer estimates. Table 3 reflects the Commission's estimates after taking these adjustments into consideration.
The Participants Study covered the 19 Participants that were operating as Participants at the time the study was conducted. The Notice acknowledged that ISE Mercury would likely become a Participant before the Plan was implemented, but cost estimates presented in the Notice did not account for costs that ISE Mercury would incur due to the Plan. Since filing the Plan, ISE Mercury and IEX have become Participants in the Plan.
100 × (2/19) = 10.53%.
See Section V.F.2.b, infra.
See Section V.F.3.a(5), infra.
Table 3—Estimates of Participants' Costs
Current | CAT implementation | System retirement | CAT on-going | |
---|---|---|---|---|
Data Reporting | $7,626,570 | $19,784,870 | $16,247,910 | |
Surveillance | 162,700,160 | 25,642,960 | 96,934,810 | |
Development Recoup | (8,800,000) | |||
Additional Reporting Requirements | 1,085,927 | 1,089,137 | ||
Total | 170,326,730 | 37,713,757 | $342,632 | 114,271,857 |
c. Costs to Broker-Dealers
(1) Summary of Notice and Comments and Commission's Response
In the Notice, the Commission provided an analysis of the compliance cost estimates for broker-dealers that included analyzing whether estimates provided in the Plan and based on a Reporters Study survey were reliable. The Commission preliminarily believed that the cost estimates for small broker-dealers were not reliable. The Commission described the details of the analysis supporting that conclusion. The Commission then developed and calibrated a model (“Outsourcing Cost Model”) to estimate average current data reporting costs and average Plan compliance costs for broker-dealers that the Commission expects will rely on service bureaus to perform their CAT Data reporting responsibilities (“Outsourcers”). For other broker-dealers, the “Insourcers,” the Commission continued to rely on the large broker-dealer estimates from the Plan. Using this framework, the Commission estimated approximate one-time implementation costs for broker-dealers of $2.1 billion, and annual ongoing costs of CAT reporting of $1.5 billion.
See Notice, supra note 5, at 30712-26.
The Commission received comments on the reliability of its Outsourcing Cost Model and its re-estimation of costs. One commenter stated that the Commission's estimates of service bureau charges for a small firm “sound reasonable.” Another commenter noted that even when Outsourcers rely on their service providers (service bureaus or clearing firms) to accomplish current data reporting, the Outsourcers must expend internal resources as well. A third commenter stated that broker-dealers that clear for other broker-dealers may face higher implementation costs because they may support more broker-dealers than they did before implementation of the Plan. This commenter also stated that the Commission has not analyzed the cost implications of the phased implementation of small and large Industry Members. The Commission did not receive comments on its analysis or conclusion that the Reporters Study did not provide reliable cost estimates for small broker-dealers.
Data Boiler Letter at 36.
Specifically, this commenter references EBS reporting, but indicates that broker-dealers sometimes must also be involved in preparing EBS request responses. See FIF Letter at 34.
TR Letter at 3-4.
TR Letter at 3.
The Commission also received several comments on uncertainties in broker-dealer cost estimates. Three of these comments related to the selection of the Plan Processor. One commenter stated, “not knowing who the CAT Processor is introduces a significant amount of uncertainty. . . . We believe the Commission discounts the importance of the choice of Plan Processor as it relates to implementation costs. While the bids to build the Processor may be within a sufficiently narrow range so as to negate those costs, the choice of Processor may have a significant impact on broker-dealer implementation costs.” A commenter stated that the differences in Bids prevented broker-dealers from “. . . provid[ing] more definitive cost estimates and other projections related to CAT implementation.” Other commenters noted that the Plan's lack of specific details creates uncertainty around what costs broker-dealers will incur to implement these provisions. Other comment letters discussed the general uncertainties that result from not having the technical specifications.
TR Letter at 4; FSI Letter at 6.
FSI Letter at 6.
SIFMA Letter at 42; FSI Letter at 6.
See, e.g., FSR Letter at 10; SIFMA Letter at 23; UnaVista Letter at 2; Fidelity Letter at 6.
The Commission has considered these comments, the Participants' response, and modifications to the Plan and is updating and revising its cost estimates. As discussed below, the Commission now acknowledges that its estimates exclude some additional costs that would be faced by Outsourcers or new reporters that clear for other broker-dealers, or that provide support for introducing broker-dealers. The Commission further acknowledges that broker-dealer costs presented in its analysis are subject to significant uncertainties and recognizes additional sources of uncertainty. The Commission is also updating its analysis of the costs to recognize the effects of modifications to the requirement to report an open/close indicator and allocation time, and is revising its analysis to indirectly account for the Participants' development costs. However, the Commission is not revising the structure of its Outsourcing Cost Model, its conclusions regarding the reliability of the Reporters Study, or estimates of the broker-dealers' current, implementation or ongoing costs.
With respect to the comment that the Outsourcing Cost Model does not account for internal expenses that support outsourced activities, the Commission notes that its cost estimates explicitly assume that Outsourcers have employee expenses that cover these activities. With respect to the commenters concerned that the Commission's estimates do not account for an increase in costs for broker-dealers that clear for other broker-dealers or provide support to introducing broker-dealers, the Commission continues to believe the analysis of broker-dealer implementation costs presented in the Notice is generally reliable, and notes that Reporters Study estimates for large broker-dealers are likely to include these expenses because survey respondents are likely to include broker-dealers that provide these services. The Commission acknowledges, however, that there are some broker-dealers—such as one of the commenters—that would be classified as Outsourcers or new reporters for which the Commission's cost estimates rely on the Outsourcing Cost Model, and the additional implementation costs that these firms face due to clearing for other broker-dealers or supporting introducing broker-dealers are not captured by the Outsourcing Cost Model. Costs that Outsourcers and new reporters that continue to clear for other broker-dealers will face include, but are likely not limited to, additional costs associated with reporting customer information to the Central Repository and costs associated with receiving customer information from their broker-dealer clients. Outsourcers and new reporters that currently clear for other broker-dealers or support introducing broker-dealers that elect to outsource their clearing or regulatory data reporting will face costs that include, but are not limited to, costs associated with establishing service provider relationships with other broker-dealers; and lost revenues from providing services for other firms if those firms cease providing clearing services or supporting introducing broker-dealers, although the Commission believes that they might be able to establish “piggyback” arrangements that allow them to retain their relationships with current customers. The Commission, however, cannot estimate the number of broker-dealers that would bear these costs because the Commission lacks data on the number of broker-dealers that clear for other broker-dealers that would be classified as new reporters or Outsourcers. Furthermore, the Commission lacks data to estimate the magnitude of these costs because the Plan does not provide this data and the Commission is unaware of any data available to it that it could use to estimate these costs.
See Notice, supra note 5, at 30723.
Costs related to outsourcing services such as clearing are discussed in Section V.F.1.c, supra, and Section V.G.1.d, infra. “Piggyback” relationships are discussed in the Notice, supra note 5, at 30716 n.894.
In response to comment letters that identified sources of uncertainties related to the costs Industry Members will incur, the Commission acknowledges that such costs depend on the Technical Specifications, which will be published no later than one year before Industry Member reporting begins. The Commission now believes that the sources of uncertainty include both how Technical Specifications would vary across Bids, and what costs of CAT are included in cost estimates obtained from market participants and presented in the Plan and included in the Commission's analysis. However, the Commission notes that final Bids will not be submitted until after the Plan is approved, so the Commission is unable to quantify the degree of variation in broker-dealer implementation costs across Bids.
For example, the analyses in the Plan and the Commission's analysis assume that respondents to cost surveys are representative of their respective groups. If broker-dealers that clear for other broker-dealers or serve as introducing broker-dealers did not respond to cost surveys, the costs such broker-dealers are likely to face might not be represented by Plan estimates, and the Commission's estimates where they rely on the Plan's estimates.
The Commission has also revised its analysis of its cost estimates to account for the following things: The clarification that Participants intend to recoup their development costs; modifications to the Plan regarding reporting the open/close indicator for equities and Options Market Makers; costs for Options Market Makers to provide Quote Sent Time; and costs related to providing allocation times on Allocation Reports. The Participants' response clarified that the Participants intend to recoup some of the more than $8.8 million they have already spent to develop the CAT NMS Plan by collecting fees from broker-dealers. In the Notice, the Commission treated such costs as sunk costs incurred by the Participants and did not include them in its analysis of the Plan, but is now recognizing that these costs will be transferred to broker-dealers. Therefore, the Commission adds the development costs to the costs to broker-dealers. The Commission recognizes that the modification that removes the open/close indicator for equities and Options Market Makers will reduce the implementation and potentially ongoing costs for Industry Members. However, as discussed in the further analysis of costs Section below, the Commission is not certain whether Industry Members included these costs in their cost survey results, and the Commission does not have sufficient information on these costs to remove them from its estimates. With regard to Quote Sent Time, the Commission is incorporating estimates discussed in the Notice but not included separately in cost estimates published in the Notice. The Commission recognizes that the modifications related to including allocation times will reduce costs to Industry Members, but also recognizes that the Commission did not previously account for these costs in estimates of their costs. Therefore, the Commission is adding the estimated costs of including allocation time as required under the Plan as amended to its cost estimates. The Commission notes that this increase in broker-dealer costs is small relative to the other estimated costs of broker-dealers and therefore does not change the rounded estimates.
See Section V.F.1.b, supra, for further discussion.
See Notice, supra note 5, at n 848. This clarification to the Plan, and comments received on this clarification, which are discussed in Section IV, imply disagreement with the Commission's treatment of these costs as sunk costs in the Notice. The Commission notes that these costs have already been incurred, so are not attributable to the Approval of the Plan, but rather are costs associated with and anticipated by Rule 613. Furthermore, the recovery of these costs by the Participants does not change the cost to industry of the Plan; rather the costs comprise a transfer from one market participant type (Industry Members) to another (Participants). Consequently, the cost of the Plan to industry is unaffected. The Commission acknowledges that this transfer will increase broker-dealer costs and decrease Participant costs.
This cost is also subtracted from costs to Participants. See Section V.F.1.b, supra.
See Section V.F.3.a(2), infra, for a more detailed discussion of the effect of this modification.
The Commission believes the estimates are conservative in this dimension as they overestimate broker-dealer implementation costs due to the removal of the open/close indicator from the material terms of the order insofar as broker-dealers included that indicator in their implementation cost estimates in the Reporters Study survey.
The Notice discusses estimates of five year implementation and ongoing costs of up to $76.8 million. The Commission notes that for other broker-dealer costs, implementation costs are 146.46% of ongoing costs and assumes that ratio of implementation to ongoing costs for Quote Sent Time. (1.4646 ongoing costs + 5 × ongoing costs = $76.8 million.) See Section V.F.3.a(6), infra for discussion of these estimates and their treatment in the Notice and this Order.
See Section V.F.3.a(4), infra, for a more detailed discussion of the costs of including allocation times on Allocation Reports.
Therefore, in its final analysis, the Commission estimates approximate one-time implementation costs for broker-dealers of $2.2 billion, and annual ongoing costs of CAT reporting of $1.5 billion.
(2) Commission's Final Analysis
The discussion that follows provides a synopsis of the Commission's final analysis of the compliance costs of broker-dealers. Because the Commission is not revising the structure of its Outsourcing Cost Model or its conclusions regarding the reliability of the Costs to CAT Reporters Study (“Reporters Study”), the final analysis regarding these below provides a summary of the more detailed discussions in the Notice.
See Notice, supra note 5, at 30712-14.
A. Estimates in the Plan
The Plan, as amended on February 27, 2015, estimates total costs for those broker-dealers expected to report to CAT. In particular, the Plan relies on the Reporters Study. Based on the Reporters Study survey data, the Plan estimates implementation costs of less than $740 million for small firms and approximately $2.6 billion for large firms, for a total of $3.34 billion in implementation costs for broker-dealers. For annual ongoing costs, the Plan estimates costs of $739 million for small firms and $2.3 billion for large firms, for a total of $3.04 billion in annual ongoing costs for broker-dealers.
Survey respondents were instructed to classify themselves as “small” if their Total Capital (defined as net worth plus subordinated liabilities) was less than $500,000. See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(ii)(C) n.188. This is consistent with the definition of “small business” or “small organization” used with reference to a broker or dealer for purposes of Commission rulemaking in accordance with provisions of Chapter Six of the Administrative Procedure Act (5 U.S.C. 601 et seq.). See 17 CFR 240.0-10(c).
See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(iv)(A)(3).
Id.
The Commission believes, however, that the cost estimates for small broker-dealers provided in the Plan, which are based upon responses set forth in the Reporters Study, do not provide reliable estimates of smaller CAT Reporter costs for a number of reasons discussed in detail in the Notice and summarized herein. First, some respondents classified as small in the Reporters Study appear to have responded numerically with incorrect units, with such responses resulting in annual estimated cost figures that would be 1,000 times too large. Second, maximum responses in certain categories of costs suggest that some large broker-dealers may have misclassified themselves as small broker-dealers. Third, methods used to remove outliers are likely to have introduced significant biases. Finally, the response rate to the Reporters Study survey was low and is likely to have oversampled small broker-dealers who currently have no OATS reporting obligations.
See Notice, supra note 5, at 30712-14.
The Plan presents summary statistics such as average, median and maximum for each survey response. See CAT NMS Plan, supra note 5, at Appendix C, Section B(7)(b)(ii)(C), Table 5. In the left most column, $14 million is the maximum response for “Hardware/Software Current Cost.”
In reaching these conclusions, the Commission reviewed the detailed discussions of the Reporters Study survey methodology in the Plan and the survey form and instructions provided to respondents. See 6/23/14 entry on CAT NMS Plan website, available at http://www.catnmsplan.com/pastevents/index.html . The Commission Staff also discussed with the Participants potential methodology adjustments in aggregating the CAT Reporters Study data. After Commission Staff discussions with the Participants, the Commission concluded that no methodology could address these fundamental issues with the survey data.
Although the Commission concludes that the small broker-dealer cost estimates presented in the Plan are unreliable, the Commission also believes, for reasons discussed in detail in the Notice and summarized herein, that the cost estimates in the Plan for large broker-dealers are reliable. The Plan estimates that an OATS-reporting large broker-dealer has current data reporting costs of $8.7 million per year. A non-OATS reporting large broker-dealer is currently estimated to spend approximately $1.4 million annually. The Plan estimates that OATS-reporting large broker-dealers would spend approximately $7.2 million to implement CAT Data reporting, and $4.8 million annually for ongoing costs. For non-OATS reporting large broker-dealers, the Plan estimates $3.9 million in implementation costs and $3.2 million in annual ongoing costs.
See Notice, supra note 5, at 30714.
See CAT NMS Plan, supra note 5, at Appendix C, Section B.(7)(b)(ii)(C), Table 3. The $8.7 million figure was calculated by summing the average hardware/software cost, third party/outsourcing cost, and full-time employee costs using the Commission's estimated cost per employee of $424,350.
Id. at Appendix C, Section B.(7)(b)(ii)(C), Table 4. The $1.4 million figure was calculated by summing the average hardware/software cost, third party/outsourcing cost, and full-time employee costs using the Commission's estimated cost per employee of $424,350.
Id. at Appendix C, Section B.(7)(b)(iii)(C)(2)a., Table 9; Appendix C, Section B.(7)(b)(iii)(C)(2)b., Table 15.
See CAT NMS Plan, supra note 5, at Appendix C, Section B.(7)(b)(iii)(C)(2)a., Table 10; and at Appendix C, Section B.(7)(b)(iii)(C)(2)b., Table 16.
B. Commission Cost Estimates
As discussed in detail in the Notice, the Commission believes that the small firm cost estimates presented in the Reporters Study are unreliable. Therefore, the Commission has re-estimated the costs that broker-dealers likely would incur for CAT implementation and ongoing reporting. The Commission's broker-dealer cost estimates incorporate some broker-dealer data from the Plan, but to address issues in the Plan's Reporters Study data, the Commission's cost estimates also include other data sources described in the Notice. As with the Plan's cost estimates, the Commission's re-estimation relies on classifying broker-dealers based on whether they currently report OATS data. However, the re-estimation further classifies broker-dealers based on whether the firm is likely to use a service bureau to report its regulatory data, or, alternatively, whether the firm may choose to self-report its regulatory data. In this re-estimation, the Commission estimates that the 1,800 broker-dealers expected to incur CAT reporting obligations spend approximately $1.6 billion annually to report regulatory data. The Commission believes that these broker-dealers will incur approximately $2.2 billion in implementation costs and $1.5 billion in ongoing data reporting costs. As explained in more detail in the Notice, the Commission believes classifying broker-dealers based on their manner of reporting provides a more accurate estimate of the costs firms will incur because costs differ based on whether the firm insources or outsources reporting responsibilities and insourcing/outsourcing does not necessarily correlate with firm size. The Commission maintains the Plan's approach of separating broker-dealer costs of OATS reporting firms from those that have no OATS reporting obligations, recognizing that the group of non-OATS reporting firms are diverse in size and scope of activities. As discussed in detail in the Notice, the Commission believes this is appropriate because firms that do not currently report to OATS will face a different range of costs to implement and maintain CAT reporting because firms that do not report to OATS are likely to have little to no regulatory data infrastructure in place.
See Notice, supra note 5, at 30717-24.
Discussions below present information included in the Notice on data obtained from FINRA and gleaned from discussions with broker-dealers and service bureaus arranged by FIF and staff. Id. at 30715.
To the extent that the CAT NMS Plan underestimates the number of broker-dealers that would incur CAT reporting obligations, the Commission's estimates presented in the Notice understate the actual costs Reporters will face.
These figures cover only broker-dealer costs. Industry-wide costs are summarized below.
See Notice, supra note 5, at 30715-17.
The Commission's framework for estimation of broker-dealers costs, as presented in the Notice and adopted here without alteration, is based on analysis of data provided by FINRA and discussions with broker-dealers and service providers that were detailed in the Notice. Analysis of data reported by FINRA confirms that there are two primary methods by which broker-dealers accomplish data reporting: insourcing, where the firm reports data to regulators directly; and outsourcing, where a third-party service provider performs the data reporting, usually as part of a service agreement that includes other services. Based on data from FINRA and conversations with market participants discussed in the Notice, the Commission believes that the vast majority of broker-dealers outsource most of their regulatory data reporting functions to third-party firms. A broker-dealer's decision to insource/outsource these functions and services can be complex, and different broker-dealers reach different solutions based on their business characteristics. To illustrate, some broker-dealers self-clear trades but outsource regulatory data reporting functions; some broker-dealers have proprietary order handling systems, self-clear trades, and outsource regulatory data reporting functions. Other broker-dealers outsource order-handling, outsource clearing trades, and self-report regulatory data. The most common insource/outsource service configuration, however, for all but the most active-in-the-market broker-dealers is to use one or more service bureaus to handle all of these functions.
Id. at 30714 n.880.
The framework for the Commission's re-estimation, which is described in more detail in the Notice, is as follows. First, the Commission identifies those OATS-reporting firms that insource (“Insourcers”) and those that outsource based on an analysis of the number of OATS Reportable Order Events (“ROEs”) combined with specific data provided by FINRA on how firms report OATS data. Furthermore, the Commission separately identifies firms that do not report to OATS but are likely to insource based on their expected activity level by identifying Options Market Makers and Electronic Liquidity Providers (“ELPs”). Based on that analysis, the Commission estimates that there are 126 OATS-reporting Insourcers and 45 non-OATS reporting Insourcers. The Commission's re-estimation classifies the remaining 1,629 broker-dealers that the Plan anticipates will have CAT Data reporting obligations as “Outsourcers,” based on outsourcing practices observed in data obtained from FINRA. Next, to determine costs for Insourcers, the Commission relies upon cost estimates for firms classified as “large” in the Reporters Study.
Id. at 30715.
Id.
Id. at 30715-16.
For Outsourcers, the Commission uses a model of ongoing outsourcing costs (“Outsourcing Cost Model”) to estimate both current regulatory data reporting costs and CAT-related data reporting costs Outsourcers will incur if the CAT NMS Plan is approved. The Commission analyzed data provided by FINRA to establish a count of CAT Reporters likely to outsource their regulatory data reporting functions. The Commission's analysis of FINRA reporting data, which is discussed in the Notice, allowed the Commission to examine how broker-dealers' current outsourcing activities varied with the number of ROEs reported to OATS. Based on this analysis, the Commission believes that the 126 broker-dealers that reported more than 350,000 OATS ROEs between June 15 and July 10, 2015 made the insourcing-outsourcing decision strategically based on the broker-dealer's characteristics and preferences, while the remaining OATS reporters were likely to utilize a service bureau to accomplish their regulatory data reporting.
The Commission believes this decision is strategic and discretionary because FINRA data reveals that while many broker-dealers at these activity levels self-report most or all of their regulatory data, other broker-dealers outsource most or all of their regulatory reporting at these activity levels. At lower activity levels, most, but not all, broker-dealers outsource most if not all of their regulatory data reporting. The Commission is cognizant that some broker-dealers reporting fewer than 350,000 OATS ROEs per month can and do opt to self-report their regulatory data. However, based on conversations with broker-dealers, the Commission believes that most broker-dealers at these activity levels do not have the infrastructure and specialized staff that would be required to report directly to the Central Repository, and electing to self-report would be cost-prohibitive in most but not all cases.
The Commission estimates ongoing costs for outsourcing firms using a model which, as discussed in more detail in the Notice, was based on data gleaned from discussions with service bureaus and broker-dealers and implementation costs using information learned in conversations with industry. Based on discussions with market participants, the Commission assumes that the cost function for outsourcing is concave and applies the same assumption to its final analysis. This type of function is appropriate when costs increase as activity level increases, but the cost per unit of activity (e.g., cost per report) declines as activity increases. For reasons indicated in the Notice, the Commission relies on a schedule of average charges to access liquidity and rebates to provide liquidity from four non-inverted exchanges to estimate the concavity of the exchange pricing function, which the Commission uses to approximate the concavity of the outsourcing cost model. The model's output, which the Commission relies on in its final analysis, is an estimate of a broker-dealer's cost to outsource data reporting services as part of a bundle of services from a service bureau; for smaller broker-dealers, it is assumed to include provision of an order management system and market connectivity.
See Notice, supra note 5, at 30718-24, for more information on these discussions.
Id. at 30719, for more information on these discussions.
The Commission's estimate of concavity relies on data from exchanges that do not feature inverted pricing. On “inverted” exchanges, the party with the resting order pays a fee while her counterparty that receives immediate execution earns a rebate.
In conversations with Commission Staff, service bureaus related that some very large clients provide their own order-handling system and market connectivity.
To estimate costs of CAT Data reporting by the service bureaus, the Commission assumes that the pricing function used to estimate current costs will apply for CAT Data reporting, but the costs in relation to the number of ROEs will increase because some events that are excluded from OATS (like proprietary orders originated by a trading desk in the ordinary course of a member's market making activities), will be included in CAT.
Although the pricing function is assumed constant, as explained in the Notice, broker-dealer costs would increase because the number of ROEs they report through their service bureaus would increase under the Plan. See Notice, supra note 5, at 30721.
As discussed in detail in the Notice, application of the model to data provided by FINRA allows the Commission to estimate pre-CAT outsourcing costs for broker-dealers, as well as projected costs under the CAT NMS Plan. The Commission estimates that the 806 broker-dealers that each report fewer than 350,000 OATS ROEs monthly spend an aggregate $100.1 million on annual outsourcing costs. Under the CAT NMS Plan, the Commission estimates that these 806 broker-dealers will spend $100.2 million on annual outsourcing costs. As in the Notice, the Commission recognizes that the magnitude of this increase is quite small, but this is driven by the fact that the vast majority of firms that are assumed to outsource had very low regulatory data reporting levels at the time the estimates were made.
The average broker-dealer in this category reported 15,185 OATS ROEs from June 15-July 10, 2015; the median broker-dealer reported 1,251 OATS ROEs. Of these broker-dealers, 39 reported more than 100,000 OATS ROEs during the sample period. Id. at 30722.
As discussed in the Notice, firms that outsource their regulatory data reporting face additional internal staffing costs associated with this activity. Based on conversations with market participants described in the Notice, the Commission estimates that these firms currently have 0.5 full-time employees devoted to regulatory data reporting activities. The Commission further estimates that these firms will need one full-time employee for one year to implement CAT reporting requirements, and 0.75 full-time employees on an ongoing basis to maintain CAT reporting.
Based on discussions with broker-dealers described in the Notice, the Commission believes that very small broker-dealers are unlikely to have employees entirely dedicated to regulatory data reporting. Instead, other employees generally have duties that include dealing with service bureau matters and answering regulatory inquiries. The Commission assumes a full-time employee costs $424,350 per year. Id. at 30714, n. 880.
As discussed in the Notice, in addition to broker-dealers that currently report to OATS, the Commission estimates that there are 799 broker-dealers that are excluded from OATS reporting rules due to firm size, or exempt because all of their order flow was routed to a single OATS reporter, such as a clearing broker, that will have CAT reporting responsibilities. The Commission assumes that these broker-dealers will have low levels of CAT reporting, similar to those of the typical Outsourcers that currently report to OATS. For these firms, the Commission assumes that under CAT they will incur the average estimated outsourcing cost of firms that report fewer than 350,000 OATS ROEs per month, which is $124,373 annually. Furthermore, because these firms have more limited data reporting requirements than other firms, the Commission assumes these firms have only 0.1 full-time employees dedicated to regulatory data reporting activities. The Commission assumes that these firms will require 2 full-time employees for one year to implement the CAT NMS Plan and 0.75 full-time employees annually to maintain CAT Data reporting.
In discussions with Commission Staff, FINRA has stated that there are currently 54 OATS-exempt broker-dealers and 691 OATS-excluded firms.
Exemption or exclusion from OATS may be based on firm size or type of activity. Broker-dealers with exemptions or exclusions that relate to firm size are presumably relatively inactive. However, some firms may be exempted or excluded because they route only to a single OATS-reporting broker-dealer; this could encompass large firms that would be more similar to Insourcers.
See supra note 2556.
The Commission, however, believes for reasons described in more detail in the Notice that there are three other categories of broker-dealers not reflected in the above detailed cost estimates that do not currently report OATS data but could be CAT Reporters. First, there are at least 14 ELPs that did not carry customer accounts; these firms are not FINRA members and thus have no regular OATS reporting obligations. The Commission believes that it is likely that these broker-dealers already have self-reporting capabilities in place because each is a member of an SRO that requires the ability to report to OATS on request. The second group of broker-dealers that are not encompassed by the cost estimates of FINRA member broker-dealers discussed above are those that make markets in options and not equities. Although not required by the CAT NMS Plan to report their option quoting activity to the Central Repository, these broker-dealers may have customer orders and other activity that will cause them to incur a CAT Data reporting obligation. As explained in the Notice, based on CBOE membership data, the Commission believes that there are 31 options market-making firms that are members of multiple SROs but not FINRA. The third group comprises 24 broker-dealers that have SRO memberships only with CBOE; the Commission believes that this group is comprised primarily of CBOE floor brokers and, further, believes these firms will incur CAT implementation and ongoing reporting costs similar in magnitude to small equity broker-dealers that currently have no OATS reporting responsibilities because they will face similar tasks to implement and maintain CAT reporting. As explained in the Notice, the Commission assumes the 31 options market-making firms and 14 ELPs are typical of the Reporters Study's large, non-OATS reporting firms because this group encompasses large broker-dealers that are not FINRA members, a category that excludes any broker-dealer that carries customer accounts and trades in equities. As in the Notice, for these 45 firms, the Commission relies on cost estimates from the Reporters Study.
The category of Insourcers that do not currently report OATS data includes firms that have multiple SRO memberships that exclude FINRA. This category includes Options Market Makers and at least 14 ELPs; these are firms that carry no customer accounts and directly route proprietary orders to Alternative Trading Systems.
See Exemption Order, supra note 21, at 11857-58.
The Commission identified 39 CBOE-member broker-dealers that were not FINRA members, but were members of multiple SROs; 8 of these broker-dealers were previously identified as ELPs, leaving 31 firms with multiple SRO memberships that were unlikely to be CBOE floor brokers.
The Commission recognizes that additional broker-dealers may be members of neither FINRA nor CBOE, yet may incur CAT reporting obligations if the Plan is approved. The Commission has determined that categorizing additional broker-dealers that are currently classified as exempt or excluded FINRA members as non-FINRA members would not change the cost estimates because these groups have identical estimated per-firm costs.
As discussed in detail in the Notice, pre-CAT Data reporting cost estimates range from $167,000 annually for floor brokers and firms that are exempt from OATS reporting requirements to $8.7 million annually for firms that report more than 350,000 OATS ROEs per month (“Insourcers”). Estimates of one-time implementation costs range from $424,000 for OATS reporters that are assumed to outsource (“OATS Outsourcers”) to $7.2 million for Insourcers, and ongoing annual costs range from $443,000 annually for firms that are assumed to outsource (OATS Outsourcers, New Outsourcers and Floor Brokers) to $4.8 million for Insourcers.
Table 4 summarizes the Commission's updated estimates of costs to broker-dealers expected from the approval of the CAT NMS Plan. The Commission estimates that broker-dealers spend, in aggregate, approximately $1.6 billion annually on current regulatory data reporting activities. The Commission estimates approximate one-time implementation costs of $2.2 billion, and annual ongoing costs of CAT reporting of $1.5 billion. The Commission notes that its estimate of ongoing CAT reporting costs of $1.5 billion is slightly lower than current data reporting costs of $1.6 billion. As explained in the Notice, this differential is driven by expectations of reductions in data reporting costs reported by large OATS-reporting broker-dealers in the Reporters Study survey. The Commission estimates that all other categories of broker-dealers will face significant increases in annual data reporting costs. Also, the Commission acknowledges that there are some broker-dealers that would be classified as Outsourcers or new reporters for which the Commission's cost estimates rely on the Outsourcing Cost Model, and the additional implementation costs that these firms face due to clearing for other broker-dealers or supporting introducing broker-dealers are not captured by these estimates.
As noted in Section V.F.1.b, supra, the Plan as amended in February 2016 states that the Participants will recover their costs of developing the Plan (currently $8.8 million) from broker-dealers. This constitutes a transfer from broker-dealers to Participants, but does not change the aggregate cost of the Plan to market participants.
In the Reporters Study, Large OATS Reporters cite average current data reporting costs of $8.32 million and Approach 1 maintenance costs of $4.5 million annually. See CAT NMS Plan, supra note 5, at Appendix C, Section B.7.(b)(ii)(C).
Table 4—Estimated Broker-Dealer Costs for CAT NMS Plan
Additional Costs are discussed in Section V.F.1.c(1), supra. See additional discussion in Section V.F.3.a(4), infra and Section V.F.a(6), infra.
Number | Current costs | Implementation | System retirement | Ongoing | |
---|---|---|---|---|---|
Broker-Dealers: | |||||
Insourcers | 126 | $1,097,130,000 | $911,144,052 | $12,600,000 | $599,285,000 |
Outsourcers | 806 | 271,113,000 | 342,026,100 | 8,060,000 | 356,764,000 |
New Small Firms | 799 | 133,137,000 | 678,111,300 | 7,990,000 | 353,666,000 |
ELPs | 14 | 20,068,000 | 54,257,245 | 1,400,000 | 45,160,000 |
Options Market Makers | 31 | 44,437,000 | 120,141,043 | 3,100,000 | 99,998,000 |
Options Floor Brokers | 24 | 3,999,000 | 20,368,800 | 240,000 | 10,623,000 |
Additional Costs: | |||||
NEW: Allocation time | 44,050,000 | 5,035,833 | |||
NEW: Quote sent time | 17,400,000 | 11,880,000 | |||
NEW: Development Cost Recoup | 8,800,000 | ||||
Total BD | 1800 | 1,569,884,000 | 2,196,298,540 | 33,390,000 | 1,482,411,833 |
Additional Costs are discussed in Section V.F.1.c(1), supra. See additional discussion in Section V.F.3.a(4), infra and Section V.F.a(6), infra.
The Commission recognizes both that there is uncertainty in these cost estimates and that these cost estimates do not include additional costs that Outsourcers and new reporters that clear for other broker-dealers or support introducing broker-dealers will incur. As explained above, because the Commission's Outsourcing Cost Model does not and cannot incorporate these costs, the cost estimates here could underestimate the costs for these firms and, as a result, the total broker-dealer costs. Because Bids are not yet final, the Commission believes that its cost estimates, while reliable in light of available data and information, could differ from actual costs the broker-dealers will incur and that broker-dealers will not know the true magnitude of their costs until they can analyze the Technical Specifications.
d. Costs to Service Bureaus
In the Notice, the Commission considered whether to include the implementation and ongoing costs to service bureaus in the aggregate costs of the Plan. The Commission preliminarily believed that costs that service bureaus would face to implement CAT should be included as part of the aggregate costs of CAT. While the CAT NMS Plan does not require the use of service bureaus to report CAT Data, the Commission recognized that the most cost effective manner to implement the Plan likely will be for most market participants to continue their current practice of outsourcing their regulatory data reporting to one or more service bureaus. By doing so, the roughly 1,600 broker-dealers predicted to outsource would avoid incurring a significant fraction of CAT implementation costs; instead, service bureaus would incur implementation costs on their behalf. Based on conversations with market participants, the Commission believed that these implementation costs are likely to pass-through to broker-dealers that outsource data reporting, because service contracts between broker-dealers and service bureaus are renegotiated periodically, and approval of the CAT NMS Plan could trigger renegotiation as the bundle of services provided would materially change.
See Notice, supra note 5, at 30726.
The Commission, however, preliminarily believed that the ongoing costs of CAT Data reporting by service bureaus would be duplicative of costs incurred by broker-dealers. The aggregate fees paid by Outsourcers to service bureaus cover the service bureaus' costs of ongoing data reporting. To include ongoing service bureau costs as a cost of CAT would double-count the costs that broker-dealers incur for CAT Data reporting.
The CAT NMS Plan estimates aggregate implementation costs of $51.6 million to $118.2 million for service bureaus, depending on the particular data ingestion format. Aggregate ongoing annual cost estimates ranged from $38.6 million to $48.7 million. To provide a conservative estimate of aggregate cost estimates for CAT, the Commission included only the maximum implementation cost that vendors would likely face of $118.2 million.
The Vendor Survey asked about the costs under two different data ingestion formats, Approach 1 and Approach 2. Approach 1 would allow broker-dealers to submit data to the Central Repository using their choice of existing industry messaging protocols, while Approach 2 would specify a pre-defined format. Id. at Section 30726.
One commenter provided additional information regarding service bureau implementation costs. The commenter stated that these firms will face $1.3 million in implementation costs related to providing allocation timestamps, and that these costs were not covered by the Vendors Study conducted by the Participants. The Commission believes this estimate is reliable because the commenter is an industry trade group with members that can provide cost estimates to the commenter. Furthermore, the Commission believes it is possible that at the time the Vendor's Study was conducted, industry members may not have been aware that allocation timestamps would be required in CAT. Consequently, the Commission is updating its analysis to account for these costs.
FIF Letter at 87-88.
The Commission continues to believe that the only relevant cost for service bureaus to include in the aggregate costs of complying with the Plan is the estimated implementation cost which as adjusted is $119.5 million.
2. Aggregate Costs to Industry
a. Estimated Costs of Compliance
In the Notice, the Commission preliminarily estimated that industry would spend $2.4 billion to implement CAT, and $1.7 billion per year in ongoing annual costs. The Commission calculated these numbers as the sum of its estimates for the Central Repository, Participants, broker-dealers, and service bureaus. These compare to Plan estimates of initial aggregate costs to industry of $3.2 billion to $3.6 billion and annual ongoing costs of $2.8 billion to $3.4 billion.
See Notice, supra note 5, at 30726-30.
See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(iv)(A)(5).
In terms of magnitudes of aggregate costs, the Notice discussed that costs to the 126 largest broker-dealers that currently report OATS data would be the largest driver of implementation costs, accounting for 38.3% of CAT implementation costs. Although these broker-dealers would face significant costs in implementing CAT, the Reporters Study survey results suggest that they anticipate lower ongoing reporting costs than they currently incur ($599 million annually in expected aggregate costs versus $1.1 billion annually in current aggregate regulatory data reporting costs). For all other categories of broker-dealers, the Commission estimated ongoing annual costs to be higher than current reporting costs. While broker-dealers are anticipated to bear the greatest share of costs associated with CAT, the Commission discussed the possibility that these costs would be passed on to investors.
The Commission received comments on its preliminary estimates of aggregate costs to the industry. One commenter provided alternative cost estimates, citing costs for financial institutions of $2 to 40 million during initial years of CAT, and ongoing costs for CAT infrastructure of $28 to 36 million annually based on an analysis released by the Office of Comptroller of the Currency related to the Volcker Rule. Another commenter noted that while aggregate costs are not certain, they will be measured in billions of dollars. The same commenter also noted that the costs of CAT would be passed on to investors.
Data Boiler Letter at 14-15.
FSR Letter at 9-10.
FSR Letter at 9-10.
The Commission does not believe, however, that these comments require revision of its analysis of the aggregate costs of the Plan.
With respect to the comment that suggested that the Commission use Volcker Rule cost estimates to estimate the costs of the Plan, the Commission believes that these estimates are not relevant to the Plan. The requirements of the Plan are significantly different than the requirements of the Volcker Rule, which is primarily focused on restricting certain trading activities and investments of banking entities, rather than the centralization and standardization of regulatory data reporting. Further, while the Commission acknowledges that some market participants will be subject to both the Volcker Rule and CAT, the Commission notes that market participants affected by the Plan are not necessarily comparable to banking entities affected by the Volcker Rule, and thus cost estimates for changes to their business processes would not be applicable to typical CAT reporters, which tend to be smaller institutions. The commenter's suggested estimate of $2 million per year for affected market participants that are not large financial institutions does not seem reasonable because the majority of data that must be collected under CAT is already hosted by many of these firms' service providers, and much of this data is already reported to a regulatory data reporting system (OATS) for a far lower cost than the $2 million estimate.
Data Boiler Letter at 14-15.
See Notice, supra note 5, at 30722.
The Commission agrees with the comment regarding the uncertainty of the cost estimates, and notes that it recognized in the Notice the significant uncertainty surrounding the actual implementation costs of CAT and the actual ongoing broker-dealer data reporting costs if the Plan were approved and is cognizant of the magnitude of the aggregate costs. The Commission continues to recognize that the methodology and data limitations used to develop these cost estimates could result in imprecise estimates that may significantly differ from actual costs. The Commission continues to believe, however, that it is using its best judgment to assess available information and data to provide analysis and estimates of the costs of the CAT NMS Plan. With regard to the comment that CAT costs will be passed on to investors, the Commission acknowledged in the Notice and continues to believe that it is possible that some or most of the costs of CAT will be passed on to investors.
FSR Letter at 9-10.
See Notice, supra note 5, at 30708.
FSR Letter at 9-10.
The Commission has, however, updated its aggregate cost estimates to account for the updates to Central Repository, Broker-Dealer, Participant and Service Bureau cost estimates which incorporate updates due to modifications of the Plan. In aggregate, the Commission believes that that industry will spend $2.4 billion to implement CAT, and $1.7 billion per year in ongoing annual costs. Table 5 below shows these new cost estimates and aggregate costs to industry. Some individual estimates have changed from estimates presented in the Notice for a number of reasons. First, the Commission is now recognizing system retirement costs of $55 million. Also, estimates for Participant costs have increased to account for two additional Participants that were not covered by the Participants Study, and to account for the cost of additional reporting required by amendments to the Plan. Finally, estimates for Central Repository implementation and ongoing costs have been updated to reflect the Participants' current estimates. As Table 5 shows, however, the changes to the cost estimates do not affect the rounded estimates of implementation and ongoing costs presented in the Notice. The Commission recognizes that these cost estimates do not specifically itemize the costs of certain modifications to the Plan or respond to information provided by certain Commenters related to the costs of individual elements of the Plan. The Commission discusses these in detail in Section VI.F.3 below.
Table 5—Commission's Estimate
Number | Current costs | CAT | |||
---|---|---|---|---|---|
Implementation | System retirement | Ongoing | |||
Central Repository | $0 | $65,000,000 | $55,000,000 | ||
Participants (all, 21) | 170,326,730 | 37,713,757 | $342,632 | 114,271,857 | |
Service Bureaus (all, 13) | Unknown | 119,500,000 | 21,300,000 | Excluded | |
Broker Dealers: | |||||
Insourcers | 126 | 1,097,130,000 | 911,144,052 | 12,600,000 | 599,285,000 |
Outsourcers | 806 | 271,113,000 | 342,026,100 | 8,060,000 | 356,764,000 |
New Small Firms | 799 | 133,137,000 | 678,111,300 | 7,990,000 | 353,666,000 |
ELPs | 14 | 20,068,000 | 54,257,245 | 1,400,000 | 45,160,000 |
Options Market Makers | 31 | 44,437,000 | 120,141,043 | 3,100,000 | 99,998,000 |
Options Floor Brokers | 24 | 3,999,000 | 20,368,800 | 240,000 | 10,623,000 |
Additional Costs: | |||||
NEW: Allocation time | 44,050,000 | 5,035,833 | |||
NEW: Quote sent time | 17,400,000 | 11,880,000 | |||
NEW: Development Cost Recoup | 8,800,000 | ||||
Total BD | 1,800 | 1,569,884,000 | 2,196,298,540 | 33,390,000 | 1,482,411,833 |
Total Industry | 1,740,210,730 | 2,418,512,297 | 55,032,632 | 1,651,683,690 |
b. System Retirement and Duplicative Reporting Costs
In the Notice, the Commission considered whether to include in its estimates of aggregate compliance costs the costs of system retirement and the costs of duplicative reporting if Participants and broker-dealers need to maintain and report to current systems after commencing reporting to the Central Repository.
The Commission considered the costs for system retirement provided in the Plan, which discussed significant costs ($2.6 billion) for retirement of current regulatory reporting systems. The Commission did not include those costs in its estimate of the aggregate costs of the Plan, for several reasons. First, the Commission preliminarily believed that the cost estimates provided in the Plan were unlikely to accurately represent the actual costs industry would face in retiring duplicative reporting systems. In particular, for the majority of broker-dealers that outsource, system retirement would affect few in-house systems; these broker-dealers would likely adapt the systems that interface with service bureaus for current regulatory data reporting to interface for CAT Data reporting. Further, for broker-dealers that self-report regulatory data, the Commission could not determine the source of the costs of system retirement that were estimated in the Plan and the magnitude of estimated costs led the Commission to doubt that estimates included only costs of retiring systems. Second, the retirement of current regulatory reporting systems was not a requirement of the Plan and the timeline and process for their retirement was uncertain.
See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(iv)(A)(5).
At its simplest level, ceasing reporting activities would include scrapping IT hardware dedicated to the endeavor and terminating the employees responsible for such regulatory data reporting. The Commission recognized that there are costs associated with those activities, but did not preliminarily believe their magnitude (estimated in the Plan as $2.6 billion) should approach or exceed the magnitude of costs of CAT implementation (estimated in this analysis as $2.4 billion). See Notice, supra note 5, at 30726-28.
Id.
While the Commission's cost estimates did not recognize explicit system retirement expenses, they also did not explicitly recognize savings from elimination of these systems, though they were recognized qualitatively. In the Notice, the Commission discussed its preliminary belief that this approach was conservative in the sense that system retirement costs would likely be mitigated by incorporation of current reporting infrastructure into CAT reporting infrastructure, while cost savings associated with industry's need to maintain fewer regulatory data reporting systems were not explicitly recognized. While the Commission did not include explicit system retirement costs, the Commission did recognize that industry would experience a costly period of duplicative reporting if the CAT NMS Plan were approved, and the Commission stated that it believed it was possible that these costs could be conflated with actual retirement costs estimated in the Plan.
In the Notice, the Commission stated its preliminary belief that the period of duplicative reporting would likely constitute a major cost to industry for several reasons. These reasons included the length of the duplicative reporting period; constraints on the capacity of industry to implement changes to regulatory reporting infrastructure that might cause market participants to implement changes using less cost-effective resources; and the inability of some market participants to implement duplicative reporting in house, necessitating that they seek service bureau relationships to accomplish their CAT reporting requirements.
Id. at 30728.
Id.
Based on data provided in the Plan, the Commission preliminarily believed that the period of duplicative reporting anticipated by the Participants would likely last for 2 to 2.5 years. This time period involved four steps. Step 1, which could take 12 to 18 months, involves the SROs identifying duplicative SRO Rules and systems and Commission rulemaking. Step 2, which would last six months, involves preparations by the SROs to file rule changes, followed by Step 3, lasting three months, for the Commission to approve such rule changes. The last step, Step 4, involves implementation, and the Commission estimated it could last from 90 days to six months, during which time the Plan stated that the Participants could consider when the quality of CAT Data would be sufficient to meet surveillance needs.
Id. at 30726-30.
In the Notice, the Commission discussed its preliminary belief that the current data reporting costs of $1.7 billion per year constituted an estimate of the cost per year to industry of duplicative reporting requirements, as it represents the cost of duplicative reporting to industry if there are no efficiencies that arise when a market participant has to report a subset of already centralized regulatory data to other regulatory data reporting systems. The Commission did not believe that duplicative reporting costs should be added to the estimated aggregate costs of the CAT NMS Plan. The Commission discussed its belief that that the aggregate costs above represent the total costs of the Plan, and do not account for the differential between these costs and the costs the industry currently incurs for regulatory data reporting and maintenance. During the period of duplicative reporting, industry would incur the aggregate costs of accomplishing CAT reporting described above, plus the costs of current data reporting, which the Commission used as an estimate of duplicative reporting costs. The Commission noted that market participants would incur costs equal to current data reporting costs before system retirement and CAT implementation (because current regulatory data reporting would continue), or as duplicative reporting costs from Plan implementation until system retirement. Consequently, the Commission preliminarily believed these costs should not be considered as costs attributable to approval of the Plan, because market participants would bear these costs whether the Plan is approved or not.
Assuming that OATS, for example, is a subset of CAT, producing OATS data from the same database that produces CAT data might be less expensive than creating a separate infrastructure to report OATS data during the period of duplicative reporting.
The Commission received comments on the costs of duplicative reporting. Several commenters agreed with the Notice that duplicative reporting would constitute a major cost to industry, with a few of these commenters providing examples of the types of costs. Examples of burdens provided by these commenters include dual reporting complexities such as conflicting reporting requirements, varied corrections to the same errors across different systems, legal and compliance confusion, costs of maintenance of duplicative reporting systems such as infrastructure, storage, technical, and staffing resources, and costs associated with making changes to redundant systems. No commenters agreed with the Commission's preliminary belief that reporters might experience efficiencies during duplicative reporting, with one commenter claiming that its costs would double.
FIF Letter at 5; SIFMA Letter at 5; FSR Letter at 10; Fidelity Letter at 4-5; TR Letter at 2; KCG Letter at 3; MFA Letter at 9; DAG Letter at 2.
FIF Letter at 30; SIFMA Letter at 5; Fidelity Letter at 4-5; TR Letter at 2.
FIF Letter at 30.
FIF Letter at 30.
TR Letter at 2.
FIF Letter at 30; SIFMA Letter at 5.
Fidelity Letter at 5; KCG Letter at 3.
See Notice, supra note 5, at 30729.
TR Letter at 2.
The Commission received comments on the measurement of the duplicative reporting period as well as the necessity and impact of the length of the duplicative reporting period. Some commenters indicated that the lengthy expected duplicative reporting period was unnecessary, redundant and/or avoidable and two commenters indicated that the length of the duplicative reporting period was a major factor in the duplicative reporting costs. A commenter suggested that it was feasible for the Commission and SROs to complete Step 1 before the milestone for the publication of Technical Specifications (one year before Industry Members other than Small Industry Members are required to begin reporting), which would speed up systems retirement by 18 to 24 months relative to the Commission's estimate. The same commenter also suggested that Step 4 was longer than necessary to achieve acceptable data quality. One commenter indicated that the length of the duplicative reporting period was actually 3 to 3.5 years instead of the Commission's estimate of 2 to 2.5 years for firms that do not meet the definition of Small Industry Member.
SIFMA Letter at 5; Data Boiler Letter at 36; Fidelity Letter at 4; DAG Letter at 2.
FIF Letter at 5; DAG Letter at 2.
FIF Letter at 6.
FIF Letter at 6.
TR Letter at 2.
The Commission also received comments discussing the system retirement costs presented in the Plan and discussed by the Commission in the Notice. One Commenter disagreed with the Plan's estimate that it should cost $2.6 billion to retire redundant systems. Instead, the commenter suggested that a more accurate cost estimate would range from $10,000 to $100,000 per firm. This commenter did not provide an explanation of the how the commenter derived this estimated range and sought more information on the Plan's estimate.
SIFMA Letter at 7.
The Participants' Response Letter II discussed comments related to system retirement. The Participants noted that Small Industry Members can begin reporting earlier on a voluntary basis, and stated that the Participants will consider a rule change that would accelerate reporting for small Industry Members that are OATS reporters. The Participants also discussed their commitment to eliminating duplicative reporting systems as quickly as possible. They stated that they are incented to eliminate duplicative systems because maintaining the systems is costly.
Response Letter II at 19-20.
Response Letter II at 20-21.
The Participants also outlined a revised timetable for system retirement that differs from the Plan as filed. Under the Participants' proposal, Step 1 would be completed within 9-12 months after the Plan's approval. Step 2, in which Participants file rule changes with the Commission, would end six months after the conclusion of Step 1. The Participants also discussed an exemption for individual CAT reporters from duplicative reporting.
Response Letter II at 21-25.
Response Letter II at 26; see also Section IV.D.9, supra.
The Commission has considered the comments received, the Participants' response, and the modifications to the Plan, and is revising its analysis of the costs of duplicative reporting and system retirement as described below. The Commission acknowledges additional uncertainty regarding duplicative reporting due to its revised belief that efficiencies in duplicative reporting are less likely than it believed at the time of the Notice, but continues to believe that duplicative reporting could cost up to $1.7 billion per year. However, as discussed below, the Commission now believes that the period of duplicative reporting is likely to be shorter than was anticipated in the Notice, and that the cost will therefore be reduced. Based on comments received, the Commission has revised its estimate of system retirement costs and now believes the aggregate cost to industry will be approximately $55 million.
Consistent with its position in the Notice, the Commission agrees with commenters that duplicative reporting will constitute a major cost to industry, and recognizes that conflicting reporting requirements, varied corrections to the same error across different systems, legal and compliance confusion will all contribute to these costs. Further, the Commission agrees that maintenance of duplicative reporting systems will entail commitment of additional resources such as infrastructure, storage, technical, and staffing resources, as well as costs associated with making changes to redundant systems. However, the Commission notes that modifications to the Plan that minimize changes to potentially duplicative systems during the period of duplicative reporting may mitigate some of these costs. Regarding the comment that some market participants will see their data reporting costs double during the period of duplicative reporting, the Commission agrees and believes that calculation is reflected in the estimates in the Notice, as its estimate of duplicative reporting costs of $1.7 billion per year is in line with the projected industry costs of ongoing CAT reporting of $1.7 billion per year.
See Section IV.D.9.a(2), supra (explaining that the Commission is amending Section C.9 of Appendix C of the Plan to state that between the Effective Date and the retirement of the Participants' duplicative systems, each Participant, to the extent practicable, will attempt to minimize changes to those duplicative systems.
See Notice, supra note 5, at 30729. As discussed above, the Commission estimates that market participants currently spend $1.7 billion for regulatory data reporting, and estimates that market participants will spend $1.7 billion to report regulatory data under CAT. During years of duplicative reporting, the Commission estimates market participants would spend $3.3 billion in regulatory data reporting, which is approximately double the $1.7 billion they currently spend. See Section V.F.2, supra.
In response to the comment that duplicative reporting does not create efficiencies, the Commission, in the Notice, explained that it expected some cost efficiencies, but expressed uncertainty about those efficiencies. Because of that uncertainty and in light of the comment, the Commission acknowledges that duplicative reporting may not result in efficiencies.
Based on the changes to the Plan, the Commission now believes that the duplicative reporting period may be shorter than estimated in the Notice. As discussed previously, the Commission has revised the milestones for system retirement, which may decrease the duplicative reporting period compared to the period anticipated at the time of the Notice. Specifically, the gap analyses for major duplicative systems (Step 1) have been substantially completed 3-3.5 years sooner than was envisioned in the Notice. Furthermore, the Plan as amended now calls for the Participants to file with the Commission within 6 months after Plan approval (Step 2) rule change proposals. Consequently, Step 3 (Commission review of rule modification filings) is expected to commence six months after Plan approval, and, as discussed in the Notice, is expected to take three months to one year. As a result, Step 4 (Participant implementation of rule changes) is the only system retirement step that the Commission expects to extend past when Large Industry Members begin reporting to the Central Repository.
See Section IV.D.9.a(1), supra.
The Plan states that Step 1 would end 1-1.5 years after large Industry Members begin reporting to the Central Repository. Large Industry Members will begin reporting 2 years after the Plan is approved.
See Section IV.D.9, supra.
These proposals must consider at least three factors: (1) Specific standards of data accuracy and reliability, including, but not limited to, whether the attainment of a certain Error Rate is reached, (2) whether the availability of Small Industry Member data two years after Plan approval would facilitate more expeditious systems retirement, and (3) whether individual Industry Members can be exempted from reporting to duplicative systems once their CAT reporting meets specified accuracy and reliability standards. See Section IV.D.9.a, supra. The Commission analyzes these amendments below.
The Commission recognizes that there remains significant uncertainty as to when system retirement will occur, because the actual retirement of such rules and systems will depend upon several factors. In particular, the Commission notes that the retirement of systems will not occur until the CAT Data is of sufficient quality and when the CAT system has been fully implemented for all reporters.
See Section IV.D.9, supra.
With respect to the quality of the CAT Data, as discussed above, in the Notice the Commission estimated that the period of duplicative reporting was likely to last for 2 to 2.5 years. At the time of the Notice, the Commission's estimate suggested that the length of the rule modification steps within the four step process discussed above would primarily determine the length of the overall duplicative reporting period, although it recognized that data quality could delay the retirement of duplicative systems. The Commission recognized in the Notice that Step 4 (implementation of system retirement plans) required not only the completion of Steps 1 through 3 but also that data quality within the Central Repository had to be adequate for the SRO's regulatory needs.
See Notice, supra note 5, at 30729.
The Commission now believes that, while the revision of the system retirement milestones may decrease the length of the duplicative reporting period, this change will also increase the probability that Industry Member data quality might delay system retirement because Industry Members will have less experience reporting CAT Data when the four step process reaches the point where data quality could delay system retirement.
Additionally, the Commission believes it is possible that, as one commenter suggested, the phased implementation of CAT reporting for Small Industry Members could result in up to one year of duplicative reporting expense for Large Industry Members. Specifically, Large Industry Member data quality may reach a level that is sufficient for SRO regulatory needs prior to the commencement of reporting by Small Industry Members to the Central Repository, but retirement of systems might not occur until after those Small Industry Members begin reporting. Further, it is possible that, as a result of having commenced reporting at a later date, Small Industry Members' data may not reach an acceptable quality threshold for some period after Large Industry Members' data has reached an acceptable quality threshold. The phased implementation schedule may therefore limit the extent to which the Plan amendments accelerating the timeframe for initial rule change proposals shorten the duplicative reporting period and thereby reduce the costs of duplicative reporting. Despite this caveat, for reasons explained below, the Commission believes that the amendments could significantly shorten this period and reduce costs.
TR Letter at 2.
The Commission's analysis of costs is not based on small versus large Industry Members, but rather is based on Insourcers versus Outsourcers. It is reasonable to assume that Insourcers, ELPs and Option Market Makers are large Industry Members because these market participants can be characterized as having high activity levels that would require capital levels that exceed the upper threshold for small Industry Members. For these three groups of CAT reporters, one year of duplicative reporting is estimated to cost $1.2 billion. See estimates of current data reporting costs in Section V.F.1.c(2)B, supra.
In particular, at least four amendments or other factors might mitigate the impact of phased implementation on duplicative reporting and costs. First, the Commission has amended the Plan to require the Participants' to include, in their filings to retire systems, specific standards of data accuracy and reliability, including, but not limited to, whether the attainment of a certain Error Rate is reached, which should incentivize accurate data reporting by both Large and Small Industry Members and reduce the duplicative reporting period. Second, an amendment to the Plan requires Participants' rule change proposals to consider whether individual Industry Members can be exempted from reporting to duplicative systems once their CAT reporting meets specified accuracy and reliability standards. If the Participants determine to grant such individual exemptions to some Industry Members prior to all Industry Members' data reaching an acceptable quality threshold, the economic impact of the phased implementation schedule could be less. Third, the Participants have indicated that OATS-reporting Small Industry Members can begin voluntarily reporting at the same time as Large Industry Members, and the Commission encourages the Participants and the Plan Processor to work with these Small Industry Members to enable them to begin reporting to CAT, on a voluntary basis, at the same time that Large Industry Members are required to begin reporting or as soon as practicable. The Commission recognizes, however, that incentives for Small Industry Members to begin reporting voluntarily at an earlier time are limited because accelerating CAT reporting imposes costs on CAT reporters, while the benefits of earlier system retirement accrue primarily to Large Industry Members that face a longer period of duplicative reporting. As a result, the extent to which accelerating commencement of voluntary reporting mitigates the economic impact of the phased implementation schedule may be limited. Therefore, the Commission believes that the amendment to require that the Participants consider whether the availability of Small Industry Member data two years after Plan approval would facilitate more expeditious systems retirement could help to avoid an extension of the duplicative reporting period attributable to the phased implementation schedule.
See Section IV.D.9.a.(2), supra. Note that such proposals are subject to Commission approval. In reviewing such a proposal, the Commission would consider the appropriateness, and the consistency with the Act, of the proposal.
Id.
Id.
The Commission has also considered the comment that proposed alternative estimates for system retirement costs and has revised its economic analysis accordingly. Specifically, the Commission believes that this commenter has the expertise to provide reliable estimates because this industry group's members can inform it of their costs; furthermore, the Commission believes the estimates this commenter provided seem more reasonable than estimates provided in the Plan because estimates provided in the Plan exceeded the Commission's estimate of costs of implementing the Plan.
SIFMA Letter at 7.
See Notice, supra note 5, at 30727-28.
To estimate the aggregate costs of system retirement, the Commission assumes that the $100,000 estimate would be appropriate for Insourcers and the $10,000 estimate would be appropriate for Outsourcers. The Commission assumes that for firms that do not currently report to OATS, firms that were considered large for cost estimates (ELPs and Options Market Makers) will have similar system retirement costs to Insourcers because they are more similar in size and scope of operations to Insourcers than Outsourcers. The Commission further assumes that non-OATS reporting firms that were considered small for cost estimates (new small firms and options floor brokers) will face similar system retirement costs to Outsourcers because they are more similar in size and scope of operations to Outsourcers than Insourcers. With these assumptions, the Commission now estimates that broker-dealer system retirement costs would be $33.4 million, as described in Table 6. The Commission draws its estimates of system retirement costs for Participants and service providers from the Plan, which estimates aggregate costs of $343,000 across all Participants, and $21.3 million across all service providers. The Commission now estimates total industry costs for system retirement will be $55 million.
As discussed in the Notice, the Insourcing/Outsourcing decision is correlated with firm size. Insourcers tend to be larger firms, as do ELPs and Options Market Makers. These firms are likely to have more internal systems and more complex internal systems that will likely be more expensive to retire. On the other hand, Outsourcers, new reporters and options floor brokers are likely to be smaller firms with fewer internal systems that are less complex for retirement. Furthermore, new reporters and options floor brokers are likely to have fewer internal reporting systems than other broker-dealers because they are unlikely to have current OATS reporting obligations. Id. at 30718.
The Commission recognizes that there is uncertainty in the system retirement costs that broker-dealers will face generally. The estimates provided by the commenter are presented as a range, and the Commission's assumptions of which firms would fall at the top and the bottom of the range have significant uncertainty. If all 1,800 broker-dealers anticipated to incur CAT reporting obligations bore $100,000 in system retirement costs, broker-dealer system retirement costs would be $180 million. The Commission believes system retirement costs will be far less than this because many broker-dealers currently have limited regulatory data reporting systems, and the majority of broker-dealers rely on service providers to perform much of their data reporting responsibilities.
The Commission recognizes that some new reporters and options floor brokers may choose to insource their CAT reporting activities, and thus may be considered similar in size and scope of operations to non-OATS reporting large firms. Because new reporters and options floor brokers do not currently report to OATS, the Commission believes that they will face lower system retirement costs than ELPs and Options Market Makers because the Commission believes many ELPs and Options Market Makers are members of an exchange that requires them to be able to report to OATS on request, while new small firms and options floor brokers are unlikely to be members of an exchange with this requirement.
The Notice estimated $310,000 for system retirement costs for Participants. The Commission is increasing this estimate by 10.53% to account for the addition of two Participants. See Section V.F.1.b, supra.
Table 6—Estimate of System Retirement Costs
Number | CAT system retirement | |
---|---|---|
Central Repository Participants (all) | $342,632 | |
Service Bureaus (all, 13) | 21,300,000 | |
Broker-Dealers: | ||
Insourcers | 126 | 12,600,000 |
Outsourcers | 806 | 8,060,000 |
New Small Firms | 799 | 7,990,000 |
ELPs | 14 | 1,400,000 |
Options Market Makers | 31 | 3,100,000 |
Options Floor Brokers | 24 | 240,000 |
Total BD | 1800 | 33,390,000 |
Total Industry | 55,032,632 |
3. Further Analysis of Costs
a. Costs Included in the Estimation
In the Notice, the Commission noted that, in general, the CAT NMS Plan does not break down its cost estimates as a function of particular CAT NMS Plan requirements. However, the Commission considered which elements of the CAT NMS Plan were likely to be among the most significant contributors to the estimated CAT costs. The Commission discussed its preliminary belief that significant sources of costs would include: The requirement to report customer information; the requirement to report certain information as part of the Material Terms of the Order; the requirement to use listing exchange symbology; and the inclusion of Allocation Reports.
See Notice, supra note 5, at 30730-32.
See CAT NMS Plan, supra note 5, at Appendix C, Section A.1.a.iii.
In addition, the Commission discussed its preliminary belief that while certain costs could generally be quantifiably estimated, they were unlikely to be significant contributors to the overall costs of the Plan. These factors included: Clock synchronization requirements; Plan requirements that include the requirement that Options Market Makers send quote times to the exchanges; the requirement that the Central Repository maintain six years of CAT Data; and the inclusion of OTC Equity Securities in the initial phase of the implementation of the CAT NMS Plan. Furthermore, the Commission also explained that there were other sources of costs, namely costs associated with meeting certain targets such as error rates and management of PII, that could not be quantified by the Commission.
The Commission noted that it believed that its estimates of the implementation costs and ongoing costs to industry included each of the costs discussed, because the provisions encapsulate major parts of the Plan. The Commission explained that it lacked the necessary information to estimate what portion of the costs of the Plan is attributable to some of these aforementioned elements because the Plan does not provide information on the costs attributable to reporting of this information, and the Commission had no other data from which it can independently estimate these costs.
As discussed more fully below, the Commission has considered the comments it received regarding its analysis of these aforementioned costs, the Participants' response, and modifications to the Plan, and is updating its analysis in three ways. First, the Commission's analysis fully acknowledges the uncertainty in its cost estimates. Second, several comments disagreed with the Commission's belief that certain costs were included in the Commission's cost estimates. The Commission has analyzed each of these instances below and now believes that some costs, namely costs associated with Allocation Time and Quote Sent Time, were not included in the estimated costs in the Notice. As indicated in the Costs to Broker-Dealers, Costs to Participants, and the Costs of Building and Operating the Central Repository Sections above, the Commission has added these costs to the total costs for broker-dealers where estimates are available or otherwise recognizes them as additional to the existing estimates. Third, several commenters disagreed with which costs the Commission noted as significant contributors to CAT costs. In response to comments, the Commission no longer judges whether quantified costs represent a significant contribution to total costs. Instead, it describes only the costs it cannot quantify in terms of whether the Commission believes such costs are a substantial proportion of costs of the CAT NMS Plan, and addresses those individually below. The Commission is cognizant that some of the costs for particular elements may be significant in isolation even if they are not a large proportion of the aggregate costs of the Plan. The following Sections expand on the analysis of the estimated costs above by exploring individual components of the CAT NMS Plan.
The Commission recognizes that Allocation Time may also increase the costs of the Central Repository and that Quote Sent Time may increase the costs of the Central Repository and to Participants. However, the Commission lacks sufficient information to add these costs to the existing estimates in these categories. Consequently, the Commission discusses the modifications qualitatively.
(1) Customer Information
In the Notice, the Commission discussed its belief that the requirement in the CAT NMS Plan to report customer information for each transaction represents a significant source of costs. The Commission explained that adapting systems to report customer information that is not included in current regulatory data on a routine basis could require significant and potentially difficult reprogramming because it could require gathering information from separate systems within a broker-dealer's infrastructure and consolidating it in one location, and redesigning an IT infrastructure to satisfy this requirement could interrupt other workflows within the broker-dealer, expanding the scope of systems that must be altered to accomplish CAT reporting.
See Notice, supra note 5, at 30730.
The Commission received comments regarding the costs associated with reporting customer information. One commenter mentioned that the costs for providing customer information to the Central Repository represent a significant proportion of costs to the total industry. One commenter requested clarification that only active accounts are reported as part of the customer definition process, and as a result of such clarification, this could reduce costs incurred for reporting customer information. Two commenters stated that including Customer Identifying Information on the Initial Order Report would result in significant costs for the industry.
Data Boiler Letter at 37.
FIF Letter at 10.
TR Letter at 8-9; FIF Letter at 9-10, 86.
The Participants responded to the comment regarding clarification of reporting only active accounts, stating that they have proposed to add a definition of “Active Account”, defined as an account that has had activity in Eligible Securities within the last six months. Additionally, the Participants propose amending Section 6.4(d)(iv) of the Plan to clarify that each Industry Member must submit an initial set of customer information for Active Accounts at the commencement of reporting to the Central Repository, as well as any updates, additions, or other changes in customer information, including any such customer information for any new Active Accounts. In response to the comments regarding the expense associated with reporting Customer Identifying Information in the Initial Order Report, the Participants recommended modifications to the Plan to clarify that Customer Identifying Information and Customer Account Information does not need to be included on the Initial Order Report.
Response Letter I at 35.
Response Letter I at 34.
The Commission considered these comments, the Participants' response and modifications to the Plan, and continues to believe that the requirement in the CAT NMS Plan to report customer information represents a significant proportion of total costs to the industry. No commenter provided cost estimates that would allow the Commission to estimate the costs, however. Further, the economic analysis did not explicitly account for Customer Identifying Information and Customer Account Information on the Initial Order Report, and the modification clarifies that the Plan does not require this information on order origination.
(2) Material Terms of the Order
In the Notice, the Commission preliminarily explained that the requirement to report Material Terms of the Order that include an open/close indicator for equities, order display information, and special handling instructions represent a significant source of cost. The Commission observed that not all broker-dealers are required to report these elements on every order and no market participants report an open/close indicator on orders to buy or sell equities. Thus, adapting some market participants' systems to report this information for each transaction could require significant and potentially difficult reprogramming that requires centralizing or copying information from multiple IT systems within the broker-dealer, which could dramatically increase the costs associated with implementing the changes required by CAT.
The Commission received comments on the costs of the open/close indicator, but did not receive comments on other components of the Material Terms of the Order. Three commenters agreed with the Commission's analysis that an open/close indicator represents a significant proportion of costs of the Plan. Two commenters indicated that it would require significant process changes across multiple systems, and one provided a list of the different types of systems impacted by the open/close indicator. Three commenters mentioned that currently, the open/close indicator is not populated for equities. One of these commenters mentioned the inclusion of the open/close indicator for equities represents a “market structure change.” Further, several commenters implied that the costs of the open/close indicator were not included in the cost estimates in the Notice. The Participants did not directly address the costs of the open/close indicator but did indicate that it is currently only captured on certain options orders, implying that including this field in the Plan would be costly. In particular, the Participants' response indicates that the open/close indicator is not captured on equities or on certain options transactions such as Options' Market Maker transactions.
TR Letter at 9; SIFMA Letter at 35-36; FIF Letter at 83-86.
SIFMA Letter at 35; FIF Letter at 4, 84.
FIF Letter at 84.
TR Letter at 9, FIF Letter at 4, SIFMA Letter at 35.
FIF Letter at 85; TR Letter at 9.
Specifically, one commenter stated that the inclusion of the open/close indicator for equities was a surprise (See FIF Letter at 84) and two commenters wanted additional cost benefit analysis on the open/close indicator (See FIF Letter at 84; SIFMA Letter at 36).
Response Letter I at 21, 22.
The Commission considered these comments, the Participants' response, and modifications to the Plan and is updating and revising its economic analysis regarding the costs of the open/close indicator for equities and certain options transactions below.
The modifications to the Plan eliminating the requirement to report an open/close indicator for equities will reduce the compliance costs for broker-dealers, Participants, and the Central Repository, but the Commission cannot quantify the savings. While several commenters implied that the cost estimates in the Notice did not account for the open/close indicator in equities, the Commission notes that this data field was proposed in Rule 613 and discussed in the Proposing Release and Notice. Nonetheless, the commenters represent many broker-dealers and, therefore, the comments may indicate that a number of broker-dealers indeed did not include these costs when responding to the cost survey. This raises uncertainty regarding how many broker-dealers did or did not account for these costs. Because of this uncertainty and the absence of comments detailing the costs, the Commission cannot update its cost estimates to recognize the Plan modifications. However, both the Commission and commenters agree that, absent a modification, market participants would have needed to adapt their systems to report open/close information for each order because this indicator is not populated for equities today.
The Participants' statement in the response letter that open/close indicators are not reported on some options orders is consistent with Commission experience and the analysis in the Notice. While the economic analysis in the Notice did not explicitly separate the costs associated with an open/close indicator for equities and an open/close indicator for options, the Commission continues to believe that the costs of the open/close indicator for options are included in the cost estimates above because the commenters who implied that the cost estimates do not include estimates of the open/close indicator specifically mentioned equities and not options. But because the Plan will no longer require the reporting of the open/close indicator for Options Market Maker transactions, the Commission now believes there will be additional cost savings associated with not having to report this indicator as part of CAT.
(3) Listing Exchange Symbology
In the Notice, the Commission explained its preliminary belief that the requirement to use listing exchange symbology could represent a significant source of costs. The Commission explained that because broker-dealers do not necessarily use listing exchange symbology when placing orders on other exchanges or off-exchange, this requirement could require broker-dealers to perform a translation process on their data before they submit CAT Data to the Central Repository. The translation process could be costly to design and perform, and result in errors that would be costly for the broker-dealers to correct. If other elements of the Plan were to necessitate a translation, then the listing exchange symbology could be fairly low cost because it would be just another step in the translation. However, if the Plan has no other requirement that would necessitate a translation, the Commission explained that the costs of including listing exchange symbology on all CAT reports would include the costs of designing and performing the translation as well as the costs of correcting any errors caused by the translation.
See Notice, supra note 5, at 30730-30731.
For example, class A shares of ABC Company might be traded using ticker symbol “ABC A” on one exchange, “ABC_A” on another exchange, and “ABC.A” on a third. As written, the Plan would require all broker-dealers to use the listing exchange's symbol for its Central Repository reporting, regardless of the symbol in the order messages received or acted upon at the broker-dealer or exchange.
The Commission received several comments regarding costs associated with CAT Reporters using listing exchange symbology. One commenter stated that they did not expect the use of listing exchange symbology to be much more costly than the use of existing symbology. Another commenter suggested that accepting only listing exchange symbology is costly and invasive. One other commenter stated that listing exchange symbology would also be a significant source of costs for options.
FIF Letter at 12, 95.
Data Boiler Letter at 37-38.
Bloomberg Letter at 5.
The Participants' response provided information on current practices relevant to the Commission's economic analysis. In particular, the Participants stated that based on discussions with the DAG, it was their understanding that all Industry Members subject to OATS or EBS reporting requirements currently use the symbology of the listing exchange when submitting such reports. These Industry Members may use proprietary symbols when recording events internally, but the Participants stated that based on their understanding of current practices, Industry Members currently employ technical solutions and/or systems that allow them to translate symbology into the correct format of the listing exchange when submitting data to exchanges or when submitting to regulatory reporting systems such as OATS or EBS.
Response Letter II at 7.
Response Letter III at 13.
The Commission considered the comments and the Participants' response and is revising its analysis and conclusion. Specifically, the Commission is incorporating the information from the Participants' response into its baseline of current broker-dealer practices. Because the Commission believes that broker-dealers already translate their order messages when routing orders, they should be able to apply those translations to other types of messages before recording the events or reporting them to CAT at a relatively low cost. Therefore, the Commission now believes that the incremental cost for CAT Reporters to translate from their existing symbology to listing exchange symbology would be smaller than as discussed in the Notice and would not be a substantial contributor to aggregate costs. This revised conclusion is consistent with commenters who indicated there would be costs, but did not indicate they would be large and did not provide cost estimates.
(4) Allocation Reports
In the Notice, the Commission recognized that industry would bear certain costs associated with Allocation Reports, particularly the requirement that the reports include allocation times. The Commission understood that currently some broker-dealers already record allocation times, but that the broker-dealers that do not currently record these times will face implementation costs associated with changing their business processes to record them. The Commission explained that implementation costs for allocation reporting may include significant costs associated with incorporating additional systems into firms' regulatory data reporting infrastructure to facilitate this reporting, if such systems would not already be involved in recording or reporting order events. Furthermore, the Commission explained that Outsourcers could face significant implementation and ongoing costs associated with reporting Allocation Reports if their service bureaus do not extend their services to manage the servers that handle allocations.
Three commenters noted that there would be costs associated with reporting allocation timestamps. One of these commenters mentioned that the requirement to report allocation timestamps means that industry members would need to incur unnecessary costs to acquire additional resources, and that these resources could be better served implementing other critical requirements of the CAT Plan. One commenter also provided cost estimates for reporting allocation timestamps at a granularity of one millisecond, as would be required in the Plan, and at a granularity of one second. In particular, the commenter reported that it conducted a survey of a set of broker-dealers to estimate the additional costs of the CAT NMS Plan that would be associated with the timestamp requirement on CAT Allocation Reports. Based on the results of the survey, the commenter estimated that the currently proposed allocation timestamp requirement, with a one millisecond timestamp granularity and a 50 millisecond clock offset, would cost the industry $88,775,000 in initial implementation costs and $13,925,000 in ongoing annual costs. The commenter further estimated that a modified allocation timestamp requirement, with a one second timestamp granularity and a one second clock offset, would cost the industry $44,050,000 in initial implementation costs and $5,035,833 in ongoing annual costs. The commenter also indicated that neither the survey of broker-dealers used to estimate the cost estimates in the Plan nor the survey used to estimate the costs of clock synchronization requirements included the requirement of timestamps on Allocation Reports.
FSR Letter at 9; SIFMA Letter at 35; FIF Letter at 3-4, 11, 86-89.
FSR Letter at 11.
FIF Letter at 87-89.
FIF Letter at 88, Table 6.
FIF Letter at 86.
The Participants' response recommended a modification to the Plan that would specify a one-second timestamp for allocation time on Allocation Reports, and the Plan has been amended to reflect this recommendation.
Response Letter I at 25.
The Commission considered these comments, the Participants' response, and modifications to the Plan and is updating its analysis stated in the Notice. The comments that acknowledged that providing allocation timestamps represents a significant proportion of costs of the Plan are consistent with the Commission's analysis in the Notice. The Commission has analyzed the cost estimates received and believes them to be reliable because they are based on a survey of industry participants who are informed of the Allocation Time requirement and the changes that broker-dealers would need to make to comply with the requirement. Further, the Commission has analyzed the public information on the dates of the CAT Reporter survey and the release of public information on the inclusion of Allocation Time. In recognition of the modification to the timestamp granularity and the realization that Allocation Time costs were not included in the cost estimates in the Notice, the Commission is now adding the commenter's estimate of $44,050,000 in implementation costs and $5,035,833 in ongoing costs to the estimates of costs to broker-dealers.
See Section V.F.3.a(4), supra. The total cost estimates of the CAT Plan reflect these implementation and ongoing costs.
(5) Clock Synchronization
In the Notice, the Commission discussed its preliminary belief that the clock synchronization requirements represented a less significant source of costs. The CAT NMS Plan estimated industry costs associated with the original 50 millisecond clock synchronization requirement, based on the FIF Clock Offset Survey. The FIF Clock Offset Survey stated that broker-dealers currently spend $203,846 per year on clock synchronization activities, including documenting clock synchronization events. The FIF Clock Offset Survey stated that firms expected the proposed 50 millisecond requirement to increase those costs by $109,197 per firm. Based on discussions with industry, the Commission preliminarily believed that the majority of broker-dealers (Outsourcers) would not face significant direct costs for clock synchronization because timestamps for CAT Data reporting would be applied by service bureaus. However, the Commission preliminarily estimated there are 171 firms that make the insourcing-outsourcing decision on a discretionary basis; if these firms decided to insource their data reporting under CAT, they would likely face costs associated with complying with new clock synchronization requirements. The Commission preliminarily estimated that industry-wide implementation costs for the 50 millisecond clock synchronization requirement would be $268 million, with $25 million annually in ongoing costs. The Commission preliminarily believed that approximately $18.7 million in broker-dealer ongoing costs would be attributable to clock synchronization requirements. The Commission also preliminarily believed that service bureaus would face similar clock synchronization costs if the CAT NMS Plan is approved. Using 13 as an estimate of the number of service bureaus, approximately $6 million in service bureau ongoing costs would be attributable to clock synchronization requirements in the Plan.
See CAT NMS Plan, supra note 5, at Section D.12, and note 247. In the Notice, the Commission noted that the survey has two limitations pertinent to specific cost estimates provided in the summary of survey results. First, cost estimates are likely to be significantly downward biased. Individual responses to cost data were gathered within a range; for example, a firm would quantify its expected costs as “Between $500K and less than $1M” or “$2.5M and over.” When aggregating these responses, FIF generally used the range midpoint as a point estimate; however, for the highest response, the range minimum was used (i.e., “$2.5M and over” was summarized as $2.5M.) This is likely to have produced a significant downward bias in aggregate survey responses. Second, the survey included only broker-dealers and service bureaus, thus the data excludes exchanges. The Commission preliminarily believed this limitation would not significantly impact industry costs because all exchanges currently maintain clock synchronization standards finer than those discussed as alternatives.
See FIF Clock Offset Survey, supra note 247. This is based on the current practice of the broker-dealers who responded to the survey.
See id. at 16. The $109,197 figure is obtained by subtracting the cost of maintaining current clock offsets of $203,846 annually from the estimated per-firm annual cost of maintaining a 50-millisecond clock offset of $313,043. S ee id. at 7 (“Even where firms were at the target clock offset, many firms cited additional costs associated with compliance including logging and achieving greater degrees of reliability”).
See Section V.F.1.d, infra, for discussion of service bureau costs and the degree to which those costs might be passed on to broker-dealers.
These are the 126 current OATS reporters that report more than 350,000 OATS ROEs per month; the 31 options market-making firms; and the 14 ELPs.
See Section VI.H.2.a(1), infra, for a discussion of how these implementation costs might vary for different clock synchronization standards.
See id., for discussion of costs attributable to the 50 millisecond clock synchronization tolerance proposed in the Plan, including the $109,197 estimate of per-firm implementation costs of the 50 millisecond clock synchronization requirement; see also CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(i)(A)(3). 171 broker-dealers × $109,197 = $18,672,687. Note also that the Commission erroneously reported in the Notice that costs were $19.7 million in implementation costs, but these estimated costs should have been $18.7 million in ongoing costs. See Notice, supra note 5, at 30762-63 for further information on the Commission's estimation.
The CAT NMS Plan states that the Vendor Study was distributed to 13 service bureaus or technology-providing firms identified by the DAG. See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(i)(A)(3). 13 service bureaus × $109,197 × 4.2 = $5,962,156.2. The 4.2 multiplier is the ratio between the total incremental ongoing charges to broker-dealers and the total incremental ongoing costs to service bureaus derived from the cost estimates above. See Notice, supra note 5, at 30763 n 1245. Note that the Commission erroneously reported in the Notice that costs were $1.4 million in implementation costs, but these estimated costs should have been $6 million in ongoing costs. The Commission believed clock synchronization costs are already included in cost estimates provided in the Vendor Study. In the Notice, the Commission explained its belief that these costs likely would ultimately be passed on to service bureaus' broker-dealer clients. See Notice, supra note 5 at 30726; see also Notice, supra note 5, at 30762-63 for further information on the Commission's estimation.
In addition, the Commission solicited comment in the Notice on alternatives to the Plan's one-size-fits all definition of “industry standard.” Under these alternatives, “industry standard” would be defined in terms of the standard practices of different segments of the CAT Reporters. The Commission explained that these alternative approaches could result in clock offset tolerances shorter than the CAT NMS Plan's proposed 50 millisecond standard for some or all CAT Reporters, Using information from a survey, the Commission estimated broker-dealer costs under various alternative standards.
See Notice, supra note 5, at 30759.
See FIF Clock Offset Survey, supra note 247.
The Commission received several comments regarding costs associated with clock synchronization requirements. One commenter mentioned that managing multiple clock synchronization structures across report types would present unnecessary difficulties for broker-dealers and unnecessary reconciliation issues for the Commission and SROs. Another commenter stated that clock synchronization will cost the industry $268 million for initial implementation of a 50 millisecond clock offset and $25 million for annual monitoring/maintenance, and that this represents a significant proportion of overall industry costs of the CAT NMS Plan. Furthermore, as discussed in Section V.F.3.a.(4), the commenter also indicated that the survey of broker-dealers used to estimate the costs of clock synchronization requirements did not include the requirement of timestamps on Allocation Reports. The commenter estimated that the proposed allocation timestamp requirement would cost the industry $88,775,000 in initial implementation costs and $13,925,000 in ongoing annual costs and that a modified allocation timestamp requirement, with a one second timestamp granularity and a one second clock offset, would cost the industry $44,050,000 in initial implementation costs and $5,035,833 in ongoing annual costs. Finally, this commenter highlighted several limitations in the Commission's cost estimates that result in these estimates understating industry cost. First, the commenter said that the costs in the FIF survey do not represent “insourcer” implementation costs as the Commission assumed because the survey was skewed toward smaller broker-dealers. Second, the commenter said that the Commission stated that the FIF Clock Offset Survey underestimated the costs per firm because of the methodology used to select a “midpoint” for the top cost range. Finally, the commenter said that the Commission should not have assumed staffing of 1/4 full time employee (“FTE”) for initial implementation because it is incorrect to assume that all of the costs would be borne by a service bureau for all broker-dealers.
SIFMA Letter at 34.
FIF Letter at 108.
FIF Letter at 86.
FIF Letter at 88, Table 6.
Id. at 109.
The Participants' response recommended a modification to the Plan changing the clock synchronization to 100 microseconds with regards to electronic systems, excluding certain manual systems; but stated that having multiple clock synchronization standards across an order lifecycle would complicate the linking process at the Central Repository, implying an increase in costs. In addition, the Participants' response recommended a modification to the Plan that would specify a one-second timestamp for allocation time on Allocation Reports and that would permit Industry Members to synchronize their Business Clocks used solely for reporting the time of allocation on Allocation Reports to within one second. The Plan has been amended to reflect each of these recommendations. The Commission is also amending the Plan to state that the Participants should apply industry standards based on the type of CAT Reporter or system, rather than the industry as a whole.
Response Letter II at 5.
Response Letter I at 25.
Response Letter III at 14.
See CAT NMS Plan, supra note 5, at Section 6.8(c).
The Commission has considered the comments received, the Participants' response, and modifications to the Plan regarding clock synchronization and is revising its analysis of the costs attributable to this element of the Plan. In response to the commenter that stated the Commission's estimate for clock synchronization costs represents a significant portion of overall costs, the Commission did not intend to imply in the Notice that the magnitude of the clock synchronization costs were trivial, but instead that these costs were less significant contributors to overall costs than other costs.
In response to the commenter that stated the Commission's cost estimates associated with clock synchronization requirements were understated, the Commission recognizes the limitations in its analysis. However, the Commission lacks sufficient information to derive a more precise estimate. Although the participants in the FIF Clock Offset Survey were skewed towards smaller firms that did not match the “insourcer” model, as the commenter mentioned, it is unclear that the inclusion of such firms would bias the Commission's cost estimates downward. Also, the Commission's estimate of 1/4 FTE for the clock synchronization implementation costs for Outsourcers is in line with its estimate of 1 FTE for the overall implementation costs for Outsourcers whereas multiplying the estimate from the survey results by the number of Outsourcers would yield a result that would be approximately 87% of the Commission's estimates for total implementation costs for outsourcers. The Commission agrees, however, that the average cost calculated in the FIF Clock Offset Survey included an inherent downward bias due to the selection of the minimum value in the highest cost response range when calculating the average. In conclusion, while the Commission recognizes a degree of uncertainty in its clock synchronization cost estimates, which may be downward biased, the commenter does not offer an alternative cost estimate, and the Commission does not have enough information to change its estimate.
See FIF Clock Offset Survey, supra note 247.
Compare the implied Outsourcer clock offset implementation cost estimate of $554,348 × 1,629 = $903,032,892 ($554,348 × 1,629 outsourcers) to total Outsourcer implementation costs of $1,040,506,000 (342,026,000 + 678,111,000 + 20,369,000). See Notice, supra note 5, at 30726.
See Notice, supra note 5, at n 968.
The Commission agrees with the commenter that stated cost estimates in the Plan did not include the requirement of timestamps on Allocation Reports. In recognition of the modification to the Plan regarding timestamp requirements of Allocation Reports, and in realization that Allocation Time costs were not included in the cost estimates in the Notice, the Commission is now adding the commenter's estimate of $44,050,000 in implementation costs and $5,035,833 in ongoing costs for the inclusion of timestamps on Allocation Reports to the estimated costs of broker-dealers.
The total cost estimates of the CAT Plan reflect these implementation and ongoing costs. See Section V,F.2.a, infra.
The Commission is unable to update cost estimates to account for the modifications to the clock synchronization standards for exchanges, but the Commission does not believe that the modifications will result in substantial cost increases for exchanges. The Commission does not have sufficient information to estimate clock synchronization costs for exchanges. However, based on information cited in the Notice and the Participants' response, the Commission understands that exchanges already maintain clock offsets of 100 microseconds or less. While the Commission recognizes that exchanges may still incur costs in additional logging and other actions to ensure they maintain clock offsets in compliance with the Plan, the Commission does not believe these additional costs will be substantial.
See Notice, supra note 5, at 30669.
Response Letter II at 4.
The Commission does not agree with the Participants that having multiple clock synchronization standards within the same order lifecycle will complicate the linkage process at the Central Repository. As indicated in Section V.D.2.b.(2), the industry already operates with multiple clock synchronization standards. Therefore, regardless of whether the clock synchronization standards apply a one-size-fits-all definition of industry standard or apply a different standard to exchanges, the linking process is already complicated by the fact that exchanges and many broker-dealers already synchronize some or all of their business systems to less than 50 milliseconds. The Commission therefore believes that the modifications to the Plan to set the clock synchronization standard for exchanges at 100 microseconds and base industry standards on the type of CAT Reporter or system will not increase the costs of the Central Repository.
The Commission acknowledges that the requirement for the Participants to perform an assessment of clock synchronization standards, including consideration of industry standards based on the type of CAT Reporter, Industry Member and type of system, will impose additional costs on the Participants. Furthermore, it is possible that the requirement to base industry standards on the type of CAT Reporter or system will ultimately lead to additional costs from more granular clock synchronization standards for some Industry Members in the future. However, any resulting proposed amendments to the Plan regarding clock synchronization standards would be subject to notice and comment.
See Section V.F.1.b, supra.
See Notice, supra note 5, at 30759-64.
(6) Quote Sent Time and OTC Equity Securities
In the Notice, the Commission stated its preliminarily belief that other Plan requirements such as the requirement that Options Market Makers report Quote Sent Time to the exchanges would cost between $36.9 million and $76.8 million over five years; and the requirement to maintain six years of data at the Central Repository would cost approximately $5.59 million. The cost to include OTC Equity Securities in the initial phase of the implementation of the Plan could not be estimated. The Commission preliminarily concluded that these requirements did not represent a significant source of costs.
See FIF, SIFMA, and Security Traders Association, Cost Survey Report on CAT Reporting of Options Quotes by Market Makers (November 5, 2013), available at http://www.catnmsplan.com/industryfeedback/p601771.pdf ; see also CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(iv)(B).
See CAT NMS Plan, supra note 5, at Section 12(m).
See id. at Section 12(q). The Commission does not have the information necessary to precisely estimate the costs that are incurred by including OTC Equity Securities in the initial phase of the implementation of the CAT NMS Plan, because the Plan does not separately present the costs associated with OTC Equity Securities. Because of low trading activity in the OTC equity markets, any significant costs associated with including OTC Equity Securities would be in implementation costs. Further, broker-dealers that implement CAT Data reporting for NMS securities may not incur significant additional costs to implement CAT Data reporting for OTC Equity Securities.
The Commission received a comment regarding the costs incurred by Option Market Makers regarding reporting Quote Sent Times. According to the FIF/SIFMA/STA Cost Survey Report on CAT Reporting of Options Quotes by Market Makers, the estimated 5-year cost to Options Market Makers for adding a timestamp to the quote times was between “$39.9” million and $76.8 million. The commenter further stated that this is “not a trivial cost for providing one data element to the consolidated audit trail.” The Commission did not receive any comments on the requirement to retain an extra year of data in the Central Repository and the inclusion of OTC Equity Securities in the initial implementation phase of CAT. Furthermore, the issues were not addressed in the Participants' response and there were no changes in the Plan that would affect the Commission's conclusions.
FIF Letter at 65.
FIF Letter at 65.
As such, in light of the comments received, the Commission continues to believe that the estimates in the Notice are reliable estimates for the costs for Option Market Makers to send the Quote Sent Time field to exchanges. In response to the comment that the five year costs of adding a timestamp to the quotes is not trivial, the Commission notes that the implied annual costs would be much lower than the five year costs and the Commission agrees that the costs of quote sent time are large. The Commission is no longer referring to quantified costs as significant or less significant contributors to overall costs.
As noted above, in response to comments, the Commission acknowledges that the Allocation Time data field was not included in its cost estimates in the Notice. For similar reasons, the Commission now also believes that the Quote Sent Time is also not included in the cost estimates in the Notice. Therefore, the Commission now adds these costs to the total costs to be incurred by broker-dealers. The Commission recognizes that Participants and the Central Repository will also incur costs to comply with the Quote Sent Time requirements; however the Commission lacks sufficient information to quantify these costs, and therefore, does not add them to the cost estimates above for Participants or the Central Repository.
See Notice, supra note 5, at Section IV.F.1.c(2).
See Section V.F.1.c.(2).B, supra.
The Commission also recognizes that the modifications to the Plan to require the submission of the LEI for Customers, if an Industry Member has or acquires its Customer's LEI, and the LEI for Industry Members, if the Industry Member has one, could be an additional source of costs for broker-dealers. The Commission however does not believe that these costs will be substantial, because the Plan does not require Industry Members or others to obtain or submit an LEI if they do not already have an LEI.
(7) Other Costs
In the Notice, the Commission stated its preliminary belief that there were other categories of costs in addition to the items discussed above, but that these categories were unlikely to represent significant contributions to the overall costs of the Plan. For example, in addition to providing CAT Reporters data on their Error Rates, the Plan stated that the Participants believed that in order to meet Error Rate targets, industry would require certain resources, including a stand-alone testing environment, and time to test their reporting systems and infrastructure. There were also likely to be costs related to the Plan Processor's management of PII, as well as related compliance costs associated with minimizing the costs and risks of a security breach.
The Commission also acknowledges that the costs associated with handling PII could create an incentive for service bureaus not to offer CAT Reporting services. Nonetheless, the Commission does not believe that this incentive would significantly alter the services available to broker-dealers. For further discussion, see Section V.G.1.e, infra. The Commission also notes that, pursuant to the exemptive relief granted by the Commission, the approach to the reporting of Customer information in the CAT NMS Plan could allow for the bifurcation of PII reporting from the reporting of order data. See Exemption Order, supra note 21, at 11858-63.
The Commission received a comment stating that the costs associated with the management of the PII included in the customer information reported could increase the costs of the CAT Plan. Another commenter mentioned that underlying customer data is PII information and moving this sensitive data requires extreme precaution, which could also increase these costs.
Data Boiler Letter at 37.
TR Letter at 8-9; FIF Letter at 9-10, 86.
The Commission considered these comments, as well as modifications to the Plan's security provisions, and is updating its analysis. While the Commission cannot quantify these costs, the Commission believes that costs associated with the management of PII, and related security costs associated with minimizing the costs and risks of a security breach, would increase in light of modifications to the Plan discussed above. Specifically, the Commission believes the costs would increase in light of the requirement that the Plan Processor adhere to the NIST Cyber Security Framework in its entirety, the requirement that the CAT System be AICPA SOC 2 certified and audited by a qualified third-party auditor, the requirement that all CAT Data be encrypted, and the requirement that Customer Identifying Information and Customer Account Information, irrespective of whether it meets a common understanding of the definition of PII, should be considered PII for security purposes. The Commission believes these costs would represent a significant proportion of the total costs of the CAT Plan.
See Section IV.D.6, supra.
As discussed above, the Participants' response provided clarifying information on error correction timelines for customer information and PII, and identified an errant discussion of these error correction timelines in the Plan. The Commission is amending the Plan to incorporate the Participants' clarification. The Commission does not believe the clarification regarding the timeline for communication of errors for customer and account information would warrant any changes to its analysis and conclusions regarding costs.
See Section V.E.1.d., supra.
The Commission is also amending the Plan require that the CAT testing environment will be made available to Industry Members on a voluntary basis no later than six months prior to when Industry Members are required to report and that more coordinated, structured testing of the CAT System will begin no later than three months prior to when Industry Members are required to report data to CAT. These amendments could increase the costs of the Plan as they relate to the provision of a testing environment.
See Section IV.D.8.a, supra.
b. Fees
In the Notice, the Commission discussed a source of costs due to ancillary fees on both broker-dealers reporting to, and regulators accessing, the Central Repository. The Commission preliminarily believed that ancillary fees levied on broker-dealers were unlikely to be levied broadly, because discussion in the Plan associated these fees with late and/or inaccurate reporting. The Plan also discussed ancillary fees possibly levied on regulators associated with the use of Central Repository data. The Commission recognized that costs estimated in Bids for constructing and operating the Central Repository already anticipate use of the CAT Data by regulators, and that additional fees to access the data might give regulators incentives to make less use of the data than anticipated in the Benefits Section. However, any fee schedule proposed by the Participants would be filed with the Commission. Consequently, the Commission preliminarily did not believe that the provisions for ancillary fees would likely significantly impact the costs or benefits of CAT.
See CAT NMS Plan, supra note 5, at Section 11.3(c).
Three commenters supported levying fees on regulators that access CAT Data. One commenter mentioned that any costs imposed in connection with a usage fee for the CAT will be offset by the costs that the SROs will save in retiring systems. In fact, imposing a user fee could create an incentive to eliminate those systems in a timely fashion. While the Participants agreed there are potential benefits to charging a usage fee, they also stated that it is premature to establish such a fee until the Participants gain a better understanding of how the Plan will be used by the regulators and how such usage will impact the operational costs of the Plan.
SIFMA Letter at 18; DAG Letter at 5; STA Letter at 1.
SIFMA Letter at 18.
Response Letter II at 15.
The Commission considered these comments, but does not believe that they would warrant changes to the Commission's preliminary analysis and conclusions regarding the ancillary fees under the Plan. Furthermore there were no modifications to the Plan that would warrant changes to this aspect of the economic analysis. The Commission disagrees with the comment that the usage fees would create an incentive for SROs to retire their systems earlier. In fact, the Commission notes that the usage fees could have the opposite effect—it could encourage the SROs to not use CAT for regulatory activities other than surveillance, which could incentivize them to retain these systems longer. The Commission continues to believe that ancillary costs do not represent a significant proportion of costs of the CAT NMS Plan.
4. Expected Costs of Security Breaches
In the Notice, the Commission recognized that investors and market participants could face significant costs if CAT Data security were breached. The Commission explained its belief that it is difficult to form reliable economic expectations for the costs of security breaches because there are few examples of security breaches analogous to the type that could occur under the CAT NMS Plan. However, the Commission provided a qualitative analysis of the expected costs of security breaches in the Notice by separating the expected costs of security breaches into two components: The risk of a security breach and the cost resulting from a security breach.
See Notice, supra note 5, at 30732-36.
See Notice, supra note 5, at Section IV.F.4a(2) for the risk of a security breach and Section IV.F.4a(1) for the costs resulting from a security breach.
The Commission acknowledged in the Notice that because many of the decisions that define security measures for the Central Repository are coincident with the selection of the Plan Processor, there is a degree of uncertainty with regards to security measures that would be implemented by the Plan Processor. Consequently, there is uncertainty about the significance of the risks, the expected costs of a breach when considering the likelihood of a data breach, and the second-order effects.
See Notice, supra note 5, at 30733.
The Commission noted that, as discussed in the Plan, the Participants collected information from the Bidders regarding security and confidentiality during the RFP process, however, there was considerable diversity in the approaches proposed by the Bidders and the Participants chose to give the Plan Processor flexibility on many implementation details and state the requirements as a set of minimum standards. These requirements include both general security and PII treatment requirements. General security requirements are designed to address physical security, data security during transmissions, transactions, and while at-rest, confidentiality, and a cyber incident response plan. PII requirements include a separate PII-specific workflow, PII-specific authentication and access control, separate storage of PII data, and a full audit trail of PII access. Id.
Id.
a. Costs of a Security Breach
The Commission discussed its belief in the Notice that the form of the direct costs resulting from a security breach will vary across market participants and could be significant. It listed the following four types of costs. First, for broker-dealers, investment advisers, and other similar institutions, a security breach could leak highly-confidential information about trading strategies or positions, which could be deleterious for market participants' trading profits and client relationships. Second, a data breach could also expose proprietary information about the existence of a significant business relationship with either a counterparty or client, which could reduce business profits.
Id. at 30732.
Although the Plan does not require reporting positions, observation of a broker-dealer's recent executions can offer information about their change in position, or, potentially, information about their actual position if the audit trail information breached contains all trading activity since the creation of the position.
Third, a data breach could also potentially reveal PII of customers. Because some of the CAT Data stored in the Central Repository will contain PII such as names, addresses, and social security numbers, a security breach could raise the possibility of identity theft, which currently costs Americans billions of dollars per year. Because PII will be stored in a single, centralized location rather than stored across multiple locations, a breach in the Central Repository could leak all PII, rather than a subset of PII that could be leaked if the information were stored in multiple locations. As such, these costs associated with the risk of a security breach could be substantial in aggregate.
According to survey data, the Bureau of Justice Statistics reported $24.7 billion in identity theft costs in 2012, available at http://www.bjs.gov/content/pub/press/vit12pr.cfm .
Fourth, a breach that reveals the activities of regulators within the Central Repository, such as data on the queries and processes run on query results, could compromise regulatory efforts or lead to speculation that could falsely harm the reputation of market participants and investors.
The Commission received several comments regarding the costs of a security breach, which are summarized in more detail in Section IV.D.6. Some commenters asserted that the potential costs of a breach exceed those described by the Commission in the Notice because a breach could negatively affect not just individual firms and investors but also the broader financial markets. One commenter wrote that a bad actor gaining access to the Central Repository “may pose tremendous threat to the U.S. financial stability.” Another wrote that a breach could be a “threat to market stability or national security” and “would have serious impacts on the global economy.” The same commenter stated that “we believe the CAT Data is on par with, and meets, the standards for classified information as set in Executive Order 13526 on Classified National Security Information. . . . We think that unauthorized disclosure or use of CAT Data could destabilize the U.S. and world financial markets by causing investor panic, mass selling and runs on financial institutions. The potential extent of damage to the U.S. markets and economy would be a matter of national security.” Another commenter cited the Government Accountability Office, stating “the ineffective protection of cyber assets can result in the loss or unauthorized disclosure or alteration of information, [which] could lead to serious consequences and result in substantial harm to individuals and to the federal government.”
Data Boiler Letter at 26.
MFA Letter at 2, 5.
FSR Letter at 5, which references the “High-Risk Series: An Update” a publication issued by the Government Accountability Office, GAO-15-290 at 235 (Feb. 2015).
Commenters also asserted that the potential costs of a breach exceed those described by the Commission in the Notice because the Notice did not discuss costs related to breach management. One commenter stated that “the Proposal fails to address who is responsible for the cost of the breach that occurs at the Central Repository,” and another commenter suggested that “[because] the Plan Processor is responsible for constructing and operating the CAT . . . the Plan Processor should bear responsibility in the event of a data breach.” One commenter wrote that “the cost of complying with the notification requirements under the Privacy Laws may be exorbitant.” Two commenters recommended the purchase of insurance by the Plan Processor or CAT NMS, LLC to cover the costs of a breach. One commenter argued that the Plan Processor must promptly notify a customer of security breaches of his data because “a security breach of a customer's trading data could compromise the customer's investment strategies even if the customer's PII was not compromised.” Another commenter observed that breach notification may take longer if the data breach happens at the site of a Participant, “which could greatly harm registered funds and other victims of the breach.
FSR Letter at 7.
FSI Letter at 4.
FSR Letter at 8.
FSR Letter at 8; SIFMA Letter at 22.
MFA Letter at 9.
ICI Letter at 7.
The Commission acknowledges that the costs of a breach, including breach management, could be quite high, especially during periods of market stress. Furthermore, the Commission understands that a breach could seriously harm not only investors and institutions but also the broader financial markets. The Commission is unable to provide quantitative estimates of those costs because there are few examples of security breaches analogous to the type that could occur under the Plan and because the Plan Processor has some discretion in developing its breach management plan. The Commission notes, however, that the Plan Processor is responsible for CAT Data, and it will develop a breach protocol and cyber incident response plan that will include notification of breach victims such as Customers, insurance coverage and liability, and details about the distribution of costs.
See CAT NMS Plan, supra note 5, at Appendix D, Section 4.1.5.
See Section III.26, supra.
See Section IV.D.6.j, supra.
b. Risk of a Security Breach
The Commission discussed in the Notice its belief that the risks of a security breach may not be significant because certain provisions of Rule 613 and the CAT NMS Plan appear reasonably designed to mitigate these risks. However, the Commission noted that the considerable diversity in the potential security approaches of the Bidders creates some uncertainty about the effectiveness of the eventual security procedures and hence, the risk of a security breach.
See Notice, supra note 5, at 30732-34.
The Commission notes that, at a minimum, the security of the CAT Data must be consistent with Reg SCI. 17 CFR 242.1000 to 1007.
In the Notice, the Commission discussed the provisions of both Rule 613 and the Plan that provide safeguards designed to prevent security breaches. First, governance provisions of the CAT NMS Plan could mitigate the risk of a security breach. Second, the Plan includes specific provisions designed to ensure the security of data in-flight. Third, Section 6.7(g) of the Plan requires that the Participants establish, maintain, and enforce written policies and procedures reasonably designed to (1) ensure the confidentiality of the CAT Data obtained from the Central Repository; and (2) limit the use of CAT Data obtained from the Central Repository solely for surveillance and regulatory purposes. Finally, the Plan includes further provisions designed to provide security for PII.
See Notice, supra note 5, at 30733.
The Commission noted that “Rule 613(e)(4) requires policies and procedures that are designed to ensure the rigorous protection of confidential information collected by the Central Repository, and Rule 613(iv) requires that the Plan contain a discussion of the security and confidentiality of the information reported to the Central Repository. Rule 613 also restricts access to use only for regulatory purposes, and requires certain provisions that are designed to mitigate these security risks such as the appointment of a Chief Compliance Officer and annual audits of Plan Processor operating procedures.” Id.
The Notice, supra note 5, at 30733 lists the following three governance mechanisms: Activities of the Compliance Subcommittee that could reduce the risk that information is released to unauthorized entities; the requirement that the Plan Processor submit a comprehensive security plan to the Operating Committee and update this security plan annually; and the establishment of a Chief Information Security Officer who is responsible for monitoring and addressing data security issues for the Plan Processor.
The Commission noted that “the Plan requires that bulk extract data be encrypted, password protected and sent via secure methods of transmission.” Id.
The Commission noted that regulators authorized to access PII would be required to complete additional authentications, and PII would be masked unless users have permissions to view PII. Id.
Commenters made four types of comments about the Notice's economic analysis of the risk of a security breach. The first type of comment relates to protecting CAT Data that are extracted or downloaded from the Central Repository. Several commenters expressed strong concerns about allowing any entity, including regulators, to extract or download data from the Central Repository because the risk of any data breach would greatly increase as the data are maintained at more sites. One commenter suggested that allowing anyone to download the entire CAT database might threaten U.S. financial stability. Some commenters also objected to excluding the Commission or its Staff from certain security-related parts of the CAT NMS Plan.
SIFMA Letter at 20; Fidelity Letter at 4; FIF Letter at 134; ICI Letter at 7.
Data Boiler Letter at 26.
FIF Letter at 134; NYSE Letter at 2-4 (noting also that “[i]f employees of the Commission with access to the data stored in the Central Repository or other CAT systems are subject to security standards less stringent than those applicable to other authorized users, the data obtained and held by those individuals may be subject to heightened risk of a data breach”); Garrett Letter at 1-2.
The second type of comment relates to tailoring security requirements to the security risk of the particular data element. Several commenters argued that at-rest data and in-use data needs to have some of the same security measures that are required for in-flight data in order to keep risk at an acceptable level. Another commenter wrote that maintaining different security standards for PII data and non-PII data “creates the misimpression that all non-PII data merits less information security protection than PII data” and recommended more accurately matching security requirements to the underlying risk through the imposition of “additional levels of data classification to protect adequately commercially sensitive non-PII data.”
SIFMA Letter at 20; MFA Letter at 8; FSR Letter at 4-8; Data Boiler Letter at 8.
ICI Letter at 6.
The third type of comment relates to the overall risks of the system due to the unique nature of the database. Several commenters suggested that the Commission impose additional security requirements beyond what appears in the Notice because the scale and scope of the Central Repository will make it a particularly attractive target for well-funded hackers, individuals, and nation-states with objectives ranging from theft to insider trading to market disruption. Additionally, a number of commenters recommended that the Plan include additional detail concerning the security of CAT Data.
ICI Letter at 3; Fidelity Letter at 3; FSI Letter at 4; SIFMA Letter at 19; MFA Letter at 5.
SIFMA Letter at 20; ICI Letter at 4; FSR Letter at 6; TR Letter at 8; FIF Letter at 131-132; Fidelity Letter at 4. The Commission responds to these comments in detail in Section IV.D.6.a, supra.
The fourth type of comment relates to data governance. One commenter stated that the proposal for the CCO and CISO to be officers of the Company as well as employees of the Plan Processor creates a conflict of interest that would undermine the ability of these officers to carry out their responsibilities effectively under the Plan because they would owe a fiduciary duty to the Plan Processor rather than the CAT LLC. The same commenter noted that the Notice did not specify the entity liable in the event of a data breach. The commenter suggested that because the Plan Processor is responsible for constructing and operating the CAT, with the oversight of the Operating Committee, and will be solely in control of the system's information security, the Plan Processor should bear responsibility in the event of a data breach.
FSI Letter at 3. As discussed above in Section IV.D.6, the CCO and CISO each have responsibilities related the security of CAT Data.
FSI Letter at 4-5.
FSI Letter at 4-5.
The Participants have responded to these comments. In response to the commenters that expressed concern about allowing any entity to extract or download CAT Data, the Participants noted that Rule 613 requires regulators to develop and implement a surveillance system, or enhance existing surveillance systems to make use of CAT Data. The Participants stated that “eliminating or limiting bulk data extracts of the CAT Data may significantly and adversely impact the Participants' ability to effectively surveil their markets using CAT Data.” The Participants further noted that the Plan also requires that Participants have appropriate policies and procedures in place to protect all of the CAT Data they extract or download. In response to the comments about excluding the Commission or its Staff from certain security requirements of the Plan, the Participants stated that they agreed that the Plan's security program must take into consideration all users with access to CAT Data, including the SEC, and they recommended removing the exclusions.
Response Letter I at 56.
Response Letter III at 10.
Response Letter III at 11.
Response Letter I at 60-61.
In response to the commenter that suggested adding additional levels of data classification, the Participants determined that “it is [not] necessary to expand the categories of other CAT Data.” In response to commenters that requested more detail regarding the security controls for CAT Data, the Participants noted that in the Adopting Release for Rule 613, the Commission stated that “an outline or overview description of the policies and procedures that would be implemented under the NMS plan submitted to the Commission for its consideration would be sufficient to satisfy the requirement of the Rule.” In their response, the Participants also provided additional information about security procedures, including a high level description of the security requirements for the CAT System and additional details concerning certain security controls and protocols required of the Plan Processor. The Participants also stated that they believe that “publicly releasing too many details about the data security and information policies and procedures of the CAT System presents its own security concerns and is not advisable.” In response to comments about governance, the Participants agreed that the Plan should explicitly state that the CCO and CISO of the LLC should have fiduciary duties to the LLC in the same manner and extent as an officer of a Delaware corporation and recommended the Plan be amended accordingly. Additionally, the Participants stated that they are “in the process of negotiating an agreement with potential Plan Processors. This agreement will cover liability, insurance, and indemnification.”
Response Letter I at 57.
Response Letter I at 53-54.
Response Letter III at 7-8.
Response Letter I at 53-54 .
Response Letter I at 17-19.
Response Letter I at 59.
The Commission has considered the comment letters and the Participants' response letters. In response to the commenters that expressed concern about allowing any entity to extract or download CAT Data, the Commission notes that it believes that regulators need access to CAT Data outside the Central Repository to perform their duties effectively. As discussed above in Section IV.D.6.d, Participants that choose to extract or download CAT Data must have policies and procedures regarding CAT Data security that are equivalent to those of the Plan Processor for the Central Repository. And as discussed in Section IV.D.6.o, the rules and policies applicable to the Commission and its Staff will be different yet substantively as rigorous as those applicable to the Participants and their personnel. The Commission therefore believes that, due to these precautions, the regulatory use of CAT Data outside the Central Repository should not increase the security risks to the CAT system.
In response to the commenters that expressed concern about the security requirements for particular data elements, the Commission notes that it believes that the best use of limited resources is to tailor security requirements to the security risk of the particular data element. No commenter quantified the relative risk of a breach that comes from in-flight data versus at-rest data or in-use data, and the Commission continues to believe that the largest risk of a breach comes from in-flight data. Thus, the adopted Plan will maintain higher security standards for in-flight data than for at-rest data or in-use data. The Commission also continues to believe that PII data warrants more security considerations than non-PII data, but it disagrees with the one commenter that recommended multiple levels of security for non-PII data. In this case, the Commission does not believe that the benefits justify the costs of creating additional levels of data classification within non-PII data.
ICI Letter at 6.
In response to the commenters that expressed concern about the risks of aggregating confidential data from disparate sources into one location, the Commission notes that it agrees that the CAT Data will be a particularly attractive target for bad actors. However, the Commission believes that the extensive, robust security requirements in the adopted Plan, as outlined in Section IV.D.6, provide appropriate, adequate protection for the CAT Data.
In response to the comments regarding the lack of security details in the Plan, the Commission continues to believe that, as discussed in the Notice, there is a degree of uncertainty with respect to the security measures that would be implemented by the Plan Processor, and consequently, uncertainty about the risk of a data breach. As discussed in more detail above, the Commission notes that the Participants have provided some additional information regarding security procedures. Additionally, as discussed above, the Commission is amending the Plan to require that the Participants conduct background checks for the employees and contractors of the Participants that will use the CAT System, and to require that the Participants provide the Commission with an evaluation of the information security program to ensure that the program is consistent with the highest industry standards for the protection of data. The Commission believes that this additional information mitigates some of the uncertainty, but continues to believe that there is significant uncertainty with respect to the risk of a breach. However, the Commission also recognizes that publicly releasing too many details about security requirements could create additional risk, and as discussed in Section IV.D.6, believes a reasonable level of detail has been provided.
See Notice, supra note 5, at 30733.
See Section IV.D.6.a, supra.
See Section IV.D.6.c, supra.
See Section IV.H, supra.
See CAT NMS Plan, supra note 5, at Appendix C, Section A.1(b) (discussing the manner in which the Central Repository will receive, extract, transform, load, and retain data); Section 6.10(c) (discussing the CAT user help desk).
In response to comments about governance, the Commission notes that it has modified the Plan to address the concern regarding potential conflicts of interest on the part of the CCO and CISO. Specifically, as discussed in more detail above in Section IV.B.3, the CCO and CISO will have fiduciary duties to the CAT LLC in the same manner and extent as an officer of a Delaware corporation, and to the extent those duties conflict with duties the CCO and CISO have to the Plan Processor, the duties to the CAT LLC will control. As discussed above in Section IV.D.6, the CCO and CISO each have responsibilities related the security of CAT Data, and the potential for a conflict of interest could create uncertainty as to whether these responsibilities will be carried out in a way that will minimize the risk of a security breach. The Commission believes that the modifications to the Plan should reduce this uncertainty.
Response Letter I at 17-19.
In response to the commenter who noted that the Notice did not specify the entity liable in the event of a data breach, the Commission notes that the Plan requires the Plan Processor's cyber incident response plan to address insurance issues related to security breaches, and that as part of the discussions on insurance coverage and liability, further detail about the distribution of costs will be undertaken, including details about who might bear the cost of a breach and under what specific circumstances. The Commission believes that these provisions in the Plan should provide incentives for the Plan Processor to manage security risks. However, because the cyber incident response plan will not be developed until after the Plan Processor has been selected, the Commission does not know whether or under what circumstances the Plan Processor will bear the cost of a breach. While the Commission recognizes that this creates some uncertainty with respect to the incentives on the Plan Processor to minimize the risk of a security breach, the Commission is approving the Plan without further modification for the reasons discussed in Section IV.D.6.j, above.
5. Second Order Effects
In the Notice, the Commission recognized that a number of second-order effects could result from the approval of the Plan. These included market-participant actions designed to avoid direct costs of a security breach; changes to CAT Reporter behavior due to increased surveillance; changes in CAT Reporter behavior to switch from one funding tier to another to qualify for lower fees; and changes in broker-dealer routing practices related to fee differentials across execution venues.
See Notice, supra note 5, at 30733-34.
a. Security-Related Second Order Effects
In the Notice, the Commission recognized that the desire to avoid direct costs of a security breach could motivate actions that would cause second order effects. The Commission illustrated this in the Notice by considering two specific examples of actions that Participants might take. First, if service bureaus perceive the costs and risks of a security breach to be great enough because of the addition of PII in the data, which is not included in current data, some could decide not to provide CAT Data reporting services. Second, investors or other market participants could move their activity off-shore or cease market participation altogether to avoid having sensitive information stored in the Central Repository. The Commission stated that it did not believe that the effect of the Plan on the risk or costs of a data breach would be great enough to result in significant second order effects.
Id.
The Commission noted that this could increase the potential for a short term strain on capacity and exacerbate the costs. Id. at 30733.
The Commission noted that consequences of changes in investor behavior in response to the threat of a breach include: Investors holding suboptimal portfolios; lost profits to the securities industry; and higher costs of raising capital for U.S.-based securities issuers, if the public's willingness to participate in capital markets is sufficiently reduced. Id. at 30734.
Id.
The Commission received two comments on this issue. Both comments suggested that industry members would have to purchase insurance or cease domestic operations if the Plan Processor was not required to purchase an insurance policy that covers potential security breaches and extends to industry members to reimburse them for costs related to the breach. Comments on another potential second order effect related to capital formation are addressed in more detail below in Section V.G.3.b.
FSR Letter at 2; SIFMA Letter at 22.
An analysis related to Capital Formation can be found in Section V.G.3., infra.
In their response to comments, the Participants indicated that they are working on an agreement between themselves and the potential Plan Processors to cover liability, insurance, and indemnification, which would also make it less likely that industry members would move off-shore or cease operations.
Response Letter I at 59.
The Commission recognizes that the purchase of insurance to cover these costs is a potential second order effect. As such, the Commission is revising its economic analysis to acknowledge this additional second order effect, but otherwise continues to believe that the security-related second order effects will be as anticipated in the Notice.
b. Changes to CAT Reporter Behavior
In the Notice, the Commission also acknowledged that increased surveillance could impose some costs by altering the behavior of market participants. The Commission stated that benefits could accrue to the extent that improved surveillance, investigation, and enforcement capabilities allow for regulators to better identify and address violative behavior when it occurs, and to the extent that common knowledge of improved capabilities deters violative behavior. In particular, the Commission acknowledged that some market participants could reduce economically beneficial behavior if those market participants believe that, because of enhanced surveillance, their activities would increase the level of regulatory scrutiny that they bear. Furthermore, the Commission stated that costs could accrue to the extent that some forms of market activity, which are permissible and economically beneficial to the market and investors, could come under greater scrutiny, which could create a disincentive to engage in that activity. For example, regulators could increase the number of inspections, examinations and enforcement proceedings that they initiate. To the extent that these activities result in a reduction in violative behavior, the market benefits by avoiding the costs of this behavior. To the extent, however, the additional regulatory activity increases the number of inspections, examinations and enforcement on permissible activities, market participants would incur the increased costs of facilitating these regulatory inquiries.
See Notice, supra note 5, at 30734.
Although the Commission did not receive any comments on the second order effects it discussed in the Notice, it did receive two comments on a second order effect related to the granularity of timestamps. As discussed in the Notice, the Plan requires CAT reporters to report sub-millisecond timestamps when the CAT reporter uses such timestamps internally. Two commenters noted that this requirement may discourage CAT reporters from using sub-millisecond timestamps internally, since this would require finer timestamp resolution in CAT reporting. The Commission also received a comment on a second-order effect that could result from the tiered fee structure of broker-dealers based on message traffic. The commenter suggested that the structure of the funding model might cause second-order effects related to the differential message traffic of different activities, and these effects may vary across securities based on their liquidity.
Id. at 30764-65.
FIF Letter at 12; SIFMA Letter at 35.
SIFMA Letter at 16-17.
In response to comments on the granularity of timestamps, the Participants state that the quality of CAT Data would improve if the Plan required such timestamps to be reported by CAT reporters that use such timestamps internally. Furthermore, in response to the comment that the imposition of a fee on message traffic would discourage liquidity provision, the Participants note that they actively considered the market quality concerns in devising the proposed funding model, and one of the reasons for proposing a tiered, fixed fee funding model was to limit the disincentives to providing liquidity to the market. In particular, the Participants believed that a funding model based on message volume was far more likely to affect market behavior.
Response Letter I at 28-29.
Response Letter II at 16.
With regards to comments on sub-millisecond timestamps, the Commission acknowledges that this requirement may prove to be a disincentive for market participants to use sub-millisecond timestamps internally; however, the Commission believes that for many market participants, capturing timestamps at a finer resolution supports analysis of the firm's data for business purposes that provide benefits such as improvement to trading strategies and measurement of execution costs, and the benefits of these business purposes may exceed the costs of reporting regulatory data with finer timestamps. However, the Commission acknowledges that for firms that do not perform such analyses, this requirement may prove to be a disincentive to adopting technologies that capture finer resolution timestamps.
The Commission agrees with the comment about second order effects related to the tiering of broker-dealer fees based on message traffic and is adding this second-order effect to its analysis. The funding model anticipates Central Repository costs being spread across broker-dealers according to activity tiers based on message traffic. This may cause broker-dealers to alter their behavior to avoid being assigned to a higher fee tier. For example, trading strategies that involve providing liquidity might be expected to generate more message traffic than strategies that take liquidity because providing liquidity generally requires posting many quotes on many venues. Furthermore, while a broker-dealer is seeking to provide liquidity, market prices may change causing the broker-dealer to have to update its quotes on many venues multiple times as it seeks to trade. Consequently, the funding model may create an incentive to take rather than provide liquidity, which could reduce levels of market liquidity. Furthermore, these effects may vary across securities based on the liquidity of the security. As the commenter noted, “the quote-to-trade ratio for exchange-traded-products (“ETPs”) can be ten times greater than that for corporate stocks. This implies that market makers in ETPs may generate ten times the amount of message traffic per executed trade than market makers in corporate stock.” Consequently, the Commission also agrees that the tiered funding model for broker-dealers may create disincentives to provide liquidity in less liquid securities, possibly resulting in less liquid markets for securities that are already considered illiquid. As discussed below, the Commission recognizes the potential differential effect on those broker-dealers that engage in market making in liquid stocks versus illiquid stocks and on those broker-dealers that engage in liquidity taking strategies versus those that engage in other strategies. Nonetheless, as explained above in Section IV.D.13.b, the Commission believes that the timestamp requirements contained in the CAT NMS Plan, including the requirement that a CAT Reporter report timestamps in increments finer than milliseconds if they do so in other systems, are reasonable and will improve regulators' ability to sequence events.
SIFMA Letter at 17.
c. Tiered Funding Model
In the Notice, the Commission stated its preliminary belief that establishing a small number of discrete fee tiers, as occurs under the Plan, could create incentives for CAT Reporters to alter their behavior to switch from one tier to another, thereby qualifying for lower fees. Specifically, the Plan states that CAT Reporters would be classified into a number of groups based on reporter type and market share of share volume or message traffic and assessed a fixed fee that is determined by this classification. The higher-activity groups would be assessed higher fees such that market participants who fall into the lower tiers have a fee advantage over the market participants that fall into the higher tiers. The Commission noted, however, that because this incentive is contingent on being near a fee-tier cutoff point, relatively few market participants will likely be affected and thus market quality effects will likely not be significant. Furthermore, for those market participants near a cutoff point, managing activity to avoid a higher fee tier would necessarily incur costs of lost business and potential loss of market share, and would possibly be difficult to implement, which should mitigate any effects on market quality.
See Notice, supra note 5, at 30734-35.
The Commission also recognized that the tiering of fees could create calendar effects within markets. That is, the structure ultimately approved by the Operating Committee could affect market participant behavior near the end of a measuring period. For example, high levels of market activity during a measuring period might cause CAT Reporters to limit their activity near the end of a measurement period to avoid entering a higher fee tier. The Commission noted that the Operating Committee has discretion under the Plan governance structure to make the tier adjustments discussed in Section 11.1.d for individual CAT Reporters. This provision might mitigate incentives for individual market participants to alter market activities to reduce their expected CAT fees.
The Commission did not receive any comments related to its economic analysis regarding the market quality effects, calendar effects, or other effects due to the tiered structure of the funding model. While the Commission is making certain modifications to the funding model, as described in Section IV.F above, the funding model will continue to utilize a tiered structure. Consequently, the Commission continues to believe that the tiered fee structure could create incentives for CAT Reporters to alter their behavior, but that market quality effects would likely not be significant. Nonetheless, the Commission expects that the required report by the Participants to study the impact of tiered-fees on market liquidity should provide insights into whether the fee model affects liquidity provision and ultimately market quality. This will assist the Commission's oversight of the Plan and assist the Operating Committee in understanding whether it needs to make adjustments to the Funding Model. Furthermore, for those market participants near a cutoff point, managing activity to avoid a higher fee tier would necessarily incur costs of lost business and potential loss of market share, and would possibly be difficult to implement, which should mitigate any effects on market quality.
The Commission is also updating its analysis based on the amendment to the Plan to clarify that the Operating Committee may only change the tier to which a Person is assigned in accordance with a fee schedule filed with the Commission. Consequently, the Commission no longer believes that this provision would mitigate incentives for individual market participants to alter market activities to reduce their expected CAT fees. The Commission continues to recognize that CAT Reporters may have incentives to alter their behavior to switch from one tier to another.
See CAT NMS Plan, supra note 5, at Section 11.1(d).
d. Differential CAT Fees Across Market Participants
In the Notice, the Commission discussed the funding model proposed in the Plan, which is a bifurcated funding model in which costs are first allocated between the group of all broker-dealers and the group of all Execution Venues, then within these groups by market activity level. The Commission discussed its preliminary belief that the bifurcated funding model proposed in the Plan almost certainly would result in differential CAT costs between Execution Venues because it will assess fees differently on exchanges and ATSs. First, message traffic to and from an ATS would generate fee obligations on the broker-dealer that sponsors the ATS, while exchanges would incur almost no message traffic fees. Second, broker-dealers that internalize off-exchange order flow, generating off-exchange transactions outside of ATSs, would face a differential funding model compared to ATSs and exchanges. Specifically, broker-dealers internalizing orders would only pay fees based on message traffic, whereas orders routed to ATSs and exchanges would lead to broker-dealer fees based on message traffic and ATS or exchange fees based on market share. If these fees are even partially passed on to customers, then the cost differentials that result might create incentives for broker-dealers to route order flow to those broker-dealers who internalize in order to minimize costs, creating a potential conflict of interest with broker-dealers' investor customers.
See Notice, supra note 5, at 30735-36.
See CAT NMS Plan, supra note 5, at Section 11.3.
Id.
In addition, the Commission discussed its preliminary belief that the funding model shifts broker-dealer costs associated with the Central Repository to all broker-dealers and away from Options Market Makers. The Plan provides that broker-dealers would not report their options quotations, while equity market makers would report their equity quotations to the Central Repository. This differential treatment of market making quotes would affect funding costs by (a) decreasing the number of messages that must be reported and stored by Options Market Makers, and (b) charging broker-dealers that do not quote listed options a higher share of broker-dealer-assessed CAT fees than they would if Options Market Makers' quotes were included in the allocation of fees.
Although this differential treatment would marginally increase the cost of providing other broker-dealer services relative to options market making, the Commission discussed its belief that this would not materially affect a market participant's willingness to provide broker-dealer services other than options market making because (a) many market participants participate in both equities and options markets, and (b) broker-dealers participating in equity markets have significant infrastructure in place for serving that market and switching costs to participate in options market making are high.
In the Notice, the Commission also discussed the allocation of costs between the Execution Venues and the other Industry Members (i.e., broker-dealers) and solicited comment on alternative funding models. Specifically, the Commission noted that the CAT NMS Plan does not detail the proportions of fees to be borne by Execution Venues versus Industry Members. The Notice also pointed out that Execution Venues would be tiered by market share to determine their fees while Industry Members would be tiered by message traffic. In its analysis, the Commission noted that assessing CAT costs on market participants by message traffic may have the benefit of aligning market participants' incentives with the Participants' stated goal of minimizing costs. The Commission also explained that while a broker-dealer's choice of business model is likely to determine its level of message activity, the majority of an exchange's message traffic is passive receipt of quote updates. Further, because quotes must be updated on all exchanges when prices change, exchanges with low market share are likely to have more message traffic (incurring CAT fees) per executed transaction (generating revenue). The Commission further explained that bifurcated fee approaches, such as the one in the Plan, may cause one Execution Venue to be relatively cheaper if Execution Venues pass costs on to members and subscribers and may exacerbate conflicts of interest for broker-dealers routing customer orders.
See Notice, supra note 5, at 30766-69.
Using MIDAS data, Commission Staff analyzed the number of equity exchange proprietary feed messages and trades during the week of October 12, 2015 and provided the results in the Notice. The message per trade ratio varied across exchanges from 38.46 to 987.17, with a median of 57.21.
The Commission's data analysis as reported in the Notice confirmed this for the smallest exchanges. Except for the smallest exchanges, the trade-to-message ratios range from about 0.016 trades for every quote update to about 0.026 trades for every quote update and appear constant across market share levels. However, the smallest exchanges by market share have only about 0.001 trades for every quote update to about 0.009 trades for every quote update.
The Commission received comments that inform its analysis of differential fees across market participants, particularly focusing on the allocation to Participants versus broker-dealers. One commenter questioned why Participants were tiered by market share while broker-dealers were treated differently (by message traffic), and noted this could place a larger burden on market makers of liquid securities. The commenter explicitly stated that it is not suggesting that market-share tiers are wrong, but believes there should be a reason why Participant tiers are based on one metric (market share) while broker-dealer tiers are based on another metric (message traffic). The Commission received several comments on issues related to cost differentials between Participants and broker-dealers that were not discussed in the Notice. One commenter noted that the profits from the fees would only be distributed among the Participants and suggested these should be at least partially returned to broker-dealers. Another commenter was concerned that SROs would use CAT profits to fund other SRO operations. There were comments regarding the lack of transparency over fee calculations and metrics used to determine tiers, as well as the determination of the allocation split between broker-dealers and Participants—all of which increases uncertainty in cost estimates. Finally, there were a number of comments that described the potential for a conflict of interest in the allocation of fees, and discussing the relative burden of funding on broker-dealers to SROs, estimating that at least 88% of costs will be borne by broker-dealers.
SIFMA Letter at 16-17.
KCG Letter at 5.
DAG Letter at 5.
SIFMA Letter at 16; FSI Letter at 6.
KCG Letter; SIFMA Letter; Fidelity Letter; FSR Letter; DAG Letter; Data Boiler Letter; Wachtel Letter; FSI Letter; STA Letter.
There were no comments related to the economic analysis regarding a double charging of ATSs. In addition, there were no comments regarding the economic analysis related to differences in costs between option market makers and equity market makers.
See Section VI.G.1.a.(1)A., supra.
While FIF recommends exempting equity market makers, they did not provide information that suggests revising the Commission's OMM vs equity market maker analysis. See FIF Letter at 65-66. Specifically, the letter says that equity market makers would get the same benefits as OMMs for the quotes that are not paired with orders.
The Participants' response contains information that is relevant to the economic analysis with regards to transparency in funding and the allocation of costs. Specifically, the Participants commented that the Plan provides the Advisory Committee with the right to receive information concerning the operation of the CAT, and that the Participants plan to provide the Advisory Committee with minutes of Operating Committee meetings. The response addressed the concerns over transparency in decision making; however, the concerns regarding uncertainty in the metrics used to determine tiers and the final cost allocation split will not be resolved until the Plan Processor is chosen.
See CAT NMS Plan, supra note 5, at Section 4.13(d)-(e).
Response Letter I at 17.
The Participants' supplemental response also contained information that is relevant to the economic analysis with respect to second order effects of the funding model. With regards to determining fees via message traffic for broker-dealers and market share for Participants, the Participants noted that message traffic is a key component of CAT operating costs, and that message traffic is strongly correlated with broker-dealer size. However, there is little correlation between message traffic and Execution Venue size, so charging large and small Execution Venues with similar message traffic would be inequitable. The Plan treats ATSs in the same manner as exchanges because their business models and anticipated burden on CAT are similar.
Response Letter II at 11, 13.
On this topic, the Participants proposed one modification to the plan. The Participants proposed to amend the manner in which market share will be calculated for a national securities association that has trades reported by its members to its trade reporting facility or facilities for reporting transactions effected otherwise than on an exchange in NMS Stock or OTC Equity Securities. For such an association, its market share for purposes of the funding model would not include the share volume reported to the national securities association by an ATS, as such share volume will be included in the market share calculation for that ATS.
Response Letter II at 12.
The Participants also responded that they expect to operate the CAT on a break-even basis—that is, the fees imposed and collected would be intended to cover CAT costs and an appropriate reserve for CAT costs, and any surpluses would be treated as an operational reserve to offset fees in future payment. In addition, the Participants subsequently stated that the CAT LLC will seek to qualify for tax exempt status as a “business league.”
Participants' Letter at 1; Section IV.B.4, supra.
With regards to fee transparency, the Participants noted that the details regarding the tiers are important considerations and are actively developing the tiers. Once the Plan Processor is selected, the Operating Committee will work with the Processor to finalize the tiers, and broker-dealers and other participants will have the opportunity to comment on the proposal as part of the approval process for an immediately effective rule filing.
Response Letter II at 14. See supra note 1709.
With regards to the allocation of costs between Participants and broker-dealers and the potential for a conflict of interest in determining this allocation, the Participants noted that the proposed funding model is designed to recover costs associated with creating, implementing, and operating CAT as opposed to addressing costs of compliance, which might be incurred regardless of the funding model. In addition, there are over 100 times more broker-dealers expected to report to CAT than Participants. Therefore, the 88% aggregate cost figure quoted in the comments is less than what broker-dealers would be expected to pay in aggregate on a per-CAT reporter basis. With regard to the potential conflict of interest, the Participants noted that broker-dealers and the public will have the opportunity to comment on fees, the SEC will be required to evaluate the fees for consistency with the Exchange Act, the funding proposal expects that CAT will operate on a break-even basis, and Participants are prohibited from using regulatory fees for commercial purposes.
Response Letter II at 10-11.
Response Letter II at 17.
The Commission is revising its economic analysis in light of comments, the Participants' response, and Plan modifications. First, the Commission recognizes the validity of the comment that the funding tiers would place a larger burden on market makers of liquid securities relative to illiquid securities and place a lower burden on liquidity takers relative to those who provide liquidity. This could increase the incentive to broker-dealers to transact in more illiquid securities and reduce the incentive to provide liquidity. In response to the comment seeking the rationale behind the bifurcation in the funding model, the Commission notes that the Notice provided a rationale that the Commission continues to believe makes economic sense. Specifically, as summarized above, the Commission continues to believe that because message traffic is passive for exchanges and a business decision for Broker-Dealers, the bifurcated funding model will help align the incentives of market participants with the Participants' stated goal of minimizing costs. More broadly, the Commission continues to believe that because the CAT NMS Plan does not detail the proportions of fees to be borne by Execution Venues versus Industry Members, its economic analysis contains uncertainty regarding the differential fees to be borne by Execution Venues versus Industry Members.
With regards to the distribution of profits among SROs, the Commission is revising its economic analysis to incorporate the clarification in the Plan to the effect that profits from fees will go toward funding future costs instead of being redistributed among the SROs except in the two instances described above, as well as the modification to the Plan that reflects that the CAT LLC will seek to qualify for tax exempt status as a “business league.” Broadly speaking, the Commission had been concerned about the competitive effects of distributing profits equally among SROs because, in profitable years, an equal distribution of profits would advantage smaller exchanges (larger exchanges in the case of losses). However, with the clarification and modification to the Plan, the Commission believes there will be little or no competitive effects resulting from distributions among SROs. The Commission also believes that this clarification and modification address commenter concerns about the distribution of CAT profits.
Participants' Letter at 1.
The Commission is updating its analysis of the differential fees on exchanges and ATSs to incorporate Plan modifications that would change the way national securities associations are treated in the Funding Model. The modified Plan would no longer double-count ATS volume as share volume for the purposes of placing both ATSs and FINRA in tiers in the Funding Model. However, because of the uncertainty in the ultimate Funding Model, the Commission recognizes that this modification may not impact the fees paid by either ATSs or FINRA and may not alleviate any fee differentials between ATSs and exchanges. As described earlier in this Section, these fee differentials may arise because message traffic to and from an ATS would generate fee obligations on the broker-dealer that sponsors the ATS, while exchanges incur almost no message traffic fees.
See CAT NMS Plan, supra note 5 at Section 11.3.(b): (“For the avoidance of doubt, the fixed fees payable by Industry Members pursuant to this paragraph shall, in addition to any other applicable message traffic, include message traffic generated by: (i) An ATS that does not execute orders that is sponsored by such Industry Member; and (ii) routing orders to and from any ATS sponsored by such Industry Member.”) The Commission notes that exchange broker-dealers would be subject to message traffic fees as Industry Members under the Plan. However, the Commission notes that based on its analysis of OATS data from September 15-19, 2014, these broker-dealers are minor contributors to overall message traffic, accounting for less than 0.03% of OATS ROEs.
In addition, the Commission notes that other over-the-counter volume, such as occurs when orders are executed off-exchange against a broker-dealer's inventory, will still be assessed share volume fees while the message traffic that resulted in the executions will also be subject to fees through the broker-dealers that had order events related to the transactions. This contrasts to executions that occur on exchanges, where the venue that facilitates the execution does not pay fees for message traffic that led to the execution. This difference in treatment could still result in costs that are passed on to investors because broker-dealers have the incentive to route orders in a way that results in less order flow to those who pay higher CAT fees.
The Commission is not changing the economic analysis with respect to the allocation of costs between SROs and Broker-Dealers. As discussed in detail previously, in response to the comments that suggested that Plan allocates 88% of the costs to broker-dealers, the Commission believes that the 88% figure cited is in reference to compliance costs, which are not “allocated” by the Plan. Fees to pay for the maintenance and operation of the Central Repository will be allocated via the funding model, and the current allocation of fees between broker-dealers and exchanges has not been determined.
See Section IV.E, infra.
The Commission is updating the Economic Analysis to reflect some improvements in financial transparency as a result of amendments to the Plan. Specifically, the Commission's amendment to the Plan to require that CAT LLC financial statements be prepared in accordance with GAAP and audited by an independent public accounting firm may substitute to a certain extent for the added financial transparency sought by commenters. Additionally, as per the Participants' response, all meeting minutes will be made available, and in addition, the Funding Model will be filed with the Commission and subject to public comment. However, the Commission continues to recognize uncertainty in the ultimate allocation of fees.
See CAT NMS Plan, supra note 5, at Section 9.2; see also Section IV.B.4; Participants' Letter II.
See supra note 1709 for further details on fee proposals.
G. Efficiency, Competition, and Capital Formation
In determining whether to approve the CAT NMS Plan, and whether the Plan is in the public interest, Rule 613 requires the Commission to consider the impact of the Plan on efficiency, competition and capital formation.
17 CFR 242.613(a)(5); see also 15 U.S.C. 78c(f).
In the Notice, the Commission's analysis supported the preliminary belief that the Plan generally promotes competition. However, the Commission recognized that the Plan could increase barriers to entry because of the costs to comply with the Plan. Further, the Commission's analysis in the Notice identified several limitations to competition, but stated that the Plan contains provisions to address some limitations and Commission oversight can also address the limitations.
See Notice, supra note 5, at 30738.
Id. at 30738-46.
The Commission's analysis in the Notice also supported the preliminary belief that the Plan would improve the efficiency of regulatory activities and enhance market efficiency by deterring violative activity that harms market efficiency. Further, the analysis in the Notice supported the Commission's preliminary belief that the Plan would have modest positive effects on capital formation and that the threat of a security breach at the Central Repository would be unlikely to significantly harm capital formation.
Id. at 30748-50.
At the same time, however, the Notice stated that the significant uncertainties discussed elsewhere in its economic analysis also affect the Commission's analysis of efficiency, competition, and capital formation. Additionally, the Commission recognized that the Plan's likely effects on competition, efficiency and capital formation were dependent to some extent on the performance and decisions of the Plan Processor and the Operating Committee in implementing the Plan, and thus there was necessarily some further uncertainty in the Commission's analysis. Nonetheless, the Notice stated that the Commission preliminarily believed that the Plan contained certain governance provisions, as well as provisions relating to the selection and removal of the Plan Processor, that mitigate this concern regarding uncertainty by promoting decision-making that could, on balance, have positive effects on competition, efficiency, and capital formation.
Id. at 30738. As examples, the Commission recognized that the uncertainties around the improvements to data qualities could affect the conclusions on efficiency and the uncertainty regarding how the Operations Committee allocated the fees used to fund the Central Repository could affect the conclusions on competition.
Overall, after considering comments, the Participants' response, and modifications to the Plan, the Commission is updating and revising its economic analysis of competition, efficiency, and capital formation. However, the revisions in the analysis do not impact the Commission's broad conclusions. The Commission continues to believe that the Plan generally will promote competition, improve the efficiency of regulatory activities, promote market efficiency, and have modest positive effects on capital formation. Further, the Commission continues to recognize the significant uncertainty and that certain provisions of the Plan could promote efficient decisions and implementation and could provide competitive incentives to the Plan Processor to promote good performance.
1. Competition
a. Market for Trading Services
In the Notice, the Commission analyzed the CAT NMS Plan's likely economic effects on competition in the market for trading services, as compared to the Baseline of the competitive environment without the Plan. The Commission stated that it preliminarily believed that the Plan would not place a significant burden on competition for trading services. The Commission also examined the effect of the funding model on competition in the market for trading services, including off-exchange liquidity suppliers and ATSs. In addition, the Commission considered the effect of implementation and ongoing costs of the Plan, whether particular elements of the Plan could hinder competition, and the effect of enhanced surveillance on competition in the market for trading services. The Commission recognized the risk that the Plan would have negative effects on competition and increase the barriers to entry in this market, but discussed how the Plan provisions and Commission oversight could mitigate these risks.
Id. at 30739-42.
The Commission discussed how the market for trading services—which is served by exchanges, ATSs, and liquidity providers (internalizers and others)—relies on competition to supply investors with execution services at efficient prices. These trading venues, which compete to match traders with counterparties, provide a framework for price negotiation and disseminating trading information. The Commission observed that, since the adoption of Regulation NMS in 2005, there has been a shift in the market share of trading volume among trading venues. From 2005 to 2013, there was an increase in the market share of newer national securities exchanges and a decline in market share on NYSE. In addition, the proportion of NMS Stocks trading off-exchange (which includes both internalization and ATS trading) increased.
The Commission noted that the Plan examines the effect of the CAT NMS Plan on the market for trading services primarily from the perspective of the exchanges. The Plan asserts that distribution of regulatory costs incurred by the Plan would be distributed according to “the Plan's funding principles,” calibrated to avoid placing “undue burden on exchanges relative to their core characteristics,” and would thus not cause any exchange to be at a relative “competitive disadvantage in a way that would materially impact the respective Execution Venue marketplaces.” Likewise, the Plan asserts that its method of cost allocation would avoid discouraging entry into the Participant community because a potential entrant, like an ATS, would “be assessed exactly the same amount [of allocated CAT-related fees] for a given level of activity” both before and after becoming an exchange.
See CAT NMS Plan, supra note 5, at Appendix C, Section B.8(a)(i); see also id. at Section 11.2 (for a discussion of the Plan's funding principles).
See CAT NMS Plan, supra note 5, at Appendix C, Section B.8(a)(i).
In addition, in its final analysis described below, the Commission examines each of the issues in relation to competition in the market for trading services and revises its economic analysis in response to comments, the Participants' response, and modifications to the Plan.
(1) Funding
The Commission noted that the Operating Committee will fund the Central Repository by allocating its costs across exchanges, FINRA, ATSs (“Execution Venues”) and broker-dealers (“Industry Members”), and will decide which proportion of costs would be funded by exchanges, FINRA, and ATSs and which portion would be funded by broker-dealers. The Commission observed that the Plan does not specify how the Operating Committee would select the method of allocation. The Commission believed that any impacts of such fees on competition in the market for trading services will manifest either through the model for the fees itself or through the later allocation of the fees across market participant types, across equity or options exchanges, or within market participant types and markets, through the levels of fees paid by each tier.
A. Funding Model
In the Notice, the Commission discussed its preliminary belief that the structure of the funding model could provide a competitive advantage to exchanges. Specifically, the Commission noted that the Plan states that an entity would be assessed exactly the same amount for a given level of activity whether it acted as an ATS or an exchange. However, FINRA would be charged fees based on the market share of off-exchange trading. ATSs, which are FINRA members, would presumably pay a portion of the FINRA fee through their broker-dealer membership fees. In addition, ATSs would pay a fee for their market share, which is a portion of the total off-exchange market share. Therefore, ATS volume would effectively be charged once to the broker-dealer operating the ATS and a second time to FINRA, which would result in ATSs paying more than exchanges for the same level of activity. Ultimately, if the funding model disadvantages ATSs relative to exchanges, trading volume could migrate to exchanges in response, and ATSs could have incentives to register as exchanges as well. Additionally, the Commission discussed its belief that the Participation Fee could discourage new exchange entrants or the registration of an ATS as an exchange, increasing the barriers to entry to becoming an exchange. However, the Commission also explained that because the funding model seems to charge ATSs more for their market share than exchanges, ATSs could pay relatively less for their market share as an exchange than as an ATS, countering this barrier to entry depending on the magnitudes of the two fee types.
See Notice, supra note 5, at 30740.
The Participation Fee would be determined by the Operating Company and paid by national securities exchanges and national securities associations currently registered with the Commission (“Participants”) to fund costs incurred in creating, implementing and maintaining the CAT.
As described earlier, the Participants propose to amend the manner in which market share will be calculated for a national securities association that has trades reported by its members to its trade reporting facility or facilities for reporting transactions effected otherwise than on an exchange in NMS Stock or OTC Equity Securities. For such an association, its market share for purposes of qualifying for a particular tier in the funding model would not include the share volume reported to the national securities association by an ATS, as such share volume will be included in the market share calculation for that ATS. As discussed above in Section IV.F, the Commission is modifying the Plan as the Participants suggested.
See Section V.F.5.d, supra.
Response Letter II at 12.
Response Letter II at 12.
This modification reduces the potential for the Plan to charge ATSs more than similarly situated exchanges, but it may not alleviate all the fee differentials between ATSs and exchanges. As described above, these fee differentials may arise because message traffic to and from an ATS would generate fee obligations on the broker-dealer that sponsors the ATS, while exchanges incur almost no message traffic fees. Even with this modification, the Commission continues to believe that the Funding Model could provide a competitive advantage to exchanges over ATSs. However, the Commission is approving the Plan without further modification for the reasons discussed in Section IV.F, above.
See Section V.F.5.d, supra.
B. Allocation of Voting Rights and Fees
In the Notice, the Commission recognized that the potential for a burden on competition and effects on competitors in the market for trading services could arise from provisions relating to the allocation and exercise of voting rights. The Commission noted that the potential for concentration of influence over vote outcomes arises from proposed provisions to give one vote to each Plan Participant in an environment where some Participants are Affiliated SROs. Indeed, supermajority approval could be achieved through four of the 10 groups of Affiliated SROs and individual SROs, and majority approval could be achieved with just three such groups or individual SROs. For example, the Participant groups with options exchanges could have the incentive to allocate a disproportionately low level of fees for options market share than for equity market share. The Commission noted that such an allocation could disadvantage competing Participants with only equities exchanges.
See Notice, supra note 5, at 30740-41.
At the time of the Notice, the twenty SROs that were Participants in the CAT NMS Plan included five sets of affiliated SROs (New York Stock Exchange LLC, NYSE Arca, Inc., and NYSE MKT LLC (the “NYSE Group”); The NASDAQ Stock Market LLC, NASDAQ OMX BX, Inc., and NASDAQ OMX PHLX LLC (the “NASDAQ Group”); BATS Exchange, Inc., BATS Y-Exchange, Inc., EDGX Exchange, Inc., and EDGA Exchange, Inc. (the “BATS Group”); Chicago Board Options Exchange, Inc. and C2 Options Exchange, Inc. (the “Chicago Options Group”); International Securities Exchange, LLC, ISE Gemini, LLC, and ISE Mercury, LLC (the “ISE Group”); and five independent SROs (National Stock Exchange, Inc.; Chicago Stock Exchange, Inc.; BOX Options Exchange LLC; Miami International Securities Exchange LLC; and Financial Industry Regulatory Authority, Inc.). The BATS Group would have had four votes, the NYSE Group, the NASDAQ Group and the ISE Group each would have had three votes, and the Chicago Options Group would have had two votes. See CAT NMS Plan, supra note 5, at Appendix C, Section D.11(b). A majority approval would have required eleven votes. This could have included as few as four of the SROs and sets of affiliated SROs: The affiliated SROs that would have had four votes, two sets of affiliated SROs that would have had three votes, and one other SRO or set of affiliated SROs. Supermajority approval would have required fourteen votes. This could have included as few as five SROs and sets of affiliated SROs: The affiliated SROs that would have had four votes, three sets of affiliated SROs with three votes, and any additional SRO. Note also that as few as two sets of affiliated SROs could have blocked a Supermajority approval by casting seven “no” votes: The affiliated SROs with four votes and any one of the affiliated SROs with three votes.
The Commission also noted that the inclusion of all exchanges on the Operating Committee could give the Plan Participants opportunities and incentives to share information and coordinate strategies in ways that could reduce the competition among exchanges or could create a competitive advantage for exchanges over venues for off-exchange trading. However, the Commission stated that it preliminarily believed that certain provisions of the Plan would limit these potential burdens on competition. In particular, the Plan includes provisions designed to limit the flow of information between the employees of the Plan Participants who serve as members of the Operating Committee and other employees of the Plan Participants.
The Commission also noted that FINRA could represent the perspectives of the off-exchange portion of the market, but FINRA would have only one vote and exchanges would have twenty.
See CAT NMS Plan, supra note 5, at Section 9.6; see also Section III.24, supra.
Additionally, the Commission agreed with the Plan's assessment that some governance features of the Plan will limit adverse effects on competition in the market for trading services. These include provisions limiting the incentive and ability of Operating Committee members to serve the private interests of their employers, such as the rules regulating conflicts of interest. Moreover, the Commission explained that it may summarily abrogate and require the filing of Plan amendments that establish or change a fee in accordance with Rule 608(a)(1) and review such amendments in accordance with Rule 608(b)(2) of Regulation NMS, if it appears to the Commission that such action is necessary or appropriate in the public interest, for the protection of investors, or the maintenance of fair and orderly markets, to remove impediments to, and perfect the mechanisms of, a national market system or otherwise in furtherance of the purposes of the Act. In such a case, if the Commission chooses to approve such amendment, it would be by order and with such changes or subject to such conditions as the Commission may deem necessary or appropriate.
17 CFR 242.608(a)(1); 608(b)(2); 608(b)(3)(i); and 608(b)(3)(iii). Pursuant to Rule 608(b)(2) of Regulation NMS, the Commission shall approve such amendment, with such changes or subject to such conditions as the Commission may deem necessary or appropriate, if it finds that such amendment is necessary or appropriate in the public interest, for the protection of investors and the maintenance of fair and orderly markets, to remove impediments to, and perfect the mechanisms of, a national market system, or otherwise in furtherance of the purposes of the Act. Approval of the amendment shall be by Commission order.
See Notice, supra note 5, at 30741; supra note 1709 for further details on fee proposals.
Several commenters provided information relevant to the Commission's analysis of the potential impact of the allocation of fees on competition. In particular, three commenters suggested that there was an inherent conflict of interest as the SROs were the only ones with votes, yet will be involved in the decision to allocate funding responsibility across SROs and broker-dealers. Such comments relate to the influence of voting rights on the allocation of fees to exchanges (SROs) compared to ATSs and internalizers (broker-dealers). The Commission notes also that certain EMSAC discussions recognized conflicts in the market for trading services.
Fidelity Letter at 5, SIFMA Letter at 27 and KCG Letter at 4.
See “Recommendations Relating to Trading Venues Regulation”, Equity Market Structure Advisory Committee (“EMSAC”) Trading Venues Regulation Subcommittee, April 19, 2016, at 1, available at https://www.sec.gov/spotlight/emsac/emsac-trading-venues-subcommittee-recommendations-041916.pdf (describing four recommendations relating to the regulation of trading venues); see also EMSAC April 26, 2016 Transcript, available at https://www.sec.gov/spotlight/emsac/emsac-042616-transcript.txt .
The Commission believes that the concerns expressed in the comments and the EMSAC discussions are consistent with the Commission's discussion and analysis of the potential impacts in the Notice. The Commission recognized in the Notice that bloc voting could create a competitive advantage for exchanges over trading venues for off-exchange trading. The commenters did not address the Commission's discussion in the Notice of certain provisions in the Plan that would limit potential burdens on competition or of the role of the Commission in approving NMS Plan fee filings. The Commission notes that changes in the number of exchanges and in exchange groups since the Notice affect the potential influence of bloc voting because fewer SRO groups will be needed for approval or to block an approval. Nonetheless, the Commission continues to believe that provisions in the Plan and Commission oversight of the allocation of fees could mitigate these concerns.
Since the time of the Notice, the Commission approved a new exchange, the Investors' Exchange, LLC (“IEX”), which is an independent SRO, and two sets of affiliated SROs merged, the NASDAQ Group and the ISE Group.
The Plan now includes twenty-one SROs with votes on the Operating Committee, including four sets of affiliated SROs and six independent SROs. Compared to the time of the Notice (see supra note 2811), the number of votes required for majority or Supermajority approval remains the same, but the number of SRO blocks required for approval or to block an approval has changed. Now, the NASDAQ-ISE Group has six votes instead of separate blocs of three votes each. A majority approval still requires eleven votes. This could include as few as three of the SROs and sets of affiliated SROs instead of the former four: The affiliated SROs that have six votes, the affiliated SROs that have four votes, and one other SRO or set of affiliated SROs. Supermajority approval still requires fourteen votes. This could include as few as four SROs and sets of affiliated SROs instead of the former five: The affiliated SROs that have six votes, the affiliated SROs that have four votes, the affiliated SROs that have three votes, and any additional SRO or group of affiliated SROs. Note also that, now, as few as two sets of affiliated SROs, instead of the former three, could block a Supermajority approval by casting eight “no” votes: The affiliated SROs with six votes, and the affiliated SRO with two votes.
See supra note 1709 for further details on fee proposals.
(2) Costs of Compliance
In the Notice, the Commission explained that because all Participants but one compete in the market for trading services, the ability of affiliates to vote as a group could in principle allow a few large Participant groups to influence the outcome of competition in the market for trading services by making various decisions that can alter the costs of one set of competitors more than another set. In addition, the Commission discussed the fact that the Plan calls for profits to be distributed equally among Participants, which could advantage smaller exchanges during profitable years and disadvantage smaller exchanges during loss years.
See Notice, supra note 5, at 30741-42.
Generally, smaller exchanges will have smaller fees. So, if there are profits, and each exchange receives the same nominal reimbursement amount, then the percentage reduction in fees from the redistributed profit will be greater for smaller exchanges, as they are starting with a smaller denominator in the ratio. This does not speak to the relative burden of compliance costs, however, which may still disadvantage smaller exchanges.
The Commission explained that generally, smaller competitors could have implementation and ongoing costs of compliance that are disproportionate relative to their size. It noted that, to lessen the impact of funding the Central Repository on smaller exchanges and ATSs, the Plan would apply a tiered funding model that charges the smallest exchanges and ATSs the lowest fees. Likewise, the Plan would apply a tiered funding model that would charge the smallest broker-dealers, including liquidity suppliers, the lowest fees. However, the Commission noted that the Plan does not indicate whether off-exchange liquidity providers would pay fees similar to similarly-sized ATSs and exchanges. This is important because, as described earlier, broker-dealers internalizing orders off exchanges would only be allocated fees based on message traffic, whereas orders routed to ATSs and exchanges lead to broker-dealer fees based on message traffic and ATS or exchange fees based on market share. If these fees are even partially passed on to customers, then the cost differentials that result might create incentives for broker-dealers to route order flow to those broker-dealers who internalize in order to minimize costs, creating a potential conflict of interest with broker-dealers' investor customers.
See Section V.F.5.d, supra.
The Commission discussed the fact that the Plan provides that the Technical Specifications will not be finalized until after the selection of a Plan Processor, which will not occur until after any decision by the Commission to approve the Plan. The Commission recognized that the costs of compliance associated with future technical choices or the selection of the Plan Processor could exacerbate the relative cost differential across competitors. However, the Commission preliminarily believed that the governance provisions of the Plan and Commission oversight could help to mitigate such effects in the market for trading services.
The Commission received several comments relevant to its analysis of the potential impact of the costs of compliance on competition in the market for trading services. Specifically, as described earlier, several commenters had concerns about the distribution of CAT profits among SROs, though none specifically discussed the potential differential impact on small versus large exchanges. Further, the concerns of commenters and the EMSAC discussed in the Allocation of Fees section above also have implications for the Commission's analysis.
Id.
SIFMA Letter at 19; KCG Letter at 5; DAG Letter at 5.
Regarding the distribution of CAT profits among SROs, as described earlier, the Participants responded with a clarification that they expect to operate the CAT on a break-even basis and any surpluses would be treated as an operational reserve to offset fees in future payment. In addition, the Participants subsequently stated that the CAT LLC will seek to qualify for tax exempt status as a “business league.”
See Section V.F.5.d, supra.
Participants' Letter at 1; Section IV.B.4, supra.
The Commission has considered the comments and the EMSAC discussion regarding voting blocs and believes that these concerns do not alter the analysis in the Notice for the same reasons as described above. Overall, the Commission continues to believe that the ability of affiliates to vote as a group could in principle allow a few large Participant groups to influence the outcome of competition in the market for trading services by making various decisions that alter the costs of one set of competitors more than another set, but that Commission oversight and the governance provisions of the Plan and could help to mitigate these effects. Also, in light of amendment to the Plan to reflect that the CAT LLC will seek to qualify for tax exempt status as a “business league,” the Commission now believes that neither CAT profits or losses should affect competition in the market for trading services. The Commission maintains its conclusions regarding the impact of compliance costs on competition in the market for trading services, specifically, that compliance costs may be relatively more burdensome for small SROs, but that the tiered aspect of the funding model should serve to mitigate this. However, the Commission notes that the funding model continues to have uncertainties, and depends on the decisions of the Operating Committee.
See Section V.G.1.a(1)B, supra.
See supra note 2814.
Participants' Letter at 1. See also Section V.F.5.d, supra. for more detail on these modifications and the resulting economic effects.
(3) Enhanced Surveillance and Deterrence
In the Notice, the Commission also discussed its preliminary belief that the CAT NMS Plan could promote competition in the market for trading services through enhanced surveillance and the deterrence of violative behavior that could inhibit competition. Should the Plan deter violative behavior, passive liquidity suppliers, such as on or off-exchange market makers could increase profits as a result of reduced losses from others' violative behavior. This increase in profits could encourage new entrants or could spark greater competition, which would reduce transaction costs for investors. For example, if the Plan facilitates surveillance improvements that deter spoofing, the Commission stated that it could increase incentives to provide liquidity and promote lower transaction costs for investors, particularly in stocks that may lack a critical mass of competing liquidity providers or that could be targets for violative trading behavior.
See Section V.E.2.c, supra, for a discussion of how the CAT NMS Plan would enhance surveillance and deter violative behavior.
The Commission did not receive comments related to its economic analysis on enhanced surveillance and deterrence of violative behavior affecting competition in the market for trading services. Therefore, the Commission continues to believe that the CAT NMS Plan could promote competition in the market for trading services through enhanced surveillance and the deterrence of violative behavior that could inhibit competition.
b. Market for Broker-Dealer Services
In the Notice, the Commission analyzed the effect of the CAT NMS Plan on the market for broker-dealer services. The Commission stated that it preliminarily believed that the costs of broker-dealers' compliance, particularly the cost to report order events to the Central Repository, would differ substantially between broker-dealers and might affect competition between smaller and larger broker-dealers. The Commission also noted that broker-dealers that outsource regulatory data reporting activities are expected to see their costs of regulatory data reporting increase, while broker-dealers that insource may see a decrease in their regulatory data reporting costs. The Commission stated that it preliminarily believed this dynamic might affect competition between Outsourcers (that tend to be smaller) and Insourcers (that tend to be larger), and might increase barriers to entry in some segments of this market.
The market for broker-dealer services is described in the Notice, supra note 5, at 30742-44.
See Section V.E.2.c., supra.
The Notice discussed the Plan's assertion that it will have little to no adverse effect on competition between large broker-dealers, and will not materially disadvantage small broker-dealers relative to large broker-dealers. Regarding small broker-dealers, the Plan states, “. . . [the allocation of costs to broker-dealers based on their contribution to market activity] may be significant for some small firms, and may even impact their business models materially . . .” and that the Participants were sensitive to the burdens the Plan could impose on small broker-dealers, noting that such broker-dealers could incur minimal costs under their existing regulatory reporting requirements “because they are OATS-exempt or excluded broker-dealers or limited purpose broker-dealers.” The Commission noted that the CAT NMS Plan attempts to mitigate its impact on these broker-dealers by proposing to follow a cost allocation formula that should charge lower fees to smaller broker-dealers; furthermore, Rule 613 provides them additional time to commence their reporting requirements.
See CAT NMS Plan, supra note 5, at Appendix C B.8.(a)(ii).
See CAT NMS Plan, supra note 5, at Appendix C B.7.(b)(iv)(C) (“The fees to be assessed at each tier are calculated so as to recoup a proportion of costs appropriate to the message traffic from firms in each tier. Therefore, larger broker-dealers, generating the majority of message traffic, will be in the higher tiers, and therefore be charged a higher fee. Smaller broker-dealers with low levels of message traffic will be in lower tiers and will be assessed a minimal fee for the CAT. The Participants estimate that up to 75% of broker-dealers will be in the lower tiers of the Funding Model.”).
The Commission preliminarily agreed with the Plan's general assessment of competition among broker-dealers, and also with the Plan's assessment of differential effects on small versus large broker-dealers. The Commission agreed that the Plan's funding model was an explicit source of financial obligation for broker-dealers and therefore an important feature to evaluate when considering potential differential effects of the Plan on competition in the market for broker-dealers. However, the Commission preliminarily believed that the segments of the market most likely to experience higher barriers to entry are those that currently have no data reporting requirements of the type the Plan requires and those that will involve more CAT Reporting obligations, such as the part of the broker-dealer market that involves connecting to exchanges, because of the technology infrastructure requirements and the potential to have to report several types of order events. Nonetheless, the Commission discussed its preliminary belief that any increases in the barriers to entry are justified because they are necessary in order for the CAT Data to include data from small broker-dealers. Specifically, the Commission noted that excluding small broker-dealers from reporting requirements would eliminate the collection of audit trail information from a segment of the broker-dealer community and would thus result in an audit trail that does not capture all orders by all participants in the securities markets.
See Notice, supra note 5, at 30743 (citing Adopting Release, supra note 14, at 45749).
The Commission also recognized that the Plan could affect the current relative competitive positions of broker-dealers in the market for broker-dealer services because the economic impacts resulting from the Plan could benefit some broker-dealers and adversely affect others. However, the Commission stated that there is no clear reason to expect these impacts, should they occur, to decrease the current state of overall competition in the market for broker-dealer services so as to materially burden the price or quality of services received by investors on average.
Regardless of the differential effects of the CAT NMS Plan on small versus large broker-dealers, the Commission discussed in the Notice that its preliminary view was that the CAT NMS Plan, in aggregate, will likely not reduce competition and efficiency in the overall market for broker-dealer services. The Commission explained that even if small broker-dealers potentially face a burden, this may not necessarily have an adverse effect on competition as a whole in the overall market for broker-dealer services. Under the Plan, broker-dealers could face high upfront costs to set up a processing environment to meet reporting responsibilities. As upfront, fixed costs, the burden could be greater for small broker-dealers. Instead of bearing these costs in-house, small broker-dealers could contract with outside vendors, which could lead to lower costs relative to not using a vendor for reporting services. Thus, the Commission explained that even firms that currently do not report to OATS, but will be CAT Reporters under the Plan, could face manageable upfront costs that permit them to continue in their line of business without a severe setback in their profitability.
The Commission noted that a difficulty in assessing the likely impacts of the CAT NMS Plan on competition among broker-dealers is that competition in the markets for different broker-dealer services could be affected in different ways. If CAT costs represent a significant increase in overall business costs, the Plan could disadvantage broker-dealers who are CAT Reporters in the market segments that do not require CAT reporting. For example, broker-dealers that, in addition to providing services related to market transactions that are reportable to CAT, also compete to provide fixed-income order entry as a line of business may be at a relative disadvantage to competitors in the fixed-income market who do not provide broker-dealer services that are related to market activity that is reportable to CAT.
The Commission recognized that the CAT NMS Plan could result in fewer broker-dealers providing specialized services that trigger CAT reporting obligations. The Commission also recognized, however, that fewer broker-dealers in a specialized segment of the market may not necessarily harm competition in that segment. In particular, the CAT compliance costs may be less of a relative burden for large broker-dealers who may provide a larger portfolio of specialized services to clients. This portfolio may buffer large broker-dealers from business risk associated with specialization, and so large broker-dealers are likely to maintain their presence in specialized market segments. If a sufficient number of large broker-dealers maintain their presence in specialized market segments, a net decrease in broker-dealers may not affect the competition in such market segments to a level in which the market segment offers fewer or lower quality services or higher prices. However, the Commission recognized that negative effects on competition in specialized market segments could result if broker-dealers achieve a level of market concentration necessary to adversely affect prices for investors.
See Notice, supra note 5, at 30742-44.
The Commission received a few comment letters regarding its analysis of the effect of the Plan on the market for broker-dealer services. As previously described, the Commission received one comment that noted that message traffic tiers could place a larger burden on market makers of liquid securities and a lower burden on liquidity takers. In addition, one commenter noted that the current phased implementation schedule poses risks to clearing firms who will have to support both large and small broker-dealers during CAT implementation, incurring more CAT implementation costs than broker-dealers that do not have introducing broker-dealers. Another comment estimated that CAT reporting costs, even at a $5,000 per month minimum, could reach 15% or more of revenue for a subset of small broker-dealers that are currently OATS exempt. The commenter further stated that the Plan would have the greatest proportionate burden for those firms, which have the smallest justification for regulatory concern and expressed concern regarding the ability for certain firms to say in business, stating that the Plan would “destroy the business model and profitability” of such firms.
See Section V.F.5.d, supra.
SIFMA Letter at 16-17.
TR Letter at 3-4.
Wachtel Letter at 1-4.
Wachtel Letter at 2-4 (stating that customers of certain small firms are unlikely to engage in violative behavior such as market manipulation and insider trading).
The Participants' response letter addressed comments related to the market for broker-dealer services. With regards to the funding model tiers placing a larger burden on market makers of liquid securities, the Participants did not comment on the relative burden, but argued that a fixed-fee funding model would reduce the disincentives to provide liquidity to the market and would lead to fewer market distortions than a strictly variable funding model. With regards to the phased implementation schedule, the Participants noted that small broker-dealers may voluntarily begin reporting within two years instead of the required three years, but did not address whether this poses risks for clearing firms supporting both large and small broker-dealers. The Participants also did not address the relative burden on OATS-exempt broker-dealers.
Response Letter II at 16.
Response Letter II at 20.
In response to these comments, the Commission has revised its economic analysis of the effect of the Plan on the market for broker-dealer services. First, the Commission now recognizes the potential differential effect on those broker-dealers that engage in market making in liquid stocks versus illiquid stocks and on those broker-dealers that engage in liquidity taking strategies versus those that engage in other strategies. The Commission believes that this differential effect could result in broker-dealers altering their activities, which could have the second order effects described above, and could change the level of competition in certain market segments, such as those that specialize in providing services in more liquid securities. However, the Commission believes that services in liquid securities is the most competitive segment in the broker-dealer industry and therefore, does not believe that effects on competition would be material. In particular, based on Commission Staff experience, the Commission understands that quote competition in liquid securities comes from market makers on many exchanges, over-the-counter market makers, and customers who post quotations. These securities trade on one penny spreads and have deep order books. Further, consistent with the Participants' Response Letter II, the tiered nature of the funding model effectively fixes the fees. In highly competitive markets, fixed fees should not affect prices. Therefore, the highly competitive liquid securities markets should remain liquid and highly competitive under the Plan, despite the fees related to message traffic.
See Section V.F.5.b., supra.
The Commission also agrees with the comment that certain broker-dealers could face a disproportionately large burden of costs from reporting, even as high as 15% of revenue as the commenter noted, and already recognized this possibility in the economic analysis in the Notice. However, the Commission is not revising its conclusion that it is necessary for even the smallest broker-dealers to report to CAT. Specifically, the Commission believes that excluding certain broker-dealers from reporting requirements would result in an audit trail that does not capture all orders by all participants in the securities markets, which could incentivize prospective wrongdoers to utilize these firms to evade regulatory oversight.
With regards to competition, the Commission continues to believe that even if regulatory burdens from CAT reduce the number of small broker-dealers in specialized segments, overall competition in those segments may not be harmed.
With regards to the comment on relative costs for clearing firms supporting large and small brokers during CAT implementation, the Commission acknowledges the costs of reporting to duplicative systems, and the relatively high costs to introducing broker-dealers. However, it is not clear why the additional costs to clearing firms servicing other broker-dealers would not be passed along to small broker-dealers—the impact of which has already been discussed. As such, the Commission does not believe the impact on clearing firms due to the phased implementation schedule is sufficiently large to affect competition in this market, and is not changing the Economic Analysis as it relates to costs for clearing services.
The Commission does not believe that the modifications to the funding model described above will affect the allocation of fees or the relative compliance costs among broker-dealers. Overall, the Commission continues to believe that the CAT NMS Plan, in aggregate, would likely not reduce competition and efficiency in the overall market for broker-dealer services. Even if small broker-dealers, broker-dealers of liquid securities, or clearing firms of large and small broker-dealers potentially face a relatively high burden, this may not necessarily have an adverse effect on competition as a whole in the overall market for broker-dealer services, as the Commission explained in the Notice.
Id.
c. Market for Regulatory Services
In the Notice, the Commission discussed its preliminary conclusion that the Plan could provide opportunities for increased competition in the market to provide regulatory services. The Commission noted that SROs compete to provide regulatory services in at least two ways. First, because SROs are responsible for regulating trading within venues they operate, their regulatory services are bundled with their operation of the venue. Consequently, for a broker-dealer, selecting a trading venue also entails the selection of a provider of regulatory services surrounding the trading activity. Second, SROs could provide this supervision not only for their own trading venues, but for other SROs' trading venues as well through the use of Regulatory Service Agreements or a plan approved pursuant to Rule 17d-2 under the Exchange Act. Consequently, SROs compete to provide regulatory services to trading venues they do not operate. The market for regulatory services in the equity and options markets currently has one dominant competitor, FINRA.
See Notice, supra note 5, at 30744-45.
In the Notice, the Commission noted that under the Plan, designated regulatory Staff from all of the SROs would have access to CAT Data, which would reduce the differences in data access across SROs. This in turn could reduce barriers to entry in providing regulatory services because data will be centralized and standardized, possibly reducing economies of scale in performing surveillance activities. Furthermore, because some types of previously infeasible surveillance will become possible with the availability of additional data, the Commission believes that SROs will have greater opportunities to innovate in the type of surveillance that is performed, and the efficiency with which it is performed. In addition, as Rule 613(a)(3)(iv) requires, SROs will implement new or updated surveillance within 14 months after effectiveness of the CAT NMS Plan, and thus any SRO could reconsider its approach to outsourcing its regulatory services and whether it wants to compete to provide regulatory services to others.
Without a Central Repository, an SRO wishing to compete as a regulatory services provider would need to invest in the IT infrastructure and enter into the data access agreements necessary to surveil broadly beyond its exchanges' data resources. By providing access to consolidated trade and order data to all SROs, CAT may reduce barriers to entry for this market. See Securities Exchange Act Release No. 74581 (March 25, 2015), 80 FR 18035 (April 2, 2015) at 18057-58 (describing the barriers to entry of potential new national securities associations).
While the Commission did not receive any comments addressing the effects of the CAT NMS Plan on the market for regulatory services, nor was the issue addressed in the Participants' response, the Commission believes that certain EMSAC discussions are relevant to its analysis of competition in the market for regulatory services. In particular, the discussions regarding the EMSAC draft recommendation that the Commission should formalize by Rule the centralization of common regulatory functions across SROs into a single regulator reveal other potential considerations. In particular, the EMSAC subcommittee on Trading Venues opined that some regulatory activities are duplicative and needlessly complex because they are dispersed across SROs. Further, the subcommittee argued that CAT will increase that duplicative regulatory oversight. In response to the EMSAC discussions, one commenter pointed out benefits in having competition between regulators. This commenter explained that CAT Data could open up new frontiers for regulation that competition between multiple SROs could leverage off of.
See “Recommendations Relating to Trading Venues Regulation”, Equity Market Structure Advisory Committee (“EMSAC”) Trading Venues Regulation Subcommittee, April 19, 2016, available at https://www.sec.gov/spotlight/emsac/emsac-trading-venues-subcommittee-recommendations-041916.pdf (describing four recommendations relating to the regulation of trading venues); see also EMSAC April 26, 2016 Transcript, available at https://www.sec.gov/spotlight/emsac/emsac-042616-transcript.txt .
See EMSAC April 26, 2016 Transcript, available at https://www.sec.gov/spotlight/emsac/emsac-042616-transcript.txt , at 111.
See NASDAQ comment on EMSAC, May 24, 2016, available at https://www.sec.gov/comments/265-29/26529-71.pdf .
The Commission recognizes that increased competition in the market for regulatory services could create duplication of regulations, as the EMSAC discussed. But, ultimately, the Commission's conclusions related to competition—namely, that the Plan will provide opportunities for increased competition in the market to provide regulatory services—are unchanged from the Notice. The Commission recognizes, however, the uncertainty of whether EMSAC will make a formal recommendation to the Commission and whether and how the Commission would act with respect to such a recommendation.
d. Market for Regulatory Data Reporting Services
In the Notice, the Commission analyzed the effect of the CAT NMS Plan on competition in the market for data reporting services with a focus on its impact on the costs incurred by broker-dealers to comply with the Plan. As discussed in the Costs section above, the Commission preliminarily believed that many broker-dealers, particularly smaller broker-dealers, would fulfill their CAT reporting obligations by outsourcing to service bureaus and that the fees charged by the service bureaus would be a major cost driver for these broker-dealers. Further, these fees would factor into the increase in barriers to entry in the market for broker-dealer services. Therefore, the Commission preliminarily believed that any effects on competition in the market for regulatory data reporting services could have a significant effect on the costs incurred by broker-dealers in complying with the CAT NMS Plan.
See Notice, supra note 5, at 30745-46.
See Section V.G.1.b, supra.
The Plan provided information on broker-dealers' use of third-party service providers to accomplish current regulatory data reporting. The Plan noted that while some broker-dealers perform their regulatory data reporting in-house, others outsource this activity. As noted in the Costs section of the Plan, the Commission understands that most firms outsource the bulk of their regulatory data reporting to third-party firms. The Commission preliminarily believed that the competition in the market to provide data reporting services is a product of firms choosing to perform this activity in-house or to outsource it based on a number of considerations including cost, with some firms choosing to outsource this activity across multiple service providers.
See Section V.F.1.c.(2).A, supra.
The market for regulatory data reporting services is currently characterized by bundling, high switching costs, and barriers to entry. First, service bureaus often bundle regulatory data reporting services with an order-handling system service that provides broker-dealers with market access and order routing capabilities. Additionally, they sometimes bundle regulatory data reporting services with trade clearing services. Second, switching costs for service bureaus may be high and involve complex onboarding processes and requirements. Furthermore, systems between service bureaus may be disparate, and switching service providers may require different or updated client documentation. Difficulty switching between service providers could limit the competition among service bureaus to provide data reporting services, and impact the costs that Outsourcers incur to secure regulatory data reporting services. Third, high information technology (“IT”) infrastructure costs also give rise to barriers to entry, which could slow the entry of new market participants into this market. Despite this, the Commission explained that based on information from broker-dealer discussions arranged by Financial Information Forum it preliminarily believed that the market for regulatory data reporting services is generally expanding and the trend is for more, not less, outsourcing.
See Section V.F.1.c.(2).A, supra, for more information on broker-dealer use of service bureaus.
See Notice, supra note 5, at n.920.
In the Notice, the Commission discussed its preliminary belief that the Plan could alter the competitive landscape in the market for data reporting services in several ways. First, the Plan could increase the demand for data reporting services by requiring reporting by broker-dealers that may have previously been exempt due to size under individual SRO rules. Because more broker-dealers would be required to report regulatory data under the Plan, the Commission preliminarily believed there could be an opportunity for increased competition in this market which might benefit all Outsourcers by reducing costs or increasing innovation. However, the increase in demand for data reporting services could serve to entrench existing providers if they capture a large share of newly created demand; this could lead to relatively higher costs for broker-dealers than they would face in a more competitive market. The potential increase in demand for data reporting services also could impact the capacity of already existing service providers to meet this increase in demand, and this in turn could have implications for competition and pricing in the market for data reporting services. Considering the barriers to entry that characterize the market for data reporting services and this potential increase in demand, service bureaus could have less incentive to compete for broker-dealer clients because these clients are no longer scarce, and as such, the CAT NMS Plan could result in a decline in the competition for data reporting services. It is possible that broker-dealers seeking to establish relationships with service bureaus could have trouble securing them because of the need to on-board many broker-dealers at once, especially if the service bureaus have limited on-boarding capacity. In the short-run these capacity constraints and the high demand could increase the costs of reporting through a service bureau. However, the two year implementation period for large broker-dealers and three year period for small broker-dealers could alleviate the reduction in competition due to the onboarding capacity strain because current service bureaus have time to increase their on-boarding capacity and new entrants have time to build the necessary IT infrastructure and a client base.
See, e.g., FINRA Rule 7470.
Second, the Commission discussed in the Notice how the CAT NMS Plan could dramatically change the pool of firms demanding data reporting services, which would be skewed toward firms that are smaller and on average costlier to service, which could result in higher prices that could eventually be passed onto investors. In addition to small and medium sized broker-dealers that previously self-reported data to SROs, who now would be required to report, the CAT NMS Plan would also result in other broker-dealers having data reporting responsibilities. The Commission preliminarily believed that these broker-dealers would predominantly be small. Because the Plan would require additional elements in regulatory data, particularly customer data, some broker-dealers that currently self-report could no longer find it economically feasible to do so.
Third, in addition to possibly increasing demand for data reporting services, the Commission discussed how the CAT NMS Plan may have a mixed effect on the number of firms offering data reporting services. This could impact the competitiveness of this market, and affect the costs broker-dealers bear in securing these services. On one hand, the number of firms offering data reporting services could decrease, because the need to secure PII might increase the likelihood of liability and litigation risks in the event of a security breach. On the other hand, it is possible that the number of service bureaus offering data reporting services would increase. New reporting requirements for broker-dealers could create opportunities for new entrants to meet this demand. This could increase capacity and result in innovation in providing these services, which could benefit broker-dealers needing data reporting services by potentially reducing reporting costs, or at least reducing the potential for cost increases. Lower reporting costs for broker-dealers could in turn benefit the investors who are serviced by these broker-dealers, through reduced costs.
See Section V.F.4.a(3), supra, for a discussion of the potential exit of service bureaus from the market resulting from the risk of a security breach.
Fourth, the Commission discussed how the Plan could decrease the demand for data reporting services. Many broker-dealers currently pay service bureaus to fulfill their regulatory data reporting; this may be because these broker-dealers find it would be more expensive to handle the translation of their order management system data into fixed formats, such as is required for OATS. If the Plan Processor allows broker-dealers to send data to the Central Repository in the formats that they use for normal operations, in drop copies for example, these broker-dealers may no longer see a cost advantage in engaging the services of a regulatory data reporting service provider because one of the costs associated with regulatory data reporting—having to translate data into a fixed format—will have been eliminated. These broker-dealers may then choose to insource their regulatory data reporting.
The Plan does not mandate the data ingestion format. See CAT NMS Plan, supra note 5, at Appendix C, Section A.1(b). In the Notice, the Commission recognized that the CAT Reporters Study found no difference in expected costs for a fixed format, but requested comment on why the costs may be similar when it would seem logical that allowing flexible data reporting formats would reduce costs for broker-dealers. See Notice, supra note 5, at Section IV.F.5.
The Commission preliminarily believed that this reduction in demand would not likely be realized and, if realized, would be unlikely to offset the increase in demand that would come from CAT reporters not currently subject to OATS reporting, who would now have reporting obligations. As noted in the Costs section of the Plan, of the 1,800 expected CAT Reporters, 868 do not currently report to OATS. This meant that the Commission expected a large proportion of CAT Reporters may be broker-dealers that currently do not have a service bureau for regulatory data reporting but would choose to engage one to manage their CAT reporting responsibilities. This is more than the Commission's estimate of 806 current outsourcing broker-dealers. The Commission therefore noted that it is unlikely that the number of current Outsourcers that choose to become Insourcers would be larger than the number of non-OATS reporters that would elect to outsource. As a result, demand is more likely to increase. Further, the Commission explained that the proposed requirement for CAT reports to use listing exchange symbology could require pre-report data processing even if the Plan Processor allows for the receipt of reports in the formats that broker-dealers use for normal operations. As a result, the Commission explained that the CAT NMS Plan is unlikely to eliminate the costs of processing data prior to reporting that data to the Central Repository.
The Plan estimates that 1,800 broker-dealers are expected to have CAT reporting obligations. Based on data from FINRA, 932 broker-dealers currently report OATS data. 1,800 − 932= 868. See Section VI.F.1.c.(2)A, supra.
Id.
The Commission continues to believe that it is possible that the Plan would increase the demand for data reporting services by requiring regulatory data reporting by broker-dealers that may have previously been exempt due to size under individual SRO rules. Furthermore, the Commission continues to believe that the CAT NMS Plan may have a mixed effect on the number of firms offering data reporting services; this could impact the competitiveness of this market, and affect the costs broker-dealers bear in securing these services. Commenters did not provide any additional information or analysis that the Commission believes would warrant changes to its analysis or conclusions as set out in the Notice, nor does the Commission believe that the modifications to the Plan warrant changes to this aspect of the economic analysis.
2. Efficiency
In the Notice, the Commission analyzed the potential impact of the Plan on efficiency. The Plan included a discussion of certain efficiency effects anticipated if the Plan is approved; as part of its economic analysis, the Commission discussed these effects, as well as additional effects anticipated by the Commission. The Commission discussed its preliminary belief that the Plan would likely result in significant improvements in efficiency related to how regulatory data is collected and used. The Commission also explained that the Plan could result in improvements in market efficiency by deterring violative activity. However, the Commission noted that any potential gains to efficiency from the retirement of duplicative and outdated reporting systems would be delayed for up to two and a half years and the interim period of increased duplicative reporting would impose significant financial burden on Industry Members.
See Notice, supra note 5, at 30746-48.
Overall, after considering comments, Participants' responses, and modifications to the Plan, the Commission is updating and revising its economic analysis on efficiency. However, the revisions in the analysis do not impact the Commission's broad conclusions. The Commission continues to believe that the Plan will generally improve the efficiency of regulatory activities and promote market efficiency.
a. Effect of the Plan on Efficiency
Building off the discussion in the Plan, in the Notice, the Commission analyzed the effect of the Plan on the efficiency of detecting violative behavior through examinations and enforcement, on the efficiency of surveillance, on market efficiency through deterrence of violative behavior, on operational efficiency of CAT Reporters, and on efficiencies through reduced ad hoc data requests and quicker access to data.
Id.
The Commission explained that currently, regulators' ability to efficiently supervise and surveil market participants and carry out their enforcement responsibilities is hindered by limitations in regulatory data. Second, regulators' ability to efficiently perform cross-market surveillance is also hindered by limitations in regulatory data. Finally, there are a number of other inefficiencies associated with the current system of regulatory data collection. These include: Delays in data availability to regulators; lack of direct access to data collected by other regulators results in numerous ad-hoc data requests; and the need for regulatory Staff to invest significant time and resources to reconciling disparate data sources.
See Section V.E.2.c, supra.
Id.
See Section V.D.2.b, supra. These other inefficiencies are discussed above in the Baseline and Benefits Sections.
The Plan discussed a number of expected effects on efficiency such as: Monitoring for rule violations; performing surveillance; and supporting fewer reporting systems. The Commission preliminarily agreed with the Plan's assessments of the expected effects, and in addition, the Commission discussed how the Plan could also reduce violative behavior.
First, the Plan concluded that SROs would experience improved efficiency in the detection of rule violations, particularly for violations that involve trading in multiple markets. The Plan stated an expectation that SROs would need to expend fewer resources to detect violative cross-market activity, and such activity would be detected more quickly. The Commission preliminarily agreed that the Plan would result in improvements in efficiency in the performance of examinations of market participants by SROs and the Commission. Improvements to data availability and access through the Central Repository could allow SROs and the Commission to more efficiently identify market participants for examination. The Commission also agreed that the Plan would improve the efficiency of enforcement investigations. If regulatory data access improves, the quality and quantity of enforcement investigations could increase through improvements to the comprehensiveness and timeliness of data used to support investigations.
See CAT NMS Plan, supra note 5, at Appendix C, Section B.8(b); see also Section V.E.2, supra.
See CAT NMS Plan, supra note 5, at Appendix C, Section B.8(b).
See Section V.E.2.c, supra.
Second, the Plan stated that the Participants believe that the CAT NMS Plan could improve the efficiency of surveillance. This improvement is due to a number of factors including: Increased surveillance capacity; improved system speed, which would result in more efficient data analysis; and a reduction in surveillance system downtime. The Plan also cited reduced monitoring costs, but the Commission noted that estimates in the Costs section of the Plan predicted increased surveillance costs if the Plan is approved. The increased surveillance costs predicted in the Plan could reflect more effective surveillance. Although the Plan did not discuss the cost-benefit tradeoff of increased surveillance directly, the Commission noted that achieving the level of surveillance that would be possible if the Plan is approved would likely be more expensive using currently available data sources, if it is achievable at all, due to the inefficiencies that currently exist in delivering regulatory supervision, which are discussed previously.
See CAT NMS Plan, supra note 5, at Appendix C, Section B.8(b) (stating that the CAT NMS Plan could reduce monitoring costs, enable regulators to detect cross-market violative activity more quickly, provide regulators more fulsome access to unprocessed data and timely and accurate information on market activity, and provide CAT Reporters with long term efficiencies resulting from the increase in surveillance capabilities); see also Section V.E.2.c, supra.
See CAT NMS Plan, supra note 5, at Appendix C, Section B.8(b). The Participants surveyed the 10 exchange-operating SRO groups on surveillance downtime. In conversations with Commission staff, the Participants informed Staff that average surveillance downtime was 0.03% from August 1, 2014 to August 31, 2015, and ranged from 0 to 0.21% across SROs.
Id.
See Section VI.E.2, supra.
Third, the Plan also discussed increased efficiency due to the reduction in redundant reporting systems, specifically increases in system standardization, which would allow consolidation of resources, including the sunsetting of legacy reporting systems and processes, as well as consolidated data processing envisioned from the Plan. However, the Commission noted that it is aware that the Plan calls for a period of years during which Industry Members would face duplicative reporting systems before older regulatory data reporting systems are retired. This period of duplicative reporting would impose a considerable financial burden on Industry Members.
See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(iii)(C) (discussing benefits of CAT to broker-dealers).
Id. at Appendix C, Section B.8(b).
Id. at Appendix C, Section B.9.
See Section VI.F.2, supra, for a discussion of duplicative reporting and whether broker-dealers would pass costs on to investors.
The Plan also discussed two other possible efficiency improvements: A reduction in ad-hoc data requests and more fulsome access to raw data. While the Plan anticipated a decrease in ad-hoc data requests as a result of Plan-related data improvements, the Commission noted some types of ad-hoc data requests, such as, data requests for later-stage investigations might increase. The Commission recognized that these increases in data requests would partially offset the efficiency improvements from the reduction in data requests noted above, but the Commission preliminarily believed that the Plan would reduce the total number of data requests. Furthermore, the Plan anticipated more robust access to unprocessed regulatory data, which could improve the efficiency with which SROs and the Commission could respond to market events where they previously had to submit data requests and wait for data validation procedures to be completed before accessing data collected by other regulators.
Examples of data requests for later-stage investigations could include commissions paid or locate identifiers.
The Commission acknowledged that this decrease in total number of data requests may be partially offset by an increase in the number of investigations in general, because enhanced surveillance is likely to detect more potentially violative activity that would need to be investigated.
See CAT NMS Plan, supra note 5, at Appendix C, Section B.8(b).
In addition to the potential benefits to efficiency discussed in the Plan, the Commission also discussed that CAT may reduce violative behavior. Improvements in the efficiency of market surveillance, investigations, and enforcement could directly reduce the amount of violative behavior by identifying and penalizing market participants who violate rules and who would more easily go undetected in the current regime. Furthermore, market participants' awareness regarding improvements in the efficiency of market surveillance, investigations, and enforcement (or perceptions thereof), and the resultant increase in the probability of incurring a costly penalty for violative behavior, could deter violative behavior. Reductions in violative behavior through both of these economic channels could improve market efficiency.
See, e.g., Schelling, Thomas, “The Strategy of Conflict: Prospectus for a Reorientation of Game Theory,” Journal of Conflict Resolution, Vol. 2 No. 3 (1958); Ellsberg, Daniel, “The Crude Analysis of Strategic Choices,” American Economic Review, Vol. 51, No. 2 (1961).
The implicit assumption here is that violative behavior receives diminishing marginal gains and generates increasing marginal harm. See, e.g., Becker, Gary and William Landes, “Essays in the Economics of Crime and Punishment,” Columbia University Press (1974).
The Commission received a comment on the cost estimates of the CAT NMS Plan and its effects on increasing the efficiency of surveillance activities. The commenter agreed with the Commission's findings that the estimate of total implementation cost was accurate, however, the commenter stated that it is implausible that CAT would reduce surveillance costs by more than 40% while simultaneously improving the effectiveness of surveillance.
Data Boiler Letter at 38.
The Commission also received a comment on whether the CAT NMS Plan would increase the efficiency in detecting rule violations and subsequent gains to market efficiency due to the reduction in violative behavior. The commenter disagreed with the Commission's analysis of the Plan's effect on market efficiency due to the reductions in violative behavior, arguing that effectively and efficiently deterring violative behavior should be done by using a system other than the CAT, preferably the commenter's proposed system which involves the use of real-time analytics.
Data Boiler Letter at 10, 35.
Data Boiler Letter at 10-13, 33, 38.
The Commission also received numerous comments on whether the retirement of duplicative reporting systems and the reduction in ad-hoc data requests would generate gains to efficiency. One commenter disagreed with the Commission's analysis of the effect of the Plan on the reduction in duplicative reporting and ad-hoc requests. Three commenters indicated that the period of duplicative reporting could also reduce the expected benefits of CAT. One of these commenters suggested that the Plan's timeline for the retirement of duplicative reporting does not provide the SROs with sufficient incentives to migrate surveillances to CAT, implying that there could be a reduction in the efficiency of surveillance. Another commenter emphasized the inherent complexities of dual reporting, and the impact that this would have on the efficiency and effectiveness of reporting during this period.
Data Boiler Letter at 38-39.
FIF Letter at 29-30; SIFMA Letter at 5; DAG Letter at 2.
SIFMA Letter at 5.
FIF Letter at 30.
While the Participants did not directly respond to comments regarding efficiency, they did state that they expect cost savings as a result of moving surveillance operations from existing systems to the CAT.
Response Letter II at 16.
The Commission considered these comments, the Participants' response, and modifications to the Plan, and is revising its analysis of the inefficiencies associated with duplicative reporting. The Commission is not revising its analysis or conclusions with regard to other aspects of efficiency.
First, the Commission disagrees with the commenter who raised concerns about the surveillance cost estimates. As discussed above, all 19 SROs responded to the Participants Study regarding cost estimates, and most SROs have experience collecting audit trail data as well as expertise in their business practices. Furthermore, the commenter provided no reasoning or estimates to indicate that the Participants are unable to reasonably estimate their current data reporting costs, and the Participants' Response Letter II confirms the anticipated cost savings described in the Notice. Therefore, the Commission continues to believe that the cost estimates in the Notice are accurate, and that the CAT NMS Plan would improve the efficiency of surveillance by fostering increased surveillance capacity; improved system speed, which would result in more efficient data analysis; and a reduction in surveillance downtime.
At the time of the Participants Study, there were 19 SROs. All responded to the study. See Section V.F.1.b, supra for discussion of the Participants Study and changes to cost estimates to account for additional Participants.
See supra note 2873.
Second, the Commission disagrees with the commenter that stated that the CAT Plan would not improve market efficiency due to reductions in violative behavior, and that the Plan should adopt real-time analytics. The Commission continues to believe that real-time analytics are not necessarily required to reduce violative behavior. Analysis of raw data on T+1 and corrected data after T+3 can reveal violative activity nonetheless.
Third, regarding the commenter who seems to imply that the Commission attributes savings in surveillance costs solely to the reduction in ad-hoc data requests, which is not the case. As discussed in the Notice, the Commission believes that it is possible that Participants and the Commission could realize efficiencies from having data standardized and centrally hosted that could allow them to handle fewer ad hoc data requests. In addition, the Plan could allow Participants and the Commission to automate some surveillance processes that may currently be labor intensive or processed on legacy systems, which could reduce costs because the primary driver of these costs is FTE costs.
See Notice, supra note 5, at 30711.
The Commission agrees with the commenters that suggested that the period of duplicative reporting could be associated with reduced benefits from the Plan. In particular, the Commission now acknowledges that in addition to involving significant costs, the period of duplicative reporting would be associated with reduced benefits in the form of potentially lower data quality and potential loss of efficiency and effectiveness of reporting in the short-term. Examples of losses in efficiency could include conflicting field definitions in CAT and OATS; differences in required corrections to the same errors across two different systems; and contention for the same reporting resources applied across two or more systems.
FIF Letter at 30.
Regarding the comment that SROs lack incentives to retire duplicative reporting systems, the Commission notes that the requirement that SROs implement surveillance using the Central Repository within 14 months of the Effective Date limits the incentives for the SROs to delay retiring duplicative systems because they will gain the capability of performing surveillance within CAT. However, the Commission acknowledges that small Industry Members will not yet be reporting to the Central Repository when the SROs gain this capacity. Consequently, SROs will by necessity be performing surveillance on data other than CAT Data until small Industry Members are reporting to the Central Repository and their CAT Data quality allows adequate surveillance using CAT Data. As discussed in Participants' Response Letter II, as the Participants face significant costs in running duplicative systems, and to the extent that such systems are extraneous for regulatory purposes, the Participants would desire to cease their operation. Consequently, the Commission believes the SROs are incented to retire these duplicative systems and move surveillance solely to the Central Repository as quickly as feasible.
Response Letter II at 20.
After considering these comments and responses from the Participants, potential changes in the Plan, the Commission has updated its analysis of the effects of duplicative reporting on efficiency. First, the Commission has updated its estimate of the expected duplicative reporting period and now believes that it is likely to be shorter than estimated in the Notice. This would potentially result in the Commission and SROs realizing gains to efficiency earlier than what was stated in the Notice. Second, as discussed previously, the Commission now acknowledges that duplicative reporting may not result in efficiencies with duplicative reporting costs of less than $1.7 billion. Furthermore, the Commission now believes that the period of duplicative reporting may create inefficiencies, such as contention for the same reporting resources to correct errors across two different systems, and that might reduce the quality of data being reporting to CAT during the period of duplicative reporting. Regardless of the loss in efficiency due to duplicative reporting, the Commission nonetheless believes that the Plan will result in long-term gains to efficiency for the reasons stated earlier in this Section.
See Section V.F.2.b, supra.
Id.
See supra note 2896.
b. Effects of Certain Costs of the Plan on Efficiency
In the Notice, the Commission discussed the fact that the Plan anticipated that the implementation of CAT will introduce new costs related to data mapping and data dictionary creation, and add new expenditures, such as staff time for compliance with encryption requirements associated with the transmission of PII. While the Commission recognized these are additional activities and costs that the Plan would require, it viewed these as additional costs rather than inefficiencies. While the Commission could not quantify the magnitude of these costs, it viewed these as having a relatively minor contribution to overall costs of the Plan because they impose technical requirements on systems that the industry will need to significantly alter to comply with other provisions in the Plan. Commenters did not provide any additional information or analysis that the Commission believes would warrant changes to its analysis or conclusions regarding these costs and therefore continues to view these as costs rather than inefficiencies
See Notice, supra note 5, at 30748.
See Section VI.G.2.a, supra.
Additionally, the Commission discussed the Plan's statement that there could be a market inefficiency effect related to the funding proposal for the Plan. The Plan indicated that the Funding Model for the Plan could create disincentives for the provision of liquidity, which could impair market quality and increase the costs to investors to transact. The Commission discussed in the Notice two ways that the cost allocation methodology could negatively impact efficiency. First, data reporters could respond to the Funding Model by taking actions to limit their fee payments, such as exiting the market or reducing their activity levels. Second, the funding proposal for the CAT NMS Plan to align fees closely with the amounts that are required to cover costs could create incentives for the Plan Processor or Operating Committee to propose a cost schedule for the CAT that matches a given fee schedule, but is not the most efficient cost schedule for meeting CAT's regulatory objectives.
See CAT NMS Plan, supra note 5, at Appendix C, Section B.8(b).
The Commission received a comment about the concerns the funding proposal in the Plan poses for liquidity provision. This comment echoed the concerns the Commission discussed in the Notice. The Participants responded to this comment and noted that they actively considered the market quality concerns in devising the proposed funding model, and one of the reasons for proposing a tiered, fixed fee funding model was to limit the disincentives to providing liquidity to the market. In particular, the Participants believed that a funding model based on message volume was far more likely to affect market behavior.
SIFMA Letter at 16-17.
Response Letter II at 16.
In response to this comment, the Commission notes that it is amending the Plan to require the Participants to provide the Commission with a report on the impact of tiered-fees on market liquidity, including an analysis of the impact of the tiered-fee structure on Industry Members' provision of liquidity 36 months after effectiveness of the Plan. While the Commission continues to recognize that negative effects on efficiency could result from the Funding Model, for the reasons discussed in Section IV.F above, the Commission is approving the Funding Model as amended by the Commission.
See Section IV.F.3., supra.
See Section IV.F, supra.
3. Capital Formation
a. Enhanced Investor Protection
In the Notice, the Commission examined the potential effects on capital formation discussed in the Plan in addition to other potential effects on capital formation that the Commission believed could result if the Plan is approved. The Plan's analysis regarding capital formation concluded that the Plan would generally not have a deleterious effect on capital formation and could bolster capital formation that could lead to increased investor participation in capital markets. The Commission agreed with the rationale of the Plan's analysis, but addressed some additional considerations regarding the scope of the Plan's effects on capital formation, as well as the channels through which these effects could accrue. The Commission preliminarily believed that the Plan would have a modest positive effect on capital formation.
See Notice, supra note 5, at 30748-49.
Id. at 30748-50.
The Plan's analysis stated that the Plan may improve capital formation by improving investor confidence in the market due to improvements in surveillance. As discussed previously, in the Notice the Commission discussed its preliminary belief that the Plan would provide substantial enhancements to investor protection through improvements to surveillance, particularly for cross-market trading. Improved surveillance, as well as other regulatory activities, could decrease the rate of violative activity in the market, reducing investor losses due to violative activity. If investors expect fewer losses, this may increase capital formation by facilitating a market where investors could be more likely to mobilize capital into securities markets.
See Notice, supra note 5, at Section IV.E.2.c(1); see also CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(ii)(B)(1)-(2), B.7(b)(iii)(C).
FINRA currently provides cross-market surveillance, but limitations in the data (e.g., reliable cross-market linkages, customer identification, parent order identification) limit the scope and reliability of this surveillance.
In the Notice, the Commission discussed its preliminary belief that the CAT NMS Plan could provide additional increases to capital formation in the form of improved allocative efficiency of existing capital within the industry. If investors perceive an environment of improved surveillance, they could be willing to allocate additional capital to liquidity provision or other activities that increase market efficiency. Further, an environment of improved surveillance could result in the reduction of capital allocated to violative activities that impose costs on other market participants, because these market participants may no longer find it desirable to engage in behavior that exposes them to regulatory action.
The Commission explained, however, that market participants engaging in allowable activity that might be subject to additional regulatory scrutiny under the Plan could allocate capital to other activities to avoid this scrutiny, because even when activity is not violative, interacting with regulators can be costly for market participants. This reallocation away from allowable activity to avoid regulatory interactions could result in capital allocations that are less efficient.
See Section V.E.2.c., supra, for a discussion of the potential for the efficiencies in surveillance, examinations, and investigations to increase the number of regulatory actions, including investigations of conduct that turns out not to violate laws or regulations.
The Plan stated that the costs from CAT are unlikely to deter investor participation in the capital markets. The Commission noted, however, that the final costs of the Plan and the Funding Model for CAT are not wholly certain at this time; thus, it is the Commission's view that there is uncertainty concerning the extent to which investors will bear Plan costs and consequently to what extent Plan costs could affect investors' allocation of capital. Despite these potential costs to investors, the Commission noted that investors could believe that any additional benefits they receive from the potential of a market that is more effectively regulated justify any additional costs they pay to access capital markets.
See CAT NMS Plan, supra note 5, at Appendix C, Section B.8(c).
The Commission received several comments on whether the Plan would improve capital formation through investor protection against abusive behavior, and by fostering investor participation. One commenter stated that the Commission needs the CAT Plan not only to understand breakdowns in trading markets, but also to rid the markets of increasingly abusive trading practices. Doing this will protect investors, and foster investor participation, thereby fueling capital formation. Another commenter disagreed with the Commission's analysis and concluded that the Plan could adversely impact investors' trust in the markets because the Plan lacks connection with real-world problems (i.e., huge investment losses can be accumulated within a split-second; market collapse does not take more than one day; abusive use of financial engineering techniques to synthetically create trades/derivatives to bypass controls).
Better Markets Letter at 3.
Data Boiler Letter at 39.
In response to the commenter who mentioned that the Commission needs the CAT Plan to not only understand breakdowns in trading markets, but also rid the markets of abusive trading practices, the Commission has noted previously that CAT Data would help regulators with analysis and reconstruction of market events, and also help regulators identify violative behavior and abusive trading through their enforcement investigations.
See Section V.E.2.c(1), supra; Section V.E.2.c(3), supra.
The Commission also disagrees with the commenter who concluded that the Plan could adversely impact investors' trust in the markets because the Plan lacks a connection with “real-world problems.” The Commission believes the Plan has a connection with these “real-world problems” because as stated above, CAT Data would help regulators analyze and reconstruct markets, thereby helping them understand how split-second losses accumulate to investors and the underpinnings of market collapses. CAT Data would also help regulators with surveillance and investigation activities, and potentially help them to understand the abusive use of financial engineering techniques. The Commission therefore believes that the benefits that CAT Data would provide regulators would also provide benefits to investors of a safer environment for allocating their capital and making financial decisions.
See Section V.E.2.a., supra.
See Section V.E.2.c., supra.
Moreover, the changes to the Plan further support the Commission's preliminary conclusions. Requiring Industry Members to report their LEI to the Central Repository if they have one should result in a greater ability for regulators to identify traders based on their Customer-IDs for the purposes of SRO surveillance. Potentially improved data completeness in terms of Customer-IDs could result in greater benefits to surveillance that would spillover to capital formation than stated in the Notice.
b. Data Security
In the Notice, the Commission agreed with the Plan's assessment that data security concerns are unlikely to materially affect capital formation. In its discussion of capital formation, the Plan recognized that data security concerns could potentially impact capital formation through market participants' perception that sensitive proprietary data might be vulnerable in case of a data breach at the Central Repository. The Plan's analysis discussed the security measures that are required by Rule 613 and the manner in which they have been implemented in the Plan. It concluded that these security measures are sufficient and that it is unlikely market participants would reduce their participation in markets in a manner that would affect capital formation. The Commission agreed that concerns regarding data security are unlikely to substantially affect capital formation, but that some uncertainty about the risks exist because of the variations in the potential security solutions and their resulting effectiveness.
See Notice, supra note 5, at 30749-50.
Id. at 30749.
In the Notice, the Commission discussed how the consequences of a data breach, nonetheless, could be quite severe. A data breach could substantially harm market participants by exposing proprietary information, such as a proprietary trading strategy or the existence of a significant business relationship with either a counterparty or client. The Commission noted, however, that broker-dealers already bear such risks in transmitting regulatory data to SROs and the Commission. The Commission believed that the marginal increase in the risks to broker-dealers associated with a data breach would be unlikely to deter broker-dealers from participating in markets. Finally, the Commission noted that a data breach could potentially reveal PII of investors. To address the potential for harm to the investing public and the health of capital markets through such a breach, the Plan has enhanced requirements for security around PII. The Commission believed that the risk of a breach of PII data would not materially affect investors' willingness to participate in markets because they already face these risks with PII shared with broker-dealers, though not in one centralized location.
Several commenters wrote about data security, and the comments are summarized above in Section IV.D.6. Only one commenter discussed the effects of data security on capital formation. That commenter asserted that “[i]f investors perceive that the CAT NMS plan leaves their trading strategies and position information vulnerable to discovery and predatory use, interest in equity investing may decrease to the detriment of liquidity and, ultimately, capital formation.” The Commission agrees that investors are sensitive to the protection of their data. The Plan amendments and Participants' responses to comments provide more details about the required security provisions and more clarity on the applicability of Regulation SCI standards. The Commission believes that these changes should increase the security of CAT Data, and that concerns regarding data security are unlikely to affect capital formation substantially even though there may still be uncertainty regarding potential security solutions and their effectiveness.
ICI Letter at 3.
See Notice, supra note 5, at 30749.
4. Related Considerations Affecting Competition, Efficiency and Capital Formation
The Commission in the Notice recognized that the Plan's likely effects on competition, efficiency, and capital formation are dependent to some extent on the performance and decisions of the Plan Processor and the Operating Committee in implementing the Plan, and thus that there is necessarily some uncertainty in the Commission's analysis. The Commission noted that nonetheless, it believed that the Plan contains certain governance provisions, as well as provisions relating to the selection and removal of the Plan Processor, that mitigate this uncertainty by promoting decision-making that could, on balance, have positive effects on competition, efficiency, and capital formation.
See Notice, supra note 5, at 30750; see also the discussion of the CAT governance structure in Notice, supra note 5, at Section IV.E.4.d, supra.
See Notice, supra note 5, at 30750.
a. The Efficiency of the Plan
(1) Plan Decision-Making Process
The Commission in the Notice stated its preliminary belief that certain governance provisions in the Plan could create inefficiencies in the decision-making process, but that these inefficiencies are limited or exist to promote better decision-making. Specifically, the Notice stated that the Plan specified three types of voting protocols and when each protocol applies: Unanimous voting (only in three circumstances), supermajority voting (in instances considered by the Participants to have a direct and significant impact on the functioning, management, and financing of the CAT system), or majority voting (other, routine matters that arise in the ordinary course of business; as a practical matter the default standard). The Commission discussed how the Plan's voting protocols balanced the efficiency of the decision-making process against the value of considering minority and dissenting opinions. Furthermore, the Commission stated its preliminary agreement with the Plan's discussion of the need to balance efficiency in the voting protocols in the Plan and the Participants' conclusion that the inefficiencies in the voting protocols in the Plan are limited enough to strike a balance between the inefficiencies of the decision-making process and the quality of the decisions.
Id.
Id.
Id. at 30750-51.
The Commission further noted that the Plan discusses the role of industry representation as part of the governance structure. The Commission preliminarily agreed with the discussion in the Plan that including industry representation might result in a more efficiently designed CAT, but that an Advisory Committee also adds operational inefficiencies. The Commission further stated its preliminary belief that as long as the Advisory Committee adds sufficiently useful information, the benefits from the Advisory Committee would justify any operational inefficiencies from the inclusion of the Advisory Committee.
Id. at 30751.
Id.
Id.
The Commission is not revising its analysis of the efficiency of the Plan's decision-making process at this time. As discussed above, commenters provided information on concerns about current NMS Plan governance and made suggestions on how to more effectively include the Advisory Committee in decisions. However, these commenters did not provide new insights into the efficiency of the decision-making process itself. As noted above, changes to plan governance to provide greater prominence to certain views could improve plan decision-making, to the extent that better-informed decisions would be superior decisions; on the other hand, larger or more diverse sets of voices could result in deadlocked or delayed decisions, which would impede the efficiency of the decision-making process under the CAT Plan. However, as noted above, the Commission is considering changes more broadly to NMS Plan governance, and any such changes may impact the CAT NMS Plan.
See Section V.E.3.d(2)B, supra.
Id.
(2) Level of Detail in the Plan
The Commission in the Notice also considered an additional source of potential inefficiencies: Minimum standards for particular provisions or solutions in Appendix D of the Plan, rather than a specification of the solutions themselves in the Plan. The Commission stated that while this approach creates uncertainties surrounding the economic effects of the Plan in the approval process, it also means that the Operating Committee and/or Selection Committee would effectively decide upon the unspecified details when selecting the Plan Processor and when approving the Technical Specifications, and as a result could act much more quickly and at a potentially lower cost than if solutions were specified in the Plan. In addition, the Commission explained why specifying details in the Technical Specifications instead of the Plan could make the Plan more agile and efficient in its ability to upgrade and improve the CAT Systems quickly.
See Notice, supra note 5, at 30751
Id.
Several commenters sought to have certain definitions included in the Plan. Two commenters sought to have the Plan amended to specify certain of the Technical Specifications. Participants commented that incorporating Technical Specifications in the Plan itself would interfere with the development of these specifications by the Plan Processor, and that these items are better suited for the Technical Specifications than the Plan. In a similar context, Participants also stated that subjecting Technical Specifications to a full filing process with the Commission would introduce significant delays in the process of developing the Technical Specifications, but that matters that are sufficiently significant to require a change to the Plan would be subjected to Commission review.
TR Letter at 9-10; FIF Letter at 95-96; SIFMA Letter at 6.
TR Letter at 5; UnaVista Letter at 2; see also Bloomberg Letter at 6-7 (recommending that Section 6.3 of the Plan be amended to specify the use of a uniform, global, open, multi-asset identifier; suggesting one such identifier developed by the commenter).
Response Letter I at 40.
Id. at 42.
The Commission believes that commenters' requests that certain items be defined in the Plan are an implicit assertion that the Plan strikes the wrong balance with respect to the tradeoff identified in the Notice. In the Notice, the Commission was willing to accept the uncertainty created through the lack of definitions, in exchange for the benefits of permitting the relevant parties the flexibility to adopt the definitions or technical specifications at a later date, when the optimal approach to those issues might be more apparent, along with the flexibility to readily make changes to those items if challenges arise. By requesting that definitions or technical specifications be moved to the Plan, commenters advocate the opposite position: That it is acceptable to risk an inefficient definition in the Technical Specifications now, or to encounter delay or difficulty in changing it later, in exchange for added certainty in the definition or specifications as a part of the Plan approval process. The Commission disagrees. Given the technical nature of the technical specifications, and that the Plan does specify certain minimum standards that provide a floor and therefore certainty with respect to at least certain of the definitions and specifications, the Commission continues to believe that the existing process appropriately balances the need for certainty with the benefits of a flexible process going forward.
(3) Implementation Efficiency
In the Notice, the Commission recognized that provisions of the Plan should also promote efficiently implementing expansions to the CAT Data. Appendix C of the Plan notes that the Plan Processor must ensure that the Central Repository's technical infrastructure is scalable and adaptable. The Commission explained that these provisions should reduce the costs and time needed for expansions to the Central Repository.
See Notice, supra note 5, at 30751.
See CAT NMS Plan, supra note 5, at Appendix C, Section A.5(a).
Two commenters provided information relevant for the Commission's analysis of the efficiency of the initial implementation of the Plan more broadly. In particular, the commenters expressed concerns that the timeline for implementation, including the testing and publication and iterative reviews of the Technical Specifications, would not allow for efficient implementation, potentially affecting the quality of the data coming to CAT from the beginning of its operations. One commenter stated that building in additional capacity and flexibility to expand CAT further over time will increase the scope of efficiencies and ancillary benefits, including long-term cost reductions, even if that additional capacity and flexibility are not absolutely necessary to meet minimum Plan requirements. Other commenters asserted that the Plan Processor selection should occur before Commission approval of the Plan, because the selection could negate a significant amount of uncertainty regarding the ultimate effects of the Plan.
SIFMA Letter at 23-24; FIF Letter at 37 (requesting two iterative reviews of order data and customer information specifications before implementation; noting that the 5 months allotted between the production of the customer information specification and implementation for large industry members is similarly insufficient to permit development and testing of a complex new function).
Id. Per one commenter, an aggressive timeline that results in “[r]ushing to achieve artificial milestones established without knowledge of the development effort involved, or even the full functionality to be delivered, will only result in poorly built systems, inferior quality of data reporting, missed and delayed schedules and cost overruns, for the Plan Processor, the regulators and the broker-dealer community.” See also FIF Letter at 36.
SIFMA Letter at 5-6. The commenter mentioned that such additional capacity and flexibility could be in the form of information, products, or functionality.
TR Letter at 4; see also FSR Letter at 10 (recommending “acceleration of the Plan Processor selection process” in order to begin moving forward with formulation of technical specifications; “the release of final technical specifications should drive the implementation timeline”).
Participants responded to the technical specifications point by stating that they recognize the benefit of iterative interactions between broker-dealers and the Plan Processor in terms of developing and executing final system specifications, which is why Appendix C of the Plan calls for the publication of iterative drafts, as necessary. Participants responded to the comments regarding acceleration of Plan Processor selection by indicating that it would be infeasible to do so from a timing perspective; that the requirements of the CAT could change up until the point the Plan is approved, which could affect the selection process; and that selection is to be performed within two months of Plan effectiveness in any event.
Response Letter I at 41.
Response Letter I at 52.
The Commission considered the comments and the Participants' responses and now recognizes that the timeline for implementation can affect the efficiency of the initial implementation of the Plan. The timeline for implementation in the Plan includes a requirement for the Plan Processor to develop the Technical Specifications by publishing iterative drafts, as needed, and to publish the Technical Specifications one year before Industry Members are required to begin reporting data to the Central Repository, and to commence testing of connectivity and acceptance three months before Industry Members begin reporting data to the Central Repository. The Plan has also been amended to require that the development of the Technical Specifications will begin no later than fifteen months before Industry Member reporting commences. Furthermore, the Plan has been amended to require that the CAT testing environment will be made available to Industry Members on a voluntary basis no later than six months prior to when Industry Members are required to report and that more coordinated, structured testing of the CAT system will begin no later than three months prior to when Industry Members are required to report data to CAT.
See CAT NMS Plan, supra note 5, at Appendix C, Section C.10.
See Section IV.D.8.a, supra.
The Commission believes that the modification to the Plan requiring development of Technical Specifications at least 15 months before reporting begins will ensure more advance notice to the Participants about specific functionalities of CAT, and that this could potentially mitigate inefficiency in the implementation of the Plan. Moreover, modifications to the Plan requiring that the CAT testing environment be made available to Industry Members before they begin reporting will provide additional time for Industry Members to test their reporting procedures for the CAT System prior to implementation. They will also further mitigate inefficiencies related to the implementation of the Plan. Further, as explained below, the Commission understands that the Bids of the three remaining Bidders propose accepting existing messaging protocols (e.g., FIX), rather than requiring CAT Reporters to use a new format. This reduces some of the uncertainty regarding implementation times because CAT Reporters may not need to build new systems to report data to the Central Repository.
See Section IV.D.8, supra, for further discussion of the comments regarding implementation and the Commission's response.
See Section V.H.12.b, supra.
In response to the comment on building in additional capacity and flexibilities to expand further over time, the Commission believes that this comment is consistent with its analysis in the Notice that ensuring that the Central Repository's technical infrastructure is scalable and adaptable should reduce the costs and time needed for future expansions. Further, the Commission believes that provisions in the Plan already address this issue.
See Section IV.D.15, supra, for further discussion of scalability of the Plan.
With respect to accelerating the selection of the Plan Processor, this could trade one potential inefficiency for another: Whereas there could be greater certainty about the effects of the Plan by locking in certain choices in advance, locking in those choices could result in inefficiencies if modifications to the Plan in the approval process change the Plan Processor selection. As inefficiencies in the choice of the Plan Processor could persist for the length of the Plan Processor's tenure, the Commission believes selecting the Plan Processor a short number of months after the approval of the Plan balances the need for expeditiously moving forward with implementation choices to provide sufficient time for implementation with the need to select the Plan Processor best positioned to achieve the regulatory benefits of the Plan.
b. Selection and Removal of the Plan Processor
In the Notice, the Commission discussed the CAT NMS Plan's use of an “RFP” to select the Plan Processor that would design, build, and operate the Central Repository. The winning bidder becomes the sole supplier of the operation of the Central Repository. The Commission stated its preliminary belief that this structure is necessary to achieve the benefits of a single consolidated source of regulatory data, but that the competitiveness of the selection process would thus influence the ultimate economic effect of the Plan. The Commission further stated its preliminary belief that the selection process generally promotes competition, but that there are also a few potential limits on competition. With respect to the Plan Processor's behavior following selection, the Commission stated its preliminary belief that the threat of replacement of the Plan Processor could incentivize it to set costs and performance competitively, but that the high cost of replacing the Plan Processor could limit these incentives. These are discussed further below.
See Notice, supra note 5, at 30751
Id. It would do so because the “effects depend in large part on the efficiency and effectiveness of the Plan Processor.” Id.
Id.
Id. at 30752.
(1) Competitiveness of the Plan Processor Selection Process
In the Notice, the Commission stated its belief that two elements determine the competitiveness of the bidding process: The voting process and the degree of transparency in the bidding process. The Commission discussed its preliminary belief that the Plan provisions relevant to these two factors could promote competition in the bidding process and limit the risk that the selection of the Plan Processor would be affected by a conflict of interest, thereby promoting better decision-making. Specifically, the Commission noted that, in the voting process, there is “a residual risk in having an SRO among the bidders; it is possible that voting Participants would be biased for or against that SRO because they compete with that SRO in another market (and could gain a competitive advantage in that market by acting as Plan Processor) or because of repeated interactions with that SRO.” Moreover, the Commission noted that “to the extent the Operating Committee has specific preferred solutions as to how the Plan should be implemented, the degree to which the Committee is transparent about those preferences in the bidding process would affect the competitiveness of that process”—but that “[t]he Commission has no reason to believe that the Operating Committee has preferred solutions beyond what is in the Plan that would significantly impact the competitiveness of the Plan Processor selection process.”
Id.
Id.
Id.
One commenter stated that, rather than a competitive process for selection of the Plan Processor, the selection of FINRA would best promote efficiencies, as it appears to have the required technology mostly in place, or can easily adapt existing technology to CAT's requirements; it already deals with the CAT Data; and it already regulates broker-dealers and ATSs that will submit data to the CAT. The Participants responded that completing the competitive process is most likely to promote an innovative and efficient CAT solution.
Anonymous Letter I at 1, 19-20.
Response Letter I at 52.
In the Commission's view, a competitive process for the selection of the Plan Processor is most likely to lead to the best outcome for the CAT. The commenter has raised a number of reasons why FINRA's bid may be the most persuasive. However, different approaches embodied in different bids would be expected to embody different tradeoffs. These tradeoffs can be considered as part of a competitive bidding process, with the best bid chosen in the end. The Commission believes that completing the competitive bidding process is most likely to result in a CAT system that best balances cost, benefits, and efficiencies.
(2) Competitive Incentives of the Selected Plan Processor
In the Notice, the Commission discussed how the Plan could create competitive incentives for the selected Plan Processor by detailing strong requirements for the Plan Processor and providing an efficient mechanism to remove the selected Plan Processor and introduce an alternative Plan Processor in the event of underperformance. Here, the Commission stated its preliminary belief that the Plan provides the selected Plan Processor with competitive incentives because the Plan contains defined procedures for monitoring and removing the Plan Processor for failure to perform functions or otherwise. While removal for performance that is not “reasonably acceptable” is by Majority Vote of the Operating Committee, assessing the Plan Processor's performance and demonstrating failings may be difficult; if that standard is not met, then removal is by Supermajority Vote, which may be more challenging to attain. The degree of difficulty of removal thus could limit the Plan Processor's competitive incentives. Similarly, the potentially extensive costs of switching to another Plan Processor (including selection of a new Plan Processor, which could potentially require rebuilding the Central Repository and implementation of new Technical Specifications) could limit competitive incentives.
See Notice, supra note 5, at 30752-53. Specifically, with regard to removal, the Commission noted that “[t]he Plan contains several provisions that would allow the Operating Committee to remove the Plan Processor”—including in specified circumstances by “only a Majority Vote” which “incentivizes the Plan Processor to perform well enough to avoid being removed” but that it “depend[s] significantly on strong oversight by the Operating Committee.” Id. at 30753. However, the Commission also noted that it “recognizes that the effort required to remove a Plan Processor could be significant” and that “significant switching costs could influence whether removing a Plan Processor despite poor performance makes economic sense”—such that “the Plan Processor may only need to perform well enough to keep the inefficiencies associated with their performance from exceeding the cost to switch to another Plan Processor.” Id.
One commenter expressed a view that the continuing incentives of the Plan Processor are a legitimate concern, and that the contract with the Plan Processor should be rebid every 5 years, because it would “prevent the stagnation of the CAT system and encourage innovation” and “force the SEC to re-evaluate the performance of the system and the Plan Processor at least periodically, with the benefit of public input.” The Participants responded by asserting that the Operating Committee will be reviewing Plan Processor performance, and may remove the Plan Processor by Supermajority Vote at any time, or by a Majority Vote where the Plan Processor has failed to reasonably perform its obligations.
Better Markets Letter at 7.
Response Letter I at 52.
The Commission has considered the views of the commenter on the competitive incentives of the Plan Processor and continues to believe that the Plan provides competitive incentives to control costs and promote the performance of the Plan. The commenter did not provide any additional information or analysis that the Commission believes would warrant changes to its analysis, nor does the Commission believe that the modifications to the Plan warrant changes to this aspect of the economic analysis. With respect to the comment that suggested rebidding every 5 years, the Commission agrees that a rebidding process after some period of time could provide a focal point for determining whether other technologies or other entities could be preferable to the incumbent Plan Processor. However, the existing provisions for removing a Plan Processor in the event of underperformance, and the existing authority of the Commission to oversee the CAT NMS Plan, already provide some incentives for continuous CAT innovation and cost reductions. Moreover, a bidding process is not a costless exercise; it requires hundreds or thousands of hours of work on the part of bidders to prepare and submit bids, and Plan Participants to review bids. Additionally, it is not clear whether the rebidding process sought by the commenter would consider the costs to switch as part of the incumbent's bid (in which case it would significantly advantage the incumbent), or would consider bids without reference to incumbency (which could result in the imposition of inefficient costs if the benefits of the new Plan Processor do not exceed the costs to switch).
H. Alternatives
As part of its economic analysis, the Commission has considered the likely economic effects of a number of alternatives to the approaches taken in the CAT NMS Plan as amended. In the Notice, the Commission analyzed alternatives that could have a direct and significant impact on costs or benefits deriving from at least one of the four data qualities discussed above: Accuracy, completeness, accessibility, and timeliness.
See Notice, supra note 5, at 30754-76.
The Commission has considered the comments received on the alternatives discussed in the Notice, and continues to believe that the likely economic effects of the alternatives will be consistent with the preliminary conclusions set out therein, except where noted below. In several instances, the Commission did not receive any comments that disagreed with its analysis of the likely costs and benefits of a particular alternative, and the approach taken in the Plan with respect to these alternatives is consistent with the Commission's analysis. Where that is the case, the Commission has not discussed the alternative in this Order, and instead relies on the analysis in the Notice. These alternatives include: Requiring both Options Market Makers and Options Exchanges to report Options Market Maker quotations to the Central Repository; requiring CAT Reporters to report a unique Customer-ID for each Customer upon the original receipt or origination of an order; requiring CAT Reporters to report a universal CAT-Reporter-ID to the Central Repository for orders and certain Reportable Events; excluding the requirement to report Customer-IDs; excluding the requirement to report CAT-Reporter-IDs when a routed order is received; alternative intake capacity levels; data accessibility standards, and the exclusion of OTC Equity Securities.
Id.
Where commenters disagreed with Commission with respect to its analysis of an alternative approach, the Commission discusses the comments below and considers whether any changes are warranted to the Commission's analysis and conclusions. Where commenters agreed with the Commission's analysis, but the Plan's approach differs in some respect from the approach discussed by the Commission and the commenters, the Commission summarizes its analysis and the comments received, below. Where a Plan modification supersedes the alternatives discussed in the Notice, the Commission considers comments on those alternatives in the discussion of the costs and benefits of the Plan, above.
The Commission notes that some commenters also raised reasonable potential alternatives not discussed by the Commission in the Notice. If the Plan modifications do not incorporate the suggestions and the comment does not provide sufficient information for a fulsome economic analysis, the Commission responds to those comments above in the Discussion Section. If Plan modifications incorporate those suggestions, the Commission discusses the updates to its economic analysis to recognize the modification in the discussion of the costs and benefits of the Plan, above, and considers the points made by commenters therein. If the Plan modifications do not incorporate the suggestions and the comment does provide sufficient information for an analysis of the economic effects of the alternative, the Commission discusses the alternative below.
See Section IV., supra.
1. Timestamp Granularity
In the Notice, the Commission solicited comment on the benefits and costs of an alternative timestamp granularity requirement of less than one millisecond. The Commission's preliminary analysis of alternative clock offset tolerance requirements suggested that millisecond timestamps may be inadequate to allow sequencing of the majority of unrelated Reportable Events across markets. In addition, the Commission recognized that sub-millisecond timestamp reporting would bring certain benefits, but the benefits would be limited unless the Plan were to require a clock offset tolerance far lower than is proposed in the Plan. The Commission also recognized that implementation costs of sub-millisecond timestamps would likely vary across CAT Reporters, but such a requirement is unlikely to create significant additional costs for CAT Reporters.
See Notice, supra note 5, at 30764-65.
See Notice, supra note 5, at Section IV.E.1.b(2)B.
Four commenters addressed this alternative. Three were supportive of the Plan, and one was supportive of the alternative. The commenters that supported the Plan generally indicated that one millisecond timestamps should be sufficient to sequence events. One of these commenters added that it would be very difficult, costly, and disruptive to change the timestamp granularity for broker-dealers and would involve expanding database fields, expanding application interfaces, logging files and managing to a clock offset lower than 50 milliseconds. This commenter focused primarily on broker-dealers while noting that exchanges already have more granular timestamps. Another commenter that supported the millisecond standard in the Plan stated it was “okay” to require this standard, but added, “if certain categories of market participants can originate, modify, cancel, route, execute[,] trade, and/or allocate an order in substantially less than one millisecond, then they should record and report the time of each reportable event using timestamps reflecting their sub-millisecond or microsecond processing capability.” The final commenter that supported the millisecond standard disagreed that CAT Reporters should be required to report more granular timestamps when the Reporter captures that level of detail in its normal practice. The commenter stated that such reporting would require changes to all layers of servers, software and databases between the point of timestamp capture to the final CAT reporting layer, and would be unnecessarily expensive. The commenter supporting more granular timestamps stated that there would be benefits in certain circumstances, stating that the Plan's timestamp resolution “will be insufficient to show the precise time of the reportable activities” and “[f]or some practices, such as cancellations, stuffing, and other “noisy” behaviors . . . the Commission should require a more precise granularity to more comprehensibly and accurately capture the frequency and scale of such practices.”
FIF Letter at 112; SIFMA Letter at 34-35; Better Markets Letter at 8; Data Boiler Letter at 21.
FIF Letter at 112; SIFMA Letter at 34-35; Data Boiler Letter at 21. FIF provided additional insight into event sequencing possibilities.
FIF Letter at 112.
FIF Letter at 112.
Data Boiler Letter at 21.
SIFMA Letter at 35.
Better Markets Letter at 8.
In their response to the comment on the costs of requiring more granular timestamps when the Reporter captures that level of detail in its normal practice, the Participants stated their belief that as additional CAT Reporters capture timestamps that are more granular than that required by the Plan, the quality of data reported to the CAT will increase correspondingly.
Response Letter I at 28-29.
The Commission considered these comments and the Participants' response and now believes that the costs of requiring sub-millisecond timestamps could be significant for some broker-dealers, and also across broker-dealers, because the broker-dealer industry does not broadly apply sub-millisecond timestamps. In response to the commenters that stated that exchanges and certain other categories of market participants already may be capable of sub-millisecond timestamps, the Commission notes that if a CAT Reporter uses timestamps in increments finer than milliseconds, that CAT Reporter must use those finer increments when reporting to the Central Repository. Therefore, the Central Repository will capture finer timestamps in those cases. In response to the commenter who stated that the reporting of finer timestamps would be unnecessarily expensive for those Reporters who choose to capture finer timestamps, the Commission agrees that some Reporters may need to update their reporting systems to report these finer timestamps and therefore may incur additional costs. However, it is unclear to the Commission, and it was left unspecified by the commenter, how many CAT Reporters would need to update their systems and furthermore whether these Reporters would already be updating their systems in response to the Plan's millisecond reporting standard, so that only incremental costs above this standard should be considered. Finally, the Commission agrees with the Participants' stated view that the Plan provides for the quality of CAT Data to improve as CAT Reporters use more granular timestamps. However, because the broker-dealer industry does not broadly apply sub-millisecond timestamps, many CAT Reporters will use timestamps to the millisecond, and the Commission continues to believe that millisecond timestamps may be inadequate to allow sequencing of the majority of unrelated Reportable Events. The commenters supporting the Plan either state that one millisecond is “okay” or state that it is not possible to sequence “all” events regardless of timestamp granularity. The Commission acknowledges that seeking to sequence “all” unrelated Reportable Events may not be possible, but maintains, as discussed in the Notice, that a sub-millisecond timestamp could improve the ability to sequence the majority of orders, subject to limitations from the clock synchronization standard. However, the Commission is approving the Plan without modifying the requirements for timestamp granularity for the reasons discussed in Section IV.D.13, above.
FIF Letter at 112; Data Boiler Letter at 21.
See CAT NMS Plan, supra note 5, at Appendix C, Section A.3(c).
Response Letter I at 29.
See Notice supra note 5, at 30684-85.
2. Error Rate
In the Notice, the Commission solicited comments on the benefits and costs of alternative maximum Error Rates. While the Commission believed that most regulatory uses would involve data after T+5, the Commission noted that regulators also have essential needs for uncorrected data prior to T+5. Therefore, a lower Error Rate in data available before T+5 could, in certain regulatory contexts, be meaningful. Additionally, because OATS currently has a lower observed error rate than the rate in the CAT NMS Plan, a reduction in CAT Error Rates may accelerate the retirement of OATS. Further, the Commission noted that reducing Error Rates could increase the implementation and ongoing costs incurred by CAT Reporters and the Central Repository as compared to costs estimated in the Plan.
Id. at 30765-66.
The Commission received five comments on the level of the error rates. Two commenters supported the CAT NMS Plan's initial maximum Error Rate of 5% for CAT Data reported to the Central Repository. One of these commenters stated, “the proposed initial maximum error rate provides the appropriate level [of] flexibility while ensuring the data will be capable of being used to conduct market reconstruction.” One of the commenters that supported the Plan's error rates conditioned the support on measuring the error rate using post-correction errors, but provided no explanation for the condition. Another commenter that supported measuring the error rate post-correction stated the alignment of interests—the reporters would have an interest in the quality of the data most important to regulatory activities—but supported a “de minimis” error rate goal over time, indicating that uncertainty prevents the ability to predict when the Plan could achieve that goal. This commenter further stated that there are cost tradeoffs that CAT Reporters face when attempting to reduce their error rates. The commenter mentioned several methods that would increase the cost of implementation but that should decrease the overall yearly reporting cost for a Reporter and stated that Reporters will choose different approaches for correcting errors.
FSR Letter at 9; UnaVista Letter at 3-4; SIFMA Letter at 6; FIF Letter at 50; Better Markets Letter at 9.
FSR Letter at 9; UnaVista Letter at 3-4.
UnaVista Letter at 3.
FSR Letter at 9.
FIF Letter at 51-52.
FIF Letter at 55-56.
One commenter opposed the error rates in the Plan, arguing that they are too high, while the other two commenters expressed significant uncertainty associated with assessing the appropriate error rates. The commenter opposing the error rates in the Plan cited the industry's experience with OATS, while the commenters expressing uncertainty cited a lack of experience with reporting certain types of data (options, market making, customer information, and allocations) or by certain types of reporters (those with no regulatory reporting experience), steep learning curves to new reporting, and a lack of information in the Plan about the definition of an error and how it will be corrected.
Better Markets Letter at 9.
SIFMA Letter at 6; FIF Letter at 50.
FIF Letter at 50.
FIF Letter at 50.
SIFMA Letter at 6.
SIFMA Letter at 6; FIF Letter at 50.
Several commenters seemed to agree with the Commission that the error rates are important to retirement of duplicative systems, but that the specific error rate that could accelerate retirement is unknown. However, another commenter did not think that error rates should have a direct impact on system retirement.
SIFMA Letter at 6; FIF Letter at 50.
UnaVista Letter at 3.
Finally, one commenter opposed having different error rates for different types of CAT Reporters, stating that the Notice provided no compelling reason for excusing Small Industry Members from error rate requirements for the first two years while expressing an expectation that these reporters will account for a “massive amount of data.”
Better Markets Letter at 9.
The Commission has considered these comments and acknowledges the significant uncertainty associated with the determination of an appropriate Maximum Error Rate, as identified by commenters. This uncertainty arises from the fact that the Plan requires the reporting of certain types of data that are not currently reported, the Plan requires reporting by certain participants that do not have experience with such reporting requirements, and the Plan has a lack of information about the definition of an error and how it will be corrected. The Commission notes, however, that provisions of the Plan could allow adjustment of error rates as more information becomes available, particularly during testing, and that adjustments could be up or down depending on the results of this testing.
SIFMA Letter at 6; FIF Letter at 50.
In response to the commenter that suggested that the maximum error rate in the Plan should be lower and cited the industry's experience with OATS, the Commission reiterates what was mentioned in other comment letters and discussed above, that CAT reporting involves reporting certain types of data not currently reported and requires reporting by certain market participants that do not have experience with such reporting requirements, so that experience with OATS may not be applicable for CAT reporting. Therefore, the Commission continues to believe that reducing Error Rates in the Plan could increase the implementation and ongoing costs incurred by CAT Reporters and the Central Repository as compared to costs estimated in the Plan.
Better Markets Letter at 9.
The Commission agrees with commenters who indicated the need to tie error rates to retirement of duplicative systems. The Commission believes that regulators may find it advantageous to retain other systems until CAT Data is at least as accurate as those systems, and therefore continues to believe that reducing the maximum error rate could accelerate their retirement. However, the CAT NMS Plan does not require a particular target Error Rate before other systems can be retired, so the Commission continues to be unable to assess the benefits of specific maximum error rates as they relate to system retirement.
In response to the comments suggesting that the Plan focus only on post-correction error rates, the Commission agrees that the post-correction error rates, which the Plan states will be de minimis, are most important to data quality, but retains the belief that lower pre-correction error rates could be meaningful. This is because, as discussed in the Notice, regulators also have essential needs for uncorrected data prior to T+5, although the Commission believes that most regulatory uses would involve data after T+5.
With respect to the comment that expressed concern that if small broker-dealers voluntarily report to CAT during the first two years of CAT operations, then the utility of CAT will be diminished because they would be permitted to report with limitless errors, the Commission disagrees with this interpretation of the CAT NMS Plan, as discussed above because the Maximum Error Rate would apply to anyone reporting to CAT, whether mandated to do so in accordance with the CAT NMS Plan or voluntarily.
Better Markets Letter at 9.
See Section IV.D.10., supra.
3. Error Correction Timeline
In the Notice, the Commission solicited comment on an alternative error correction timeline to that proposed in the CAT NMS Plan. The CAT NMS Plan includes a deadline of T+3 for submission of corrected data to the Central Repository. The CAT NMS Plan also discusses recommendations from Financial Information Forum and SIFMA to impose an alternative T+5 deadline. The Participants state in the CAT NMS Plan that they believe it is important to retain the T+3 deadline in order to make data available to regulators as soon as possible.
See Notice, supra note 5, at 30766.
See CAT NMS Plan, supra note 5, at Appendix C, Section A.1(a)(iv).
Id. In earlier comment letters submitted to the Participants, FIF and SIFMA maintained that the T+3 deadline may not be feasible and would prove costly to market participants. See Letter from Manisha Kimmel, Managing Director, FIF, to the Participants, dated November 19, 2014, available at http://www.catnmsplan.com/industryfeedback/p601972.pdf;; Industry Recommendations for the Creation of a Consolidated Audit Trail (CAT), SIFMA, March 28, 2013, available at http://www.catnmsplan.com/industryfeedback/p242319.pdf.
See CAT NMS Plan, supra note 5, at Appendix C, Section A.1(a)(iv).
In the Notice, the Commission solicited comment on whether the CAT NMS Plan should impose a T+5 deadline for the submission of corrected data rather than the T+3 deadline. The Commission preliminarily believed that the delays in regulatory access from a T+5 deadline would reduce regulators' ability to conduct surveillance and slow the response to market events relative to the CAT NMS Plan. At the same time, the Commission also believed that T+5 error correction might reduce costs to industry relative to the CAT NMS Plan, although the Commission was not aware of any existing cost estimates.
See Notice, supra note 5, at 30766.
Two commenters disagreed with the T+3 error correction deadline proposed in the Plan. One of the commenters noted that the T+3 deadline “appears too aggressive at this time,” because “the fact that roll-out of the CAT will include a sharp learning curve for broker-dealers and regulators as they understand and absorb the intricacies of [a] new and complex system such as the CAT.” The commenter further stated that “the CAT NMS Plan should be amended to maintain current error correction timeframes until CAT reporting errors are analyzed and better understood by broker-dealers and exchanges, and regulators.”
FIF Letter at 3, 9, 52-53; KCG Letter at 9.
KCG Letter at 9.
Likewise, the second commenter maintained that the T+3 deadline may not be achievable until “the CAT system and its support infrastructure can be proven stable, . . . a body of supporting documentation . . . can be developed and absorbed by the CAT Reporters”, and CAT reporting errors are analyzed and better understood. The commenter suggested that the current OATS approach, under which firms have five days from the date they receive notice of the error to submit a correction, should be kept in place for the first year of CAT reporting for each group of CAT Reporters. The commenter noted that “a less aggressive, measured approach towards reduction in the error correction timeframe over time will produce better quality results, with less overall cost to the industry than the proposed approach.” Under this commenter's suggested approach, the deadline for the submission of corrected data would be 8:00 a.m. on T+6, with corrected data available to regulators by 8:00 a.m. on T+8, consistent with the current OATS approach. One commenter stated that the current approach was “feasible.”
FIF Letter at 52.
FIF Letter at 53.
FIF Letter at 59-60.
UnaVista Letter at 4.
In their response, the Participants stated that they believe that the prompt availability of corrected data is “imperative to the utility of the Central Repository,” and that the three-day error correction period “appropriately balances the need for regulators to access corrected data in a timely manner while taking into consideration the industry's concerns.” The Participants acknowledged that a five-day window for error correction is used for OATS reporting currently, but stated their belief that the window in the Plan would allow for better regulatory surveillance and market oversight. The Participants also stated that, based on a review of OATS data from August 2016, most errors reported to OATS were corrected within six business days of submission (approximately 91.26% of error corrections), with 26.46% of error corrections occurring one day after submission, and 59.45% of error corrections occurring six days after submission (i.e., on the rejection repair deadline). Additionally, approximately 0.48% of error corrections were made on the day of submission, approximately 4.86% of error corrections were made two to five days after submission, and the remaining approximately 8.75% of error corrections were made seven to 36 days after submission.
Response Letter I at 30.
Response Letter I at 30.
Response Letter III at 13. The letter states that the percentages were determined by FINRA based on a review of OATS data from August 2016.
Response Letter III at 13.
The Commission has considered the comments it received on whether the CAT NMS Plan should impose a T+5 deadline for the submission of corrected data, rather than the T+3 deadline, as well as the Participants' response.
The Commission recognizes that broker-dealers and regulators may face a learning curve as they adjust from the current OATS approach, under which firms have five days from the date they receive notice of the error to submit a correction, to the T+3 error correction deadline imposed by the Plan, which will allow firms approximately two days from the date they receive notice of the error to submit the correction. The Commission also recognizes that a T+5 deadline may be easier to achieve than the T+3 deadline, and therefore may be less costly. The Commission notes that, while the data provided by the Participants indicates that approximately 26% of error corrections currently are made on T+1, approximately 59% of OATS error corrections are currently made on T+6, the last day of the OATS error correction period, indicating that many OATS reporters will likely be required to change their error correction practices to achieve the T+3 deadline in the Plan. The Commission also recognizes that keeping a deadline of T+5 for the first year of CAT reporting for each group of CAT Reporters may potentially improve the quality of CAT Data during that year. However, the Commission believes that a T+5 deadline would reduce the timeliness benefits of the Plan by delaying regulatory access to CAT Data during that year. The Commission continues to believe that the delays in regulatory access from a T+5 deadline would reduce regulators' ability to conduct surveillance and slow the response to market events relative to the CAT NMS Plan, and would largely negate the timeliness benefits discussed above in connection with the error correction timeline.
Under the Plan's approach, the deadline for the Plan Processor to validate customer data and generate error reports is 5:00 p.m. on T+1, and the deadline for the submission of corrected data is 8:00 a.m. ET on T+3. See Appendix C, Section A.1(a)(iv).
See Section V.E.1.d, supra (noting that corrected OATS data is currently available to FINRA by T+8, and that under the Plan, regulators will be able to access corrected CAT Data three days earlier).
4. Requiring Listing Exchange Symbology
In the Notice, the Commission solicited comment on an alternative to the CAT NMS Plan that would allow CAT Reporters to report using their existing symbologies, rather than listing exchange symbology. The Commission discussed its preliminary belief that, in light of the requirement for the Plan Processor to maintain a complete symbology database, the requirement that CAT Reporters report using listing exchange symbology may result in unnecessary costs to CAT Reporters. Therefore, the Commission preliminarily believed that the alternative of allowing CAT Reporters to use their existing symbologies for reporting purposes could significantly reduce the costs for exchanges and broker-dealers to report order events to the Central Repository, as compared to the approach in the CAT NMS Plan, without a significant impact on the expected benefits of the Plan or the costs to operate the Central Repository.
See Notice, supra note 5, at 30769-70.
The Commission received three comments relevant to this alternative. One commenter stated that, “in order to minimize cost and invasiveness to the industry,” the Central Repository should accept existing symbology “as-is” rather than requiring listing exchange symbology. Another commenter stated that using listing exchange symbology was costly not only for equities, as discussed in the Notice, but also for options. The final commenter stated that, “it would be more efficient to have the Central Repository manage the mapping tables in one place, as it is less error prone . . . than to have all reporting broker-dealers mapping to their separate tables,” and that the use of existing symbology “does provide a data quality advantage.” However, the commenter also stated that it did not expect the elimination of the requirement to use existing symbology to result in a large cost savings. While the commenter did not explain why the cost savings would be minimal, as discussed in the Baseline Section above, the Participants' response notes that broker-dealers currently use listing exchange symbology to report to OATS and existing messaging protocols do not necessarily use a standard symbology. Therefore, in the absence of such a requirement, CAT reporters might use “bespoke” symbologies to report that would be difficult for the Central Repository to map.
Data Boiler Letter at 37-38.
See Notice, supra note 5, at 30730.
Bloomberg Letter at 5.
FIF Letter at 95.
FIF Letter at 95.
FIF Letter at 95.
In the Participants' response, the Participants stated their belief that the requirement for CAT Reporters to use listing exchange symbology “is the most efficient, cost-effective and least error prone approach to symbology,” and that based on discussions with the DAG, it is their understanding that “all Industry Members subject to OATS or EBS reporting requirements currently use the symbology of the listing exchange when submitting such reports.” They further stated that allowing CAT Reporters to determine symbology would “require each CAT Reporter to submit regular mapping symbology information to the CAT, thereby increasing the complexity and likelihood for errors in the CAT.” However, the Participants stated that they “understand that some industry messaging formats, such as some exchange binary formats, require symbology other than the primary listing exchange symbology,” and that in these and similar cases, the Participants recommended that the Plan be amended to permit the use of the required symbology. The Participants also added that, based on their understanding of current practices, Industry Members currently employ technical solutions and/or systems that allow them to translate symbology in the correct format when submitting data to exchanges.
Response Letter II at 7.
Response Letter II at 7.
Response Letter II at 7.
Response Letter III at 13.
The Commission is revising its economic analysis of this alternative in light of the comments and the Participants' response. While commenters generally agreed with the Commission's analysis in the Notice, they seemed to indicate that the cost savings from a requirement to use existing symbology would not be large. Further, the additional baseline information in the Participants' response also suggests that the cost savings might not be significant. The Commission's analysis in the Notice hinged on the necessity of running an additional process on messaging protocol data prior to submitting the data. The Commission believed the cost savings and the data quality benefits would come from avoiding this additional process, which would need to be built and maintained and could add errors to the data. However, the Participants' response indicates that existing messaging protocols may already have integrated processes that translate symbols efficiently and accurately prior to routing to an exchange. While the Participants' response does not indicate that the messaging protocols translate symbols for other types of messages, the Commission presumes that the functionality should be transferable to other message types, including order originations and routes to other broker-dealers. Because this functionality operates for business purposes, broker-dealers have a strong incentive to ensure its accuracy. Therefore, the Commission no longer believes that eliminating the requirement to translate symbols would improve accuracy and significantly reduce costs. In addition, the Commission now believes that eliminating the requirement could result in an additional cost to the Central Repository and a potential reduction in accuracy because it could involve having to map “bespoke” symbologies into one standardized symbology.
5. Clock Synchronization Logging Procedures
In the Notice, the Commission solicited comments on an alternative that would require logging only exceptions to the clock offset (i.e., events in which a market participant checks the clock offset and applies changes to the clock). While logging every event, including clock offset checks, may be cost effective with longer clock synchronization tolerances, the Commission questioned whether logging each event is cost effective with finer clock offset tolerances, given the large number of events expected for the proposed and alternative clock synchronization standards. The Commission explained that it could not quantify the reduction in costs from this alternative because it lacked data on the proportion of clock synchronization costs that are associated with event logging and the proportion of those costs that could be avoided by alternative event logging requirements. The Commission discussed its preliminary belief that any reduction in benefits from this alternative, as compared to the CAT NMS Plan's approach for clock synchronization, would be minor because the inclusion of clock synchronization checks that required no clock adjustment would not improve regulators' ability to sequence events. The Commission noted, however, that enforcement of clock synchronization requirements could be more difficult without comprehensive logging requirements that document firms' actions to comply with requirements; consequently, relaxing the logging requirement could also reduce incentives to comply with the clock synchronization requirements.
See Notice, supra note 5, at 30764. This is one of the alternatives suggested in the FIF Clock Offset Survey. See supra note 247.
As discussed above, one commenter supported the alternative raised by the Commission that any requirement to maintain a log of clock synchronization events should only require logging of clock synchronization exceptions, not all clock synchronization events, noting that requiring logging of all events would be costly for some broker-dealers. However, the commenter did not provide any additional information that would allow the Commission to quantify the cost savings of logging only these events. Therefore, while the Commission continues to believe that there could be cost savings from logging only exceptions to the clock offset, the Commission remains unable to quantify the reduction in costs from this alternative. The Commission continues to believe that any reduction in benefits under this alternative approach would be minor, but that enforcement of clock synchronization requirements may be more difficult, which may reduce incentives to comply with the clock synchronization requirements.
See Section IV.D.13, supra.
FIF Letter at 108, 122.
6. Data Accessibility Standards
In the Notice, the Commission solicited comment on alternative approaches to the manner in which the CAT NMS Plan provides data access to regulators. The Commission discussed the requirements for regulatory access to the Central Repository, explaining that the CAT NMS Plan could result in many improvements to regulatory activities such as surveillance, examinations, and enforcement, but that these benefits may not be fully realized if access to data is cumbersome or inefficient. The Commission solicited comment on each of the minimum data accessibility standards required in the Plan. The Commission also discussed several examples in particular, and requested comment on alternative standards that might be adopted in each case.
See Notice, supra note 5, at 30770.
In the Notice, the Commission noted that the CAT NMS Plan requires query responses for various types of queries of 5 minutes, 10 minutes, 3 hours, and 24 hours, where the simplest queries involving scanning narrow sets of data would be required to return in 5 minutes and complex queries scanning multiple days of data and returning large datasets would be required to return within 24 hours. While the benefits of direct access to CAT Data depend on reasonably fast query responses, the Commission recognized that faster query response times come at a cost. The Commission stated that it did not have detailed information on significant breakpoints in those costs to judge whether slightly longer response times than those in the Plan could significantly reduce the costs of developing, maintaining, and operating the Central Repository. The Commission recognized that the detailed information on numerous other minimum standards regarding regulator access to CAT Data is similarly unclear. Therefore, the Commission requested comment regarding all standards for regulatory access and whether technology creates natural breakpoints in costs such that a particular alternative could reduce the costs of the Plan without significantly reducing benefits or could increase benefits without significantly increasing costs.
Commenters made a number of suggestions regarding data accessibility standards. One commenter stated that it was unclear whether the CAT would be able to support various types of data analysis by regulators within the Central Repository, and noted that, without that ability, all of the analyses must be done outside of the CAT Repository and within the regulators' own infrastructure, which would require bulk extraction and could lead to increased costs and security concerns due to the need to store multiple copies of CAT Data with various SROs. The commenter recommended that the Plan clearly specify the analytical capability requirements with respect to the Central Repository. Another commenter recommended that the CAT support real-time ingestion, processing and surveillance, and that the CAT provide regulators with access to real-time analytics. One commenter believed that the proposed model and timeframe for regulatory access is consistent with the Commission's regulatory objectives, but recommended the use of pre-defined extract templates and uniform global formats such as ISO 20022 to allow for exchange of data between both national and global regulators. That commenter also suggested that there should be an ability for regulators to perform analyses within the CAT environment, and that there should be flexible search/filtering capabilities.
SIFMA Letter at 33.
SIFMA Letter at 33.
Data Boiler Letter at 1, 10.
UnaVista Letter at 4.
UnaVista Letter at 4.
In their response, the Participants stated that, with respect to the analytical requirements of the Central Repository, they believe the details in the Plan are sufficient, and noted that Section 8 of Appendix D of the Plan describes various tools that will be used for surveillance and analytics. They also noted that it would be “counterproductive from a regulatory oversight perspective to provide significant detail regarding the surveillance processes of the regulators.” With respect to real-time ingestion, processing, surveillance, and analytics, the Participants noted that Rule 613 does not provide for real-time reporting. With respect to pre-defined extract templates and uniform global formats, the Participants noted that the Plan requires data extracts to use common industry formats. The Participants also stated that they expect that the requests from regulators other than those regulators permitted access to the CAT (such as foreign regulators and other U.S. government agencies) will be on an ad hoc basis pursuant to applicable information sharing agreements, and would be accommodated on a case-by-case basis.
Response Letter I at 42.
Response Letter I at 43.
Response Letter I at 43.
Response Letter I at 43.
The Commission has considered the comments received and the Participants' response. With respect to the suggestion that the Plan clearly specify the analytical capability requirements with respect to the Central Repository, the Commission notes that, while the Plan provides detail on the method of access and the type of queries that regulators could run, many of the decisions regarding access have been deferred until after the Plan Processor is selected and finalizes the Technical Specifications. In particular, as discussed in the Notice, the details of functionality and performance of the final system are still to be determined. The Commission believes that an alternative approach that clearly specified the required analytical capabilities of the Central Repository would reduce the uncertainty with respect to the expected benefits of the Plan in terms of accessibility. However, the Commission does not have sufficient information to estimate the costs of requiring the Central Repository to provide specific analytical capabilities, because the Commission lacks information on the costs of building those capabilities into the Central Repository as opposed to using outside servers.
SIFMA Letter at 33.
See Notice, supra note 5, at 30691.
The Commission does not agree with the commenter that stated that an approach requiring bulk extractions by regulators is likely to increase the Participants' costs significantly relative to an approach whereby regulators perform analyses within the Central Repository. The Commission acknowledges that hosting large databases is costly, but it believes that SROs are likely to consider the cost implications when contemplating replicating large portions of the Central Repository within their IT infrastructure, and presumably will only replicate the data when it is efficient for them to do so. In response to the commenter that stated that frequent bulk extractions of data by regulators may result in an increased security risk, the Commission notes that, as discussed above, in order to extract, remove, duplicate, or copy CAT Data into their own local server environment, the Participants will be required to have policies and procedures regarding CAT Data security that are equivalent to those implemented and maintained by the Plan Processor for the Central Repository, and that each Participant must certify and provide evidence to the CISO of the Plan Processor that its policies and procedures for the security of CAT Data meet the same security standards applicable to the CAT Data that is reported to and collected and stored by the Central Repository. This requirement should mitigate any increased security risk associated with bulk extractions.
SIFMA Letter at 33.
See Section V.F.1, supra, for further discussion of the costs of bulk downloads by the Participants.
See Section IV.D.6.f, supra.
Id.
See Section IV.D.6.o, supra.
In response to the suggestion that the CAT NMS Plan incorporate real-time analytics, the Commission notes that this would require real-time reporting. As discussed further above, the Commission considered whether CAT Reporters should be required to report data in real-time when it adopted Rule 613 under Regulation NMS. While the Commission acknowledged that there might be advantages to receiving data intraday, it stated that the greater majority of benefits that may be realized from development of the CAT do not require real-time reporting. Further, the Commission recognized that not requiring real-time reporting upon implementation could result in cost savings for industry participants. The Commission therefore believes that any alternative approach that required real-time reporting would increase the costs of the Plan significantly. However, the commenter did not provide sufficient information to allow the Commission to further analyze the benefits and costs of this alternative.
Data Boiler Letter at 1, 10.
See Section IV.D.3, supra.
See Adopting Release, supra note 14, at 45765. Indeed, Rule 613 stated that the CAT NMS Plan may not impose a reporting deadline earlier than 8:00 a.m. ET. 17 CFR 242.613(c)(3).
See Adopting Release, supra note 14, at 45768.
Id. at 45769.
The Commission agrees with the commenter that suggested that using pre-defined extract templates and uniform global formats such as ISO 20022 could have some benefits in terms of facilitating the exchange of data between national and global regulators. As the Participants note, the Plan requires data extracts to use common industry formats, but it does not require a particular format. However, as explained above and in Section IV.D.2, when selecting a Plan Processor, the Participants will consider whether a Bidder has proposed a format that is easily understood and adoptable by the industry, and the Commission believes that the message format decision must be made in connection with developing the overall architecture for CAT.
Response Letter I at 43.
For further discussion of the alternatives related to the data ingestion format, See Section V.H.12, infra.
7. Clock Synchronization Hours
In the Notice, the Commission solicited comment on alternative requirements for the times during which clock synchronization is required that would provide more flexibility than the requirements of the Plan. The Commission discussed its preliminary belief that an alternative that does not require synchronizing clocks when servers are not recording Reportable Events or when precise timestamps are not as important to sequencing, such as outside of normal trading hours, would not materially reduce benefits. Given the responses to the FIF Clock Offset Survey, the Commission also stated that it preliminarily believed that this alternative could reduce costs, because synchronization activities and log entries related to those events would not be as beneficial outside of normal trading hours. The Commission noted, however, that it did not have information necessary to quantify the cost reduction from this alternative because cost information available to the Commission is not broken down by time of day or server status.
See Notice, supra note 5, at 30764.
One commenter supported alternative clock synchronization hours, stating off-hours clock synchronization “isn't needed from either a business or regulator perspective” and that “without this provision, firms would require additional off-hours staffing, or it will prevent the off-hours support staff from focusing on more pressing issues that need to be resolved during off hours.” However, the commenter did not provide any additional information that would allow the Commission to quantify the potential cost savings. The Commission continues to believe that an alternative that does not require synchronizing clocks when servers are not recording Reportable Events or when precise timestamps are not as important to sequencing, such as outside of normal trading hours, would not materially reduce benefits. The Commission also believes that this alternative could reduce costs, but continues to lack the information necessary to quantify the potential cost reduction.
FIF Letter at 122-23.
8. Primary Market Transactions
As set out in the Notice, the CAT NMS Plan does not require the reporting of any primary market information to the Central Repository. However, as required by Rule 613(i), the CAT NMS Plan commits to incorporating a discussion of how and when to implement the inclusion of some primary market information into a document outlining how additional Eligible Securities could be reported to the Central Repository (the “Discussion Document”), which would be jointly provided to the Commission within six months after effectiveness of the Plan. Additionally, as required by Rule 613(a)(1)(vi), the Plan includes a discussion of the feasibility, benefits, and costs of including primary market transactions in the CAT NMS Plan. As explained in the Notice, the discussion in the CAT NMS Plan divides the primary market information into two categories: Information on top-account allocations and information on subaccount allocations. Top-account allocations refer to allocations to institutional clients and retail broker-dealers during the book-building process. Top-account institutions and broker-dealers make the subsequent subaccount allocations to the actual accounts receiving the shares. The Plan concludes that including information on subaccount allocations in the CAT would provide significant benefits without unreasonable costs, while including information on top-account allocations would provide marginal benefits at significantly higher costs.
See Notice, supra note 5, at 30772.
See CAT NMS Plan, supra note 5, at Appendix C, Section C.9. Section 6.11 of the Plan satisfies a requirement in 17 CFR 242.613(i) to plan for expansion.
17 CFR 242.613(a)(1)(vi); CAT NMS Plan, supra note 5, at Appendix C, Section A.6.
See Notice, supra note 5, at 30772.
See CAT NMS Plan, supra note 5, at Appendix C, Section A.6(b)-(c).
As discussed in the Notice, the Plan states that “the Participants are supportive of considering the reporting of Primary Market Transactions, but only at the subaccount level, and would incorporate analysis of this requirement, including how and when to implement such a requirement, into their document outlining how additional Eligible Securities could be reported to the Central Repository, in accordance with SEC Rule 613(i) and Section 6.11 of the Plan.” The Plan therefore would limit the discussion of reporting primary market transactions in the Discussion Document to the subaccount level.
Id. at Appendix C, Section A.6(c).
In the Notice, the Commission solicited comment on the alternative approach that would broaden the required scope of the discussion of primary market allocation information in the Discussion Document to include an analysis of incorporating both top-account and subaccount allocation information for primary market transactions into the CAT. To assess this alternative, the Commission examined the benefits and costs of ultimately including top-account allocations in the CAT. The Commission preliminarily believed that the potential benefits of including top-account allocation information in the CAT could be significant and that the costs of including top-account allocation information could be lower than what is described in the CAT NMS Plan and appropriate in light of significant potential benefits. For these reasons, the Commission preliminarily believed that top-account allocation information should not be excluded from the Discussion Document.
See Notice, supra note 5, at 30772.
Id.
In the Notice, the Commission discussed several benefits of including top-account allocation information, in addition to subaccount allocation information, for primary market transactions in CAT. First, the Commission noted that top-account allocation information would be necessary to surveil for prohibited activities in the book-building process and would improve the efficiency of investigations into such prohibited activities. For example, examinations of “spinning,” “laddering,” and other “quid pro quo” arrangements would benefit from inclusion of top-account allocation information in CAT Data. Second, the Commission noted that top-account allocation information would provide very useful insights into IPO and follow-on allocations in market analysis and that such insights would help inform rulemaking and other policy decisions.
Id. at 30773.
As discussed in the Notice, the CAT NMS Plan estimates that for broker-dealers to implement a system to record and report both top-account and subaccount allocation information for primary market transactions would cost $234.8 million, whereas implementing a system with only subaccount information would cost $58.7 million. The inclusion of top-account allocation information accounts for the difference of $176.1 million.
Id.
See CAT NMS Plan, supra note 5, at Appendix C, Section A.6(c).
In the Notice, the Commission discussed its preliminary belief that the implementation costs of adding top-account allocation information may be lower than those estimated in the CAT NMS Plan, for several reasons. First, the Commission noted that, in combination with an alternative that would require less granular timestamps or a larger allowable clock offset on less time-sensitive systems, including the systems for reporting top-account allocation information, the costs for including top-account allocation information would be lower than indicated in the Plan. Second, the Commission noted that the Plan's estimate was sensitive to the number of underwriters. In particular, the estimates assumed that all underwriters participating in an offering would need to implement changes for top-account allocation information. In contrast, the Commission suspected that lead underwriters could have all of the information necessary to report the top-account allocation information. If so, then only the lead underwriters would need to implement systems changes to report top-account allocation information. Estimating costs only for lead underwriters could result in a much smaller estimate.
See Notice, supra note 5, at 30773.
The Commission noted that it did not have an estimate of the ongoing costs of underwriters reporting top-account allocation information. However, the Commission preliminarily estimated that the reporting of primary market transactions would generate a total of 1.2 million CAT Reportable Events per year. The Commission noted that this total was much smaller than the number of Reportable Events in the secondary market (trillions). The Commission preliminarily believed that the ongoing costs of reporting primary market transactions would be a fraction of the ongoing costs of secondary market reporting and would likely be supported by staff already engaged to maintain CAT reporting.
Id. at 30773-74.
The Commission received three comment letters that provided information relevant to the Commission's economic analysis of this alternative, though the comments focused more on the inclusion of primary market transactions in the initial phase of the Plan as opposed to in the Discussion Document. In particular, commenters provided information relevant to the baseline, benefits, and costs of the inclusion of top-account primary market information in the Plan.
Commenters also provided general information on primary market transactions that could inform the Discussion Document. See FIF Letter at 118-20; SIFMA Letter at 36; Hanley Letter at 1-6.
Commenters provided information relevant to the current baseline of the underwriting process and primary market transaction records. One commenter documented significant diversity across underwriters in the volume of deals and workflows and provided more precise information on that diversity than included in the Notice or Plan. The commenter further stated that the processes that handle top-account allocations are very separate from the secondary market systems. Another commenter described three stages in the offering process: (1) Preliminary indications of interest, (2) final top-account allocation, and (3) subsequent subaccount allocations. Both commenters agreed that indications of interest in top-account allocations can change numerous times, but one commenter indicates the existence of a final top-account allocation (Stage 2) while the other does not.
FIF Letter at 118-19.
Hanley Letter at 4.
FIF Letter at 118; Hanley Letter at 4.
Two commenters provided different perspectives on the benefits of including top-account allocation information in the Discussion Document. One commenter emphasized that many benefits could only be achieved by requiring the reporting of primary market transactions at both the top-account and the subaccount allocation levels. In particular, the commenter maintained that because lead underwriters were responsible for the top-account allocations, some abuses, such as “spinning,” “laddering,” “quid pro quo,” Rule 105 violations, and manipulation, could only be present in these allocations. Further, this commenter also stated that top-account information would facilitate analyses of the value of discretionary allocation in book-building for issuers. This commenter also indicated that final top-account allocations should be sufficient to achieve such benefits, while also indicating that information on the indications of interest was crucial for the understanding of the capital formation process and for designing efficient regulations that would facilitate capital formation without compromising investor protection. The other commenter believed that having only subaccount primary market allocation information is less valuable from a regulatory perspective than having both subaccount and top-account allocation information.
Hanley Letter at 4.
Hanley Letter at 4.
Hanley Letter at 5-6.
FIF Letter at 120.
The Commission received three comment letters relevant to the costs of including top-account allocation information in the Plan. All three commenters indicated that it would be very costly to include top-account allocations in the Plan, but one commenter limited this conclusion just to the inclusion of indications of interest. According to the commenters, these costs generally stem from added complexity and a lack of standardization in book-building processes. Another commenter noted that top-account allocations would be less feasible to report than subaccount allocations and cited to information from the DAG. One commenter disagreed with the Plan's cost estimates of $176 million for including top-account allocation information in the Plan and provided an alternative estimate of $864,000 per year. Another commenter indicated that the Plan's estimates amounted to guesswork and that the $176 million estimate in the Plan does not contemplate reporting all the events in a deal's lifecycle, but does not indicate which events it does include.
FIF Letter at 120; Hanley Letter at 4; SIFMA Letter at 36.
Hanley Letter at 4.
SIFMA Letter at 36.
Hanley Letter at 4-5.
FIF Letter at 120.
Two commenters recommended additional analysis on some or all top-account allocation information, but neither specifically mentioned the Discussion Document. One commenter noted having little information about the requirements of reporting top-account allocation information and that subaccount allocation information is a good first step toward potentially collecting complete information on primary market activities that would allow time to study the complexities and difficulties associated with reporting top-account allocations. This commenter also attempted a further study of more generally including primary market information in the Plan but noted that the 60-day comment period did not permit a larger, more in depth study. Another commenter suggested considering an alternate reporting scheme for indications of interest other than CAT that better balances the costs of producing data indications of interest but does not diminish the usefulness of such data.
FIF Letter at 13, 120.
FIF Letter at 119.
Hanley Letter at 5-6.
In their response, the Participants reiterated their support for the inclusion in the CAT of subaccount allocations in Primary Market Transactions, but not top-account allocations, and reiterated the conclusions from the Plan that reporting top-account allocations would likely impose significant costs to CAT Reporters while only providing a marginal additional regulatory benefit over subaccount allocation data. In response to comments regarding the scope of top-account allocation information, the Participants restated the definition in the Plan that top-account allocations are allocations to institutional clients or retail broker-dealers, which are conditional and may fluctuate until the offer syndicate terminates. The Participants did not respond to the comment that the cost estimates in the Plan do not contemplate reporting all events in a deal's lifecycle and did not further discuss why top-account allocation information should not be included in the Discussion Document.
Response Letter I at 49.
Response Letter I at 50.
The Commission is revising its analysis of the economic effects of including top-account primary market transactions in the CAT and thus of whether top-account allocations should be included in the Discussion Document in light of comments and the Participants' response. With respect to the benefits of including top-account allocation information, in addition to subaccount allocation information, in the CAT, none of the commenters disagreed with the Commission's analysis. In fact, the Commission is expanding its analysis to include the additional benefits noted by one commenter that the Commission had not previously considered, namely better understanding the economics of the offering process and better identifying manipulative activities. Further, the Participants' response provided no new information on why Participants believe top-account allocations provide only a marginal regulatory benefit over sub-account allocation data. Therefore, the Commission continues to believe that top-account primary market allocation information would provide significant regulatory benefits.
Hanley Letter at 1-4.
With respect to the costs of including top-account allocation information in the CAT, the Commission notes that the estimate of $864,000 per year provided by one of the commenters may not be comparable to the estimate of $176.1 million provided in the CAT NMS Plan. This is because the latter estimate reflects the implementation costs of adding top-account allocation information, while the former estimate seems to measure the ongoing annual costs to maintain the reporting.
At the same time, the Commission believes that the commenter's analysis of costs is consistent with the Commission's analysis in the Notice in two respects. First, the commenter's analysis is consistent with the Commission's preliminary conclusion that requiring less granular timestamps for reporting top-account allocation information would result in lower costs for top-account allocation information than indicated in the Plan. Second, the commenter's estimate that reporting top-account allocation information would cost $864,000 per year in ongoing costs is consistent with the Commission's preliminary conclusion that the ongoing costs of reporting primary market transactions would be a fraction of the ongoing costs of secondary market reporting. Indeed, $864,000 per year represents a small fraction of the total ongoing annual cost of CAT, which the Commission estimates to be $1.7 billion per year.
See Section VI.F.2, supra.
With respect to the commenter who indicated that the cost estimates in the Plan did not contemplate indications of interest, the Commission notes that the Plan defines top-account allocations to include indications of interest—“conditional and may fluctuate until the offering syndicate terminates” —and suggests that its cost estimates for top-account allocations therefore include indications of interest. However, because this commenter conducted the study that provides the basis for the Plan's cost estimate, the Commission believes that the commenter is correct and that the cost estimates in the Plan do not represent the costs of top-account allocations as defined in the Plan (i.e., the estimates do not cover indications of interest). That said, no comments directly disagreed with the reasons that the Commission provided in the Notice for why the Commission preliminarily believed the costs estimates in the Plan overstated the costs of including top-account allocation information in the Plan. Therefore, in light of the comments, the Commission is less clear on the magnitude of the costs of including top-account allocation information in the Plan.
See CAT NMS Plan, supra note 5, at Appendix C, Section A.6(a).
See Notice, supra note 5, at 30773.
In response to the commenters that indicated that additional analysis or consideration of including top-account allocation information in the Plan would be beneficial, the Commission notes that including this alternative in the Discussion Document provides an opportunity for this additional analysis and consideration. The Discussion Document will provide an outline of how the Participants could incorporate top-account allocation information into the CAT Data and include details for each order and Reportable Event that may be required to be provided, which market participants may be required to provide the data, the implementation timeline, and a cost estimate. Indeed, in addition to the commenters' suggestions for more study, the Commission believes that the information from commenters regarding the benefits of the different types of top-account allocation information, and the questions surrounding the cost estimates in the Plan, suggest that investors could benefit from the additional analysis that would be included in the Discussion Document.
9. Periodic Updates to Customer Information
In the Notice, the Commission solicited comment on an alternative that would eliminate the requirement for periodic full refreshes of customer information. The Commission stated that the requirement for periodic full refreshes could be redundant if the initial list and daily updates are complete and accurate and would, therefore, provide no additional benefit. Further, not requiring these periodic refreshes could reduce the risk of a security breach of personally identifiable information. Therefore, the Commission preliminarily believed that removing the requirements for periodic full refreshes of customer information could minimally reduce the cost of the Plan without materially reducing the benefits.
See Notice, supra note 5, at 30775-76.
The Commission received two comments relevant to this alternative. One commenter suggested “having the functional support for a voluntary full refresh, but . . . eliminat[ing] the mandated requirement to provide full refreshes periodically,” and stated that, “the initial load, daily updates and standard error processing should be sufficient to maintain data integrity.” That commenter went on to state that it “may be easier to define all active customers to CAT, or just active customers who have transacted in NMS securities.” The commenter stated that removing the requirement may “only slightly reduce the burden or cost,” although it would improve the overall security of the CAT. Another commenter stated their belief that, “periodic refreshes of all customer information to the Central Repository is a bad idea.” In their response, the Participants stated that they believe that a periodic refresh of customer information is beneficial because it will help to ensure that all customer information remains accurate and up to date. The Participants noted the provisions in the Plan with respect to information security. The Participants also noted that the Plan provides that the Participants will define the scope of what constitutes a “full” customer information refresh with the assistance of the Plan Processor to determine the extent to which inactive or other accounts would need to be reported.
FIF Letter at 22.
FIF Letter at 93.
Data Boiler Letter at 41.
Response Letter I at 31-32.
Response Letter I at 31-32.
Response Letter I at 31-32.
The Commission has considered the comments and the Participants' response and continues to believe that removing the requirements for periodic full refreshes of customer information could minimally reduce the cost of the Plan without materially reducing the benefits. Specifically, the Commission agrees that allowing market participants to periodically refresh their customer information but dropping the requirement that they refresh it regularly would reduce costs to broker-dealers because broker-dealers could choose to do a refresh when they believe a full refresh would be more cost effective than editing individual records, while not requiring them to do a refresh when they believe their customer information stored in the Central Repository is accurate. Having a full refresh as an option would save broker-dealers the costs associated with running a refresh procedure when it is not needed, but allowing it when it is efficient for the broker-dealer to update its customer information in this manner. The Commission disagrees with the comment that periodic refreshes are a “bad idea” in general. As discussed above, the Commission recognizes that periodic refreshes introduce an opportunity for correct data in the Central Repository to be replaced by incorrect data due to a problem in the refresh procedure. However, the Commission also believes that periodic refreshes provide an opportunity for incorrect information in the Central Repository to be replaced with correct information. The Commission does not have information to estimate whether the former outcome is more likely than the latter, because it lacks information on the proportion of customer information records that are errant in existing databases in industry and the likelihood that data refresh procedures introduce incorrect data, and commenters did not provide this information. The Commission notes that the Participants' response does not address whether the periodic refreshes would be redundant, or why submitting the redundant information would be beneficial. However, the Commission acknowledges that, as set out in the Participants' response, the Plan provides that the Participants will work with the Plan Processor to determine the extent to which inactive or other accounts would need to be reported, which may reduce the costs of the periodic refresh by reducing the number of accounts to which it applies.
See Section V.E.3.a, supra.
Response Letter I, at 31-32.
10. Bulk Data Downloads by CAT Reporters
Several commenters discussed the Plan's treatment of bulk data downloads by CAT Reporters. Specifically, some commenters suggested that CAT Reporters should be allowed to access and export the data they report to the Central Repository. The Commission has considered the potential economic effects of that alternative approach, as discussed below.
Several commenters suggested that the Plan permit CAT Reporters to access their own CAT Data through bulk data exports. Another commenter stated that permitting CAT Reporters to download their own data from the Central Repository will provide benefits such as improved CAT reporting error rates and improved ability to meet regulatory, surveillance, and compliance requirements. One commenter suggested that independent software vendors be permitted to access the CAT Data on behalf of their clients. However, several commenters expressed strong concerns about allowing any entity to extract or download data from the Central Repository, suggesting that the risk of a data breach would greatly increase as the data are maintained at more sites. Commenters also suggested that the risk increases when those entities downloading the data may have technology systems that are not subject to the same high security requirements at the Plan Processor.
FIF Letter at 1, 9, 60-61; KCG Letter at 7-8.
TR Letter at 8.
Bloomberg Letter at 7.
SIFMA Letter at 20; Fidelity Letter at 4; ICI Letter at 6-7.
FSR Letter at 7.
In their response, the Participants stated that they believe that there may be merit to providing Industry Member CAT Reporters and their vendors with bulk access to the CAT Reporters' own unlinked CAT Data, but noted that such access also raises a variety of operational, security, cost and other issues related to the CAT. The Participants stated that they will consider this issue once the CAT is operational.
Response Letter I at 43-44.
Currently, the CAT NMS Plan states that, initially, CAT Reporters will not have access to their data submissions through bulk data extracts. The Commission agrees with commenters that an alternative approach that specified that CAT Reporters will be allowed to make bulk extractions of their own data from the Central Repository would help CAT Reporters correct errors and respond to regulatory inquiries. Specifically, the Commission believes that, by querying and analyzing the full set of data submitted to the CAT, as opposed to viewing only the errors, CAT Reporters may be able to better diagnose a problem that could be system-wide. This could facilitate corrections to the process that CAT reporters use to record and report order events to prevent future errors. The Commission also recognizes that there may be benefits to internal surveillance regarding compliance, tracking regulatory submissions by third parties, and CAT Reporter recordkeeping. The Commission believes this could have benefits in terms of increasing the accuracy and timeliness of the CAT Data by allowing errors to be corrected faster and more effectively, and by possibly reducing reporting costs for some entities by making the error correction process easier and more efficient and eliminating the need for CAT Reporters to store the data they submit on their own systems.
See CAT NMS Plan, supra note 5, at Appendix D, Section 8.2.
FIF Letter at 60-61.
However, the Commission notes that, under the Plan, CAT Reporters will be able to view their submissions online in a read-only, non-exportable format, which will facilitate error identification and correction. Commenters did not provide sufficient information to allow the Commission to assess the magnitude of the potential benefits of allowing bulk data exports in addition to read-only access, and the Commission believes they may be modest. The Commission also notes that, to the extent CAT Reporters retain copies of their submissions, they may be able to refer to that data when correcting errors and responding to regulatory inquiries. Further, the Commission also agrees with commenters and the Participants that allowing CAT Reporters to engage in bulk data exports, even if limited to their own reported data, could increase the risk of a data breach insofar as it increases the number of systems that have access to the CAT Central Repository. As discussed above, while uncertain, the costs of a security breach could be significant. The Commission recognizes that some CAT Reporters that would be downloading bulk data might already have access to the Central Repository in order to upload their data, but it notes that many may not, because their data may be reported by one or more third parties. The Commission notes that it is difficult to determine the magnitude by which the risk of a breach would increase, because many of the decisions that define security measures for the Central Repository are coincident with the selection of the Plan Processor, and there is considerable diversity in the potential security approaches of the Bidders. The Commission notes that the Participants state that they will reconsider the issue once the CAT is operational.
See CAT NMS Plan, supra note 5, at Appendix D, Section 10.1.
For example, the Commission does not know how many of the errors that may need to be corrected may be rooted in a problem that a CAT Reporter would require bulk-downloaded data to detect.
See Section V.F.4.a, supra.
Response Letter I at 44.
11. Alternatives to the CAT NMS Plan
In the Notice, the Commission recognized that approving the CAT NMS Plan is not the only available means of improving the completeness, accuracy, accessibility and timeliness of the data used in regulatory activities. Therefore, the Commission solicited comment on the broad set of alternatives involving modifying existing systems to reduce their data limitations instead of approving the CAT NMS Plan.
See Notice, supra note 5, at 30776.
The Commission discussed how, as one alternative to the CAT NMS Plan, it could require modifications to OATS. However, the Commission also noted that OATS would require significant modifications in order to provide the attributes that the Commission deems crucial for an effective audit trail. Furthermore, the Commission indicated that any OATS-based alternative to CAT that did not provide these attributes would limit the potential benefits of the alternative significantly.
Id.
The Commission acknowledged that it does not have sufficient information to estimate the potential cost savings, if any, from mandating an OATS-based approach as an alternative to the CAT NMS Plan. However, the Commission noted that Rule 613 provided flexibility to the SROs to propose an approach based on OATS and that the SROs could have utilized an OATS-based approach if that approach had represented significant cost savings relative to the Plan's approach.
Id.
In the Notice, the Commission discussed another alternative, which would be for the Commission to modify other data sources instead of, or in combination with, OATS. However, the Commission also noted that like OATS, all of the current data sources have limitations that would need to be addressed in order to provide the attributes that the Commission deems crucial to an effective audit trail. Furthermore, the Commission preliminarily believed that modifying any other single data source would be more costly than modifying OATS while adopting an alternative to the CAT NMS Plan that relied on multiple data sources . . . would eliminate the benefits associated with having a single complete consolidated source from which regulators can access trade and order data, which the Commission considers to be very significant.
Id.
Overall, the Commission preliminarily believed that mandating improvements to the completeness, accuracy, accessibility, and timeliness of current data sources without an NMS Plan that requires the consolidation of data and increased coverage across markets and broker-dealers would likely significantly limit the potential benefits relative to the Plan, possibly without providing significant cost savings.
Id.
The Commission received one comment on the possibility of requiring modifications to OATS as an alternative to the CAT NMS Plan. The commenter agreed with the Commission's analysis and the CAT NMS Plan approach, noting that “the vision of CAT has evolved through the years to become a much more comprehensive system than OATS or any other current system” and that “there is an opportunity now to take advantage of new technologies and the associated cost benefits they provide.” Another commenter suggested an alternate approach to the CAT NMS Plan where the Commission would host the system in-house, under its direct and sole control, retaining the prerogative to grant (or deny) access to the data to non-broker-dealer affiliated SROs. The commenter believed that collecting the data pursuant to an NMS Plan providing for SRO ownership, management and control over the data would limit the benefits of the Plan by potentially limiting the Commission's access to, and use of, CAT Data.
FIF Letter at 121.
Better Markets Letter at 3-5.
Specifically, the commenter stated that allowing the SROs ownership, management, and control over the data, without direct SEC oversight and control, would have “serious and unacceptable” consequences, because there will be a limited number of user accounts allocated to the SEC; there may be limitations on the SEC's access to the data for non-regulatory purposes; the potential exists for the CAT LLC to charge the SEC for accessing the CAT system and its data; the SEC does not participate directly in the governance of the CAT Plan; the CAT Plan Participants may dismiss the Plan Processor with no notice to the SEC; and the Plan Participants may make material changes to the functions and operations of the CAT NMS system (or matters related to the CAT data).
The Commission has considered the comments and continues to believe that mandating improvements to the completeness, accuracy, accessibility, and timeliness of current data sources without an NMS Plan that requires the consolidation of data and increased coverage across markets and broker-dealers would likely significantly limit the potential benefits, possibly without providing significant cost savings. In response to the suggestion that the Commission host the system in-house, the Commission believes that the concerns expressed by the commenter with respect to the Commission's ability to access and utilize the CAT Data are mitigated by the Commission's direct oversight authority with respect to the CAT NMS Plan, including but not limited to its ability to observe all meetings, including those conducted in Executive Session, its review and approval of rule changes, and its examination and inspection authority over the SROs. Further, as discussed above, SROs have specific obligations under the Exchange Act as front-line regulators of the securities markets, and accordingly are well-positioned to oversee the development and operation of the CAT in a manner that will best fulfill regulatory needs, subject to oversight by the Commission. The Commission therefore does not agree that an alternative to the CAT NMS Plan where the Commission hosted the system in-house would result in greater benefits as compared to the CAT NMS Plan approach.
See supra note 747.
12. Alternatives Discussed in the CAT NMS Plan
In the Notice, the Commission recognized that the Plan discussed many alternatives that the Commission did not discuss in the Alternatives Section of the Notice. Rule 613(a)(1)(xii) required the Participants to discuss in the Plan any reasonable alternative approaches that the Plan sponsors considered in developing the Plan, including a description of any such alternative approach; the relative advantages and disadvantages of each such alternative, including an assessment of the alternative's costs and benefits; and the basis upon which the Plan sponsors selected the approach reflected in the CAT NMS Plan. Such discussions appear in Section 12 of Appendix C of the Plan. The Commission reviewed these alternatives and did not include in the Alternatives Section of its Notice a discussion of all of the specific alternatives addressed in the Plan. In some cases, the Commission had no analysis to add beyond the analysis in the Plan. In other cases, the Plan did not require any specific alternative, so the Commission could not analyze the effect on the Plan of selecting a different alternative.
See Notice, supra note 5, at 30779-82 (Request for Comment Nos. 437-50).
The Commission received sufficient comments to analyze some economic implications of alternatives related to the primary storage method, data ingestion format approaches, the process to develop the CAT, and user support and the help desk. However, the Commission still does not have sufficient information to add to the Plan's analysis of the alternatives regarding organizational structure, personally identifiable information, required reportable events, data feed connectivity, industry testing, user management, and quality assurance.
The Commission received one comment on its request for comment regarding the organizational structure. Better Markets opposes the for-profit nature of the CAT LLC and the fact that the Commission would not control that corporation. See Section IV.B.4, supra, discusses the Participants' and the Commission's responses to that comment. Specifically, the CAT LLC will not be for-profit.
Many commenters suggested alternative approaches to maintain the security and confidentiality of PII. See Section IV.D.7.b, supra, for a summary of these comments and the Commission's response.
Data Boiler suggested including the “results order event” and the “CAT feedback order event” as a “way to introduce randomness for the sake of improving information security control.” While the Commission is sensitive to security, the Commission still does not have sufficient information to distinguish these order events from the required order event types to ascertain the benefits other than the security benefits mentioned by this commenter or to analyze the costs of reporting these order types. See Data Boiler Letter at 42.
Data Boiler suggested receiving SIP data in real-time, but did so conditional on the Central Repository receiving the data in real-time. Because the SROs may already get SIP data in real-time for other purposes and the CAT reporting will be on T+1, the Commission still does not have sufficient information to fully analyze the alternative of receiving SIP data in real-time. See Data Boiler Letter at 42; see also Section IV.D.3, supra, for the Commission's response to this comment.
Data Boiler suggested not mandating an approach to industry testing because “appropriate management flexibilities/discretions are needed,” but did not provide further explanation that would allow the Commission to better understand the economic tradeoffs. See Data Boiler Letter at 42. Further, FIF suggested specific testing standards but did not provide further explanation that would allow the Commission to better understand the economic tradeoffs of specifying these standards. See FIF Letter at 13, 125-26; see also Section IV.D.12, supra, for the Commission's response to these comments.
FIF stated that the Plan does not need to require a specific approach to user management, but that the Plan should specify some functionality and criteria for evaluation of the approach. For example, the user management system should provide for on-boarding and support levels of entitlement. See FIF Letter at 129-30. The commenter did not provide further explanation that would allow the Commission to better understand the costs and benefits of specifying these functionalities or not specifying an approach. Further, SIFMA provided specific suggestions for user management but did not specifically address the relative economic effects of various alternatives. See SIFMA Letter at 21.
Data Boiler suggested not mandating an approach to quality assurance because appropriate management flexibilities/discretions are needed, but did not provide further explanation that would allow the Commission to better understand the economic tradeoffs. See Data Boiler Letter at 42.
a. Primary Storage
In the Notice, the Commission solicited comment on whether the CAT NMS Plan should mandate a particular data storage method and on how a storage method could affect the costs and benefits of the Plan. The CAT NMS Plan states that bidders proposed two methods of primary data storage: Traditionally-hosted storage architecture and infrastructure-as-a-service. The CAT NMS Plan does not mandate a specific method for primary storage, but does indicate that the storage solution would meet the security, reliability, and accessibility requirements for the CAT, including storage of PII data, separately. The CAT NMS Plan also indicates several considerations in the selection of a storage solution including maturity, cost, complexity, and reliability of the storage method.
See Notice, supra note 5, at 30780.
See CAT NMS Plan, supra note 5, at Appendix C, Section D.12(c). Traditionally-hosted storage architecture is a model in which an organization would purchase and maintain proprietary servers and other hardware to store CAT Data. Infrastructure-as-a-service is a provisioning model in which an organization outsources the equipment used to support operations, including storage, hardware, servers, and networking components, to a third party who charges for the service on a usage basis.
The Commission received three comment letters in response to this alternative. All three commenters recommended not mandating a particular storage method. One commenter suggested that mandating the storage method would “make the structure too rigid and static, hindering the flexibility for future scalability.” Another commenter claimed too little information in that the “eventual Plan Processor is in a better position to define the storage methods” stating that evaluation considers “total system design, not storage methods in isolation.” The third commenter did not provide arguments supporting its recommendation, but did point out that the method of storage would allow the ability to return results of queries at varying time intervals. The commenters did not discuss the relative costs and benefits of the specific architectures mentioned in the Plan but one commenter indicated that its own system could enable ultrafast analysis/pattern recognition and save significant space. Based on these comments, the Commission believes that mandating a particular storage method could be costly, but Commission did not receive comments on the benefits of mandating a storage method or on the costs or benefits of particular storage methods. Therefore, the Commission has more information than at the time of the Notice regarding the costs of mandating a particular storage method but still cannot fully analyze the economic effects.
FIF Letter at 125; FSI Letter at 3; Data Boiler Letter at 8.
Data Boiler Letter at 8.
FIF Letter at 125.
FSI Letter at 3.
Data Boiler Letter at 8.
b. Data Ingestion Format
In the Notice, the Commission requested comment on whether the Plan should mandate a particular approach to data ingestion. The CAT NMS Plan does not mandate the format in which data must be reported to the Central Repository. Rather, the Plan provides that the Plan Processor will determine the electronic format in which data must be reported, and that the format will be described in the Technical Specifications. The Plan discusses the tradeoffs between requiring that the CAT Reporters report data to CAT in a uniform defined format, in existing messaging protocols, or a hybrid of both. The Plan does not require any approach, but will determine the approach in conjunction with the selection of the Plan Processor. An example of a uniform defined format includes the current process for reporting data to OATS. Several bidders proposed to leverage the OATS format and enhance it to meet the requirements of Rule 613. The Plan states that this could reduce the burden on certain CAT Reporters (i.e., current OATS Reporters) and simplify the process for those CAT Reporters to implement the CAT. The other alternative, accepting existing messaging protocols, would allow CAT Reporters to submit copies of their order handling messages that are typically used across the order lifecycle and within order management processes, such as FIX. The Plan states that using existing messaging protocols could result in quicker implementation times and simplify data aggregation. The Plan further notes that surveys revealed no cost difference between the two approaches, but that FIF members prefer using the FIX protocol.
See Notice, supra note 5, at 30780-81.
See CAT NMS Plan, supra note 5, at Appendix C, Section D.12(f); see also id. at Appendix C, Section A.1(a).
Id. at Appendix D, Section 2.1.
See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(i)(A)(2), Section D.12(f). These are also called “Approach 1” and “Approach 2” elsewhere in this economic analysis.
This is Approach 2 in the CAT Reporters Study. See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(i)(A)(2).
Id. at Appendix C, Section D.12(f).
This is Approach 1 in the CAT Reporters Study. Id. at Appendix C, Section B.7(b)(i)(A)(2).
Id. at Appendix C, Section D.12(f).
Id.
Id.
While the Plan discussed a “uniform defined format” as different from existing messaging protocols such as FIX, the Commission understands that the term “uniform defined format” can also apply to FIX. To clarify the distinction between the two approaches, the Commission refers to one approach as requiring a “specialized delimited flat file” approach and the other as requiring existing messaging protocols.
In addition to soliciting comment on whether the Plan should mandate an approach, the Commission also requested information on the relative costs and benefits, including implementation and ongoing costs of the data ingestion format approaches. Further, the Commission noted that the survey results that the costs of the approaches are similar did not seem intuitive and requested comment on why the costs appear similar in the survey results.
See Notice, supra note 5, at 30780-81.
See Notice, supra note 5, at 30737 (Request for Comment Nos. 318 and 331).
As an alternative to the Plan, four commenters seemed to support specifying an approach to data ingestion format. One commenter stated that mandating an approach in the Plan would give industry more time to prepare and would limit the chances that broker-dealers would need to make significant changes after seeing the Technical Specifications, which could seriously compromise the implementation schedule. In particular, this commenter stated that the data ingestion format approach is a critical component of the Plan and “an optimum solution that meets the needs of industry at reasonable cost and is minimally disruptive” would require that the approach be “widely reviewed and vetted across the industry.” Another commenter suggested mandating the approach for consistency and transparency. The other two commenters that supported mandating the approach in the Plan provided arguments regarding the effects of a specific approach but not the effects of mandating an approach.
FIF Letter at 91; FIX Trading Letter at 1; Better Markets Letter at 7; ICI Letter at 13.
FIF Letter at 90.
FIF Letter at 90.
FIX Trading Letter at 1.
Another alternative would be to specify the actual format in the Plan. Of the four commenters who supported mandating the approach, one also supported mandating the format in the Plan.
Better Markets Letter at 7.
Six commenters provided information on the tradeoffs or economic effects of various approaches or formats. While some commenters addressed the alternatives of a specialized delimited flat file such as a modified OATS, existing messaging protocol such as FIX, or a hybrid of the two, others commented more generally on the impacts of non-uniform formats or standards without indicating whether they consider a messaging protocol to be non-uniform or uniform format or standard. Only one commenter specifically addressed why the costs of reporting using Plan-mandated messaging protocols would be similar to reporting in a specialized delimited flat file format, and that commenter asserted that the costs should be the same for either approach because accepting existing message protocols would require a more expensive infrastructure and the cost would likely be passed down to the CAT Reporters. The six commenters also provided mixed information on the economic effects of various considerations, such as accepting multiple formats or a single format, and accepting only widely used existing formats, new specialized delimited flat file formats, or existing bespoke broker-dealer formats.
These comments are summarized in more detail in Section IV.D.2, supra.
FIF Letter at 90-91; FIX Trading Letter at 1. ICI provided a messaging protocol as an example, but did not recommend a messaging protocol specifically.
ICI Letter at 13; Better Markets Letter at 7-8; UnaVista Letter at 2-3.
Data Boiler Letter at 36.
See Section IV.D.2, supra, for a complete summary of these comments as well as the Participants' and Commission's responses.
Data Boiler Letter at 41; FIF Letter at 91; FIX Trading Letter at 1; UnaVista Letter at 2-3; ICI Letter at 13; Better Markets Letter at 7-8.
Data Boiler Letter at 41; FIF Letter at 90-91; FIX Trading Letter at 1; ICI Letter at 13; Better Markets Letter at 7.
In response to comments, the Participants explained that they continue to believe that the Plan should not mandate a specific message format. That said, the Participants understand that the message format used for reporting to the Central Repository must be easily understood and adopted by the industry, and this factor will be considered as the Participants evaluate each Bidder's solution. Moreover, the Participants also will take into consideration that the Plan Processor must be able to reliably and accurately convert data to a uniform electronic format for consolidation and storage, regardless of the message formats in which the CAT Reporters would be required to report data to the Central Repository. The message format(s) ultimately selected for reporting to the Central Repository will be described in the Technical Specifications, which will be approved by the Operating Committee. In addition, the Participants indicated that the Bids of the three remaining Bidders propose accepting existing messaging protocols (e.g., FIX), rather than requiring CAT Reporters to use a new format.
Response Letter I at 29; see also Section IV.D.2, supra, for a complete discussion of the Participants' response.
Response Letter III at 13.
The Commission has considered the comments and Participants' responses in relation to whether the Plan should mandate a specific approach and believes that there are certain costs and benefits associated with mandating the approach in the Plan and that not mandating the approach is a source of uncertainty in assessing the economic effects of the Plan. The Commission believes that the risks to the implementation schedule (and therefore an increase in implementation costs) of not mandating an approach would be lower if CAT Reporters could submit their reports to CAT in the message protocols they currently use for business purposes because such implementation would involve updating current systems rather than building new systems. The Commission understands from the Participants' response that all remaining Bidders would have within the Plan Processor the ability to accept existing message protocols. Therefore, those CAT Reporters currently using the messaging protocols accepted by the eventual Plan Processor would not need to make significant systems changes. However, the Commission recognizes that the mixed information regarding the economic effects of particular approaches or formats reflects the level of uncertainty in the range of benefits and costs associated with the selection of data ingestion formats and thus the impact of the lack of transparency in the Plan on this economic analysis.
In response to the comment that the costs of the two approaches should be similar, the Commission notes that the costs of the approaches do not seem consistent with the comment. Whereas the commenter's statements would suggest that the costs of message protocols would be lower for broker-dealers, vendors, and SROs, and higher for building and operating the Central Repository, and similar in aggregate, the costs actually appear similar for each survey group. Therefore, the Commission continues to recognize that the survey result indicating that the costs of the approaches are similar does not seem intuitive.
Finally, the Commission notes the potential for the Plan Processor to use the opportunity to select a message format that entrenches itself by increasing the costs of replacement due to underperformance. However, as explained above and in Section IV.D.2 the Participants will consider whether a Bidder has proposed a format that is easily understood and adoptable by the industry, and the Commission believes that the message format decision must be made in connection with developing the overall architecture for CAT.
See Section V.I.4.b.(2), supra, for a discussion of how the costs of switching Plan Processors limits the competitive incentives of the selected Plan Processor and of the provisions that promote good performance by the Plan Processor.
c. Process To Develop CAT
In the Notice, the Commission requested comment on whether the CAT NMS Plan should mandate a particular development process and the impact on the relative costs and benefits of particular processes. Bidders proposed, and the Plan describes, several processes for development of the CAT: The agile or iterative development model, the waterfall model, and hybrid models. The CAT NMS Plan does not mandate a particular development process because any of the options could be utilized to manage the development of CAT. The CAT NMS Plan notes that the agile model is more flexible and more susceptible to the early delivery of software for testing and feedback, but that the agile model makes it more difficult to accurately estimate the effort and time required for development. The waterfall model would also facilitate longer-term planning and coordination among multiple vendors or project streams.
See Notice supra note 5, at 30781.
See CAT NMS Plan, supra note 5, at Appendix C, Section D.12(g). An agile methodology is an iterative model in which development is staggered and provides for continuous evolution of requirements and solutions. A waterfall model is a sequential process of software development with dedicated phases for Conception, Initiation, Analysis, Design, Construction, Testing, Production/Implementation and Maintenance. Id.
Id.
Id.
Two commenters suggested that the Plan not mandate a particular development method. One commenter stated that “appropriate management flexibilities/discretions are needed.” The other commenter cited bidder expertise and that the Plan Processor should be allowed to choose the “methodology most appropriate for the specific development effort.” The commenter continued on to say that “the different development methodologies can each be equally effective in an implementation plan, depending on many factors and tradeoffs.” While providing information on the costs of mandating a method, neither provided relative costs and benefits of specific methods.
FIF Letter at 49; Data Boiler Letter at 42.
Data Boiler Letter at 42.
FIF Letter at 49.
Based on these comments, the Commission believes that mandating a specific development process in the Plan could be costly because mandating the process removes the ability for the Plan Processor to select the lowest cost or most effective methodology for a given implementation. The Commission recognizes that the Plan will involve one big implementation initially, but may also involve many subsequent implementations based on amendments to the Plan or changes in the technical specifications. The nature of these implementations could vary greatly and the same development methodology may not be most effective in all situations. Therefore, the Commission recognizes that mandating a specific development process would be costly.
d. User Support and Help Desk
In the Notice, the Commission requested comment on whether the CAT NMS Plan should specify the standards for user support and on the relative costs and benefits of the alternative standards. The CAT NMS Plan discusses several alternatives related to how the Plan Processor provides a CAT help desk that would be available 24 hours a day, 7 days a week and be able to manage 2,500 calls per month. Specifically, alternatives relate to the number of user support staff members, the degree to which the support team is dedicated to CAT, and whether the help desk is located in the United States or offshore. The CAT NMS Plan discusses the benefit and cost tradeoffs, but does not mandate any of the particular alternatives. Instead, the CAT NMS Plan commits to considering each Bidder's user support proposals in the context of the overall Bid.
See Notice, supra note 5, at 30781.
See CAT NMS Plan, supra note 5, at Appendix C, Section D.12(j). The RFP specified these standards. Id.
See id. The Plan states that a larger support staff could be more effective, but would be more costly. Further, a dedicated CAT support team would have a deeper knowledge of CAT but would be more costly. Finally, a U.S.-based help desk could facilitate greater security and higher quality service, but would be more costly. Id.
Two commenters addressed alternatives regarding user support and a help desk. One commenter recommended that customer support guidelines and functionalities be specified in the Plan while the other suggested that the costs of user support and a help desk could be “minimized or eliminated” under different data collection and reporting methods. The commenter that supported specifying guidelines and functionalities in the Plan stated that “the level of service provided is directly tied to the industry's ability to meet the aggressive quality goals and error rates, and directly tied to customer service costs in bidders' proposals, and ultimately in costs to be borne by the industry.” Therefore, the commenter said they “should be dictated by the Plan and not left to Plan Processor discretion.” Rather than focus on the size and location of the support team and whether the team is dedicated to CAT, the commenter suggests specific standards and functionalities such as wait times, a tracking system, and the ability for web submission or “on-line chat.”
FIF Letter at 125-29; Data Boiler Letter at 42.
FIF Letter at 125-29.
Data Boiler Letter at 42.
In their response, the Participants clarified that the CAT Help Desk staff will be trained to support CAT Reporters as needed, and noted that this may include, for example, training related to data access tools, data submission requirements, and customer support.
See Response Letter I at 38.
The Commission has considered these comments and recognizes the benefits of the Plan specifying certain functionalities and standards while letting the Plan Processor select the size and location of the support team necessary to meet these functionalities and standards. In particular, the Commission agrees with the commenter that specifying guidelines and functionalities can facilitate the accomplishment of the benefits described herein and could result in lower costs to the industry relative to the Plan. However, the Commission also agrees that the Plan Processor may be in a better position to determine the size and location of the support team needed to satisfy the guidelines and functionalities.
VI. Paperwork Reduction Act
Certain provisions of Rule 613 contain “collection of information requirements” within the meaning of the Paperwork Reduction Act of 1995 (“PRA”). The Commission published notice requesting comment on the collection of information requirements in the Notice and submitted the proposed collection to the Office of Management and Budget (“OMB”) for review in accordance with 44 U.S.C. 3507 and 5 CFR 1320.11. An agency may not conduct or sponsor, and a person is not required to respond to, a collection of information unless it displays a currently valid OMB control number. The control number for Rule 613 is OMB Control No. 3235-0671 and the title of the collection of information is “Creation of a Consolidated Audit Trail Pursuant to Section 11A of the Securities Exchange Act of 1934 and Rules Thereunder.” The Commission is adopting this collection of information.
44 U.S.C. 3501 et. seq.
The Commission has amended the CAT NMS Plan, resulting in “a new collection of information” “CAT NMS Plan Reporting and Disclosure Requirements.” The new collection of information is described in Section VI.E., below. The Commission is requesting public comment on the new collection of information requirement in this Order. We are applying for an OMB control number for the proposed new collection of information in accordance with 44 U.S.C. 3507(j) and 5 CFR 1320.13, and OMB has not yet assigned a control number to the new collection. Responses to the new collection of information would be mandatory. An agency may not conduct or sponsor, and a person is not required to respond to, a collection of information unless it displays a currently valid OMB control number.
This Order includes the Commission's estimates of the costs associated with the requirements of Rule 613, as imposed by the CAT NMS Plan. Similarly, the Commission is discussing below its estimates of the burden hours associated with the information collection requirements of the CAT NMS Plan, as filed by the Participants, and as subsequently amended by the Commission. These estimates are based on the requirements of Rule 613 and take into account the Exemption Order. Information and estimates contained in the CAT NMS Plan that was submitted by the Participants also informed these estimates because they provide a useful, quantified point of reference regarding potential burdens and costs. In the Notice, the Commission requested comment on the collection of information requirements associated with the CAT NMS Plan that were required by Rule 613. As noted above, the Commission received 24 comment letters on the Notice. Although the Commission did not receive any comments on the hourly burdens associated with the information collections required by Rule 613, a number of comments were submitted that addressed the Commission's cost estimates related to these collections.
See Section VI.E., infra.
See Exemption Order, supra note 21. The Commission acknowledges that the CAT NMS Plan as filed contains provisions in addition to those required by Rule 613 (e.g., requiring the inclusion of OTC Equity Securities; the availability of historical data for not less than six years in a manner that is directly available and searchable without manual intervention from the Plan Processor; a complete symbology database to be maintained by the Plan Processor, including the historical symbology; as well as issue symbol information and data using the listing exchange symbology format). See CAT NMS Plan, supra note 5, at Section 1.1 (defining “Eligible Security” as all NMS securities and all OTC Equity Securities); Section 6.5(b)(1); Appendix C, Section A.1(a); Appendix D, Section 2.
See supra note 6.
In addition to the discussion that follows, the Commission's cost estimates and responses to cost comments are discussed in detail in Section V.F., supra.
A. Summary of Collection of Information Under Rule 613
Rule 613 requires that the CAT NMS Plan must provide for an accurate, time-sequenced record of an order's life, from receipt or origination, through the process of routing, modification, cancellation and execution. The Central Repository, created by the Participants, would be required to receive, consolidate and retain the data required under the Rule. Such data must be accessible to each Participant, as well as the Commission, for purposes of performing regulatory and oversight responsibilities.
See 17 CFR 242.613(c)(1).
See 17 CFR 242.613(e)(1).
See 17 CFR 242.613(e)(1), (e)(2).
Rule 613 provides that the CAT NMS Plan must require that all Participants that are exchanges, and their members, record and report to the Central Repository certain data for each NMS security registered or listed on a national securities exchange, or admitted to unlisted trading privileges on such exchange, and each Participant that is a national securities association, and its members, record and report for each NMS security for which transaction reports are required to be submitted to the national securities association in a uniform electronic format or in a manner that would allow the Central Repository to convert the data to a uniform electronic format for consolidation and storage. This data must be recorded contemporaneously with the Reportable Event and reported to the Central Repository in no event later than 8:00 a.m. ET on the trading day following the day such information has been recorded by the national securities exchange, national securities association, or member.
See 17 CFR 242.613(c)(3).
Rule 613 also provides that the CAT NMS Plan must require each member of a Participant to record and report to the Central Repository other information which may not be available until later in the clearing process no later than 8:00 a.m. ET on the trading day following the day the member receives such information. Rule 613 also requires the Participants to provide to the Commission, at least every two years after the effectiveness of the CAT NMS Plan, a written assessment of the operation of the consolidated audit trail.
See 17 CFR 242.613(c)(4).
See 17 CFR 242.613(b)(6).
Rule 613 requires all Participants to make use of the consolidated information, either by each developing and implementing new surveillance systems, or by enhancing existing surveillance systems. The Rule also requires the CAT NMS Plan to require Participants to submit to the Commission a document outlining the manner in which non-NMS securities and primary market transactions in NMS and non-NMS securities can be incorporated into the consolidated audit trail.
See 17 CFR 242.613(i).
1. Central Repository
Rule 613 provides that the CAT NMS Plan must require the creation and maintenance of a Central Repository that would be responsible for the receipt, consolidation, and retention of all data submitted by the Participants and their members. The Rule also requires that the CAT NMS Plan require the Central Repository to retain the information reported pursuant to subparagraphs (c)(7) and (e)(7) of the Rule for a period of not less than five years in a convenient and usable standard electronic data format that is directly available and searchable electronically without any manual intervention. The Plan Processor is responsible for operating the Central Repository in compliance with the Rule and the CAT NMS Plan. In addition, the Rule provides that the CAT NMS Plan must include: Policies and procedures to ensure the security and confidentiality of all information submitted to the Central Repository, including safeguards to ensure the confidentiality of data; information barriers between regulatory and non-regulatory staff with regard to access and use of data; a mechanism to confirm the identity of all persons permitted to use the data; a comprehensive information security program for the Central Repository that is subject to regular reviews by the CCO; and penalties for non-compliance with policies and procedures of the Participants or the Central Repository with respect to information security. Further, the Rule provides that the CAT NMS Plan must include policies and procedures to be used by the Plan Processor to ensure the timeliness, accuracy, integrity, and completeness of the data submitted to the Central Repository, as well as policies and procedures to ensure the accuracy of the consolidation by the Plan Processor of the data.
See 17 CFR 242.613(e)(1).
See 17 CFR 242.613(e)(8). The Commission notes that the CAT NMS Plan proposes to require that the Central Repository retain data reported in a convenient and usable standard electronic data format that is directly available and searchable electronically without any manual intervention for six years. See CAT NMS Plan, supra note 5, at Section 6.5(b)(i).
Id.
2. Data Collection and Reporting
Rule 613 provides that the CAT NMS Plan must require each Participant, and any member of such Participant, to record and electronically report to the Central Repository details for each order and Reportable Event documenting the life of an order through the process of original receipt or origination, routing, modification, cancellation, and execution (in whole or part) for each NMS security. Rule 613 requires the CAT NMS Plan to require each national securities exchange and its members to record and report to the Central Repository the information required by Rule 613(c)(7) for each NMS security registered or listed for trading on an exchange, or admitted to unlisted trading privileges on such exchange. Rule 613 provides that the CAT NMS Plan must require each Participant that is a national securities association, and its members, to record and report to the Central Repository the information required by Rule 613(c)(7) for each NMS security for which transaction reports are required to be submitted to the Participant. The Rule requires each Participant and any member of a Participant to record the information required by Rule 613(c)(7)(i) through (v) contemporaneously with the Reportable Event, and to report this information to the Central Repository by 8:00 a.m. ET on the trading day following the day such information has been recorded by the Participant or member of the Participant. The Rule requires each Participant and any member of a Participant to record and report the information required by Rule 613(c)(7)(vi) through (viii) to the Central Repository by 8:00 a.m. ET on the trading day following the day the Participant or member receives such information. The Rule requires each Participant and any member of such Participant to report information required by Rule 613(c)(7) in a uniform electronic format or in a manner that would allow the Central Repository to convert the data to a uniform electronic format for consolidation and storage.
See 17 CFR 242.613(c)(1), (c)(5), (c)(6), (c)(7).
See 17 CFR 242.613(c)(1), (c)(5).
See 17 CFR 242.613(c)(1), (c)(6).
See 17 CFR 242.613(c)(3).
See 17 CFR 242.613(c)(4).
See 17 CFR 242.613(c)(2).
Such information must also be reported to the Central Repository with a timestamp of a granularity that is at least to the millisecond or less to the extent that the order handling and execution systems of a Participant or a member utilize timestamps in finer increments. The Commission understands that any changes to broker-dealer recording and reporting systems to comply with Rule 613 may also include changes to comply with the millisecond timestamp requirement.
See 17 CFR 242.613(d)(3).
3. Collection and Retention of National Best Bid and National Best Offer, Last Sale Data and Transaction Reports
Rule 613(e)(7) provides that the CAT NMS Plan must require the Central Repository to collect and retain on a current and continuing basis: (i) Information on the National Best Bid and National Best Offer (“NBBO”) for each NMS Security; (ii) transaction reports reported pursuant to a transaction reporting plan filed with the Commission pursuant to, and meeting the requirements of, Rule 601 of Regulation NMS; and (iii) Last Sale Reports reported pursuant to the OPRA Plan. The Central Repository must retain this information for no less than five years.
See 17 CFR 242.613(e)(7); 17 CFR 242.601.
See 17 CFR 242.613(e)(8).
4. Surveillance
Rule 613(f) provides that the CAT NMS Plan must require that every Participant develop and implement a surveillance system, or enhance existing surveillance systems, reasonably designed to make use of the consolidated information contained in the consolidated audit trail. Rule 613(a)(3)(iv) provides that the CAT NMS Plan must require that the surveillance systems be implemented within fourteen months after effectiveness of the CAT NMS Plan.
5. Participant Rule Filings
Rule 613(g)(1) requires each Participant to file with the Commission, pursuant to Section 19(b)(2) of the Exchange Act and Rule 19b-4 thereunder, a proposed rule change to require its members to comply with the requirements of Rule 613 and the CAT NMS Plan approved by the Commission. The burden of filing such a proposed rule change is already included under the collection of information requirements contained in Rule 19b-4 under the Exchange Act.
15 U.S.C. 78s(b)(2); 17 CFR 240.19b-4.
See 17 CFR 242.613(g)(1).
See Securities Exchange Act Release No. 50486 (October 5, 2004), 69 FR 60287, 60293 (October 8, 2004) (File No. S7-18-04) (describing the collection of information requirements contained in Rule 19b-4 under the Exchange Act). The Commission has submitted revisions to the current collection of information titled “Rule 19b-4 Filings with Respect to Proposed Rule Changes by Self-Regulatory Organizations” (OMB Control No. 3235-0045). According to the last submitted revision, for Fiscal Year 2012 SROs submitted 1,688 Rule 19b-4 proposed rule changes.
6. Document on Expansion to Other Securities
Rule 613(i) provides that the CAT NMS Plan must require the Participants to jointly provide to the Commission, within six months after the CAT NMS Plan is effective, a document outlining how the Participants could incorporate into the CAT information regarding: (1) Equity securities that are not NMS securities; (2) debt securities; and (3) primary market transactions in equity securities that are not NMS securities and in debt securities.
As noted above, the CAT NMS Plan would require the inclusion of OTC Equity Securities, while Rule 613 does not include such a requirement. See supra note 3181.
See 17 CFR 242.613(i).
7. Written Assessment of Operation of the Consolidated Audit Trail
Rule 613(b)(6) provides that the CAT NMS Plan must require the Participants to provide the Commission a written assessment of the consolidated audit trail's operation at least every two years, once the CAT NMS Plan is effective. Such written assessment shall include, at a minimum, with respect to the CAT: (i) An evaluation of its performance; (ii) a detailed plan for any potential improvements to its performance; (iii) an estimate of the costs associated with any such potential improvements; and (iv) an estimated implementation timeline for any such potential improvements, if applicable. As required by Rule 613(b)(6), the Participants submitted a CAT NMS Plan that includes these minimum requirements. The Commission is subsequently amending the requirements set forth in the CAT NMS Plan to change the reporting frequency from every two years to annual, as well as to provide additional specificity regarding the elements of the written assessment. As amended, the annual written assessment must include the following: (i) An evaluation of the information security program of the CAT to ensure that the program is consistent with the highest industry standards for protection of data; (ii) an evaluation of potential technological upgrades based upon a review of technological advancements over the preceding year, drawing on technology expertise, whether internal or external; (iii) an evaluation of the time necessary to restore and recover CAT Data at a back-up site; (iv) an evaluation of how the Plan Processor and Participants are monitoring Error Rates and to explore the imposition of Error Rates based on product, data element or other criteria; (v) a copy of the evaluation required by the CAT NMS Plan in Section 6.8(c) of the Plan that the Plan Processor evaluate whether industry standards have evolved such that: (1) The synchronization standard in Section 6.8(a) of the CAT NMS Plan should be shortened; or (2) the required timestamp in Section 6.8(b) of the CAT NMS Plan should be in finer increments; and (vi) an assessment of whether any data elements reported to the CAT should be added, deleted or changed; and (vii) an estimate of the costs and benefits associated with any potential improvements to the performance of the CAT, including an assessment of the potential impact on competition, efficiency, capital formation, and investor protection.
See 17 CFR 242.613(b)(6).
See id.
See Section IV.H., supra.
B. Proposed Use of Information
1. Central Repository
Rule 613 states that the Central Repository is required to receive, consolidate and retain the data required to be submitted by the Participants and their members. Participant and Commission staff would have access to the data for regulatory purposes.
See 17 CFR 242.613(e)(1).
See 17 CFR 242.613(e)(2).
2. Data Collection and Reporting
The Commission believes that the data collected and reported pursuant to the requirements of Rule 613 would be used by regulators to monitor and surveil the securities markets and detect and investigate activity, whether on one market or across markets. The data collected and reported pursuant to Rule 613 would also be used by regulators for the evaluation of tips and complaints and for complex enforcement inquiries or investigations, as well as inspections and examinations. Further, the Commission believes that regulators would use the data collected and reported to conduct timely and accurate analysis of market activity for reconstruction of broad-based market events in support of regulatory decisions.
3. Collection and Retention of NBBO, Last Sale Data and Transaction Reports
The CAT NMS Plan must require the Central Repository to collect and retain NBBO information, transaction reports, and Last Sale Reports in a format compatible with the order and event information collected pursuant to Rule 613(c)(7). Participant and Commission staff could use this data to easily search across order, NBBO, and transaction databases. The Commission believes that having the NBBO information in a uniform electronic format compatible with order and event information would assist Participants in enforcing compliance with federal securities laws, rules, and regulations, as well as their own rules. The Commission also believes that a CAT NMS Plan requiring the Central Repository to collect and retain the transaction reports and Last Sale Reports in a format compatible with the order execution information would aid regulators in monitoring for certain market manipulations.
See 17 CFR 242.613(e)(7).
The Commission and Participants use the NBBO to, among other things, evaluate members for compliance with numerous regulatory requirements, such as the duty of best execution or Rule 611 of Regulation NMS. See 17 CFR 242.611; see also, e.g., ISE Rule 1901 and Phlx Rule 1084.
Rules 613(e)(7)(ii) and (iii) require that transaction reports reported pursuant to an effective transaction reporting plan and Last Sale Reports reported pursuant to the OPRA Plan be reported to the Central Repository. This requirement should allow regulators to evaluate certain trading activity. For example, trading patterns of reported and unreported trades may cause Participant or Commission staff to make further inquiries into the nature of the trading to ensure that the public was receiving accurate and timely information regarding executions and that market participants were continuing to comply with trade reporting obligations under Participant rules. Similarly, patterns in the transactions that are reported and unreported to the consolidated tape could be indicia of market abuse, including failure to obtain best execution for customer orders or possible market manipulation. The Commission and the Participants would be able to review information on trades not reported to the tape to determine whether they should have been reported, whether Section 31 fees should have been paid, and/or whether the trades are part of a manipulative scheme.
4. Surveillance
The requirement in Rule 613(f) that the Participants develop and implement a surveillance system, or enhance existing surveillance systems, reasonably designed to make use of the consolidated information in the consolidated audit trail, is intended to position regulators to make full use of the consolidated audit trail data in order to carry out their regulatory obligations. In addition, because trading and potentially manipulative activities could take place across multiple markets, and the consolidated audit trail data would trace the entire lifecycle of an order from origination to execution or cancellation, new or enhanced surveillance systems may also enable regulators to investigate potentially illegal activity that spans multiple markets more efficiently.
5. Document on Expansion to Other Securities
Rule 613(i) requires the CAT NMS Plan to require the Participants to jointly provide to the Commission, within six months after the CAT NMS Plan is effective, a document outlining how the Participants could incorporate into the CAT information regarding certain products that are not NMS securities. A document outlining a possible expansion of the consolidated audit trail could help inform the Commission about the Participants' strategy for potentially accomplishing such an expansion over a reasonable period of time. Moreover, such document would aid the Commission in assessing the feasibility and impact of possible future proposals by the Participants to include such additional securities and transactions in the consolidated audit trail.
See 17 CFR 242.613(i); see also supra note 439.
6. Written Assessment of Operation of the Consolidated Audit Trail
Rule 613(b)(6) requires the CAT NMS Plan to require the Participants to provide the Commission a written assessment of the CAT's operation at least every two years, once the CAT NMS Plan is effective that includes a plan for potential improvements, an estimate of the costs associated with any such improvement, as well as the potential impact on competition, efficiency and capital formation, and a timeline. The Commission has subsequently modified this requirement as imposed by the CAT NMS Plan to change the reporting frequency to annual and require that the written assessment include the benefits of any potential improvements and the impact on investor protection, as well as to provide more specificity on what the assessment must address. The assessment is now required to include evaluations of the following: The information security program; potential technological upgrades; the time to restore and recover CAT Data at a back-up site; how the Plan Processor and the Participants are monitoring Error Rates and exploring imposing Error Rates based on other criteria; a copy of the evaluation required in Section 6.8(a) of the CAT NMS Plan that the Plan Processor evaluate whether industry standards have evolved such that: (i) The clock synchronization standard in Section 6.8(a) of the CAT NMS Plan should be shortened; (ii) the required timestamp in Section 6.8(b) of the CAT NMS Plan should be in finer increments; and an assessment of whether any data elements reported to the CAT should be added, deleted or changed. The Commission believes that requiring these specific issues to be addressed in the Participants' annual written assessment will focus the Plan Processor and the Participants on critical technological and other developments, and should help ensure that CAT technology remains up-to-date, resilient and secure, and provides accurate CAT Data. Further, the Commission believes that it is important that the Participants consider not just the costs, but also the potential benefits associated with any improvements to the performance of the CAT, including the impact on investor protection.
See Section IV.H., supra.
C. Respondents
1. National Securities Exchanges and National Securities Associations
The information collection titled “Creation of a Consolidated Audit Trail Pursuant to Section 11A of the Securities Exchange Act of 1934 and Rules Thereunder” and the proposed information collection apply to the 21 Participants (the 20 national securities exchanges and the one national securities association (FINRA)) currently registered with the Commission.
The Participants are: Bats BZX Exchange, Inc., Bats BYX Exchange, Inc., BOX Options Exchange LLC, C2 Options Exchange, Incorporated, Chicago Board Options Exchange, Incorporated, Chicago Stock Exchange, Inc., Bats EDGA Exchange, Inc., Bats EDGX Exchange, Inc., Financial Industry Regulatory Authority, Inc., International Securities Exchange, LLC, ISE Gemini, LLC, Miami International Securities Exchange LLC, NASDAQ BX, Inc., NASDAQ PHLX LLC, The NASDAQ Stock Market LLC, National Stock Exchange, Inc., New York Stock Exchange LLC, NYSE MKT LLC, and NYSE Arca, Inc. ISE Mercury and IEX will become Participants in the CAT NMS Plan and are thus accounted for as Participants for purposes of this Order. See supra note 10.
2. Members of National Securities Exchanges and National Securities Association
The information collection titled “Creation of a Consolidated Audit Trail Pursuant to Section 11A of the Securities Exchange Act of 1934 and Rules Thereunder” also applies to the Participants' broker-dealer members, that is, Industry Members. The Commission believes that Rule 613 applies to 1,800 broker-dealers. The Commission understands that there are currently 4,138 broker-dealers; however, not all broker-dealers are expected to have CAT reporting obligations. The Participants report that approximately 1,800 broker-dealers currently quote or execute transactions in NMS Securities, Listed Options or OTC Equity Securities and would likely have CAT reporting obligations.
The Commission understands that the remaining 2,338 registered broker-dealers either trade in asset classes not currently included in the definition of Eligible Security or do not trade at all (e.g., broker-dealers for the purposes of underwriting, advising, private placements). See Notice, supra note 5, at 30712, n.864.
D. Total Initial and Annual Reporting and Recordkeeping Burden
1. Burden on National Securities Exchanges and National Securities Associations
a. Central Repository
Rule 613 requires the Participants to jointly establish a Central Repository tasked with the receipt, consolidation, and retention of the reported order and execution information. The Participants reflected this requirement in the CAT NMS Plan. The Participants issued an RFP soliciting Bids from entities to act as the consolidated audit trail's Plan Processor. Bidders were asked to provide total one-year and annual recurring cost estimates to estimate the costs to the Participants for implementing and maintaining the Central Repository. There are currently three remaining Bidders, any of which could be selected to be the Plan Processor. The Plan Processor would be responsible for building, operating, administering and maintaining the Central Repository.
See Notice, supra note 5, at 30616.
See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(i)(B). The CAT NMS Plan listed the following as primary drivers of Bid costs: (1) Reportable volumes of data ingested into the Central Repository; (2) number of technical environments that would have to be built to report to the Central Repository; (3) likely future rate of increase of reportable volumes; (4) data archival requirements; and (5) user support and/or help desk resource requirements. Id.
The Plan's Operating Committee, which consists of one voting representative of each Participant, would be responsible for the management of the LLC, including the Central Repository, acting by Majority or Supermajority Vote, depending on the issue. In managing the Central Repository, among other things, the Operating Committee would have the responsibility to authorize the following actions of the LLC: (1) Interpreting the Plan; (2) determining appropriate funding-related policies, procedures and practices consistent with Article XI of the CAT NMS Plan; (3) terminating the Plan Processor; (4) selecting a successor Plan Processor (including establishing a Plan Processor Selection Committee to evaluate and review Bids and make a recommendation to the Operating Committee with respect to the selection of the successor Plan Processor); (5) entering into, modifying or terminating any Material Contract; (6) making any Material Systems Change; (7) approving the initial Technical Specifications or any Material Amendment to the Technical Specifications proposed by the Plan Processor; (8) amending the Technical Specifications on its own motion; (9) approving the Plan Processor's appointment or removal of the CCO, CISO, or any Independent Auditor in accordance with Section 6.1(b) of the CAT NMS Plan; (10) approving any recommendation by the CCO pursuant to Section 6.2(a)(v)(A); (11) selecting the members of the Advisory Committee; (12) selecting the Operating Committee chair; and (13) determining to hold an Executive Session of the Operating Committee.
See id. at Section 4.2(a).
See Notice, supra note 5, at 30702.
See CAT NMS Plan, supra note 5, at Section 4.3(a)(iii).
See id. at Section 4.3(a)(vi).
See id. at Section 4.3(b)(i).
See id. at Section 4.3(b)(iv).
See id. at Section 4.3(b)(v).
See id. at Section 4.3(b)(vi).
See id. at Section 4.3(b)(vii).
See id. at Section 4.3(b)(iii).
See id. at Section 4.3(a)(iv).
See id. at Section 4.3(a)(ii). Section 4.13(e) of the CAT NMS Plan states that the members of the Advisory Committee shall have the right to receive information concerning the operation of the Central Repository; provided that the Operating Committee retains the authority to determine the scope and content of information supplied to the Advisory Committee, which shall be limited to that information that is necessary and appropriate for the Advisory Committee to fulfill its functions. The Commission is amending this section to state that the members of the Advisory Committee shall receive the same information concerning the operation of the Central Repository as the Operating Committee; provided, however, that the Operating Committee may withhold information it reasonably determines requires confidential treatment. See Section IV.B.2, supra. The Commission does not believe this amendment would change the hourly burden or external cost imposed on Participants for management of the Central Repository.
See id. at Section 4.3(a)(i).
See id. at Section 4.3(a)(v).
Additionally, in managing the Central Repository, the Operating Committee would have the responsibility and authority, as appropriate, to: (1) Direct the LLC to enter into one or more agreements with the Plan Processor obligating the Plan Processor to perform the functions and duties contemplated by the Plan to be performed by the Plan Processor, as well as such other functions and duties the Operating Committee deems necessary or appropriate; (2) appoint as an Officer of the Company the individual who has direct management responsibility for the Plan Processor's performance of its obligations with respect to the CAT; (3) approve policies, procedures, and control structures related to the CAT System that are consistent with Rule 613(e)(4), Appendix C and Appendix D of the CAT NMS Plan that have been developed and will be implemented by the Plan Processor; (4) approve any policy, procedure or standard (and any material modification or amendment thereto) applicable primarily to the performance of the Plan Processor's duties as the Plan Processor; (5) for both the CCO and CISO, render their annual performance reviews and review and approve their compensation; (6) review the Plan Processor's performance under the Plan at least once each year, or more often than once each year upon the request of two or more Participants that are not Affiliated Participants; (7) in conjunction with the Plan Processor, approve and regularly review (and update as necessary) SLAs governing the performance of the Central Repository; (8) maintain a Compliance Subcommittee for the purpose of aiding the CCO as necessary; and (9) designate by resolution one or more Subcommittees it deems necessary or desirable in furtherance of the management of the business and affairs of the Company.
See id. at Section 6.1(a).
See id. at Section 4.6(b).
See id. at Section 6.1(c).
See id. at Section 6.1(e).
See id. at Section 6.2(a)(iv), (b)(iv).
See id. at Section 6.1(n).
See id. at Section 6.1(h).
See id. at Section 4.12(b).
See id. at Section 4.12(a).
The CAT NMS Plan will also establish a Selection Committee comprised of one Voting Senior Officer from each Participant, which is tasked with the review and evaluation of Bids and the selection of the Initial Plan Processor. The Selection Committee would determine, by Majority Vote, whether Shortlisted Bidders will have the opportunity to revise their Bids. The Selection Committee would review and evaluate all Shortlisted Bids, including any permitted revisions submitted by Shortlisted Bidders, and in doing so, may consult with the Advisory Committee (or the DAG until the Advisory Committee is formed) and such other Persons as the Selection Committee deems appropriate. After receipt of any permitted revisions, the Selection Committee would select the Initial Plan Processor from the Shortlisted Bids in two rounds of voting where each Participant has one vote via its Voting Senior Officer in each round. Following the selection of the Initial Plan Processor, the Participants would file with the Commission a statement identifying the Initial Plan Processor and including the information required by Rule 608.
See id. at Section 5.1(a).
See id. at Section 5.1.
See id. at Section 5.2(d)(i).
See id. at Section 5.2(d)(ii).
See id. at Section 5.1(e).
See id. at Section 6.7(a)(i).
For its initial and ongoing internal burden and cost estimates associated with the management of the Central Repository, the Commission is relying on estimates provided in the CAT NMS Plan for the development of the CAT NMS Plan, which the Participants “have accrued, and will continue to accrue,” and have described in the CAT NMS Plan as “reasonably associated with creating, implementing, and maintaining the CAT upon the Commission's adoption of the CAT NMS Plan.”
See id. at Appendix C, Section B.7(b)(iii).
See id.
The Commission believes that the activities of the Operating Committee and the Selection Committee overlap with those undertaken by the Participants to develop the CAT NMS Plan. The CAT NMS Plan describes the costs incurred by the Participants to develop the CAT NMS Plan as including “staff time contributed by each Participant to, among other things, determine the technological requirements for the Central Repository, develop the RFP, evaluate Bids received, design and collect the data necessary to evaluate costs and other economic impacts, meet with Industry Members to solicit feedback, and complete the CAT NMS Plan submitted to the Commission for consideration.” For the building and management of the Central Repository, the Selection Committee and the Operating Committee would have comparable responsibilities. The Selection Committee would be required to review and evaluate all Shortlisted Bids, including any permitted revisions submitted by Shortlisted Bidders, and then to select the Initial Plan Processor from those Bids. As part of its overall management of the Central Repository, the Operating Committee would have responsibility for decisions associated with the technical requirements of the Central Repository. Furthermore, the Operating Committee would be required to establish a Selection Committee to evaluate Bids received to select a successor Plan Processor, and would also be required to authorize the selection of the members of the Advisory Committee, comprising members of the industry, to advise the Participants on the implementation, operation, and administration of the Central Repository. Because the responsibilities of the Operating Committee and the Selection Committee are similar to those described in the CAT NMS Plan for the development of the CAT NMS Plan itself, the Commission believes that it is reasonable to use the CAT NMS Plan estimates as the basis for its burden and cost estimates for the initial and ongoing management of the Central Repository.
See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(iii).
For example, the Operating Committee would be required to authorize the following actions of the LLC: Entering into, modifying or terminating any Material Contract (see id. at Section 4.3(b)(iv)); making any Material Systems Change (see id. at Section 4.3(b)(v)); amending the Technical Specifications on its own motion (see id. at Section 4.3(b)(vii)); and approving the initial Technical Specifications or any Material Amendment to the Technical Specifications proposed by the Plan Processor (see id. at Section 4.3(b)(vi)). Further, the Operating Committee would be able to approve policies, procedures, and control structures related to the CAT System that are consistent with Rule 613(e)(4), Appendix C and Appendix D of the CAT NMS Plan that have been developed and will be implemented by the Plan Processor (see id. at Section 6.1(c)); and in conjunction with the Plan Processor, approve and regularly review (and update as necessary) SLAs governing the performance of the Central Repository (see id. at Section 6.1(h)).
See id. at Section 4.3(b)(i).
See id. at Section 4.3(a)(ii).
See id. at Section 4.13(d).
(1) Initial Burden and Costs To Build the Central Repository
Each Participant would contribute an employee and a substitute for the employee to serve on the Operating Committee that would oversee the Central Repository. Additionally, each Participant would select a Voting Senior Officer to represent the Participant as a member of the Selection Committee responsible for the selection of the Plan Processor of the Central Repository.
In the case of Affiliated Participants, one individual may be the primary representative for all or some of the Affiliated Participants, and another individual may be the substitute for all or some of the Affiliated Participants. See id. at Section 4.2(a).
In the case of Affiliated Participants, one individual may be (but is not required to be) the Voting Senior Officer for more than one or all of the Affiliated Participants. Where one individual serves as the Voting Senior Officer for more than one Affiliated Participant, such individual will have the right to vote on behalf of each such Affiliated Participant. See id. at Section 5.1(a).
A. Notice Estimates—Initial Burden and Costs
In the Notice, the Commission preliminarily estimated that, over the 12-month period after the effectiveness of the CAT NMS Plan within which the Participants would be required to select an Initial Plan Processor and begin reporting to the Central Repository, each Participant would incur an initial internal burden of 720 burden hours associated with the management of the creation of the Central Repository and the selection of the Plan Processor (including filing with the Commission the statement identifying the Initial Plan Processor and including the information required by Rule 608), for an aggregate initial estimate of 14,407 burden hours.
Rule 613(a)(3)(i) requires the selection of the Plan Processor within 2 months after effectiveness of the CAT NMS Plan. See 17 CFR 242.613(a)(3)(i).
Rule 613(a)(3)(iii) requires the Participants to provide to the Central Repository the data required by Rule 613(c) within one year after effectiveness of the CAT NMS Plan. See 17 CFR 242.613(a)(3)(iii).
The Commission based this estimate on the internal burden estimate provided in the CAT NMS Plan related to the development of the CAT NMS Plan. See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(iii) (stating “. . . the Participants have accrued, and will continue to accrue, direct costs associated with the development of the CAT NMS Plan. These costs include staff time contributed by each Participant to, among other things, determine the technological requirements for the Central Repository, develop the RFP, evaluate Bids received, design and collect the data necessary to evaluate costs and other economic impacts, meet with Industry Members to solicit feedback, and complete the CAT NMS Plan submitted to the Commission for consideration. The Participants estimated that they have collectively contributed 20 FTEs in the first 30 months of the CAT NMS Plan development process”). The Commission believed the staff time incurred for the development of the CAT NMS Plan would be comparable to the staff time incurred for the activities required of the Operating Committee and the Selection Committee for the creation and management of the Central Repository once the Plan is effective. (20 FTEs/30 months) = 0.667 FTEs per month for all of the Participants to develop the CAT NMS Plan. Converting this into burden hours, (0.667 FTEs) × (12 months) × (1,800 burden hours per year) = 14,407 initial burden hours for all of the Participants to develop the CAT NMS Plan. (14,407 burden hours for all Participants/20 Participants) = 720 initial burden hours for each Participant to develop the CAT NMS Plan.
Additionally, the Commission preliminarily estimated that the Participants would collectively spend $2,400,000 on external public relations, legal and consulting costs associated with building the Central Repository and the selection of the Plan Processor for the Central Repository, or $120,000 per Participant. The Commission based this estimate on the estimate provided in the CAT NMS Plan for public relations, legal and consulting costs incurred in preparation of the CAT NMS Plan. Because the Participants described such costs as “reasonably associated with creating, implementing and maintaining the CAT,” the Commission preliminarily believed these external cost estimates should also be applied to the creation and implementation of the Central Repository.
See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(iii) (stating “the Participants have incurred public relations, legal and consulting costs in preparation of the CAT NMS Plan. The Participants estimated the costs of these services to be $8,800,000”). $2,400,000 for all Participants over 12 months = ($8,800,000/44 months between the adoption of Rule 613 and the filing of the CAT NMS Plan) × (12 months). ($2,400,000/20 Participants) = $120,000 per Participant over 12 months.
See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(iii).
Using the estimates in the CAT NMS Plan, which are based on the Bids of the six Shortlisted Bidders, the Commission preliminarily estimated that the initial one-time cost to develop the Central Repository would be an aggregate initial external cost to the Participants of $91.6 million, or $4.6 million per Participant. The Commission preliminarily estimated that each Participant would incur initial one-time external costs of $7 million to build the Central Repository, or an aggregate initial one-time external cost across all Participants of $140 million. The estimates in the CAT NMS Plan, as well as the Commission's preliminary estimate includes internal technological, operational, administrative and “any other material costs.”
See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(i)(B). See also id. at Appendix C, Section B.7(b)(iv)(A)(1). The Commission noted that the cost associated with the build and maintenance of the Central Repository includes compliance with the requirement in Rule 613(e)(8) that the Central Repository retain information collected pursuant to Rule 613(c)(7) and (e)(7) in a convenient and usable standard electronic data format that is directly available and searchable electronically without any manual intervention for a period of not less than five years. See id. at Section 6.1(d)(i) (requiring the Plan Processor to comply with the recordkeeping requirements of Rule 613(e)(8)). See also id. at Appendix C, Section D.12(l) (stating that Rule 613(e)(8) requires data to be available and searchable for a period of not less than five years, that broker-dealers are currently required to retain data for six years under Rule 17a-4(a), and that the Participants are requiring CAT Data to be kept online in an easily accessible format for regulators for six years, though this may increase the cost to run the CAT). The Commission notes that changes in technology between the time the Bids were submitted and the time the Central Repository is built could result in changes to the costs to build and operate the Central Repository.
See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(i)(B) (describing the minimum, median, mean and maximum Bidder estimates for the build and maintenance costs of the Central Repository).
Id. The Bidders provided a range of estimates. For purposes of this Paperwork Burden Act analysis, the Commission used the build cost of the maximum Bidder estimate. $4,580,000 = $91,600,000/20 SROs.
$7 million for each Participant to build the Central Repository = ($4.6 million per Participant in initial one-time costs to compensate the Plan Processor to build the Central Repository) + ($2.4 million per Participant in initial one-time public relations, legal and consulting costs associated with the building of the Central Repository and the selection of the Initial Plan Processor).
$140 million for all of the Participants to build the Central Repository = $7 million per Participant to build the Central Repository) × (20 Participants). Id.
See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(i)(B).
B. Order Estimates—Initial Burden and Costs
Subsequent to the publication of the Notice, the Participants submitted revised Central Repository cost estimates to reflect the proposed development and maintenance costs of the final three Shortlisted Bidders. In addition, with the registration of IEX as a national securities exchange in June 2016, the expected number of Participants has increased from 20 to 21. As a result, the Commission is modifying its estimates of the initial burden and costs of the Central Repository.
See Response Letter III at 14-15.
IEX became a registered national securities exchange on June 17, 2016. See Securities Exchange Act Release No. 78101 (June 17, 2016), 81 FR 41142 (June 23, 2016).
After incorporating the revisions to the Central Repository cost estimates and the increase in the number of Participants, the Commission now estimates that, over the 12-month period after the effectiveness of the CAT NMS Plan within which the Participants would be required to select an Initial Plan Processor and begin reporting to the Central Repository, each Participant would incur an initial internal burden of 686.05 burden hours associated with the management of the creation of the Central Repository and the selection of the Plan Processor (including filing with the Commission the statement identifying the Initial Plan Processor and including the information required by Rule 608), for an aggregate initial estimate of 14,407 burden hours.
Rule 613(a)(3)(i) requires the selection of the Plan Processor within 2 months after effectiveness of the CAT NMS Plan. See 17 CFR 242.613(a)(3)(i).
Rule 613(a)(3)(iii) requires the Participants to provide to the Central Repository the data required by Rule 613(c) within one year after effectiveness of the CAT NMS Plan. See 17 CFR 242.613(a)(3)(iii).
The Commission based this estimate on the internal burden estimate provided in the CAT NMS Plan related to the development of the CAT NMS Plan. See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(iii) (stating “. . . the Participants have accrued, and will continue to accrue, direct costs associated with the development of the CAT NMS Plan. These costs include staff time contributed by each Participant to, among other things, determine the technological requirements for the Central Repository, develop the RFP, evaluate Bids received, design and collect the data necessary to evaluate costs and other economic impacts, meet with Industry Members to solicit feedback, and complete the CAT NMS Plan submitted to the Commission for consideration. The Participants estimated that they have collectively contributed 20 FTEs in the first 30 months of the CAT NMS Plan development process”). The Commission believed the staff time incurred for the development of the CAT NMS Plan would be comparable to the staff time incurred for the activities required of the Operating Committee and the Selection Committee for the creation and management of the Central Repository once the Plan is effective). (20 FTEs/30 months) = 0.667 FTEs per month for all of the Participants to develop the CAT NMS Plan. Converting this into burden hours, (0.667 FTEs) × (12 months) × (1,800 burden hours per year) = 14,407 initial burden hours for all of the Participants to develop the CAT NMS Plan. (14,407 burden hours for all Participants/21 Participants) = 686.05 initial burden hours for each Participant associated with the management of the creation of the Central Repository and the selection of the Plan Processor.
The Commission has not changed its estimate that the Participants will collectively spend $2,400,000 on external public relations, legal and consulting costs associated with the building of the Central Repository. However, the individual Participant cost estimate has decreased from $120,000 per Participant (as the Commission preliminarily estimated in the Notice ) to $114,285.71 per Participant, due to the increase in the number of Participants. As noted in the Notice, the Commission is basing this estimate on the estimate provided in the CAT NMS Plan for public relations, legal and consulting costs incurred in preparation of the CAT NMS Plan. Because the Participants described such costs as “reasonably associated with creating, implementing and maintaining the CAT,” the Commission believes these external cost estimates should also be applied to the creation and implementation of the Central Repository.
See Notice, supra note 5, at Section V.D.l.a(1).
See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(iii) (stating “the Participants have incurred public relations, legal and consulting costs in preparation of the CAT NMS Plan. The Participants estimate the costs of these services to be $8,800,000”). $2,400,000 for all Participants over 12 months = ($8,800,000/44 months between the adoption of Rule 613 and the filing of the CAT NMS Plan) × (12 months). ($2,400,000/21 Participants) = $114,285.71 per Participant over 12 months.
See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(iii).
As noted above, the Participants updated the Central Repository estimates to reflect the estimates of the final three Shortlisted Bidders. Using the revised estimates, the Commission estimates that the initial one-time cost to develop the Central Repository would be an aggregate initial external cost to the Participants of $65 million, or $3,095,238.09 per Participant. Therefore, the Commission now estimates that each Participant would incur initial one-time external costs of $3,209,523.80 to build the Central Repository, or an aggregate initial one-time external cost across all Participants of $67,399,999.80.
See Response Letter III at 14-15.
See id.
Id. The Participants provided a range of Bidder estimates. For purposes of this Paperwork Burden Act analysis, the Commission is using the build cost of the maximum estimate. $3,095,238.09 = $65,000,000/21 Participants.
$3,209,523.80 for each Participant to build the Central Repository = ($3,095,238.09 per Participant in initial one-time costs to compensate the Plan Processor to build the Central Repository) + ($114,285.71 per Participant in initial one-time public relations, legal and consulting costs associated with the building of the Central Repository and the selection of the Initial Plan Processor).
Commission staff notes that the Notice for the CAT NMS Plan contained an erroneous estimate of the initial one-time external costs to the Participants to build the Central Repository, estimating that each Participant would incur a cost of $7 million. The correct estimate was $4,476,190.47 per Participant. However, the Commission has subsequently revised its estimated costs to account for updated estimates provided by the Participants. See supra note 3289.
$67,399,999.80 for all of the Participants to build the Central Repository = ($3,209,523.80 per Participant to build the Central Repository) × (21 Participants).
(2) Ongoing, Annual Burden Hours and Costs for the Central Repository
After the Central Repository has been developed and implemented, there would be ongoing costs for operating and maintaining the Central Repository, including the cost of systems and connectivity upgrades or changes necessary to receive and consolidate the reported order and execution information from Participants and their members; the cost to store data, and make it available to regulators, in a uniform electronic format, and in a form in which all events pertaining to the same originating order are linked together in a manner that ensures timely and accurate retrieval of the information; the cost of collecting and maintaining the NBBO and transaction data in a format compatible with the order and event information collected pursuant to the Rule; the cost of monitoring the required validation parameters, which would allow the Central Repository to automatically check the accuracy and completeness of the data submitted and reject data not conforming to these parameters consistent with the requirements of the Rule; and the cost of paying the CCO and CISO. The CAT NMS Plan provides that the Plan Processor would be responsible for the ongoing operations of the Central Repository. The Operating Committee would continue to be responsible for the management of the Central Repository. In addition, the CAT NMS Plan states that the Participants would incur costs for public relations, legal, and consulting costs associated with maintaining the CAT upon approval of the CAT NMS Plan.
See CAT NMS Plan, supra note 5, at Section 6.1.
See id. at Appendix C, Section B.7(b)(iii).
A. Notice Estimates—Ongoing Burden and Costs
In the Notice, the Commission preliminarily estimated that each Participant would incur an ongoing annual internal burden of 720 burden hours associated with the continued management of the Central Repository, for an aggregate annual estimate of 14,407 burden hours across the Participants.
The Commission based this estimate on the internal burden estimate provided in the CAT NMS Plan for the development of the CAT NMS Plan. The Commission noted that the CAT NMS Plan describes the internal burden estimate for the development of the CAT NMS Plan as a cost the Participants will continue to accrue; therefore, the Commission preliminarily believed that it is reasonable to use this burden estimate as the basis for its ongoing internal burden estimate for the maintenance of the Central Repository, particularly as the Commission believed the reasons for the staff time incurred for the development of the CAT NMS Plan would be comparable to those of the staff time to be incurred by the Operating Committee and the Selection Committee for the continued management of the Central Repository. See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(iii) (stating “. . . the Participants have accrued, and will continue to accrue, direct costs associated with the development of the CAT NMS Plan. These costs include staff time contributed by each Participant to, among other things, determine the technological requirements for the Central Repository, develop the RFP, evaluate Bids received, design and collect the data necessary to evaluate costs and other economic impacts, meet with Industry Members to solicit feedback, and complete the CAT NMS Plan submitted to the Commission for consideration. The Participants estimate that they have collectively contributed 20 FTEs in the first 30 months of the CAT NMS Plan development process”). (20 FTEs/30 months) = 0.667 FTEs per month for all of the Participants to continue management of the Central Repository. Converting this into burden hours, (0.667 FTEs) × (12 months) × (1,800 burden hours per year) = 14,407 ongoing annual burden hours for all of the Participants to continue management of the Central Repository. (14,407 ongoing annual burden hours for all Participants/20 Participants) = 720 ongoing annual burden hours for each Participant to continue management of the Central Repository.
Additionally, the Commission preliminarily estimated that the Participants would collectively spend $800,000 annually on external public relations, legal and consulting costs associated with the continued management of the Central Repository, or $40,000 per Participant.
The Commission based this external cost estimate on the public relations, legal and consulting external cost estimate provided in the CAT NMS Plan associated with the preparation of the CAT NMS Plan (which the Participants consider “reasonably associated with creating, implementing, and maintaining the CAT upon the Commission's adoption of the CAT NMS Plan”). See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(iii) (stating “the Participants have incurred public relations, legal and consulting costs in preparation of the CAT NMS Plan. The Participants estimated the costs of these services to be $8,800,000”). $2,400,000 for all Participants over 12 months = ($8,800,000/44 months between the adoption of Rule 613 and the filing of the CAT NMS Plan) × (12 months). Because the Central Repository will have already been created, the Commission believed it is reasonable to assume that the Participants will have a lesser need for public relations, legal and consulting services. The Commission estimated that the Participants will incur one-third of the external cost associated with development and implementation of the Central Repository to maintain the Central Repository. $800,000 = (0.333) × ($2,400,000). ($800,000/20 Participants) = $40,000 per Participant over 12 months.
The CAT NMS Plan includes the estimates the six Shortlisted Bidders provided for the annual ongoing costs to the Participants to operate the Central Repository. The CAT NMS Plan did not categorize the costs included in the ongoing costs, but the Commission believed they would comprise external technological, operational and administrative costs, as the Participants described the costs included in the initial one-time external cost to build the Central Repository. Using these estimates, the Commission preliminarily estimated that the annual ongoing cost to the Participants to compensate the Plan Processor for building, operating and maintaining the Central Repository would be an aggregate ongoing external cost of $93 million, or approximately $4.7 million per Participant. Therefore, the Commission preliminarily estimated that each Participant would incur ongoing annual external costs of $4,740,000 to maintain the Central Repository, or aggregate ongoing annual external costs across all Participants of $94,800,000.
See Section V.F.1.a, supra, for a discussion of the total five-year operating costs for the Central Repository presented in the CAT NMS Plan. See also CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(i)(B).
See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(i)(B).
See supra note 3276.
See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(i)(B).
The Bidders provided a range of estimates. For purposes of this Paperwork Burden Act analysis, the Commission preliminarily used the maximum operation and maintenance cost estimate. $4,650,000 = $93,000,000/20 Participants. See also Section V.F.1.a, supra. The Commission noted several uncertainties that may affect the Central Repository cost estimates, including (1) that the Participants have not yet selected a Plan Processor and the Shortlisted Bidders have submitted a wide range of cost estimates for building and operating the Central Repository; (2) the Bids submitted by the Shortlisted Bidders may not be final because they may be revised before the final selection of the CAT Processor; and (3) neither the Bidders nor the Commission can anticipate the evolution of technology and market activity with precision, as improvements in available technology may allow the Central Repository to be built and operated at a lower cost than is currently anticipated, but if levels of anticipated market activity are materially underestimated, the capacity of the Central Repository may need to be increased, resulting in an increase in costs.
$4,740,000 for each Participant to build the Central Repository = ($4.7 million per Participant in ongoing annual costs to build the Central Repository) + ($40,000 per Participant in ongoing annual public relations, legal and consulting costs associated with the maintenance of the Central Repository).
$94,800,000 for all of the Participants to maintain the Central Repository = ($4,740,000 per Participant to compensate the Plan Processor and for external public relations, legal and consulting costs associated with the maintenance of the Central Repository) × (20 Participants).
B. Comments/Responses on Ongoing Costs
One commenter provided an alternate estimate for Central Repository ongoing costs of $28 million-$36 million. The commenter did not provide additional information or analysis to support this estimate, but the Commission notes that the commenter cited a study of the costs of the Volcker Rule in support of estimates for costs to Industry Members. If the commenter is basing its estimates on the costs expected from the Volcker Rule, the Commission notes that the requirements of Rule 613 are significantly different than the requirements of the Volcker Rule. The Commission also notes that the estimates provided in the Notice are the result of a competitive bidding process specific to the CAT and the Commission deems them credible.
Data Boiler Letter at 15.
Data Boiler Letter at 15.
C. Order Estimates—Ongoing Burden and Costs
As noted above, subsequent to the publication of the Notice, the Participants submitted revised Central Repository cost estimates to reflect the proposed development and maintenance costs of the final three Shortlisted Bidders. In addition, with the registration of IEX as a national securities exchange in June 2016, the expected number of Participants has increased from 20 to 21. As a result, the Commission is modifying its estimates of the ongoing burden and costs of the Central Repository.
See Response Letter III at 14-15. The Commission continues to believe that estimating Central Repository costs using estimates from the Bids is reliable and is therefore updating its cost estimates to reflect the updates provided by the Participants.
See supra note 3282.
After incorporating the revisions to the Central Repository cost estimates and the increase in the number of Participants, the Commission now estimates that each Participant would incur an ongoing annual internal burden of 686.05 burden hours associated with the continued management of the Central Repository, for an aggregate annual estimate of 14,407 burden hours across the Participants.
The Commission is basing this estimate on the internal burden estimate provided in the CAT NMS Plan for the development of the CAT NMS Plan. The Commission notes that the CAT NMS Plan describes the internal burden estimate for the development of the CAT NMS Plan as a cost the Participants will continue to accrue; therefore, the Commission believes that it is reasonable to use this burden estimate as the basis for its ongoing internal burden estimate for the maintenance of the Central Repository, particularly as the Commission believes the reasons for the staff time incurred for the development of the CAT NMS Plan would be comparable to those of the staff time to be incurred by the Operating Committee and the Selection Committee for the continued management of the Central Repository. See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(iii) (stating “. . . the Participants have accrued, and will continue to accrue, direct costs associated with the development of the CAT NMS Plan. These costs include staff time contributed by each Participant to, among other things, determine the technological requirements for the Central Repository, develop the RFP, evaluate Bids received, design and collect the data necessary to evaluate costs and other economic impacts, meet with Industry Members to solicit feedback, and complete the CAT NMS Plan submitted to the Commission for consideration. The Participants estimate that they have collectively contributed 20 FTEs in the first 30 months of the CAT NMS Plan development process”). (20 FTEs/30 months) = 0.667 FTEs per month for all of the Participants to continue management of the Central Repository. Converting this into burden hours, (0.667 FTEs) × (12 months) × (1,800 burden hours per year) = 14,407 ongoing annual burden hours for all of the Participants to continue management of the Central Repository. (14,407 ongoing annual burden hours for all Participants/21 Participants) = 686.05 ongoing annual burden hours for each Participant to continue management of the Central Repository.
The Commission has not changed its estimate that the Participants would collectively spend $800,000 annually on external public relations, legal and consulting costs associated with the continued management of the Central Repository. However, the individual Participant cost estimate has decreased from $40,000 per Participant (as the Commission preliminarily estimated in the Notice ) to $38,095.24 per Participant due to the increase in the number of Participants.
See Notice, supra note 5, at Section V.D.l.a(1).
The Commission is basing this external cost estimate on the public relations, legal and consulting external cost estimate provided in the CAT NMS Plan associated with the preparation of the CAT NMS Plan (which the Participants consider “reasonably associated with creating, implementing, and maintaining the CAT upon the Commission's adoption of the CAT NMS Plan”). See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(iii) (stating “the Participants have incurred public relations, legal and consulting costs in preparation of the CAT NMS Plan. The Participants estimate the costs of these services to be $8,800,000”). $2,400,000 for all Participants over 12 months = ($8,800,000/44 months between the adoption of Rule 613 and the filing of the CAT NMS Plan) × (12 months). Because the Central Repository will have already been created, the Commission believes it is reasonable to assume that the Participants will have a lesser need for public relations, legal and consulting services. The Commission is estimating that the Participants will incur one-third of the external cost associated with development and implementation of the Central Repository to maintain the Central Repository. $800,000 = (0.333) × ($2,400,000). ($800,000/21 Participants) = $38,095.24 per Participant over 12 months.
See supra note 3282.
As noted above, the Participants updated the Central Repository estimates to reflect the estimates of the final three Shortlisted Bidders. Using the revised estimates, the Commission now estimates that the annual ongoing cost to the Participants to compensate the Plan Processor for building, operating and maintaining the Central Repository would be an aggregate ongoing external cost of $55 million, or $2,619,047.62 per Participant. Therefore, the Commission estimates that each Participant would incur ongoing annual external costs of $2,657,142.86 to maintain the Central Repository, or aggregate ongoing annual external costs across all Participants of $55,800,000.06.
See Response Letter III at 14-15.
Id.
The Participants provided a range of Bidder estimates. See id. For purposes of this Paperwork Burden Act analysis, the Commission is using the maximum operation and maintenance cost estimate. $2,619,047.62 = $55,000,000/21 Participants. The Commission noted several uncertainties that may affect the Central Repository cost estimates, including (1) that the Participants have not yet selected a Plan Processor and the Shortlisted Bidders have submitted a wide range of cost estimates for building and operating the Central Repository; (2) the Bids submitted by the Shortlisted Bidders may not be final because they may be revised before the final selection of the CAT Processor; and (3) neither the Bidders nor the Commission can anticipate the evolution of technology and market activity with precision, as improvements in available technology may allow the Central Repository to be built and operated at a lower cost than is currently anticipated, but if levels of anticipated market activity are materially underestimated, the capacity of the Central Repository may need to be increased, resulting in an increase in costs.
$2,657,142.86 for each Participant to maintain the Central Repository = ($2,619,047.62 per Participant in ongoing annual costs to maintain the Central Repository) + ($38,095.24 per Participant in ongoing annual public relations, legal and consulting costs associated with the maintenance of the Central Repository).
$55,800,000.06 for all of the Participants to maintain the Central Repository = ($2,657,142.86 per Participant to compensate the Plan Processor and for external public relations, legal and consulting costs associated with the maintenance of the Central Repository) × (21 Participants).
b. Data Collection and Reporting
Rule 613(c)(1) requires the CAT NMS Plan to provide for an accurate, time-sequenced record of orders beginning with the receipt or origination of an order by a Participant, and further to document the life of the order through the process of routing, modification, cancellation and execution (in whole or in part) of the order. Rule 613(c) requires the CAT NMS Plan to impose requirements on Participants to record and report CAT information to the Central Repository in accordance with specified timelines.
Rule 613(c) would require the collection and reporting of some information that Participants already collect to operate their business and are required to maintain in compliance with Section 17(a) of the Exchange Act and Rule 17a-1 thereunder. For instance, the Commission believes that the national securities exchanges keep records pursuant to Section 17(a) of the Exchange Act and Rule 17a-1 thereunder in electronic form, of the receipt of all orders entered into their systems, as well as records of the routing, modification, cancellation, and execution of those orders. However, Rule 613 requires the Participants to collect and report additional and more detailed information, and to report the information to the Central Repository in a uniform electronic format, or in a manner that would allow the Central Repository to convert the data to a uniform electronic format for consolidation and storage.
For its estimates of the Participants' costs to report CAT Data, the Commission is relying on the cost data provided by the Participants in the CAT NMS Plan. The Commission believes that such reliance is appropriate because the estimates in the CAT NMS Plan are based on Participants' responses to the Participants Study undertaken to estimate CAT-related costs for hardware and software, FTE costs, and third-party providers, if the Commission approves the CAT NMS Plan. The Commission is providing below its paperwork burden estimates for the initial burden hours and external costs, and ongoing, annual burden hours and external costs to be incurred by the Participants to comply with the data reporting requirements of Rule 613.
Third-party provider costs are generally legal and consulting costs, but may include other outsourcing. The template used by respondents is available at http://catnmsplan.com/PastEvents/ under the Section titled “6/23/14” at the “Cost Study Working Template” link.
The Commission notes that throughout this Paperwork Reduction Act analysis, it is categorizing the FTE cost estimates for the Participants, as well as the broker-dealer respondents, that were provided in the CAT NMS Plan as an internal burden. To convert the FTE cost estimates into internal burden hours, the Commission: (1) Divided the FTE cost estimates by a divisor of $424,350, which is the Commission's estimated average salary for a full-time equivalent employee in the securities industry in a job category associated with regulatory data reporting; and then (2) multiplied the quotient by 1,800 (the number of hours a full-time equivalent employee is estimated to work per year). See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(ii)(C), n.192. The Participants represented that the cost per FTE is $401,440. The $401,440 figure used in the CAT NMS Plan was based on a Programmer Analyst's salary ($193 per hour) from SIFMA's Management & Professional Earnings in the Securities Industry 2008, multiplied by 40 hours per week, then multiplied by 52 weeks per year. The Commission has updated this number to include recent salary data for other job categories associated with regulatory data reporting in the securities industry, using the hour and multiple methodology used by the Commission in its paperwork burden analyses. The Commission is using $424,350 as its annual cost per FTE for purposes of its cost estimates. The $424,350 FTE cost = 25% Compliance Manager + 75% Programmer Analyst (0.25) × ($283 per hour × 1,800 working hours per year) + (0.75) × ($220 per hour × 1,800 working hours per year). The $283 per hour figure for a Compliance Manager and the $220 per hour figure for a Programmer Analyst are from SIFMA's Management & Professional Earnings in the Securities Industry 2013, modified by the Commission to account for an 1,800-hour work-year and multiplied by 5.35 to account for bonuses, firm size, employee benefits and overhead.
(1) Initial Burden Hours and External Cost
The CAT NMS Plan provides the following average costs that the Participants would expect to incur to adopt the systems changes needed to comply with the data reporting requirements of the CAT: $10,300,000 in aggregate FTE costs for internal operational, technical/development, and compliance functions; $770,000 in aggregate third party legal and consulting costs; and $17,900,000 in aggregate total costs.
See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(iii)(B)(2). Of the $17,900,000 in aggregate total costs, $11,070,000 is identified (subtotal of FTE costs and outsourcing), but the remaining $6,830,000 is not identified in the CAT NMS Plan. The Commission believes that the $6,830,000 may be attributed to hardware costs because the Participants have not provided any hardware costs associated with data reporting elsewhere and the Commission believes that the Participants will likely incur external costs to purchase upgraded hardware to report data to the Central Repository.
A. Notice Estimates—Initial Burden and Costs
In the Notice, based on estimates provided in the CAT NMS Plan, the Commission preliminarily estimated that the initial internal burden hours to develop and implement the needed systems changes to capture the required information and transmit it to the Central Repository in compliance with the Rule for each Participant would be approximately 2,185 burden hours. The Commission also preliminarily estimated that each Participant would, on average, incur approximately $38,500 in initial third party legal and consulting costs for a total of $380,000 in initial external costs. Therefore, the Commission preliminarily estimated that, for all Participants, the estimated aggregate one-time burden would be 43,690 hours and the estimated aggregate initial external cost would be $7,600,000.
($10,300,000 anticipated initial FTE costs)/(20 SROs) = $515,000 in anticipated initial FTE costs per Participant. ($515,000 in anticipated initial FTE costs per Participant)/($424,350 FTE costs per Participant) = 1.214 anticipated FTEs per Participant for the implementation of data reporting. (1.214 FTEs) × (1,800 working hours per year) = 2,184.5 initial burden hours per Participant to implement CAT Data reporting.
($770,000 anticipated initial third party costs)/(20 Participants) = $38,500 in initial anticipated third party costs per Participant.
To determine the total initial external cost per Participant, the Commission subtracted the anticipated initial FTE cost estimates for the Participants as provided in the Plan from the total aggregate initial costs to the Participants and divided the remainder by 20 Participants. ($17,900,000 total aggregate initial cost to Participants) − ($10,300,000 initial FTE cost to Participants) = $7,600,000. ($7,600,000)/20 Participants = $380,000 in initial external costs per Participant. See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(iii)(B)(1) for the Participants' anticipated costs associated with the implementation of regulatory reporting to the Central Repository.
43,690 initial burden hours = (20 Participants) × (2,184.5 initial burden hours).
$7,600,000 = ($380,000 in initial external costs) × (20 Participants).
B. Comments/Responses on Initial Costs
One commenter believed that estimates of current data reporting costs to Participants were “grossly underestimated,” and stated that the implementation cost estimate of $17.9 million for Participants was “not too far off,” but felt the Participants' estimated costs for legal and consulting services and additional employees were not reliable.
Data Boiler Letter at 35.
Data Boiler Letter at 35.
The Commission has considered the comment and continues to believe that the Participant cost estimates presented in the Plan are credible and is thus not changing its cost estimates of Participants' Data Recording and Reporting in response to the commenter. All 19 Participants responded to the Participants Study that served as the basis of the estimates, and most Participants have experience collecting audit trail data as well as expertise in the requirements of the CAT and in their business practices. The commenter did not provide an explanation for why the Participants were unable to reasonably estimate their own current data reporting costs.
There were 19 Participants at the time the Participants conducted the study.
C. Order Estimates—Initial Burden and Costs
As noted earlier, subsequent to the publication of the Notice, the expected number of Participants has increased from 20 to 21. As a result, the Commission is modifying its estimates of the initial burden and costs of Participants' data collection and reporting. After incorporating the increase in the number of Participants, the Commission now estimates that the initial internal burden hours to develop and implement the needed systems changes to capture the required information and transmit it to the Central Repository in compliance with the Rule for each Participant would be approximately 2,080.80 burden hours. The Commission also now estimates that each Participant would, on average, incur approximately $36,666.67 in initial third party legal and consulting costs for a total of $361,904.76 in initial external costs. Therefore, the Commission now estimates that, for all Participants, the estimated aggregate one-time burden would be 43,696.80 hours and the estimated aggregate initial external cost would be approximately $7,600,000.
See supra note 3282.
($10,300,000 anticipated initial FTE costs)/(21 Participants) = $490,476.19 in anticipated initial FTE costs per Participant. ($490,476.19 in anticipated initial FTE costs per Participant)/($424,350 FTE costs per Participant) = 1.156 anticipated FTEs per Participant for the implementation of data reporting. (1.156 FTEs) × (1,800 working hours per year) = 2,080.8 initial burden hours per Participant to implement CAT Data reporting.
($770,000 anticipated initial third party costs)/(21 Participants) = $36,666.67 in initial anticipated third party costs per Participant.
To determine the total initial external cost per Participant, the Commission subtracted the anticipated initial FTE cost estimates for the Participants as provided in the Plan from the total aggregate initial costs to the Participants and divided the remainder by 21 Participants. ($17,900,000 total aggregate initial cost to Participants) − ($10,300,000 initial FTE cost to Participants) = $7,600,000. ($7,600,000)/21 Participants = $361,904.76 in initial external costs per Participant. See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(iii)(B)(1) for the Participants' anticipated costs associated with the implementation of regulatory reporting to the Central Repository.
43,696.80 initial burden hours = (21 Participants) × (2,080.80 initial burden hours).
$7,599,999.96 = ($361,904.76 in initial external costs) × (21 Participants).
(2) Ongoing, Annual Burden Hours and External Cost
Once a Participant has established the appropriate systems and processes required for collection and transmission of the required information to the Central Repository, the Commission estimates that Rule 613 would impose on each Participant ongoing annual burdens associated with, among other things, personnel time to monitor each Participant's reporting of the required data and the maintenance of the systems to report the required data; and implementing changes to trading systems that might result in additional reports to the Central Repository. The CAT NMS Plan provides the following average aggregate costs that the Participants would expect to incur to maintain data reporting systems to be in compliance with Rule 613: $7,300,000 in anticipated annual FTE costs for operational, technical/development, and compliance functions related to data reporting; $720,000 in annual third party legal, consulting, and other costs; and $14,700,000 total annual costs.
See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(iii)(B)(2). The CAT NMS Plan did not identify the other costs.
Of the $14,700,000 in aggregate total annual costs, $8,020,000 is identified (subtotal of FTE costs and outsourcing), but the remaining $6,680,000 is not identified in the CAT NMS Plan. The Commission believes that this amount may be attributed to hardware costs because the Participants have not provided any hardware costs associated with data reporting elsewhere and the Commission believes that the Participants will likely incur costs to upgrade their hardware to report data to the Central Repository.
A. Notice Estimates—Ongoing Burden and Costs
In the Notice, based on estimates provided in the CAT NMS Plan, the Commission believed that it would take each Participant 1,548 ongoing burden hours per year to continue compliance with Rule 613. The Commission preliminarily estimated that it would cost, on average, approximately $36,000 in ongoing third party legal and consulting and other costs and $370,000 in total ongoing external costs per Participant. Therefore, the Commission preliminarily estimated that the estimated aggregate ongoing burden for all Participants would be approximately 30,966 hours and an estimated aggregate ongoing external cost of $7,400,000.
($7,300,000 in anticipated Participant annual FTE costs)/(20 Participants) = $365,000 in anticipated per Participant annual FTE costs. ($365,000 in anticipated per Participant FTE costs)/($424,350 FTE cost per Participant) = 0.86 anticipated FTEs per Participant. (0.86 FTEs) × (1,800 working hours per year) = 1,548.3 burden hours per Participant to maintain CAT Data reporting.
($720,000 in annual third party costs)/(20 Participants) = $36,000 per Participant in anticipated annual third party costs.
To determine the total external annual cost per Participant, the Commission subtracted the anticipated annual FTE cost estimates for the Participants as provided in the Plan from the total aggregate annual costs to the Participants and divided the remainder by 20 Participants. ($14,700,000 total aggregate annual cost to Participants) − ($7,300,000 annual FTE cost to Participants) = $7,400,000. ($7,400,000)/20 Participants = $370,000 in annual external costs per Participant. See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(iii)(B)(1) for the Participants' anticipated maintenance costs associated with regulatory reporting to the Central Repository.
30,966 annual burden hours = (20 Participants) × (1,548.3 annual burden hours).
$7,400,000 = ($370,000 in total annual external costs) × (20 Participants).
B. Comments/Responses on Ongoing Costs
One commenter noted that the Participants' ongoing data reporting cost estimates do not include a “per-message toll charge in the CAT funding model.” The Commission considered this comment, but notes that the Participants are not charged for message traffic according to the Plan's funding model.
Data Boiler Letter at 35.
One commenter noted that the Participants' ongoing data reporting cost estimates do not include a “per-message toll charge in the CAT funding model.” The Commission considered this comment, but notes that the Participants are not charged for message traffic according to the Plan's funding model.
Data Boiler Letter at 35.
C. Order Estimates—Ongoing Burden and Costs
As noted earlier, subsequent to the publication of the Notice, the expected number of Participants has increased from 20 to 21. As a result, the Commission is modifying its estimates of the ongoing burden and costs of Participants' data reporting. After incorporating the increase in the number of Participants, the Commission now estimates that it would take each Participant 1,474.20 ongoing burden hours per year to continue compliance with Rule 613. The Commission now estimates that it would cost, on average, approximately $34,285.71 in ongoing third party legal and consulting and other costs and $352,380.95 in total ongoing external costs per Participant. Therefore, the Commission now estimates that the estimated aggregate ongoing burden for all Participants would be approximately 30,958.20 hours and an estimated aggregate ongoing external cost of approximately $7,400,000.
See supra note 3282.
($7,300,000 in anticipated Participant annual FTE costs)/(21 Participants) = $347,619.08 in anticipated per Participant annual FTE costs. ($347,619.05 in anticipated per Participant FTE costs)/($424,350 FTE cost per Participant) = 0.819 anticipated FTEs per Participant. (0.819 FTEs) × (1,800 working hours per year) = 1,474.20 burden hours per Participant to maintain CAT Data reporting.
($720,000 in annual third party costs)/(21 Participants) = $34,285.71 per Participant in anticipated annual third party costs.
To determine the total external annual cost per Participant, the Commission subtracted the anticipated annual FTE cost estimates for the Participants as provided in the Plan from the total aggregate annual costs to the Participants and divided the remainder by 21 Participants. ($14,700,000 total aggregate annual cost to Participants) − ($7,300,000 annual FTE cost to Participants) = $7,400,000. ($7,400,000)/21 Participants = $352,380.95 in annual external costs per Participant. See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(iii)(B)(1) for the Participants' anticipated maintenance costs associated with regulatory reporting to the Central Repository.
30,958.20 annual burden hours = (21 Participants) × (1,474.20 annual burden hours).
$7,399,999.95 = ($352,380.95 in total annual external costs) × (21 Participants).
c. Collection and Retention of NBBO, Last Sale Data and Transaction Reports
Rule 613(e)(7) provides that the CAT NMS Plan must require the Central Repository to collect and retain on a current and continuous basis NBBO information for each NMS security, transaction reports reported pursuant to an effective transaction reporting plan, and Last Sale Reports reported pursuant to the OPRA Plan. Additionally, the CAT NMS Plan must require the Central Repository to maintain this data in a format compatible with the order and event information consolidated and stored pursuant to Rule 613(c)(7). Further, the CAT NMS Plan must require the Central Repository to retain the information collected pursuant to paragraphs (c)(7) and (e)(7) of Rule 613 for a period of not less than five years in a convenient and usable uniform electronic format that is directly available and searchable electronically without any manual intervention. The Commission notes that the CAT NMS Plan includes these data as “SIP Data” to be collected by the Central Repository. As it concluded in the Notice Paperwork Reduction Act analysis, the Commission believes the burden associated with SIP Data is included in the burden to the Participants associated with the implementation and maintenance of the Central Repository.
See 17 CFR 242.613(e)(7).
Id.
See 17 CFR 242.613(e)(8).
See CAT NMS Plan, supra note 5, at Section 6.5(a)(ii).
See Notice, supra note 5, at Section V.D.1.c.
d. Surveillance
Rule 613(f) provides that the CAT NMS Plan must require that every national securities exchange and national securities association develop and implement a surveillance system, or enhance existing surveillance systems, reasonably designed to make use of the consolidated information contained in the consolidated audit trail. Rule 613(a)(3)(iv) provides that the CAT NMS Plan must require that the surveillance systems be implemented within fourteen months after effectiveness of the CAT NMS Plan.
(1) Initial Burden Hours and External Cost
The CAT NMS Plan states that the estimated total cost to the Participants to implement surveillance programs within the Central Repository is $23,200,000. This amount includes legal, consulting, and other costs of $560,000, as well as $17,500,000 in FTE costs for operational, technical/development, and compliance staff to be engaged in the creation of surveillance programs.
See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(iii)(B)(2).
Id. The Commission also notes that based upon the data provided by the Participants, the source of the remaining $5,140,000 in initial costs to implement new or enhanced surveillance systems is unspecified. The Commission believes that this amount may be attributed to hardware costs because the Participants have not provided any hardware costs associated with surveillance elsewhere and the Commission believes that the Participants will likely incur costs to implement new or enhanced surveillance systems reasonably designed to make use of the consolidated audit trail data.
A. Notice Estimates—Initial Burden and Costs
In the Notice, based on the estimates provided in the CAT NMS Plan, the Commission preliminarily estimated that the initial internal burden hours to implement new or enhanced surveillance systems reasonably designed to make use of the consolidated audit trail data for each Participant would be approximately 3,711.6 burden hours, for an aggregate initial burden hour amount of 74,232 burden hours. The Commission also preliminarily estimated that each Participant would, on average, incur an initial external cost of approximately $28,000 for outsourced legal, consulting and other costs in order to implement new or enhanced surveillance systems, for a total of $285,000 in initial external costs, for an aggregate one-time initial external cost of $5,700,000 to implement new or enhanced surveillance systems.
($17,500,000 in anticipated initial FTE costs)/(20 Participants) = $875,000 in anticipated FTE costs per Participant. ($875,000 in anticipated initial FTE costs per Participant)/($424,350 FTE cost per Participant) = 2.06 anticipated initial FTEs per Participant. (2.06 FTEs) × (1,800 working hours per year) = 3,711.6 initial burden hours per Participant to implement new or enhanced surveillance systems.
(3,711.6 initial burden hours per Participant to implement new or enhanced surveillance systems) × (20 Participants) = 74,232 aggregate initial burden hours.
$28,000 = $560,000/20 Participants.
$285,000 = ($23,200,000 in total initial surveillance costs −$17,500,000 in FTE costs)/(20 Participants).
$5,700,000 = $285,000 × 20 Participants.
B. Comments/Responses on Initial Burden and Costs
One commenter implied that savings on surveillance were unlikely, and stated that the lack of an analytical framework did not facilitate the identification of suspicious activities. Another commenter noted that uncertainties in the manner in which regulators will access data in the Central Repository create significant cost uncertainties. On the other hand, the commenter asserted that the CAT could permit more efficient market surveillance activity by the Participants, which would allow for cost savings.
Data Boiler Letter at 33.
SIFMA Letter at 33.
SIFMA Letter at 18.
The Commission has considered these comments and continues to believe that Participant cost estimates presented in the Plan are credible. As noted above, all 19 Participants responded to the Participants Study, and most Participants have experience collecting audit trail data as well as expertise in the requirements of CAT as well as in their business practices. Regarding the comment about the inclusion of an analytical framework in surveillance cost estimates in the Plan, the Plan does incorporate an analytical framework; therefore, the Commission believes that Participant cost estimates already account for such a framework.
There were 19 Participants at the time the Participants conducted the study.
See Section V.E.2.c(1), supra.
C. Order Estimates—Initial Burden and Costs
As noted earlier, subsequent to the publication of the CAT NMS Plan Notice, the expected number of Participants has increased from 20 to 21. As a result, the Commission is modifying its estimates of the initial burden and costs to implement new or enhanced surveillance systems reasonably designed to make use of the consolidated audit trail data. After incorporating the increase in the number of Participants, the Commission now estimates that the initial internal burden hours to implement new or enhanced surveillance systems for each Participant would be approximately 3,535.20 burden hours, for an aggregate initial burden hour amount of 74,239.20 burden hours. The Commission also now estimates that each Participant would, on average, incur an initial external cost of approximately $26,666.67 for outsourced legal, consulting and other costs in order to implement new or enhanced surveillance systems, for a total of $271,428.57 in initial external costs, for an aggregate one-time initial external cost of approximately $5,700,000 to implement new or enhanced surveillance systems.
See supra note 3282.
($17,500,000 in anticipated initial FTE costs)/(21 Participants) = $833,333.33 in anticipated FTE costs per Participant. ($833,333.33 in anticipated initial FTE costs per Participant)/($424,350 FTE cost per Participant) = 1.964 anticipated initial FTEs per Participant. (1.964 FTEs) × (1,800 working hours per year) = 3,535.20 initial burden hours per Participant to implement new or enhanced surveillance systems.
(3,535.20 initial burden hours per Participant to implement new or enhanced surveillance systems) × (21 Participants) = 74,239.20 aggregate initial burden hours.
$26,666.67 = $560,000/21 Participants.
$271,428.57 = ($23,200,000 in total initial surveillance costs − $17,500,000 in FTE costs)/(21 Participants).
$5,699,999.97 = ($271,428.57 in initial external costs) × (21 Participants).
(2) Ongoing, Annual Burden Hours and External Cost
The CAT NMS Plan states that the estimated total annual cost associated with the maintenance of surveillance programs for the Participants is $87,700,000. This amount includes annual legal, consulting, and other costs of $1,000,000, as well as $66,700,000 in annual FTE costs for internal operational, technical/development, and compliance staff to be engaged in the maintenance of surveillance programs.
See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(iii)(B)(2).
Id. The Commission also notes that based upon the data provided by the Participants, the source of the remaining $21,000,000 in ongoing costs to maintain the new or enhanced surveillance systems is unspecified. The Commission believes that this amount may be attributed to hardware costs because the Participants have not provided any hardware costs associated with surveillance elsewhere and the Commission believes that the Participants would likely incur costs associated with maintaining the new or enhanced surveillance systems.
A. Notice Estimates—Ongoing Burden and Costs
In the Notice, based on the estimates provided in the CAT NMS Plan, the Commission preliminarily estimated that the ongoing internal burden hours to maintain the new or enhanced surveillance systems reasonably designed to make use of the consolidated audit trail data for each Participant would be approximately 14,146 annual burden hours, for an aggregate annual burden hour amount of 282,920 burden hours. The Commission also preliminarily estimated that each Participant would, on average, incur an annual external cost of approximately $50,000 for outsourced legal, consulting and other costs in order to maintain the new or enhanced surveillance systems, for a total estimated ongoing external cost of $1,050,000, for an estimated aggregate ongoing external cost of $21,000,000 to maintain the surveillance systems.
See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(iii)(B)(2).
($66,700,000 in anticipated ongoing FTE costs)/(20 Participants) = $3,335,000 in anticipated ongoing FTE costs per Participant. ($3,335,000 in anticipated ongoing FTE costs per Participant)/($424,350 FTE cost per Participant) = 7.86 anticipated FTEs per Participant. (7.86 FTEs) × (1,800 working hours per year) = 14,146 ongoing burden hours per Participant to maintain the new or enhanced surveillance systems.
(14,146 annual burden hours per Participant to maintain new or enhanced surveillance systems) × (20 Participants) = 282,920 aggregate annual burden hours.
$50,000 = $1,000,000 for ongoing legal, consulting and other costs associated with maintenance of surveillance programs/20 Participants.
$1,050,000 = ($87,700,000 in total ongoing surveillance costs − $66,700,000 in ongoing FTE costs)/20 Participants
$21,000,000 = $1,050,000 × 20 Participants.
B. Order Estimates—Ongoing Burden and Costs
As noted earlier, subsequent to the publication of the Notice, the expected number of Participants has increased from 20 to 21. As a result, the Commission is modifying its estimates of the ongoing burden and costs to maintain the new or enhanced surveillance systems reasonably designed to make use of the consolidated audit trail data. After incorporating the increase in the number of Participants, the Commission now estimates that the ongoing internal burden hours for each Participant would be approximately 13,473 annual burden hours, for an aggregate annual burden hour amount of 282,933 burden hours. The Commission also now estimates that each Participant would, on average, incur an annual external cost of approximately $47,619.05 for outsourced legal, consulting and other costs in order to maintain the new or enhanced surveillance systems, for a total estimated ongoing external cost of $1,000,000, for an estimated aggregate ongoing external cost of $21,000,000 across the 21 Participants to maintain the surveillance systems.
See supra note 3282.
($66,700,000 in anticipated ongoing FTE costs)/(21 Participants) = $3,176,190.48 in anticipated ongoing FTE costs per Participant. ($3,176,190.48 in anticipated ongoing FTE costs per Participant)/($424,350 FTE cost per Participant) = 7.485 anticipated FTEs per Participant. (7.485 FTEs) × (1,800 working hours per year) = 13,473 ongoing burden hours per Participant to maintain the new or enhanced surveillance systems.
(13,473 annual burden hours per Participant to maintain new or enhanced surveillance systems) × (21 Participants) = 282,933 aggregate annual burden hours.
$47,619.05 = ($1,000,000 for ongoing legal, consulting and other costs associated with maintenance of surveillance programs)/(21 Participants).
$1,000,000 = ($87,700,000 in total ongoing surveillance costs − $66,700,000 in ongoing FTE costs)/(21 Participants).
$21,000,000 = ($1,000,000) × (21 Participants).
e. Document on Expansion to Other Securities
Rule 613(i) provides that the CAT NMS Plan must require the Participants to jointly provide to the Commission, within six months after the CAT NMS Plan is effective, a document outlining how the Participants could incorporate into the CAT information regarding: (1) Equity securities that are not NMS securities; (2) debt securities; and (3) primary market transactions in equity securities that are not NMS securities and debt securities. The document must also detail the order and Reportable Event data that each market participant may be required to provide, which market participants may be required to provide such data, an implementation timeline, and a cost estimate. Thus, the Participants must, among other things, undertake an analysis of technological and computer system acquisitions and upgrades that would be required to achieve such an expansion.
As noted above, the CAT NMS Plan would require the inclusion of OTC Equity Securities, while Rule 613 does not include such a requirement. See supra note 439.
See 17 CFR 242.613(i).
A. Notice Estimates—Initial Burden and Costs
In the Notice, the Commission preliminarily estimated that it would take each Participant approximately 180 burden hours of internal legal, compliance, business operations and information technology staff time to create a document addressing expansion of the consolidated audit trail to additional securities as required by Rule 613(i). The Commission preliminarily estimated that on average, each Participant would outsource 25 hours of external legal time to create the document, for an aggregate one-time external cost of approximately $10,000. Therefore, the Commission preliminarily estimated that the one-time initial burden of drafting the document required by Rule 613 would be 180 initial burden hours plus $10,000 in initial external costs for outsourced legal counsel per Participant, for an estimated aggregate initial burden of 3,600 hours and an estimated aggregate initial external cost of $200,000.
The Commission based this estimate on the internal burden provided in the CAT NMS Plan related to the development of the CAT NMS Plan. See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(iii) (stating “[t]he Participants estimate that they have collectively contributed 20 FTEs in the first 30 months of the CAT NMS Plan development process”). Because this document is much more limited in scope than the CAT NMS Plan, and because the Commission assumes that in drafting the CAT NMS Plan, the Participants have already contributed time toward considering how the CAT can be expected to be expanded in accordance with Rule 613(i), the Commission applied the CAT NMS Plan development internal burden over a 6-month period (Rule 613(i) requires this document to be submitted to the Commission within six months after effectiveness of the CAT NMS Plan), divided by half. 0.667 FTEs required for all Participants per month to develop the CAT NMS Plan = (20 FTEs/30 months). 0.667 FTEs × 6 months = 4 FTEs. 4 FTEs/2 = 2 FTEs needed for all of the Participants to create and submit the document. 2 FTEs × 1,800 working hours per year = 3,600 burden hours. 3,600 burden hours/20 Participants = 180 burden hours per Participant to create and file the document.
$10,000 = (25 hours of outsourced legal time per Participant) × ($400 per hour rate for outside legal services). The Commission derived the total estimated cost for outsourced legal counsel based on the assumption that the report required by Rule 613 would require approximately fifteen percent of the Commission's approximated burden of drafting and filing the CAT NMS Plan. This assumption is based on the Participants leveraging their knowledge gained from their drafting and filing of the CAT NMS Plan and applying it to efficiently preparing the report required by Rule 613 with respect to other securities' order and Reportable Events, implementation timeline and cost estimates.
The initial burden hour estimate is based on: (20 Participants) × (180 initial burden hours to draft the report). The initial external cost estimate is based on: (20 Participants) × ($10,000 for outsourced legal counsel).
B. Order Estimates—Initial Burden and Costs
As noted earlier, subsequent to the publication of the Notice, the expected number of Participants has increased from 20 to 21. As a result, the Commission is modifying its estimates of the initial burden and costs of the document on expansion to additional securities. After incorporating the increase in the number of Participants, the Commission now estimates that it would take each Participant approximately 171.43 burden hours of internal legal, compliance, business operations and information technology staff time to create a document addressing expansion of the CAT to additional securities as required by Rule 613(i). The Commission now estimates that on average, each Participant would outsource 25 hours of external legal time to create the document, for an aggregate one-time external cost of approximately $10,000. Therefore, the Commission now estimates that the one-time initial burden of drafting the document required by Rule 613 would be 171.43 initial burden hours plus $10,000 in initial external costs for outsourced legal counsel per Participant, for an estimated aggregate initial burden of 3,600.3 hours and an estimated aggregate initial external cost of $210,000.
See supra note 3282.
The Commission is basing this estimate on the internal burden provided in the CAT NMS Plan related to the development of the CAT NMS Plan. See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(iii) (stating “[t]he Participants estimate that they have collectively contributed 20 FTEs in the first 30 months of the CAT NMS Plan development process”). Because the expansion document is much more limited in scope than the CAT NMS Plan, and because the Commission assumes that in drafting the CAT NMS Plan, the Participants have already contributed time toward considering how the CAT can be expected to be expanded in accordance with Rule 613(i), the Commission is applying the CAT NMS Plan development internal burden over a 6-month period (Rule 613(i) requires this document to be submitted to the Commission within six months after effectiveness of the CAT NMS Plan), divided by half. 0.667 FTEs required for all Participants per month to develop the CAT NMS Plan = (20 FTEs/30 months). 0.667 FTEs × 6 months = 4 FTEs. 4 FTEs/2 = 2 FTEs needed for all of the Participants to create and submit the document. 2 FTEs × 1,800 working hours per year = 3,600 burden hours. (3,600 burden hours)/(21 Participants) = 171.43 burden hours per Participant to create and file the document.
$10,000 = (25 hours of outsourced legal time per Participant) × ($400 per hour rate for outside legal services). The Commission derived the total estimated cost for outsourced legal counsel based on the assumption that the report required by Rule 613 would require approximately fifteen percent of the Commission's approximated burden of drafting and filing the CAT NMS Plan. This assumption is based on the Participants leveraging their knowledge gained from their drafting and filing of the CAT NMS Plan and applying it to efficiently preparing the report required by Rule 613 with respect to other securities' order and Reportable Events, implementation timeline and cost estimates.
The initial burden hour estimate is based on: (21 Participants) × (171.43 initial burden hours to draft the report). The initial external cost estimate is based on: (21 Participants) × ($10,000 for outsourced legal counsel).
f. Written Assessment of Operation of the Consolidated Audit Trail
Rule 613(b)(6) provides that the CAT NMS Plan must require the Participants to provide the Commission a written assessment of the CAT's operation at least every two years, once the CAT NMS Plan is effective. The assessment must address, at a minimum, with respect to the CAT: (i) An evaluation of its performance; (ii) a detailed plan for any potential improvements to its performance; (iii) an estimate of the costs associated with any such potential improvements; and (iv) an estimated implementation timeline for any such potential improvements, if applicable. Thus, the Participants must, among other things, undertake an analysis of the CAT's technological and computer system performance.
17 CFR 242.613(b)(6); see also Notice, supra note 5, at 30700.
See 17 CFR 242.613(b)(6).
The CAT NMS Plan states that the CCO would oversee the assessment required by Rule 613(b)(6), and would allow the Participants to review and comment on the assessment before it is submitted to the Commission. The CCO would be an employee of the Plan Processor and would be compensated by the Plan Processor. The Commission assumes that the overall cost and associated burden on the Participants to implement and maintain the Central Repository includes both the compensation for the Plan Processor as well as its employees for the implementation and maintenance of the Central Repository.
See CAT NMS Plan, supra note 5, at Section 6.6.
Id. at Section 6.2(a).
A. Notice Estimates—Ongoing Burden and Costs
In the Notice, the Commission preliminarily estimated that it would take each Participant approximately 45 annual burden hours of internal legal, compliance, business operations, and information technology staff time to review and comment on the assessment prepared by the CCO of the operation of the consolidated audit trail as required by Rule 613(b)(6). The Commission preliminarily estimated that on average, each Participant would outsource 1.25 hours of legal time annually to assist in the review of the assessment, for an ongoing annual external cost of approximately $500. Therefore, the Commission preliminarily estimated that the ongoing annual burden of submitting a written assessment at least every two years, as required by Rule 613(b)(6), would be 45 ongoing burden hours per SRO plus $500 of external costs for outsourced legal counsel per Participant per year, for an estimated aggregate annual ongoing burden of 900 hours and an estimated aggregate ongoing external cost of $10,000.
The Commission calculated the total estimated burden hours based on a similar formulation used for calculating the total estimated burden hours of Rule 613(i)'s requirement for a document addressing expansion of the CAT to other securities. See Notice, supra note 5, at Section V.D.1.f. The Commission assumed that the review and potential revision of the written assessment required by Rule 613(b)(6) would be approximately one-half as burdensome as the document required by Rule 613(i) as the Participants are delegating the responsibility to prepare the written assessment required by Rule 613(b)(6) to the CCO and the Participants would only need to review the written assessment and revise it as necessary. As noted in note 3394, supra, to estimate the Rule 613(i) burden, the Commission is applying the internal burden estimate provided in the CAT NMS Plan for Plan development over a 6-month period, and dividing the result in half. See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(iii). To estimate the Rule 613(b)(6) written assessment burden, the Commission is dividing the result further by half. 0.667 FTEs required for all Participants per month to develop the CAT NMS Plan = (20 FTEs/30 months). 0.667 FTEs × 6 months = 4 FTEs. 4 FTEs/2 = 2 FTEs needed for all of the Participants to create and submit the Rule 613(i) document. 2 FTEs/2 = 1 FTE needed for all of the Participants to review and comment on the written assessment. (1 FTE × 1,800 working hours per year) = 1,800 ongoing annual burden hours per year for all of the Participants to review and comment on the written assessment. (1,800 burden hours/20 Participants) = 90 ongoing annual burden hours per Participant to review and comment on the written assessment prepared by the CCO. The Commission noted that this assessment must be filed with the Commission every two years and is providing an annualized estimate of the burden associated with the assessment as required for its Paperwork Reduction Act analysis. To provide an estimate of the annual burden associated with the assessment as required for its Paperwork Reduction Act analysis, Commission divided the 90 ongoing burden hours in half (over two years) = 45 ongoing annual burden hours per Participant to review and comment on the written assessment prepared by the CCO.
$500 = ($400 per hour rate for outside legal services) × (1.25 hours). Because the written assessment was a biennial requirement, the Commission divided the cost of the written assessment in half (over two years) to estimate the annual ongoing external cost per Participant for outside legal services to review and comment on the written assessment prepared by the CCO.
900 ongoing annual burden hours = (45 ongoing annual burden hours) × (20 Participants).
$10,000 = 20 Participants × ($400 per hour rate for outside legal services) × (1.25 hours).
B. Order Estimates—Ongoing Burden and Costs
As noted above, the Commission has subsequently amended this requirement as imposed by the CAT NMS Plan to change the reporting frequency from every two years to annual, to require that the benefits of potential improvements, and their impact on investor protection, be discussed, as well as to provide additional specificity regarding the content of the report. As amended, the content of the report must include the following: (i) An evaluation of the information security program of the CAT to ensure that the program is consistent with the highest industry standards for protection of data; (ii) an evaluation of potential technological upgrades based upon a review of technological advancements over the preceding year, drawing on technological expertise, whether internal or external; (iii) an evaluation of the time necessary to restore and recover CAT Data at a back-up site; (iv) an evaluation of how the Plan Processor and Participants are monitoring Error Rates and addressing the application of Error Rates based on product, data element or other criteria; (v) a copy of the evaluation required by the CAT NMS Plan in Section 6.8(c) that the Plan Processor evaluate whether industry standards have evolved such that: (1) The synchronization standard in Section 6.8(a) of the CAT NMS Plan should be shortened; or (2) the required timestamp in Section 6.8(b) of the CAT NMS Plan should be in finer increments.
See Section VI.A.7., supra.
See Section IV.H., supra.
The CAT NMS Plan states that the CCO would oversee the assessment required by Rule 613(b)(6), and would allow the Participants to review and comment on the assessment before it is submitted to the Commission. The Commission believes the responsibility to oversee the assessment as amended should continue to belong to the CCO and is not amending the CAT NMS Plan to require a different process.
See CAT NMS Plan, supra note 5, at Section 6.6.
As a result, the Commission is modifying its estimates of the ongoing burden and costs related to the written assessment of the operation of the CAT, as well as to account for an increase in the expected number of Participants from 20 to 21, subsequent to the publication of the Notice. The Commission now estimates that it would take each Participant approximately 171.43 annual burden hours of internal legal, compliance, business operations, and information technology staff time to review and comment on the assessment prepared by the CCO of the operation of the CAT. The Commission now estimates that on average, each Participant would outsource 2.5 hours of legal time annually to assist in the review of the assessment, for an ongoing annual external cost of approximately $1,000. Therefore, the Commission now estimates that the ongoing annual burden of submitting a written assessment annually would be 171.43 ongoing burden hours per SRO plus $1,000 of external costs for outsourced legal counsel per Participant per year, for an estimated aggregate annual ongoing burden of approximately 3,600.03 hours and an estimated aggregate ongoing external cost of $21,000.
See supra note 3282.
As it did when making its preliminary estimate, the Commission calculated the total estimated burden hours based on a similar formulation used for calculating the total estimated burden hours of Rule 613(i)'s requirement for a document addressing expansion of the CAT to other securities. See Section VI.D.1.e., supra. Specifically, as noted above, the Commission assumed that the review and potential revision of the written assessment would be approximately one-half as burdensome as the document required by Rule 613(i) when making its preliminary estimate. The Commission then further divided the burden by half because this report is required to be furnished every two years.
The Commission has amended the CAT NMS Plan to add more specificity to the requirement to provide the written assessment. As a result, the Commission now estimates that the written assessment would now be as burdensome (instead of half as burdensome) as the document addressing expansion required by Rule 613(i). 2 FTEs needed for all of the Participants to create and submit the document required by Rule 613(i) (and now for all of the Participants to review and comment on the written assessment). (2 FTEs) × (1,800 working hours per year) = 3,600 ongoing annual burden hours per year for all of the Participants to review and comment on the written assessment. (3,600 burden hours per year)/(21 Participants) = 171.43 ongoing annual burden hours per Participant to review and comment on the written assessment prepared by the CCO.
The Commission also has amended the CAT NMS Plan to require this assessment to be provided annually instead of once every two years. To account for this change, the Commission is no longer dividing the ongoing burden hours for providing the written assessment in half to determine the annualized estimate of the burden.
$1,000 = ($400 per hour rate for outside legal services) × (2.5 hours). The Commission has amended the CAT NMS Plan to add more specificity to the requirement to provide the written assessment and is now requiring this assessment to be provided annually instead of once every two years. Because the written assessment is no longer a biennial requirement, the Commission is no longer dividing the cost of the written assessment in half (over two years) to estimate the annual ongoing external cost per Participant for outside legal services to review and comment on the written assessment prepared by the CCO.
3,600.03 ongoing annual burden hours = (171.43 ongoing annual burden hours) × (21 Participants).
$21,000 = (21 Participants) × ($400 per hour rate for outside legal services) × (2.5 hours).
2. Burden on Members of National Securities Exchanges and National Securities Associations
a. Data Collection and Reporting
Rule 613(c)(1) requires the CAT NMS Plan to provide for an accurate, time-sequenced record of orders beginning with the receipt or origination of an order by a broker-dealer member of a Participant, and further documenting the life of the order through the process of routing, modification, cancellation and execution (in whole or in part) of the order. Rule 613(c) requires the CAT NMS Plan to impose requirements on broker-dealer members to record and report CAT Data to the Central Repository in accordance with specified timelines.
In calculating the burden on members of national securities exchanges and national securities associations, the Commission categorized broker-dealer firms by whether they insource or outsource, or are likely to insource or outsource, CAT Data reporting obligations. The Commission believes that firms that currently report high numbers of OATS ROEs strategically would decide to either self-report their CAT Data or outsource their CAT Data reporting functions (Insourcers), while the firms with the lowest levels of activity would be unlikely to have the infrastructure and specialized employees necessary to insource CAT Data reporting and would almost certainly outsource their CAT Data reporting functions (Outsourcers). The Commission recognizes that more active firms that will likely be CAT Reporters and insource regulatory data reporting functions may not have current OATS reporting obligations because they either are not FINRA members, or because they do not trade in NMS equity securities.
The Commission acknowledges the inherent difficulty in establishing precise burden estimates because the Commission does not know the exact method of data reporting the Participants would decide for broker-dealers. For these estimates, the Commission is relying, in part, on the cost data provided by the Participants in the CAT NMS Plan, and, as noted earlier, on its own estimates of the costs that broker-dealers are likely to face for CAT implementation and ongoing reporting in compliance with Rule 613. See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b); see Section V.F.1.c.(2)B., supra.
See Notice, supra note 5, at 30718.
The Commission also recognizes as discussed above that some broker-dealer firms may strategically choose to outsource despite the Plan's working assumption that these broker-dealers would insource their regulatory data reporting functions.
The Commission estimates that there are 126 OATS-reporting Insourcers and 45 non-OATS reporting Insourcers (14 ELPs and 31 Options Market Makers). The Commission's estimation categorizes the remaining 1,629 broker-dealers that the Plan anticipates would have CAT Data reporting obligations as Outsourcers.
See Section V.F.1.c(2)B., supra.
Id.
(1) Notice Estimates
A. Insourcers
i. Large Non-OATS-Reporting Broker-Dealers
In the CAT NMS Plan, the Participants, based on the Reporters Study's large broker-dealer cost estimates, estimated the following average initial external cost and FTE count figures that a large non-OATS reporting broker-dealer would expect to incur to adopt the systems changes needed to comply with the data reporting requirements of Rule 613 under Approach 1: $450,000 in external hardware and software costs; 8.05 internal FTEs; and $9,500 in external third party/outsourcing costs. The Participants also estimated the following average ongoing external cost and internal FTE count figures that a large non-OATS reporting broker-dealer would expect to incur to maintain data reporting systems to be in compliance with Rule 613: $80,000 in external hardware and software costs; 7.41 internal FTEs; and $1,300 in external third party/outsourcing costs.
Approach 1 also provided $3,200,000 in initial internal FTE costs. The Commission believed the $3,200,000 in internal FTE costs is the Participants' estimated cost of the 8.05 FTEs. (8.05 FTEs) × ($401,440 Participants' assumed annual cost per FTE provided in the CAT NMS Plan) = $3,231,592. See CAT NMS Plan, supra note 5, at n. 192. See also supra note 3320.
See CAT NMS Plan, supra note 5, at Section B.7(b)(iii)(c)(2)(a). The Commission believed that the third party/outsourcing costs may be attributed to the use of service bureaus (potentially), technology consulting, and legal services.
Approach 1 also provided $3,000,000 in internal FTE costs related to maintenance. The Commission believes the $3,000,000 in ongoing internal FTE costs is the Participants' estimated cost of the 7.41 FTEs. (7.41 FTEs) × ($401,440 Participants' assumed annual cost per FTE provided in the CAT NMS Plan) = $2,974,670. See CAT NMS Plan, supra note 5, at n.192.
See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(iii)(C)(2)(b). The CAT NMS Plan did not break down these third party costs into categories.
In the Notice, the Commission discussed the Participants' estimates and explained that the Commission also relied on the Reporters Study's large broker-dealer cost estimates in estimating costs for large broker-dealers that can practicably decide between insourcing or outsourcing their regulatory data reporting functions. In the Notice, the Commission preliminarily estimated that there are 14 large broker-dealers that are not OATS reporters currently in the business of electronic liquidity provision that would be classified as Insourcers. Additionally, the Commission estimated that there are 31 broker-dealers that may transact in options but not in equities that can be classified as Insourcers. The Commission assumed the 31 Options Market Makers and 14 ELPs would be typical of the Reporters Study's large, non-OATS reporting firms; for these firms, the Commission relied on the cost estimates provided under Approach 1 for large, non-OATS reporting firms in the CAT NMS Plan.
These broker-dealers are not FINRA members and thus have no regular OATS reporting obligations. See supra note 2560.
See supra note 2562.
See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(i)(A)(2). The Reporters Study requested broker-dealer respondents to provide estimates to report to the Central Repository under two approaches. Approach 1 assumes CAT Reporters would submit CAT Data using their choice of industry protocols. Approach 2 assumes CAT Reporters would submit data using a pre-specified format. Approach 1's aggregate costs are higher than those for Approach 2 for all market participants except in one case where service bureaus have lower Approach 1 costs. See supra note 2568. For purposes of this Paperwork Reduction Act analysis, the Commission did not rely on the cost estimates for Approach 2 because overall the Approach 1 aggregate estimates represent the higher of the proposed approaches. The Commission believed it would be more comprehensive to use the higher of the two estimates for its Paperwork Reduction Act analysis estimates.
The Notice explained that once a large non-OATS reporting broker-dealer has established the appropriate systems and processes required for collection and transmission of the required information to the Central Repository, such broker-dealers would be subject to ongoing annual burdens associated with, among other things, personnel time to monitor each large non-OATS reporting broker-dealer's reporting of the required data and the maintenance of the systems to report the required data; and implementing changes to trading systems that might result in additional reports to the Central Repository.
(a) Large, Non-OATS Reporting Broker-Dealers—Initial Burden and Costs
In the Notice, the Commission preliminarily estimated that the average initial burden associated with implementing regulatory data reporting to capture the required information and transmit it to the Central Repository in compliance with the Rule for each large, non-OATS reporting broker-dealer would be approximately 14,490 initial burden hours.
14,490 initial burden hours = (8.05 FTEs for implementing CAT Data reporting systems) × (1,800 working hours per year).
The Commission also preliminarily estimated that these broker-dealers would, on average, would incur approximately $450,000 in initial costs for hardware and software to implement the systems changes needed to capture the required information and transmit it to the Central Repository, and an additional $9,500 in initial third party/outsourcing costs.
See supra note 3421.
Therefore, the Commission preliminarily estimated that the average one-time initial burden per ELP and Options Market Maker would be 14,490 internal burden hours and external costs of $459,500, for an estimated aggregate initial burden of 652,050 hours and an estimated aggregate initial external cost of $20,677,500.
($450,000 in initial hardware and software costs) + ($9,500 initial third party/outsourcing costs) = $459,500 in initial external costs to implement data reporting systems.
The Commission preliminarily estimates that 45 large non-OATS reporting broker-dealers would be impacted by this information collection. (45 large non-OATS reporting broker-dealers) × (14,490 burden hours) = 652,050 initial burden hours to implement data reporting systems.
($450,000 in hardware and software costs) + ($9,500 third party/outsourcing costs) × 45 large, non-OATS reporting broker-dealers = $20,677,500 in initial external costs to implement data reporting systems.
(b) Large, Non-OATS Reporting Broker-Dealers—Ongoing Burden and Costs
In the Notice, the Commission preliminarily estimated that it would take a large non-OATS reporting broker-dealer 13,338 burden hours per year to continue to comply with the Rule. The Commission also preliminarily estimated that it would cost, on average, approximately $80,000 per year per large non-OATS reporting broker-dealer to maintain systems connectivity to the Central Repository and purchase any necessary hardware, software, and other materials, and an additional $1,300 in third party/outsourcing costs.
13,338 ongoing burden hours = (7.41 ongoing FTEs to maintain CAT data reporting systems) × (1,800 working hours per year).
See supra note 3421.
Therefore, the Commission preliminarily estimated that the average ongoing annual burden per large non-OATS reporting broker-dealer would be approximately 13,338 hours, plus $81,300 in external costs to maintain the systems necessary to collect and transmit information to the Central Repository, for an estimated aggregate ongoing burden of 600,210 hours and an estimated aggregate ongoing external cost of $3,658,500.
($80,000 in ongoing external hardware and software costs) + ($1,300 ongoing external third party/outsourcing costs) = $81,300 in ongoing external costs per large non-OATS reporting broker-dealer.
The Commission estimated that 45 large non-OATS reporting broker-dealers would be impacted by this information collection. (45 large non-OATS reporting broker-dealers) × (13,338 burden hours) = 600,210 aggregate ongoing burden hours.
($80,000 in ongoing external hardware and software costs) + ($1,300 ongoing external third party/outsourcing costs) × (45 large non-OATS reporting broker-dealers) = $3,658,500 in aggregate ongoing external costs.
ii. Large OATS-Reporting Broker-Dealers
In the CAT NMS Plan, the Participants, based on the Reporters Study's large broker-dealer cost estimates, estimated the following average initial external cost and internal FTE count figures that a large OATS-reporting broker-dealer would expect to incur as a result of the implementation of the consolidated audit trail under Approach 1: $750,000 in hardware and software costs; 14.92 internal FTEs; and $150,000 in external third party/outsourcing costs. The Participants also estimated the following average ongoing external cost and internal FTE count figures that a large OATS-reporting broker-dealer would expect to incur to maintain data reporting systems to be in compliance with Rule 613: $380,000 in ongoing external hardware and software costs; 10.03 internal FTEs; and $120,000 in ongoing external third party/outsourcing costs.
Approach 1 also provided $6,000,000 in initial internal FTE costs. The Commission believes the $6,000,000 in initial internal FTE costs is the Participants' estimated cost of the 14.92 FTEs. (14.92 FTEs) × ($401,440 Participants' assumed annual cost per FTE provided in the CAT NMS Plan) = $5,989,485. See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(ii)(C), n.192; see also supra note 3320.
See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(iii)(C)(2)(a). The CAT NMS Plan did not break down these third party costs into categories. The Commission believes that these costs may be attributed to the use of service bureaus, technology consulting, and legal services.
Approach 1 also provided $4,000,000 in internal FTE costs related to maintenance. The Commission believes the $4,000,000 in ongoing internal FTE costs is the Participants' estimated cost of the 10.03 FTEs. (10.03 FTEs) × ($401,440 Participants' assumed annual cost per FTE provided in the CAT NMS Plan) = $4,026,443. See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(ii)(C), n.192; see also supra note 3320.
See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(iii)(C)(2)(b). The CAT NMS Plan did not categorize these third party costs. The Commission believes that these costs may be attributed to the use of service bureaus, technology consulting, and legal services.
In the Notice, the Commission discussed the Participants' estimates and explained that the Commission also relied on the Reporters Study's large broker-dealer cost estimates in estimating costs for large broker-dealers that can practicably decide between insourcing or outsourcing their regulatory reporting functions. In the Notice, based on the Commission's analysis of data provided by FINRA and discussions with market participants, the Commission estimated that 126 broker-dealers, which reported more than 350,000 OATS ROEs between June 15 and July 10, 2015, would strategically decide to either self-report CAT Data or outsource their CAT data reporting functions.
See Notice, supra note 5, at 30718; see also id., at n.901 (stating that the Commission believes that broker-dealers that report fewer than 350,000 OATS ROEs per month are unlikely to be large enough to support the infrastructure required for insourcing data reporting activities).
The Notice explained that once a large OATS-reporting broker-dealer has established the appropriate systems and processes required for collection and transmission of the required information to the Central Repository, such broker-dealers would be subject to ongoing annual burdens and costs associated with, among other things, personnel time to monitor each broker-dealer's reporting of the required data and the maintenance of the systems to report the required data; and implementing changes to trading systems which might result in additional reports to the Central Repository.
(a) Large OATS-Reporting Broker-Dealers—Initial Burden and Costs
In the Notice, the Commission preliminarily estimated that the average initial burden to develop and implement the needed systems changes to capture the required information and transmit it to the Central Repository in compliance with the Rule for large OATS-reporting broker-dealers would be approximately 26,856 internal burden hours.
26,856 initial burden hours per large OATS-reporting broker-dealer = (14.92 FTEs for implementation of CAT data reporting systems) × (1,800 working hours per year).
The Commission also preliminarily estimated that these large OATS-reporting broker-dealers would, on average, incur approximately $750,000 in initial external costs for hardware and software to implement the systems changes needed to capture the required information and transmit it to the Central Repository, and an additional $150,000 in initial external third party/outsourcing costs.
See CAT NMS Plan, supra note 5, at Section B.7(b)(iii)(C)(2)(a).
Therefore, the Commission preliminarily estimated that the average one-time initial burden per large OATS-reporting broker-dealer would be 26,856 burden hours and external costs of $900,000, for an estimated aggregate initial burden of 3,383,856 hours and an estimated aggregate initial external cost of $113,400,000.
($750,000 in initial external hardware and software costs) + ($150,000 initial external third party/outsourcing costs) = $900,000 in initial external costs per large OATS-reporting broker-dealer to implement CAT data reporting systems.
The Commission preliminarily estimates that 126 large OATS-reporting broker-dealers would be impacted by this information collection. 126 large OATS-reporting broker-dealers × 26,856 burden hours = 3,383,856 initial burden hours to implement data reporting systems.
($750,000 in initial external hardware and software costs) + ($150,000 initial external third party/outsourcing costs) × 126 large OATS-reporting broker-dealers = $113,400,000 in initial external costs to implement data reporting systems.
(b) Large OATS-Reporting Broker-Dealers—Ongoing Burden and Costs
In the Notice, the Commission preliminarily estimated that it would take a large OATS-reporting broker-dealer 18,054 ongoing burden hours per year to continue compliance with the Rule. The Commission preliminarily estimated that it would cost, on average, approximately $380,000 per year per large OATS-reporting broker-dealer to maintain systems connectivity to the Central Repository and purchase any necessary hardware, software, and other materials, and an additional $120,000 in external ongoing third party/outsourcing costs.
18,054 ongoing burden hours = (10.03 ongoing FTEs for maintenance of CAT data reporting systems) × (1,800 working hours per year).
See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(iii)(C)(2)(b).
Therefore, the Commission preliminarily estimated that the average ongoing annual burden per large OATS-reporting broker-dealer would be approximately 18,054 burden hours, plus $500,000 in external costs to maintain the systems necessary to collect and transmit information to the Central Repository, for an estimated aggregate burden of 2,274,804 hours and an estimated aggregate ongoing external cost of $63,000,000.
($380,000 in ongoing external hardware and software costs + $120,000 in ongoing external third party/outsourcing costs) = $500,000 in ongoing external costs per large OATS-reporting broker-dealer.
The Commission preliminarily estimates that 126 large OATS-reporting broker-dealers would be impacted by this information collection. (126 large OATS-reporting broker-dealers) × (18,054 burden hours) = 2,274,804 aggregate ongoing burden hours.
($380,000 in ongoing external hardware and software costs + $120,000 in ongoing external third party/outsourcing costs) × 126 large OATS-reporting broker-dealers = $63,000,000 in aggregate ongoing external costs.
B. Outsourcers
i. Small OATS-Reporting Broker-Dealers
Based on data provided by FINRA, the Commission estimates that there are 806 broker-dealers that report fewer than 350,000 OATS ROEs monthly. The Commission believes that these broker-dealers generally outsource their regulatory reporting obligations because during the period June 15-July 10, 2015, approximately 88.9% of their 350,000 OATS ROEs were reported through service bureaus, with 730 of these broker-dealers reporting more than 99% of their OATS ROEs through one or more service bureaus. The Commission estimates that these firms currently spend an aggregate of $100.1 million on annual outsourcing costs. The Commission estimates these 806 broker-dealers would spend $100.2 million in aggregate to outsource their regulatory data reporting to service bureaus to report in accordance with Rule 613, or $124,373 per broker-dealer. These external outsourcing cost estimates are calculated using the information from staff discussions with service bureaus and other market participants, as applied to data provided by FINRA.
See Notice, supra note 5, at 30718. Because of the extensive use of service bureaus in these categories of broker-dealers, the Commission assumes that these broker-dealers are likely to use service bureaus to accomplish their CAT data reporting.
The average broker-dealer in this category reported 15,185 OATS ROEs from June 15-July 10, 2015; the median reported 1,251 OATS ROEs. Of these broker-dealers, 39 reported more than 100,000 OATS ROEs during the sample period. See Section V.F.1.c.(2)B., supra.
Id.
$124,373 = $100,200,000/806 broker-dealers. This amount is the average estimated annual outsourcing cost to firms that currently report fewer than 350,000 OATS ROEs per month. Id.
See Section V.F.1.c.(2)B., supra.
Firms that outsource their regulatory data reporting would still face internal staffing burdens associated with this activity. These employees would perform activities such as answering inquiries from their service bureaus, and investigating reporting exceptions. Based on conversations with market participants, the Commission estimates that these firms currently have 0.5 full-time employees devoted to these activities. The Commission estimates that these firms would need to hire one additional full-time employee for one year to implement CAT reporting requirements.
Id.
Id.
Small OATS-reporting broker-dealers that outsource their regulatory data reporting would likely face internal staffing burdens and external costs associated with ongoing activity, such as maintaining any systems that transmit data to their service providers. Based on conversations with market participants, the Commission estimates these firms would need 0.75 FTEs on an ongoing basis to perform or monitor CAT reporting.
See Section IV.F.1.c.(2)B., supra.
(a) Small OATS-Reporting Broker-Dealers—Initial Burden and Costs
In the Notice, the Commission preliminarily estimated that the average initial burden to implement the needed systems changes to capture the required information and transmit it to the Central Repository in compliance with the CAT NMS Plan for small OATS-reporting broker-dealers would be approximately 1,800 burden hours. The Commission believed the burden hours would be associated with work performed by internal technology, compliance and legal staff in connection with the implementation of CAT data reporting. The Commission also preliminarily estimated that each small OATS-reporting broker-dealer would incur approximately $124,373 in initial external outsourcing costs.
This estimate assumed that, based on the expected FTE count provided, a small OATS-reporting broker-dealer would have to hire 1 new FTE for implementation. The salary attributed to the 1 FTE would be (1 × $424,350 FTE cost) = $424,350 per year. To determine the number of burden hours to be incurred by the current 0.5 FTE for implementation, multiply 0.5 FTE by 1,800 hours per year = 900 initial burden hours.
The Commission preliminarily believed the outsourcing cost would be the cost of the service bureau, which would include the compliance and legal costs associated with changing to CAT Data reporting. The Commission assumes these costs of changing to CAT Data reporting would be included in the cost of the service bureau because the broker-dealers would be relying on the expertise of the service bureau to report their data to CAT on their behalf. See Notice, supra note 5, at Section IV.F.1.C(2), n. 941.
Therefore, the Commission preliminarily estimated that the average one-time initial burden per small OATS-reporting broker-dealer would be 1,800 burden hours and external costs of $124,373, for an estimated aggregate initial burden of 1,450,800 hours and an estimated aggregate initial external cost of $100,244,638.
The Commission preliminarily estimates that 806 small OATS-reporting broker-dealers would be impacted by this information collection. (806 small OATS-reporting broker-dealers × 1,800 burden hours) = 1,450,800 aggregate initial burden hours.
($124,373 in outsourcing costs) × (806 small OATS-reporting broker-dealers) = $100,244,638 in aggregate initial external costs.
(b) Small OATS-Reporting Broker-Dealers—Ongoing Burden and Costs
In the Notice, the Commission preliminarily believed that it would take a small OATS-reporting broker-dealer 1,350 ongoing burden hours per year to continue compliance with the Rule. The Commission preliminarily believed the burden hours would be associated with work performed by internal technology, compliance and legal staff in connection with the ongoing operation of CAT Data reporting. The Commission preliminarily estimated that it would cost, on average, approximately $124,373 in ongoing external outsourcing costs to ensure ongoing compliance with Rule 613.
1,350 ongoing burden hours = (0.75 FTE for maintenance of CAT Data reporting systems) × (1,800 working hours per year).
See Notice, supra note 5, at Section IV.F.1.c(2)B.ii. See supra note 3459.
Therefore, the Commission preliminarily estimated that the average ongoing annual burden per small OATS-reporting broker-dealer would be approximately 1,350 hours, plus $124,373 in external costs, for an estimated aggregate ongoing burden of 1,088,100 hours and an estimated aggregate ongoing external cost of $100,244,638.
The Commission preliminarily estimates that 806 small OATS-reporting broker-dealers would be impacted by this information collection. (806 small OATS-reporting broker-dealers × 1,350 burden hours) = 1,088,100 aggregate ongoing burden hours to ensure ongoing compliance with Rule 613.
$100,244,638 = $124,373 in ongoing outsourcing costs × 806 broker-dealers.
ii. Small Non-OATS-Reporting Broker-Dealers
In addition to firms that currently report to OATS, the Commission estimates there are 799 broker-dealers that are currently exempt from OATS reporting rules due to firm size, or excluded because all of their order flow is routed to a single OATS reporter, such as a clearing firm, that would incur CAT reporting obligations. A further 24 broker-dealers have SRO memberships only with one Participant; the Commission believes this group is comprised mostly of floor brokers and further believes these firms would experience CAT implementation and ongoing reporting costs similar in magnitude to small equity broker-dealers that currently have no OATS reporting responsibilities.
See Section V.F.1.c.(2)B., supra. Rule 613 does not exclude from data reporting obligations SRO members that quote or execute transactions in NMS Securities and Listed Options that route to a single market participant; see also CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(ii)(B)(2).
See Section V.F.1.c.(2)B., supra.
Id.
The Commission assumes these broker-dealers would have very low levels of CAT reporting, similar to those of the lowest activity firms that currently report to OATS. For these firms, the Commission assumes that under CAT they would incur the average estimated service bureau cost of broker-dealers that currently report fewer than 350,000 OATS ROEs per month, which is $124,373 annually. Furthermore, because these firms have more limited data reporting requirements than other firms, the Commission assumes these firms currently have only 0.1 full-time employees currently dedicated to regulatory data reporting activities. The Commission assumes these firms would require 2 full-time employees for one year to implement CAT.
Id.
Id.
Id.
Small non-OATS-reporting broker-dealers that outsource their regulatory data reporting would likely face internal staffing burdens and costs associated with ongoing activity, such as maintaining any systems that transmit data to their service providers. Based on conversations with market participants, the Commission estimates these firms would need 0.75 full-time employees annually to perform or monitor CAT reporting.
(a) Small Non-OATS-Reporting Broker-Dealers—Initial Burden and Costs
In the Notice, the Commission preliminarily estimated that the average initial burden to develop and implement the needed systems changes to capture the required information and transmit it to the Central Repository in compliance with the Rule for small, non-OATS-reporting broker-dealers would be approximately 3,600 initial burden hours. The Commission believed the burden hours would be associated with work performed by internal technology, compliance and legal staff in connection with the implementation of CAT Data reporting. The Commission also preliminarily estimated that each small non-OATS-reporting broker-dealer would incur approximately $124,373 in initial external outsourcing costs.
3,600 initial burden hours = (2 FTEs for implementation of CAT Data reporting systems) × (1,800 working hours per year).
See Section V.F.1.c.(2)B., supra.
Therefore, the Commission preliminarily estimated that the average one-time initial burden per small OATS-reporting broker-dealer would be 3,600 burden hours and external costs of $124,373 for an estimated aggregate initial burden of 2,962,800 hours and an estimated aggregate initial external cost of $102,358,979.
The Commission preliminarily estimates that 823 small non-OATS-reporting broker-dealers would be impacted by this information collection. (823 small non-OATS-reporting broker-dealers × 3,600 burden hours) = 2,962,800 aggregate initial burden hours.
($124,373 in outsourcing costs) × (823 small non-OATS-reporting broker-dealers) = $102,358,979 in aggregate initial external costs.
(b) Small Non-OATS-Reporting Broker-Dealers—Ongoing Burden and Costs
In the Notice, the Commission preliminarily believed that it would take a small non-OATS-reporting broker-dealer 1,350 ongoing burden hours per year to continue compliance with the Rule. The Commission preliminarily estimated that it would cost, on average, approximately $124,373 in ongoing external outsourcing costs to ensure ongoing compliance with Rule 613.
1,350 ongoing burden hours = (0.75 FTEs for maintenance of CAT data reporting systems) × (1,800 working hours per year).
The Commission assumed these firms would have very low levels of CAT reporting, similar to those of the lowest activity firms that currently report to OATS. For these firms, the Commission assumes that under CAT they would incur the average estimated service bureau cost of firms that currently OATS report fewer than 350,000 OATS ROEs per month of $124,373 annually.
Therefore, the Commission preliminarily estimated that the average ongoing annual burden per small non-OATS-reporting broker-dealer would be approximately 1,350 hours, plus $124,373 in external costs, for an estimated aggregate ongoing burden of 1,111,050 hours and an estimated aggregate ongoing external cost of $102,358,979.
The Commission preliminarily estimated that 823 small non-OATS-reporting broker-dealers would be impacted by this information collection. (823 small non-OATS-reporting broker-dealers × 1,350 burden hours) = 1,111,050 aggregate ongoing burden hours to ensure ongoing compliance with Rule 613.
($124,373 in ongoing external outsourcing costs) × 823 = $102,358,979 in aggregate ongoing external costs to ensure ongoing compliance with Rule 613.
(2) Comments/Responses on Broker-Dealer Data Collection and Reporting Costs
As noted above, the Commission's estimates are based on whether broker-dealers currently insource or outsource, or are likely to insource or outsource, their CAT Data reporting obligations. The Commission provided in the Notice an analysis of the compliance cost estimates for broker-dealers that included analyzing whether estimates provided in the Plan and based on a Reporters Study survey were reliable. The Commission preliminarily believed that the cost estimates for small broker-dealers were not reliable. The Commission then developed and calibrated its Outsourcing Cost Model to estimate average current data reporting costs and average Plan compliance costs for broker-dealers that the Commission expects will rely on service bureaus to perform their CAT Data reporting responsibilities (Outsourcers). For the Insourcers, the Commission continued to rely on the large broker-dealer estimates from the Plan. The Commission's preliminary initial and ongoing burden hour and cost estimates, as well as the Plan's estimates, are aggregate estimates for a broker-dealer's compliance with the data collection and reporting requirement under Rule 613; they do not quantify the burden hours or external cost estimates for each individual component comprising the broker-dealer's data collection and reporting responsibility.
See Notice, supra note 5, at 30712-26.
See Section V.F.1.c(1), supra.
Id.
The Commission received comments on the reliability of its Outsourcing Cost Model for small broker-dealers and its re-estimation of costs. One commenter believed that the Commission's estimates of service bureau charges for a small firm were reasonable. Another commenter noted that Outsourcers must expend internal resources even when relying on their service providers to accomplish current data reporting. A third commenter stated that broker-dealers that clear for others may have higher implementation costs since they may have to support more broker-dealers as a result of the CAT.
See Data Boiler Letter at 36.
Specifically, this commenter references EBS reporting, but indicates that Industry Members sometimes must also be involved in preparing EBS request responses. See FIF Letter at 34.
See TR Letter, at 3-4.
With respect to the comment that the Outsourcing Cost Model does not account for internal expenses, the Commission notes that its cost estimates explicitly assume that Outsourcers have employee expenses that cover these activities. In response to the commenters concerned that the Commission's estimates do not account for an increase in costs for broker-dealers that clear for other broker-dealers or provide support to introducing broker-dealers, the Commission continues to believe in the reliability of the analysis of broker-dealers implementation costs presented in the Notice, and notes that the Reporters Study estimates for large broker-dealers are likely to include these expenses because respondents are likely to include broker-dealers that provide these services. The Commission acknowledges, however, that there are some broker-dealers that would be classified as Outsourcers or new reporters and the additional implementation costs that these firms face due to clearing for other broker-dealers or supporting introducing broker-dealers are not captured by the Outsourcing Cost Model. The Commission cannot estimate the number of broker-dealers that would bear these costs because the Commission lacks data on the number of broker-dealers that clear for other broker-dealers that would be classified as new reporters or Outsourcers. Furthermore, the Commission lacks data to estimate the magnitude of these costs because the Plan does not provide this data and the Commission is unaware of any data available to it that it could use to estimate these costs.
See Notice, supra note 5, at 30723.
The Commission also received several comments on uncertainties in the cost estimates for broker-dealers arising from not knowing the choice of Plan Processor, not having Technical Specifications, differences in bids preventing broker-dealers from providing more definitive cost estimates, and a lack of detail in the CAT NMS Plan.
TR Letter at 4; FSI Letter at 6.
See, e.g., FSR Letter at 10; and Fidelity Letter at 6.
FSI Letter at 6.
SIFMA Letter at 42 and FSI Letter at 6.
In response to comment letters that identified these sources of uncertainties related to the costs broker-dealers will incur, the Commission acknowledges that such costs depend on the technical specifications, which are likely to remain unknown until the Plan Processor is selected. The Commission also notes that final Bids will not be submitted until after the Plan is approved, so the Commission is unable to quantify the degree of variation in broker-dealer implementation costs across Bids.
Additionally, the Commission received a number of comments relating to the costs of the individual components comprising the broker-dealer data collection and reporting requirement, such as customer information, the open/close indicator for equities, listing exchange symbology, allocation report timestamp, and quote sent time. In the Notice, as noted above, the Commission provided aggregate burden hour and external cost estimates for the broker-dealer data collection and reporting requirement of Rule 613. Although the costs of these specific data elements were not discussed in the Notice Paperwork Reduction Act analysis, the Commission has considered these comments because they relate to the overall data collection and reporting information collection.
A. Customer Information
In the Notice, the Commission stated that it believed the requirement in the CAT NMS Plan to report customer information for each transaction represents a significant source of costs. One commenter believed that the costs for providing customer information to the Central Repository would comprise a significant proportion of costs to the total industry and that the costs associated with the management of sensitive information could increase costs.
See Notice, supra note 5, at Section IV.F.3.a.
Data Boiler Letter at 37.
Two commenters stated that including Customer Identifying Information on new order reports would result in significant costs for the industry. In Response Letter I, the Participants suggested that the Commission amend (and the Commission has accordingly amended) the CAT NMS Plan to clarify that Customer Identifying Information and Customer Account Information would not be reported with the original receipt or origination of an order.
TR Letter at 8-9; FIF Letter at 9-10, 86.
Response Letter I at 34.
One commenter requested clarification that only active accounts would be reported as part of the customer definition process, which could reduce costs incurred for reporting customer information. In Response Letter I, the Participants suggested that the Commission amend the Plan to add a definition of “Active Account,” defined as an account that has had activity in Eligible Securities within the last six months. Additionally, the Participants suggested that the Commission amend (and the Commission has amended) Section 6.4(d)(iv) of the Plan by clarifying that each broker-dealer must submit an initial set of customer information for Active Accounts at the commencement of reporting to the Central Repository, as well as any updates, additions, or other changes in customer information, including any such customer information for any new Active Accounts.
FIF Letter at 10.
Response Letter I at 35.
The Commission considered these comments and the Participants' responses and continues to believe that the requirement in the CAT NMS Plan to report customer information represents a significant proportion of total costs to the industry. The Commission is not amending its broker-dealer data collection and reporting external cost estimates in response to commenters. Commenters did not provide cost estimates that would allow the Commission to estimate such costs, and the amendments to the Plan clarify that the Plan does not require customer information to be reported on order origination.
B. Open/Close Indicator for Equities
The Commission received comments on the costs to report an open/close indicator on orders to buy or sell equities. Several commenters agreed with the Commission's analysis that an open/close indicator represents a significant proportion of costs to the Plan. Two commenters indicated that it would require significant process changes across multiple systems, and one provided a list of the different types of systems impacted by the open/close indicator. Some commenters mentioned that the open/close indicator is currently not populated for equities. Further, several commenters implied that the costs of the open/close indicator were not included in the cost estimates in the Notice. In Response Letter I, the Participants indicated that the open/close indicator is not captured on equities or on certain options transactions such as Options' Market Maker transactions.
TR Letter at 9; SIFMA Letter at 35-36; FIF Letter at 83-86.
SIFMA Letter at 35; FIF Letter at 4, 84.
FIF Letter at 84.
TR Letter at 9, FIF Letter at 4, 83-85, SIFMA Letter at 35.
Specifically, one commenter stated that the inclusion of the open/close indicator for equities was a surprise (FIF Letter at 84) and two commenters wanted additional cost benefit analysis on the open/close indicator (FIF Letter at 84; SIFMA Letter at 36).
Response Letter I at 21, 22.
The Commission considered these comments and is modifying the Plan to eliminate the requirement to report an open/close indicator for equities and on Options Market Maker quotations. Although the Commission believes this will reduce the compliance costs for broker-dealers, Participants, and the Central Repository, the Commission cannot quantify the savings and is thus not amending its external cost estimates in response to commenters.
The Participants' statement that open/close indicators are not reported on some options orders is consistent with the Commission's experience and the analysis in the Notice. While the economic analysis in the Notice did not explicitly separate the costs associated with an open/close indicator for equities and an open/close indicator for options, the Commission believes that the costs of the open/close indicator for options are included in the cost estimates of the Notice. However, because the Plan will no longer require the reporting of the open/close indicator for Options Market Maker quotations, the Commission now believes there will be an additional cost savings associated with not having to report this indicator as part of CAT.
C. Listing Exchange Symbology
In the Notice, the Commission explained its belief that the requirement to use listing exchange symbology could represent a significant source of costs, because broker-dealers do not necessarily use listing exchange symbology when placing orders on other exchanges or off-exchange. One commenter stated that it did not expect the use of listing exchange symbology to be much more costly than the use of existing symbology. However, another commenter suggested that accepting only listing exchange symbology is costly and invasive. One other commenter stated that listing exchange symbology would also be a significant source of costs to options. The Participants responded in Response Letter II that it was their understanding that all broker-dealers subject to OATS or EBS reporting requirements currently use the listing exchange symbology when submitting such reports. Further, they stated in Response Letter III that broker-dealers currently use symbology translation solutions when submitting data to exchanges or when submitting to regulatory reporting systems such as OATS or EBS.
See Notice, supra note 5, at 30730-30731.
FIF Letter at 12, 95.
Data Boiler Letter at 37-38.
Bloomberg Letter at 5.
Response Letter II at 7.
Response Letter III at 13.
The Commission considered the comments and now believes that the incremental cost for CAT Reporters to translate from their existing symbology to listing exchange symbology would be less than as discussed in the Notice and would not be a substantial contributor to aggregate costs. The Commission is not amending its external cost estimates for broker-dealer data collection and reporting in response to commenters.
D. Allocation Report Timestamp
Several commenters noted that there would be costs associated with reporting timestamps on allocation reports. One of these commenters mentioned that the requirement to report allocation timestamps would mean that broker-dealers would incur unnecessary costs to acquire additional resources. One commenter estimated that the currently proposed allocation timestamp requirement, with a one millisecond timestamp granularity and a 50 millisecond clock offset, would cost the industry $88,775,000 in initial implementation costs and $13,925,000 in ongoing annual costs. The commenter further estimated that a modified allocation timestamp requirement, with a one second timestamp granularity and a one second clock offset, would cost the industry $44,050,000 in initial implementation costs and $5,035,833 in ongoing annual costs. In Response Letter I, the Participants recommended an amendment to the Plan that would specify a one-second timestamp for allocation time on Allocation Reports, and the Commission is amending the Plan to reflect this recommendation.
FSR Letter, at 9; SIFMA Letter, at 35; FIF Letter, at 3-4, 11, 86-89.
FSR Letter at 9.
FIF Letter at 87-89.
FIF Letter at 88, Table 6.
Response Letter I at 25.
The Commission considered these comments and is increasing its external cost estimates for broker-dealer data collection and reporting in response to the comments. The Commission is now adding one commenter's estimate of $44,050,000 in implementation costs and $5,035,833 in ongoing costs to the estimates of costs to broker-dealers. The Commission believes the cost estimates received to be credible because they are based on a survey of industry participants who are informed of the Allocation Time requirement and the changes that broker-dealers would need to make to comply with the requirement.
See Section V.F.3.a(4), supra. The total cost estimates of the CAT Plan reflect these implementation and ongoing costs.
E. Quote Sent Time
In the Notice, the Commission estimated that the requirement that Options Market Makers submit quote sent times to the exchanges would cost between $36.9 million and $76.8 million over five years. The Commission concluded that this requirement did not represent a significant source of costs. The Commission received a comment stating that the estimated 5-year cost to Options Market Makers for adding a timestamp to the quote times was between the range of $39.9 million and $76.8 million. The commenter further stated that this is “not a trivial cost for providing one data element to the consolidated audit trail.” The Commission continues to believe that the estimates in the Notice are credible estimates for the costs for Options Market Makers to send the Quote Sent Time field to exchanges. In response to the comment, the Commission notes that the implied annual costs would be much lower than the five year costs and the Commission agrees that the costs of quote sent time are significant.
See FIF, SIFMA, and Security Traders Association, Cost Survey Report on CAT Reporting of Options Quotes by Market Makers (November 5, 2013), available at http://www.catnmsplan.com/industryfeedback/p601771.pdf ; see also CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(iv)(B).
FIF Letter at 65.
The Quote Sent Time cost estimate was not included in the cost estimates in the Notice, therefore the Commission is now adding this cost to its estimates for Options Market Maker data collection and reporting. The Commission is using the maximum 5-year cost estimate to Options Market Makers provided by the commenter ($76.8 million) and has divided it into $17,400,000 in aggregate implementation external costs, and $11,880,000 in aggregate ongoing external costs, as provided in the burden hours and external cost estimates discussion for Options Market Makers in Section VI.D.2.a.(3)A.i.(b), below.
See Section V.F.1.c(2)B, supra.
The Commission assumes that the ratio of ongoing to implementation costs for Quote Sent Time would be the same as the ratio of ongoing to implementation costs for the other costs incurred by broker-dealers for data collection and reporting to CAT. See supra note 2526; see also Section V.F.3.a(6), supra.
(3) Order Estimates
A. Insourcers
i. Large Non-OATS Reporting Broker-Dealers
The Commission notes that, in this Order Paperwork Reduction Act analysis, the Commission has divided the discussion of the burden hours and cost estimates associated with large non-OATS-reporting broker-dealers into two separate categories: ELPs and Options Market Makers. The Commission believes that it is necessary to discuss these categories separately to account for the addition of the Quote Sent Time cost to the external costs to be incurred solely by Options Market Makers.
(a) Electronic Liquidity Providers
As noted above, in the CAT NMS Plan, the Participants, based on the Reporters Study's large broker-dealer cost estimates, estimated the following average initial external cost and FTE count figures that a large non-OATS reporting broker-dealer would expect to incur to adopt the systems changes needed to comply with the data reporting requirements of Rule 613 under Approach 1: $450,000 in external hardware and software costs; 8.05 internal FTEs; and $9,500 in external third party/outsourcing costs. The Participants also estimated the following average ongoing external cost and internal FTE count figures that a large non-OATS reporting broker-dealer would expect to incur to maintain data reporting systems to be in compliance with Rule 613: $80,000 in external hardware and software costs; 7.41 internal FTEs; and $1,300 in external third party/outsourcing costs. The Participants also estimated the following average ongoing external cost and internal FTE count figures that a large non-OATS reporting broker-dealer would expect to incur to maintain data reporting systems to be in compliance with Rule 613: $80,000 in external hardware and software costs; 7.41 internal FTEs; and $1,300 in external third party/outsourcing costs.
See Section VI.D.2.a.(1)A.i., supra.
Approach 1 also provided $3,200,000 in initial internal FTE costs. The Commission believed the $3,200,000 in internal FTE costs is the Participants' estimated cost of the 8.05 FTEs. (8.05 FTEs) × ($401,440 Participants' assumed annual cost per FTE provided in the CAT NMS Plan) = $3,231,592. See CAT NMS Plan, supra note 5, at n. 192. See also supra note 3320.
See CAT NMS Plan, supra note 5, at Section B.7(b)(iii)(c)(2)(a). The Commission believed that the third party/outsourcing costs may be attributed to the use of service bureaus (potentially), technology consulting, and legal services.
Approach 1 also provided $3,000,000 in internal FTE costs related to maintenance. The Commission believes the $3,000,000 in ongoing internal FTE costs is the Participants' estimated cost of the 7.41 FTEs. (7.41 FTEs) × ($401,440 Participants' assumed annual cost per FTE provided in the CAT NMS Plan) = $2,974,670. See CAT NMS Plan, supra note 5, at n.192. See also supra note 3320 .
See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(iii)(C)(2)(b). The CAT NMS Plan did not break down these third party costs into categories.
Approach 1 also provided $3,000,000 in internal FTE costs related to maintenance. The Commission believes the $3,000,000 in ongoing internal FTE costs is the Participants' estimated cost of the 7.41 FTEs. (7.41 FTEs) × ($401,440 Participants' assumed annual cost per FTE provided in the CAT NMS Plan) = $2,974,670. See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(ii)(C), n.192; see also supra note 3320.
See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(iii)(C)(2)(b). The CAT NMS Plan did not break down these third party costs into categories.
As it did in the Notice, the Commission relies on the Reporters Study's large broker-dealer cost estimates in estimating costs for large broker-dealers that can practicably decide between insourcing or outsourcing their regulatory data reporting functions. The Commission estimates that there are 14 large broker-dealers that are not OATS reporters currently in the business of electronic liquidity provision that would be classified as Insourcers. The Commission assumes the 14 ELPs would be typical of the Reporters Study's large, non-OATS reporting firms; for these firms, the Commission relies on the cost estimates provided under Approach 1 for large, non-OATS reporting firms in the CAT NMS Plan.
These broker-dealers are not FINRA members and thus have no regular OATS reporting obligations. See supra note 2560.
See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(i)(A)(2). The Reporters Study requested broker-dealer respondents to provide estimates to report to the Central Repository under two approaches. Approach 1 assumes CAT Reporters would submit CAT Data using their choice of industry protocols. Approach 2 assumes CAT Reporters would submit data using a pre-specified format. Approach 1's aggregate costs are higher than those for Approach 2 for all market participants except in one case where service bureaus have lower Approach 1 costs. Id. at Section B.7(b)(iii)(C)(2). For purposes of this Paperwork Reduction Act analysis, the Commission is not relying on the cost estimates for Approach 2 because overall the Approach 1 aggregate estimates represent the higher of the proposed approaches. The Commission believes it would be more comprehensive to use the higher of the two estimates for its Paperwork Reduction Act analysis estimates.
Once an ELP has established the appropriate systems and processes required for collection and transmission of the required information to the Central Repository, such broker-dealers would be subject to ongoing annual burdens associated with, among other things, personnel time to monitor each ELP's reporting of the required data and the maintenance of the systems to report the required data; and implementing changes to trading systems that might result in additional reports to the Central Repository.
(i) Electronic Liquidity Providers—Initial Burden and Costs
Based on the comment that provided estimates for a modified allocation timestamp requirement, with a one second timestamp granularity and a one second clock offset, the Commission now estimates that the initial cost to an ELP to implement the modified allocation timestamp requirement would be $250,000. The Commission believes that this cost would be an external hardware and software cost related to adding this functionality to servers. The Commission is adding the cost of the modified allocation timestamp requirement to the external costs to be incurred by ELPs.
FIF Letter at 88, Table 6. The commenter based its implementation and ongoing estimates on a survey it conducted of broker-dealers to estimate the costs associated with the allocation report timestamp requirement. The commenter noted that the estimates do not account for all Insourcers (the cost estimates cover the 126 large OATS-reporting broker-dealer Insourcers, but not the 14 ELPs or 31 Options Market Makers), nor do they cover Outsourcing broker-dealers. The Commission believes those categories may not have been included in the estimates due to a lack of participation by such broker-dealers in the survey. The Commission is assuming, for its Paperwork Reduction Act cost estimates, that the portion of the estimates attributed by the commenter to service bureaus will be passed-through to their Outsourcing broker-dealer clients that rely on service bureaus to perform their regulatory data reporting. The Commission is thus applying the portion of the commenter's cost estimates attributed to the 126 Insourcers to all 171 Insourcers, as well as the portion of the cost estimates attributed to the 13 service bureaus across the 1,629 broker-dealers that are categorized as Outsourcing broker-dealers.
The commenter stated that this requirement would cost the industry $44,050,000 in initial implementation costs. The commenter attributed $42,750,000 of the implementation cost estimate to 126 Insourcers. For purposes of this Paperwork Reduction Act analysis, the Commission is applying the portion of the cost estimates attributed to the 126 Insourcers to all 171 Insourcers. $42,750,000/171 Insourcers = $250,000 in initial costs to implement the modified allocation timestamp requirement per Insourcer.
Based on this information, the Commission estimates that the average initial burden associated with implementing regulatory data reporting to capture the required information and transmit it to the Central Repository in compliance with the Rule for each ELP would be approximately 14,490 initial burden hours.
14,490 initial burden hours = (8.05 FTEs for implementing CAT Data reporting systems) × (1,800 working hours per year).
The Commission also now estimates that these broker-dealers would, on average, incur approximately $700,000 in initial costs for hardware and software to implement the systems changes needed to capture the required information and transmit it to the Central Repository, and an additional $9,500 in initial third party/outsourcing costs. Therefore, the Commission now estimates that the average one-time initial burden per ELP would be 14,490 internal burden hours, and the initial external cost per ELP would be $709,500, for an estimated aggregate initial burden of 202,860 hours and an estimated aggregate initial external cost of $9,933,000.
$700,000 = ($450,000 in initial hardware and software costs) + ($250,000 in initial hardware and software costs to implement the modified allocation timestamp requirement).
See supra note 3436.
($700,000 in initial hardware and software costs) + ($9,500 initial third party/outsourcing costs) = $709,500 in initial external costs to implement data reporting systems.
The Commission estimates that 14 ELPs would be impacted by this information collection. (14 ELPs) × (14,490 burden hours) = 202,860 initial burden hours to implement data reporting systems.
($709,500 in initial hardware and software costs) + ($9,500 initial third party/outsourcing costs) × 14 ELPs = $9,933,000 in initial external costs to implement data reporting systems.
(ii) Electronic Liquidity Providers—Ongoing Burden and Costs
Based on the comment that provided estimates for a modified allocation timestamp requirement, with a one second timestamp granularity and a one second clock offset, the Commission now estimates that the ongoing cost to an ELP to maintain the modified allocation timestamp requirement would be $29,166.67. The Commission believes that this cost would be an external hardware and software cost related to maintenance of the modified allocation timestamp. The Commission is adding the cost of the modified allocation timestamp requirement to the external costs to be incurred by ELPs.
See supra note 3528.
The commenter stated that this requirement would cost the industry $5,035,833 in ongoing costs. The commenter attributed $4,987,500 of the ongoing cost estimate to 126 Insourcers. For purposes of this Paperwork Reduction Act analysis, the Commission is applying the portion of the cost estimates attributed to the 126 Insourcers to all 171 Insourcers. $4,987,500/171 Insourcers = $29,166.67 in ongoing costs to maintain the modified allocation timestamp requirement per Insourcer.
Based on this information, the Commission believes that it would take an ELP 13,338 burden hours per year to continue to comply with the Rule. The Commission also now estimates that it would cost, on average, approximately $109,166.67 per year per ELP to maintain systems connectivity to the Central Repository and purchase any necessary hardware, software, and other materials, and an additional $1,300 in third party/outsourcing costs.
13,338 ongoing burden hours = (7.41 ongoing FTEs to maintain CAT data reporting systems) × (1,800 working hours per year).
$109,166.67 = ($80,000 in ongoing external hardware and software costs) + ($29,166.67 to maintain the modified allocation timestamp requirement).
See supra note 3421.
Therefore, the Commission now estimates that the average ongoing annual burden per ELP would be approximately 13,338 hours, and the ongoing external cost per ELP would be $110,466.67 to maintain the systems necessary to collect and transmit information to the Central Repository, for an estimated aggregate ongoing burden of 186,732 hours and an estimated aggregate ongoing external cost for the ELPs of $1,546,533.38.
($109,166.67 in ongoing external hardware and software costs) + ($1,300 ongoing external third party/outsourcing costs) = $110,466.6769 in ongoing external costs per ELP.
The Commission estimates that 14 ELPs would be impacted by this information collection. (14 ELPs) × (13,338 burden hours) = 186,732 aggregate ongoing burden hours.
($109,166.67 in ongoing external hardware and software costs) + ($1,300 ongoing external third party/outsourcing costs) × (14 ELPs) = $1,546,533.38 in aggregate ongoing external costs.
(b) Options Market Makers
As noted above, in the CAT NMS Plan, the Participants, based on the Reporters Study's large broker-dealer cost estimates, estimated the following average initial external cost and FTE count figures that a large non-OATS reporting broker-dealer would expect to incur to adopt the systems changes needed to comply with the data reporting requirements of Rule 613 under Approach 1: $450,000 in external hardware and software costs; 8.05 internal FTEs; and $9,500 in external third party/outsourcing costs. The Participants also estimated the following average ongoing external cost and internal FTE count figures that a large non-OATS reporting broker-dealer would expect to incur to maintain data reporting systems to be in compliance with Rule 613: $80,000 in external hardware and software costs; 7.41 internal FTEs; and $1,300 in external third party/outsourcing costs. The Participants also estimated the following average ongoing external cost and internal FTE count figures that a large non-OATS reporting broker-dealer would expect to incur to maintain data reporting systems to be in compliance with Rule 613: $80,000 in external hardware and software costs; 7.41 internal FTEs; and $1,300 in external third party/outsourcing costs. As it did in the Notice, the Commission relies on the Reporters Study's large broker-dealer cost estimates in estimating costs for large broker-dealers that can practicably decide between insourcing or outsourcing their regulatory data reporting functions. The Commission estimates that there are 31 broker-dealers that may transact in options but not in equities that can be classified as Insourcers. Although the exemptive relief may relieve these firms of the obligation to report their options quoting activity to the Central Repository, these firms may have customer orders and other activity off-exchange that would cause them to incur a CAT reporting obligation. The Commission assumes the 31 Options Market Makers would be typical of the Reporters Study's large, non-OATS reporting firms; for these firms, the Commission relies on the cost estimates provided under Approach 1 for large, non-OATS reporting firms in the CAT NMS Plan.
See Section VI.D.2.a.(1)A.i., supra.
Approach 1 also provided $3,200,000 in initial internal FTE costs. The Commission believed the $3,200,000 in internal FTE costs is the Participants' estimated cost of the 8.05 FTEs. (8.05 FTEs) × ($401,440 Participants' assumed annual cost per FTE provided in the CAT NMS Plan) = $3,231,592. See CAT NMS Plan, supra note 5, at n. 192. See also supra note 3320.
See CAT NMS Plan, supra note 5, at Section B.7(b)(iii)(c)(2)(a). The Commission believed that the third party/outsourcing costs may be attributed to the use of service bureaus (potentially), technology consulting, and legal services.
Approach 1 also provided $3,000,000 in internal FTE costs related to maintenance. The Commission believes the $3,000,000 in ongoing internal FTE costs is the Participants' estimated cost of the 7.41 FTEs. (7.41 FTEs) × ($401,440 Participants' assumed annual cost per FTE provided in the CAT NMS Plan) = $2,974,670. See CAT NMS Plan, supra note 5, at n.192. See also supra note 3320.
See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(iii)(C)(2)(b). The CAT NMS Plan did not break down these third party costs into categories.
Approach 1 also provided $3,000,000 in internal FTE costs related to maintenance. The Commission believes the $3,000,000 in ongoing internal FTE costs is the Participants' estimated cost of the 7.41 FTEs. (7.41 FTEs) × ($401,440 Participants' assumed annual cost per FTE provided in the CAT NMS Plan) = $2,974,670. See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(ii)(C), n.192; see also supra note 3320.
See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(iii)(C)(2)(b). The CAT NMS Plan did not break down these third party costs into categories.
See CAT NMS Plan, supra note 5, at Appendix C, Section A.6(c).
See supra note 2562.
See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(i)(A)(2). The Reporters Study requested broker-dealer respondents to provide estimates to report to the Central Repository under two approaches. Approach 1 assumes CAT Reporters would submit CAT Data using their choice of industry protocols. Approach 2 assumes CAT Reporters would submit data using a pre-specified format. Approach 1's aggregate costs are higher than those for Approach 2 for all market participants except in one case where service bureaus have lower Approach 1 costs. Id. at Section B.7(b)(iii)(C)(2). For purposes of this Paperwork Reduction Act analysis, the Commission is not relying on the cost estimates for Approach 2 because overall the Approach 1 aggregate estimates represent the higher of the proposed approaches. The Commission believes it would be more comprehensive to use the higher of the two estimates for its Paperwork Reduction Act analysis estimates.
Once an Options Market Maker has established the appropriate systems and processes required for collection and transmission of the required information to the Central Repository, such broker-dealers would be subject to ongoing annual burdens associated with, among other things, personnel time to monitor each Options Market Maker's reporting of the required data and the maintenance of the systems to report the required data; and implementing changes to trading systems that might result in additional reports to the Central Repository.
(i) Options Market Makers—Initial Burden and Costs
Based on this information, the Commission estimates that the average initial burden associated with implementing regulatory data reporting to capture the required information and transmit it to the Central Repository in compliance with the Rule for each Options Market Maker would be approximately 14,490 initial burden hours.
14,490 initial burden hours = (8.05 FTEs for implementing CAT Data reporting systems) × (1,800 working hours per year).
The Commission also estimates that these options firm would, on average, incur approximately $450,000 in initial costs for hardware and software to implement the systems changes needed to capture the required information and transmit it to the Central Repository, and an additional $9,500 in initial third party/outsourcing costs. Additionally, based on the comment that provided estimates for a modified allocation timestamp requirement, with a one second timestamp granularity and a one second clock offset, the Commission now estimates that the initial cost to an Options Market Maker to implement the modified allocation timestamp requirement would be $250,000. The Commission believes that this cost would be an external hardware and software cost related to adding this functionality to servers. The Commission is adding the cost of the modified allocation timestamp requirement to the external costs to be incurred by Options Market Makers.
See supra note 3436.
See supra note 3528.
The commenter stated that this requirement would cost the industry $44,050,000 in initial implementation costs. The commenter attributed $42,750,000 of the implementation cost estimate to 126 Insourcers. For purposes of this Paperwork Reduction Act analysis, the Commission is applying the portion of the cost estimates attributed to the 126 Insourcers to all 171 Insourcers. $42,750,000/171 Insourcers = $250,000 in initial costs to implement the modified allocation timestamp requirement per Insourcer.
The Commission also is adding a cost estimate for the requirement that an Options Market Maker submit a Quote Sent Time to an exchange. The Commission is using the maximum 5-year cost estimate to Options Market Makers provided by a commenter ($76.8 million) and has divided it into $17,400,000 in aggregate implementation external costs, and $11,880,000 in aggregate ongoing external costs.
See Section VI.D.2.a.(1)E., supra; see also supra note 2526; Section V.F.3.a(6), supra; Section V.F.1.c(2)B., supra.
FIF Letter at 65.
See supra note 2526.
The Commission estimates that that this requirement will impose an additional initial hardware and software cost per Options Market Maker of $561,290.32. Based on this information, the Commission now estimates that Options Market Makers would, on average, incur approximately $1,261,290.32 in initial costs for hardware and software to implement the systems changes needed to capture the required information and transmit it to the Central Repository, and an additional $9,500 in initial third party/outsourcing costs. Therefore, the Commission now estimates that the average one-time initial burden per options firm would be 14,490 internal burden hours, and the initial external cost per Options Market Maker would be $1,270,790.32, for an estimated aggregate initial burden of 449,190 hours and an estimated aggregate initial external cost of $39,394,499.92.
The Commission estimates that the implementation cost of the Quote Sent Time requirement is approximately $17,400,000. See Section V.F.1.c(2)B., supra. ($17,400,000 in implementation costs)/(31 Options Market Makers) = $561,290.21 in initial external costs to implement the Quote Sent Time requirement per Options Market Maker.
$1,261,290.32 = ($450,000 in initial hardware and software costs) + ($250,000 in initial hardware and software costs to implement the modified allocation timestamp requirement) + ($561,290.32 in initial hardware and software costs to implement the requirement that an Options Market Maker submit a Quote Sent Time).
($1,261,290.32 in initial hardware and software costs) + ($9,500 initial third party/outsourcing costs) = $1,270,790.32 in initial external costs to implement data reporting systems.
The Commission estimates that 31 Options Market Makers would be impacted by this information collection. (31 Options Market Makers) × (14,490 burden hours) = 449,190 initial burden hours to implement data reporting systems.
($1,270,790.32 in initial hardware and software costs) + ($9,500 initial third party/outsourcing costs) × (31 Options Market Makers) = $39,394,499.92 in initial external costs to implement data reporting systems.
(ii) Options Market Makers—Ongoing Burden and Costs
Based on the comment that provided estimates for a modified allocation timestamp requirement, with a one second timestamp granularity and a one second clock offset, the Commission estimates that the ongoing cost to an Options Market Maker to maintain the modified allocation timestamp requirement would be $29,166.67. The Commission believes that this cost would be an external hardware and software cost related to maintenance of the modified allocation timestamp. The Commission is adding the cost of the modified allocation timestamp requirement to the external costs to be incurred by Options Market Makers.
See supra note 3528.
The commenter stated that this requirement would cost the industry $5,035,833 in ongoing costs. The commenter attributed $4,987,500 of the ongoing cost estimate to 126 Insourcers. For purposes of this Paperwork Reduction Act analysis, the Commission is applying the portion of the cost estimates attributed to the 126 Insourcers to all 171 Insourcers. $4,987,500/171 Insourcers = $29,166.67 in ongoing costs to maintain the modified allocation timestamp requirement per Insourcer.
The Commission also is adding a cost estimate for the requirement that an Options Market Maker submit a Quote Sent Time to an exchange. The Commission is using the maximum 5-year cost estimate to Options Market Makers provided by a commenter ($76.8 million) and has divided it into $17,400,000 in aggregate implementation external costs, and $11,880,000 in aggregate ongoing external costs. The Commission estimates that this requirement will impose an additional ongoing hardware and software cost per Options Market Maker of $383,255.81. Based on this information, the Commission now believes that it would take an Options Market Maker 13,338 burden hours per year to continue to comply with the Rule. The Commission also now estimates that it would cost, on average, approximately $492,422.48 per year per Options Market Maker to maintain systems connectivity to the Central Repository and purchase any necessary hardware, software, and other materials, and an additional $1,300 in third party/outsourcing costs.
See Section VI.D.2.a.(1)E., supra; see also supra note 2526; Section V.F.3.a(6), supra; Section V.F.1.c(2)B., supra.
FIF Letter at 65.
See supra note 2526.
The Commission estimates that the ongoing cost of the Quote Sent Time requirement is approximately $11,880,000. See Section V.F.1.c(2)B., supra. ($11,880,000 in ongoing costs)/(31 Options Market Maker) = $383,255.81 in ongoing external costs to maintain the Quote Sent Time requirement per Options Market Maker.
13,338 ongoing burden hours = (7.41 ongoing FTEs to maintain CAT data reporting systems) × (1,800 working hours per year).
$492,422.48 = ($80,000 in ongoing external hardware and software costs) + ($29,166.67 to maintain the modified allocation timestamp requirement) + ($383,255.81 in ongoing external costs to maintain the Quote Sent Time requirement per options firm).
See supra note 3548.
Therefore, the Commission now estimates that the average ongoing annual burden per Options Market Maker would be approximately 13,338 hours, and the ongoing external cost per Options Market Maker would be $493,722.48 to maintain the systems necessary to collect and transmit information to the Central Repository, for an estimated aggregate ongoing burden of 413,478 hours and an estimated aggregate ongoing external cost to Options Market Makers of $15,305,396.88.
($492,422.48 in ongoing external hardware and software costs) + ($1,300 ongoing external third party/outsourcing costs) = $493,722.48 in ongoing external costs per options firm.
The Commission estimates that 31 options firms would be impacted by this information collection. (31 options firms) × (13,338 burden hours) = 413,478 aggregate ongoing burden hours.
($492,422.48 in ongoing external hardware and software costs) + ($1,300 ongoing external third party/outsourcing costs) × (31 options firms) = $15,305,396.88 in aggregate ongoing external costs.
ii. Large OATS-Reporting Broker-Dealers
As noted above, in the CAT NMS Plan, the Participants, based on the Reporters Study's large broker-dealer cost estimates, estimated the following average initial external cost and internal FTE count figures that a large OATS-reporting broker-dealer would expect to incur as a result of the implementation of the consolidated audit trail under Approach 1: $750,000 in hardware and software costs; 14.92 internal FTEs; and $150,000 in external third party/outsourcing costs. The Participants also estimated the following average ongoing external cost and internal FTE count figures that a large OATS-reporting broker-dealer would expect to incur to maintain data reporting systems to be in compliance with Rule 613: $380,000 in ongoing external hardware and software costs; 10.03 internal FTEs; and $120,000 in ongoing external third party/outsourcing costs.
See Section VI.D.2.a.(1)(A)ii., supra.
Approach 1 also provided $6,000,000 in initial internal FTE costs. The Commission believes the $6,000,000 in initial internal FTE costs is the Participants' estimated cost of the 14.92 FTEs. (14.92 FTEs) × ($401,440 Participants' assumed annual cost per FTE provided in the CAT NMS Plan) = $5,989,485. See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(ii)(C), n.192; see also supra note 3320.
See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(iii)(C)(2)(a). The CAT NMS Plan did not break down these third party costs into categories. T he Commission believes that these costs may be attributed to the use of service bureaus, technology consulting, and legal services.
Approach 1 also provided $4,000,000 in internal FTE costs related to maintenance. The Commission believes the $4,000,000 in ongoing internal FTE costs is the Participants' estimated cost of the 10.03 FTEs. (10.03 FTEs) × ($401,440 Participants' assumed annual cost per FTE provided in the CAT NMS Plan) = $4,026,443. See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(ii)(C), n.192; see also supra note 3320.
See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(iii)(C)(2)(b). The CAT NMS Plan did not categorize these third party costs. The Commission believes that these costs may be attributed to the use of service bureaus, technology consulting, and legal services.
As it did in the Notice, based on the Commission's analysis of data provided by FINRA and discussions with market participants, the Commission estimates that 126 broker-dealers, which reported more than 350,000 OATS ROEs between June 15 and July 10, 2015, would strategically decide to either self-report CAT Data or outsource their CAT data reporting functions. To conduct its Paperwork Burden Analysis for the 126 broker-dealers, the Commission is relying on the Reporters Study estimates used by the CAT NMS Plan of expected costs that a large OATS-reporting broker-dealer would incur as a result of the implementation of the consolidated audit trail under Approach 1.
See Notice, supra note 5, at 30718; see also id., at n.901 (stating that the Commission believes that broker-dealers that report fewer than 350,000 OATS ROEs per month are unlikely to be large enough to support the infrastructure required for insourcing data reporting activities).
Once a large OATS-reporting broker-dealer has established the appropriate systems and processes required for collection and transmission of the required information to the Central Repository, such broker-dealers would be subject to ongoing annual burdens and costs associated with, among other things, personnel time to monitor each broker-dealer's reporting of the required data and the maintenance of the systems to report the required data; and implementing changes to trading systems which might result in additional reports to the Central Repository.
(a) Large OATS-Reporting Broker-Dealers—Initial Burden and Costs
In this Order, based on the comment that provided estimates for a modified allocation timestamp requirement, with a one second timestamp granularity and a one second clock offset, the Commission is estimating that the initial cost to a large OATS-reporting broker-dealer to implement the modified allocation timestamp requirement would be $250,000. The Commission believes that this cost would be an external hardware and software cost related to adding this functionality to servers. The Commission is adding the cost of the modified allocation timestamp requirement to the external costs to be incurred by large-OATS-reporting broker-dealers.
See supra note 3528.
The commenter stated that this requirement would cost the industry $44,050,000 in initial implementation costs. The commenter attributed $42,750,000 of the implementation cost estimate to 126 Insourcers. For purposes of this Paperwork Reduction Act analysis, the Commission is applying the portion of the cost estimates attributed to the 126 Insourcers to all 171 Insourcers. $42,750,000/171 Insourcers = $250,000 in initial costs to implement the modified allocation timestamp requirement per Insourcer.
Based on this information the Commission now estimates that these large OATS-reporting broker-dealers would, on average, incur approximately $1,000,000 in initial external costs for hardware and software to implement the systems changes needed to capture the required information and transmit it to the Central Repository, and an additional $150,000 in initial external third party/outsourcing costs. Therefore, the Commission now estimates that the average one-time initial burden per large OATS-reporting broker-dealer would be 26,856 burden hours and external costs of $1,150,000 to implement CAT data reporting systems, for an estimated aggregate initial burden of 3,383,856 hours and an estimated aggregate initial external cost of $189,000,000.
$1,000,000 = ($750,000 in initial external hardware and software costs) + ($250,000 to implement the modified allocation timestamp).
See supra note 3421.
($1,000,000 in initial external hardware and software costs) + ($150,000 initial external third party/outsourcing costs) = $1,150,000 in initial external costs per large OATS-reporting broker-dealer to implement CAT data reporting systems.
The Commission estimates that 126 large OATS-reporting broker-dealers would be impacted by this information collection. (126 large OATS-reporting broker-dealers) × (26,856 initial burden hours) = 3,383,856 initial burden hours to implement data reporting systems.
($1,000,000 in initial external hardware and software costs) + ($150,000 initial external third party/outsourcing costs) × (126 large OATS-reporting broker-dealers) = $189,000,000 in initial external costs to implement data reporting systems.
(b) Large OATS-Reporting Broker-Dealers—Ongoing Burden and Costs
In this Order, additionally, based on the comment that provided estimates for a modified allocation timestamp requirement, with a one second timestamp granularity and a one second clock offset, the Commission estimates that the ongoing cost to a large OATS-reporting broker-dealer to maintain the modified allocation timestamp requirement would be $29,166.67. The Commission believes that this cost would be an external hardware and software cost related to maintenance of the modified allocation timestamp. The Commission is adding the cost of the modified allocation timestamp requirement to the external costs to be incurred by large OATS-reporting broker-dealers.
See supra note 3528.
The commenter stated that this requirement would cost the industry $5,035,833 in ongoing costs. The commenter attributed $4,987,500 of the ongoing cost estimate to 126 Insourcers. For purposes of this Paperwork Reduction Act analysis, the Commission is applying the portion of the cost estimates attributed to the 126 Insourcers to all 171 Insourcers. $4,987,500/171 Insourcers = $29,166.67 in ongoing costs to maintain the modified allocation timestamp requirement per Insourcer.
Based on this information the Commission believes that it would take a large OATS-reporting broker-dealer 18,054 ongoing burden hours per year to continue compliance with the Rule. The Commission now estimates that it would cost, on average, approximately $409,166.67 per year per large OATS-reporting broker-dealer to maintain systems connectivity to the Central Repository and purchase any necessary hardware, software, and other materials, and an additional $120,000 in external ongoing third party/outsourcing costs.
18,054 ongoing burden hours = (10.03 ongoing FTEs for maintenance of CAT data reporting systems) × (1,800 working hours per year).
$409,166.67 = ($380,000 in ongoing external hardware and software costs) + ($29,166.67 to maintain the modified allocation timestamp requirement).
See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(iii)(C)(2)(b).
Therefore, the Commission now estimates that the average ongoing annual burden per large OATS-reporting broker-dealer would be approximately 18,054 burden hours, plus $529,166.67 to maintain the systems necessary to collect and transmit information to the Central Repository, for an estimated aggregate burden of 2,274,804 hours and an estimated aggregate ongoing external cost of $66,675,000.42.
($409,166.67 in ongoing external hardware and software costs) + ($120,000 in ongoing external third party/outsourcing costs) = $529,166.67 in ongoing external costs per large OATS-reporting broker-dealer.
The Commission estimates that 126 large OATS-reporting broker-dealers would be impacted by this information collection. (126 large OATS-reporting broker-dealers) × (18,054 burden hours) = 2,274,804 aggregate ongoing burden hours.
($409,166.67 in ongoing external hardware and software costs) + ($120,000 in ongoing external third party/outsourcing costs) × (126 large OATS-reporting broker-dealers) = $66,675,000.42 in aggregate ongoing external costs.
B. Outsourcers
i. Small OATS-Reporting Broker-Dealers
As it did in the Notice, based on data provided by FINRA, the Commission estimates that there are 806 broker-dealers that report fewer than 350,000 OATS ROEs monthly. The Commission believes that these broker-dealers generally outsource their regulatory reporting obligations because during the period June 15-July 10, 2015, approximately 88.9% of their 350,000 OATS ROEs were reported through service bureaus, with 730 of these broker-dealers reporting more than 99% of their OATS ROEs through one or more service bureaus. The Commission estimates that these firms currently spend an aggregate of $100.1 million on annual outsourcing costs. The Commission estimates these 806 broker-dealers would spend $100.2 million in aggregate to outsource their regulatory data reporting to service bureaus to report in accordance with Rule 613, or $124,373 per broker-dealer. These external outsourcing cost estimates are calculated using the information from staff discussions with service bureaus and other market participants, as applied to data provided by FINRA.
See Notice, supra note 5, at 30718. Because of the extensive use of service bureaus in these categories of broker-dealers, the Commission assumes that these broker-dealers are likely to use service bureaus to accomplish their CAT data reporting.
The average broker-dealer in this category reported 15,185 OATS ROEs from June 15-July 10, 2015; the median reported 1,251 OATS ROEs. Of these broker-dealers, 39 reported more than 100,000 OATS ROEs during the sample period. See Section V.F.1.c.(2)B., supra.
Id.
$124,373 = $100,200,000/806 broker-dealers. This amount is the average estimated annual outsourcing cost to firms that currently report fewer than 350,000 OATS ROEs per month. Id.
See Section V.F.1.c.(2)B., supra.
Firms that outsource their regulatory data reporting still face internal staffing burdens associated with this activity. These employees perform activities such as answering inquiries from their service bureaus, and investigating reporting exceptions. Based on conversations with market participants, the Commission estimates that these firms currently have 0.5 full-time employees devoted to these activities. The Commission estimates that these firms would need to hire one additional full-time employee for one year to implement CAT reporting requirements.
Id.
Id.
Small OATS-reporting broker-dealers that outsource their regulatory data reporting would likely face internal staffing burdens and external costs associated with ongoing activity, such as maintaining any systems that transmit data to their service providers. Based on conversations with market participants, the Commission estimates these firms would need 0.75 FTEs on an ongoing basis to perform or monitor CAT reporting.
See Section IV.F.1.c.(2)B., supra.
(a) Small OATS-Reporting Broker-Dealers—Initial Burden and Costs
In this Order, additionally, based on the comment that provided estimates for a modified allocation timestamp requirement, with a one second timestamp granularity and a one second clock offset, the Commission estimates that the initial cost to a small OATS-reporting broker-dealer to implement this requirement would be $798.04. The Commission believes that this cost would be an external hardware and software cost related to adding this functionality to servers. The Commission is adding the cost of the modified allocation timestamp requirement to the external costs to be incurred by small OATS-reporting broker-dealers.
See supra note 3528.
The commenter stated that this requirement would cost the industry $44,050,000 in initial implementation costs. The commenter attributed $1,300,000 of the implementation cost estimate to 13 service bureaus. For purposes of this Paperwork Reduction Act analysis, the Commission is assuming that the portion of the estimates attributed by the commenter to service bureaus will be passed-through to their Outsourcing broker-dealer clients that rely on service bureaus to perform their regulatory data reporting. The Commission is thus applying the portion of the commenter's cost estimates attributed to the 13 service bureaus across the 1,629 broker-dealers that are categorized as Outsourcing broker-dealers. $1,300,000/1,629 Outsourcing broker-dealers = $798.04 in initial costs to implement the modified allocation timestamp requirement per Outsourcing broker-dealer.
Based on this information, the Commission estimates that the average initial burden to implement the needed systems changes to capture the required information and transmit it to the Central Repository in compliance with the CAT NMS Plan for small OATS-reporting broker-dealers would be approximately 1,800 burden hours. The Commission believes the burden hours would be associated with work performed by internal technology, compliance and legal staff in connection with the implementation of CAT data reporting. The Commission also now estimates that each small OATS-reporting broker-dealer would incur approximately $125,171.04 in initial external costs. Therefore, the Commission now estimates that the average one-time initial burden per small OATS-reporting broker-dealer would be 1,800 burden hours and external costs of $125,171.04, for an estimated aggregate initial burden of 1,450,800 hours and an estimated aggregate initial external cost of $100,887,858.24.
This estimate assumes that, based on the expected FTE count provided, a small OATS-reporting broker-dealer would have to hire 1 new FTE for implementation. The salary attributed to the 1 FTE would be (1 FTE) × ($424,350 FTE cost) = $424,350 per year. To determine the number of burden hours to be incurred by the current 0.5 FTE for implementation, multiply 0.5 FTE by 1,800 hours per year = 900 initial burden hours.
$125,171.04 = ($124,373 in initial outsourcing costs) + ($798.04 to implement the allocation timestamp).
The Commission estimates that 806 small OATS-reporting broker-dealers would be impacted by this information collection. (806 small OATS-reporting broker-dealers) × (1,800 burden hours) = 1,450,800 aggregate initial burden hours.
($124,373 in initial outsourcing costs) + ($798.04 to implement the allocation timestamp) × (806 small OATS-reporting broker-dealers) = $100,887,858.24 in aggregate initial external costs.
(b) Small OATS-Reporting Broker-Dealers—Ongoing Burden and Costs
In this Order, the Commission estimates that it would cost, on average, approximately $124,373 in ongoing external outsourcing costs to ensure ongoing compliance with Rule 613. Additionally, based on the comment that provided estimates for a modified allocation timestamp requirement, with a one second timestamp granularity and a one second clock offset, the Commission estimates that the ongoing cost to a small OATS-reporting broker-dealer to maintain the modified allocation timestamp requirement would be $66.50. The Commission believes that this cost would be an external hardware and software cost related to maintenance of the modified allocation timestamp. The Commission is adding the cost of the modified allocation timestamp requirement to the external costs to be incurred by small OATS-reporting broker-dealers
See supra note 3610.
See supra note 3528.
The commenter stated that this requirement would cost the industry $5,035,833 in ongoing costs. The commenter attributed $108,333 of the ongoing cost estimate to 13 service bureaus. For purposes of this Paperwork Reduction Act analysis, the Commission is assuming that the portion of the estimates attributed by the commenter to service bureaus will be passed-through to their Outsourcing broker-dealer clients that rely on service bureaus to perform their regulatory data reporting. The Commission is thus applying the portion of the commenter's cost estimates attributed to the 13 service bureaus across the 1,629 broker-dealers that are categorized as Outsourcing broker-dealers. $108,333/1,629 Outsourcing broker-dealers = $66.50 in ongoing costs to maintain the modified allocation timestamp requirement per Outsourcing broker-dealer.
Therefore, the Commission now estimverage ongoing annual burden per small OATS-reporting broker-dealer would be approximately 1,350 hours, plus $124,439.50, in external costs, for an estimated aggregate ongoing burden of 1,088,100 hours and an estimated aggregate ongoinates that the ag external cost of $100,298,237.
$124,439.50 = ($124,373 in ongoing outsourcing costs) + ($66.50 to maintain the allocation timestamp)
The Commission estimates that 806 small OATS-reporting broker-dealers would be impacted by this information collection. (806 small OATS-reporting broker-dealers) × (1,350 burden hours) = 1,088,100 aggregate ongoing burden hours to ensure ongoing compliance with Rule 613.
$100,298,237 = ($124,373 in ongoing outsourcing costs) + ($66.50 to maintain the allocation timestamp) × (806 broker-dealers).
ii. Small Non-OATS-Reporting Broker-Dealers
In addition to firms that currently report to OATS, as it did in the Notice, the Commission estimates there are 799 broker-dealers that are currently exempt from OATS reporting rules due to firm size, or excluded because all of their order flow is routed to a single OATS reporter, such as a clearing firm, that would incur CAT reporting obligations. A further 24 broker-dealers have SRO memberships only with one Participant; the Commission believes this group is comprised mostly of floor brokers and further believes these firms would experience CAT implementation and ongoing reporting costs similar in magnitude to small equity broker-dealers that currently have no OATS reporting responsibilities.
See Section V.F.1.c.(2)B., supra. Rule 613 does not exclude from data reporting obligations SRO members that quote or execute transactions in NMS Securities and Listed Options that route to a single market participant; see also CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(ii)(B)(2).
See Section V.F.1.c.(2)B., supra.
Id.
The Commission assumes these broker-dealers would have very low levels of CAT reporting, similar to those of the lowest activity firms that currently report to OATS. For these firms, the Commission assumes that under CAT they would incur the average estimated service bureau cost of broker-dealers that currently report fewer than 350,000 OATS ROEs per month, which is $124,373 annually. Furthermore, because these firms have more limited data reporting requirements than other firms, the Commission assumes these firms currently have only 0.1 full-time employees currently dedicated to regulatory data reporting activities. The Commission assumes these firms would require 2 full-time employees for one year to implement CAT.
Id.
Id.
Id.
Small non-OATS-reporting broker-dealers that outsource their regulatory data reporting would likely face internal staffing burdens and costs associated with ongoing activity, such as maintaining any systems that transmit data to their service providers. Based on conversations with market participants, the Commission estimates these firms would need 0.75 full-time employees annually to perform or monitor CAT reporting.
(a) Small Non-OATS Reporting Broker-Dealers—Initial Burden and Costs
In this Order, additionally, based on the comment that provided estimates for a modified allocation timestamp requirement, with a one second timestamp granularity and a one second clock offset, the Commission estimates that the initial cost to a small non-OATS-reporting broker-dealer would be $798.04. The Commission believes that this cost would be an external hardware and software cost related to adding this functionality to servers. The Commission is adding the cost of the modified allocation timestamp requirement to the external costs to be incurred by small non-OATS-reporting broker-dealers.
See supra note 3528.
The commenter stated that this requirement would cost the industry $44,050,000 in initial implementation costs. The commenter attributed $1,300,000 of the implementation cost estimate to 13 service bureaus. For purposes of this Paperwork Reduction Act analysis, the Commission is assuming that the portion of the estimates attributed by the commenter to service bureaus will be passed-through to their Outsourcing broker-dealer clients that rely on service bureaus to perform their regulatory data reporting. The Commission is thus applying the portion of the commenter's cost estimates attributed to the 13 service bureaus across the 1,629 broker-dealers that are categorized as Outsourcing broker-dealers. $1,300,000/1,629 Outsourcing broker-dealers = $798.04 in initial costs to implement the modified allocation timestamp requirement per Outsourcing broker-dealer.
Based on this information, the Commission now estimates that the average initial burden to develop and implement the needed systems changes to capture the required information and transmit it to the Central Repository in compliance with the Rule for small, non-OATS-reporting broker-dealers would be approximately 3,600 initial burden hours. The Commission believes the burden hours would be associated with work performed by internal technology, compliance and legal staff in connection with the implementation of CAT Data reporting. The Commission also now estimates that each small non-OATS-reporting broker-dealer would incur approximately $125,171.04 in initial external outsourcing costs. Therefore, the Commission now estimates that the average one-time initial burden per small non-OATS-reporting broker-dealer would be 3,600 burden hours and external costs of $125,171.04 for an estimated aggregate initial burden of 2,962,800 hours and an estimated aggregate initial external cost of $103,015,765.92.
3,600 initial burden hours = (2 FTEs for implementation of CAT Data reporting systems) × (1,800 working hours per year).
$125,171.04 = ($124,373 in initial outsourcing costs) + ($798.04 to implement the allocation timestamp).
The Commission estimates that 823 small non-OATS-reporting broker-dealers would be impacted by this information collection. (823 small non-OATS-reporting broker-dealers) × (3,600 burden hours) = 2,962,800 aggregate initial burden hours.
$103,015,765.92 = ($124,373 in initial outsourcing costs) + ($798.04 to implement the allocation timestamp) × (823 small non-OATS-reporting broker-dealers).
(b) Small Non-OATS-Reporting Broker-Dealers—Ongoing Burden and Costs
In this Order, additionally, based on the comment that provided estimates for a modified allocation timestamp requirement, with a one second timestamp granularity and a one second clock offset, the Commission estimates that the ongoing cost to a small non-OATS-reporting broker-dealer to maintain the modified allocation timestamp requirement would be $66.50. The Commission believes that this cost would be an external hardware and software cost related to maintenance of the modified allocation timestamp. The Commission is adding the cost of the modified allocation timestamp requirement to the external costs to be incurred by small non-OATS-reporting broker-dealers
See supra note 3528.
The commenter stated that this requirement would cost the industry $5,035,833 in ongoing costs. The commenter attributed $108,333 of the ongoing cost estimate to 13 service bureaus. For purposes of this Paperwork Reduction Act analysis, the Commission is assuming that the portion of the estimates attributed by the commenter to service bureaus will be passed-through to their Outsourcing broker-dealer clients that rely on service bureaus to perform their regulatory data reporting. The Commission is thus applying the portion of the commenter's cost estimates attributed to the 13 service bureaus across the 1,629 broker-dealers that are categorized as Outsourcing broker-dealers. $108,333/1,629 Outsourcing broker-dealers = $66.50 in ongoing costs to maintain the modified allocation timestamp requirement per Outsourcing broker-dealer.
Therefore, the Commission now estimates that the average ongoing annual burden per small non-OATS-reporting broker-dealer would be approximately 1,350 hours, plus $124,439.50 in external costs, for an estimated aggregate ongoing burden of 1,111,050 hours and an estimated aggregate ongoing external cost of $102,413,708.50.
$124,439.50 = ($124,373 in ongoing outsourcing costs) + ($66.50 to maintain the allocation timestamp)
The Commission estimates that 823 small non-OATS-reporting broker-dealers would be impacted by this information collection. (823 small non-OATS-reporting broker-dealers × 1,350 burden hours) = 1,111,050 aggregate ongoing burden hours to ensure ongoing compliance with Rule 613.
$102,413,708.50 = ($124,373 in ongoing outsourcing costs) + ($66.50 to maintain the allocation timestamp) × (823 small non-OATS reporting broker-dealers).
E. Summary of Collection of Information Under the CAT NMS Plan, as Amended by the Commission
As noted above, the Commission is amending the CAT NMS Plan, resulting in a new information collection requirement, “CAT NMS Plan Reporting and Disclosure Requirements.” The Commission is requesting public comment on the new collection of information requirement in this Order. The Commission is applying for an OMB control number for the proposed new collection of information in accordance with 44 U.S.C. 3507(j) and 5 CFR 1320.13, and OMB has not yet assigned a control number to the new collection. Responses to the new collection of information would be mandatory. An agency may not conduct or sponsor, and a person is not required to respond to, a collection of information unless it displays a currently valid OMB control number.
See Section VI.
1. One-Time Reports
a. Independent Audit of Expenses Incurred Prior to the Effective Date
Section 6.6(a)(i) of the CAT NMS Plan requires the Participants to provide to the Commission, and make public, an independent audit of fees, costs and expenses incurred by the Participants on behalf of the Company, prior to the Effective Date, in connection with the creation and implementation of the CAT, at least one month prior to submitting any rule filing to establish initial fees to the Commission.
b. Review of Clock Synchronization Standards
Section 6.6(a)(ii) of the CAT NMS Plan now requires a written assessment of clock synchronization standards, including consideration of industry standards based on the type of CAT Reporter, Industry Member and type of system, within six months of effectiveness of the Plan.
c. Coordinated Surveillance Report
Section 6.6(a)(iii) of the CAT NMS Plan requires the Participants to submit a written report detailing the Participants' consideration of coordinated surveillance (e.g., entering into a Rule 17d-2 agreements or regulatory services agreements), within 12 months of effectiveness of the Plan.
d. Assessment of Industry Member Bulk Access to Reported Data
Section 6.6(a)(iv) of the CAT NMS Plan requires the Participants to provide a written report discussing the feasibility, benefits, and risks of allowing an Industry Member to bulk download the Raw Data it submitted to the Central Repository, within 24 months of effectiveness of the Plan.
e. Assessment of Errors in Customer Information Fields
Section 6.6(a)(v) of the CAT NMS Plan requires the Participants to submit a written assessment of the nature and extent of errors in the Customer information submitted to the Central Repository and whether to prioritize the correction of certain data fields over others, within 36 months of effectiveness of the Plan.
f. Report on Impact of Tiered Fees on Market Liquidity
Section 6.6(a)(vi) of the CAT NMS Plan now requires the Participants to submit a written report to study the impact of tiered-fees on market liquidity, including an analysis of the impact of the tiered-fee structure on Industry Members' provision of liquidity, within 36 months of effectiveness of the Plan.
g. Assessment of Material Systems Change on Error Rate
Section 6.6(a)(vii) of the CAT NMS Plan requires a written assessment of the projected impact of any Material Systems Change on the Maximum Error Rate, prior to the implementation of any Material Systems Change.
2. Non-Report Commission-Created Information Collections
a. Financial Statements
Section 9.2 of the CAT NMS Plan now requires that the CAT LLC financials be (i) in compliance with GAAP, (ii) be audited by an independent public accounting firm, and (iii) be made publicly available.
b. Background Checks
Section 6.1(g) of the CAT NMS Plan now requires each Participant to conduct background checks of its employees and contractors that will use the CAT System.
F. Proposed Use of Information Under the CAT NMS Plan, as Amended by the Commission
1. Independent Audit of Expenses Incurred Prior to the Effective Date
Section 6.6(a)(i) of the CAT NMS Plan requires the Participants to provide to the Commission, and make public, an independent audit of fees, costs and expenses incurred by the Participants on behalf of the Company, prior to the Effective Date, in connection with the creation and implementation of the CAT, at least one month prior to submitting any rule filing to establish initial fees to the Commission. The Commission notes that any such filing will be published for notice and comment, and that such an audit would facilitate public comment and the Commission's review of these filings to ensure the fees imposed on Industry Members are reasonable, equitable and not unfairly discriminatory.
2. Review of Clock Synchronization Standards
Section 6.6(a)(ii) of the CAT NMS Plan now requires a written assessment of clock synchronization standards, including consideration of industry standards based on the type of CAT Reporter, Industry Member and type of system. The Commission believes that the Participants should consider the Plan's clock synchronization standards based on the diversity of the CAT Reporter, Industry Member, and type of system promptly and propose any appropriate amendments for Commission consideration, within six months of effectiveness of the Plan.
3. Coordinated Surveillance Report
Section 6.6(a)(iii) of the CAT NMS Plan now requires the Participants to submit a written report detailing the Participants' consideration of coordinated surveillance (e.g., entering into a Rule 17d-2 agreements or regulatory services agreements), within 12 months of effectiveness of the Plan. The Commission notes that the CAT will allow regulators to conduct cross-market surveillances and to review conduct that occurs across the markets. As a result, the Commission believes that it may be efficient for the Participants to coordinate to conduct cross market surveillances.
4. Assessment of Industry Member Bulk Access to Reported Data
Section 6.6(a)(iv) of the CAT NMS Plan now requires the Participants to provide a written report discussing the feasibility, benefits and risks of allowing an Industry Member to bulk download the Raw Data it submitted to the Central Repository, within 24 months of effectiveness of the Plan. Commenters expressed a desire for bulk access to their own data for surveillance and internal compliance purposes, as well as possible error correction purposes. While the Participants did not permit such access in the Plan citing security and cost concerns, they did represent that they would consider allowing bulk access to the audit trail data reported by Industry Members once CAT is operational. The Commission believes a report discussing the feasibility of this type of access will ensure the Participants consider the issue and are responsive to Industry requests.
5. Assessment of Errors in Customer Information Fields
Section 6.6(a)(v) of the CAT NMS Plan requires the Participants to submit a written assessment of the nature and extent of errors in the Customer information submitted to the Central Repository and whether the correction of certain data fields should be prioritized. The Commission believes that requiring such an assessment of errors could help ensure that the accuracy of CAT Data is achieved in the most prompt and efficient manner.
6. Report on Impact of Tiered Fees on Market Liquidity
Section 6.6(a)(vi) of the CAT NMS Plan now requires the Participants to submit a written report to study the impact of tiered-fees on market liquidity, including an analysis of the impact of the tiered-fee structure on Industry Members' provision of liquidity, within 36 months of effectiveness of the Plan. One commenter expressed concern that use of a tiered-fees structure could discourage the display of quotes. In response the Participants explained that one of the reasons they chose to use a tiered-fee funding model was to limit disincentives to providing liquidity. To help determine whether the Plan's funding model actually achieves the Participants' stated objective, the Commission believes it is appropriate to require them to provide this assessment. The Commission believes that a report that explains the observed impact on liquidity after reporting begins will allow the Commission and the Participants to determine whether or not the tier-fee structure discourages Industry Member from providing liquidity.
7. Assessment of Material Systems Change on Error Rate
The Commission is amending the Plan to require Participants to provide the Commission a written assessment of the projected impact of any Material Systems Change on the Maximum Error Rate, prior to the implementation of any Material Systems Change. The Commission believes that Material Systems Changes either could result in new challenges for CAT Reporters or simplify the means for reporting data. In either case, the appropriateness of the Maximum Error Rate could be impacted, and thus warrant a change. Accordingly, the Commission believes it appropriate to require the Participants to provide the Commission an assessment of the projected impact on the Maximum Error Rate, including any recommended changes thereto, prior to the implementation of any Material Systems Change.
8. Financial Statements
Section 9.2 of the CAT NMS Plan now requires that the CAT LLC financials be (i) in compliance with GAAP, (ii) be audited by an independent public accounting firm, and (iii) be made publicly available. The Commission believes that this requirement will promote greater transparency with respect to the Company's financial accounting.
9. Background Checks
Section 6.1(g) of the CAT NMS Plan now requires each Participant to conduct background checks of its employees and contractors that will use the CAT System. The Commission believes that such a requirement generally should extend to Participants with respect to all of their users that have access to CAT Data and therefore has amended the Plan to require that each Participant conduct background checks for its employees and contractors that will use the CAT System. The Commission believes that this amendment to the Plan is appropriate in order to better manage the risk of bad actors accessing to the CAT System.
G. Total Initial and Annual Reporting and Recordkeeping Burden of Information Collection Under the CAT NMS Plan, as Amended by the Commission
1. Burden on National Securities Exchanges and National Securities Associations
a. Independent Audit of Expenses Incurred Prior to the Effective Date
Section 6.6(a)(i) of the CAT NMS Plan now requires the Participants to provide to the Commission an independent audit of fees, costs and expenses incurred by the Participants on behalf of the Company, prior to the Effective Date, in connection with the creation and implementation of the CAT, at least one month prior to submitting any rule filing to establish initial fees to the Commission.
The Commission preliminarily estimates that each Participant would incur an initial, one-time external cost of the audit of $238.09. The Commission preliminarily estimates that the aggregate initial, one-time external cost of the audit is $5,000.
The Commission estimates that the cost of the audit would be an aggregate, external cost of $5,000. $5,000/21 Participants = $238.09 per Participant. See Section V.F.1.b., supra.
Id.
b. Review of Clock Synchronization Standards
Section 6.6(a)(ii) of the CAT NMS Plan now requires a written assessment of clock synchronization standards, including consideration of industry standards based on the type of CAT Reporter, Industry Member and type of system, within six months of effectiveness of the Plan.
The Commission preliminarily estimates that it would take each Participant approximately 19 initial, one-time burden hours of internal legal and information technology staff time to prepare and submit the assessment of clock synchronization standards. The Commission believes that this burden would mostly be comprised of information technology staff time to conduct the assessment, with less time allocated to internal legal staff for review of the assessment. Additionally, the Commission now preliminarily estimates that on average, each Participant would outsource 0.5 hours of legal time to assist in the review of the assessment, for an initial, one-time external cost of approximately $200. Therefore, the Commission preliminarily estimates that the initial, one-time burden of preparing and submitting the assessment would be 19 initial, one-time burden hours per Participant plus $200 of external costs for outsourced legal counsel per Participant, for an estimated aggregate initial, one-time burden of approximately 399 hours and an estimated aggregate initial, one-time external cost of $4,200.
The Commission estimates that 19 internal burden hours = (Computer Operations Department Manager at 5 hours) + (Senior Systems Analyst at 5 hours) + (Systems Analyst at 5 hours) + (Attorney at 2 hours) + (Assistant General Counsel at 2 hours).
$200 = ($400 per hour rate for outside legal services) × (0.5 hours). The Commission based this estimate on the assumption that the assessment would require approximately one-fifth the effort of review by outside counsel as the document required by Rule 613(i) regarding the expansion of the CAT to other securities because the Commission believes the assessment is not as comprehensive as the expansion document since it is limited to clock synchronization standards. See Section VI.D.1.e., supra.
399 initial internal burden hours = (19 initial, one-time burden hours) × (21 Participants).
$4,200 = (21 Participants) × ($400 per hour rate for outside legal services) × (0.5 hours).
c. Coordinated Surveillance Report
Section 6.6(a)(iii) of the CAT NMS Plan now requires the Participants to submit a written report detailing the Participants' consideration of coordinated surveillance (e.g., entering into Rule 17d-2 agreements or regulatory services agreements), within 12 months of effectiveness of the Plan.
The Commission preliminarily estimates that it would take each Participant approximately 85.71 initial burden hours of internal legal, compliance, business operations, and information technology staff time to prepare and submit the report. The Commission preliminarily estimates that on average, each Participant would outsource 2.5 hours of legal time to assist in the drafting and review of the report, for an initial, one-time external cost of approximately $1,000. Therefore, the Commission preliminarily estimates that the initial, one-time burden of preparing and submitting the report would be 85.71 initial, one-time burden hours per Participant plus $1,000 of external costs for outsourced legal counsel per Participant, for an estimated aggregate initial, one-time burden of 1,799.91 hours and an estimated aggregate initial, one-time external cost of $21,000.
The Commission calculates the total estimated burden hours based on a similar formulation used for calculating the total estimated burden hours of Rule 613(i)'s requirement for a document addressing expansion of the CAT to other securities. See Section VI.D.1.e., supra. The Commission assumes that the preparation of the report would be approximately one-half as burdensome as the document required by Rule 613(i). Because the Commission believes that the report would be half as burdensome as the document required by Rule 613(i), the Commission believes that all of the Participants would need 1 FTE for the report. (1 FTE) × (1,800 working hours per year) = 1,800 initial, one-time burden hours per year for all of the Participants. (1,800 burden hours per year)/(21 Participants) = 85.71 initial, one-time burden hours per Participant for preparation and submission of the report.
$1,000 = ($400 per hour rate for outside legal services) × (2.5 hours). The Commission based this estimate on the assumption that the report would require approximately one-tenth the effort of drafting by outside counsel as the document required by Rule 613(i) regarding the expansion of the CAT to other securities. See Section VI.D.1.e., supra.
1,799.91 initial, one-time burden hours = (85.71 initial, one-time burden hours) × (21 Participants).
$21,000 = (21 Participants) × ($400 per hour rate for outside legal services) × (2.5 hours).
d. Assessment of Industry Member Bulk Access to Reported Data
Section 6.6(a)(iv) of the CAT NMS Plan requires the Participants to provide a written report discussing the feasibility, benefits, and risks of allowing an Industry Member to bulk download the Raw Data it submitted to the Central Repository, within 24 months of effectiveness of the Plan.
The Commission preliminarily estimates that it would take each Participant approximately 15 initial, one-time burden hours of internal legal, compliance, business operations, and information technology staff time to prepare and submit the assessment. The Commission preliminarily estimates that on average, each Participant would outsource five hours of legal time to assist in the preparation and review of the assessment, for an initial, one-time external cost of approximately $2,000. Therefore, the Commission preliminarily estimates that the initial one-time burden of submitting a written assessment would be 15 initial burden hours per SRO plus $2,000 of external costs for outsourced legal counsel per Participant, for an estimated aggregate initial burden of approximately 315 hours and an estimated aggregate initial external cost of $42,000.
The Commission estimates that 15 internal burden hours = (Computer Operations Department Manager at 2 hours) + (Senior Database Administrator at 5 hours) + (Senior Systems Analyst at 2 hours) + (Systems Analyst at 2 hours) + (Attorney at 2 hours) + (Assistant General Counsel at 2 hours).
$2,000 = ($400 per hour rate for outside legal services) × (5 hours). The Commission is basing this estimate on the assumption that the assessment would require approximately twice the effort of drafting by outside counsel as the document required by Rule 613(i) regarding the expansion of the CAT to other securities. The Commission attributes this difference to ensuring that any potential security issues regarding industry bulk access of data are sufficiently reviewed and addressed. See Section VI.D.1.e., supra.
315 initial one-time internal burden hours = (15 initial, one-time burden hours per Participant) × (21 Participants).
$42,000 = (21 Participants) × ($400 per hour rate for outside legal services) × (5 hours).
e. Assessment of Errors in Customer Information Fields
Section 6.6(a)(v) of the CAT NMS Plan requires the Participants to submit a written assessment of errors in the customer information submitted to the Central Repository and whether to prioritize the correction of certain data fields over others, within 36 months of effectiveness of the Plan.
The Commission preliminarily estimates that it would take each Participant approximately 24 initial, one-time burden hours of internal legal, compliance, and information technology staff time to prepare and submit the assessment of errors. The Commission estimates that on average, each Participant would outsource 1.25 hours of legal time to assist in the review of the assessment, for an initial, one-time external cost of approximately $500. Therefore, the Commission now preliminarily estimates that the initial, one-time burden of preparing and submitting a written assessment would be 24 initial, one-time burden hours per SRO plus $500 of external costs for outsourced legal counsel per Participant, for an estimated aggregate initial, one-time burden of approximately 504 hours and an estimated aggregate initial, one-time external cost of $10,500.
The Commission estimates that 24 internal burden hours = (Computer Operations Department Manager at 3 hours) + (Senior Database Administrator at 4 hours) + (Senior Systems Analyst at 2 hours) + (Systems Analyst at 2 hours) + (Compliance Attorney at 5 hours) + (Attorney at 4 hours) + (Assistant General Counsel at 4 hours).
The Commission calculated the total estimated external cost based on the revised burden hour estimate for the written assessment of the operation of the CAT. See Section VI.D.1.f.b, supra. The Commission assumes that the preparation and submission of the error assessment would cost approximately half as much as the revised written assessment. The revised written assessment estimate provides that each Participant would outsource 2.5 hours of legal time to assist in the review of the assessment, for an external cost of approximately $1,000. The Commission estimates that each Participant would outsource approximately 1.25 hours of legal time, for an initial, one-time external cost of $500 (1.25 hours × $400 per hour rate for outside legal services) to assist in drafting the error assessment.
504 initial, one-time burden hours = (24 initial, one-time burden hours per Participant) × (21 Participants).
$10,500 = (21 Participants) × ($400 per hour rate for outside legal services) × (1.25 hours).
f. Report on Impact of Tiered Fees on Market Liquidity
Section 6.6(a)(vi) of the CAT NMS Plan now requires the Participants to submit a written report to study the impact of tiered-fees on market liquidity, including an analysis of the impact of the tiered-fee structure on Industry Members' provision of liquidity, within 36 months of effectiveness of the Plan.
The Commission preliminarily estimates that it would take each Participant approximately 21.43 initial, one-time burden hours of internal legal and business operations staff time to prepare and submit the report studying the impact of tiered fees on market liquidity. The Commission also preliminarily estimates that on average, each Participant would outsource 0.5 hours of legal time to assist in drafting the report, for an initial, one-time external cost of approximately $200. Therefore, the Commission now preliminarily estimates that the initial, one-time burden of preparing and submitting the report studying the impact of tiered fees on market liquidity would be 21.43 initial, one-time burden hours per Participant plus $200 of external costs for outsourced legal counsel per Participant, for an estimated aggregate initial, one-time burden of approximately 450 hours and an estimated aggregate initial, one-time external cost of $4,200.
The Commission calculated the total estimated burden hours based on a similar formulation used for calculating the total estimated burden hours of Rule 613(i)'s requirement for a document addressing expansion of the CAT to other securities. See Section VI.D.1.e., supra. The Commission assumes that the preparation of the assessment would be approximately one-eighth as burdensome as the document required by Rule 613(i). As noted in note 3394, to estimate the Rule 613(i) burden, the Commission is applying the internal burden estimate provided in the CAT NMS Plan for Plan development over a 6-month period, and dividing the result in half. See CAT NMS Plan, supra note 5, at Appendix C, Section B.7(b)(iii). 0.667 FTEs required for all Participants per month to develop the CAT NMS Plan = (20 FTEs/30 months). 0.667 FTEs × 6 months = 4 FTEs. 4 FTEs/2 = 2 FTEs needed for all of the Participants to create and submit the Rule 613(i) document. (2 FTEs) × (1/8) = 0.25 FTE to prepare and submit the report studying the impact of tiered fees on market liquidity. (0.25 FTE × 1,800 working hours per year) = 450 initial, one-time burden hours for all of the Participants to review and comment on the written assessment. (450 burden hours/21 Participants) = 21.43 initial, one-time burden hours per Participant to prepare and submit the report.
$200 = ($400 per hour rate for outside legal services) × (0. 5 hours).
450 initial, one-time burden hours = (21.43 initial, one-time burden hours) × (21 Participants).
$4,200 = (21 Participants) × ($400 per hour rate for outside legal services) × (0.5 hours).
g. Assessment of Material Systems Change on Error Rate
Section 6.6(a)(vii) of the CAT NMS Plan requires a written assessment of the projected impact of any Material Systems Change on the Maximum Error Rate, prior to the implementation of any Material Systems Change.
The Commission preliminarily estimates that the CAT may have four Material Systems Changes per year. Based on this estimate, the Commission preliminarily estimates that each Participant would incur 5.95 burden hours to prepare and submit each assessment, or 23.8 annual burden hours per year, for an aggregate, ongoing estimate of 125 burden hours per report, or an aggregate ongoing estimate of 500 burden hours per year.
This estimate is based on the quarterly material system change reports required under Rule 1003(a)(1) of Regulation SCI. The Commission estimated that each SCI entity would incur a burden of 125 hours to comply with the quarterly report on material changes to SCI systems required under Rule 1003(a)(1) (7.5 hours by an Attorney, 7.5 hours by a Compliance Manager, 5 hours by a Chief Compliance Officer, 30 hours by a Senior Business Analyst, and 75 hours by a Senior Systems Analyst). See Regulation Systems Compliance and Integrity, Securities Exchange Act Release No. 73639 (December 5, 2014), 79 FR 72251, at 72390, n.1656. Because the CAT is an SCI System of the Participants, the Commission is assuming for its estimates that each Participant would incur an equal portion of the 125 burden hours per report.
The Commission estimates that there would be four Material System Changes per year. 5.95 burden hours per report × 4 reports per year = 23.8 annual burden hours per year.
(5.95 burden hours per report) × 21 Participants = 125 burden hours per report.
(125 burden hours) × (4 reports per year) = 500 annual burden hours.
h. Financial Statements
Section 9.2 of the CAT NMS Plan now requires that the CAT LLC financials be (i) in compliance with GAAP, (ii) be audited by an independent public accounting firm, and (iii) be made publicly available. The Commission preliminarily estimates that each Participant would incur an annual external cost of $3,095.24 associated with this requirement, for an aggregate annual, ongoing external cost of $65,000 to the Participants.
($65,000 annual, external cost)/( 21 Participants) = $3,095.24 per Participant. See supra note 2503 (explaining the source of the $65,000 estimate, stating that the Commission drew this estimate from a recent Commission adopting release and an industry report); see also Section V.F.1.b., supra.
See supra note 2503 (explaining the source of the $65,000 estimate); see also Section V.F.1.b., supra.
i. Background Checks
Section 6.1(g) of the CAT NMS Plan now requires each Participant to conduct background checks of its employees and contractors that will use the CAT System. The Commission preliminarily estimates that this requirement will impact approximately 1,500 users. The Commission preliminarily estimates that each Participant would need to have background checks of approximately 71 users. For its estimates, the Commission is assuming that these would be background checks using fingerprints submitted to the Attorney General of the United States for identification and processing. The Commission preliminarily estimates that it would take approximately 15 minutes to create and submit each fingerprint card. The total reporting burden per Participant is therefore preliminarily estimated to be 17.75 initial, one-time burden hours, for an aggregate, initial burden of 374.01 hours. The Commission preliminarily estimates that the total initial external cost per Participant would be $2,603.04, for an aggregate, initial external cost of $54,987.45.
The Commission notes that Section 17(f)(2) of the Exchange Act already mandates that each national securities exchange and national securities association require each of its partners, directors, officers and employees be fingerprinted and such fingerprints to be submitted to the Attorney General of the United States for identification and appropriate processing. 15 U.S.C. 78q(f)(2).
This number is based on conversations with Participants.
71.42 users per Participant = (1,500 users)/(21 Participants).
The Commission is basing this assumption on the requirements of Section 17(f)(2). 15 U.S.C. 78q(f)(2).
This is based on the per respondent burden in Extension of Rule 17f-2, SEC File No. 270-35, OMB Control No. 3235-0029, 79 FR 42563 (July 22, 2014).
The Commission is assuming that this would be a burden of 15 minutes for a Compliance Manager per fingerprint card.
17.81 burden hours = (Compliance Manager at 15 minutes) × (71.42 users).
374.01 = (17.75 initial one-time burden hours) × (21 Participants).
71.42 × 45% hard copy fingerprinting = 32.14 users. 71 × 55% electronic fingerprinting = 39.28 users. (32.14 hard copy fingerprinting users) × ($44.50 per hard copy fingerprint) = $1,430.23 for hard copy fingerprinting users per Participant. (39.28 electronic fingerprinting users) × ($30.25 per electronic fingerprint) = $1,188.22 for electronic fingerprint users per Participant. $1,430.23 + $1,188.22 = $2,618.45 per Participant in initial external costs for fingerprinting.
$54,987.45 = ($2,618.45 per Participant) × (21 Participants).
The Commission preliminarily estimates that the ongoing internal burden hours for each Participant would be approximately 4.26 annual burden hours, for an aggregate annual burden hour amount of 89.51 burden hours. The Commission also preliminarily estimates that the ongoing external cost to be incurred by each Participant would be approximately $625.07, for an aggregate annual external cost of $13,126.37.
The Commission assumes that the finance industry has a rate of 23.87% turnover per year, based on a monthly rate for both employment separations and hires of 1.8% for the finance and insurance industry in September 2016. See http://www.bls.gov/news.release/pdf/jolts.pdf (news release from the Bureau of Labor Statistics, dated November 8, 2016). The Commission preliminarily estimates that the Participants will have to annually conduct background checks of 23.87% of the 1,500 users, or 358.05 users per year. (358.05 users)/(21 Participants) = 17.05 users that will need to be subject to background checks on an annual basis. Based on this estimate, the Commission estimates that each Participant would incur a burden of 4.26 ongoing annual burden hours = (Compliance Manager at 15 minutes) × (17.05 users).
89.51 annual ongoing burden hours = (4.26 ongoing annual burden hours per Participant) × (21 Participants).
See supra note 3675. Based on the Commission's estimate that 17.05 users will need to be subject to background checks annually, the Commission estimates that 45% of the 17.05 users would submit hard copy fingerprints and 55% of the 17.05 users would submit electronic fingerprints to conduct their background checks. 45% of 17.05 = 7.67 users that would submit hard copy fingerprints. 55% of 17.05 = 9.38 users that would submit electronic fingerprints. (7.67 hard copy fingerprinting users) × ($44.50 per hard copy fingerprint) = $341.32 for hard copy fingerprinting users per Participant. (9.38 electronic fingerprinting users) × ($30.25 per electronic fingerprint) = $283.75 for electronic fingerprint users per Participant. $341.32 + $283.75 = $625.07 per Participant in initial external costs for fingerprinting.
($625.07 per Participant in annual, ongoing external costs) × (21 Participants) = $13,126.37 to conduct a fingerprint-based background check of the users.
2. Request for Comment
Pursuant to 44 U.S.C. 3506(c)(2)(A), the Commission solicits comments on the “CAT NMS Plan Reporting and Disclosure Requirements” collection of information to:
(1) Evaluate whether the proposed collection is necessary for the proper performance of our functions, including whether the information shall have practical utility;
(2) Evaluate the accuracy of our estimate of the burden of the collection of information;
(3) Determine whether there are ways to enhance the quality, utility, and clarity of the information to be collected; and
(4) Evaluate whether there are ways to minimize the burden of the collection of information on those who are to respond, including through the use of automated collection techniques or other forms of information technology.
Persons submitting comments on the collection of information requirement should direct them to the Office of Management and Budget, Attention: Desk Officer for the Securities and Exchange Commission, Office of Information and Regulatory Affairs, Washington, DC 20503, and should also send a copy of their comments to Brent J. Fields, Secretary, Securities and Exchange Commission, 100 F Street NE., Washington, DC 20549-1090, with reference to File No. S7-11-10. Requests for materials submitted to OMB by the Commission with regard to the collection of information should be in writing, with reference to File No. S7-11-10, and be submitted to the Securities and Exchange Commission, Office of FOIA/PA Services, 100 F Street NE., Washington, DC 20549-2736. As OMB is required to make a decision concerning the collection of information between 30 and 60 days after publication in the Federal Register, a comment to OMB is best assured of having its full effect if OMB receives it within 30 days of publication.
H. Collection of Information Is Mandatory
Each collection of information discussed above would be a mandatory collection of information.
I. Confidentiality
Rule 613 requires that the information to be collected and electronically provided to the Central Repository would only be available to the national securities exchanges, national securities association, and the Commission for the purpose of performing their respective regulatory and oversight responsibilities pursuant to the federal securities laws, rules and regulations. Further, the CAT NMS Plan is required to include policies and procedures to ensure the security and confidentiality of all information submitted to the Central Repository, and to ensure that all SROs and their employees, as well as all employees of the Central Repository, shall use appropriate safeguards to ensure the confidentiality of such data. The Commission will receive confidential information. To the extent that the Commission does receive confidential information pursuant to this collection of information, such information will be kept confidential, subject to the provisions of applicable law.
J. Recordkeeping Requirements
National securities exchanges and national securities associations would be required to retain records and information pursuant to Rule 17a-1 under the Exchange Act. Broker-dealers would be required to retain records and information in accordance with Rule 17a-4 under the Exchange Act. The Plan Processor would be required to retain the information reported to Rule 613(c)(7) and (e)(6) for a period of not less than five years.
17 CFR 240.17a-1.
17 CFR 240.17a-4.
17 CFR 242.613(c)(7) and (e)(6).
VII. Conclusion
For the reasons discussed above, the Commission finds that the CAT NMS Plan as amended is necessary or appropriate in the public interest, for the protection of investors and the maintenance of fair and orderly markets, to remove impediments to, and perfect the mechanism of, a national market system, or otherwise in furtherance of the purposes of the Act.
It is Therefore Ordered, that pursuant to Section 11A of the Act, and the rules and regulations thereunder, that the CAT NMS Plan (File No. 4-698), as modified, be and it hereby is approved and declared effective, and the Participants are authorized to act jointly to implement the CAT NMS Plan as a means of facilitating a national market system.
By the Commission.
Brent J. Fields,
Secretary.
EXHIBIT A
CAT NMS PLAN
LIMITED LIABILITY COMPANY AGREEMENT OF CAT NMS, LLC a Delaware Limited Liability Company
(As modified by the Commission; additions are italicized; deletions are [bracketed])
Table of Contents
Page
ARTICLE I DEFINITIONS
Section 1.1. Definitions
Section 1.2. Principles of Interpretation
ARTICLE II EFFECTIVENESS OF AGREEMENT; ORGANIZATION
Section 2.1. Effectiveness
Section 2.2. Formation
Section 2.3. Name
Section 2.4. Registered Office; Registered Agent; Principal Office; Other Offices
Section 2.5. Certain Filings
Section 2.6. Purposes and Powers
Section 2.7. Term
ARTICLE III PARTICIPATION
Section 3.1. Participants
Section 3.2. Company Interests Generally
Section 3.3. New Participants
Section 3.4. Transfer of Company Interest
Section 3.5. Admission of New Participants
Section 3.6. Voluntary Resignation from Participation
Section 3.7. Termination of Participation
Section 3.8. Obligations and Liability of Participants
Section 3.9. Loans
Section 3.10. No Partnership
Section 3.11. Compliance Undertaking
ARTICLE IV MANAGEMENT OF THE COMPANY
Section 4.1. Operating Committee
Section 4.2. Composition and Selection of Operating Committee; Chair
Section 4.3. Action of Operating Committee
Section 4.4. Meetings of the Operating Committee
Section 4.5. Interpretation of Other Regulations
Section 4.6. Officers of the Company
Section 4.7. Interpretation of Certain Rights and Duties of Participants, Members of the Operating Committee and Officers
Section 4.8. Exculpation and Indemnification
Section 4.9. Freedom of Action
Section 4.10. Arrangements with Participants and Members of the Operating Committee
Section 4.11. Participant Action Without a Meeting
Section 4.12. Subcommittees
Section 4.13. Advisory Committee
ARTICLE V INITIAL PLAN PROCESSOR SELECTION
Section 5.1. Selection Committee
Section 5.2. Bid Evaluation and Initial Plan Processor Selection
ARTICLE VI FUNCTIONS AND ACTIVITIES OF CAT SYSTEM
Section 6.1. Plan Processor
Section 6.2. Chief Compliance Officer and Chief Information Security Officer
Section 6.3. Data Recording and Reporting by Participants
Section 6.4. Data Reporting and Recording by Industry Members
Section 6.5. Central Repository
Section 6.6. Regular Written Assessment
Section 6.7. Implementation
Section 6.8. Timestamps and Synchronization of Business Clocks
Section 6.9. Technical Specifications
Section 6.10. Surveillance
Section 6.11. Debt Securities and Primary Market Transactions
Section 6.12. Information Security Program
ARTICLE VII CAPITAL ACCOUNTS
Section 7.1. Capital Accounts
Section 7.2. Interest
ARTICLE VIII ALLOCATIONS OF INCOME AND LOSS; DISTRIBUTIONS
Section 8.1. Periodic Allocations
Section 8.2. Special Allocations
Section 8.3. Allocations Pursuant to § 704(c) of the Code
Section 8.4. Changes in Participants' Interests
Section 8.5. Distributions
Section 8.6. Tax Status
ARTICLE IX RECORDS AND ACCOUNTING; REPORTS
Section 9.1. Books and Records
Section 9.2. Accounting
Section 9.3. Tax Returns
Section 9.4. Company Funds
Section 9.5. Tax Matters Partner
Section 9.6. Confidentiality
ARTICLE X DISSOLUTION AND TERMINATION
Section 10.1. Dissolution of Company
Section 10.2. Liquidation and Distribution
Section 10.3. Termination
ARTICLE XI FUNDING OF THE COMPANY
Section 11.1. Funding Authority
Section 11.2. Funding Principles
Section 11.3. Recovery
Section 11.4. Collection of Fees
Section 11.5. Fee Disputes
ARTICLE XII MISCELLANEOUS
Section 12.1. Notices and Addresses
Section 12.2. Governing Law; Submission to Jurisdiction
Section 12.3. Amendments
Section 12.4. Successors and Assigns
Section 12.5. Counterparts
Section 12.6. Modifications to be in Writing; Waivers
Section 12.7. Captions
Section 12.8. Validity and Severability
Section 12.9. Third Party Beneficiaries
Section 12.10. Expenses
Section 12.11. Specific Performance
Section 12.12. Waiver of Partition
Section 12.13. Construction
Section 12.14. Incorporation of Exhibits, Appendices, Attachments, Recitals and Schedules
EXHIBIT A
APPENDIX A
Consolidated Audit Trail National Market System Plan Request for Proposal, issued February 26, 2013, version 3.0 updated March 3, 2014
APPENDIX B
[Reserved]
APPENDIX C
DISCUSSION OF CONSIDERATIONS
A. Features and Details of the CAT NMS Plan
1. Reporting Data to the CAT
2. Time and Method by which CAT Data will be Available to Regulators (SEC Rule 613(a)(1)(ii))
3. The Reliability and Accuracy of the Data (SEC Rule 613(a)(1)(iii))
4. The Security and Confidentiality of the Information Reported to the Central Repository (SEC Rule 613(a)(1)(iv))
5. The Flexibility and Scalability of the CAT (SEC Rule 613(a)(1)(v))
6. The Feasibility, Benefits, and Costs for Broker-Dealers Reporting Allocations in Primary Market Transactions to the Consolidated Audit Trail (SEC Rule 613(a)(1)(vi))
B. Analysis of the CAT NMS Plan: These considerations are intended to help inform the Commission about the cost for development, implementation and maintenance of the CAT and to help determine if such plan is in the public interest.
7. Analysis of Expected Benefits and Estimated Costs for Creating, Implementing, and Maintaining the Consolidated Audit Trail (SEC Rule 613(a)(1)(vii))
8. An Analysis of the Impact on Competition, Efficiency, and Capital Formation (SEC Rule 613(a)(1)(viii))
C. Implementation and Milestones of the CAT
9. A Plan to Eliminate Existing Rules and Systems (SEC Rule 613(a)(1)(ix))
10. Objective Milestones to Assess Progress (SEC Rule 613(a)(1)(x))
D. Process Followed to Develop the NMS Plan: These considerations require the CAT NMS Plan to discuss: (i) the views of the Participants' Industry Members and other appropriate parties regarding the creation, implementation, and maintenance of the CAT; and (ii) the alternative approaches to creating, implementing, and maintaining the CAT considered and rejected by the Participants.
11. Process by Which Participants Solicited Views of Members and Other Appropriate Parties Regarding Creation, Implementation, and Maintenance of CAT; Summary of Views; and How Sponsors Took Views Into Account in Preparing NMS Plan (SEC Rule 613(a)(1)(xi))
12. Discuss Reasonable Alternative Approaches that the Participants Considered to Create, Implement, and Maintain the CAT (SEC Rule 613(a)(1)(xii))
APPENDIX D
CAT NMS Plan Processor Requirements
1. Central Repository Requirements
1.1 Technical Architecture Requirements
1.2 Technical Environments
1.3 Capacity Requirements
1.4 Data Retention Requirements
2. Data Management
2.1 Data Types and Sources
2.2 Data Feed Management
3. Reporting and Linkage Requirements
3.1 Timelines for Reporting
3.2 Other Items
3.3 Required Data Attributes for Order Records Submitted by CAT Reporters
4. Data Security
4.1 Overview
4.2 Industry Standards
5. BCP/DR Process
5.1 Overview
5.2 Industry Standards
5.3 Business Continuity Planning
5.4 Disaster Recovery Requirements
6. Data Availability
6.1 Data Processing
6.2 Data Availability Requirements
7. Receipt of Data from Reporters
7.1 Receipt of Data Transmission
7.2 Data Validation
7.3 Exception Management
7.4 Error Corrections
7.5 Data Ingestion
8. Functionality of the CAT System
8.1 Regulator Access
8.2 User-Defined Direct Queries and Bulk Extraction of Data
8.3 Identifying Latency and Communicating Latency Warnings to CAT Reporters
8.4 Technical Operations
8.5 System SLAs
9. CAT Customer and Customer Account Information
9.1 Customer and Customer Account Information Storage
9.2 Required Data Attributes for Customer Information Data Submitted by Industry Members
9.3 Customer-ID Tracking
9.4 Error Resolution for Customer Data
10. User Support
10.1 CAT Reporter Support
10.2 CAT User Support
10.3 CAT Help Desk
10.4 CAT Reporter Compliance
11. Upgrade Process and Development of New Functionality
11.1 CAT Functional Changes
11.2 CAT Infrastructure Changes
11.3 Testing of New Changes
LIMITED LIABILITY COMPANY AGREEMENT OF CAT NMS, LLC a Delaware Limited Liability Company
This Limited Liability Company Agreement (including its Recitals and the Exhibits, Appendices, Attachments, and Schedules identified herein, this “Agreement”) of CAT NMS, LLC, a Delaware limited liability company (the “Company”), dated as of the_day of___, __, is made and entered into by and among the Participants.
RECITALS
A. Prior to the formation of the Company, in response to SEC Rule 613 requiring national securities exchanges and national securities associations to submit a national market system plan to the Securities and Exchange Commission (“Commission” or “SEC”) to create, implement and maintain a consolidated audit trail, such national securities exchanges and national securities associations, pursuant to SEC Rule 608(a)(3), which authorizes them to act jointly in preparing, filing and implementing national market system plans, developed the National Market System Plan Governing the Process for Selecting a Plan Processor and Developing a Plan for the Consolidated Audit Trail (the “Selection Plan”). The Selection Plan was approved by the Commission on February 21, 2014, amended on June 17, 2015 and September 24, 2015, and, by its terms, shall automatically terminate upon the Commission's approval of this Agreement.
B. The Participants have now determined that it is advantageous and desirable to conduct in a limited liability company the activities they have heretofore conducted as parties to the Selection Plan, and have formed the Company for this purpose. This Agreement, which takes the place of the Selection Plan, is a National Market System Plan as defined in SEC Rule 600(b)(43), and serves as the National Market System Plan required by SEC Rule 613. The Participants shall jointly own the Company, which shall create, implement, and maintain the CAT and the Central Repository pursuant to SEC Rule 608 and SEC Rule 613.
C. This Agreement incorporates the exemptive relief from certain provisions of SEC Rule 613 requested in the original and supplemental request letters submitted by the Participants to the Commission, as described further in Appendix C (“Exemptive Request Letters”).
ARTICLE I
DEFINITIONS
Section 1.1. Definitions. As used throughout this Agreement (including, for the avoidance of doubt, the Exhibits, Appendices, Attachments, Recitals and Schedules identified in this Agreement):
“Account Effective Date” means: (a) with regard to those circumstances in which an Industry Member has established a trading relationship with an institution but has not established an account with that institution, (i) when the trading relationship was established prior to the implementation date of the CAT NMS Plan applicable to the relevant CAT Reporter (as set forth in Rule 613(a)(3)(v) and (vi)), either (A) the date the relationship identifier was established within the Industry Member, (B) the date when trading began (i.e., the date the first order was received) using the relevant relationship identifier, or (C) if both dates are available, the earlier date will be used to the extent that the dates differ; or (ii) when the trading relationship was established on or after the implementation date of the CAT NMS Plan applicable to the relevant CAT Reporter (as set forth in Rule 613(a)(3)(v) and (vi)), the date the Industry Member established the relationship identifier, which would be no later than the date the first order was received; (b) where an Industry Member changes back office providers or clearing firms prior to the implementation date of the CAT NMS Plan applicable to the relevant CAT Reporter (as set forth in Rule 613(a)(3)(v) and (vi)), the date an account was established at the relevant Industry Member, either directly or via transfer; (c) where an Industry Member acquires another Industry Member prior to the implementation date of the CAT NMS Plan applicable to the relevant CAT Reporter (as set forth in Rule 613(a)(3)(v) and (vi)), the date an account was established at the relevant Industry Member, either directly or via transfer; (d) where there are multiple dates associated with an account established prior to the implementation date of the CAT NMS Plan applicable to the relevant CAT Reporter (as set forth in Rule 613(a)(3)(v) and (vi)), the earliest available date; (e) with regard to Industry Member proprietary accounts established prior to the implementation date of the CAT NMS Plan applicable to the relevant CAT Reporter (as set forth in Rule 613(a)(3)(v) and (vi)), (i) the date established for the account in the Industry Member or in a system of the Industry Member or (ii) the date when proprietary trading began in the account (i.e., the date on which the first orders were submitted from the account). With regard to paragraphs (b)-(e), the Account Effective Date will be no later than the date trading occurs at the Industry Member or in the Industry Member's system.
“Active Accounts” means an account that has had activity in Eligible Securities within the last six months.
“Advisory Committee” has the meaning set forth in Section 4.13(a).
“Affiliate” of a Person means any Person controlling, controlled by, or under common control with such Person.
“Affiliated Participant” means any Participant controlling, controlled by, or under common control with another Participant.
“Agreement” has the meaning set forth in the preamble to this Agreement.
“Allocation Report” means a report made to the Central Repository by an Industry Member that identifies the Firm Designated ID for any account(s), including subaccount(s), to which executed shares are allocated and provides the security that has been allocated, the identifier of the firm reporting the allocation, the price per share of shares allocated, the side of shares allocated, the number of shares allocated to each account, and the time of the allocation; provided, for the avoidance of doubt, any such Allocation Report shall not be required to be linked to particular orders or executions.
“Bid” means a proposal submitted by a Bidder in response to the RFP or subsequent request for proposal (or similar request).
“Bidder” means any entity, or any combination of separate entities, submitting a Bid.
“Bidding Participant” means a Participant that: (a) submits a Bid; (b) is an Affiliate of an entity that submits a Bid; or (c) is included, or is an Affiliate of an entity that is included, as a Material Subcontractor as part of a Bid.
“Business Clock” means a clock used to record the date and time of any Reportable Event required to be reported under SEC Rule 613.
[“Capital Account” has the meaning set forth in Section 7.1(a).]
“CAT” means the consolidated audit trail contemplated by SEC Rule 613.
“CAT Data” means data derived from Participant Data, Industry Member Data, SIP Data, and such other data as the Operating Committee may designate as “CAT Data” from time to time.
“CAT NMS Plan” means the plan set forth in this Agreement, as amended from time to time.
“CAT-Order-ID” has the same meaning provided in SEC Rule 613(j)(1).
“CAT Reporter” means each national securities exchange, national securities association and Industry Member that is required to record and report information to the Central Repository pursuant to SEC Rule 613(c).
“CAT-Reporter-ID” has the same meaning provided in SEC Rule 613(j)(2).
“CAT System” means all data processing equipment, communications facilities, and other facilities, including equipment, utilized by the Company or any third parties acting on the Company's behalf in connection with operation of the CAT and any related information or relevant systems pursuant to this Agreement.
“Central Repository” means the repository responsible for the receipt, consolidation, and retention of all information reported to the CAT pursuant to SEC Rule 613 and this Agreement.
“Certificate” has the meaning set forth in Section 2.2.
“Chair” has the meaning set forth in Section 4.2(b).
“Chief Compliance Officer” means the individual then serving (even on a temporary basis) as the Chief Compliance Officer pursuant to Section 4.6, Section 6.1(b), and Section 6.2(a).
“Chief Information Security Officer” means the individual then serving (even on a temporary basis) as the Chief Information Security Officer pursuant to Section 4.6, Section 6.1(b), and Section 6.2(b).
“Code” means the Internal Revenue Code of 1986.
“Company” has the meaning set forth in the preamble to this Agreement.
“Company Interest” means any membership interest in the Company at any particular time, including the right to any and all benefits to which a Participant may be entitled under this Agreement and the Delaware Act, together with the obligations of such Participant to comply with this Agreement.
“Commission” or “SEC” means the United States Securities and Exchange Commission.
“Compliance Rule” means, with respect to a Participant, the rule(s) promulgated by such Participant as contemplated by Section 3.11.
“Compliance Subcommittee” has the meaning set forth in Section 4.12(b).
“Compliance Threshold” has the meaning set forth in Appendix C.
“Conflict of Interest” means that the interest of a Participant (e.g., commercial, reputational, regulatory or otherwise) in the matter that is subject to a vote: (a) interferes, or would be reasonably likely to interfere, with that Participant's objective consideration of the matter; or (b) is, or would be reasonably likely to be, inconsistent with the purpose and objectives of the Company and the CAT, taking into account all relevant considerations including whether a Participant that may otherwise have a conflict of interest has established appropriate safeguards to eliminate such conflict of interest and taking into account the other guiding principles set forth in this Agreement. If a Participant has a “Conflict of Interest” in a particular matter, then each of its Affiliated Participants shall be deemed to have a “Conflict of Interest” in such matter. A “Conflict of Interest” with respect to a Participant includes the situations set forth in Sections 4.3(b)(iv), 4.3(d)(i) and 4.3(d)(ii).
“Customer” has the same meaning provided in SEC Rule 613(j)(3).
“Customer Account Information” shall include, but not be limited to, account number, account type, customer type, date account opened, and large trader identifier (if applicable); except, however, that (a) in those circumstances in which an Industry Member has established a trading relationship with an institution but has not established an account with that institution, the Industry Member will (i) provide the Account Effective Date in lieu of the “date account opened”; (ii) provide the relationship identifier in lieu of the “account number”; and (iii) identify the “account type” as a “relationship”; (b) in those circumstances in which the relevant account was established prior to the implementation date of the CAT NMS Plan applicable to the relevant CAT Reporter (as set forth in Rule 613(a)(3)(v) and (vi)), and no “date account opened” is available for the account, the Industry Member will provide the Account Effective Date in the following circumstances: (i) where an Industry Member changes back office providers or clearing firms and the date account opened is changed to the date the account was opened on the new back office/clearing firm system; (ii) where an Industry Member acquires another Industry Member and the date account opened is changed to the date the account was opened on the post-merger back office/clearing firm system; (iii) where there are multiple dates associated with an account in an Industry Member's system, and the parameters of each date are determined by the individual Industry Member; and (iv) where the relevant account is an Industry Member proprietary account.
“Customer-ID” has the same meaning provided in SEC Rule 613(j)(5).
“Customer Identifying Information” means information of sufficient detail to identify a Customer, including, but not limited to, (a) with respect to individuals: name, address, date of birth, individual tax payer identification number (“ITIN”)/social security number (“SSN”), individual's role in the account (e.g. , primary holder, joint holder, guardian, trustee, person with the power of attorney); and (b) with respect to legal entities: name, address, Employer Identification Number (“EIN”)/Legal Entity Identifier (“LEI”) or other comparable common entity identifier, if applicable; provided, however , that an Industry Member that has an LEI for a Customer must submit the Customer's LEI in addition to other information of sufficient detail to identify a Customer.
“Delaware Act” means the Delaware Limited Liability Company Act.
“Disclosing Party” has the meaning set forth in Section 9.6(a).
“Effective Date” means the date of approval of this Agreement by the Commission.
“Eligible Security” includes (a) all NMS Securities and (b) all OTC Equity Securities.
“Error Rate” has the meaning provided in SEC Rule 613(j)(6).
“Exchange Act” means the Securities Exchange Act of 1934.
“Execution Venue” means a Participant or an alternative trading system (“ATS”) (as defined in Rule 300 of Regulation ATS) that operates pursuant to Rule 301 of Regulation ATS (excluding any such ATS that does not execute orders).
“Exemptive Request Letters” has the meaning set forth in Recital C.
“FINRA” means Financial Industry Regulatory Authority, Inc.
“Firm Designated ID” means a unique identifier for each trading account designated by Industry Members for purposes of providing data to the Central Repository, where each such identifier is unique among all identifiers from any given Industry Member for each business date.
“Fiscal Year” means the fiscal year of the Company determined pursuant to Section 9.2(a).
“FS-ISAC” has the meaning set forth in Section 6.2(b)(vi).
“GAAP” means United States generally accepted accounting principles.
“Independent Auditor” has the meaning set forth in Section 6.2(a)(v)(B).
“Industry Member” means a member of a national securities exchange or a member of a national securities association.
“Industry Member Data” has the meaning set forth in Section 6.4(d)(ii).
“Information” has the meaning set forth in Section 9.6(a).
“Initial Plan Processor” means the first Plan Processor selected by the Operating Committee in accordance with SEC Rule 613, Section 6.1 and the Selection Plan.
“Last Sale Report” means any last sale report reported pursuant to the Plan for Reporting of Consolidated Options Last Sale Reports and Quotation Information filed with the SEC pursuant to, and meeting the requirements of, SEC Rule 608.
“Latency” means the delay between input into a system and the outcome based upon that input. In computer networks, latency refers to the delay between a source system sending a packet or message, and the destination system receiving such packet or message.
“Listed Option” or “Option” have the meaning set forth in Rule 600(b)(35) of Regulation NMS.
“Majority Vote” means the affirmative vote of at least a majority of all of the members of the Operating Committee or any Subcommittee, as applicable, authorized to cast a vote with respect to a matter presented for a vote (whether or not such a member is present at any meeting at which a vote is taken) by the Operating Committee or any Subcommittee, as applicable (excluding, for the avoidance of doubt, any member of the Operating Committee or any Subcommittee, as applicable, that is recused or subject to a vote to recuse from such matter pursuant to Section 4.3(d)).
“Manual Order Event” means a non-electronic communication of order-related information for which CAT Reporters must record and report the time of the event.
“Material Amendment” has the meaning set forth in Section 6.9(c).
“Material Contract” means any: (a) contract between the Company and the Plan Processor; (b) contract between the Company and any Officer; (c) contract, or group of related contracts, resulting in a total cost or liability to the Company of more than $900,000; (d) contract between the Company, on the one hand, and a Participant or an Affiliate of a Participant, on the other; (e) contract containing other than reasonable arms-length terms; (f) contract imposing, or purporting to impose, non-customary restrictions (including non-competition, non-solicitation or confidentiality (other than customary confidentiality agreements entered into in the ordinary course of business that do not restrict, or purport to restrict, any Participant or any Affiliate of any Participant)) or obligations (including indemnity, most-favored nation requirements, exclusivity, or guaranteed minimum purchase commitments) on the Company or any Participant or any Affiliate of a Participant; (g) contract containing terms that would reasonably be expected to unduly interfere with or negatively impact the ability of the Company, any Participant or any Affiliate of any Participant to perform its regulatory functions (including disciplinary matters), to carry out its responsibilities under the Exchange Act or to perform its obligations under this Agreement; (h) contract providing for a term longer than twelve (12) months or the termination of which would reasonably be expected to materially and adversely affect the Company, any Participant or any Affiliate of a Participant; (i) contract for indebtedness, the disposition or acquisition of assets or equity, or the lease or license of assets or properties; or (j) joint venture or similar contract for cost or profit sharing.
“Material Subcontractor” means any entity that is known to the Participant to be included as part of a Bid as a vendor, subcontractor, service provider, or in any other similar capacity and, excluding products or services offered by the Participant to one or more Bidders on terms subject to a fee filing approved by the SEC: (a) is anticipated to derive 5% or more of its annual revenue in any given year from services provided in such capacity; or (b) accounts for 5% or more of the total estimated annual cost of the Bid for any given year. An entity shall not be considered a “Material Subcontractor” solely due to the entity providing services associated with any of the entity's regulatory functions as a self-regulatory organization registered with the SEC.
“Material Systems Change” means any change or update to the CAT System made by the Plan Processor which will cause a significant change to the functionality of the Central Repository.
“Material Terms of the Order” includes: the NMS Security or OTC Equity Security symbol; security type; price (if applicable); size (displayed and non-displayed); side (buy/sell); order type; if a sell order, whether the order is long, short, short exempt; open/close indicator (except on transactions in equities); time in force (if applicable); if the order is for a Listed Option, option type (put/call), option symbol or root symbol, underlying symbol, strike price, expiration date, and open/close (except on market maker quotations); and any special handling instructions.
“National Best Bid” and “National Best Offer” have the same meaning provided in SEC Rule 600(b)(42).
“NMS Plan” has the same meaning as “National Market System Plan” provided in SEC Rule 613(a)(1) and SEC Rule 600(b)(43).
“NMS Security” means any security or class of securities for which transaction reports are collected, processed, and made available pursuant to an effective transaction reporting plan, or an effective national market system plan for reporting transactions in Listed Options.
“Non-SRO Bid” means a Bid that does not include a Bidding Participant.
“Officer” means an officer of the Company, in his or her capacity as such, as set forth in Section 4.6.
“Operating Committee” means the governing body of the Company designated as such and described in Article IV.
“Options Exchange” means a registered national securities exchange or automated trading facility of a registered securities association that trades Listed Options.
“Options Market Maker” means a broker-dealer registered with an exchange for the purpose of making markets in options contracts traded on the exchange.
“Order” or “order” has, with respect to Eligible Securities, the meaning set forth in SEC Rule 613(j)(8).
“OTC Equity Security” means any equity security, other than an NMS Security, subject to prompt last sale reporting rules of a registered national securities association and reported to one of such association's equity trade reporting facilities.
“Other SLAs” has the meaning set forth in Section 6.1(h).
“Participant” means each Person identified as such on Exhibit A hereto, and any Person that becomes a Participant as permitted by this Agreement, in such Person's capacity as a Participant in the Company (it being understood that the Participants shall comprise the “members” of the Company (as the term “member” is defined in Section 18-101(11) of the Delaware Act)).
“Participant Data” has the meaning set forth in Section 6.3(d).
“Participation Fee” has the meaning set forth in Section 3.3(a).
“Payment Date” has the meaning set forth in Section 3.7(b).
“Permitted Legal Basis” means the Participant has become exempt from, or otherwise has ceased to be subject to, SEC Rule 613 or has arranged to comply with SEC Rule 613 in some manner other than through participation in this Agreement, in each instance subject to the approval of the Commission.
“Permitted Person” has the meaning set forth in Section 4.9.
“Permitted Transferee” has the meaning set forth in Section 3.4(c).
“Person” means any individual, partnership, limited liability company, corporation, joint venture, trust, business trust, cooperative or association and any heirs, executors, administrators, legal representatives, successors and assigns of such Person where the context so permits.
“PII” means personally identifiable information, including a social security number or tax identifier number or similar information ; Customer Identifying Information and Customer Account Information.
“Plan Processor” means the Initial Plan Processor or any other Person selected by the Operating Committee pursuant to SEC Rule 613 and Sections 4.3(b)(i) and 6.1, and with regard to the Initial Plan Processor, the Selection Plan, to perform the CAT processing functions required by SEC Rule 613 and set forth in this Agreement.
“Pledge” and any grammatical variation thereof means, with respect to an interest, asset, or right, any pledge, security interest, hypothecation, deed of trust, lien or other similar encumbrance granted with respect to the affected interest, asset or right to secure payment or performance of an obligation.
“Primary Market Transaction” means any transaction other than a secondary market transaction and refers to any transaction where a Person purchases securities in an offering.
“Prime Rate” means the prime rate published in The Wall Street Journal (or any successor publication) on the last day of each month (or, if not a publication day, the prime rate last published prior to such last day).
“Proceeding” has the meaning set forth in Section 4.8(b).
“Qualified Bid” means a Bid that is deemed by the Selection Committee to include sufficient information regarding the Bidder's ability to provide the necessary capabilities to create, implement, and maintain the CAT so that such Bid can be effectively evaluated by the Selection Committee. When evaluating whether a Bid is a Qualified Bid, each member of the Selection Committee shall consider whether the Bid adequately addresses the evaluation factors set forth in the RFP, and apply such weighting and priority to the factors as such member of the Selection Committee deems appropriate in his or her professional judgment. The determination of whether a Bid is a Qualified Bid shall be determined pursuant to the process set forth in Section 5.2.
“Qualified Bidder” means a Bidder that has submitted a Qualified Bid.
“Quotation Information” means all bids (as defined under SEC Rule 600(b)(8)), offers (as defined under SEC Rule 600(b)(8)), all bids and offers of OTC Equity Securities, displayed quotation sizes in Eligible Securities, market center identifiers (including, in the case of FINRA, the FINRA member that is registered as a market maker or electronic communications network or otherwise utilizes the facilities of FINRA pursuant to applicable FINRA rules, that entered the quotation), withdrawals and other information pertaining to quotations in Eligible Securities required to be reported to the Plan Processor pursuant to this Agreement and SEC Rule 613.
“Raw Data” means Participant Data and Industry Member Data that has not been through any validation or otherwise checked by the CAT System.
“Received Industry Member Data” has the meaning set forth in Section 6.4(d)(ii).
“Receiving Party” has the meaning set forth in Section 9.6(a).
“Recorded Industry Member Data” has the meaning set forth in Section 6.4(d)(i).
“Registered Person” means any member, principal, executive, registered representative, or other person registered or required to be registered under a Participant's rules.
“Reportable Event” includes, but is not limited to, the original receipt or origination, modification, cancellation, routing, execution (in whole or in part) and allocation of an order, and receipt of a routed order.
“Representatives” has the meaning set forth in Section 9.6(a).
“RFP” means the “Consolidated Audit Trail National Market System Plan Request for Proposal” published by the Participants on February 26, 2013 attached as Appendix A, as amended from time to time.
“Securities Information Processor” or “SIP” has the same meaning provided in Section 3(a)(22)(A) of the Exchange Act.
“Selection Committee” means the committee formed pursuant to Section 5.1.
“Selection Plan” has the meaning set forth in Recital A.
“Shortlisted Bid” means a Bid submitted by a Qualified Bidder and selected as a Shortlisted Bid by the Selection Committee pursuant to Section 5.2(b) and, if applicable, pursuant to Section 5.2(c)(iii).
“Shortlisted Bidder” means a Qualified Bidder that has submitted a Bid selected as a Shortlisted Bid.
“SIP Data” has the meaning set forth in Section 6.5(a)(ii).
“SLA” has the meaning set forth in Section 6.1(h).
“Small Industry Member” means an Industry Member that qualifies as a small broker-dealer as defined in SEC Rule 613.
“SRO” means any self-regulatory organization within the meaning of Section 3(a)(26) of the Exchange Act.
“SRO-Assigned Market Participant Identifier” means an identifier assigned to an Industry Member by an SRO or an identifier used by a Participant.
“Subcommittee” has the meaning set forth in Section 4.12(a).
“Supermajority Vote” means the affirmative vote of at least two-thirds of all of the members of the Operating Committee or any Subcommittee, as applicable, authorized to cast a vote with respect to a matter presented for a vote (whether or not such a member is present at any meeting at which a vote is taken) by the Operating Committee or any Subcommittee, as applicable (excluding, for the avoidance of doubt, any member of the Operating Committee or any Subcommittee, as applicable, that is recused or subject to a vote to recuse from such matter pursuant to Section 4.3(d)); provided that if two-thirds of all of such members authorized to cast a vote is not a whole number then that number shall be rounded up to the nearest whole number.
“Tax Matters Partner” has the meaning set forth in Section 9.5(a).
“Transfer” and any grammatical variation thereof means any sale, exchange, issuance, redemption, assignment, distribution or other transfer, disposition or alienation in any way (whether voluntarily, involuntarily or by operation of law). Transfer shall specifically include any: (a) assignment or distribution resulting from bankruptcy, liquidation, or dissolution; or (b) Pledge.
“Technical Specifications” has the meaning set forth in Section 6.9(a).
“Trading Day” shall have such meaning as is determined by the Operating Committee. For the avoidance of doubt, the Operating Committee may establish different Trading Days for NMS Stocks (as defined in SEC Rule 600(b)(47), Listed Options, OTC Equity Securities, and any other securities that are included as Eligible Securities from time to time.
“Voting Senior Officer” has the meaning set forth in Section 5.1(a).
Section 1.2. Principles of Interpretation. In this Agreement (including, for the avoidance of doubt, the Exhibits, Appendices, Attachments, Recitals and Schedules identified in this Agreement), unless the context otherwise requires:
(a) words denoting the singular include the plural and vice versa;
(b) words denoting a gender include all genders;
(c) all exhibits, appendices, attachments, recitals, and schedules to the document in which the reference thereto is contained shall, unless the context otherwise requires, constitute an integral part of such document for all purposes;
(d) a reference to a particular clause, section, article, exhibit, appendix, attachment, recital, or schedule shall be a reference to a clause, section or article of, or an exhibit, appendix, attachment, recital, or schedule to, this Agreement;
(e) a reference to any statute, regulation, amendment, ordinance or law includes all statutes, regulations, proclamations, amendments or laws varying, consolidating or replacing the same from time to time, and a reference to a statute includes all regulations, policies, protocols, codes, proclamations, interpretations and ordinances issued or otherwise applicable under that statute unless, in any such case, otherwise expressly provided in any such statute or in the document in which the reference is contained;
(f) a reference to a “SEC Rule” refers to the correspondingly numbered Rule promulgated under the Exchange Act;
(g) a definition of or reference to any document, instrument or agreement includes an amendment or supplement to, or restatement, replacement, modification or novation of, any such document, instrument or agreement unless otherwise specified in such definition or in the context in which such reference is used;
(h) a reference to any Person includes such Person's permitted successors and assigns in that designated capacity;
(i) a reference to “$”, “Dollars” or “US $” refers to currency of the United States of America;
(j) unless otherwise expressly provided in this Agreement, wherever the consent of any Person is required or permitted herein, such consent may be withheld in such Person's sole and absolute discretion;
(k) words such as “hereunder”, “hereto”, “hereof” and “herein” and other words of similar import shall refer to the whole of the applicable document and not to any particular article, section, subsection or clause thereof; and
(l) a reference to “including” (and grammatical variations thereof) means “including without limitation” (and grammatical variations thereof).
ARTICLE II
EFFECTIVENESS OF AGREEMENT; ORGANIZATION
Section 2.1. Effectiveness. This Agreement shall become effective upon approval by the Commission and execution by all Participants identified on Exhibit A and shall continue until terminated. Notwithstanding any provision in this Agreement to the contrary and without the consent of any Person being required, the Company's execution, delivery and performance of this Agreement are hereby authorized, approved and ratified in all respects.
Section 2.2. Formation. The Company was formed as a limited liability company under the Delaware Act by filing a certificate of formation (the “Certificate”) with the Delaware Secretary of State.
Section 2.3. Name. The name of the Company is “CAT NMS, LLC.” The name of the Company may be changed at any time or from time to time with the approval of the Operating Committee. All Company business shall be conducted in that name or such other names that comply with applicable law as the Operating Committee may select from time to time.
Section 2.4. Registered Office; Registered Agent; Principal Office; Other Offices. The registered office of the Company required by the Delaware Act to be maintained in the State of Delaware shall be the office of the initial registered agent named in the Certificate or such other office (which need not be a place of business of the Company) as the Operating Committee may designate from time to time in the manner provided by law. The registered agent of the Company in the State of Delaware shall be the initial registered agent named in the Certificate or such other Person or Persons as the Operating Committee may designate from time to time in the manner provided by law. The principal office of the Company shall be at such place as the Operating Committee may designate from time to time, which need not be in the State of Delaware. The Company may have such other offices as the Operating Committee may designate from time to time.
Section 2.5. Certain Filings. The Company shall cause to be filed such certificates and documents as may be necessary or appropriate to comply with the Delaware Act and any other applicable requirements for the organization, continuation and operation of a limited liability company in accordance with the laws of the State of Delaware and any other jurisdiction in which the Company shall conduct business, and shall continue to do so for so long as the Company conducts business therein. Each member of the Operating Committee is hereby designated as an “authorized person” within the meaning of the Delaware Act.
Section 2.6. Purposes and Powers. The Company may engage in: (a) the creation, implementation, and maintenance of the CAT pursuant to SEC Rule 608 and SEC Rule 613; and (b) any other business or activity that now or hereafter may be necessary, incidental, proper, advisable or convenient to accomplish the foregoing purpose and that is not prohibited by the Delaware Act, the Exchange Act or other applicable law and is consistent with tax exempt status under Section 501(c)(6) of the Code. The Company shall have and may exercise all of the powers and rights conferred upon limited liability companies formed pursuant to the Delaware Act.
Section 2.7. Term. The term of the Company commenced on the date the Certificate was filed with the office of the Secretary of State of Delaware, and shall be perpetual unless dissolved as provided in this Agreement.
ARTICLE III
PARTICIPATION
Section 3.1. Participants. The name and address of each Participant are set forth on Exhibit A. New Participants may only be admitted to the Company in accordance with Section 3.5. No Participant shall have the right or power to resign or withdraw from the Company, except: (a) upon a Transfer of record ownership of all of such Participant's Company Interest in compliance with, and subject to, the provisions of Section 3.4; or (b) as permitted by Section 3.6. No Participant may be expelled or required to resign or withdraw from the Company except upon a Transfer of record ownership of all of such Participant's Company Interest in compliance with, and subject to, the provisions of Section 3.4, or as provided by Section 3.7(a)(ii) or Section 3.7(a)(iii).
Section 3.2. Company Interests Generally.
(a) All Company Interests shall have the same rights, powers, preferences and privileges, and shall be subject to the same restrictions, qualifications and limitations. Additional Company Interests may be issued only as permitted by Section 3.3.
(b) Without limiting Section 3.2(a), each Participant shall be entitled to[: (i)] one vote on any matter presented to the Participants for their consideration at any meeting of the Participants (or by written action of the Participants in lieu of a meeting)[; and (ii) participate equally in any distribution made by the Company (other than a distribution made pursuant to Section 10.2, which shall be distributed as provided therein)].
(c) Company Interests shall not be evidenced by certificates.
(d) Each Participant shall have an equal Company Interest as each other Participant.
Section 3.3. New Participants.
(a) Any Person approved by the Commission as a national securities exchange or national securities association under the Exchange Act after the Effective Date may become a Participant by submitting to the Company a completed application in the form provided by the Company. As a condition to admission as a Participant, said Person shall: (i) execute a counterpart of this Agreement, at which time Exhibit A shall be amended to reflect the status of said Person as a Participant (including said Person's address for purposes of notices delivered pursuant to this Agreement); and (ii) pay a fee to the Company in an amount determined by a Majority Vote of the Operating Committee as fairly and reasonably compensating the Company and the Participants for costs incurred in creating, implementing, and maintaining the CAT, including such costs incurred in evaluating and selecting the Initial Plan Processor and any subsequent Plan Processor and for costs the Company incurs in providing for the prospective Participant's participation in the Company, including after consideration of the factors identified in Section 3.3(b) (the “Participation Fee”). The amendment to this Agreement reflecting the admission of a new Participant shall be effective only when: (x) it is approved by the Commission in accordance with SEC Rule 608 or otherwise becomes effective pursuant to SEC Rule 608; and (y) the prospective Participant pays the Participation Fee. Neither a prospective Participant nor any Affiliate of such prospective Participant that is already a Participant shall vote on the determination of the amount of the Participation Fee to be paid by such prospective Participant. Participation Fees paid to the Company shall be added to the general revenues of the Company[ and shall be allocated as provided in Article VIII].
(b) In determining the amount of the Participation Fee to be paid by any prospective Participant, the Operating Committee shall consider the following factors:
(i) the portion of costs previously paid by the Company for the development, expansion and maintenance of the CAT which, under GAAP, would have been treated as capital expenditures and would have been amortized over the five (5) years preceding the admission of the prospective Participant;
(ii) an assessment of costs incurred and to be incurred by the Company for modifying the CAT or any part thereof to accommodate the prospective Participant, which are not otherwise required to be paid or reimbursed by the prospective Participant;
(iii) Participation Fees paid by other Participants admitted as such after the Effective Date;
(iv) elapsed time from the Effective Date to the anticipated date of admittance of the prospective Participant; and
(v) such other reasonable, equitable and not unfairly discriminatory factors, if any, as may be determined to be appropriate by the Operating Committee and approved by the Commission.
In the event the Company (following the vote of the Operating Committee contemplated by Section 3.3(a)) and a prospective Participant do not agree on the amount of the Participation Fee, such amount shall be subject to review by the Commission pursuant to Rule 608 [§ 11A(b)(5)] of the Exchange Act.
(c) An applicant for participation in the Company may apply for limited access to the CAT System for planning and testing purposes pending its admission as a Participant by submitting to the Company a completed Application for Limited Access to the CAT System in a form provided by the Company, accompanied by payment of a deposit in the amount established by the Company, which shall be applied or refunded as described in such application. To be eligible to apply for such limited access, the applicant must have been approved by the SEC as a national securities exchange or national securities association under the Exchange Act but the applicant has not yet become a Participant, or the SEC must have published such applicant's Form 1 application or Form X-15AA-1 application to become a national securities exchange or a national securities association, respectively.
Section 3.4. Transfer of Company Interest.
(a) No Participant may Transfer any Company Interest except in compliance with this Section 3.4. Any Transfer or attempted Transfer in contravention of the foregoing sentence or any other provision of this Agreement shall be null and void ab initio and ineffective to Transfer any Company Interest and shall not bind or be recognized by or on the books of the Company, and any transferee in such transaction shall not, to the maximum extent permitted by applicable law, be or be treated as or deemed to be a Participant (or an assignee within the meaning of § 18-702 of the Delaware Act) for any purpose.
(b) No Participant may Transfer any Company Interest except to a national securities exchange or national securities association that succeeds to the business of such Participant as a result of a merger or consolidation with such Participant or the Transfer of all or substantially all of the assets or equity of such Participant.
(c) Notwithstanding anything to the contrary contained in this Agreement, no Participant may Transfer any Company Interest to any transferee as permitted by Section 3.4(b) (a “Permitted Transferee”) unless: (i) such Permitted Transferee executes a counterpart of this Agreement, at which time Exhibit A shall be amended to reflect the status of said Permitted Transferee as a Participant (including said Permitted Transferee's address for purposes of notices delivered pursuant to this Agreement); and (ii) the amendment to this Agreement reflecting the Transfer of a Company Interest to a Permitted Transferee is approved by the Commission in accordance with SEC Rule 608 or otherwise becomes effective pursuant to SEC Rule 608. Subject to compliance with this Section 3.4, such amendment and such Transfer shall be effective only when it is approved by the SEC in accordance with SEC Rule 608 or otherwise becomes effective pursuant to SEC Rule 608, as applicable.
(d) The Company shall not be required to recognize any Transfer of any Company Interest until the instrument conveying such Company Interest, in form and substance satisfactory to the Company, has been delivered to the Company at its principal office for recordation on the books of the Company and the transferring Participant or Permitted Transferee has paid all costs and expenses of the Company in connection with such Transfer. The Company shall be entitled to treat the record owner of any Company Interest as the absolute owner thereof in all respects, and neither the Company nor any Participant shall incur liability for distributions of cash or other property made in good faith to such owner until such time as the instrument conveying such Company Interest, in form and substance satisfactory to the Company, has been received and accepted by the Company and recorded on the books of the Company.
(e) Notwithstanding anything to the contrary contained in this Agreement, without prior approval thereof by the Operating Committee, no Transfer of any Company Interest shall be made if the Company is advised by its counsel that such Transfer: (i) may not be effected without registration under the Securities Act of 1933; (ii) would result in the violation of any applicable state securities laws; (iii) would require the Company to register as an investment company under the Investment Company Act of 1940 or modify the exemption from such registration upon which the Company has chosen to rely; or (iv) would require the Company to register as an investment adviser under state or federal securities laws[; or (v) if the Company is taxed as a partnership for U.S. federal income tax purposes, (A) would result in a termination of the Company under § 708 of the Code, or (B) would result in the treatment of the Company as an association taxable as a corporation or as a “publicly-traded limited partnership” for tax purposes].
Section 3.5. Admission of New Participants. Any Person acquiring a Company Interest pursuant to Section 3.3, or any Permitted Transferee acquiring a Participant's Company Interest pursuant to Section 3.4, shall, unless such acquiring Permitted Transferee is a Participant as of immediately prior to such acquisition, be deemed to have been admitted to the Company as a Participant, automatically and with no further action being necessary by the Operating Committee, the Participants or any other Person, by virtue of, and upon the consummation of, such acquisition of a Company Interest and compliance with Section 3.3 or Section 3.4, as applicable.
Section 3.6. Voluntary Resignation from Participation. Any Participant may voluntarily resign from the Company, and thereby withdraw from and terminate its right to any Company Interest, only if (a) a Permitted Legal Basis for such action exists and (b) such Participant provides to the Company and each other Participant no less than thirty (30) days prior to the effective date of such action written notice specifying such Permitted Legal Basis, including appropriate documentation evidencing the existence of such Permitted Legal Basis, and, to the extent applicable, evidence reasonably satisfactory to the Company and other Participants that any orders or approvals required from the Commission in connection with such action have been obtained. A validly withdrawing Participant shall have the rights and obligations provided in Section 3.7.
Section 3.7. Termination of Participation.
(a) The participation in the Company of a Participant, and its right to any Company Interest, shall terminate as of the earliest of: (i) the effective date specified in a valid notice delivered pursuant to Section 3.6 (which date, for the avoidance of doubt, shall be no earlier than the date that is thirty (30) days after the delivery of such notice); (ii) such time as such Participant is no longer registered as a national securities exchange or national securities association; or (iii) the date of termination pursuant to Section 3.7(b).
(b) Each Participant shall pay all fees or other amounts required to be paid under this Agreement within thirty (30) days after receipt of an invoice or other notice indicating payment is due (unless a longer payment period is otherwise indicated) (the “Payment Date”). [If a Participant fails to make such a required payment by the Payment Date, any balance in the Participant's Capital Account shall be applied to the outstanding balance. If a balance still remains with respect to any such required payment, the] The Participant shall pay interest on the outstanding balance from the Payment Date until such fee or amount is paid at a per annum rate equal to the lesser of: (i) the Prime Rate plus 300 basis points; or (ii) the maximum rate permitted by applicable law. If any such remaining outstanding balance is not paid within thirty (30) days after the Payment Date, the Participants shall file an amendment to this Agreement requesting the termination of the participation in the Company of such Participant, and its right to any Company Interest, with the SEC. Such amendment shall be effective only when it is approved by the SEC in accordance with SEC Rule 608 or otherwise becomes effective pursuant to SEC Rule 608.
(c) In the event a Participant becomes subject to one or more of the events of bankruptcy enumerated in § 18-304 of the Delaware Act, that event by itself shall not cause the termination of the participation in the Company of the Participant so long as the Participant continues to be registered as a national securities exchange or national securities association. [From and after the effective date of termination of a Participant's participation in the Company, profits and losses of the Company shall cease to be allocated to the Capital Account of the Participant in accordance with Article VIII below.] A terminated Participant shall [be entitled to receive the balance in its Capital Account as of the effective date of termination adjusted for profits and losses through that date, payable within ninety (90) days of the effective date of termination, and shall] remain liable for its proportionate share of costs and expenses allocated to it [pursuant to Article VIII] for the period during which it was a Participant, for obligations under Section 3.8(c), for its indemnification obligations pursuant to Section 4.1, and for obligations under Section 9.6, but it shall have no other obligations under this Agreement following the effective date of termination. This Agreement shall be amended to reflect any termination of participation in the Company of a Participant pursuant to this Section 3.7; provided that such amendment shall be effective only when it is approved by the Commission in accordance with SEC Rule 608 or otherwise becomes effective pursuant to SEC Rule 608.
Section 3.8. Obligations and Liability of Participants.
(a) Except as may be determined by the unanimous vote of all the Participants or as may be required by applicable law, no Participant shall be obligated to contribute capital or make loans to the Company[, and the opening balance in the Capital Account of each Participant that is established in accordance with Section 7.1(a) shall be zero]. No Participant shall have the right to withdraw or to be repaid any capital contributed by it or to receive any other payment in respect of any Company Interest, including as a result of the withdrawal or resignation of such Participant from the Company, except as specifically provided in this Agreement.
(b) Except as provided in this Agreement and except as otherwise required by applicable law, no Participant shall have any personal liability whatsoever in its capacity as a Participant, whether to the Company, to any Participant or any Affiliate of any Participant, to the creditors of the Company or to any other Person, for the debts, liabilities, commitments or any other obligations of the Company or for any losses of the Company. Without limiting the foregoing, the failure of the Company to observe any formalities or requirements relating to exercise of its powers or management of its business or affairs under this Agreement or the Delaware Act shall not be grounds for imposing personal liability on any Participant or any Affiliate of a Participant for any liability of the Company.
(c) In accordance with the Delaware Act, a member of a limited liability company may, under certain circumstances, be required to return amounts previously distributed to such member. It is the intent of the Participants that no distribution to any Participant [pursuant to Article VIII] shall be deemed a return of money or other property paid or distributed in violation of the Delaware Act. The payment of any such money or distribution of any such property to a Participant shall be deemed to be a compromise within the meaning of the Delaware Act, and the Participant receiving any such money or property shall not be required to return any such money or property to any Person. However, if any court of competent jurisdiction holds that, notwithstanding the provisions of this Agreement, any Participant is obligated to make any such payment, such obligation shall be the obligation of such Participant and not of the Operating Committee, the Company or any other Participant.
[(d) A negative balance in a Participant's Capital Account, in and of itself, shall not require such Participant to make any payment to the Company or any other Participant.]
Section 3.9. Loans. If the Company requires additional funds to carry out its purposes, to conduct its business, to meet its obligations, or to make any expenditure authorized by this Agreement, the Company may borrow funds from such one or more of the Participants, or from such third party lender(s), and on such terms and conditions, as may be approved by a Supermajority Vote of the Operating Committee.
Section 3.10. No Partnership. The Company is not intended to be a general partnership, limited partnership or joint venture for any purpose, and no Participant shall be considered to be a partner or joint venturer of any other Participant, for any purpose, and this Agreement shall not be construed to suggest otherwise.
Section 3.11. Compliance Undertaking. Each Participant shall comply with and enforce compliance, as required by SEC Rule 608(c), by its Industry Members with the provisions of SEC Rule 613 and of this Agreement, as applicable, to the Participant and its Industry Members. The Participants shall endeavor to promulgate consistent rules (after taking into account circumstances and considerations that may impact Participants differently) requiring compliance by their respective Industry Members with the provisions of SEC Rule 613 and this Agreement.
ARTICLE IV
MANAGEMENT OF THE COMPANY
Section 4.1. Operating Committee. Except for situations in which the approval of the Participants is required by this Agreement or by non-waivable provisions of applicable law, the Company shall be managed by the Operating Committee, which shall have general charge and supervision of the business of the Company and shall be constituted as provided in Section 4.2. The Operating Committee: (a) acting collectively in accordance with this Agreement, shall be the sole “manager” of the Company within the meaning of § 18-101(10) of the Delaware Act (and no individual member of the Operating Committee shall (i) be a “manager” of the Company within the meaning of Section 18-101(10) of the Delaware Act or (ii) have any right, power or authority to act for or on behalf of the Company, to do any act that would be binding on the Company, or to incur any expenditures on behalf of the Company); (b) shall have the right, power and authority to exercise all of the powers of the Company except as otherwise provided by applicable law or this Agreement; and (c) except as otherwise expressly provided herein, shall make all decisions and authorize or otherwise approve all actions taken or to be taken by the Company. Decisions or actions relating to the Company that are made or approved by the Operating Committee, or by any Subcommittee within the scope of authority granted to such Subcommittee in accordance with this Agreement (or, with respect to matters requiring a vote, approval, consent or other action of the Participants hereunder or pursuant to non-waivable provisions of applicable law, by the Participants) in accordance with this Agreement shall constitute decisions or actions by the Company and shall be binding on the Company and each Participant. Except to the extent otherwise expressly provided to the contrary in this Agreement, no Participant shall have authority to act for, or to assume any obligation or responsibility on behalf of, the Company, without the prior approval of the Operating Committee, and each Participant shall indemnify and hold harmless the Company and each other Participant for any breach of the provisions of this sentence by such breaching Participant. Without limiting the generality of the foregoing, except as otherwise expressly provided in this Agreement, the Operating Committee shall make all policy decisions on behalf of the Company in furtherance of the functions and objectives of the Company under the Exchange Act, any rules thereunder, including SEC Rule 613, and under this Agreement. Notwithstanding anything to the contrary, the Operating Committee may delegate all or part of its administrative functions under this Agreement, but not its policy making (except to the extent determinations are delegated as specifically set forth in this Agreement) authority, to one or more Subcommittees, and any other Person. A Person to which administrative functions are so delegated shall perform the same as agent for the Company, in the name of the Company. Each Person who performs administrative functions on behalf of the Company (including the Plan Processor) shall be required to: (i) agree to be bound by the confidentiality obligations in Section 9.6(a) as a “Receiving Party”; and (ii) agree that any nonpublic business information pertaining to any Participant or any Affiliate of such Participant that becomes known to such Person shall be held in confidence and not shared with the other Participants or any other Person, except for information that may be shared in connection with joint activities permitted under this Agreement.
Section 4.2. Composition and Selection of Operating Committee; Chair.
(a) The Operating Committee shall consist of one voting member representing each Participant and one alternate voting member representing each Participant who shall have a right to vote only in the absence of that Participant's voting member of the Operating Committee. Each of the voting and alternate voting members of the Operating Committee shall be appointed by the Participant that he or she represents, shall serve at the will of the Participant appointing such member and shall be subject to the confidentiality obligations of the Participant that he or she represents as set forth in Section 9.6. One individual may serve as the voting member of the Operating Committee for multiple Affiliated Participants, and such individual shall have the right to vote on behalf of each such Affiliated Participant.
(b) No later than the date the CAT System commences operations, the Operating Committee shall elect, by Majority Vote, one member thereof to act as the initial chair of the Operating Committee (the “Chair”). Such initial Chair, and each successor thereto, shall serve in such capacity for a two (2)-year term or until the earliest of his death, resignation or removal in accordance with the provisions of this Agreement. The Operating Committee shall elect, from the members thereof, a successor to the then serving Chair (which successor, subject to the last sentence of this Section 4.2(b), may be the Person then serving in such capacity) no later than three (3) months prior to the expiration of the then current term of the Person then serving as Chair. The Operating Committee, by Supermajority Vote, may remove the Chair from such position. In the case of any death, removal, resignation, or other vacancy of the Chair, a successor Chair shall be promptly elected by the Operating Committee, by Majority Vote, from among the members thereof who shall serve until the end of the then current term. The Chair shall preside at all meetings of the Operating Committee, shall designate a Person to act as Secretary to record the minutes of each such meeting, and shall perform such other duties and possess such other powers as the Operating Committee may from time to time prescribe. The Chair shall not be entitled to a tie-breaking vote at any meeting of the Operating Committee. Notwithstanding anything in this Agreement to the contrary: (i) no Person shall serve as Chair for more than two successive full terms; and (ii) no Person then appointed to the Operating Committee by a Participant that then serves, or whose Affiliate then serves, as the Plan Processor shall be eligible to serve as the Chair.
Section 4.3. Action of Operating Committee.
(a) Except as otherwise provided herein, each of the members of the Operating Committee, including the Chair, shall be authorized to cast one (1) vote for each Participant that he or she represents on all matters voted upon by the Operating Committee, and action of the Operating Committee shall be authorized by Majority Vote, subject to the approval of the SEC whenever such approval is required under applicable provisions of the Exchange Act and the rules of the SEC adopted thereunder. Action of the Operating Committee authorized in accordance with this Agreement shall be without prejudice to the rights of any Participant to present contrary views to any regulatory body or in any other appropriate forum. Without limiting the generality of the foregoing, the Company shall not take any of the following actions unless the Operating Committee, by Majority Vote, authorizes such action:
(i) select the Chair pursuant to Section 4.2(b);
(ii) select the members of the Advisory Committee pursuant to Section 4.13;
(iii) interpret this Agreement (unless otherwise noted herein);
(iv) approve any recommendation by the Chief Compliance Officer pursuant to Section 6.2(a)(v)(A);
(v) determine to hold an Executive Session of the Operating Committee pursuant to Section 4.4(a);
(vi) determine the appropriate funding-related policies, procedures and practices consistent with Article XI; or
(vii) any other matter specified elsewhere in this Agreement (which includes, as stated in the definition of “Agreement,” the Appendices to this Agreement) as requiring a vote, approval or other action of the Operating Committee (other than those matters expressly requiring a Supermajority Vote or a different vote of the Operating Committee).
(b) Notwithstanding Section 4.3(a) or anything else to the contrary in this Agreement, the Company shall not take any of the following actions unless such action shall have been authorized by the Supermajority Vote of the Operating Committee, subject to the approval of the SEC whenever such approval is required under applicable provisions of the Exchange Act and the rules of the SEC adopted thereunder:
(i) select a Plan Processor, other than the Initial Plan Processor selected in accordance with Article V;
(ii) terminate a Plan Processor without cause in accordance with Section 6.1(q);
(iii) approve the Plan Processor's appointment or removal of the Chief Information Security Officer, the Chief Compliance Officer, or any Independent Auditor in accordance with Section 6.1(b);
(iv) enter into, modify or terminate any Material Contract (if the Material Contract is with a Participant or an Affiliate of a Participant, such Participant and Affiliated Participant shall be recused from any vote under this Section 4.3(b)(iv));
(v) make any Material Systems Change;
(vi) approve the initial Technical Specifications pursuant to Section 6.9 or any Material Amendment to the Technical Specifications proposed by the Plan Processor in accordance with Section 6.9;
(vii) amend the Technical Specifications on its own motion; or
(viii) any other matter specified elsewhere in this Agreement (which includes, as stated in the definition of “Agreement,” the Appendices to this Agreement) as requiring a vote, approval or other action of the Operating Committee by a Supermajority Vote.
(c) Any action required or permitted to be taken at any meeting of the Operating Committee or any Subcommittee may be taken without a meeting, if all of the members of the Operating Committee or Subcommittee, as the case may be, then serving consent to the action in writing or by electronic transmission. Such written consents and hard copies of the electronic transmissions shall be filed with the minutes of proceedings of the Operating Committee or Subcommittee, as applicable.
(d) If a member of the Operating Committee or any Subcommittee determines that voting on a matter under consideration by the Operating Committee or such Subcommittee raises a Conflict of Interest, such member shall recuse himself or herself from voting on such matter. If the members of the Operating Committee or any Subcommittee (excluding the member thereof proposed to be recused) determine by Supermajority Vote that any member voting on a matter under consideration by the Operating Committee or such Subcommittee raises a Conflict of Interest, such member shall be recused from voting on such matter. No member of the Operating Committee or any Subcommittee shall be automatically recused from voting on any matter, except as provided in Section 4.3(b)(iv) or as otherwise specified elsewhere in this Agreement, and except as provided below:
(i) if a Participant is a Bidding Participant whose Bid remains under consideration, members appointed to the Operating Committee or any Subcommittee by such Participant or any of its Affiliated Participants shall be recused from any vote concerning: (A) whether another Bidder may revise its Bid; (B) the selection of a Bidder; or (C) any contract to which such Participant or any of its Affiliates would be a party in its capacity as Plan Processor; and
(ii) if a Participant is (A) then serving as Plan Processor, (B) is an Affiliate of the Person then serving as Plan Processor, or (C) is an Affiliate of an entity that is a Material Subcontractor to the Plan Processor, then in each case members appointed to the Operating Committee or any Subcommittee by such Participant or any of its Affiliated Participants shall be recused from any vote concerning: (1) the proposed removal of such Plan Processor; or (2) any contract between the Company and such Plan Processor.
Section 4.4. Meetings of the Operating Committee.
(a) Meetings of the Operating Committee may be attended by each Participant's voting Representative and its alternate voting Representative and by a maximum of two (2) nonvoting Representatives of each Participant, by members of the Advisory Committee, by the Chief Compliance Officer, by other Representatives of the Company and the Plan Processor, by Representatives of the SEC, and by such other Persons that the Operating Committee may invite to attend; provided that the Operating Committee may, where appropriate, determine to meet in an Executive Session, during which only voting members of the Operating Committee and Representatives of the SEC shall be present; provided, that the Operating Committee may invite other Representatives of the Participants, of the Company, of the Plan Processor (including the Chief Compliance Officer and the Chief Information Security Officer), [or the SEC,] or such other Persons that the Operating Committee may invite to attend, to be present during an Executive Session. Any determination of the Operating Committee to meet in an Executive Session shall be made upon a Majority Vote and shall be reflected in the minutes of the meeting. Regular meetings of the Operating Committee shall be held not less than once each calendar quarter at such times as shall from time to time be determined by the Operating Committee, on not less than ten (10) days' notice. Special meetings of the Operating Committee may be called upon the request of two or more Participants on not less than two (2) days' notice; provided that each Participant, collectively with all of such Participant's Affiliated Participants, shall be deemed a single Participant for purposes of this sentence. Emergency meetings of the Operating Committee may be called upon the request of two (2) or more Participants and may occur as soon as practical after calling for such meeting; provided that each Participant, collectively with all of such Participant's Affiliated Participants, shall be deemed a single Participant for purposes of this sentence. In the case of an emergency meeting of the Operating Committee, in addition to those Persons otherwise entitled to attend such meeting: (i) each Participant shall have the right to designate a reasonable number of its employees or other Representatives with substantial knowledge or expertise relevant to the subject matter of such meeting to attend such meeting; and (ii) each Participant shall use commercially reasonable efforts to designate an employee or other Representative of such Participant with substantial knowledge or expertise relevant to the subject matter of such meeting to attend such meeting; provided, for the avoidance of doubt, that no Person attending any such meeting solely by virtue of this sentence shall have the right to vote on any matter submitted for a vote at any such meeting. The Chair, or in his or her absence, a member of the Operating Committee designated by the Chair or by members of the Operating Committee in attendance, shall preside at each meeting of the Operating Committee, and a Person in attendance designated by the Chair (or the member of the Operating Committee presiding in the Chair's absence) shall act as Secretary to record the minutes thereof. The location of the regular and special meetings of the Operating Committee shall be fixed by the Operating Committee, provided that in general the location of meetings shall be rotated among the locations of the principal offices of the Participants. Members of the Operating Committee may be present at a meeting by conference telephone or other electronic means that enables each of them to hear and be heard by all others present at the meeting. Whenever notice of any meeting of the Operating Committee is required to be given by law or this Agreement, a written waiver, signed by the Person entitled to notice, or a waiver by electronic transmission by the Person entitled to notice, whether before, at or after the time stated in such notice, shall be deemed equivalent to notice. Attendance at a meeting of the Operating Committee by a member thereof shall constitute a waiver of notice of such meeting, except when such member of the Operating Committee attends any such meeting for the express purpose of objecting, at the beginning of the meeting, to the transaction of any business because the meeting is not lawfully called or convened.
(b) Any Person that is not a Participant, but for which the SEC has published a Form 1 Application or Form X-15AA-1 Application to become a national securities exchange or a national securities association, respectively, shall be permitted to appoint one primary Representative and one alternate Representative to attend regularly scheduled Operating Committee meetings in the capacity of a non-voting observer but shall not be permitted to have any Representative attend a special meeting, emergency meeting or meeting held in Executive Session of the Operating Committee. If such Person's Form 1 Application or Form X-15AA-1 Application is withdrawn or returned for any reason, then such Person shall no longer be eligible to be represented in regularly scheduled Operating Committee meetings. The Operating Committee shall have the discretion, in limited instances, to deviate from this policy if it determines, by Majority Vote, that circumstances so warrant ; provided, however, that the exercise of such discretion is reasonable and does not impose any unnecessary or inappropriate burden on competition.
Section 4.5. Interpretation of Other Regulations. Interpretive questions arising during the operation or maintenance of the Central Repository with respect to applicable laws, rules or regulations shall be presented to the Operating Committee, which shall determine whether to seek interpretive guidance from the SEC or other appropriate regulatory body and, if so, in what form.
Section 4.6. Officers of the Company.
(a) Each of the Chief Compliance Officer and the Chief Information Security Officer (each of whom shall be employed solely by the Plan Processor and neither of whom shall be deemed or construed in any way to be an employee of the Company) shall be an Officer with the same respective title, as applicable, as the Chief Compliance Officer of the Company and the Chief Information Security Officer of the Company. Neither such Officer shall receive or be entitled to any compensation from the Company or any Participant by virtue of his or her service in such capacity (other than, if a Participant is then serving as the Plan Processor, compensation paid to such Officer as an employee of such Participant). Each such Officer shall report directly to the Operating Committee. The Chief Compliance Officer shall work on a regular and frequent basis with the Compliance Subcommittee and/or other Subcommittees as may be determined by the Operating Committee. Except to the extent otherwise provided herein, including Section 6.2, each such Officer shall have such fiduciary and other duties with regard to the Plan Processor as imposed by the Plan Processor on such individual by virtue of his or her employment by the Plan Processor. Notwithstanding the foregoing, the Company shall require the Plan Processor, in a written agreement with the Company, to acknowledge that the Officers of the Company owe fiduciary duties to the Company (set forth in Section 4.7(c) of this Agreement), and that, to the extent that the duties owed to the Company by the Officers of the Company, including the Chief Compliance Officer or Chief Information Security Officer, conflict with any duties owed to the Plan Processor, the duties to the Company will control.
(b) The Plan Processor shall inform the Operating Committee of the individual who has direct management responsibility for the Plan Processor's performance of its obligations with respect to the CAT. Subject to approval by the Operating Committee of such individual, the Operating Committee shall appoint such individual as an Officer. In addition, the Operating Committee by Supermajority Vote may appoint other Officers as it shall from time to time deem necessary, and may assign any title to any such Officer as it deems appropriate. Any Officer appointed pursuant to this Section 4.6(b) shall have only such duties and responsibilities as set forth in this Agreement or as the Operating Committee shall from time to time expressly determine, but no such Officer shall have any authority to bind the Company (which authority is vested solely in the Operating Committee) or be an employee of the Company, unless in each case the Operating Committee, by Supermajority Vote, expressly determines otherwise. No person subject to a “statutory disqualification” (as defined in Section 3(a)(39) of the Exchange Act) may serve as an Officer. It is the intent of the Participants that the Company have no employees.
Section 4.7. Interpretation of Certain Rights and Duties of Participants, Members of the Operating Committee and Officers. To the fullest extent permitted by the Delaware Act and other applicable law:
(a) the respective obligations of the Participants, Officers, and the members of the Operating Committee, to each other and to the Company are limited to the express obligations set forth in this Agreement;
(b) the Participants hereby expressly acknowledge and agree that each member of the Operating Committee, individually, is serving hereunder solely as, and shall act in all respects hereunder solely as, an agent of the Participant appointing such member of the Operating Committee;
(c) no Participant[, Officer,] or member of the Operating Committee, in such Person's capacity as such, shall have any fiduciary or similar duties or obligations to the Company or any other Participant[, Officer,] or member of the Operating Committee, whether express or implied by the Delaware Act or any other law, in each case subject only to the implied contractual covenant of good faith and fair dealing, and each Participant[, Officer,] and the Company, to the fullest extent permitted by applicable law, waives any claim or cause of action against any Participant[, Officer,] or member of the Operating Committee that might otherwise arise in respect of any such fiduciary duty or similar duty or obligation; provided, however, that the provisions of this Section 4.7(c) shall have no effect on the terms of any relationship, agreement or arrangement between any member of the Operating Committee and the Participant appointing such member of the Operating Committee or between any Participant (other than solely in its capacity as a Participant) and the Company such as a contract between such Participant and the Company pursuant to which such Participant serves as the Plan Processor[ or between an Officer and the Plan Processor]. Each Officer shall have the same fiduciary duties and obligations to the Company as a comparable officer of a Delaware corporation and in all cases shall conduct the business of the Company and execute his or her duties and obligations in good faith and in the manner that the Officer reasonably believes to be in the best interests of the Company;
(d) subject to Section 4.7(c), each Participant and each member of the Operating Committee may, with respect to any vote, consent or approval that such Person is entitled to grant or withhold pursuant to this Agreement, grant or withhold such vote, consent or approval in its sole and absolute discretion, with or without cause; and
(e) for the avoidance of doubt, no Participant shall be entitled to appraisal or dissenter rights for any reason with respect to any Company Interest.
Section 4.8. Exculpation and Indemnification.
(a) Except for the indemnification obligations of Participants under Section 4.1, no Participant or member of the Operating Committee shall be liable to the Company or to any Participant for any loss suffered by the Company or by any other Participant unless such loss is caused by: (i) the fraud, gross negligence, willful misconduct or willful violation of law on the part of such Participant or member of the Operating Committee; or (ii) in the case of a Participant, a material breach of this Agreement by such Participant. The provisions of this Section 4.8(a) shall have no effect on the terms of any relationship, agreement or arrangement between any member of the Operating Committee and the Participant appointing such member to the Operating Committee or between any Participant (other than solely in its capacity as a Participant) and the Company such as a contract between such Participant and the Company pursuant to which such Participant serves as the Plan Processor.
(b) Subject to the limitations and conditions as provided in this Section 4.8(b), the Company shall indemnify any Participant and any member of the Operating Committee (and may, upon approval of the Operating Committee, indemnify any employee or agent of the Company) who was or is made a party or is threatened to be made a party to or is involved in any threatened, pending or completed action, suit or proceeding, whether civil, criminal, administrative, arbitrative (hereinafter a “Proceeding”), or any appeal in such a Proceeding or any inquiry or investigation that could lead to such a Proceeding, by reason of the fact that such Person is or was a Participant, a member of the Operating Committee or any Subcommittee, or an employee or agent of the Company against judgments, penalties (including excise and similar taxes and punitive damages), fines, settlements and reasonable expenses (including attorneys' fees) actually incurred by such Person in connection with such Proceeding, if and only if the Person seeking indemnification is entitled to exculpation pursuant to Section 4.8(a). Indemnification under this Section 4.8(b) shall continue as to a Person who has ceased to serve in the capacity which initially entitled such Person to indemnification hereunder. As a condition precedent to an indemnified Person's right to be indemnified pursuant to this Section 4.8(b), such indemnified Person must notify the Company in writing as soon as practicable of any Proceeding for which such indemnified Person will or could seek indemnification. With respect to any Proceeding of which the Company is so notified, the Company shall be entitled to participate therein at its own expense and/or to assume the defense thereof at its own expense, with legal counsel reasonably acceptable to the indemnified Person. If the Company does not assume the defense of any such Proceeding of which the Company receives notice under this Section 4.8(b), reasonable expenses incurred by an indemnified Person in connection with any such Proceeding shall be paid or reimbursed by the Company in advance of the final disposition of such Proceeding upon receipt by the Company of: (i) written affirmation by the indemnified Person of such Person's good faith belief that such Person has met the standard of conduct necessary for such Person to be entitled to indemnification by the Company (which, in the case of a Person other than a Participant or a member of the Operating Committee, shall be, unless otherwise determined by the Operating Committee, that (A) such Person determined, in good faith, that such conduct was in, or was not opposed to, the best interests of the Company and (B) such conduct did not constitute gross negligence or willful misconduct); and (ii) a written undertaking by such Person to repay such expenses if it shall ultimately be determined by a court of competent jurisdiction that such Person has not met such standard of conduct or is otherwise not entitled to indemnification by the Company. The Company shall not indemnify an indemnified Person to the extent such Person is reimbursed from the proceeds of insurance, and in the event the Company makes any indemnification payments to an indemnified Person and such Person is subsequently reimbursed from the proceeds of insurance, such Person shall promptly refund such indemnification payments to the Company to the extent of such insurance reimbursement. The rights granted pursuant to this Section 4.8(b) shall be deemed contract rights, and no amendment, modification or repeal of this Section 4.8(b) shall have the effect of limiting or denying any such rights with respect to actions taken or Proceedings arising prior to any amendment, modification or repeal. It is expressly acknowledged that the indemnification provided in this Section 4.8(b) could involve indemnification for negligence or under theories of strict liability. For Persons other than Participants or members of the Operating Committee, indemnification shall only be made upon the approval of the Operating Committee. Notwithstanding anything to the contrary in this Section 4.8 or elsewhere in this Agreement, no Person shall be indemnified hereunder for any losses, liabilities or expenses arising from or out of a violation of federal or state securities laws or any other intentional or criminal wrongdoing. Any indemnification under this Section 4.8 shall be paid from, and only to the extent of, Company assets, and no Participant shall have any personal liability on account thereof in the absence of a separate written agreement to the contrary.
Section 4.9. Freedom of Action. Each Participant and such Participant's Affiliates, and their respective Representatives (individually, “Permitted Person” and collectively, the “Permitted Persons”) may have other business interests and may engage in any business or trade, profession, employment, or activity whatsoever (regardless of whether any such activity competes, directly or indirectly, with the Company's business or activities), for its own account, or in partnership with, or as a Representative of, any other Person. No Permitted Person (other than, if a Participant is then serving as the Plan Processor, any Officer then employed by the Plan Processor) shall be required to devote its entire time (business or otherwise), or any particular portion of its time (business or otherwise) to the business of the Company. Neither the Company nor any Participant nor any Affiliate thereof, by virtue of this Agreement, shall have any rights in and to any such independent venture or the income or profits derived therefrom, regardless of whether or not such venture was initially presented to a Permitted Person as a direct or indirect result of such Permitted Person's relationship with the Company. No Permitted Person shall have any obligation hereunder to present any business opportunity to the Company, even if the opportunity is one that the Company might reasonably have pursued or had the ability or desire to pursue, in each case, if granted the opportunity to do so, and no Permitted Person shall be liable to the Company or any Participant (or any Affiliate thereof) for breach of any fiduciary or other duty relating to the Company (whether imposed by applicable law or otherwise), by reason of the fact that the Permitted Person pursues or acquires such business opportunity, directs such business opportunity to another Person or fails to present such business opportunity, or information regarding such business opportunity, to the Company. Each Participant and the Company, to the fullest extent permitted by applicable law, waives any claim or cause of action against any Permitted Person for breach of any fiduciary duty or other duty (contractual or otherwise) by reason of the fact that the Permitted Person pursues or acquires any opportunity for itself, directs such opportunity to another Person, or does not present such opportunity to the Company. This Section 4.9 shall have no effect on the terms of any relationship, agreement or arrangement between any Participant (other than solely in its capacity as a Participant) and the Company such as a contract between such Participant and the Company pursuant to which such Participant serves as the Plan Processor.
Section 4.10. Arrangements with Participants and Members of the Operating Committee. Subject to the terms of this Agreement, including Section 4.3(b)(iv) and Section 4.3(d), and any limitations imposed on the Company and the Participants under applicable law, rules, or regulations, the Company may engage in business with, or enter into one or more agreements, leases, contracts or other arrangements for the furnishing to or by it of goods, services, technology or space with, any Participant, any member of the Operating Committee or any Affiliate of any Participant or member of the Operating Committee, and may pay compensation in connection with such business, goods, services, technology or space.
Section 4.11. Participant Action Without a Meeting. Any action required or permitted to be taken by Participants pursuant to this Agreement (including pursuant to any provision of this Agreement that requires the consent or approval of Participants) may be taken without a meeting, by unanimous consent in writing, setting forth the action so taken, which consent shall be signed by all Participants entitled to consent.
Section 4.12. Subcommittees.
(a) The Operating Committee may, by Majority Vote, designate by resolution one (1) or more subcommittees (each, a “Subcommittee”) it deems necessary or desirable in furtherance of the management of the business and affairs of the Company. For any Subcommittee, any member of the Operating Committee who wants to serve thereon may so serve, and if Affiliated Participants have collectively appointed one member to the Operating Committee to represent them, then such Affiliated Participants may have only that member serve on the Subcommittee or may decide not to have only that collectively appointed member serve on the Subcommittee. Such member may designate an individual other than himself or herself who is also an employee of the Participant or Affiliated Participants that appointed such member to serve on a Subcommittee in lieu of the particular member. Any Subcommittee, to the extent provided in the resolution of the Operating Committee designating it and subject to Section 4.1 and non-waivable provisions of the Delaware Act, shall have and may exercise all the powers and authority of the Operating Committee in the management of the business and affairs of the Company as so specified in the resolution of the Operating Committee. Each Subcommittee shall keep minutes and make such reports as the Operating Committee may from time to time request. Except as the Operating Committee may otherwise determine, any Subcommittee may make rules for the conduct of its business, but unless otherwise provided by the Operating Committee or in such rules, its business shall be conducted as nearly as possible in the same manner as is provided in this Agreement for the Operating Committee.
(b) The Operating Committee shall maintain a compliance Subcommittee (the “Compliance Subcommittee”). The Compliance Subcommittee's purpose shall be to aid the Chief Compliance Officer (who shall directly report to the Operating Committee in accordance with Section 6.2(a)(iii)) as necessary, including with respect to issues involving:
(i) the maintenance of the confidentiality of information submitted to the Plan Processor or Central Repository pursuant to SEC Rule 613, applicable law, or this Agreement by Participants and Industry Members;
(ii) the timeliness, accuracy, and completeness of information submitted pursuant to SEC Rule 613, applicable law, or this Agreement by Participants and Industry Members; and
(iii) the manner in and extent to which each Participant is meeting its obligations under SEC Rule 613, Section 3.11, and as set fofth elsewhere in this Agreement and ensuring the consistency of this Agreement's enforcement as to al Participants.
Section 4.13. Advisory Committee.
(a) An advisory committee to the Company (the “Advisory Committee”) shall be formed and shall function in accordance with SEC Rule 613(b)(7) and this Section 4.13.
(b) No member of the Advisory Committee may be employed by or affiliated with any Participant or any of its Affiliates or facilities. A Representative of the SEC [The SEC's Chief Technology Officer (or the individual then currently employed in a comparable position providing equivalent services)] shall serve as an observer of the Advisory Committee (but shall not be a member thereof). The Operating Committee shall select one (1) member to serve on the Advisory Committee from representatives of each category identified in Sections 4.13(b)(i) through 4.13(b)(xii) to serve on the Advisory Committee on behalf of himself or herself individually and not on behalf of the entity for which the individual is then currently employed; provided that the members so selected pursuant to Sections 4.13(b)(i) through 4.13(b)(xii) must include, in the aggregate, representatives of no fewer than three (3) broker-dealers that are active in the options business and representatives of no fewer than three (3) broker-dealers that are active in the equities business; and provided further that upon a change in employment of any such member so selected pursuant to Sections 4.13(b)(i) through 4.13(b)(xii) a Majority Vote of the Operating Committee shall be required for such member to be eligible to continue to serve on the Advisory Committee:
(i) a broker-dealer with no more than 150 Registered Persons;
(ii) a broker-dealer with at least 151 and no more than 499 Registered Persons;
(iii) a broker-dealer with 500 or more Registered Persons;
(iv) a broker-dealer with a substantial wholesale customer base;
(v) a broker-dealer that is approved by a national securities exchange (A) to effect transactions on an exchange as a specialist, market maker, or floor broker; or (B) to act as an institutional broker on an exchange;
(vi) a proprietary-trading broker-dealer;
(vii) a clearing firm;
(viii) an individual who maintains a securities account with a registered broker or dealer but who otherwise has no material business relationship with a broker or dealer or with a Participant;
(ix) a member of academia who is a financial economist [with expertise in the securities industry or any other industry relevant to the operation of the CAT System];
(x) [an ]three institutional investor s, including an individual trading on behalf of an investment company or group of investment companies registered pursuant to the Investment Company Act of 1940[trading on behalf of a public entity or entities];
(xi) [an institutional investor trading on behalf of a private entity or entities; and
(xii) ]an individual with significant and reputable regulatory expertise ; and[.]
(xii) a service bureau that provides reporting services to one or more CAT Reporters.
(c) Four of the [twelve] fourteen initial members of the Advisory Committee, as determined by the Operating Committee, shall have an initial term of one (1) year. [Four]Five of the [twelve] fourteen initial members of the Advisory Committee, as determined by the Operating Committee, shall have an initial term of two (2) years. All other members of the Advisory Committee shall have a term of three (3) years. No member of the Advisory Committee may serve thereon for more than two consecutive terms.
(d) The Advisory Committee shall advise the Participants on the implementation, operation, and administration of the Central Repository, including possible expansion of the Central Repository to other securities and other types of transactions. Members of the Advisory Committee shall have the right to attend meetings of the Operating Committee or any Subcommittee, to receive information concerning the operation of the Central Repository (subject to Section 4.13(e)), and to submit their views to the Operating Committee or any Subcommittee on matters pursuant to this Agreement prior to a decision by the Operating Committee on such matters; provided that members of the Advisory Committee shall have no right to vote on any matter considered by the Operating Committee or any Subcommittee and that the Operating Committee or any Subcommittee may meet in Executive Session if, by Majority Vote, the Operating Committee or Subcommittee determines that such an Executive Session is advisable. The Advisory Committee may provide the Operating Committee with recommendations of one or more candidates for the Operating Committee to consider when selecting members of the Advisory Committee pursuant to Section 4.3(a)(ii); provided, however, that the Operating Committee, at its sole discretion, will select the members of the Advisory Committee pursuant to Section 4.3(a)(ii) from the candidates recommended to the Operating Committee by the Advisory Committee, the Operating Committee itself, Participants or other persons. The Operating Committee may solicit and consider views on the operation of the Central Repository in addition to those of the Advisory Committee.
(e) Members of the Advisory Committee shall [have the right to] receive the same information concerning the operation of the Central Repository as the Operating Committee; provided, however, that the Operating Committee may withhold information it reasonably determines requires confidential treatment. [; provided that the Operating Committee retains the authority to determine the scope and content of information supplied to the Advisory Committee, which shall be limited to that information that is necessary and appropriate for the Advisory Committee to fulfill its functions.] Any information received by members of the Advisory Committee in furtherance of the performance of their functions pursuant to this Agreement shall remain confidential unless otherwise specified by the Operating Committee.
ARTICLE V
INITIAL PLAN PROCESSOR SELECTION
Section 5.1. Selection Committee. The Participants shall establish a Selection Committee in accordance with this Article V to evaluate and review Bids and select the Initial Plan Processor.
(a) Composition. Each Participant shall select from its staff one (1) senior officer (“Voting Senior Officer”) to represent the Participant as a member of the Selection Committee. In the case of Affiliated Participants, one (1) individual may be (but is not required to be) the Voting Senior Officer for more than one or all of the Affiliated Participants. Where one (1) individual serves as the Voting Senior Officer for more than one Affiliated Participant, such individual shall have the right to vote on behalf of each such Affiliated Participant.
(b) Voting.
(i) Unless recused pursuant to Sections 5.1(b)(ii), 5.1(b)(iii), or 5.1(b)(iv), each Participant shall have one vote on all matters considered by the Selection Committee.
(ii) No Bidding Participant shall vote on whether a Shortlisted Bidder shall be permitted to revise its Bid pursuant to Section 5.2(c)(ii) or 5.2(d)(i) below if a Bid submitted by or including the Participant or an Affiliate of the Participant is a Shortlisted Bid.
(iii) No Bidding Participant shall vote in the process narrowing the set of Shortlisted Bidders as set forth in Section 5.2(c)(iii) if a Bid submitted by or including the Participant or an Affiliate of the Participant is a Shortlisted Bid.
(iv) No Bidding Participant shall vote in any round if a Bid submitted by or including the Participant or an Affiliate of the Participant is a part of such round.
(v) All votes by the Selection Committee shall be confidential and non-public. All such votes shall be tabulated by an independent third party approved by the Operating Committee, and a Participant's individual votes shall not be disclosed to other Participants or to the public.
(c) Quorum.
(i) Any action requiring a vote by the Selection Committee can only be taken at a meeting in which all Participants entitled to vote are present. Meetings of the Selection Committee shall be held as needed at such times and locations as shall from time to time be determined by the Selection Committee. Meetings may be held by conference telephone or other acceptable electronic means if all Participants entitled to vote consent thereto in writing or by other means the Selection Committee deems acceptable.
(ii) For purposes of establishing a quorum, a Participant is considered present at a meeting only if the Participant's Voting Senior Officer is either in physical attendance at the meeting or is participating by conference telephone or other acceptable electronic means.
(iii) Any Participant recused from voting on a particular action pursuant to Section 5.1(b) above shall not be considered “entitled to vote” for purposes of establishing whether a quorum is present for a vote to be taken on that action.
(d) Qualifications for Voting Senior Officer of Bidding Participants. The following criteria must be met before a Voting Senior Officer is eligible to represent a Bidding Participant and serve on the Selection Committee:
(i) the Voting Senior Officer is not responsible for the Bidding Participant's market operations, and is responsible primarily for the Bidding Participant's legal and/or regulatory functions, including functions related to the formulation and implementation of the Bidding Participant's legal and/or regulatory program;
(ii) the Bidding Participant has established functional separation of its legal and/or regulatory functions from its market operations and other business or commercial objectives;
(iii) the Voting Senior Officer ultimately reports (including through the Bidding Participant's CEO or Chief Legal Officer/General Counsel) to an independent governing body that determines or oversees the Voting Senior Officer's compensation, and the Voting Senior Officer does not receive any compensation (other than what is determined or overseen by the independent governing body) that is based on achieving business or commercial objectives;
(iv) the Voting Senior Officer does not have responsibility for any non-regulatory functions of the Bidding Participant, other than the legal aspects of the organization performed by the Chief Legal Officer/General Counsel or the Office of the General Counsel;
(v) the ultimate decision making of the Voting Senior Officer position is tied to the regulatory effectiveness of the Bidding Participant, as opposed to other business or commercial objectives;
(vi) promotion or termination of the Voting Senior Officer is not based on achieving business or commercial objectives;
(vii) the Voting Senior Officer has no decision-making authority with respect to the development or formulation of the Bid submitted by or including the Participant or an Affiliate of the Participant; however, the staff assigned to developing and formulating such Bid may consult with the Voting Senior Officer, provided such staff members cannot share information concerning the Bid with the Voting Senior Officer;
(viii) the Voting Senior Officer does not report to any senior officers responsible for the development or formulation of the Bid submitted by or including the Participant or by an Affiliate of the Participant; however, joint reporting to the Bidding Participant's CEO or similar executive officer by the Voting Senior Officer and senior staff developing and formulating such Bid is permissible, but the Bidding Participant's CEO or similar executive officer cannot share information concerning such Bid with the Voting Senior Officer;
(ix) the compensation of the Voting Senior Officer is not separately tied to income earned if the Bid submitted by or including the Participant or an Affiliate of the Participant is selected; and
(x) the Voting Senior Officer, any staff advising the Voting Senior Officer, and any similar executive officer or member of an independent governing body to which the Voting Senior Officer reports may not disclose to any Person any non-public information gained during the review of Bids, presentation by Qualified Bidders, and selection process. Staff advising the Voting Senior Officer during the Bid review, presentation, and selection process may not include the staff, contractors, or subcontractors that are developing or formulating the Bid submitted by or including a Participant or an Affiliate of the Participant.
Section 5.2. Bid Evaluation and Initial Plan Processor Selection.
(a) Initial Bid Review to Determine Qualified Bids.
(i) The Selection Committee shall review all Bids in accordance with the process developed by the Selection Committee.
(ii) After review, the Selection Committee shall vote on each Bid to determine whether such Bid is a Qualified Bid. A Bid that is deemed unqualified by at least a two-thirds (2/3rds) vote of the Selection Committee shall not be deemed a Qualified Bid and shall be eliminated individually from further consideration.
(b) Selection of Shortlisted Bids.
(i) Each Qualified Bidder shall be given the opportunity to present its Bid to the Selection Committee. Following the presentations by Qualified Bidders, the Selection Committee shall review and evaluate the Qualified Bids to select the Shortlisted Bids in accordance with the process in this Section 5.1(b).
(ii) If there are six (6) or fewer Qualified Bids, all such Qualified Bids shall be Shortlisted Bids.
(iii) If there are more than six (6) Qualified Bids but fewer than eleven (11) Qualified Bids, the Selection Committee shall select five (5) Qualified Bids as Shortlisted Bids, subject to the requirement in Section 5.2(d) below. Each Voting Senior Officer shall select a first, second, third, fourth, and fifth choice from among the Qualified Bids.
(A) A weighted score shall be assigned to each choice as follows:
(1) First choice receives five (5) points;
(2) Second choice receives four (4) points;
(3) Third choice receives three (3) points;
(4) Fourth choice receives two (2) points; and
(5) Fifth choice receives one (1) point.
(B) The five (5) Qualified Bids receiving the highest cumulative scores shall be Shortlisted Bids.
(C) In the event of a tie to select the five Shortlisted Bids, all such tied Qualified Bids shall be Shortlisted Bids.
(D) To the extent there are Non-SRO Bids that are Qualified Bids, the Shortlisted Bids selected pursuant to this Section 5.2(b)(iii) must, if possible, include at least two Non-SRO Bids. If, following the vote set forth in this Section 5.2(b)(iii), no Non-SRO Bid was selected as a Shortlisted Bid, the two Non-SRO Bids receiving the highest cumulative votes (or one Non-SRO Bid if a single Non-SRO Bid is a Qualified Bid) shall be added as Shortlisted Bids. If one Non-SRO Bid was selected as a Shortlisted Bid, the Non-SRO Bid receiving the next highest cumulative vote shall be added as a Shortlisted Bid.
(iv) If there are eleven (11) or more Qualified Bids, the Selection Committee shall select fifty percent (50%) of the Qualified Bids as Shortlisted Bids, subject to the requirement in Section 5.2(d) below. If there is an odd number of Qualified Bids, the number of Shortlisted Bids chosen shall be rounded up to the next whole number (e.g., if there are thirteen Qualified Bids, then seven Shortlisted Bids shall be selected). Each Voting Senior Officer shall select as many choices as Shortlisted Bids to be chosen.
(A) A weighted score shall be assigned to each choice in single point increments as follows:
(1) Last receives one (1) point;
(2) Next-to-last choice receives two (2) points;
(3) Second-from-last choice receives three (3) points;
(4) Third-from-last choice receives four (4) points;
(5) Fourth-from-last choice receives five (5) points; and
(6) Fifth-from-last choice receives six (6) points.
For each additional Shortlisted Bid that must be chosen, the points assigned shall increase in single point increments.
(B) The fifty percent (50%) of Qualified Bids (or, if there is an odd number of Qualified Bids, the next whole number above fifty percent (50%) of Qualified Bids) receiving the highest cumulative scores shall be Shortlisted Bids.
(C) In the event of a tie to select the Shortlisted Bids, all such tied Qualified Bids shall be Shortlisted Bids.
(D) To the extent there are Non-SRO Bids that are Qualified Bids, the Shortlisted Bids selected pursuant to this Section 5.2(b)(iv) must, if possible, include at least two Non-SRO Bids. If, following the vote set forth in this Section 5.2(b)(iv), no Non-SRO Bid was selected as a Shortlisted Bid, the two Non-SRO Bids receiving the highest cumulative votes (or one Non-SRO Bid if a single Non-SRO Bid is a Qualified Bid) shall be added as Shortlisted Bids. If one Non-SRO Bid was selected as a Shortlisted Bid, the Non-SRO Bid receiving the next highest cumulative vote shall be added as a Shortlisted Bid.
(c) Formulation of the CAT NMS Plan.
(i) The Selection Committee shall review the Shortlisted Bids to identify optimal proposed solutions for the CAT and provide descriptions of such proposed solutions for inclusion in this Agreement. This process may, but is not required to, include iterative discussions with Shortlisted Bidders to address any aspects of an optimal proposed solution that were not fully addressed in a particular Bid.
(ii) Prior to the approval of the CAT NMS Plan, all Shortlisted Bidders will be permitted to revise their Bids one or more times if the Selection Committee determines, by majority vote, that such revision(s) are necessary or appropriate.
(iii) Prior to approval of the CAT NMS Plan, and either before or after any revisions to Shortlisted Bids are accepted, the Selection Committee may determine, by at least a two-thirds vote, to narrow the number of Shortlisted Bids to three Bids, in accordance with the process in this Section 5.2(c)(iii).
(A) Each Voting Senior Officer shall select a first, second, and third choice from among the Shortlisted Bids.
(B) A weighted score shall be assigned to each choice as follows:
(1) First receives three (3) points;
(2) Second receives two (2) points; and
(3) Third receives one (1) point.
(C) The three Shortlisted Bids receiving the highest cumulative scores will be the new set of Shortlisted Bids.
(D) In the event of a tie that would result in more than three final Shortlisted Bids, the votes shall be recounted, omitting each Voting Senior Officer's third choice, in order to break the tie. If this recount produces a tie that would result in a number of final Shortlisted Bids larger than or equal to that from the initial count, the results of the initial count shall constitute the final set of Shortlisted Bids.
(E) To the extent there are Non-SRO Bids that are Shortlisted Bids, the final Shortlisted Bids selected pursuant to this Section 5.2(c)(iii) must, if possible, include at least one Non-SRO Bid. If following the vote set forth in this Section 5.2(c)(iii), no Non-SRO Bid was selected as a final Shortlisted Bid, the Non-SRO Bid receiving the highest cumulative votes shall be retained as a Shortlisted Bid.
(F) The third party tabulating votes, as specified in Section 5.1(b)(5), shall identify to the Selection Committee the new set of Shortlisted Bids, but shall keep confidential the individual scores and rankings of the Shortlisted Bids from the process in this Section 5.2(c)(iii).
(iv) The Participants shall incorporate information on optimal proposed solutions in this Agreement, including cost-benefit information as required by SEC Rule 613.
(d) Review of Shortlisted Bids Under the CAT NMS Plan.
(i) A Shortlisted Bidder shall be permitted to revise its Bid only upon approval by a majority of the Selection Committee, subject to the recusal provision in Section 5.1(b)(ii) above, that revisions are necessary or appropriate in light of the content of the Shortlisted Bidder's initial Bid and the provisions in this Agreement. A Shortlisted Bidder may not revise its Bid unless approved to do so by the Selection Committee pursuant to this Section 5.2(d)(i).
(ii) The Selection Committee shall review and evaluate all Shortlisted Bids, including any permitted revisions thereto submitted by Shortlisted Bidders. In performing the review and evaluation, the Selection Committee may consult with the Advisory Committee established pursuant to paragraph (b)(7) of SEC Rule 613 and Section 4.13, and such other Persons as the Selection Committee deems appropriate.
(e) Selection of Plan Processor Under this Agreement.
(i) There shall be two rounds of voting by the Selection Committee to select the Initial Plan Processor from among the Shortlisted Bidders. Each round shall be scored independently of prior rounds of voting, including the scoring to determine the Shortlisted Bids under Section 5.2(b).
(ii) Each Participant shall have one vote in each round, except that no Bidding Participant shall be entitled to vote in any round if the Participant's Bid, a Bid submitted by an Affiliate of the Participant, or a Bid including the Participant or an Affiliate of the Participant is considered in such round.
(iii) First Round Voting by the Selection Committee.
(A) In the first round of voting, each Voting Senior Officer, subject to the recusal provisions in Section 5.2(e)(ii), shall select a first and second choice from among the Shortlisted Bids.
(B) A weighted score shall be assigned to each choice as follows:
(1) First choice receives two (2) points; and
(2) Second choice receives one (1) point.
(C) The two Shortlisted Bids receiving the highest cumulative scores in the first round shall advance to the second round.
(D) In the event of a tie that would result in more than two Shortlisted Bids advancing to the second round, the tie shall be broken by assigning one point per vote, with the Shortlisted Bid(s) receiving the highest number of votes advancing to the second round. If, at this point, the Shortlisted Bids remain tied, a revote shall be taken with each vote receiving one point. If the revote results in a tie, the Participants shall identify areas for further discussion and, following any such discussion, voting shall continue until two Shortlisted Bids are selected to advance to the second round.
(iv) Second Round Voting by the Selection Committee.
(A) In the second round of voting, each Voting Senior Officer, subject to the recusal provisions in Section 5.2(e)(ii) above, shall vote for one Shortlisted Bid.
(B) The Shortlisted Bid receiving the most votes in the second round shall be selected, and the proposed entity included in the Shortlisted Bid to serve as the Plan Processor shall be selected as the Plan Processor.
(C) In the event of a tie, a revote shall be taken. If the revote results in a tie, the Participants shall identify areas for further discussions with the two Shortlisted Bidders. Following any such discussions, voting shall continue until one Shortlisted Bid is selected.
ARTICLE VI
FUNCTIONS AND ACTIVITIES OF CAT SYSTEM
Section 6.1. Plan Processor.
(a) The Initial Plan Processor shall be selected in accordance with Article V and shall serve as the Plan Processor until its resignation or removal from such position in accordance with this Section 6.1. The Company, under the direction of the Operating Committee shall enter into one or more agreements with the Plan Processor obligating the Plan Processor to perform the functions and duties contemplated by this Agreement to be performed by the Plan Processor, as well as such other functions and duties the Operating Committee deems necessary or appropriate.
(b) The Plan Processor may appoint such officers of the Plan Processor as it deems necessary and appropriate to perform its functions under this Agreement and SEC Rule 613; provided that the Plan Processor shall, at a minimum, appoint, in accordance with Section 6.2: (i) the Chief Compliance Officer; (ii) the Chief Information Security Officer; and (iii) the Independent Auditor. Notwithstanding anything to the contrary, the Operating Committee, by Supermajority Vote, shall approve any appointment or removal of the Chief Compliance Officer, the Chief Information Security Officer, or the Independent Auditor.
(c) The Plan Processor shall develop and, with the prior approval of the Operating Committee, implement policies, procedures, and control structures related to the CAT System that are consistent with SEC Rule 613(e)(4), Appendix C, and Appendix D.
(d) The Plan Processor shall:
(i) comply with applicable provisions of 15 U.S.C. § 78u-6 (Securities Whistleblower Incentives and Protection) and the recordkeeping requirements of SEC Rule 613(e)(8);
(ii) consistent with Appendix D, Central Repository Requirements, ensure the effective management and operation of the Central Repository;
(iii) consistent with Appendix D, Data Management, ensure the accuracy of the consolidation of the CAT Data reported to the Central Repository pursuant to Section 6.3 and Section 6.4; and
(iv) consistent with Appendix D, Upgrade Process and Development of New Functionality, design and implement appropriate policies and procedures governing the determination to develop new functionality for the CAT including, among other requirements, a mechanism by which changes can be suggested by Advisory Committee members, Participants, or the SEC. Such policies and procedures also shall: (A) provide for the escalation of reviews of proposed technological changes and upgrades (including as required by Section 6.1(i) and Section 6.1(j) or as otherwise appropriate) to the Operating Committee; and (B) address the handling of surveillance, including coordinated, SEC Rule 17d-2 or Regulatory Service Agreement(s) (“RSA”) surveillance queries and requests for data.
(e) Any policy, procedure or standard (and any material modification or amendment thereto) applicable primarily to the performance of the Plan Processor's duties as the Plan Processor (excluding, for the avoidance of doubt, any policies, procedures or standards generally applicable to the Plan Processor's operations and employees) shall become effective only upon approval thereof by the Operating Committee.
(f) The Plan Processor shall, subject to the prior approval of the Operating Committee, establish appropriate procedures for escalation of matters to the Operating Committee.
(g) In addition to other policies, procedures and standards generally applicable to the Plan Processor's employees and contractors, the Plan Processor shall have hiring standards and shall conduct and enforce background checks (e.g., fingerprint-based) for all of its employees and contractors to ensure the protection, safeguarding and security of the facilities, systems, networks, equipment and data of the CAT System, and shall have an insider and external threat policy to detect, monitor and remedy cyber and other threats. Each Participant will also conduct background checks of its employees and contractors that will use the CAT System.
(h) The Plan Processor shall enter into appropriate Service Level Agreements (“SLAs”) governing the performance of the Central Repository, as generally described in Appendix D, Functionality of the CAT System, with the prior approval of the Operating Committee. The Plan Processor in conjunction with the Operating Committee shall regularly review and, as necessary, update the SLAs, in accordance with the terms of the SLAs. As further contemplated in Appendix C, System Service Level Agreements (SLAs), and in Appendix D, System SLAs, the Plan Processor may enter into appropriate service level agreements with third parties applicable to the Plan Processor's functions related to the CAT System (“Other SLAs”), with the prior approval of the Operating Committee. The Chief Compliance Officer and/or the Independent Auditor shall, in conjunction with the Plan Processor and, as necessary, the Operating Committee, regularly review and, as necessary, update the Other SLAs, in accordance with the terms of the applicable Other SLA.
(i) The Plan Processor shall, on an ongoing basis and consistent with any applicable policies and procedures, evaluate and implement potential system changes and upgrades to maintain and improve the normal day-to-day operating function of the CAT System.
(j) In consultation with the Operating Committee, the Plan Processor shall, on an as needed basis and consistent with any applicable operational and escalation policies and procedures, implement such material system changes and upgrades as may be required to ensure effective functioning of the CAT System (i.e., those system changes and upgrades beyond the scope contemplated by Section 6.1(i)).
(k) In consultation with the Operating Committee, the Plan Processor shall, on an as needed basis, implement system changes and upgrades to the CAT System to ensure compliance with any applicable laws, regulations or rules (including those promulgated by the SEC or any Participant).
(l) The Plan Processor shall develop and, with the prior approval of the Operating Committee, implement a securities trading policy, as well as necessary procedures, control structures and tools to enforce this policy. The securities trading policy shall include:
(i) the category(ies) of employees, and as appropriate, contractors, of the Plan Processor to whom the policy will apply;
(ii) the scope of securities that are allowed or not allowed for trading;
(iii) the creation and maintenance of restricted trading lists;
(iv) a mechanism for declaring new or open account activity;
(v) a comprehensive list of any exclusions to the policy (e.g., blind trust, non-discretionary accounts);
(vi) requirements for duplicative records to be received by the Plan Processor for periodic review; and
(vii) a mechanism to review employee trading accounts.
(m) The Plan Processor shall develop and, with the prior approval of the Operating Committee, implement a training program that addresses the security and confidentiality of all information accessible from the CAT, as well as the operational risks associated with accessing the Central Repository. The training program will be made available to all individuals who have access to the Central Repository on behalf of the Participants or the SEC, prior to such individuals being granted access to the Central Repository.
(n) The Operating Committee will review the Plan Processor's performance under this Agreement at least once each year, or more often than once each year upon the request of two Participants that are not Affiliated Participants. The Operating Committee shall notify the SEC of any determination made by the Operating Committee concerning the continuing engagement of the Plan Processor as a result of the Operating Committee's review of the Plan Processor and shall provide the SEC with a copy of any reports that may be prepared in connection therewith.
(o) The Plan Processor shall provide the Operating Committee regular reports on the CAT System's operation and maintenance. The reports shall address:
(i) operational performance management information regarding the capacity and performance of the CAT System as specified by the Operating Committee. Such reports shall at a minimum address:
(A) the capacity and performance of the Central Repository, including at a minimum the requirements set forth in Appendix D, Central Repository Requirements;
(B) the basic functionality of the CAT System, including the functions set forth in Appendix D, Functionality of the CAT System.
(ii) data security issues for the Plan Processor and the Central Repository taking into account the data security requirements set forth in Appendix D, Data Security;
(iii) Participant usage statistics for the Plan Processor and the Central Repository, including capacity planning studies and daily reports called for by Appendix D, Capacity Requirements, as well as business continuity planning and disaster recovery issues for the Plan Processor and the Central Repository, taking into account the business continuity planning and disaster recovery requirements set forth in Appendix D, BCP/DR Process;
(iv) system improvement issues with the Plan Processor and the Central Repository as contemplated by Appendix D, Upgrade Process and Development of New Functionality;
(v) Error Rates relating to the Central Repository, including, in each case to the extent the Operating Committee determines necessary or advisable, Error Rates by day and by delta over time, and Compliance Thresholds by CAT Reporter, by Reportable Event, by age before resolution, by symbol, by symbol type (e.g., ETF and Index) and by event time (by hour and cumulative on the hour) as set forth in Appendix C, Error Communication, Correction, and Processing;
This Error Rate includes errors by CAT Reporters and linkage validation errors. In addition, errors attributable to the Plan Processor will be memorialized and reported to the Operating Committee.
(vi) financial statements of the Plan Processor prepared in accordance with GAAP (A) audited by an independent public accounting firm or (B) certified by the Plan Processor's Chief Financial Officer (which financial statements contemplated by this Section 6.1(o)(vi) shall be provided no later than [90] 180 days after the Plan Processor's fiscal year end);
(vii) continued solvency of the Plan Processor;
(viii) budgetary status of any items subject to Section 6.2(a)(ii);
(ix) internal audit analysis and the status of any internal audit related deliverables; and
(x) additional items as requested by the Operating Committee, any Officer of the Company, or the Independent Auditor.
(p) Upon the request of the Operating Committee or any Subcommittee, the Plan Processor shall attend any meeting of the Operating Committee or such Subcommittee.
(q) The Operating Committee, by Supermajority Vote, may remove the Plan Processor from such position at any time.
(r) The Operating Committee may, by Majority Vote, remove the Plan Processor from such position at any time if it determines that the Plan Processor has failed to perform its functions in a reasonably acceptable manner in accordance with the provisions of this Agreement or that the Plan Processor's expenses have become excessive and are not justified. In making such determination, the Operating Committee shall consider, among other factors: (i) the reasonableness of the Plan Processor's response to requests from Participants or the Company for technological changes or enhancements; (ii) results of any assessments performed pursuant to Section 6.6; (iii) the timeliness of conducting preventative and corrective information technology system maintenance for reliable and secure operations; (iv) compliance with requirements of Appendix D; and (v) such other factors related to experience, technological capability, quality and reliability of service, costs, back-up facilities, failure to meet service level agreement(s) and regulatory considerations as the Operating Committee may determine to be appropriate.
(s) The Plan Processor may resign from such position; provided that no such resignation shall be effective earlier than two (2) years (or such other shorter period as may be determined by the Operating Committee by Supermajority Vote) after the Plan Processor provides written notice of such resignation to the Company.
(t) The Operating Committee, by Supermajority Vote, shall fill any vacancy in the Plan Processor position, and shall establish a Plan Processor Selection Subcommittee in accordance with Section 4.12 to evaluate and review Bids and make a recommendation to the Operating Committee with respect to the selection of the successor Plan Processor. Any successor Plan Processor appointed pursuant to this Section 6.1(t) shall be subject to all the terms and conditions of this Agreement applicable to the Plan Processor commencing from such appointment effective date.
(u) The Plan Processor shall afford to Participants and the Commission such access to the Representatives of the Plan Processor as any Participant or the Commission may [reasonably] request solely for the purpose of performing such Person's regulatory and oversight responsibilities pursuant to the federal securities laws, rules, and regulations or any contractual obligations, and shall direct such Representatives to [reasonably] cooperate with any inquiry, investigation, or proceeding conducted by or on behalf of any Participant or the Commission related to such purpose.
Section 6.2. Chief Compliance Officer and Chief Information Security Officer.
(a) Chief Compliance Officer.
(i) The Plan Processor shall designate an employee of the Plan Processor to serve, subject to the approval of the Operating Committee by Supermajority Vote, as the Chief Compliance Officer. The Plan Processor shall also designate at least one other employee (in addition to the person then serving as Chief Compliance Officer), which employee the Operating Committee has previously approved, to serve temporarily as the Chief Compliance Officer if the employee then serving as the Chief Compliance Officer becomes unavailable or unable to serve in such capacity (including by reason of injury or illness). Any person designated to serve as the Chief Compliance Officer (including to serve temporarily) shall be appropriately qualified to serve in such capacity based on the duties and responsibilities assigned to the Chief Compliance Officer under this Agreement and shall dedicate such person's entire working time to such service (or temporary service) (except for any time required to attend to any incidental administrative matters related to such person's employment with the Plan Processor that do not detract in any material respect from such person's service as the Chief Compliance Officer). The Plan Processor may, at its discretion: (A) designate another employee previously approved by the Operating Committee by Supermajority Vote to serve in such capacity to temporarily serve as the Chief Compliance Officer if the employee then serving as the Chief Compliance Officer becomes unavailable or unable to serve as the Chief Compliance Officer (including by reason of injury or illness) for a period not in excess of thirty (30) days; or (B) designate another employee of the Plan Processor to replace, subject to approval of the Operating Committee by a Supermajority Vote, the Chief Compliance Officer. The Plan Processor shall promptly designate another employee of the Plan Processor to replace, subject to the approval of the Operating Committee by Supermajority Vote, the Chief Compliance Officer if the Chief Compliance Officer's employment with the Plan Processor terminates or the Chief Compliance Officer is otherwise unavailable or unable to serve as the Chief Compliance Officer (including by reason of injury or illness) for a period in excess of thirty (30) days. The Operating Committee shall report any action taken pursuant to Section 6.2(a)(i) to the SEC.
(ii) The Plan Processor, subject to the oversight of the Operating Committee, shall ensure that the Chief Compliance Officer has appropriate resources to fulfill the obligations of the Chief Compliance Officer set forth in SEC Rule 613 and in this Agreement.
(iii) In respect of all duties and responsibilities of the Chief Compliance Officer in such capacity (including those set forth in this Agreement), the Chief Compliance Officer shall be directly responsible and shall directly report to the Operating Committee, notwithstanding that he or she is employed by the Plan Processor.
(iv) The compensation (including base salary and bonus) of the Chief Compliance Officer shall be payable by the Plan Processor, but subject to review and approval by the Operating Committee, and the Operating Committee shall render the Chief Compliance Officer's annual performance review.
(v) The Chief Compliance Officer shall:
(A) regularly review the operation of the Central Repository to ensure its continued effectiveness based on market and technological developments and consistent with Appendix D, Upgrade Process and Development of New Functionality, and make any appropriate recommendations for enhancements to the nature of the information collected and the manner in which it is processed;
(B) identify and assist the Company in retaining an appropriately qualified independent auditor of national recognition (subject to the approval of the Operating Committee by Supermajority Vote, the “Independent Auditor”) and, in collaboration with such Independent Auditor, create and implement an annual audit plan (subject to the approval of the Operating Committee) which shall at a minimum include a review of all Plan Processor policies, procedures and control structures;
(C) in collaboration with the Chief Information Security Officer, and consistent with Appendix D, Data Security, and any other applicable requirements related to data security, Customer Account Information and Customer Identifying Information, identify and assist the Company in retaining an appropriately qualified independent auditor (based on specialized technical expertise, which may be the Independent Auditor or subject to the approval of the Operating Company by Supermajority Vote, another appropriately qualified independent auditor), and in collaboration with such independent auditor, create and implement an annual audit plan (subject to the approval of the Operating Committee), which shall at a minimum include a review of all Plan Processor policies, procedures and control structures, and real time tools that monitor and address data security issues for the Plan Processor and the Central Repository;
(D) have the ability to hire or retain adequate resources as needed (e.g., advisors and counsel) to fulfill its obligations;
(E) perform reviews with respect to the matters referenced in Section 4.12(b) and report periodically, and on an as needed basis, to the Operating Committee concerning the findings of any such reviews;
(F) report to the Operating Committee and conduct any relevant review of the Plan Processor or the Central Repository requested by the Operating Committee, including directing internal or external auditors, as appropriate, to support any such review;
(G) perform and provide the regular written assessment to the SEC required by Section 6.6 and SEC Rule 613;
(H) regularly review the information security program developed and maintained by the Plan Processor pursuant to Section 6.12 and determine the frequency of such reviews;
(I) report in a timely manner to the Operating Committee any instances of non-compliance by the Plan Processor with any of the Central Repository's policies or procedures with respect to information security;
(J) conduct regular monitoring of the CAT System for compliance by each Participant and each Industry Member with SEC Rule 613, this Agreement and Appendix D, Reporting and Linkage Requirements, and provide the results: (1) with regard to Industry Members, to each Participant with oversight of such Industry Member or to such Participant's agent pursuant to a regulatory services agreement, or to the Participant responsible for enforcing compliance by such Industry Member pursuant to an agreement entered into by the applicable Participant pursuant to SEC Rule 17d-2; and (2) with regard to each Participant, to the chief regulatory officer or equivalent of such Participant;
(K) develop a mechanism to conduct regular monitoring of the CAT System for compliance by each Participant with SEC Rule 613, this Agreement, and Appendix D, Reporting and Linkage Requirements;
(L) develop and implement a notification and escalation process to resolve and remediate any alleged noncompliance by a Participant or Industry Member with the rules of the CAT, which process will include appropriate notification and order of escalation to a Participant, the Operating Committee, or the Commission;
(M) develop and conduct an annual assessment of Business Clock synchronization as specified in Section 6.8(c);
(N) have access to Plan Processor staff and documentation as appropriate to fulfill its obligations;
(O) have access to the Operating Committee, including attending all regular, special and emergency meetings of the Operating Committee as a non-voting observer; provided, however, that the Chief Compliance Officer shall not have the right to attend any Executive Session that the Operating Committee may hold;
(P) work on a more regular and frequent basis with the Compliance Subcommittee or other Subcommittee as may be determined by the Operating Committee; and
(Q) oversee the Plan Processor's compliance with applicable laws, rules and regulations related to the CAT System, in its capacity as Plan Processor.
(b) Chief Information Security Officer.
(i) The Plan Processor shall designate an employee of the Plan Processor to serve, subject to the approval of the Operating Committee by Supermajority Vote, as the Chief Information Security Officer. The Plan Processor shall also designate at least one other employee (in addition to the person then serving as Chief Information Security Officer), which employee the Operating Committee has previously approved, to serve temporarily as the Chief Information Security Officer if the employee then serving as the Chief Information Security Officer becomes unavailable or unable to serve in such capacity (including by reason of injury or illness). Any person designated to serve as the Chief Information Security Officer (including to serve temporarily) shall be appropriately qualified to serve in such capacity based on the duties and responsibilities assigned to the Chief Information Security Officer under this Agreement and shall dedicate such person's entire working time to such service (or temporary service) (except for any time required to attend to any incidental administrative matters related to such person's employment with the Plan Processor that do not detract in any material respect from such person's service as the Chief Information Security Officer). The Plan Processor may, at its discretion: (A) designate another employee previously approved by the Operating Committee by Supermajority Vote to serve in such capacity to temporarily serve as the Chief Information Security Officer if the employee then serving as Chief Information Security Officer becomes unavailable or unable to serve as Chief Information Security Officer (including by reason of injury or illness) for a period not in excess of thirty (30) days; or (B) designate another employee of the Plan Processor to replace, subject to approval of the Operating Committee by a Supermajority Vote, the Chief Information Security Officer. The Plan Processor shall promptly designate another employee of the Plan Processor to replace, subject to the approval of the Operating Committee by Supermajority Vote, the Chief Information Security Officer if the Chief Information Security Officer's employment with the Plan Processor terminates or the Chief Information Security Officer is otherwise unavailable or unable to serve as Chief Information Security Officer (including by reason of injury or illness) for a period in excess of thirty (30) days. The Operating Committee shall report any action taken pursuant to Section 6.2(b)(i) to the SEC.
(ii) The Plan Processor, subject to the oversight of the Operating Committee, shall ensure that the Chief Information Security Officer has appropriate resources to fulfill the obligations of the Chief Information Security Officer set forth in SEC Rule 613 and in this Agreement, including providing appropriate responses to questions posed by the Participants and the SEC.
(iii) In respect of all duties and responsibilities of the Chief Information Security Officer in such capacity (including those set forth in this Agreement), the Chief Information Security Officer shall be directly responsible and directly report to the Operating Committee, notwithstanding that he or she is employed by the Plan Processor.
(iv) The compensation (including base salary and bonus) of the Chief Information Security Officer shall be payable by the Plan Processor, but subject to review and approval by the Operating Committee, and the Operating Committee shall render the Chief Information Security Officer's annual performance review.
(v) Consistent with Appendices C and D, the Chief Information Security Officer shall be responsible for creating and enforcing appropriate policies, procedures, and control structures to monitor and address data security issues for the Plan Processor and the Central Repository including:
(A) data security, including the standards set forth in Appendix D, Data Security;
(B) connectivity and data transfer, including the standards set forth in Appendix D, Connectivity and Data Transfer;
(C) data encryption, including the standards set forth in Appendix D, Data Encryption;
(D) data storage and environment, including the standards set forth in Appendix D, Data Storage and Environment;
(E) data access and breach management, including the standards set forth in Appendix D, Data Access, and Appendix D, Breach Management;
(F) PII data requirements, including the standards set forth in Appendix D, PII Data Requirements;
(G) industry standards, including the standards set forth in Appendix D, Industry Standards; and
(H) penetration test reviews, which shall occur at least every year or earlier, or at the request of the Operating Committee, set forth in Appendix D, Data Storage and Environment.
(vi) At regular intervals, to the extent that such information is available to the Company, the Chief Information Security Officer shall report to the Operating Committee the activities of the Financial Services Information Sharing and Analysis Center (“FS-ISAC”) or other comparable body.
(vii) The Chief Information Security Officer shall review the information security policies and procedures of the Participants that are related to the CAT to ensure that such policies and procedures are comparable to the information security policies and procedures applicable to the Central Repository. If the Chief Information Security Officer, in consultation with the Chief Compliance Officer, finds that any such policies and procedures are not comparable to the policies and procedures applicable to the CAT System, and the issue is not promptly addressed by the applicable Participant, the Chief Information Security Officer, in consultation with the Chief Compliance Officer, will be required to notify the Operating Committee of such deficiencies.
Section 6.3. Data Recording and Reporting by Participants. This Section 6.3 shall become effective on the first anniversary of the Effective Date and shall remain effective thereafter until modified or amended in accordance with the provisions of this Agreement and applicable law.
(a) Format. As contemplated in Appendix D, Data Types and Sources, each Participant shall report Participant Data to the Central Repository for consolidation and storage in a format or formats specified by the Plan Processor, approved by the Operating Committee and compliant with SEC Rule 613.
(b) Timing of Recording and Reporting.
(i) As further described in Appendix D, Reporting and Linkage Requirements, each Participant shall record Participant Data contemporaneously with the applicable Reportable Event.
(ii) Each Participant shall report Participant Data to the Central Repository by 8:00 a.m. Eastern Time on the Trading Day following the day the Participant records such Participant Data. A Participant may voluntarily report Participant Data prior to the 8:00 a.m. Eastern Time deadline.
(c) Applicable Securities.
(i) Each Participant that is a national securities exchange shall report Participant Data for each NMS Security registered or listed for trading on such exchange or admitted to unlisted trading privileges on such exchange.
(ii) Each Participant that is a national securities association shall report Participant Data for each Eligible Security for which transaction reports are required to be submitted to such association.
(d) Participant Data. Subject to Section 6.3(c), and Appendix D, Reporting and Linkage Requirements, and in accordance with the Technical Specifications, each Participant shall record and electronically report to the Central Repository the following details for each order and each Reportable Event, as applicable (“Participant Data”):
(i) for original receipt or origination of an order:
(A) Firm Designated ID(s) for each Customer;
(B) CAT-Order-ID;
(C) SRO-Assigned Market Participant Identifier of the Industry Member receiving or originating the order;
(D) date of order receipt or origination;
(E) time of order receipt or origination (using timestamps pursuant to Section 6.8); and
(F) Material Terms of the Order;
(ii) for the routing of an order:
(A) CAT-Order-ID;
(B) date on which the order is routed;
(C) time at which the order is routed (using timestamps pursuant to Section 6.8);
(D) SRO-Assigned Market Participant Identifier of the Industry Member or Participant routing the order;
(E) SRO-Assigned Market Participant Identifier of the Industry Member or Participant to which the order is being routed;
(F) if routed internally at the Industry Member, the identity and nature of the department or desk to which the order is routed; and
(G) Material Terms of the Order;
(iii) for the receipt of an order that has been routed, the following information:
(A) CAT-Order-ID;
(B) date on which the order is received;
(C) time at which the order is received (using timestamps pursuant to Section 6.8);
(D) SRO-Assigned Market Participant Identifier of the Industry Member or Participant receiving the order;
(E) SRO-Assigned Market Participant Identifier of the Industry Member or Participant routing the order; and
(F) Material Terms of the Order;
(iv) if the order is modified or cancelled:
(A) CAT-Order-ID;
(B) date the modification or cancellation is received or originated;
(C) time at which the modification or cancellation is received or originated (using timestamps pursuant to Section 6.8);
(D) price and remaining size of the order, if modified;
(E) other changes in the Material Terms of the Order, if modified; and
(F) whether the modification or cancellation instruction was given by the Customer or was initiated by the Industry Member or Participant;
(v) if the order is executed, in whole or in part:
(A) CAT-Order-ID;
(B) date of execution;
(C) time of execution (using timestamps pursuant to Section 6.8);
(D) execution capacity (principal, agency or riskless principal);
(E) execution price and size;
(F) SRO-Assigned Market Participant Identifier of the Participant or Industry Member executing the order;
(G) whether the execution was reported pursuant to an effective transaction reporting plan or the Plan for Reporting of Consolidated Options Last Sale Reports and Quotation Information; and
(vi) other information or additional events as may be prescribed in Appendix D, Reporting and Linkage Requirements.
(e) CAT-Reporter-ID.
(i) Each Participant must submit to the Central Repository, on a daily basis,
(A) all SRO-Assigned Market Participant Identifiers used by its Industry Members or itself ; and[ as well as]
(B) information to identify (1) each such Industry Member, including CRD number and LEI [the corresponding market participant (e.g., CRD number, or LEI) to the Central Repository] if such LEI has been obtained, and itself, including LEI, if such LEI has been obtained.
(ii) The Plan Processor will use the SRO-Assigned Market Participant Identifiers and identifying information to assign a CAT-Reporter-ID to each Industry Member or Participant for internal use across all CAT Data in the Central Repository.
(f) Means of Transmission. As contemplated in Appendix D, each Participant may utilize such methods as may be provided by the Plan Processor and approved by the Operating Committee to transmit Participant Data to the Central Repository.
Section 6.4. Data Reporting and Recording by Industry Members. The requirements for Industry Members under this Section 6.4 shall become effective on the second anniversary of the Effective Date in the case of Industry Members other than Small Industry Members, or the third anniversary of the Effective Date in the case of Small Industry Members, and shall remain effective thereafter until modified or amended in accordance with the provisions of this Agreement and applicable law.
(a) Format. As contemplated in Appendix D, Data Types and Sources, each Participant shall, through its Compliance Rule, require its Industry Members to report Industry Member Data to the Central Repository for consolidation and storage in a format or formats specified by the Plan Processor, approved by the Operating Committee and compliant with SEC Rule 613.
(b) Timing of Recording and Reporting.
(i) As further described in Appendix D, Reporting and Linkage Requirements, each Participant shall, through its Compliance Rule, require its Industry Members to record Recorded Industry Member Data contemporaneously with the applicable Reportable Event.
(ii) Consistent with Appendix D, Reporting and Linkage Requirements, each Participant shall, through its Compliance Rule, require its Industry Members to report: (A) Recorded Industry Member Data to the Central Repository by 8:00 a.m. Eastern Time on the Trading Day following the day the Industry Member records such Recorded Industry Member Data; and (B) Received Industry Member Data to the Central Repository by 8:00 a.m. Eastern Time on the Trading Day following the day the Industry Member receives such Received Industry Member Data. Each Participant shall, through its Compliance Rule, permit its Industry Members to voluntarily report Industry Member Data prior to the applicable 8:00 a.m. Eastern Time deadline.
(c) Applicable Securities.
(i) Each Participant that is a national securities exchange shall, through its Compliance Rule, require its Industry Members to report Industry Member Data for each NMS Security registered or listed for trading on such exchange or admitted to unlisted trading privileges on such exchange.
(ii) Each Participant that is a national securities association shall, through its Compliance Rule, require its Industry Members to report Industry Member Data for each Eligible Security for which transaction reports are required to be submitted to such association.
(d) Required Industry Member Data.
(i) Subject to Section 6.4(c) and Section 6.4(d)(iii) with respect to Options Market Makers, and consistent with Appendix D, Reporting and Linkage Requirements, and the Technical Specifications, each Participant shall, through its Compliance Rule, require its Industry Members to record and electronically report to the Central Repository for each order and each Reportable Event the information referred to in Section 6.3(d), as applicable (“Recorded Industry Member Data”).
(ii) Subject to Section 6.4(c) and Section 6.4(d)(iii) with respect to Options Market Makers, and consistent with Appendix D, Reporting and Linkage Requirements, and the Technical Specifications, each Participant shall, through its Compliance Rule, require its Industry Members to record and report to the Central Repository the following, as applicable (“Received Industry Member Data” and collectively with the information referred to in Section 6.4(d)(i) “Industry Member Data”):
(A) if the order is executed, in whole or in part:
(1) An Allocation Report;
(2) SRO-Assigned Market Participant Identifier of the clearing broker or prime broker, if applicable; and
(3) CAT-Order-ID of any contra-side order(s);
(B) if the trade is cancelled, a cancelled trade indicator; and
(C) for original receipt or origination of an order, the Firm Designated ID for the relevant Customer, and in accordance with Section 6.4(d)(iv), Customer Account Information[,] and Customer Identifying Information for the relevant Customer.
(iii) With respect to the reporting obligations of an Options Market Maker with regard to its quotes in Listed Options, Reportable Events required pursuant to Section 6.3(d)(ii) and (iv) shall be reported to the Central Repository by an Options Exchange in lieu of the reporting of such information by the Options Market Maker. Each Participant that is an Options Exchange shall, through its Compliance Rule, require its Industry Members that are Options Market Makers to report to the Options Exchange the time at which a quote in a Listed Option is sent to the Options Exchange (and, if applicable, any subsequent quote modifications and/or cancellation time when such modification or cancellation is originated by the Options Market Maker). Such time information also shall be reported to the Central Repository by the Options Exchange in lieu of reporting by the Options Market Maker.
(iv) Each Industry Member must submit an initial set of the Customer information required in Section 6.4(d)(ii)(C) for Active Accounts to the Central Repository upon the Industry Member's commencement of reporting to the Central Repository. Each Industry Member must submit to the Central Repository any updates, additions or other changes to the Customer information required in Section 6.4(d)(ii)(C) on a daily basis for all Active Accounts [thereafter]. In addition, on a periodic basis as designated by the Plan Processor and approved by the Operating Committee, each Industry Member will be required to submit to the Central Repository a complete set of all Customer information required in Section 6.4(d)(ii)(C). The Plan Processor will correlate such Customer information across all Industry Members, use it to assign a Customer-ID for each Customer, and use the Customer-ID to link all Reportable Events associated with an order for a Customer.
(v) Each Participant shall, through its Compliance Rule, require its Industry Members to record and report to the Central Repository other information or additional events as may be prescribed in Appendix D, Reporting and Linkage Requirements.
(vi) Each Industry Member must submit to the Central Repository information sufficient to identify such Industry Member , including CRD number and LEI, if such LEI has been obtained [(e.g., CRD, or LEI)].
(e) Means of Transmission. As contemplated in Appendix D, Data Types and Sources, each Industry Member may utilize such methods as may be provided by the Plan Processor and approved by the Operating Committee to transmit Industry Member Data to the Central Repository.
Section 6.5. Central Repository.
(a) Collection of Data.
(i) The Central Repository, under the oversight of the Plan Processor, and consistent with Appendix D, Central Repository Requirements, shall receive, consolidate, and retain all CAT Data.
(ii) The Central Repository shall collect (from a SIP or pursuant to an NMS Plan) and retain on a current and continuing basis, in a format compatible with the Participant Data and Industry Member Data, all data, including the following (collectively, “SIP Data”):
(A) information, including the size and quote condition, on quotes including the National Best Bid and National Best Offer for each NMS Security;
(B) Last Sale Reports and transaction reports reported pursuant to an effective transaction reporting plan filed with the SEC pursuant to, and meeting the requirements of, SEC Rules 601 and 608;
(C) trading halts, Limit Up/Limit Down price bands, and Limit Up/Limit Down indicators; and
(D) summary data or reports described in the specifications for each of the SIPs and disseminated by the respective SIP.
(b) Retention of Data.
(i) Consistent with Appendix D, Data Retention Requirements, the Central Repository shall retain the information collected pursuant to paragraphs (c)(7) and (e)(7) of SEC Rule 613 in a convenient and usable standard electronic data format that is directly available and searchable electronically without any manual intervention by the Plan Processor for a period of not less than six (6) years. Such data when available to the Participant regulatory staff and the SEC shall be linked.
(ii) The Plan Processor shall implement and comply with the records retention policy contemplated by Section 6.1(d)(i) (as such policy is reviewed and updated periodically in accordance with Section 6.1(d)(i)).
(c) Access to the Central Repository
(i) Consistent with Appendix D, Data Access, the Plan Processor shall provide Participants and the SEC access to the Central Repository (including all systems operated by the Central Repository), and access to and use of the CAT Data stored in the Central Repository, solely for the purpose of performing their respective regulatory and oversight responsibilities pursuant to the federal securities laws, rules and regulations or any contractual obligations.
(ii) The Plan Processor shall create and maintain a method of access to CAT Data stored in the Central Repository that includes the ability to run searches and generate reports. The method in which the CAT Data is stored in the Central Repository shall allow the ability to return results of queries that are complex in nature, including market reconstruction and the status of order books at varying time intervals.
(iii) The Plan Processor shall, at least annually and at such earlier time promptly following a request by the Operating Committee, certify to the Operating Committee that only Participants and the SEC have access to the Central Repository (other than access provided to any Industry Member for the purpose of correcting CAT Data previously reported to the Central Repository by such Industry Member).
(iv) Appendix C, The Security and Confidentiality of Information Reported to the Central Repository, and Appendix D, Data Security, describes the security and confidentiality of the CAT Data, including how access to the Central Repository is controlled.
(d) Data Accuracy
(i) The Operating Committee shall set and periodically review a maximum Error Rate for data reported to the Central Repository. The initial maximum Error Rate shall be set to 5%.
(ii) Consistent with Appendix D, Reporting and Linkage Requirements and Data Security, the Operating Committee shall adopt policies and procedures, including standards, requiring CAT Data reported to the Central Repository be timely, accurate, and complete, and to ensure the integrity of such CAT Data (e.g., that such CAT Data has not been altered and remains reliable). The Plan Processor shall be responsible for implementing such policies and procedures.
(iii) Appendix D, Receipt of Data from Reporters, describes the mechanisms and protocols for Participant Data and Industry Member Data submission for all key phases, including:
(A) file transmission and receipt validation;
(B) validation of CAT Data; and
(C) validation of linkages.
(e) Appendix D, Receipt of Data from Reporters, also describes the mechanisms and protocols for managing and handling corrections of CAT Data. The Plan Processor shall require an audit trail for corrected CAT Data in accordance with mechanisms and protocols approved by the Operating Committee.
(f) Data Confidentiality
(i) The Plan Processor shall, without limiting the obligations imposed on Participants by this Agreement and in accordance with the framework set forth in, Appendix D, Data Security, and Functionality of the CAT System, be responsible for the security and confidentiality of all CAT Data received and reported to the Central Repository. Without limiting the foregoing, the Plan Processor shall:
(A) require all individuals who have access to the Central Repository (including the respective employees and consultants of the Participants and the Plan Processor, but excluding employees and Commissioners of the SEC) to agree: (1) to use appropriate safeguards to ensure the confidentiality of CAT Data stored in the Central Repository; and (2) not to use CAT Data stored in the Central Repository for purposes other than surveillance and regulation in accordance with such individual's employment duties; provided that a Participant will be permitted to use the [CAT] Raw Data it reports to the Central Repository for regulatory, surveillance, commercial or other purposes as permitted by applicable law, rule, or regulation;
(B) require all individuals who have access to the Central Repository (including the respective employees and consultants of the Participants and the Plan Processor, but excluding employees and Commissioners of the SEC) to execute a personal “Safeguard of Information Affidavit” in a form approved by the Operating Committee providing for personal liability for misuse of data;
(C) develop and maintain a comprehensive information security program with a dedicated staff for the Central Repository, consistent with Appendix D, Data Security, that employs state of the art technology, which program will be regularly reviewed by the Chief Compliance Officer and Chief Information Security Officer;
(D) implement and maintain a mechanism to confirm the identity of all individuals permitted to access the CAT Data stored in the Central Repository and maintain a record of all instances where such CAT Data was accessed; and
(E) implement and maintain appropriate policies regarding limitations on trading activities of its employees and independent contractors involved with all CAT Data consistent with Section 6.1(n).
(ii) Each Participant shall adopt and enforce policies and procedures that:
(A) implement effective information barriers between such Participant's regulatory and non-regulatory staff with regard to access and use of CAT Data stored in the Central Repository;
(B) permit only persons designated by Participants to have access to the CAT Data stored in the Central Repository; and
(C) impose penalties for staff non-compliance with any of its or the Plan Processor's policies or procedures with respect to information security.
(iii) Each Participant [and the Commission, as applicable,] shall as promptly as reasonably practicable, and in any event within 24 hours, report to the Chief Compliance Officer, in accordance with the guidance provided by the Operating Committee, any instance of which such Participant becomes aware of: (A) noncompliance with the policies and procedures adopted by such Participant pursuant to Section 6.5(e)(ii); or (B) a breach of the security of the CAT.
(iv) The Plan Processor shall:
(A) ensure data confidentiality and security during all communications between CAT Reporters and the Plan Processor, data extractions, manipulation and transformation, loading to and from the Central Repository and data maintenance by the Central Repository;
(B) require the establishment of secure controls for data retrieval and query reports by Participant regulatory staff [and the Commission]; and
(C) otherwise provide appropriate database security for the Central Repository.
(v) The Company shall endeavor to join the FS-ISAC and comparable bodies as the Operating Committee may determine.
(g) Participants Confidentiality Policies and Procedures. The Participants shall establish, maintain and enforce written policies and procedures reasonably designed to (1) ensure the confidentiality of the CAT Data obtained from the Central Repository; and (2) limit the use of CAT Data obtained from the Central Repository solely for surveillance and regulatory purposes. Each Participant shall periodically review the effectiveness of the policies and procedures required by this paragraph, and take prompt action to remedy deficiencies in such policies and procedures.
(h) A Participant may use the Raw Data it reports to the Central Repository for regulatory, surveillance, commercial or other purposes as otherwise not prohibited by applicable law, rule or regulation.
Section 6.6. [Regular] Written Assessments, Audits and Reports.
(a) One-Time Written Assessments and Reports. The Participants shall provide the SEC with the following written assessments, audits and reports:
(i) at least one (1) month prior to submitting a rule filing to establish initial fees for CAT Reporters, an independent audit of fees, costs, and expenses incurred by the Participants on behalf of the Company prior to the Effective Date of the Plan that will be publicly available;
(ii) within six (6) months of effectiveness of the Plan, an assessment of the clock synchronization standard, including consideration of industry standards based on the type of CAT Reporter, Industry Member and type of system, and propose any appropriate amendment based on this assessment;
(iii) within twelve (12) months of effectiveness of the Plan, a report detailing the Participants' consideration of coordinated surveillance (e.g., entering into 17d-2 agreements or regulatory services agreements);
(iv) within 24 months of effectiveness of the Plan, a report discussing the feasibility, benefits, and risks of allowing an Industry Member to bulk download the Raw Data it submitted to the Central Repository;
(v) within 36 months of effectiveness of the Plan, an assessment of errors in the customer information submitted to the Central Repository and whether to prioritize the correction of certain data fields over others;
(vi) within 36 months of effectiveness of the Plan, a report on the impact of tiered-fees on market liquidity, including an analysis of the impact of the tiered-fee structure on Industry Members' provision of liquidity; and
(vii) prior to the implementation of any Material Systems Change, an assessment of the projected impact of such Material Systems Change on the maximum Error Rate.
(b) Regular Written Assessment of the Plan Processor's Performance.
[(a)] (i) Requirement.
[(i)] (A) Annually [At least every two (2) years], or more frequently in connection with any review of the Plan Processor's performance under this Agreement pursuant to Section 6.1(n), the Participants shall provide the SEC with a written assessment of the operation of the CAT that meets the requirements of SEC Rule 613, Appendix D, and this Agreement.
[(ii)] (B) The Chief Compliance Officer shall oversee the assessment contemplated by Section 6.6 (b)(i)(A) [(a)(i)] and shall provide the Participants a reasonable time to review and comment upon such assessment prior to its submission to the SEC. In no case shall the written assessment be changed or amended in response to a comment by a Participant; rather, any comment by a Participant shall be provided to the SEC at the same time as the written assessment.
[(b)] (ii) Contents of Written Assessment. The annual written assessment required by this Section 6.6 shall include:
[(i)] (A) an evaluation of the performance of the CAT, including the items specified in SEC Rule 613(b)(6)(i) and other performance metrics identified by the Chief Compliance Officer, and a description of such metrics;
[(ii)] (B) a detailed plan, based on the evaluation conducted pursuant to Section 6.6(b)(i), for any potential improvements to the performance of the CAT with respect to the items specified in SEC Rule 613(b)(6)(ii) , as well as:
(1) an evaluation of potential technology upgrades based on a review of technological advancements over the preceding year, drawing on technological expertise whether internal or external;
(2) an evaluation of the time necessary to restore and recover CAT Data at a back-up site;
(3) an evaluation of the information security program to ensure that the program is consistent with the highest industry standards for the protection of data;
(4) an evaluation of how the Plan Processor and the Participants are monitoring Error Rates and to explore the imposition of Error Rates based on product, data elements or other criteria;
(5) a copy of the evaluation required by Section 6.8(c) as to whether industry standards have evolved such that: (i) the synchronization standard in Section 6.8(a) should be shortened; or (ii) the required time stamp in Section 6.8(b) should be in finer increments;
(6) an assessment of whether any data elements should be added, deleted or changed; and
(7) any other items identified and described by the Chief Compliance Officer;
[(iii)] (C) an estimate of the costs and benefits associated with any potential improvements to the performance of the CAT, including an assessment of the potential impact on competition, efficiency, [and] capital formation , and investor protection; and
[(iv)] (D) an estimated implementation timeline for any potential improvements to the performance of the CAT, if applicable.
Section 6.7. Implementation.
(a) Unless otherwise ordered by the SEC:
(i) within two (2) months after the Effective Date, the Participants shall jointly select the winning Shortlisted Bid and the Plan Processor pursuant to the process set forth in Article V. Following the selection of the Initial Plan Processor, the Participants shall file with the Commission a statement identifying the Plan Processor and including the information required by SEC Rule 608;
(ii) within four (4) months after the Effective Date, each Participant shall, and through its Compliance Rule shall require its Industry Members to, synchronize its or their Business Clocks as required by Section 6.8 and certify to the Chief Compliance Officer (in the case of Participants) or the applicable Participant (in the case of Industry Members) that such Participant has met this requirement;
(iii) within one (1) year after the Effective Date, each Participant shall report to the Central Repository Participant Data;
(iv) within fourteen (14) months after the Effective Date, each Participant shall implement a new or enhanced surveillance system(s) in accordance with Section 6.10;
(v) within two (2) years after the Effective Date, each Participant shall, through its Compliance Rule, require its Industry Members (other than Small Industry Members) to report to the Central Repository Industry Member Data; and
(vi) within three (3) years after the Effective Date, each Participant shall, through its Compliance Rule, require its Small Industry Members to report to the Central Repository Industry Member Data.
(b) The Chief Compliance Officer shall appropriately document objective milestones to assess progress toward the implementation of this Agreement.
(c) Industry Members and Participants shall be required to participate in testing with the Central Repository on a schedule to be determined by the Operating Committee.
(d) Appendix C, A Plan to Eliminate Existing Rules and Systems (SEC Rule 613(a)(1)(ix)), and Appendix D, Data Types and Sources, set forth additional implementation details concerning the elimination of rules and systems.
Section 6.8. Timestamps and Synchronization of Business Clocks.
(a) Each Participant shall:
(i) other than such Business Clocks used solely for Manual Order Events, synchronize its Business Clocks at a minimum to within [50 milliseconds] 100 microseconds of the time maintained by the National Institute of Standards and Technology, consistent with industry standards;
(ii) other than such Business Clocks used solely for Manual Order Events or the time of allocation on Allocation Reports, through its Compliance Rule, require its Industry Members to:
(A) synchronize their respective Business Clocks at a minimum to within fifty (50) milliseconds of the time maintained by the National Institute of Standards and Technology, and maintain such a synchronization;
(B) certify periodically (according to a schedule to be defined by the Operating Committee) that their Business Clocks meet the requirements of the Compliance Rule;
(C) and report to the Plan Processor and the Participant any violation of the Compliance Rule pursuant to the thresholds set by the Operating Committee; and
(iii) synchronize its Business Clocks and, through its Compliance Rule, require its Industry Members to synchronize their Business Clocks used solely for Manual Order Events at a minimum to within one second of the time maintained by the National Institute of Standards and Technology (“NIST”), consistent with industry standards, and maintain such synchronization. Each Participant shall require its Industry Members to certify periodically (according to a schedule defined by the Operating Committee) that their Business Clocks used solely for Manual Order Events meet the requirements of the Compliance Rule. The Compliance Rule of a Participant shall require its Industry Members using Business Clocks solely for Manual Order Events to report to the Plan Processor any violation of the Compliance Rule pursuant to the thresholds set by the Operating Committee.
(iv) through its Compliance Rule, require its Industry Members to synchronize their Business Clocks used solely for the time of allocation on Allocation Reports at a minimum to within one second of the time maintained by NIST, consistent with industry standards, and maintain such synchronization. Each Participant shall require its Industry Members to certify periodically (according to a schedule defined by the Operating Committee) that their Business Clocks used solely for the time of allocation on Allocation Reports meet the requirements of the Compliance Rule. The Compliance Rule of a Participant shall require its Industry Members using Business Clocks solely for the time of allocation on Allocation Reports to report to the Plan Processor any violation of the Compliance Rule pursuant to the thresholds set by the Operating Committee.
(b) Each Participant shall, and through its Compliance Rule shall require its Industry Members to, report information required by SEC Rule 613 and this Agreement to the Central Repository in milliseconds. To the extent that any Participant 's order handling or execution systems utilize[s] timestamps in increments finer than the minimum required in this Agreement, such Participant shall utilize such finer increment when reporting CAT Data to the Central Repository so that all Reportable Events reported to the Central Repository can be adequately sequenced. Each Participant shall, through its Compliance Rule: (i) require that, to the extent that its Industry Members utilize timestamps in increments finer than the minimum required in this Agreement in their order handling or execution systems, such Industry Members shall utilize such finer increment when reporting CAT Data to the Central Repository; and (ii) provide that a pattern or practice of reporting events outside of the required clock synchronization time period without reasonable justification or exceptional circumstances may be considered a violation of SEC Rule 613 and the CAT NMS Plan. Notwithstanding the preceding sentences, each Participant and Industry Member shall be permitted to record and report : (i) Manual Order Events to the Central Repository in increments up to and including one second, provided that Participants and Industry Members shall be required to record and report the time when a Manual Order Event has been captured electronically in an order handling and execution system of such Participant or Industry Member (“Electronic Capture Time”) in milliseconds ; and (ii) the time of allocation on Allocation Reports in increments up to and including one second.
(c) In conjunction with Participants' and other appropriate Industry Member advisory groups, the Chief Compliance Officer shall annually evaluate and make a recommendation to the Operating Committee as to whether industry standards have evolved such that: (i) the synchronization standard in Section 6.8(a) should be shortened; or (ii) the required time stamp in Section 6.8(b) should be in finer increments. Industry standards should be determined based on the type of CAT Reporter, Industry Member and type of system.
Section 6.9. Technical Specifications.
(a) Publication. The Plan Processor shall publish technical specifications that are at a minimum consistent with Appendices C and D, and updates thereto as needed, providing detailed instructions regarding the submission of CAT Data by Participants and Industry Members to the Plan Processor for entry into the Central Repository (collectively, the “Technical Specifications”). The Technical Specifications shall be made available on a publicly available web site to be developed and maintained by the Plan Processor. The initial Technical Specifications and any Material Amendments thereto shall be provided to the Operating Committee for approval by Supermajority Vote.
(b) Content. The Technical Specifications shall include a detailed description of the following:
(i) the specifications for the layout of files and records submitted to the Central Repository;
(ii) the process for the release of new data format specification changes;
(iii) the process for industry testing for any changes to data format specifications;
(iv) the procedures for obtaining feedback about and submitting corrections to information submitted to the Central Repository;
(v) each data element, including permitted values, in any type of report submitted to the Central Repository;
(vi) any error messages generated by the Plan Processor in the course of validating the data;
(vii) the process for file submissions (and re-submissions for corrected files);
(viii) the storage and access requirements for all files submitted;
(ix) metadata requirements for all files submitted to the CAT System;
(x) any required secure network connectivity;
(xi) data security standards, which shall, at a minimum: (A) satisfy all applicable regulations regarding database security, including provisions of Regulation Systems Compliance and Integrity under the Exchange Act (“Reg SCI”); (B) to the extent not otherwise provided for under this Agreement (including Appendix C hereto), set forth such provisions as may be necessary or appropriate to comply with SEC Rule 613(e)(4); and (C) comply with industry best practices; and
(xii) any other items reasonably deemed appropriate by the Plan Processor and approved by the Operating Committee.
(c) Amendments. Amendments to the Technical Specifications may be made only in accordance with this Section 6.9(c). For purposes of this Section 6.9(c), an amendment to the Technical Specifications shall be deemed “material” if it would require a Participant or an Industry Member to engage in significant changes to the coding necessary to submit information to the Central Repository pursuant to this Agreement or if it is required to safeguard the security or confidentiality of the CAT Data (“Material Amendment”).
(i) Except for Material Amendments to the Technical Specifications, the Plan Processor shall have the sole discretion to amend and publish interpretations regarding the Technical Specifications as needed in furtherance of the purposes and requirements of this Agreement. All non-Material Amendments made to the Technical Specifications and all published interpretations shall be provided to the Operating Committee in writing at least ten (10) days before being published. Such non-Material Amendments and published interpretations shall be deemed approved ten (10) days following provision to the Operating Committee unless two (2) unaffiliated Participants call for a vote to be taken on the proposed amendment or interpretation. If an amendment or interpretation is called out for a vote by two or more unaffiliated Participants, the proposed amendment must be approved by Majority Vote of the Operating Committee. Once a non-Material amendment has been approved, or deemed approved, by the Operating Committee, the Plan Processor shall be responsible for determining the specific changes to the Central Repository and providing technical documentation of those changes, including an implementation timeline.
(ii) The Operating Committee, by Supermajority Vote, shall approve any Material Amendments to the Technical Specifications.
(iii) The Operating Committee, by Supermajority Vote, may amend the Technical Specifications on its own motion.
Section 6.10. Surveillance.
(a) Surveillance Systems. Using the tools provided for in Appendix D, Functionality of the CAT System, each Participant shall develop and implement a surveillance system, or enhance existing surveillance systems, reasonably designed to make use of the consolidated information contained in the Central Repository. Unless otherwise ordered by the SEC, within fourteen (14) months after the Effective Date, each Participant shall initially implement a new or enhanced surveillance system(s) as required by SEC Rule 613 and the preceding sentence.
(b) Coordinated Surveillance. Participants may, but are not required to, coordinate or share surveillance efforts through the use of regulatory services agreements and agreements adopted pursuant to SEC Rule 17d-2.
(c) Use of CAT Data by Regulators.
(i) Consistent with Appendix D, Functionality of the CAT System, the Plan Processor shall provide Participants and the SEC with access to all CAT Data stored in the Central Repository. Regulators will have access to processed CAT Data through two different methods; an online targeted query tool, and user-defined direct queries and bulk extracts.
(A) The online targeted query tool will provide authorized users with the ability to retrieve CAT Data via an online query screen that includes the ability to choose from a variety of pre-defined selection criteria. Targeted queries must include date(s) and/or time range(s), as well as one or more of a variety of fields.
(B) The user-defined direct queries and bulk extracts will provide authorized users with the ability to retrieve CAT Data via a query tool or language that allows users to query all available attributes and data sources.
(ii) Extraction of CAT Data shall be consistent with all permission rights granted by the Plan Processor. All CAT Data returned shall be encrypted, and PII data shall be masked unless users have permission to view the CAT Data that has been requested.
(iii) The Plan Processor shall implement an automated mechanism to monitor direct query usage. Such monitoring shall include automated alerts to notify the Plan Processor of potential issues with bottlenecks or excessively long queues for queries or CAT Data extractions. The Plan Processor shall provide the Operating Committee or its designee(s) details as to how the monitoring will be accomplished and the metrics that will be used to trigger alerts.
(iv) The Plan Processor shall reasonably assist regulatory staff (including those of Participants) with creating queries.
(v) Without limiting the manner in which regulatory staff (including those of Participants) may submit queries, the Plan Processor shall submit queries on behalf of a regulatory staff (including those of Participants) as reasonably requested.
(vi) The Plan Processor shall staff a CAT help desk, as described in Appendix D, CAT Help Desk, to provide technical expertise to assist regulatory staff (including those of Participants) with questions about the content and structure of the CAT Data.
Section 6.11. Debt Securities and Primary Market Transactions. Unless otherwise ordered by the Commission, within six (6) months after the Effective Date, the Participants shall jointly provide to the SEC a document outlining how the Participants could incorporate into the CAT information with respect to equity securities that are not NMS Securities or OTC Equity Securities, including Primary Market Transactions in securities that are not NMS Securities or OTC Equity Securities and in debt securities, which document shall include details for each order and Reportable Event that may be required to be provided, which market participants may be required to provide the data, the implementation timeline, and a cost estimate.
Section 6.12. Information Security Program. The Plan Processor shall develop and maintain a comprehensive information security program for the Central Repository, to be approved and reviewed at least annually by the Operating Committee, and which contains at a minimum the specific requirements detailed in Appendix D, Data Security.
ARTICLE VII
INTENTIONALLY OMITTED
[CAPITAL ACCOUNTS]
[Section 7.1 Capital Accounts.]
[(a) A separate capital account (“Capital Account”) shall be established and maintained by the Company for each Participant in accordance with § 704(b) of the Code and Treasury Regulation § 1.704-1 (b)(2)(iv). There shall be credited to each Participant's Capital Account the capital contributions (at fair market value in the case of contributed property) made by such Participant (which shall be deemed to be zero for the initial Participants), and allocations of Company profits and gain (or items thereof) to such Participant pursuant to Article VIII (excluding those allocated in Section 8.3). Each Participant's Capital Account shall be decreased by the amount of distributions (at fair market value in the case of property distributed in kind) to such Participant, and allocations of Company losses to such Participant pursuant to Article VIII (including expenditures which can neither be capitalized nor deducted for tax purposes, organization and syndication expenses not subject to amortization and loss on sale or disposition of Company property, whether or not disallowed under §§ 267 or 707 of the Code). Capital Accounts shall not be adjusted to reflect a Participant's share of liabilities under § 752 of the Code.]
[(b) If, following the date hereof, money or property is contributed to the Company in other than a de minimis amount in exchange for an equity interest in the Company (which shall not include the Participation Fee paid by a new Participant pursuant to Section 3.3, which is not treated as a contribution to capital), or money or property is distributed to a Participant in exchange for an interest in the Company but the Company is not liquidated, the Capital Accounts of the Participants shall be adjusted based on the fair market value of Company property at the time of such contribution or distribution and the unrealized income, gain, loss, or deduction inherent in the Company property which has not previously been reflected in the Capital Accounts shall be allocated among the Participants as if there had been a taxable disposition of the Company property at its fair market value on such date. The fair market value of contributed, distributed, or revalued property shall be approved by the Operating Committee or, if there is no such agreement, by an appraisal by an independent third party valuation firm selected by the Operating Committee by Majority Vote.]
[(c) The foregoing provisions and the other provisions of this Agreement relating to the maintenance of Capital Accounts are intended to comply with Treasury Regulation § 1.704-1(b) promulgated under § 704(b) of the Code, and shall be interpreted and applied in a manner consistent with such Regulations.]
[Section 7.2 Interest. Except as otherwise provided herein, no Participant shall be entitled to receive interest on amounts in its Capital Account.]
ARTICLE VIII
TAX STATUS
[ALLOCATIONS OF INCOME AND LOSS; DISTRIBUTIONS]
[Section 8.1 Periodic Allocations. As of the end of each calendar quarter or such other period selected by the Operating Committee, the net profit or net loss of the Company (and each item of income, gain, loss, deduction, and credit for federal income tax purposes) for the period shall be determined, and in the event the book value of any Company property is adjusted pursuant to Treasury Regulation § 1.704-1(b)(2)(iv)(f), net profit, net losses and items thereof shall be determined as provided in Treasury Regulation § 1.704-1(b)(2)(iv)(g). Except as provided in Section 8.2, such net profit or net loss (and each item of income, gain, loss, deduction, and credit) shall be allocated equally among the Participants.]
[Section 8.2 Special Allocations. Notwithstanding Section 8.1, this Agreement shall be deemed to contain, and the allocations of net profit and net loss as set forth in Section 8.1 shall be subject to, each of the following: (a) a “qualified income offset” as described in Treasury Regulation § 1.704-1(b)(2)(ii)(d); (b) a “partnership minimum gain chargeback” as described in Treasury Regulation § 1.704-2(f); and (c) a “partner non-recourse debt minimum gain chargeback” as described in Treasury Regulation § 1.704-2(i)(4). The Participants intend that the allocations required to be made pursuant to Section 8.1 and this Section 8.2 shall satisfy the requirements of § 704(b) of the Code and the Treasury Regulations promulgated thereunder. Without the consent of the Participants, the Operating Committee shall have the power to interpret and amend the provisions of Section 8.1 and this Section 8.2 in the manner necessary to ensure such compliance; provided that such amendments shall not change the amounts distributable to a Participant pursuant to this Agreement.]
[Section 8.3 Allocations Pursuant to § 704(c) of the Code. In accordance with § 704(c) of the Code and the Treasury Regulations promulgated thereunder, income, gain, loss, and deduction with respect to any property contributed to the capital of the Company shall, solely for tax purposes, be allocated among the Participants so as to take account of any variation between the adjusted basis of such property to the Company for federal income tax purposes and its initial fair market value. In the event the book value of any Company property is adjusted pursuant to Treasury Regulation § 1.704-1(b)(2)(iv)(f), allocations of income, gain, loss, and deduction with respect to such asset shall take account of any variation between the adjusted basis of such asset for federal income tax purposes and its adjusted book value in the same manner as under § 704(c) of the Code and the Treasury Regulations promulgated thereunder. Such allocations shall be made by the Operating Committee using the “traditional method” set forth in Treasury Regulation § 1.704-3(b). Allocations pursuant to this Section 8.3 are solely for purposes of federal, state, and local taxes and shall not affect, or in any way be taken into account in computing, any Participant's share of distributions pursuant to any provision of this Agreement.]
[Section 8.4 Changes in Participants' Interests. If during any fiscal period of the Company there is a change in any Participant's Company Interest as a result of the admission or withdrawal of one or more Participants, the net profit, net loss or any other item allocable to the Participants under this Article VIII for the period shall be allocated among the Participants so as to reflect their varying interests in the Company during the period. In the event that the change in the Company Interests of the Participants results from the admission or withdrawal of a Participant, the allocation of net profit, net loss, or any other item allocable among the Participants under this Article VIII shall be made on the basis of an interim closing of the Company's books as of each date on which a Participant is admitted to or withdraws from the Company; provided that the Company may use interim closings of the books as of the end of the month preceding and the month of the admission or withdrawal, and prorate the items for the month of withdrawal on a daily basis, unless the Operating Committee determines that such an allocation would be materially unfair to any Participant. In the event that the change in the Company Interests of the Participants results from a Transfer of all or any portion of a Company Interest by a Participant, the net profit, net loss, or any other items allocable among the Participants under this Article VIII shall be determined on a daily, monthly, or other basis, as determined by the Operating Committee using any permissible method under § 706 of the Code and the Treasury Regulations promulgated thereunder.]
[Section 8.5 Distributions.]
[(a) Subject to Section 10.2, cash and property of the Company shall not be distributed to the Participants unless the Operating Committee approves by Supermajority Vote (subject to § 18-607 of the Delaware Act) a distribution after fully considering the reason that such distribution must or should be made to the Participants, including the circumstances contemplated under Section 8.3, Section 8.6, and Section 9.3. To the extent a distribution is made, all Participants shall participate equally in any such distribution except as otherwise provided in Section 10.2.]
[(b) No Participant shall have the right to require any distribution of any assets of the Company in kind. If any assets of the Company are distributed in kind, such assets shall be distributed on the basis of their fair market value net of any liabilities as reasonably determined by the Operating Committee. Any Participant entitled to any interest in such assets shall, unless otherwise determined by the Operating Committee, receive separate assets of the Company and not an interest as a tenant-in-common with other Participants so entitled in any asset being distributed.]
[Section 8.6 Tax Status.]
[(a)] The Company intends to operate in a manner such that it qualifies as a “business league” within the meaning of Section 501(c)(6) of the Code. The Operating Committee [by Supermajority Vote, without the consent of any Participant, may] shall cause the Company to: (i) make an election to be treated as a corporation for U.S. federal income tax purposes by filing Form 8832 with the Internal Revenue Service effective as of the date of formation and (ii) file with the Internal Revenue Service, Form 1024, Application for Recognition of Exemption under Section 501(a) to[; or (ii)] be treated as a [“trade association”] “business league” as described in [§ ] Section 501(c)(6) of the Code.
[(b) If the Company so elects to be taxed as a corporation or is treated as a “trade association” as described in § 501(c)(6) of the Code, it shall continue to maintain Capital Accounts in the manner provided in this Agreement, consistent with provisions of § 704 of the Code, to determine the economic rights of the Participants under this Agreement, notwithstanding that it is not taxed as a partnership for U.S. federal income tax purposes, as interpreted by the Operating Committee and the Company's counsel in a manner to preserve the economic rights and obligations of the Participants under this Agreement. Sections 8.2, 8.3 and 9.5 shall not be applicable with respect to any period during with the Company is treated as a corporation for U.S. federal income tax purposes; provided, however, if the Company is initially treated as a partnership for U.S. federal income tax purposes and has made allocations under Section 8.2, it shall adjust the Capital Accounts to reflect the amount the Capital Accounts would have been had all allocations been made pursuant to Section 8.1.]
ARTICLE IX
RECORDS AND ACCOUNTING; REPORTS
Section 9.1. Books and Records. The Company shall maintain complete and accurate books and records of the Company in accordance with SEC Rule 17a-1, which shall be maintained and be available, in addition to any documents and information required to be furnished to the Participants under the Act, at the office of the Plan Processor and/or such other location(s) as may be designated by the Company for examination and copying by any Participant or its duly authorized representative, at such Participant's reasonable request and at its expense during ordinary business hours for any purpose reasonably related to such Participant's involvement with the CAT NMS Plan, including for compliance and other regulatory purposes, and in compliance with such other conditions as may be reasonably established by the Operating Committee. For the avoidance of doubt, all CAT Data and other books and records of the Company shall be the property of the Company, rather than the Plan Processor, and, to the extent in the possession or control of the Plan Processor, shall be made available by the Plan Processor to the Commission upon [reasonable] request. Except as provided in this Section 9.1 or required by non-waivable provisions of applicable law, no Participant shall have any right to examine or copy any of the books and records of the Company.
Section 9.2. Accounting.
(a) Except as provided in [Section 9.2(b) and] Section 9.3, the Operating Committee shall maintain a system of accounting established and administered in accordance with GAAP [(or other standard if determined appropriate by the Operating Committee)], and all financial statements or information that may be supplied to the Participants shall be prepared in accordance with GAAP (except that unaudited statements shall be subject to year-end adjustments and need not include footnotes) [(or other standard if determined appropriate by the Operating Committee)]. [To the extent the Operating Committee determines it advisable, the] The Company shall prepare and provide to each Participant (1) within 30 days after the end of each calendar month, an unaudited balance sheet, income statement, statement of cash flows and statement of changes in [each Participant's Capital Account] equity for, or as of the end of, (x) such month and (y) the portion of the then current Fiscal Year ending at the end of such month ; and (2) as soon as practicable after the end of each Fiscal Year, a[n audited] balance sheet, income statement, statement of cash flows and statement of changes in [each Participant's Capital Account] equity for, or as of the end of, such year , audited by an independent public accounting firm (which audited balance sheet, income statement, statement of cash flows and statement of changes in equity contemplated by this Section 9.2(a) shall be made publicly available). The Fiscal Year shall be the calendar year unless otherwise determined by the Operating Committee.
[(b) Assets received by the Company as capital contributions shall be recorded at their fair market values, and the Capital Account maintained for each Participant shall comply with Treasury Regulations § 1.704-1(b)(2)(iv) promulgated under § 704(b) of the Code. In the event fair market values for certain assets of the Company are not determined by appraisals, the fair market value for such assets shall be reasonably agreed to among the Participants as if in arm's-length negotiations.]
[(c)] (b) In all other respects, [All] matters concerning accounting procedures shall be determined by the Operating Committee.
Section 9.3. Tax Returns. The Operating Committee shall cause federal, state, provincial, and local income tax returns for the Company to be prepared and timely filed with the appropriate authorities. [If the Company is taxed as a partnership, it shall arrange for the timely delivery to the Participants of such information as is necessary for such Participants to prepare their federal, state and local tax returns.]
Section 9.4. Company Funds. Pending use in the business of the Company or distribution to the Participants, the funds of the Company shall be held and/or invested in accordance with the then effective cash management and investment policy adopted by the Operating Committee.
Section 9.5 [Tax Matters Partner.] Intentionally Omitted.
[(a) A Participant designated by the Operating Committee shall serve as the “Tax Matters Partner” of the Company for all purposes pursuant to §§ 6221-6231 of the Code. As Tax Matters Partner, the Tax Matters Partner shall: (i) furnish to each Participant affected by an audit of the Company income tax returns a copy of each notice or other communication received from the Internal Revenue Service or applicable state authority (except such notices or communications as are sent directly to the Participant); (ii) keep such Participant informed of any administrative or judicial proceeding, as required by § 6623(g) of the Code; (iii) allow each such Participant an opportunity to participate in all such administrative and judicial proceedings; and (iv) advise and consult with each such Participant as to proposed adjustments to the federal or state income tax returns of the Company.]
[(b) The Tax Matters Partner, as such, shall not have the authority to: (i) enter into a settlement agreement with the Internal Revenue Service that purports to bind any Participant, without the written consent of such Participant; or (ii) enter into an agreement extending the period of limitations as contemplated in § 6229(b)(1)(B) of the Code without the prior approval of the Operating Committee.]
[(c) The Company shall not be obligated to pay any fees or other compensation to the Tax Matters Partner in its capacity as such, but may pay compensation to the Tax Matters Partner for services rendered to the Company in any other capacity. However, the Company shall reimburse the Tax Matters Partner for any and all out-of-pocket costs and expenses (including reasonable attorneys and other professional fees) incurred by it in its capacity as Tax Matters Partner. The Company shall indemnify, defend and hold the Tax Matters Partner harmless from and against any loss, liability, damage, costs or expense (including reasonable attorneys' fees) sustained or incurred as a result of any act or decision concerning Company tax matters and within the scope of such Participant's responsibilities as Tax Matters Partner, so long as such act or decision does not constitute gross negligence or willful misconduct.]
Section 9.6. Confidentiality.
(a) For purposes of this Agreement, “Information” means information disclosed by or on behalf of the Company or a Participant (the “Disclosing Party”) to the Company or any other Participant (the “Receiving Party”) in connection with this Agreement or the CAT System, but excludes any CAT Data or information otherwise disclosed pursuant to the requirements of SEC Rule 613. The Receiving Party agrees to maintain the Information in confidence with the same degree of care it holds its own confidential information (but in any event not less than reasonable care). A Receiving Party may only disclose Information to its Representatives (as defined below) on a need-to-know basis, and only to those of such Representatives whom shall have agreed to abide by the non-disclosure and non-use provisions in this Section 9.6. Each Receiving Party that is a Participant agrees that he, she or it shall not use for any purpose, other than in connection with the operation of the Company, and the Company agrees not to use for any purpose not expressly authorized by the Disclosing Party, any Information. The “Representatives” of a Person are such Person's Affiliates and the respective directors, managers, officers, employees, consultants, advisors and agents of such Person and such Person's Affiliates; provided, however, that a Participant is not a Representative of the Company. The obligations set forth in this Section 9.6(a) shall survive indefinitely (including after a Participant ceases to hold any Company Interest) but shall not apply to: (i) any Information that was already lawfully in the Receiving Party's possession and, to the knowledge of the Receiving Party, free from any confidentiality obligation to the Disclosing Party at the time of receipt from the Disclosing Party; (ii) any Information that is, now or in the future, public knowledge through no act or omission in breach of this Agreement by the Receiving Party; (iii) any Information that was lawfully obtained from a third party having, to the knowledge of the Receiving Party, the right to disclose it free from any obligation of confidentiality; or (iv) any Information that was independently developed by the Receiving Party prior to disclosure to it pursuant hereto and without recourse to or reliance upon Information disclosed to it pursuant hereto as established by its written records or other competent evidence. The obligations set forth in this Section 9.6(a) shall not restrict: (x) disclosures that are, in the opinion of the Receiving Party after consultation with counsel; required to be made by applicable laws and regulations, stock market or exchange requirements or the rules of any self-regulatory organization having jurisdiction; (y) disclosures required to be made pursuant to an order, subpoena or legal process; or (z) disclosures reasonably necessary for the conduct of any litigation or arbitral proceeding among the Participants (and their respective Representatives) and/or the Company; provided that the Receiving Party shall, to the extent not prohibited by applicable law, notify the Disclosing Party prior to making any disclosure permitted by the foregoing clause (x) or clause (y), and, in the case of a disclosure permitted by the foregoing clause (y), shall consult with the Disclosing Party with respect to such disclosure, and prior to making such disclosure, to the extent not prohibited by applicable law, shall permit the Disclosing Party, at such Disclosing Party's cost and expense, to seek a protective order or similar relief protecting the confidentiality of such Information.
(b) The Company shall not, and shall cause its Representatives not to, disclose any Information of a Participant to any other Participant without the prior written approval of the disclosing Participant.
(c) A Participant shall be free, in its own discretion, to share Information of such Participant to other Participants without the approval of the Company.
ARTICLE X
DISSOLUTION AND TERMINATION
Section 10.1. Dissolution of Company. The Company shall, subject to the SEC's approval, dissolve and its assets and business shall be wound up upon the occurrence of any of the following events:
(a) unanimous written consent of the Participants to dissolve the Company;
(b) an event that makes it unlawful or impossible for the Company business to be continued;
(c) the termination of one or more Participants such that there is only one remaining Participant; or
(d) the entry of a decree of judicial dissolution under Section 18-802 of the Delaware Act.
Section 10.2. Liquidation and Distribution. Following the occurrence of an event described in Section 10.1, the Operating Committee shall act as liquidating trustee and shall wind up the affairs of the Company by: (a) selling its assets in an orderly manner (so as to avoid the loss normally associated with forced sales); and (b) applying and distributing the proceeds of such sale, together with other funds held by the Company: (i) first, to the payment of all debts and liabilities of the Company; (ii) second, to the establishments of any reserves reasonably necessary to provide for any contingent recourse liabilities and obligations; and (iii) third, to [the Participants in proportion to the balances in their positive Capital Accounts (after such Capital Accounts have been adjusted for all items of income, gain, deduction, loss and items thereof in accordance with Article VII through the date of the such distribution) at the date of such distribution] such persons or institutions as is consistent with the purposes of the Company and consistent with Section 501(c)(6) of the Code.
Section 10.3. Termination. Each of the Participants shall be furnished with a statement prepared by the Company's independent accountants, which shall set forth the assets and liabilities of the Company as of the date of the final distribution of the Company's assets under Section 10.2 and the net profit or net loss for the fiscal period ending on such date. Upon compliance with the distribution plan set forth in Section 10.2, the Participants shall cease to be such, and the liquidating trustee shall execute, acknowledge, and cause to be filed a certificate of cancellation of the Company. Upon completion of the dissolution, winding up, liquidation and distribution of the liquidation proceeds, the Company shall terminate.
ARTICLE XI
FUNDING OF THE COMPANY
Section 11.1. Funding Authority.
(a) On an annual basis the Operating Committee shall approve an operating budget for the Company. The budget shall include the projected costs of the Company, including the costs of developing and operating the CAT for the upcoming year, and the sources of all revenues to cover such costs, as well as the funding of any reserve that the Operating Committee reasonably deems appropriate for prudent operation of the Company.
(b) Subject to Section 11.2, the Operating Committee shall have discretion to establish funding for the Company, including: (i) establishing fees that the Participants shall pay; and (ii) establishing fees for Industry Members that shall be implemented by Participants. The Participants shall file with the SEC under Section 19(b) of the Exchange Act any such fees on Industry Members that the Operating Committee approves, and such fees shall be labeled as “Consolidated Audit Trail Funding Fees.”
(c) To fund the development and implementation of the CAT, the Company shall time the imposition and collection of all fees on Participants and Industry Members in a manner reasonably related to the timing when the Company expects to incur such development and implementation costs. In determining fees on Participants and Industry Members the Operating Committee shall take into account fees, costs and expenses (including legal and consulting fees and expenses) incurred by the Participants on behalf of the Company prior to the Effective Date in connection with the creation and implementation of the CAT, and such fees, costs and expenses shall be fairly and reasonably shared among the Participants and Industry Members. Any surplus of the Company's revenues over its expenses shall be treated as an operational reserve to offset future fees.
(d) Consistent with this Article XI, the Operating Committee shall adopt policies, procedures, and practices regarding the budget and budgeting process, assignment of tiers, resolution of disputes, billing and collection of fees, and other related matters. For the avoidance of doubt, as part of its regular review of fees for the CAT, the Operating Committee shall have the right to change the tier assigned to any particular Person in accordance with fee schedules previously filed with the Commission that are reasonable, equitable and not unfairly discriminatory and subject to public notice and comment, pursuant to this Article XI. Any such changes will be effective upon reasonable notice to such Person.
Section 11.2. Funding Principles. In establishing the funding of the Company, the Operating Committee shall seek:
(a) to create transparent, predictable revenue streams for the Company that are aligned with the anticipated costs to build, operate and administer the CAT and the other costs of the Company;
(b) to establish an allocation of the Company's related costs among Participants and Industry Members that is consistent with the Exchange Act, taking into account the timeline for implementation of the CAT and distinctions in the securities trading operations of Participants and Industry Members and their relative impact upon Company resources and operations;
(c) to establish a tiered fee structure in which the fees charged to: (i) CAT Reporters that are Execution Venues, including ATSs, are based upon the level of market share; (ii) Industry Members' non-ATS activities are based upon message traffic; and (iii) the CAT Reporters with the most CAT-related activity (measured by market share and/or message traffic, as applicable) are generally comparable (where, for these comparability purposes, the tiered fee structure takes into consideration affiliations between or among CAT Reporters, whether Execution Venues and/or Industry Members).
(d) to provide for ease of billing and other administrative functions;
(e) to avoid any disincentives such as placing an inappropriate burden on competition and a reduction in market quality; and
(f) to build financial stability to support the Company as a going concern.
Section 11.3. Recovery.
(a) The Operating Committee will establish fixed fees to be payable by Execution Venues as provided in this Section 11.3(a):
(i) Each Execution Venue that: (A) executes transactions; or (B) in the case of a national securities association, has trades reported by its members to its trade reporting facility or facilities for reporting transactions effected otherwise than on an exchange, in NMS Stock s or OTC Equity Securities will pay a fixed fee depending on the market share of that Execution Venue in NMS Stock s and OTC Equity Securities, with the Operating Committee establishing at least two and no more than five tiers of fixed fees, based on an Execution Venue's NMS Stock s and OTC Equity Securities market share. For these purposes, market share for Execution Venues that execute transactions will be calculated by share volume , and market share for a national securities association that has trades reported by its members to its trade reporting facility or facilities for reporting transactions effected otherwise than on an exchange in NMS Stocks or OTC Equity Securities will be calculated based on share volume of trades reported, provided, however, that the share volume reported to such national securities association by an Execution Venue shall not be included in the calculation of such national security association's market share.
(ii) Each Execution Venue that executes transactions in Listed Options will pay a fixed fee depending on the Listed Options market share of that Execution Venue, with the Operating Committee establishing at least two and no more than five tiers of fixed fees, based on an Execution Venue's Listed Options market share. For these purposes, market share will be calculated by contract volume.
(b) The Operating Committee will establish fixed fees to be payable by Industry Members, based on the message traffic generated by such Industry Member, with the Operating Committee establishing at least five and no more than nine tiers of fixed fees, based on message traffic. For the avoidance of doubt, the fixed fees payable by Industry Members pursuant to this paragraph shall, in addition to any other applicable message traffic, include message traffic generated by: (i) an ATS that does not execute orders that is sponsored by such Industry Member; and (ii) routing orders to and from any ATS sponsored by such Industry Member.
(c) The Operating Committee may establish any other fees ancillary to the operation of the CAT that it reasonably determines appropriate, including fees: (i) for the late or inaccurate reporting of information to the CAT; (ii) for correcting submitted information; and (iii) based on access and use of the CAT for regulatory and oversight purposes (and not including any reporting obligations).
(d) The Company shall make publicly available a schedule of effective fees and charges adopted pursuant to this Agreement as in effect from time to time. The Operating Committee shall review such fee schedule on at least an annual basis and shall make any changes to such fee schedule that it deems appropriate. The Operating Committee is authorized to review such fee schedule on a more regular basis, but shall not make any changes on more than a semi-annual basis unless, pursuant to a Supermajority Vote, the Operating Committee concludes that such change is necessary for the adequate funding of the Company.
Section 11.4. Collection of Fees. The Operating Committee shall establish a system for the collection of fees authorized under this Article XI. The Operating Committee may include such collection responsibility as a function of the Plan Processor or another administrator. Alternatively, the Operating Committee may use the facilities of a clearing agency registered under Section 17A of the Exchange Act to provide for the collection of such fees. Participants shall require each Industry Member to pay all applicable fees authorized under this Article XI within thirty (30) days after receipt of an invoice or other notice indicating payment is due (unless a longer payment period is otherwise indicated). If an Industry Member fails to pay any such fee when due (as determined in accordance with the preceding sentence), such Industry Member shall pay interest on the outstanding balance from such due date until such fee is paid at a per annum rate equal to the lesser of: (a) the Prime Rate plus 300 basis points; or (b) the maximum rate permitted by applicable law. Each Participant shall pay all applicable fees authorized under this Article XI as required by Section 3.7(b).
Section 11.5. Fee Disputes. Disputes with respect to fees the Company charges Participants pursuant to this Article XI shall be determined by the Operating Committee or a Subcommittee designated by the Operating Committee. Decisions by the Operating Committee or such designated Subcommittee on such matters shall be binding on Participants, without prejudice to the rights of any Participant to seek redress from the SEC pursuant to SEC Rule 608 or in any other appropriate forum. The Participants shall adopt rules requiring that disputes with respect to fees charged to Industry Members pursuant to this Article XI be determined by the Operating Committee or a Subcommittee. Decisions by the Operating Committee or Subcommittee on such matters shall be binding on Industry Members, without prejudice to the rights of any Industry Member to seek redress from the SEC pursuant to SEC Rule 608 or in any other appropriate forum.
ARTICLE XII
MISCELLANEOUS
Section 12.1. Notices and Addresses. All notices required to be given under this Agreement shall be in writing and may be delivered by certified or registered mail, postage prepaid, by hand, or by any private overnight courier service. Such notices shall be mailed or delivered to the Participants at the addresses set forth on Exhibit A to this Agreement or such other address as a Participant may notify the other Participants of in writing. Any notices to be sent to the Company shall be delivered to the principal place of business of the Company or at such other address as the Operating Committee may specify in a notice sent to all of the Participants. Notices shall be effective: (i) if mailed, on the date three (3) days after the date of mailing; or (ii) if hand delivered or delivered by private courier, on the date of delivery.
Section 12.2. Governing Law; Submission to Jurisdiction. This Agreement shall be governed by and construed in accordance with the Delaware Act and internal laws and decisions of the State of Delaware without giving effect to any choice or conflict of law provision or rule (whether of the State of Delaware or any other jurisdiction) that would cause the application of laws of any jurisdictions other than those of the State of Delaware; provided that the rights and obligations of the Participants, Industry Members and other Persons contracting with the Company in respect of the matters covered by this Agreement shall at all times also be subject to any applicable provisions of the Exchange Act and any rules and regulations promulgated thereunder. Each of the Company and the Participants: (a) consents to submit itself to the exclusive personal jurisdiction of the Court of Chancery of the State of Delaware, New Castle County, or, if that court does not have jurisdiction, a federal court sitting in Wilmington, Delaware in any action or proceeding arising out of or relating to this Agreement or any of the transactions contemplated by this Agreement; (b) agrees that all claims in respect of such action or proceeding shall be heard and determined only in any such court; (c) agrees that it shall not attempt to deny or defeat such personal jurisdiction by motion or other request for leave from any such court; and (d) agrees not to bring any action or proceeding arising out of or relating to this Agreement or any of the transaction contemplated by this Agreement in any other court. Each of the Company and the Participants waives any defense of inconvenient forum to the maintenance of any action or proceeding so brought and waives any bond, surety or other security that might be required of any other Person with respect thereto. The Company or any Participant may make service on the Company or any other Participant by sending or delivering a copy of the process to the party to be served at the address and in the manner provided for the giving of notices in Section 12.1. Nothing in this Section 12.2, however, shall affect the right of any Person to serve legal process in any other manner permitted by law.
Section 12.3. Amendments. Except as provided by Section 3.3, Section 3.4, Section 3.7, and Section 5.3, [and Section 8.2,] this Agreement may be amended from time to time only by a written amendment authorized by the affirmative vote of not less than two-thirds of all of the Participants or with respect to Section 3.8 by the affirmative vote of all of the Participants, in each case that has been approved by the SEC pursuant to SEC Rule 608 or has otherwise become effective under SEC Rule 608. Notwithstanding the foregoing or anything else to the contrary, to the extent the SEC grants exemptive relief applicable to any provision of this Agreement, Participants and Industry Members shall be entitled to comply with such provision pursuant to the terms of the exemptive relief so granted at the time such relief is granted irrespective of whether this Agreement has been amended.
Section 12.4. Successors and Assigns. Subject to the restrictions on Transfers set forth herein, this Agreement: (a) shall be binding upon, and inure to the benefit of, the Company and the Participants, and their respective successors and permitted assigns; and (b) may not be assigned except in connection with a Transfer of Company Interests permitted hereunder.
Section 12.5. Counterparts. This Agreement may be executed in multiple counterparts, each of which shall be deemed an original, but all of which shall constitute one instrument. Any counterpart may be delivered by facsimile transmission or by electronic communication in portable document format (.pdf) or tagged image format (.tif), and the parties hereto agree that their electronically transmitted signatures shall have the same effect as manually transmitted signatures.
Section 12.6. Modifications to be in Writing; Waivers. This Agreement constitutes the entire understanding of the parties hereto with respect to the subject matter hereof, and no amendment, modification or alteration shall be binding unless the same is in writing and adopted in accordance with Section 12.3. No waiver of any provision of this Agreement shall be valid unless the same shall be in writing and signed by each Person granting the waiver. No waiver by any Person of any default or breach hereunder, whether intentional or not, shall be deemed to extend to any prior or subsequent default or breach or affect in any way any rights arising by virtue of any prior or subsequent such occurrence.
Section 12.7. Captions. The captions are inserted for convenience of reference only and shall not affect the construction of this Agreement.
Section 12.8. Validity and Severability. If any provision of this Agreement shall be held invalid or unenforceable, that shall not affect the validity or enforceability of any other provisions of this Agreement, all of which shall remain in full force and effect. If the final judgment of a court of competent jurisdiction declares that any term or provision hereof is invalid or unenforceable, each of the Company and the Participants agrees that the body making the determination of invalidity or unenforceability shall have the power to reduce the scope, duration or area of the term or provision, to delete specific words or phrases, or to replace any invalid or unenforceable term or provision with a term or provision that is valid and enforceable and that comes closest to expressing the intention of the invalid or unenforceable term or provision, and this Agreement shall be enforceable as so modified.
Section 12.9. Third Party Beneficiaries. Except to the extent provided in any separate written agreement between the Company and another Person, the provisions of this Agreement are not intended to be for the benefit of any creditor or other Person (other than a Participant in its capacity as such) to whom any debts, liabilities or obligations are owed by (or who otherwise has any claim against) the Company or any Participants. Moreover, notwithstanding anything contained in this Agreement (but subject to the immediately following sentence), no such creditor or other Person shall obtain any rights under this Agreement or shall, by reason of this Agreement, make any claim in respect of any debt, liability or obligation (or otherwise) against the Company or any Participant. Notwithstanding the foregoing provisions of this Section 12.9, each Person entitled to indemnification under Section 4.8 that is not a party to this Agreement shall be deemed to be an express third party beneficiary of this Agreement for all purposes relating to such Person's indemnification and exculpation rights hereunder.
Section 12.10. Expenses. Except as may be otherwise specifically provided to the contrary in this Agreement, including in Article XI, or as may be otherwise determined by the Operating Committee, each of the Company and the Participants shall bear its own internal costs and expenses incurred in connection with this Agreement, including those incurred in connection with all periodic meetings of the Participants or the Operating Committee, and the transactions contemplated hereby.
Section 12.11. Specific Performance. Each of the Company and the Participants acknowledges and agrees that one or more of them would be damaged irreparably in the event any of the provisions of this Agreement are not performed in accordance with their specific terms or otherwise are breached. Accordingly, each such Person agrees that each other such Person may be entitled to an injunction or injunctions to prevent breaches of the provisions of this Agreement and to enforce specifically this Agreement and the terms and provisions hereof in any action instituted in any court having jurisdiction over the Parties and the matter, in each case with no need to post bond or other security.
Section 12.12. Waiver of Partition. Each Participant agrees that irreparable damage would be done to the Company if any Participant brought an action in court to partition the assets or properties of the Company. Accordingly, each Participant agrees that such Person shall not, either directly or indirectly, take any action to require partition or appraisal of the Company or of any of the assets or properties of the Company, and notwithstanding any provisions of this Agreement to the contrary, each Participant (and such Participant's successors and permitted assigns) accepts the provisions of this Agreement as such Person's sole entitlement on termination, dissolution and/or liquidation of the Company and hereby irrevocably waives any and all right to maintain any action for partition or to compel any sale or other liquidation with respect to such Person's interest, in or with respect to, any assets or properties of the Company. Each Participant agrees not to petition a court for the dissolution, termination or liquidation of the Company.
Section 12.13. Construction. The Company and all Participants have participated jointly in negotiating and drafting this Agreement. If an ambiguity or a question of intent or interpretation arises, this Agreement shall be construed as if drafted jointly by the Company and all Participants, and no presumption or burden of proof shall arise favoring or disfavoring any Person by virtue of the authorship of any provision of this Agreement.
Section 12.14. Incorporation of Exhibits, Appendices, Attachments, Recitals and Schedules. The Exhibits, Appendices, Attachments, Recitals and Schedules identified in this Agreement are incorporated herein by reference and made a part hereof.
[SIGNATURE PAGE FOLLOWS]
IN WITNESS WHEREOF, the Participants have executed this Limited Liability Company Agreement as of the day and year first above written.
PARTICIPANTS:
[BATS EXCHANGE, INC.]
BATS BZX EXCHANGE, INC.
By:
Name:
Title:
[BATS Y-EXCHANGE, INC.]
BATS BYX EXCHANGE, INC.
By:
Name:
Title:
BOX OPTIONS EXCHANGE LLC
By:
Name:
Title:
C2 OPTIONS EXCHANGE, INCORPORATED
By:
Name:
Title:
CHICAGO BOARD OPTIONS EXCHANGE, INCORPORATED
By:
Name:
Title:
CHICAGO STOCK EXCHANGE, INC.
By:
Name:
Title:
[EDGA EXCHANGE, INC.]
BATS EDGA EXCHANGE, INC.
By:
Name:
Title:
[EDGX EXCHANGE, INC.]
BATS EDGX EXCHANGE, INC.
By:
Name:
Title:
FINANCIAL INDUSTRY REGULATORY AUTHORITY, INC.
By:
Name:
Title:
ISE GEMINI, LLC
By:
Name:
Title:
ISE MERCURY, LLC
By:
Name:
Title:
INTERNATIONAL SECURITIES EXCHANGE, LLC
By:
Name:
Title:
INVESTORS' EXCHANGE, LLC
By:
Name:
Title:
MIAMI INTERNATIONAL SECURITIES EXCHANGE LLC
By:
Name:
Title:
[NASDAQ OMX BX, INC.]
NASDAQ BX, INC.
By:
Name:
Title:
[NASDAQ OMX PHLX LLC]
NASDAQ PHLX LLC
By:
Name:
Title:
THE NASDAQ STOCK MARKET LLC
By:
Name:
Title:
NATIONAL STOCK EXCHANGE, INC.
By:
Name:
Title:
NEW YORK STOCK EXCHANGE LLC
By:
Name:
Title:
NYSE MKT LLC
By:
Name:
Title:
NYSE ARCA, INC.
By:
Name:
Title:
EXHIBIT A
PARTICIPANTS IN CAT NMS, LLC
[BATS Exchange, Inc.] Bats BZX Exchange, Inc., 8050 Marshall Drive, Lenexa, KS 66214 | [BATS Y-Exchange, Inc.] Bats BYX Exchange, Inc., 8050 Marshall Drive, Lenexa, KS 66214 | BOX Options Exchange LLC, 101 Arch St., Suite 610, Boston, MA 02110. |
C2 Options Exchange, Incorporated, 400 South LaSalle St., Chicago, IL 60605 | Chicago Board Options Exchange, Incorporated, 400 South LaSalle St., Chicago, IL 60605 | Chicago Stock Exchange, Inc., 440 South LaSalle St., Suite 800, Chicago, IL 60605. |
[EDGA Exchange, Inc.] Bats EDGA Exchange, Inc., 8050 Marshall Drive Lenexa, KS 66214 | [EDGX Exchange, Inc.] Bats EDGX Exchange, Inc., 8050 Marshall Drive, Lenexa, KS 66214 | Financial Industry Regulatory Authority, Inc., 1735 K Street NW., Washington DC, 20006. |
ISE Gemini, LLC, 60 Broad Street, New York, New York 10004 | International Securities Exchange, LLC, 60 Broad Street, New York, New York 10004 | Miami International Securities Exchange LLC, 7 Roszel Road, 5th floor, Princeton, NJ 08540. |
[NASDAQ OMX BX, Inc.] NASDAQ BX, Inc., One Liberty Plaza, 165 Broadway, New York, NY 10006 | [NASDAQ OMX PHLX LLC] NASDAQ PHLX LLC., 1900 Market Street, Philadelphia, PA 19103 | The NASDAQ Stock Market LLC, One Liberty Plaza, 165 Broadway, New York, NY 10006. |
National Stock Exchange, Inc., 101 Hudson Street Suite 1200, Jersey City, NJ 07302 | New York Stock Exchange LLC, 11 Wall St., New York, NY 10005 | NYSE MKT LLC, 11 Wall St., New York, NY 10005. |
NYSE Arca, Inc., 11 Wall St., New York, NY 10005 | ISE Mercury, LLC, 60 Broad Street, New York, NY 10004 | Investors' Exchange, LLC, 4 World Trade Center 44th Floor, New York, NY 10007. |
APPENDIX A
Consolidated Audit Trail National Market System Plan Request for Proposal, issued February 26, 2013, version 3.0 updated March 3, 2014
(The Request for Proposal is available at Securities Exchange Act Release No. 77724 (CAT NMS Plan published for comment on May 17, 2016))
Certain provisions of Articles I-XII have been modified as noted on the cover page of this CAT NMS Plan. To the extent text in the following Appendices conflicts with any such modifications, the modified language of Articles I-XII shall control
APPENDIX B
[Reserved]
APPENDIX C
DISCUSSION OF CONSIDERATIONS
SEC Rule 613(a)(1) Considerations
SEC Rule 613(a) requires the Participants to discuss various “considerations” related to how the Participants propose to implement the requirements of the CAT NMS Plan, cost estimates for the proposed solution, and a discussion of the costs and benefits of alternate solutions considered but not proposed. This Appendix C discusses the considerations identified in SEC Rule 613(a). The first section below provides a background of the process the Participants have undertaken to develop and draft the CAT NMS Plan. Section A below addresses the requirements, set forth in SEC Rule 613(a)(1)(i) through (a)(1)(vi), that the “Participants specify and explain the choices they made to meet the requirements specified in [SEC Rule 613] for the [CAT].” In many instances, details of the requirements (i.e., the specific technical requirements that the Plan Processor must meet) will be set forth in the Plan Processor Requirements document (“PPR”). Relevant portions of the PPR are outlined and described throughout this Appendix C, as well as included as Appendix D.
Securities Exchange Act Release No. 67457 (July 18, 2012), 77 Fed. Reg. 45722, 45789 (Aug. 1, 2012) (“Adopting Release”).
See Adopting Release at 45790. Section B below includes discussions of reasonable alternatives to approaching the creation, implementation, and maintenance of the CAT that the Participants considered. See SEC Rule 613(a)(1)(xii).
Section B below discusses the requirements in SEC Rule 613(a)(1)(vii) and SEC Rule 613(a)(1)(viii) that the CAT NMS Plan include detailed estimates of the costs, and the impact on competition, efficiency, and capital formation, for creating, implementing, and maintaining the CAT. The information in Section B below is intended to aid the Commission in its economic analysis of the CAT and the CAT NMS Plan.
See Adopting Release at 45793.
Section C below, in accordance with SEC Rule 613(a)(1)(x), establishes objective milestones to assess the Participants' progress toward the implementation of the CAT in accordance with the CAT NMS Plan. This section includes a plan to eliminate existing rules and systems (or components thereof) that will be rendered duplicative by the CAT, as required by SEC Rule 613(a)(1)(ix).
Section D below addresses how the Participants solicited the input of their Industry Members and other appropriate parties in designing the CAT NMS Plan as required by SEC Rule 613(a)(1)(xi).
Capitalized terms used and not otherwise defined in this Appendix C have the respective meanings ascribed to such terms in the Agreement to which this Appendix C is attached.
Background
SEC Rule 613 requires the Participants to jointly file a national market system plan to govern the creation, implementation, and maintenance of the CAT, and the Central Repository. Early in the process, the Participants concluded that the publication of a request for proposal soliciting Bids from interested parties to serve as the Plan Processor for the CAT was necessary prior to filing the CAT NMS Plan to ensure that potential alternative solutions to creating the CAT could be presented and considered by the Participants and that a detailed and meaningful cost/benefit analysis could be performed, both of which are required considerations to be addressed in the CAT NMS Plan. To that end, the Participants published the RFP on February 26, 2013, and 31 firms formally notified the Participants of their intent to bid.
The initial RFP was amended in March 2014. See Consolidated Audit Trail National Market System Plan Request for Proposal (last updated Mar. 3, 2014), available at http://catnmsplan.com/web/groups/catnms/documents/catnms/p213400.zip (the “RFP”).
On September 3, 2013, the Participants filed with the Commission the Selection Plan, a national market system plan to govern the process for Participant review of the Bids submitted in response to the RFP, the procedure for evaluating the Bids, and, ultimately, selection of the Plan Processor. Several critical components of the Participants' process for formulating and drafting the CAT NMS Plan were contingent upon approval of the Selection Plan, which occurred on February 21, 2014. Bids in response to the RFP were due four weeks following approval of the Selection Plan, on March 21, 2014. Ten Bids were submitted in response to the RFP.
The SEC has approved two amendments to the Selection Plan. See Securities Exchange Act Rel. No. 75192 (June 17, 2015), 80 Fed. Reg. 36028 (June 23, 2015); and Securities Exchange Act Rel. No.75980 (Sept. 24, 2015), 80 Fed. Reg. 58796 (Sept. 30, 2015).
The Participants considered each Bid in great detail to ensure that the Participants can address the considerations enumerated in SEC Rule 613, including analysis of the costs and benefits of the proposed solution(s), as well as alternative solutions considered but not proposed, so that the Commission and the public will have sufficiently detailed information to carefully consider all aspects of the CAT NMS Plan the Participants ultimately submit. Soon after receiving the Bids, and pursuant to the Selection Plan, the Participants determined that all ten Bids were “qualified” pursuant to the Selection Plan. On July 1, 2014, after the Participants had hosted Bidder presentations to learn additional details regarding the Bids and conducted an analysis and comparison of the Bids, the Participants voted to select six Shortlisted Bidders.
See Selection Plan, 78 Fed. Reg. 69910, Ex. A §§ I(Q) (defining “Qualified Bid”), VI(A) (providing the process for determining whether Bids are determined to be “Qualified Bids”).
Under the terms of the Selection Plan, and as incorporated into the CAT NMS Plan, the Plan Processor for the CAT has not been selected and will not be selected until after approval of the CAT NMS Plan. Any one of the six remaining Shortlisted Bidders could be selected as the Plan Processor, and because each Shortlisted Bidder has proposed different approaches to various issues, the CAT NMS Plan does not generally mandate specific technical approaches; rather, it mandates specific requirements that the Plan Processor must meet, regardless of approach. Where possible, this Appendix C discusses specific technical requirements the Participants have deemed necessary for the CAT; however, in some instances, provided the Plan Processor meets certain general obligations, the specific approach taken in implementing aspects of the CAT NMS Plan will be dependent upon the Bidder ultimately selected as the Plan Processor.
See Selection Plan § 6; see also id. Article V.
SEC Rule 613 also includes provisions to facilitate input on the implementation, operation, and administration of the Central Repository from the broker-dealer industry. To this end, the Participants formed a Development Advisory Group (“DAG”) to solicit industry feedback. Following multiple discussions between the Participants and both the DAG and the Bidders, as well as among the Participants themselves, the Participants recognized that some provisions of SEC Rule 613 would not permit certain solutions to be included in the CAT NMS Plan that the Participants determined advisable to effectuate the most efficient and cost-effective CAT. Consequently, the Participants submitted their original Exemptive Request Letter seeking exemptive relief from the Commission with respect to certain provisions of SEC Rule 613 regarding (1) options market maker quotes; (2) Customer-IDs; (3) CAT-Reporter-IDs; (4) linking of executions to specific subaccount allocations on allocation reports; and (5) timestamp granularity for Manual Order Events. Specifically, the Participants requested that the Commission grant an exemption from:
See SEC Rules 613(a)(1)(xi) and 613(b)(7).
See original Exemptive Request Letter, available at http://catnmsplan.com/web/groups/catnms/@catnms/documents/appsupportdocs/p602383.pdf.
- Rule 613(c)(7)(ii) and (iv) for options market makers with regard to their options quotes.
- Rule 613(c)(7)(i)(A), (c)(7)(iv)(F), (c)(7)(viii)(B)and (c)(8) which relate to the requirements for Customer-IDs.
- Rule 613(c)(7)(i)(C), (c)(7)(ii)(D), (c)(7)(ii)(E), (c)(7)(iii)(D), (c)(7)(iii)(E), (c)(7)(iv)(F), (c)(7)(v)(F), (c)(7)(vi)(B) and (c)(8) which relate to the requirements for CAT-Reporter-IDs.
- Rule 613(c)(7)(vi)(A), which requires CAT Reporters to record and report the account number of any subaccounts to which the execution is allocated.
- The millisecond timestamp granularity requirement in Rule 613(d)(3) for certain Manual Order Events subject to timestamp reporting under Rules 613(c)(7)(i)(E), 613(c)(7)(ii)(C), 613(c)(7)(iii)(C), and 613(c)(7)(iv)(C).
The Participants supplemented their original Exemptive Request Letter with a supplemental Exemptive Request Letter (together, the “Exemptive Request Letters”), clarifying its original requested exemption from the requirement in Rule 613(c)(7)(viii)(B) (including, in some instances, requesting an exemption from the requirement to provide an account number, account type and date account opened under Rule 613(c)(7)(viii)(B)). The Participants believe that the requested relief is critical to the development of a cost-effective approach to the CAT.
See Letter from the Participants to Brent J. Fields, Secretary, SEC re: Supplement to Request for Exemptive Relief from Certain Provisions of SEC Rule 613 of Regulation NMS under the Securities Exchange Act of 1934 (Sept. 2, 2015), available at the CAT NMS Plan Website. Separately, on April 3, 2015, the Participants filed with the Commission examples demonstrating how the proposed request for exemptive relief related to allocations would operate; this filing did not substantively update or amend the Exemptive Request Letter. See Letter from the Participants to Brent J. Fields, Secretary, SEC re: Supplement to Request for Exemptive Relief from Certain Provisions of SEC Rule 613 of Regulation NMS under the Securities Exchange Act of 1934 (Apr. 3, 2015), available at the CAT NMS Plan Website.
The Participants also will seek to comply with their obligations related to the CAT under Reg SCI as efficiently as possible. When it adopted Reg SCI, the Commission expressed its belief that the CAT “will be an SCI system of each SCI SRO that is a member of an approved NMS plan under Rule 613, because it will be a facility of each SCI SRO that is a member of such plan.” The Participants intend to work together and with the Plan Processor, in consultation with the Commission, to determine a way to effectively and efficiently meet the requirements of Reg SCI without unnecessarily duplicating efforts.
See Securities Exchange Act Release No. 73639 (Nov. 19, 2014), 79 Fed. Reg. 72252, 72275 n. 246 (Dec. 5, 2014) (adopting Reg SCI and citing the Adopting Release at 45774).
A. Features and Details of the CAT NMS Plan
1. Reporting Data to the CAT
As required by SEC Rule 613(a)(1)(i), this section describes the reporting of data to the Central Repository, including the sources of such data and the manner in which the Central Repository will receive, extract, transform, load, and retain such data. As a general matter, the data reported to the Central Repository is of two distinct types: (1) Reference data (e.g., data concerning CAT Reporters and customer information, issue symbology information, and data from the SIPs); and (2) order and trade data submitted by CAT Reporters, including national securities exchanges, national securities associations and broker-dealers. Each of these types of data is discussed separately below.
Sources of Data
In general, data will be reported to the Central Repository by national securities exchanges, national securities associations, broker-dealers, the SIPs for the CQS, CTA, UTP and Plan for Reporting of Consolidated Options Last Sale Reports and Quotation Information(“OPRA”) Plans, and certain other vendors or appropriate third parties (“Data Submitters”). Specifically, in accordance with SEC Rule 613(c)(5) and Sections 6.3 and 6.4 of the CAT NMS Plan, each national securities exchange and its members must report to the Central Repository the information required by SEC Rule 613(c)(7) for each NMS Security registered or listed for trading on such exchange or admitted to unlisted trading privileged on such exchange (subject to relief pursuant to the Exemptive Request Letters). Similarly, in accordance with SEC Rule 613(c)(6), each national securities association and its members must report to the Central Repository the information required by SEC Rule 613(c)(7) for each NMS Security for which transaction reports are required to be submitted to the association (subject to relief pursuant to the Exemptive Request Letters). Additionally, the Participants, in consultation with the DAG and with industry support, have determined to include OTC Equity Securities in the initial phase-in of the CAT; thus, CAT Reporters must also include order and trade information regarding orders for OTC Equity Securities in addition to those involving NMS Securities.
See Adopting Release at 45748 n.278 (noting that “the Rule does not preclude the NMS plan from allowing broker-dealers to use a third party to report the data required to the central repository on their behalf”). The Participants note that CAT Reporters using third party service providers to submit information on their behalf would still be responsible for all the data submitted on their behalf. The term “CAT Reporters” is generally used to refer to those parties that are required by SEC Rule 613 and the CAT NMS Plan to submit data to the CAT (i.e., national securities exchanges, national securities associations, and members thereof). The term “Data Submitters” includes those third-parties that may submit data to the CAT on behalf of CAT Reporters as well as outside parties that are not required to submit data to the CAT but from which the CAT may receive data (e.g., SIPs). Thus, all CAT Reporters are Data Submitters, but not all Data Submitters are CAT Reporters.
As noted, the Participants submitted the Exemptive Request Letters to facilitate compliance with the goals and purposes of the rule while minimizing the impact on existing market practices and reducing burdens on both Participants and broker-dealers.
See SIFMA Industry Recommendations for the Creation of the Consolidated Audit Trail (CAT) at 70 (Mar. 28, 2013) (“SIFMA Recommendations”), available at http://www.sifma.org/workarea/downloadasset.aspx?id=8589942773. Section 1.1 of the CAT NMS Plan includes OTC Equity Securities as “Eligible Securities.” As discussed in Appendix C, Plan to Eliminate Existing Rules and Systems (SEC Rule 613(a)(1)(ix)), inclusion of OTC Equity Securities in the initial phase of the CAT should facilitate the retirement of FINRA's Order Audit Trail System (“OATS”) and reduce costs to the industry.
In addition to order and execution data, SEC Rule 613 requires Industry Members to report customer information, including Customer-IDs, to the CAT so that order and execution data can be associated with particular Customers. However, in the Exemptive Request Letters, the Participants request relief that would permit CAT Reporters to provide information to the Central Repository using Firm Designated IDs instead of Customer-IDs. In addition, Industry Members are permitted to use Data Submitters that are not national securities exchanges, national securities associations, or members thereof to report the required data to the Central Repository on their behalf. The approach proposed in the Exemptive Request Letters also would permit Data Submitters to provide information to the Central Repository using Firm Designated ID for purposes of reporting information to the CAT.
The Central Repository also is required to collect National Best Bid and National Best Offer information, transaction reports reported to an effective transaction reporting plan filed with the SEC pursuant to SEC Rule 601, and Last Sale Reports reported pursuant to the OPRA Plan. Consequently, the Plan Processor must receive information from the SIPs for those plans and incorporate that information into the CAT. Lastly, as set forth in Appendix D, the Plan Processor must maintain a complete symbology database, including historical symbology. CAT Reporters will submit data to the CAT with the listing exchange symbology format, and the CAT must use the listing exchange symbology format in the display of linked data. The Participants will be responsible for providing the Plan Processor with issue symbol information, and issue symbol validation must be included in the processing of data submitted by CAT Reporters.
SEC Rule 613(e)(7).
After reviewing the Bids and receiving industry input, the Participants do not believe there is a need to dictate that the Plan Processor adopt a particular format for the submission of data to the Central Repository. Rather, regardless of the format(s) adopted, the CAT must be able to monitor incoming and outgoing data feeds and be capable of performing the following functions:
Support daily files from each CAT Reporter;
Support files that cover multiple days (for re-transmission);
Support error correction files;
Capture operational logs of transmissions, success, failure reasons, etc.; and
Support real-time and batch feeds.
The Plan Processor will be required to ensure that each CAT Reporter is able to access its submissions for error correction purposes and transmit their data to the Central Repository on a daily basis. The Plan Processer must have a robust file management tool that is commercially available, including key management. In addition, at a minimum, the Plan Processor must be able to accept data from CAT Reporters and other Data Submitters via automated means (e.g., Secure File Transfer Protocol (“SFTP”)) as well as manual entry means (e.g., GUI interface).
The Plan Processor will be required to ensure that all file processing stages are handled correctly. This will include the start and stop of data reception, the recovery of data that is transmitted, the retransmission of data from CAT Reporters, and the resynchronization of data after any data loss. At a minimum, this will require the Plan Processor to have logic that identifies duplication of files. If transmission is interrupted, the Plan Processor must specify:
data recovery process for partial submissions;
operational logs/reporting;
operational controls for receipt of data; and
managing/handling failures.
The Plan Processor is required to establish a method for developing an audit trail of data submitted to and received by the Central Repository. This must include a validation of files to identify file corruption and incomplete transmissions. As discussed more fully below, an acknowledgement of data receipt and information on rejected data must be transmitted to CAT Reporters.
1. Data Submission for Orders and Reportable Events, including Manual Submission
Sections 6.3 and 6.4 of the CAT NMS Plan require CAT Reporters to provide details for each order and each Reportable Event to the Central Repository. In the RFP, the Participants requested that the Bidders describe the following:
See SEC Rule 613(c)(7).
system interfaces, including data submission, data access and user interfaces;
RFP Question 49.
the proposed messaging and communication protocol(s) used in data submission and retrieval and the advantage(s) of such protocol(s);
RFP Questions 59-60.
the process and associated protocols for accepting batch submissions; and
RFP Question 62.
the process and any associated protocols for supporting manual data submissions.
RFP Question 63.
2. The Timing of Reporting Data
Pursuant to SEC Rule 613(c)(3), Sections 6.3 and 6.4 of the CAT NMS Plan require that CAT Reporters report certain order and transaction information recorded pursuant to SEC Rule 613 or the CAT NMS Plan to the Central Repository by 8:00 a.m. Eastern Time on the Trading Day following the day such information is recorded. SEC Rule 613(c)(3) notes, however, that the CAT NMS Plan “may accommodate voluntary reporting prior to 8:00 a.m. Eastern Time, but shall not impose an earlier deadline on the reporting parties.” Sections 6.3 and 6.4 of the CAT NMS Plan explicitly permit, but do not require, CAT Reporters to submit information to the CAT throughout the day. Because of the amount of data that will ultimately be reported to the CAT, the Participants have decided to permit Data Submitters to report data to the CAT as end of day files (submitted by 8:00 a.m. Eastern Time the following Trading Day) or throughout the day. The Participants believe that permitting Data Submitters to report data throughout the day may reduce the total amount of bandwidth used by the Plan Processor to receive data files and will allow CAT Reporters and other Data Submitters to determine which method is most efficient and cost-effective for them. However, the Plan Processor will still be required to have the capacity to handle two times the historical peak daily volume to ensure that, if CAT Reporters choose to submit data on an end-of-day basis, the Plan Processor can handle the influx of data.
SEC Rule 613 and Sections 6.3 and 6.4 of the CAT NMS Plan permit certain other information to be reported by 8:00 a.m. Eastern Time on the Trading Day following the day the CAT Reporter receives the information. See SEC Rule 613(c)(4), (c)(7)(vi)-(viii).
SIFMA's recommendations to the Participants regarding the CAT indicates support for the ability of Data Submitters to submit data in batch or near-real-time reporting. See SIFMA Recommendations, at 55.
3. Customer and Customer Account Information
In addition to the submission of order and trade data, broker-dealer CAT Reporters must also submit customer information to the CAT so that the order and trade data can be matched to the specific customer. SEC Rule 613(c)(7) sets forth data recording and reporting requirements that must be included in the CAT NMS Plan. Under SEC Rule 613(c)(7)(i)(A), the CAT NMS Plan must require each CAT Reporter to record and report “Customer-ID(s) for each customer” when reporting to the CAT order receipt or origination information. When reporting the modification or cancellation of an order, the rule further requires the reporting of “the Customer-ID of the Person giving the modification or cancellation instruction.” In addition, SEC Rule 613(c)(8) mandates that all CAT Reporters “use the same Customer-ID . . . for each customer and broker-dealer.” For purposes of SEC Rule 613, “Customer-ID” means, “with respect to a customer, a code that uniquely identifies such customer for purposes of providing data to the central repository.” Also, SEC Rule 613(c)(7)(viii) requires that, for original receipt or origination of an order, CAT Reporters report “customer account information,” which is defined as including “account number, account type, customer type, date account opened, and large trader identifier (if applicable).”
As noted above, the term “customer” means “(i) [t]he account holder(s) of the account at a broker-dealer originating an order, and (ii) [a]ny person from whom the broker-dealer is authorized to accept trading instructions for such account, if different than the account holder(s).” SEC Rule 613(j)(3).
SEC Rule 613(c)(7)(i)(A).
SEC Rule 613(c)(7)(iv)(F).
SEC Rule 613(c)(8).
SEC Rule 613(j)(5).
SEC Rule 613(j)(4).
After considering the requirements of SEC Rule 613 with respect to recording and reporting Customer-IDs, Customer Account Information, and information of sufficient detail to identify the Customer as well as industry input and the Commission's reasons for adopting these requirements, the Participants requested that Industry Members and other industry participants provide ideas on implementing the Customer-ID requirement. After careful consideration, including numerous discussions with the DAG, the Participants concluded that the CAT NMS Plan should use a reporting model that requires broker-dealers to provide detailed account and Customer information to the Central Repository, including the specific identities of all Customers associated with each account, and have the Central Repository correlate the Customer information across broker-dealers, assign a unique customer identifier to each Customer (i.e., the Customer-ID), and use that unique customer identifier consistently across all CAT Data (hereinafter, the “Customer Information Approach”).
Under the Customer Information Approach, the CAT NMS Plan would require each broker-dealer to assign a unique Firm Designated ID to each customer, as that term is defined in SEC Rule 613. For the Firm Designated ID, broker-dealers would be permitted to use an account number or any other identifier defined by the firm, provided each identifier is unique across the firm for each business date (i.e., a single firm may not have multiple separate customers with the same identifier on any given date). Under the Customer Information Approach, broker-dealers must submit an initial set of customer information to the Central Repository, including, as applicable, the Firm Designated ID for the customer, name, address, date of birth, Individual Tax ID (“ITIN”)/social security number (“SSN”), individual's role in the account (e.g., primary holder, joint holder, guardian, trustee, person with the power of attorney) and Legal Entity Identifier (“LEI”), and/or Large Trader ID (“LTID”), if applicable. Under the Customer Information Approach, broker-dealers would be required to submit to the Central Repository daily updates for reactivated accounts, newly established or revised Firm Designated IDs, or associated reportable Customer information.
Where a validated LEI is available for a Customer or entity, it may obviate the need to report other identifier information (e.g., Customer name, address).
The Participants anticipate that Customer information that is initially reported to the CAT could be limited to only customer accounts that have, or are expected to have, CAT-reportable activity. For example, accounts that are considered open, but have not traded Eligible Securities in a given timeframe may not need to be pre-established in the CAT, but rather could be reported as part of daily updates after they have CAT-reportable activity.
Because reporting to the CAT is on an end-of-day basis, intra-day changes to information could be captured as part of the daily updates to the information. See SEC Rule 613(c)(3). To ensure the completeness and accuracy of Customer information and associations, in addition to daily updates, broker-dealers would be required to submit periodic full refreshes of Customer information to the CAT. The scope of the “full” Customer information refresh would need to be further defined, with the assistance of the Plan Processor, to determine the extent to which inactive or otherwise terminated accounts would need to be reported.
Within the Central Repository, each Customer would be uniquely identified by identifiers or a combination of identifiers such as TIN/SSN, date of birth, and, as applicable, LEI and LTID. The Plan Processor would be required to use these unique identifiers to map orders to specific customers across all broker-dealers. Broker-dealers would therefore be required to report only Firm Designated ID information on each new order submitted to the Central Repository rather than the “Customer-ID” as set forth in SEC Rule 613(c)(7), and the Plan Processor would associate specific customers and their Customer-IDs with individual order events based on the reported Firm Designated ID.
The Customer-ID approach is strongly supported by the industry as it believes that to do otherwise would interfere with existing business practices and risk leaking proprietary order and customer information into the market. To adopt such an approach, however, requires certain exemptions from the requirements of SEC Rule 613. Therefore, the Participants included the Customer Information Approach in the Exemptive Request Letters so that this approach could be included in the CAT NMS Plan.
SIFMA Recommendations at 30-31; Financial Industry Forum (FIF) Consolidated Audit Trail (CAT) Working Group Response to Proposed RFP Concepts Document at 12 (Jan. 18, 2013), available at http://catnmsplan.com/industryFeedback/P197808 (“FIF Response”).
In addition to the approach described above, the CAT NMS Plan details a number of requirements which the Plan Processor must meet regarding Customer and Customer Account Information.
The Plan Processor must maintain information of sufficient detail to uniquely and consistently identify each Customer across all CAT Reporters, and associated accounts from each CAT Reporter. The Plan Processor must document and publish, with the approval of the Operating Committee, the minimum list of attributes to be captured to maintain this association.
The CAT Processor must maintain valid Customer and Customer Account Information for each Trading Day and provide a method for Participants and the SEC to easily obtain historical changes to that information (e.g., name changes, address changes).
The CAT Processor will design and implement a robust data validation process for submitted Firm Designated ID, Customer Account Information and Customer Identifying Information.
The Plan Processor must be able to link accounts that move from one CAT Reporter to another due to mergers and acquisitions, divestitures, and other events. Under the approach proposed by the Participants, broker-dealers will initially submit full account lists for all active accounts to the Plan Processor and subsequently submit updates and changes on a daily basis. In addition, the Plan Processor must have a process to periodically receive full account lists to ensure the completeness and accuracy of the account database.
“Active accounts” are defined as accounts that have had activity within the last six months.
In the RFP, the Participants asked for a description of how Customer and Customer Account Information will be captured, updated and stored with associated detail sufficient to identify each Customer. All Bidders anticipated Customer and Customer Account Information to be captured in an initial download of data. The precise method(s) by which CAT Reporters submit Customer data to the Central Repository will be set out in the Technical Specifications provided by the Plan Processor in accordance with Section 6.9 of the CAT NMS Plan. Data capture would occur using both file-based and entry screen methods. Data validation would check for potential duplicates with error messages being generated for follow-up by CAT Reporters. Data Reporters can update data as needed or on a predetermined schedule.
RFP Question 1.
4. Error Reporting
SEC Rule 613(e)(6) requires the prompt correction of errors in data submitted to the Central Repository. As discussed in Appendix C, Time and Method by which CAT Data will be Available to Regulators, initial validation, lifecycle linkages, and communications of errors to CAT Reporters will be required to occur by 12:00 p.m. Eastern Time T+1 and corrected data will be required to be resubmitted to the Central Repository by 8:00 a.m. Eastern Time on T+3. Each of the Bidders indicated that it was able to meet these timeframes.
However, the industry expressed concern that reducing the error repair window will constitute a significant burden to Data Submitters and also question whether the proposed error correction timeframe is possible. Financial Information Forum (“FIF”) supports maintaining the current OATS Error Handling timelines, which allows for error correction within five OATS business days from the date of original submission. Securities Industry and Financial Markets Association (“SIFMA”) also recommends a five-day window for error correction. Nevertheless, the Participants believe that it is imperative to the utility of the Central Repository that corrected data be available to regulators as soon as possible and recommend the three-day window for corrections to balance the need for regulators to access corrected data in a timely manner while considering the industry's concerns.
FIF Response at 35.
Id.
SIFMA Recommendations at 62.
The Manner in which the Central Repository will Receive, Extract, Transform, Load, and Retain Data
The Central Repository must receive, extract, transform, load, and retain the data submitted by CAT Reporters and other Data Submitters. In addition, the Plan Processor is responsible for ensuring that the CAT contains all versions of data submitted by a CAT Reporter or other Data Submitter (i.e., the Central Repository must include different versions of the same information, including such things as errors and corrected data).
Data retention requirements by the Central Repository are discussed more fully in Appendix D, Functionality of the CAT System.
In the RFP, the Participants requested that each Bidder perform a detailed analysis of current industry systems and interface specifications to propose and develop their own format for collecting data from the various data sources relevant under SEC Rule 613, as outlined in the RFP. Bidders also were requested to perform an analysis on their ability to develop, test and integrate this interface with the CAT. In addition, the Participants sought input from the industry regarding different data submission mechanisms and whether there needs to be a method to allow broker-dealers with very small order volumes to submit their data in a non-automated manner.
RFP § 2.3 at 19.
SEC Rule 613: Consolidated Audit Trail (CAT), Questions for Industry Consideration, available at http://catnmsplan.com/QuestionsforIndustryConsideration.
As noted above, since the Central Repository is required to collect and transform customer, order and trade information from multiple sources, the RFP requested that Bidders describe:
how Customer and Customer Account Information will be captured, updated and stored with associated detail sufficient to identify each customer;
RFP Question 1.
the system interfaces, including data submission, data access and user interfaces;
RFP Question 49.
the proposed messaging and communication protocol(s) used in data submission and retrieval and the advantage(s) of such protocol(s);
RFP Questions 59-60.
the process and associated protocols for accepting batch submissions; and
RFP Question 62.
the process and any associated protocols for supporting manual data submissions.
RFP Question 63.
Various Bidders proposed multiple methods by which Data Reporters could report information to the Central Repository. Bidders proposed secure VPN, direct line access through TCP/IP or at co-location centers, and web-based manual data entry.
The RFP also requested that Bidders describe:
the overall technical architecture; and
RFP Question 43.
the network architecture and describe how the solution will handle the necessary throughput, processing timeline and resubmissions.
RFP Question 50.
There are two general approaches by which the Central Repository could receive information. Approach 1 described a scenario in which broker-dealers would submit relevant data to the Central Repository using their choice of existing industry messaging protocols, such as the Financial Information eXchange (“FIX”) protocol. Approach 2 provided a scenario in which broker-dealers would submit relevant data to the Central Repository using a defined or specified format, such as an augmented version of OATS.
Following receipt of data files, the Plan Processor will be required to send an acknowledgement of data received to CAT Reporters and third party Data Submitters. This acknowledgement will enable CAT Reporters to create an audit trail of their data submissions and allow for tracing of data breakdowns if data is not received. The minimum requirements for receipt acknowledgement are detailed in Appendix D, Receipt of Data from Reporters.
Once the Central Repository has received the data from the CAT Reporters, it will extract individual records from the data, and validate the data through a review process that must be described in the Technical Specifications involving context, syntax, and matching validations. The Plan Processor will need to validate data and report back to any CAT Reporter any data that has not passed validation checks according to the requirements in Appendix D, Receipt of Data from Reporters. To ensure the accuracy and integrity of the data in the Central Repository, data that does not pass the basic validation checks performed by the Plan Processor must be rejected until it has been corrected by the CAT Reporter responsible for submitting the data/file. After the Plan Processor has processed the data, it must provide daily statistics regarding the number of records accepted and rejected to each CAT Reporter.
The Plan Processor also will be required to capture rejected records for each CAT Reporter and make them available to the CAT Reporter. The “rejects” file must be accessible via an electronic file format, and the rejections and daily statistics must also be available via a web interface. The Plan Processor must provide functionality for CAT Reporters to amend records that contain exceptions. The Plan Processor must also support bulk error correction so that rejected records can be resubmitted as a new file with appropriate indicators for rejection repairs. The Plan Processor must, in these instances, reprocess repaired records. In addition, a web GUI must be available for CAT Reporters to make updates, including corrections, to individual records or attributes. The Plan Processor must maintain a detailed audit trail capturing corrections to and replacements of records.
The Plan Processor must provide CAT Reporters with documentation that details how to amend/upload records that fail the required validations, and if a record does not pass basic validations, such as syntax rejections, then it must be rejected and sent back to the CAT Reporter as soon as possible, so it can be repaired and resubmitted. In order for regulators to have access to accurate and complete data as expeditiously as practicable, the Plan Processor will provide CAT Reporters with their error reports as they become available, and daily statistics must be provided after data has been uploaded and validated. The reports will include descriptive details as to why each data record was rejected by the Plan Processor.
The industry supports receiving information on reporting errors as soon as possible to enable CAT Reporters to address errors in a timely manner. See FIF Response at 36.
In addition, on a monthly basis, the Plan Processor should produce and publish reports detailing CAT Reporter performance and comparison statistics, similar to the report cards published for OATS presently. These reports should include data to enable CAT Reporters to assess their performance in comparison to the rest of their industry peers and to help them assess the risk related to their reporting of transmitted data.
CAT Reporters will report data to the Central Repository either in a uniform electronic format, or in a manner that would allow the Central Repository to convert the data to a uniform electronic format, for consolidation and storage. The Technical Specifications will describe the required format for data reported to the Central Repository. Results of a study conducted of broker-dealers showed average implementation and maintenance costs for use of a new file format to be lower than those for use of an existing file format (e.g., FIX) , although an FIF “Response to Proposed RFP Concepts Document” dated January 18, 2013 did indicate a preference among its members for use of the FIX protocol.
See Appendix C, Analysis of Expected Benefits and Estimated Costs for Creating, Implementing, and Maintaining the Consolidated Audit Trail (SEC Rule 613(a)(1)(vii)), for additional details on cost studies.
As noted above, the specific formats of data submission and loading will depend upon the Bidder chosen as the Plan Processor. Regardless of the ultimate Plan Processor, however, data submitted to the CAT will be loaded into the Central Repository in accordance with procedures that are subject to approval by the Operating Committee. The Central Repository will retain data, including the Raw Data, linked data, and corrected data, for at least six years. Data submitted to the Central Repository, including rejections and corrections, must be stored in repositories designed to hold information based on the classification of the Data Submitter (e.g., whether the Data Submitter is a Participant, a broker-dealer, or a third party Data Submitter). After ingestion by the Central Repository, the Raw Data must be transformed into a format appropriate for data querying and regulatory output.
See Section 6.1(c) of the CAT NMS Plan.
SEC Rule 613 reflects the fact that the Participants can choose from alternative methods to link order information to create an order lifecycle from origination or receipt to cancellation or execution. After review of the Bids and discussions with Industry Members, the CAT NMS Plan reflects the fact that the Participants have determined that the “daisy chain” approach to CAT-Order-ID that requires linking of order events rather than the repeated transmission of an order ID throughout an order's lifecycle is appropriate. This approach is widely supported by the industry, and using the daisy chain approach should minimize impact on existing OATS reporters, since OATS already uses this type of linking. The RFP asked Bidders to propose any additional alternatives to order lifecycle creation; however, all of the Bidders indicated that they would use the daisy chain approach to link order events.
See SEC Rule 613(j)(1).
See SIFMA Recommendations at 13, 39-42; FIF Response at 19.
See RFP Questions 11 and 12.
In the daisy chain approach, a series of unique order identifiers assigned by CAT Reporters to individual order events are linked together by the CAT and assigned a single CAT-generated CAT-Order-ID that is associated with each individual order event and used to create the complete lifecycle of an order. Under this approach, each CAT Reporter generates its own unique order ID but can pass a different identifier as the order is routed to another CAT Reporter, and the CAT will link related order events from all CAT Reporters involved in the life of the order.
A detailed example of the application of the daisy chain approach to an order routed to an exchange on an agency basis can be found in the Proposed RFP Concepts Document at 26.
The Participants believe that the daisy chain approach can handle anticipated order handling scenarios, including aggregation and disaggregation, and generally apply to both equities and options. The Participants created a subcommittee of DAG members and Participants to walk through multiple complex order-handling scenarios to ensure that the daisy chain approach can handle even the most complex of order handling methods.
This subcommittee included 21 Industry Members and 16 Participants. It met 11 times over the course of 13 months to discuss order handling and CAT reporting requirements. Examples of order handling scenarios that must be addressed include, in addition to the agency scenario referenced above: orders handled on a riskless principal basis, orders routed out of a national securities exchange through a broker-dealer router to another national securities exchange, orders executed on an average price basis and orders aggregated for further routing and execution. Detailed examples of these types of scenarios can be found in the Proposed RFP Concepts Document at 27-30.
Additionally, the daisy chain approach can handle representative order reporting scenarios and order handling scenarios sometimes referred to as “complex orders” that are specific to options and may include an equity component and multiple option components (e.g., buy-write, straddle, strangle, ratio spread, butterfly and qualified contingent transactions). Typically, these orders are referenced by exchange systems on a net credit/debit basis, which can cover between two and twelve different components. Such “complex orders” must also be handled and referenced within the CAT. The Bidder must develop, in close consultation with Industry Members, a linking mechanism that will allow the CAT to link the option leg(s) to the related equity leg or the individual options components to each other in a multi-leg strategy scenario.
These scenarios, and how the daisy chain approach could be applied, can be found in the Representative Order Proposal (Feb. 2013), available at http://catnmsplan.com/web/idcplg?IdcService=SS_GET_PAGE&ssDocName=P197815 .
Once a lifecycle is assembled by the CAT, individual lifecycle events must be stored so that each unique event (e.g., origination, route, execution, modification) can be quickly and easily associated with the originating customer(s) for both targeted queries and comprehensive data scans. For example, an execution on an exchange must be linked to the originating customer(s) regardless of how the order may have been aggregated, disaggregated, and routed through multiple broker-dealers before being sent to the exchange for execution.
The Plan Processor must transform and load the data in a way that provides the Participants with the ability to build and generate targeted queries against data in the Central Repository across product classes submitted to the Central Repository. The Participants' regulatory staff and the SEC must be able to create, adjust, and save ad-hoc queries to provide data to the regulators that can then be used for their market surveillance purposes. All data fields may be included in the result set from targeted queries. Because of the size of the Central Repository and its use by multiple parties simultaneously, online queries will require a minimum set of criteria, including data or time range as well as one or more of the parameters specified in Appendix D, Functionality of the CAT System.
Although the Plan Processor must account for multiple simultaneous queries, the Central Repository must also support the ability to schedule when jobs are run.
Because of the potential size of the possible result sets, the Plan Processor must have functionality to create an intermediate result count of records before running the full query so that the query can be refined if warranted. The Plan Processor must include a notification process that informs users when reports are available, and there should be multiple methods by which query results can be obtained (e.g., web download, batch feed). Regulatory staff also must have the ability to create interim tables for access/further investigation. In addition, the Plan Processor must provide a way to limit the number of rows from a result set on screen with full results being created as a file to be delivered via a file transfer protocol.
The Plan Processor will be reasonably required to work with the regulatory staff at the Participants and other regulators to design report generation screens that will allow them to request on-demand pre-determined report queries. These would be standard queries that would enable regulators quick access to frequently-used information and could include standard queries that will be used to advance the retirement of existing reports, such as Large Trader reporting.
Initially, only the SEC and Participants will have access to data stored in the Central Repository.
The Central Repository must, at a minimum, be able to support approximately 3,000 active users, including Participants' regulatory staff and the SEC, authorized to access data representing market activity (excluding the PII associated with customers and accounts).
The RFP required support for a minimum of 3,000 users. The actual number of users may be higher based upon regulator and Participant usage of the system.
Time and Method by which CAT Data will be Available to Regulators (SEC Rule 613(a)(1)(ii))
SEC Rule 613(a)(1)(ii) requires the Participants to discuss the “time and method by which the data in the Central Repository will be made available to regulators to perform surveillance or analyses, or for other purposes as part of their regulatory and oversight responsibilities.” As the Commission noted, “[t]he time and method by which data will be available to regulators are fundamental to the utility of the Central Repository because the purpose of the repository is to assist regulators in fulfilling their responsibilities to oversee the securities markets and market participants.”
SEC Rule 613(a)(1)(ii).
Adopting Release at 45790.
Time Data will be Made Available to Regulators
At any point after data is received by the Central Repository and passes basic format validations, it will be available to the Participants and the SEC. The Plan Processor must ensure that regulators have access to corrected and linked order and Customer data by 8:00 a.m. Eastern Time on T+5.
As noted above, SEC Rule 613(e)(6) requires the prompt correction of data reported to the Central Repository, and the Participants believe that the timeframes established in Appendix D, Data Availability, meet this requirement. Additionally, each of the Bidders indicated that it would be able to process the reported data within these timeframes. However, the FIF, an industry trade group, expressed concern that the error repair window will constitute a significant burden to CAT Reporters and questioned whether the error repair window “can be reasonably met.” FIF supports maintaining the current OATS Error Handling timelines, which allow for error correction within five OATS-business days from the date of original submission. SIFMA also recommends a five-day window for error correction. Nevertheless, the Participants believe that it is imperative to the utility of the Central Repository that corrected data be available to regulators as soon as possible, and therefore the Participants do not support adopting the five-day repair window permitted under OATS, but instead are providing a three-day repair window for the Central Repository.
FIF Response at 35.
FIF Response at 35.
SIFMA Recommendations at 62.
One example of why the Participants believe a five day repair window is too long is that regulators may need access to the data as quickly as possible in order to conduct market reconstruction.
Method by which Data will be Available to Regulators
As required by SEC Rule 613(a)(1)(ii), this section describes the ability of regulators to use data stored in the Central Repository for investigations, examinations and surveillance, including the ability to search and extract such data. The utility of the Central Repository is dependent on regulators being able to have access to data for use in market reconstruction, market analysis, surveillance and investigations. The Participants anticipate that the Plan Processor will adopt policies and procedures with respect to the handling of surveillance (including coordinated, SEC Rule 17d-2 or RSA surveillance) queries and requests for data. In the RFP, the Participants asked that the Bidders describe:
SEC Rule 613(a)(1)(ii).
Adopting Release at 45790.
the tools and reports that would allow for the extraction of data search criteria;
RFP Question 81.
how the system will accommodate simultaneous users from Participants and the SEC submitting queries;
RFP Question 82.
the expected response time for query results, the manner in which simultaneous queries will be managed and the maximum number of concurrent queries and users that can be supported by the system;
RFP Question 83.
the format in which the results of targeted queries will be provided to users;
RFP Question 84.
the methods of data delivery that would be made available to Participant regulatory staff and the Commission;
RFP Question 85.
any limitations on the size of data that can be delivered at one time, such as number of days or number of terabytes; and
RFP Question 86.
how simultaneous bulk data requests will be managed to ensure fair and equitable access.
RFP Question 87.
All Bidders provide means for off-line analysis and dynamic search and extraction. The Bids described a variety of tools that could be used for providing access and reports to the Participants and the SEC, including: Oracle Business Intelligence Experience Edition, SAS Enterprises Business Intelligence, and IBM Cognos. The Bids proposed data access via direct access portals and via web-based applications. In addition, the Bids proposed various options for addressing concurrent users and ensuring fair access to the data, including: processing queries on a first in, first out (FIFO) basis; monitoring to determine if any particular user is using more systems resources than others and prioritizing other users' queries; or evaluating each users' demands on the systems over a predetermined timeframe and, if there is an imbalance, working with users to provide more resources needed to operate the system more efficiently.
The SEC defined “off-line” analysis as “any analysis performed by a regulator based on data that is extracted from the [CAT] database, but that uses the regulator's own analytical tools, software, and hardware.” Adopting Release at 45798 n.853.
The Bids included a multitude of options for formatting the data provided to regulators in response to their queries, including but not limited to FIX, Excel, Binary, SAS data sets, PDF, XML, XBRL, CSV, and .TXT. Some Bidders would provide Participants and the SEC with a “sandbox” in which the user could store data and upload its own analytical tools and software to analyze the data within the Central Repository, in lieu of performing off-line analyses.
The Participants anticipate that they will be able to utilize Central Repository data to enhance their existing regulatory schemes. The Participants do not endorse any particular technology or approach, but rather set forth standards which the Plan Processor must meet. By doing so, the Participants are seeking to maximize the utility of the data from the Central Repository without burdening the Plan Processor to comply with specific format or application requirements which will need to be updated over time. In addition, the Participants wanted to ensure that the Bidders have the ability to put forth the ideas they believe are the most effective.
Report Building—Analysis Related to Usage of Data by Regulators
It is anticipated that the Central Repository will provide regulators with the ability to, for example, more efficiently conduct investigations, examinations, conduct market analyses, and to inform policy-making decisions. The Participants' regulatory staff and the SEC will frequently need to be able to perform queries on large amounts of data. The Plan Processor must provide the Participants and other regulators the access to build and generate targeted queries against data in the Central Repository. The Plan Processor must provide the regulatory staff at the Participants and regulators with the ability to create, adjust, and save any ad-hoc queries they run for their surveillance purposes via online or direct access to the Central Repository. Queries will require a minimum set of criteria that are detailed in Appendix D. The Plan Processor will have controls to manage load, cancel queries, if needed, and create a request process for complex queries to be run. The Plan Processor must have a notification process to inform users when reports are available, provide such reports in multiple formats, and have the ability to schedule when queries are run.
Id.
Id.
Id.
Id.
In addition, the Plan Processor will be required to reasonably work with the regulatory staff at the Participants and other regulators to design report generation screens that will allow them to request on-demand pre-determined report queries. These would be standard queries that would enable regulators quick access to frequently-used information. This could include standard queries that will be used to advance the retirement of existing reports, such as Large Trader.
Id.
Id.
The Plan Processor should meet the following response times for different query types. For targeted search criteria, the minimum acceptable response times would be measured in time increments of less than one minute. For the complex queries that either scan large volumes of data (e.g., multiple trade dates) or return large result sets (>1M records), the response time should generally be available within 24 hours of the submission of the request.
The Central Repository will support a permission mechanism to assign data access rights to all users so that CAT Reporters will only have access to their own reported data, the regulatory staff at the Participants and other regulators will have access to data; except for PII. Regulators that are authorized to access PII will be required to complete additional authentications. The Central Repository will be able to provide access to the data at the working locations of both the Participants' and SEC's regulatory staff as well as other non-office locations. The Central Repository must be built with operational controls to control access to make requests and to track data requests to support an event-based and time-based scheduler for queries that allows Participants to rely on the data generated.
As documented in Appendix D, each CAT Reporter will be issued a public key pair (“PKI”) that it can use to submit data, and access confirmation that their data has been received.
In addition to targeted analysis of data from the Central Repository, regulators will also need access to bulk data for analysis. The Participants and other regulators will need the ability to do bulk extraction and download of data, based on a specified date or time range, market, security, and Customer-ID. The size of the resulting data set may require the ability to feed data from the Central Repository into analytical “alert” programs designed to detect potentially illegal activity. “For example, the Commission is likely to use data from the Central Repository to calculate detailed statistics on order flow, order sizes, market depth and rates of cancellation, to monitor trends and inform Participant and SEC rulemaking.”
Adopting Release at 45799. See also RFP § 2.8.2.
Adopting Release at 45799.
The Plan Processor must provide for bulk extraction and download of data in industry standard formats. In addition, the Plan Processor is required to generate data sets based on market event data to the Participants and other regulators. The Central Repository must provide the ability to define the logic, frequency, format, and distribution method of the data. It must be built with operational controls to track data requests to oversee the bulk usage environment and support an event-based and time-based scheduler for queries that allows Participants to rely on the data generated. Extracted data should be encrypted, and PII data should be masked unless users have permission to view the data that has been requested.
The Plan Processor must have the capability and capacity to provide bulk data necessary for the Participants and the other regulators to run and operate their surveillance processing. Such data requests can be very large; therefore, the Plan Processor must have the ability to split large requests into smaller data sets for data processing and handling. All reports should be generated by a configurable workload manager that is cost based, while also ensuring that no single user is using a disproportionate amount of resources for query generation.
System Service Level Agreements (SLAs)
As further described in Appendix D, Functionality of CAT Systems, the Participants and the Plan Processor will enter into appropriate SLAs in order to establish system and operational performance requirements for the Plan Processor and help ensure timely Regulator access to Central Repository data. Among the items to be included in the SLA(s) will be specific requirements regarding query performance, linkage and order event processing performance of the Central Repository (e.g., linkage and data availability timelines, linkage errors not related to invalid data, and data retention) as well as system availability requirements (e.g., system uptime and DR/BCP performance). The Operating Committee will periodically review the SLAs according to the terms to be established in negotiation with the Plan Processor.
The Reliability and Accuracy of the Data (SEC Rule 613(a)(1)(iii))
As required by SEC Rule 613(a)(1)(iii), this section discusses the reliability and accuracy of the data reported to and maintained by the Central Repository throughout its lifecycle, including: transmission and receipt from CAT Reporters; data extraction, transformation and loading at the Central Repository; data maintenance at the Central Repository; and data access by the Participants and other regulators. In the Adopting Release, the Commission noted that the usefulness of the data to regulators would be significantly impaired if it is unreliable or inaccurate and as such, the Commission requested that the Participants discuss in detail how the Central Repository will be designed, tested and monitored to ensure the reliability and accuracy of the data collected and maintained in it.
Adopting Release at 45790-91, 45799.
Transmission, Receipt, and Transformation
The initial step in ensuring the reliability and accuracy of data in the Central Repository is the validation checks made by the Plan Processor when data is received and before it is accepted into the Central Repository. In the RFP, the Participants stated that validations must include checks to ensure that data is submitted in the required formats and that lifecycle events can be accurately linked by 12:00 p.m. Eastern Time on T+1, four hours following the submission deadline for CAT Reporters. Once errors are identified, they must be efficiently and effectively communicated to CAT Reporters on a daily basis. CAT Reporters will be required to correct and resubmit identified errors within established timeframes (as discussed in Appendix D, Data Availability).
RFP Section 2.2.4.
The Plan Processor must develop specific data validations in conjunction with development of the Central Repository which must be published in the Technical Specifications. The objective of the data validation process is to ensure that data is accurate, timely and complete at or near the time of submission, rather than to identify submission errors at a later time after data has been processed and made available to regulators. To achieve this objective, a comprehensive set of data validations must be developed that addresses both data quality and completeness. For any data that fails to pass these validations, the Plan Processor will be required to handle data correction and resubmission within established timeframes both in a batch process format and via manual web-based entry.
To assess different validation mechanisms and integrity checks, the RFP required Bidders to provide information on the following:
how data format and context validations for order and quote events submitted by CAT Reporters will be performed and how rejections or errors will be communicated to CAT Reporters;
RFP Question 14.
a system flow diagram reflecting the overall data format, syntax and context validation process that includes when each types of validation will be completed and errors communicated to CAT Reporters, highlighting any dependencies between the different validations and impacts of such dependencies on providing errors back to CAT Reporters;
RFP Question 15.
how related order lifecycle events submitted by separate CAT Reporters will be linked and how unlinked events will be identified and communicated to CAT Reporters for correction and resubmission, including a description of how unlinked records will be provided to CAT Reporters for correction (e.g., specific transmission methods and/or web-based downloads);
RFP Question 16.
how Customer and Customer Account Information submitted by broker-dealers will be validated and how rejections or errors will be communicated to CAT Reporters; and
RFP Question 17.
the mechanisms that will be provided to CAT Reporters for the correction of both market data (e.g., order, quotes, and trades) errors, and Customer and account data errors, including batch resubmissions and manual web-based submissions.
RFP Question 18.
Most Bidders indicated that Customer Account Information including SSN, TIN or LEI will be validated in the initial onboarding processing. Additional validation of Customer Account Information, such as full name, street address, etc., would occur across CAT Reporters and potential duplications or other errors would be flagged for follow-up by the CAT Reporters.
All Bidders recommended that order data validation be performed via rules engines, which allow rules to be created and modified over time in order to meet future market data needs. Additionally, all Bidders indicated that data validations will be real-time and begin in the data ingestion component of the system. Standard data validation techniques include format checks, data type checks, consistency checks, limit and logic checks, or data validity checks. Some Bidders mentioned the ability to schedule the data validation at a time other than submission, because there may be a need to have rules engines perform validation in a batch mode or customized schedule during a different time. All Bidders indicated that when errors are found, the Raw Data will be stored in an error database and notifications would be sent to the CAT Reporters. Most Bidders permitted error correction to be submitted by CAT Reporters at any time.
Section 6.3(b) of the CAT NMS Plan sets forth the policies and procedures for ensuring the timeliness, accuracy and completeness of the data provided to the Central Repository as required by SEC Rule 613(e)(4)(ii) and the accuracy of the data consolidated by the Plan Processor pursuant to SEC Rule 613(e)(4)(iii). It also mandates that each Participant and its Industry Members that are CAT Reporters must ensure that its data reported to the Central Repository is accurate, timely, and complete. Each Participant and its Industry Members that are CAT Reporters must correct and resubmit such errors within established timeframes. In furtherance thereof, data related to a particular order will be reported accurately and sequenced from receipt or origination, to routing, modification, cancellation and/or execution. Additionally each Participant and its Industry Members that are CAT Reporters must test their reporting systems thoroughly before beginning to report data to the Central Repository and Appendix D sets forth that the Plan Processor must make testing facilities available for such testing.
SEC Rule 613(e)(4)(ii) and (iii).
Pursuant to SEC Rule 613(e)(4)(iii), the Plan Processor will design, implement and maintain (1) data accuracy and reliability controls for data reported to the Central Repository and (2) procedures for testing data accuracy and reliability during any system release or upgrade affecting the Central Repository and the CAT Reporters. The Operating Committee will, as needed, but at least annually, review policies and procedures to ensure the timeliness, accuracy, and completeness of data reported to the Central Repository.
SEC Rule 613(e)(4)(iii).
In order to validate data receipt, the Plan Processor will be required to send an acknowledgement to each CAT Reporter notifying them of receipt of data submitted to the Central Repository to enable CAT Reporters to create an audit trail of their own submissions and allow for tracking of data breakdowns when data is not received. The data received by the Plan Processor must be validated at both the file and individual record level if appropriate. The required data validations may be amended based on input from the Operating Committee and the Advisory Committee. Records that do not pass basic validations, such as syntax rejections, will be rejected and sent back to the CAT Reporter as soon as possible, so it can repair and resubmit the data.
Error Communication, Correction, and Processing
The Plan Processor will define and design a process to efficiently and effectively communicate to CAT Reporters identified errors. All identified errors will be reported back to the CAT Reporter and other Data Submitters who submitted the data to the Central Repository on behalf of the CAT Reporter, if necessary. The Central Repository must be able to receive error corrections and process them at any time, including timeframes after the standard repair window. The industry supports a continuous validation process for the Central Repository, continuous feedback to CAT Reporters on error identification and the ability to provide error correction at any time even if beyond the error correction timeframe. The industry believes that this will better align with the reporting of complex transactions and allocations and is more efficient for CAT Reporters. CAT Reporters will be able to submit error corrections through a web-interface or via bulk uploads or file submissions. The Plan Processor must support bulk replacement of records, subject to approval by the Operating Committee, and reprocess such replaced records. A GUI must be available for CAT Reporters to make updates to individual records or attributes. Additionally, the Plan Processor will provide a mechanism to provide auto-correction of identified errors and be able to support group repairs (i.e., the wrong issue symbol affecting multiple reports).
FIF Consolidated Audit Trail Working Group Processor Proposed Optimal Solution Recommendations at 6 (Sep. 15, 2014), available at http://www.sec.gov/comments/4-668/4668-16.pdf (the “FIF Optimal Solution Recommendations”).
FIF Response at 36.
SEC Rule 613(e)(6) also requires the Participants to specify a maximum Error Rate for data reported to the Central Repository pursuant to SEC Rule 613(c)(3) and (4). The Participants understand that the Central Repository will require new reporting elements and methods for CAT Reporters and there will be a learning curve when CAT Reporters begin to submit data to the Central Repository. However, the utility of the CAT is dependent on it providing a timely, accurate and complete audit trail for the Participants and other regulators. Therefore, the Participants are proposing an initial maximum Error Rate of 5%, subject to quality assurance testing performed prior to launch, and it is anticipated that it will be reset when Industry Members, excluding Small Industry Members, begin to report to the Central Repository and again when Small Industry Members begin to report to the Central Repository. The Participants believe that this rate strikes the balance of making allowances for adapting to a new reporting regime, while ensuring that the data provided to regulators will be capable of being used to conduct surveillance and market reconstruction. Periodically, the Plan Processor will analyze reporting statistics and Error Rates and make recommendations to the Operating Committee for proposed changes to the maximum Error Rate. Changes to the maximum Error Rate will be approved by the Operating Committee. The maximum Error Rate will be reviewed and reset at least on an annual basis.
SEC Rule 613(e)(6)(i) defines “Error Rate” to mean “[t]he percentage of reportable events collected by the central repository for which the data reported does not fully and accurately reflect the order event that occurred in the market.” All CAT Reporters, including the Participants, will be included in the Error Rate. CAT Reporters will be required to meet separate compliance thresholds, which will be a CAT Reporter-specific rate that may be used as the basis for further review or investigation into CAT Reporter performance (the “Compliance Thresholds”). Compliance Thresholds will compare a CAT Reporter's error rate to the aggregate Error Rate over a period of time to be defined by the Operating Committee. See infra note 3790 and accompanying text (discussing Compliance Thresholds). A CAT Reporter's performance with respect to the Compliance Threshold will not signify, as a matter of law, that such CAT Reporter has violated SEC Rule 613 or the rules of any Participant concerning the CAT.
As indicated by FINRA in its comment to the Adopting Release, OATS compliance rates have steadily improved as reporters have become more familiar with the system. When OATS was first adopted compliance rates were 76%, but current compliance rates are 99%. See Letter from Marcia E. Asquith, Senior Vice President and Corporate Secretary, FINRA, to Elizabeth M. Murphy, Secretary, Commission (Aug. 9, 2010).
Adopting Release at 45790-91.
In order to help reduce the maximum Error Rate, the Plan Processor will measure the Error Rate on each business day and must take the following steps in connection with error reporting: (1) the Plan Processor will provide CAT Reporters with their error reports as they become available and daily statistics will be provided after data has been uploaded and validated by the Central Repository; (2) error reports provided to CAT Reporters will include descriptive details as to why each data record was rejected by the Central Repository; and (3) on a monthly basis, the Plan Processor will produce and publish reports detailing performance and comparison statistics, similar to the Report Cards published for OATS presently, which will enable CAT Reporters to identify how they compare to the rest of their industry peers and help them assess the risk related to their reporting of transmitted data.
All CAT Reporters exceeding the Error Rate will be notified each time that they have exceeded the maximum allowable Error Rate and will be informed of the specific reporting requirements that they did not fully meet (e.g., timeliness or rejections). Upon request from the Participants or other regulators, the Plan Processor will produce and provide reports containing Error Rates and other metrics as needed on each CAT Reporter's Compliance Thresholds so that the Participants as Participants or the SEC may take appropriate action for failing to comply with the reporting obligations under the CAT NMS Plan and SEC Rule 613.
SEC Rule 613(e)(6) requires the prompt correction of data to the Central Repository. As discussed in the NMS Plan, there are a minimum of three validation processes that will be performed on data submitted to the Central Repository. The Plan Processor will be required to identify specific validations and metrics to define the Data Quality Governance requirements, as defined in Appendix D, Receipt of Data from Reporters.
The Plan Processor will identify errors on CAT file submissions that do not pass the defined validation checks above and conform to the Data Quality Governance requirements. Error Rates will be calculated during the CAT Data and linkage validation processes. As a result, the Participants propose an initial maximum overall Error Rate of 5% on initially submitted data, subject to quality assurance testing period performed prior to launch. It is anticipated that this Error Rate will be evaluated when Industry Members, excluding Small Industry Members, begin to report to the Central Repository and then again when Small Industry Members begin to report to the Central Repository.
As required by SEC Rule 613(e)(6)(ii), the Error Rate will be calculated on a daily basis as the number of erroneous records divided by the total number of records received on any given day and will be inclusive of validation of CAT Data and linkage validations. Error Rates are calculated for reporting groups as a whole, not for individual firms. Individual firms within a reporting group may have higher or lower Error Rates, though they would still be subject to any penalties or fines for excessive Error Rates to be defined by the Operating Committee. Additionally, this Error Rate will be considered for the purpose of reporting metrics to the SEC and the Operating Committee and individual firms will need to maintain Compliance Thresholds as described below.
The Participants expect that error rates after reprocessing of error corrections will be de minimis.
In determining the initial maximum Error Rate of 5%, the Participants have considered the current and historical OATS Error Rates, the magnitude of new reporting requirements on the CAT Reporters and the fact that many CAT Reporters may have never been obligated to report data to an audit trail.
The Participants considered industry experience with FINRA's OATS system over the last 10 years. During that timeframe there have been three major industry impacting releases. These three releases are known as (1) OATS Phase III, which required manual orders to be reported to OATS; (2) OATS for OTC Securities which required OTC equity securities to be reported to OATS; and (3) OATS for NMS which required all NMS stocks to be reported to OATS. Each of these releases was accompanied by significant updates to the required formats which required OATS reporters to update and test their reporting systems and infrastructure.
See FINRA, OATS Phase III, http://www.finra.org/Industry/Compliance/MarketTransparency/OATS/PhaseIII/ .
See FINRA, OATS Reporting Requirements to OTC Equity Securities, http://www.finra.org/Industry/Compliance/MarketTransparency/OATS/OTCEquitySecurities/ .
See FINRA, OATS Expansion to all NMS Stocks, https://www.finra.org/Industry/Compliance/MarketTransparency/OATS/NMS/ .
The combined average error rates for the time periods immediately following release across five significant categories for these three releases follow. The average rejection percentage rate, representing order events that did not pass systemic validations, was 2.42%. The average late percentage rate, representing order events not submitted in a timely manner, was 0.36%. The average order/trade matching error rate, representing OATS Execution Reports unsuccessfully matched to a TRF trade report was 0.86%. The average Exchange/Route matching error rate, representing OATS Route Reports unsuccessfully matched to an exchange order was 3.12%. Finally, the average Interfirm Route matching error rate, representing OATS Route Reports unsuccessfully matched to a report representing the receipt of the route by another reporting entity was 2.44%. Although the error rates for the 1999 initial OATS implementation were significantly higher than those laid out above, the Participants believe that technical innovation and institutional knowledge of audit trail creation over the past 15 years makes the more recent statistics a better standard for the initial Error Rate. Based upon these historical error rates, and given that reporting to the Central Repository will involve reporting on new products (i.e., options) and reporting by new reporters (including both broker-dealers and Participants who have not previously been required to report to OATS), the Participants believe that the initial Error Rate will be higher than the recent rates associated with OATS releases and that an initial Error Rate of 5% is an appropriate standard.
The initial rejection rates for OATS were 23% and a late reporting rate of 2.79%.
The Participants believe that to achieve this Error Rate, however, the Participants and the industry must be provided with ample resources, including a stand-alone test environment functionally equivalent to the production environment, and time to test their reporting systems and infrastructure. Additionally, the Technical Specifications must be well written and effectively communicated to the reporting community with sufficient time to allow proper technical updates, as necessary. The Participants believe that the Error Rate strikes the balance of adapting to a new reporting regime, while ensuring that the data provided to regulators will be capable of being used to conduct surveillance and market reconstruction, as well as having a sufficient level of accuracy to facilitate the retirement of existing regulatory reports and systems where possible.
The Participants are proposing a phased approach to lowering the maximum Error Rate. Under the proposed approach, one year after a CAT Reporter's respective filing obligation has begun, their maximum Error Rate would become 1%. Maximum Error Rates under the proposed approach would thus be as follows:
Error rate reporting will be bifurcated by reporter group (e.g., Large Broker/Dealers) rather than product type to minimize the complexity of Error Rate calculations.
As used in this table, “years” refer to years after effectiveness of the NMS Plan.
One year | Two years | Three years | Four years | |
---|---|---|---|---|
Participants | 5% | 1% | 1% | 1% |
Large broker-dealers | N/A | 5% | 1% | 1% |
Small broker-dealers | N/A | N/A | 5% | 1% |
In addition to the above mentioned daily Error Rate, CAT Reporters will be required to meet separate Compliance Thresholds, which rather than the Error Rate, will be a CAT Reporter-specific rate that may be used as the basis for further review or investigation into CAT Reporter performance. Although Compliance Thresholds will not be calculated on a daily basis, this does not: (1) relieve CAT Reporters from their obligation to meet daily reporting requirements set forth in SEC Rule 613; or (2) prohibit disciplinary action against a CAT Reporter for failure to meet its daily reporting requirements set forth in SEC Rule 613. The Operating Committee may consider other exceptions to this reporting obligation based on demonstrated legal or regulatory requirements or other mitigating circumstances.
Compliance Thresholds will be set by the Operating Committee. Compliance Thresholds for CAT Reporters will be calculated at intervals to be set by the Operating Committee. All CAT Reporters, including the Participants, will be subject to Compliance Thresholds. Compliance Thresholds will include, among other items, compliance with clock synchronization requirements.
In order to reduce the maximum Error Rate and help CAT Reporters to meet their Compliance Thresholds, the Plan Processor must provide support for CAT Reporter “go-live” dates, as specified in Appendix D, User Support.
Sequencing Orders and Clock Synchronization
SEC Rule 613(c)(1) requires the Central Repository to provide “an accurate, time-sequenced record of orders,” and SEC Rule 613(d)(1) requires the CAT NMS Plan to require each CAT Reporter “to synchronize its business clocks that are used for the purposes of recording the date and time of any reportable event . . . to the time maintained by the National Institute of Standards and Technology (NIST), consistent with industry standards.” As an initial matter, because of the drift between clocks, an accurately-sequenced record of orders cannot be based solely on the time stamps provided by CAT Reporters. As discussed above, the CAT NMS Plan requires that CAT Reporters synchronize their clocks to within 50 milliseconds of the NIST. Because of this permitted drift, any two separate clocks can vary by 100 milliseconds: one clock can drift forward 50 milliseconds while another can drift back 50 milliseconds. Thus, it is possible to have, for example, one firm report the route of an order at 10:40:00.005 while the firm receiving the routed order reports a receipt time of 10:39:59.983 (i.e., the time stamps alone indicate that the routed order was received before it was sent). For this reason, the Participants plan to require that the Plan Processor develop a way to accurately track the sequence of order events without relying entirely on time stamps.
Events occurring within a single system that uses the same clock to time stamp those events should be able to be accurately sequenced based on the time stamp. For unrelated events, e.g., multiple unrelated orders from different broker-dealers, there would be no way to definitively sequence order events within the allowable clock drift as defined in Article 6.8.
There were several different approaches suggested by the Bidders to accomplish the accurate sequencing of order events. Some Bidders suggested using time stamp-based sequencing; however, most Bidders recognized that, while all CAT Reporters should have their time stamp clocks synchronized, in practice this synchronization cannot be wholly relied upon due to variations in computer systems. These Bidders rely on linkage logic to derive the event sequencing chain, such as parent/child orders. To help resolve time stamp issues, one Bidder proposed adding unique sequence ID numbers as well to the event information to help with time clock issues and a few others would analyze the variations on clock time and notify those CAT Reporters that need to resynchronize their clocks.
The Participants believe that using a linking logic not dependent on time stamps would enable proper sequencing of an order. This decision is supported by the industry since time stamps across disparate systems cannot be guaranteed and are likely to be error-prone. The Participants believe that this type of sequencing can be successfully used for both simple and complex orders that will be reported to the Central Repository. The industry supports using event sequencing that is already built into the exchange protocols, which imposes sequencing and determines the true market environment.
See Letter from Manisha Kimmel, Executive Director, Financial Information Forum, to Participant Representatives of the CAT (June 12, 2013), available at http://catnmsplan.com/industryFeedback/P284394 (“FIF Letter”).
FIF Letter at 11.
As required by Section 6.8(a) of the CAT NMS Plan, each Participant will synchronize its Business Clocks (other than Business Clocks used solely for Manual Order Events, which will be required to be synchronized to within one second of the time maintained by the NIST) used for the purposes of recording the date and time of any Reportable Event that must be reported under SEC Rule 613 to within 50 milliseconds of the time maintained by the NIST, and will adopt a Compliance Rule requiring its Industry Members to do the same. Furthermore, in order to ensure the accuracy of time stamps for Reportable Events, the Participants anticipate that Participants and Industry Members will adopt policies and procedures to verify such required synchronization each Trading Day (1) before the market opens and (2) periodically throughout the Trading Day.
As noted above, Rule 613(d)(1) requires the CAT NMS Plan to impose a clock synchronization requirement “consistent with industry standards.” The Participants believe that the 50 millisecond clock synchronization drift tolerance included in Section 6.8(a) represents the current industry clock synchronization standard and therefore satisfies the Rule. To determine the current industry standard, the Participants relied on survey feedback provided by industry members, as further discussed in Appendix C, D.12.
Importantly, Section 6.8 requires, pursuant to Rule 613(c)(2), that Participants, together with the Plan Processor's Chief Compliance Officer, evaluate the clock synchronization standard on an annual basis to reflect changes in industry standards. Accordingly, to the extent existing technology that synchronizes business clocks with a lower tolerance (i.e., within less than 50 milliseconds drift from NIST) becomes widespread enough throughout the industry to constitute a new standard, the clock synchronization requirement of the CAT NMS Plan would be revised to take account of the new standard.
In accordance with SEC Rule 613(d), Section 6.8(c) of the CAT NMS Plan states that “[i]n conjunction with Participants and other appropriate Industry Member advisory groups, the Chief Compliance Officer shall annually evaluate whether industry standards have evolved such that: (i) the synchronization standard in Section 6.8(a) should be shortened; or (ii) the required time stamp in Section 6.8(b) should be in finer increments.”
The Participants anticipate that compliance with this provision will require Participants and Industry Members to perform the following or comparable procedures. The Participants and their Industry Members will document their clock synchronization procedures and maintain a log recording the time of each clock synchronization performed, and the result of such synchronization, specifically identifying any synchronization revealing that the discrepancy between its Business Clock and the time maintained by the NIST exceeded 50 milliseconds. At all times such log will include results for a period of not less than five years ending on the then current date.
In addition to clock synchronization requirements, the Participants considered the appropriate level of time granularity to be required in the CAT NMS Plan. Although millisecond increments are generally the industry standard for trading systems, there is a wide range of time stamp granularity across the industry commonly ranging from seconds to milliseconds to micro-seconds for Latency sensitive applications. The disparity is largely attributed to the age of the system being utilized for reporting, as older systems cannot cost effectively support, finer time stamp granularity. To comply with a millisecond time stamp requirement, the Participants understand that firms may face significant costs in both time and resources to implement a consistent time stamp across multiple systems. This may include a need to upgrade databases, internal messaging applications/protocols, data warehouses, and reporting applications to enable the reporting of such time stamps to the Central Repository. Because of this, FIF recommended to the Participants a two year grace period for time stamp compliance. FIF and SIFMA also supported an exception for millisecond reporting for order events that are manually processed, which is discussed below.
Letter from T.R. Lazo, Managing Director, SIFMA, and Thomas Price, Managing Director, SIFMA (June 11, 2013), available at http://catnmsplan.com/industryFeedback/P284395 (“SIFMA Letter”); FIF Letter at 10.
FIF Letter at 10.
FIF Letter at 10; SIFMA Comments on Selected Topics at 11.
FIF Letter at 10.
FIF Letter at 10.
FIF Letter at 10; SIFMA Letter at 11.
To the extent that any CAT Reporter uses time stamps in increments finer than the minimum required by the CAT NMS Plan, each Participant will, and will adopt a rule requiring its Industry Members that are CAT Reporters to, use such finer increments when providing data to the Central Repository.
With respect to the requirement under SEC Rule 613(c) and (d)(3) that time stamps “reflect current industry standards and be at least to the millisecond,” the Participants believe that time stamp granularity to the millisecond reflects current industry standards. However, after careful consideration, including numerous discussions with the DAG, the Participants have determined that time stamp granularity at the level of a millisecond is not practical for order events that involve non-electronic communication of information (“Manual Order Events”). In particular, it is the Participants' understanding that recording Manual Order Events to the millisecond would be both very costly, requiring specialized software configurations and expensive hardware, and inherently imprecise due to the manner in which human interaction is required. The industry feedback that the Participants received through the DAG suggests that the established business practice with respect to Manual Order Events is to manually capture time stamps with granularity at the level of a second because finer increments cannot be accurately captured when dealing with manual processes which, by their nature, take longer to perform than a time increment of under one second. The Participants agree that, due to the nature of transactions originated over the phone, it is not practical to attempt granularity finer than one second, as any such finer increment would be inherently unreliable. Further, the Participants do not believe that recording Manual Order Events to the second will hinder the ability of regulators to determine the sequence in which Reportable Events occur.
As a result of these discussions, the Exemptive Request Letter requested exemptive relief from the Commission to allow the CAT NMS Plan to require Manual Order Events to be captured with granularity of up to and including one second or better, but also require CAT Reporters to report the time stamp of when a Manual Order Event was captured electronically in the relevant order handling and execution system of the party to the event. Granularity of the Electronic Capture Time will be consistent with the SEC Rule 613(d)(3) requirement that time stamps be at least to the millisecond.
Thus, the Participants have determined that adding the Electronic Capture Time would be beneficial for successful reconstruction of the order handling process and would add important information about how the Manual Order Events are processed once they are entered into an electronic system. Additionally, Manual Order Events, when reported, must be clearly identified as such.
Data Maintenance and Management
Data Maintenance and Management of the Central Repository “refers to the process for storing data at the [C]entral [R]epository, indexing the data for linkages, searches, and retrieval, dividing the data into logical partitions when necessary to optimize access and retrieval, and the creation and storage of data backups.”
Adopting Release at 45790 n.782.
The Plan Processor must create a formal records retention policy to be approved by the Operating Committee. All of the data (including both corrected and uncorrected or rejected data) in the Central Repository must be kept online for a rolling six year period, which would create a six year historical audit trail. This data must be directly available and searchable by regulators electronically without any manual intervention. Additionally, the Plan Processor is required to create and maintain for a minimum of six years a symbol history and mapping table, as well as to provide a tool that will display a complete issue symbol history that will be accessible to CAT Reporters, Participants and the SEC.
Assembled lifecycles of order events must be stored in a linked manner so that each unique event (e.g., origination, route, execution, modification) can be quickly and easily associated with the originating customer(s) for both targeted queries and comprehensive data scans. For example, an execution on an exchange must be linked to the originating customer(s) regardless of how the order may have been aggregated, disaggregated, or routed through multiple broker-dealers before being sent to the exchange for execution.
Most Bidders recommended dividing data in the Central Repository into nodes based on symbol, date or a combination thereof in order to speed query response times. The Participants are not specifying how the data is divided, but will require that it be partitioned in a logical manner in order to optimize access and retrieval.
All of the Bidders addressed data loss through data replication and redundancy. Some of the Bidders proposed a hot-hot design for replication for primary and secondary data, so both sites are fully operational at all times and there would be no recovery time necessary in the case of fall-over to the secondary site. However, this is a more costly solution, and many Bidders therefore proposed data loss prevention by operating in a hot-warm design for replication to a secondary site. The Participants are requiring that the Plan Processor implement a disaster recover capability that will ensure no loss of data and will support the data availability requirements for the Central Repository and a secondary processing site will need to be capable of recovery and restoration of services at the secondary site within 48 hours of a disaster event.
Data Access by Regulators
As detailed in Appendix C, Time and Method by which CAT Data will be Available to Regulators, the Participants and other regulators will have access to raw unprocessed data that has been ingested by the Central Repository prior to Noon Eastern Time on T+1. Between Noon Eastern Time on T+1 and T+5, the Participants and other regulators should have access to all iterations of processed data. At T+5, the Participants and other regulators should have access to corrected data. The Plan Processor must adopt policies and procedures to reasonably inform Participants and the SEC of material data corrections made after T+5. The Participants and other regulators will be able to build and generate targeted queries against data in the Central Repository. More information about the report, query, and extraction capabilities can be found in Appendix D, Functionality of the CAT System.
See Appendix C, Time and Method by which CAT Data will be Available to Regulators.
Id.
Id.
Data Recovery and Business Continuity
As noted above, in addition to describing data security and confidentiality, all of the Bidders were required to set forth an approach to data loss recovery and business continuity in the event of data loss. All of the Bidders addressed data loss through data replication and redundancy. Some of the Bidders proposed a hot-hot design for replication for primary and secondary data, so both sites are fully operational at all times and there would be no recovery time necessary in the case of fall-over to the secondary site. However, this is a more costly solution, and many Bidders therefore proposed data loss prevention by operating in a hot-warm design for replication to a secondary site.
The Plan Processor must comply with industry best practices for disaster recovery and business continuity planning, including the standards and requirements set forth in Appendix D, BCP/DR Process.
With respect to business continuity, the Participants have developed the following requirements that the Plan Processor must meet. In general, the Plan Processor will implement efficient and cost-effective backup and disaster recovery capability that will ensure no loss of data and will support the data availability requirements and anticipated volumes of the Central Repository. The disaster recovery site must have the same level of availability/capacity/throughput and data as the primary site. In addition, the Plan Processor will be required to design a Business Continuity Plan that is inclusive of the technical and business activities of the Central Repository, including the items specified in Appendix D, BCP/DR Process (e.g., bi-annual DR testing and an annual Business Continuity Audit).
The Security and Confidentiality of the Information Reported to the Central Repository (SEC Rule 613(a)(1)(iv))
As required by SEC Rule 613(a)(1)(iv), this section describes the security and confidentiality of the information reported to the Central Repository. As the Commission noted in the Adopting Release, keeping the data secure and confidential is critical to the efficacy of the Central Repository and the confidence of market participants. There are two separate categories for purposes of treating data security and confidentiality: (1) PII; and (2) other data related to orders and trades reported to the CAT.
Some trade data (e.g., trade data feeds disseminated by the SIPs) is public and therefore of little concern from a security standpoint. However, because this data may be linked to confidential order data or other non-public information, the Participants are requiring the Plan Processor to store this public data in the same manner as the non-public order and trade information submitted to the Central Repository by Data Submitters.
Because of the importance of data security, the Participants included in the RFP numerous questions to Bidders requesting detailed information on their data security approaches. In the RFP, the Participants requested general information regarding the following:
how the Bidder's solution protects data during transmission, processing, and at rest (i.e., when stored in the Central Repository);
RFP Question 65.
the specific security governance/compliance methodologies utilized in the proposed solution;
RFP Question 66.
how access to the data is controlled and how the system(s) confirms the identity of persons (e.g., username/password), monitors who is permitted to access the data and logs every instance of user access;
RFP Question 67.
what system controls for users are in place to grant different levels of access depending on their role or function;
RFP Question 68.
the strategy, tools and techniques, and operational and management practices that will be used to maintain security of the system;
RFP Question 69.
the proposed system controls and operational practices;
RFP Question 70.
the organization's security auditing practices, including internal audit, external audit, third-party independent penetration testing, and all other forms of audit and testing;
RFP Question 71.
how security practices may differ across system development lifecycles and environments that support them (e.g., development, testing, and production);
RFP Question 72.
experiences in developing policies and procedures for a robust security environment, including the protection of PII;
RFP Question 75.
the use of monitoring and incident handling tools to log and manage the incident handling lifecycle;
RFP Question 76.
the approach(es) to secure user access, including security features that will prevent unauthorized users from accessing the system;
RFP Question 77.
the processes/procedures followed if security is breached;
RFP Question 78.
the infrastructure security architecture, including network, firewalls, authentication, encryption, and protocols; and
RFP Question 79.
the physical security controls for corporate, data center and leased data center locations.
RFP Question 80.
All Bidders acknowledged the importance of data security; however, the proposals varied in the details about security policies, data access management, proactive monitoring and intrusion prevention, and how data security will be implemented. Some Bidders intend to leverage their experience in financial services and adopt their policies and technologies to control data, and many Bidders supported such measures as role-based access controls, two factor authentication, detailed system logs, and segmentation of sensitive data that is isolated in both logical and physical layers. Other Bidders indicated that they would use role-based security policies, data and file encryption, and redundant and layered controls to prevent unauthorized access. Additionally, Bidders noted that the physical locations at which data is stored need security measures to ensure data is not compromised. Some Bidders indicated that physical controls would include background checks for employees working with the system; physical building security measures (e.g., locks, alarms, key control programs, CCTV monitoring for all critical areas, and computer controlled access systems with ID badges).
The RFP also requested additional information specific to the treatment and control over PII. The RFP required Bidders to specifically address:
RFP Question 5.
how PII access will be controlled and tracked.
RFP Question 6.
All of the Bidders proposed segregating PII from the other data in the Central Repository. Additionally, all of the Bidders recommended limiting access to PII to only those regulators who need to have access to such information, and requiring additional validations to access PII. Although all Bidders proposed to keep a log of access to the Central Repository by user, the Bidders suggested different methods of authentication and utilized varying security policies, including the use of VPNs or HTTPS.
The RFP also requested information from Bidders on data loss prevention (“DLP”) and business continuity to ensure the continued security and availability of the data in the Central Repository. Specifically, the RFP asked Bidders to describe:
RFP Question 73. The Bidders were asked to include information pertaining to strategy, tools and techniques, and operational and management practices that will be used.
the process of data classification and how it relates to the DLP architecture and strategy.
RFP Question 74.
Based upon the RFP responses, as well as input from the Participants' information security teams and discussions with the DAG, information security requirements were developed and are defined in Appendix D, Data Security. These requirements are further explained below.
General Security Requirements
SEC Rule 613 requires that the Plan Processor ensure the security and confidentiality of all information reported to and maintained by the Central Repository in accordance with the policies, procedures, and standards in the CAT NMS Plan. Based on the numerous options and proposals identified by the Bidders, the Participants have outlined multiple security requirements the Plan Processor will be required to meet to ensure the security and confidentiality of data reported to the Central Repository. The Plan Processor will be responsible for ensuring the security and confidentiality of data during transmission and processing as well as data at rest.
SEC Rule 613(e)(4). This section of Appendix C provides an outline of the policies and procedures to be implemented. When adopting this requirement, the Commission recognized “the utility of allowing the [Participants] flexibility to subsequently delineate them in greater detail with the ability to make modifications as needed.” Adopting Release at 45782. Additional detail is provided in Appendix D, Data Security.
The Plan Processor must provide a solution addressing physical security controls for corporate, data center and any leased facilities where any of the above data is transmitted or stored. In addition to physical security, the Plan Processor must provide for data security for electronic access by outside parties, including Participants and the SEC and, as permitted, CAT Reporters or Data Submitters. Specific requirements are detailed in Appendix D, Data Security, and include requirements such as role-based user access controls, audit trails for data access, and additional levels of protection for PII.
Pursuant to SEC Rule 613(i)(C), the Plan Processor has to develop and maintain a comprehensive security program for the Central Repository with dedicated staff: (1) that is subject to regular reviews by the Chief Compliance Officer; (2) that has a mechanism to confirm the identity of all persons permitted to access the data; and (3) that maintains a record of all such instances where such persons access the data. In furtherance of this obligation, the CAT NMS Plan requires the Plan Processor to designate a Chief Compliance Officer and a Chief Information Security Officer, each subject to approval by the Operating Committee. Each position must be a full-time position. Section 6.2(a) of the CAT NMS Plan provides that the Chief Compliance Officer must develop a comprehensive compliance program covering all CAT Reporters, including the Participants and Industry Members. Section 6.2(b) of the CAT NMS Plan provides that the Chief Information Security Officer shall be responsible for creating and enforcing appropriate policies, procedures, standards and control structures to monitor and address data security issues for the Plan Process and the CAT System as detailed in Appendix D, Data Security.
See Section 6.2(a)(v) of the CAT NMS Plan for a more detailed list of the activities to be performed by the Chief Compliance Officer.
Section 6.12 of the CAT NMS Plan requires that the Plan Processor develop and maintain a comprehensive information technology security program for the Central Repository, to be approved and reviewed at least annually by the Operating Committee. To effectuate these requirements, Appendix D sets forth certain provisions designed to (1) limit access to data stored in the Central Repository to only authorized personnel and only for permitted purposes; (2) ensure data confidentiality and security during all communications between CAT Reporters and the Plan Processor, data extractions, manipulation and transformation, loading to and from the Central Repository, and data maintenance by the Central Repository; (3) require the establishment of secure controls for data retrieval and query reports by Participants' regulatory staff and the SEC; and (4) otherwise provide appropriate database security for the Central Repository. Section 6.2(a) of the CAT NMS Plan provides that the Chief Compliance Officer, in collaboration with the Chief Information Security Officer, will retain independent third parties with appropriate data security expertise to review and audit on an annual basis the policies, procedures, standards, and real time tools that monitor and address data security issues for the Plan Processor and the Central Repository.
See SEC Rule 613(e)(5).
The Plan Processor must have appropriate solutions and controls in place to ensure data confidentiality and security during all communication between CAT Reporters and the CAT System, data extraction, manipulation and transformation, loading to and from the Central Repository and data maintenance by the system. The solution must also address secure controls for data retrieval and query reports by Participant regulatory staff and the SEC. The solution must provide appropriate tools, logging, auditing and access controls for different components of the system, such as access to the Central Repository, access for CAT Reporters, access to rejected data, processing status and CAT Reporter calculated Error Rates.
In addition, pursuant to SEC Rule 613(e)(4)(i)(C)(2), the Plan Processor will develop and maintain a mechanism to confirm the identity of all persons permitted to access the data. The Plan Processor is responsible for defining, assigning and monitoring CAT Reporter entitlements. Similarly, pursuant to SEC Rule 613(e)(4)(i)(C)(3), the Plan Processor will record all instances where a person accesses the data.
Pursuant to SEC Rule 613(e)(4)(i)(B), Section 6.5(e)(ii) of the CAT NMS Plan requires each Participant to adopt and enforce rules that require information barriers between its regulatory staff and non-regulatory staff with regard to access to and use of data in the Central Repository, and permit only persons designated by such Participants to have access to and use of the data in the Central Repository.
The Plan Processor will also develop a formal cyber incident response plan to provide guidance and direction during security incidents, and will also document all information relevant to any security incidents, as detailed in Appendix D, Data Security.
PII
As noted above, because of the sensitivity of PII, the Participants have determined PII should be subject to more stringent standards and requirements than other order and trading data. In response to the RFP questions, many Bidders mentioned that a range of techniques were required to ensure safety of PII. These techniques included development of PII policies and managerial processes for use by Plan Processor as well as Participants' staff and the SEC, physical data center considerations and strong automated levels, such as application, mid-tier, database, and operating systems levels, and use of role-based access and other parameters such as time-limited, case-restricted, and compartmentalized privilege. Most Bidders advocated for separate storage of PII in a dedicated repository to reduce the ability for hacking events to occur.
In accordance with SEC Rule 613(e)(4)(i)(A), all Participants and their employees, as well as all employees of the Plan Processor, will be required to use appropriate safeguards to ensure the confidentiality of data reported to the Central Repository and not to use such data for any purpose other than surveillance and regulatory purposes. A Participant, however, may use the data that it reports to the Central Repository for regulatory, surveillance, commercial, or other purposes.
The Participants anticipate that access to PII will be limited to a “need-to-know” basis. Therefore, it is expected that access to PII associated with customers and accounts will have a much lower number of registered users, and access to this data will be limited to Participants' staff and the SEC who need to know the specific identity of an individual. For this reason, PII such as SSN and TIN will not be made available in the general query tools, reports, or bulk data extraction. The Participants will require that the Plan Processor provide for a separate workflow granting access to PII (including an audit trail of such requests) that allows this information to be retrieved only when required by specific regulatory staff of a Participant or the SEC, including additional security requirements for this sensitive data. Specifically, the Plan Processor must take steps to protect PII as defined in Appendix D, Data Security and including items such as storage of PII separately from order and transaction data, multi-factor authentication for access to PII data, and a full audit trail of all PII data access.
As described in Appendix C, Reporting Data to the CAT, general queries can be carried out using the Customer-ID without the need to know specific, personally-identifiable information (i.e., who the individual Person associated with the Customer-ID is). The Customer-ID will be associated with the relevant accounts of that Person; thus, the use of Customer-ID for querying will not reduce surveillance.
It is anticipated that the Technical Specifications will set forth additional policies and procedures concerning the security of data reported to the Central Repository; however, any such policies and procedures must, at a minimum, meet the requirements set forth in the CAT NMS Plan and Appendix D.
The Flexibility and Scalability of the CAT (SEC Rule 613(a)(1)(v))
Overview
As required by SEC Rule 613(a)(1)(v), this section discusses the flexibility and scalability of the systems used by the Central Repository to collect, consolidate and store CAT Data, including the capacity of the Central Repository to efficiently incorporate, in a cost-effective manner, improvements in technology, additional capacity, additional order data, information about additional Eligible Securities or transactions, changes in regulatory requirements, and other developments.
The Plan Processor will ensure that the Central Repository's technical infrastructure is scalable, adaptable to new requirements and operable within a rigorous processing and control environment. As a result, the technical infrastructure will require an environment with significant throughput capabilities, advanced data management services and robust processing architecture. The technical infrastructure should be designed so that in the event of a capacity upgrade or hardware replacement, the Central Repository can continue to receive data from CAT Reporters with no unexpected issues.
The Plan Processor will perform assessments of the Central Repository's technical infrastructure to ensure the technology employed therein continues to meet the functional requirements established by the Participants. The Plan Processor will provide such assessments to, and review such assessments with, the Operating Committee within one month of completion. The Operating Committee will set forth the frequency with which the Plan Processor is required to perform such assessments. The Operating Committee must approve all material changes/upgrades proposed by the Plan Processor before they can be acted upon. The Operating Committee may solicit feedback from the Advisory Committee for additional comments and/or suggestions on changes to the capacity study as the Operating Committee determines necessary.
The Central Repository will employ optimal technology for supporting (1) scalability to increase capacity to handle a significant increase in the volume of data reported, (2) adaptability to support future technology developments and new requirements and (3) maintenance and upgrades to ensure that technology is kept current, supported and operational.
Participants will provide metrics and forecasted growth to facilitate Central Repository capacity planning. The Plan Processor will maintain records of usage statistics to identify trends and processing peaks. The Central Repository's capacity levels will be determined by the Operating Committee and used to monitor resources, including CPU power, memory, storage, and network capacity.
The Plan Processor will ensure the Central Repository's compliance with all applicable service level agreements concerning flexibility and scalability of the Central Repository, including those specified in the CAT NMS Plan and by the Operating Committee.
Approaches proposed by Bidders
Information received from Shortlisted Bidders indicated that all six Shortlisted Bidders considered incoming transaction volumes to be one of their most significant drivers of cost across hardware, software, and full-time employees (“FTEs”), with the expected rate of increase in transaction volumes and retention requirements also being prominent drivers of cost. The approaches described above will facilitate effective management of these factors to provide for a cost-effective and flexible Central Repository.
As noted in the RFP, the Bidders were required to provide comments on how the Central Repository would be scalable for growth in the following aspects: number of issues accepted by the CAT, types of messages accepted by the CAT, addition of fields stored on individual data records or increases in any data type due to market growth. The Bidders were also requested to describe how the system can be scaled up for peak periods and scaled down as needed.
Bidders using a network infrastructure of data collection hubs noted the use of Ethernet links throughout a single hub as a method of handling additional throughput and capacity. Other Bidders note access points will be load balanced, allowing for additional capacity. Some Bidders note the need for continued monitoring to facilitate timely addition of capacity or other upgrades. Other Bidders highlighted the ability to scale processing horizontally by adding nodes to the database structure which will allow for additional capacity. In this instance, adding nodes to an existing clustered environment allows for the preservation of processing speed in the existing processing environment. In a cloud solution, Bidders note the systems will scale automatically. That is, the processing load or capacity is determined at the instance the tool is `run' by the processer. Some Bidders broadly note that the selection of platform components or features of their proposed solution infrastructure was the key in developing a scalable system. It is further noted that the selection of these elements allows for technological upgrades to incorporate newer technologies without a system replacement. Bidders identify the use of additional server and storage capacity as a key proponent of providing a scalable system.
See, e.g., Google Cloud Platform, https://cloud.google.com/developers/articles/auto-scaling-on-the-google-cloud-platform/.
The Feasibility, Benefits, and Costs for Broker-Dealers Reporting Allocations in Primary Market Transactions to the Consolidated Audit Trail (SEC Rule 613(a)(1)(vi))
SEC Rule 613(a)(1)(vi) requires the Participants to assess the feasibility, benefits and costs of broker-dealers reporting to the consolidated audit trail in a timely manner:
The identity of all market participants (including broker-dealers and customers) that are allocated NMS Securities, directly or indirectly, in a Primary Market Transaction;
All observations and costs as provided in this section include secondary offerings.
The number of such NMS Securities each such market participant is allocated; and
The identity of the broker-dealer making each such allocation.
SEC Rule 613(a)(1)(vi).
The objective of this CAT NMS Plan is to provide a comprehensive audit trail that “allows regulators to efficiently and accurately track all activity in NMS securities throughout the U.S. markets.” The Participants believe that an eventual expansion of the CAT to gather complete information on Primary Market Transactions would be beneficial to achieving that objective. However, based on the analysis directed to be completed as part of this plan, the Participants have concluded that it is appropriate to limit CAT submissions related to allocations in Primary Market Transactions to sub-account allocations, as described below.
Specifically, based on comments received by the Participants on this and other topics related to the consolidated audit trail, the Participants believe that information related to sub-account allocations—the allocation of shares in a primary market offering to the accounts that ultimately will own them—currently is maintained by broker-dealers in a manner that would allow for reporting to the Central Repository without unreasonable costs and could assist the Commission and the Participants in their regulatory obligations, including a variety of rulemaking and policy decisions. By contrast, the reporting of so-called “top account” information in Primary Market Transactions to the Central Repository would involve significantly more costs which, when balanced against the marginal benefit, is not justified at this time. These issues are discussed further below.
Questions for Public Comment re the CAT NMS Plan (Apr. 22, 2013), available at http://catnmsplan.com/web/groups/catnms/@catnms/documents/appsupportdocs/p246652.pdf (“April Request for Comment”).
As a preliminary matter, the analysis required pursuant to this section is limited to Primary Market Transactions in NMS Securities that involve allocations. As the Commission has noted, “ `a primary market transaction is any transaction other than a secondary market transaction and refers to any transaction where a person purchases securities in an offering.' ” The Participants understand that Primary Market Transactions generally involve two phases that implicate the allocation of shares. The “book building” phase involves the process “by which underwriters gather and assess investor demand for an offering of securities and seek information important to their determination as to the size and pricing of an issue.” This process may involve road shows to market an offering to potential investors, typically institutional investors, including the discussion of the prospective issuer, and its management and prospects. The book building phase also involves efforts by the underwriter to ascertain indications of interest in purchasing quantities of the underwritten securities at varying prices from potential investors. Using this and other information, the underwriter will then decide how to allocate IPO shares to purchasers. The Participants understand that these are so-called “top account” allocations—allocations to institutional clients or retail broker-dealers, and that such allocations are conditional and may fluctuate until the offering syndicate terminates. Sub-account allocations occur subsequently, and are made by top account institutions and broker-dealers prior to settlement. Sub-account allocations represent the allocation of IPO shares to the actual account receiving the shares and are based on an allocation process that is similar to secondary market transactions.
Adopting Release at 45792 n.792.
See generally, Securities Act Release No. 8565, 70 Fed. Reg. 19672 (Apr. 13, 2005) (Commission guidance regarding prohibited conduct in connection with IPO allocations) (“IPO Allocation Release”).
Id.
See FIF Letter at 4.
Feasibility
In the April 2013 Request for Comment, the Participants requested information on how firms handle Primary Market Transactions. In response to the request, FIF, SIFMA and Thomson Reuters submitted comments explaining current industry practice with respect to Primary Market Transactions. Both SIFMA and FIF noted that broker-dealers generally maintain top account allocation information in book building systems that are separate from their systems for secondary market transactions and that differ across the industry, including the use of applications provided by third parties, in house systems and spreadsheets for small firms. The Participants also understand that the investment banking divisions of broker-dealers typically use different compliance systems than those used for secondary market transactions. The DAG also provided feedback indicating that the impacted systems differ across the industry, given differing processes for Primary Market Transactions depending upon the structure of the deal, and that initial allocations are stored in book-building systems with varying levels of sophistication across the industry, including third-party systems, custom-built systems, and spreadsheets. The Participants thus believe that capturing indications of interest and other information about top account allocations in an accurate and consistent manner across the industry would be challenging.
See FIF Letter; SIFMA Letter; Thomson Reuters (May 21, 2013) (“Thomson Reuters Letter”), available at http://catnmsplan.com/industryFeedback/;;; see also Thomson Reuters Letter, http://catnmsplan.com/industryFeedback/P284396 (systems used for primary market allocations differ from those used for secondary market transactions).
FIF Letter at 4; SIFMA Letter at 3
FIF Letter at 4. The Participants also understand that top account allocation systems do not generally have execution reporting capacity, since reporting of primary market transactions is not currently required under OATS and other transaction reporting systems. SIFMA Letter at 2.
See DAG Cost Estimate for Adding Primary Market Transactions into CAT (Feb. 17, 2015), available at http://catnmsplan.com/industryFeedback/P602480 .
By contrast, the Participants believe that it would be more feasible to gather information relating to sub-account allocations in Primary Market Transactions. The Participants understand that sub-account allocations are received in a manner and level of detail similar to allocations in secondary market transactions, and that the same middle and back office systems that are used for the processing of sub-account allocations for secondary market transactions generally are also used for the sub-account allocations for Primary Market Transactions. Similarly, sub-account allocations for Primary Market Transactions generally are maintained in an electronic format that could be converted into a reportable format acceptable for the CAT System. Therefore, these systems could more easily report information about sub-account allocations to the Central Repository than systems containing information regarding top-account allocations.
FIF Letter at 4.
For example, commenters noted that “firms generally use the same clearance and settlement systems for clearing and settling final allocations in primary market transactions as they do for clearing and settling secondary market trades.” SIFMA Letter at 4.
Benefits
As the Commission notes, data about the final allocations of NMS Securities in Primary Market Transactions could improve compliance monitoring and market analyses by the Commission and the Participants, which, in turn, could help inform rulemaking and other policy decisions. For example, such data could enhance the Commission's understanding of the role of the allocations in the capital formation process, when and how investors receiving allocations sell their Eligible Securities and how allocations differ among broker-dealers. Such data also could assist the Commission and Participants in conducting their respective examinations and investigations related to Primary Market Transactions.
Adopting Release at 45792-93.
Id.
Id.
The Participants believe that most of these potential benefits could be achieved through the gathering of information relating to sub-account allocations rather than top account information. For example, sub-account allocation information would aid the Commission and the Participants in gaining a better understanding of how shares allocated in Primary Market Transactions are sold in the secondary market, or how allocations differ across broker-dealers. By contrast, because top account information of conditional and interim allocations for NMS Securities fluctuates throughout the syndicate process and may vary significantly among firms, the marginal benefits of such information over final sub-account allocations are much less clear.
Costs
The cost of reporting Primary Market Transaction information will depend on the scope of allocation information subject to the rule, as well as the related technology upgrades that would be necessary to report such information to the Central Repository. Based on the response of commenters, the Participants believe that reporting top account information about conditional allocations to the Central Repository would require significant technology enhancements. As noted above, current market practices capture top account allocations using systems and data sources that are different and separate from those used in secondary market transactions. Commenters also noted that there may be significant variability among underwriters in terms of the systems and applications used to gather such data.
The DAG provided cost estimates associated with the reporting of Primary Market Transactions. These estimates indicated that to report both initial and sub-account allocations would cost the industry as a whole at least $234.8 million and require approximately 36 person-months per firm to implement. The DAG's estimate to report sub-account allocations only was approximately $58.7 million for the industry and would require approximately 12 person-months per firm to implement. The DAG commented that given the higher costs associated with reporting initial allocations, if Primary Market Transactions are required to be reported to the Central Repository, that only reporting final sub-account allocations be required.
See supra note 3838.
Based upon an assumption of 12 person-months of business analysis, an implementation timeline of 3x the business analysis timeline, 21.741 person-days per month, a $1,200 daily FTE rate, and a multiplier of 250 to reflect the costs of the 250 largest reporting firms. 12 person-months of analysis * 3 * 21.741 person-days per month * $1,200 daily FTE rate = $939,211 * 250 = $234.8 million.
Based upon an assumption of 3 person-months of business analysis, an implementation timeline of 3x the business analysis timeline, 21.741 person-days per month, a $1,200 daily FTE rate, and a multiplier of 250 to reflect the costs of the 250 largest reporting firms. 3 person-months of analysis * 3 * 21.741 person-days per months * $1,200 daily FTE rate = $234,802 * 250 = $58.7 million.
Based upon this analysis, the Participants are supportive of considering the reporting of Primary Market Transactions, but only at the sub-account level, and will incorporate analysis of this requirement, including how and when to implement such a requirement, into their document outlining how additional Eligible Securities could be reported to the Central Repository, in accordance with SEC Rule 613(i) and Section 6.11 of the Plan.
Analysis of the CAT NMS Plan: These considerations are intended to help inform the Commission about the cost for development, implementation and maintenance of the CAT and to help determine if such plan is in the public interest.
Analysis of Expected Benefits and Estimated Costs for Creating, Implementing, and Maintaining the Consolidated Audit Trail (SEC Rule 613(a)(1)(vii))
The analysis of expected benefits and estimated costs presented here is informed by the Commission's public guidance on conducting economic analysis in conjunction with SEC rulemaking. The analysis begins with a statement of the need for regulatory action, describes the sources of information used in the analysis, and provides a description of the economic baseline used to evaluate the impacts associated with the CAT NMS Plan. The analysis then provides estimates of the costs to build, implement, and maintain the CAT, as contemplated, and ends with a description of the alternatives considered.
See, e.g., Memorandum to File Re: Current Guidance on Economic Analysis in SEC Rulemakings (Mar. 16, 2012), available at http://www.sec.gov/divisions/riskfin/rsfi_guidance_econ_analy_secrulemaking.pdf (outlining foundational elements of regulatory economic analysis).
Need for Regulatory Action
SEC Rule 613 further requires the Participants to consider and discuss in the CAT NMS Plan detailed estimated costs for creating, implementing, and maintaining the CAT as contemplated by the CAT NMS Plan. Specifically, SEC Rule 613 requires that the estimated costs should specify: (1) an estimate of the costs to the Participants in establishing and maintaining the Central Repository; (2) an estimate of the costs to broker-dealers, initially and on an ongoing basis, for reporting the data required by the CAT NMS Plan; (3) an estimate of the costs to the Participants, initially and on an ongoing basis, for reporting the data required by the CAT NMS Plan; and (4) the Participants' proposal to fund the creation, implementation, and maintenance of the CAT, including the proposed allocation of such estimated costs among the Participants and broker-dealers. Set forth below is a discussion of cost estimates, including the studies undertaken to obtain relevant data, as well as the proposed funding model.
Economic Analysis
5. Sources of Cost Information
Participants relied on two primary sources of information to estimate current audit trail costs (i.e., costs associated with the economic baseline), the costs incurred to meet the requirements of SEC Rule 613 for both the Participants and other CAT Reporters and the costs associated with the creation, implementation and maintenance of the CAT. First, to assess the costs associated with Participant and CAT Reporter obligations, Participants solicited study responses from Participants, broker-dealers and third party vendors. These three constituencies are the primary parties with direct costs arising from SEC Rule 613, as discussed further below. Second, to assess the costs associated with creating, implementing and maintaining the CAT, this analysis relies on estimated costs submitted by the Bidders as part of the bidding process.
Studies
Costs to Participants Study
The first study undertaken collected information from the Participants about current audit trail reporting costs under the existing regulatory reporting framework and the potential costs of reporting to the Central Repository (the “Costs to Participants Study”). Respondents were asked to estimate separately hardware, FTE staffing costs, and third party provider costs, where applicable. The study also requested information about costs associated with retiring current regulatory systems that would be rendered redundant by the CAT.
The Costs to Participants Study was distributed to the 19 Participants on August 11, 2014. The initial due date for responses was August 25, 2014; however due to the complexity of the data collection effort, the due date for the study was extended to September 24, 2014. Discussions with respondents suggested that at least some of the costs were more appropriate to measure at the level of the group of Affiliated Participants that hold multiple licenses (“Affiliated Participants Group”). Based on this approach, study results are presented for four Participants holding a single exchange registration and FINRA, which also is a Participant but is a registered securities association, and another five Affiliated Participants Groups representing the remaining fourteen registered exchanges. Subsequent to the filing of the CAT NMS Plan, the Participants determined that additional detail about anticipated costs could be provided to enhance the data collected as part of the Costs to Participants Study and a second data collection was conducted.
Costs to CAT Reporters Study
The study sent to broker-dealers (the “Costs to CAT Reporters Study”) was distributed to 4,406 broker-dealers, and requested estimates for current costs under the existing regulatory reporting framework as well as future costs for reporting to the Central Repository. Broker-dealer respondents were asked to estimate the future costs to report to the Central Repository under two separate scenarios. Approach 1 described a scenario in which broker-dealers would submit data to the Central Repository using their choice of existing industry messaging protocols, such as the FIX protocol. Approach 2 provided a scenario in which broker-dealers would submit data to the Central Repository using a defined or specified format, such as an augmented version of OATS. For each approach, respondents were asked to estimate separately hardware, FTE staffing costs, and third party provider costs, where applicable. Finally, broker-dealers were requested to provide the cost of retirement of existing systems to be replaced by the CAT.
A unique study link was distributed to 4,406 broker-dealers. For 381 of the broker-dealers, the distribution email either was undeliverable or the broker-dealer responded that the study did not apply to them.
See SEC Rule 613—Consolidated Audit Trail (CAT) Cost Study Overview and Assumptions, available at http://catnmsplan.com/web/groups/catnms/@catnms/documents/appsupportdocs/p535485.pdf .
The development of the Costs to CAT Reporters Study took place over two months, starting in May 2014, and included detailed discussions with the DAG. The Participants developed an initial outline of questions based on the requirements in SEC Rule 613, as well as a detailed assumptions document. To make the Costs to CAT Reporters Study effective and informative, the Participants spent two months formulating the Costs to CAT Reporters Study with detailed input from the DAG. The initial draft of the Costs to CAT Reporters Study was presented to the DAG in May 2014, and was discussed in two additional meetings with the DAG until mid-June 2014. In addition, on June 4, 2014, the Participants received and subsequently incorporated detailed written feedback from DAG members on the Costs to CAT Reporters Study and associated assumptions document.
See Past Events and Announcements, SROs Launch Study to Analyze Implementation Cost of the Consolidated Audit Trail (last updated Dec. 10, 2014), available at http://catnmsplan.com/PastEvents/ .
The study link was sent on June 23, 2014, to the compliance contact at each recipient CAT Reporter identified by the applicable designated examining authority or designated options examining authority to receive regulatory update and information requests. The initial due date for the study was August 6, 2014. On June 25, 2014 and July 9, 2014, the Participants hosted a webinar to review the materials associated with the Costs to CAT Reporters Study, and to answer any questions from the CAT Reporters. On July 17, 2014, July 30, 2014, and August 4, 2014, reminders were sent to the CAT Reporters to submit their final responses to the Costs to CAT Reporters Study by August 6, 2014. In addition, the Participants requested that industry associations that are part of the DAG encourage their members to respond to the Costs to CAT Reporters Study.
See SEC Rule 613: Consolidated Audit Trail (CAT), SRO Hosted Consolidated Audit Trail Cost Study Webinar (July 9, 2014), available at http://catnmsplan.com/PastEvents/P551992 .
On August 6, 2014, the first extension was granted for the Costs to CAT Reporters Study, extending the due date to August 20, 2014. On August 20, 2014, an additional extension was granted, extending the due date to September 3, 2014.
During the process of collecting responses to the Costs to CAT Reporters Study, CAT Reporters were informed that all responses were captured on an anonymous basis and would only be reported to the Participants in an aggregated, anonymous format. The third party facilitator of the Costs to CAT Reporters Study reviewed all responses received through the study portal. Study respondents had the option of identifying their firm should additional follow-up be required; any such follow-up was undertaken by the third-party facilitator, as necessary, to enhance the overall quality of responses received.
The Participants received 422 responses. Of those responses, 180 were deemed to be materially incomplete and, thus, they were considered effectively nonresponsive. An additional 75 responses were determined to be clearly erroneous; for example the responses had repeating values that could not be used in analysis, or the magnitude of reported FTEs or other costs was so high as to be considered an outlier . As a result, the Participants excluded these incomplete and clearly erroneous responses from the data set, resulting in a population of 167 responses that was used for purposes of conducting the cost analysis described herein.
Materially incomplete responses were those that provided responses for less than half of the cost-related questions.
Responses were outliers if their values were two times greater than the next highest value.
Costs to Vendors Study
A study requested information from various service providers and vendors about the potential costs of reporting to the Central Repository (the “Costs to Vendors Study”). The Participants developed the content of the Costs to Vendors Study, based on the structure and content of the Costs to CAT Reporters Study. The distribution list for the Costs to Vendors Study was provided by the DAG, and was distributed to 13 service bureaus and technology vendors on August 13, 2014. The initial due date for responses was September 1, 2014; however, due to the complexity of the data collection effort, the due date for the study was extended to September 12, 2014. The Participants received five completed responses to the Costs to Vendors Study.
Bidder Estimates
To estimate the costs to Participants for creating, implementing and maintaining the CAT, Bidders were asked to provide in their Bid documents total one-year and annual recurring cost estimates. As part of the RFP process, the Bidders were asked to provide a schedule of the anticipated total cost of creating, implementing and maintaining the CAT. As noted above in the Background Section of Appendix C, any one of the six Shortlisted Bidders could be selected as the Plan Processor and each Shortlisted Bidder has proposed different approaches to various issues. The Bidder selected as the Plan Processor must meet the specific requirements set forth in the Plan and Appendix D and may be given the opportunity to revise its Bid prior to the final selection of a Plan Processor. Accordingly, the Participants anticipate that the cost estimates to create, implement and maintain the CAT may differ from what is set forth below.
Section 5.2(b) of the CAT NMS Plan describes how the Participants selected the Shortlisted Bidders.
More specifically, Participants anticipate that technology costs and technological solutions may evolve over the bidding process and may affect the Bids. For instance, one Bidder recently provided an update to the Participants, noting “We expect continued cost reductions as Moore's Law is applied to cloud pricing and to have this bring down total cost to the industry on an ongoing basis.” As another example, evolving technologies for data security may either increase or decrease estimated costs.
In its final rule for the Consolidated Audit Trail, the Commission amended its proposal to include enhanced security and privacy requirements. Specifically, SEC Rule 613(e)(4) requires the NMS Plan to include policies and procedures, including standards, to be used by the Plan Processor to ensure the security and confidentiality of all information reported to the Central Repository. Participants did not ask Bidders to separately assess the costs associated with the enhanced security requirements in SEC Rule 613; rather these costs were embedded in the Bids as a component of the total costs.
The RFP requested that Bidders provide an estimate of the total one-time cost to build the CAT, including technological, operational, administrative, and any other material costs. The six Shortlisted Bidders provided estimates ranging from a low of $30,000,000 to a high of $91,600,000, with an average one-time cost of $53,000,000.
Due to the complexity of the cost estimation effort, all figures provided in this analysis section have been rounded to a reasonable degree of accuracy and should be considered approximate.
The RFP also requested that Bidders provide an estimate of annual recurring operating and maintenance costs for the five year period following the selection of the Plan Processor, and an estimate of the annual peak year costs (i.e., cost for the year during which it will cost the most to operate the CAT). The six Shortlisted Bidders provided estimates ranging from a low of $135,000,000 to a high of $465,100,000 over the course of the first five years of operation, with an average five-year cost of $255,600,000 and an average annual cost of $51,100,000. Estimates of peak year recurring costs range from a low of $27,000,000 to a high of $109,800,000, with an average of $59,400,000. The table presented below reports the low, median, average, and maximum expected costs for the build, maintenance, and peak year maintenance of the Central Repository arising from the Shortlisted Bids. These figures are subject to change as Bidders may update their cost estimates.
Bidder Estimates Summary
Minimum | Median | Mean | Maximum | |
---|---|---|---|---|
Build Costs (One-time) | $30,000,000 | $46,100,000 | $53,000,000 | $91,600,000 |
Maintenance Costs (Annual) | $27,000,000 | $42,200,000 | $51,100,000 | $93,000,000 |
Maintenance Costs (5 year) | $135,000,000 | $211,200,000 | $255,600,000 | $465,100,000 |
Peak Year Maintenance | $27,000,000 | $52,400,000 | $59,400,000 | $109,800,000 |
The Participants note, however, that there may be a relation between the initial construction costs and maintenance costs based on technological choices, among other factors. To better compare estimates, the Participants are providing a range based on the reported combined build and annual recurring costs for the five year period following Plan Processor selection, discounted by a factor of 2%. Estimates of total costs range from $159,800,000 to $538,700,000.
The discount factor represents an estimate of the average yield on AAA-rated corporate debt for the month period August 28, 2014 to September 27, 2014. Costs anticipated to be accrued after the first year (years 2 through 5) are discounted back to the first year to permit Participants to compare the anticipated costs associated with different Bids on a constant dollar basis.
Participants sought insight into the economic drivers of the cost estimates from the Shortlisted Bidders. Specifically, Participants asked each Shortlisted Bidder to identify the factors, such as the amount of message traffic, complexity of order life cycles, number and complexity of Participant and Commission data requests and administration and support costs that were material to its Bid. Bidders identified the following as primary drivers of their Bid costs: (1) reportable volumes of data ingested into the Central Repository; (2) number of technical environments that would be have to be built to report to the Central Repository; (3) likely future rate of increase of reportable volumes; (4) data archival requirements; and (5) user support and/or help desk resource requirements.
Bidders indicated that user support costs primarily consisted of FTE costs.
6. Economic Baseline
In publishing SEC Rule 613, the Commission stated that it “believes that the regulatory infrastructure on which the Participants and the Commission currently must rely generally is outdated and inadequate to effectively oversee a complex, dispersed, and highly automated national market system.” The purpose of the CAT NMS Plan is to develop, build and maintain a system that provides an infrastructure to appropriately monitor, surveil and oversee the national market system in its current state and provide sufficient flexibility to reasonably adjust for future financial market innovations.
Adopting Release at 45723.
Such a system will necessarily impact the Commission, Participants, potential future Participant entrants, broker-dealers and other market participants, issuers and investors. Each party may derive costs, benefits and other economic impacts, depending upon plan implementation, the relevant economic activities of each entity and the allocation of costs and responsibilities across those entities. These estimated costs, benefits, and other economic impacts must be assessed against the current economic baseline, capturing the existing state of regulatory audit trail activity in the markets. The economic baseline for different affected parties is described in greater detail below.
Description of Current Audit Trail Reporting
Currently, separate audit trails exist within each exchange in addition to the audit trail requirements for FINRA members to report to OATS. For equities, all broker-dealers that are members of FINRA must report their orders in NMS Stocks and OTC Equity Securities, including executions or cancellations, to OATS. Accordingly, for FINRA members, it is possible to match OATS reports to related exchange audit trail entries, provided that the related exchange has a regulatory services agreement with FINRA such that FINRA has access to the exchange data. Broker-dealers that are not FINRA members do not have a regular equity audit trail reporting requirement, although NYSE and NASDAQ member proprietary firms that are not FINRA members have an obligation to record OATS data and report to FINRA upon request. Additionally, each exchange creates its own audit trail for each order received that it receives and processes.
See FINRA Rule 7410 et seq.
For options, the options exchanges utilize the Consolidated Options Audit Trail System (“COATS”) to obtain and review information on options transactions. COATS data includes trades, the National Best Bid and National Best Offer at the time of the trade and clearing information for customers at the clearing firm level. It also identifies clearing firm proprietary trading and individual marker maker transactions if they are reported correctly at the time of the trade. However, COATS does not include adjustment data from the Options Clearing Corporation; these adjustments include changes to either the account type or size of the position. Additionally, order information is only available to the Commission upon request from the options exchanges. Currently reports need to be constructed based on order information received from the various options exchanges. As previously noted, only the National Best Bid and National Best Offer at the time of the trade is included in the COATS data; however, this is optional data that the exchanges may or may not provide. The options exchanges utilize their independent quote information to build their reports.
In sum, each equities and options exchange is built on its own unique platform, utilizes unique entry protocols and requirements and thus creates uniquely formatted audit trails.
The existence of multiple non-integrated audit trails has direct consequences on the accuracy and efficiency of regulatory oversight. The Commission has stated that:
. . . there are shortcomings in the completeness, accuracy, accessibility, and timeliness of these existing audit trail systems. Some of these shortcomings are a result of the disparate nature of the systems, which make it impractical, for example, to follow orders through their entire lifecycle as they may be routed, aggregated, re-routed, and disaggregated across multiple markets. The lack of key information in the audit trails that would be useful for regulatory oversight, such as the identity of the customers who originate orders, or even the fact that two sets of orders may have been originated by the same customer, is another shortcoming.
Adopting Release at 45722.
In addition, the Intermarket Surveillance Group's (“ISG”) consolidated equity audit trail combines transaction data from all exchanges and is used by all Participants for surveillance purposes. However, the ISG audit trail is limited because it contains clearing member and executing broker's CRD numbers, but does not contain information about the beneficial owner to a trade. It also does not contain order detail information such as a complete order entry time or routing history.
COATS and the ISG equity audit trails are utilized to generate various option cross market/cross product exception reports, such as front-running and anticipatory hedges. Since the current data is unable to drill down to beneficial owner or order information, these reports are less effective and produce a large number of false positives.
Costs, Benefits, and Other Economic Impacts of Audit Trail Reporting on Regulators and Market Participants
Participants
There are 19 Participants of varying sizes that have established audit trail reporting requirements for NMS Securities. Of these, one is a registered securities association. The other 18 Participants are exchanges. Fourteen of these exchanges permit quotation and transactions in NMS Securities and 12 permit transactions and quotations in Listed Options.
Participants expend resources currently to maintain and update their audit trail reporting systems. Costs for current surveillance programs as indicated by Participants responding to the Costs to Participants Study vary significantly, reflecting the various sizes of Participants: total annual costs associated with meeting current regulatory requirements are estimated to be $6,900,000. Total annual costs for current surveillance programs for all Participants are $147,200,000.
Broker-Dealers
Broker-dealers benefit from the current regime of audit trail reporting to the extent that reporting today permits the Commission and Participants to monitor for rule compliance. Effective regulatory and compliance oversight ensures increased market integrity and supports investor confidence in participating in financial markets. Conversely, if investors believe that regulators are unable to adequately and effectively monitor activities in a complex market (through current audit trail reporting), broker-dealers bear some of the cost in the form of lower market activity.
Broker-dealers that are FINRA members must have systems and processes in place to provide FINRA with the reportable data in the required format. These systems also require resources to ensure that data quality and consistency and timeliness of reporting are maintained, and record-keeping obligations are fulfilled. Additionally, firm trading and order routing systems send orders and quotations to each exchange in the format required by such exchange. In turn, each exchange must store and convert the data for the purposes of creating internal exchange audit trails. Broker-dealers also commit staff to respond to Participant and Commission requests for additional data and related information based upon surveillance.
See, e.g., SEC Rules 17a-3, 17a-4; FINRA Rules 4511-13.
Broker-dealers may take varied approaches to fulfilling their regulatory reporting obligations. For instance, many broker-dealers develop internal systems for the purpose of compiling order and trading data into a reportable format. In these instances, the firms may need to centralize varied and disparate systems. Other broker-dealers typically use third parties to help them comply with their reporting obligations. These third parties may include service bureaus that provide the firms with order management systems. Firms may also contract with their clearing firms to package and submit order data files on their behalf.
Some broker-dealers that are FINRA members may be exempt from OATS reporting, or are excluded under FINRA rules from OATS requirements. Exempt firms go through a formal exemption request process through which they certify that they meet the exemption criteria which includes: (1) the member firm has total annual revenue of less than $2,000,000; (2) the member firm and current control affiliates and associated persons of the member have not been subject within the last five years to any final disciplinary action, and within the last 10 years to any disciplinary action involving fraud; (3) the member does not conduct any clearing or carrying activities for other firms; (4) the member does not conduct any market making activities in NMS Stocks and OTC Equity Securities; and (5) the member does not execute principal transactions with its customers. FINRA also excludes some members from the definition of a reporting member. The criteria to receive this exclusion include: (1) the member must engage in a non-discretionary order routing process where the firm immediately routes all of its orders to a single receiving reporting member; (2) the member cannot direct or maintain control over subsequent routing or execution by the receiving reporting member; (3) the receiving reporting member must record and report all information under applicable FINRA rules; and (4) the member must have a written agreement with the receiving reporting member specifying the respective functions and responsibilities of each party. Approximately 660 broker-dealers are either exempt or excluded from OATS requirements, but will be required to report to the Central Repository. These broker-dealers are included in the estimate of broker-dealers currently quoting or executing trades in NMS Securities and/or Listed Options.
See FINRA Rule 7470.
See FINRA Rule 7410(o).
Additionally, the OATS rules do not require that proprietary orders generated in the normal course of market-making be reported. While some firms have chosen to voluntarily report such orders, there may be current gaps in the audit trail.
See FINRA Rule 7410(j).
Broker-dealers that are members of other Participants must also have systems and processes in place to provide the necessary reportable data in the required format. These systems also require resources to ensure data quality and consistency, timeliness of reporting, and record-keeping obligations. Broker-dealers that are members of more than one Participant must maintain and manage systems that provide the relevant audit trail data to each Participant for which they have an obligation to report such data, in the manner and by the rules proscribed by each Participant, as applicable.
See, e.g., SEC Rules 17a-3, 17a-4; FINRA Rules 4511-13.
Upon request, broker-dealers must submit Electronic Blue Sheet (“EBS”) data to the requesting Participant by the specified due date, which is generally ten business days after receipt of the initial request. An EBS request is made by product and trade date range, with the data providing detailed information about the underlying accounts that transacted in the requested security. EBS requests can only be made for settled transactions in equity, option, or fixed income products, and they include information on allocations and executions of the requested product and may cover a time period of up to seven years from the date requested. Large Trader Reports are similar to EBS reports, except they are requested only by the Commission. Large trader requests may only be requested for NMS Securities, which may include unsettled transactions. In addition to requests being made by security and trade date range, a Large Trader request may be made by a LTID and trade date range. An LTID is an SEC identifier used to identify related entities under the same beneficial ownership structure. Broker-dealers must have systems and processes in place to provide EBS or large trader reportable data in the required format. These systems require resources to ensure that the data quality and timeliness of reporting are maintained, and record-keeping obligations are met. As with OATS, broker-dealers must commit staff to respond to requests for EBS or large trader data and may take varied approaches to fulfilling their regulatory reporting obligations.
PHLX Rule 1022 initially required members to submit specified data to PHLX for all accounts, however this rule was amended in May 2014 to more closely mirror NYSE Rule 757, ARCA Rule 6.39, and CBOE Rule 8.9, and to only require broker-dealers to report data for all of the accounts for which they engage in trading activities or which they exercise investment discretion upon request, rather than on a continuing basis. PHLX Rule 1022 was in place prior to the existence of the compliance data files from ISG (COATS and ECAT) and OCC (position). The remaining requirement for members to provide data upon request is to enable a review if required for regulatory purposes. PHLX Rule 1022 is anticipated to be retired once all CAT Reporters are submitting data to the CAT as the information would be obtainable from CAT, rather than from Industry Members.
CBOE Rule 8.9(b) requires clearing firms to submit, on a daily basis and in a manner prescribed by CBOE, every executed order entered by market makers for securities underlying options traded on CBOE or convertible into such securities or for securities traded on CBOE, as well as for opening and closing positions in all such securities held in each market maker account. To the extent that clearing firms do not report such orders and information, the market maker who entered the order is responsible for reporting the order information. These data files are commonly known as Market Maker Equity Trade (MMET) and Market Maker Stock Position (MMSTK) files. The CBOE daily reporting requirement for market makers is comparable to other option exchange reporting requirements. CBOE Rule 8.9(b) is anticipated to be amended once all CAT Reporters are submitting data to the CAT as the information would be obtainable from CAT rather than from Industry Members.
As of June 30, 2014, there were 4,406 registered broker-dealers that were members of at least one Participant. The Participants determined that, as of July 31, 2014, approximately 1,800 of these registered broker-dealers quoted or executed transactions in NMS Securities, Listed Options or OTC Equity Securities. Of these 1,800 broker-dealers, approximately 1,700 are FINRA members and are either reporting to OATS or were identified as routing firms in OATS reports submitted by other OATS reporting broker-dealers, but are otherwise excluded from the definition of an OATS reporting member or exempt from the OATS rules. In addition, there are an estimated 100 broker-dealers that reported transactions to another SRO, but that are not FINRA members. This determination was made through a review of the number of broker-dealers that transmitted order information to OATS, reported transaction information or quoted messages to a Participant for each month, over the previous 18 months. The Participants also reviewed message traffic data in the same month in the prior year and found that July 2014 was a reasonable representation of such activity.
Cost components considered in this process included technology costs (hardware/software costs), FTE costs (including, technology, operational, and compliance staffing requirements), and any outsourcing costs. The study also contained questions related to current costs that are intended to capture the baseline costs to broker-dealers for regulatory reporting, including costs related to compliance with OATS, the EBS and Large Trader reporting, and other reporting requirements, such as NYSE Rule 410B, PHLX Rule 1022, FESC/NYSE Rule123(e)/(f), and CBOE Rule 8.9.
These costs are not mutually exclusive, and respondents may have included a combination of costs across all categories.
Description of Costs to CAT Reporters Study Results
Of the 167 responses to the Costs to CAT Reporters Study used in the analysis of costs associated with reporting to the Central Repository, 49 were from large firms and 118 were from small firms. Fifty-one respondents indicated that they have OATS reporting obligations and 116 respondents stated that they do not currently have OATS reporting obligations. Of these 51 OATS reporters, 21 were large and 30 were small broker-dealers, with one firm completing all reporting using in-house staffing, 26% using a combination of in-house staffing and outsourcing, 44% of firms outsourcing to clearing firms, and the remaining 26% outsourcing their reporting to service bureaus. Of the remaining 116 broker-dealers, self-identified as non-OATS reporters, 28 were large and 88 were small. Figures for each respondent category have been provided for reference to support the cost analysis and include the average, median, minimum, maximum, and number of responses received equal to zero (0) or blank.
Firms were requested to self-select as “small” if they would qualify under Exchange Act Rule 0-10(c) as a broker or dealer that:
(1) had total capital (net worth plus subordinated liabilities) of less than $500,000 on the date in the prior fiscal year as of which its audited financial statements were prepared pursuant to 240.17a5(d) or, if not required to file such statements, a broker or dealer that had total capital (net worth plus subordinated liabilities) of less than $500,000 on the last business day of the preceding fiscal year (or in the time that it has been in business, if shorter); and
(2) is not affiliated with any Person (other than a natural Person) that is not a small business or small organization as defined in this section.
Participants recognize that 116 respondents stated that they do not currently report to OATS and this number is greater than the Participants' estimate of the total number of broker-dealers with reporting obligations to SROs other than FINRA. Participants assume that some broker-dealers who are FINRA members and currently exempt or excluded from OATS reporting requirements identified themselves as having no OATS reporting requirement. Given that these study responses provided data that could not otherwise be presumed to be incomplete or inaccurate, the Participants have chosen to include these responses in the analysis.
The distinction between cost estimates for OATS and non-OATS reporters is being made so that Participants may assess potential differences in estimated costs across the two identified scenarios in order to capture potential differences in costs that might arise from current reporting practices.
The distinction between cost estimates for OATS and non-OATS reporters is made so that Plan Participants may assess potential differences in estimated costs across the two identified scenarios in order to capture potential differences in costs that may arise from current reporting practices.
Some respondents provided no response to a specific question, i.e., left that response blank, while providing responses to the other questions in the study. The tables provided throughout this section provide a count of such blank responses for each question.
In analyzing responses to the Costs to CAT Reporters Study, Participants found responses to specific questions to be outliers. However, if the overall response from that respondent was otherwise deemed to be reasonably complete, the response was included in the analysis. As a result, in some cases, this may result in averages or medians being higher or lower than may be expected. In addition, a significant number of firms, in particular large firms, indicated that their current cost for regulatory obligations is $0. It is the Participants' understanding that this is likely due to current operational practices among broker-dealers that do not differentiate between technology and headcount costs that support business functionality and regulatory reporting.
Tables 1 and 2 describe the costs associated with current regulatory reporting requirements. Current costs for study respondents consisted of hardware/software costs, FTE costs consisting of development/maintenance, operational, and compliance staffing as well as third party outsourcing costs. Current average (median) hardware/software costs for the 49 large firms were equal to $310,000 ($0) and the 118 small firms were equal to $130,000 ($0).
Large firms reported that they employ an average (median) of 9.56 (0.00) FTEs for OATS, EBS and other regulatory reporting requirements, while small firms employed 2.36 (0.00) FTEs for the same reporting requirements. Participants estimate the dollar costs associated with these FTEs by applying an annual expenditure of $401,440 per FTE to determine cost. The resulting average (median) FTE costs were equal to $3,800,000 ($0) for the 49 large firms and $950,000 ($0) for the 118 small firms.
Participants assume an annual cost per FTE of $401,440, consistent with the rate applied by the Commission in the Adopting Release. Participants do note, however, that as part of the Costs to CAT Reporters Study, respondents were solicited to provide a cost for FTEs. Based on responses, the estimated annual cost per FTE would be $210,000 for large firms and $167,000 for small firms. Applying these estimates instead of the Commission's assumed annual cost would lead to dollar costs for FTEs on the order of half as large as reported here.
Third party/outsourcing costs were also varied by firm size. Average (median) third party/outsourcing costs for large firms was $180,000 ($0) and $130,000 ($0) for small firms.
One anonymous small firm in the sample reported a total current regulatory reporting cost of $14 million. The Participants are not in a position to verify this number or determine whether it is due to an erroneous response (e.g., the respondent may not have recognized that the study collected responses to the cost questions in $1,000 increments). Therefore, Participants believe median numbers might better represent the typical costs across large and small firms instead of reported averages.
Based on the costs associated with current regulatory reporting requirements, large firms provided an average cost of $4,290,000, and small firms reported an average cost of $1,210,000 for current reporting costs, with a median estimate of $0 for both large and small firms.
Table 1—Current Costs: Large Respondents Summary (49 Firms)
Hardware/ software | FTE counts | FTE costs | Third party/outsourcing | |
---|---|---|---|---|
Average | $310,000 | 9.56 | $3,800,000 | $180,000 |
Median | $0 | 0.00 | $0 | $0 |
Minimum | $0 | 0.00 | $0 | $0 |
Minimum (non-zero) | $1,000 | 0.13 | $52,000 | $1,000 |
Maximum | $6,000,000 | 190.00 | $76,300,000 | $6,000,000 |
Count of Zero Responses | 31 | 25 | 25 | 36 |
Count of Blank Responses | 0 | 0 | 0 | 0 |
Table 2—Current Costs: Small Respondents Summary (118 Firms)
Hardware/ software | FTE counts | FTE costs | Third party/outsourcing | |
---|---|---|---|---|
Average | $130,000 | 2.36 | $950,000 | $130,000 |
Median | $0 | 0.00 | $0 | $0 |
Minimum | $0 | 0.00 | $0 | $0 |
Minimum (non-zero) | $1,000 | 0.15 | $60,000 | $1,000 |
Maximum | $14,000,000 | 68.00 | $27,300,000 | $6,500,000 |
Count of Zero Responses | 96 | 89 | 89 | 93 |
Count of Blank Responses | 0 | 0 | 0 | 0 |
Tables 3 to 6 describe the current regulatory costs for respondents who identified themselves as having OATS reporting obligations versus those that do not (referred to as non-OATS). For the 21 large OATS reporters, current hardware/software costs averaged $720,000, with a median cost of $10,000, while the 28 large non-OATS reporters reported an average hardware/software cost of $2,600, with a median cost of $0. For the 30 small OATS reporters, current hardware/software costs averaged $490,000, with a median value of $3,000, with the 88 small non-OATS reporters reporting an average hardware/software cost of $900 and a median cost of $0.
Large OATS reporters stated they required, on average, 17.88 FTEs, with a median value of 7.00 FTEs. Applying the FTE rate described above, this translates into an average FTE cost of $7,200,000, and a median value of $2,800,000. Large non-OATS reporters indicated an average FTE requirement of 3.32 and a median requirement of 0.00, translating into an average cost of $1,300,000 and a median cost of $0. On the other side of the spectrum, small OATS reporters stated they required, on average, 6.11 FTEs, with a median value of 3.50 FTEs. Applying the FTE rate described previously, this translates into an average FTE cost of $2,500,000, and a median value of $1,400,000. Small non-OATS reporters indicated average FTE requirements of 1.08 and a median requirement of 0.00, translating into an average cost of $430,000 and median cost of $0.
Third party/outsourcing costs for Large OATS reporters averaged $400,000, with a median value of $0; large non-OATS reporters indicated average third party/outsourcing costs of $22,000, with a median value of $0. For small OATS reporters, third party/outsourcing costs averaged $510,000 with a median value of $3,000; small non-OATS reporters provided average costs of $2,900, with median costs of $0.
Based on the cost estimates above, large OATS reporters estimated an average (median) cost equal to $8,320,000 ($2,810,000) while large non-OATS respondents estimated an average (median) cost equal to $1,324,600 ($0). Small OATS reporters estimated an average (median) cost equal to $3,500,000 ($1,406,000) while small non-OATS respondents estimated an average (median) cost equal to $433,800 ($0).
Table 3—Current Costs: Large OATS Respondents Summary (21 Firms)
Hardware/ software | FTE counts | FTE costs | Third party/outsourcing | |
---|---|---|---|---|
Average | $720,000 | 17.88 | $7,200,000 | $400,000 |
Median | $10,000 | 7.00 | $2,800,000 | $0 |
Minimum | $0 | 0.00 | $0 | $0 |
Minimum (non-zero) | $1,000 | 0.13 | $52,000 | $1,000 |
Maximum | $6,000,000 | 190.00 | $76,300,000 | $6,000,000 |
Count of Zero Responses | 6 | 2 | 2 | 11 |
Count of Blank Responses | 0 | 0 | 0 | 0 |
Table 4—Current Costs: Large Non-OATS Respondents Summary (28 Firms)
Hardware/ software | FTE counts | FTE costs | Third party/outsourcing | |
---|---|---|---|---|
Average | $2,600 | 3.32 | $1,300,000 | $22,000 |
Median | $0 | 0.00 | $0 | $0 |
Minimum | $0 | 0.00 | $0 | $0 |
Minimum (non-zero) | $5,000 | 1.00 | $400,000 | $60,000 |
Maximum | $50,000 | 60.00 | $24,100,000 | $300,000 |
Count of Zero Responses | 25 | 23 | 23 | 25 |
Count of Blank Responses | 0 | 0 | 0 | 0 |
Table 5—Current Costs: Small OATS Respondents Summary (30 Firms)
Hardware/ software | FTE counts | FTE costs | Third party/outsourcing | |
---|---|---|---|---|
Average | $490,000 | 6.11 | $2,500,000 | $510,000 |
Median | $3,000 | 3.50 | $1,400,000 | $3,000 |
Minimum | $0 | 0.00 | $0 | $0 |
Minimum (non-zero) | $1,000 | 0.15 | $60,000 | $1,000 |
Maximum | $14,000,000 | 29.00 | $11,600,000 | $6,500,000 |
Count of Zero Responses | 11 | 6 | 6 | 8 |
Count of Blank Responses | 0 | 0 | 0 | 0 |
Table 6—Current Costs: Small Non-OATS Respondents Summary (88 Firms)
Hardware/ software | FTE counts | FTE costs | Third party/outsourcing | |
---|---|---|---|---|
Average | $900 | 1.08 | $430,000 | $2,900 |
Median | $0 | 0.00 | $0 | $0 |
Minimum | $0 | 0.00 | $0 | $0 |
Minimum (non-zero) | $3,000 | 3.00 | $1,200,000 | $3,000 |
Maximum | $72,000 | 68.00 | $27,300,000 | $220,000 |
Count of Zero Responses | 85 | 83 | 83 | 85 |
Count of Blank Responses | 0 | 0 | 0 | 0 |
To understand the current costs associated with regulatory reporting and estimate the direct costs associated with the CAT NMS Plan, the Participants also conducted the Costs to Vendors Study. CAT Reporters may currently rely on third-parties to provide key services necessary to meet the reporting obligations. Smaller broker-dealers may rely wholly or in part on third-party providers for the infrastructure to manage and maintain their electronic records, including all of the data required for audit trail reporting. Larger broker-dealers and Participants may augment their own internal IT capacity and capabilities by purchasing the services of one or more third-party vendor. As a result, it is important to understand the current reporting cost as well as the likely impact of SEC Rule 613 on these vendors and to include them in the estimate of aggregate economic impacts.
The Participants received five completed responses to the Costs to Vendors Study. One of the respondents indicated that the vendor did not currently have any reporting expenses on behalf of its clients and did not expect to face any costs under the CAT. Of the remaining responses, three respondents supported more than 100 clients, and one supported between 50 and 99 clients. Two of the respondents supported up to 25 million accounts, and two supported up to 50 million accounts. Two of the respondents serviced clients with institutional and retail businesses, while the remaining two supported clients with institutional businesses only.
For equity order reporting, two respondents indicated that they process up to 1 million equity orders per day on behalf of their clients, and two respondents indicated that they process up to 2 million equity orders per day on behalf of their clients. For options order reporting, three respondents indicated that they report up to 1 million options orders per day on behalf of their clients, and one respondent indicated that it reports up to 2 million options orders per day on behalf of its clients. All four respondents indicated that they report between 3 million and 100 million OATS reportable order events per day on behalf of their clients. Three of the four respondents submitted EBS reports for their clients, with two submitting up to 200 responses per month and one submitting up to 400 responses per month.
See FINRA, OATS Frequently Asked Questions at D8 (last updated July 6, 1998), available at http://www.finra.org/Industry/Compliance/MarketTransparency/OATS/FAQ/P085541 .
Reported costs for current regulatory reporting for vendors varied widely across both dollar costs and FTE requirements. Each respondent provided an FTE rate associated with their FTE requirements; therefore, FTE costs for the vendors are reported using rates provided by each respondent. Dollar costs for hardware and software ranged from $50,000 to $15,000,000, and FTE requirements (cost) ranged from 11 ($2,700,000) to 92 ($8,600,000). While the respondent with the largest number of clients reported the highest costs, costs did not always correlate uniformly with the number of clients for other firms.
7. Estimated Costs, Benefits, and Other Economic Impacts of the CAT NMS Plan on Affected Parties
As required by SEC Rule 613(a)(1)(vii), this section provides detailed estimated costs for creating, implementing, and maintaining the CAT, specifying (1) an estimate of the costs to Participants for establishing and maintaining the CAT; (2) an estimate of the costs to members of the Participants, initially and on an ongoing basis, for reporting the data required by the CAT NMS Plan; (3) an estimate of the costs to the Participants, initially and on an ongoing basis, for reporting the data required by the CAT NMS Plan; and (4) the Participants' proposal to fund the creation, implementation, and maintenance of the CAT, including the proposed allocation of such estimated costs among the Participants, and between the Participants and members of the Participants. The Participants are sensitive to the economic impacts of SEC Rule 613. Throughout the development of the CAT NMS Plan, the Participants have continued to focus on minimizing the costs associated with the CAT. The Participants note that the figures presented in this analysis are estimates based on research completed and currently available data and are inherently subject to uncertainties.
Through the RFP, review of proposals received, and interaction with industry, the Participants have identified the sources of the costs associated with the CAT NMS Plan. These include direct costs associated with creating, implementing and maintaining the CAT necessary to meet the requirements of the CAT NMS Plan. There are also direct costs associated with developing and adapting applicable CAT Reporter systems to meet the requirements of the CAT NMS Plan and comply with the Plan on an ongoing basis. Additionally, Participants and broker-dealers may incur direct costs associated with the retirement of redundant reporting systems, although there may also be significant savings to broker-dealers associated with retiring those systems over time.
In order to meet the responsibilities outlined in SEC Rule 613, the Participants have accrued, and will continue to accrue, direct costs associated with the development of the CAT NMS Plan. These costs include staff time contributed by each Participant to, among other things, determine the technological requirements for the Central Repository, develop the RFP, evaluate Bids received, design and collect the data necessary to evaluate costs and other economic impacts, meet with Industry Members to solicit feedback, and complete the CAT NMS Plan submitted to the Commission for consideration. The Participants estimate that they have collectively contributed 20 FTEs in the first 30 months of the CAT NMS Plan development process. In addition, the Participants have incurred public relations, legal, and consulting costs in the preparation of the CAT NMS Plan. The Participants estimate the costs of these services to be $8,800,000. These public relations, legal, and consulting costs are considered reasonably associated with creating, implementing, and maintaining the CAT upon the Commission's adoption of the CAT NMS Plan.
Given the size and scope of the CAT initiative, estimating the costs of the creation, implementation and maintenance of the CAT is a complex task, and one that necessarily relies on input from parties not directly charged under SEC Rule 613 with the responsibility to create and file the CAT NMS Plan. In light of this, the Participants have used a multi-pronged approach to assess the potential costs of the CAT. Among other things, the Participants have evaluated the many cost-related comments received in response to the Commission's rule proposal for SEC Rule 613 and during the CAT NMS Plan development process. In addition, the Participants have considered cost analyses and considerations provided by Bidders as well as the views and related information provided by the DAG and written feedback from the SIFMA and the FIF.
The economic baseline against which the potential costs and benefits of the CAT must be compared are discussed above in Section B(7)(b)(ii). The potential impacts and estimated costs of the CAT are discussed separately below, presenting study results where applicable.
Investors
Approximately 52% of Americans hold individual stocks, stock mutual funds or stocks through their retirement plan, and the retail options industry continues to grow.
See Hibah Yousuf, Only Half of All Americans Invested in Stocks, CNN Money (May 9, 2014), http://money.cnn.com/2013/05/09/investing/american-stock-ownership/ (includes Gallup Poll results).
See, e.g., Andy Nybo, The Retail Options Renaissance, TABB Forum (Jan. 27, 2014), http://tabbforum.com/opinions/the-retail-options-reneissance .
Investors benefit from the protections provided through the use of audit trail data, permitting regulators to adequately and effectively monitor activities in today's complex securities markets. In SEC Rule 613, the Commission identified several ways that the CAT would enhance the protections to investors. These include: facilitating risk-based examinations, better identification of potentially manipulative trading activity, improved processes for evaluating tips, complaints and referrals of potential misconduct made to regulators, increased efficiency of cross-market and principal order surveillance, improved analysis and reconstruction of broad-based market events, improved ability to monitor and evaluate changes to market structure, and efficiencies from a potential reduction in disparate reporting requirements and data requests.
For instance, as shown in academic literature, surveillance has been demonstrated to increase investor confidence, by mitigating manipulative behavior and increasing trading activity. Academic literature provides support for the notion that investors associate enhanced surveillance with greater investment opportunity across a larger number of listed companies and with higher market capitalizations. Cross-market surveillance—an opportunity expected to be improved by CAT—is likely more effective in detecting manipulative behavior than single-market surveillance. A more recent study provides evidence that better surveillance is associated with reduced insider trading, as it would be harder to hide such trades.
Cumming et al., Global Market Surveillance, 10(2) Am. Law Econ. Rev. at 454-506 (July 24, 2008).
See, e.g., La Porta, et al., Legal Determinants of External Finance, 52(3) J. Finance 1131-1150 (1997).
Cumming et al., Exchange Trading Rules, Surveillance and Insider Trading (working paper, Oct. 29, 2013), available at http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2101826 .
To the extent that better surveillance leads to more effective rulemaking, investors should also benefit from the improvements in market quality that might arise from such rulemaking. For example, one study shows that detailed trading rules are positively correlated with liquidity measures evidenced by lower volatility and bid-ask spreads. Similarly, a separate study finds that European Union countries that have more effective rules to prevent market abuse and enhance transparency experience higher market liquidity.
Where better surveillance identifies behaviors and practices that are manipulative and harmful to the investing public more quickly and more accurately, the Commission and Participants may be able to adopt rules to stop these practices more quickly and in a more tailored fashion.
Cumming et al., Exchange Trading Rules and Stock Market Liquidity, 99(3) J. Financial Economics 651-71 (Mar. 2011).
Christensen et al., Capital-Market Effects of Securities Regulation: Prior Conditions, Implementation, and Enforcement (Dec. 31, 2013), available at http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1745105 .
Investors may also bear the costs associated with maintaining and enhancing the current audit trail systems. In some cases, broker-dealers may pass on regulatory charges that support Participant supervision, such as with respect to Section 31 fees. In other cases, broker-dealers may cover some of their regulatory charges through commissions and other charges. Similarly, broker-dealers may seek to pass on to investors their costs to build and maintain the CAT, which may include their own costs and any costs passed on to them by Participants. This analysis does not measure either the likelihood of these costs being passed through to investors nor the potential dollar impact on investors. The extent to which these costs are passed on to investors depends on the materiality of the costs and the ease with which investors can substitute away from any given broker-dealer.
Pursuant to Section 31 of the Exchange Act, Participants are required to pay transaction fees and assessments to the Commission that are designed to recover the costs related to the government's supervision and regulation of the securities markets and securities professionals. Participants, in turn, may collect their Section 31 fees and assessments from their broker-dealer members. 15 U.S.C. § 78ee.
Participants
Participants are expected to benefit from the requirements to report to the Central Repository. To the extent that the CAT enhances comparability of audit trail data—thereby enhancing order lifecycle comparability across different trading venues—Participants may better fulfill their obligations to “prevent fraudulent and manipulative acts and practices, to promote just and equitable principles of trade, to foster cooperation and coordination with persons engaged in regulating, clearing, settling, processing information with respect to, and facilitating transactions in securities” as set forth in Section 6 of the Exchange Act.
Participants would also incur direct costs associated with creating, implementing and maintaining the CAT infrastructure. The full cost associated with the build and maintenance of the CAT would be shared among Participants and Industry Members, consistent with the CAT NMS Plan. Participants would also be subject to costs associated with updating and maintaining their own systems to comply with their obligations to report to the Central Repository.
Central Repository Build and Maintenance Costs
The CAT NMS Plan provides that the costs arising from the build and maintenance of the CAT will be collected from all CAT Reporters, which includes Participants. As described in Article XI of the CAT NMS Plan and in Section C(b)(7)(iii) below, Participants will be required to pay their allocated portion of these costs on an annual basis.
The CAT NMS Plan also contemplates that Participants may impose greater requirements on the Central Repository based on their use of information in the repository for regulatory purposes. These requirements may take the form of frequent and complex analyses of data which may likely require more resources from the Central Repository. It is critical that the Company recover its costs in a manner consistent with the principles articulated in the CAT NMS Plan, which include both the need to allocate costs in a manner consistent with the cost to operations and that the CAT NMS Plan not create significant disincentives to Participants in seeking to meet their regulatory obligations. As such, the CAT NMS Plan permits the Company to assess additional charges to Participants associated with their use of the Central Repository's data and reporting facilities as it deems necessary.
Costs to Participants to Meet Reporting Requirements
The Costs to Participants Study was distributed to the Participants to collect information about the potential costs of the CAT to the Participants. The Costs to Participants Study was designed to provide insight into the current total costs associated with regulatory reporting and surveillance programs discussed above, as well as expected implementation and maintenance costs associated with reporting to and surveillance through the Central Repository.
The anticipated costs associated with the implementation of regulatory reporting to the Central Repository were estimated to be a total of $17,900,000 across all ten Participants. Included in this cost, Participants reported a total of $770,000 in legal and consulting costs, as well as total FTE costs of $10,300,000 for operational, technical/development and compliance-type functions.
Maintenance costs associated with regulatory reporting to Central Repository were estimated to be a total of $14,700,000 across all ten Participants. Included in this estimate are legal, consulting, and other costs associated with maintenance, a total of $720,000, and $7,300,000 to FTEs for operational, technical/development, and compliance functions regarding the maintenance of regulatory reporting associated with CAT.
The Participants were also asked to identify the costs associated with the implementation of surveillance programs within the Central Repository. The estimated total costs across all ten Participants were $23,200,000 including estimated legal, consulting, and other costs of $560,000. Also included in the total, Participants reported that they would allocate a total of $17,500,000 to FTEs to operational, technical/development, and compliance staff to be engaged in the creation of surveillance programs.
The estimated total costs associated with the maintenance of surveillance programs were $87,700,000, including $1,000,000 for legal, consulting, and other costs. Of the total cost, the Participants estimated that they would allocate a total of $66,700,000 to FTEs to operational, technical/development and compliance staff.
Retirement costs for current systems were estimated to be $310,000 across all Participants. However, Participants expect that by no longer needing to maintain these legacy systems due to adoption of the CAT, they will realize aggregate savings of $10,600,000, which will partially offset some of the costs expected to be borne by the Participants as described further below. To the extent that the Participants are able to retire legacy systems and replace them with more efficient and cost effective technologies, they may experience additional cost savings. The Costs to Participants Study does not attempt to quantify any such additional cost savings to broker-dealers.
Broker-Dealers
The CAT is expected to provide a more resilient audit trail system that may benefit broker-dealers. For instance, as noted above, more effective oversight of market activity may increase investor confidence and help expand the investment opportunity set through increased listings. Broker-dealers may benefit from increased investor confidence, provided that it results in increased trading activity. In addition, broker-dealers may experience less burden, to the extent that, data provided to the Central Repository reduces the number of direct requests by regulators for their surveillance, examination and enforcement programs. For example, after the implementation of CAT, regulators seeking to identify activity for NMS Securities at the customer account level, would access that information from the Central Repository, rather than making a Blue Sheet request.
More broadly, one benefit identified to broker-dealers of the CAT may arise from consolidating the collection and transmission of audit trail data into a uniform activity, regardless of where the quoting and trading occur. Such a consolidation may permit some broker-dealers to reduce the number of systems they operate to provide audit trail data to Participants and to retire legacy systems, at an appropriate time. Additionally, technological advances may make the operation of the new CAT Systems more efficient than those associated with the legacy systems. The Costs to CAT Reporters Study did not attempt to quantify any such cost savings to firms, and as such, the cost estimates provided here do not include consideration that such cost savings may be low.
Broker-dealers would also incur costs associated with creating, implementing and maintaining the CAT infrastructure. These costs would arise from building and maintaining the CAT and updating and maintaining their own systems to comply with their reporting obligations.
CAT Build and Maintenance Costs
Broker-dealers will also be required to contribute their portion of the direct costs associated with building and maintaining the CAT, as required by SEC Rule 613 and implemented by the CAT NMS Plan. Broker-dealers with CAT reporting obligations will be required to pay their allocated portion of these costs on an annual basis, pursuant to the Funding Model.
The Funding Model acknowledges that the operating models of broker-dealers and Execution Venues are substantially different. Therefore, the Funding Model imposes different fee structures for broker-dealers and Executions Venues. ATSs that execute orders, which are operated by registered broker-dealers pursuant to Regulation ATS, are considered Execution Venues, for purposes of the CAT NMS Plan.
CAT Reporters Costs to Meeting Reporting Requirements
Responses to the Costs to CAT Reporters Study provide estimates of the direct costs to broker-dealers associated with meeting requirements to report to the Central Repository. The Costs to CAT Reporters Study contained questions related to future costs related to both the retirement of existing systems and compliance with requirements of SEC Rule 613.
Respondents were asked to evaluate the future costs under two separate approaches. For each approach, respondents were asked to estimate both for CAT implementation and maintenance: (1) the associated hardware and software costs; (2) the number of required FTEs; and (3) third-party provider costs.
The two approaches are described in detail in Appendix C, Analysis of Expected Benefits and Estimated Costs for Creating, Implementing, and Maintaining the Consolidated Audit Trail (SEC Rule 613(a)(1)(vii)).
a. Implementation Phase of Approach 1
Tables 7 and 8 describe the costs associated with the implementation of Approach 1. Based on the 167 study responses for the implementation of Approach 1, large firms provided an average (medium) hardware/software cost of $580,000 ($0) and small firms provided an average (median) cost estimates of $5,200 ($0).
Large firms provided an average (median) FTE count of 11.00 (0.00). Multiplying these counts by the rate employed by the Commission in SEC Rule 613 as described above, FTE costs are estimated as $4,400,000, with a median FTE cost of $0. Small firms provided an average FTE count requirement of 1.17, with the median response provided by small respondents equal to 0.00. Participants estimate a dollar cost for the small respondent FTE requirements to be on average $470,000, with a median estimated cost of $0.
Participants estimate large firms would incur average (median) third party/outsourcing costs of $72,000 ($0) and small firms would incur an estimated average (median) cost of $76,000 ($0).
Total average (median) costs for Approach 1 Implementation are estimated to be $5,052,000 ($0) for large firms, and $551,200 ($0) for small firms.
Table 7—Approach 1 Implementation Costs: Large Respondents Summary (49 Firms)
Hardware/ software | FTE counts | FTE costs | Third party/outsourcing | |
---|---|---|---|---|
Average | $580,000 | 11.00 | $4,400,000 | $72,000 |
Median | $0 | 0.00 | $0 | $0 |
Minimum | $0 | 0.00 | $0 | $0 |
Minimum (non-zero) | $5,000 | 0.02 | $8,000 | $1,000 |
Maximum | $10,000,000 | 142.00 | $57,000,000 | $2,000,000 |
Count of Zero Responses | 28 | 27 | 27 | 41 |
Count of Blank Responses | 0 | 0 | 0 | 0 |
Table 8—Approach 1 Implementation Costs: Small Respondents Summary (118 Firms)
Hardware/ software | FTE counts | FTE costs | Third party/outsourcing | |
---|---|---|---|---|
Average | $5,200 | 1.17 | $470,000 | $76,000 |
Median | $0 | 0.00 | $0 | $0 |
Minimum | $0 | 0.00 | $0 | $0 |
Minimum (non-zero) | $1,000 | 0.20 | $80,000 | $1,000 |
Maximum | $500,000 | 20.00 | $8,000,000 | $8,000,000 |
Count of Zero Responses | 95 | 94 | 94 | 95 |
Count of Blank Responses | 2 | 0 | 0 | 1 |
Tables 9 and 10 describe the costs associated with the implementation of Approach 1 for large respondents with current OATS and non-OATS reporting obligations. Large OATS respondents provided an average (median) hardware/software cost estimate of $750,000 ($0), and large non-OATS respondents providing average (median) estimated costs of $450,000 ($0).
Large OATS reporters provided an average (median) FTE requirement of 14.92 (7.00), translating into estimated costs of $6,000,000 ($2,800,000), while large non-OATS respondents provided an average (median) FTE requirement of 8.05 (0.00), translating into an average (median) estimated cost of $3,200,000 ($0).
Large OATS respondents estimated an average (median) third party/outsourcing cost of $150,000 ($0), while large non-OATS respondents provided an average (median) estimate of $9,500 ($0).
Table 9—Approach 1 Implementation Costs: Large OATS Respondents Summary (21 Firms)
Hardware/ software | FTE counts | FTE costs | Third party/outsourcing | |
---|---|---|---|---|
Average | $750,000 | 14.92 | $6,000,000 | $150,000 |
Median | $60,000 | 7.00 | $2,800,000 | $0 |
Minimum | $0 | 0.00 | $0 | $0 |
Minimum (non-zero) | $5,000 | 0.02 | $8,000 | $1,000 |
Maximum | $7,000,000 | 63.00 | $25,300,000 | $2,000,000 |
Count of Zero Responses | 6 | 5 | 5 | 15 |
Count of Blank Responses | 0 | 0 | 0 | 0 |
Table 10—Approach 1 Implementation Costs: Large Non-OATS Respondents Summary (28 Firms)
Hardware/ software | FTE counts | FTE costs | Third party/outsourcing | |
---|---|---|---|---|
Average | $450,000 | 8.05 | $3,200,000 | $9,500 |
Median | $0 | 0.00 | $0 | $0 |
Minimum | $0 | 0.00 | $0 | $0 |
Minimum (non-zero) | $5,000 | 1.00 | $400,000 | $15,000 |
Maximum | $10,000,000 | 142.00 | $57,000,000 | $250,000 |
Count of Zero Responses | 22 | 22 | 22 | 26 |
Count of Blank Responses | 0 | 0 | 0 | 0 |
Tables 11 and 12 describe the costs associated with the implementation of Approach 1 for small respondents with current OATS and non-OATS reporting obligations, small OATS respondents provided an average (median) hardware/software cost estimate of $21,000 ($1,000), with small non-OATS respondents providing an estimated average (median) cost of $100 ($0).
Small OATS reporters provided an average (median) FTE requirement of 3.51 (2.00), translating into estimated an average (median) costs of $1,400,000 ($800,000), while small non-OATS respondents provided an average (median) FTE requirement of 0.38 (0.00), translating into an estimated average (median) cost of $150,000 ($0).
Finally, small OATS respondents estimated an average (median) third party/outsourcing cost of $300,000 ($1,000), while small non-OATS respondents provided an average (median) estimate of $1,100 ($0).
Table 11—Approach 1 Implementation Costs: Small OATS Respondents Summary (30 Firms)
Hardware/ software | FTE counts | FTE costs | Third party/outsourcing | |
---|---|---|---|---|
Average | $21,000 | 3.51 | $1,400,000 | $300,000 |
Median | $1,000 | 2.00 | $800,000 | $1,000 |
Minimum | $0 | 0.00 | $0 | $0 |
Minimum (non-zero) | $1,000 | 0.20 | $80,000 | $1,000 |
Maximum | $500,000 | 20.00 | $8,000,000 | $8,000,000 |
Count of Zero Responses | 12 | 12 | 12 | 12 |
Count of Blank Responses | 1 | 0 | 0 | 1 |
Table 12—Approach 1 Implementation Costs: Small Non-OATS Respondents Summary (88 Firms)
Hardware/ software | FTE counts | FTE costs | Third party/outsourcing | |
---|---|---|---|---|
Average | $100 | 0.38 | $150,000 | $1,100 |
Median | $0 | 0.00 | $0 | $0 |
Minimum | $0 | 0.00 | $0 | $0 |
Minimum (non-zero) | $1,000 | 3.00 | $1,200,000 | $1,000 |
Maximum | $5,000 | 15.00 | $6,000,000 | $72,000 |
Count of Zero Responses | 83 | 82 | 82 | 83 |
Count of Blank Responses | 1 | 0 | 0 | 0 |
b. Maintenance Phase of Approach 1
Tables 13 and 14 describe the costs associated with the maintenance of CAT reporting obligations for the full set of study responses under Approach 1. Based on the 167 study responses for the maintenance of Approach 1, large firms reported an average (median) hardware/software cost estimate of $210,000 ($0), and small firms reported an estimated cost of $1,600 ($0).
Large firms provided an average FTE count requirement of 8.54, with the median response provided by large firms equaled to 0.00. Multiplying these counts by the rate employed by the Commission in SEC Rule 613 as described above, FTE costs are estimated to be $3,400,000, with a median FTE cost of $0. Small firms provided an average FTE count requirement of 1.12, with the median response provided by small respondents equal to 0.00. Participants estimated the average dollar cost for the small respondent FTE requirement l to be $450,000, and a median cost of $0.
Large firms estimated that the average (median) third party/outsourcing cost is equal to $52,000 ($0) and small firms estimated average (median) costs to be equal to $24,000 ($0).
Total average (median) costs for Approach 1 Maintenance are estimated to be $3,662,000 ($0) for large firms and $475,600 ($0) for small firms.
Table 13—Approach 1 Maintenance Costs: Large Respondents Summary (49 Firms)
Hardware/ software | FTE counts | FTE costs | Third party/ outsourcing | |
---|---|---|---|---|
Average | $210,000 | 8.54 | $3,400,000 | $52,000 |
Median | $0 | 0.00 | $0 | $0 |
Minimum | $0 | 0.00 | $0 | $0 |
Minimum (non-zero) | $2,000 | 0.02 | $8,000 | $1,000 |
Maximum | $5,200,000 | 152.00 | $61,000,000 | $1,000,000 |
Count of Zero Responses | 28 | 27 | 27 | 41 |
Count of Blank Responses | 1 | 0 | 0 | 0 |
Table 14—Approach 1 Maintenance Costs: Small Respondents Summary (118 Firms)
Hardware/ software | FTE counts | FTE costs | Third party/ outsourcing | |
---|---|---|---|---|
Average | $1,600 | 1.12 | $450,000 | $24,000 |
Median | $0 | 0.00 | $0 | $0 |
Minimum | $0 | 0.00 | $0 | $0 |
Minimum (non-zero) | $500 | 0.15 | $60,000 | $500 |
Maximum | $120,000 | 18.00 | $7,200,000 | $1,500,000 |
Count of Zero Responses | 96 | 93 | 93 | 96 |
Count of Blank Responses | 0 | 0 | 0 | 0 |
Tables 15 and 16 show the costs associated with the maintenance of CAT reporting obligations for Approach 1 for large respondents with current OATS and non-OATS reporting obligations. Large OATS respondents provided estimated average (median) hardware/software requirements of $380,000 ($22,000), with large non-OATS respondents providing estimated average (median) costs of $80,000 ($0).
Large OATS reporters provided average (median) FTE requirements of 10.03 (4.00), translating to estimated costs of $4,000,000 ($1,600,000), while large non-OATS respondents provided average (median) FTE requirements of 7.41 (0.00), translating to estimated costs of $3,000,000 ($0).
Large OATS respondents estimated average (median) third party/outsourcing costs of $120,000 ($0), while large non-OATS respondents provided estimates of $1,300 ($0).
Table 15—Approach 1 Maintenance Costs: Large OATS Respondents Summary (21 Firms)
Hardware/ software | FTE counts | FTE costs | Third party/ outsourcing | |
---|---|---|---|---|
Average | $380,000 | 10.03 | $4,000,000 | $120,000 |
Median | $22,000 | 4.00 | $1,600,000 | $0 |
Minimum | $0 | 0.00 | $0 | $0 |
Minimum (non-zero) | $2,000 | 0.02 | $8,000 | $1,000 |
Maximum | $5,200,000 | 50.00 | $20,100,000 | $1,000,000 |
Count of Zero Responses | 6 | 5 | 5 | 14 |
Count of Blank Responses | 1 | 0 | 0 | 0 |
Table 16—Approach 1 Maintenance Costs: Large Non-OATS Respondents Summary (28 Firms)
Hardware/ software | FTE counts | FTE costs | Third party/ outsourcing | |
---|---|---|---|---|
Average | $80,000 | 7.41 | $3,000,000 | $1,300 |
Median | $0 | 0.00 | $0 | $0 |
Minimum | $0 | 0.00 | $0 | $0 |
Minimum (non-zero) | $8,000 | 1.00 | $400,000 | $35,000 |
Maximum | $900,000 | 152.00 | $61,000,000 | $35,000 |
Count of Zero Responses | 22 | 22 | 22 | 27 |
Count of Blank Responses | 0 | 0 | 0 | 0 |
Tables 17 and 18 describe the costs associated with the maintenance of CAT reporting obligations for Approach 1 for small respondents with current OATS and non-OATS reporting obligations. Small OATS respondents provided estimated average (median) hardware/software requirements of $6,000 ($1,000), with small non-OATS respondents providing estimated average (median) costs of $100 ($0).
Small OATS reporters provided average (median) FTE requirements of 3.52 (2.00), translating to estimated costs of $1,400,000 ($800,000), while small non-OATS respondents provided average (median) FTE requirements of 0.31 (0.00), translating to estimated costs of $120,000 ($0).
Finally, small OATS respondents estimated average (median) third party/outsourcing costs of $90,000 ($1,000), while small non-OATS respondents provided estimates of $1,100 ($0).
Table 17—Approach 1 Maintenance Costs: Small OATS Respondents Summary (30 Firms)
Hardware/ software | FTE counts | FTE costs | Third party/ outsourcing | |
---|---|---|---|---|
Average | $6,000 | 3.52 | $1,400,000 | $90,000 |
Median | $1,000 | 2.00 | $800,000 | $1,000 |
Minimum | $0 | 0.00 | $0 | $0 |
Minimum (non-zero) | $500 | 0.15 | $60,000 | $500 |
Maximum | $120,000 | 18.00 | $7,200,000 | $1,500,000 |
Count of Zero Responses | 12 | 10 | 10 | 12 |
Count of Blank Responses | 0 | 0 | 0 | 0 |
Table 18—Approach 1 Maintenance Costs: Small Non-OATS Respondents Summary (88 Firms)
Hardware/ software | FTE counts | FTE costs | Third party/ outsourcing | |
---|---|---|---|---|
Average | $100 | 0.31 | $120,000 | $1,100 |
Median | $0 | 0.00 | $0 | $0 |
Minimum | $0 | 0.00 | $0 | $0 |
Minimum (non-zero) | $1,000 | 3.00 | $1,200,000 | $1,000 |
Maximum | $2,000 | 14.00 | $5,600,000 | $72,000 |
Count of Zero Responses | 84 | 83 | 83 | 84 |
Count of Blank Responses | 0 | 0 | 0 | 0 |
c. Implementation Phase of Approach 2
Tables 19 and 20 show the costs associated with the implementation phase of Approach 2 for the full set of study responses. Based on the 167 study responses for the implementation phase of Approach 2, large firms provided average (median) hardware/software costs of $570,000 ($0), and small firms provided costs estimates of $5,000 ($0).
Large firms provided average FTE count requirements of 10.15, with the median response provided by a large firm equal to 0.00. Multiplying these counts by the rate employed by the Commission in SEC Rule 613 as described above, FTE costs can be estimated to be $4,100,000, with a median FTE cost of $0. Small firms provided average FTE count requirements of 1.08, with the median response provided by a small respondent equal to 0.00. Participants estimate the dollar cost for the small respondent FTE requirements to be $440,000, and a median cost of $0.
Large firms estimated that average (median) third party/outsourcing costs are equal to $68,000 ($0) and small firms estimated average (median) costs to be equal to $16,000 ($0).
Total average (median) costs for Approach 2 Implementation are estimated to be $4,738,000 ($0) for large firms, and $461,000 ($0) for small firms.
Table 19—Approach 2 Implementation Costs: Large Respondents Summary (49 Firms)
Hardware/ software | FTE counts | FTE costs | Third party/ outsourcing | |
---|---|---|---|---|
Average | $570,000 | 10.15 | $4,100,000 | $68,000 |
Median | $0 | 0.00 | $0 | $0 |
Minimum | $0 | 0.00 | $0 | $0 |
Minimum (non-zero) | $5,000 | 0.02 | $8,000 | $1,000 |
Maximum | $10,000,000 | 116.00 | $46,600,000 | $2,000,000 |
Count of Zero Responses | 28 | 28 | 28 | 41 |
Count of Blank Responses | 0 | 0 | 0 | 0 |
Table 20—Approach 2 Implementation Costs: Small Respondents Summary (118 Firms)
Hardware/ software | FTE counts | FTE costs | Third party/ outsourcing | |
---|---|---|---|---|
Average | $5,000 | 1.08 | $440,000 | $16,000 |
Median | $0 | 0.00 | $0 | $0 |
Minimum | $0 | 0.00 | $0 | $0 |
Minimum (non-zero) | $1,000 | 1.00 | $400,000 | $1,000 |
Maximum | $500,000 | 20.00 | $8,000,000 | $1,000,000 |
Count of Zero Responses | 98 | 96 | 96 | 97 |
Count of Blank Responses | 1 | 0 | 0 | 1 |
Tables 21 and 22 show the costs associated with the implementation phase of Approach 2 for large respondents with current OATS and non-OATS reporting obligations. Large OATS respondents provided estimated average (median) hardware/software requirements of $740,000 ($60,000), with large non-OATS respondents providing estimated average (median) costs of $450,000 ($0).
Large OATS reporters provided average (median) FTE requirements of 14.81 (7.00), translating to estimated costs of $5,900,000 ($2,800,000), while large non-OATS respondents provided average (median) FTE requirements of 6.66 (0.00), translating to estimated costs of $2,700,000 ($0).
Finally, large OATS respondents estimated average (median) third party/outsourcing costs of $140,000 ($0), while large non-OATS respondents provided estimates of $10,000 ($0).
Table 21—Approach 2 Implementation Costs: Large OATS Respondents Summary (21 Firms)
Hardware/ software | FTE counts | FTE costs | Third party/ outsourcing | |
---|---|---|---|---|
Average | $740,000 | 14.81 | $5,900,000 | $140,000 |
Median | $60,000 | 7.00 | $2,800,000 | $0 |
Minimum | $0 | 0.00 | $0 | $0 |
Minimum (non-zero) | $5,000 | 0.02 | $8,000 | $1,000 |
Maximum | $7,000,000 | 63.00 | $25,300,000 | $2,000,000 |
Count of Zero Responses | 6 | 5 | 5 | 15 |
Count of Blank Responses | 0 | 0 | 0 | 0 |
Table 22—Approach 2 Implementation Costs: Large Non-OATS Respondents Summary (28 Firms)
Hardware/ software | FTE counts | FTE costs | Third party/ outsourcing | |
---|---|---|---|---|
Average | $450,000 | 6.66 | $2,700,000 | $10,000 |
Median | $0 | 0.00 | $0 | $0 |
Minimum | $0 | 0.00 | $0 | $0 |
Minimum (non-zero) | $5,000 | 1.00 | $400,000 | $35,000 |
Maximum | $10,000,000 | 116.00 | $46,600,000 | $250,000 |
Count of Zero Responses | 22 | 23 | 23 | 26 |
Count of Blank Responses | 0 | 0 | 0 | 0 |
Tables 23 and 24 show the costs associated with the implementation of Approach 2 for small respondents with current OATS and non-OATS reporting obligations. Small OATS respondents provided estimated average (median) hardware/software requirements of $20,000 ($1,000), with small non-OATS respondents providing estimated average (median) costs of $100 ($0).
Small OATS reporters provided average (median) FTE requirements of 3.33 (2.00), translating to estimated costs of $1,300,000 ($800,000), while small non-OATS respondents provided average (median) FTE requirements of 0.32 (0.00), translating to estimated costs of $130,000 ($0).
Finally, small OATS respondents estimated average (median) third party/outsourcing costs of $60,000 ($1,000), while small non-OATS respondents provided estimates of $1,100 ($0).
Table 23—Approach 2 Implementation Costs: Small OATS Respondents Summary (30 Firms)
Hardware/ software | FTE counts | FTE costs | Third party/ outsourcing | |
---|---|---|---|---|
Average | $20,000 | 3.33 | $1,300,000 | $60,000 |
Median | $1,000 | 2.00 | $800,000 | $1,000 |
Minimum | $0 | 0.00 | $0 | $0 |
Minimum (non-zero) | $1,000 | 1.00 | $400,000 | $1,000 |
Maximum | $500,000 | 20.00 | $8,000,000 | $1,000,000 |
Count of Zero Responses | 14 | 13 | 13 | 13 |
Count of Blank Responses | 1 | 0 | 0 | 1 |
Table 24—Approach 2 Implementation Costs: Small Non-OATS Respondents Summary (88 Firms)
Hardware/ software | FTE counts | FTE costs | Third party/ outsourcing | |
---|---|---|---|---|
Average | $100 | 0.32 | $130,000 | $1,100 |
Median | $0 | 0.00 | $0 | $0 |
Minimum | $0 | 0.00 | $0 | $0 |
Minimum (non-zero) | $1,000 | 3.00 | $1,200,000 | $1,000 |
Maximum | $5,000 | 15.00 | $6,000,000 | $72,000 |
Count of Zero Responses | 84 | 83 | 83 | 84 |
Count of Blank Responses | 0 | 0 | 0 | 0 |
d. Maintenance Phase of Approach 2
Tables 25 and 26 show the costs associated with the maintenance of CAT reporting obligations for Approach 2 for the full set of study responses. Based on the 167 study responses for the maintenance phase of Approach 2, large firms provided average (median) hardware/software costs of $200,000 ($0) and small firms provided costs estimates of $1,500 ($0).
Large firms provided average FTE count requirements of 7.27, with the median response provided by a large firm equal to 0.00. Multiplying these counts by the rate employed by the Commission in SEC Rule 613 as described above, FTE costs can be estimated to be $2,900,000, with a median FTE cost of $0. Small firms provided average FTE count requirements of 1.06, with the median response provided by a small respondent equal to 0.00. Participants estimate the dollar cost for the small respondent FTE requirements to be $430,000, with a median cost of $0.
Large firms estimated that average (median) third party/outsourcing costs are equal to $48,000 ($0) and small firms estimated average (median) costs to be equal to $10,000 ($0).
Total average (median) costs for Approach 2 Maintenance are estimated to be $3,148,000 ($0) for large firms, and $441,500 ($0) for small firms.
Table 25—Approach 2 Maintenance Costs: Large Respondents Summary (49 Firms)
Hardware/ software | FTE counts | FTE costs | Third party/outsourcing | |
---|---|---|---|---|
Average | $200,000 | 7.27 | $2,900,000 | $48,000 |
Median | $0 | 0.00 | $0 | $0 |
Minimum | $0 | 0.00 | $0 | $0 |
Minimum (non-zero) | $2,000 | 0.00 | $0 | $1,000 |
Maximum | $5,200,000 | 102.00 | $40,900,000 | $1,000,000 |
Count of Zero Responses | 28 | 28 | 28 | 41 |
Count of Blank Responses | 1 | 0 | 0 | 0 |
Table 26—Approach 2 Maintenance Costs: Small Respondents Summary (118 Firms)
Hardware/ software | FTE counts | FTE costs | Third party/outsourcing | |
---|---|---|---|---|
Average | $1,500 | 1.06 | $430,000 | $10,000 |
Median | $0 | 0.00 | $0 | $0 |
Minimum | $0 | 0.00 | $0 | $0 |
Minimum (non-zero) | $500 | 1.00 | $400,000 | $500 |
Maximum | $100,000 | 18.00 | $7,000,000 | $1,000,000 |
Count of Zero Responses | 97 | 94 | 94 | 93 |
Count of Blank Responses | 2 | 0 | 0 | 5 |
Tables 27 and 28 provide the costs associated with the maintenance of CAT reporting obligations for Approach 2 for large respondents with current OATS and non-OATS reporting obligations. Large OATS respondents provided estimated average (median) hardware/software requirements of $370,000 ($14,000), with large non-OATS respondents providing estimated average (median) costs of $79,000 ($0).
Large OATS reporters provided average (median) FTE requirements of 9.79 (5.60), translating to estimated costs of $3,900,000 ($2,200,000), while large non-OATS respondents provided average (median) FTE requirements of 5.38 (0.00), translating to estimated costs of $2,200,000 ($0).
Finally, large OATS respondents estimated average (maximum) third party/outsourcing costs of $110,000 ($0), while large non-OATS respondents provided estimates of $1,300 ($0).
Table 27—Approach 2 Maintenance Costs: Large OATS Respondents Summary (21 Firms)
Hardware/ software | FTE counts | FTE costs | Third party/outsourcing | |
---|---|---|---|---|
Average | $370,000 | 9.79 | $3,900,000 | $110,000 |
Median | $14,000 | 5.60 | $2,200,000 | $0 |
Minimum | $0 | 0.00 | $0 | $0 |
Minimum (non-zero) | $2,000 | 0.02 | $8,000 | $1,000 |
Maximum | $5,200,000 | 50.00 | $20,100,000 | $1,000,000 |
Count of Zero Responses | 6 | 5 | 5 | 14 |
Count of Blank Responses | 1 | 0 | 0 | 0 |
Table 28—Approach 2 Maintenance Costs: Large Non-OATS Respondents Summary (28 Firms)
Hardware/ software | FTE counts | FTE costs | Third party/outsourcing | |
---|---|---|---|---|
Average | $79,000 | 5.38 | $2,200,000 | $1,300 |
Median | $0 | 0.00 | $0 | $0 |
Minimum | $0 | 0.00 | $0 | $0 |
Minimum (non-zero) | $3,000 | 1.00 | $400,000 | $36,000 |
Maximum | $900,000 | 102.00 | $40,900,000 | $36,000 |
Count of Zero Responses | 22 | 23 | 23 | 27 |
Count of Blank Responses | 0 | 0 | 0 | 0 |
Tables 29 and 30 show the costs associated with the maintenance of CAT reporting obligations for Approach 2 for small respondents with current OATS and non-OATS reporting obligations. Small OATS respondents provided estimated average (median) hardware/software requirements of $6,000 ($500), with small non-OATS respondents providing estimated average (median) costs of $100 ($0).
Small OATS reporters provided average (median) FTE requirements of 3.28 (2.00), translating to estimated costs of $1,300,000 ($800,000), while small non-OATS respondents provided average (median) FTE requirements of 0.31 (0.00), translating to estimated costs of $120,000 ($0).
Finally, small OATS respondents estimated average (median) third party/outsourcing costs of $42,000 ($1,000), while small non-OATS respondents provided estimates of $1,100 ($0).
Table 29—Approach 2 Maintenance Costs: Small OATS Respondents Summary (30 Firms)
Hardware/ software | FTE counts | FTE costs | Third party/outsourcing | |
---|---|---|---|---|
Average | $6,000 | 3.28 | $1,300,000 | $42,000 |
Median | $500 | 2.00 | $800,000 | $1,000 |
Minimum | $0 | 0.00 | $0 | $0 |
Minimum (non-zero) | $500 | 1.00 | $400,000 | $500 |
Maximum | $120,000 | 18.00 | $7,000,000 | $1,000,000 |
Count of Zero Responses | 14 | 11 | 11 | 12 |
Count of Blank Responses | 1 | 0 | 0 | 2 |
Table 30—Approach 2 Maintenance Costs: Small Non-OATS Respondents Summary (88 Firms)
Hardware/ software | FTE counts | FTE costs | Third party/outsourcing | |
---|---|---|---|---|
Average | $100 | 0.31 | $120,000 | $1,100 |
Median | $0 | 0.00 | $0 | $0 |
Minimum | $0 | 0.00 | $0 | $0 |
Minimum (non-zero) | $1,000 | 3.00 | $1,200,000 | $1,000 |
Maximum | $2,000 | 14.00 | $5,600,000 | $72,000 |
Count of Zero Responses | 83 | 83 | 83 | 81 |
Count of Blank Responses | 1 | 0 | 0 | 3 |
e. Implementation and Maintenance Costs for Approach 1 vs. Approach 2
Participants compared the estimated implementation and maintenance costs for Approach 1 and Approach 2 to determine if one solution would be more cost effective for the industry than the other. In general, respondents indicated that Approach 1 would lead to larger costs than Approach 2. Large firms estimated that it will cost approximately $5,052,000 to implement Approach 1, versus an estimated $4,738,000 for Approach 2, a cost difference of $314,000. From a maintenance perspective, large firms estimated that it would cost $3,662,000 for Approach 1 versus $3,148,000 for Approach 2, a cost difference of $514,000. Small firms also indicated that Approach 1 would be more expensive to implement and maintain than Approach 2. Small firms indicated that it would cost $551,200 to implement Approach 1 versus $475,600 for Approach 2, indicating a cost difference of $90,200. For the maintenance phases, small firms estimated it would cost approximately $475,600 for Approach 1 maintenance, versus $441,500 for Approach 2 maintenance, a cost difference of $34,100 between approaches. However, the cost estimates between these two approaches are not statistically significant and Participants conclude that there would likely be no incremental costs associated with either Approach.
Participants arrive at this conclusion on the basis of a standard t-test of the hypothesis that the difference between Approach 1 and Approach 2 costs is different from zero. The t-test is unable to reject the null hypothesis (i.e., that the difference in costs between the two approaches is not distinguishable from zero) at the 0.05% level. The t-test rejects the null hypothesis for estimates of hardware/software costs, FTE costs, vendor costs, and total costs. The t-test also rejects any significant difference in estimated costs under the two approaches separately for large OATS reporters, small OATS reporters, large non-OATS reporters, and small non-OATS reporters.
f. Retirement of Systems Costs
Participants recognize that in implementing the anticipated requirements in the CAT NMS Plan, broker-dealers would likely replace some components of their current systems. The costs associated with retiring current systems were considered as part of the impacts associated with the CAT NMS Plan.
Tables 31 and 32 describe the cost associated with retirement of systems for the full set of study responses. Based on the 167 study responses for the retirement of systems large firms provided average (median) hardware/software costs of $120,000 ($0) and small firms provided cost estimates of $31,000 ($0).
Large firms provided average FTE count requirements of 6.80, with the median response provided by a large firm equal to 0.00. Multiplying these counts by the rate employed by the Commission in SEC Rule 613 as described above, FTE costs are estimated to be $2,700,000, with a median FTE cost of $0. Small firms provided average FTE count requirements of 1.92, with the median response provided by a small respondent of 0.00. Participants estimate the dollar cost for the small respondent FTE requirements to be an average costs of $770,000, and a median cost of $0.
Large firms estimated that average (median) third party/outsourcing costs to be $10,000 ($0) and small firms estimated average (median) costs to be $63,000 ($0).
Total average (median) costs for the Retirement of Systems are estimated to be $2,830,000 ($0) for large firms and $864,000 ($0) for small firms.
Table 31—Retirement of Systems Costs: Large Respondents Summary (49 Firms)
Hardware/ software | FTE counts | FTE costs | Third party/outsourcing | |
---|---|---|---|---|
Average | $120,000 | 6.80 | $2,700,000 | $10,000 |
Median | $0 | 0.00 | $0 | $0 |
Minimum | $0 | 0.00 | $0 | $0 |
Minimum (non-zero) | $1,500 | 0.06 | $24,000 | $5,000 |
Maximum | $4,000,000 | 206.00 | $82,700,000 | $360,000 |
Count of Zero Responses | 37 | 32 | 32 | 44 |
Count of Blank Responses | 0 | 0 | 0 | 0 |
Table 32—Retirement of Systems Costs: Small Respondents Summary (118 Firms)
Hardware/ software | FTE counts | FTE costs | Third party/outsourcing | |
---|---|---|---|---|
Average | $31,000 | 1.92 | $770,000 | $63,000 |
Median | $0 | 0.00 | $0 | $0 |
Minimum | $0 | 0.00 | $0 | $0 |
Minimum (non-zero) | $1,000 | 1.00 | $400,000 | $1,000 |
Maximum | $3,500,000 | 68.00 | $27,300,000 | $7,000,000 |
Count of Zero Responses | 98 | 100 | 100 | 97 |
Count of Blank Responses | 0 | 0 | 0 | 0 |
Tables 33 and 34 describe the costs associated with the retirement of systems for large respondents with current OATS and non-OATS reporting obligations. Large OATS respondents provided estimated average (median) hardware/software requirements of $270,000 ($0), with large non-OATS respondents providing estimated average (median) costs of $4,300 ($0).
Large OATS reporters provided average (median) FTE requirements of 4.92 (3.10), translating to estimated costs of $2,000,000 ($1,200,000), while large non-OATS respondents provided average (median) FTE requirements of 8.21 (0.00), translating to estimated costs of $3,300,000 ($0).
Finally, large OATS respondents estimated average (median) third party/outsourcing costs of $18,000 ($0), while large non-OATS respondents provided estimates of $4,800 ($0).
Table 33—Retirement of Systems Costs: Large OATS Respondents Summary (21 Firms)
Hardware/ software | FTE counts | FTE costs | Third party/outsourcing | |
---|---|---|---|---|
Average | $270,000 | 4.92 | $2,000,000 | $18,000 |
Median | $0 | 3.10 | $1,200,000 | $0 |
Minimum | $0 | 0.00 | $0 | $0 |
Minimum (non-zero) | $1,500 | 0.06 | $24,000 | $5,000 |
Maximum | $4,000,000 | 33.00 | $13,200,000 | $360,000 |
Count of Zero Responses | 11 | 6 | 6 | 18 |
Count of Blank Responses | 0 | 0 | 0 | 0 |
Table 34—Retirement of Systems Costs: Large Non-OATS Respondents Summary (28 Firms)
Hardware/ software | FTE counts | FTE costs | Third party/outsourcing | |
---|---|---|---|---|
Average | $4,300 | 8.21 | $3,300,000 | $4,800 |
Median | $0 | 0.00 | $0 | $0 |
Minimum | $0 | 0.00 | $0 | $0 |
Minimum (non-zero) | $10,000 | 24.00 | $9,600,000 | $60,000 |
Maximum | $110,000 | 206.00 | $82,700,000 | $75,000 |
Count of Zero Responses | 26 | 26 | 26 | 26 |
Count of Blank Responses | 0 | 0 | 0 | 0 |
Tables 35 and 36 show the costs associated with the retirement of systems for small respondents with current OATS and non-OATS reporting obligations for the full set of study respondents. Small OATS respondents provided estimated average (median) hardware/software requirements of $3,600 ($500), with small non-OATS respondents providing estimated average (median) costs of $40,000 ($0).
Small OATS reporters provided average (median) FTE requirements of 4.60 (0.00), translating to estimated costs of $1,800,000 ($0), while small non-OATS respondents provided average (median) FTE requirements of 1.00 (0.00), translating to estimated costs of $400,000 ($0).
Finally, small OATS respondents estimated average (median) third party/outsourcing costs of $240,000 ($1,500), while small non-OATS respondents provided estimates of $3,000 ($0).
Table 35—Retirement of Systems Costs: Small OATS Respondents Summary (30 Firms)
Hardware/ software | FTE counts | FTE costs | Third party/outsourcing | |
---|---|---|---|---|
Average | $3,600 | 4.60 | $1,800,000 | $240,000 |
Median | $500 | 0.00 | $0 | $1,500 |
Minimum | $0 | 0.00 | $0 | $0 |
Minimum (non-zero) | $1,000 | 1.00 | $400,000 | $1,000 |
Maximum | $39,000 | 30.00 | $12,000,000 | $7,000,000 |
Count of Zero Responses | 15 | 16 | 16 | 13 |
Count of Blank Responses | 0 | 0 | 0 | 0 |
Table 36—Retirement of Systems Costs: Small Non-OATS Respondents Summary (88 Firms)
Hardware/ software | FTE counts | FTE costs | Third party/outsourcing | |
---|---|---|---|---|
Average | $40,000 | 1.00 | $400,000 | $3,000 |
Median | $0 | 0.00 | $0 | $0 |
Minimum | $0 | 0.00 | $0 | $0 |
Minimum (non-zero) | $1,000 | 3.00 | $1,200,000 | $3,000 |
Maximum | $3,500,000 | 68.00 | $27,300,000 | $220,000 |
Count of Zero Responses | 83 | 84 | 84 | 84 |
Count of Blank Responses | 0 | 0 | 0 | 0 |
In comparing the two approaches and their costs to the current costs incurred by a broker-dealer for current regulatory reporting, respondents have indicated that they estimate both Approach 1 and Approach 2 to be less expensive than current regulatory reporting requirements. Overall, firms estimated that current costs would be $4,290,000 for large firms versus $1,210,000 for small firms, while maintenance costs of Approach 1 for large firms would cost $3,662,000 and $475,600 for small firms, indicating cost savings of $628,000 for large firms and cost savings of $734,400 for small firms. For maintenance costs related to Approach 2, large firms indicated costs of $3,148,000 with an expected savings of $1,142,000 while small firms estimated maintenance costs of $441,500 with expected savings of $768,500.
Although there are differences in the current and anticipated maintenance costs discussed above, the Participants conclude that there would be no statistical difference in costs associated with the maintenance of the CAT, compared to maintenance costs for existing regulatory reporting requirements. Participants arrive at this conclusion on the basis of a standard t-test of the hypothesis that the difference in costs to broker-dealers between Approach 1 and Approach 2 is different from zero. The t-test is unable to reject the null hypothesis (i.e., that the difference in costs between the two approaches is not distinguishable from zero) at the 0.05% level separately for estimates of hardware/software costs, FTE costs, vendor costs, and total costs across large OATS reporters, small OATS reporters, large non-OATS reporters, and small non-OATS reporters.
g. Industry Feedback on Costs to CAT Reporters Study
Participants' understanding of broker-dealer costs has been enhanced through frequent dialogue with Industry Members. The DAG has largely provided written feedback on costs through the industry association members. In March 2013, SIFMA provided feedback on industry costs in its Consolidated Audit Trail White Paper. The association group stated that the industry is likely to face costs related to upgrading the regulatory reporting infrastructure. SIFMA highlighted that additional costs borne will be distributed across the front office, middle office, customer master data, compliance and risk and data management. Additionally, in February 2012, the FIF conducted a study to assess the costs associated with the implementation of OATS. In a summary of the study, FIF highlights that “future estimates of cost should consider the FIF cost model, most importantly the effort expended on business analysis and testing as part of the implementation effort.” One key view presented by the DAG was that retiring legacy systems will likely reduce costs to the industry, given their redundancies with the CAT. However, the FIF highlighted that existing timelines do not take into account costs associated with concurrent reporting for existing regulatory reporting and new regulatory requirements associated with the Central Repository. Additional detail around the plan to retire existing regulatory reports can be found in Appendix C, Section C.9.
See SIFMA Recommendations.
See SEC Memorandum to File No. S7-11-10, Re: Staff Meeting with the Financial Information Forum (Feb. 29, 2012), available at http://www.sec.gov/comments/s7-11-10/s71110-112.pdf .
See FIF, Comment Letter Re: Consolidated Audit Trail National Market System Plan Submission (Nov. 19, 2014), available at http://catnmsplan.com/web/groups/catnms/@catnms/documents/appsupportdocs/p601972.pdf .
Vendors
The Costs to Vendors Study requested information regarding various third party service provider and vendor costs to comply with the requirements of SEC Rule 613.
Based upon the responses to the Costs to Vendors Study, the expected dollar costs for implementation and maintenance of the CAT are largely the same for both approaches, and ranged widely between $0 and $20,000,000 for implementation and $50,000 and $6,000,000 for ongoing maintenance. One firm did indicate that Approach 1 would have substantially higher maintenance costs ($400,000 for Approach 1 versus $50,000 for Approach 2). For headcount and costs associated with implementation and maintenance of the CAT, all respondents indicated that Approach 1 would require more FTE resources (costs) to implement (ranging from 14 ($9,600,000) to 170 ($35,900,000) FTEs for Approach 1 and from 4 ($2,700,000) to 45 ($24,200,000) for Approach 2), while Approach 2 would require more FTE resources to maintain (ranging from 4.5 ($4,100,000) to 35 ($9,300,000) for Approach 1 and from 2 ($2,500,000) to 56 ($11,200,000) for Approach 2). As with current regulatory reporting costs, the firm with the largest number of clients reported the highest costs, but number of clients did not always correlate uniformly with higher expected costs for the other firms.
Three of the four respondents to the vendor study indicated that they would incur costs to retire current regulatory reporting systems, with costs ranging from $500,000 to $5,000,000, with the firm with the highest expected retirement costs also having the highest current reporting costs. FTE requirements ranged from 1.5 ($250,000) to 23 ($7,200,000) FTEs.
Under Approach 1, two respondents expected ongoing maintenance to cost less than the maintenance of current regulatory reporting requirements, with the remaining two expecting higher costs. Under Approach 2, two respondents expected ongoing maintenance to cost less than the maintenance of current regulatory reporting requirements, one expected costs to be the same, and the final firm expected costs to be greater. All firms expected headcount associated with ongoing maintenance of the CAT to be less than under current reporting requirements.
Issuers
Issuers also benefit from an effective regulatory regime supported by a reliable and complete audit trail. Specifically, issuers may benefit from enhanced investor confidence associated with better and more efficient oversight. The increase in investor confidence may draw more investors into the market, relative to other investment opportunities that do not provide the same protections. Increasing the pool of investors willing to invest in a primary offering may manifest itself in a lower cost of capital. Increased investor participation in secondary trading may also increase demand in the primary market, as the increased interest would be associated with greater efficiency in pricing and lower adverse selection costs. To the extent that the issuers do not have independent reporting obligations to the Central Repository (i.e., they are not otherwise CAT Reporters), they are not anticipated to incur direct costs associated with the CAT NMS Plan.
Indirect Costs
The Participants recognize that in addition to direct costs, there may be indirect costs borne by parties as a result of the implementation of the CAT NMS Plan. As discussed further below, it is not possible for the Participants to quantify these costs, and as such, we present a qualitative discussion.
The Participants have identified at least three distinct ways for indirect costs to arise as a result of the implementation of the CAT NMS Plan. First, all CAT Reporters are subject to direct fees to pay for the creation, implementation, and maintenance of the CAT along with other direct costs to meet CAT NMS Plan obligations. CAT Reporters may endeavor to shift these fees and other costs to their clients. Where CAT Reporters can do so successfully, the clients bear an indirect cost arising from the CAT NMS Plan. Second, to the extent that the Commission and the Participants amend their surveillance programs in the presence of the Central Repository, the broker-dealers may incur costs to adjust their internal compliance programs. And third, as described more fully in Appendix C, Analysis of the Impact on Competition, Efficiency and Capital Formation, broker-dealer competition may be impacted if the direct and indirect costs associated with meeting the CAT NMS Plan's requirements materially impact the provision of their services to the public. Such a reduction in the provision of these services may impose an indirect cost on the public as well.
The Participants considered the potential for CAT Reporters to shift fees and other costs associated with the CAT NMS Plan. Participants may charge their members to cover the CAT NMS Plan costs either explicitly or subsume those costs in other fees or assessments. Broker-dealers may charge their clients for their own costs, whether incurred directly or indirectly, either through explicit fees associated with CAT or through their existing fee structures. This analysis does not measure either the likelihood of costs being passed from the Participant to the broker-dealers or from the broker-dealers to their clients, or the potential associated dollar impacts. The extent to which these costs may be passed on to clients is related to alternative sources of revenue available to the CAT Reporters, the materiality of those costs, and the ease with which clients can substitute away from any given Participant or broker-dealer. Participants note, however, that Participants and broker-dealers may currently have incentives and opportunity to shift regulatory compliance costs to their customers and that nothing in the CAT NMS Plan alters those incentives or the likelihood of those costs being passed on.
In addition, indirect costs to broker-dealers may arise as a result of the implementation of the CAT NMS Plan. First, broker-dealers may incur additional costs related to training and professional development, to equip the staff with the necessary knowledge necessary for compliance with the SEC Rule 613. Broker-dealers were specifically asked to consider these costs as part of their study response. Second, the enhanced and standardized data to be captured by the Central Repository is anticipated to increase the effectiveness of surveillance by regulators, which may impact broker-dealer compliance programs.
8. Estimate of Aggregate Direct Costs and the Allocation of Costs across CAT Reporters
Estimate of Aggregate Costs
In order to create the regulatory data infrastructure required by SEC Rule 613, this Plan proposes to build and maintain the CAT, along with resources necessary to generate regulatory reports and related analysis. CAT Reporters, including Participants and broker-dealers engaging in trading and quoting activities in Eligible Securities, will be jointly responsible for providing the capital to build and maintain the CAT. Costs eligible to be allocated jointly include any associated liabilities accrued during the planning and building phases of the project that are directly attributable to the CAT NMS Plan, for example, legal and consulting fees, and will be allocated according to the funding model described in Article XI of the CAT NMS Plan.
In order to calculate to the implementation and annual maintenance costs of the CAT, the Participants considered the relevant cost factors for the following entities: Plan Processor, Participants, broker-dealers (large and small) and vendors. All implementation costs reflected below are in dollar costs for the year they are expected to be incurred, while all maintenance costs are estimated for the fifth year after the approval of the CAT NMS Plan, when all CAT Reporters are expected to be live.
(1) Plan Processor
Implementation Costs. For implementation costs associated with the Plan Processor, the Participants reviewed the build costs received from the Shortlisted Bidders and identified the high and low costs to use as a component of the overall industry cost. The lowest cost received was $30,000,000 and the highest estimate received was $91,600,000.
Maintenance Costs. For maintenance costs associated with the Plan Processor, the Participants also reviewed the cost schedules received from the Shortlisted Bidders to build the range. To define the range of maintenance costs, the Participants reviewed the peak year maintenance costs from the Shortlisted Bidders. In addition to the costs received from the Shortlisted Bidders associated with the maintenance of operating and running the CAT, the Participants also included a yearly technical upgrade estimate to conservatively take into account changes in technology that may take place during the maintenance of the CAT. These additional costs begin at approximately 20% in year one, and slowly decrease to 5% during year five of operation. As such, the annual maintenance costs are estimated to range from $35,200,000 to $134,900,000.
Retirement of Systems Costs. The Plan Processor is not expected to incur costs related to the retirement of systems.
(2) Participants
Upon review of the requirements associated with Approach 1 and Approach 2, the Participants identified that they do not favor one approach over the other.
Implementation Costs. To estimate implementation costs for the Participants, the Participants used the aggregated results from the Costs to Participants Study. Based on the responses received from the Participants, the implementation of regulatory reporting is expected to cost $17,900,000 and the implementation of surveillance functions is estimated to cost $23,200,000.
Maintenance Costs. To estimate the maintenance costs for the Participants, the Participants reviewed the results from the Costs to Participants Study for regulatory reporting and surveillance costs. The Participants estimated that annual aggregate regulatory reporting costs would be equal to $14,700,000 and that annual aggregate surveillance maintenance costs would cost $87,700,000.
Retirement of Systems Costs. To estimate the costs related to the retirement of systems for the Participants, the Participants reviewed the results from the Costs to Participants Study for retirement of systems costs. The Participants estimated that costs associated with retirement of systems would be equal to $310,000.
(3) Broker-Dealers
Implementation and maintenance costs related to the CAT for broker-dealers were extrapolated from the results of the Costs to CAT Reporters Study. As described above, the Participants believe there to be approximately 1,800 broker-dealers that would be CAT Reporters. Of the 167 respondents to the Costs to CAT Reporters Study, 49 were large firms, and 118 were small firms, indicating a large to small firm ratio in the overall population of 29% to 71%. Applying this ratio to the total population of 1,800 broker-dealers, results in 522 large firms and 1,278 small firms. In comparing the costs between the two approaches, the Participants have identified that Approach 1 is more expensive than the Approach 2, which causes Approach 1 to form the upper bound of the broker-dealer cost range, and Approach 2 to form the lower bound of the broker-dealer cost range.
Implementation Costs. For Approach 1, large firm respondents estimated that implementation costs would be equal to $5,052,000 per firm, for a total estimated implementation cost of approximately $2.6 billion. Small firm respondents estimated that implementation costs for Approach 1 would be equal to $551,200 per firm, for a total estimated implementation cost of $740 million. For Approach 2, large firm respondents estimated that implementation costs would be equal to $4,738,000 per firm, for a total estimated implementation cost of approximately $2.5 billion, while small firms estimated implementation costs for Approach 2 to be equal to $461,000 per firm, for a total cost of $619 million. This results in a cost range of $2.5 billion to $2.6 billion for large firms, and a cost range of $619 million to $740 million for small firms for the implementation of the CAT.
Small firm total estimated implementation costs include a compound annual growth rate of 5% to account for increases in labor and operational costs over time. The rate was applied for one year, from the beginning of CAT reporting in year 1 through the expected incurring of build costs by small firms in the year prior to the start of their reporting (i.e., year 2). Because large firms report a year earlier than small firms and would incur most implementation costs in year 1, a similar rate has not been applied to their implementation costs.
Id.
Maintenance Costs. For Approach 1, large firm respondents estimated that maintenance costs would be equal to $3,662,000 per firm per year, for a total estimated annual maintenance cost of approximately $2.3 billion. Small firm respondents estimated that maintenance costs for Approach 1 would be equal to $475,600 per firm per year, for a total estimated annual maintenance cost of approximately $739 million. For Approach 2, large firm respondents estimated that maintenance costs would be equal to $3,148,000 per firm per year, for a total estimated annual maintenance cost of approximately $2.0 billion, while small firms estimated maintenance costs for Approach 2 to be equal to $441,500 per firm per year, for a total annual cost of approximately $686 million. This implies an annual cost range of approximately $2.0 billion to $2.3 billion for large firms, and an annual cost range of approximately $686 million to $739 million for small firms for maintenance of reporting to the Central Repository. These maintenance costs are discrete costs for the maintenance of CAT reporting, and are not intended to show incremental costs against current regulatory reporting requirements. Based on the Costs to CAT Reporters Study, Participants estimate these incremental costs to be negligible.
Large and small firm total estimated maintenance costs are estimated in year 5 to account for a steady state of reporting, and include a compound annual growth rate of 5% to account for increases in labor and operational costs over time. The rate was applied for four years, from the beginning of CAT reporting in year 1 through year 5.
Id.
Id.
Id.
Retirement of Systems Costs. To estimate the costs related to the retirement of systems for the broker dealers, the Participants reviewed the results from the Costs to CAT Reporters Study for retirement of systems costs. Large firm respondents estimated costs to be equal to $2,830,000, for a total retirement of systems cost equal to approximately $1.47 billion. Small firms estimated that costs related to the retirement of systems would cost $864,000, for a total retirement of systems cost of approximately $1.10 billion.
(4) Vendors
Implementation Costs. For implementation costs associated with Vendors, the Participants reviewed the aggregate build costs received from the Costs to Vendors Study and identified that Approach 1 would cost $118,200,000 to implement, while it would cost $51,600,000 to implement Approach 2.
Vendor cost estimates assume an annual cost per FTE of $401,440, consistent with the rate applied by the Commission in the Adopting Release.
Maintenance Costs. For maintenance costs associated with Vendors, the Participants also reviewed the cost schedules received from the Costs to Vendors Study. Vendors indicated an aggregate estimated annual cost of $38,600,000 for maintenance of Approach 1, and annual estimated maintenance costs of $48,700,000 for Approach 2.
The total estimated vendor maintenance costs include a compound annual growth rate of 5% to account for increases in labor and operational costs over time. The rate was applied for four years, from the beginning of broker-dealer CAT reporting in year one through year five.
Retirement of Systems Costs. Vendors indicated an aggregate cost of $21,300,000 for the retirement of existing regulatory reporting systems.
(5) Total Aggregate Costs
Based on the analysis of responses to the studies described above, and cost estimates provided by the Shortlisted Bidders, the Participants estimate the initial aggregate cost to the industry related to building and implementing the CAT would range from $3.2 billion to $3.6 billion. Estimated annual aggregate costs for the maintenance and enhancement of the CAT would range from $2.8 billion and $3.4 billion. Additionally, costs to retire existing systems would be approximately $2.6 billion.
Impacts of Not Receiving Requested Exemptions
On January 30, 2015, the Participants submitted a letter to request that the Commission grant exemptions, pursuant to its authority under Section 36 of the Exchange Act, from the requirement to submit a national market system plan that meets certain reporting requirements specified in SEC Rule 613(c) and (d). Specifically, the Participants requested exemptive relief related to: (1) options market maker quotes; (2) Customer-IDs; (3) CAT-Reporter-IDs; (4) linking executions to specific subaccount allocations on Allocation Reports; and (5) time stamp granularity. On September 2, 2015, the Participants supplemented their request with a supplemental request, clarifying its original requested exemption from the requirement in Rule 613(c)(7)(viii)(B) (including, in some instances, requesting an exemption from the requirement to provide an account number, account type and date account opened under Rule 613(c)(7)(viii)(B)).
First, SEC Rule 613(c)(7) requires both options market makers and the options exchanges to record and report the details of options market maker quotes received by the options exchanges to the Central Repository. The Participants requested that the Commission provide the Participants with an exemption so that only options exchanges would record and report details for each options market maker quote and related Reportable Event to the Central Repository, while options market makers would be relieved of their obligation to record and report their quotes and related Reportable Events to the Central Repository. The Participants estimated that having both parties report options market maker quotes to the CAT would impose significant costs on the Plan Processor due to increased data storage and technical infrastructure, and on the options market makers due to a higher volume of reporting obligations. The Participants estimated that having both parties report options market maker quotes to the CAT would increase the size of data submitted to the CAT by approximately 18 billion records each day. Bidders estimated that requiring dual reporting of options market maker quotes would, over a five year period, lead to additional costs of between $2 million and $16 million for data storage and technical infrastructure for the Plan Processor. In addition, according to the results of a cost study conducted by three industry associations, the cost to options market makers to meet their quote reporting obligations ranges from $307 million to $382 million over a five year period.
Cost Survey Report on CAT Reporting of Options Quotes by Market Makers, conducted by the Financial Information Forum, Securities Industry and Financial Markets Association and Securities Traders Association (Nov. 5, 2013); available at http://catnmsplan.com/web/groups/catnms/@catnms/documents/appsupportdocs/p601771.pdf .
Second, Rule 613(c)(7) requires each CAT Reporter to record and report “Customer-ID(s) for each customer” when reporting order receipt or origination information to the Central Repository. The Commission noted that including a unique customer identifier could enhance the efficiency of surveillance and regulatory oversight. The Participants, however, favor the Customer Information Approach, that would require broker-dealers to provide detailed account and Customer information to the CAT, and have the Plan Processor correlate the Customer information across broker-dealers, assign a unique Customer identifier to each Customer and use that unique Customer identifier consistently across all CAT Data. The Participants believe that the Customer-ID approach imposes a significant cost burden on market participants and on the Plan Processor. According to cost estimates provided by the DAG, the cost for the top 250 CAT reporters to implement the Customer-ID as required in SEC Rule 613 would be at least $195 million. The Participants believe that this cost estimate is conservative, since it only represents the cost estimate for 11% of the total broker-dealers that are expected to be CAT Reporters.
Cost estimates provided by the DAG on topics where the Participants have requested exemptive relief can be found at: http://catnmsplan.com/web/groups/catnms/@catnms/documents/appsupportdocs/p602494.pdf .
Third, SEC Rule 613(c)(7) requires that a CAT-Reporter-ID be reported to the Central Repository for each order and Reportable Event, so that regulators can determine which market participant took action with respect to an order at each Reportable Event. The Participants, however, have proposed to leverage existing business practices and identifiers (“Existing Identifier Approach”), rather than requiring new identifiers be established, as the former is deemed more efficient and cost-effective in implementing the CAT-Reporter-ID. The Participants believe that the CAT-Reporter-ID approach would impose a material cost burden on broker-dealers and Participants, as compared to the Existing Identifier Approach, since it would require major changes to broker-dealer systems. According to cost estimates provided by the DAG, the cost for the 250 largest CAT Reporters to implement the CAT-Reporter-ID as required by SEC Rule 613 would be $78 million.
Fourth, Rule 613(c)(7) requires each CAT Reporter to record and report the “the account number for any subaccounts to which the execution is allocated (in whole or part)” if an order is executed. The Participants acknowledge that this information is useful to regulators to fulfill their obligations to protect investors. However, the Participants estimate that meeting the obligations of the Rule would be unduly burdensome and costly to achieve given the existing allocation practices. As an alternative, the Participants proposed that allocations will be reported by CAT Reporters via a tool described as an Allocation Report. To create linkages from the order execution to the allocation process by means of an order identifier, the broker-dealers would be required to perform extensive re-engineering of their front, middle, and back office systems, and thus incur significant costs. According to cost estimates provided by the DAG, the cost for the 250 largest CAT Reporters to link allocations to executions would be $525 million.
Finally, Rule 613(d) requires the recording and reporting of the time of certain Reportable Events to the Central Repository with time stamps at least to the millisecond. The Participants understand that time stamp granularity to the millisecond reflects current industry standards with respect to electronically-processed events in the order lifecycle. However, due to the lack of precision, the industry practice with respect to manual orders is to capture manual time stamps with granularity at the level of one second. The Participants believe that compliance with the time stamp granularity requirements of the Plan for Manual Order Events would result in added costs to the industry as there may be a need to upgrade databases, internal messaging applications/protocols, data warehouses, and reporting applications to enable the reporting of such time stamps to the Central Repository. The Participants estimate that the total minimum cost to the industry to comply with a singular time stamp requirement for all CAT reporting would be approximately $10.5 million. This estimate is based on a current cost of $1,050 per manual timestamp clock which stamps to the second, with approximately 10,000 clocks requiring replacement across the industry. Upgrading this to millisecond granularity would likely add to the cost to the industry.
Allocation of Costs Across CAT Reporters
Article XI of the CAT NMS Plan provides the process for determining the funding of the Company. In general, the Participants' approach to funding of the Company is: (A) to operate the Company on a break-even basis, which means having fees imposed and collected that cover the Company's costs and an appropriate reserve; and (B) to establish a fee structure that is equitable based on funding principles. Such equitable funding principles include: (1) to create transparent, predictable revenue streams aligned with anticipated costs; (2) to allocate costs among Participants and Industry Members taking into account the timeline for implementation of the CAT and the distinctions in the securities trading operations of Participants and Industry Members and their impact on the Company's resources and operations; (3) to establish a tiered fee structure in which there is general comparability in the level of fees charged to CAT Reporters with the most CAT-related activity as measured by market share for Execution Venues, including ATSs, and by message traffic for non-ATS activities of Industry Members, where, for these comparability purposes, the tiered fee structure takes into consideration affiliations between or among CAT Reporters, whether Execution Venues and/or Industry Members; (4) to provide ease of administrative functions; (5) to avoid disincentives such as burdens on competition and reduction in market quality; and (6) to build financial stability for the Company as a going concern.
See Section 11.2 of the CAT NMS Plan.
See id.
Based on these principles, the Operating Committee will establish the Company's funding, which is expected to arise primarily from fees charged to Participants and Industry Members. The Participants have sought input from the DAG as to the specific types of fees. Accordingly, the Participants propose to include the following fee types: (i) fixed fees payable by each Execution Venue that trades NMS Securities and OTC Equity Securities based on its market share (establishing two to five tiers of fixed fees); (ii) fixed fees payable by each Execution Venue that trades Listed Options (as defined in Rule 600(b)(35) of Regulation NMS) based on its market share (establishing two to five tiers of fixed fees); (iii) fixed fees payable by each Industry Member based on message traffic generated by such Industry Member (for the avoidance of doubt, the fixed fees payable by Industry Members pursuant to this paragraph shall, in addition to any other applicable message traffic, include message traffic generated by: (i) an ATS that does not execute orders that is sponsored by such Industry Member; (ii) routing orders to and from any ATS sponsored by such Industry Member); and (iii) ancillary fees (e.g., fees for late or inaccurate reporting, corrections, and access and use of the CAT for regulatory and oversight purposes).
See Section 11.3 (a)-(c) of the CAT NMS Plan.
The Operating Committee will use two different criteria to establish fees—market share for Execution Venues, including ATSs, and message traffic for Industry Members' non-ATS activities—due to the fundamental differences between the two types of entities. While there are multiple factors that contribute to the cost of building, maintaining and using the CAT, Bidders stated during workshops and in response to specific questions posed by the Participants that processing and storage of incoming message traffic is one of the most significant cost drivers for the CAT. Thus, the Participants believe that basing fees on message traffic for non-Execution Venue Industry Members is consistent with an equitable allocation of the costs of the CAT. On the other hand, message traffic would not provide the same degree of differentiation between Participants that it does for Industry Members. Because the majority of message traffic at the Participants consists of quotations, and Participants usually disseminate quotations in all instruments they trade, regardless of execution volume, Execution Venues that are Participants generally disseminate similar amounts of message traffic. In contrast, execution volume more accurately delineates the different levels of trading activity of the Participants. For these reasons, the Participants believe that market share is the appropriate metric to use in establishing fees for Participants. Moreover, given the similarity between the activity of exchange Participants and ATSs, both of which meet the definition of an “exchange” as set forth in the Exchange Act, the Participants believe that ATSs should be treated in the same manner as the exchange Participants for the purposes of determining the level of fees associated with the CAT.
Market share for Execution Venues is defined as the total trade volume executed on an individual Execution Venue as a percentage of total trades executed across all Venues.
Costs are allocated across the different types of CAT Reporters (broker-dealers, Execution Venues) on a tiered basis, in order to equitably allocate costs to those CAT Reporters that contribute more to the costs of creating, implementing and maintaining the CAT. The fees to be assessed at each tier are calculated so as to recoup a proportion of costs appropriate to the message traffic from firms in each tier. Therefore, larger broker-dealers, generating the majority of message traffic, will be in the higher tiers, and therefore be charged a higher fee. Smaller broker-dealers with low levels of message traffic will be in lower tiers and will be assessed a minimal fee for the CAT. The Participants estimate that up to 75% of broker-dealers will be in the lower tiers of the Funding Model.
All fees under Article XI charged directly to Participants and indirectly to Industry Members will be reviewed by the Operating Committee at least annually. All proposed fees to be charged to Industry Members by Participants will be filed with the Commission pursuant to Section 19(b) of the Exchange Act. In addition, all disputes with respect to the fees the Company charges Participants will be resolved by the Operating Committee or a Subcommittee designated by the Operating Committee, subject to the right of Participants to seek redress from the Commission pursuant to SEC Rule 608 or in any other appropriate forum. The Participants will adopt rules requiring that disputes with respect to fees charged to Industry Members will be resolved by the Operating Committee or a Subcommittee, subject to the right of any Industry Member to seek redress from the SEC pursuant to SEC Rule 608 or in any other appropriate forum.
See Section 11.3(d) of the CAT NMS Plan.
See Section 11.1(b) of the CAT NMS Plan.
See Section 4.1 and Section 11.5 of the CAT NMS Plan.
See id.
[Section 8.5 of the CAT NMS Plan addresses the very limited situations in which the Company may need to make distributions of cash and property of the Company to the Participants. Any distribution to the Participants requires approval by a Supermajority Vote of the Operating Committee. The Participants do not expect any distributions to be made to them except in two possible situations. One situation is if the Participants incur tax liabilities due to their ownership of the Company. An example of tax liabilities being incurred would be if the Company generates profits. Those profits could be taxable to the Participants even if the profits are not distributed to the Participants. In such situation, the Participants could be taxed on amounts they have not received, in which case the Company would make distributions to the Participants, but only to the extent to permit each Participant to pay its incurred tax liability. As discussed, the Participants do not expect the Company to generate profits and rather expect the Company to operate on a break-even basis. The other situation that may require distributions to the Participants would be if the Company dissolves. In that situation, the Company's assets would be distributed first to the Company's creditors such as the Plan Processor or other third parties, second to a reserve for contingent or future liabilities (such as taxes), and third (assuming there are any amounts remaining) to the Participants in proportion to their Capital Accounts. Each Participant is expected to make a nominal contribution of cash or services to its Capital Account at the beginning of the operation of the CAT System. Therefore, any distribution to the Participant of an amount equal to its Capital Account would be limited to the nominal amount contributed. Other than these two limited situations, the Participants do not expect the Company to make any distributions.]
See Section 8.5(a) of the CAT NMS Plan.
The CAT NMS Plan contemplates that the Plan Processor will be responsible for developing and executing administrative processes and procedures to effectuate the smooth functioning of the CAT, consistent with the principles articulated in Article XI. These processes and procedures would include, but are not limited to, establishing budget, notice, billing and collection cycles that provide transparency, predictability and ease of administrative functions to CAT reporters. Criteria and schedules for ancillary fees that might be collected pursuant to Article XI are also anticipated to be published by the Operating Committee.
In articulating the funding principles of the CAT NMS Plan, Participants have established the need for the CAT NMS Plan to, among other things: (1) create transparent, predictable revenue streams for the Company that are aligned with the anticipated costs to build, operate, and administer the CAT and the other costs of the Company; and (2) provide for ease of billing and other administrative functions. The funding principles articulated in Article XI should also inform the policies and procedures adopted by the Operating Committee in executing the associated functions. To that end, to promote fairness and transparency with respect to fees, the Participants expect that the Operating Committee will adopt policies, procedures, and practices around budgeting, assignment of tiers, adjudicating disputes, billing, and collection of fees that provide appropriate transparency to all CAT Reporters. Participants expect that policies or procedures adopted to implement the administration of fee allocation and collection among CAT Reporters would be subject to comment by impacted parties before adoption.
9. Alternatives Considered
Technical Solution
SEC Rule 613(a)(1)(xii) directs Participants to discuss reasonable alternative approaches to creating, implementing and maintaining the CAT. As part of the development of the CAT NMS Plan, the Participants considered a variety of alternatives with respect to technical and user support considerations. The technical considerations include: primary storage, data ingestion format, development process, quality assurance staffing and user support staffing. The analysis presented in Appendix C, D.12, below, describes alternative approaches considered for each technical consideration and the ultimate choice of the CAT NMS Plan based on factors that consider feasibility, cost and efficiency.
In addition, the questions included in the Costs to CAT Reporters Study described above permitted the Participants to evaluate cost considerations to Industry Members associated with two different technical formats for reporting audit trail data to the Central Repository. One approach might permit broker-dealers to submit information data to the Central Repository using their choice among existing industry protocols, such as FIX. The second approach provided a scenario where CAT Reporters would submit relevant data to the Central Repository using a defined or specified format, such as an augmented version of OATS.
Funding Model
As discussed above, Article XI of the CAT NMS Plan sets forth the provisions for establishing the funding of the Company and recovering the costs of operating the CAT. The Participants recognize that there are a number of different approaches to funding the CAT and have considered a variety of different funding and cost allocation models. Each model has its potential advantages and disadvantages. For example, a structure in which all CAT Reporters are charged a fixed fee regardless of reportable activity would provide CAT Reporters greater certainty regarding their fee obligations, but may place undue burden on small CAT Reporters. A variable fee structure focused on specific reportable information may make it easier for Industry Members to pass fees to their customers. However, such fees would be more complex and difficult to administer. Participants were particularly sensitive to the possibility that the fee structure might create distortions to the economic activities of CAT Reporters if not set appropriately.
The Participants considered alternatives to cost allocation ranging from a strict pro-rata distribution, regardless of the type or size of the CAT Reporters, to a distribution based purely on CAT Reporter activity. Participants also considered a variety of ways to measure activity, including notional value of trading (as currently used for purposes of Section 31 fees), number of trades or quotations, and all message traffic sent. Further, Participants considered the comparability of audit trail activity across different Eligible Securities. The Participants discussed the potential approaches to funding, including the principles articulated in Article XI and an illustrative funding model, with the DAG multiple times, beginning on September 3, 2014.
After extensive analysis and taking into consideration feedback from the DAG, the Participants determined that a tiered fixed fee structure would be fair and relatively uncomplicated. The Participants discussed several approaches to developing a tiered model, including defining fee tiers based on such factors as size of firm, message traffic or trading dollar volume. For example, a review of OATS data for a recent month shows the wide range in activity among broker-dealers, with a number of broker-dealers submitting fewer than 1,000 orders for the month and other broker-dealers submitting millions and even billions of orders in the same period. The Participants also considered a tiered model where CAT Reporters would be charged different variable fees based on tier assignment. However, the Participants believe a tiered fixed fee model is preferable to a variable model because a variable model would lack the transparency, predictability, and ease of calculation afforded by fixed fees. Such factors are crucial to estimating a reliable revenue stream for the Company and to permitting CAT Reporters to reasonably predict their obligations. Moreover, the Participants believe that the tiered approach would help ensure that fees are equitably allocated among similarly situated CAT Reporters and would further the goal of the Participants to lessen the impact on smaller firms. Irrespective of the approach taken with fees, the Participants believe that revenues generated should be aligned to the costs of building, implementing and maintaining the CAT, and if revenues collected are in excess of costs for any given year, such excess should be considered in setting fees for the following year.
Finally, the Participants believe that it is important to establish a simple fee structure that is easy to understand and administer. The Participants are committed to establishing and billing fees so that Industry Members will have certainty and the ability to budget for them. In that regard, the CAT NMS Plan expressly provides that the Operating Committee shall not make any changes to any fees on more than a semi-annual basis unless, pursuant to a Supermajority Vote, the Operating Committee concludes that such change is necessary for the adequate funding of the Company.
See Section 11.3(d) of the CAT NMS Plan.
An Analysis of the Impact on Competition, Efficiency, and Capital Formation (SEC Rule 613(a)(1)(viii))
As required by SEC Rule 613(a)(1)(viii), this section provides an analysis of the impact on competition, efficiency and capital formation of creating, implementing, and maintaining the CAT NMS Plan. In recognition of the complexity of this analysis, the Participants have evaluated a variety of sources of information to assist in the analysis of the impact of the CAT NMS Plan on competition, efficiency and capital formation. Specifically, the Participants have evaluated the many comments related to competition, efficiency and capital formation received in response to the Commission's proposal of SEC Rule 613 and during the CAT NMS Plan development process. In addition, the Participants considered the input of the DAG. Finally, the Participants used information derived from three cost studies described in the prior section on costs. Based on a review and analysis of these materials, the Participants believe that the CAT NMS Plan, as submitted, is justified given its estimated impacts on competition, efficiency and capital formation.
Impact on Competition
Through an analysis of the data and information described above, the Participants have evaluated the potential impact of the CAT NMS Plan on competition, including the competitive impact on the market generally and the competitive impact on each type of Person playing a role in the market (e.g., Participants, broker-dealers, vendors, investors). Potential negative impacts on competition could arise if the CAT NMS Plan were to burden a group or class of CAT Reporters in a way that would harm the public's ability to access their services, either through increasing costs or decreased provision of those services. These impacts may be direct, as in the provision of brokerage services to individual investors, or indirect, as in the aggregate costs of managing, trading and maintaining a securities holding. These impacts should be measured relative to the economic baseline, described above.
The Participants have identified a series of potential impacts on competition that may arise as a result of the terms and conditions of the CAT NMS Plan. These potential impacts may be related to: (1) the technology ultimately used by the CAT and differences across CAT Reporters in their efforts necessary to meet the CAT NMS Plan's requirements; (2) the method of cost allocation across CAT Reporters; and (3) changes in regulatory reporting requirements, and their attendant costs, particularly to smaller entities, who may previously have benefited from regulatory exemptions.
In general, the Participants believe that the CAT NMS Plan will avoid disincentives such as placing an inappropriate burden on competition in the U.S. securities markets. The discussion below focuses on competition in the Participant and broker-dealer communities, where the Participants believe there is the greatest potential for impact on competition.
10. Participants
The Participants already incur significant costs to maintain and surveil an audit trail of activity for which they are responsible. Each Participant bears these costs whether it expends internal resources to monitor relevant activity itself, or whether it contracts with others to perform these services on its behalf. The CAT NMS Plan, through the funding principles it sets forth in Section 11.2, seeks to distribute the regulatory costs associated with the development and maintenance of a meaningful and comprehensive audit trail in a principled manner. By calibrating the CAT NMS Plan's funding according to these principles, the Participants sought to avoid placing undue burden on exchanges relative to their core characteristics, including market share and volume of message traffic. Thus, the Participants do not believe that any particular exchange in either the equities or options markets would be placed at a competitive disadvantage in a way that would materially impact the respective Execution Venue marketplaces for either type of security.
In addition, because the CAT NMS Plan seeks to allocate costs in a manner consistent with the Participants' activities, the Participants do not believe that it would discourage potential new entrants. For instance, an equity ATS—which would already incur costs under the CAT NMS Plan as a reporting broker-dealer—should not be discouraged from becoming a national securities exchanges because of the costs it would incur as a Participant based on its business model or pricing structure. As proposed here, the entity would be assessed exactly the same amount for a given level of activity whether it acted as an ATS or as an exchange. Accordingly, the Participants do not believe that adoption of the CAT NMS Plan would favor existing exchanges or types of exchanges vis-à-vis potential new competitors in a way that would degrade available Execution Venue services or pricing. For similar reasons, the Participants also do not believe that the costs of the CAT NMS Plan would distort the marketplace for existing or potential registered securities associations.
11. Broker-Dealers
Broker-dealer competition may be impacted if the direct and indirect costs associated with meeting the CAT NMS Plan's requirements materially impact the provision of their services to the public. Further, competition may be harmed if a particular class or group of broker-dealers bears the costs disproportionately, and as a result, investors have more limited choices or increased costs for certain types of broker-dealer services.
For larger broker-dealers, the Participants rely on the information obtained from the Costs to CAT Reporters Study and discussions with the industry to preliminarily conclude that the CAT NMS Plan will not likely have an adverse impact on competition. Under the CAT NMS Plan, broker-dealers would be assessed charges, as determined by the Operating Committee, for the build and maintenance of the CAT. They would also incur costs to build and maintain systems and processes necessary to submit and retain their own information to the Central Repository. The Participants' efforts to align costs with market activity leads to an outcome where dollar costs are borne significantly more by larger entities.
Additionally, large broker-dealers may view themselves as direct competitors to large Participants, in that they may provide similar execution services. The CAT NMS Plan seeks to mitigate competitive impacts by aligning the cost allocation in a manner that seeks comparability among the largest CAT Reporters regardless of their regulatory status.
There is empirical evidence that firms' order routing decisions respond to changes in trading fees. Such evidence finds that an increase in the level of an exchange's net fee is associated with a decrease in trading volume and market share relative to other exchanges. This evidence suggests that there is sufficient competition among Execution Venues such that where the Participant's costs for the CAT are material it may be difficult for Execution Venues to fully pass those costs to broker-dealers. This argument holds as long as broker-dealers are not able to pass such costs on to their customers. See Cardella et al., Make and Take Fees in the U.S. Equity Market (working paper, Apr. 29, 2013), available at http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2149302 .
According to the Costs to CAT Reporters Study, for large broker-dealers, the average decrease in maintenance costs associated with the CAT (i.e., the cost that CAT would impose on firms beyond the current economic baseline) would be $651,924, and the average decrease in maintenance costs for small firms would be $726,216 using Approach 1. For Approach 2, large broker-dealers would see a decrease in maintenance costs associated with the CAT of $1,170,548, and small firms would see a decrease in the same costs of $763,371. These averages could suggest that the decreased costs imposed by the CAT would represent a benefit to both large and small broker-dealers' regulatory budgets. The Participants believe that the CAT NMS Plan would not materially disadvantage small broker-dealers versus large broker-dealers.
For small broker-dealers, the Participants considered their contribution to market activity as an important determinant of the amount of the cost of the CAT that they should bear. While this allocation of costs may be significant for some small firms, and may even impact their business models materially, SEC Rule 613 requires these entities to report. The Participants have not identified a way to further minimize the costs to these firms within the context of the funding principles established as part of the CAT NMS Plan.
The Participants were particularly sensitive during the development of the CAT NMS Plan to the potential burdens it could place on small broker-dealers. These broker-dealers may incur minimal costs under existing audit trail requirements because they are OATS-exempt or excluded broker-dealers or limited purpose broker-dealers. The Participants note that the CAT NMS Plan contemplates steps to diffuse the potential cost differential between large and small firms. For instance, small broker-dealers generally will have an additional year before they are required to start reporting data under the CAT NMS Plan to the Central Repository. This will permit these firms greater time to implement the changes to their own systems necessary to comply with the Plan. Furthermore, the Participants have sought exemptive relief concerning time stamps for recording the time of Manual Order Events.
The Participants are cognizant that the method by which costs are allocated to broker-dealers may have implications for their business models that might ultimately impact competition. For instance, if the method of cost allocation created disincentives to quoting activity, certain broker-dealer's business models might be affected more greatly than others. The Participants are unable to determine whether and how changing these incentives may impact competition. Participants intend to monitor changes to overall market activity and market quality and consider appropriate changes to the cost allocation model where merited.
The Participants note that if the exemption requests that have been submitted to the Commission are not granted, the requirements of SEC Rule 613 may impose significantly greater costs that could potentially cause small broker-dealers to exit the marketplace, discourage new entrants to the small broker-dealer marketplace, or impact the broker-dealer landscape in other ways that may dampen competitive pressures.
Impact on Efficiency
Through an analysis of the data and information described above, the Participants have evaluated the impact of the CAT NMS Plan on efficiency, including the impact on the time, resources and effort needed to perform various regulatory and other functions. In general, the Participants believe that the CAT NMS Plan should have a net positive effect on efficiency.
Overall, the Participants believe that the CAT NMS Plan could improve market efficiency by reducing monitoring costs and increasing efficiency in the enforcement of Participant and Commission rules. Additionally, the Participants believe that the CAT will enable the Participants and the Commission to detect more quickly wrongdoing on a cross-market basis, which may deter some market participants from taking such actions. For example, FINRA's equity cross-market surveillance patterns have already demonstrated the value of integrating data from multiple markets. FINRA has found that approximately 44 percent of the manipulation-based alerts it generated involved conduct on two or more equity markets and 43 percent of the alerts involved conduct by two or more market participants. A reduction in prohibited activity, as well as faster identification of such activity by regulators, would lead to a reduction in losses to investors and increased efficiency.
Remarks of Robert Ketchum, Chairman and Chief Executive Officer, FINRA (Sept. 17. 2014), available athttp://www.finra.org/Newsroom/Speeches/Ketchum/P600785 .
The CAT could also create more focused efficiencies for broker-dealers and Participants by reducing the redundant and overlapping systems and requirements identified above. For all CAT Reporters, the standardization of various technology systems will provide, over time, improved process efficiencies, including efficiencies gained through the replacement of outdated processes and technology with cost saving and related staffing reductions. Standardization of systems will improve efficiency, for both Participants and broker-dealers, in the form of resource consolidation, sun-setting of systems, consolidated legacy systems and processes and consolidated data processing. In addition, more sophisticated monitoring may reduce the number of ad hoc information requests, thereby reducing the overall burden and increasing the operational efficiency of CAT Reporters.
CAT Reporters may also experience various long term efficiencies from the increase in surveillance capabilities, such as greater efficiencies related to administrative functions provided by enhanced regulatory access, superior system speed and reduced system downtime. Moreover, the Commission and the Participants expect to have more fulsome access to unprocessed regulatory data and timely and accurate information on market activity, thus providing the opportunity for improved market surveillance and monitoring.
Note, however, that uniform reporting of data to the Central Repository may require the development of data mapping and data dictionaries that will impose burdens in the short term. CAT Reporters also may incur additional time and direct costs to comply with new encryption mechanisms in connection with the transmission of PII data (although the quality of the process will improve).
The Participants are cognizant that the method by which costs are allocated to broker-dealers may have implications for their business models that might ultimately impact efficiency. For instance, if the method of cost allocation created disincentives to the provision of liquidity, there may be an impact on the quality of the markets and an increase in the costs to investors to transact. As a result, the Participants set forth the funding principles that will guide the selection of the cost allocation model. The Participants have also sought out evidence available to best understand how cost allocation models may impact market participation, and more importantly, ultimately market outcomes.
See, e.g., IIROC's analysis of its market regulation fee model, available at http://www.iiroc.ca/Documents/2011/5f95e549-10d1-473e-93cf-3250e026a476_en.pdf[iiroc.ca] and http://www.iiroc.ca/Documents/2012/bf393b26-7bdf-49ff-a1fc-3904d1de3983_en.pdf[iiroc.ca] .
The Participants intend to monitor changes to overall market activity and market quality and will consider appropriate changes to the cost allocation model where merited.
Impact on Capital Formation
Through an analysis of the data and information described above, the Participants also have assessed the impact of the CAT NMS Plan on capital formation, including the impact on both investments and the formation of additional capital. In general, the Participants believe that the CAT NMS Plan will have no deleterious effect on capital formation.
In general the Participants believe that the enhanced surveillance of the markets may instill greater investor confidence in the markets, which, in turn, may prompt greater participation in the markets. It is possible that greater investor participation in the markets could bolster capital formation by supporting the environment in which companies raise capital.
Moreover, the Participants believe that the CAT NMS Plan would not discourage capital formation. As discussed in greater detail above, the Participants have analyzed the degree to which the CAT NMS Plan should cover Primary Market Transactions. Based on this analysis, the Participants believe that the CAT NMS Plan has been appropriately tailored so it does not create an undue burden on the primary issuances that companies may use to raise capital.
In addition, the Participants do not believe that the costs of the CAT NMS Plan would come to bear on investors in a way that would materially limit their access to or participation in the capital markets.
Finally, the Participants believe that, given the CAT NMS Plan's provisions to secure the data collected and stored by the Central Repository, the CAT NMS Plan should not discourage participation by market participants who are worried about data security and data breaches. As described more fully in the CAT NMS Plan and Appendix C, The Security and Confidentiality of the Information Reported to the Central Repository, and Appendix D, Data Security, the Plan Processor will be responsible for ensuring the security and confidentiality of data during transmission and processing, as well as at rest, and for ensuring that the data is used only for permitted purposes. The Plan Processor will be required to provide physical security for facilities where data is transmitted or stored, and must provide for the security of electronic access to data by outside parties, including Participants and the Commission, CAT Reporters, or Data Submitters. The Plan Processor must include in these measures heightened security for populating, storing, and retrieving particularly sensitive data such as PII. Moreover, the Plan Processor must develop and maintain this security program with a dedicated staff including, among others, a Chief Information Security Officer dedicated to monitoring and addressing data security issues for the Plan Processor and Central Repository, subject to regular review by the Chief Compliance Officer. The Plan Processor also will be required to provide regular reports to the Operating Committee on a number of items, including any data security issues for the Plan Processor and Central Repository.
Impacts of the CAT NMS Plan Governance on Efficiency, Competition, and Capital Formation
Participants considered the impacts of the CAT NMS Plan governance on efficiency, competition, and capital formation. Participants recognize that without effective governance, it will become harder for the CAT NMS Plan to achieve its intended outcome, namely, enhanced investor protection, in an efficient manner. Participants specifically considered two areas where ineffective governance might lead to economic distortions or inefficiencies: (i) the voting protocols defined in the CAT NMS Plan both for Participants in developing the CAT, and for the Operating Committee after the adoption of the CAT NMS Plan; and (ii) the role of industry advisors within the context of CAT NMS Plan governance.
Participants understand that there may be detrimental impacts to adopting voting protocols that might impede the effective administration of the CAT System. For instance, too high a threshold for decision making may limit the ability of the body to adopt broadly agreed upon provisions. The extreme form of this would have been for the CAT NMS Plan to require unanimity on all matters. In such case, one dissenting opinion could effectively derail the entire decision-making apparatus. The inability to act in a timely way may create consequences for efficiency, competition, and capital. Conversely, if Participants set a voting threshold that is too low, it might have the impact of not giving sufficient opportunity to be heard or value to dissenting opinions and alternative approaches. As an example, if Participants were to set voting thresholds too low, it might be possible for a set of Participants to adopt provisions that might provide them a competitive advantage over other Participants. Either forms (a too high or too low threshold) could result in negative impacts to efficiency, competition, and capital formation. These issues apply in the context of efforts of the Participants to develop the CAT NMS Plan submitted here or in the context of the Operating Committee's responsibilities after approval of the CAT NMS Plan.
To address these concerns, Participants carefully considered which matters should require a Supermajority Vote and which matters should require a Majority Vote. The decision required Participants to balance the protection of rights of all parties with the interest of avoiding unnecessary deadlock in the decision making process. As a result, Participants have determined that use of a Supermajority Vote should be for instances considered by the Participants to have a direct and significant impact on the functioning, management, and financing of the CAT System. This formulation, relying on Majority Vote for routine decisions and Supermajority Vote for significant matters, is intended to meet the Commission's direction for “efficient and fair operation of the NMS plan governing the consolidated audit trail.”
Further discussion of the Participants' consideration of the use of the Majority Vote and Supermajority Vote is contained in Appendix C, 11, Process by Which Participants Solicited Views of Members and Other Appropriate Parties Regarding Creation, Implementation, and Maintenance of CAT; Summary of Views; and How Sponsors Took Views Into Account in Preparing NMS Plan (SEC Rule 613(a)(1)(xi)).
Adopting Release at 45787.
Participants also considered the role of industry representation as part of the governance structure. Participants recognize the importance of including industry representation in order to assure that all affected parties have a representative in discussing the building, implementation, and maintenance of the CAT System. Participants actively sought insight and information from the DAG and other industry representatives in developing the CAT NMS Plan. The CAT NMS Plan also contemplates continued industry representation through an Advisory Committee, intended to support the Operating Committee and to promote continuing efficiency in meeting the objective of the CAT.
Implementation and Milestones of the CAT
9. A Plan to Eliminate Existing Rules and Systems (SEC Rule 613(a)(1)(ix))
As required by SEC Rule 613(a)(1)(ix), this section sets forth a plan to eliminate rules and systems (or components thereof) that will be rendered duplicative by the consolidated audit trail, including identification of such rules and systems (or components thereof); to the extent that any existing rules or systems related to monitoring quotes, orders and executions provide information that is not rendered duplicative by the consolidated audit trail, an analysis of, among other things, whether the collection of such information remains appropriate; if still appropriate whether such information should continue to be separately collected or should instead be incorporated into the CAT; or if no longer appropriate, how the collection of such information could be efficiently terminated.
The systems and rules identified for retirement (in full or in part) include: FINRA's OATS Rules (7400 Series), the rules of other Participants that incorporate FINRA's OATS requirements (e.g. NASDAQ Rule 7000A Series, BX Rule 6950 Series, PHLX Rule 3400 Series, NYSE Rule 7400 Series, NYSE Arca Equities Rule 7400 Series, and NYSE MKT Rule 7400 Series), COATS and associated rules, NYSE Rule 410(b), PHLX Rule 1022, CBOE Rule 8.9, EBS and associated rules, C2 Rule 8.7, and CHX BrokerPlex reporting (Rule 5).
See SEC Rule 613—Consolidated Audit Trail (CAT) Preliminary EBS-CAT Gap Analysis, available at http://catnmsplan.com/web/groups/catnms/@catnms/documents/appsupportdocs/p450537.pdf.
See FIF CAT WG: Preliminary Large Trader Rule (Rule 13h-1)—CAT (Rule 613) Gap Analysis (Feb. 11, 2014), available at https://fif.com/fif-working-groups/consolidated-audit-trail/member-resources/current-documents?download=1221:february-11-2014-fif-cat-wg-preliminary-large-trader-rule-rule-13h-1-cat-rule-613-gap-analysisstart=35.
Order Audit Trail System (“OATS”)
The OATS Rules impose obligations on FINRA members to record in electronic form and report to FINRA, on a daily basis, certain information with respect to orders originated, received, transmitted, modified, canceled, or executed by members relating to OTC equity securities and NMS Securities. OATS captures this order information and integrates it with quote and transaction information to create a time-sequenced record of orders, quotes, and transactions. This information is then used by FINRA staff to conduct surveillance and investigations of member firms for potential violations of FINRA rules and federal securities laws. In general, the OATS Rules apply to any FINRA member that is a “Reporting Member,” which is defined in Rule 7410 as “a member that receives or originates an order and has an obligation to record and report information under Rules 7440 and 7450.”
See FINRA Rule 7410(l).
Other SROs have rules requiring their members to report information pursuant to the OATS Rules. See, e.g., NYSE Rule 7400 Series; NASDAQ Rule 7400 Series.
Although FINRA is committed to retiring OATS in as efficient and timely a manner as practicable, its ability to retire OATS is dependent on a number of events. Most importantly, before OATS can be retired, the Central Repository must contain CAT Data sufficient to ensure that FINRA can effectively conduct surveillance and investigations of its members for potential violations of FINRA rules and federal laws and regulations, which includes ensuring that the CAT Data is complete and accurate. Consequently, one of the first steps taken by the Participants to address the elimination of OATS was an analysis of gaps between the informational requirements of SEC Rule 613 and current OATS recording and reporting rules. In particular, SEC Rule 613(c)(5) and (6) require reporting of data only for each NMS Security that is (a) registered or listed for trading on a national securities exchange; (b) or admitted to unlisted trading privileges on such exchange; or (c) for which reports are required to be submitted to the national securities association. SEC Rule 613(i) requires the Participants to provide to the Commission within six months after the Effective Date a document outlining how the Participants could incorporate into the consolidated audit trail information with respect to equity securities that are not NMS Securities (“OTC Equity Securities”) and debt securities (and Primary Market Transactions in such securities). Even though SEC Rule 613 does not require reporting of OTC Equity Securities, the Participants have agreed to expand the reporting requirements to include OTC Equity Securities to facilitate the elimination of OATS.
This expansion of the CAT reporting requirements to OTC Equity Securities was generally supported by members of the broker-dealer industry and was discussed with the DAG on July 24, 2013.
Next, the Participants performed a detailed analysis of the current OATS requirements and the specific reporting obligations under SEC Rule 613 and concluded that there are 42 data elements found in both OATS and SEC Rule 613; however, there are 33 data elements currently captured in OATS that are not specified in SEC Rule 613. The Participants believe it is appropriate to incorporate data elements into the Central Repository that are necessary to retire OATS and the OATS Rules. The Participants believe that these additional data elements will increase the likelihood that the Central Repository will include sufficient order information to ensure FINRA can continue to perform its surveillance with CAT Data rather than OATS data and can, thus, more quickly eliminate OATS and the OATS Rules.
SEC Rule 613(c)(7) lists the minimum order information that must be reported to the CAT and specifies the information that must be included in the CAT NMS Plan. The Commission noted in the Adopting Release that “the SROs are not prohibited from proposing additional data elements not specified in Rule 613 if the SROs believe such data elements would further, or more efficiently, facilitate the requirements of [SEC Rule 613].” Adopting Release at 45750.
The purpose of OATS is to collect data to be used by FINRA staff to conduct surveillance and investigations of member firms for potential violations of FINRA rules and federal securities laws and regulations. SEC Rule 613 requires the Participants to include in the CAT NMS Plan a requirement that all Industry Members report information to the Central Repository within three years after the Effective Date. Consistent with this provision, under the terms of Sections 6.4 and 6.7 of the CAT NMS Plan, some Reporting Members will not be reporting information to the Central Repository until three years after the Effective Date. Because FINRA must continue to perform its surveillance obligations without interruption, OATS cannot be entirely eliminated until all FINRA members who currently report to OATS are reporting CAT Data to the Central Repository. However, FINRA will monitor its ability to integrate CAT Data with OATS data to determine whether it can continue to perform its surveillance obligations. If it is practicable to integrate the data in a way that ensures no interruption in FINRA's surveillance capabilities, FINRA will consider exempting firms from the OATS Rules provided they report data to the Central Repository pursuant to the CAT NMS Plan and any implementing rules.
FINRA's ability to eliminate OATS reporting obligations is dependent upon the ability of the Plan Processor and FINRA to work together to integrate CAT Data with the data collected by OATS. FINRA is committed to working diligently with the Plan Processor to ensure this process occurs in a timely manner; however, it is anticipated that Reporting Members will have to report to both OATS and the Central Repository for some period of time until FINRA can verify that the data into the Central Repository is of sufficient quality for surveillance purposes and that all reporting requirements meet the established steady state Error Rates set forth in Section A.3(b). Once this is verified, FINRA's goal is to minimize the dual-reporting requirement.
Finally, the Participants note that, pursuant to Section 19 of the Exchange Act, the amendment or elimination of the OATS Rules can only be done with Commission approval. Approval of any such filings is dependent upon a number of factors, including public notice and comment and required findings by the Commission before it can approve any amendments; therefore, FINRA cannot speculate how long this process may ultimately take.
Objective Milestones to Assess Progress (SEC Rule 613(a)(1)(x))
As required by SEC Rule 613(a)(1)(x), this section sets forth a series of detailed objective milestones, with [projected] required completion dates, toward implementation of the consolidated audit trail.
Publication and Implementation of the Methods for Providing Information to the Customer-ID Database
Small broker-dealers are defined SEC Rule 0-10(c).
Submission of Order and MM Quote Data to Central Repository
Milestone | [Projected] completion date |
---|---|
Participants | |
Plan Processor begins developing Technical Specification(s) for Participant submission of order and MM Quote data | No later than 10 months before Participants are required to begin reporting data to the Central Repository |
Plan Processor publishes iterative drafts of Technical Specification(s) | As needed before publishing of the final document |
Plan Processor publishes Technical Specification(s) for Participant submission of order and MM Quote data | No later than 6 months before Participants are required to begin reporting data to the Central Repository |
Plan Processor begins connectivity testing and accepting order and MM Quote data from Participants for testing purposes | No later than 3 months before Participants are required to begin reporting data to the Central Repository |
Plan Processor plans specific testing dates for Participant testing of order and MM Quote submission | No later than [Beginning] 3 months before Participants are required to begin reporting data to the Central Repository |
Industry Members (other than Small Industry Members) | |
Plan Processor begins developing Technical Specification(s) for Industry Members submission of order data | No later than 15 months before Industry Members (other than Small Industry Members) are required to begin reporting data to the Central Repository |
Plan Processor publishes iterative drafts of Technical Specification(s) | As needed before publishing of the final document |
Plan Processor publishes Technical Specification(s) for Industry Member submission of order data | No later than 1 year before Industry Members (other than Small Industry Members) are required to begin reporting data to the Central Repository |
Participant exchanges that support options MM quoting publish specifications for adding Quote Sent time to Quoting APIs | No later than 6 months before Industry Members (other than Small Industry Members) are required to begin reporting data to the Central Repository |
Plan Processor makes the testing environment available on a voluntary basis and begins connectivity testing and accepting order data from Industry Members (other than Small Industry Members) for testing purposes | No later than 6 months before Industry Members (other than Small Industry Members) are required to begin reporting data to the Central Repository |
Plan Processor and Industry Members begin coordinated and structured [plans specific testing dates for Industry Members (other than Small Industry Members)] testing of order submission | No later than [Beginning] 3 months before Industry Members (other than Small Industry Members) are required to begin reporting data to the Central Repository |
Participant exchanges that support options MM quoting begin accepting Quote Sent time on Quotes | No later than 1 month before Industry Members (other than Small Industry Members) are required to begin reporting data to the Central Repository |
Small Industry Members | |
Plan Processor makes the testing environment available on a voluntary basis and begins connectivity testing and accepting order data from Small Industry Members for testing purposes | No later than 6 months before Small Industry Members are required to begin reporting data to the Central Repository |
Plan Processor and Small Industry Members begin coordinated and structured [Plan Processor plans specific testing dates for Small Industry Members] testing of order submissions | No later than [Beginning] 3 months before Small Industry Members are required to begin reporting data to the Central Repository |
Linkage of Lifecycle of Order Events
Milestone | [Projected] completion date |
---|---|
Participants | |
Using order and MM Quote data submitted during planned testing, Plan Processor creates linkages of the lifecycle of order events based on the received data | No later than 3 months before Participants are required to begin reporting data to the Central Repository |
Participants must synchronize Business Clocks in accordance with Section 6.8 of the CAT NMS Plan | No later than 4 months after effectiveness of the CAT NMS Plan |
Industry Members (other than Small Industry Members) | |
Using order and MM Quote data submitted during planned testing, Plan Processor creates linkages of the lifecycle of order events based on the received data | No later than 6 months before Industry Members (other than Small Industry Members) are required to begin reporting data to the Central Repository |
Industry Members must synchronize Business Clocks in accordance with Section 6.8 of the CAT NMS Plan | No later than 4 months after effectiveness of the CAT NMS Plan |
Small Industry Members | |
Using order and MM Quote data submitted during planned testing, Plan Processor creates linkages of the lifecycle of order events based on the received data | No later than 6 months before Small Industry Members are required to begin reporting data to the Central Repository |
Industry Members must synchronize Business Clocks in accordance with Section 6.8 of the CAT NMS Plan | No later than 4 months after effectiveness of the CAT NMS Plan |
Access to the Central Repository for Regulators
Milestone | [Projected] completion date |
---|---|
Plan Processor publishes a draft document detailing methods of access to the Central Repository for regulators | No later than 6 months before Participants are required to begin reporting data to the Central Repository |
Plan Processor publishes a finalized document detailing methods of access to the Central Repository for regulators, including any relevant APIs, GUI descriptions, etc. that will be supplied for access | No later than 1 month before Participants are required to begin reporting data to the Central Repository |
Plan Processor provides (1) test information, either from Participant testing or from other test data, for regulators to test use of the Central Repository and (2) regulators connectivity to the Central Repository test environment and production environments | No later than 1 month before Participants are required to begin reporting data to the Central Repository |
Plan Processor provides regulators access to test data for Industry Members (other than Small Industry Members) | No later than 6 months before Industry Members (other than Small Industry Members) are required to begin reporting data to the Central Repository |
Plan Processor provides regulators access to test data for Small Industry Members | No later than 6 months before Small Industry Members are required to begin reporting data to the Central Repository |
Integration of Other Data (“Other Data” includes, but is not limited to, SIP quote and trade data, OCC data, trade and quote information from Participants and reference data)
Milestone | [Projected] completion date |
---|---|
Operating Committee finalizes Other Data requirements | No later than 10 months before Participants are required to begin reporting data to the Central Repository |
Plan Processor determines methods and requirements for each additional data source and publish applicable Technical Specifications, if required | No later than 3 months before Participants are required to begin reporting data to the Central Repository |
Plan Processor begins testing with Other Data sources | No later than 1 month before Participants are required to begin reporting data to the Central Repository |
Plan Processor begins accepting Other Data sources | No later than [C]c oncurrently when Participants report to the Central Repository |
Process Followed to Develop the NMS Plan: These considerations require the CAT NMS Plan to discuss: (i) the views of the Participants' Industry Members and other appropriate parties regarding the creation, implementation, and maintenance of the CAT; and (ii) the alternative approaches to creating, implementing, and maintaining the CAT considered and rejected by the Participants.
11. Process by Which Participants Solicited Views of Members and Other Appropriate Parties Regarding Creation, Implementation, and Maintenance of CAT; Summary of Views; and How Sponsors Took Views Into Account in Preparing NMS Plan (SEC Rule 613(a)(1)(xi))
Process Used to Solicit Views:
When the Participants first began creating a CAT pursuant to SEC Rule 613, the Participants developed the following guiding principles (the “Guiding Principles”):
i. The CAT must meet the specific requirements of SEC Rule 613 and achieve the primary goal of creating a single, comprehensive audit trail to enhance regulators' ability to surveil the U.S. markets in an effective and efficient way.
ii. The reporting requirements and technology infrastructure developed must be adaptable to changing market structures and reflective of trading practices, as well as scalable to increasing market volumes.
iii. The costs of developing, implementing, and operating the CAT should be minimized to the extent possible. To this end, existing reporting structures and technology interfaces will be utilized where practicable.
iv. Industry input is a critical component in the creation of the CAT. The Participants will consider industry feedback before decisions are made with respect to reporting requirements and cost allocation models.
The Participants explicitly recognized in the Guiding Principles that meaningful input by the industry was integral to the successful creation and implementation of the CAT, and as outlined below, the Participants have taken numerous steps throughout this process to ensure the industry and the public have a voice in the process.
12. General Industry Solicitation
SEC Rule 613 was published in the Federal Register on August 1, 2012, and the following month, the Participants launched the CAT NMS Plan Website, which includes a dedicated email address for firms or the public to submit views on any aspect of the CAT. The CAT NMS Plan Website has been used as a means to communicate information to the industry and the public at large since that time. Also beginning in September 2012, the Participants hosted several events intended to solicit industry input regarding the CAT NMS Plan. A summary of the events is provided below:
These events are also described on the CAT NMS Plan Website at www.catnmsplan.com . See SEC Rule 613: Consolidated Audit Trail (CAT), Past Events and Announcements (last updated Dec. 10, 2014), available at http://catnmsplan.com/PastEvents/ .
CAT Industry Call (September 19, 2012). The Participants provided an overview of SEC Rule 613, the steps the Participants were taking to develop a CAT NMS Plan as required by SEC Rule 613, and how the Participants planned to solicit industry comments and feedback on key implementation issues.
CAT Industry Events (October 2012). The Participants provided an overview of SEC Rule 613 and the steps the Participants were taking to develop an NMS Plan as required by SEC Rule 613. The events included an open Q A and feedback session so that Industry Members could ask questions of the Participants and share feedback on key implementation issues. Two identical sessions were held on October 15, 2012 from 2:00 p.m. to 4:00 p.m. and on October 16, 2012 from 10:00 a.m. to 12:00 p.m. A total of 89 Industry Members attended the October 15 event in person, and a total of 162 Industry Members attended it by phone. A total of 130 Industry Members attended the October 16 event in person, and a total of 48 Industry Members attended it by phone.
CAT Industry Call and WebEx (November 29, 2012). The Participants provided an update on CAT NMS Plan development efforts including the process and timeline for issuing the RFP to solicit Bids to build and operate the CAT.
CAT Industry Events (February 27, 2014 and April 9, 2014). During these two events, the Participants provided an overview of the latest progress on the RFP process and the overall development of the NMS Plan. A total of 120 Industry Members attended the February event in person, and a total of 123 Industry Members attended it by phone. A total of 46 Industry Members attended the April event in person, and a total of 76 Industry Members attended it by phone.
CAT Cost Study Webinars (June 25, 2014 and July 9, 2014). The Participants hosted two Webinars to review and answer questions related to the Reporter Cost Study. There were approximately 100 to 120 Industry Members on each call.
CAT Industry Call and WebEx (December 10, 2014). The Participants provided an update on CAT NMS Plan development efforts, including filing of the CAT NMS Plan on September 30, 2014, the development of a funding model, and the PPR, which documents additional requirements for the CAT.
For the above events, documentation was developed and presented to attendees, as well as posted publicly on the CAT NMS Plan Website.
In addition to the above events, some Participants individually attended or participated in additional industry events, such as SIFMA conferences and FIF working groups, where they provided updates on the status of CAT NMS Plan development and discussed areas of expected CAT functionality.
The Participants received general industry feedback from broker-dealers and software vendors. The Participants reviewed such feedback in detail, and addressed as appropriate while developing the RFP.
See generally Industry Feedback on the Consolidated Audit Trail (last updated Feb. 17, 2015), available at http://catnmsplan.com/industryFeedback/ .
The Participants also received industry feedback in response to solicitations by the Participants for industry viewpoints as follows:
Proposed RFP Concepts Document (published December 5, 2012, updated January 16, 2013). The Participants published via the CAT NMS Plan Website this document to solicit feedback on the feasibility and cost of implementing the CAT reporting requirements being considered by the Participants. Feedback was received from seven organizations, including software vendors, industry associations and broker-dealers, and the Participants discussed and addressed the feedback as appropriate in the final RFP document.
Representative Order Scenarios Solicitation for Feedback (February 1, 2013). The Participants solicited feedback via the CAT NMS Plan Website on potential CAT reporting requirements to facilitate the reporting of representative orders. Approximately 30 responses were received.
CAT Industry Solicitation for Feedback Concerning Selected Topics Related to NMS Plan (April 22, 2013). The Participants solicited feedback via the CAT NMS Plan Website on four components of the CAT NMS Plan: (1) Primary Market Transactions; (2) Advisory Committee; (3) Time Stamp Requirement; and (4) Clock Synchronization. Approximately 80 Industry Members provided responses. FIF, SIFMA, and Thomson Reuters submitted detailed responses to the request for comments.
CAT Industry Solicitation for Feedback Concerning Selected Topics Related to NMS Plan (June 2013). The Participants solicited feedback via the CAT NMS Plan Website concerning Customer identifiers, Customer information, CAT-Reporter-IDs, CAT-Order-IDs, CAT intra-firm order linkages, CAT inter-firm order linkages, broker-dealer CAT order-to-exchange order linkages, data transmission, and error correction.
CAT Industry Feedback on Clock Drift and Time Stamp Issues (September 2013). The Participants solicited feedback via the DAG concerning the implementation impact associated with a 50 millisecond clock drift requirement for electronic orders and executions.
Cost Survey on CAT Reporting of Options Market Maker Quotes (November 2013). The Participants solicited feedback via the DAG concerning the implementation impact and costs associated with reporting of quotes by options market makers to the Central Repository.
Cost Estimates for CAT Exemptive Relief (December 2014). The Participants solicited feedback via the DAG regarding minimum additional costs to be expected by Industry Members in the absence of the requested Exemptive Relief.
Cost Estimate for Adding Primary Market Transactions in CAT (February 2015). The Participants solicited feedback via the DAG concerning the feasibility and costs of broker-dealers to report to the Central Repository information regarding primary market transactions in NMS securities.
Clock Offset Survey (February 2015). The Participants solicited further feedback via the DAG concerning current broker-dealer clock synchronization practices and expected costs associated with complying with a 50ms, 5ms, 1ms, and 100 microsecond clock drift requirement for electronic orders and executions.
Feedback on these topics was received primarily through discussion during meetings of the DAG.
13. The Development Advisory Group (DAG)
In furtherance of Guiding Principle (iv) above, the Participants solicited members for the DAG in February 2013 to further facilitate input from the industry regarding various topics that are critical to the success of the CAT NMS Plan. Initially, the DAG consisted of 10 firms that represented large, medium, and small broker-dealers, the Options Clearing Corporation (OCC), a service bureau and three industry associations: the Security Traders Association (STA), SIFMA, and FIF.
In March 2014, the Participants invited additional firms to join the DAG in an effort to ensure that it reflected a diversity of perspectives. At this time, the Participants increased the membership of the DAG to include 12 additional firms. As of January 2015, the DAG consisted of the Participants and Representatives from 24 firms and industry associations.
The DAG has had 49 meetings since April 2013. Topics discussed with the DAG have included:
CAT Plan Feedback. The Participants shared draft versions of the CAT NMS Plan, including the PPR, as it was being developed with the DAG, who provided feedback to the Participants. The Participants reviewed and discussed this feedback with the DAG, and incorporated portions of it into the CAT NMS Plan.
Options Market Maker Quotes. The DAG discussed the impact of options market maker quotes on the industry. A cost analysis was conducted by the industry trade associations to analyze the impact of market maker quote reporting, as well as adding a “quote sent” time stamp to messages sent to exchanges by all options market makers The Participants included in the Exemptive Request Letters a request for exemptive relief related to option market maker quotes given that exchanges will be reporting this data to the CAT.
Customer-ID. The DAG discussed the requirements for capturing Customer-ID. The Participants proposed a Customer Information Approach in which broker-dealers assign a unique Firm Designated ID to each Customer and the Plan Processor creates and stores the Customer-ID. This concept was supported by the DAG and the Participants included in the Exemptive Request Letters a request for exemptive relief related to the Customer-ID to reduce the reporting on CAT Reporters.
Time Stamp, Clock Synchronization and Clock Drift. The DAG discussed time stamps in regards to potential exemptive relief on the time stamp requirements for allocations and Manual Order Events. In addition, industry clock synchronization processes were discussed as well as the feasibility of specific clock drift requirements (e.g., 50ms), with the DAG and the FIF conducting an industry survey to identify the costs and challenges associated with various levels of clock synchronization requirements. The Participants included in the Exemptive Request Letters a request for exemptive relief related to manual time stamps.
See FIF, Clock Offset Survey Preliminary Report (last updated Feb. 17, 2015), available at http://catnmsplan.com/web/groups/catnms/@catnms/documents/appsupportdocs/p602479.pdf (the “FIF Clock Offset Survey Preliminary Report”).
Exemptive Request Letters. In addition to the specific areas detailed above (Options Market Maker Quotes, Customer-ID, and Time Stamp, Clock Synchronization, and Clock Drift), the DAG provided input and feedback on draft versions of the Exemptive Request Letters prior to their filing with the SEC, including cost estimates to firms and the Industry as a whole should the exemptive requests not be granted. This feedback was discussed by the Participants and the DAG and incorporated into the Exemptive Request Letters. The DAG also provided input and feedback on the Exemptive Request Letters covering Linking Allocations to Executions and Account Effective Date submitted on April 3, 2015 and September 2, 2015 respectively.
Primary Markets. At the request of the Participants, the DAG discussed with the Participants the feasibility, costs, and benefits associated with reporting allocations of NMS Securities in Primary Market Transactions. The DAG further provided estimated costs associated with reporting allocations of NMS Securities in Primary Market Transactions at the top-account and sub-account levels, which was incorporated into the CAT NMS Plan.
See DAG, Cost Estimate for Adding Primary Market Transactions into CAT (Feb. 17, 2015), available at http://catnmsplan.com/industryFeedback/P602480 .
Order Handling Scenarios. The DAG discussed potential CAT reporting requirements for certain order handling scenarios and additional corresponding sub-scenarios (e.g., riskless principal order and sub-scenarios involving post-execution print-for-print matching, pre-execution one-to-one matching, pre-execution many-to-one matching, complex options and auctions) An Industry Member and Participant working group was established to discuss order handling scenarios in more detail.
Error Handling and Correction Process. The DAG discussed error handling and correction process. Industry Members of the DAG provided recommendations for making the CAT error correction processes more efficient. The Participants have reviewed and analyzed these recommended solutions for error correction processes and incorporated them in the requirements for the Plan Processor.
Elimination of Systems. The DAG discussed the gaps between CAT and both OATS and EBS. An OATS-EBS-CAT gap analysis was developed and published on the CAT NMS Plan Website to identify commonalities and redundancies between the systems and the functionality of the CAT. Additionally, gaps between LTID and the CAT were also developed. Additional examples of systems and rules being analyzed include, but are not limited to: CBOE Rule 8.9, PHLX Rule 1022, COATS, Equity Cleared Reports, LOPR, and FINRA Rule 4560.
Cost and Funding of the CAT. The DAG helped to develop the cost study that was distributed to Industry Members. Additionally, the Participants have discussed with the DAG the funding principles for the CAT and potential funding models.
In addition, a subgroup of the DAG has met six times to discuss equity and option order handling scenarios, order types, how and whether the orders are currently reported and how linkages could be created for the orders within the CAT.
Summary of Views Expressed by Members and Other Parties and How Participants Took Those Views Into Account in Preparing the CAT NMS Plan
The various perspectives of Industry Members and other appropriate parties informed the Participants' consideration of operational and technical issues during the development of the CAT NMS Plan. In addition to the regular DAG meetings and special industry calls and events noted above, the Participants conducted multiple group working sessions to discuss the industry's unique perspectives on CAT-related operational and technical issues. These sessions included discussions of options and equity order scenarios and the RFP specifications and requirements.
Industry feedback was provided to Participants through gap analyses, cost studies, comment letters and active discussion in DAG meetings and industry outreach events. Specific topics on which the industry provided input include:
Overall Timeline. Industry Members expressed a concern that the original timeline for implementation of the CAT is significantly shorter than the timeline for other large scale requirements such as Large Trader Reporting. The industry requested that, in developing the overall timeline for development and implementation of the CAT NMS Plan, the Participants account for additional industry comment/input on specifications in the official timeline and discussed risk mitigation strategies for implementation of the Central Repository.
Request for proposal. The Participants provided relevant excerpts of the RFP to DAG members for review and input. These sections were discussed by the Participants, and appropriate feedback was incorporated prior to publishing the RFP.
Options Market Maker Quotes. Industry Members expressed the view that requiring market makers to provide quote information to the CAT will be duplicative of information already being submitted to the CAT by the exchanges. Participants worked closely with DAG members to develop an alternative approach that will meet the goals of SEC Rule 613, and which is detailed in the Exemptive Request Letter that the Participants submitted to the Commission related to manual time stamps.
Customer-ID. Extensive DAG discussions reviewed the Customer-ID requirements in SEC Rule 613. The industry expressed significant concern that the complexities of adding a unique CAT customer identifier to order reporting would introduce significant costs and effort related to the system modifications and business process changes broker-dealers would face in order to implement this requirement of SEC Rule 613. Working with Industry Members, the Participants proposed a Customer Information Approach in which broker-dealers would assign a unique Firm Designated ID to each Customer which the Plan Processor would retain. Additional feedback was provided by the DAG for the use of the Legal Entity Identifier (“LEI”) as a valid unique customer identifier as an alternative to Tax Identification Numbers to identify non-natural person accounts. This Customer Information Approach is included in the Exemptive Request Letters that the Participants submitted to the Commission.
Error Correction. DAG members discussed the criticality of CAT Data quality to market surveillance and reconstruction, as well as the need for a robust process for the timely identification and correction of errors. Industry Members provided feedback on error correction objectives and processes, including the importance of those data errors not causing linkage breaks. This feedback was incorporated into the RFP and relevant portions of the PPR.
Industry Members also suggested that CAT Reporters be provided access to their submitted data. Participants discussed the data security and cost considerations of this request and determined that it was not a cost-effective requirement for the CAT.
Governance of the CAT. Industry Members provided detailed recommendation for the integration of Industry Members into the governance of the CAT, including an expansion of the proposed Advisory Committee to include industry associations such as FIF and SIFMA. Industry Members also recommended a three-year term with one-third turnover per year is recommended to provide improved continuity given the complexity of CAT processing.
The Participants have discussed CAT governance considerations with the DAG at several meetings. The Participants incorporated industry feedback into the CAT NMS Plan to the extent possible in light of the regulatory responsibilities placed solely upon the Participants under the provisions of SEC Rule 613. The proposed structure and composition of the Advisory Committee in Article 4.12 was discussed with the DAG in advance of the submission of this Plan.
Role of Operating Committee. The Operating Committee, consisting of one voting member representing each Participant, is structured to ensure fair and equal representation of the Participants in furtherance of SEC Rule 613(b)(1). The overarching role of the Operating Committee is to manage the Company and the CAT System similar to the manner in which a board of directors manages the business and affairs of a corporation. The primary and more specific role of the Operating Committee is to make all policy decisions on behalf of the Company in furtherance of the functions and objectives of the Company under the Exchange Act, any rules thereunder, including SEC Rule 613, and the CAT NMS Plan. In connection with its role, the Operating Committee has the right, power and authority to exercise all of the powers of the Company, to make all decisions, and to authorize or otherwise approve all actions by the Company, except as otherwise provided by applicable law or as otherwise provided in the CAT NMS Plan (Section 4.1 of the CAT NMS Plan). The Operating Committee also monitors, supervises and oversees the actions of the Plan Processor, the Chief Compliance Officer and the Chief Information Security Officer, all of whom are involved with the CAT System on a more detailed and day-to-day basis.
The decisions made by the Operating Committee include matters that are typically considered ordinary course for a governing body like a board of directors (e.g., approval of compensation of the Chief Compliance Officer (Section 6.2(a)(iv) the CAT NMS Plan) and approval to hold an executive session of the Operating Committee (Section 4.3(a)(v) of the CAT NMS Plan)), in addition to matters that are specific to the functioning, management and financing of the CAT System (e.g., changes to Technical Specifications (Sections 4.3(b)(vi)-(vii) of the CAT NMS Plan) and significant changes to the CAT System (Section 4.3(b)(v) of the CAT NMS Plan)).
The CAT NMS Plan sets forth a structure for decisions that the Operating Committee may make after approval of the CAT NMS Plan by the SEC. These decisions relate to events that may occur in the future as a result of the normal operation of any business (e.g., additional capital contributions (Section 3.8 of the CAT NMS Plan), approval of a loan to the Company (Section 3.9 of the CAT NMS Plan)) or that may occur due to the operation of the CAT System (e.g., the amount of the Participation Fee to be paid by a prospective Participant (Section 3.3(a) of the CAT NMS Plan)). These decisions cannot be made at the time of approval of the CAT NMS Plan because the Operating Committee will need to make its determination based on the facts and circumstances as they exist in the future. For example, in determining the appropriate Participation Fee, the Operating Committee will apply the factors identified in Section 3.3 of the CAT NMS Plan (e.g., costs of the Company and previous fees paid by other new Participants) to the facts existing at the time the prospective Participant is under consideration. Another example is the establishment of funding for the Company and fees for Participants and Industry Members. Section 11.2 of the CAT NMS Plan sets forth factors and principles that the Operating Committee will use in determining the funding of the Company. The Operating Committee then has the ability to review the annual budget and operations and costs of the CAT System to determine the appropriate funding and fees at the relevant future time. This approach, which sets forth standards at the time the CAT NMS Plan is approved that will be applied to future facts and circumstances, provides the Operating Committee with guiding principles to aid its decision-making in the future.
The Participants also recognize that certain decisions that are fundamental and significant to the operation of the Company and the CAT System must require the prior approval of the SEC, such as the use of new factors in determining a Participation Fee (Section 3.3(b)(v) of the CAT NMS Plan). In addition, any decision that requires an amendment to the CAT NMS Plan, such as termination of a Participant (Section 3.7(b) of the CAT NMS Plan), requires prior approval of the SEC (Section 12.3 of the CAT NMS Plan).
The Operating Committee has the authority to delegate administrative functions related to the management of the business and affairs of the Company to one or more Subcommittees and other Persons; however, the CAT NMS Plan expressly states that the Operating Committee may not delegate its policy-making functions (except to the extent policy-making determinations are already delegated as set forth in the CAT NMS Plan, which determinations will have been approved by the SEC) (Section 4.1 of the CAT NMS Plan). For example, the CAT NMS Plan provides for the formation of a Compliance Subcommittee to aid the Chief Compliance Officer in performing compliance functions, including (1) the maintenance of confidentiality of information submitted to the CAT; (2) the timeliness, accuracy and completeness of information; and (3) the manner and extent to which each Participant is meeting its compliance obligations under SEC Rule 613 and the CAT NMS Plan (Section 4.12(b) of the CAT NMS Plan). The Operating Committee also has delegated authority to the Plan Processor with respect to the normal day-to-day operating function of the Central Repository (Section 6.1 of the CAT NMS Plan). Nevertheless, decisions made by the Plan Processor that are more significant in nature remain subject to approval by the Operating Committee, such as decisions related to the implementation of policies and procedures (Section 6.1(c) of the CAT NMS Plan), appointment of the Chief Compliance Officer, Chief Information Officer, and Independent Auditor (Section 6.1(b) of the CAT NMS Plan), Material System Changes or any system changes for regulatory compliance (Sections 6.1(i) and 6.1(j) of the CAT NMS Plan). In addition, the Operating Committee will conduct a formal review of the Plan Processor's performance under the CAT NMS Plan on an annual basis (Section 6.1(n) of the CAT NMS Plan). As to Subcommittees that the Operating Committee may form in the future, the Participants have determined that the Operating Committee will establish a Selection Subcommittee to select a successor Plan Processor when the time arises (Section 6.1(t) of the CAT NMS Plan). In the future, the Operating Committee will take a similar approach when delegating authority by providing Subcommittees or other Persons with discretion with respect to administrative functions and retaining authority to approve decisions related to policy and other significant matters of the Company and the CAT System.
The role of the Operating Committee, including the delegation of its authority to Subcommittees and other limited Persons, as provided in the CAT NMS Plan is similar to that of other national market system plans, including the Limited Liability Company Agreement of the Options Price Reporting Authority, LLC. It also is based on rules and regulations under the Exchange Act, and general principles with respect to the governance of a limited liability company. All decisions made by the Operating Committee will be governed by the guiding principles of the CAT NMS Plan and SEC Rule 613.
Voting Criteria of the Operating Committee: This section describes the voting criteria for decisions made by the Operating Committee, which consists of a representative for each Participant, and by any Subcommittee of the Operating Committee in the management and supervision of the business of the Company and the CAT System.
A Majority Vote (an affirmative vote of at least a majority of all members of the Operating Committee or any Subcommittee authorized to vote on a particular matter) is the default standard for decisions that are typically considered ordinary course matters for a governing body like a board of directors or board of managers or that address the general governance and function of the Operating Committee and its Subcommittees. All actions of the Company requiring a vote by the Operating Committee or any Subcommittee requires authorization by a Majority Vote except for matters specified in certain sections of the CAT NMS Plan described below, which matters require either a Supermajority Vote or a unanimous vote. As a general matter, the approach adopted by the Operating Committee is consistent with the voting criteria of the NASDAQ Unlisted Trading Privileges Plan (the “NASDAQ UTP Plan”), the Limited Liability Company Agreement of the Options Price Reporting Authority, LLC, the Consolidated Quotation Plan and the Consolidated Tape Association Plan.
A Supermajority Vote (an affirmative vote of at least two-thirds of all of the members of the Operating Committee or any Subcommittee authorized to vote on a particular matter) is required to authorize decisions on matters that are outside ordinary course of business and are considered by the Participants to have a direct and significant impact on the functioning, management and financing of the CAT System. This approach was informed by similar plans (e.g., the NASDAQ UTP Plan, which requires a unanimous vote in many similar circumstances); however, the CAT NMS Plan has the lower requirement of a Supermajority Vote because overuse of the unanimity requirement makes management and oversight difficult. This approach takes into account concerns expressed by the Participants regarding management of the CAT NMS Plan, and is consistent with suggestions in the Adopting Release for the Participants to take into account the need for efficient and fair operation of the CAT NMS Plan and to consider the appropriateness of a unanimity requirement and the possibility of a governance requirement other than unanimity, or even supermajority approval, for all but the most important decisions.
The Participants believe that certain decisions that may directly impact the functioning and performance of the CAT System should be subject to the heightened standard of a Supermajority Vote, such as: selection and removal of the Plan Processor and key officers; approval of the initial Technical Specifications; approval of Material Amendments to the Technical Specifications proposed by the Plan Processor; and direct amendments to the Technical Specifications by the Operating Committee. In addition, the Participants believe the instances in which the Company enters into or modifies a Material Contract, incurs debt, makes distributions or tax elections or changes fee schedules should be limited, given that the Company is intended to operate on a break-even basis. Accordingly, those matters should also require the heightened standard of a Supermajority Vote.
A unanimous vote of all Participants is required in only three circumstances. First, a decision to obligate Participants to make a loan or capital contribution to the Company requires a unanimous vote (Section 3.8(a) of the CAT NMS Plan). Requiring Participants to provide additional financing to the Company is an event that imposes an additional and direct financial burden on each Participant, thus it is important that each Participant's approval is obtained. Second, a decision by the Participants to dissolve the Company requires unanimity (Section 10.1 of the CAT NMS Plan). The dissolution of the Company is an extraordinary event that would have a direct impact on each Participant's ability to meet its compliance requirements so it is critical that each Participant consents to this decision. Third, a unanimous vote is required if Participants decide to take an action by written consent in lieu of a meeting (Section 4.10 of the CAT NMS Plan). In that case, because Participants will not have the opportunity to discuss and exchange ideas on the matter under consideration, all Participants must sign the written consent. This approach is similar to the unanimity requirement under the Delaware General Corporation Law for decisions made by written consent of the directors of a corporation in lieu of a meeting.
Voting on Behalf of Affiliated Participants: Each Participant has one vote on the Operating Committee to permit equal representation among all the Participants. Initially, the Operating Committee will have 19 Participants. Of the 19 Participants, there are five Participants that are part of the Affiliated Participants Group and five Participants without any Affiliated Participants. Because of the relationship between the respective Affiliated Participants and given the large number of Participants on the Operating Committee, the Participants believe an efficient and effective way of structuring the Operating Committee in order to have an orderly and well-functioning committee is to permit but not require one individual to serve as a voting member for multiple Affiliated Participants. This approach does not change the standard rule that each Participant has one vote. This approach provides Affiliated Participants with the flexibility to choose whether to have one individual represent one or more of the Affiliated Participants or to have each of them represented by a separate individual. Affiliated Participants may likely vote on a matter similarly, and allowing them to choose the same individual as a voting member would be a convenient and practical way of having the Affiliated Participants' votes cast. Because there is no requirement that the representative of multiple Affiliated Participants cast the same vote for all represented Participants, there is no practical difference between this approach and an approach that mandates a separate representative for each Participant. In addition, the Participants considered whether this approach would result in less participation because of a reduced number of individuals on the Operating Committee. If each group of Affiliated Participants were to choose one individual to serve as a voting member, there would be still be 10 individuals on the Operating Committee, which the Participants do not believe would cause less active representation or participation or would otherwise lead to unwanted concentration on the Operating Committee.
Affiliated Participant Groups and Participants without Affiliations:
1. New York Stock Exchange LLC; NYSE Arca, Inc.; NYSE MKT LLC
2. The NASDAQ Stock Market LLC; NASDAQ OMX BX, Inc.; NASDAQ OMX PHLX LLC
3. BATS Exchange, Inc.; BATS Y-Exchange, Inc.; EDGX Exchange, Inc.; EDGA Exchange, Inc.
4. Chicago Board Options Exchange, Incorporated; C2 Options Exchange, Incorporated
5. International Securities Exchange, LLC; ISE Gemini, LLC
6. National Stock Exchange, Inc.
7. Chicago Stock Exchange, Inc.
8. BOX Options Exchange LLC
9. Miami International Securities Exchange LLC
10. Financial Industry Regulatory Authority, Inc.
Conflicts of Interest Definition: The Participants arrived at the definition of Conflicts of Interest set forth in Article I of the CAT NMS Plan based on a review of existing rules and standards of securities exchanges, other plans, including the Selection Plan as to qualifications of a Voting Senior Officer of a Bidding Participant, and general corporate and governance principles.
Transparency in the Bidding and Selection Process: DAG members requested input into the bidding and selection process for the Plan Processor, citing the extensive impact of CAT requirements on the industry as well as proposed cost for compliance. Specifically, Industry Members requested that non-proprietary aspects of the responses to the RFP should be available to the public to inform the discussion regarding the costs and benefits of various CAT features and the technological feasibility of different solutions. Participants, working with counsel, determined that such information could be appropriately shared with DAG members pursuant to the provisions of a non-disclosure agreement (“NDA”) that was consistent with the terms of the NDA executed between the Participants and the Bidders. After extensive discussion, DAG members declined to sign such an NDA. The Participants continued to share non-bid specific information and to solicit the views and perspective of DAG members as it developed a Plan approach and related solutions.
Time Stamp Granularity and Clock Synchronization Requirement: Industry Members recommended a millisecond time stamp for electronic order and execution events and a time stamp in seconds for manual order handling. Industry Members suggested a grace period of two years after the CAT requirements are finalized to allow broker-dealers sufficient time to meet the millisecond time stamp granularity. In addition, Industry Members recommended maintaining the current OATS rule of a one second clock drift tolerance for electronic order and execution events, citing a significant burden to Industry Members to comply with a change to the current one-second clock drift. Participants conducted active discussions with Industry Members on this topic, and included in the Exemptive Request Letter a request for exemptive relief related to time stamp granularity for Manual Order Events.
See FIF Clock Offset Survey Preliminary Report.
Equitable Cost and Funding: Industry Members expressed the view that any funding mechanism developed by the Participants should provide for equitable funding among all market participants, including the Participants. The Participants recognized the importance of this viewpoint and have incorporated it within the guiding principles that were discussed with the Industry.
Order ID/Linkages: The DAG formed an order scenarios working group to discuss approaches to satisfy the order linkage requirements of SEC Rule 613. On the topic of allocations, Industry Members provided feedback that the order and execution processes are handled via front office systems, while allocation processes are conducted in the back office. Industry Members expressed the view that creating linkages between these systems, which currently operate independently, would require extensive reengineering of middle and back office processes not just within a broker-dealer but across broker-dealers, imposing significant additional costs on the industry as a whole. Given the widespread use of average price processing accounts, clearing firms, prime brokers and self-clearing firm cannot always determine which specific order results in a given allocation or allocations. Industry Members worked closely with Participants on a proposed alternative approach which the Participants submitted to the Commission in the Exemptive Request Letters.
Elimination of Systems and Rules: The elimination of duplicative and redundant systems and rules is a critical aspect of the CAT development process. Industry DAG members including SIFMA and FIF provided broad based and comprehensive insight on the list of existing regulatory systems and Participant rules that they deem to be duplicative, including, among others, OATS, the EBS reporting system, and Large Trader reporting. In addition, FIF provided a gap analysis of CAT requirements against Large Trader transactional reporting obligations.
The Participants discussed feedback from the industry in a variety of forums: (i) during DAG meetings; (ii) in relevant Subcommittee meetings, depending on the topic; and (iii) at two multi-day offsite meetings where Representatives of each Participant gathered in a series of in-person workshops to discuss the requirements of the Plan Processor, both technical and operational. This was in addition to numerous video-conference meetings when Participants discussed and developed the RFP document incorporating, where appropriate, feedback from the industry.
Discuss Reasonable Alternative Approaches that the Participants Considered to Create, Implement, and Maintain the CAT (SEC Rule 613(a)(1)(xii))
The Participants, working as a consortium, selected the approach reflected in the Plan through a detailed analysis of alternatives, relying on both internal and external knowledge and expertise to collect and evaluate information related to the CAT. For some of the requirements of SEC Rule 613, the Participants' analysis indicated that the required approach would be unduly burdensome or complex. In these cases, the Participants have requested exemption from these requirements in the Exemptive Request Letter, which details the analysis performed and alternatives considered for these specific requirements.
The Participants leveraged their own extensive experience with regulatory, technical and securities issues in formulating, drafting and filing the CAT NMS Plan. Specifically, the nineteen Participants formed various Subcommittees to focus on specific critical issues during the development of the CAT NMS Plan. The Subcommittees included:
a Governance Committee, which developed recommendations for decision-making protocols and voting criteria critical to the development of the CAT NMS Plan, in addition to developing formal governance and operating structures for the CAT NMS Plan;
a Technical Committee, which developed the technical scope requirements of the CAT, the CAT RFP documents, and the PPR;
an Industry Outreach Committee, which provided recommendations on effective methods for soliciting industry input, in addition to facilitating industry involvement in CAT-related public events and development of the CAT NMS Plan and the Exemptive Request Letters;
A summary of industry outreach events is included in Appendix C, General Industry Solicitation.
a Press Committee as a Subcommittee of the Industry Outreach Committee, which coordinated interactions with the press;
a Cost and Funding Committee, which drafted a framework for determining the costs of the CAT, and provided recommendations on revenue/funding of the CAT for both initial development costs and ongoing costs; and
an Other Products Committee, which is designed to assist the SEC, as necessary, when the SEC is determining whether and how other products should be added to the CAT.
When adopting the CAT, the Commission directed the Commission staff “to work with the SROs, the CFTC staff, and other regulators and market participants to determine how other asset classes, such as futures, might be added to the consolidated audit trail.” Adopting Release at 45744-5 n.241.
Representatives from all Subcommittees met to discuss the overall progress of the CAT initiative in the Operating Committee.
To support the Participants' internal expertise, the Participants also engaged outside experts to assist in formulating the CAT NMS Plan. Specifically, the Participants engaged the consulting firm Deloitte Touche LLP as a project manager, and engaged the law firm Wilmer Cutler Pickering Hale and Dorr LLP to serve as legal counsel in drafting the CAT NMS Plan, both of which have extensive experience with issues raised by the CAT. Additionally, the Participants engaged the services of the public relations firm Peppercomm to assist with public relations and press engagement in formulating the CAT NMS Plan.
Furthermore, as discussed in more detail above in Appendix C, Process by Which Participants Solicited Views of Members and Other Appropriate Parties Regarding Creation, Implementation, and Maintenance of CAT; Summary of Views; and How Sponsors Took Views Into Account in Preparing NMS Plan, the Participants engaged in meaningful dialogue with Industry Members with respect to the development of the CAT through the DAG and other industry outreach events.
Using this internal and external expertise, the Participants developed a process to identify, evaluate and resolve issues so as to finalize the CAT NMS Plan. As discussed above in Appendix C, the Participants have, among other things, developed the Selection Plan to describe the process for selecting the Plan Processor, created and published an RFP, evaluated Bids, and chosen a shortlist of Bids. Contemporaneously, the Participants have drafted the Plan set forth herein to reflect the recommendations that have resulted from the approach and analysis described above.
For certain technical considerations for the development and maintenance of the CAT that do not materially impact cost, required functionality or data security, the Participants did not mandate specific approaches, but rather chose to consider solutions proposed by the Bidders.
Request for Proposal
The Participants considered multiple alternatives for the best approach to gathering the information necessary to determine how to create, implement and maintain the CAT, including issuance of a Request for Information (“RFI”) and Request for Proposal (“RFP”). After due consideration, with a view to meeting the demanding deadline set forth in SEC Rule 613, the Participants decided to use their expertise to craft an RFP seeking proposals to implement the main requirements to successfully build and operate the CAT. This approach was designed to solicit imaginative and competitive proposals from the private sector as well as to provide an adequate amount of insight into the costs associated with creating, implementing, and maintaining the CAT.
To design the RFP process, the Participants consulted with their technology subject matter resources to determine technical implications and requirements of the CAT and to develop the RFP. Based on these requirements, the Participants developed the Proposed RFP Concepts Document, which identified the high level requirements for which potential Bidders would be expected to design a solution, ahead of publishing the full RFP on February 26, 2013. The Participants received 31 intents to bid, and then hosted a Bidder conference on March 8, 2013 to discuss the requirements and provide additional context to the industry and potential Bidders. Two additional conference calls to discuss additional questions on the RFP were held on April 25, 2013 and May 2, 2013. The Participants also established an e-mail box through which questions on the RFP were received.
See supra note 3692.
Ten competitive proposals were submitted on March 21, 2014. Each of the ten proposals was carefully reviewed by the Participants, including in-person meetings with each of the ten Bidders. Following this review, the Bids were reduced to six proposals in accordance with the Selection Plan approved by the Commission in February 2014. In accordance with the Selection Plan Amendment approved by the Commission on June 23, 2015, the Participants asked the Bidders on July 14, 2015 to revise their bids to account for the updated requirements included in the CAT NMS Plan as filed on February 27, 2015, as well as to address specific additional questions and considerations. As described more fully throughout this Appendix C, the proposals offer a variety of solutions for creating, implementing and maintaining the CAT.
As stated above, the Participants received proposals from ten Bidders that were deemed qualified, including many from large and well-respected information technology firms. The open ended nature of the questions contained in the RFP allowed Bidders to provide thoughtful and creative responses with regards to all aspects of the implementation and the operation of the CAT. The RFP process also resulted in the submission of multiple competitively-priced Bids. The six Shortlisted Bids remaining under consideration by the Participants, inclusive of the initial system build and the first five years of maintenance costs, have ranges between $165 million and $556 million, and encompass a number of innovative approaches to meeting the requirements of SEC Rule 613, such as use of non-traditional database architectures and cloud-based infrastructure solutions.
The Participants conducted the RFP process and the review of Bids pursuant to the Selection Plan approved by the Commission, which was designed to mitigate the conflicts of interest associated with Participants that are participating in developing the CAT while also seeking to become the Plan Processor and to ensure a level playing field for all potential Bidders to be considered on a fair and equal basis.
Organizational Structure
The Participants considered various organizational structures of the Bidders to assess whether a particular structure would be a material factor in the ability of a Bidder to effectively operate as the Plan Processor. Of the Bids submitted, three general organizational structures for the Plan Processor emerged: (1) consortiums or partnerships (i.e., the Plan Processor would consist of more than one unaffiliated entity that would operate the CAT); (2) single firms (i.e., one entity would be the Plan Processor and that entity would operate the CAT as part of its other ongoing business operations); and (3) dedicated legal entities (i.e., CAT operations would be conducted in a separate legal entity that would perform no other business activities). Each type of organizational structure has strengths and limitations, but the Participants did not find that a particular organizational structure should be a material factor in selecting a Bidder. Accordingly the Participants have not mandated a specific organizational structure for the Plan Processor.
Primary Storage
The Bidders proposed two methods of primary data storage: traditionally-hosted storage architecture, and infrastructure-as-a-service. Traditionally-hosted storage architecture is a model in which an organization would purchase and maintain proprietary servers and other hardware to store CAT Data. Infrastructure-as-a-service is a provisioning model in which an organization outsources the equipment used to support operations, including storage, hardware, servers and networking components to a third party who charges for the service on a usage basis.
Each data storage method has a number of considerations that the Participants will take into account when evaluating each Bidder's proposed solution. Such considerations include the maturity, cost, complexity, and reliability of the data storage method as used in each Bidder's proposal. The Participants are not mandating a specific method for primary data storage provided that the data storage solution can meet the security, reliability, and accessibility requirements for the CAT, including storage of PII data, separately.
Customer and Account Data
All Bidders proposed solutions consistent with the Customer Information Approach in which broker-dealers would report a unique Firm Designated ID for each Customer to the Plan Processor and the Plan Processor would create and store the CAT Customer-ID without passing this information back to the broker-dealer. The use of existing unique identifiers (such as internal firm customer identifiers) could minimize potentially large overhead in the CAT System that otherwise would be required to create and transmit back to CAT Reporters a CAT System-generated unique identifiers. Allowing multiple identifiers also will be more beneficial to CAT Reporters. This approach would still require mapping of identifiers to connect all trading associated with a single Customer across multiple accounts, but it would also ease the burden on CAT Reporters because each CAT Reporter would report information using existing identifiers it currently uses in its internal systems. Moreover, because the CAT System would not be sending a CAT System-generated Customer-ID back to the CAT Reporters, CAT Reporters would not need to process CAT Customer-IDs assigned by the Plan Processor. This approach would reduce the burden on the CAT Reporters because they would not need to build an additional process to receive a Customer-ID and append that identifier to each order origination, receipt or cancellation. This approach may also help alleviate storage and processing costs and potentially reduce the security risk of transmission of the Customer-ID to the CAT Reporter.
The Participants support the use of the Customer Information Approach and included the approach in the Exemptive Request Letter so that the Central Repository could utilize this approach to link Customer and Customer Account Information. The Participants believe this approach would be the most efficient approach for both the Plan Processor and CAT Reporters.
Personally Identifying Information (PII)
All Bidders proposed encrypting all PII, both at rest and in motion. This approach allows for secure storage of PII, even if servers should be compromised or data should be leaked. However, encryption can be highly complex to implement effectively (e.g., the poor choice of password salting or an insecure storage of private keys can compromise security, even without knowledge of the system administrator).
All Bidders also proposed imposing a Role Based Access Control to PII. These controls would allow for varying levels of access depending on user needs, and would allow compartmentalizing access based on “need to know.” However, multiple layers of access can add further complexity to the implementation and use of a system.
Role Based Access Control (RBAC) is a mechanism for authentication in which users are assigned to one or many roles, and each role is assigned a defined set of permissions. Additional details are provided in Appendix D, Data Security.
Some Bidders also proposed implementing multi-factor authentication. This greatly enhances security and can prevent a leak of passwords or keys from completely compromising security. However, it increases system overhead, and increases the difficulty of accessing data.
Multifactor authentication is a mechanism that requires the user to provide more than one factor (e.g., biometrics/personal information in addition to a password) in order to be validated by the system.
The Participants are requiring multi-factor authentication and Role Based Access Control for access to PII, separation of PII from other CAT Data, restricted access to PII (only those with a “need to know” will have access), and an auditable record of all access to PII data contained in the Central Repository. The Participants believe potential increased costs to the Plan Processor and delays that this could cause to accessing PII are balanced by the need to protect PII.
Data Ingestion Format
Bidders proposed several approaches for the ingestion format for CAT Data: uniform defined format, use of existing messaging protocols or a hybrid approach whereby data can be submitted in a uniform defined format or using existing message protocols. There are benefits to the industry under any of the three formats. A large portion of the industry currently reports to OATS in a uniform defined format. These firms have invested time and resources to develop a process for reporting to OATS. The uniform formats recommended by the Bidders would leverage the OATS format and enhance it to meet the requirements of SEC Rule 613. This uniform format, therefore, may reduce the burden on certain CAT Reporters and simplify the process for those CAT Reporters to implement the CAT. However, some firms use message protocols, like FIX, as a standard point of reference with Industry Members that is typically used across the order lifecycle and within a firm's order management processes. Leveraging existing messaging protocols could result in quicker implementation times and simplify data aggregation for Participants, CAT Reporters, and the Plan Processor, though it is worth noting that message formats may need to be updated to support CAT Data requirements.
The Participants are not mandating the data ingestion format for the CAT. The Participants believe that the nature of the data ingestion is key to the architecture of the CAT. A cost study of members of the Participants did not reveal a strong cost preference for using an existing file format for reporting vs. creating a new format. However, FIF did indicate there was an industry preference among its members for using the FIX protocol.
See Appendix C, Analysis of the CAT NMS Plan, for additional details on cost studies.
See FIF Response.
Process to Develop the CAT
Bidders proposed several processes for development of the CAT: the agile or iterative development model, the waterfall model, and hybrid models that incorporate aspects of both the waterfall and agile methodologies. An agile methodology is an iterative model in which development is staggered and provides for continuous evolution of requirements and solutions. A waterfall model is a sequential process of software development with dedicated phases for Conception, Initiation, Analysis, Design, Construction, Testing, Production/Implementation and Maintenance. The agile or iterative model is flexible to changes and facilitates early delivery of usable software that can be used for testing and feedback, helping to facilitate software that meets users' needs. However, at the beginning of an agile or iterative development process, it can be difficult to accurately estimate the effort and time required for completion. The waterfall model would provide an up-front estimate of time and effort and would facilitate longer-term planning and coordination among multiple vendors or project streams. However, the waterfall model could be less flexible to changes, particularly changes that occur between design and delivery (and thereby potentially producing software that meets specifications but not user needs).
The Participants are not mandating a development process. The Participants believe that either agile or iterative development or waterfall method or even a combination of both methods could be utilized to manage the development of CAT.
Industry Testing
Bidders also proposed a range of approaches to industry testing, including dedicated environments, re-use of existing environments, scheduled testing events, and ongoing testing.
Dedicated industry test environments could provide the possibility of continuous testing by participants, rather than allow for testing only on scheduled dates. Use of dedicated industry test environments also would not impact other ongoing operations (such as disaster recovery sites). However, developing and maintaining dedicated test environments would entail additional complexity and expense. Such expenses may be highest in hosted architecture systems where dedicated hardware would be needed, but potentially rarely used.
The re-use of existing environments, such as disaster recovery environment, would provide simplicity and lower administrative costs. However, it could impact other ongoing operations, such as disaster recovery.
Scheduled testing events (which might be held, for example, on weekends only, or on specific dates throughout the year) could provide for more realistic testing by involving multiple market participants. This approach also would not require the test environment to be available at all times. However, scheduled events would not allow users to test on the CAT System until a dedicated time window is open.
Ongoing testing would allow users to test the CAT System as often as needed. However, this approach would require the test environment to be available at all times. It also may lead to lower levels of test participation at any given time, which may lead to less realistic testing.
The Participants are requiring that the CAT provide a dedicated test environment that is functionally equivalent to the production environment and available on a 24x6 basis. The Participants believe that an ongoing testing model will be more helpful to the industry because it will provide an environment in which to test any internal system changes or updates that may occur in the course of their business that may affect reporting to the CAT. Additionally, this environment will provide a resource through which the CAT Reporters can continually test any CAT System mandated or rule associated changes to identify and reduce data errors prior to the changes being implemented in the production environment.
Quality Assurance (QA)
The Participants considered a number of QA approaches and methodologies, informed by the Bidder's proposals as well as discussions with the Participants' own subject matter resources. Some of the approaches considered included “continuous integration,” where developer working copies are merged into the master and tested several times a day, test automation, and various industry standards such as ISO 20000/ITIL. The Participants are not mandating a single approach to QA beyond the requirements detailed in the RFP, for which each Bidder provided a detailed approach.
One key component of the QA approaches proposed by the Bidders was the staffing levels associated with QA. Initial QA proposals from Bidders included staffing ranges from between 2 and 90 FTEs, although some Bidders indicated that their QA function was directly incorporated into their development function. Some Bidders proposed allocating QA resources after the third month. A larger number of QA resources may facilitate structured, in-depth testing and validation of the CAT System. However, a larger set of QA resources could lead to higher fixed costs and administrative overhead.
The Participants are not mandating the size for QA staffing; however, the Participants will consider each Bidder's QA staffing proposals in the context of the overall Bid, and the selected Bidder must ensure that its QA staffing is sufficient to perform the activities required by the CAT NMS Plan. The Participants believe the QA staffing numbers varied in the Bids because they are largely dependent on both the staffing philosophy of the Bidder as well as the organizational structure for the proposed Central Repository.
User Support and Help Desk
The RFP required that the CAT Help Desk be available on a 24x7 basis, and that it be able to manage 2,500 calls per month. To comply with these requirements, Bidders proposed user support staffing ranges from five to 36 FTEs. They also proposed dedicated support teams and support teams shared with other groups.
A larger number of FTE user support staff could provide a higher level and quality of support. However, a higher number of staff would impose additional overhead and administrative costs. Additionally, as the support organization grows, it may become less closely integrated with the development team, which could decrease support effectiveness.
A dedicated CAT support team would facilitate deep knowledge of the CAT System and industry practices. However, it would create additional overhead and costs. Additionally, management of support teams may not be the managing firm's primary business, which could lead to inefficiencies. A support staff shared with non-CAT teams could provide for increased efficiency, if the team has greater experience in support more broadly. However, support resources may not have the depth of knowledge that dedicated support teams could be expected to develop.
The Participants are not requiring specific FTEs for user support staffing; however, the Participants will consider each Bidder's user support staffing proposals in the context of the overall Bid, and the selected Bidder must ensure that its staffing is sufficient to perform the activities required by the CAT NMS Plan. The Participants believe that the number of FTEs varied in the Bids because they are largely dependent on both the staffing philosophy of the Bidder as well as the organizational structure for the proposed Central Repository.
Some Bidders proposed a US-based help desk, while others proposed basing it offshore. A U.S.-based help desk could facilitate a higher level of service, and could provide a greater level of security (given the sensitive nature of the CAT). However, a U.S.-based help desk may have greater labor costs. An offshore help desk would potentially have lower labor costs, but could provide (actual or perceived) lower level of service, and could raise security concerns (particularly where the help desk resources are employed by a third-party).
The Participants are not requiring a specific location for the help desk. The Participants believe that as long as the Bidder's solution meets the service and security requirements of the CAT, it is not necessary to prescribe the location.
CAT User Management
Bidders proposed several approaches to user management : help desk creation of user accounts, user (e.g., broker-dealer) creation of accounts, and multi-role. Help desk creation of accounts would allow for greater oversight and validation of user creation. However, it would increase administrative costs, particularly in the early stages of the CAT (as an FTE must setup each user). User creation of accounts would require lower staffing levels but would provide less oversight and validation of user creation.
User management is a business function that grants, controls, and maintains user access to a system.
A multi-role approach would allow for a blended approach in which the Plan Processor could, for example, set up an administrator at each broker-dealer, and then allow the broker-dealer to set up additional accounts as needed. This approach could allow users with different levels of access to be provisioned differently, with those requiring greater oversight being provisioned manually. However, it would add complexity to the user creation system, and would provide less oversight and validation than would a fully manual system.
For CAT Reporters entering information into the CAT, the Participants are requiring that each user be validated by the Plan Processor to set-up access to the system. However, for staff at regulators that will be accessing the information for regulatory purposes only, the Plan Processor can establish a set-up administrator who has the ability to provide access to other users within its organization. However, such administrators cannot set up access for PII information. Staff at regulators who need access to PII information must go through an authentication process directly with the Plan Processor. The Participants believe that this approach balances the demand on the staff at the Plan Processor with the need to ensure proper oversight and validation for users of the CAT.
Required Reportable Order Events
The Participants considered multiple order event types for inclusion in the Plan. Of the order event types considered, the results order event type and the CAT feedback order event were not required. The Participants determined that a results order event type would not provide additional value over a “daisy chain” linkage method. A CAT feedback order event can be generated by the Plan Processor, thereby removing the reporting burden from reporting firms. Therefore the Participants are not requiring CAT Reporters to provide data for these two event types to the CAT. The required reportable order events are listed in Section 6.3(d).
Data Retention Requirements
SEC Rule 613(e)(8) requires data to be available and searchable for a period of not less than five years. Broker-dealers are currently required to retain data for six years under the Exchange Act Rule 17a-4(a).
The Participants support the use of a six year retention timeframe as it complies with Exchange Act Rule 17a-4(a). The Participants are requiring data for six years to be kept online in an easily accessible format to enable regulators to have access to six years of audit trail materials for purposes of its regulation.
The Participants understand that requiring this sixth year of data storage may increase the cost to run the CAT; however, they believe the incremental cost would be outweighed by the needs of regulators to have access to the information. An analysis of the six Shortlisted Bidder proposals indicated that the average expected year-on-year annual cost increase during years four and five (i.e., once all reporters were reporting to the Central Repository) was approximately 4%. Extending this increase to another year would result in incremental annual costs to the Plan Processor ranging from approximately $1.15 million to $4.44 million depending upon the Bidder. Based on the assumption that the cumulative annual cost increase from year five to year six will also be 4% (including all the components provided by the Bidders in their respective cost schedules ), the maximum cost increase for data retention for an additional year would be 4%.
RFP at 57.
Data Feed Connectivity
Bidders proposed either real-time SIP connectivity or end-of-day batch SIP connectivity. Real-time SIP connectivity would provide for more rapid access to SIP Data, but may require additional processing support to deal with out-of-sequence or missing records. End-of-day batch SIP connectivity provides the possibility of simpler implementation, but data from SIPs would not be available in the CAT until after overnight processing. Because CAT Reporters are only required to report order information on a next-day basis, the Participants are not requiring that the Plan Processor have real-time SIP connectivity.
Disaster Recovery
Participants discussed two commonly accepted structures for disaster recovery: hot-hot and hot-warm. While hot-hot allows for immediate cutover, the Participants agreed that real-time synchronization was not required, but rather that data must be kept synchronized to satisfy disaster recovery timing requirements (e.g., 48 hour cutover). A hot-warm structure meets the requirements of SEC Rule 613, and costs for hot-hot were considered to be higher than hot-warm. Therefore, the Participants are requiring a hot-warm disaster recovery structure, provided it meets the requirements set forth in Appendix D, BCP/DR Process.
In a hot-hot disaster recovery design, both the production site as well as the backup site are live, and the backup can be brought online immediately.
In a hot-warm disaster recovery design, the backup site is fully equipped with the necessary hardware. In the event of a disaster, the software and data would need to be loaded into the backup site for it to become operational.
Synchronization of Business Clocks
The Participants considered multiple levels of precision for the clock synchronization standard set forth in the plan, ranging from 1 second (s) to 100 microseconds (μs). The Participants determined based on their expertise and feedback from industry that an initial clock synchronization of 50 milliseconds (ms) would be the most practical and effective choice and represents the current industry standard. Pursuant to SEC Rule 613(d), the initial standard of 50ms will be subject to annual analysis as to whether or not a more stringent clock synchronization tolerance could be implemented consistent with changes in industry standards.
In order to identify the industry standard the Participants and Industry Members reviewed their own internal technology around Network Time Protocol (“NTP”) and Precision Time Protocol (“PTP”), potentially used in conjunction with Global Positioning System (“GPS”). In reviewing internal infrastructure, the Participants and Industry Members noted that the majority of firms had indicated that they leveraged at least NTP clock synchronization technology. In addition, the FIF conducted a clock synchronization survey (“FIF Clock Offset Survey”) of 28 firms to identify costs and challenges associated with clock synchronization tolerances of 50ms, 5ms, 1ms, and 100μs. The FIF Clock Offset Survey indicated that 93% of responding firms leverage NTP technology, while fewer than half of responding firms use SNTP, PTP, or GPS. In reviewing the standards for NTP technology, the Participants determined that this technology can accommodate a 50ms tolerance. In addition, the FIF Clock Offset Survey demonstrated that 60% of responding firms currently synchronize their clocks with an offset of 50ms or greater, with approximately 20% of responding firms currently using an offset of 50ms. Only 18% of responding firms used a clock offset of 30ms or less. In light of these reviews and the survey data, the Participants concluded that a clock offset of 50ms represents an aggressive, but achievable, industry standard.
NTP and PTP are protocols used to synchronize clocks across a computer network.
GPS is a radio navigation system that can be used to capture a precise determination of time.
FIF Clock Offset Survey Preliminary Report.
In addition to determining current industry clock offset standards used in the industry, the FIF Clock Offset Survey indicated that the costs to survey respondents were as follows:
The Participants consider the estimates provided to be conservative as a majority of the study respondents fell into the category of large broker-dealers.
Proposed clock offset | Estimated implementation cost (per firm) | Estimated annual maintenance cost (per firm) |
---|---|---|
50ms | $554,348 | $313,043 |
5ms | $887,500 | $482,609 |
1ms | $1,141,667 | $534,783 |
100μs | $1,550,000 | $783,333 |
As indicated in the above table, annual maintenance costs of survey respondents for a 50ms standard would be on average 31% higher than current costs, and would escalate to 102%, 123%, and 242% increases over current maintenance costs as clock synchronization standards move to 5ms, 1ms, and 100μs respectively, indicating that maintenance costs rapidly escalate as clock synchronization standards increase beyond 50ms. Survey respondents also indicated that increasing clock synchronization requirements would require escalating technology changes, including significant hardware changes (such as installation of dedicated GPS or other hardware clocks and network architecture redesign), migration to new time synchronization standards, and widespread upgrades of operating systems and databases currently in use. For example, to achieve a 5ms clock offset would require firms to install GPS clocks in all locations and migrate from NTP to PTP. The Participants believe, based on the FIF Clock Offset Survey, that fewer than half of firms currently leverage GPS technology or PTP for clock synchronization.
As noted in Article VI, Section 6.8, the Participants, working with the Processor's Chief Compliance Officer, shall annually evaluate and make recommendations as to whether industry standards have evolved such that changes to the clock synchronization standards should be changed. It is the belief of the Participants that, while setting an initial clock synchronization of 5ms lower than 50ms may be achievable, it does not represent current industry standard and there may be challenges with small broker-dealers' potentially substantial costs. However, once both large and small broker-dealers begin reporting data to the Central Repository, and as increased time synchronization standards become more mature, the Participants will assess the ability to tighten the clock synchronization standards to reflect changes in industry standards in accordance with SEC Rule 613.
Reportable Securities
SEC Rule 613(c)(6) requires NMS Securities to be reported the Central Repository and SEC Rule 613(i) requires the Participants to detail a plan outlining how non-NMS Securities, debt securities, and Primary Market Transactions in equity securities that are not NMS Securities can be reported to the Central Repository in the future. The Participants considered whether to require including OTC Equity Securities, non NMS Securities, in a future phase of the CAT NMS Plan, as contemplated by the Commission in SEC Rule 613, or accelerating their inclusion into the first phase of the Plan. As part of this consideration, Participants weighed heavily the feedback from the DAG and other market participants of the considerations associated with the two alternatives, and made the determination to include OTC Equities in the requirements under the CAT NMS Plan.
APPENDIX D
CAT NMS Plan Processor Requirements
Appendix D, CAT NMS Plan Processor Requirements, outlines minimum functional and technical requirements established by the Participants of the CAT NMS Plan for the Plan Processor. Given the technical nature of many of these requirements, it is anticipated, as technology evolves, that some may change over time. The Participants recognize that effective oversight of, and a collaborative working relationship with, the Plan Processor will be critical to ensure the CAT achieves its intended purpose, namely enhanced investor protection, in an efficient and cost-effective manner. The Participants also recognize that maintaining the efficiency and cost-effectiveness of the CAT requires flexibility to respond to technological innovations and market changes. For example, these minimum functional and technical requirements allow the Plan Processor flexibility to make certain changes to the Technical Specifications, while limiting others to the Operating Committee, and anticipate agreement between the Operating Committee and the Plan Processor on SLAs relating to, among other things, development, change management, and implementation processes and timelines. Maintaining such flexibility to adapt in these and other areas relating to the development and operation of the CAT is a foundational principle of this Appendix D.
Central Repository Requirements
Technical Architecture Requirements
The Central Repository must be designed and sized to ingest, process, and store large volumes of data. The technical infrastructure needs to be scalable, adaptable to new requirements and operable within a rigorous processing and control environment. As a result, the technical infrastructure will require an environment with significant throughput capabilities, advanced data management services and robust processing architecture.
The technical architecture must be scalable and able to readily expand its capacity to process significant increases in data volumes beyond the baseline capacity. The baseline capacity requirements are defined in this document. Once the CAT NMS Plan is approved, the Operating Committee will define the baseline metrics on an ongoing basis. CAT capacity planning must include SIP, OPRA and exchange capacity and growth forecasts. The initial baseline capacity requirements will be based on twice (2X) the historical peaks for the most recent six years, and the Plan Processor must be prepared to handle peaks in volume that could exceed this baseline for short periods. The SLA(s) will outline details of the technical performance and scalability requirements, and will be specifically targeted to the selected Bidder's solution.
The Central Repository must have the capacity and capability to:
Ingest and process throughput to meet baseline capacity requirements as well as scalability to meet peak capacity requirements, including staging, loading, speed of processing, and linking of data;
Accommodate data storage and query compute, such as:
○ Scalable for growth data storage and expansion capability, including but not limited to, resizing of database(s), data redistribution across nodes, and resizing of network bandwidth;
○ Robust processes to seamlessly add capacity without affecting the online operation and performance of the CAT System; and
○ Quantitative methods for measuring, monitoring, and reporting of excess capacity of the solution;
Satisfy minimum processing standards as described in the CAT RFP and that will be further defined in the SLA(s);
Adapt to support future technology developments and new requirements (including considerations for anticipated/potential changes to applicable rules and market behavior);
Handle an extensible architecture that is capable of supporting asset classes beyond the initial scope of NMS Securities and OTC Equity Securities;
Comply with the clock synchronization standards as set forth in Article VI, Section 6.8; and
Handle an extensible data model and messaging protocols that are able to support future requirements such as, but not limited to:
○ Expansion of trading hours, including capability and support for 24-hour markets;
○ Sessions for securities; and
Equity markets currently have morning, primary, and evening sessions. It is possible that over time sessions may cross into the next calendar day.
○ New asset classes, such as debt securities or derivative instruments.
Technical Environments
The architecture must include environments for production, development, quality assurance testing, disaster recovery, industry-wide coordinated testing, and individual on-going CAT Reporter testing. The building and introduction of environments available to CAT Reporters may be phased in to align with the following agreed upon implementation milestones:
Development environment—the development environment must be created to build, develop, and maintain enhancements and new requirements. This environment must be separate from those listed below.
Quality assurance environment—a quality assurance (QA) environment must be created to allow simulation and testing of all applications, interfaces, and data integration points contained in the CAT System.
○ The QA environment shall be able to simulate end-to-end production functionality and perform with the same operational characteristics, including processing speed, as the production environment.
○ The QA environment shall support varied types of changes, such as, but not limited to, the following:
Application patches;
Bug fixes;
Operating system upgrades;
Introduction of new hardware or software components;
New functionality;
Network changes;
Regression testing of existing functionality;
Stress or load testing (simulation of production-level usage); and
Recovery and failover.
○ A comprehensive test plan for each build and subsequent releases must be documented.
Production environment—fully operational environment that supports receipt, ingestion, processing and storage of CAT Data. Backup/disaster recovery components must be included as part of the production environment.
Industry test environment—
○ The Plan Processor must provide an environment supporting industry testing (test environment) that is functionally equivalent to the production environment, including:
End-to-end functionality (e.g., data validation, processing, linkage, error identification, correction and reporting mechanism) from ingestion to output, sized to meet the standards of the production SLA;
Performance metrics that mirror the production environment; and
Management with the same information security policies applicable to the production environment.
○ The industry test environment must also contain functionality to support industry testing, including:
Minimum availability of 24x6;
Replica of production data when needed for testing;
Data storage sized to meet varying needs, dependent upon scope and test scenarios; and
Support of two versions of code (current and pending).
○ The industry test environment must support the following types of industry testing:
Technical upgrades made by the Plan Processor;
CAT code releases that impact CAT Reporters;
Changes to industry data feeds (e.g., SIP, OPRA, etc.);
Industry-wide disaster recovery testing;
Individual CAT Reporter and Data Submitter testing of their upgrades against CAT interfaces and functionality; and
Multiple, simultaneous CAT Reporter testing.
○ The industry test environment must be a discrete environment separate from the production environment.
○ The Plan Processor must provide the linkage processing of data submitted during coordinated, scheduled, industry-wide testing. Results of the linkage processes must be communicated back to Participants as well as to the Operating Committee.
○ Data from industry testing must be saved for three months. Operational metrics associated with industry testing (including but not limited to testing results, firms who participated, and amount of data reported and linked) must be stored for the same duration as the CAT production data.
○ The Plan Processor must provide support for industry testing, including testing procedures, coordination of industry testing, publish notifications, and provide help desk support during industry testing.
○ The Participants and the SEC must have access to industry test data.
Capacity Requirements
System capacity must have the following characteristics.
References to data sizing refer to raw, uncompressed data and do not account for benefits of compression, overhead of data storage or indices. Data sizing estimates do not include meta-data and are based on delimited, fixed length data sets. The Plan Processor is responsible for calculating its platform capacity capabilities based on its proposed solution. Three years after the finalization of the CAT NMS Plan, when all CAT Reporters submit their data to the Central Repository, the Central Repository must be sized to receive process and load more than 58 billion records per day.
The Central Repository must be:
Designed such that additional capacity can be quickly and seamlessly integrated while maintaining system access and availability requirements;
Able to efficiently and effectively handle data ingestion on days with peak and above-peak data submission volumes; and
Required to maintain and store data for a 6-year sliding window of data. System access and availability requirements must be maintained during the maintenance of the sliding window. It is expected that the Central Repository will grow to more than 29 petabytes of raw, uncompressed data.
The Plan Processor must:
Define a capacity planning process to be approved by the Operating Committee, with such process incorporating industry utility capacity metrics; and
Develop a robust process to add capacity, including both the ability to scale the environment to meet the expected annual increases as well as to rapidly expand the environment should unexpected peaks in data volumes breach the defined capacity baseline. Capacity forecasts from systems, including OPRA, UTP, and CTA, must also be included for capacity planning purposes. This capacity planning process must be approved by the Operating Committee.
Monitoring Capacity Utilization and Performance Optimization
In order to manage the data volume, operational capacity planning must be conducted on a periodic basis. The Plan Processor must submit capacity-planning metrics to the Operating Committee for review to ensure that all parties are aware of the system processing capabilities and changes to assumptions. Changes to assumptions could lead to positive or negative adjustments in the costs charged to CAT Reporters. Reports that capture daily disk space, processing time, amount of data received and linkage completion times must be provided by the Plan Processor to the Operating Committee.
Data Retention Requirements
The Plan Processor must develop a formal record retention policy and program for the CAT, to be approved by the Operating Committee, which will, at a minimum:
Contain requirements associated with data retention, maintenance, destruction, and holds;
Comply with applicable SEC record-keeping requirements;
Have a record hold program where specific CAT Data can be archived offline for as long as necessary;
Store and retain both raw data submitted by CAT Reporters and processed data; and
Make data directly available and searchable electronically without manual intervention for at least six years.
Data Management
The Plan Processor must develop data management policies and procedures to govern and manage CAT Data, reference data, and metadata contained in and used by the Central Repository.
The CAT must capture, store, and maintain current and historical reference data information. This master/reference database will include data elements such as, but not limited to, SRO-assigned market participant identifiers, product type, trading unit size, trade/quote minimum price variation, corporate actions, symbology changes, and changes in listings market center. The Plan Processor must support bi-temporal milestones (e.g., Effective Date and as-of-date) of the reference data.
CAT Reporters will submit data to the Central Repository with the listing exchange symbology format. The Central Repository must use the listing exchange symbology format for output of the linked data. Instrument validation must be included in the processing of data submitted by CAT Reporters.
The Central Repository must be able to link instrument data across any time period so that data can be properly displayed and linked regardless of changes to issue symbols or market class. The Plan Processor is required to create and maintain a symbol history and mapping table, as well as to provide a tool that will display a complete issue symbol history that will be accessible to CAT Reporters, Participants and the SEC. In addition, the Plan Processor will be required to create a start-of-day (“SOD”) and end-of-day (“EOD”) CAT reportable list of securities for use by CAT Reporters. This list must be available online and in a machine readable (e.g., .csv) format by 6 a.m. on each Trading Day.
Queries, reports, and searches for data that span dates where there are changes to reference data must automatically include data within the requested date range. For example, if a query is run for a symbol that had three issue symbol changes during the time window of the query parameters, the result set must automatically include data for all three symbols that were in use during the time window of the query.
The Plan Processor must also develop an end-to-end process and framework for technical, business and operational metadata.
Data Types and Sources
The Plan Processor will be responsible for developing detailed data and interface specifications for data to be submitted by CAT Reporters. These specifications will be contained in the Technical Specifications, the initial version of which will be presented to the Operating Committee for approval. The Technical Specifications must be designed to capture all of the data elements required by SEC Rule 613, as well as other information the Participants determine necessary to facilitate elimination of reporting systems that the CAT may cause to be redundant, such as EBS and OATS. In the future, new data sources such as public news may be added to the specifications.
CAT Reporters and Data Submitters will transmit data in an electronic data format(s) that will be defined by the Plan Processor. The Technical Specifications must include details for connectivity and electronic submission, transmission, retransmission and processing. It is possible that more than one format will be defined to support the various senders throughout the industry.
The Participants anticipate that some broker-dealers will not directly report to the CAT but will rely on other organizations to report on their behalf. However, the CAT will need to have the flexibility to adapt on a timely basis to changes in the number of entities that report CAT Data.
Data Feed Management
The Plan Processor must monitor and manage incoming and outgoing data feeds for, at a minimum, the following:
Data files from each CAT Reporter and Data Submitter;
Files that cover multiple trade dates (e.g., to account for clearing and changes);
Full and partial file submissions that contain corrections from previously rejected files;
Full and partial file submissions based on CAT Reporter; and
Receipt and processing of market data feeds (SIP, OPRA, OCC).
The Plan Processor must also develop a process for detecting, managing, and mitigating duplicate file submissions. It must create and store operational logs of transmissions, success, and failure reasons in order to create reports for CAT Reporters, Participants, and the SEC. Outgoing data feeds must be logged and corresponding metadata elements must be monitored and captured.
Managing connectivity for data feeds (e.g., SIPs, broker-dealers and regulators)
The Plan Processor will be required to ensure that it provides all CAT Reporters with the ability to transmit CAT Data to the Central Repository as required to meet the reporting requirements. The Plan Processer is required to have a robust managed file transfer (“MFT”) tool, including full monitoring, permissioning, auditing, security, high availability, file integrity checks, identification of data transmission failures/errors, transmission performance metrics, multiple transmission protocols, Latency/network bottlenecks or delays, key management, etc. CAT Reporters must also have the ability to conduct manual data entry via a GUI interface or the uploading of a file, subject to a maximum record capacity, which will be defined by the Plan Processor in consultation with the Operating Committee.
To be defined in the SLAs to be agreed to between the Participants and the Plan Processor, as detailed in Appendix D, Functionality of the CAT System.
Reporting and Linkage Requirements
All CAT Data reported to the Central Repository must be processed and assembled to create the complete lifecycle of each Reportable Event. Reportable Events must contain data elements sufficient to ensure the same regulatory coverage currently provided by existing regulatory reporting systems that have been identified as candidates for retirement.
Additionally, the Central Repository must be able to:
Assign a unique CAT-Reporter-ID to all reports submitted to the system based on sub-identifiers, (e.g., MPIDs, ETPID, trading mnemonic) currently used by CAT Reporters in their order handling and trading processes.
Handle duplicate sub-identifiers used by members of different Participants to be properly associated with each Participant.
Generate and associate one or more Customer-IDs with all Reportable Events representing new orders received from a Customer(s) of a CAT Reporter. The Customer-ID(s) will be generated from a Firm Designated ID provided by the CAT Reporter for each such event, which will be included on all new order events.
Accept time stamps on order events handled electronically to the finest level of granularity captured by CAT Reporters. Additionally, the CAT must be able to expand the time stamp field to accept time stamps to an even finer granularity as trading systems expand to capture time stamps in ever finer granularity. The Plan Processor must normalize all processed date/time CAT Data into a standard time zone/format.
In addition, the data required from CAT Reporters will include all events and data elements required by the Plan Processor in the Technical Specifications to build the:
Life cycle of an order for defined events within a CAT Reporter;
Life cycle of an order for defined events intra-CAT Reporter; and
State of all orders across all CAT Reporters at any point in time.
The Plan Processor must use the “daisy chain approach” to link and create the order lifecycle. In the daisy chain approach, a series of unique order identifiers, assigned to all order events handled by CAT Reporters are linked together by the Central Repository and assigned a single CAT-generated CAT-Order-ID that is associated with each individual order event and used to create the complete lifecycle of an order.
By using the daisy chain approach the Plan Processor must be able to link all related order events from all CAT Reporters involved in the lifecycle of an order. At a minimum, the Central Repository must be able to create the lifecycle between:
All order events handled within an individual CAT Reporter, including orders routed to internal desks or departments with different functions (e.g., an internal ATS);
Customer orders to “representative” orders created in firm accounts for the purpose of facilitating a customer order (e.g., linking a customer order handled on a riskless principal basis to the street-side proprietary order);
Orders routed between broker-dealers;
Orders routed from broker-dealers to exchanges;
Orders sent from an exchange to its routing broker-dealer;
Executed orders and trade reports;
Various legs of option/equity complex orders; and
Order events for all equity and option order handling scenarios that are currently or may potentially be used by CAT Reporters, including:
○ Agency route to another broker-dealer or exchange;
○ Riskless principal route to another broker-dealer or exchange capturing within the lifecycle both the customer leg and street side principal leg;
○ Orders routed from one exchange through a routing broker-dealer to a second exchange;
○ Orders worked through an average price account capturing both the individual street side execution(s) and the average price fill to the Customer;
○ Orders aggregated with other orders for further routing and execution capturing both the street side executions for the aggregated order and the fills to each customer order;
○ Complex orders involving one or more options legs and an equity leg, with a linkage between the option and equity legs;
○ Complex orders containing more legs than an exchange's order management system can accept, causing the original order to be broken into multiple orders;
○ Orders negotiated over the telephone or via a negotiation system;
○ Orders routed on an agency basis to a foreign exchange;
○ Execution of customer order via allocation of shares from a pre-existing principal order;
○ Market maker quotes; and
○ Complex orders involving two or more options legs.
Additionally, the Central Repository must be able to:
Link each order lifecycle back to the originating Customer;
Integrate and appropriately link reports representing repairs of original submissions that are rejected by the CAT due to a failure to meet a particular data validation;
Integrate into the CAT and appropriately link reports representing records that are corrected by a CAT Reporter for the purposes of correcting data errors not identified in the data validation process;
Assign a single CAT-Order-ID to all events contained within the lifecycle of an order so that regulators can readily identify all events contained therein; and
Process and link Manual Order Events with the remainder of the associated order lifecycle.
Timelines for Reporting
CAT Data for the previous Trading Day must be reported to the Central Repository by 8:00 a.m. Eastern Time on the Trading Day following the day the Industry Member receives such data; however, the Plan Processor must accept data prior to that deadline, including intra-day submissions.
Other Items
The Plan Processor must anticipate and manage order data processing over holidays, early market closures and both anticipated and unanticipated market closures. The Plan Processor must allow and enable entities that are not CAT Reporters (e.g., service bureaus) to report on behalf of CAT Reporters only upon being permissioned by the CAT Reporter, and must develop appropriate tools to facilitate this process.
Required Data Attributes for Order Records Submitted by CAT Reporters
At a minimum, the Plan Processor must be able to receive the data elements as detailed in the CAT NMS Plan.
Data Security
Overview
SEC Rule 613 requires that the Plan Processor ensure the security and confidentiality of all information reported to and maintained by the CAT in accordance with the policies, procedures and standards in the CAT NMS Plan.
The Plan Processor must have appropriate solutions and controls in place to ensure data confidentiality and security during all communication between CAT Reporters and Data Submitters and the Plan Processor, data extraction, manipulation and transformation, loading to and from the Central Repository and data maintenance by the CAT System. The Plan Processor must address security controls for data retrieval and query reports by Participant and the SEC. The solution must provide appropriate tools, logging, auditing and access controls for all components of the CAT System, such as but not limited to access to the Central Repository, access for CAT Reporters, access to rejected data, processing status and CAT Reporter performance and comparison statistics.
The Plan Processor must provide to the Operating Committee a comprehensive security plan that covers all components of the CAT System, including physical assets and personnel, and the training of all persons who have access to the Central Repository consistent with Article VI, Section 6.1(m). The security plan must be updated annually. The security plan must include an overview of the Plan Processor's network security controls, processes and procedures pertaining to the CAT Systems. Details of the security plan must document how the Plan Processor will protect, monitor and patch the environment; assess it for vulnerabilities as part of a managed process, as well as the process for response to security incidents and reporting of such incidents. The security plan must address physical security controls for corporate, data center, and leased facilities where Central Repository data is transmitted or stored. The Plan Processor must have documented “hardening baselines” for systems that will store, process, or transmit CAT Data or PII data.
Connectivity and Data Transfer
The CAT System(s) must have encrypted internet connectivity. CAT Reporters must connect to the CAT infrastructure using secure methods such as private lines or (for smaller broker-dealers) Virtual Private Network connections over public lines. Remote access to the Central Repository must be limited to authorized Plan Processor staff and must use secure multi-factor authentication that meets or exceeds the Federal Financial Institutions Examination Council (“FFIEC”) security guidelines surrounding authentication best practices.
Federal Financial Institutions Examination Council, Supplement to Authentication in an Internet Banking Environment (June 22, 2011), available at http://www.ffiec.gov/pdf/Auth-ITS-Final%206-22-11%20(FFIEC%20Formated).pdf .
The CAT databases must be deployed within the network infrastructure so that they are not directly accessible from external end-user networks. If public cloud infrastructures are used, virtual private networking and firewalls/access control lists or equivalent controls such as private network segments or private tenant segmentation must be used to isolate CAT Data from unauthenticated public access.
Data Encryption
All CAT Data must be encrypted at rest and in flight using industry standard best practices (e.g., SSL/TLS ) including archival data storage methods such as tape backup. Symmetric key encryption must use a minimum key size of 128 bits or greater (e.g., AES-128), larger keys are preferable. Asymmetric key encryption (e.g., PGP) for exchanging data between Data Submitters and the Central Repository is desirable.
[All PII data must be encrypted both at rest and in flight, including archival data storage methods such as tape backup.] Storage of unencrypted PII data is not permissible. PII encryption methodology must include a secure documented key management strategy such as the use of HSM(s). The Plan Processor must describe how PII encryption is performed and the key management strategy (e.g., AES-256, 3DES).
[CAT Data stored in a public cloud must be encrypted at rest. Non-PII CAT Data stored in a Plan Processor private environment is not required to be encrypted at rest.]
If public cloud managed services are used that would inherently have access to the data (e.g., BigQuery, S3, Redshift), then the key management surrounding the encryption of that data must be documented (particularly whether the cloud provider manages the keys, or if the Plan Processor maintains that control). Auditing and real-time monitoring of the service for when cloud provider personnel are able to access/decrypt CAT Data must be documented, as well as a response plan to address instances where unauthorized access to CAT Data is detected. Key management/rotation/revocation strategies and key chain of custody must also be documented in detail.
Data Storage and Environment
Data centers housing CAT Systems (whether public or private) must, at a minimum, be AICPA SOC 2 certified by [an independent third party auditor] a qualified third-party auditor that is not an affiliate of any of the Participants or the CAT Processor. The frequency of the audit must be at least once per year.
CAT compute infrastructure may not be commingled with other non-regulatory systems (or tenets, in the case of public cloud infrastructure). Systems hosting the CAT processing for any applications must be segmented from other systems as far as is feasible on a network level (firewalls, security groups, ACL's, VLAN's, authentication proxies/bastion hosts and similar). In the case of systems using inherently shared infrastructure/storage (e.g., public cloud storage services), an encryption/key management/access control strategy that effectively renders the data private must be documented.
The Plan Processor must include penetration testing and an application security code audit by a reputable (and named) third party prior to launch as well as periodically as defined in the SLA(s). Reports of the audit will be provided to the Operating Committee as well as remediation plan for identified issues. The penetration test reviews of the Central Repository's network, firewalls, and development, testing and production systems should help the CAT evaluate the system's security and resiliency in the face of attempted and successful systems intrusions.
Data Access
The Plan Processor must provide an overview of how access to PII and other CAT Data by Plan Processor employees and administrators is restricted. This overview must include items such as, but not limited to, how the Plan Processor will manage access to the systems, internal segmentation, multi-factor authentication, separation of duties, entitlement management, background checks, etc.
The Plan Processor must develop and maintain policies and procedures reasonably designed to prevent, detect, and mitigate the impact of unauthorized access or usage of data in the Central Repository. Such policies and procedures must be approved by the Operating Committee, and should include, at a minimum:
Information barriers governing access to and usage of data in the Central Repository;
Monitoring processes to detect unauthorized access to or usage of data in the Central Repository; and
Escalation procedures in the event that unauthorized access to or usage of data is detected.
A Role Based Access Control (“RBAC”) model must be used to permission user with access to different areas of the CAT System. The CAT System must support an arbitrary number of roles with access to different types of CAT Data, down to the attribute level. The administration and management of roles must be documented. Periodic reports detailing the current list of authorized users and the date of their most recent access must be provided to Participants, the SEC and the Operating Committee. The reports of the Participants and the SEC will include only their respective list of users. The Participants [and the SEC] must provide a response to the report confirming that the list of users is accurate. The required frequency of this report will be defined by the Operating Committee. The Plan Processor must log every instance of access to Central Repository data by users.
Passwords stored in the CAT System must be stored according to industry best practices. Reasonable password complexity rules should be documented and enforced, such as, but not limited to, mandatory periodic password changes and prohibitions on the reuse of the recently used passwords.
Password recovery mechanisms must provide a secure channel for password reset, such as emailing a one-time, time-limited login token to a pre-determined email address associated with that user. Password recovery mechanisms that allow in-place changes or email the actual forgotten password are not permitted.
Any login to the system that is able to access PII data must follow non-PII password rules and must be further secured via multi-factor authentication (“MFA”). The implementation of MFA must be documented by the Plan Processor. MFA authentication capability for all logins [(including non-PII)] is required to be implemented by the Plan Processor.
Breach Management
The Plan Processor must develop policies and procedures governing its responses to systems or data breaches. Such policies and procedures will include a formal cyber incident response plan, and documentation of all information relevant to breaches.
The cyber incident response plan will provide guidance and direction during security incidents. The plan will be subject to approval by the Operating Committee. The plan may include items such as:
Guidance on crisis communications;
Security and forensic procedures;
Customer notifications;
“Playbook” or quick reference guides that allow responders quick access to key information;
Insurance against security breaches;
Retention of legal counsel with data privacy and protection expertise; and
Retention of a Public Relations firm to manage media coverage.
Documentation of information relevant to breaches should include:
A chronological timeline of events from the breach throughout the duration of the investigation;
Relevant information related to the breach (e.g., date discovered, who made the discovery, and details of the breach);
Response efforts, involvement of third parties, summary of meetings/conference calls, and communication; and
The impact of the breach, including an assessment of data accessed during the breach and impact on CAT Reporters.
PII Data Requirements
PII data must not be included in the result set(s) from online or direct query tools, reports or bulk data extraction. Instead, results will display existing non-PII unique identifiers (e.g., Customer-ID or Firm Designated ID). The PII corresponding to these identifiers can be gathered using the PII workflow described in Appendix D, Data Security, PII Data Requirements. By default, users entitled to query CAT Data are not authorized for PII access. The process by which someone becomes entitled for PII access, and how they then go about accessing PII data, must be documented by the Plan Processor. The chief regulatory officer, or other such designated officer or employee at each Participant [and the Commission] must, at least annually, review and certify that people with PII access have the appropriate level of access for their role.
Using the RBAC model described above, access to PII data shall be configured at the PII attribute level, following the “least privileged” practice of limiting access as much as possible.
PII data must be stored separately from other CAT Data. It cannot be stored with the transactional CAT Data, and it must not be accessible from public internet connectivity. A full audit trail of PII access (who accessed what data, and when) must be maintained. The Chief Compliance Officer and the Chief Information Security Officer shall have access to daily PII reports that list all users who are entitled for PII access, as well as the audit trail of all PII access that has occurred for the day being reported on.
Industry Standards
The following industry standards [, at a minimum,]—which is not intended to be an exclusive list— must be followed as such standards and requirements may be replaced by successor publications, or modified, amended, or supplemented and as approved by the Operating Committee (in the event of a conflict between standards, the more stringent standard shall apply, subject to the approval of the Operating Committee):
National Institute of Standards and Technology:
○ 800-23—Guidelines to Federal Organizations on Security Assurance and Acquisition/Use of Test/Evaluated Products
○ 800-53—Security and Privacy Controls for Federal Information Systems and Organizations
○ 800-115—Technical Guide to Information Security Testing and Assessment
○ 800-118—Guide to Enterprise Password Management
○ 800-133—Recommendation for Cryptographic Key Generation
○ 800-137—Information Security Continuous Monitoring for Federal Information Systems and Organizations
○ To the extent not specified above, all other provisions of the NIST Cyber Security Framework
Federal Financial Institutions Examination Council:
○ Authentication Best Practices
International Organization for Standardization:
○ ISO/IEC 27001—Information Security Management
The Company shall endeavor to join the FS-ISAC and comparable bodies as the Operating Committee may determine. The FS-ISAC provides real time security updates, industry best practices, threat conference calls, xml data feeds and a member contact directory. The FS-ISAC provides the Company with the ability to work with the entire financial industry to collaborate for the purposes of staying up to date with the latest information security activities.
BCP/DR Process
Overview
The Plan Processor must develop and implement disaster recovery (“DR”) and business continuity plans (“BCP”) that are tailored to the specific requirements of the CAT environment, and which must be approved and regularly reviewed by the Operating Committee. The BCP must address the protection of data, service for the data submissions, processing, data access, support functions and operations. In the context of this document, BCP generally refers to how the business activities will continue in the event of a widespread disruption and the DR requirements refer to how the CAT infrastructure will be designed to support a full data center outage. In addition, the Plan Processor must have SLAs in place to govern redundancy (i.e., no single point of failure) of critical aspects of the CAT System (e.g., electrical feeds, network connectivity, redundant processors, storage units, etc.) and must have an architecture to support and meet the SLA requirements. Any SLAs between the Plan Processor and third parties must be approved by the Operating Committee.
Industry Standards
The following National Institute of Standards and Technology standards, at a minimum, must be followed in association with Disaster Recovery, in each case as such standards and requirements may be replaced by successor publications, or modified, amended, or supplemented and as approved by the Operating Committee:
800-34—Contingency Planning for Federal Information Systems; and
Specifically, the following sections as minimum requirements for designing and implementing BCP and DR plans:
○ Chapter 3: Information System Contingency Planning Process, which identifies seven steps to use when developing contingency plans;
○ Chapter 4: Information System Contingency Plan Development, which outlines the key elements of a contingency plan;
○ Chapter 5: Technical Contingency Planning Considerations (using the specific sections applicable to the Plan Processor's systems) which provides considerations specific to different types of technology; and
○ Other sections and the appendices should be taken into consideration as warranted.
In addition, the Plan Processor will need to develop a process to manage and report all breaches.
Business Continuity Planning
The Plan Processor will design a BCP that supports a continuation of the business activities required of the CAT in the event of a widespread disruption.
With respect to the team supporting CAT business operations, a secondary site must be selected that is capable of housing the critical staff necessary for CAT business operations. The site must be fully equipped to allow for immediate use. The selection of the site must take into account diversity in utility and telecommunications infrastructure as well as the ability for CAT staff to access the site in the event of transit shutdowns, closure of major roadways and other significant disruptions that may affect staff. Planning should consider operational disruption involving significant unavailability of staff.
A bi-annual test of CAT operations where CAT staff operates the facility from the secondary site is required. This will ensure that phone systems, operational tools and other help desk functions all work as expected and the Plan Processor still functions as usual even in the event of a disruption.
CAT operations staff must maintain, and annually test, remote access capabilities to ensure smooth operations during a site un-availability event. Certain critical staff may be required to report directly to the secondary office site. However, an effective telecommuting solution must be in place for all critical CAT operations staff. Furthermore, any telecommuting strategy must require a remote desktop style solution where CAT operations and data consoles remain at the primary data center and must further ensure that CAT Data may not be downloaded to equipment that is not CAT-owned and compliant with CAT security requirements.
The BCP must identify critical third party dependencies. The Plan Processor will coordinate with critical suppliers regarding their arrangements and involve these parties in tests on an annual basis. Critical third party firms may be required to provide evidence of their BCP capabilities and testing.
The Plan Processor must conduct third party risk assessments at regular intervals to verify that security controls implemented are in accordance with NIST SP 800-53. These risk assessments must include assessment scheduling, questionnaire completion and reporting. The Plan Processor should provide assessment reports to the Operating Committee.
The Plan Processor will develop and annually test a detailed crisis management plan to be invoked following certain agreed disruptive circumstances.
The processing sites for business continuity must adhere to the “Interagency Paper on Sound Practices to Strengthen the Resilience of the U.S. Financial System.”
See Interagency Paper on Sound Practices to Strengthen the Resilience of the U.S. Financial System (Apr. 8, 2003), available at http://www.sec.gov/news/studies/34-47638.htm .
The Plan Processor will conduct an annual Business Continuity Audit using an Independent Auditor approved by the Operating Committee. The Independent Auditor will document all findings in a detailed report provided to the Operating Committee.
Disaster Recovery Requirements
The Plan Processor will implement a DR capability that will ensure no loss of data and will support the data availability requirements and anticipated volumes of the CAT.
A secondary processing site must be capable of recovery and restoration of services at the secondary site within a minimum of 48 hours, but with the goal of achieving next day recovery after a disaster event. The selection of the secondary site must consider sites with geographic diversity that do not rely on the same utility, telecom and other critical infrastructure services. The processing sites for disaster recovery and business continuity must adhere to the “Interagency Paper on Sound Practices to Strengthen the Resilience of the U.S. Financial System.”
The secondary site must have the same level of availability/capacity/throughput and security (physical and logical) as the primary site. The requirement implies and expects that fully redundant connectivity between the primary and secondary processing sites be established and fully available. Further, given this recovery window, this connectivity must be used to replicate repositories between the primary and secondary sites. Finally, CAT Reporter and Data Submitter submissions must be replicated to the secondary site for possible replay if recent replications are incomplete. Replication must occur as deliveries complete to ensure that a widespread communications failure will have minimal impact to the state of the secondary site.
On an annual basis, the Plan Processor must execute an industry DR test, which must include Plan Participants and a critical mass of non-Plan Participant CAT Reporters and Data Submitters. The tests must be structured such that all CAT Reporters and other Data Submitters can upload to the DR site and the data be ingested by the CAT Data loaders. All DR tests are required to realistically reflect the worst-case scenario.
Failover processes must be transparent to CAT Reporters, as well as failback. In the event of a site failover, CAT Reporters must be able to deliver their daily files without changing configuration. This avoids requiring all CAT Reporters to update configurations, which is an error-prone effort.
After a DR event, the primary processing site must be made available as quickly as possible. For short duration DR events, the primary site must be returned to primary within 48 hours after the DR event. Longer duration outages will have differing SLAs. The DR plan must include designs that allow the re-introduction of the primary site or the introduction of a new primary site as the event dictates and an indication of the time required for this re-introduction.
Data Availability
Data Processing
CAT order events must be processed within established timeframes to ensure data can be made available to Participants' regulatory staff and the SEC in a timely manner. The processing timelines start on the day the order event is received by the Central Repository for processing. Most events must be reported to the CAT by 8:00 a.m. Eastern Time the Trading Day after the order event occurred (referred to as transaction date). The processing timeframes below are presented in this context. All events submitted after T+1 (either reported late or submitted later because not all of the information was available) must be processed within these timeframes based on the date they were received.
The Participants require the following timeframes (Figure A) for the identification, communication and correction of errors from the time an order event is received by the processor:
Noon Eastern Time T+1 (transaction date + one day)—Initial data validation, lifecycle linkages and communication of errors to CAT Reporters;
8:00 a.m. Eastern Time T+3 (transaction date + three days)—Resubmission of corrected data; and
8:00 a.m. Eastern Time T+5 (transaction date + five days)—Corrected data available to Participant regulatory staff and the SEC.
Late submissions or re-submissions (after 8:00 a.m.) may be considered to be processed that day if it falls within a given time period after the cutoff. This threshold will be determined by the Plan Processor and approved by the Operating Committee. In the event that a significant portion of the data has not been received as monitored by the Plan Processor, the Plan Processor may decide to halt processing pending submission of that data.
Data Availability Requirements
Prior to 12:00 p.m. Eastern Time on T+1, raw unprocessed data that has been ingested by the Plan Processor must be available to Participants' regulatory staff and the SEC.
Between 12:00 p.m. Eastern Time on T+1 and T+5, access to all iterations of processed data must be available to Participants' regulatory staff and the SEC.
The Plan Processor must provide reports and notifications to Participant regulatory staff and the SEC regularly during the five-day process, indicating the completeness of the data and errors. Notice of major errors or missing data must be reported as early in the process as possible. If any data remains un-linked after T+5, it must be available and included with all linked data with an indication that the data was not linked.
If corrections are received after T+5, Participants' regulatory staff and the SEC must be notified and informed as to how re-processing will be completed. The Operating Committee will be involved with decisions on how to re-process the data; however, this does not relieve the Plan Processor of notifying the Participants' regulatory staff and the SEC.
CAT PII data must be processed within established timeframes to ensure data can be made available to Participants' regulatory staff and the SEC in a timely manner. Industry Members submitting new or modified Customer information must provide it to the Central Repository no later than 8:00 a.m. Eastern Time on T+1. The Central Repository must validate the data and generate error reports no later than 5:00 p.m. Eastern Time on T+[3]1. The Central Repository must process the resubmitted data no later than 5:00 p.m. Eastern Time on T+4. Corrected data must be resubmitted no later than 5:00 p.m. Eastern Time on T+3. The Central Repository must process the resubmitted data no later than 5:00 p.m. Eastern Time on T+4. Corrected data must be available to regulators no later than 8:00 a.m. Eastern Time on T+5.
Customer information that includes PII data must be available to regulators immediately upon receipt of initial data and corrected data, pursuant to security policies for retrieving PII.
Receipt of Data from Reporters
Receipt of Data Transmission
Following receipt of data files submitted by the CAT Reporter or Data Submitter, the Plan Processor must send an acknowledgement of data received to the CAT Reporter and Data Submitter, if applicable. Such acknowledgment will enable CAT Reporters to create an audit trail of their submissions and allow for tracing of data breakdowns when data is not received. At a minimum, the receipt acknowledgement will include:
SRO-Assigned Market Participant Identifier;
Date of Receipt;
Time of Receipt;
File Identifier; and
Value signifying the acknowledgement of receipt, but not processing, of the file.
Data Validation
The Plan Processor will implement data validations at the file and individual record level for data received by the Plan Processor including customer data. If a record does not pass basic validations, such as syntax rejections, then it must be rejected and sent back to the CAT Reporter as soon as possible, so it can repair and resubmit. The required data validations may be amended based on input from the Operating Committee and the Advisory Committee. All identified exceptions will be reported back to the CAT Reporter submitting the data and/or the CAT Reporter on whose behalf the data was submitted.
If needed—data validation may be a process with an initial validation phase for data errors and a subsequent validation phase later in processing where more time is needed to assess the context of the record in relation to data that may be submitted to the CAT later in the submission window. The Plan Processor must have an additional “matching” process for the purposes of linking together order data passed between CAT Reporters.
The data validations must include the following categories and must be explained in the Technical Specifications document:
File Validations—Confirmation of file transmission and receipt are in the correct formats. This includes validation of header and trailers on the submitted report, confirmation of a valid SRO-Assigned Market Participant Identifier, and verification of the number of records in the file.
Validation of CAT Data—Syntax and context checks, including:
○ Format checks:
Check that the data is entered in the specified format
○ Data Type checks:
Check that the data type of each attribute is as per specification
○ Consistency checks:
Check that all attributes for a record of a specified type are consistent
○ Range/logic checks:
Range check—Validate that each attribute for every record has a value within specified limits
Logic check—Validate that the values provided against each attribute are associated with the event type they represent
○ Data validity checks:
Validate that each attribute for every record has an acceptable value
○ Completeness checks:
Verify that each mandatory attribute for every record is not null
○ Timeliness checks:
Verify that records were submitted within the submission timelines
Linkage Validation —Process by which related CAT Reportable Events are in a linked daisy chain method
A linkage validation error should only populate for the CAT Reporter that the Plan Processor determines to have broken the link.
CAT Reporters must have the ability to correct, replace or delete records that have passed initial validations within the CAT.
After the Central Repository has processed the data, the Plan Processor must provide daily statistics, including at a minimum, the following information:
SRO-Assigned Market Participant Identifier;
Date of Submission;
Number of files received;
Number of files accepted;
Number of files rejected;
Number of total order events received;
Number of order events accepted;
Number of order events rejected;
Number of each type of report received;
Number of each type of report accepted;
Number of each type of report rejected;
Number of customer records received;
Number of total customer records accepted;
Number of total customer records rejected;
Number of unknown accounts;
Number of late submissions;
Order-IDs rejected;
Reason(s) for rejection;
Number of records attempted to be matched;
Number of records matched; and
Percentage of records matched.
Individual records contained in files that do not pass the file validation process must not be included for further processing. Once a file passes the initial validation, individual records contained therein may then be processed for further validation. Individual records that do not pass the data validation processes will not be included in the final audit trail but must be retained. Additionally, records not passing the validations will not be included for matching processes.
Exception Management
The Plan Processor must capture rejected records for each CAT Reporter and make them available to the CAT Reporter. The “rejects” file must be accessible via an electronic file format and the rejections and daily statistics must be available via a web interface. The Plan Processor must provide functionality for CAT Reporters to amend any exceptions.
The Plan Processor must support bulk error correction. Rejected records can be resubmitted as a new file with appropriate indicators to identify the rejection record, which is being repaired. The Plan Processor will then reprocess repaired records.
A GUI must be available for CAT Reporters to make updates to individual records or attributes and must include, at a minimum, the:
Count of each type of rejection;
Reason for each rejection;
Ability to download the rejections;
Firm assigned order ID of each rejection;
Details of each rejection;
Type of report rejected; and
Repair status.
The Plan Processor must support bulk replacement of records, and reprocess such replaced records. The Plan Processor must provide CAT Reporters with documentation that detail the process how to amend and upload records that fail the validations that are outlined as part of Section 7.4. The Plan Processor must maintain a detailed audit trail capturing corrections to and replacements of records.
The Plan Processor will provide CAT Reporters with their error reports as they become available, and daily statistics will be provided after data has been uploaded and validated by the Plan Processor. The Plan Processor must support a continuous validation and feedback model so that CAT Reporters can identify and correct rejections on an ongoing basis. The rejected reports will include descriptive details, or codes related to descriptive details, as to why each data record was rejected by the Plan Processor.
On a monthly basis, the Plan Processor must produce and publish reports detailing performance and comparison statistics for CAT Reporters, similar to the Report Cards published for OATS presently. This will enable CAT Reporters to assess their performance in relation to their industry peers and help them assess the risk related to their reporting of transmitted data.
See Appendix C, Error Communication, Correction, and Processing.
Breaks in intermittent lifecycle linkages must not cause the entire lifecycle to break nor cause a reject to the CAT Reporter that correctly reported.
Error Corrections
Error corrections must be able to be submitted and processed at any time, including timeframes after the standard repair window. Additionally, in order to make corrections, CAT Reporters must have access to the Central Repository over weekends.
CAT Reporters must be able to submit error corrections for data errors identified by CAT Reporters that passed format validations.
Additionally, the Plan Processor must:
Provide feedback as to the reason(s) for errors;
Prevent a linkage break between reports from resulting in additional events being rejected;
Allow broken linkages to be repaired without having to submit or resubmit additional reports;
Allow error corrections to be submitted both via online and bulk uploads or via file submission;
Support auto-correction of identified errors and notify reporters of any auto-corrections;
Support group repairs (i.e., the wrong issue symbol affecting multiple reports).
Data Ingestion
Data submitted to the Central Repository, including rejections and corrections, must be stored in repositories designed to hold information based on the classification of the CAT Reporter (i.e., whether the CAT Reporter is a Participant, a broker-dealer, or a third party Data Submitter). After ingestion by the Central Repository, the Raw Data must be transformed into a format appropriate for data querying and regulatory output.
Functionality of the CAT System
Regulator Access
The Plan Processor must provide Participants' regulatory staff and the SEC with access to all CAT Data for regulatory purposes only. Participants' regulatory staff and the SEC will access CAT Data to perform functions, including economic analyses, market structure analyses, market surveillance, investigations, and examinations.
The CAT must be able to support, at a minimum, 3,000 regulatory users within the system. It is estimated that approximately 20% of all users will use the system on a daily or weekly basis while approximately 10% of all users will require advanced regulator-user access, as described below. Furthermore, it is estimated that there may be approximately 600 concurrent users accessing the CAT at any given point in time. These users must be able to access and use the system without an unacceptable decline in system performance.
Specific performance requirements will be included in the SLA.
As stated in Appendix D, Data Security, the Plan Processor must be able to support an arbitrary number of user roles. Defined roles must include, at a minimum:
Basic regulator users—Individuals with approved access who plan to use the Central Repository to run basic queries (e.g., pulling all trades in a single stock by a specific party).
Advanced regulator users—Individuals with approved access who plan to use the Central Repository to construct and run their own complex queries.
Regulators will have access to processed CAT Data through two different methods, an online-targeted query tool and user-defined direct queries and bulk extracts.
Online Targeted Query Tool
The online targeted query tool will provide authorized users with the ability to retrieve processed and/or validated (unlinked) data via an online query screen that includes the ability to choose from a variety of pre-defined selection criteria. Targeted queries must include date(s) and/or time range(s), as well as one or more of a variety of fields, including the following:
Instrument(s);
Related instruments (e.g., single stock and all options with for the stock);
Data type (executions, orders, cancelations, quotes, etc.);
Product type (equity, option, etc.);
Processed data, unlinked data or both;
Listing market;
Exchange;
CAT-Reporter-ID(s)—CAT assigned and Participant assigned;
Customer-ID(s)—CAT assigned and CAT Reporter assigned;
CAT-Order-ID(s)—CAT assigned and CAT Reporter assigned;
ISO flag;
Put/call;
Strike price (include ability to select range);
Size;
Price;
Side;
Short-sale identifier;
Time-in-force (IOC, GTC, etc.);
Orders, quotes, BBOs or trades above or below a certain size;
Orders, quotes, BBOs or trades within a range of prices;
Canceled orders and/or trades;
CAT Reporters exceeding specified volume or percentage of volume thresholds in a single instrument or market-wide during a specified period of time;
CAT Reporter correction rate over time;
Audit trail of order linkages;
Corporate action events;
Instrument history; and
Others to be defined.
The tool must provide a record count of the result set, the date and time the query request is submitted, and the date and time the result set is provided to the users. In addition, the tool must indicate in the search results whether the retrieved data was linked or unlinked (e.g., using a flag). In addition, the online targeted query tool must not display any PII data. Instead, it will display existing non-PII unique identifiers (e.g., Customer-ID or Firm Designated ID). The PII corresponding to these identifiers can be gathered using the PII workflow described in Appendix D, Data Security, PII Data Requirements. The Plan Processor must define the maximum number of records that can be viewed in the online tool as well as the maximum number of records that can be downloaded. Users must have the ability to download the results to .csv, .txt, and other formats, as applicable. These files will also need to be available in a compressed format (e.g., .zip, .gz). Result sets that exceed the maximum viewable or download limits must return to users a message informing them of the size of the result set and the option to choose to have the result set returned via an alternate method.
The Plan Processor must define a maximum number of records that the online targeted query tool is able to process. The minimum number of records that the online targeted query tool is able to process is 5,000 (if viewed within the online query tool) or 10,000 (if viewed via a downloadable file).
Once query results are available for download, users are to be given the total file size of the result set and an option to download the results in a single or multiple file(s). Users that select the multiple file option will be required to define the maximum file size of the downloadable files. The application will then provide users with the ability to download the files. This functionality is provided to address limitations of end-user network environment that may occur when downloading large files.
The tool must log submitted queries and parameters used in the query, the user ID of the submitter, the date and time of the submission, as well as the delivery of results. The Plan Processor will use this logged information to provide monthly reports to each Participant and the SEC of its respective metrics on query performance and data usage of the online query tool. The Operating Committee must receive all monthly reports in order to review items, including user usage and system processing performance.
Online Targeted Query Tool Performance Requirements
For targeted search criteria, the minimum acceptable response times will be increments of less than one minute. For the complex queries that either scan large volumes of data (e.g., multiple trade dates) or return large result sets (1M records), the response time must generally be available within 24 hours of the submission of the request. Regardless of the complexity of the criteria used within the online query tool, any query request for data within one business date of a 12-month period must return results within 3 hours.
Performance requirements listed below apply to data:
- Online targeted query tool searches that include equities and options trade data only in the search criteria must meet minimum requirements, including:
○ Returning results within 1 minute for all trades and related lifecycle events for a specific Customer or CAT Reporter with the ability to filter by security and time range for a specified time window up to and including an entire day;
○ Returning results within 30 minutes for all trades and related lifecycle events for a specific Customer or CAT Reporter in a specified date range (maximum 1 month);
○ Returning results within 6 hours for all trades and related lifecycle events for a specific Customer or CAT Reporter in a specified date range (maximum 12-month duration from the most recent 24 months); and
○ Returning results for the full 6 years of data for all trades and lifecycle events across daily, weekly, and multi-year periods.
- Online targeted query tool searches that include equities and options order and National Best Bid and National Best Offer data in search criteria must meet minimum requirements, including:
○ Returning results within 5 minutes for all orders and their complete lifecycles for a single security from a specific Participant across all markets (note: a Participant could have multiple participant identifiers) in a specified time window not to exceed 10 minutes for a single date;
○ Returning results within 5 minutes for all orders, cancelations, and the National Best Bid and National Best Offer (or the protected best bid and offer) at the time the order is created for a single security in a specified time window not to exceed 10 minutes for a single date;
○ Returning results within 5 minutes for all equity and options orders, cancelations, and executions from a specific market participant in a single underlying instrument in a specified time window not to exceed 10 minutes for a single date;
○ Returning results within 5 minutes for all orders, quotes, routes, cancelations and trades (complete life-cycle) for related instruments (e.g., single stock and all options series for the same stock) in a specified time window not to exceed 10 minutes for a single date;
○ Returning results within 5 minutes for all orders and quotes entered during a specific time period by a list of specific CAT Reporters, with the ability to drill down to show the complete life-cycle must return results in a specified time window not to exceed 10 minutes for a single date; and
○ Returning results within 5 minutes for all orders and quotes entered during a specific time period for a specified list of instruments must return results in a specified time window not to exceed 10 minutes for a single date.
The online targeted query tool architecture must include an automated application-level resource management component. This feature must manage query requests to balance the workload to ensure the response times for targeted and complex queries meet the defined response times. The resource management function will categorize and prioritize query requests based on the input parameters, complexity of the query, and the volume of data to be parsed in the query. Additionally, the source of the query may also be used to prioritize the processing. The Plan Processor must provide details on the prioritization plan of the defined solution for online query requests.
The online targeted query tool must support parallel processing of queries. At a minimum, the online targeted query tool must be able to process up to 300 simultaneous query requests with no performance degradation.
Online Targeted Query Tool Access and Administration
Access to CAT Data is limited to authorized regulatory users from the Participants and the SEC. Authorized regulators from the Participants and the SEC may access all CAT Data, with the exception of PII data. A subset of the authorized regulators from the Participants and the SEC will have permission to access and view PII data. The Plan Processor must work with the Participants and SEC to implement an administrative and authorization process to provide regulator access. The Plan Processor must have procedures and a process in place to verify the list of active users on a regular basis.
A two-factor authentication is required for access to CAT Data. PII data must not be available via the online targeted query tool or the user-defined direct query interface.
User-Defined Direct Queries and Bulk Extraction of Data
The Central Repository must provide for direct queries, bulk extraction, and download of data for all regulatory users. Both the user-defined direct queries and bulk extracts will be used by regulators to deliver large sets of data that can then be used in internal surveillance or market analysis applications. The data extracts must use common industry formats.
Direct queries must not return or display PII data. Instead, they will return existing non-PII unique identifiers (e.g., Customer-ID or Firm Designated ID). The PII corresponding to these identifiers can be gathered using the PII workflow described in Appendix D, Data Security, PII Data Requirements.
Participants and regulators must have the ability to create, save, and schedule dynamic queries that will run directly against processed and/or unlinked CAT Data. The examples below demonstrate robust usage of the CAT Data to perform a variety of complex query, surveillance, and market analysis use cases. User-defined direct queries will be used to perform tasks such as market reconstruction, behavioral analysis, and cross-market surveillance.
The method(s) for providing this capability is dependent upon the architecture of the CAT and will be defined by the final solution. The CAT cannot be web-based due to the volumes of data that could be extracted.
The Participants are agnostic as to how user-defined direct queries or bulk extracts are implemented as long as the solution provides an open API that allows regulators to use analytic tools (e.g., R, SAS, Python, Tableau) and can use ODBC/JDBC drivers to access the CAT Data. Queries invoked through the open API must be auditable. The CAT System must contain the same level of control, monitoring, logging and reporting as the online targeted query tool. The Plan Processor may define a limited set of basic required fields (e.g., date and at least one other field such as symbol, CAT-Reporter ID, or CAT-Customer-ID) that regulators must use in direct dynamic queries.
The Plan Processor must provide procedures and training to regulators that will use the direct query feature. The Plan Processor may choose to require that user-defined direct query users participate in mandatory training sessions.
The bulk extract feature will replace the current Intermarket Surveillance Group (ISG) ECAT and COATS compliance data files that are currently processed and provided to Participants for use in surveillance applications. These files are used extensively across all Participants in a variety of surveillance applications and are a critical data input to many surveillance algorithms. With the initial implementation of the CAT, opportunities exist to improve the content and depth of information available in these data files. The Plan Processor will need to work with ISG to define new layouts that will include additional data elements that will be available in the CAT Data.
The Plan Processor is responsible for providing data models and data dictionaries for all processed and unlinked CAT Data.
User-Defined Direct Query Performance Requirements
The user-defined direct query tool is a controlled component of the production environment made available to allow the Participants' regulatory staff and the SEC to conduct queries. The user-defined direct query tool must:
Provide industry standard programmatic interface(s) that allows Participants' regulatory staff and the SEC with the ability to create, save, and run a query;
Provide query results that are extractable/downloadable and can be used to refine subsequent queries;
Support complex, multistage queries;
Run at a minimum 3,000 queries on a daily basis. Of these, it is anticipated that roughly 60% would be simple queries (e.g., pulling of all trades in a given symbol traded during a certain time period) and 40% would be complex (e.g., looking for quotes or orders more than 5% away from the National Best Bid and National Best Offer);
Process and run approximately 1,800 queries concurrently;
Support SQL 92 as well as recursive queries with common table expressions (recursive CTEs), bulk load utility, interface for dimension management, windowing functions, JBDC and ODBC, or provide another API with equal or greater query capabilities, so long as ODBC and JDBC are supported. Support for stored procedures and user-defined functions are optional;
Include data presentation tools/query tools that support query results that produce data sets ranging from less than 1 gigabyte to at least 10 terabytes or more of uncompressed data;
Provide query owners with the ability to schedule queries;
Provide query owners with the ability to cancel a query during execution or prior to the scheduled running of a query;
Provide Participants with a means to view all saved queries owned by the Participants as well as the scheduling of query executions (for queries that have been scheduled);
Provide an automated delivery method of scheduled query results to the appropriate Participant. Delivery methods must comply with all information security guidelines (encryption, etc.);
Provide technical expertise to assist regulators with questions and/or functionality about the content and structure of the CAT query capability;
Include workload balancer to allow prioritization and processing of queries and delivery of results; and
Support parallel processing of queries. At a minimum, the user-defined direct query tool must be able to process up to 300 simultaneous query requests with no performance degradation.
Bulk Extract Performance Requirements
For bulk extracts of an entire day of data, the minimum acceptable transfer time of equity and options data is four hours. This requirement assumes that there are no limitations within the regulator's own network environment that will prevent the Plan Processor from meeting this requirement.
A consideration was made to require an online Report Center that would include pre-canned reports that could be delivered to regulators or pulled upon request. The reports would be predefined based on requirements developed by Participants and the SEC. Due to the added complexity and the lack of quantifiable use cases, the Participants determined that this was something that may be useful in the future but not at the initial implementation and launch of the CAT. This will be reassessed when broker-dealers begin submitting data to the CAT.
It is envisioned that non-Participant CAT Reporters will be unable to access their data submissions through bulk data exports with the initial implementation of CAT. Only Participants and the SEC will have access to full lifecycle corrected bulk data exports.
Extraction of data must be consistently in line with all permissioning rights granted by the Plan Processor. Data returned must be encrypted, password protected and sent via secure methods of transmission. In addition, PII data must be masked unless users have permission to view the data that has been requested.
The Plan Processor must have an automated mechanism in place to monitor user-defined direct query usage. This monitoring must include automated alerts to notify the Plan Processor of potential issues with bottlenecks or excessively long queues for queries or data extractions. The Plan Processor must provide details as to how the monitoring will be accomplished and the metrics that will be used to trigger alerts.
The user-defined direct query and bulk extraction tool must log submitted queries and parameters used in the query, the user ID of the submitter, the date and time of the submission and the date and time of the delivery of results. The Plan Processor will use this logged information to provide monthly reports to the Operating Committee, Participants and the SEC of their respective usage of the online query tool.
The bulk extract tool must support parallel processing of queries. At a minimum, the bulk extract tool must be able to process up to 300 simultaneous query requests with no performance degradation.
Identifying Latency and Communicating Latency Warnings to CAT Reporters
The Plan Processor will measure and monitor Latency within the CAT network. Thresholds for acceptable levels of Latency will be identified and presented to the Operating Committee for approval. The Plan Processor will also define policies and procedures for handling and the communication of data feed delays to CAT Reporters, the SEC, and Participants' regulatory staff that occur in the CAT. Any delays will be posted for public consumption, so that CAT Reporters may choose to adjust the submission of their data appropriately, and the Plan Processor will provide approximate timelines for when system processing will be restored to normal operations.
Technical Operations
The Plan Processor will develop policies, procedures, and tools to monitor and manage the performance of the Central Repository, to be approved by the Operating Committee. Such policies, procedures, and tools will include, at a minimum:
Monitoring and management of system availability and performance, to include both Online Targeted Query Tool and User-Defined Direct Queries;
Monitoring and management of query tool usage (e.g., to identify long-running or “stuck” queries); and
Segregation of query queues by regulator or Participant (i.e., one regulator or Participant's queries should not prevent another regulator or Participant's queries from running).
System SLAs
Service Level Agreements for system and operational performance will be established for areas, including the following:
Linkage and order event processing performance;
Query performance and response times;
System availability;
User support/help desk performance;
Application, network, and data security performance; and
Development, change management, and implementation processes and timelines.
The actual terms of the SLAs will be negotiated between the Plan Participants and the eventual Plan Processor.
CAT Customer and Customer Account Information
Customer and Customer Account Information Storage
The CAT must capture and store Customer and Customer Account Information in a secure database physically separated from the transactional database. The Plan Processor will maintain information of sufficient detail to uniquely and consistently identify each Customer across all CAT Reporters, and associated accounts from each CAT Reporter. The following attributes, at a minimum, must be captured:
Social security number (SSN) or Individual Taxpayer Identification Number (ITIN);
Date of birth;
Current name;
Current address;
Previous name; and
Previous address.
For legal entities, the CAT must capture the following attributes:
- Legal Entity Identifier (LEI) (if available);
- Tax identifier;
- Full legal name; and
- Address.
The Plan Processor must maintain valid Customer and Customer Account Information for each trading day and provide a method for Participants' regulatory staff and the SEC to easily obtain historical changes to that information (e.g., name changes, address changes, etc.).
The Plan Processor will design and implement a robust data validation process for submitted Firm Designated ID, Customer Account Information and Customer Identifying Information, and must continue to process orders while investigating Customer information mismatches. Validations should:
Confirm the number of digits on a SSN,
Confirm date of birth, and
Accommodate the situation where a single SSN is used by more than one individual.
The Plan Processor will use the Customer information submitted by all broker-dealer CAT Reporters to assign a unique Customer-ID for each Customer. The Customer-ID must be consistent across all broker-dealers that have an account associated with that Customer. This unique CAT-Customer-ID will not be returned to CAT Reporters and will only be used internally by the CAT.
Broker-Dealers will initially submit full account lists for all active accounts to the Plan Processor and subsequently submit updates and changes on a daily basis. In addition, the Plan Processor must have a process to periodically receive full account lists to ensure the completeness and accuracy of the account database. The Central Repository must support account structures that have multiple account owners and associated Customer information (joint accounts, managed accounts, etc.), and must be able to link accounts that move from one CAT Reporter to another (e.g., due to mergers and acquisitions, divestitures, etc.).
Required Data Attributes for Customer Information Data Submitted by Industry Members
At a minimum, the following Customer information data attributes must be accepted by the Central Repository:
Account Owner Name;
Account Owner Mailing Address;
Account Tax Identifier (SSN, TIN, ITIN);
Market Identifiers (Larger Trader ID, LEI);
Type of Account;
Firm Identifier Number;
○ The number that the CAT Reporter will supply on all orders generated for the Account;
Prime Broker ID;
Bank Depository ID; and
Clearing Broker.
Customer-ID Tracking
The Plan Processor will assign a CAT-Customer-ID for each unique Customer. The Plan Processor will determine a unique Customer using information such as SSN and DOB for natural persons or entity identifiers for Customers that are not natural persons and will resolve discrepancies. Once a CAT-Customer-ID is assigned, it will be added to each linked (or unlinked) order record for that Customer.
Participants and the SEC must be able to use the unique CAT-Customer-ID to track orders from any Customer or group of Customers, regardless of what brokerage account was used to enter the order.
Error Resolution for Customer Data
The Plan Processor must design and implement procedures and mechanisms to handle both minor and material inconsistencies in Customer information. The Central Repository needs to be able to accommodate minor data discrepancies such as variations in road name abbreviations in searches. Material inconsistencies such as two different people with the same SSN must be communicated to the submitting CAT Reporters and resolved within the established error correction timeframe as detailed in Section 8.
The Central Repository must have an audit trail showing the resolution of all errors. The audit trail must, at a minimum, include the:
CAT Reporter submitting the data;
Initial submission date and time;
Data in question or the ID of the record in question;
Reason identified as the source of the issue, such as:
○ duplicate SSN, significantly different Name;
○ duplicate SSN, different DOB;
○ discrepancies in LTID; or
○ others as determined by the Plan Processor;
Date and time the issue was transmitted to the CAT Reporter, included each time the issue was re-transmitted, if more than once;
Corrected submission date and time, including each corrected submission if more than one, or the record ID(s) of the corrected data or a flag indicating that the issue was resolved and corrected data was not required; and
Corrected data, the record ID, or a link to the corrected data.
User Support
CAT Reporter Support
The Plan Processor will provide technical, operational and business support to CAT Reporters for all aspects of reporting. Such support will include, at a minimum:
Self-help through a web portal;
Direct support through email and phone;
Support contact information available through the internet; and
Direct interface with Industry Members and Data Submitters via industry events and calls, industry group meetings and informational and training sessions.
The Plan Processor must develop tools to allow each CAT Reporter to:
Monitor its submissions;
View submitted transactions in a non-bulk format (i.e., non-downloadable) to facilitate error corrections;
Identify and correct errors;
Manage Customer and Customer Account Information;
Monitor its compliance with CAT reporting requirements; and
Monitor system status.
The Plan Processor will develop and maintain communication protocols (including email messaging) and a secure website to keep CAT Reporters informed as to their current reporting status, as well as issues with the CAT that may impact CAT Reporters' ability to submit or correct data. The website will use user authentication to prevent users for seeing information about firms other than their own, and will contain:
Daily reporting statistics for each CAT Reporter, including items such as:
Each CAT Reporter or Data Submitter must only be able to view its own data and data it submits on behalf of others.
○ SRO-Assigned Market Participant Identifier;
○ Date of submission;
○ Number of files received;
○ Number of files accepted;
○ Number of files rejected;
○ Number of total order events received;
○ Number of order events accepted;
○ Number of order events rejected;
○ Number of each type of report received;
○ Number of each type of report accepted;
○ Number of each type of report rejected;
○ Number of total customer records accepted;
○ Number of total customer records rejected;
○ Order-IDs rejected;
○ Reason for rejection;
○ Number of records attempted to be matched;
○ Number of records matched;
○ Percentage of records matched;
○ Number of customer records received;
○ Number of unknown accounts;
○ Latest view of statistics inclusive of re-submissions to get a trade-date view of exceptions and correction statistics available for CAT Reporters to know when everything for a given trade date has been completed; and
○ Most recent CAT Reporter Compliance Report Card, as defined in section 12.4;
CAT System status, system notifications, system maintenance, and system outages; and
A mechanism for submitting event data and correcting and resubmitting rejections or inaccurate data.
The Plan Processor will develop and maintain a public website containing comprehensive CAT reporting information, including:
Technical Specifications;
Reporting guidance (e.g., FAQs);
Pending rule changes affecting CAT reporting;
CAT contact information;
Availability of test systems;
Testing plans;
Proposed changes to the CAT; and
Fee schedule.
The Plan Processor will develop and maintain a mechanism for assigning CAT Reporter-IDs. A mechanism will also be developed and maintained to change CAT Reporter-IDs should this be necessary (e.g., due to a merger), with the expectations that such changes should be infrequent. Changes to CAT-Reporter-IDs must be reviewed and approved by the Plan Processor.
Initially, non-Participant CAT Reporters will not have access to their data submissions through bulk data exports with the initial implementation of the Central Repository. Only Participants and the SEC will have access to full lifecycle corrected bulk data exports. Non-Participant CAT Reporters will be able to view their submissions online in a read-only, non-exportable format to facilitate error identification and correction. Data Submitters will be able to export bulk file rejections for repair and error correction purposes.
The Plan Processor will define methods by which it will consult with and inform CAT Reporters and industry groups on updates and changes to user support.
The Plan Processor will define pre- and post-production support programs to minimize the Error Rate and help CAT Reporters to meet their compliance thresholds. Such pre-production support program shall include, but are not limited to, the following activities:
Educational programs—Includes the following:
○ Publication and industry-wide communication (including FAQs) of the Technical Specifications, including:
Appropriate definitions/expected usages for each value in field format
○ All available attribute values for each field
○ Establishment of a dedicated help desk for Reporters to contact;
○ Industry participation in order linkage methodologies;
Include information on new order/trade types;
○ Hosting of industry educational calls; and
○ Hosting of industry-wide training.
Registration—Requires all firms to:
○ Register and be certified as CAT Reporters;
○ Attend industry-wide training;
○ Establish internal controls to capture potential misreporting scenarios; and
○ Work with the Plan Processor to understand scenario-based reporting and expected outputs.
Communications Plan—A strong communications plan of the timeline to reporting go-live shall:
○ Include communication on how Error Rates and Compliance Thresholds are calculated; and
○ Describe how errors will be communicated back to CAT Reporters.
Industry-wide testing—Industry-wide test results must be available for all CAT Reporters.
○ As mentioned in Appendix C, Objective Milestones to Assess Progress, appropriate time must be provided between Technical Specification publication and production go-live.
○ Ample testing time must be provided.
○ Appropriate scenario-based testing, including all three validation processes, shall be established.
○ A separate test environment for CAT Reporters that mirrors the production environment shall be provided.
Post-production support program activities shall include, but are not limited to the following:
Issuing a monthly Report Card on reporting statistics, with information on how reporters stand against similar entities;
Publishing daily reporting statistics;
Maintaining Technical Specifications with defined intervals for new releases/updates;
Posting FAQs and other informational notices to be updated as necessary;
Hosting of industry educational calls;
Hosting of industry-wide training;
Emailing outliers, meaning firms significantly reporting outside of industry standards;
Conducting annual assessments of dedicated help desk to determine appropriate staffing levels;
Using the test environment prior to releasing new code to production; and
Imposing CAT Reporter requirements:
○ Attendance/participation of industry testing sessions;
○ Attendance in industry educational calls; and
○ Attendance in industry-wide training.
CAT User Support
The Plan Processor will develop a program to provide technical, operational and business support to CAT users, including Participants' regulatory staff and the SEC. The CAT help desk will provide technical expertise to assist regulators with questions and/or functionality about the content and structure of the CAT query capability.
The Plan Processor will develop tools, including an interface, to allow users to monitor the status of their queries and/or reports. Such website will show all in-progress queries/reports, as well as the current status and estimated completion time of each query/report.
The Plan Processor will develop communication protocols to notify regulators of CAT System status, outages and other issues that would affect Participants' regulatory staff and the SEC's ability to access, extract, and use CAT Data. At a minimum, Participants' regulatory staff and the SEC must each have access to a secure website where they can monitor CAT System status, receive and track system notifications, and submit and monitor data requests.
The Plan Processor will develop and maintain documentation and other materials as necessary to train regulators in the use of the Central Repository, including documentation on how to build and run reporting queries.
CAT Help Desk
The Plan Processor will implement and maintain a help desk to support broker-dealers, third party CAT Reporters, and Participant CAT Reporters (the “CAT Help Desk”). The CAT Help Desk will address business questions and issues, as well as technical and operational questions and issues. The CAT Help Desk will also assist Participants' regulatory staff and the SEC with questions and issues regarding obtaining and using CAT Data for regulatory purposes.
The CAT Help Desk must go live within a mutually agreed upon reasonable timeframe after the Plan Processor is selected, and must be available on a 24x7 basis, support both email and phone communication, and be staffed to handle at minimum 2,500 calls per month. Additionally, the CAT Help Desk must be prepared to support an increased call volume at least for the first few years. The Plan Processor must create and maintain a robust electronic tracking system for the CAT Help Desk that must include call logs, incident tracking, issue resolution escalation.
CAT Help Desk support functions must include:
Setting up new CAT Reporters, including the assignment of CAT-Reporter-IDs and support prior to submitting data to CAT;
Managing CAT Reporter authentication and entitlements;
Managing CAT Reporter and third party Data Submitters testing and certification;
Managing Participants and SEC authentication and entitlements;
Supporting CAT Reporters with data submissions and data corrections, including submission of Customer and Customer Account Information;
Coordinating and supporting system testing for CAT Reporters;
Responding to questions from CAT Reporters about all aspects of CAT reporting, including reporting requirements, technical data transmission questions, potential changes to SEC Rule 613 that may affect the CAT, software/hardware updates and upgrades, entitlements, reporting relationships, and questions about the secure and public websites;
Responding to questions from Participants' regulatory staff and the SEC about obtaining and using CAT Data for regulatory purposes, including the building and running of queries; and
Responding to administrative issues from CAT Reporters, such as billing.
CAT Reporter Compliance
The Plan Processor must include a comprehensive compliance program to monitor CAT Reporters' adherence to SEC Rule 613. The Chief Compliance Officer will oversee this compliance program, and will have responsibility for reporting on compliance by CAT Reporters to the Participants. The compliance program covers all CAT Reporters, including broker-dealers and Participants.
As a fundamental component of this program, the Plan Processor will identify on a daily basis all CAT Reporters exceeding the maximum allowable Error Rate established by the Participants. The Error Rate will initially be set by the CAT NMS Plan, and will be reviewed and adjusted on an ongoing basis by the Operating Committee. Error Rates will be based on timeliness, correctness, and linkages.
The Plan Processor will, on an ongoing basis, analyze reporting statistics and Error Rates and recommend to Participants proposed changes to the maximum allowable Error Rates established by the Participants. All CAT Reporters exceeding this threshold will be notified that they have exceeded the maximum allowable Error Rate and will be informed of the specific reporting requirements that they did not fully meet (e.g., timeliness or rejections).
The Plan Processor will develop and publish CAT Reporter compliance report cards on a periodic basis to assist CAT Reporters in monitoring overall compliance with CAT reporting requirements. The Plan Processor will also recommend criteria and processes by which CAT Reporters will be fined for inaccurate, incomplete, or late submissions. The compliance report cards will include the following information:
Number of inaccurate transactions submitted;
Number of incomplete transactions submitted; and
Number of transactions submitted later than reporting deadlines.
The CAT Reporter compliance program will include reviews to identify CAT Reporters that may have failed to submit order events to the CAT, as well as to ensure CAT Reporters correct all identified errors even if such errors do not exceed the maximum allowable Compliance Threshold.
The Plan Processor will, on a monthly basis, produce and provide reports containing performance and comparison statistics as needed to each Participant on its members' CAT reporting compliance thresholds so that Participants can monitor their members' compliance with CAT reporting requirements and initiate disciplinary action when appropriate. The Plan Processor will also produce and provide, upon request from the Participants and the SEC, reports containing performance and comparison statistics as needed on each CAT Reporter's compliance thresholds so that the Participants or the SEC may take appropriate action if a Participant fails to comply with its CAT reporting obligations.
The Plan Processor will produce and make available on a monthly basis reports for all CAT Reporters, benchmarking their performance and comparison statistics against similar peers. The reports will be anonymized such that it will not be possible to determine the members of the peer group to which the CAT Reporter was compared.
The Plan Processor will produce and make available to regulators on a monthly basis a report detailing Error Rates, transaction volumes, and other metrics as needed to allow regulators to oversee the quality and integrity of CAT Reporter reporting to the Central Repository.
Upgrade Process and Development of New Functionality
CAT Functional Changes
The Plan Processor must propose a process governing the determination to develop new functionality, which process must be reviewed and approved by the Operating Committee. The process must, at a minimum:
Contain a mechanism by which changes can be suggested to the Operating Committee by Advisory Committee members, the Participants, or the SEC;
Contain a defined process for developing impact assessments, including implementation timelines, for proposed changes; and
Contain a mechanism by which functional changes which the Plan Processor wishes to undertake can be reviewed and approved by the Operating Committee.
The Plan Processor shall not unreasonably withhold, condition, or delay implementation of any changes or modifications reasonably requested by the Operating Committee.
CAT Infrastructure Changes
The Plan Processor must implement a process to govern changes to CAT. This process must contain provisions for:
Business-as-usual changes (e.g., replacing failed hardware, adding capacity to deal with expected increases in transaction volumes) that would require the Plan Processor to provide the Operating Committee with a summary report (e.g., infrastructure changes, acquired costs, etc.); and
Isolated infrastructure changes (e.g., moving components of the system from a self-hosted to an Infrastructure-as-a-Service provider) that would require the Plan Processor to provide a request to the Operating Committee for review and approval before commencing any actions.
Testing of New Changes
The Plan Processor must implement a process governing user testing of changes to CAT functionality and infrastructure, which process must be reviewed and approved by the Operating Committee. The process must:
Define the process by which changes are to be tested by CAT Reporters[ and regulators];
Define the criteria by which changes will be approved prior to their deployment into the production environment(s); and
Define the environment(s) to be used for user testing.
EXHIBIT B
KEY TO COMMENT LETTERS CITED IN APPROVAL ORDER
Proposed National Market System Plan Governing the Consolidated Audit Trail
(File No. 4-698)
1. Letter from Kathleen Weiss Hanley, Bolton-Perella Chair in Finance, Lehigh University, and Jay. R. Ritter, Joseph B. Cordell Eminent Scholar Chair, University of Florida, to Brent J. Fields, Secretary, Commission, dated July 12, 2016 (“Hanley Letter”).
2. Letter from Courtney D. McGuinn, Operations Director, FIX Trading Community, to Commission, dated July 14, 2016 (“FIX Trading Letter”).
3. Letter from Kelvin To, Founder and President, Data Boiler Technologies, LLC, to Brent J. Fields, Secretary, Commission, dated July 15, 2016 (“Data Boiler Letter”).
4. Letter from Richard Foster, Senior Vice President and Senior Counsel for Regulatory and Legal Affairs, Financial Services Roundtable, to Brent J. Fields, Secretary, Commission, and Marcia E. Asquith, Corporate Secretary, Financial Industry Regulatory Authority, dated July 15, 2016 (“FSR Letter”).
5. Letter from David T. Bellaire, Esq., Executive Vice President and General Counsel, Financial Services Institute, to Brent J. Fields, Secretary, Commission, dated, July 18, 2016 (“FSI Letter”)
6. Letter from Stuart J. Kaswell, Executive Vice President and Managing Director, General Counsel, Managed Funds Association, to Brent J. Fields, Secretary, Commission, dated July 18, 2016 (“MFA Letter”).
7. Letter from Bonnie K. Wachtel, Wachtel and Company, Inc., to Commission, dated July 18, 2016. (“Wachtel Letter”).
8. Letter from David W. Blass, General Counsel, Investment Company Institute, to Brent J. Fields, Secretary, Commission, dated July 18, 2016 (“ICI Letter”).
9. Letter from Larry E. Thompson, Vice Chairman and General Counsel, Depository Trust and Clearing Corporation, to Brent J. Fields, Secretary, Commission, dated July 18, 2016 (“DTCC Letter”).
10. Letter from Manisha Kimmel, Chief Regulatory Officer, Wealth Management, Thomson Reuters, to Brent J. Fields, Secretary, Commission, dated July 18, 2016 (“TR Letter”).
11. Letter from Theodore R. Lazo, Managing Director and Associate General Counsel, and Ellen Greene, Managing Director, Financial Services Operations, Securities Industry and Financial Markets Association, to Brent J. Fields, Secretary, Commission, dated July 18, 2016 (“SIFMA Letter”).
12. Letter from Anonymous, to Commission, received July 18, 2016 (“Anonymous Letter I”).
13. Letter from Mary Lou Von Kaenel, Managing Director, Financial Information Forum, to Brent J. Fields, Secretary, Commission, dated July 18, 2016 (“FIF Letter”).
14. Letter from Marc R. Bryant, Senior Vice President, Deputy General Counsel, Fidelity Investments, to Brent J. Fields, Secretary, Commission, dated July 18, 2016 (“Fidelity Letter”).
15. Letter from Mark Husler, CEO, UniVista, and Jonathan Jachym, Head of North America Regulatory Strategy and Government Relations, London Stock Exchange Group, to Brent J. Fields, Secretary, Commission, dated July 18, 2016 (“UnaVista Letter”).
16. Letter from Gary Stone, Chief Strategy Officer for Trading Solutions and Global Regulatory and Policy Group, Bloomberg, L.P., to Brent J. Fields, Secretary, Commission, dated July 18, 2016 (“Bloomberg Letter”).
17. Letter from Dennis M. Kelleher, President and CEO, Stephen W. Hall, Legal Director and Securities Specialist, and Lev Bagramian, Senior Securities Policy Advisor, Better Markets, to Brent J. Fields, Secretary, Commission, dated July 18, 2016 (“Better Markets Letter”).
18. Letter from Industry Members of the Development Advisory Group (“DAG”) (including Financial Information Forum, Securities Industry and Financial Markets Association and Securities Traders Association), to Brent J. Fields, Secretary, Commission, dated July 20, 2016 (“DAG Letter”).
19. Letter from John A. McCarthy, General Counsel, KCG Holdings, Inc., to Brent J. Fields, Secretary, Commission, dated July 20, 2016 (“KCG Letter”).
20. Letter from Joanne Moffic-Silver, EVP, General Counsel and Corporate Secretary, Chicago Board Options Exchange, Inc., to Brent J. Fields, Secretary, Commission, dated July 21, 2016 (“CBOE Letter”).
21. Letter from Elizabeth K. King, General Counsel and Corporate Secretary, NYSE Group, Inc., to Brent J. Fields, Secretary, Commission, dated July 21, 2016 (“NYSE Letter”).
22. Letter from John Russell, Chairman of the Board, and James Toes, Securities President and CEO, Securities Traders Association, to Brent J. Fields, Secretary, Commission, dated July 25, 2016 (“STA Letter”).
23. Letter from Anonymous, to Commission, received August 12, 2016 (“Anonymous Letter II”).
24. Letter from Scott Garrett, Barry Loudermilk, French Hill, Lynn Westmoreland, Randy Hultgren, Jody Hice, Lamar Smith, Tom Emmer, Bill Huizenga, Sean Duffy, Robert Pittenger, Robert Hurt, and Ann Wagner, Members of Congress, to Mary Jo White, Chair, Commission, dated October 14, 2016 (“Garrett Letter”).
25. Letter from Participants to Brent J. Fields, Secretary, Commission, dated September 2, 2016 (“Response Letter I”).
26. Letter from Participant to Brent J. Fields, Secretary, Commission, dated September 23, 2016 (“Response Letter II”).
27. Letter from Participants to Brent J. Fields, Secretary, Commission, dated October 7, 2016 (“Response Letter III”).
28. Letter from Participants to Brent J. Fields, Secretary, Commission, dated November 2, 2016 (“Participants' Letter I”).
29. Letter from Participants to Brent J. Fields, Secretary, Commission, dated November 14, 2016 (“Participants' Letter II”).
[FR Doc. 2016-27919 Filed 11-22-16; 8:45 am]
BILLING CODE 8011-01-P