The eighth anniversary of the 2010 flash crash on May 6, 2010, is approaching, Beau Alexander reminded the audience at the webinar organized by the Global Association of Risk Professionals (GARP). Alexander is a Senior Sales Executive at FIS Global Trading, a publicly traded provider of financial services technology.
The 2010 flash crash “was the second-largest intra-day swing in the stock market,” he said. That day the market lost two trillion dollars and then rebounded. “When you see volumes drop by 15 percent, there’s an activity that needs to be flushed out.”
“Someone sitting in their parents’ basement had caused the effect through ‘layering’ and ‘spoofing’ his trades”—activities which are now prohibited.
Alexander said the Consolidated Audit Trail (CAT), also known as Rule 613, was enacted by the Securities and Exchange Commission (SEC) in answer to the May 2010 Flash Crash. It is designed to allow regulators to efficiently and accurately track all activity throughout the U.S. markets in National Market System (NMS) securities.
“CAT is a good idea,” he said, because it improves the ability of the Securities Exchange Commission (SEC) and the Self-Regulatory Organizations (SROs) to oversee trading in the US securities markets. “However, the requirements are exponential and continue to grow.”
The CAT rule will require broker-dealers to submit formatted files containing information such as order, order route, trade execution, allocation, and customer data, he noted. The SEC and SROs will operate a CAT service bureau to manage the data processing and linkage between the various records.
The CAT initiative, begun in 2012, shows the SEC takes a conservative stance on new technologies. “It’s important to understand the root of the workflow,” Alexander said. Multiple data sources lead to multiple formats. “There are massive amounts of data, and a range of different formats. How can we access, store, and retrieve data?”
Those who seek to connect the buy-side and the sell-side quickly discover the different requirements each side has. The know-your-client rule and anti-money-laundering rule mean that “technical onboarding of clients can be challenging.” The system “must be responsive, especially to the sell-side,” he said.
Not having standardized methodology “creates an environment where data loses integrity.” As such, “the processing requirements of CAT are in flux right now” and there is a sense that “the more we review, the more questions we will uncover, and the more unique the problems will be.”
Front, mid, and back-office environments: it’s not uncommon to have different vendors and thus different formats for each. Investigative work will require that some situations must be recreated.
Current status of CAT
Alexander noted the following events of the CAT roll-out plan with projected dates.
SROs begin submitting data to the central repository | November 15, 2017 |
SROs must implement enhanced surveillance using CAT data | January 15, 2018 |
SRO members, except small members, must being submitting data to central repository | November 15, 2018 |
Small SRO members must begin submitting data to the central repository | November 15, 2019 |
“For CAT to be completely functional and to realize the vision of Mary Jo White, we are looking at April 20, 2022,” he said. He speculated that not many in the audience “have worked on project lifecycles of 10 to 12 years.”
Issues with CAT
Alexander said “everyone is aware” that there’s a delay with CAT implementation.
The requirements present a challenge, and this is why there is such a delay. Here are the points Alexander touched on:
• Massive amount of meta data
• Disparate formats and normalization requirements
• Block-chain methodology
• Codes, translations, and identifiers
The delay was not surprising, given the large group of SRO participants, which have different business models, priorities, and weights allocated. As well, “each member has a different set of responsibilities.”
“Malicious things could be done with the data,” he said. Since the CAT idea was conceived, “we’ve had high profile data breaches, such as TransUnion.”
Security versus convenience is a fundamental contradiction of modern life. “Although we all say we are concerned about security, we walk around with our phones connecting often to unknown networks.”
The Real Problem
“The ability to retrieve and utilize data is a problem,” said Alexander. Big data is “quite a headache” and there are many issues still to resolve.
Furthermore, “without big data issues being solved, we can’t use block-chain.” The financial industry is still saddled with legacy technology and siloed structures. ª
Photo of rolling cat is from https://tenor.com/search/autobots-roll-out-cat-gifs
Multiple organizations image is from http://www.mondovisione.com/media-and-resources/news/tabb-group-analyzes-current-state-of-secs-consolidated-audit-trail-cat-in-fir/