Notice2025-04516
Joint Industry Plan; Notice of Filing of Amendment to the National Market System Plan Governing the Consolidated Audit Trail Regarding the Proposed Customer and Account Information System Amendment
Primary source
Metadata and text below are from the Federal Register, a public-domain U.S. government work. Always verify the official published version before relying on it for any legal matter.
Published
March 19, 2025
Issuing agencies
Securities and Exchange Commission
Full Text
<html>
<head>
<title>Federal Register, Volume 90 Issue 52 (Wednesday, March 19, 2025)</title>
</head>
<body><pre>
[Federal Register Volume 90, Number 52 (Wednesday, March 19, 2025)]
[Notices]
[Pages 12845-12856]
From the Federal Register Online via the Government Publishing Office [<a href="http://www.gpo.gov">www.gpo.gov</a>]
[FR Doc No: 2025-04516]
-----------------------------------------------------------------------
SECURITIES AND EXCHANGE COMMISSION
[Release No. 34-102665; File No. 4-698]
Joint Industry Plan; Notice of Filing of Amendment to the
National Market System Plan Governing the Consolidated Audit Trail
Regarding the Proposed Customer and Account Information System
Amendment
March 13, 2025.
I. Introduction
On March 7, 2025, the Consolidated Audit Trail, LLC (``CAT LLC''),
on behalf of the following parties to the National Market System Plan
Governing the Consolidated Audit Trail (the ``CAT NMS Plan'' or
``Plan''): \1\ BOX Exchange LLC; Cboe BYX Exchange, Inc., Cboe BZX
Exchange, Inc., Cboe C2 Exchange, Inc., Cboe EDGA Exchange, Inc., Cboe
EDGX Exchange, Inc., Cboe Exchange, Inc., Financial Industry Regulatory
Authority, Inc., Investors Exchange LLC, Long-Term Stock Exchange,
Inc., MEMX, LLC, Miami International Securities Exchange LLC, MIAX
Emerald, LLC, MIAX PEARL, LLC, MIAX Sapphire, LLC, Nasdaq BX, Inc.,
Nasdaq GEMX, LLC, Nasdaq ISE, LLC, Nasdaq MRX, LLC, Nasdaq PHLX LLC,
The NASDAQ Stock Market LLC, New York Stock Exchange LLC, NYSE American
LLC, NYSE Arca, Inc., NYSE Chicago, Inc., and NYSE National, Inc.
(collectively, the ``Participants,'' ``self-regulatory organizations,''
or ``SROs'') filed with the Securities and Exchange Commission (``SEC''
or ``Commission'') pursuant to Section 11A(a)(3) of the Securities
Exchange Act of 1934 (``Exchange Act''),\2\ and Rule 608 thereunder,\3\
a proposed amendment to the CAT NMS Plan to reduce the amount of
Customer \4\ information in the CAT Customer and Account Information
System (the ``CAIS Amendment'').\5\ Exhibit A sets forth the cumulative
changes proposed to be made to the CAT NMS Plan. The Commission is
publishing this notice to solicit comments from interested persons on
the proposed CAIS Amendment.
---------------------------------------------------------------------------
\1\ In July 2012, the Commission adopted Rule 613 of Regulation
NMS, which required the Participants to jointly develop and submit
to the Commission a national market system plan to create,
implement, and maintain a consolidated audit trail (the ``CAT'').
See Securities Exchange Act Release No. 67457 (July 18, 2012), 77 FR
45722 (Aug. 1, 2012 (``Rule 613 Adopting Release''); 17 CFR 242.613.
On November 15, 2016, the Commission approved the CAT NMS Plan. See
Securities Exchange Act Release No. 78318 (Nov. 15, 2016), 81 FR
84696 (Nov. 23, 2016) (``CAT NMS Plan Approval Order''). The CAT NMS
Plan is Exhibit A to the CAT NMS Plan Approval Order. See CAT NMS
Plan Approval Order, at 84943-85034.
\2\ 15 U.S.C 78k-1(a)(3).
\3\ 17 CFR 242.608.
\4\ A ``Customer'' means ``the account holder(s) of the account
at a registered broker-dealer originating the order; and any person
from whom the broker-dealer is authorized to accept trading
instructions for such account, if different from the account
holder(s). See CAT NMS Plan, supra note 1 at Section 1.1.
\5\ See Letter from Brandon Becker, CAT NMS Plan Operating
Committee Chair, to Vanessa Countryman, Secretary, Commission, dated
March 7, 2025 (``Transmittal Letter'').
---------------------------------------------------------------------------
II. Description of the Plan
Set forth in this Section II is the description of the proposed
CAIS Amendment, along with information required by Rule 608(a) under
the Exchange Act,\6\ as prepared and submitted by the Participants to
the Commission.\7\
---------------------------------------------------------------------------
\6\ See 17 CFR 242.608(a).
\7\ See Transmittal Letter, supra note 5. Unless otherwise
defined herein, capitalized terms used herein are defined as set
forth in the CAT NMS Plan.
---------------------------------------------------------------------------
On February 10, 2025, the SEC published an order (the ``CAIS
Exemption Order'') granting sua sponte exemptive relief from certain
requirements of the CAT NMS Plan related to the reporting of names,
addresses and years of birth for natural persons reported with
transformed social security numbers (``SSNs'')/individual tax payer
identification numbers (``ITINs'') to the Customer and
[[Page 12846]]
Account Information System (``CAIS'').\8\ Under the CAIS Exemption
Order, the Participants must continue to require Industry Members,
through their CAT Compliance Rules, to report to the Central Repository
other required Customer information, including a transformed value for
the SSN/ITIN and the Firm Designated ID (``FDID'') for accounts of such
natural persons.
---------------------------------------------------------------------------
\8\ See Securities Exchange Act Release No. 102386 (Feb. 10,
2025), 90 FR 9642 (Feb. 14, 2025), <a href="https://www.sec.gov/files/rules/sro/nms/2025/34-102386.pdf">https://www.sec.gov/files/rules/sro/nms/2025/34-102386.pdf</a>.
---------------------------------------------------------------------------
CAT LLC believes that there are additional steps that would reduce
the amount of Customer information in the CAT and achieve significant
annual savings in CAT operating costs. Therefore, CAT LLC respectfully
submits this CAIS Amendment to codify and build on the CAIS Exemption
Order in the following ways:
<bullet> First, while the CAIS Exemption Order applies to the
reporting of the exempted Customer information going forward, this CAIS
Amendment would require the deletion of previously reported Customer
information already in the CAT.
<bullet> Second, while the CAIS Exemption Order is permissive,
allowing Industry Members to choose whether to continue reporting the
exempted Customer information to the CAT (and therefore requiring the
CAT to continue to be prepared to accept that information), this CAIS
Amendment would prohibit the continued reporting of the exempted
Customer information to the CAT.
<bullet> Third, while the CAIS Exemption Order applies to some
natural persons, this CAIS Amendment would cover all natural persons
(including, for example, foreign natural persons that are not reported
with transformed SSNs or ITINs) and all legal entity Customers.
<bullet> Fourth, while the CAIS Exemption Order would not result in
cost savings, the CAIS Amendment would allow CAT LLC to achieve an
estimated $12 million in annual cost savings.\9\
---------------------------------------------------------------------------
\9\ All cost savings projections provided in this CAIS Amendment
are the Plan Processor's best estimates based on costs actually
incurred in 2024 (``2024 Actuals'') and are subject to change based
on ongoing improvements to AWS that may reduce current AWS costs.
---------------------------------------------------------------------------
CAT LLC respectfully urges the Commission to approve this CAIS
Amendment expeditiously in order to build on the CAIS Exemption Order
to further address the considerations cited by the SEC in the CAIS
Exemption Order \10\ while also facilitating significant annual cost
savings.
---------------------------------------------------------------------------
\10\ CAIS Exemption Order at 9643-44 (noting that the CAIS
Exemption Order would ensure ``the protection of individual
investors' PII'' in light of ``the increasing sophistication of
cybercriminals and bad actors'').
---------------------------------------------------------------------------
Specifically, CAT LLC proposes to amend the CAT NMS Plan to (i)
formally incorporate and codify the existing CCID Exemption Order to
the CAT NMS Plan,\11\ which was published by the SEC on March 17, 2020,
and has since prohibited Industry Members from reporting SSNs/ITINs,
dates of birth, and account numbers to the CAT, and (ii) newly
eliminate requirements that Industry Members report Customer names,
Customer addresses, account names, account addresses, years of birth,
and authorized trader names (collectively, ``Name, Address, and YOB'')
to the CAT ((i) and (ii), together, the ``Proposed Changes'').\12\ The
Proposed Changes would apply to all Customers--including all natural
person Customers and all legal entity Customers--at both the Customer
and account level.
---------------------------------------------------------------------------
\11\ See Securities Exchange Act Release No. 88393 (Mar. 17,
2020), 85 FR 16152 (Mar. 20, 2020), <a href="https://www.govinfo.gov/content/pkg/FR-2020-03-20/pdf/2020-05935.pdf">https://www.govinfo.gov/content/pkg/FR-2020-03-20/pdf/2020-05935.pdf</a> (``CCID Exemption Order'').
\12\ The Plan Processor would make conforming changes to the CAT
Reporting Customer & Account Technical Specifications for Industry
Members to eliminate any fields related to the Proposed Changes.
---------------------------------------------------------------------------
As discussed in more detail herein, the CAIS Amendment should be
approved because:
<bullet> The Proposed Changes would allow CAT LLC to achieve
significant cost savings of approximately $12 million per year as
compared to 2024 Actuals, which would materially advance CAT LLC's
ongoing efforts to reduce CAT operating costs.\13\
---------------------------------------------------------------------------
\13\ Last year, CAT LLC proposed, and the Commission approved,
separate cost savings amendments that are expected to result in
approximately $21 million in new annual cost savings in the first
year with limited impact on the regulatory function of the CAT,
which cost savings were estimated based on then-estimated 2024
costs. See Order Approving Amendments to the National Market System
Plan Governing the Consolidated Audit Trail Designed to Implement
Cost Savings Measures, Securities Exchange Act Release No. 101901
(Dec. 12, 2024), 89 FR 103033 (Dec. 18, 2024).
---------------------------------------------------------------------------
<bullet> In addition to cost savings, the Proposed Changes would
build on the CCID Exemption Order and the CAIS Exemption Order by
affirmatively eliminating Name, Address, and YOB from the CAT while
preserving regulators' ability to conduct cross-market, cross-broker,
and cross-account surveillance of an individual Customer through a
unique Customer-ID, which was one of the primary regulatory purposes of
SEC Rule 613.\14\ As was the case prior to CAT, regulatory users could
contact Industry Members directly to obtain any sensitive Customer
information, including Names, Addresses, and YOBs.
---------------------------------------------------------------------------
\14\ See, e.g. Securities Exchange Act Release No. 67457 (July
18, 2012), 77 FR 45722, 45757 (Aug. 1, 2012) (``CAT Adopting
Release'') (``The Commission . . . believes that unique customer
identifiers are vital to the effectiveness of the consolidated audit
trail. The inclusion of unique customer identifiers should greatly
facilitate the identification of the orders and actions attributable
to particular customers and thus substantially enhance the
efficiency and effectiveness of the regulatory oversight provided by
the SROs and the Commission. Without the inclusion of unique
customer identifiers, many of the benefits of a consolidated audit
trail . . . would not be achievable.''); CCID Exemption Order at
16156 n.78 (``[I]n the Commission's view, without the Customer-ID,
the value and usefulness of the CAT would be significantly
diminished.'').
---------------------------------------------------------------------------
<bullet> Because the Proposed Changes would allow CAT LLC to
achieve significant cost savings and would eliminate Name, Address, and
YOB from the CAT while preserving the core regulatory objectives of SEC
Rule 613, the benefits of the Proposed Changes significantly outweigh
their costs, and CAT LLC strongly urges the Commission to approve the
CAIS Amendment.
The proposed changes to the CAT NMS Plan to implement the CAIS
Amendment are set forth in Exhibit A to this filing.
Requirements Pursuant to Rule 608(a)
A. Description of the Proposed Amendments to the CAT NMS Plan
1. Permanently Exclude Customer Names, Addresses, and YOBs From CAT
Reporting
a. CAT Reporting Requirements
Under the CAT NMS Plan, the Participants must require Industry
Members to report Customer Identifying Information and Customer Account
Information to the CAT for each of their Customers.\15\ Customer
Identifying Information is defined in Section 1.1 of the CAT NMS Plan
to mean:
---------------------------------------------------------------------------
\15\ See Sections 6.4(d)(ii)(C) and 6.4(d)(iv) of the CAT NMS
Plan.
information of sufficient detail to identify a Customer, including,
but not limited to, (a) with respect to individuals: name, address,
date of birth, individual tax payer identification number
(``ITIN'')/social security number (``SSN''), individual's role in
the account (e.g., primary holder, joint holder, guardian, trustee,
person with the power of attorney); and (b) with respect to legal
entities: name, address, Employer Identification Number (``EIN'')/
Legal Entity Identifier (``LEI'') or other comparable common entity
identifier, if applicable; provided, however, that an Industry
Member that has an LEI for a Customer must submit the Customer's LEI
in addition to other information of sufficient detail to identify a
Customer.\16\
---------------------------------------------------------------------------
\16\ Section 1.1 of the CAT NMS Plan.
[[Page 12847]]
---------------------------------------------------------------------------
Customer Account Information is defined in Section 1.1 of the CAT
NMS Plan to include, but not be limited to:
account type, customer type, date account opened, and large trader
identifier (if applicable); except, however, that (a) in those
circumstances in which an Industry Member has established a trading
relationship with an institution but has not established an account
with that institution, the Industry Member will (i) provide the
Account Effective Date in lieu of the ``date account opened''; (ii)
provide the relationship identifier in lieu of the ``account
number''; and (iii) identify the ``account type'' as a
``relationship''; (b) in those circumstances in which the relevant
account was established prior to the implementation date of the CAT
NMS Plan applicable to the relevant CAT Reporter (as set forth in
Rule 613(a)(3)(v) and (vi)), and no ``date account opened'' is
available for the account, the Industry Member will provide the
Account Effective Date in the following circumstances: (i) where an
Industry Member changes back office providers or clearing firms and
the date account opened is changed to the date the account was
opened on the new back office/clearing firm system; (ii) where an
Industry Member acquires another Industry Member and the date
account opened is changed to the date the account was opened on the
post-merger back office/clearing firm system; (iii) where there are
multiple dates associated with an account in an Industry Member's
system, and the parameters of each date are determined by the
individual Industry Member; and (iv) where the relevant account is
an Industry Member proprietary account.\17\
---------------------------------------------------------------------------
\17\ Section 1.1 of the CAT NMS Plan.
Accordingly, as originally approved by the Commission, the CAT NMS
Plan requires the CAT to capture and store certain Customer Identifying
Information and Customer Account Information in the Central Repository,
including social security numbers, dates of birth, and account
numbers.\18\ In 2018, the Participants submitted a request for
exemptive relief from certain reporting provisions of the CAT NMS Plan
(the ``CCID Exemption Request'').\19\ The CCID Exemption Request was
the product of close coordination between the Participants, Industry
Members, and the Commission to develop alternatives to reporting
Customer information while maintaining sufficient information to
preserve CAT's intended regulatory uses. The Commission granted the
CCID Exemption Request on March 17, 2020,\20\ which is described in
more detail below.
---------------------------------------------------------------------------
\18\ Section 9.1 of Appendix D of the CAT NMS Plan.
\19\ See Letter from Michael Simon, CAT NMS Plan Operating
Committee Chair, to Vanessa Countryman, Secretary, Commission (Jan.
29, 2020), <a href="https://www.catnmsplan.com/sites/default/files/2020-02/Amended-Exemptive-Request-CCID-and-Modified-PII-Approaches%28Final%29.pdf">https://www.catnmsplan.com/sites/default/files/2020-02/Amended-Exemptive-Request-CCID-and-Modified-PII-Approaches%28Final%29.pdf</a>.
\20\ See supra note 11.
---------------------------------------------------------------------------
b. CCID Exemption Order
On March 17, 2020, the Commission granted exemptive relief related
to the reporting of SSNs/ITINs, dates of birth, and account numbers to
the CAT. The CCID Exemption Order allows the Plan Processor to generate
a unique identifier for a Customer, called a CAT Customer-ID
(``CCID''), using a two-phase transformation process that avoids the
requirement to have SSNs/ITINs reported to the CAT as originally
contemplated by SEC Rule 613 and the CAT NMS Plan. In addition, instead
of reporting dates of birth and account numbers, Industry Members are
required to report years of birth and FDIDs.\21\
---------------------------------------------------------------------------
\21\ The term ``Firm Designated ID'' is defined in the CAT NMS
Plan as: ``(1) a unique and persistent identifier for each trading
account designated by Industry Members for purposes of providing
data to the Central Repository provided, however, such identifier
may not be the account number for such trading account if the
trading account is not a proprietary account; (2) a unique and
persistent relationship identifier when an Industry Member does not
have an account number available to its order handling and/or
execution system at the time of order receipt, provided, however,
such identifier must be masked; or (3) a unique and persistent
entity identifier when an employee of an Industry Member is
exercising discretion over multiple client accounts and creates an
aggregated order for which a trading account number of the Industry
Member is not available at the time of order origination, where each
such identifier is unique among all identifiers from any given
Industry Member.'' Section 1.1 of the CAT NMS Plan.
---------------------------------------------------------------------------
The CAIS Amendment would incorporate the CCID Exemption Order into
the CAT NMS Plan and would go further by eliminating Name, Address, and
YOB from the CAT while preserving one of the primary objectives of the
CAT, i.e., the ability for regulators to conduct cross-market
surveillance of a specific Customer. As the Commission explained in the
CCID Exemption Order:
[t]he ability to efficiently and accurately identify individual
Customers will allow regulators to establish those that might be
responsible for illegal conduct, or to identify those that might be
the victim of fraudulent activity. Indeed, one of the hallmarks of
the CAT is the ability to provide customer attribution of order and
trade activity even if such trading activity spans multiple broker-
dealers. Pursuant to the Plan, the identification of Customers is
achieved by the creation and use of the Customer-ID, a code that
uniquely and consistently identifies every Customer. The Commission
continues to believe, as it did when it approved the Plan, that the
ability to link the full life cycle of every order as that order
travels across broker-dealers and market centers to a specific
Customer through the use of a Customer-ID will greatly facilitate
the regulatory and surveillance efforts of regulators. For the
Commission in particular, this ability to identify a Customer
through the use of a CCID will also facilitate the Commission's
efforts in the areas of market reconstruction, market analysis and
rule-making support. Indeed, in the Commission's view, without the
Customer-ID, the value and usefulness of the CAT would be
significantly diminished.\22\
---------------------------------------------------------------------------
\22\ CCID Exemption Order at 16156 n.78.
---------------------------------------------------------------------------
c. CAIS Exemption Order
On February 10, 2025, the Commission published the CAIS Exemption
Order sua sponte, granting exemptive relief related to the reporting of
names, addresses, and years of birth for natural persons reported with
transformed SSNs or ITINs to CAIS. Additional steps would further CAT
LLC's efforts to reduce CAT operating costs and the SEC's
considerations in granting the CAIS Exemption Order.
First, CAT LLC and the Participants understand that the CAIS
Exemption Order is permissive at the discretion of Industry Members
(meaning that Industry Members may choose to take advantage of the
exemptive relief or choose to continue reporting names, addresses, and
years of birth for natural persons reported with transformed SSNs or
ITINs to CAIS) and only applies to natural persons reported with
transformed SSNs or ITINs, and not to natural persons reported without
transformed SSNs/ITINs, including foreign nationals, or to legal
entities. As a result, the Plan Processor must maintain all software
that is required to continue to accept such Customer information for
those Industry Members who choose to continue reporting it, as well as
to support regulatory queries of Name, Address, and YOB data for non-
exempted persons. Consequently, the CAIS Exemption Order will not
result in any cost savings. This CAIS Amendment proposes to fully
eliminate the requirement to report Names, Addresses, and YOBs for all
natural person and legal entity Customers to CAIS. Doing so would
permanently eliminate Name, Address, and YOB from CAT reporting while
also allowing the Plan Processor to eliminate the software that is
required to support regulatory queries of Name, Address, and YOB, which
would result in significant annual cost savings.
Second, in granting its CAIS Exemption Order, the SEC cited
security considerations, concluding that the benefits of reporting
names, addresses, and years of birth for natural persons reported with
transformed SSNs or ITINs no longer justify the potential risks.\23\
However, the CAIS Exemption Order only applies to the reporting of such
Customer information after of the date of the order, and only to the
extent
[[Page 12848]]
that Industry Members choose to discontinue reporting such exempted
Customer information. In addition, the CAIS Exemption Order does not
address the deletion of existing, previously reported Customer
information currently stored in CAIS. Further, the CAIS Exemption Order
does not apply to natural persons who are not reported with transformed
SSNs or ITINs (e.g., foreign nationals) or legal entities. Therefore,
this CAIS Amendment would build on the CAIS Exemption Order by (1)
prohibiting the submission to CAIS of Names, Addresses, and YOBs for
all natural person and legal entity Customers; and (2) requiring CAT
LLC to direct the Plan Processor to delete from CAIS all Names,
Addresses, and YOBs currently stored in the CAT.
---------------------------------------------------------------------------
\23\ See CAIS Exemption Order at 9643-44.
---------------------------------------------------------------------------
d. Proposed Revisions to the CAT NMS Plan
To incorporate the Proposed Changes, CAT LLC proposes certain
revisions to the CAT NMS Plan, including Appendix D of the CAT NMS
Plan, which are described below.\24\
---------------------------------------------------------------------------
\24\ Because the Commission has acknowledged that Appendix C was
not intended to be continually updated once the CAT NMS Plan was
approved, CAT LLC is not proposing to update Appendix C to reflect
the proposed amendments. See Exchange Act Rel. No. 89632 (Aug. 21,
2020), 85 FR 65990 (Oct. 16, 2020).
---------------------------------------------------------------------------
i. Revisions to the CAT NMS Plan
CAT LLC proposes adding certain new defined terms to Section 1.1 of
the CAT NMS Plan. Specifically, CAT LLC would add new defined terms for
``CAIS,'' ``CCID Subsystem,'' and ``Transformed Identifier'' or
``TID,'' which would read as follows:
`` `CAIS' means the customer and account information system of
the CAT.
* * * * *
`CCID Subsystem' means the isolated subsystem of CAIS that
exists solely to transform input TID values into CCID values.
* * * * *
`Transformed Identifier' or `TID' means the transformed version
of the individual tax payer identification number (`ITIN') or social
security number (`SSN') submitted by Industry Members in place of an
ITIN or SSN.''
CAT LLC would also add the phrase ``or `CAT Customer-ID' or `CCID'
'' to the current definition of ``Customer-ID.'' The revised definition
would read as follows:
`` `Customer-ID' or `CAT Customer-ID' or `CCID' has the same
meaning provided in SEC Rule 613(j)(5).''
In addition to these new defined terms, CAT LLC also proposes
revising certain defined terms in the Plan to incorporate existing
reporting requirements that are currently outlined in the CCID
Exemption Order and to remove references to Name, Address, and YOB.
First, CAT LLC proposes to eliminate from the definition of ``Customer
Account Information'' prior references to ``account number'' and to
insert the parenthetical phrase, ``(excluding, for the avoidance of
doubt, account number),'' to clarify that account numbers are not
reportable to the CAT pursuant to the CCID Exemption Order.\25\ As an
additional clarification, CAT LLC proposes to add the sentence, ``For
the avoidance of doubt, Industry Members are required to provide a Firm
Designated ID in accordance with this Agreement'' to the end of the
definition. Additionally, CAT LLC proposes to change the defined term
from ``Customer Account Information'' to ``Account Attributes'' to more
accurately describe the information that can be attributed to a
Customer's account under this definition. Relatedly, CAT LLC proposes
to eliminate the term ``Customer Account Information'' and to replace
that term with ``Account Attributes'' throughout the CAT NMS Plan.\26\
As revised, the proposed definition of ``Account Attributes'' would
read as follows:
---------------------------------------------------------------------------
\25\ Under the FDID definition, see supra note 21, Industry
Members may elect to use an actual account number for any
proprietary account of the firm when reporting an FDID.
\26\ With respect to FAM-related defined terms, CAT LLC proposes
to add a footnote in the definition of ``Full Availability and
Regulatory Utilization of Transactional Database Functionality''
stating that ``[e]ffective [DATE], `Customer Account Information' as
used in the Financial Accountability Milestones (Initial Industry
Member Core Equity Reporting; Full Implementation of Core Equity
Reporting; Full Availability and Regulatory Utilization of
Transactional Database Functionality; and Full Implementation of CAT
NMS Plan Requirements) is no longer a defined term and has been
superseded by the new defined term `Account Attributes'.'' This
language is intended to address any confusion caused by the use of
``Customer Account Information'' in the Plan after that defined term
is changed to ``Account Attributes'' in Section 1.1.
`` `Account Attributes' shall include, but not be limited to,
account type, customer type, date account opened, and large trader
identifier (if applicable) (excluding, for the avoidance of doubt,
account number); except, however, that (a) in those circumstances in
which an Industry Member has established a trading relationship with
an institution but has not established an account with that
institution, the Industry Member will (i) provide the Account
Effective Date in lieu of the `date account opened'; and (ii)
identify the `account type' as a `relationship'; (b) in those
circumstances in which the relevant account was established prior to
the implementation date of the CAT NMS Plan applicable to the
relevant CAT Reporter (as set forth in Rule 613(a)(3)(v) and (vi)),
and no `date account opened' is available for the account, the
Industry Member will provide the Account Effective Date in the
following circumstances: (i) where an Industry Member changes back
office providers or clearing firms and the date account opened is
changed to the date the account was opened on the new back office/
clearing firm system; (ii) where an Industry Member acquires another
Industry Member and the date account opened is changed to the date
the account was opened on the post-merger back office/clearing firm
system; (iii) where there are multiple dates associated with an
account in an Industry Member's system, and the parameters of each
date are determined by the individual Industry Member; and (iv)
where the relevant account is an Industry Member proprietary
account. For the avoidance of doubt, Industry Members are required
---------------------------------------------------------------------------
to provide a Firm Designated ID in accordance with this Agreement.
Second, CAT LLC proposes revising the definition of ``Customer
Identifying Information'' to reflect reporting practices described in
the CCID Exemption Order and to remove references to Name, Address, and
YOB from the definition. Additionally, CAT LLC proposes to change the
defined term from ``Customer Identifying Information'' to ``Customer
Attributes'' to more accurately describe the information that could be
attributable to a Customer in light of the proposal to remove Name,
Address, and YOB from the definition. Relatedly, CAT LLC proposes to
eliminate the term ``Customer Identifying Information'' and to replace
that term with ``Customer Attributes'' throughout the CAT NMS Plan.\27\
As revised, the proposed definition of ``Customer Attributes'' would
read as follows:
---------------------------------------------------------------------------
\27\ With respect to FAM-related defined terms, CAT LLC proposes
to add a footnote in the definition of ``Full Availability and
Regulatory Utilization of Transactional Database Functionality''
stating that ``[e]ffective [DATE], `Customer Identifying
Information' as used in the Financial Accountability Milestones
(Initial Industry Member Core Equity Reporting; Full Implementation
of Core Equity Reporting; Full Availability and Regulatory
Utilization of Transactional Database Functionality; and Full
Implementation of CAT NMS Plan Requirements) is no longer a defined
term and has been superseded by the new defined term `Customer
Attributes'.'' This language is intended to address any confusion
caused by the use of ``Customer Identifying Information'' in the
Plan after that defined term is changed to ``Customer Attributes''
in Section 1.1.
`` `Customer Attributes' means information attributed to a
Customer, including, but not limited to, (a) with respect to
individuals: TID and the individual's role in the account (e.g.,
primary holder, joint holder, guardian, trustee, person with the
power of attorney); and (b) with respect to legal entities: Employer
Identification Number (`EIN')/Legal Entity Identifier (`LEI') or
other comparable common entity identifier, if applicable; provided,
however, that an Industry Member
[[Page 12849]]
---------------------------------------------------------------------------
that has an LEI for a Customer must submit the Customer's LEI.''
Finally, CAT LLC proposes adding a new defined term ``Customer and
Account Attributes'' to replace the defined term ``PII'' throughout the
CAT NMS Plan. This new defined term would refer, collectively, to all
of the attributes in the definitions of ``Customer Attributes'' and
``Account Attributes'' described above. This term is a useful and
efficient way to refer to all of the data attributes associated with a
Customer (whether a natural person or a legal entity) that must be
reported to the CAT. Furthermore, CAT LLC believes that it is
appropriate to delete the defined term ``PII'' from the CAT NMS Plan
and to replace it with the defined term ``Customer and Account
Attributes'' because that term would more accurately describe the data
attributes related to Customers and Customer accounts that must be
reported to the CAT now that Customer name, Customer address, account
name, account address, authorized trader names list, account number,
day of birth, month of birth, year of birth, and ITIN/SSN would be
eliminated from the CAT under this CAIS Amendment. Therefore, CAT LLC
proposes to delete the definition of ``PII'' from the Plan and to
replace it with the defined term ``Customer and Account Attributes''
throughout the CAT NMS Plan. Specifically, the term ``Customer and
Account Attributes'' would replace the term ``PII'' in Sections
6.2(b)(v)(F) and 6.10(c)(ii), and Appendix D, Sections 4.1; 4.1.2;
4.1.4; 6.2; 8.1.1; 8.1.3; 8.2; and 8.2.2.\28\ The new term ``Customer
and Account Attributes'' would be defined as follows:
---------------------------------------------------------------------------
\28\ Additionally, the term ``Customer and Customer Account
Information,'' which is used in Sections 9 and 10 of Appendix D,
would be updated to ``Customer and Account Attributes'' in each
instance for consistency and to clarify the scope of information
contemplated by those Sections.
`` `Customer and Account Attributes' shall mean the data
elements in Account Attributes and Customer Attributes.''
ii. Revisions to Appendix D
CAT LLC also proposes revising certain provisions of Appendix D of
the CAT NMS Plan to incorporate the CCID Exemption Order and to remove
references to Name, Address, and YOB.
First, CAT LLC proposes revising Section 9.1 of Appendix D to make
clear that, at a minimum, the CAT must capture Transformed Identifiers
with respect to individuals and Legal Entity Identifiers with respect
to legal entities. Additionally, CAT LLC proposes certain conforming
changes to Section 9.1 of Appendix D relating to (a) Plan Processor
data validation processes; and (b) the Plan Processor's procedures for
assigning a unique CCID to each Customer. These conforming changes are
intended to reflect reporting practices and the scope of reportable
data contemplated by the CCID Exemption Order and the other Proposed
Changes described in this amendment (i.e., eliminating Name, Address,
and YOB from CAIS). Finally, references in Section 9.1 to ``Customer
and Customer Account Information'' have been changed to ``Customer and
Account Attributes'' consistent with the new defined term described
above. As revised, Section 9.1 of Appendix D would read as follows:
``9.1 Customer and Account Attributes Storage
The CAT must capture and store Customer and Account Attributes
in a secure database physically separated from the transactional
database. The Plan Processor will maintain certain information
attributed to each Customer across all CAT Reporters, and associated
accounts from each CAT Reporter. At a minimum, the CAT must capture
Transformed Identifiers.
For legal entities, the CAT must capture Legal Entity
Identifiers (LEIs) (if available).
The Plan Processor must maintain valid Customer and Account
Attributes for each trading day and provide a method for
Participants' regulatory staff and the SEC to easily obtain
historical changes to that information.
The Plan Processor will use the Transformed Identifier submitted
by all broker-dealer CAT Reporters to the isolated CCID Subsystem to
assign a unique Customer-ID for each Customer. The Customer-ID must
be consistent across all broker-dealers that have an account
associated with that Customer. This unique CAT-Customer-ID will not
be returned to CAT Reporters and will only be used internally by the
CAT.
Broker-Dealers will initially submit full account lists for all
active accounts to the Plan Processor and subsequently submit
updates and changes on a daily basis. In addition, the Plan
Processor must have a process to periodically receive full account
lists to ensure the completeness and accuracy of the account
database. The Central Repository must support account structures
that have multiple account owners and associated Customer
information (joint accounts, managed accounts, etc.), and must be
able to link accounts that move from one CAT Reporter to another
(e.g., due to mergers and acquisitions, divestitures, etc.).''
Second, CAT LLC proposes revising Section 9.2 of Appendix D to make
clear that the Central Repository will not accept data attributes
related to an account owner's name, mailing address, or tax identifier.
Additionally, the proposed revisions would indicate that the Central
Repository must accept Transformed Identifiers with respect to
Customers that are individuals and EINs with respect to Customers that
are legal entities. As revised, Section 9.2 of Appendix D would read as
follows:
``9.2 Required Data Attributes for Customer Information Data Submitted
by Industry Members
At a minimum, the following Customer information data attributes
must be accepted by the Central Repository:
<bullet> Transformed Identifier (with respect to individuals) or
EIN (with respect to legal entities);
<bullet> Market Identifiers (Larger Trader ID, LEI);
<bullet> Type of Account;
<bullet> Firm Identifier Number;
[cir] The number that the CAT Reporter will supply on all orders
generated for the Account;
<bullet> Prime Broker ID;
<bullet> Bank Depository ID; and
<bullet> Clearing Broker.''
Third, CAT LLC proposes revising Section 9.3 of Appendix D to
incorporate the existing process by which the Plan Processor determines
a unique CAT-Customer-ID for each Customer under the CCID Exemption
Order. As revised, Section 9.3 of Appendix D would read as follows:
``9.3 Customer-ID Tracking
The Plan Processor will assign a CAT-Customer-ID for each unique
Customer. The Plan Processor will generate and assign a unique CAT-
Customer-ID for each Transformed Identifier submitted by broker-
dealer CAT Reporters to the isolated CCID Subsystem. Once a CAT-
Customer-ID is assigned, it will be added to each linked (or
unlinked) order record for that Customer.
Participants and the SEC must be able to use the unique CAT-
Customer-ID to track orders from any Customer or group of Customers,
regardless of what brokerage account was used to enter the order.''
Fourth, CAT LLC proposes revising Section 9.4 of Appendix D to
eliminate the requirement that the Plan Processor design and implement
procedures and mechanisms to handle minor and material inconsistencies
in Customer information. Minor data discrepancies refer specifically to
variations in road name abbreviations for Customer addresses. Because
this amendment would eliminate Name, Address, and YOB, the Plan
requirement that the Central Repository be able to accommodate minor
data discrepancies related to Customer addresses is no longer relevant.
More broadly the inconsistency checks that are currently performed by
the Plan Processor to handle both minor and material inconsistencies
provide minimal value and impose unnecessary costs on Participants and
Industry Members. As
[[Page 12850]]
revised, Section 9.4 of Appendix D would read as follows:
``9.4 Error Resolution for Customer Data
The Central Repository must have an audit trail showing the
resolution of all errors. The audit trail must, at a minimum,
include the:
<bullet> CAT Reporter submitting the data;
<bullet> Initial submission date and time;
<bullet> Data in question or the ID of the record in question;
<bullet> Reason identified as the source of the issue;
<bullet> Date and time the issue was transmitted to the CAT
Reporter, included each time the issue was re-transmitted, if more
than once;
<bullet> Corrected submission date and time, including each
corrected submission if more than one, or the record ID(s) of the
corrected data or a flag indicating that the issue was resolved and
corrected data was not required; and
<bullet> Corrected data, the record ID, or a link to the
corrected data.''
Finally, CAT LLC proposes adding a new Section 9.5 to Appendix D,
which would require CAT LLC to direct the Plan Processor to delete from
CAIS all existing Customer data and information contemplated by the
Proposed Changes and clarify that such Customer data and information do
not constitute records that CAT LLC must retain under Exchange Act Rule
17a-1. Furthermore, to the extent that either CAT LLC or the Plan
Processor becomes aware through self-reporting or otherwise that an
Industry Member has improperly reported any such Customer data or
information, this CAIS Amendment would permit its deletion. The new
Section 9.5 of Appendix D would be entitled ``Deletion from CAIS of
Certain Reported Customer Data'' and would read as follows:
``9.5 Deletion From CAIS of Certain Reported Customer Data
Notwithstanding any other provision of the CAT NMS Plan, this
Appendix D, or the Exchange Act, CAT LLC shall direct the Plan
Processor to develop and implement a mechanism to delete from CAIS,
or otherwise make inaccessible to regulatory users, the following
data attributes: Customer name, Customer address, account name,
account address, authorized trader names list, account number, day
of birth, month of birth, year of birth, and ITIN/SSN. For the
avoidance of doubt, such data attributes do not constitute records
that must be retained under Exchange Act Rule 17a-1. CAT LLC or the
Plan Processor shall be permitted to delete any such information
that has been improperly reported by an Industry Member to the
extent that either becomes aware of such improper reporting through
self-reporting or otherwise.''
To the extent that the Commission deems it necessary to grant
exemptive relief from the recordkeeping and data retention requirements
of Rule 17a-1 under the Exchange Act in order to effectuate the
Proposed Changes, the Participants request such exemptive relief with
respect to the deletion of such reported data described above on a
retroactive and prospective basis.
2. Justifications for the CAIS Amendment
a. The CAIS Amendment Would Result in an Estimated $12 Million in Cost
Savings Each Year
The CAT's operating budget for 2025 includes approximately $35.5
million in CAIS-related costs, which includes: (1) $20.7 million in
operating fees payable to the Plan Processor to operate and maintain
CAIS; \29\ (2) a $2.8 million CAIS-related annual license fee payable
to the Plan Processor; and (3) approximately $12 million in CAIS-
related cloud hosting services fees.
---------------------------------------------------------------------------
\29\ This CAIS operating fee is separate and in addition to a
$30.8 million operating fee payable to the Plan Processor to operate
and maintain the transaction database for the CAT.
---------------------------------------------------------------------------
In total, the CAIS Amendment would allow CAT LLC to achieve
approximately $10 million to $12 million in cost savings each year as
compared to 2024 Actuals. First, the Plan Processor has proposed
reducing its CAIS operating fees by approximately $5 million per year
if the Proposed Changes are adopted.\30\ As a result, CAIS operating
fees payable to the Plan Processor would be reduced from approximately
$20.7 million to $15.7 million annually. The $2.8 million annual
license fee payable to the Plan Processor would be unaffected by this
CAIS Amendment. Second, the Plan Processor estimates approximately $5
million to $7 million in savings per year related to cloud hosting
services fees.\31\ Accordingly, the CAIS-related cloud hosting services
fees, based on 2024 Actuals, would be reduced from approximately $12
million to approximately $5 million to $7 million. These cost savings
estimates are based on certain assumptions and the current scope of the
CAT, and may vary based on, among other things, the details of the
requirements in any final amendment approved by the Commission.
---------------------------------------------------------------------------
\30\ The CAIS annual operating fee payable to the Plan Processor
for 2025, which includes fees to pay for software that is required
to support regulatory queries of CAIS data, is approximately $20.7
million per year. By eliminating the software that is required to
support regulatory queries of Name, Address, and YOB data, the CAIS
annual operating fee would be reduced to approximately $15.7 million
per year, which is a difference of approximately $5 million per
year.
\31\ CAT LLC currently budgets $12 million per year for CAIS
cloud hosting services fees. Under the CAIS Amendment, CAIS cloud
hosting services fees would total between approximately $5 million
and $7 million per year, which represents a savings of between $5
million and $7 million per year.
---------------------------------------------------------------------------
To implement the CAIS Amendment, the Plan Processor has proposed a
one-time change request implementation fee of approximately $4.5
million to $5.5 million.\32\ One-time implementation costs will
generally consist of Plan Processor labor costs associated with coding
and software development, as well as any related cloud fees associated
with the development, testing, and load testing of the Proposed
Changes. Even accounting for this one-time implementation cost, the
CAIS Amendment would allow CAT LLC to achieve approximately $5.5
million in cost savings in the first year followed by approximately $10
million to $12 million in cost savings each year thereafter, based on
2024 Actuals.
---------------------------------------------------------------------------
\32\ The Plan Processor estimates that it would take
approximately 9 to 12 months to fully implement the Proposed
Changes.
---------------------------------------------------------------------------
CAT operating costs are estimated to approach $250 million in 2025
as data volumes continue to reach record highs.\33\ CAT LLC and the
Plan Processor have put significant effort into reducing CAT costs that
are within their control given the strict reporting requirements in the
CAT NMS Plan, but additional cost savings measures--like those
contemplated in this CAIS Amendment--require Commission action to
permit their implementation. While the Commission recently approved a
cost savings proposal from CAT LLC, it is critical to continue thinking
carefully about ways to further reduce CAT costs while preserving the
CAT's intended regulatory uses. The CAIS Amendment would do just that.
The potential cost savings associated with the amendment are
significant and would materially advance CAT LLC's ongoing cost savings
efforts \34\ without impacting the ability of regulators to perform
cross-market surveillance or to otherwise use the CAT for its intended
regulatory purposes. Therefore, CAT LLC urges the Commission to approve
the CAIS Amendment to allow for
[[Page 12851]]
additional annual savings of approximately $12 million compared to 2024
Actuals.
---------------------------------------------------------------------------
\33\ On March 4, 2025, data volumes exceeded 1 trillion
reportable events for the first time.
\34\ For example, CAT LLC filed a cost savings amendment, which
the Commission recently approved on December 12, 2024, that will
permit approximately $21 million in annual cost savings, which cost
savings were estimated based on then-estimated 2024 costs. See
Letter from Brandon Becker, CAT NMS Plan Operating Committee Chair,
to Vanessa Countryman, Secretary, Commission (Mar. 27, 2024); Letter
from Brandon Becker, CAT NMS Plan Operating Committee Chair, to
Vanessa Countryman, Secretary, Commission (Sept. 20, 2024); Order
Approving Amendments to the National Market System Plan Governing
the Consolidated Audit Trail Designed to Implement Cost Savings
Measures, Securities Exchange Act Release No. 101901 (Dec. 12,
2024), 89 FR 103033 (Dec. 18, 2024).
---------------------------------------------------------------------------
b. The CAIS Amendment Also Would Build on the CCID Exemption Order and
the CAIS Exemption Order to Further Address the SEC's Stated Security
Considerations
In addition to allowing CAT LLC to achieve significant annual cost
savings, the CAIS Amendment reflects a continuation of prior efforts to
reduce Customer information in the CAT. Specifically, the CAIS
Amendment would build on the CCID Exemption Order, which currently
prohibits Industry Members from reporting SSNs/ITINs, dates of birth,
and account numbers to the CAT. This CAIS Amendment would remove
additional data attributes from the CAT, i.e., Name, Address, and YOB,
while preserving the regulatory goals of SEC Rule 613 because the Plan
Processor would continue to create a unique CCID allowing regulators to
conduct cross-market, cross-broker, and cross-account surveillance.
Furthermore, the CAIS Amendment would further address the security-
related considerations cited by the SEC in the CAIS Exemption Order
with respect to all Customers. As discussed in more detail above, the
CAIS Exemption Order grants relief from the requirement to report
names, addresses, and years of birth for natural persons reported with
transformed SSNs or ITINs to CAIS, but it does not address the deletion
of existing data currently stored in CAIS. Therefore, the CAIS
Exemption Order only addresses new natural persons reported with
transformed SSNs or ITINs added to CAIS after the date of the order. It
does not address the SEC's cited security considerations with respect
to (1) existing natural persons reported with transformed SSNs or ITINs
with data already stored in CAIS; (2) natural persons who are not
reported with transformed SSNs or ITINs, including foreign nationals;
or (3) legal entity Customers. This proposed CAIS Amendment addresses
the SEC's security considerations with respect to all Customers--
including all natural person and all legal entity Customers, both new
and existing--by fully eliminating the requirement to report Names,
Addresses, and YOBs to CAIS for all Customers and by requiring CAT LLC
to direct the Plan Processor to delete all such information that is
currently stored in the CAT.
c. The Proposed Changes Would Preserve the Core Regulatory Purposes of
CAIS
Under this CAIS Amendment, Industry Members would continue
reporting basic Customer and account information (e.g., TID, account
type) to CAIS, but the information reported would no longer include
Name, Address, and YOB. Industry Members would also continue reporting
Transformed Identifiers to the CCID Subsystem in the same manner as
they do today pursuant to the CCID Exemption Order.
Similarly, the Plan Processor would continue creating a CCID for
each unique Transformed Identifier in the same way that it does today.
As such, a daily mapping of CCID to FDID would continue to be provided
to the transactional database by the CAT System to provide CCID
enrichment of transaction data. Additionally, the CAIS query tool would
continue to be provided to allow the subset of regulatory users that
have been authorized to access the CAIS database to search basic
Customer and account information, minus Name, Address, and YOB. As was
the case before CAT, regulatory users would need to contact Industry
Members directly to obtain any more sensitive Customer information,
including Name, Address, and YOB.
In short, the proposed CAIS Amendment would not impact how the Plan
Processor provides CCID enrichment of transaction data. It would simply
remove certain unnecessary Customer information (i.e., Name, Address,
and YOB) from the CAT in order to achieve significant cost savings
while building on the existing CCID Exemption Order and the CAIS
Exemption Order. Because the Plan Processor would continue to provide
CCID enrichment of transaction data, the proposed CAIS Amendment would
not impact the ability of regulators to track a Customer's trading
activity across accounts, broker-dealers, and markets. By preserving
regulators' ability to perform such cross-market, cross-broker, and
cross-account surveillance, the CAIS Amendment would achieve
significant cost savings and reduce unnecessary Customer information in
the CAT without impacting a key aspect of CAT's intended regulatory
uses.
d. The Benefits of the Proposed Changes Significantly Outweigh Their
Costs
The benefits of the CAIS Amendment significantly outweigh its
costs. As described above, the CAIS Amendment would further address the
SEC's security considerations noted in the CAIS Exemption Order by
reducing the amount of Customer information in the CAT. In addition,
the CAIS Amendment would allow CAT LLC to achieve an estimated $12
million in cost savings each year as compared to 2024 Actuals, which
would materially advance CAT LLC's ongoing efforts to reduce CAT
operating costs. It would also build on CAT LLC's prior efforts to
reduce Customer information in the CAT and the CAIS Exemption Order by
eliminating the Plan requirement to report Name, Address, and YOB to
CAIS for all Customers. At the same time, other than one-time
implementation costs of approximately $4.5 million to $5.5 million
(which would be fully offset by savings in the first year), the costs
associated with the CAIS Amendment are minimal. If adopted, the CAIS
Amendment would not change the Plan Processor's practices related to
creating a unique CCID for each Customer and performing CCID enrichment
of transaction data. While regulatory users would no longer be able to
use the CAIS query tool to search for Name, Address, and YOB
information, they would still be able to track Customer trading
activity across accounts, broker-dealers, and markets without access to
that information by using a CCID because the Plan Processor would
continue performing CCID enrichment of transaction data in the same way
that it does today. Furthermore, if it becomes necessary for a
regulatory user to obtain Name, Address, and YOB data, that information
could still be obtained directly from Industry Members. In this way,
the CAIS Amendment would not affect how regulators use the CAT, and any
added cost associated with obtaining Name, Address, and YOB information
from Industry Members is significantly outweighed by the estimated $12
million in cost savings that the proposed CAIS Amendment would allow
CAT LLC to recognize each year as compared to 2024 Actuals.
For all of these reasons, CAT LLC strongly urges the Commission to
approve the CAIS Amendment.
B. Governing or Constituent Documents
Not applicable.
C. Implementation of Amendment
The Participants propose to implement the proposal upon approval of
the proposed amendment to the CAT NMS Plan by directing the Plan
Processor to make the technological changes to CAIS reporting required
to effectuate the Proposed Changes and by amending their individual CAT
[[Page 12852]]
Compliance Rules to reflect the more limited scope of Customer-and-
account-related information that would be required to be reported to
CAIS as a result of implementing the Proposed Changes.
D. Development and Implementation Phases
Subject to SEC approval of this CAIS Amendment, the Participants
and the Plan Processor, in consultation with Industry Members, will
determine and communicate an implementation schedule to effectuate the
Proposed Changes.
E. Analysis of Impact on Competition
CAT LLC does not believe that the CAIS Amendment would result in
any burden on competition that is not necessary or appropriate in
furtherance of the purposes of the Exchange Act. Indeed, CAT LLC
believes that the CAIS Amendment will have a positive impact on
competition, efficiency and capital formation. The CAIS Amendment will
provide significant savings in CAT costs and will eliminate Name,
Address, and YOB from the CAT while imposing minimal impact on the
regulatory use of CAT Data. Such substantial cost savings would inure
to the benefit of all participants in the markets for NMS Securities
and OTC Equity Securities, including Participants, Industry Members,
and most importantly, the investors.
In addition to providing significant cost savings, the CAIS
Amendment would incorporate the existing CCID Exemption Order and build
on the CAIS Exemption Order, both of which the Commission found to be
appropriate in the public interest and consistent with the protection
of investors.\35\ Because this CAIS Amendment would build on the CCID
Exemption Order and the CAIS Exemption Order to further reduce the
amount of Customer-and-account-related information in the CAT by
eliminating Name, Address, and YOB without impacting the intended
regulatory goals of SEC Rule 613, CAT LLC believes that the CAIS
Amendment is appropriate in the public interest and consistent with the
protection of investors. In this way, the CAIS Amendment would enhance
the markets for NMS Securities and OTC Equity Securities for all market
participants.
---------------------------------------------------------------------------
\35\ See CCID Exemption Order at 16156; CAIS Exemption Order at
9646.
---------------------------------------------------------------------------
Furthermore, the CAIS Amendment would provide significant cost
savings and build on the CCID Exemption Order and the CAIS Exemption
Order without creating any disparate impact among Industry Members with
Customers. This is because the CAIS Amendment would require all
Industry Members to report the same narrower scope of Customer-and-
account-related information to the CAT. Therefore, the CAIS Amendment
would have the same effect on all Industry Members with Customers.
For all of these reasons, CAT LLC does not believe that the CAIS
Amendment would result in any burden on competition that is not
necessary or appropriate in furtherance of the purposes of the Exchange
Act.
F. Written Understanding or Agreements Relating to Interpretation of,
or Participation in Plan
Not applicable.
G. Approval by Plan Sponsors in Accordance With Plan
Section 12.3 of the CAT NMS Plan states that, subject to certain
exceptions, the CAT NMS Plan may be amended from time to time only by a
written amendment, authorized by the affirmative vote of not less than
two-thirds of all of the Participants, that has been approved by the
SEC pursuant to Rule 608 of Regulation NMS under the Exchange Act or
has otherwise become effective under Rule 608 of Regulation NMS under
the Exchange Act. In addition, the proposed amendment was discussed
during Operating Committee meetings. The Participants, by a vote of the
Operating Committee taken on March 4, 2025, have authorized the filing
of this proposed amendment with the SEC in accordance with the CAT NMS
Plan.
H. Description of Operation of Facility Contemplated by the Proposed
Amendment
Not applicable.
I. Terms and Conditions of Access
Not applicable.
J. Method of Determination and Imposition, and Amount of, Fees and
Charges
Not applicable.
K. Method and Frequency of Processor Evaluation
Not applicable.
L. Dispute Resolution
Not applicable.
III. Solicitation of Comments
The Commission seeks comment on the amendment. Interested persons
are invited to submit written data, views and arguments concerning the
foregoing, including whether the amendment is consistent with the
Exchange Act. Comments may be submitted by any of the following
methods:
Electronic Comments
<bullet> Use the Commission's internet comment form (<a href="http://www.sec.gov/rules/sro.shtml">http://www.sec.gov/rules/sro.shtml</a>); or
<bullet> Send an email to <a href="/cdn-cgi/l/email-protection#097b7c656c246a6664646c677d7a497a6c6a276e667f"><span class="__cf_email__" data-cfemail="542621383179373b3939313a2027142731377a333b22">[email protected]</span></a>. Please include
File Number 4-698 on the subject line.
Paper Comments
<bullet> Send paper comments in triplicate to Secretary, Securities
and Exchange Commission, 100 F Street NE, Washington, DC 20549-1090.
All submissions should refer to File Number 4-698. This file number
should be included on the subject line if email is used. To help the
Commission process and review your comments more efficiently, please
use only one method. The Commission will post all comments on the
Commission's internet website (<a href="http://www.sec.gov/rules/sro.shtml">http://www.sec.gov/rules/sro.shtml</a>).
Copies of the submission, all subsequent amendments, all written
statements with respect to the proposed plan amendment that are filed
with the Commission, and all written communications relating to the
amendment between the Commission and any person, other than those that
may be withheld from the public in accordance with the provisions of 5
U.S.C. 552, will be available for website viewing and printing in the
Commission's Public Reference Room, 100 F Street NE, Washington, DC
20549, on official business days between the hours of 10:00 a.m. and
3:00 p.m. Copies of the filing also will be available for inspection
and copying at the Participants' offices. All comments received will be
posted without change. Persons submitting comments are cautioned that
we do not redact or edit personal identifying information from comment
submissions. You should submit only information that you wish to make
available publicly. All submissions should refer to File Number 4-698
and should be submitted on or before April 9, 2025.
---------------------------------------------------------------------------
\36\ 17 CFR 200.30-3(a)(85).
For the Commission, by the Division of Trading and Markets,
pursuant to delegated authority.\36\
Sherry R. Haywood,
Assistant Secretary.
[[Page 12853]]
Exhibit A
Proposed Revisions to the CAT NMS Plan
Additions italicized; deletions [bracketed]
* * * * *
Article I
Definitions
* * * * *
Section 1.1. Definitions.
* * * * *
``[Customer ]Account Attributes[Information]'' shall include, but
not be limited to, [account number, ]account type, customer type, date
account opened, and large trader identifier (if applicable) (excluding,
for the avoidance of doubt, account number); except, however, that (a)
in those circumstances in which an Industry Member has established a
trading relationship with an institution but has not established an
account with that institution, the Industry Member will (i) provide the
Account Effective Date in lieu of the ``date account opened''; [(ii)
provide the relationship identifier in lieu of the ``account number'';
]and (ii[i]) identify the ``account type'' as a ``relationship''; (b)
in those circumstances in which the relevant account was established
prior to the implementation date of the CAT NMS Plan applicable to the
relevant CAT Reporter (as set forth in Rule 613(a)(3)(v) and (vi)), and
no ``date account opened'' is available for the account, the Industry
Member will provide the Account Effective Date in the following
circumstances: (i) where an Industry Member changes back office
providers or clearing firms and the date account opened is changed to
the date the account was opened on the new back office/clearing firm
system; (ii) where an Industry Member acquires another Industry Member
and the date account opened is changed to the date the account was
opened on the post-merger back office/clearing firm system; (iii) where
there are multiple dates associated with an account in an Industry
Member's system, and the parameters of each date are determined by the
individual Industry Member; and (iv) where the relevant account is an
Industry Member proprietary account. For the avoidance of doubt,
Industry Members are required to provide a Firm Designated ID in
accordance with this Agreement.
* * * * *
``CAIS'' means the customer and account information system of the
CAT.
* * * * *
``CCID Subsystem'' means the isolated subsystem of CAIS that exists
solely to transform input TID values into CCID values.
* * * * *
``Customer and Account Attributes'' shall mean the data elements in
Account Attributes and Customer Attributes.
``Customer Attributes[Identifying Information]'' means information
[of sufficient detail to identify ]attributed to a Customer, including,
but not limited to, (a) with respect to individuals: [name, address,
date of birth, individual tax payer identification number (``ITIN'')/
social security number (``SSN''),] TID and the individual's role in the
account (e.g., primary holder, joint holder, guardian, trustee, person
with the power of attorney); and (b) with respect to legal entities:
[name, address, ]Employer Identification Number (``EIN'')/Legal Entity
Identifier (``LEI'') or other comparable common entity identifier, if
applicable; provided, however, that an Industry Member that has an LEI
for a Customer must submit the Customer's LEI[ in addition to other
information of sufficient detail to identify a Customer].
``Customer-ID'' or ``CAT Customer-ID'' or ``CCID'' has the same
meaning provided in SEC Rule 613(j)(5).
* * * * *
``Full Availability and Regulatory Utilization of Transactional
Database Functionality'' means the point at which: (a) reporting to the
Order Audit Trail System (``OATS'') is no longer required for new
orders; (b) Industry Member reporting for equities transactions and
simple electronic options transactions, excluding Customer Account
Information,* Customer-ID, and Customer Identifying Information,* with
sufficient intra-firm linkage, inter-firm linkage, national securities
exchange linkage, trade reporting facilities linkage, and
representative order linkages (including any equities allocation
information provided in an Allocation Report) to permit the
Participants and the Commission to analyze the full lifecycle of an
order across the national market system, from order origination through
order execution or order cancellation, is developed, tested, and
implemented at a 5% Error Rate or less; (c) Industry Member reporting
for manual options transactions and complex options transactions,
excluding Customer Account Information, Customer-ID, and Customer
Identifying Information, with all required linkages to permit the
Participants and the Commission to analyze the full lifecycle of an
order across the national market system, from order origination through
order execution or order cancellation, including any options allocation
information provided in an Allocation Report, is developed, tested, and
fully implemented; (d) the query tool functionality required by Section
6.10(c)(i)(A) and Appendix D, Sections 8.1.1-8.1.3, Section 8.2.1, and
Section 8.5 incorporates the data described in conditions (b)-(c) and
is available to the Participants and to the Commission; and (e) the
requirements of Section 6.10(a) are met. This Financial Accountability
Milestone shall be considered complete as of the date identified in a
Quarterly Progress Report meeting the requirements of Section 6.6(c).
---------------------------------------------------------------------------
* Effective [DATE], ``Customer Account Information'' as used in
the Financial Accountability Milestones (Initial Industry Member
Core Equity Reporting; Full Implementation of Core Equity Reporting;
Full Availability and Regulatory Utilization of Transactional
Database Functionality; and Full Implementation of CAT NMS Plan
Requirements) is no longer a defined term and has been superseded by
the new defined term ``Account Attributes''.
* Effective [DATE], ``Customer Identifying Information'' as used
in the Financial Accountability Milestones (Initial Industry Member
Core Equity Reporting; Full Implementation of Core Equity Reporting;
Full Availability and Regulatory Utilization of Transactional
Database Functionality; and Full Implementation of CAT NMS Plan
Requirements) is no longer a defined term and has been superseded by
the new defined term ``Customer Attributes''.
---------------------------------------------------------------------------
* * * * *
[``PII'' means personally identifiable information, including a
social security number or tax identifier number or similar information;
Customer Identifying Information and Customer Account Information.]
* * * * *
``Transformed Identifier'' or ``TID'' means the transformed version
of the individual tax payer identification number (``ITIN'') or social
security number (``SSN'') submitted by Industry Members in place of an
ITIN or SSN.
* * * * *
Article VI
Functions and Activities of CAT System
* * * * *
Section 6.2. Chief Compliance Officer and Chief Information Security
Officer
* * * * *
(a) Chief Compliance Officer.
* * * * *
(v) The Chief Compliance Officer shall:
* * * * *
(C) in collaboration with the Chief Information Security Officer,
and consistent with Appendix D, Data
[[Page 12854]]
Security, and any other applicable requirements related to data
security[,] and Customer and Account Attributes[Information and
Customer Identifying Information], identify and assist the Company in
retaining an appropriately qualified independent auditor (based on
specialized technical expertise, which may be the Independent Auditor
or subject to the approval of the Operating Company by Supermajority
Vote, another appropriately qualified independent auditor), and in
collaboration with such independent auditor, create and implement an
annual audit plan (subject to the approval of the Operating Committee),
which shall at a minimum include a review of all Plan Processor
policies, procedures and control structures, and real time tools that
monitor and address data security issues for the Plan Processor and the
Central Repository;
* * * * *
(b) Chief Information Security Officer.
* * * * *
(v) Consistent with Appendices C and D, the Chief Information
Security Officer shall be responsible for creating and enforcing
appropriate policies, procedures, and control structures to monitor and
address data security issues for the Plan Processor and the Central
Repository including:
* * * * *
(F) [PII]Customer and Account Attributes data requirements,
including the standards set forth in Appendix D, [PII]Customer and
Account Attributes Data Requirements;
* * * * *
Section 6.4. Data Reporting and Recording by Industry Members
* * * * *
(d) Required Industry Member Data.
* * * * *
(ii) Subject to Section 6.4(c) and Section 6.4(d)(iii) with respect
to Options Market Makers, and consistent with Appendix D, Reporting and
Linkage Requirements, and the Technical Specifications, each
Participant shall, through its Compliance Rule, require its Industry
Members to record and report to the Central Repository the following,
as applicable (``Received Industry Member Data'' and collectively with
the information referred to in Section 6.4(d)(i) ``Industry Member
Data''):
* * * * *
(C) for original receipt or origination of an order, the Firm
Designated ID for the relevant Customer, and in accordance with Section
6.4(d)(iv), Customer and Account Attributes [Information and Customer
Identifying Information] for the relevant Customer; and
* * * * *
Section 6.10. Surveillance
* * * * *
(c) Use of CAT Data by Regulators.
* * * * *
(ii) Extraction of CAT Data shall be consistent with all permission
rights granted by the Plan Processor. All CAT Data returned shall be
encrypted, and [PII]Customer and Account Attributes data shall be
masked unless users have permission to view the CAT Data that has been
requested.
* * * * *
Appendix D
CAT NMS Plan Processor Requirements
* * * * *
4. Data Security
4.1 Overview
* * * * *
The Plan Processor must provide to the Operating Committee a
comprehensive security plan that covers all components of the CAT
System, including physical assets and personnel, and the training of
all persons who have access to the Central Repository consistent
with Article VI, Section 6.1(m). The security plan must be updated
annually. The security plan must include an overview of the Plan
Processor's network security controls, processes and procedures
pertaining to the CAT Systems. Details of the security plan must
document how the Plan Processor will protect, monitor and patch the
environment; assess it for vulnerabilities as part of a managed
process, as well as the process for response to security incidents
and reporting of such incidents. The security plan must address
physical security controls for corporate, data center, and leased
facilities where Central Repository data is transmitted or stored.
The Plan Processor must have documented ``hardening baselines'' for
systems that will store, process, or transmit CAT Data or
[PII]Customer and Account Attributes data.
* * * * *
4.1.2 Data Encryption
* * * * *
Storage of unencrypted [PII]Customer and Account Attributes data
is not permissible. [PII]Customer and Account Attributes encryption
methodology must include a secure documented key management strategy
such as the use of HSM(s). The Plan Processor must describe how
[PII]Customer and Account Attributes encryption is performed and the
key management strategy (e.g., AES-256, 3DES).
* * * * *
4.1.4 Data Access
The Plan Processor must provide an overview of how access to
[PII]Customer and Account Attributes and other CAT Data by Plan
Processor employees and administrators is restricted. This overview
must include items such as, but not limited to, how the Plan
Processor will manage access to the systems, internal segmentation,
multi-factor authentication, separation of duties, entitlement
management, background checks, etc.
* * * * *
Any login to the system that is able to access [PII]Customer and
Account Attributes data must follow [non-PII ]password rules for
data that does not constitute Customer and Account Attributes and
must be further secured via multi-factor authentication (``MFA'').
The implementation of MFA must be documented by the Plan Processor.
MFA authentication capability for all logins is required to be
implemented by the Plan Processor.
* * * * *
4.1.6 [PII] Customer and Account Attributes Data Requirements
[PII]Customer and Account Attributes data must not be included
in the result set(s) from online or direct query tools, reports or
bulk data extraction. Instead, results will display existing [non-
PII] unique identifiers (e.g., Customer-ID or Firm Designated ID)
that do not constitute Customer and Account Attributes. The
[PII]Customer and Account Attributes corresponding to these
identifiers can be gathered using the [PII]Customer and Account
Attributes workflow described in Appendix D, Data Security,
[PII]Customer and Account Attributes Data Requirements. By default,
users entitled to query CAT Data are not authorized for [PII] access
to Customer and Account Attributes. The process by which someone
becomes entitled for [PII] access to Customer and Account
Attributes, and how they then go about accessing [PII]Customer and
Account Attributes data, must be documented by the Plan Processor.
The chief regulatory officer, or other such designated officer or
employee at each Participant must, at least annually, review and
certify that people with [PII] access to Customer and Account
Attributes have the appropriate level of access for their role.
Using the RBAC model described above, access to [PII]Customer
and Account Attributes data shall be configured at the [PII
attribute]Customer and Account Attribute level, following the
``least privileged'' practice of limiting access as much as
possible.
[PII]Customer and Account Attributes data must be stored
separately from other CAT Data. It cannot be stored with the
transactional CAT Data, and it must not be accessible from public
internet connectivity. A full audit trail of [PII] access to
Customer and Account Attributes (who accessed what data, and when)
must be maintained. The Chief Compliance Officer and the Chief
Information Security Officer shall have access to daily
[PII]Customer and Account Attributes reports that list all users who
are entitled for [PII] access to Customer and Account Attributes, as
well as the audit trail of all [PII] access to Customer and Account
[[Page 12855]]
Attributes that has occurred for the day being reported on.
* * * * *
6.2 Data Availability Requirements
* * * * *
Figure B: Customer and Account Attributes[Information (Including
PII)]
[GRAPHIC] [TIFF OMITTED] TN19MR25.021
CAT [PII]Customer and Account Attributes data must be processed
within established timeframes to ensure data can be made available
to Participants' regulatory staff and the SEC in a timely manner.
Industry Members submitting new or modified Customer information
must provide it to the Central Repository no later than 8:00 a.m.
Eastern Time on T+1. The Central Repository must validate the data
and generate error reports no later than 5:00 p.m. Eastern Time on
T+1. The Central Repository must process the resubmitted data no
later than 5:00 p.m. Eastern Time on T+4. Corrected data must be
resubmitted no later than 5:00 p.m. Eastern Time on T+3. The Central
Repository must process the resubmitted data no later than 5:00 p.m.
Eastern Time on T+4. Corrected data must be available to regulators
no later than 8:00 a.m. Eastern Time on T+5.
Customer information that includes [PII]Customer and Account
Attributes data must be available to regulators immediately upon
receipt of initial data and corrected data, pursuant to security
policies for retrieving [PII]Customer and Account Attributes.
* * * * *
8. Functionality of the CAT System
8.1 Regulator Access
* * * * *
8.1.1 Online Targeted Query Tool
* * * * *
The tool must provide a record count of the result set, the date
and time the query request is submitted, and the date and time the
result set is provided to the users. In addition, the tool must
indicate in the search results whether the retrieved data was linked
or unlinked (e.g., using a flag). In addition, the online targeted
query tool must not display any [PII]Customer and Account Attributes
data. Instead, it will display existing [non-PII] unique identifiers
(e.g., Customer-ID or Firm Designated ID) that do not constitute
Customer and Account Attributes. The [PII]Customer and Account
Attributes corresponding to these identifiers can be gathered using
the [PII]Customer and Account Attributes workflow described in
Appendix D, Data Security, [PII]Customer and Account Attributes Data
Requirements. The Plan Processor must define the maximum number of
records that can be viewed in the online tool as well as the maximum
number of records that can be downloaded. Users must have the
ability to download the results to .csv, .txt, and other formats, as
applicable. These files will also need to be available in a
compressed format (e.g., .zip, .gz). Result sets that exceed the
maximum viewable or download limits must return to users a message
informing them of the size of the result set and the option to
choose to have the result set returned via an alternate method.
* * * * *
8.1.3 Online Targeted Query Tool Access and Administration
Access to CAT Data is limited to authorized regulatory users
from the Participants and the SEC. Authorized regulators from the
Participants and the SEC may access all CAT Data, with the exception
of [PII]Customer and Account Attributes data. A subset of the
authorized regulators from the Participants and the SEC will have
permission to access and view [PII]Customer and Account Attributes
data. The Plan Processor must work with the Participants and SEC to
implement an administrative and authorization process to provide
regulator access. The Plan Processor must have procedures and a
process in place to verify the list of active users on a regular
basis.
A two-factor authentication is required for access to CAT Data.
[PII]Customer and Account Attributes data must not be available via
the online targeted query tool or the user-defined direct query
interface.
8.2 User-Defined Direct Queries and Bulk Extraction of Data
The Central Repository must provide for direct queries, bulk
extraction, and download of data for all regulatory users. Both the
user-defined direct queries and bulk extracts will be used by
regulators to deliver large sets of data that can then be used in
internal surveillance or market analysis applications. The data
extracts must use common industry formats.
Direct queries must not return or display [PII]Customer and
Account Attributes data. Instead, they will return existing [non-
PII] unique identifiers (e.g., Customer-ID or Firm Designated ID)
that do not constitute Customer and Account Attributes. The [PII]
Customer and Account Attributes corresponding to these identifiers
can be gathered using the [PII]Customer and Account Attributes
workflow described in Appendix D, Data Security, [PII]Customer and
Account Attributes Data Requirements.
* * * * *
8.2.2 Bulk Extract Performance Requirements
* * * * *
Extraction of data must be consistently in line with all
permissioning rights granted by the Plan Processor. Data returned
must be encrypted, password protected and sent via secure methods of
transmission. In addition, [PII]Customer and Account Attributes data
must be masked unless users have permission to view the data that
has been requested.
* * * * *
[[Page 12856]]
9. CAT Customer and [Customer] Account Attributes [Information]
9.1 Customer and [Customer] Account Attributes [Information] Storage
The CAT must capture and store Customer and [Customer] Account
Attributes[Information] in a secure database physically separated
from the transactional database. The Plan Processor will maintain
certain information [of sufficient detail to uniquely and
consistently identify] attributed to each Customer across all CAT
Reporters, and associated accounts from each CAT Reporter. [The
following attributes, a]At a minimum, the CAT must capture
Transformed Identifiers.[be captured:]
<bullet> [Social security number (SSN) or Individual Taxpayer
Identification Number (ITIN);]
<bullet> [Date of birth;]
<bullet> [Current name;]
<bullet> [Current address;]
<bullet> [Previous name; and]
<bullet> [Previous address.]
For legal entities, the CAT must capture Legal Entity
Identifiers (LEIs) (if available).[the following attributes:]
<bullet> [Legal Entity Identifier (LEI) (if available);]
<bullet> [Tax identifier;]
<bullet> [Full legal name; and]
<bullet> [Address.]
The Plan Processor must maintain valid Customer and [Customer]
Account Attributes[Information] for each trading day and provide a
method for Participants' regulatory staff and the SEC to easily
obtain historical changes to that information[ (e.g., name changes,
address changes, etc.)].
[The Plan Processor will design and implement a robust data
validation process for submitted Firm Designated ID, Customer
Account Information and Customer Identifying Information, and must
continue to process orders while investigating Customer information
mismatches. Validations should:
<bullet> Confirm the number of digits on a SSN,
<bullet> Confirm date of birth, and
<bullet> Accommodate the situation where a single SSN is used by
more than one individual.]
The Plan Processor will use the [Customer information]
Transformed Identifier submitted by all broker-dealer CAT Reporters
to the isolated CCID Subsystem to assign a unique Customer-ID for
each Customer. The Customer-ID must be consistent across all broker-
dealers that have an account associated with that Customer. This
unique CAT-Customer-ID will not be returned to CAT Reporters and
will only be used internally by the CAT.
Broker-Dealers will initially submit full account lists for all
active accounts to the Plan Processor and subsequently submit
updates and changes on a daily basis. In addition, the Plan
Processor must have a process to periodically receive full account
lists to ensure the completeness and accuracy of the account
database. The Central Repository must support account structures
that have multiple account owners and associated Customer
information (joint accounts, managed accounts, etc.), and must be
able to link accounts that move from one CAT Reporter to another
(e.g., due to mergers and acquisitions, divestitures, etc.).
* * * * *
9.2 Required Data Attributes for Customer Information Data Submitted by
Industry Members
At a minimum, the following Customer information data attributes
must be accepted by the Central Repository:
<bullet> [Account Owner Name;]
<bullet> [Account Owner Mailing Address;]
<bullet> [Account Tax Identifier (SSN, TIN, ITN)] Transformed
Identifier (with respect to individuals) or EIN (with respect to
legal entities);
<bullet> Market Identifiers (Larger Trader ID, LEI);
<bullet> Type of Account;
<bullet> Firm Identifier Number;
[cir] The number that the CAT Reporter will supply on all orders
generated for the Account;
<bullet> Prime Broker ID;
<bullet> Bank Depository ID; and
<bullet> Clearing Broker.
* * * * *
9.3 Customer-ID Tracking
The Plan Processor will assign a CAT-Customer-ID for each unique
Customer. The Plan Processor will [determine] generate and assign a
unique CAT-Customer-ID [using information such as SSN and DOB for
natural persons or entity identifiers for Customers that are not
natural persons and will resolve discrepancies] for each Transformed
Identifier submitted by broker-dealer CAT Reporters to the isolated
CCID Subsystem. Once a CAT-Customer-ID is assigned, it will be added
to each linked (or unlinked) order record for that Customer.
Participants and the SEC must be able to use the unique CAT-
Customer-ID to track orders from any Customer or group of Customers,
regardless of what brokerage account was used to enter the order.
* * * * *
9.4 Error Resolution for Customer Data
[The Plan Processor must design and implement procedures and
mechanisms to handle both minor and material inconsistencies in
Customer information. The Central Repository needs to be able to
accommodate minor data discrepancies such as variations in road name
abbreviations in searches. Material inconsistencies such as two
different people with the same SSN must be communicated to the
submitting CAT Reporters and resolved within the established error
correction timeframe as detailed in Section 8.]
The Central Repository must have an audit trail showing the
resolution of all errors. The audit trail must, at a minimum,
include the:
<bullet> CAT Reporter submitting the data;
<bullet> Initial submission date and time;
<bullet> Data in question or the ID of the record in question;
<bullet> Reason identified as the source of the issue[, such
as:];
[cir] [duplicate SSN, significantly different Name;]
[cir] [duplicate SSN, different DOB;]
[cir] [discrepancies in LTID; or]
[cir] [others as determined by the Plan Processor;]
<bullet> Date and time the issue was transmitted to the CAT
Reporter, included each time the issue was re-transmitted, if more
than once;
<bullet> Corrected submission date and time, including each
corrected submission if more than one, or the record ID(s) of the
corrected data or a flag indicating that the issue was resolved and
corrected data was not required; and
<bullet> Corrected data, the record ID, or a link to the
corrected data.
* * * * *
9.5 Deletion From CAIS of Certain Reported Customer Data
Notwithstanding any other provision of the CAT NMS Plan, this
Appendix D, or the Exchange Act, CAT LLC shall direct the Plan
Processor to develop and implement a mechanism to delete from CAIS,
or otherwise make inaccessible to regulatory users, the following
data attributes: Customer name, Customer address, account name,
account address, authorized trader names list, account number, day
of birth, month of birth, year of birth, and ITIN/SSN. For the
avoidance of doubt, such data attributes do not constitute records
that must be retained under Exchange Act Rule 17a-1. CAT LLC or the
Plan Processor shall be permitted to delete any such information
that has been improperly reported by an Industry Member to the
extent that either becomes aware of such improper reporting through
self-reporting or otherwise.
* * * * *
10. User Support
10.1 CAT Reporter Support
* * * * *
The Plan Processor must develop tools to allow each CAT Reporter
to:
* * * * *
<bullet> Manage Customer and [Customer] Account
Attributes[Information];
* * * * *
10.3 CAT Help Desk
* * * * *
CAT Help Desk support functions must include:
* * * * *
<bullet> Supporting CAT Reporters with data submissions and data
corrections, including submission of Customer and [Customer] Account
Attributes[Information];
* * * * *
[FR Doc. 2025-04516 Filed 3-18-25; 8:45 am]
BILLING CODE 8011-01-P
</pre><script data-cfasync="false" src="/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js"></script></body>
</html>Indexed from Federal Register on March 19, 2025.
This is legal information, not legal advice. Laws vary by jurisdiction and change frequently. Always verify current law with official sources and consult a licensed attorney in your jurisdiction for advice on your specific situation.