By Lev Bagramian
Many in the financial services industry and their misguided allies have tried, and are still trying to kill the Consolidated Audit Trail (CAT). The CAT is a supercomputer and a massive database that will allow regulators like the Securities and Exchange Commission (SEC) to monitor our ever-evolving markets. The SEC would do good by investors to ensure that CAT’s roll-out plan is vigorously enforced. CAT is critically important to detect market abuses, identify wrong-doers, and gain a deeper understanding of how modern markets work and why they sometimes crash.
Just such a crash happened on May 6, 2010. During the “Flash Crash,” a single share of stock for Accenture, CenterPoint Energy, and Exelon plummeted to $0.01, while one share of Apple, HP and the auction house Sotheby’s skyrocketed up to $100,000. Nearly a trillion dollars of stock market value was temporarily wiped from investors’ portfolios. This confidence-shattering event took about 18 minutes to unfold, but took many months for regulators to reconstruct and understand and, even now, many questions remain about what really happened.
While the Flash Crash may have been unique thus far in its severity, it wasn’t a one-off. There have been several other significant “mini” flash crashes since: on October 15, 2014, we saw extreme volatility in Treasury markets and on August 24, 2014 another market “bungee-jump” caused the Dow to fall by more than 1,000 points before snapping back quickly.
After the Flash Crash, many in and out of Congress demanded that the SEC get better tools to analyze and, if possible, prevent such events, which would also fulfill its central mandates of protecting investors and maintaining the integrity of the markets. Hearings were held; speeches were delivered; blame was cast; reports were issued; and, promises were made. Ultimately, it took six years for the SEC to approve a final rule which, while far from perfect, did set in motion the building of a computerized audit trail of most activities in the securities markets which will enable roughly real-time analysis of market disruptions and anomalies like the Flash Crash.
In January 2017, a contractor was hired to build and operate this system. Today, the contractor has nearly completed the initial build according to the highest security standards, and exchanges were supposed to have begun reporting data into the CAT by last November 15, and broker-dealers (those who handle investor orders or otherwise trade in stocks and options) will have to begin reporting in the next two years.
But many in the industry, including many trading venues, broker-dealers and predatory high-frequency traders, are using the recent hack of the decades-old SEC computer system, EDGAR, as an excuse to kill the CAT. They argue that the SEC, which is statutorily charged to protect investors and make our securities markets fairer and less prone to manipulation, cannot be trusted with the vital data it needs to conduct audits or monitor the markets, and go after those who manipulate markets or defraud investors. In meetings with policymakers, they say that unless and until the securities regulators build an unrealistically impregnable system to house personally identifiable information (PII) that is critical to the workings of the CAT, they should not have access to the CAT.
In an even more disturbing move, the industry was pushing for legislation that will bar the operator of CAT from collecting any market data until the SEC builds those hacker-proof systems. That would have the effect of killing the CAT, since such a delay would render the system obsolete before it is ever turned on. It is worth noting that the industry is loath to impose similarly high IT security standards on itself before collecting PII from clients and investors.
In November of last year, the consortium that drafted the CAT NMS plan and is responsible for its implementation requested a one year extension, citing implementation difficulties and delays. Fortunately, under the leadership of Chairman Jay Clayton, the SEC rejected such delays. We wrote to Chairman Clayton supporting his decision, and calling on him to ensure that Plan Participants don’t sabotage the implementation of the CAT by delaying their reporting. The CAT consortium, during a December 19, 2017 update, promised to continue onwards with the implementation. It is critically important for the SEC, the investing public and the integrity of the markets to hold the consortium, and the individual firms and exchanges who are members of the CAT NMS plan, accountable to this timeline.
Today, our cops on the Wall Street beat still lack the tools to understand market abnormalities and to quickly find and punish manipulators. It took more than five years for the government to find and bring a case against an alleged perpetrator of the May 2010 Flash Crash. That was years after an exhaustive study by regulators that failed to identify any perpetrators or that any wrongdoing had been done by anyone.
Such crashes will happen again, and it should be in the interest of policymakers and all responsible industry participants to arm regulators with effective tools against such events. Many market participants are never going to support the CAT or want it to be effective. There are also too many who profit from the opaqueness and the chaotic nature of today’s markets; they will always resist any attempts by policymakers to bring transparency and enforce the rule-of-law. Regulators and policymakers should know better. They should act in the interest of long-term investors and support long-overdue market surveillance tools that enable protecting Mr. and Mrs. 401(k).