The Consolidated Audit Trail plan was finally approved by the SEC in November, and the contract to build it was awarded to HFT technology company Thesys in January. The plan calls for the collection of order message data from exchanges to start in November 2017, from large brokers in November 2018, and from all brokers in November 2019.
But the CAT plan stops short of specifying what will be done with all that data once it is collected and is available in one place. Who will be responsible for sifting through it to look for spoofing and layering and other forms of manipulation? A subcommittee of the SEC’s Equity Market Structure Advisory Committee has been discussing this topic, and released a report and presented a panel discussion on it at the EMSAC’s April 5th meeting.
The panelists and EMSAC members who do the most trading (Jamil Nazarali from Citadel, Brett Redfearn from JP Morgan) are concerned that if each exchange is given access to the full CAT data set, traders may receive overlapping and uncoordinated regulatory inquiries that will unnecessarily burden their compliance and legal teams. They want surveillance and enforcement authority to be centralized in a single regulator.
FINRA’s Tom Gira agreed. He would like FINRA to keep its current role as the market surveillance authority of record, saying what his team does now is “hyper technical” and could not be easily replicated by someone else.
The lone voice in favor of decentralizing surveillance authority was NYSE’s Chief Regulatory Officer Anthony Albanese. He criticized the slow procedures and lack of innovation during FINRA’s tenure, and said empowering the individual exchanges to conduct their own enforcement, as NYSE has done over the past 15 months, will result in faster and more efficient handling of cases and better innovation.
Finally Lev Bagramian of Better Markets questioned whether the exchanges should have enforcement authority at all due to the conflicts inherent in punishing their own customers. He agreed with FINRA and the large traders that authority should be centralized in a non-exchange entity.
The subcommittee’s written report advocates a hybrid approach, with the initial surveillance and detection function to be performed by multiple regulators each with access to the same CAT data set but using their own surveillance tools and techniques, and then for centralization to occur once investigations and enforcement begins based on what is detected at the surveillance stage. The exchanges would still be able to enforce prohibitions against disruptive trading practices on their own turf, a nod to the expedited suspension procedures for layering and spoofing recently enacted by BATS and Nasdaq.
The subcommittee is right to distinguish between detection and enforcement, but, looking at the current challenges, its solution for each is backwards.
The challenge to effective detection today is access to detailed data. FINRA does a good job squeezing everything it can out of the order messages it has access to (the ones sent to the exchanges), but those order messages are of limited value because they do not contain customer ID tags. This problem is being rectified by CAT, which will deliver customer ID-tagged order messages to the central repository. With that fix in place, any competent regulator should be able to effectively find manipulation events. Having multiple regulators surveilling the same data is unlikely to generate appreciably better results.
The challenge to effective enforcement today has been the slow pace of investigations. A recent spoofing enforcement proceeding filed in March 2017 noted that FINRA had first flagged the subject conduct in July 2012. The subject conduct continued unabated for most of the interceding years. Why does it take almost 5 years to get from flag to enforcement filing?
One answer is the lack of customer ID tags described above. Once FINRA finds a potential event, in order to find out who is responsible, it must manually request a more detailed version of the relevant order messages from the broker who sent them. This process can take a few months to complete, and this step will be unnecessary once CAT is live, so that should help FINRA move faster.
NYSE thinks they can do a better job. Albanese touted NYSE’s record in clearing a backlog of FINRA cases when it took back its enforcement powers from FINRA in late 2015. Along similar lines, BATS and Nasdaq have recently implemented expedited suspension procedures that allow them to suspend traders for spoofing or layering or other disruptive trading after a hearing to be held within 15 days of commencement of proceedings.
Looking at the current challenges, the benefits of injecting a little competition into the enforcement process, creating some urgency to move cases that have a track record of sitting for years, outweigh the potential harms of (a) the theoretical conflict of exchanges going easy on their customers, and (b) creating duplicative work for banks and market makers receiving overlapping requests from multiple exchanges.
The conflict issue can be managed by retaining the powers of FINRA and the SEC to take action when an exchange appears to be dragging its feet confronting a large customer, and the duplication issue can be managed by crediting penalties paid to one regulator in computing fines owed to another, and by some minimal coordination among enforcement lawyers.
If enforcement is decentralized, access to CAT will also have to be decentralized, as the enforcement lawyers will need CAT data to build their cases. It would defeat the purpose of empowering multiple enforcement entities if they all had to wait for a central surveillance entity to access the data they need to do their jobs. So even though multiple data watchers probably won’t find significantly more manipulation than one good data watcher, we still need multiple data watchers to fuel their affiliated enforcement programs.
Give them all the keys to the CAT.