Joint Industry Plan; Notice of Filing of Amendment No. 1, and Order Instituting Proceedings To Determine Whether To Approve or Disapprove an Amendment to the National Market System Plan Governing the Consolidated Audit Trail, as Modified by Amendment No. 1, Regarding the Customer and Account Information System

1 week ago 1

I. Introduction

On March 7, 2025, the Consolidated Audit Trail, LLC (“CAT LLC”), on behalf of the following parties to the National Market System Plan Governing the Consolidated Audit Trail (the “CAT NMS Plan” or “Plan”): ^[1] BOX Exchange LLC, Cboe BYX Exchange, Inc., Cboe BZX Exchange, Inc., Cboe C2 Exchange, Inc., Cboe EDGA Exchange, Inc., Cboe EDGX Exchange, Inc., Cboe Exchange, Inc., Financial Industry Regulatory Authority, Inc., Investors Exchange LLC, Long-Term Stock Exchange, Inc., MEMX, LLC, Miami International Securities Exchange LLC, MIAX Emerald, LLC, MIAX PEARL, LLC, MIAX Sapphire, LLC, Nasdaq BX, Inc., Nasdaq GEMX, LLC, Nasdaq ISE, LLC, Nasdaq MRX, LLC, Nasdaq PHLX LLC, The NASDAQ Stock Market LLC, New York Stock Exchange LLC, NYSE American LLC, NYSE Arca, Inc., NYSE Chicago, Inc., and NYSE National, Inc. (collectively, the “Participants”) filed with the Securities and Exchange Commission (“Commission”) pursuant to Section 11A(a)(3) of the Securities Exchange Act of 1934 (“Exchange Act”),^[2] and Rule 608 thereunder,^[3] a proposed amendment to the CAT NMS Plan to reduce the amount of Customer ^[4] information in the CAT Customer and Account Information System (“CAIS”) (the “Proposal”).^[5] The Proposal was published for comment in the Federal Register on March 19, 2025 (“Notice” or the “Proposed Amendment”).^[6] The Commission has received comments on the Proposed Amendment.^[7]

On May 28, 2025, the Participants filed Amendment No. 1 to the Proposed Amendment (“Amendment No. 1”),^[8] as set forth in Item II.B. The Commission is publishing this notice to solicit comments on the Proposed Amendment, as modified by Amendment No. 1, and is instituting proceedings, under Rule 608(b)(2)(i) of Regulation NMS,^[9] to determine whether to disapprove the Proposed Amendment, as modified by Amendment No. 1, or to approve the Proposed Amendment, as modified by Amendment No. 1, with any changes or subject to any conditions the Commission deems necessary or appropriate.

II. Proposed CAIS Amendments

A. Summary of March 7, 2025 Proposed Amendment ^[10]

On March 7, 2025, the Participants proposed to amend the CAT NMS Plan to (i) incorporate and codify the Commission's 2020 exemptive order relating to the reporting of Social Security Numbers (“SSNs”)/Individual Tax ID numbers (“ITINs”), dates of birth, and account numbers to the CAT,^[11] and (ii) eliminate requirements that Industry Members ^[12] report Customer names, Customer addresses, account names, account addresses, years of birth, and authorized trader names (collectively, “Name, Address, and YOB”) to the CAT ((i) and (ii), together, the “Proposed Changes”). The Proposed Changes would apply to all Customers—including all natural person Customers and all legal entity Customers—at both the Customer and account level. The Participants initially represented that the Proposed Changes would allow CAT LLC to achieve an overall cost savings of approximately $12 million per year as compared to the 2024 actual budget, but the overall cost savings estimate changed in Amendment No. 1 to $7-$9 million.^[13]

The CCID Exemption Order that the Participants propose to incorporate and codify into the Proposed Amendment allowed the Plan Processor ^[14] to generate a unique identifier for a Customer, called a CAT Customer-ID (“CCID”), using a two-phase transformation process that avoids the requirement to have SSNs/ITINs reported to the CAT as originally contemplated by Rule 613 and the CAT NMS Plan. In addition, instead of reporting dates of birth and account numbers, the CCID Exemption Order permitted Industry Members to report YOB and FDIDs.^[15] The Participants stated that the Proposed Amendment would go further than the CCID Exemption Order by also eliminating Name, Address, and YOB from the CAT for all Customers while preserving one of the primary objectives of the CAT, i.e., the ability for regulators to conduct cross-market surveillance of a specific Customer.^[16]

The Participants stated that on February 10, 2025, the Commission issued an exemption order ^[17] sua sponte, granting exemptive relief from certain requirements of the CAT NMS Plan related to the reporting of names, addresses, and YOB for natural persons reported with transformed SSNs or ITINs to CAIS.^[18] The Participants stated that they believe there are additional steps that would reduce the amount of Customer information in the CAT.^[19] The Participants stated that they understand that the CAIS Exemption Order is permissive and only applies to for natural persons reported with transformed SSNs or ITINs to CAIS, and not to natural persons reported without transformed SSNs/ITINs, including foreign nationals, or legal entities. According to the Participants, the Proposed Amendment will fully and permanently eliminate the requirement to report Names, Addresses, and YOBs for all Customers to CAIS—including all natural person Customers and all legal entity Customers—while also allowing the Plan Processor to eliminate the software that is required to support regulatory queries of Name, Address, and YOB, which would result in significant annual cost savings.^[20] The Participants also stated that the CAIS Exemption Order only applies to the reporting of such Customer information after of the date of the order, and only to the extent that Industry Members choose to discontinue reporting such exempted Customer information. The Participants further stated that the CAIS Exemption Order does not address the deletion of existing, previously reported Customer information currently stored in CAIS. The Participants stated that the Proposed Amendment would therefore build on the CAIS Exemption Order by (1) prohibiting the submission to CAIS of Names, Addresses, and YOBs for all natural person and legal entity Customers; and (2) requiring CAT LLC to direct the Plan Processor to delete from CAIS all Name, Address, and YOBs currently stored in the CAT.^[21]

B. Notice and Description of Amendment No. 1

Set forth in this Section II.B. is the description of the proposed Amendment No. 1, along with information required by Rule 608(a) under the Exchange Act,^[22] as prepared and submitted by the Participants to the Commission.^[23]

1. Revisions and Technical Changes to the Proposed Amendment

CAT LLC is proposing certain revisions and technical changes to the Proposed Amendment based on the comments received to date and ongoing discussions with the Plan Processor related to the Proposed Amendment. Exhibit A sets forth the cumulative changes proposed to be made to the existing CAT NMS Plan. Exhibit B sets forth the proposed additional revisions against the Proposed Amendment. These revisions are described below.

a. Renaming of the “Customer and Account Information System” (“CAIS”) to the “Reference Database”; Revisions to Certain Defined Terms to More Accurately Describe the Information Reported to CAT Under the Proposed Amendment

As described in the Proposal, the Proposed Amendment would add a new defined term “CAIS” to the CAT NMS Plan that would refer to the existing customer and account information system of CAT. Upon further evaluation and consideration of comments, CAT LLC has determined that the “CAIS” and “customer and account information system” terminology would be outdated and ill-suited given the limited nature and scope of data that would be collected under the Proposed Amendment. This terminology was predicated on concepts relating to the ( printed page 26639) collection of PII that would no longer accurately describe this database.^[24]

Accordingly, to avoid confusion and to make very clear that the Proposed Amendment fundamentally is intended to eliminate sensitive customer and account information from the CAT, CAT LLC is now proposing to change the proposed defined term “CAIS” to “Reference Database,” which more accurately describes the limited nature, scope, and function of this database as a result of eliminating the requirement for Industry Members to report Customer names, Customer addresses, account names, account addresses, years of birth, and authorized trader names (collectively, “Name, Address, and YOB”) to CAT. CAT LLC believes that it would be more accurate to use the term “Reference Database” because, while this database would continue to exist separate from the transactional database, following the implementation of the Proposed Amendment, its function will be to implement the core functionality that manages the association between CCIDs and Firm Designated IDs (“FDIDs”), which allows regulatory users to associate a unique CCID with transaction data.

Relatedly, as originally proposed, the Proposed Amendment also would have changed the defined terms “Customer Account Information” and “Customer Identifying Information” to “Account Attributes” and “Customer Attributes,” respectively. To align with the new defined term “Reference Database” described above, CAT LLC is now proposing to change the defined term “Account Attributes” to “Account Reference Data,” and the defined term “Customer Attributes” to “Customer Reference Data.” CAT LLC also proposes to change the defined term “Customer and Account Attributes” that is described in the Proposal to “Reference Data” consistent with the change described above.^[25] Subject to the technical change related to “customer type” described in Section I.B below, these changes in nomenclature are solely to more accurately reflect the limited nature of the data that would be reported to CAT and would not impact the substance of the defined terms “Account Attributes,” “Customer Attributes,” and “Customer and Account Attributes,” as they are described in the Proposal. As discussed below, Exhibit C to this letter identifies the limited fields under the CAT Reporting Customer & Account Technical Specifications for Industry Members (the “CAIS Technical Specifications”) that would be retained if the Proposed Amendment is approved.^[26]

b. Technical Revisions to the Proposed Amendment

CAT LLC is proposing three technical revisions to the Proposed Amendment based on further discussions with the Plan Processor.

First, CAT LLC proposes to move the reference to “customer type” in the definition of “Account Reference Data” to the definition of “Customer Reference Data” ^[27] to more accurately reflect that “customer type” relates to customers as opposed to accounts, and that under the current CAIS Technical Specifications the customerType field is associated to the customer record as opposed to the FDID ( i.e., account) record.

Second, CAT LLC proposes to change the reference to “Firm Identifier Number” in Section 9.2 of Appendix D to “Firm Designated ID” (which is a defined term and does not appear anywhere else in the CAT NMS Plan) to more accurately capture the information that this section describes as the “number that the CAT Reporter will supply on all orders generated for the Account.”

Third, CAT LLC proposes to add the phrase “including, but not limited to” to the proposed definition of newly proposed term “Transformed Identifier” to clarify that the list of input identifiers used to identify unique customers that follows in this definition is non-exhaustive.^[28]

These technical revisions are reflected in Exhibit A and Exhibit B to this letter.

c. Revisions to Certain Plan Requirements Following Elimination of “PII”

As described in the Proposal, the Proposed Amendment originally would have deleted the existing defined term “PII” and simply replaced it with the new defined term “Customer and Account Attributes” throughout the CAT NMS Plan. CAT LLC is proposing two changes from this original proposal. First, as described in Section I.A above, CAT LLC now proposes to change the defined term “Customer and Account Attributes” to “Reference Data.” Second, based on further discussions with the Chief Information Security Officer (“CISO”) and the Plan Processor, in lieu of simply replacing “PII” with “Reference Data” throughout the CAT NMS Plan, CAT LLC is proposing more targeted revisions to Sections 6.2(b)(v)(F) and 6.10(c)(ii), and Appendix D, Sections 4.1; 4.1.2; 4.1.4; 4.1.6; 8.1.1; 8.1.3; 8.2; and 8.2.2, as summarized below.

The CAT NMS Plan generally provides that the Plan Processor is responsible for the security and confidentiality of all CAT Data and establishes comprehensive data security requirements. In addition, the CAT NMS Plan distinguishes PII from other forms of CAT Data and requires “additional levels of protection for PII”.^[29] The CISO has informed CAT LLC that it would be incongruent to apply these PII-specific requirements to Reference Data given that the particularly sensitive data that these requirements were designed to protect— e.g., Customer name, Customer address, account name, account address, authorized trader names list, account number, day of birth, month of birth, year of birth, and ITIN/SSN—would be eliminated under the Proposed Amendment, and given the security and confidentiality requirements that continue to apply to CAT Data in general. In addition, existing provisions relating to general data security requirements would continue to apply to Reference Data. The proposed revisions are reflected in Exhibit A and Exhibit B to this letter and are summarized below.

Section 6.2(b)(v)(F) would be revised to eliminate the requirement that the CISO create and enforce ( printed page 26640) appropriate policies, procedures, and control structures to monitor and address data security issues specifically with respect to “PII data requirements, including the standards set forth in Appendix D, PII Data Requirements” (without otherwise affecting general data security requirements that would continue to apply to Reference Data).
Section 6.10(c)(ii) would be revised to eliminate the requirement that “PII data shall be masked unless users have permission to view the CAT Data that has been requested.” This masking restraint was designed specifically for PII data and would be incongruent in the context of Reference Data.
Appendix D, Section 4.1 would be revised to eliminate the phrase “or PII data” from the requirement that “[t]he Plan Processor must have documented `hardening baselines' for systems that will store, process, or transmit CAT Data or PII data.” It is redundant to specifically identify Reference Data (which is already encompassed by the general reference to CAT Data) in this provision.
Appendix D, Section 4.1.2 would be revised to eliminate the following provisions: “Storage of unencrypted PII data is not permissible. PII encryption methodology must include a secure documented key management strategy such as the use of HSM(s). The Plan Processor must describe how PII encryption is performed and the key management strategy ( e.g., AES-256, 3DES).” It is redundant to apply these same provisions specifically to Reference Data because Section 4.1.2 separately requires that “[a]ll CAT Data must be encrypted at rest and in flight using industry standard best practices ( e.g., SSL/TLS) including archival data storage methods such as tape backup,” and this requirement would not change.
Appendix D, Section 4.1.4 would eliminate certain express references to PII, and would clarify that any login to the system (without limitation to PII) must be secured via multi-factor authentication (“MFA”).
Appendix D, Section 4.1.6, which governs “PII Data Requirements,” would be eliminated in its entirety as these provisions would be incongruent in the context of Reference Data.
Appendix D, Section 8.1.1 would eliminate the following sentences: “In addition, the online targeted query tool must not display any PII data. Instead, it will display existing non-PII unique identifiers ( e.g., Customer-ID or Firm Designated ID). The PII corresponding to these identifiers can be gathered using the PII workflow described in Appendix D, Data Security, PII Data Requirements.” These provisions would be incongruent in the context of Reference Data.
Appendix D, Section 8.1.3 would delete certain express references to PII, including the requirement that “PII data must not be available via the online targeted query tool or the user-defined direct query interface.” These provisions would be incongruent in the context of Reference Data.
Appendix D, Section 8.2 would be revised to eliminate the requirement that “Direct queries must not return or display PII data. Instead, they will return existing non-PII unique identifiers ( e.g., Customer-ID or Firm Designated ID). The PII corresponding to these identifiers can be gathered using the PII workflow described in Appendix D, Data Security, PII Data Requirements.” These provisions would be incongruent in the context of Reference Data.
Appendix D, Section 8.2.2 would be revised to eliminate the requirement that “PII data must be masked unless users have permission to view the data that has been requested.” These provisions would be incongruent in the context of Reference Data. Notably, Section 8.2.2 separately provides that “[d]ata must be encrypted, password protected and sent via secure methods of transmission,” and this will continue to apply to Reference Data.

d. Elimination of Requirement To Report Employer Identification Numbers

In addition, CAT LLC is proposing to eliminate from the definition of “Customer Reference Data” the requirement to capture, with respect to legal entities, an Employer Identification Number (“EIN”).^[30]

Under the CCID Exemption Order,^[31] tax identifiers provide the basis for establishing a unique CCID for both natural person and legal entity Customers. For natural persons, Industry Members must generate a transformed identifier (“TID”) based on a Customer's social security number (“SSN”) or individual taxpayer identification number (“ITIN”) prior to submission,^[32] and only these TID values may be reported to CAT via the CCID Subsystem.^[33] For legal entities, however, the Industry Member must: (1) translate the EIN into a TID and report the TID value to the CCID Subsystem; and (2) submit the actual EIN as plain text (as required by the CAT NMS Plan) in the ein field on the legal entity customer record.

Because an EIN contains the same number of digits as a SSN and must be reported as plain text, there is the risk that an Industry Member could inappropriately report an individual's SSN in the ein field. Eliminating the ein field would eliminate the possibility of such improper reporting without any effect on the Plan Processor's ability to create a unique CCID, because Industry Members would continue to report the translated TID value (which is based on the EIN) to the CCID Subsystem. Even if the ein field is eliminated, regulators would retain the ability to search by EIN for a CCID value.

2. Additional Details Regarding Calculation of Estimated Cost Savings and One-Time Implementation Costs

CAT LLC is adjusting the prior cost savings estimates as described in the Proposal to reflect subsequent optimizations introduced by the Plan Processor. In addition, based on discussions with the Staff, CAT LLC is providing more detailed information regarding the calculation of the estimated cost savings as well as the one-time implementation costs payable to the Plan Processor.

In approving prior CAT LLC cost savings amendments, “[t]he Commission acknowledge[d] the necessity of using simplifying assumptions to generate estimates and that such assumptions can affect the precision of the estimates,” and that, even where the Commission identified potential issues with such assumptions that “could affect the magnitude of the cost estimates,” approval was warranted because “the cost savings will be meaningful regardless of these issues.” ^[34] CAT LLC believes that the cost savings under the Proposed Amendment will be meaningful, even if the magnitude of the estimated savings cannot be determined with absolute certainty.

Consistent with prior cost savings amendments, all cost savings estimates are based on reasonable assumptions related to, among other factors, the current state and costs of CAT operations; current CAT NMS Plan requirements; reporting by Participants, Industry Members and market data providers; observed data rates and volumes; current discounts, reservations, and cost savings plans; and ( printed page 26641) associated cloud fees. By their nature, cost savings estimates are subject to various assumptions and an inherent degree of uncertainty and, as such, actual future savings could be more or less than estimated due to changes in any of these variables. It is well established, however, that “[t]he Commission does not believe it is possible for the Participants to predict with certainty how the magnitude of each driver of CAT costs will change over time.” ^[35]

CAT LLC believes that the estimates and assumptions described below are reasonable and provide an adequate basis for the Commission to evaluate the costs and benefits of the Proposed Amendment. More broadly, CAT LLC believes that the cost savings are even more readily justified in this context, given that the Proposed Amendment is intended to codify and build on the Commission's determination in its own Exemption Order that Names, Addresses, and YOBs should be eliminated from the CAT.

a. Adjustments to Prior Cost Savings Estimates Due to Subsequent Optimizations

As described in the Proposal, the 2025 budget estimates CAIS-related costs of approximately $35.5 million, which includes: (1) $20.7 million in CAIS operating fees payable to the Plan Processor; ^[36] (2) $2.8 million in CAIS licensing fees payable to the Plan Processor; and (3) approximately $12 million in CAIS-related cloud hosting services fees ( i.e., AWS fees). The Proposal estimated approximately $10 to $12 million in savings attributable to a $5 million reduction in operating fees and a $5 to $7 million reduction in AWS fees. As noted in the Proposal, all cost savings projections are the Plan Processor's best estimates based on the current Proposed Amendment and are subject to change based on ongoing improvements to AWS that may reduce current AWS costs.

Following the submission of the Proposal, and as part of CAT LLC's ongoing efforts to manage costs, the Plan Processor deployed certain optimizations related to compute, storage and search indexing that are expected to immediately reduce existing CAIS-related cloud hosting fees by approximately $2.5 to $3.5 million annually from the original 2025 budget of $12 million, thereby impacting the estimated cost savings originally described in the Proposal.

As a result of these savings, the Proposed Amendment is now expected to save approximately $2 to $4 million in incremental AWS savings (versus $5 to $7 million as described in the Proposal prior to the optimizations) and approximately $7 to $9 million in overall costs (versus $10 to $12 million as described in the Proposal prior to the optimizations).^[37] The following chart summarizes estimated CAIS (Reference Database) costs: (1) under the original 2025 budget; (2) following the recent optimizations recently introduced by the Plan Processor and described above; and (3) if the Proposed Amendment is approved:

b. Calculation of Cost Savings Estimates and One-Time Implementation Costs

The Staff requested that CAT LLC provide more detailed information regarding the calculation of the estimated cost savings as well as the one-time implementation costs payable to the Plan Processor.

As noted above, all cost savings estimates are based on reasonable assumptions and are subject to inherent uncertainty; however, the Commission has previously acknowledged the “necessity of using simplifying assumptions to generate estimates and that such assumptions can affect the precision of the estimates.” ^[38] CAT LLC believes that the estimates and assumptions described below are reasonable and provide an adequate basis for the Commission to evaluate the costs and benefits of the Proposed Amendment.

Cost Savings Estimates. As detailed in the Proposal, the Proposed Amendment, if adopted, would reduce operating fees and cloud-hosting services fees.

First, the Plan Processor estimated that the Proposed Amendment could reduce its CAIS (Reference Database) operating fees by approximately $5 million per year if the Proposed Amendment is adopted. This $5 million reduction is based on the reduced work to operate, maintain and improve certain functionality and related indexes. As a result, CAIS (Reference Database) operating fees payable to the Plan Processor would be reduced from approximately $20.7 million to $15.7 million annually.

Second, subsequent to the recent optimizations detailed above, the Plan Processor now estimates that the Proposed Amendment would reduce CAIS- (Reference Database-) related cloud hosting fees by approximately $2 to $4 million annually. These cost savings are driven by eliminating requirements to process, store, and query on Name and Address and other free text data ( e.g., match functionality), since under the Proposed Amendment these elements will no longer be provided to the CAT. The reduction is primarily driven by the removal of search technology that allows regulators' searches to be “fuzzy” rather than exact matches, similar to how an internet search engine ranks results through a scoring mechanism ( e.g., currently, a search for “John” will also search for other variations such as “Jon” and “Jonathon”, a search for “St.” will also search for other permutations of ( printed page 26642) “Street”). Several indexes are built that include all the free text data elements to allow for this type of searching; under the Proposed Amendment, the cost of maintaining this functionality would be eliminated.

In addition, the Staff asked CAT LLC to explain why the $2.8 million in CAIS licensing fees payable to the Plan Processor would be unaffected by the Proposed Amendment. Based on discussions with the Plan Processor, while the Proposed Amendment would eliminate certain data attributes from CAIS ( i.e., the Reference Database), the licensing fee would be unchanged because the functionality of the licensed software underlying CAIS ( i.e., the Reference Database) would not be eliminated.

One-Time Implementation Costs. As detailed in the Proposal, the Plan Processor has estimated a one-time change request implementation fee of approximately $4.5 million to $5.5 million. As noted in the Proposal, one-time implementation costs will generally consist of Plan Processor labor costs associated with coding and software development, as well as any related cloud fees associated with the development, testing, and load testing of the proposed changes. Specifically, the Plan Processor would expect to undertake the following activities to implement the Proposed Amendment, if adopted:

Revise the Technical Specifications and guidance (e.g., FAQs) to remove the Name, Address, and YOB elements per the amendment.
Revise and update all the data collection, validation, and data processing to support these changes.
Design and implement new data structures and data storage/databases based on the changes in the amendment.
Revise and update the CAIS (i.e., Reference Database) portals and underlying application programming interfaces (APIs) in support of these changes.
Design and implement one-time data migration and relationships between accounts and customers into the new data structures, removing all the data elements that are to be removed per the amendment. (Such data migration will involve multiple rounds of testing and validation to ensure all data and relationships are migrated correctly.)
Remove the original data and data sets from all environments that contained the Name, Address, and YOB fields.

All activities would comply with Plan Processor policies and procedures including Change Management, Software Development Life Cycle (SDLC), Testing, Security and Operations. The effort for these activities includes data analysis, product, engineering, test, security, operations and business operations staff. The $4.5 to $5.5 million estimate is based on the Proposed Amendment as proposed and would be reflected in a change request that would be subject to CAT LLC approval, if the amendment is approved.

Industry Member Implementation Costs. In addition, the Staff requested information regarding the costs that would be borne by Industry Members if the Proposed Amendment is approved. CAT LLC understands that Industry Members would need to update their systems in order to stop reporting Customer Names, Addresses, and YOBs to the CAT; however, CAT LLC is not in a position to quantify such Industry Member costs. The FIF letter acknowledges that “Industry [M]embers will require time to update their systems to cease reporting PII to CAIS,” but nevertheless “FIF members support the proposed amendments.” ^[39]

3. Implementation

Based on discussions with the Staff, and in response to the FIF Letter, CAT LLC is providing more detailed information regarding how the Proposed Amendment would be implemented, if approved.

As a general matter, CAT LLC intends that any implementation schedule will be designed to allow the Plan Processor and Industry Members adequate time to finalize Technical Specifications and guidance, and to develop, test and implement the necessary changes to firm systems in order to comply with the Proposed Amendment. At a high level, subject to change based on discussions among the Participants, the Plan Processor, Industry Members, and the Staff if the amendment is approved, the Plan Processor initially contemplates a phased implementation schedule to include the following key phases:

Stop providing visibility to regulators of existing Names, Addresses, and YOBs in CAT—approximately 3 months from effective date;
Continue to accept submissions from Industry Members that include Names, Addresses, and YOBs, but stop processing any such information in CAT (such Customer information would remain on the as-submitted file)—approximately 3 months;
Reject any submissions from Industry Members that continue to include Names, Addresses, and YOBs (i.e., Industry Members would be prohibited from reporting these fields to CAIS)—approximately 6 months or more depending on the amount of time required for Industry Members to update their reporting systems;
Delete all existing Names, Addresses, and YOBs (as well as any other sensitive Customer data and information contemplated by the Proposed Amendment) from the CAT—approximately 9-12 months after the data migration is completed and verified; it will take approximately 2-3 months to permanently remove all the old data.

4. Additional Cost Savings Opportunities; Proposals to Retire CAIS

The FIF Letter notes that the 2025 budget includes approximately $35.5 million in total CAIS-related costs, and proposes that transforming CAIS from a regulatory database to a process dedicated to creating CCIDs could potentially yield additional cost savings as well as significantly simplify the footprint and design of CAT without any degradation in regulatory use.^[40] The NYSE Letter proposes that the CCID could be preserved either by keeping the CCID within the CAIS database or, alternatively, “CAIS could be eliminated in its entirety, provided that there is a transition period, where some form of CAIS persisted until an alternative effective and cost-efficient solution for CCIDs—or another unique customer identifier methodology—was implemented.” ^[41] Separately, Nasdaq and CBOE have petitioned the Commission to retire CAIS, noting that “[t]here are alternative solutions that would provide regulators with unique customer identifiers without requiring the collection of customer and account information.” ^[42]

As currently designed, in addition to creating unique CCIDs, the CAT System implements the functionality that associates unique CCIDs with individual order events based on reported FDIDs. ^[43] ( printed page 26643) This allows regulators the ability to identify a Customer's market activity across multiple exchanges, broker-dealers, and accounts, which was one of the critical innovations of the CAT. This approach was informed by significant discussion and was strongly supported by the industry.^[44] Under the Proposed Amendment, the Reference Database would continue to facilitate the relationship mapping of unique CCIDs to FDIDs and would preserve the CCID enrichment of transaction data.

CAT LLC understands that there may be additional proposals to eliminate the Reference Database entirely, which will require further analysis. The Proposed Amendment was approved and continues to be supported by a two-thirds vote of all of the Participants, as required by Section 12.3 of the CAT NMS Plan. As always, CAT LLC will continue to evaluate additional cost savings measures and alternatives. However, in light of the desire of many constituencies—including Participants, Industry Members, and the Commission itself—to eliminate Names, Addresses, and YOBs from the CAT, and given that the Proposed Amendment ultimately is designed to build on the Commission's own CCID Exemption Order, CAT LLC is hopeful that it can be considered and approved expeditiously.

III. Summary of Comments

One commenter opposes the Proposed Amendment, stating that granting the Proposed Amendment weakens the CAT by decreasing the amount of information it collects, therefore making it more difficult for the Commission to detect misconduct and identify the perpetrators.^[45] This commenter states that CAT's ability to capture a complete record of all information about orders, including the identity of customers, is key to its mission and removing that ability will force the Commission to revert to the “cumbersome process” used before the CAT to obtain identifying information about the parties involved in transactions.^[46] The commenter also states that the purported rationale for the Proposed Amendment—better safeguarding the individual's personal information—can be achieved through other means,^[47] and that eliminating personal information from the CAT will have minimal security benefits, as bad actors will still be able to access this information through hacks of the banks placing the retail trades.^[48]

In response, Participants state that the Proposed Amendment would not prevent regulators from determining the identity of persons involved in potential security violations.^[49] According to the Participants, the continued existence of the requirement of maintaining FDIDs and CCIDs within CAT will allow regulators to use the FDID and the CCID to identify the associated account, which will then allow them to determine identities by seeking the information from Industry Members as needed.^[50] Participants acknowledge that the speed with which the regulators can access the identity of those involved with a transaction at issue will be decreased, but believe that the CAIS Exemption Order already acknowledges this delay and concludes that it would be reasonable for regulators to rely on obtaining such information from Industry Members rather than the CAT.^[51] Participants further state that, based on their experience, the difference in the amount of time it takes to access the name of an investor in CAT versus the time to request and obtain a name from Industry Members would only rarely be an issue and would not materially impede examinations and investigations.^[52] Participants state that it is difficult to justify the substantial costs to maintain the Names, Addresses and YOBs in the CAT, as well as the security risks, for the limited regulatory utility, and state that the commenter fails to consider entirely the millions of dollars in cost savings by adopting the Proposed Amendment versus the perceived benefit of retaining the information in CAT.^[53]

Another commenter supports the Proposed Amendment, stating that its members support the deletion of previously reported personally identifiable information (“PII”), support excluding PII for all natural persons, including foreign natural persons who are not reported with transformed SSNs or ITINs, support permanently eliminating and prohibiting the reporting of PII to CAT subject to a two-phased implementation, support excluding PII for all legal entity customers since PII of natural persons (including names, addresses and dates of birth) is often included in CAIS records for legal entities, and support eliminating requirements relating to the handling of inconsistencies.^[54] This commenter recommends a two-phase implementation, with the first allowing Industry Members to continue to report fields that contain PII, but the CAIS system would not record or store those fields, and a second phase where all Industry Members would be prohibited from reporting PII. This commenter states that this implementation approach will give firms that need more time to update their systems the chance to do so, while allowing firms for whom it does not take as long to cease reporting faster.^[55] This commenter further recommends deletion of certain additional fields from CAIS.^[56]

This commenter also requests that both Participants and the Commission consider additional cost savings measures that could be associated with the PII removal. Specifically, the commenter questions whether the CAIS database could be eliminated entirely and any CAIS processes related to creating the CCIDs could be switched to the Transactions database, thereby eliminating potentially as much as $35.5 million in CAIS-related costs.^[57]

Participants acknowledge these suggestions, particularly the creation of a request and response system other than Electronic Blue Sheets (“EBS”) to associate CAT data with specific natural persons and legal entities.^[58] Participants state, however, that these suggestions are outside of the scope of the Proposed Amendment, and that the commenter's comments on EBS are better directed to the Commission.^[59]

In addition, with respect to the commenter's discussion of an implementation schedule, Participants provide some additional details regarding that schedule,^[60] stating that the intent of the schedule will be to allow the Plan Processor and Industry Members adequate time to finalize Technical Specifications and guidance, and to develop, test and implement the ( printed page 26644) necessary changes to firm system in order to comply with the Proposed Amendment.^[61]

Another commenter, who submitted their comment letter after the CAT LLC Response Letter, also supports the Proposed Amendment. This commenter states that the Proposed Amendment follows the CAIS Exemption Order, which the commenter supports because they both further the goal of eliminating the collection and storage of individual investors' PII in the CAT.^[62] The commenter states that its members have been opposed to the collection and storage of PII data by the CAT since its inception due to long-standing privacy and cyber security concerns related to CAT.^[63] The commenter also requests further guidance as to the Commission's expectation for the CAIS database because, without the PII stored in it, it would serve no purpose.^[64]

The commenter references its own prior submissions to the Commission suggesting development of a request-response system using CCIDs and FDIDs to allow regulators to request directly from a firm the identity of an investor engaged in potentially problematic trading.^[65] The commenter suggests that such a system—in which the regulator would submit an FDID and trade date(s) request through the CAT into a secure file transfer protocol (FTP) that would in turn direct that request to an Industry Member acting as a CAT reporter.^[66] The Industry Member would then retrieve the requested data and submit it, encrypted, back into the CAT control environment for the regulatory user to analyze and use the data.^[67] The commenter states the while the Commission noted the potential need for a request-response system in the CAIS Exemption Order, it did not direct its creation, and the Proposed Amendment is similarly silent.^[68] The commenter therefore calls for further guidance from the Commission on issues like the future of the CAIS and the potential creation of a request and response system.^[69]

The commenter states that certain of its members have raised concerns about whether the CCID could be viewed as another form of PII due to the current operation of the CAT system.^[70] Specifically, those members raise concerns that once a regulator knows the identity of an investor behind a CCID in connection with a trading review, the regulator could keep that information and be able to know and track the investor's trading activity in CAT, theoretically in perpetuity.^[71] The commenter does not, however, suggest any changes to the Proposed Amendment in connection with this concern.

IV. Proceedings To Determine Whether To Approve or Disapprove the Proposed Amendment

The Commission is instituting proceedings pursuant to Rule 608(b)(2)(i) of Regulation NMS,^[72] and Rules 700 and 701 of the Commission's Rules of Practice,^[73] to determine whether to disapprove the Proposed Amendment, as modified by Amendment No. 1, or to approve the Proposed Amendment, as modified by Amendment No. 1, with any changes or subject to any conditions the Commission deems necessary or appropriate. The Commission is instituting proceedings to have sufficient time to consider the issues raised by the proposal, including comments received. Institution of proceedings does not indicate that the Commission has reached any conclusions with respect to any of the issues involved. Rather, the Commission seeks and encourages interested persons to provide additional comment on the Proposed Amendment, as modified by Amendment No. 1, to inform the Commission's analysis.

Rule 608(b)(2) of Regulation NMS provides that the Commission “shall approve a national market system plan or proposed amendment to an effective national market system plan, with such changes or subject to such conditions as the Commission may deem necessary or appropriate, if it finds that such plan or amendment is necessary or appropriate in the public interest, for the protection of investors and the maintenance of fair and orderly markets, to remove impediments to, and perfect the mechanisms of, a national market system, or otherwise in furtherance of the purposes of the [Exchange] Act.” ^[74] Rule 608(b)(2) further provides that the Commission shall disapprove a national market system plan or proposed amendment if it does not make such a finding.^[75] In the Notice, the Commission sought comment on the Proposed Amendment, including whether the Proposed Amendment is consistent with the Exchange Act.^[76] In this order, pursuant to Rule 608(b)(2)(i) of Regulation NMS,^[77] the Commission is providing notice of the grounds for disapproval under consideration:

Whether, consistent with Rule 608 of Regulation NMS, the Participants have demonstrated how the Proposed Amendment, as modified by Amendment No. 1, is necessary or appropriate in the public interest, for the protection of investors and the maintenance of fair and orderly markets, to remove impediments to, and perfect the mechanisms of, a national market system, or otherwise in furtherance of the purposes of the Exchange Act; ^[78]

Whether the Participants have demonstrated how the Proposed Amendment, as modified by Amendment No. 1, is consistent with Section 6(b)(5) ^[79] and Section 15A(b)(6) ^[80] of the Exchange Act, which require that the rules of a national securities exchange or national securities association be “designed to prevent fraudulent and manipulative acts and practices, to promote just and equitable principles of trade, to foster cooperation and coordination with persons engaged in regulating, clearing, settling, processing information with respect to, and facilitating transactions in securities, to remove impediments to and perfect the mechanism of a free and open market and a national market system, and, in general, to protect investors and the public interest”;

Whether the Participants have demonstrated how the Proposed Amendment, as modified by Amendment No. 1, is consistent with Section 11A of the Exchange Act,^[81] which directs the Commission, “having due regard for the public interest, the protection of investors, and the maintenance of fair and orderly markets, to use its authority under this chapter to facilitate the establishment of a national market system . . . in accordance with the findings and to carry out the objectives” expressed by Congress, including, among other things, that “[i]t is in the public interest and appropriate for the protection of investors and the maintenance of fair and orderly markets to assure . . . (i) economically efficient execution of securities transactions; [and] (ii) fair competition among brokers and dealers, among exchange markets, ( printed page 26645) and between exchange markets and markets other than exchange markets,” as well as “to authorize or require self-regulatory organizations to act jointly with respect to matters as to which they share authority under this chapter in planning, developing, operating, or regulating a national market system (or a subsystem thereof) or on or more facilities thereof”;

Whether the Participants have demonstrated how the Proposed Amendment, as modified by Amendment No. 1, is consistent with Section 17 of the Exchange Act ^[82] and Rules 17a-1 and 17a-4,^[83] which set forth requirements for national securities exchanges, national securities associations, brokers, and dealers related to making, keeping, furnishing, and disseminating records;

Whether and if so how, the Proposed Amendment, as modified by Amendment No. 1, would affect efficiency, competition, or capital formation, which analysis is required by Rule 613 under the Exchange Act; ^[84] and

Whether modifications to the Proposed Amendment, as modified by Amendment No. 1, or conditions to its approval, would be necessary or appropriate in the public interest, for the protection of investors and the maintenance of orderly markets, to remove impediments to, and perfect the mechanisms of, a national market system, or otherwise in furtherance of the Exchange Act.^[85]

Under the Commission's Rules of Practice, the “burden to demonstrate that a NMS plan filing is consistent with the Exchange Act and the rules and regulations issued thereunder . . . is on the plan participants that filed the NMS plan filing.” ^[86] The description of the NMS plan filing, its purpose and operation, its effect, and a legal analysis of its consistency with applicable requirements must all be sufficiently detailed and specific to support an affirmative Commission finding.^[87] Any failure of the plan participants that filed the NMS plan filing to provide such detail and specificity may result in the Commission not having a sufficient basis to make an affirmative finding that the NMS plan filing is consistent with the Exchange Act and the applicable rules and regulations thereunder.^[88]

V. Commission's Solicitation of Comments

The Commission requests that interested persons provide written submissions of their views, data, and arguments with respect to the issues identified above, as well as any other concerns they may have with the Proposed Amendment, as modified by Amendment No. 1. In particular, the Commission invites the written views of interested persons concerning whether the Proposed Amendment, as modified by Amendment No. 1, is consistent with the Exchange Act, the rules and regulations thereunder, or any other provisions of the CAT NMS Plan. The Commission asks that commenters address the sufficiency and merit of the Participants' statements in support of the Proposed Amendment, as modified by Amendment No. 1, in addition to any other comments they may wish to submit about the Proposed Amendment, as modified by Amendment No. 1.

To consider the impact of the Proposed Amendment, as modified by Amendment No. 1, on efficiency, competition, and capital formation,^[89] the Commission requests additional information on all aspects of the Proposed Amendment, as modified by Amendment No. 1. In particular:

To understand the effect of the Proposed Amendment, as modified by Amendment No. 1, on operational and regulatory efficiency and/or the competitiveness of Industry Members, the Commission requests information, for each category, regarding the costs and benefits of ending the collection of Customer information in CAIS for: (1) natural persons with transformed SSNs or ITINs, (2) natural persons without transformed SSNs or ITINs, and/or (3) legal entities. For each of the three categories:

○ Would ending the collection of customer information significantly impact operational or regulatory efficiency?

○ Would Industry Members realize savings by no longer reporting this data to the CAT? Would Industry Members incur costs to respond to ad hoc requests from regulators to provide this data if it is no longer collected by the CAT? What implementation costs would Industry Members bear to make any necessary reporting changes to their systems to alter data reported to the CAT and/or stop reporting data to the CAT? Please provide estimates of annual costs and savings (if any) for Industry Members.

○ Would the Participants and/or the Plan Processor incur costs to respond to ad hoc requests from regulators to provide this data if it is no longer collected by the CAT? What implementation costs would the Participants bear to make any necessary reporting changes to their systems to alter data reported to the CAT and/or stop reporting data to the CAT? Please provide estimates of annual costs and savings (if any) for the Participants.

○ Would this change generate savings for the Plan Processor? What implementation costs would the Plan Processor bear to make this change? Please provide estimates of annual costs and savings (if any).

○ Would cost savings be generated from reduced storage and/or processing costs or any other related costs? Please provide estimates of annual costs and savings (if any).

To understand the effect of the Proposed Amendment, as modified by Amendment No. 1, on operational and regulatory efficiency, the Commission requests information, for each category, regarding the costs and benefits of deleting historical Customer information in CAIS for: (1) natural persons with transformed SSNs or ITINs, (2) natural persons without transformed SSNs or ITINs, and/or (3) legal entities. For each category:

○ Would deleting this historical customer information significantly impact operational or regulatory efficiency?

○ Would Industry Members realize savings due to the deletion of this data from the CAT? Would Industry Members incur costs to respond to ad hoc requests from regulators to provide this data if it is deleted from the CAT? Please provide estimates of annual costs and savings (if any) for Industry Members.

○ Would the Participants realize savings due to the deletion of this data from the CAT? Would the Participants incur costs to respond to ad hoc requests from regulators to provide this data if it is deleted from the CAT? Please provide estimates of annual costs and savings (if any) for the Participants.

○ Would cost savings be generated from reduced storage and/or processing costs or any other related costs? Please provide estimates of annual costs and savings (if any). ( printed page 26646)

What impact will the Proposed Amendment, as modified by Amendment No. 1, have on potential regulatory use?

○ Would any regulatory functionality enabled by the use of CCIDs be modified or eliminated (other than linking a CCID to a specific customer's identifying information) if the Proposed Amendment, as modified by Amendment No. 1, is approved?

○ To what extent do legal entities have Legal Entity Identifiers (“LEIs”) that are currently included in CAIS? Would the availability of that data, or lack thereof, have any impact upon how regulators would adapt to the changes in the Proposed Amendment, as modified by Amendment No. 1, particularly in light of the proposed removal of EINs from CAIS?

Under the Proposed Amendment, as modified by Amendment No. 1, Customer data would no longer be reported to and stored in the CAT. However, regulators may need to request such data from Industry Members. Given this, how would the Proposed Amendment, as modified by Amendment No. 1, affect the overall cybersecurity and privacy risks of collecting, transmitting, and/or requesting customer data? How and to what extent would the Proposed Amendment, as modified by Amendment No. 1, impact the costs borne by Participants and Industry Members in relation to the security of CAT Data?

Although there do not appear to be any issues relevant to approval or disapproval that would be facilitated by an oral presentation of views, data, and arguments, the Commission will consider, pursuant to Rule 608(b)(2)(i) of Regulation NMS,^[90] any request for an opportunity to make an oral presentation.^[91]

Interested persons are invited to submit written data, views, and arguments regarding whether the Proposed Amendment, as modified by Amendment No. 1, should be approved or disapproved by July 14, 2025. Any person who wishes to file a rebuttal to any other person's submission must file that rebuttal by July 28, 2025. Comments may be submitted by any of the following methods:

Electronic Comments

Use the Commission's internet comment form (http://www.sec.gov/rules/sro.shtml); or
Send an email to[email protected]. Please include file number 4-698 (CAT CAIS Amendment) on the subject line.

Paper Comments

Send paper comments in triplicate to: Secretary, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-1090.

EXHIBIT A

Cumulative Proposed Revisions to CAT NMS Plan

Additions italicized; deletions [bracketed]

ARTICLE I

DEFINITIONS

Section 1.1. Definitions.

“[Customer] Account Reference Data [Information]” shall include, but not be limited to, [account number, ]account type, [customer type,] date account opened, and large trader identifier (if applicable) (excluding, for the avoidance of doubt, account number); except, however, that (a) in those circumstances in which an Industry Member has established a trading relationship with an institution but has not established an account with that institution, the Industry Member will (i) provide the Account Effective Date in lieu of the “date account opened”; [(ii) provide the relationship identifier in lieu of the “account number”;] and (ii[i]) identify the “account type” as a “relationship”; (b) in those circumstances in which the relevant account was established prior to the implementation date of the CAT NMS Plan applicable to the relevant CAT Reporter (as set forth in Rule 613(a)(3)(v) and (vi)), and no “date account opened” is available for the account, the Industry Member will provide the Account Effective Date in the following circumstances: (i) where an Industry Member changes back office providers or clearing firms and the date account opened is changed to the date the account was opened on the new back office/clearing firm system; (ii) where an Industry Member acquires another Industry Member and the date account opened is changed to the date the account was opened on the post-merger back office/clearing firm system; (iii) where there are multiple dates associated with an account in an Industry Member's system, and the parameters of each date are determined by the individual Industry Member; and (iv) where the relevant account is an Industry Member proprietary account. For the avoidance of doubt, Industry ( printed page 26647) Members are required to provide a Firm Designated ID in accordance with this Agreement.

“CCID Subsystem” means the subsystem of the Reference Database that exists solely to transform input TID values into CCID values.

“ Customer-ID” or “CAT Customer-ID” or “CCID ” has the same meaning provided in SEC Rule 613(j)(5).

“Customer Reference Data [Identifying Information]” means information [of sufficient detail to identify ] attributed to a Customer, including, but not limited to, (a) with respect to individuals: [name, address, date of birth, individual tax payer identification number (“ITIN”)/social security number (“SSN”),] TID, customer type, and the individual's role in the account ( e.g., primary holder, joint holder, guardian, trustee, person with the power of attorney); and (b) with respect to legal entities: [name, address, ] customer type and [Employer Identification Number (“EIN”)/] Legal Entity Identifier (“LEI”) or other comparable common entity identifier, if applicable; provided, however, that an Industry Member that has an LEI for a Customer must submit the Customer's LEI [in addition to other information of sufficient detail to identify a Customer].

“Full Availability and Regulatory Utilization of Transactional Database Functionality ” means the point at which: (a) reporting to the Order Audit Trail System (“OATS”) is no longer required for new orders; (b) Industry Member reporting for equities transactions and simple electronic options transactions, excluding Customer Account Information,^[*] _Customer-ID, and Customer Identifying Information,^[*] _with sufficient intra-firm linkage, inter-firm linkage, national securities exchange linkage, trade reporting facilities linkage, and representative order linkages (including any equities allocation information provided in an Allocation Report) to permit the Participants and the Commission to analyze the full lifecycle of an order across the national market system, from order origination through order execution or order cancellation, is developed, tested, and implemented at a 5% Error Rate or less; (c) Industry Member reporting for manual options transactions and complex options transactions, excluding Customer Account Information, Customer-ID, and Customer Identifying Information, with all required linkages to permit the Participants and the Commission to analyze the full lifecycle of an order across the national market system, from order origination through order execution or order cancellation, including any options allocation information provided in an Allocation Report, is developed, tested, and fully implemented; (d) the query tool functionality required by Section 6.10(c)(i)(A) and Appendix D, Sections 8.1.1-8.1.3, Section 8.2.1, and Section 8.5 incorporates the data described in conditions (b)-(c) and is available to the Participants and to the Commission; and (e) the requirements of Section 6.10(a) are met. This Financial Accountability Milestone shall be considered complete as of the date identified in a Quarterly Progress Report meeting the requirements of Section 6.6(c).

[“PII” means personally identifiable information, including a social security number or tax identifier number or similar information; Customer Identifying Information and Customer Account Information.]

“Reference Data” shall mean the data elements in Account Reference Data and Customer Reference Data.

“Reference Database” means the information system of the CAT containing Reference Data.

“Transformed Identifier” or “TID” means the transformed version of the input used to identify unique Customers, including, but not limited to individual tax payer identification number (“ITIN”) or social security number (“SSN”) submitted by Industry Members in place of an ITIN or SSN.

ARTICLE VI

FUNCTIONS AND ACTIVITIES OF CAT SYSTEM

Section 6.2. Chief Compliance Officer and Chief Information Security Officer

(a) Chief Compliance Officer.

(v) The Chief Compliance Officer shall:

(C) in collaboration with the Chief Information Security Officer, and consistent with Appendix D, Data Security, and any other applicable requirements related to data security[,] and Reference Data [Customer Account Information and Customer Identifying Information], identify and assist the Company in retaining an appropriately qualified independent auditor (based on specialized technical expertise, which may be the Independent Auditor or subject to the approval of the Operating Company by Supermajority Vote, another appropriately qualified independent auditor), and in collaboration with such independent auditor, create and implement an annual audit plan (subject to the approval of the Operating Committee), which shall at a minimum include a review of all Plan Processor policies, procedures and control structures, and real time tools that monitor and address data security issues for the Plan Processor and the Central Repository;

(b) Chief Information Security Officer.

(v) Consistent with Appendices C and D, the Chief Information Security Officer shall be responsible for creating and enforcing appropriate policies, procedures, and control structures to monitor and address data security issues for the Plan Processor and the Central Repository including:

(F) [PII data requirements, including the standards set forth in Appendix D, PII Data Requirements] [Reserved];

Section 6.4. Data Reporting and Recording by Industry Members

(d) Required Industry Member Data.

(ii) Subject to Section 6.4(c) and Section 6.4(d)(iii) with respect to Options Market Makers, and consistent with Appendix D, Reporting and Linkage Requirements, and the Technical Specifications, each Participant shall, through its Compliance Rule, require its Industry Members to record and report to the Central Repository the following, as applicable (“ Received Industry Member ( printed page 26648) Data ” and collectively with the information referred to in Section 6.4(d)(i) “ Industry Member Data ”):

(C) for original receipt or origination of an order, the Firm Designated ID for the relevant Customer, and in accordance with Section 6.4(d)(iv), Reference Data [Customer Account Information and Customer Identifying Information] for the relevant Customer; and

Section 6.10. Surveillance

(ii) Extraction of CAT Data shall be consistent with all permission rights granted by the Plan Processor. All CAT Data returned shall be encrypted[, and PII data shall be masked unless users have permission to view the CAT Data that has been requested].

APPENDIX D

CAT NMS Plan Processor Requirements

4. Data Security

4.1 Overview

The Plan Processor must provide to the Operating Committee a comprehensive security plan that covers all components of the CAT System, including physical assets and personnel, and the training of all persons who have access to the Central Repository consistent with Article VI, Section 6.1(m). The security plan must be updated annually. The security plan must include an overview of the Plan Processor's network security controls, processes and procedures pertaining to the CAT Systems. Details of the security plan must document how the Plan Processor will protect, monitor and patch the environment; assess it for vulnerabilities as part of a managed process, as well as the process for response to security incidents and reporting of such incidents. The security plan must address physical security controls for corporate, data center, and leased facilities where Central Repository data is transmitted or stored. The Plan Processor must have documented “hardening baselines” for systems that will store, process, or transmit CAT Data [or PII data].

4.1.2 Data Encryption

All CAT Data must be encrypted at rest and in flight using industry standard best practices ( e.g., SSL/TLS) including archival data storage methods such as tape backup. Symmetric key encryption must use a minimum key size of 128 bits or greater ( e.g., AES-128), larger keys are preferable. Asymmetric key encryption ( e.g., PGP) for exchanging data between Data Submitters and the Central Repository is desirable.

[Storage of unencrypted PII data is not permissible. PII encryption methodology must include a secure documented key management strategy such as the use of HSM(s). The Plan Processor must describe how PII encryption is performed and the key management strategy ( e.g., AES-256, 3DES).]

If public cloud managed services are used that would inherently have access to the data ( e.g., BigQuery, S3, Redshift), then the key management surrounding the encryption of that data must be documented (particularly whether the cloud provider manages the keys, or if the Plan Processor maintains that control). Auditing and real-time monitoring of the service for when cloud provider personnel are able to access/decrypt CAT Data must be documented, as well as a response plan to address instances where unauthorized access to CAT Data is detected. Key management/rotation/revocation strategies and key chain of custody must also be documented in detail.

4.1.4 Data Access

The Plan Processor must provide an overview of how access to [PII and other] CAT Data by Plan Processor employees and administrators is restricted. This overview must include items such as, but not limited to, how the Plan Processor will manage access to the systems, internal segmentation, multi-factor authentication, separation of duties, entitlement management, background checks, etc.

Any login to the system [that is able to access PII data must follow non-PII password rules and] must be [further] secured via multi-factor authentication (“MFA”). The implementation of MFA must be documented by the Plan Processor. MFA authentication capability for all logins is required to be implemented by the Plan Processor.

4.1.6 [PII Data Requirements] [Reserved]

[PII data must not be included in the result set(s) from online or direct query tools, reports or bulk data extraction. Instead, results will display existing non-PII unique identifiers ( e.g., Customer-ID or Firm Designated ID). The PII corresponding to these identifiers can be gathered using the PII workflow described in Appendix D, Data Security, PII Data Requirements. By default, users entitled to query CAT Data are not authorized for PII access. The process by which someone becomes entitled for PII access, and how they then go about accessing PII data, must be documented by the Plan Processor. The chief regulatory officer, or other such designated officer or employee at each Participant must, at least annually, review and certify that people with PII access have the appropriate level of access for their role.

Using the RBAC model described above, access to PII data shall be configured at the PII attribute level, following the “least privileged” practice of limiting access as much as possible.

PII data must be stored separately from other CAT Data. It cannot be stored with the transactional CAT Data, and it must not be accessible from public internet connectivity. A full audit trail of PII access (who accessed what data, and when) must be maintained. The Chief Compliance Officer and the Chief Information Security Officer shall have access to daily PII reports that list all users who are entitled for PII access, as well as the audit trail of all PII access that has occurred for the day being reported on.]

6.2 Data Availability Requirements

Figure B: [Customer and Account Information (Including PII)] Reference Data

CAT [PII] Reference Data data must be processed within established timeframes to ensure data can be made available to Participants' regulatory staff and the SEC in a timely manner. Industry Members submitting new or modified Customer information must provide it to the Central Repository no later than 8:00 a.m. Eastern Time on T+1. The Central Repository must validate the data and generate error reports no later than 5:00 p.m. Eastern Time on T+1. The Central Repository must process the resubmitted data no later than 5:00 p.m. Eastern Time on T+4. Corrected data must be resubmitted no later than 5:00 p.m. Eastern Time on T+3. The Central Repository must process the resubmitted data no later than 5:00 p.m. Eastern Time on T+4. Corrected data must be available to regulators no later than 8:00 a.m. Eastern Time on T+5.

[Customer information that includes PII] Reference [d] D ata must be available to regulators immediately upon receipt of initial data and corrected data, pursuant to security policies for retrieving [PII] Reference Data.

8. Functionality of the CAT System

8.1 Regulator Access

8.1.1 Online Targeted Query Tool

The tool must provide a record count of the result set, the date and time the query request is submitted, and the date and time the result set is provided to the users. In addition, the tool must indicate in the search results whether the retrieved data was linked or unlinked ( e.g., using a flag). [In addition, the online targeted query tool must not display any PII data. Instead, it will display existing non-PII unique identifiers ( e.g., Customer-ID or Firm Designated ID). The PII corresponding to these identifiers can be gathered using the PII workflow described in Appendix D, Data Security, PII Data Requirements.] The Plan Processor must define the maximum number of records that can be viewed in the online tool as well as the maximum number of records that can be downloaded. Users must have the ability to download the results to .csv, .txt, and other formats, as applicable. These files will also need to be available in a compressed format ( e.g.,.zip, .gz). Result sets that exceed the maximum viewable or download limits must return to users a message informing them of the size of the result set and the option to choose to have the result set returned via an alternate method.

8.1.3 Online Targeted Query Tool Access and Administration

Access to CAT Data is limited to authorized regulatory users from the Participants and the SEC. Authorized regulators from the Participants and the SEC may access all CAT Data[, with the exception of PII data. A subset of the authorized regulators from the Participants and the SEC will have permission to access and view PII data]. ( printed page 26650) The Plan Processor must work with the Participants and SEC to implement an administrative and authorization process to provide regulator access. The Plan Processor must have procedures and a process in place to verify the list of active users on a regular basis.

A two-factor authentication is required for access to CAT Data. [PII data must not be available via the online targeted query tool or the user-defined direct query interface.]

8.2 User-Defined Direct Queries and Bulk Extraction of Data

The Central Repository must provide for direct queries, bulk extraction, and download of data for all regulatory users. Both the user-defined direct queries and bulk extracts will be used by regulators to deliver large sets of data that can then be used in internal surveillance or market analysis applications. The data extracts must use common industry formats.

[Direct queries must not return or display PII data. Instead, they will return existing non-PII unique identifiers ( e.g., Customer-ID or Firm Designated ID). The PII corresponding to these identifiers can be gathered using the PII workflow described in Appendix D, Data Security, PII Data Requirements.]

8.2.2 Bulk Extract Performance Requirements

Extraction of data must be consistently in line with all permissioning rights granted by the Plan Processor. Data returned must be encrypted, password protected and sent via secure methods of transmission. [In addition, PII data must be masked unless users have permission to view the data that has been requested.]

9. CAT Reference Data [Customer and Customer Account Information]

9.1 [Customer and Customer Account Information] Reference Data Storage

The CAT must capture and store Reference Data [Customer and Customer Account Information] in a secure database physically separated from the transactional database. The Plan Processor will maintain certain information [of sufficient detail to uniquely and consistently identify] attributed to each Customer across all CAT Reporters, and associated accounts from each CAT Reporter. [The following attributes, a] A t a minimum, the CAT must capture Transformed Identifiers. [be captured:]

[Social security number (SSN) or Individual Taxpayer Identification Number (ITIN);]
[Date of birth;]
[Current name;]
[Current address;]
[Previous name; and]
[Previous address.]

For legal entities, the CAT must capture Legal Entity Identifiers (LEIs) (if available). [the following attributes:]

[Legal Entity Identifier (LEI) (if available);]
[Tax identifier;]
[Full legal name; and]
[Address.]

The Plan Processor must maintain valid Reference Data [Customer and Customer Account Information] for each trading day and provide a method for Participants’ regulatory staff and the SEC to easily obtain historical changes to that information[ ( e.g., name changes, address changes, etc.)].

[The Plan Processor will design and implement a robust data validation process for submitted Firm Designated ID, Customer Account Information and Customer Identifying Information, and must continue to process orders while investigating Customer information mismatches. Validations should:

Confirm the number of digits on a SSN,
Confirm date of birth, and
Accommodate the situation where a single SSN is used by more than one individual.]

The Plan Processor will use the [Customer information] Transformed Identifier submitted by all broker-dealer CAT Reporters to the CCID Subsystem to assign a unique Customer-ID for each Customer. The Customer-ID must be consistent across all broker-dealers that have an account associated with that Customer. This unique CAT-Customer-ID will not be returned to CAT Reporters and will only be used internally by the CAT.

Broker-Dealers will initially submit full account lists for all active accounts to the Plan Processor and subsequently submit updates and changes on a daily basis. In addition, the Plan Processor must have a process to periodically receive full account lists to ensure the completeness and accuracy of the account database. The Central Repository must support account structures that have multiple account owners and associated Customer information (joint accounts, managed accounts, etc.), and must be able to link accounts that move from one CAT Reporter to another ( e.g., due to mergers and acquisitions, divestitures, etc.).

9.2 Required Data Attributes for Customer Information Data Submitted by Industry Members

At a minimum, the following Customer information data attributes must be accepted by the Central Repository:

[Account Owner Name;]
[Account Owner Mailing Address;]
[Account Tax Identifier (SSN, TIN, ITN)]Transformed Identifier;
Market Identifiers (Larger Trader ID, LEI);
Type of Account;
Firm [Identifier Number]Designated ID;

○ The number that the CAT Reporter will supply on all orders generated for the Account;

Prime Broker ID;
Bank Depository ID; and
Clearing Broker.

9.3 Customer-ID Tracking

The Plan Processor will assign a CAT-Customer-ID for each unique Customer. The Plan Processor will [determine] generate and assign a unique CAT -Customer- ID [using information such as SSN and DOB for natural persons or entity identifiers for Customers that are not natural persons and will resolve discrepancies] for each Transformed Identifier submitted by broker-dealer CAT Reporters to the CCID Subsystem. Once a CAT-Customer-ID is assigned, it will be added to each linked (or unlinked) order record for that Customer.

Participants and the SEC must be able to use the unique CAT-Customer-ID to track orders from any Customer or group of Customers, regardless of what brokerage account was used to enter the order.

9.4 Error Resolution for Customer Data

[The Plan Processor must design and implement procedures and mechanisms to handle both minor and material inconsistencies in Customer information. The Central Repository needs to be able to accommodate minor data discrepancies such as variations in road name abbreviations in searches. Material inconsistencies such as two different people with the same SSN must be communicated to the submitting CAT Reporters and resolved within the established error correction timeframe as detailed in Section 8.]

The Central Repository must have an audit trail showing the resolution of all errors. The audit trail must, at a minimum, include the: ( printed page 26651)

CAT Reporter submitting the data;
Initial submission date and time;
Data in question or the ID of the record in question;
Reason identified as the source of the issue[, such as:];

○ [duplicate SSN, significantly different Name;]

○ [duplicate SSN, different DOB;]

○ [discrepancies in LTID; or]

○ [others as determined by the Plan Processor;]

Date and time the issue was transmitted to the CAT Reporter, included each time the issue was re-transmitted, if more than once;
Corrected submission date and time, including each corrected submission if more than one, or the record ID(s) of the corrected data or a flag indicating that the issue was resolved and corrected data was not required; and
Corrected data, the record ID, or a link to the corrected data.

9.5 Deletion from CAIS of Certain Reported Customer Data

Notwithstanding any other provision of the CAT NMS Plan, this Appendix D, or the Exchange Act, CAT LLC shall direct the Plan Processor to develop and implement a mechanism to delete from CAIS, or otherwise make inaccessible to regulatory users, the following data attributes: Customer name, Customer address, account name, account address, authorized trader names list, account number, day of birth, month of birth, year of birth, and ITIN/SSN. For the avoidance of doubt, such data attributes do not constitute records that must be retained under Exchange Act Rule 17a-1. CAT LLC or the Plan Processor shall be permitted to delete any such information that has been improperly reported by an Industry Member to the extent that either becomes aware of such improper reporting through self-reporting or otherwise.

10. User Support

10.1 CAT Reporter Support

The Plan Processor must develop tools to allow each CAT Reporter to:

ManageReference Data [Customer and Customer Account Information];

10.3 CAT Help Desk

CAT Help Desk support functions must include:

Supporting CAT Reporters with data submissions and data corrections, including submission ofReference Data [Customer and Customer Account Information];

EXHIBIT B

Proposed Additional Revisions to Changes in Proposed Amendment

Additions italicized; deletions [bracketed]

ARTICLE I

DEFINITIONS

Section 1.1. Definitions.

“ Account Reference Data [Attributes]” shall include, but not be limited to, account type, [customer type,] date account opened, and large trader identifier (if applicable) (excluding, for the avoidance of doubt, account number); except, however, that (a) in those circumstances in which an Industry Member has established a trading relationship with an institution but has not established an account with that institution, the Industry Member will (i) provide the Account Effective Date in lieu of the ‘date account opened’; and (ii) identify the ‘account type’ as a ‘relationship’; (b) in those circumstances in which the relevant account was established prior to the implementation date of the CAT NMS Plan applicable to the relevant CAT Reporter (as set forth in Rule 613(a)(3)(v) and (vi)), and no ‘date account opened’ is available for the account, the Industry Member will provide the Account Effective Date in the following circumstances: (i) where an Industry Member changes back office providers or clearing firms and the date account opened is changed to the date the account was opened on the new back office/clearing firm system; (ii) where an Industry Member acquires another Industry Member and the date account opened is changed to the date the account was opened on the post-merger back office/clearing firm system; (iii) where there are multiple dates associated with an account in an Industry Member's system, and the parameters of each date are determined by the individual Industry Member; and (iv) where the relevant account is an Industry Member proprietary account. For the avoidance of doubt, Industry Members are required to provide a Firm Designated ID in accordance with this Agreement.

“ CCID Subsystem ” means the [isolated] subsystem of the Reference Database [CAIS] that exists solely to transform input TID values into CCID values.

“ Customer Reference Data [Attributes]” means information attributed to a Customer, including, but not limited to, (a) with respect to individuals: TID, customer type, and the individual's role in the account ( e.g., primary holder, joint holder, guardian, trustee, person with the power of attorney); and (b) with respect to legal entities: customer type and [Employer Identification Number (“EIN”)/]Legal Entity Identifier (“LEI”) or other comparable common entity identifier, if applicable; provided, however, that an Industry Member that has an LEI for a Customer must submit the Customer's LEI.

“ Full Availability and Regulatory Utilization of Transactional Database Functionality ” means the point at which: (a) reporting to the Order Audit Trail System (“OATS”) is no longer required for new orders; (b) Industry Member reporting for equities transactions and simple electronic options transactions, excluding Customer Account Information,^[*] Customer-ID, and Customer Identifying Information,^[*] with sufficient intra-firm linkage, inter-firm linkage, national securities exchange linkage, trade reporting facilities linkage, and representative order linkages (including any equities allocation information provided in an Allocation Report) to permit the Participants and the Commission to analyze the full lifecycle of an order across the national market system, from order origination through order execution or order cancellation, is developed, tested, and implemented at ( printed page 26652) a 5% Error Rate or less; (c) Industry Member reporting for manual options transactions and complex options transactions, excluding Customer Account Information, Customer-ID, and Customer Identifying Information, with all required linkages to permit the Participants and the Commission to analyze the full lifecycle of an order across the national market system, from order origination through order execution or order cancellation, including any options allocation information provided in an Allocation Report, is developed, tested, and fully implemented; (d) the query tool functionality required by Section 6.10(c)(i)(A) and Appendix D, Sections 8.1.1-8.1.3, Section 8.2.1, and Section 8.5 incorporates the data described in conditions (b)-(c) and is available to the Participants and to the Commission; and (e) the requirements of Section 6.10(a) are met. This Financial Accountability Milestone shall be considered complete as of the date identified in a Quarterly Progress Report meeting the requirements of Section 6.6(c).

“ Reference Data [Customer and Account Attributes]” shall mean the data elements in Account Reference Data [Attributes] and Customer Reference Data [Attributes].

“ Reference Database [CAIS]” means the [customer and account ]information system of the CAT containing Reference Data.

“ Transformed Identifier ” or “ TID ” means the transformed version of the input used to identify unique Customers, including, but not limited to individual tax payer identification number (“ITIN”) or social security number (“SSN”) submitted by Industry Members in place of an ITIN or SSN.

ARTICLE VI

FUNCTIONS AND ACTIVITIES OF CAT SYSTEM

Section 6.2. Chief Compliance Officer and Chief Information Security Officer

(a) Chief Compliance Officer.

(v) The Chief Compliance Officer shall:

(C) in collaboration with the Chief Information Security Officer, and consistent with Appendix D, Data Security, and any other applicable requirements related to data security and Reference Data [Customer and Account Attributes], identify and assist the Company in retaining an appropriately qualified independent auditor (based on specialized technical expertise, which may be the Independent Auditor or subject to the approval of the Operating Company by Supermajority Vote, another appropriately qualified independent auditor), and in collaboration with such independent auditor, create and implement an annual audit plan (subject to the approval of the Operating Committee), which shall at a minimum include a review of all Plan Processor policies, procedures and control structures, and real time tools that monitor and address data security issues for the Plan Processor and the Central Repository;

(b) Chief Information Security Officer.

(F) [Customer and Account Attributes data requirements, including the standards set forth in Appendix D, Customer and Account Attributes Data Requirements] [Reserved];

Section 6.4. Data Reporting and Recording by Industry Members

(d) Required Industry Member Data.

(ii) Subject to Section 6.4(c) and Section 6.4(d)(iii) with respect to Options Market Makers, and consistent with Appendix D, Reporting and Linkage Requirements, and the Technical Specifications, each Participant shall, through its Compliance Rule, require its Industry Members to record and report to the Central Repository the following, as applicable (“ Received Industry Member Data ” and collectively with the information referred to in Section 6.4(d)(i) “ Industry Member Data ”):

(C) for original receipt or origination of an order, the Firm Designated ID for the relevant Customer, and in accordance with Section 6.4(d)(iv), Reference Data [Customer and Account Attributes] for the relevant Customer; and

Section 6.10. Surveillance

(ii) Extraction of CAT Data shall be consistent with all permission rights granted by the Plan Processor. All CAT Data returned shall be encrypted[, and Customer and Account Attributes data shall be masked unless users have permission to view the CAT Data that has been requested].

APPENDIX D

CAT NMS Plan Processor Requirements

4. Data Security

4.1 Overview

4.1.2 Data Encryption

[Storage of unencrypted Customer and Account Attributes data is not permissible. Customer and Account Attributes encryption methodology must include a secure documented key management strategy such as the use of HSM(s). The Plan Processor must describe how Customer and Account Attributes encryption is performed and the key management strategy ( e.g., AES-256, 3DES).]

4.1.4 Data Access

The Plan Processor must provide an overview of how access to [Customer and Account Attributes and other ]CAT Data by Plan Processor employees and administrators is restricted. This overview must include items such as, but not limited to, how the Plan Processor will manage access to the systems, internal segmentation, multi-factor authentication, separation of duties, entitlement management, background checks, etc.

Any login to the system [that is able to access Customer and Account Attributes data must follow password rules for data that does not constitute Customer and Account Attributes and ]must be [further ]secured via multi-factor authentication (“ MFA ”). The implementation of MFA must be documented by the Plan Processor. MFA authentication capability for all logins is required to be implemented by the Plan Processor.

4.1.6 [Customer and Account Attributes Data Requirements] [Reserved]

[Customer and Account Attributes data must not be included in the result set(s) from online or direct query tools, reports or bulk data extraction. Instead, results will display existing unique identifiers ( e.g., Customer-ID or Firm Designated ID) that do not constitute Customer and Account Attributes. The Customer and Account Attributes corresponding to these identifiers can be gathered using the Customer and Account Attributes workflow described in Appendix D, Data Security, Customer and Account Attributes Data Requirements. By default, users entitled to query CAT Data are not authorized for access to Customer and Account Attributes. The process by which someone becomes entitled for access to Customer and Account Attributes, and how they then go about accessing Customer and Account Attributes data, must be documented by the Plan Processor. The chief regulatory officer, or other such designated officer or employee at each Participant must, at least annually, review and certify that people with access to Customer and Account Attributes have the appropriate level of access for their role.

Using the RBAC model described above, access to Customer and Account Attributes data shall be configured at the Customer and Account Attribute level, following the “least privileged” practice of limiting access as much as possible.

Customer and Account Attributes data must be stored separately from other CAT Data. It cannot be stored with the transactional CAT Data, and it must not be accessible from public internet connectivity. A full audit trail of access to Customer and Account Attributes (who accessed what data, and when) must be maintained. The Chief Compliance Officer and the Chief Information Security Officer shall have access to daily Customer and Account Attributes reports that list all users who are entitled for access to Customer and Account Attributes, as well as the audit trail of all access to Customer and Account Attributes that has occurred for the day being reported on.]

6.2 Data Availability Requirements

Figure B: Reference Data [Customer and Account Attributes]

CAT Reference Data [Customer and Account Attributes] data must be processed within established timeframes to ensure data can be made available to Participants' regulatory staff and the SEC in a timely manner. Industry Members submitting new or modified Customer information must ( printed page 26654) provide it to the Central Repository no later than 8:00 a.m. Eastern Time on T+1. The Central Repository must validate the data and generate error reports no later than 5:00 p.m. Eastern Time on T+1. The Central Repository must process the resubmitted data no later than 5:00 p.m. Eastern Time on T+4. Corrected data must be resubmitted no later than 5:00 p.m. Eastern Time on T+3. The Central Repository must process the resubmitted data no later than 5:00 p.m. Eastern Time on T+4. Corrected data must be available to regulators no later than 8:00 a.m. Eastern Time on T+5.

Reference Data [Customer information that includes Customer and Account Attributes] data must be available to regulators immediately upon receipt of initial data and corrected data, pursuant to security policies for retrieving Reference Data [Customer and Account Attributes].

8. Functionality of the CAT System

8.1 Regulator Access

8.1.1 Online Targeted Query Tool

The tool must provide a record count of the result set, the date and time the query request is submitted, and the date and time the result set is provided to the users. In addition, the tool must indicate in the search results whether the retrieved data was linked or unlinked ( e.g., using a flag). [In addition, the online targeted query tool must not display any Customer and Account Attributes data. Instead, it will display existing unique identifiers ( e.g., Customer-ID or Firm Designated ID) that do not constitute Customer and Account Attributes. The Customer and Account Attributes corresponding to these identifiers can be gathered using the Customer and Account Attributes workflow described in Appendix D, Data Security, Customer and Account Attributes Data Requirements.] The Plan Processor must define the maximum number of records that can be viewed in the online tool as well as the maximum number of records that can be downloaded. Users must have the ability to download the results to .csv, .txt, and other formats, as applicable. These files will also need to be available in a compressed format ( e.g.,.zip, .gz). Result sets that exceed the maximum viewable or download limits must return to users a message informing them of the size of the result set and the option to choose to have the result set returned via an alternate method.

8.1.3 Online Targeted Query Tool Access and Administration

Access to CAT Data is limited to authorized regulatory users from the Participants and the SEC. Authorized regulators from the Participants and the SEC may access all CAT Data[, with the exception of Customer and Account Attributes data. A subset of the authorized regulators from the Participants and the SEC will have permission to access and view Customer and Account Attributes data]. The Plan Processor must work with the Participants and SEC to implement an administrative and authorization process to provide regulator access. The Plan Processor must have procedures and a process in place to verify the list of active users on a regular basis.

A two-factor authentication is required for access to CAT Data. [Customer and Account Attributes data must not be available via the online targeted query tool or the user-defined direct query interface.]

8.2 User-Defined Direct Queries and Bulk Extraction of Data

[Direct queries must not return or display Customer and Account Attributes data. Instead, they will return existing unique identifiers ( e.g., Customer-ID or Firm Designated ID) that do not constitute Customer and Account Attributes. The Customer and Account Attributes corresponding to these identifiers can be gathered using the Customer and Account Attributes workflow described in Appendix D, Data Security, Customer and Account Attributes Data Requirements.]

8.2.2 Bulk Extract Performance Requirements

Extraction of data must be consistently in line with all permissioning rights granted by the Plan Processor. Data returned must be encrypted, password protected and sent via secure methods of transmission. [In addition, Customer and Account Attributes data must be masked unless users have permission to view the data that has been requested.]

9. CAT Reference Data [Customer and Account Attributes]

9.1 [Customer and Account Attributes]Reference Data Storage

The CAT must capture and store Reference Data [Customer and Account Attributes] in a secure database physically separated from the transactional database. The Plan Processor will maintain certain information attributed to each Customer across all CAT Reporters, and associated accounts from each CAT Reporter. At a minimum, the CAT must capture Transformed Identifiers.

For legal entities, the CAT must capture Legal Entity Identifiers (LEIs) (if available).

The Plan Processor must maintain valid Reference Data [Customer and Account Attributes] for each trading day and provide a method for Participants' regulatory staff and the SEC to easily obtain historical changes to that information.

The Plan Processor will use the Transformed Identifier submitted by all broker-dealer CAT Reporters to the [isolated] CCID Subsystem to assign a unique Customer-ID for each Customer. The Customer-ID must be consistent across all broker-dealers that have an account associated with that Customer. This unique CAT-Customer-ID will not be returned to CAT Reporters and will only be used internally by the CAT.

9.2 Required Data Attributes for Customer Information Data Submitted by Industry Members

At a minimum, the following Customer information data attributes must be accepted by the Central Repository: ( printed page 26655)

Transformed Identifier[ (with respect to individuals) or EIN (with respect to legal entities)];
Market Identifiers (Larger Trader ID, LEI);
Type of Account;
Firm [Identifier Number]Designated ID;

○ The number that the CAT Reporter will supply on all orders generated for the Account;

Prime Broker ID;
Bank Depository ID; and
Clearing Broker.

9.3 Customer-ID Tracking

The Plan Processor will assign a CAT-Customer-ID for each unique Customer. The Plan Processor will generate and assign a unique CAT-Customer-ID for each Transformed Identifier submitted by broker-dealer CAT Reporters to the [isolated] CCID Subsystem. Once a CAT-Customer-ID is assigned, it will be added to each linked (or unlinked) order record for that Customer.

Participants and the SEC must be able to use the unique CAT-Customer-ID to track orders from any Customer or group of Customers, regardless of what brokerage account was used to enter the order.

10. User Support

10.1 CAT Reporter Support

The Plan Processor must develop tools to allow each CAT Reporter to:

ManageReference Data [Customer and Account Attributes];

10.3 CAT Help Desk

CAT Help Desk support functions must include:

Supporting CAT Reporters with data submissions and data corrections, including submission ofReference Data [Customer and Account Attributes];

Exhibit C

Proposed Changes to CAIS Technical Specifications

June 17, 2025. ( printed page 26638)

Estimated CAIS costs original 2025 Budget Estimated CAIS costs following recent optimizations Estimated reference database costs under proposed amendment

CAIS (Reference Database) Operating Fees—Plan Processor	$20.7 million	$20.7 million	$15.7 million
CAIS (Reference Database) Licensing Fees—Plan Processor	2.8 million	2.8 million	2.8 million
CAIS- (Reference Database-) Related Cloud Hosting Services Fees	~12 million	~8.5 to 9.5 million	~4.5 to 7.5 million
^Total	~35.5 million	~32 to 33 million	~23 to 26 million

All submissions should refer to File Number 4-698 (CAT CAIS Amendment). This file number should be included on the subject line if email is used. To help the Commission process and review your comments more efficiently, please use only one method. The Commission will post all comments on the Commission's internet website ( http://www.sec.gov/rules/sro.shtml). Copies of the submission, all subsequent amendments, all written statements with respect to the Proposed Amendment, as modified by Amendment No. 1, that are filed with the Commission, and all written communications relating to the Proposed Amendment, as modified by Amendment No. 1, between the Commission and any person, other than those that may be withheld from the public in accordance with the provisions of 5 U.S.C. 552, will be available for website viewing and printing in the Commission's Public Reference Room, 100 F Street NE, Washington, DC 20549 on official business days between the hours of 10:00 a.m. and 3:00 p.m. Copies of the filing also will be available for inspection and copying at the Participants’ principal offices. Do not include personal identifiable information in submissions; you should submit only information that you wish to make available publicly. We may redact in part or withhold entirely from publication submitted material that is obscene or subject to copyright protection. All submissions should refer to File Number 4-698 (CAT CAIS Amendment) and should be submitted on or before July 14, 2025.

For the Commission, by the Division of Trading and Markets, pursuant to delegated authority.^[92]

Sherry R. Haywood,

Assistant Secretary.

* * * * *

( printed page 26649)

{changes to the title of the chart: Timeline for Reference Data [Customer and Account Information (including PII)]}

* * * * *

{changes to the title of the chart: Timeline for Reference Data [Customer and Account Attributes]}

* * * * *

Fields Currently Anticipated To Be Eliminated

FDID records Natural person customer records Legal entity customer records

accountName	firstName	legalName
authTraderNamesList	middleName	addressList
authTraderName	lastName	addrType
authTraderNameID	nameSuffix	addrLine1
addressList	doingBusinessAs	addrLine2
addrType	yearOfBirth	addrLine3
addrLine1	addressList	addrLine4
addrLine2	addrType	city
addrLine3	addrLine1	regionCode
addrLine4	addrLine2	countryCode
city	addrLine3	postalCode
regionCode	addrLine4	ein
countryCode	city
postalCode	regionCode	updateNotification
	countryCode
	postalCode
	updateNotification

Fields Currently Anticipated To Be Retained

FDID records Natural person customer records Legal entity customer records

fdidRecordList	naturalPersonCustomerList	legalEntityCustomerList
fdidRecordID	customerRecordID	customerRecordID
fdidCustomerList	customerType	customerType
customerRecordID		lei
firmDesignatedID
fdidType
accountType
fdidDate
role
roleStartDate
DVPCustodianID
clearingBrokerID
branchOfficeCRD
fdidEndDate
fdidEndReason
replacedByFDID
priorCATReporterCRD
priorCATReporterFDID
largeTraderList
largeTraderRecordID
largeTraderID
ltidEffectiveDate
ltidEndDate
ltidEndReason
roleEndDate
( printed page 26656)
roleEndReason
registeredRepCRD

Read Entire Article

I. Introduction

II. Proposed CAIS Amendments

A. Summary of March 7, 2025 Proposed Amendment [10]

B. Notice and Description of Amendment No. 1

1. Revisions and Technical Changes to the Proposed Amendment

a. Renaming of the “Customer and Account Information System” (“CAIS”) to the “Reference Database”; Revisions to Certain Defined Terms to More Accurately Describe the Information Reported to CAT Under the Proposed Amendment

b. Technical Revisions to the Proposed Amendment

c. Revisions to Certain Plan Requirements Following Elimination of “PII”

d. Elimination of Requirement To Report Employer Identification Numbers

a. Adjustments to Prior Cost Savings Estimates Due to Subsequent Optimizations

b. Calculation of Cost Savings Estimates and One-Time Implementation Costs

3. Implementation

4. Additional Cost Savings Opportunities; Proposals to Retire CAIS

III. Summary of Comments

IV. Proceedings To Determine Whether To Approve or Disapprove the Proposed Amendment

V. Commission's Solicitation of Comments

Electronic Comments

Paper Comments

EXHIBIT A

Cumulative Proposed Revisions to CAT NMS Plan

Additions italicized; deletions [bracketed]

ARTICLE I

DEFINITIONS

Section 1.1. Definitions.

ARTICLE VI

FUNCTIONS AND ACTIVITIES OF CAT SYSTEM

Section 6.2. Chief Compliance Officer and Chief Information Security Officer

Section 6.4. Data Reporting and Recording by Industry Members

Section 6.10. Surveillance

APPENDIX D

CAT NMS Plan Processor Requirements

4. Data Security

4.1 Overview

4.1.2 Data Encryption

4.1.4 Data Access

4.1.6 [PII Data Requirements] [Reserved]

6.2 Data Availability Requirements

Figure B: [Customer and Account Information (Including PII)] Reference Data

8. Functionality of the CAT System

8.1 Regulator Access

8.1.1 Online Targeted Query Tool

8.1.3 Online Targeted Query Tool Access and Administration

8.2 User-Defined Direct Queries and Bulk Extraction of Data

8.2.2 Bulk Extract Performance Requirements

9. CAT Reference Data [Customer and Customer Account Information]

9.1 [Customer and Customer Account Information] Reference Data Storage

9.2 Required Data Attributes for Customer Information Data Submitted by Industry Members

9.3 Customer-ID Tracking

9.4 Error Resolution for Customer Data

9.5 Deletion from CAIS of Certain Reported Customer Data

10. User Support

10.1 CAT Reporter Support

10.3 CAT Help Desk

EXHIBIT B

Proposed Additional Revisions to Changes in Proposed Amendment

ARTICLE I

DEFINITIONS

Section 1.1. Definitions.

ARTICLE VI

FUNCTIONS AND ACTIVITIES OF CAT SYSTEM

Section 6.2. Chief Compliance Officer and Chief Information Security Officer

Section 6.4. Data Reporting and Recording by Industry Members

Section 6.10. Surveillance

APPENDIX D

CAT NMS Plan Processor Requirements

4. Data Security

4.1 Overview

4.1.2 Data Encryption

4.1.4 Data Access

4.1.6 [Customer and Account Attributes Data Requirements] [Reserved]

6.2 Data Availability Requirements

Figure B: Reference Data [Customer and Account Attributes]

8. Functionality of the CAT System

8.1 Regulator Access

8.1.1 Online Targeted Query Tool

8.1.3 Online Targeted Query Tool Access and Administration

8.2 User-Defined Direct Queries and Bulk Extraction of Data

8.2.2 Bulk Extract Performance Requirements

9. CAT Reference Data [Customer and Account Attributes]

9.1 [Customer and Account Attributes]Reference Data Storage

A. Summary of March 7, 2025 Proposed Amendment ^[10]