CAT

, ,

Cotton, Scott, Hill, and colleagues to Uyeda: Review approach to consolidated audit trail

, ,

Washington, D.C. — Senator Tom Cotton (R-Arkansas), Senate Banking Committee Chairman Tim Scott (R-South Carolina), and House Financial Services Committee Chairman French Hill (Arkansas-02) today sent a letter to Acting Chairman of The Securities and Exchange Commission Mark Uyeda to launch a comprehensive review of all aspects of the Consolidated Audit Trail.

Audit Trail - Optiver Image

Additional signers of the letter included Senator Boozman (R-Arkansas), Senator Bill Hagerty (R-Tennessee), Senator John Kennedy (R-Louisiana), Congressman Bill Huizenga (Michigan-04), Congresswoman Ann Wagner (Missouri-02), and Congressman Barry Loudermilk (Georgia-11).

In part, the lawmakers wrote:

The prohibition on collecting investor PII must be formally codified (rather than via rescindable exemptive relief) and already-collected PII must be expunged.  Cybersecurity measures for the remaining data must be enhanced.  And the CAT’s bloated out-of-control budget must be addressed... . Further, it would appear appropriate for the Commission to pause and reconsider its position with respect to ongoing litigation related to the CAT, as it has done for other cases commenced during the Biden administration.”

Full text of the letter may be found here and below.

February 28, 2025

Mr. Mark Uyeda

Acting Chairman

U.S. Securities and Exchange Commission

100 F Street NE

Washington, DC 20549

The Consolidated Audit Trail (CAT) has been a highly controversial endeavor that has raised many concerns from Members of Congress, including with respect to (i) the unwarranted collection of personally identifiable information (PII) from millions of American investors, (ii) potential cybersecurity vulnerabilities, and (iii) its inequitable funding structure.

We are pleased that you and fellow Commissioner Peirce have repeatedly acknowledged these longstanding concerns and applaud the Commission for its recent steps to protect the financial privacy of American investors.

However, there is more work to be done. The prohibition on collecting investor PII must be formally codified (rather than via rescindable exemptive relief) and already-collected PII must be expunged.  Cybersecurity measures for the remaining data must be enhanced.  And the CAT’s bloated out-of-control budget must be addressed.

Given these continuing concerns, the Commission should launch a comprehensive review that covers all aspects of the CAT.  In doing so, the Commission should take additional steps to pause the CAT’s most controversial elements—not only the collection of customer PII, but also the problematic funding structure that a majority of the current Commission voted against. Further, it would appear appropriate for the Commission to pause and reconsider its position with respect to ongoing litigation related to the CAT, as it has done for other cases commenced during the Biden administration.

Thank you for your prompt attention to this matter.

,

Attorney General Tim Griffin leads 23-State Coalition opposing SEC investor database not authorized by Congress

,

Attorney General Tim Griffin

LITTLE ROCK – Attorney General Tim Griffin today issued the following statement after filing an amicus brief on behalf of 23 state attorneys general with the United States Court of Appeals for the Eleventh Circuit opposing the Consolidated Audit Trail (CAT) adopted by the United States Securities and Exchange Commission (SEC)—a database of personal information about each American involved in stock trading, including those owning 401(k)s:

“The SEC wants Americans to believe that it’s capable of securing a massive new database containing personal information about every single person who has a 401(k) or buys stock. But the SEC has a long history of failing to secure its computer systems. Indeed, just this year, its X (formerly Twitter) account was hacked, creating market chaos. That’s why I led a group of 23 attorneys general in filing an amicus brief supporting a challenge to that database, which Congress never authorized.”

Created in the wake of the 2010 “flash crash” caused by algorithmic trading decisions, CAT houses personal information about every retail investor and contains real-time information about their investment decisions. The SEC claims CAT will better enable it to reconstruct and analyze events like the flash crash.

CAT gives thousands of authorized government employees—and an unknown number of hackers across the globe—access to real-time information about every investor and investment decision. And, as the SEC has mandated that the CAT must contain personally identifiable information of every American investor who buys or sells stock, it has created a repository of information that is economically valuable to hackers and strategically valuable to America’s foreign adversaries.

Other states joining Arkansas in the amicus brief include Alabama, Florida, Georgia, Idaho, Indiana, Iowa, Kansas, Kentucky, Louisiana, Mississippi, Missouri, Montana, Nebraska, New Hampshire, North Dakota, Ohio, South Carolina, South Dakota, Texas, Utah, Virginia, and West Virginia.

To read Griffin’s filing, click here.

To download a pdf of the release, click here.