No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe
Jump to a Section
  • At the Office
    • Ethics
    • HR Compliance
    • Leadership & Career
    • Well-Being at Work
  • Compliance & Risk
    • Compliance
    • FCPA
    • Fraud
    • Risk
  • Finserv & Audit
    • Financial Services
    • Internal Audit
  • Governance
    • ESG
    • Getting Governance Right
  • Infosec
    • Cybersecurity
    • Data Privacy
  • Opinion
    • Adam Balfour
    • Jim DeLoach
    • Mary Shirley
    • Yan Tougas
No Result
View All Result
Corporate Compliance Insights
Home Featured

Tips to Achieve Consolidated Audit Trail (CAT) Compliance

by Chris Ekonomidis
April 23, 2018
in Featured, Internal Audit
red and white barrier on an empty road

How to Overcome Technological Roadblocks

What a time to work in the GRC field: new technologies are constantly emerging to help companies meet their regulatory obligations. At the same time, many fragmented requirements have piled up over time. Chris Ekonomidis, Head of U.S. Business Consulting at Synechron, discusses the three main hurdles organizations must overcome to ensure Consolidated Audit Trail (CAT) compliance.

In order to keep track of the plethora of data generated every day across different trading markets, many exchanges and self-regulatory organizations (SROs) each keep their own order and trade audit trail systems, which differ by instrument. These distinct audit trails result in significant variances in reporting types, formats and data elements. Some of these differences exist for valid reasons (e.g., different fields are needed for different instruments), but some are the result of fragmented requirements that have built up over time. On May 6, 2010, the Flash Crash resulted in a 9 percent drop within minutes. Analyzing the order and trade flows from across the various audit trails to accurately recreate what happened brought these differences to light.

To address these inconsistencies, the U.S. Securities and Exchange Commission (SEC) approved the Consolidated Audit Trail (CAT) National Market System (NMS) plan proposed by the SROs to assist with data quality and transparency of equity and options market activities. Increased data reporting requirements across the entire order and trade lifecycle would be reported completely and accurately. A central repository would store this streamlined data to make it available for compliance measures in one place and format. SROs began reporting their data to a CAT processor in November 2017, and now there is just about a year left until large broker-dealers must report and two years for smaller broker-dealers. Firms must focus their attention on short-term plans to aggregate and report their data correctly in time to meet their respective deadlines.

As data begins to feed into the CAT processor, market participants reporting this data must address technology challenges associated with implementation of the systems required to meet regulatory deadlines. To fully adhere to CAT obligations, there are three primary hurdles that organizations must overcome: data, time-stamping and technology offerings.

Managing CAT Data and Reports

Before CAT, there were large variances in data quality, organization and management, leading to sizeable risks and an inability to compare the audit trails against one another. When the SEC used these separate reports for investigations and enforcing compliance, it took much more time and effort to sift through the data of each SRO and organize it, and there was the possibility of discontinuities in the data between sources.

Under CAT, one major question will be how current reporting requirements, Order Audit Trail System (OATS), Electronic Blue Sheets (EBS) and Large Trader Reporting (LTR), for example, fit into the CAT system. With adequate time and planning, CAT reporting would involve analyzing these existing reports, understanding the new reporting requirements and designing new systems to source and report. The reality for firms with only months to spare and tight deadlines ahead of them is to analyze how they are already collecting data for these regulations and fill the gaps in data so that an adequate picture can be submitted to the CAT processor. However, this approach (and the less-than-ideal processes and systems behind it) could still miss information or be formatted incorrectly, returning the submissions back to the firm to handle reconciliation and resubmission until it is correct. This process will strain existing operational and reporting pressures. The reality is that OATS, EBS and LTR will not disappear immediately. Multiple reporting formats will exist until regulators have proof that prior formats are no longer needed. Until then, firms will need to dual report, which will increase their burdens.

And, of course, there’s still the question about what customer or PII data will eventually be required for reporting and how this will be enacted.

Timestamping Challenges

Under CAT, SROs and their members will be required to synchronize the business clocks they use to record the date and time of any reported event and for each event to have a timestamp for the central repository in increments to the millisecond or even more accurately for electronic flows but with less granularity for manual trades. This can be quite difficult to enable in practice when looking at orders, trades and allocations across multiple desks, servers, locations and exchanges, and it may be vulnerable to errors.

By utilizing time and clock synchronization solutions, organizations can ensure that even with a number of machines running in different time zones, communicating to different networks and protocols and any possible lag or errors, their clocks will still be synchronized and, in turn, report properly to the CAT central repository. Vendors exist that give firms access to reliable reference time and are designed for the extreme requirements associated with high-frequency trading. This means that reporting can be synchronized within a few microseconds or nanoseconds or better. As mentioned, time at this granularity is not necessary in all cases, but it’s handy when needed.

Latest Technologies

As deadlines approach, new independent projects with longer pipelines will have to be tabled until after they have met initial Day 1 compliance to make processes easier and more efficient. Though longer-vision projects may be on the horizon in the next few years that utilize emerging technologies and different use cases, technology can help firms get ready for CAT. Seeing that many firms are lagging in their preparations for the fast-approaching CAT deadline, vendors and technology providers are announcing regulatory reporting tools to assist firms with CAT compliance.

Accelerators of this nature will be presented over the next year as firms rush to achieve compliance and fill the gaps in their data. Artificial intelligence and machine learning technologies will likely play the most influential role in analyzing and assessing a firm’s data quickly to highlight where gaps are, and in more mature systems, they may also be able to pull the data from the correct sources to fill in these gaps.

What’s Next for CAT?

The CAT processor built by Thesys is a big data solution utilizing cloud technology. The CAT processor will use these innovative technologies to store and share the data from SROs so the SEC can perform their market surveillance mandates. Many questions remain on how the vast amounts of data collected into the CAT processor will be used, synchronized and protected. With the recent Equifax hack and last year’s SEC hack, many firms have reservations about the vast amounts of data – including a large amount of personal and sensitive information – being fed into the CAT processor, not to mention the security around it. While the cloud is very secure, longer-term projects for firms might incorporate other technologies to consolidate, share and protect their data.  Know your customer (KYC) use cases are emerging that involve digital identity and leverage blockchain because of its secure and immutable nature. However, industrywide change at this level will take years. As fintech and regtech mature, firms should review these innovative technologies for how they can assist in meeting regulatory reporting obligations and consolidating efforts for multiple regulations and repetitive data reporting requirements.

Innovative technologies are emerging every day, and new use cases materialize all the time. The main focus for firms today is very similar to how reporting mandates have been met since the financial crisis.  Meet Day 1 compliance with the system you need, then plan for the system you want on Day 2 – a concrete plan of how to consolidate and aggregate multiple data feeds into one cohesive format to meet the regulatory deadlines for CAT while always looking toward how regulatory reporting can be made easier and improved using technology tools.


Tags: Artificial Intelligence (AI)Big DataFinTechKnow Your Customer (KYC)Machine LearningPersonally Identifiable Information (PII)RegTechSEC
Previous Post

What is Cryptocurrency and Who is Going to Regulate It?

Next Post

The Compliance Handbook By Tom Fox

Chris Ekonomidis

Chris Ekonomidis

Chris Ekonomidis is the U.S. Consulting Lead for Synechron’s New York and Charlotte operations. He brings over 15 years of experience in the financial markets, supporting clients in market structure and efficiency demands across fixed income, equities and derivatives. Previously at Sapient Global Markets and EY, Chris has honed key skills in driving innovative strategies to improve business performance and manage risk.  

Related Posts

flying blind concept moody balloon drawing

Flying Blind on AI: The New Normal for Compliance Teams

by Jennifer L. Gaskin
July 1, 2025

With the Senate's decisive vote against a state AI regulation moratorium, compliance officers face a stark reality: Most organizations are...

news roundup new

Few Business Leaders Feel Fully Prepared for Challenges of 2025

by Staff and Wire Reports
June 20, 2025

Data center operators not using full slate of available sustainability tactics; companies continue to use AI without policies

robot nurturing a good idea

Innovation vs. Compliance: In the Age of AI, Why Not Both?

by Asha Palmer
June 17, 2025

As governments scramble to regulate AI, forward-thinking companies are writing their own compliance playbooks

human robot working as team pie chart

Smart Machines, Smarter Humans: Why Compliance Still Needs a Human Touch

by Roman Eloshvili
June 17, 2025

From the 2008 financial crisis to everyday judgment calls, the case for keeping humans in the compliance loop

Next Post
ebook cover for tom fox's compliance handbook

The Compliance Handbook By Tom Fox

No Result
View All Result

Privacy Policy | AI Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Research
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2025 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT
No Result
View All Result
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe

© 2025 Corporate Compliance Insights