Close Close
Sign In
Newsletters
Popular Financial Topics Discover relevant content from across the suite of ALM legal publications From the Industry More content from ThinkAdvisor and select sponsors Investment Advisor Issue Gallery Read digital editions of Investment Advisor Magazine Tax Facts Get clear, current, and reliable answers to pressing tax questions
Luminaries Awards
Podcast Center Video Center Webcasts Resource Center Events
About ThinkAdvisor Contact Us Advertise With Us Asset & Logo Licensing Sitemap Terms of Service Privacy Policy Copyright © 2024 ALM Global, LLC. All Rights Reserved.
ThinkAdvisor
The U.S. Capitol Building in Washington D.C.

Regulation and Compliance > Legislation

New Bill Puts Clamp on SEC's CAT

By Melanie Waddell

X
Your article was successfully shared with the contacts you provided.

New legislation introduced Wednesday would prohibit the Securities and Exchange Commission from requiring that personally identifiable information be collected under its Consolidated Audit Trail, or CAT.

Rep. Barry Loudermilk, R-Ga., said Wednesday in introducing the Protecting Investors’ Personally Identifiable Information Act, H.R. 4551, that “the federal government has two huge problems when it comes to cybersecurity: they collect way too much personally identifiable information (PII), and they have a poor track record of protecting this information from hackers. Look no further than the 2021 SolarWinds hack, which saw more than 30,000 public and private organizations breached and is considered one of the largest cyber hacks in modern history.”

Ken Bentsen, president and CEO of the Securities Industry and Financial Markets Association, and Ellen Greene, managing director, Equity and Options Market Structure at SIFMA, warned in January that as of March 17, investors’ PII became available via the CAT.

Bentsen and Greene called the move a failure by the SEC to implement changes to protect investor privacy.

Loundermilk’s bill is co-sponsored by Reps. French Hill, R-Ark.; Bill Huizenga, R-Mich.; Ann Wagner, R-Mo.; Dan Meuser, R-Pa.; Young Kim, R-Calif.; and Zach Nunn, R-Iowa.

Sen. John Kennedy, R-La., has introduced companion legislation in the Senate.

The SEC, Loundermilk said, “has been barreling forward” with CAT, “which tracks every trade an individual investor makes and links it to their identity through a centralized system.”

Loundermilk added: “Not only is collecting all this information unnecessary, regulators already have similar systems that don’t easily match identities with transactions, but it also creates another security vulnerability and a target for hackers.”

Former SEC Chairman Jay Clayton explained in 2019 that the CAT was “intended to enhance regulatory oversight of our securities markets. Our equities and options markets operate through multiple exchanges and other venues and the CAT will facilitate cross-market oversight and analysis, thereby improving investor protection and market integrity.”

Loundermilk said his bill “would help prevent an accidental or intentional breach by restricting the SEC’s ability to collect this data in the first place.”

Under the bill, the SEC “would only be able to request this data if they are investigating or enforcing violations of federal securities law. Furthermore, they would be required to destroy the data after they are finished with it. This is a commonsense solution aimed to protect investors, and it in no way hinders the SEC’s mission.”

Kennedy added in the statement that CAT “would expose every American investor’s Social Security number and personal data to malicious hackers. The CAT is unconstitutional, and it hoards personal information it doesn’t need.”

Melanie Waddell

@Think_MelanieW

NOT FOR REPRINT

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.