Search

FIA PTG raises cybersecurity concerns with CAT

23 October 2017

FIA PTG sent comments to the SEC today raising concerns with the consolidated audit trail (CAT) reporting requirement set to start on November 15, 2017. 

FIA PTG has a long history of supporting data-driven decision-making and strongly supports regulators having access to the data required to ensure well-functioning markets. However, in light of the recent Edgar and Equifax breaches, the association raised serious concerns about the security of data that will be required to be reported to a central repository under the CAT.

FIA PTG is urging the Commission to pause the CAT initiative until it can conduct a comprehensive analysis of the security of the CAT and can satisfy market participants that effective and robust security measures are in place to protect the CAT trade repository database against cyber breaches.

At a minimum, FIA PTG requested that no trades be reported until the Commission answers a range of questions on the following topics, related to data security:

  • Policy & Framework
  • Network Security
  • Identity & Access Management
  • Data Protection/Security
  • Security Operations
  • Compliance
  • Detection/Response

The full letter is available under Resources on the right.

  • PTG
  • Operational Resilience