July 6, 2017

Consolidated Audit Trail (“CAT”): Challenges with Customer Information Reporting


Michael Lalicata 
Management Consultant, Compliance Services, Jordan & Jordan

One of the major differences between the Consolidated Audit Trail (“CAT”) and the Order Audit Trail System (“OATS”) will be the reporting of customer information.  Based on the CAT NMS Plan some of the customer identifying information required will include with respect to individuals the name, address, date of birth, individual tax payer identification number (“ITIN”)/social security number (“SSN”), and individual’s role in the account.  As it relates to legal entities the name, address, Employer Identification Number (“EIN”) and Legal Entity Identifier (“LEI”) (if available) will be required.  This information will have to be reported initially on October 15, 2018, and any additions or changes made to this information would have to be reported daily.   This topic is a critical factor for success in the reporting to the CAT Plan Processor for broker dealers. The Customer Information Technical Specifications are scheduled to be published on May 15, 2018, which is five months before CAT Reporters will have to start reporting this information to the Plan Processor (“Thesys CAT LLC.”).  Thus, some Industry Members are questioning whether five months will provide adequate lead time to complete the data scrubbing, development and testing required to report to the CAT.  In the meantime, Industry Association groups are working to get customer information data requirements and clarification on customer information reporting questions answered by Q4 2017 at the latest.

Which firms will need to provide customer information to CAT?  A simple guideline would be that any firm who is responsible for reporting orders and/or allocations to CAT will need to define customer information for any person or entity who places these orders/allocations and/or the principal associated with these orders/allocations.  If a firm uses a service bureau or third-party service provider for OATS reporting today, then they should verify with these providers if they will assume responsibility for customer information reporting to CAT.  These OATS reporting services do not currently have customer information.  If a firm does their own OATS reporting today, then they will most likely need to report customer information to CAT unless they select alternative services.

What can firms do now to start their preparation on customer information, prior to the CAT Customer Information Technical Specifications being available?  First, firms can assess the quality of their customer data for customers who trade in CAT reportable securities (NMS equites, OTC equites, Options). E.g., is a customer defined multiple times across multiple databases?  Is the data identical across those databases, and if not, correct for consistency?  Is this an opportunity for the firm to consider consolidation of multiple customer information databases to simplify CAT reporting responsibilities?  Especially assess the quality of the customer identifying information in the firm’s database(s).  Is the name, address, SSN, Tax-ID, LEI accurate and consistent?  Is the customer identifying information for Order Placers (e.g., Financial Advisors, Power of Attorney, etc.) captured in the on-line customer database, or is this data only available in paper files?  Customer identifying information is required for all persons in joint tenancy accounts – are the firm’s on-line databases complete with this information?

The customer information requirement of CAT reporting is a major topic of concern for the 1800 Members who must report to CAT, approximately 800 who have not previously reported to OATS. Therefore, it is vital that all CAT reporters perform a full assessment of their customer information repositories to ensure that they can meet the CAT customer information reporting requirements.