SIFMA urged the U.S. Securities and Exchange Commission to take over funding and direct control of the Consolidated Audit Trail in a June 22 response to the SEC's concept release on CAT and other audit trails. The trade group argued that the current governance model leaves broker-dealers paying most of the cost for a regulatory system they do not control. SIFMA said the Commission should immediately assume responsibility for 100% of CAT costs through its annual congressional budget process, then move toward eliminating the CAT NMS Plan and operating CAT directly under SEC control, noting that CAT's 2026 annual budget stood at approximately $147 million as of March 2026. The proposal turns a technical market data review into a larger debate over who should pay for surveillance infrastructure that regulators use to monitor U.S. equities and listed options markets. CAT was created after the 2010 flash crash to give regulators a complete audit trail for U.S. equities and listed options, approved through an NMS plan structure in 2016 and reaching full implementation in 2024 after years of delays and escalating costs.
SIFMA Identifies Governance Failures in Current CAT Model
SIFMA argued that CAT's history shows the current model has failed because formal governance sits with self-regulatory organizations, while industry members and investors fund most of the system without a direct vote. The trade group said industry members effectively pay 80% or more of CAT costs because broker-dealers fund their own reporting obligations and also fund FINRA's portion of SRO costs. SIFMA argued that the Commission's latest funding model can still shift the economic burden to industry members despite an appeals court ruling that vacated the original CAT funding model.
SIFMA's proposal would unfold in two phases. First, the SEC would include CAT costs in its annual budget request to Congress and pay the full system cost, with those expenses ultimately recovered through the existing Section 31 fee process. Second, the Commission would amend Rule 613, remove the CAT NMS Plan structure and convert CAT into a Commission-controlled regulatory system. SIFMA argued that this would place CAT closer to systems such as EDGAR and MIDAS, which are funded and managed through the SEC's own budget, and would better align incentives because the same regulator that controls the system's scope would also need to justify its cost through the appropriations process.
The trade group compared the current CAT model with its proposal across governance structure, funding source, and data access controls. Under the current model, CAT is governed through the CAT NMS Plan with an SRO Operating Committee controlling formal governance, while industry members bear most costs and broker-dealers have no direct governance vote. SIFMA's proposal would eventually eliminate the CAT NMS Plan, establish SEC direct control of the system, fund CAT through congressional budget, create an expanded advisory committee with industry and SRO input, eliminate Electronic Blue Sheets for equities and listed options, and narrow regulator access by role and need.
SIFMA Proposes Eliminating Electronic Blue Sheets and Strengthening Data Security
SIFMA used the letter to revive a complaint about Electronic Blue Sheets. The trade group said CAT was partly justified on the basis that it would allow legacy audit trails to be retired, but broker-dealers still receive EBS requests for equities and listed options even after CAT became fully functional. SIFMA said this forces firms to report transaction data to CAT while continuing to respond to overlapping EBS requests, increasing cost and exposing unmasked personal information through an older process.
The trade group proposed replacing EBS for equities and listed options with a secure centralized request-response system. Regulators would use CAT transaction records and account identifiers to send targeted requests to broker-dealers, which would respond through an automated secure channel. SIFMA said this would allow regulators to identify accounts tied to suspicious trading while avoiding a permanent central database of investor personal information.
SIFMA addressed the three-year data retention issue, supporting reduced CAT costs but warning that deleting older CAT data could backfire if regulators then increase direct historical data requests to broker-dealers or continue relying on EBS to fill the gaps. The trade group argued that in that case, cost savings at the CAT level would simply become compliance costs at the firm level.
The cybersecurity section contained specific recommendations. SIFMA said the SEC should revisit its abandoned 2020 CAT Data Security Proposal, including the idea of a secure analytical workspace that would prevent regulators from bulk downloading CAT data into separate systems. The trade group argued that allowing each exchange to download broad CAT datasets multiplies the number of environments where sensitive trading data exists and increases breach risk. SIFMA requested that the SEC limit each exchange to its own market data except defined regulatory cases, create a permanent security working group with industry input, implement uniform written confidentiality policies and annual examinations, restrict non-U.S. access and require U.S.-based data centers, and review CAT security and CCID encryption in light of new autonomous hacking capabilities.
SIFMA Links CAT Governance to Tokenization and Market Structure Changes
The letter arrived as the SEC and market participants debate what U.S. equity trading will look like over the next decade. SIFMA argued that CAT cannot remain both expensive and incomplete, stating that if regulators rely on it as the central map of market activity, the system must capture economically equivalent trading activity and must be governed by the regulator that depends on it.
SIFMA warned that if tokenized equities are allowed to trade away from registered exchanges and broker-dealers, those trades may not be reported to CAT unless the Commission takes action. The trade group said that would leave regulators with detailed lifecycle data for conventional trades but not for functionally similar transactions executed through newer models. The warning comes at a time when U.S. market structure is being rewritten by 24-hour trading, tokenized equities and new execution venues, with FinanceFeeds recently reporting on 24X seeking SEC approval for tokenized Russell 1000 stocks and ETFs and 24X seeking a waiver to start overnight stock trading before consolidated data systems are ready.
The proposal would change the balance of power among the SEC, FINRA and exchanges. SIFMA argued that FINRA has only one vote on the CAT Operating Committee despite paying the largest share of the SRO cost burden and conducting most cross-market surveillance. At the same time, large exchange groups control multiple SRO votes under the current NMS plan structure. SIFMA argued that direct SEC control would reduce that governance imbalance, while giving FINRA full access for cross-market regulation and limiting individual exchanges to the data needed for their own market oversight.
SIFMA acknowledged that the industry would still ultimately fund the SEC budget through Section 31 fees, but argued that moving CAT into the SEC's budget would create stronger public oversight and make the Commission more responsible for controlling scope, cost and data security.
FAQ
What did SIFMA propose to the SEC on June 22 regarding CAT funding?
SIFMA urged the SEC to assume responsibility for 100% of CAT costs through its annual congressional budget process, then move toward eliminating the CAT NMS Plan and operating CAT directly under SEC control. The trade group noted that CAT's 2026 annual budget stood at approximately $147 million as of March 2026.
Why does SIFMA argue that the current CAT governance model has failed?
SIFMA argued that formal governance sits with self-regulatory organizations, while industry members and investors fund most of the system without a direct vote. The trade group said industry members effectively pay 80% or more of CAT costs because broker-dealers fund their own reporting obligations and also fund FINRA's portion of SRO costs.
What cybersecurity changes did SIFMA request for CAT?
SIFMA said the SEC should revisit its abandoned 2020 CAT Data Security Proposal, including a secure analytical workspace that would prevent regulators from bulk downloading CAT data into separate systems. The trade group requested limiting each exchange to its own market data except defined regulatory cases, creating a permanent security working group, implementing uniform confidentiality policies, restricting non-U.S. access, and reviewing CAT security in light of new autonomous hacking capabilities.
