The U.S. Securities and Exchange Commission (SEC) on Friday said it would remove some personal information from a controversial trading database, bowing to pressure from the brokerage industry which has long warned the project would be vulnerable to hacks.
Friday’s proposal, which is subject to a public consultation, seeks to limit the scope of sensitive information required by a massive new industry trading database, the Consolidated Audit Trail (CAT), conceived to help the regulator better police the markets.
The proposal, which comes nearly two months after brokers had begun sending sensitive client trading information to the CAT, seeks to increase security requirements amid ongoing concerns a cyber breach would expose brokers, their clients, and individual staff.
The proposal would no longer require brokers to report a client’s social security number or individual taxpayer identification number and account numbers. It would also replace the date of birth requirement with just the year of birth.
The aim of the CAT was to allow regulators to track all trades from their inception, pinpointing buyers, sellers, exchanges and brokers involved, making it easier to detect and prosecute manipulation and insider trading.
But the project has faced years of delays as the industry has wrangled with regulators over how to execute the project and who should be liable in the event of security breaches.
On Friday, the SEC proposed to establish a working group to establish more robust processes for accessing and analyzing CAT data. This would include limiting the maximum number of records that regulators can download and requiring a log of CAT data extraction, among other measures.