Data Boiler submitted a 60-page comment letter to the SEC regarding Concept Release on Consolidated Audit Trail and Other Audit Trails and Data Sources. It details specific concerns regarding why the CAT is opaque, how it may be weaponized, and why it is broken beyond repair and wholly inadequate to address challenges of today and the future. Rather than simply criticizing the current framework, it proposed a tangible, production-ready Agentic Distributed Alternative that solves the industry's heaviest burdens: 70–80% Cloud Cost Reduction; Eliminates the “Honeypot” Vulnerability; and Matches Modern Market Speed. Please see below for an Executive Summary:
- Functional Mission Creep: Congress’s original mandate authorizing the CAT was explicitly limited to flash crash prevention; tellingly, there is no mention of flash crash anywhere throughout the SEC’s entire concept release. The system has mutated from an emergency, post-2010 flash-crash mitigation utility, into an invasive, retroactive, permanent census – a sweeping extension of power that Congress never conferred upon the SEC.
- Outdated Design: With the CAT in its current centralized form, the database is highly vulnerable to security threats, unconstitutionally intrudes on everyone’s privacy, and severely impair civil liberties of Americans who transact or engage in any way, shape, or form in the U.S. securities markets. The CAT architecture is fundamentally obsolete and structurally incapable of meeting twenty-first-century market realities. Framing its replacement as a choice between developing a different audit trail or relying on legacy data sources is a false dichotomy.
- Fatal Flaws and Bias: A so-called “golden source single source of truth” is indeed filled with noises, including initial bias, latency tolerance, human-induced opaque processes, institutional favoritism, poor controls, and practices that conceal or alter the essential order and trade sequences and artificial market events. The SEC, GAO, and DOJ must investigate if CAT data was weaponized for political or commercial reasons to hold the SROs accountable.
- Undue Burden on Broker-Dealers + Misalignment of SEC Resources: Total private-sector compliance expenditures to report CAT data now exceeds $1.7 billion annually. Continuous micro-technical rule modifications force broker-dealers to repeatedly waste millions of dollars on updating related systems. Dual-sided reporting can never be cost justified; it creates excessive data-in-motion traffic that is a costly waste and more susceptible to defects. Instead of being served by the CAT, massive data-cleansing and formatting inefficiencies trap highly paid agency personnel into serving as data processors administratively, rather than proactive gatekeepers of market integrity.
- Flawed NMS Governance and Existential Structural Crisis: Using an NMS plan to build a CAT creates severe conflicts of interest, in allowing for-profit SROs to diffuse operational responsibility. It is questionable for the CAT to continuously run basic data-wrapping loops on standard cloud servers to re-ingest public SIP and OPRA market data feeds – information that the SROs already natively generate and possess internally. The resulting regulatory cost-bloat essentially imposes an illegal Financial Transaction Tax on everyone, despite the Court vacating the funding order. Ultimately, no one wants to foot the bill for works they do not own, or to finance the hidden perks/ billable hours of opaque vendors, consultants, and lawyers contracted by the SROs behind closed doors.
- “Everything Everywhere All at Once” Harms Everyone: Modifying the representative order linkage requirements is a tacit admission that the original daisy chain approach was a flawed, incredibly expensive dead end. CAIS is an expensive and intrusive experiment. CAT was given 10+ years as an experiment, not once (Thesys), but twice (FINRA CAT LLC), to do a $2+ billion proof-of-concept that is doomed to failure. Frequent pestering (unlimited desires) to amend the CAT NMS Plan for an unrepairable CAT – or using stall tactics disguised as further reviews/ tests – erodes public trust.
- Design and Scope Must Change: Shift away from centralized data collection; adopt a Federated approach to fabricate the intelligent analytical layer. Have dedicated focus on volatility‑event forensics and market‑access risk controls. Expand product scope to futures, swaps, clearing data, and select digital‑asset instruments. Require SEC and CFTC regulated SROs to supply the fastest, full-depth proprietary feeds. Exclude RFQs and primary-market activity. Shift lifecycle analysis to clearing & settlement systems, purging the entirety of CAIS. The CAT's unfixable structural flaws – including reliance on perimeter security, absent element-level protections, and vulnerable central administration –render it entirely incapable of meeting the Federal Zero Trust mandates; thus, it must be replaced.
- Out of Proportion, Revenue-Expense Mismatch, & Weaponization: It is sad that human floor agents are being trusted less than AMM algorithms to maintain the continuous orderly function of markets. Port-level settings are important, but SROs using it as anti-competitive lock-in should be discouraged. SROs enjoys lucrative co-location profits while dodging responsibility to build a native compliance interface, and this thus represents an inappropriate cross-subsidization from CAT. LTID creates major enforcement risk – CAT reconstructs sequences using SIP & 3rd party data that inevitably drifts, producing false signals. It is unjust to shift the burden of proof to broker-dealers. This asymmetry enables weaponization of CAT for political or commercial reasons, undermines market integrity, and chill participation.
- Do NOT Choose, Seek Alternative: Hardening OATS/ COATS/ EBS – CapEx $250M-$450M depreciable over 7-10 years. CAT security patch $80M-$120M upfront CapEx + at least $40+M annually (Caveat: NOT avert cyber-honeypot risk). The only viable path is to abandon continuous centralized reporting entirely and shift to a federated model where data stays at its native source + deploy Agentic AI, restore need-to-know safeguards, and modernize market-monitoring.
- Statutory Overreach, Bypassed Rulemaking Steps: The SEC has mischaracterized the legacy EBS system to downplay CAT’s far greater privacy and civil‑liberties risks. Respect the EBS as a purpose-built insider-trading investigation tool with proper guardrails to ensure reasonable suspicion is established before summoning private data.
- Unauthorized CENSUS, Civil Liberties and Privacy Violations: Laundered massive government surveillance through SROs (contrasted to Vice President JD Vance’s remarks about censorship), attempted to shield SROs from liability, and built a centralized repository that poses catastrophic national-security risks ($100M insurance cap grossly undermines a National security threats – a breach is not a minor corporate loss; it could trigger a structural collapse of U.S. capital markets). By enabling mission creep, policy circumvention, and the §31 fee extraction without proper rulemaking, the SEC and SROs effectively merged legislative, enforcement, and tax‑collection powers – amassing authority beyond that of the U.S. President and undermining the separation of powers.
- Failed ZTA mandate, deliberately not following sound advice: Far riskier than building privacy‑by‑design. CAT SWG still relies on outdated NIST SP 800‑53 Rev. 4 – “over a decade old” – leaving CAT vulnerable to modern cloud‑native exfiltration and AI‑driven reconstruction attacks. SEC/ SROs disregarded repeated warnings of a false sense of security, and the CAT became a fragile, bureaucratic honeypot that fails to protect markets or the public.
- The CAT is Unsustainable: Adding transparency measures or altering reporting formats will NOT resolve its underlying structural and constitutional vulnerabilities. We recommend shutting the CAT off immediately, patching OATS/COATS/EBS in the short-term, and going back to the drawing board.
The Agentic Distributed Alternative
- Core Goals of a Modern Audit Trail Replacement: The proposed architecture seeks to minimize the audit‑trail footprint, reduce computational load, eliminate unnecessary trade reporting, and shift regulators from manual data processors to strategic gatekeepers. It emphasizes context‑aware AI, Zero‑Trust security, and selective ingestion of only high‑value, anomaly‑linked data. The system is designed to accelerate anomaly detection, reduce false positives, and identify emerging liquidity stresses or flash‑crash precursors in real time.

- Tier 1: Distributed, edge-based surveillance using AI Agents: Tier 1 deploys localized AI agents at each SRO to run “dual‑track shadow processing” that independently verifies exchange surveillance outputs. Raw matching‑engine logs are analyzed in parallel by both the SRO’s native tools and an independent AI agent, enabling immediate peer review and early anomaly detection. Manipulation patterns are decomposed into granular “triggers,” allowing rapid matching against a machine‑learning library, and drastically reducing computing resources while improving detection accuracy.
- Tier 2: Semantic Audit Hub, Case Library, & QA Engine: Tier 2 uses Progress MarkLogic and Semaphore to harmonize structured and unstructured data, resolve identities, perform semantic inference, and classify SRO misses into true positives, false positives, and false negatives. Only anomalies flagged by Tier 1 are unpacked, enriched with filings (e.g. 13F/13H), and converted into RDF triples for deep semantic analysis. This layer supports on‑demand retrieval, automated mismatch resolution, and Zero‑Trust access control, ensuring that raw data remains siloed at the source while enabling cross‑market contextual understanding.
- Tier 3: reinforcement learning for cross‑market stress detection: Tier 3 escalates enriched anomaly packages to Google TPU clusters for reinforcement learning, cross‑market correlation checks, and systemic‑risk modeling. The TPU evaluates inventory imbalances, liquidity withdrawals, and multi‑venue stress signatures to detect flash‑crash precursors and refine SRO surveillance / volatility interruption mechanism parameters. Operating under strict Zero‑Trust gating, it returns only cryptographic proofs and metadata to regulators, enabling real‑time visibility without centralized data hoarding.
- Advantages of the new architecture over CAT’s centralized vault: The three‑tier distributed design eliminates CAT’s honeypot vulnerabilities, reduces alert fatigue, and matches the pace of modern, cross‑market manipulation by isolating identities and patterns across venues. It shifts surveillance from hindsight to active prevention, enabling dynamic recalibration of guardrails and volatility controls. By storing only anomaly‑linked data and offloading heavy computation to targeted TPU jobs, the architecture cuts CAT’s cloud‑hosting costs by an estimated 70–80% while delivering far stronger security, privacy, and analytical capability than any centralized repository could achieve.
- A good decision, made now and pursued aggressively, is superior to a perfect decision made too late. Humans are slow and CANNOT manually reconcile the massive volume of structured trade logs and unstructured data driving modern markets. AI bridges this gap by handling tedious data ingestion and synthesis. Supported by human context, institutional knowledge, and strict guardrails, AI acts as a force multiplier – not job replacement. This shift elevates agency personnel from manual data processors to strategic gatekeepers of market integrity.
By Kelvin To, Founder and President of Data Boiler Technologies Data Boiler is a Pioneer in FinTech with patented inventions (US, Canada, Singapore, Japan, Australia, and 20 European countries) in signal processing, trade analytics, machine learning, time-lock cryptography, etc. We frequently comment on regulatory policy both domestically and abroad with over 12 years in business. A type C Member of the European Commission’s Data Expert Group + former committee of BITS (Bank Policy Institute). |