SEC’s Orwellian surveillance system faces its greatest challenge yet

Photo Credit: Getty

The Eleventh Circuit Court will soon decide whether the Securities and Exchange Commission (SEC) acted arbitrarily and capriciously by proposing the first market-wide surveillance of investor exchanges. Known as the Consolidated Auditing Trail (CAT), the Court may render a decision sometime this month that will determine the fate of the SEC’s proposal in American Securities Association v. Securities and Exchange Commission (2024).

As the SEC seeks to adopt this massive, unprecedented surveillance system to track every aspect of trading, it is important to consider what factors led to this tumultuous regulatory predicament and what civil liberties are at stake.

Nearly 12 years ago today, the SEC initiated plans to adopt the most massive surveillance plan in its history—Rule 613—as part of the National Market System (NMS). Since 2005, NMS has encompassed a consolidation of financial regulatory reforms.

The boldest of these reforms ushered in the CAT initiative, intended to prevent a repeat of the 2010 “Flash Crash” that sparked one of the most volatile and sudden drops in securities prices. The SEC proposed Rule 613 in a rushed, ill-advised fashion just three weeks after the Flash Crash.

The SEC’s CAT intends to collect detailed information on every order, cancellation, modification, and trade execution for all exchange-listed equities and options in the US capital markets. This includes consolidating the personal information of investors engaged in these transactions.

A total of 25 self-regulatory organizations (SRO) under the imposition of the Financial Industry Regulatory Authority were tasked by the SEC to gather and consolidate this information using the CAT system. Although CAT was originally slated to begin reporting financial data to the SEC on November 15th, 2017, there have since been several delays and extensions postponing the execution of the plan.

Today, the CAT system has yet to be fully implemented, mired by a host of issues that include ballooning costs, cybersecurity risks, and legal concerns over violations to personal privacy. SROs have also struggled to integrate CAT fees and monitoring requirements into their individual exchanges.

A big part of CAT’s implementation woes can be attributed to its swelling regulatory costs. SROs have scrambled to discover a cost-effective method for managing CAT over time. As SEC Commissioner Hester M. Peirce noted, CAT “has proved much harder and more expensive to implement than anyone anticipated.”

In another statement, Commissioner Mark T. Uyeda raises concerns over how the projected costs for using CAT have greatly surpassed expectations. Last year’s predicted operating costs eclipsed the original plan’s cost estimates five times over. The ascending costs for maintaining CAT have climbed from 27.0% in 2020, to 27.3% in 2021, to 73.2% in 2022—a very unsustainable trend for current registration fees to cover a plan as substantial as CAT.

The SEC initially estimated that CAT would have a one-time implementation cost of $2.4 billion and $1.7 billion in annual reports – which would be paid for primarily by the SROs, and, of course, the American taxpayer. The Commission unanimously approved the CAT NMS plan in 2016. Last year, the Commission approved a modified refunding model that only succeeds in shifting 2/3rds of the crippling cost burden on financial brokers, amounting to $140 million of CAT’s $200 million yearly budget.

Despite these ballooning costs and concerning figures, the SEC has decided to plow through with its initial plan to implement the CAT on May 31st, 2024 – which has been swiftly met by lawsuits and legal challenges, culminating in the Eleventh Circuit’s American Securities Association case.

The case arose from Citadel Securities and the American Securities Association’s lawsuit targeting the unsustainability of CAT’s funding model. The Associations argue that the SEC has no authorization to establish a mass data tracking system without the tacit approval of Congress. They point to the SEC’s reliance on a “1975 statute empowering it ‘to facilitate the establishment of a national market system’” as an insufficient justification for adopting the CAT, since the language was “never meant to authorize a national surveillance apparatus like the CAT.”

CAT’s funding mechanism was isolated as a point of contention in the opening brief, with the SEC having “outsourced the funding to the SROs so as to effectively immunize the SEC’s gargantuan surveillance program from congressional appropriations or oversight.”

Furthermore, the Associations assert that “the CAT funding model is a prime example of an agency adopting a rule it couldn’t pay for then illegally appropriating the funds of market participants to fund it.”

This points to a broader constitutional concern of the SEC circumventing the Constitution’s Appropriations Clause in a bid to sustain a financially untenable system. In a funding amendment to the CAT system approved last September, the SEC established an “Executed Share Model,” which would charge regulatory fees to industry participants of the CAT to pay for the system. This funding model circumvents Congress’s ability to control the CAT through congressional appropriations, highlighting a blatant overreach by the SEC to tax financial participants.

The agency has also been accused of overstepping the Fourth Amendment’s protections of personal privacy. SROs and broker-dealers must constantly collect data on the identity of customers and feed it into a centralized database, regardless of any justifiable harm they pose.

In a more recent set of lawsuits by the National Center for Public Policy Research (NCPPR) and the New Civil Liberties Alliance (NCLA) the SEC is accused of violating the Fourth Amendment privileges of individual investors. In its case, NCPPR argued that the “CAT’s collection of Investors’ information is a search and seizure,” citing Supreme Court precedent that preserves Fourth Amendment protections over confidential financial documents.

NCLA backed NCPPR by arguing that the CAT equates to “the largest government-mandated mass collection of personal financial data in American history” and must not be allowed to go into effect.

Despite the SEC’s arguments that limiting access to investor information would impede on its regulatory and enforcement goals, there appears to be greater momentum behind privacy concerns over the system’s constant monitoring and harvesting of investor data.

The CAT system represents a precarious regulatory dilemma for the SEC. Never before has the agency sought to implement such a large-scale Orwellian surveillance program in the capital markets. The SEC and its accompanying SROs have yet to rectify the massive cost burden facing financial professionals, in addition to the breach of privacy to investors. The Eleventh Circuit may ultimately decide the fate of CAT’s implementation and determine whether the agency superseded its authority by imposing such an initiative.