[Federal Register Volume 77, Number 148 (Wednesday, August 1, 2012)]
[Rules and Regulations]
[Pages 45722-45814]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2012-17918]



[[Page 45721]]

Vol. 77

Wednesday,

No. 148

August 1, 2012

Part II





Securities and Exchange Commission





-----------------------------------------------------------------------





17 CFR Part 242





Consolidated Audit Trail; Final Rule

  Federal Register / Vol. 77, No. 148 / Wednesday, August 1, 2012 / 
Rules and Regulations  

[[Page 45722]]


-----------------------------------------------------------------------

SECURITIES AND EXCHANGE COMMISSION

17 CFR Part 242

[Release No. 34-67457; File No. S7-11-10]
RIN 3235-AK51


Consolidated Audit Trail

AGENCY: Securities and Exchange Commission.

ACTION: Final rule.

-----------------------------------------------------------------------

SUMMARY: The Securities and Exchange Commission (``Commission'') is 
adopting Rule 613 under the Securities Exchange Act of 1934 (``Exchange 
Act'' or ``Act'') to require national securities exchanges and national 
securities associations (``self-regulatory organizations'' or ``SROs'') 
to submit a national market system (``NMS'') plan to create, implement, 
and maintain a consolidated order tracking system, or consolidated 
audit trail, with respect to the trading of NMS securities, that would 
capture customer and order event information for orders in NMS 
securities, across all markets, from the time of order inception 
through routing, cancellation, modification, or execution.

DATES: Effective Date: October 1, 2012.

FOR FURTHER INFORMATION CONTACT: Rebekah Liu, Special Counsel, at (202) 
551-5665; Jennifer Colihan, Special Counsel, at (202) 551-5642; Carl 
Tugberk, Special Counsel, at (202) 551-6049; or Leigh Duffy, Special 
Counsel, at (202) 551-5928, Division of Trading and Markets, Securities 
and Exchange Commission, 100 F Street NE., Washington, DC 20549-7010.

SUPPLEMENTARY INFORMATION: 

Table of Contents

I. Executive Summary
II. Introduction
    A. Need for, and Objectives of, a Consolidated Audit Trail
    1. Use and Limitations of Current Sources of Trading Data
    2. Regulatory Improvements With a Consolidated Audit Trail
    3. Large Trader Reporting System Rule
    B. Summary of Proposed Rule 613
    C. Summary of General Comments on the Proposed Rule
    1. Industry Support for a Consolidated Audit Trail
    2. Commenters' Views on the Overall Costs of the Proposed Rule 
and the Resulting Framework of the Adopted Rule
    3. Comments on the Process for Creating a Consolidated Audit 
Trail
    4. Comments on Alternatives to the Proposed Consolidated Audit 
Trail
III. Discussion
    A. NMS Plan
    1. Description of the Rule
    B. Elements of the NMS Plan
    1. Recording and Reporting
    2. Central Repository
    3. Other Required Provisions of the NMS Plan
    C. NMS Plan Process
    1. Comments on the NMS Plan Process
    2. Adopted Rule
    3. NMS Plan Costs
    4. Consideration of Burden on Competition and Promotion of 
Efficiency, Competition, and Capital Formation
    D. Implementation of Rule 613 After Approval of the NMS Plan
IV. Paperwork Reduction Act
    A. Summary of Collection of Information Under Rule 613
    B. Use of Information
    C. Respondents
    D. Total Annual Reporting and Recordkeeping Burden for the 
Creation and Filing of the NMS Plan
    1. Preliminary Burden Hour Estimates From Proposing Release
    2. Revised Burden Hour Estimates
    E. Collection of Information Is Mandatory
    F. Confidentiality
    G. Retention Period of Recordkeeping Requirements
V. Regulatory Flexibility Act Certification
VI. Statutory Authority

I. Executive Summary

    In today's high-speed electronic markets, trading is widely 
dispersed across a variety of market centers, including exchanges, 
Alternative Trading Systems (``ATSs''), such as dark pools and 
Electronic Communication Networks (``ECNs''), and over-the-counter 
broker-dealers acting as market makers or block positioners. In their 
capacity as SROs, the Financial Industry Regulatory Authority 
(``FINRA'') and some of the exchanges currently maintain their own 
separate audit trail systems for certain segments of this trading 
activity, which vary in scope, required data elements and format. In 
performing their market oversight responsibilities, SRO and Commission 
staffs today must rely heavily on data from these various SRO audit 
trails.
    As discussed more fully in part II.A below, there are shortcomings 
in the completeness, accuracy, accessibility, and timeliness of these 
existing audit trail systems. Some of these shortcomings are a result 
of the disparate nature of the systems, which make it impractical, for 
example, to follow orders through their entire lifecycle as they may be 
routed, aggregated, re-routed, and disaggregated across multiple 
markets. The lack of key information in the audit trails that would be 
useful for regulatory oversight, such as the identity of the customers 
who originate orders, or even the fact that two sets of orders may have 
been originated by the same customer, is another shortcoming.
    Though SRO and Commission staff also have access to sources of 
market activity data other than SRO audit trails, these systems each 
suffer their own drawbacks. For example, data obtained from the 
Electronic Blue Sheet (``EBS'') \1\ system and equity cleared reports 
\2\ comprise only trade executions, and not orders or quotes. In 
addition, like data from existing audit trails, data from these sources 
lacks key elements important to regulators, such as the time of 
execution, and, in the case of equity cleared reports, the identity of 
the customer. Furthermore, recent experience with implementing 
incremental improvements to the EBS system has illustrated some of the

[[Page 45723]]

overall limitations of the current technologies and mechanisms used by 
the industry to collect, record, and make available market activity 
data for regulatory purposes.\3\
---------------------------------------------------------------------------

    \1\ EBSs are trading records requested by the Commission and 
SROs from broker-dealers that are used in regulatory investigations 
to identify buyers and sellers of specific securities. See 
Securities Exchange Act Release No. 44494 (June 29, 2001), 66 FR 
35836 (July 9, 2001) (File No. S7-12-00) (adopting Rule 17a-25). See 
also Securities Exchange Act Release Nos. 26235 (November 1, 1988), 
53 FR 44688 (November 4, 1988) (approving the Chicago Board Options 
Exchange's (``CBOE'') rule for the electronic submission of 
transaction information); 26539 (February 13, 1989), 54 FR 7318 
(February 17, 1989) (approving the National Association of 
Securities Dealers' (n/k/a FINRA) rule for the electronic submission 
of transaction information); and 27170 (August 23, 1989), 54 FR 
37066 (September 6, 1989) (approving the Philadelphia Stock 
Exchange's (n/k/a NASDAQ OMX PHLX LLC) (``Phlx'') rule for the 
electronic submission of transaction information).
    To partially address some of the current limitations of the EBS 
system, and to provide the Commission, in the short term, with more 
detailed and timely trade information for large traders, the 
Commission recently adopted new Rule 13h-1 concerning large trader 
reporting. See Securities Exchange Act Release No. 61908 (July 27, 
2011), 76 FR 46960 (August 3, 2011) (``Large Trader Release''). Rule 
13h-1 requires ``large traders'' to identify themselves to the 
Commission and make certain disclosures to the Commission on Form 
13H. As adopted, Rule 13h-1 requires certain broker-dealers to 
capture and report through EBS the time of execution for any trade 
involving a large trader and a Commission-issued large trader 
identifier that identifies the large trader. See also Section 
II.A.3., infra.
    On April 20, 2012, the Commission, among other things, extended 
the time by which registered broker-dealers were required to comply 
with Rule 13h-1 to allow broker-dealers additional time to develop, 
test, and implement enhancements to their recordkeeping and 
reporting systems as required under Rule 13h-1. See Securities 
Exchange Act Release No. 66839, 77 FR 25007 (April 26, 2012) (Order 
Temporarily Exempting Broker-Dealers From the Recordkeeping, 
Reporting, and Monitoring Requirements of Rule 13h-1 Under the 
Securities Exchange Act of 1934 and Granting an Exemption for 
Certain Securities Transactions) (``Large Trader Extension'').
    \2\ The Commission uses the National Securities Clearing 
Corporation's (``NSCC'') equity cleared report for initial 
regulatory inquiries. This report is generated on a daily basis by 
the SROs and is provided to the NSCC in a database accessible by the 
Commission, and shows the number of trades and daily volume of all 
equity securities in which transactions took place, sorted by 
clearing member. The information provided is end-of-day data and is 
searchable by security name and CUSIP number.
    \3\ See Large Trader Extension, supra note 1.
---------------------------------------------------------------------------

    The Commission therefore believes that the regulatory data 
infrastructure on which the SROs and the Commission currently must rely 
generally is outdated and inadequate to effectively oversee a complex, 
dispersed, and highly automated national market system. In performing 
their oversight responsibilities, regulators today must attempt to 
cobble together disparate data from a variety of existing information 
systems lacking in completeness, accuracy, accessibility, and/or 
timeliness--a model that neither supports the efficient aggregation of 
data from multiple trading venues nor yields the type of complete and 
accurate market activity data needed for robust market oversight.
    To address this problem and improve the ability of the SROs and the 
Commission to oversee the securities markets, on May 26, 2010, the 
Commission proposed Rule 613,\4\ with the goal of creating a 
comprehensive consolidated audit trail \5\ that allows regulators to 
efficiently and accurately track all activity in NMS securities 
throughout the U.S. markets. As proposed--and summarized in part II.B 
below--Rule 613 required SROs to jointly submit an NMS plan \6\ that 
would govern the creation, implementation, and maintenance of a 
consolidated audit trail, including a central repository to receive and 
store consolidated audit trail data. In the proposed Rule, the 
Commission specified many requirements that the NMS plan, and by 
extension the consolidated audit trail, must meet, ranging from details 
of the data elements to be collected, to the timing of data 
transmissions, to specific standards for data formatting.
---------------------------------------------------------------------------

    \4\ See Securities Exchange Act Release No. 62174 (May 26, 
2010), 75 FR 32556 (June 8, 2010) (``Proposing Release''). The 
comment file is on the Commission's Web site at: http://www.sec.gov/comments/s7-11-10/s71110.shtml.
    \5\ In this release, ``consolidated audit trail'' means both a 
system capable of capturing a complete record of all transactions 
relating to an order, from origination to execution or cancellation, 
and the complete record for an order generated by such a system, as 
the context may require.
    \6\ NMS plan is defined in Rule 600(b)(43) to mean ``any joint 
self-regulatory organization plan in connection with: (i) [t]he 
planning, development, operation or regulation of a national market 
system (or a subsystem thereof) or one or more facilities thereof; 
or (ii) [t]he development and implementation of procedures and/or 
facilities designed to achieve compliance by self-regulatory 
organizations and their members with any section of [Regulation NMS] 
* * *.'' 17 CFR 240.600(b)(43). Such NMS plan may be subject to 
modification prior to approval by the Commission pursuant to Rule 
608 of Regulation NMS, as discussed in Section III.C.2.a.v., infra.
---------------------------------------------------------------------------

    Among its various requirements, the proposed Rule mandated that the 
NMS plan developed by the SROs must in turn require each SRO and its 
members to capture and report specified trade, quote, and order 
activity in all NMS securities \7\ to the central repository in real 
time, across all markets, from order inception through routing, 
cancellation, modification, and execution. The proposed Rule also 
mandated that the NMS plan require the creation of unique order 
identifiers to facilitate the ability of regulators to view cross-
market activity, as well as unique customer identifiers to enhance the 
ability of regulators to reliably and efficiently identify the 
beneficial owner of the account originating an order or the person 
exercising investment discretion for the account originating the order, 
if different from the beneficial owner.
---------------------------------------------------------------------------

    \7\ ``NMS security'' is defined in Rule 600(a)(46) of Regulation 
NMS to mean ``any security or class of securities for which 
transaction reports are collected, processed, and made available 
pursuant to an effective transaction reporting plan, or an effective 
national market system plan for reporting transactions in listed 
options.'' 17 CFR 242.600(a)(46). NMS stock is defined in Rule 
600(47) to mean ``any NMS security other than an option.'' 17 CFR 
242.600(a)(46). A listed option is defined in Rule 600(a)(35) of 
Regulation NMS to mean ``any option traded on a registered national 
securities exchange or automated facility of a national securities 
association.'' 17 CFR 242.600(a)(35).
---------------------------------------------------------------------------

    The Commission received 64 comment letters from 56 commenters in 
response to the proposed consolidated audit trail representing a wide 
range of viewpoints, as summarized in part II.C below.\8\ The 
commenters included national securities exchanges, a national 
securities association, technology providers, academics, broker-
dealers, organizations representing industry participants, individual 
investors, and members of Congress.\9\ Of the comment letters received, 
13 expressed support for the proposal; \10\ 36 expressed support, but 
suggested modifications to certain provisions of the proposal; \11\ 
five solely suggested modifications to the proposal; \12\ two opposed 
the proposal; \13\ and seven neither supported nor opposed the 
substance of the proposal.\14\ Concerns raised in these comment letters 
included: (1) The appropriateness of real-time reporting of required 
data to the central repository; \15\ (2) the scope of the required data 
elements, including the use of unique order identifiers and unique 
customer identifiers; \16\ and (3) the burden and costs associated with 
the proposal.\17\ In addition, a number of commenters offered 
alternative approaches and made suggestions regarding the creation, 
implementation, and maintenance of the consolidated audit trail.\18\
---------------------------------------------------------------------------

    \8\ See Exhibit A for a citation key to the comment letters 
received by the Commission on the proposed rule. The Commission also 
received four comment letters that do not address the substance of 
the consolidated audit trail proposal. See Ericson Letter; Kondracki 
Letter; Grady Letter; Deep Liquidity Letter.
    \9\ The Commission notes that, in some cases, commenters fell 
into more than one such category.
    \10\ See Vannelli Letter; Beach Letter; Foothill Letter; Green 
Letter; Wealth Management Letter; McCrary Letter; Anastasopoulos 
Letter; Triage Letter; FTEN Letter; Middle Office Letter; Correlix 
Letter; Lettieri Letter; Bean Letter.
    \11\ See ICI Letter; Thomson Reuters Letter; Scottrade Letter; 
Liquidnet Letter; FINRA/NYSE Euronext Letter; BOX Letter; Nasdaq 
Letter I; Nasdaq Letter II; TIAA-CREF Letter; GETCO Letter; BATS 
Letter; SIFMA Letter; SIFMA February 2012 Letter; CBOE Letter; 
Direct Edge Letter; Angel Letter; IAG Letter; Managed Funds 
Association Letter; Mansfield Letter; Marketcore Letter; Kumaraguru 
Letter; Ameritrade Letter; FINRA Letter; Wells Fargo Letter; Noetic 
Partners Letters; Knight Letter; FIF Letter; FIF Letter II; Albany 
Letter; Endace Letter; Ross Letter; FINRA Proposal Letter; Schumer 
Letter; FIA Letter; STA Letter; Van Bokkelen Letter.
    \12\ See Belanger Letters; SIFMA Drop Copy Letter; Wachtel 
Letter; High Speed Letter (recommending next steps in the 
development of the consolidated audit trail).
    \13\ See BondMart Letter; Leuchtkafter Letter.
    \14\ See Broadridge Letter; FIX Letter; Know More Letter; Aditat 
Letter; iSys Letter; Kaufman Letter; Berkeley Letter.
    \15\ See Scottrade Letter, p. 1; ICI Letter, p. 4-6; FINRA/NYSE 
Euronext Letter, p. 4; GETCO Letter, p. 2; BATS Letter, p. 1-2; 
SIFMA Letter, p. 3-8; SIFMA February 2012 Letter, p. 1; CBOE Letter, 
p. 4-5; Direct Edge Letter, p. 3; FINRA Letter, p. 10-13; Wells 
Fargo Letter, p. 3; Knight Letter, p. 2-3; Leuchtkafer Letter; 
Broadridge Letter, p. 3; FIF Letter, p. 4; SIFMA Drop Copy Letter, 
p. 1; Ross Letter, p. 1; FINRA Proposal Letter, p. 3; FIA Letter, p. 
1-2.
    \16\ See Ameritrade Letter, p. 3; Kumaraguru Letter, p. 1; FINRA 
Proposal Letter, p. 6-8, 13 and Appendix A.; Angel Letter, p. 2-3; 
Managed Funds Association Letter, p. 2; SIFMA Letter, p. 11-12, 14; 
SIFMA Drop Copy Letter, p. 2; Liquidnet Letter p. 6-7; FINRA Letter, 
p. 4, 7-9; CBOE Letter, p. 2; Knight Letter, p. 2; Scottrade Letter, 
p. 1; DirectEdge Letter, p. 3; FIF Letter, p. 2-3, 6-7; FIF Letter 
II, p. 2; BOX Letter, p. 2; Wells Fargo Letter, p. 3; Ross Letter, 
p. 1; ICI Letter, p. 3; Thomson Reuters Letter, p. 3; Endace Letter, 
p. 1-2; GETCO Letter, p. 4.
    \17\ See Thomson Reuters Letter, p. 2; Liquidnet Letter, p. 1; 
CBOE Letter, p. 2, 4-5; Nasdaq Letter I, p. 2; Angel Letter, p. 1-2; 
IAG Letter, p. 3.; Kaufman Letter, attachment p. 3; Wells Fargo 
Letter, p. 3-4; Noetic Partners Letter, p. 2; Leuchtkafer Letter, p. 
1-5; Broadridge Letter, p. 3; FINRA Proposal Letter, p. 2-3.; High 
Speed Letter, p. 1; Belanger Letter, p. 7-8; Correlix Letter, p. 2.; 
FTEN Letter, p. 13; SIFMA Letter, p.1-8, 15-16; FINRA/NYSE Euronext 
Letter, p 4, 7; FINRA Letter, p. 3, 10-13; Scottrade Letter, p. 1; 
ICI Letter, p. 4-6; GETCO Letter, p. 2; BATS Letter, p. 1-2; Direct 
Edge Letter, p. 3; Knight Letter, p. 2-3; Leuchtkafer Letter; 
Broadridge Letter, p. 3; FIF Letter, p. 4; SIFMA Drop Copy Letter, 
p. 1; Ross Letter, p. 1; SIFMA February 2012 Letter; FIA Letter, p. 
1-2; Noetic Partners Letter II, p. 2; High Speed Letter, p. 1.
    \18\ See FINRA Proposal Letter; Angel Letter, p. 3; BOX Letter, 
p. 2; BATS Letter, p. 2; CBOE Letter, p. 2-3; SIFMA Letter, p. 16-
18; Wells Fargo Letter, p. 2; Knight Letter, p. 3; FIF Letter, p. 5-
6; Schumer Letter, p. 1; FIF Letter, p. 1-3; FINRA Letter, p. 3, 6; 
FINRA/NYSE Euronext Letter, p. 8, 14; SIFMA Drop Copy Letter.

---------------------------------------------------------------------------

[[Page 45724]]

    In consideration of the views expressed, suggestions for 
alternatives, and other information provided by those commenting on the 
proposed Rule, the Commission is adopting Rule 613 with significant 
modifications to the proposed requirements for the NMS plan submitted 
to the Commission for its consideration. In certain instances these 
modifications alter the data and collection requirements of the 
proposed Rule. In other instances, the adopted Rule has been altered to 
be less prescriptive, and hence less limiting, in the means SROs may 
use to meet certain requirements. Some of the more significant changes 
are as follows:
     Replacing Real-Time Reporting with a Requirement to Report 
Data by 8 a.m. of the Next Trading Day. The adopted Rule no longer 
requires that the NMS plan provide for the reporting of order event 
data \19\ to the central repository in real time; rather, it provides 
that the NMS plan must require the reporting of order event data to the 
central repository by 8 a.m. Eastern Time on the trading day following 
the day such information has been recorded by the SRO or the 
member.\20\ The NMS plan may accommodate voluntary submissions of order 
event data prior to 8 a.m. on the following trading day, but it may not 
mandate a reporting deadline prior to 8 a.m.
---------------------------------------------------------------------------

    \19\ As used herein, the term ``order event data'' is used to 
refer to the information reported pursuant to Rule 613(c)(3) and 
identified in Rule 613(c)(7)(i) through (v), generally including: 
(1) The Customer-ID(s) for each customer, including the person 
giving a modification or cancellation instruction; (2) the CAT-
Order-ID; (3) the CAT-Reporter-ID of the broker-dealer, national 
securities exchange, or national securities association receiving, 
originating, routing, modifying, cancelling or executing an order, 
and to which an order is being routed; (4) the identity and nature 
of the department or desk to which an order is routed, if routed 
internally at the broker-dealer; (5) the date an order was received, 
originated, routed, modified, cancelled, or executed; (6) the time 
an order was received, originated, routed, modified, cancelled, or 
executed; (7) material terms of an order and any changes of such 
terms, if modified; (8) the price and remaining size of an order, if 
modified; (9) execution capacity (principal, agency, riskless 
principal); (10) execution price and size; and (11) whether the 
execution was reported pursuant to an effective transaction 
reporting plan or the Plan for Reporting of Consolidated Options 
Last Sale Reports and Quotation Information (``OPRA''). See Section 
III.B.1.d., infra. Information reported pursuant to Rule 613(c)(4) 
and identified in Rule 613(c)(7)(vi) through (viii) is referred to 
as ``supplemental data.''
    \20\ See Rule 613(c)(3); Sections II.A., III.B.1.e., infra.
---------------------------------------------------------------------------

     Providing More Flexibility to Determine the Format of Data 
Reported to the Central Repository. The proposed Rule mandated that the 
NMS plan require the SROs and their members to collect and provide to 
the central repository the required order and event information in a 
uniform electronic format. The adopted Rule instead allows the SROs to 
determine the details of how market participants would transmit data to 
the central repository (which might include multiple electronic 
formats, rather than a uniform electronic format), subject to a more 
general requirement that data must be transmitted in a manner that 
ultimately allows the central repository to make this data available to 
regulators in a uniform electronic format.\21\
---------------------------------------------------------------------------

    \21\ See Rule 613(c)(2); Sections III.B.1.f., III.B.2., infra.
---------------------------------------------------------------------------

     Eliminating the Requirement to Report Orders with a Unique 
Order Identifier. The proposed Rule mandated that each order reported 
to the central repository be tagged with a unique identifier that is 
the same throughout the order's entire lifecycle. In the adopted Rule, 
this requirement is replaced with a more general requirement that once 
all order events are transmitted to the central repository, the 
repository must be able to efficiently and accurately link together all 
lifecycle events for the same order, and make available to regulators 
this linked order data.\22\
---------------------------------------------------------------------------

    \22\ See Rule 613(j)(1); Section III.B.1.d.iv., infra.
---------------------------------------------------------------------------

     Extending the Compliance Period for Small Broker-Dealers. 
Under the adopted Rule, the NMS plan may provide that small broker-
dealers be allowed up to three years, rather than two years as 
proposed, from the effectiveness of the NMS plan to provide the 
required data to the consolidated audit trail.\23\
---------------------------------------------------------------------------

    \23\ See Rule 613(a)(3)(vi); Section III.B.1.c., infra.
---------------------------------------------------------------------------

    In addition to the above modifications, the Commission has also 
added a number of new requirements to the adopted Rule in response to 
general concerns expressed by commenters regarding the process for the 
development and implementation of the NMS plan. Some of the more 
significant of these additions are as follows:
     Considering and Explaining Choices and Available 
Alternatives. The adopted Rule requires that the NMS plan describe and 
discuss any reasonable alternative approaches to the creation of the 
consolidated audit trail that were considered by the SROs and why the 
approach set forth by the NMS plan was selected.\24\
---------------------------------------------------------------------------

    \24\ See Rule 613(a)(1)(xii); Section III.C.2.a., infra.
---------------------------------------------------------------------------

     Planning for Future System Efficiencies. The adopted Rule 
requires that the NMS plan provide a plan to eliminate existing rules 
and systems (or components thereof) that are rendered duplicative by 
the consolidated audit trail, including identification of such rules 
and systems (or components thereof). Further, to the extent that any 
existing rules or systems related to monitoring quotes, orders, and 
executions provide information that is not rendered duplicative by the 
consolidated audit trail, such plan must also include an analysis of 
(1) whether the collection of such information remains appropriate, (2) 
if still appropriate, whether such information should continue to be 
separately collected or should instead be incorporated into the 
consolidated audit trail, and (3) if no longer appropriate, how the 
collection of such information could be efficiently terminated. 
Finally, such plan must also discuss the steps the plan sponsors 
propose to take to seek Commission approval for the elimination of such 
rules and systems (or components thereof); and a timetable for such 
elimination, including a description of how the plan sponsors propose 
to phase in the consolidated audit trail and phase out such existing 
rules and systems (or components thereof).\25\
---------------------------------------------------------------------------

    \25\ See Rule 613(a)(1)(ix); Section III.C.2.a., infra.
---------------------------------------------------------------------------

     Considering Input. The adopted Rule requires the NMS plan 
to address the process by which the plan sponsors solicited views of 
their members and other appropriate parties regarding the creation, 
implementation, and maintenance of the consolidated audit trail, 
provide a summary of the views of such members and other parties, and 
describe how the plan sponsors took such views into account in 
preparing the NMS plan.\26\ In addition, the adopted Rule also requires 
the NMS plan to provide for the establishment of an Advisory Committee 
whose function will be to advise the plan sponsors on the 
implementation, operation, and administration of the central 
repository.\27\
---------------------------------------------------------------------------

    \26\ See Rule 613(a)(1)(xi).
    \27\ See Rule 613(b)(7). For a further discussion of the 
composition of the Advisory Committee, see Section III.B.3.b., 
infra.
---------------------------------------------------------------------------

     Periodic Reviews of the Consolidated Audit Trail. To help 
assure the Commission that as financial markets evolve and new 
technologies emerge, the consolidated audit trail remains a useful 
regulatory tool, the adopted Rule mandates that the NMS plan must 
require the central repository's Chief Compliance Officer to regularly 
review the operations of the consolidated audit trail, and, in light of

[[Page 45725]]

market and technological developments, make appropriate recommendations 
for enhancements to the consolidated audit trail.\28\
---------------------------------------------------------------------------

    \28\ See Section III.B.2., infra.
---------------------------------------------------------------------------

    The Commission has also added certain requirements to the adopted 
Rule in response to specific concerns expressed by commenters with 
respect to the use of consolidated audit trail data. Some of the more 
significant of these additions are as follows:
     Enhancing Security and Privacy Requirements. Commenters 
have expressed concerns regarding the risk of failing to maintain 
appropriate controls over the privacy and security of consolidated 
audit trail data. Accordingly, the adopted Rule requires the NMS plan 
to include additional policies and procedures that are designed to 
ensure the rigorous protection of confidential information collected by 
the central repository.\29\
---------------------------------------------------------------------------

    \29\ See Rule 613(e)(4).
---------------------------------------------------------------------------

     Addressing and Limiting Errors. Commenters have also 
expressed concerns about the potential for errors in the consolidated 
audit trail; the adopted Rule requires the SROs to provide in their NMS 
plan detailed information regarding anticipated error rates as well as 
the plan's proposed error correction process.\30\
---------------------------------------------------------------------------

    \30\ See Rule 613(e)(6); Section III.B.2., infra.
---------------------------------------------------------------------------

    The Commission generally believes that the collective effect of the 
modifications and additions described above will be to significantly 
expand the set of solutions that could be considered by the SROs for 
creating, implementing, and maintaining a consolidated audit trail and 
to provide the SROs with increased flexibility in how they choose to 
meet the requirements of the adopted Rule, relative to the alternatives 
that would have been available under the requirements of the proposed 
Rule. The Commission further believes that these changes address or 
mitigate the principal concerns raised by commenters--including 
concerns regarding the extent and cost of the systems changes required 
by the SROs and their members--while continuing to enable the SROs and 
the Commission to achieve significant benefits from the consolidated 
audit trail.\31\ Each of the modifications and additions noted above is 
described and explained in detail in part III below.
---------------------------------------------------------------------------

    \31\ See Section II.A., infra, for a discussion of the 
objectives of the consolidated audit trail.
---------------------------------------------------------------------------

    Given these changes and the wide array of commenters' views on how 
to best create, implement, and maintain a consolidated audit trail, the 
Commission expects that the SROs will seriously consider various 
options as they develop the NMS plan to be submitted to the Commission 
for its consideration.\32\ Indeed, some commenters recognized that a 
consolidated audit trail could be created, implemented, and maintained 
in a number of ways, and thus recommended that the Commission replace 
the specific systems requirements of the proposed Rule with more 
general ``end-user'' requirements, perform an analysis of how existing 
audit trail systems do and do not meet the needs of regulators, and 
perhaps even engage in a formal request-for-proposal (``RFP'') 
process.\33\
---------------------------------------------------------------------------

    \32\ See, e.g., FINRA Letter, p. 14 (advocating that SROs build 
off existing audit trails to develop a consolidated audit trail) and 
Nasdaq Letter I, p. 11-12 (arguing against building off existing 
audit trail systems and supporting the development of new system to 
establish a consolidated audit trail).
    \33\ See Nasdaq Letter I, p. 12; FIF Letter II, p. 2-3; STA 
Letter, p. 1-3; Direct Edge Letter, p. 2-3, 5.
---------------------------------------------------------------------------

    In light of the expanded solution set that should be available 
under the changes described above and commenter views on the NMS plan 
development process, the adopted Rule now requires the SROs to provide 
much more information and analysis to the Commission as part of their 
NMS plan submission. These requirements have been incorporated into the 
adopted Rule as ``considerations'' that the SROs must address, and 
generally mandate that the NMS plan discuss: (1) The specific features 
and details of the NMS plan (e.g., how data will be transmitted to the 
central repository, when linked data will be available to regulators); 
(2) the SROs' analysis of NMS plan costs and impact on competition, 
efficiency, and capital formation; (3) the process followed by the SROs 
in developing the NMS plan (e.g., the requirement to solicit input from 
members of the SROs and other appropriate parties); and (4) information 
about the implementation plan and milestones for the creation of the 
consolidated audit trail.
    These requirements are intended to ensure that the Commission and 
the public have sufficiently detailed information to carefully consider 
all aspects of the NMS plan ultimately submitted by the SROs, 
facilitating an analysis of how well the NMS plan would allow 
regulators to effectively and efficiently carry out their 
responsibilities. To help elicit the most appropriate information and 
analysis from the SROs in response to these requirements, the 
Commission is furnishing further details about how it envisions 
regulators would use, access, and analyze consolidated audit trail data 
through a number of ``use cases.'' These use cases and accompanying 
questions should help the SROs prepare an NMS plan that better 
addresses the requirements of the adopted Rule, as well as aid the 
Commission and the public in gauging how well the NMS plan will address 
the need for a consolidated audit trail.\34\
---------------------------------------------------------------------------

    \34\ See Section III.C.2.b., infra.
---------------------------------------------------------------------------

    Because the Commission believes the adopted Rule permits a wider 
array of solutions to be considered by the SROs than the proposed Rule 
did and because the Commission and the public will be able to avail 
themselves of much more information and analysis in connection with the 
NMS plan submission, the Commission is also making significant 
modifications to the process by which it will consider the costs and 
benefits of the creation, implementation, and maintenance of a 
consolidated audit trail, as well as the potential impacts on 
efficiency, competition, and capital formation. In particular, the 
methodology that the Commission used in the Proposing Release to 
estimate the costs of creating, implementing, and maintaining a 
consolidated audit trail may be no longer suitable. As discussed in the 
Proposing Release, the approximately $4 billion cost estimate for the 
creation and implementation of a consolidated audit trail was primarily 
based on averages for the development from scratch of new, very large-
scale market systems.\35\ However, the Commission's rationale for this 
approach was predicated on some of the specific technical requirements 
of the proposed Rule, especially those related to the real-time 
collection and standard formatting of all data. As such, the approach 
assumed that the consolidated audit trail would not be able to build on 
existing trade, order, and audit trail systems. As noted above, these 
assumptions may no longer be valid since several of the specific 
technical requirements underlying the Proposing Release's approach have 
been substantially modified. The Commission believes these changes 
would now permit a wider array of solutions to be considered by the 
SROs, including solutions that could capitalize on existing systems and 
standards.\36\
---------------------------------------------------------------------------

    \35\ The methodology in the Proposing Release assumed that the 
scope of the required systems changes would be comparable to those 
made in connection with Regulation NMS. See Proposing Release, supra 
note 4, at 32597, n. 352.
    \36\ See, e.g, FINRA Letter, p. 14; SIFMA Letter, p. 16-18.
---------------------------------------------------------------------------

    In light of these changes, the Commission believes that the 
economic consequences of the consolidated audit trail now will become 
apparent only over the course of the multi-step process

[[Page 45726]]

for developing and approving an NMS plan that will govern the creation, 
implementation, and maintenance of a consolidated audit trail. In 
particular, the Commission believes that the costs and benefits of 
creating a consolidated audit trail, and the consideration of specific 
costs as related to specific benefits, is more appropriately analyzed 
once the SROs narrow the expanded array of choices they have under the 
adopted Rule and develop a detailed NMS plan. The Commission therefore 
is focusing its economic analysis in this Release on the actions the 
SROs are required to take upon approval of the adopted Rule--
specifically the requirement that the SROs develop an NMS plan, 
utilizing their own resources and undertaking their own research, that 
addresses the specific details, cost estimates, considerations, and 
other requirements of the Rule.\37\ A robust economic analysis of the 
next step--the actual creation and implementation of a consolidated 
audit trail itself--requires information on the plan's detailed 
features (and their associated cost estimates) that will not be known 
until the SROs submit their NMS plan to the Commission for its 
consideration. Accordingly, the Commission is deferring this analysis 
until such time as it may approve any NMS plan--that is, after the NMS 
plan, together with its detailed information and analysis, has been 
submitted by the SROs and there has been an opportunity for public 
comment.
---------------------------------------------------------------------------

    \37\ See Rule 613(a)(1).
---------------------------------------------------------------------------

    To that end, the adopted Rule requires that the SROs: (1) Provide 
an estimate of the costs associated with creating, implementing, and 
maintaining the consolidated audit trail under the terms of the NMS 
plan submitted to the Commission for its consideration; (2) discuss the 
costs, benefits, and rationale for the choices made in developing the 
NMS plan submitted; and (3) provide their own analysis of the submitted 
NMS plan's potential impact on competition, efficiency and capital 
formation. The Commission believes that these estimates and analyses 
will help inform public comment regarding the NMS plan and will help 
inform the Commission as it evaluates whether to approve the NMS plan. 
In this way, the Commission can develop estimates of the costs for the 
creation, implementation, and maintenance of the consolidated audit 
trail that benefit from cost data and information provided by the SROs.
    The Commission notes that this approach is suited for the multi-
step nature of the particular process for developing and approving an 
NMS plan that will govern the creation, implementation, and maintenance 
of a consolidated audit trail. Further, because the Commission is 
deferring its final analysis of the consolidated audit trail until 
after a detailed NMS plan has been submitted to the Commission for its 
consideration and the public has had an opportunity to comment, the 
adopted Rule has been modified to include a mandate that in determining 
whether to approve the NMS plan and whether the NMS plan is in the 
public interest, the Commission must consider the impact of the NMS 
plan on efficiency, competition, and capital formation of creating, 
implementing, and maintaining the NMS plan.\38\ The Commission also 
will consider the costs and benefits of the creation, implementation, 
and maintenance of the consolidated audit trail pursuant to the details 
proposed in the NMS plan submitted to the Commission for its 
consideration.
---------------------------------------------------------------------------

    \38\ See Rule 613(a)(5).
---------------------------------------------------------------------------

    As a result of the new requirements for SROs to provide additional 
information about costs and a number of other aspects of the NMS plan 
they submit, the Commission is extending the timeframe for the 
submission of the NMS plan from 90 days from the date of approval of 
Rule 613 to 270 days from the date of publication of the adopting 
release for Rule 613 (``Adopting Release'') in the Federal Register. 
The Commission also is altering the timeframe within which SROs must 
submit proposed rule changes to require their members to comply with 
the requirements of the Rule and the NMS plan approved by the 
Commission \39\ and the deadline for submitting the document required 
by Rule 613(i) regarding the possible expansion of the scope of the NMS 
plan.\40\
---------------------------------------------------------------------------

    \39\ The proposed Rule would have required SROs to submit such 
proposed rule changes on or before from 120 days from approval of 
the Rule. Because the adopted Rule permits the SROs up to 270 days 
from the date of publication of the Adopting Release in the Federal 
Register to submit NMS plans, the Commission believes that the more 
appropriate deadline for SROs to submit rule changes is 60 days from 
the date the Commission approves an NMS plan.
    \40\ Specifically, the adopted Rule provides SROs six months, 
instead of two months, after effectiveness of the NMS plan to submit 
this document to the Commission.
---------------------------------------------------------------------------

II. Introduction

A. Need for, and Objectives of, a Consolidated Audit Trail

    The Commission believes that the Rule adopted today is an 
appropriate step in the creation of a consolidated audit trail which, 
when implemented, should substantially enhance the ability of the SROs 
and the Commission to oversee today's securities markets and fulfill 
their responsibilities under the federal securities laws. Rule 613 
requires the submission of an NMS plan to create, implement, and 
maintain the first comprehensive audit trail for the U.S. securities 
markets, which will allow for the prompt and accurate recording of 
material information about all orders in NMS securities, including the 
identity of customers, as these orders are generated and then routed 
throughout the U.S. markets until execution, cancellation, or 
modification. This information will be consolidated and made readily 
available to regulators in a uniform electronic format.
    This section reviews the current status and limitations of 
existing, discrete audit trails and discusses how a consolidated audit 
trail could address those limitations and improve the ability of the 
SROs and the Commission to perform their regulatory functions. To 
perform this review, the Commission is, in part, drawing upon its own 
experiences in using existing audit trails to carry out its regulatory 
duties.\41\ The Commission also is relying on information provided to 
the Commission from other regulators who use existing audit trail 
systems, broker-dealers and organizations representing industry 
participants, and those with expertise in data management and 
technology solutions that may be applicable to the adopted 
requirements.
---------------------------------------------------------------------------

    \41\ See Proposing Release, supra note 4, at 32558-61.
---------------------------------------------------------------------------

1. Use and Limitations of Current Sources of Trading Data
    It has become increasingly challenging for SROs and the Commission 
to oversee the U.S. securities markets across the multitude of trading 
venues, given the huge volume of orders and trades that are generated, 
routed, transformed, and then re-routed across dozens of venues every 
day. Among the challenges is the fact that there is no single, 
comprehensive audit trail available to regulators.\42\ At present, the 
SROs and the Commission must use a variety of data sources, including 
EBS,\43\ equity cleared reports,\44\ and SRO audit trail data to help 
fulfill their regulatory obligations. As a result, among other issues, 
regulatory authorities face many challenges in obtaining, reconciling, 
and making effective use of even the limited

[[Page 45727]]

order and execution data that is available, thereby hindering the 
conduct of market surveillance, investigation and enforcement 
activities, and market reconstructions and analyses.\45\
---------------------------------------------------------------------------

    \42\ See FINRA/NYSE Euronext Letter, p. 1-3; Nasdaq Letter I, p. 
1-5.
    \43\ See note 1, supra; Proposing Release, supra note 4, at 
32557-58.
    \44\ See note 2, supra.
    \45\ The term ``market reconstruction'' is used to refer to the 
efforts by SRO and Commission staff to collect and process detailed 
trade and order data, often from multiple and varied data sources 
(e.g., market participants, trading venues, and other SROs) to 
recreate the sequence of events and market conditions that existed 
over a given period of time. A recent example of this occurred 
following the ``Flash Crash'' of May 6, 2010, with the market 
reconstruction analysis undertaken by Commission and the Commodity 
Futures Trading Commission (``CFTC'') staff, which can be found in 
the ``Findings Regarding the Market Events of May 6, 2010: Report of 
the Staffs of the CFTC and the SEC to the Joint Advisory Commission 
Emerging Regulatory Issues.'' See http://www.sec.gov/news/studies/2010/marketevents-report.pdf.
---------------------------------------------------------------------------

    The ultimate effectiveness of core SRO and Commission regulatory 
efforts depends on the following four qualities of trade and order 
(collectively ``market'') data:
     Accuracy. Is the data about a particular order or trade 
correct?
     Completeness. Does the data represent all market activity 
of interest, or just a subset? Is the data sufficiently detailed to 
provide the required information?
     Accessibility. How is the data stored? How practical is it 
to assemble, aggregate, reconcile, and process the data? Can all 
appropriate regulators acquire the data they need?
     Timeliness. When is the data available to regulators? How 
long will it take to process before it can be used for regulatory 
analyses?
    SROs generally use market data in the form of audit trails to 
identify potential misconduct in the markets they oversee, including 
attempts to manipulate market quotations, inflate trading or order 
volume artificially, or profit from non-public information. When these 
surveillance efforts identify suspicious trading activity, SROs have a 
responsibility to open investigations in which they assemble and review 
additional market data to assess the nature and scope of the potential 
misconduct. When an SRO detects persistent problems in the market it 
oversees, it may write new rules for its members to address the 
problems. To inform these rulemaking efforts, SROs frequently gather 
and analyze significant amounts of market data. The effectiveness of 
such efforts is largely determined by the qualities of the data 
available.\46\
---------------------------------------------------------------------------

    \46\ The Commission recognizes that the accuracy of the data 
available may also be subject to occasional errors, including errors 
caused by rare and unexpected events.
---------------------------------------------------------------------------

    The qualities of such market data are also primary determinants of 
the Commission's ability to fulfill its statutory mission. The 
Commission uses market data in most of its investigations of potential 
securities law violations. In many of these investigations, market data 
analysis frames the issues for investigation and is a primary means of 
identifying relationships between individuals and entities whose 
activities may threaten the integrity of the securities markets or 
create substantial and unnecessary investor losses. The Commission also 
uses audit trails and other sources of market data to: (1) Inform its 
priorities for examinations of broker-dealers, investment advisers and 
SROs; (2) supplement the data and information it collects during those 
examinations; and (3) determine the nature and scope of any potential 
misconduct the examinations identify. The Commission also relies 
heavily on market data to identify patterns of trading and order 
activity that pose risks to the securities markets and to inform 
regulatory initiatives, as well as to perform market reconstructions. 
In addition, the Commission relies on market data to improve its 
understanding of how markets operate and evolve, including with respect 
to the development of new trading practices, the reconstruction of 
atypical or novel market events, and the implications of new markets or 
market rules. As is the case for the SROs, the effectiveness of such 
efforts by the Commission is largely determined by the qualities of the 
data available.\47\
---------------------------------------------------------------------------

    \47\ The effectiveness of such efforts with respect to cross-
market activities within the Commission's jurisdiction depends on 
the qualities of data from multiple sources, such as separate SRO 
audit trails used for equities and equity options. See Section 
II.A.1.c., infra. This dependency also exists with respect to market 
activities that involve other products outside the Commission's 
jurisdiction, such as futures and certain swaps. See note 239, 
infra.
---------------------------------------------------------------------------

    As described in the following sections, each of the present sources 
of market data available to regulators suffers from deficiencies 
limiting its effective use.
a. The EBS System
    The EBS system is currently the only available source of data that 
allows regulators to obtain the identity of customers of broker-dealers 
who have executed trades. The SROs and the Commission have depended on 
this system for decades to request trading records from broker-dealers. 
The EBS system, supplemented by the requirements of Rule 17a-25 under 
the Exchange Act,\48\ is generally used by SRO and Commission staff to 
assist in the investigation of possible securities law violations, 
typically involving insider trading and market manipulations.\49\ In 
its electronic format, the EBS system provides certain detailed 
execution information, upon request by SRO or Commission staff, for 
specific securities during specified timeframes. However, EBS data, 
which is currently sourced from the so-called back-office records of 
clearing brokers, are limited to executed trades and do not contain 
information on orders or quotes (and thus no information on routes, 
modifications, and cancellations). Also, in frequent cases where 
brokers utilize average-price accounts to execute and aggregate 
multiple trades for one or more customers, the details of each 
individual trade execution are typically lost when reported through the 
EBS system because it is only the average aggregate price and volume of 
a series of executed trades that are transmitted to the clearing 
systems for processing.\50\
---------------------------------------------------------------------------

    \48\ 17 CFR 240.17a-25. Rule 17a-25 codified the requirement 
that broker-dealers submit to the Commission, upon request, 
information on their customer and proprietary securities 
transactions in an electronic format. The rule requires submission 
of the same standard customer and proprietary transaction 
information that SROs request through the EBS system in connection 
with their market surveillance and enforcement inquiries.
    \49\ See Rule 17a-25; supra note 1, and accompanying text.
    \50\ See FIF Letter I, p. 3; SIFMA Letter, p. 18-19.
---------------------------------------------------------------------------

    Furthermore, the EBS data currently includes only the dates, but 
not the times, of each trade execution (regardless of whether or not 
the trade represents an average-price series of executions).\51\ Since 
there could be many broker-dealers trading a given security on a given 
day of interest, to reconstruct trading on the market for one security 
on one day could involve many, perhaps hundreds, of EBS requests. 
Consequently, EBS data, alone, are not generally useful for price or 
short sale manipulations analysis, order flow analysis, depth-of-book 
analysis, or any large-scale market reconstructions in which the timing 
of events is required to build a useful picture of the market.\52\
---------------------------------------------------------------------------

    \51\ As adopted, Rule 13h-1 requires certain broker-dealers to 
capture and report through EBS the time of execution for any trade 
involving a large trader and a Commission-issued large trader 
identifier that identifies the large trader. See Large Trader 
Release and Large Trader Extension, supra note 1.
    \52\ A 1990 Senate Report acknowledged the immense value of the 
EBS system, but noted that ``it is designed for use in more narrowly 
focused enforcement investigations that generally relate to trading 
in individual securities. It is not designed for use for multiple 
inquiries that are essential for trading reconstruction purposes.'' 
See S. Rep. No. 300, 101st Cong., 2d Sess. 2-5 (1990), at 48.
---------------------------------------------------------------------------

    In addition, though the EBS system provides the names associated 
with each account in which a trade has been

[[Page 45728]]

placed, these names are based on the separate records of each broker-
dealer providing data to the EBS system, and the same party may be 
identified by a different name across multiple broker-dealers. 
Experience of staff at the Commission has shown \53\ that it is 
difficult to perform cross-broker customer analysis of trading since 
the same customer may be known by different names depending on the 
account and broker-dealer through which it traded.
---------------------------------------------------------------------------

    \53\ See, generally, Sections II.A.1. and II.A.2., infra.
---------------------------------------------------------------------------

    The EBS system also typically requires SRO and Commission staff 
needing EBS data to request the information from each broker-dealer, 
and complete responses from each broker-dealer may take days or weeks 
depending upon the scope of the request. As a result of these various 
limitations, the EBS system is generally only used by regulators in 
narrowly-focused enforcement investigations that generally involve 
trading in particular securities on particular dates or with specific 
broker-dealers.
b. Equity Cleared Reports
    In addition to the EBS system and Rule 17a-25, the SROs and the 
Commission also rely upon the NSCC \54\ equity cleared report for 
initial regulatory inquiries.\55\ This report is generated on a daily 
basis by the SROs, is provided to the NSCC, and shows the number of 
trades and daily volume of all equity securities in which transactions 
took place, sorted by clearing member. The information provided is end-
of-day data and is searchable by security name and CUSIP number.\56\ 
This information is also provided to the Commission upon request. Since 
the information made available on the report is limited to the date, 
the clearing firm, and the number of transactions cleared by each 
clearing firm, its use for regulatory purposes is quite limited--equity 
cleared reports basically serve as a starting point for certain types 
of investigations, providing a tool the Commission can use to narrow 
down the clearing firms to contact concerning transactions in a certain 
security.
---------------------------------------------------------------------------

    \54\ See note 2, supra, and accompanying text.
    \55\ The Commission also uses the Options Cleared Report, with 
data supplied by the Options Clearing Corporation (``OCC''), for 
analysis of trading in listed options. The OCC is an equity 
derivatives clearing organization that is registered as a clearing 
agency under Section 17A, 15 U.S.C. 78q-1, of the Exchange Act, and 
operates under the jurisdiction of both the Commission and the CFTC.
    \56\ A CUSIP number is a unique alphanumeric identifier assigned 
to a security and is used to facilitate the clearance and settlement 
of trades in the security.
---------------------------------------------------------------------------

c. SRO Audit Trails
    In addition to EBS data and equity cleared reports, the SROs and 
the Commission rely on data collected through individual SRO audit 
trails. Most SROs maintain their own specific audit trails applicable 
to their members. For example, the National Association of Securities 
Dealers (``NASD'') \57\ established its Order Audit Trail System 
(``OATS'') \58\ in 1996, which required NASD (n/k/a FINRA) members to 
report certain trade and order data on Nasdaq-listed equity securities. 
OATS was later expanded to include OTC equity securities. Similarly, 
the NYSE implemented its Order Tracking System (``OTS'') \59\ in 1999 
under which its members were required to report certain trade and order 
data on NYSE-listed securities. Beginning in 2000, several of the 
current options exchanges implemented the Consolidated Options Audit 
Trail System (``COATS'').\60\ In addition, many of the exchanges have 
created their own audit trails to assist in surveillance activities.
---------------------------------------------------------------------------

    \57\ In 2007, NASD and the member-related functions of NYSE 
Regulation, Inc., the regulatory subsidiary of New York Stock 
Exchange LLC (``NYSE''), were consolidated. As part of this 
regulatory consolidation, the NASD changed its name to FINRA. See 
Securities Exchange Act Release No. 56146 (July 26, 2007), 72 FR 
42190 (August 1, 2007). FINRA and the National Futures Association 
(``NFA'') are currently the only national securities associations 
registered with the Commission; however, the NFA has a limited 
purpose registration with the Commission under Section 15A(k) of the 
Exchange Act, 15 U.S.C. 78o-3(k). See also Securities Exchange Act 
Release No. 44823 (September 20, 2001), 66 FR 49439 (September 27, 
2001).
    \58\ See In the Matter of National Association of Securities 
Dealers, Inc., Order Instituting Public Proceedings Pursuant to 
Section 19(h)(1) of the Securities Exchange Act of 1934, Making 
Findings and Imposing Remedial Sanctions, Exchange Act Release No. 
37538 (August 8, 1996), Administrative Proceeding File No. 3-9056 
and Report Pursuant to Section 21(a) of the Securities Exchange Act 
of 1934 Regarding the NASD and The Nasdaq Stock Market LLC 
(``Nasdaq''). See also Securities Exchange Act Release No. 39729 
(March 6, 1998), 63 FR 12559 (March 13, 1998) (order approving 
proposed rules comprising OATS) (``OATS Approval Order'').
    \59\ See Securities Exchange Act Release No. 47689 (April 17, 
2003), 68 FR 20200 (April 24, 2003) (order approving proposed rule 
change by NYSE relating to order tracking) (``OTS Approval Order'').
    \60\ See In the Matter of Certain Activities of Options 
Exchanges, Administrative Proceeding File No. 3-10282, Securities 
Exchange Act Release No. 43268 (September 11, 2000) (Order 
Instituting Public Administrative Proceedings Pursuant to Section 
19(h)(1) of the Securities Exchange Act of 1934, Making Findings and 
Imposing Remedial Sanctions) (``Options Settlement Order''). See, 
e.g., Securities Exchange Act Release No. 50996 (January 7, 2005), 
70 FR 2436 (order approving proposed rule change by CBOE relating to 
Phase V of COATS).
---------------------------------------------------------------------------

    Recently, FINRA expanded its OATS requirements from covering only 
Nasdaq-listed and OTC equity securities to covering all NMS stocks.\61\ 
To avoid duplicative reporting requirements, the NYSE, NYSE Amex LLC 
(n/k/a ``NYSE MKT LLC'') (``NYSE Amex''), and NYSE ARCA, Inc. (``NYSE 
Arca'') subsequently replaced their OTS audit trail requirements for 
members who are also members of either FINRA or Nasdaq (and therefore 
subject to OATS requirements) with rules that allow these members to 
satisfy their reporting obligations by meeting the new OATS 
requirements.\62\
---------------------------------------------------------------------------

    \61\ See Securities Exchange Act Release No. 63311 (November 12, 
2010), 75 FR 70757 (November 18, 2010) (SR-FINRA-2010-044) (order 
approving proposed rule change by FINRA relating to the expansion of 
OATS to all NMS stocks).
    \62\ See Securities Exchange Act Release Nos. 65523 (October 7, 
2011), 76 FR 64154 (October 17, 2011) (SR-NYSE-2011-49); 65524 
(October 7, 2011), 76 FR 64151 (October 17, 2011) (SR-NYSEAmex-2011-
74); 65544 (October 12, 2011), 76 FR 64406 (October 18, 2011) (SR-
NYSEArca-2011-69).
---------------------------------------------------------------------------

    Although these developments with respect to the scope of FINRA's 
OATS rules reduce the number of audit trails with disparate 
requirements, they still do not result in a comprehensive audit trail 
that provides regulators with accurate, complete, accessible, and 
timely data on the overall markets for which regulators have oversight 
responsibilities. In particular, data collected by FINRA pursuant to 
FINRA's Rule 7400 series (``OATS data'') does not provide a complete 
picture of the market because though OATS collects data from FINRA 
members with respect to orders and trades involving NMS stocks, OATS 
does not include trade or order activity that occurs on exchanges, or 
at broker-dealers that are not FINRA or Nasdaq members. Nor does OATS 
include exchange quotes, principal orders submitted by FINRA members 
registered as market makers, or options data.\63\ In

[[Page 45729]]

performing its own regulatory oversight of the markets, FINRA has 
chosen to create an internal process in which it augments the data it 
collects via OATS with trade execution data from other exchanges with 
which it has a regulatory services agreement. This process provides 
FINRA with a wider view of the markets than that provided by OATS 
alone, but linking data in this fashion does not yield fully accurate 
results.\64\ For these reasons, the Commission believes that the 
augmented OATS data currently falls short of providing an efficient 
source of data for analyzing cross-market activities, or tracking an 
order through its entire cycle from generation through routing to 
execution, modification or cancellation.
---------------------------------------------------------------------------

    \63\ See FINRA Rule 7410(j) (defining ``Order'' for purposes of 
OATS, to mean ``any oral, written, or electronic instruction to 
effect a transaction in an NMS stock or an OTC equity security that 
is received by a member from another person for handling or 
execution, or that is originated by a department of a member for 
execution by the same or another member, other than any such 
instruction to effect a proprietary transaction originated by a 
trading desk in the ordinary course of a member's market making 
activities.'' Additionally, Nasdaq, Nasdaq OMX BX, Inc. (``BX'') and 
Phlx equities (``PSX'') members that are registered as market makers 
in a certain security are similarly exempted from recording OATS 
audit trail data for the security in which they are registered to 
make a market. See Nasdaq and BX Rules 6951(i); PSX Rule 3401(i).
    The Commission notes that members of Nasdaq, BX and PSX, that 
are not also members of FINRA, are required by those exchanges to 
record the audit trail data required by OATS; however, they are only 
required to report that data through OATS upon request by their 
respective exchanges. See Nasdaq and BX Rules 6955(b); PSX Rule 
3405(b). Additionally, as of October 17, 2011, members of NYSE and 
NYSE Amex, who are not also FINRA members, are required to record 
their trade and order activity. These non-FINRA members are not 
required to report this data through OATS unless requested. See NYSE 
and NYSE Amex Equities Rules 7450(b); see, e.g., Securities Exchange 
Act Release Nos. 65523 (October 7, 2011), 76 FR 64154 (October 17, 
2011); 65524 (October 7, 2011), 76 FR 64151 (October 17, 2011); 
65544 (October 12, 2011), 76 FR 64406 (October 18, 2011) (notice of 
immediate effectiveness of proposed rule change to adopt the FINRA 
Rule 7400 series, the OATS rules, and making certain conforming 
changes to the NYSE and NYSE Amex Equities rules). Members of NYSE 
Arca, who are not also FINRA members, were required to record their 
trade and order activity as of March 31, 2012. See NYSE Arca 
Equities Rule 7450(b); see Securities Exchange Act Release No. 65544 
(October 12, 2011), 76 FR 64406 (October 18, 2011) (notice of 
immediate effectiveness of proposed rule change to adopt the FINRA 
Rule 7400 series, the OATS rules, and making certain conforming 
changes to the NYSE Arca Equities rules). See also Securities 
Exchange Act 66094 (January 4, 2012), 77 FR 1545 (January 10, 2012) 
(notice of immediate effectiveness to extend the implementation date 
of the NYSE Arca Equities Rule 7400 Series, the OATS rules, for 
Equity Trading Permit Holders that are not FINRA members from 
January 31, 2012 to March 31, 2012).
    \64\ FINRA has represented to Commission staff that, as part of 
its own surveillance activities, FINRA acquires some of this order 
handling system data from non-FINRA members to supplement the data 
it receives from its members via OATS, but that matching data across 
the audit trails yields varying levels of success and accuracy due 
to the disparate methods used by the different order handling 
systems to collect and store data. FINRA represented that, during 
the period from November 28, 2011 to February 24, 2012, 
approximately 2% of reportable OATS data related to exchange orders 
could not be linked with matching exchange data. See Commission 
Staff Memorandum to File No. S7-11-10 regarding telephone 
conversations with FINRA, dated April 17, 2012 (``Commission Staff 
Memorandum''). Also, since this process only involves acquiring 
trade and order data from select sources, it still does not produce 
a complete record of all market activity. The Commission notes that, 
when considering data covering a time period of approximately 26 
months, the percentage of reportable OATS data related to exchange 
orders that could not be linked with matching exchange data remained 
at approximately 2%. Id.
---------------------------------------------------------------------------

    OATS data also suffers from a lack of timeliness, partly as a 
result of the problems with the accuracy of the data as collected, and 
partly because of its lack of completeness. When FINRA receives an end-
of-day OATS file from a member, it takes an hour for FINRA to 
acknowledge receipt of the report and approximately another 24 hours to 
determine if there is a syntax error \65\ in the report.\66\ During 
this time, FINRA performs over 152 validation checks on each order 
event reported to OATS. Thus, FINRA performs over 40 billion separate 
checks each day to ensure OATS data conforms to all applicable 
specifications.\67\ Each of these checks can result in OATS data 
submissions being rejected and generating an error message.\68\ As a 
result of these validation checks, almost 425,000 reports per day, on 
average, are rejected and must be corrected.\69\ In addition to the 24 
hours needed to identify errors within a report, it takes another two 
business days to determine whether a file that is syntactically correct 
nevertheless contains errors in content related to internally-
inconsistent information about processing, linking, and routing orders. 
Once a member is advised of such errors, the member has up to five 
business days to re-submit a corrected file. However, error corrections 
are limited to only those that are required to remedy internal 
inconsistencies within a given member's submission. Cross-firm 
inconsistencies in which, for example, one member reports routing an 
order to a second member, but the second member does not report 
receiving or processing such an order, are identified as unmatched or 
unlinkable data records, but neither firm corrects these types of 
reporting errors. The net result yields a historical data record of 
market activity that contains a small but permanent number of incorrect 
or irreconcilable trade and order events.\70\
---------------------------------------------------------------------------

    \65\ Common reasons given by FINRA for syntax rejections 
include: Missing mandatory fields, invalid fields, and invalid field 
combinations (e.g., a Limit Price without a Time in Force Code). 
OATS will reject records as duplicates if more than one record is 
submitted with the same Order Receiving Firm Market Participant 
Identifier, Order Received Date, and Order Identifier or if more 
than one record contains all of the same information.  http://www.finra.org/Industry/Compliance/MarketTransparency/OATS/FAQ/P085542 (last viewed on May 23, 2012).
    \66\ See Commission Staff Memorandum, supra note 64. FINRA 
estimates that, from the period November 28, 2011 to February 24, 
2012 approximately 0.10% of the intra-firm data reported daily by 
broker-dealers were rejected for errors. Id. The Commission notes 
that, when considering data covering a time period of approximately 
26 months, the percentage of the intra-firm data reported daily by 
broker-dealers rejected for errors was more than double this amount. 
Id.
    \67\ See FINRA Letter, p. 11. FINRA represented to Commission 
staff that many of the validation errors result from problems 
encountered in translating order information from broker-dealer 
formats into OATS format. See Commission Staff Memorandum, supra 
note 64.
    \68\ Id.
    \69\ Id.
    \70\ FINRA estimates that during the period from November 28, 
2011 to February 24, 2012 approximately 0.5% of each day's 
reportable events remained unmatched (i.e., multi-firm events, such 
as routes, that cannot be reconciled). See Commission Staff 
Memorandum, supra note 64. When considering data covering a time 
period of approximately 26 months, the percentage of each day's 
reportable events remaining unmatched was more than double this 
amount. Id.
---------------------------------------------------------------------------

    Given the time it takes to process each OATS file, and the nature 
of the process in which errors are detected, reported back to members, 
and then corrected, inter-firm surveillance by FINRA typically does not 
begin until 5 business days after receipt of OATS data. In addition, 
the final product of the FINRA process is available to FINRA, but is 
not stored in a market-wide database or a central repository that is 
readily accessible to other regulators. This is because SROs do not 
typically have access to the internal systems of another SRO, though 
they may share some sources of underlying data.\71\
---------------------------------------------------------------------------

    \71\ For example, FINRA has been given access to order audit 
trail information from certain SROs pursuant to Regulatory Services 
Agreements.
---------------------------------------------------------------------------

    Because the Commission does not have direct access to OATS data and 
other SRO audit trails and because each SRO only has direct access to 
its own audit trails, requests must be made to the Intermarket 
Surveillance Group (``ISG'') \72\ or SROs to conduct an analysis on 
order data. It can take days or weeks, depending on the scope of the 
information requested, to receive responses to requests. Once the 
responses to its requests for information are received, the Commission, 
or any SRO undertaking the same task, must commit a significant amount 
of time and resources to process and cross-link the data from the 
various formats used by different SROs before it can be analyzed and 
used for regulatory purposes. Whether or not this process is successful 
depends on the accuracy, completeness, and format of the data received, 
as well as how readily data from different SROs can be reliably linked. 
For example, staff at the Commission working on the analysis of the May 
6, 2010 ``Flash-Crash'' found it was not possible to use the data from 
existing audit trails to accurately or comprehensively reconstruct 
exchange

[[Page 45730]]

and ATS equity limit order books for NMS securities as required to 
fully analyze the events of that day.\73\
---------------------------------------------------------------------------

    \72\ ISG is an international group of exchanges, market centers, 
and regulators that perform market surveillance in their respective 
jurisdictions. The organization provides a forum for its members to 
share information and coordinate regulatory efforts to address 
potential intermarket manipulation and trading abuses.
    \73\ See Section II.A.2.b., infra.
---------------------------------------------------------------------------

    A further difficulty in using existing audit trails to conduct 
cross-market surveillance is the lack of consistency in both format and 
content among the various audit trails. Not all SROs collect data using 
the OATS format. In addition, each options exchange maintains its own 
COATS audit trail in a different format and includes different 
supplemental data items in its audit trail. These differences make it 
difficult and labor intensive for regulators to view options trading 
activity across multiple markets, and the lack of any combined equity 
and options audit trail is a significant impediment to regulators 
performing cross-product investigations and analyses.
    An additional shortcoming of existing SRO audit trails is the lack 
of customer identifiers. In general, existing SRO audit trails only 
identify the broker-dealer handling the order and not the account 
holder or the person exercising investment discretion for the account 
holder, if different. This limitation makes the process of identifying 
the customers involved in unusual trading patterns or market events 
very difficult. Even determining whether or not an unusual trading 
pattern exists is challenging if the data does not identify trades by a 
single customer at multiple broker-dealers. Requests therefore must be 
made to one or more broker-dealers to obtain information about the 
customer or customers behind an order. Multiple requests may be 
necessary before the information is obtained. EBS data may have to be 
requested as a supplement. A further challenge arises in any type of 
customer-based cross-market analysis because there is no standard 
convention for how customers are identified at different broker-
dealers--the same party directing trades across multiple venues, or 
through different broker-dealers, can be known by many different names.
    Not having customer information at the early stage of surveillance 
can also impair the accuracy, and thus efficacy, of certain 
surveillances. The patterns that emerge when trade and order activity 
is aggregated across all customers of a broker-dealer often exhibit 
characteristics that can be quite different from the (initially) 
unobservable patterns of trade and order activity of each individual 
customer at that broker-dealer. This could result in what are known as 
``false positive signals,'' in which market activities that initially 
are flagged as being potentially manipulative by a surveillance system 
are later found not to be potentially manipulative once more detailed 
customer data from the broker-dealer is requested and analyzed. In 
contrast, potentially manipulative activities may be missed by a 
surveillance system that cannot identify the customers behind each 
order or trade if those activities are otherwise obscured by non-
manipulative activities of other customers of the same broker-dealer 
such that the aggregate patterns of trading do not appear potentially 
manipulative.
    Given the various limitations described above, the Commission does 
not believe that existing audit trails, with their current features, 
provide regulators with an efficient or adequate method of monitoring 
and surveilling the market for NMS securities. The Commission notes, 
for example, that FINRA summarizes the current cross-market systems as 
follows: ``The current systems in place to achieve effective cross-
market surveillance, such as the ISG, are incomplete. For example, the 
ISG audit trail data has numerous shortcomings, including: (1) It does 
not capture quote/orders away from a market's inside market (i.e., 
those quotes/orders below the best bid or above the best offer); (2) it 
currently identifies participants of a trade only to the clearing 
broker, not down to the executing broker level; (3) data submitted by 
participants is not validated; (4) certain data fields are not 
mandatory; and (5) there are no service level agreements to ensure that 
participants submit timely and accurate information.'' \74\
---------------------------------------------------------------------------

    \74\ See FINRA/NYSE Euronext Letter, p. 3.
---------------------------------------------------------------------------

2. Regulatory Improvements With a Consolidated Audit Trail
    The NMS plan required by the Rule, if approved by the Commission, 
will improve the quality of audit trail data by, among other things: 
(1) Identifying with a unique ``Customer-ID'' the account holder(s) 
with respect to an account at a registered broker-dealer and, if 
different, any person authorized to give the broker-dealer trading 
instructions for such account; (2) identifying the time of each key 
event in the life of an order according to synchronized business 
clocks; (3) requiring the reporting of comprehensive order lifecycle 
data; and (4) including all NMS securities in one audit trail. As 
discussed below, the Commission believes that these improvements should 
have the potential to result in the following: (1) Improved market 
surveillance and investigations; (2) improved analysis and 
reconstruction of broad-based market events; and (3) improved market 
analysis. In addition, a consolidated audit trail has the potential to 
result in a reduction in disparate reporting requirements and data 
requests.
a. Improved Market Surveillance and Investigations
    A consolidated audit trail will expand the data available for 
regulators to perform surveillance and investigations for illegal 
activities such as insider trading, wash sales, or manipulative 
practices. In particular, a consolidated audit trail will help 
surveillance and investigations by facilitating risk-based 
examinations, allowing more accurate and faster surveillance for 
manipulation, improving the process for evaluating tips, complaints, 
and referrals (``TCRs''), and promoting innovation in cross-market and 
principal order surveillance.
i. Risk-Based Examinations
    A consolidated audit trail will facilitate risk-based examinations. 
Risk-based examinations require access to accurate and timely data so 
that the scope of the examination can be properly set to cover the 
areas of identified risks. Regulators currently may request audit trail 
data directly from the broker-dealer, work with the broker-dealer to 
understand the format and definitions in the data, validate that 
information with a third party, and analyze the data to determine 
whether the initial assumptions concerning risk were valid. This effort 
requires significant resources from both the regulator and the broker-
dealer, all of which may be wasted if the resulting analysis shows that 
the assumptions of risk justifying the examination of a particular 
subject were not founded. Thus, this resource-intensive process does 
not necessarily reveal the subjects most worthy of examination, and 
does not permit an effective pre-examination review of a subject's 
trading practices.
    In contrast, a consolidated audit trail would permit regulators, 
for example, to identify risks and appropriate subjects for 
examinations relating to certain types of trading by creating and 
comparing metrics based on the complete (and possibly cross-market) 
activities of a broker-dealer or customer. Signals based on such 
metrics could, for example, identify outlier patterns in the ratio of 
order activity to execution, which may be an indication of potentially 
manipulative practices. Currently, this method is impractical because, 
as described above, it requires the consolidation of many audit trails

[[Page 45731]]

that store data in non-uniform formats, participant information in SRO 
audit trails often does not consistently identify the executing broker-
dealer, and there is no uniform method of identifying customers.
    In sum, consolidated audit trail data that meets the minimum 
requirements for the NMS plan specified in the Rule would allow 
regulators to create a process that focuses much more of their 
resources on those firms for which specific activities over specific 
time periods warrant follow up. The subsequent examinations would thus 
be more precise, resulting in more efficient use of regulatory 
resources, potentially reducing the need for multiple document 
requests, and ultimately reducing the sometimes significant compliance 
burden on a broker-dealer or other subject.
ii. Market Manipulation
    In addition to helping regulators focus their resources and better 
identify areas in which potentially manipulative trading activity may 
be occurring, a consolidated audit trail will greatly aid the analysis 
of the potential manipulation itself. The current methodology to 
analyze order and trade data requires a tremendous amount of time and 
resources to construct an accurate picture of when trades are actually 
executed. Typically, this includes: (1) Broker-dealers and other 
registrants responding to multiple requests from the Commission and 
SROs; (2) SROs devoting regulatory resources to obtaining, analyzing, 
and reporting data requested by the Commission; and (3) Commission 
staff reconciling inconsistent order data provided by different SROs 
with respect to different markets.
    In addition, while SRO audit trail data identifies the dates and 
times of trades by a particular broker-dealer, SRO audit trail data 
does not reveal the identities of the customers initiating the trades 
executed by the broker-dealers. Accordingly, to identify customers 
placing trades through a broker-dealer, regulatory staff must obtain 
EBS data and integrate such data with SRO audit trail data. This is a 
cumbersome process because there is no automated process to link the 
two data sources. To determine the exact execution time for trades by a 
particular customer, regulatory staff must obtain a third set of data 
from the broker-dealer's trading and order handling system. These 
processes can take many months. In some cases, the laborious process of 
assembling the data delays other critical investigative or analytical 
steps. In other cases, investigators or analysts forego the process of 
determining when trades occurred, limiting their analysis to more 
accessible information. As a result, SRO and Commission staffs may fail 
to ascertain the full scope of misconduct under investigation or the 
causes of unusual market events at issue.
    Even more critically, the absence of reliable information about who 
initiated which orders makes detection of schemes that involve repeat 
instances of activity through accounts at multiple broker-dealers 
difficult. Schemes of this sort may be among the most harmful and 
difficult to police, but without a customer identifier that 
consistently and uniquely identifies responsibility for orders across 
all broker-dealers, no amount of technical sophistication and 
securities market insight can produce a data query or analysis to 
detect them.\75\
---------------------------------------------------------------------------

    \75\ Examples of schemes that typically rely on orders from 
accounts at multiple brokers include: (1) ``Network'' insider 
trading schemes in which the participants cultivate multiple sources 
of non-public information and trade on the information they receive 
over an extended period of time and through accounts at a large 
number of broker-dealers; (2) wash trading; and (3) order layering. 
Unlike insider trading, for example, which is neither defined nor 
expressly prohibited in the Act, wash trading is specifically 
prohibited in the statute. The entering of matched orders for the 
purpose of creating the illusion of market activity or to 
artificially affect the price is one of the oldest and most 
difficult to detect manipulative practices. Technology that permits 
the routing of thousands of orders to different venues in micro 
seconds has made cross market surveillance for this activity 
extremely difficult. ``Order layering'' is similar to wash trading. 
In this practice, a market participant can enter numerous non-bona 
fide market moving orders, often in substantial size relative to a 
security's legitimate volume to create the false impression of buy 
or sell side pressure. When such orders induce others to execute 
against profitable limit orders, the market participants immediately 
cancel the pending orders that manipulated the price. As with wash 
sales, multiple traders can enter orders on different venues, 
impacting the NBBO and making the activity difficult to detect.
---------------------------------------------------------------------------

    With the data provided by the consolidated audit trail, regulatory 
staff would be able to conduct such analyses in a much shorter period 
of time. In addition, the process of analysis with a consolidated audit 
trail would be inherently more reliable than the manual reconstruction 
process currently available, reducing the risk of inaccuracies. 
Furthermore, the ability to process and meaningfully analyze audit 
trail data more quickly would allow regulatory staff to employ 
proactive methods of identifying potentially manipulative activities. 
The Commission therefore believes a consolidated audit trail would make 
the overall process of identifying and analyzing potentially 
manipulative trading practices much more focused, accurate, and 
efficient.\76\
---------------------------------------------------------------------------

    \76\ For example, implementation of a consolidated audit trail 
also will help regulators monitor reliance on the use of the safe 
harbor provision for issuer repurchases in Rule 10b-18 under the 
Exchange Act. 17 CFR 240.10b-18. Rule 10b-18 under the Exchange Act 
provides issuers with a safe harbor from liability for manipulation 
under Sections 9(a)(2) and 10(b) of the Exchange Act, and Rule 10b-5 
under the Exchange Act, when they repurchase their common stock in 
the market in accordance with the Rule's manner, timing, price, and 
volume conditions. The data required to be included in the 
consolidated audit trail will assist regulators in monitoring issuer 
repurchases that rely on Rule 10b-18's safe harbor protections to 
ensure that they comply with all required criteria.
---------------------------------------------------------------------------

    The timely availability of data to regulators also impacts the 
efficacy of detecting (and possibly mitigating the effects of) some 
types of market manipulation. For example, some pernicious trading 
schemes are designed to generate large ``quick-hit'' profits in which 
participants attempt to transfer the proceeds from the activity to 
accounts outside of the reach of domestic law enforcement as soon as 
the offending transactions have settled in the brokerage account 
(typically three days after execution). If the SROs detect such schemes 
and promptly report them to the Commission, the Commission potentially 
could seek asset freezes that limit the transfer of funds until charges 
against the account holder are resolved. The Commission believes that a 
consolidated audit trail in which uniform data about market activities 
are efficiently collected and processed soon after such activities 
occur, and in which data are available to regulators in a timely 
manner, would more frequently and effectively allow regulators to use 
this approach.
iii. Tips and Complaints
    A consolidated audit trail also would significantly improve the 
processes used by the SROs and the Commission for evaluating tips and 
complaints about trading activity.\77\ It is not uncommon for market 
participants or those with experience in market data to sometimes note 
atypical trading or quoting patterns in publicly-available market data. 
A consolidated audit trail would allow regulatory staff to quickly 
determine whether a particular instance of an atypical activity 
(regardless of how it was originally identified), such as an abnormally 
high level of quote traffic, is worthy of further investigation.
---------------------------------------------------------------------------

    \77\ The Commission receives an average of over 200 market-
related TCRs each month.
---------------------------------------------------------------------------

    Today, such an analysis of TCRs is difficult and cumbersome. Even a 
preliminary review requires analysis by each exchange or ATS to 
identify the activity in question and to determine its scope. 
Regulators then must consolidate the analyses from each such market 
center to determine the identities of those responsible for the 
atypical

[[Page 45732]]

activity in question. To the extent that the activity originates from 
several market participants, regulators must conduct additional 
analysis on each of those participants, and possibly other 
participants, to discover information that could identify the 
customer(s) originating the orders that created the atypical activity. 
Without a unique customer identifier included in the order and trade 
data, this may not be possible. The consolidated audit trail would 
significantly improve the multi-stage process, enabling regulatory 
staff to make efficient queries on orders and more quickly determine 
whether the TCR can be ``closed'' or if further analysis and 
investigation are warranted.
iv. Cross-Market and Principal Order Surveillance
    Investigations of cross-market activity may be more efficient with 
a consolidated audit trail as such an audit trail may provide 
regulators with data not currently consolidated across markets and/or 
data not currently available to regulators such as broker-dealer 
principal orders, including market maker quotes. For example, in an 
attempt to manipulate the market, a broker-dealer could use numerous 
principal sell orders across multiple venues to give the misleading 
appearance of broad sell-side pressure, and then send a buy principal 
order at a favorable price to take advantage of the market momentum 
created by the misleading sell orders. This type of activity would be 
difficult to readily identify with current audit trails, but it could 
be the target of a routine surveillance of a consolidated audit trail. 
The Commission notes, for example, the statement of FINRA and NYSE 
Euronext that, ``[p]articularly since the implementation of Regulation 
NMS in 2007, there has been a significant increase in market linkages, 
the result of which is that trading activity on one market can have a 
profound effect on other markets. This, in turn, has led to the 
realization that market manipulation, by its very nature, is 
facilitated cross-market where, for example, trading on one market is 
used to affect a security's price while trading on another market is 
used to take advantage of that price change.'' \78\
---------------------------------------------------------------------------

    \78\ See FINRA/NYSE Euronext Letter, p. 2.
---------------------------------------------------------------------------

    In addition, the consolidation of order data with direct access for 
all relevant regulators may create opportunities for regulators to 
develop entirely new methods of surveillance, and to keep existing 
forms of surveillance up to date as new market practices and new market 
technologies continue to rapidly evolve. In fact, as described more 
fully below, SROs are required by the Rule to incorporate the expanded 
audit trail data into their surveillance systems.\79\
---------------------------------------------------------------------------

    \79\ See Rule 613(f).
---------------------------------------------------------------------------

b. Improved Analysis and Reconstruction of Broad-Based Market Events
    A consolidated audit trail will significantly improve the ability 
of regulators to reconstruct broad-based market events so that they and 
the public may be informed by an accurate and timely accounting of what 
happened, and possibly why. The sooner a reconstruction can be 
completed, the sooner regulators can begin reviewing an event to 
determine what, if any, regulatory responses might be required to 
address the event in an effective manner.
    For example, on the afternoon of May 6, 2010, the U.S. equity and 
equity futures markets experienced a sudden breakdown of orderly 
trading, when broad-based indices, such as the Dow Jones Industrial 
Average Index and the S&P 500 Index, fell about 5% in just five 
minutes, only to rebound soon after (the ``Flash Crash''). Many 
individual equities suffered even worse declines, with prices in over 
300 stocks and exchange-traded funds falling more than 60%. In many of 
these cases, trades were executed at a penny or less in stocks that 
were trading at prices of $30 or more only moments earlier before 
prices recovered to their pre-Flash Crash levels.\80\
---------------------------------------------------------------------------

    \80\ See note 45, supra.
---------------------------------------------------------------------------

    The Commission immediately formed an interdisciplinary team from 
across the Commission to analyze the events of May 6, 2010, identify 
possible causes, inform the public of what happened, and aid in 
formation of regulatory responses. The CFTC took similar steps. Within 
a few weeks, staff at the Commission and the CFTC released a joint 
preliminary report that described the event and, in general terms, the 
market conditions prior to and during the rapid decline.\81\ However, 
at that time the staffs were unable to definitively identify the 
specific conditions or circumstances that could have caused, 
contributed to, or exacerbated the event. Though the SROs and the 
Commission quickly implemented a single-stock circuit breaker pilot 
program as an initial response, a more complete regulatory response 
required a full and robust analysis of additional data.
---------------------------------------------------------------------------

    \81\ See ``Preliminary Findings Regarding the Market Events of 
May 6, 2010: Report of the Staffs of the CFTC and the SEC to the 
Joint Advisory Commission Emerging Regulatory Issues.'' (May 18, 
2010). See http://www.sec.gov/sec-cftc-prelimreport.pdf.
---------------------------------------------------------------------------

    From the start of the investigation, many market participants had 
suggested that the sudden withdrawal of liquidity in the equity markets 
may have resulted in the rapid decline of prices as orders to 
immediately sell (many from retail investors) found no interest on the 
buy side (from market professionals).\82\ To fully understand how such 
conditions could occur, Commission economists needed to analyze the 
order books for thousands of equities. Commission staff requested order 
book data from several exchanges that sell such data or could readily 
put such data together, but this data did not represent the whole 
market. Commission staff attempted to use order data from OATS and 
several SRO audit trails to reconstruct order books for thousands of 
equities traded on exchanges that do not maintain or could not provide 
order book data. Although it was possible to link the data from 
different sources to show trading activity for a particular stock over 
a specific period of time, the accuracy, completeness, and content of 
the combined data sets were not sufficient to allow for an accurate 
reconstruction of the order books. This hindered staff in determining 
what happened to liquidity before, during, and after the Flash Crash. 
Two major problems were the inability to identify and eliminate 
duplicate orders from the data and the inability to accurately sequence 
events across the multiple data sources.
---------------------------------------------------------------------------

    \82\ For detailed discussions and chronologies of the 
investigation into the events of May 6, 2010, see SEC (http://www.sec.gov/spotlight/sec-cftcjointcommittee.shtml) and CFTC (http://www.cftc.gov/PressRoom/Events/AdvisoryCommitteeMeetings/index.htm) 
webcasts and minutes of public meetings held with the Joint CFTC-SEC 
Advisory Committee on Emerging Regulatory Issues on May 24, 2010, 
June 22, 2010, August 11, 2010, November 5, 2010, and February 18, 
2011.
---------------------------------------------------------------------------

    As described in the final joint report issued by the staffs of the 
CFTC and the Commission on September 30, 2010, Commission staff were 
only able to create a comprehensive view of the order books by 
acquiring, processing, and aggregating four distinct data sets that 
each contained a subset of order book information from each of the four 
exchanges that could provide such information: Nasdaq ModelView, NYSE 
Openbook Ultra, NYSE ARCABook, and BATS Exchange.\83\ Given the 
enormous volume of data that needed to be processed (more than 5.3 
billion records), even small changes to the integration and aggregation 
process took

[[Page 45733]]

significant computer time to test and implement.
---------------------------------------------------------------------------

    \83\ See note 45, supra, at p. 11.
---------------------------------------------------------------------------

    By early July 2010, staff at the CFTC had completed a very detailed 
analysis of the full order book of the S&P 500 E-Mini futures contract 
and were able to show how liquidity in that contract had been eroding 
for most of the day. The CFTC's detailed second-by-second analysis of 
trading during the Flash Crash itself revealed how buy-side depth in 
the S&P 500 E-Mini futures virtually evaporated as broad market indices 
rapidly fell 5%.\84\ However, until a similar analysis could be 
completed in the equity markets, neither regulators nor the public 
would know whether an evaporation of liquidity was also present in the 
equity markets, and whether the timing of such an event preceded or 
followed the liquidity event in the futures market. Ultimately, it took 
Commission staff nearly five months to complete an accurate 
representation of the order books of the equity markets for May 6, 
2010. Even then, the reconstruction was not fully complete and only 
contained an estimated 90% of trade and order activity for that 
day.\85\ However, it was sufficiently comprehensive to allow staff to 
perform a robust analysis of the equity markets revealing how ``the 
decline in full-depth buy-side liquidity for the E-Mini precede[d] that 
of the SPY and [the stocks composing] the S&P 500,'' and how ``drops in 
[stock] prices [became] increasingly more severe with ever-larger drops 
in liquidity.'' \86\
---------------------------------------------------------------------------

    \84\ Id.
    \85\ Id.
    \86\ Id. at p. 18, 80.
---------------------------------------------------------------------------

    Had there been a consolidated audit trail in place on May 6, 2010, 
regulators would likely have been able to much more quickly and 
efficiently perform these types of detailed analyses. This in turn 
could have dramatically shortened the time during which regulators, as 
well as the public, remained uncertain about what actually happened 
during the Flash Crash.
c. Improved Market Analysis
    In addition to the surveillance and reconstruction benefits 
described above, a consolidated audit trail would also significantly 
improve the ability of regulators to monitor overall market structure, 
so that both the Commission and the SROs can be better informed in 
their rulemakings. In January 2010 the Commission published a concept 
release on equity market structure that discusses how the markets have 
rapidly evolved from trading by floor-based specialists to trading by 
high-speed computers. The concept release poses a number of questions 
about the role and impact of high-frequency trading strategies and the 
movement of trading volume from the public national securities 
exchanges to dark pools.\87\
---------------------------------------------------------------------------

    \87\ See Securities Exchange Act Release No. 61358 (January 14, 
2010), 75 FR 3594 (January 21, 2010) (``Concept Release on Equity 
Market Structure'').
---------------------------------------------------------------------------

    Over the past two years there has been considerable discussion 
about these topics by regulators, market participants, the media, and 
the general public. Nevertheless, numerous open questions remain 
because of a lack of consolidated market data, making certain types of 
market-wide analysis impractical. For example, existing research on 
high frequency trading cannot precisely identify high frequency 
traders. As a result, studies of high frequency trading have been 
limited in their ability to thoroughly examine such strategies and 
their impact on the market, leaving many open questions. Having more 
precise data on who is trading (and from which general patterns of 
order submission could be inferred) would help regulators better 
understand the impact of high frequency trading on markets. Similar 
analyses also could be performed for other aspects of general market 
structure, such as those discussed in the concept release related to 
dark pools and internalization. In addition, having access to a 
consolidated audit trail will provide the Commission and SROs with 
better data to conduct retrospective analyses of rules and pilots. 
Informed analysis of these topics requires consolidating audit trails 
so that quotes and trades across multiple exchanges can be linked 
(either by customer type or by specific customer) with order flow and 
trades from the many dozens of over-the-counter venues.
d. Potential Reduction in Disparate Reporting Requirements and Data 
Requests
    The Commission believes that a consolidated audit trail will reduce 
the burdens on SROs and broker-dealers associated with producing 
regulatory data. In particular, the consolidated audit trail may reduce 
burdens from ad hoc data requests.
    The Commission believes that the creation of a consolidated audit 
trail may reduce the number and types of ad hoc requests made by 
regulators to market participants for data concerning their trading 
activities. In particular, regulators could use direct access to data 
in the consolidated audit trail for investigations or analyzing trends 
or broad market activities instead of requesting data from market 
participants. In addition, regulators could use this direct access to 
analyze the activities of a single trader across multiple markets, 
which today requires requests for data from multiple market 
participants. Regulators would therefore likely make fewer ad hoc 
requests. The Commission, however, does not believe that all ad hoc 
requests for data from market participants will be replaced by 
obtaining data from the consolidated audit trail. A detailed 
investigation of a particular firm may require types of data from that 
firm that are not stored in the consolidated audit trail, or that 
relate to periods prior to the implementation of the consolidated audit 
trail. In addition, in cases in which there are discrepancies, or even 
suspected discrepancies, between a firm's actual trading activities and 
what is stored in the consolidated audit trail's central repository, 
regulators are likely to request data directly from market participants 
for verification and investigative purposes.
3. Large Trader Reporting System Rule
    The Commission believes that a consolidated audit trail will be 
able to build upon various aspects of the large trader reporting system 
that was recently adopted by the Commission.\88\ Rule 13h-1, which 
establishes the large trader reporting system, requires large traders 
to identify themselves to the Commission and make certain disclosures 
to the Commission on Form 13H. Upon receipt of Form 13H, the Commission 
issues a unique identification number to the large trader, which the 
large trader then will be required to provide to those broker-dealers 
through which the large trader trades. Registered broker-dealers will 
be required to maintain specified transaction records for each large 
trader and to report that information to the Commission upon request. 
The Large Trader Rule requirements are designed to enable the 
Commission to promptly and efficiently identify significant market 
participants and collect data on their trading activity so that 
Commission staff can reconstruct market events, conduct investigations 
and bring enforcement actions as appropriate.
---------------------------------------------------------------------------

    \88\ See note 1, supra.
---------------------------------------------------------------------------

    Several commenters noted that portions of the requirements of Rule 
13h-1 overlapped with certain provisions of proposed Rule 613 and 
requested that the Commission harmonize the rules.\89\ One commenter

[[Page 45734]]

stated that the Commission should consider implementing only those 
portions of Rule 13h-1 that would not be affected by, or be redundant 
to, the implementation of the consolidated audit trail proposal.\90\ 
Another commenter suggested that the Commission mandate compliance only 
with those aspects of Rule 13h-1 that would operate as part of the 
consolidated audit trail--the large trader identifier in particular--so 
they could be leveraged in the creation of the consolidated audit 
trail.\91\ Yet another commenter believed that, upon implementation of 
the consolidated audit trail, it would not be necessary for large 
traders to identify themselves to their broker-dealers pursuant to Rule 
13h-1, because the consolidated audit trail already would require 
broker-dealers to include a customer identifier for every order.\92\ 
The commenter explained that, if customer information is collected as 
part of the consolidated audit trail, the Commission and SROs could run 
queries to identify customers with significant trading volume.\93\
---------------------------------------------------------------------------

    \89\ See ICI Letter, p. 6-7; Liquidnet Letter, p. 4-5; SIFMA 
Letter, p. 18-19; CBOE Letter, p. 6 (questioning the need for a 
large trader reporting system if a consolidated audit trail is 
implemented).
    \90\ See FINRA/NYSE Euronext letter, p. 7.
    \91\ See SIFMA Letter, p. 18.
    \92\ See Liquidnet Letter, p. 5.
    \93\ Id.
---------------------------------------------------------------------------

    The Commission believes that both Rules are necessary to enhance 
regulatory oversight of the markets and its members. Key aspects of 
Rule 13h-1 define the types of entities that are large traders, and who 
must register with the Commission and file and keep current certain 
background information on Form 13H. These aspects of Rule 13h-1 are not 
addressed by Rule 613 and would not be superseded by it. Rather, the 
information collected by the registration of large traders would 
further complement the data collected for a consolidated audit trail. 
To this end, Rule 613 requires that large trader identifiers also be 
reported to the central repository as part of any large trader's 
customer account information.\94\
---------------------------------------------------------------------------

    \94\ See Rule 613(j)(4).
---------------------------------------------------------------------------

    The Commission does note, however, that other aspects of Rule 13h-1 
may be superseded by Rule 613. Specifically, the trade reporting 
requirements of Rule 13h-1 are built upon the existing EBS system. To 
the extent that, as described in Section II.A.2.iv.d., data reported to 
the central repository under Rule 613 obviates the need for the EBS 
system, the Commission expects that the separate reporting requirements 
of Rule 13h-1 related to the EBS system would be eliminated.\95\
---------------------------------------------------------------------------

    \95\ Though certain reporting requirements of Rule 13h-1 may 
eventually be unnecessary due to Rule 613, the Commission notes that 
Rule 13h-1 will be implemented much more expeditiously compared to 
the consolidated audit trail, and therefore will address the 
Commission's near-term need for access to more information about 
large traders and their activities.
---------------------------------------------------------------------------

B. Summary of Proposed Rule 613

    Proposed Rule 613 would have required that the SROs propose an NMS 
plan that included provisions regarding: (1) The operation and 
administration of the NMS plan; (2) the creation, operation and 
oversight of a central repository; (3) the data required to be provided 
by SROs and their members \96\ to the central repository; (4) clock 
synchronization; (5) compliance by national securities exchanges, 
FINRA, and their members with Rule 613 and the NMS plan; and (6) a plan 
for the possible expansion of the NMS plan to products other than NMS 
securities.
---------------------------------------------------------------------------

    \96\ Section 3(a)(3)(A) of the Exchange Act defines the term 
``member'' to mean: ``(i) Any natural person permitted to effect 
transactions on the floor of the exchange without the services of 
another person acting as broker; (ii) any registered broker or 
dealer with which such a natural person is associated; (iii) any 
registered broker or dealer permitted to designate as a 
representative such a natural person; and (iv) any other registered 
broker or dealer which agrees to be regulated by such exchange and 
with respect to which the exchange undertakes to enforce compliance 
with the provisions of the [Exchange Act], the rules and regulations 
thereunder, and its own rules.'' Section 3(a)(3)(A) further provides 
that, ``[f]or purposes of Sections 6(b)(1), 6(b)(4), 6(b)(6), 
6(b)(7), 6(d), 17(d), 19(d), 19(e), 19(g), 19(h), and 21 of [the 
Exchange Act], the term `member' when used with respect to a 
national securities exchange also means, to the extent of the rules 
of the exchange specified by the Commission, any person required by 
the Commission to comply with such rules pursuant to Section 6(f) of 
this title.'' Finally, Section 3(a)(3)(B) provides that ``[t]he term 
`member' when used with respect to a registered securities 
association means any broker or dealer who agrees to be regulated by 
such association and with respect to whom the association undertakes 
to enforce compliance with the provisions of [the Exchange Act].'' 
See 15 U.S.C. 78c(a)(3)(A) and 15 U.S.C. 78c(a)(3)(B).
---------------------------------------------------------------------------

    Specifically, proposed Rule 613 would have required the SROs to 
jointly file an NMS plan with the Commission to govern the creation, 
implementation, and maintenance of a consolidated audit trail and a 
central repository.\97\ The NMS plan would have been required to 
provide for an accurate, time-sequenced record of an order's life, from 
receipt or origination, through cancellation or execution. In 
particular, the proposed Rule would have required the NMS plan to 
require that the SROs and their respective members collect and provide 
to the central repository data for each ``reportable event,'' defined 
to include the receipt, origination, modification, cancellation, 
routing, and execution (in whole or in part) of an order, with respect 
to any NMS security. This data would have been required to be collected 
and provided to the central repository in a uniform electronic format 
on a real-time basis.
---------------------------------------------------------------------------

    \97\ The proposed Rule would have explicitly required each 
national securities exchange and national securities association to 
be a sponsor of the NMS plan submitted pursuant to the Rule and 
approved by the Commission. See proposed Rule 613(a)(4). 
``Sponsor,'' when used with respect to an NMS plan, is defined in 
Rule 600(a)(70) of Regulation NMS to mean any self-regulatory 
organization which is a signatory to such plan and has agreed to act 
in accordance with the terms of the plan. See 17 CFR 242.600(a)(70).
---------------------------------------------------------------------------

    Under the proposed Rule, the data collected upon the receipt or 
origination of an order would have included: a unique order identifier; 
a unique customer identifier; \98\ a unique identifier for the broker-
dealer receiving or originating the order; the date and time of receipt 
or origination of the order; and the ``material terms of the order.'' 
\99\ For orders that are modified or cancelled, the data collected in 
real time would have included: The date and time the modification or 
cancellation was received or originated; the price and remaining size 
of the order; changes in the material terms of the order (if the order 
is modified); and the identity of the person giving the modification or 
cancellation.
---------------------------------------------------------------------------

    \98\ Proposed Rule 613(j)(1) would have defined the term 
``customer'' to mean the beneficial owner(s) of the account 
originating the order and the person exercising investment 
discretion for the account originating the order, if different from 
the beneficial owner(s).
    \99\ The proposed Rule would have defined ``material terms of 
the order'' to include, but not be limited to: The NMS security 
symbol; security type; price (if applicable); size (displayed and 
non-displayed); side (buy/sell); order type; if a sell order, 
whether the order is long, short, or short exempt; if a short sale, 
the locate identifier, open/close indicator, time in force (if 
applicable), whether the order is solicited or unsolicited, and 
whether the account has a prior position in the security; if the 
order is for a listed option, option type (put/call), option symbol 
or root symbol, underlying symbol, strike price, expiration date, 
and open/close; and any special handling instructions. See proposed 
Rule 613(j)(3).
---------------------------------------------------------------------------

    For orders that are routed, data collected in real time would have 
included: The unique order identifier, the date and time the order was 
routed; The unique identifier of the broker-dealer or national 
securities exchange routing the order; the unique identifier of the 
broker-dealer or national securities exchange receiving the order; if 
routed internally at a broker-dealer, the identity and nature of the 
department and desk to which the order was routed; and the material 
terms of the order.
    For orders received that were routed, data collected in real time 
would have included all the information for orders that are routed, 
except the identity and nature of the department and desk to which the 
order was routed, if routed internally at a broker-dealer; however,

[[Page 45735]]

the date and time the order was routed would be replaced by the date 
and time the order was received.
    For the execution of an order, data collected in real time would 
have included: the unique order identifier; the date and time of 
execution; the execution size and price; the unique identifier of the 
SRO or broker-dealer executing the order; the capacity of the broker-
dealer executing the order (i.e., principal, agency, riskless 
principal); and whether the execution was reported pursuant to an 
effective transaction reporting plan or the OPRA Plan.\100\
---------------------------------------------------------------------------

    \100\ ``The OPRA Plan'' is the Plan for Reporting of 
Consolidated Options Last Sale Reports and Quotation Information 
filed with the Commission pursuant to, and meeting the requirements 
of, Rule 608 of Regulation NMS. The OPRA Plan governs the 
dissemination of trade and quotation information for listed options. 
In this capacity, it provides real-time quotation and transaction 
information to market participants. See 17638 (March 18, 1981), 22 
SEC Docket 484 (March 31, 1981) (order approving the OPRA Plan).
---------------------------------------------------------------------------

    Because certain information may not be readily available at the 
time of the reportable event, the proposed Rule would have required the 
NMS plan to require each SRO and its members to collect and provide to 
the central repository certain information, in a uniform electronic 
format, promptly after receipt of such information, but in no instance 
later than midnight of the day that the reportable event occurred or 
when the SRO or its member receives such information. Under the 
proposed Rule, this data would have included: The account number for 
any subaccounts to which the execution is allocated (in whole or part); 
the unique identifier of the clearing broker or prime broker, if 
applicable; the unique order identifier of any contra-side order; 
special settlement terms, if applicable; short sale borrow information 
and identifier; the amount of a commission, if any, paid by the 
customer, and the unique identifier of the broker-dealer(s) to whom the 
commission is paid; and, if the execution is cancelled, a cancelled 
trade indicator.
    The proposed Rule would have required that the SROs jointly file an 
NMS plan with the Commission within 90 days after approval of the Rule. 
In addition, the SROs would have been required to select a plan 
processor within two months of the effectiveness of the NMS plan, as 
well as provide the Commission a document outlining how the SROs would 
propose to expand the audit trail to include non-NMS securities and 
additional transactions. The proposed Rule also would have required the 
SROs to file proposed rule changes to require their members to comply 
with the requirements of the proposed Rule and the NMS plan within 120 
days of the effectiveness of the NMS plan. The SROs would have been 
required to begin reporting data to the central repository within one 
year after the effectiveness of the NMS plan, and their members would 
have been required to begin reporting data to the central repository 
within two years after the effectiveness of the NMS plan.
    As proposed, the NMS plan would have been required to include 
specific plan provisions, detailing: The plan governance structure, the 
processes of admission and withdrawal of plan sponsors, the percentage 
of votes required to effectuate amendments to the plan, the allocation 
of central repository costs among the plan sponsors, and the 
appointment of a Chief Compliance Officer (``CCO'') of the central 
repository. The proposed Rule would have required all plan sponsors to 
develop and implement a surveillance system, or enhance existing 
surveillance systems, reasonably designed to make use of the 
information contained in the consolidated audit trail. This information 
would be available to the Commission and the SROs for regulatory and 
oversight purposes only. The proposed Rule also would have required the 
NMS plan to require information be collected in a convenient and usable 
standard electronic data format, directly available and searchable 
electronically without any manual intervention for a period of not less 
than five years. This information would have been required to be 
available immediately, or, if immediate availability was not reasonably 
and practically achieved, any search query would have to begin 
operating on the data not later than one hour after the search query 
was made. Additionally, the proposed Rule would have required the NMS 
plan to include policies and procedures, including standards, to be 
utilized by the plan processor to ensure the security and 
confidentiality of all information submitted to the central repository, 
and all SROs and their employees, as well as all employees of the 
central repository, would have been required to agree to use 
appropriate safeguards to ensure the confidentiality of such data. The 
proposed Rule also would have required SROs and their members to 
synchronize their business clocks that are used for the purposes of 
recording the date and time of any event that must be reported under 
the proposed Rule consistent with industry standards. Further, the 
proposed Rule would have required the central repository to collect and 
retain, on a current and continuing basis, and in a format compatible 
with the other information collected pursuant to the proposed Rule, the 
national best bid and national best offer (``NBBO'') information for 
each NMS security. Transaction reports reported pursuant to an 
effective transaction reporting plan filed with the Commission pursuant 
to, and meeting the requirements of, Rule 601 of Regulation NMS under 
the Exchange Act,\101\ and last sale reports reported pursuant to the 
OPRA Plan filed with the Commission pursuant to, and meeting the 
requirements of, Rule 608 of Regulation NMS under the Exchange Act also 
would have been required to be collected and retained.
---------------------------------------------------------------------------

    \101\ The effective transaction reporting plans include the 
Consolidated Tape Association Plan (``CTA Plan'') and the Joint 
Self-Regulatory Organization Plan Governing the Collection, 
Consolidation and Dissemination of Quotation and Transaction 
Information for Nasdaq-listed Securities Traded on Exchanges on an 
Unlisted Trading Privilege Basis (``UTP Plan'').
---------------------------------------------------------------------------

C. Summary of General Comments on the Proposed Rule

    The Commission requested comments on all aspects of the proposed 
Rule, including the potential costs and benefits.\102\ In particular, 
the Commission encouraged commenters to identify, discuss, analyze, and 
supply relevant data regarding any such costs or benefits.\103\ In 
response, commenters provided views and opinions regarding the 
regulatory usefulness of a consolidated audit trail; the overall costs 
of the proposed Rule, focusing on those requirements that commenters 
believed would be the most costly or burdensome to implement; \104\ the 
process for creating and implementing a consolidated audit trail; and 
alternatives to the proposed Rule's approach to creating, implementing, 
and maintaining a consolidated audit trail. These comments are 
discussed below.
---------------------------------------------------------------------------

    \102\ See Proposing Release, supra note 4, at 32586 and 32594.
    \103\ Id.
    \104\ For comments on general costs of the proposed Rule, see, 
e.g., Thomson Reuters Letter, p. 2; Liquidnet Letter, p. 1; CBOE 
Letter, p. 2; Nasdaq Letter I, p. 2; Angel Letter, p. 1-2; IAG 
Letter, p. 3.; Kaufman Letter, attachment p. 3; Wells Fargo Letter, 
p. 4; Noetic Partners Letter, p. 2; Leuchtkafer Letter, p. 1-5; 
Broadridge Letter, p. 3; SIFMA Letter, p. 1-2, FINRA Letter, p. 3; 
FINRA Proposal Letter, p. 2.; High Speed Letter, p. 1; Belanger 
Letter, p. 7-8.
---------------------------------------------------------------------------

1. Industry Support for a Consolidated Audit Trail
    Commenters provided a wide range of opinions, and shared their 
concerns, regarding specific aspects of the proposed Rule.\105\ 
However, many of the

[[Page 45736]]

commenters and their representatives who are involved with regulating 
and operating securities markets--as well as many of the commenters who 
otherwise populate data for, or make use of, existing audit trail 
systems (such as broker-dealers)--expressed support for the creation of 
a single consolidated audit trail.
---------------------------------------------------------------------------

    \105\ See Section II.C., infra, for a discussion of specific 
concerns raised by commenters.
---------------------------------------------------------------------------

    FINRA and NYSE Euronext, filed a joint letter, ``vigorously 
support[ing] the establishment of a consolidated audit trail,'' and 
stating, among other things, that ``the evolution of the U.S. equity 
markets and the technological advancements that have recently taken 
place have created an environment where a consolidated audit trail is 
now essential to ensuring the proper surveillance of the securities 
markets and maintaining the confidence of investors in those markets.'' 
\106\
---------------------------------------------------------------------------

    \106\ See FINRA/NYSE Euronext Letter, p. 1. NYSE Euronext is the 
publicly traded parent of a number of subsidiaries, including three 
SROs, NYSE, NYSE Amex, and NYSE Arca.
---------------------------------------------------------------------------

    The NASDAQ OMX Group, Inc. similarly states that ``[m]arket 
developments and fragmentation of market centers with varying market 
structures and levels of transparency have created inefficiencies and 
potential gaps in cross-market regulation,'' and that ``[c]omplete 
transparency is the only way to ensure fair and orderly markets.'' 
\107\
---------------------------------------------------------------------------

    \107\ See Nasdaq Letter I, p. 2. The NASDAQ OMX Group, Inc. is 
the publicly traded parent of a number of subsidiaries, including 
three SROs, Nasdaq, Phlx, and BX.
---------------------------------------------------------------------------

    Other commenters also stated their general support for the creation 
of a consolidated audit trail. According to Direct Edge Holdings, LLC 
(``Direct Edge''), ``[t]he proposed consolidated audit trail (`CAT') 
system would significantly enhance the capabilities of regulators to 
police trading across asset classes; replace existing audit trails and 
consolidate trading and execution data for the asset classes under the 
Commission's jurisdiction * * * enable regulators to create a more 
complete timeline of an order's lifecycle; and facilitate large-scale 
market reconstructions * * * .'' \108\
---------------------------------------------------------------------------

    \108\ See Direct Edge Letter, p. 1. Direct Edge is the parent of 
two SROs, EDGA Exchange, Inc. and EDGX Exchange, Inc.
---------------------------------------------------------------------------

    Although CBOE expressed some concerns in its comment letter about 
the ``breadth, expense, and timetable of the Proposal'' \109\ (concerns 
that were shared by other commenters),\110\ it ``recognizes there are 
potential benefits to be obtained from CAT, and agrees that a central 
repository with uniform data submitted by all markets could enhance SRO 
and SEC oversight of the markets.'' \111\ CBOE further stated that, 
``[i]n particular, a CAT that contains a customer identifier on an 
order by order basis would enhance significantly the audit trails of 
the markets.'' \112\
---------------------------------------------------------------------------

    \109\ See CBOE Letter, p. 2.
    \110\ See, e.g., Scottrade Letter, p. 1; ICI Letter, p. 4-6; 
FINRA/NYSE Euronext Letter, p. 4; GETCO Letter, p. 2; BATS Letter, 
p. 1-2; SIFMA Letter, p. 3-8; Direct Edge Letter, p. 3; FINRA 
Letter, p. 10-13; Wells Fargo Letter, p. 3; Knight Letter, p. 2-3; 
Leuchtkafer Letter; Broadridge Letter, p. 3; SIFMA Proposal Letter, 
p. 1; FINRA Proposal Letter, p. 3.; Liquidnet Letter, p. 3 & p. 5-6; 
Ameritrade Letter, p. 2-3
    \111\ Id.
    \112\ Id.
---------------------------------------------------------------------------

    BATS Exchange, Inc. (``BATS'') expressed general support for the 
Commission's proposal, stating, ``[o]ver the last several years, 
liquidity has dispersed across multiple interconnected venues, such 
that no one market center can claim a majority share of equity 
securities transactions. However, regulatory tools have not evolved to 
keep pace with these changes, and the limited existing processes and 
data available to analyze inter-market trading are inadequate. As a 
consequence, regulators rely on inefficient processes to reconstruct 
inter-market trading activity, including ad hoc requests to members for 
trading data when a potential problem is identified.'' \113\
---------------------------------------------------------------------------

    \113\ See BATS Letter, p. 1.
---------------------------------------------------------------------------

    Liquidnet, Inc. (``Liquidnet''), an ATS, generally stated that, 
``[i]n the long run, a properly-designed system that provides for 
centralized reporting of data should be more cost-efficient than the 
current patchwork system for collecting audit trail data.'' \114\ 
Liquidnet outlined seven specific benefits of a consolidated audit 
trail, ranging from ``[reducing] the time that regulatory personnel 
must expend to request and collect data from market participants on a 
case-by-case basis,'' to ``[reducing] the cost of reconstructing, 
analyzing, and reporting on significant market events such as those 
that occurred on May 6, 2010.'' \115\
---------------------------------------------------------------------------

    \114\ See Liquidnet Letter, p. 1.
    \115\ Id. at p. 1-2.
---------------------------------------------------------------------------

    The Securities Industry and Financial Markets Association 
(``SIFMA''), an industry group that represents, among other entities, 
hundreds of securities firms that could be impacted by the creation of 
a consolidated audit trail, ``believes that a centralized and 
comprehensive audit trail would enable the SEC and securities self-
regulatory organizations (`SROs') to perform their monitoring, 
enforcement, and regulatory activities more effectively.'' \116\ SIFMA 
further states that, ``[i]n the current era of electronic trading, 
regulators need efficient access to order and execution data from both 
broker-dealers and exchanges. Indeed, a consolidated audit trail is a 
much-needed improvement over today's fragmented audit trail 
platforms.'' \117\ As did a number of other commenters,\118\ SIFMA also 
expressed concerns about, and suggested alternatives to, some specific 
aspects of the proposed Rule, which will be further discussed below.
---------------------------------------------------------------------------

    \116\ See SIFMA Letter, p. 1-2.
    \117\ Id. at p. 2.
    \118\ See, e.g., FINRA/NYSE Euronext Letter, p. 7, FINRA Letter, 
p. 3, FINRA Proposal Letter, p. 1-16, FTEN Letter, p. 1, 4-5, 
Correlix Letter, p. 2-3; BOX Letter, p. 2; BATS Letter, p. 2.; CBOE 
Letter, p. 2; Angel Letter, p. 2; Wells Fargo Letter, p. 2; Knight 
Letter, p. 3; FIF Letter, p. 5-6; Schumer Letter, p. 1.
---------------------------------------------------------------------------

    Finally, the Commission notes that members of the Financial 
Information Forum, whose participants include ``trading and back office 
service bureaus, broker-dealers, market data vendors and exchanges,'' 
agree that ``an enhanced audit trail system could increase the 
effectiveness of cross-market surveillance through better data 
availability and integration.'' \119\
---------------------------------------------------------------------------

    \119\ See FIF Letter, p. 1.
---------------------------------------------------------------------------

    When the perspectives of these commenters are combined with the 
Commission's own experiences (as described above in Section II.A.1.c.), 
a common theme emerges: There is substantial room for improvement in 
the collection of and access to trading data beyond what is available 
today from existing audit trails and other sources. The Commission 
agrees with many of the commenters that one of the main benefits of a 
consolidated audit trail will be to improve the efficiency and adequacy 
of a regulatory process of collecting and accessing audit trail data 
that directly affects and impacts a significant number, and wide 
variety, of market participants.
2. Commenters' Views on the Overall Costs of the Proposed Rule and the 
Resulting Framework of the Adopted Rule
    With respect to general costs for the proposal, commenters 
expressed differing views. As discussed below, some commenters thought 
that the Commission overestimated the burdens of creating, 
implementing, and maintaining a consolidated audit trail, while others 
argued that the Commission had underestimated such burdens.
    Nasdaq was among those commenters that stated that the Commission 
had overestimated the burdens. Specifically, Nasdaq stated that 
``innovative technology exists to meet many of the Commission's goals 
at significantly

[[Page 45737]]

lower costs than estimated in the Proposing Release,'' and that SROs 
should be able to weigh the costs and benefits of various designs.\120\ 
Other commenters also expressed similar opinions stating that a 
consolidated audit trail accomplishing the Commission's goals could be 
implemented for less than the preliminary estimates.\121\ Two firms 
with experience in processing and analyzing market data, FTEN and 
Thomson Reuters, each noted that current technology could convert data 
from disparate systems into a uniform format, resulting in a less 
costly implementation of the consolidated audit trail.\122\ FTEN stated 
that ``currently available commercial systems are capable of 
immediately accomplishing CAT goals of real-time cross-market 
transparency, accountability and control with no implementation risk 
and for far less than the estimated multi-billion dollar price tag.'' 
\123\ It further suggested that ``[t]he SEC should leverage already 
deployed and commercially available solutions that are in production 
use today by major market participants * * * .'' and an ``iterative 
approach [that] would leverage existing systems to capture order and 
execution data in real-time from liquidity destinations (exchanges, 
ECNs, ATSs and dark pools) and `map' the data back to original trade 
submissions by market participants without requiring integration with, 
or changes to, market participants systems or to liquidity destination 
systems and without modifying existing order flow.'' \124\ Similarly, 
another commenter recommended a technology solution that could handle 
the required data in milliseconds and that ``significantly reduces disk 
space required, which can potentially save millions of dollars when 
dealing with multiple terabytes of data.'' \125\ One commenter 
suggested an entirely different approach through the use of an 
``adaptive graph indexing-based architecture'' as the basis for the 
consolidated audit trail platform, instead of using a central 
repository, and explained that this technology would keep trading data 
within each SRO.\126\
---------------------------------------------------------------------------

    \120\ See Nasdaq Letter I, p. 2.
    \121\ See Thomson Reuters Letter, p. 2; Noetic Partners Letter, 
p. 2; FTEN Letter, p. 1; Ross Letter; Correlix Letter, p. 2.; FINRA 
Proposal Letter, p. 2.; High Speed Letter, p. 1; Belanger Letter, p. 
7-8; Aditat Letter, p. 2 (stating that FIX protocol is already used 
in the industry today, making it cheaper to create systems to handle 
consolidated audit trail data as the data already exists in a 
``suitable format'').
    \122\ See FTEN Letter, p. 13; Thomson Reuters Letter, p. 2-3.
    \123\ See FTEN Letter, p. 1.
    \124\ Id. at p. 3.
    \125\ See Know More Software Letter, p. 1.
    \126\ See Belanger Letter, p. 4.
---------------------------------------------------------------------------

    On the other hand, numerous commenters expressed general concerns 
about the costs of implementing a consolidated audit trail relative to 
the benefits to be gained. For example, one commenter stated that 
``there can be no doubt whether market regulators need a consolidated 
audit trail;'' however, the commenter questioned whether a system as 
costly as the consolidated audit trail was necessary to detect 
violations such as frontrunning, spoofing, and layering, which are 
violations the Commission has rarely pursued in the recent past.\127\
---------------------------------------------------------------------------

    \127\ See Leuchtkafer Letter, p. 4. See also IAG Letter, p. 3.
---------------------------------------------------------------------------

    As discussed above, many commenters expressed general support for 
the creation of a consolidated audit trail, but believed that, as 
proposed, the implementation would be too costly and that the Rule 
should be modified.\128\ Concern about the proposed real-time 
requirements for reporting data to the central repository was a common 
theme expressed by these commenters,\129\ including those who 
maintained that a requirement to provide data on a real-time basis 
would be too burdensome due to the extensive systems changes that would 
be needed to comply with such a requirement.\130\ Some of these 
commenters argued that a real-time reporting requirement would require 
many industry participants to build entirely new systems or undertake 
significant technological upgrades.\131\ SIFMA, in particular, 
estimated that the cost per broker-dealer to implement real-time 
reporting could be millions of dollars and that the cost of capturing 
options quotes in real time alone could exceed the Commission's $2.1 
billion estimate for the annualized cost of the audit trail.\132\ SIFMA 
further argued that broker-dealers would incur costs associated not 
only with establishing and maintaining the infrastructure to support 
real-time reporting, but also due to regulatory risk if they are not 
able to achieve 100 percent compliance with the proposed Rule.\133\ 
While SIFMA opposed a real-time reporting requirement, and encouraged 
the Commission to adopt a next day or later reporting requirement,\134\ 
SIFMA also stated that ``if the SEC determines to require reporting of 
certain data elements in real-time or near real-time, we believe such 
data should be limited to reporting of `key business events.' '' \135\ 
SIFMA further stated that, ``if the definition of real-time allowed for 
reporting within minutes (e.g. 10-15 minutes) of the events, it would 
be substantially less intrusive on order management systems and may 
allow for greater flexibility in designing reporting systems 
architecture and more standardized content for events such as order 
modifications * * * .'' \136\ SIFMA described how a reporting system 
using ``drop copies'' \137\ could be ``achievable in the relative near 
term,'' although it noted that its proposed process would not, among 
other things, include a unique Customer ID or a unique order 
identifier.\138\
---------------------------------------------------------------------------

    \128\ See, e.g., SIFMA Letter, p. 2, 15-16; FINRA/NYSE Euronext 
Letter, p. 7; FINRA Letter, p. 3; Angel Letter, p. 2; CBOE Letter, 
p. 2-6 (suggesting several ways that the costs of the proposal could 
be reduced, including: Leveraging existing SRO experience with audit 
trail systems and imposing uniformity across markets in those 
systems; requiring the submission of audit trail information through 
a batch process after the close of the trading day; deleting the 
requirement that all market maker quotes be submitted to the 
proposed consolidated audit trail; making clear that broker-dealers 
have no obligation to report order information that has already been 
reported to an exchange; and revisiting the need for a large trader 
reporting system if that proposed rule is adopted.).
    \129\ See Scottrade Letter, p. 1; ICI Letter, p. 4-6; FINRA/NYSE 
Euronext Letter, p. 4; GETCO Letter, p. 2; BATS Letter, p. 1-2; 
SIFMA Letter, p. 3-8; CBOE Letter, p. 4-5; Direct Edge Letter, p. 3; 
FINRA Letter, p. 10-13; Wells Fargo Letter, p. 3; Knight Letter, p. 
2-3; Leuchtkafer Letter; Broadridge Letter, p. 3; FIF Letter, p. 4; 
SIFMA Drop Copy Letter, p. 1; Ross Letter, p. 1; FINRA Proposal 
Letter, p. 3; SIFMA February 2012 Letter; FIA Letter, p. 1-2.
    \130\ See Section III.F.2., infra; see also, e.g., BATS Letter, 
p. 1-2; Broadridge Letter, p. 3; FIF Letter, p. 4-5; FINRA/NYSE 
Euronext Letter, p. 7; FINRA Letter, p. 3; ICI Letter, p. 4-5; 
Knight Letter, p. 2; Scottrade Letter, p. 1-2; SIFMA Letter, p. 3-6; 
SIFMA February 2012 Letter. Some commenters also questioned whether 
the costs to provide data on a real-time basis would outweigh the 
benefits. See Scottrade Letter, p. 1-2; FINRA/NYSE Euronext Letter, 
p. 4; GETCO Letter, p. 2; BATS Letter, p. 2; SIFMA Letter, p. 3-8; 
CBOE Letter, p. 4; FINRA Letter, p. 11-13; Wells Fargo Letter, p. 3; 
ICI Letter, p. 4-6; GETCO Letter, p. 2; Direct Edge Letter, p. 3; 
Leuchtkafer Letter; SIFMA Drop Copy Letter, p. 1; Ross Letter, p. 1; 
FINRA Proposal Letter, p. 3; SIFMA February 2012 Letter; FIA Letter, 
p. 2.
    \131\ See Scottrade Letter, p. 1-2; ICI Letter, p. 4-5; SIFMA 
Letter, p. 4; Knight Letter, p. 2. See also Broadridge Letter, p. 3; 
FIF Letter, p. 4; FIA Letter, p. 2.
    \132\ See SIFMA Letter, p. 4-6.
    \133\ Id. at p. 5.
    \134\ See SIFMA Letter, p. 3-4.
    \135\ See SIFMA Drop Copy Letter.
    \136\ Id.
    \137\ A ``drop copy'' is an electronic copy of a message 
automatically generated by the existing order management and 
execution systems used by broker-dealers and SROs.
    \138\ See SIFMA Drop Copy Letter.
---------------------------------------------------------------------------

    Commenters also expressed general concerns regarding the costs of 
other aspects of the Proposed Rule. For example, Global Electronic 
Trading Company (``GETCO''), a market maker in equities and equity 
options, urged the Commission to consider whether quotation information 
already

[[Page 45738]]

disseminated by SROs could be reported instead of requiring the SROs 
and their members to report all quotation information to reduce costs 
for the industry.\139\ Another commenter, Wells Fargo Advisors, argued 
that the inclusion of a unique customer identifier would add 
``tremendous incremental cost to the [consolidated audit trail].'' 
\140\
---------------------------------------------------------------------------

    \139\ See GETCO Letter, p. 3-4.
    \140\ See Wells Fargo Letter, p. 3.
---------------------------------------------------------------------------

    Many commenters provided suggestions and views on how the costs of 
creating and implementing a consolidated audit trail might be lowered. 
For example, financial technology firm, Correlix, Inc. (``Correlix''), 
stated that relying on existing infrastructure, where possible, could 
bring down the cost and amount of time it would take to implement the 
consolidated audit trail.\141\ Correlix further stated that existing 
technology already is able to provide ``a complete end-to-end history 
of message and order data from the market participant to the execution 
venue's matching engine and back to the originator,'' and that allows 
clients to run customized queries and reports on the data.\142\
---------------------------------------------------------------------------

    \141\ See Correlix Letter, p. 2-3.
    \142\ Id.
---------------------------------------------------------------------------

    A variety of commenters, including SROs and broker-dealers, also 
believed it would be more cost efficient to use the existing OATS 
infrastructure specifically as a basis for a consolidated audit trail, 
rather than to purchase or create an entirely new system.\143\ 
Commenters further argued that existing audit trails could be expanded 
economically and quickly.\144\
---------------------------------------------------------------------------

    \143\ As discussed in Section II.C.4, infra, both SIFMA and 
FINRA submitted several comment letters with increasing levels of 
detail on the extent to which existing infrastructures could be used 
to achieve different forms of the various reporting requirements of 
the proposed Rule. In one of its later comment letters, FINRA 
submitted a detailed blueprint describing how it would build a 
consolidated audit trail that it believed would meet the primary 
objectives of the proposed Rule in a relatively short timeframe and 
with minimum costs to the industry. See FINRA Proposal Letter; SIFMA 
Letter, p. 16-18. See also BOX Letter, p. 2; BATS Letter, p. 2.; 
CBOE Letter, p. 2-3; Angel Letter, p. 2-3; Wells Fargo Letter, p. 2; 
Knight Letter, p. 3; FIF Letter, p. 5-6; Schumer Letter, p. 1; FIA 
Letter, p. 3.
    \144\ See, e.g., FINRA/NYSE Euronext Letter; FINRA Letter; 
Schumer Letter, p. 1.
---------------------------------------------------------------------------

    In contrast, other commenters expressed the view that costs could 
be reduced not by using existing audit trail infrastructures, but 
rather by using new, innovative technology to create the consolidated 
audit trail.\145\ Noetic Partners, a financial technology firm, 
explained that technologies are currently available to build a system 
that would capture ``full-depth'' data with ``compression and near-line 
storage'' in a system that would enable fast retrieval and analysis of 
data, and opined that, based on existing technology, a consolidated 
audit trail could be implemented for substantially less than the 
Commission's preliminary estimates.\146\ This commenter stated that, 
based on available technology, a fully functional consolidated audit 
trail could be implemented in months, rather than years, at an initial 
cost of less than $100 million.\147\
---------------------------------------------------------------------------

    \145\ See Noetic Partners Letter II, p. 2; High Speed Letter, p. 
1 (opining that estimated costs could be reduced if data were stored 
in an off-the-shelf cloud-based storage system or if a petabyte 
storage facility was built to store data and also estimating that 
``an integrated analysis system combining bespoke software for 
first-cut filtering of data from the repository, along with 
[commercial off-the-shelf software] for detailed analysis, could be 
developed for less than $10M''). See also Know More Software Letter, 
p. 1; Belanger Letter, p. 4; FTEN Letter, p. 1, 13.
    \146\ See Noetic Partners Letter II, p. 2.
    \147\ Id.
---------------------------------------------------------------------------

    An aggregate analysis of the many specific opinions described above 
suggests that commenters' views regarding the costs of creating, 
implementing, and maintaining a consolidated audit trail fall into one 
of two general categories. One set of commenters expressed the view 
that many, if not all, of the requirements of the proposed Rule could 
be met in a cost-effective fashion if current audit trail systems were 
replaced with new technologies and systems. However, another set of 
commenters expressed the view that a number of the requirements of the 
proposed Rule would be very costly to implement, and, instead, 
suggested that the most cost-effective method of creating a 
consolidated audit trail would be to relax some of the proposed 
requirements and build upon the infrastructure of existing audit trail 
systems.
    Therefore, as discussed above and in detail below,\148\ in response 
to these comments, and specific comments discussed throughout this 
Release,\149\ the Commission is adopting Rule 613 with substantive 
changes to some of the specific collection, reporting, and data 
requirements of the Rule.\150\ The Commission believes that these 
changes significantly expand the solutions that could be considered by 
the SROs for creating, implementing, and maintaining a consolidated 
audit trail and provide the SROs with increased flexibility in how they 
choose to meet the requirements of the Rule compared with the 
requirements of the proposed Rule. For example, the Rule no longer 
requires real-time reporting \151\ or only one unique order identifier; 
\152\ thus, the Rule would accommodate an NMS plan based on the types 
of solutions proposed by SIFMA and FINRA. However, to guide the SROs in 
their development of the NMS plan, the Rule includes several specific 
considerations \153\ that the Commission intends to use to evaluate the 
submitted NMS plan and consider its costs and benefits.
---------------------------------------------------------------------------

    \148\ See Section I., supra.
    \149\ See, generally, Section III., infra.
    \150\ See Section I., supra, for a summary of the changes to 
proposed Rule 613.
    \151\ See Rule 613(c)(3); Section I., supra; Section III.B.1.e., 
infra.
    \152\ See Rule 613(j)(1); Section I., supra; Section 
III.B.1.d.iv., infra.
    \153\ See Rule 613(a)(1)(i) through (xii); Section I., supra; 
Section III.C.2.a., infra.
---------------------------------------------------------------------------

    The changes from the Proposing Release provide the SROs with the 
flexibility to submit an NMS plan that provides creative solutions that 
harness innovative technology or that build on existing audit trail 
systems.
3. Comments on the Process for Creating a Consolidated Audit Trail
    The Commission received comments regarding the process through 
which a consolidated audit trail should be created. As proposed, the 
Rule required that the SROs submit an NMS plan setting forth the 
details for the creation, implementation, and maintenance of a 
consolidated audit trail within 90 days of approval of the Rule. A few 
commenters suggested that more time be allotted for the planning and 
design of the NMS plan.\154\ FIF and the Security Traders Association 
(``STA'') recommended extensive, ``up-front business analysis,'' \155\ 
explaining that if conducted ``during the CAT plan development process, 
[they] are confident that issues would emerge earlier in the process, 
leading to more efficient and cost-effective solutions.'' \156\ These 
commenters believed that the business analysis would require many 
discussions involving the Commission, the SROs and teams comprising 
members of the securities industry.\157\
---------------------------------------------------------------------------

    \154\ See FIF Letter II, p. 2-3; STA Letter, p. 2; Nasdaq Letter 
I, p. 6-7.
    \155\ See FIF Letter II, p. 1, 3; STA Letter, p. 1, 3.
    \156\ See FIF Letter II, p. 2; STA Letter, p. 1.
    \157\ See FIF Letter II, p. 1; STA Letter, p. 1-2.
---------------------------------------------------------------------------

    In this regard, several commenters suggested that the Commission 
undergo a RFP or request for information (``RFI'') process to create 
and implement a consolidated audit trail.\158\ Specifically, FIF urged 
the Commission to perform a RFP process ``to determine the best 
technical solution for developing a

[[Page 45739]]

consolidated audit trail.'' \159\ FIF suggested that the Commission 
``should outline a set of goals and guiding principles they are 
striving to achieve as part of the adopted CAT filing and leave the 
determination of data elements and other technical requirements to [an] 
industry working group.'' \160\ Similarly, Direct Edge suggested that 
Commission staff should form and engage in a working group to develop 
an RFP for publication by the Commission.\161\ DirectEdge explained 
that an RFP process would facilitate the identification of the costs 
and benefits of the audit trail, as well as the consideration of a 
wider range of technological solutions.\162\ Further, commenters, 
including Broadridge Financial Solutions, Inc., a technology 
provider,\163\ also requested more specific information about the audit 
trail system to better assess the Commission's initial cost estimates 
and to determine the best approach to the consolidated audit 
trail.\164\
---------------------------------------------------------------------------

    \158\ See FIF Letter, p. 1, 9; FIF Letter II, p. 1-2; STA 
Letter, p. 2; Direct Edge Letter, p. 2-3, 5.
    \159\ See FIF Letter, p. 1.
    \160\ See FIF Letter II, p. 2.
    \161\ See Direct Edge Letter, p. 2-3, 5. See also STA Letter, p. 
1-3 (recommending the use of working groups comprising the 
Commission, FINRA, exchanges, broker-dealers, investors, vendors, 
and institutional asset managers to conduct business analysis and 
requisite discussions with the industry in planning a consolidated 
audit trail that meets the Commission's goals).
    \162\ Id. at p. 3.
    \163\ See Broadridge Letter, p. 2.
    \164\ See Broadridge Letter, p. 2; FIF Letter, p. 8. See also 
Ross Letter, p. 1 (discussing examples of information security 
details to consider); Nasdaq Letter I, p. 6 (stating that the 
proposed Rule provided ``incomplete technical information on which 
design and features make the most sense'').
---------------------------------------------------------------------------

    To gather the necessary information, commenters argued that the 
timeframe for submitting an NMS plan should be extended. FIF and STA 
opined that the time needed to perform the analysis to produce a 
``detailed blueprint for CAT'' \165\ would be closer to six 
months,\166\ rather than the proposed 90 days.\167\ As a basis for 
their suggestions, FIF provided a breakdown of the time and the types 
of work needed for FINRA's expansion of OATS to all NMS 
securities.\168\ FIF noted that over one-third of the time required for 
the project was spent on conducting business analysis, and that one-
third of the time was spent on project development.\169\
---------------------------------------------------------------------------

    \165\ See FIF Letter II, p. 1-2; STA Letter, p. 2.
    \166\ See FIF Letter II, p. 2; STA Letter, p. 2-3; see also 
Nasdaq Letter I, p. 7 (arguing for ``scheduling flexibility at the 
initial stage'' of designing the consolidated audit trail).
    \167\ See proposed Rule 613(a)(1).
    \168\ See FIF Letter II, p. 3. The commenter also provided the 
cost to the industry for the expansion of OATS to all NMS stocks--
$48 million. The Commission notes that this is the cost for the 
project as a whole, not solely for the planning phase, and therefore 
is not entirely applicable to the cost of the creating and filing 
the NMS plan required by Rule 613.
    \169\ The time remaining was spent on ``testing and other 
activities.'' See FIF Letter II, p. 3.
---------------------------------------------------------------------------

    In response to these comments, the Rule requires the SROs to 
provide more information and analysis to the Commission as part of 
their NMS plan submission than would have been required under the 
proposed Rule. As discussed in more detail below, these requirements 
have been incorporated into the Rule as ``considerations'' that the 
SROs must address, and they generally mandate that the NMS plan 
submitted to the Commission for its consideration discuss certain 
important features and details of the NMS plan, such as how data will 
be transmitted to the central repository, as well as an analysis of NMS 
plan costs and impact on efficiency, competition, and capital 
formation, the process followed by the SROs in developing the NMS plan, 
and information about the implementation plan and milestones for the 
creation of the consolidated audit trail.\170\ These requirements are 
intended to ensure that the NMS plan is the result of a thorough and 
well-developed plan for creating, implementing, and maintaining the 
consolidated audit trail, and the Proposing Release highlighted the 
importance of these types of considerations. In Section III.C. below, 
the Commission also provides details about how it envisions regulators 
would use, access, and analyze consolidated audit trail data through a 
number of ``use cases'' to help the SROs prepare a sufficiently 
detailed NMS plan that addresses the requirements of the adopted 
Rule.\171\
---------------------------------------------------------------------------

    \170\ See Section III.C.2.a., infra.
    \171\ See Section III.C.2.b., infra.
---------------------------------------------------------------------------

    Because of the additional information and analysis required to be 
included in the NMS plan, the Commission is extending the amount of 
time allowed for the SROs to submit the NMS plan. Rule 613(a)(1) 
provides that ``[e]ach national securities exchange and national 
securities association shall jointly file on or before 270 days from 
the date of publication of the Adopting Release in the Federal Register 
a national market system plan to govern the creation, implementation, 
and maintenance of a consolidated audit trail and central repository as 
required by this section.'' The Commission will publish the NMS plan 
submitted in accordance with Rule 608 of Regulation NMS under the 
Exchange Act \172\ for public comment and will approve the NMS plan if 
the Commission determines it is necessary or appropriate in the public 
interest, for the protection of investors and the maintenance of fair 
and orderly markets, to remove impediments to, and perfect the 
mechanisms of, a national market system, or otherwise in furtherance of 
the purposes of the Act.\173\ The Commission also will consider whether 
the NMS plan submitted for its consideration would achieve the 
objectives of the Rule.
---------------------------------------------------------------------------

    \172\ 17 CFR 242.608.
    \173\ 17 CFR 242.608(b)(2).
---------------------------------------------------------------------------

4. Comments on Alternatives to the Proposed Consolidated Audit Trail
    Several commenters, many of whom generally supported the concept of 
a consolidated audit trail, recommended alternatives for how a 
consolidated audit trail should be created, implemented, and 
maintained. In particular, the Commission received comments suggesting 
various ways that the OATS system could be modified to serve as the 
central repository for the consolidated audit trail. FINRA submitted a 
blueprint for a modified version of OATS that listed certain changes to 
address the Commission's proposed requirements for the creation, 
implementation, and maintenance of the consolidated audit trail.\174\ 
The proposed modifications included, for example, the addition of data 
elements capturing whether an order was solicited, customer account 
type, a large trader identifier,\175\ and a unique identifier for 
branch office and registered representative to the data reported to 
OATS; \176\ using OATS to capture order and quote data from all 
national securities exchanges and eventually OPRA; the inclusion of 
options, fixed income securities, security-based swaps, principal 
orders and orders originating in firm-controlled accounts for purposes 
of working a customer order in OATS; the use of CRD numbers to identify 
broker-dealers; an exchange data processing gateway for OATS to 
validate submissions from exchanges; full access to regulators of 
queryable consolidated audit trail data through the FINRA web portal; 
\177\ and OATS' acceptance of limited drop-copy report information from 
broker-dealers on a 15-minute reporting basis.\178\

[[Page 45740]]

However, FINRA's blueprint provided that the large trader identifier 
should be used initially to identify market participants, as the 
complexities of tracking retail accounts, the infrequent amount of 
trading by retail investors, and the large number of such investors 
make requiring a unique customer identifier difficult.\179\
---------------------------------------------------------------------------

    \174\ See FINRA Proposal Letter.
    \175\ See FINRA Proposal Letter, p. 4, 6 (arguing against 
requiring the name and address of the beneficial owner of an 
account, as well as of the individual making the investment 
decision, and against requiring tax identification or social 
security numbers for individual investors).
    \176\ Id. at p. 7 and Appendix B.
    \177\ Id.
    \178\ Id. at p. 3-4 (noting that this information would be 
available for query by regulators within one hour of receipt, would 
include a unique order identifier and MPID, and would be added on 
T+1 to the ``order lifecycle'' using OATS and TRF data).
    \179\ Id. at p. 4.
---------------------------------------------------------------------------

    Another commenter from the academic field believed that a modified 
version of OATS (including fields incorporating ultimate customer 
account information, a reduction in the time stamp standard to 
milliseconds or even microseconds, and standardized clock 
synchronization requirements), coupled with a requirement that 
exchanges must report to OATS, would allow OATS to fulfill the needs of 
the consolidated audit trail in a less costly manner than originally 
proposed.\180\ This commenter stated that the Commission's needs could 
be met by ``a few tweaks to the existing trade reports and by extending 
OATS to cover all NMS stocks and executions at exchanges.'' \181\
---------------------------------------------------------------------------

    \180\ See Angel Letter, p. 3 (also noting, ``While the OATS data 
are extremely useful for understanding market behavior and for 
searching for various violations, these data are not really needed 
for real time surveillance. Real time surveillance is generally 
focused on the question of whether or not some change needs to take 
place immediately * * *. The extensive OATS data regarding the 
handling of individual orders are more useful for economic analysis 
and enforcement activities and do not need to be reported in real 
time.'')
    \181\ Id.
---------------------------------------------------------------------------

    Several commenters, including SROs and broker-dealers, generally 
believed that it would be more cost and time efficient to use a form of 
OATS as a basis for the consolidated audit trail than to purchase or 
create a new system.\182\ For example, FINRA/NYSE Euronext stated that 
modifying existing systems would reduce both the time and cost to 
develop a consolidated audit trail, explaining that ``the programming 
changes needed to comply with an entirely new system are substantially 
greater than expanding existing protocols,'' \183\ while BATS suggested 
that significant cost savings may be realized by building a 
consolidated audit trail that ``leverages elements of OATS.'' \184\ 
FINRA/NYSE Euronext also argued that existing audit trails could be 
expanded ``economically and quickly,'' \185\ noting that use of such 
systems, such as FINRA's OATS, could make the central repository 
unnecessary.\186\ Similarly, FINRA believed that using OATS as a 
foundation of the consolidated audit trail would make the consolidated 
audit trail easier to implement,\187\ as opposed to building a new 
system, which could take years to establish and would likely result in 
``negative unintended consequences'' during development.\188\ FIF 
suggested leveraging FINRA's Trade Reporting and Compliance Engine as a 
basis for the coverage of debt securities.\189\
---------------------------------------------------------------------------

    \182\ See FINRA Proposal Letter; BOX Letter, p. 2; BATS Letter, 
p. 2.; CBOE Letter, p. 2-3; Angel Letter, p. 2-3; SIFMA Letter, p. 
16-18; Wells Fargo Letter, p. 2; Knight Letter, p. 3; FIF Letter, p. 
5-6; Schumer Letter, p. 1; FIA Letter, p. 1-3.
    \183\ See FINRA/NYSE Euronext Letter, p. 7. See also FINRA 
Letter, p. 3 (stating that ``the necessary components to an 
effective, comprehensive, and efficient consolidated audit trail 
are: (1) Uniform data (both data content and data format); (2) 
reliable data; and (3) timely access to the data by SROs and the 
SEC. FINRA believes this can be achieved most effectively, 
efficiently, and expeditiously by expanding FINRA's existing OATS 
requirements to additional securities and non-FINRA member broker-
dealers and by consolidating exchange data in a central repository 
to be used with OATS data'').
    \184\ See BATS Letter, p. 2.
    \185\ See FINRA/NYSE Euronext Letter, p. 14; FINRA Letter.
    \186\ Id.
    \187\ See FINRA Letter, p. 6. Specifically, FINRA proposed 
enhancements to OATS and outlined a phased approach for 
implementation. It explained that, under its approach, 
implementation would begin with equity securities in the first two 
phases, followed by options in the third and fourth phases. FINRA 
further proposed that it could ``establish an intraday abbreviated 
order submission capability based on SIFMA's drop-copy proposal.'' 
FINRA estimated the initial cost for the first two phases of the 
OATS enhancement would be between $100 to $125 million and the 
ongoing annual costs to be between $30 million and $40 million. 
While FINRA's proposal appears to include many of the elements 
required by Rule 613, the Commission notes that the proposal does 
not include a Customer-ID (which was similarly lacking in the SIFMA 
proposal), nor would all broker-dealers be required to report order 
information to the central repository (certain firms that route 
orders exclusively to another reporting firm that is solely 
responsible for further routing decisions would be exempt from 
reporting obligations; additionally, FINRA proposed retaining 
exemptive authority in certain limited situations to provide relief 
to small member firms that do not otherwise qualify for exclusion 
from the definition of an OATS Reporting Member). Further, FINRA's 
proposal would not collect customers' names, addresses and account 
numbers. See FINRA Proposal Letter, p. 10; 14-16; Appendix. The 
Commission believes a unique Customer-ID and customer account 
information are critical to the efficacy and usefulness of the 
consolidated audit trail, and therefore is requiring the NMS plan 
submitted for its consideration to include such information.
    \188\ Id. This commenter also noted that OATS compliance rates 
have improved to over 99% since the system was first implemented, 
and emphasized that creating a new system would result initially in 
low compliance rates until users became familiar with the system. 
Id. at p. 11; see also FINRA/NYSE Euronext Letter, p. 8.
    \189\ See FIF Letter, p. 6 (also providing thoughts on the 
functionalities of OATS that should be considered in creating the 
consolidated audit trail, such as OATS' ability to identify and 
reject duplicative reporting; to link reports between firms and 
Nasdaq exchanges without using a unique customer identifier; its 
possible flexibility in incorporating additional order types; its 
current incorporation of quote data; and its current identification 
of index arbitrage and program trading, and ability to possibly add 
a large trader identification field ``to enhance analysis of high 
volume, algorithm trading'').
---------------------------------------------------------------------------

    Two SROs, BOX and CBOE, recommended the joint use of both OATS and 
COATS.\190\ BOX suggested an expansion of OATS and COATS to include 
customer information,\191\ and CBOE stated that it believed that 
certain aspects of OATS and COATS could be combined, with the addition 
of customer and routing broker information, and new formats.\192\ The 
Commission also received an alternative proposal from a commenter that 
was not based on OATS, but on a combination of automatically-generated 
drop-copies and the Financial Information eXchange (``FIX'') 
protocol.\193\ SIFMA urged reporting on a T+1 basis as it believed 
real-time reporting would require significant changes to existing order 
management and trading systems.\194\ If T+1 reporting were not adopted, 
however, SIFMA's proposal suggested that certain data be provided to 
the central repository in near real time, such as data pertaining to 
``key business events'' such as order receipt and origination, order 
transmittal, execution, modification, and cancellation. SIFMA's 
proposal listed the specific data elements to be reported for each 
event, but, to achieve quick implementation, did not include unique 
customer or order identifiers, or an identifier for algorithmic 
orders.\195\
---------------------------------------------------------------------------

    \190\ See BOX Letter, p. 2; CBOE Letter, p. 2.
    \191\ See BOX Letter, p. 2.
    \192\ See CBOE Letter, p. 2.
    \193\ See SIFMA Drop Copy Letter. The FIX Protocol is a series 
of messaging specifications for the electronic communication of 
trade-related messages. It has been developed through the 
collaboration of banks, broker-dealers, exchanges, industry 
utilities and associations, institutional investors, and information 
technology providers from around the world. These market 
participants share a vision of a common, global language for the 
automated trading of financial instruments. See http://fixprotocol.org/what-is-fix.shtml (last viewed on May 30, 2012).
    \194\ Id. at p. 1.
    \195\ Id. at p. 1-2.
---------------------------------------------------------------------------

    The Commission has considered the comments on alternative 
proposals, including those based on OATS, and has made significant 
modifications to the proposed Rule in light of such comments. Each of 
these modifications is discussed in detail in Section III. below. But 
the Commission notes more generally that, as adopted, Rule 613 does not 
prescribe a specific audit trail collection system or a particular 
method of data collection to be used for the central repository. In 
addition, the Commission believes that certain modifications to Rule 
613, such as

[[Page 45741]]

allowing data to be reported by 8:00 a.m. Eastern Time the following 
trading day, rather than in real time as proposed, provide the SROs 
with a wider range of options for how they choose to meet the 
requirements of the adopted Rule compared with the requirements of the 
proposed Rule. This wider range of options could more easily 
accommodate an OATS-based approach or other approaches for the creation 
of a consolidated audit trail, as suggested by commenters, consistent 
with the requirements of Rule 613.
    The Commission notes, however, that OATS, in its current form, has 
certain limitations and does not include certain attributes that the 
Commission deems crucial to an effective and complete consolidated 
audit trail.\196\ Some of the limitations of OATS that would need to be 
addressed to meet the requirements of Rule 613 include:
---------------------------------------------------------------------------

    \196\ See Section II.A.1.c., supra.
---------------------------------------------------------------------------

     At present, only FINRA members are required to report 
trade and order activity through OATS. The resulting exclusion of some 
exchange-based and other types of non-member activity could lead to 
significant gaps in the data as an order is generated, routed, re-
routed, and finally executed, canceled, or modified;
     OATS does not currently require the collection of market-
making quotes submitted by registered market makers (in those stocks 
for which they are registered), resulting in further, significant gaps 
in the data;
     OATS is a part of a process by which FINRA collects data 
from its members for its own regulatory use. OATS is not a central 
repository and therefore does not presently provide other regulators 
with ready access to a central database containing processed, 
reconciled, and linked orders, routes, and executions ready for query, 
analysis, or download; and
     OATS does not presently collect options data, and does not 
afford regulators an opportunity to perform cross-product surveillance 
and monitoring;
     OATS does not collect information on the identities of the 
customers of broker-dealers from whom an order is received. As 
discussed above in Section I., the Commission believes that the 
integrated inclusion of such data elements into a single consolidated 
audit trail provides many important regulatory benefits.

III. Discussion

    A discussion of each of the key provisions of Rule 613, as adopted, 
is set forth below.

A. NMS Plan

1. Description of the Rule
a. Implementation of the Consolidated Audit Trail Through an NMS Plan
    As proposed, the consolidated audit trail would have been created, 
implemented, and maintained through an NMS plan approved by the 
Commission. As proposed, Rule 613(a)(1) would have required each 
national securities exchange and national securities association to 
jointly file on or before 90 days from approval of the Rule an NMS plan 
to govern the creation, implementation, and maintenance of a 
consolidated audit trail and a central repository.\197\ The Commission 
would then have been required to publish the NMS plan for public 
comment pursuant to Rule 608 of Regulation NMS under the Exchange 
Act,\198\ and, following the period of public comment, would consider 
whether or not to approve the NMS plan. In the Proposing Release, the 
Commission stated its expectation that the exchanges and FINRA would 
``cooperate with each other and take joint action as necessary to 
develop, file, and ultimately implement a single NMS plan to fulfill 
this requirement.'' \199\
---------------------------------------------------------------------------

    \197\ This Section III.A. discusses the use of a NMS plan to 
create, implement, and maintain a consolidated audit trail. Section 
III.C., infra, focuses on the process the SROs must follow when 
submitting the NMS plan to the Commission.
    \198\ 17 CFR 242.608. See Rule 613(a)(2).
    \199\ See Proposing Release, supra note 4, at 32568.
---------------------------------------------------------------------------

    The Commission requested comment on this approach. Specifically, 
the Commission requested comment on whether requiring the exchanges and 
FINRA to jointly file an NMS plan that would contain the requirements 
for a consolidated audit trail was the most effective and efficient way 
to achieve the objectives of Rule 613, or whether the Commission should 
require the exchanges and FINRA to standardize or otherwise enhance 
their existing rules. The Commission further requested comment on which 
approach would be most efficient in improving the ability to monitor 
cross-market trading, or to undertake market analysis or 
reconstructions, and why.
    Two commenters discussed how the consolidated audit trail should be 
created and implemented through an NMS plan.\200\ One noted that the 
Rule should provide the SROs with sufficient flexibility to develop an 
NMS plan that meets the overarching goals of the Commission.\201\ The 
second suggested that the Rule should ``include only the elements 
needed for a [consolidated audit trail], and then leave it up to the 
SROs, [securities information processors] and involved vendors to 
develop the specifications for the data elements to be specified in the 
NMS plan, which would ultimately be subject to public comment and SEC 
approval.'' \202\
---------------------------------------------------------------------------

    \200\ See Thomson Reuters Letter, p. 2; CBOE Letter, p. 7.
    \201\ See Thomson Reuters Letter, p. 2.
    \202\ See CBOE Letter, p. 7.
---------------------------------------------------------------------------

    Other commenters objected in principle to the use of an NMS plan to 
create and implement the consolidated audit trail.\203\ One commenter 
stated that implementing the consolidated audit trail through an NMS 
plan would be ``difficult and inefficient,'' given the need ``to 
respond and adapt quickly to new ways of trading and handling orders,'' 
and believed it would be difficult to jointly make necessary technology 
changes under an NMS plan because, based on the commenter's experience 
of collecting data for an existing audit trail, ``technology changes 
and changes to technical specifications must be made regularly and 
promptly with respect to firm-specific reporting requirements, 
interpretations, and codes to keep up with complex and evolving trading 
and routing strategies.'' \204\ Another commenter argued that an NMS 
plan is ``unnecessary * * * given all of the governance issues with NMS 
plans'' because ``[t]he Commission can get most of what it needs with a 
few tweaks to the existing trade reports and by extending OATS to cover 
all NMS stocks and executions at exchanges.'' \205\
---------------------------------------------------------------------------

    \203\ See FINRA Letter, p. 15; Angel Letter, p. 3.
    \204\ See FINRA Letter, p. 15.
    \205\ See Angel Letter, p. 3.
---------------------------------------------------------------------------

    For the reasons discussed below, the Commission continues to 
believe that an NMS plan filed pursuant to Rule 608 of Regulation NMS 
\206\ is the most effective mechanism to implement the consolidated 
audit trail, and is adopting Rule 613 with a number of modifications 
and clarifications to address the concerns of commenters.\207\
---------------------------------------------------------------------------

    \206\ See Rule 613(a). The proposed Rule provided that the NMS 
plan must be filed with the Commission pursuant to Rule 608. Adopted 
Rule 613(a)(2) clarifies that the NMS plan must also satisfy the 
requirements set forth in Rule 608(a). See Rule 608(a) of Regulation 
NMS; 17 CFR 242.608(a).
    \207\ See Section III.C., infra.
---------------------------------------------------------------------------

    The Commission believes that the creation, implementation, and 
maintenance of the consolidated audit trail through an NMS plan will 
ensure that the SROs' expertise as the ``front line'' regulators of 
securities markets is drawn upon to develop the details of the 
consolidated audit trail, and to make appropriate adjustments as 
warranted to respond to changes in the securities markets and 
technology going forward.

[[Page 45742]]

As such, under the Commission's approach, Rule 613 outlines a broad 
framework for the creation, implementation, and maintenance of the 
consolidated audit trail, including the minimum elements the Commission 
believes are necessary for an effective consolidated audit trail. 
Additionally, Rules 613(a)(1) and (a)(4), which require that each SRO 
jointly file and be a sponsor of the NMS plan, is being adopted as 
proposed. The Commission continues to believe that requiring all SROs 
to jointly file the NMS plan to establish the consolidated audit trail, 
as opposed to the flexibility provided by current Rule 608 of 
Regulation NMS under the Exchange Act,\208\ which permits any two or 
more SROs to submit an NMS plan, is appropriate because such a 
requirement is expected to result in an NMS plan that is the product of 
negotiation and compromise among all of the SROs; in this regard, the 
NMS plan submitted to the Commission also may be more readily 
implemented as the NMS plan should take into consideration the 
capabilities of every SRO.
---------------------------------------------------------------------------

    \208\ 17 CFR 242.608. See Rule 613(a)(2).
---------------------------------------------------------------------------

    In response to the commenter that advocated granting additional 
flexibility to the SROs in developing the requirements of the NMS 
plan,\209\ the Commission has made significant modifications to the 
Rule in several respects to increase the options available to SROs in 
developing the requirements of the NMS plan.\210\ Furthermore, in 
instances where Rule 613 sets forth minimum requirements for the 
consolidated audit trail, the Rule provides flexibility to the SROs to 
draft the requirements of the NMS plan in a way that best achieves the 
objectives of the Rule. For example, Rule 613 requires the NMS plan 
submitted to the Commission for its consideration to require material 
terms of an order, such as order type, to be collected by the central 
repository.\211\ However, the Rule does not enumerate specific order 
types or prescribe the format or nature of how this information would 
be represented. This would be left to the SROs developing the NMS plan 
and allows flexibility for the future, when new order types may be 
introduced and added, if appropriate.
---------------------------------------------------------------------------

    \209\ See Thomson Reuters Letter, p. 2.
    \210\ See Section I., supra; Sections III.B., III.C., infra.
    \211\ See Section III.B.1.d.i.(A)., infra.
---------------------------------------------------------------------------

    Similarly, in response to the commenter stating that implementing 
the consolidated audit trail through an NMS plan would be ``difficult 
and inefficient'' given the need to respond and adapt quickly to new 
ways of trading and handling orders,\212\ the Commission notes that, 
while the NMS plan submitted to the Commission for its consideration 
must contain the minimum necessary elements for the consolidated audit 
trail, and any amendments to an effective NMS plan initiated by plan 
sponsors will require approval by Commission order, the SROs should 
have flexibility to accommodate a variety of technological and other 
market developments without amending the NMS plan (e.g., through the 
issuance and updating of technical specifications that are reasonably 
and fairly implied by the NMS plan). Underscoring this need to ensure 
the consolidated audit trail is regularly updated to remain compatible 
with best market practices, the Commission, as discussed in Section 
III.C.2.a.i., also has added general requirements to Rule 613 with 
regards to SROs monitoring and planning for the technological evolution 
of the consolidated audit trail. Further, as noted in Section III.B.3 
below, the NMS plan must include a governance structure for the central 
repository that is designed to ensure efficient decision-making.
---------------------------------------------------------------------------

    \212\ See FINRA Letter, p. 15.
---------------------------------------------------------------------------

    The Commission has also considered the comment that recommended 
that the Commission should leave it to the SROs, securities information 
processors (``SIPs'') and vendors to develop the specifications for the 
data elements in the NMS plan.\213\ The Commission agrees in principle 
with the commenter, and believes that market participants other than 
SROs also could have valuable insights regarding the design of the 
specifications for the data elements, the central repository, and other 
aspects of the Rule. To address this concern, the adopted Rule requires 
the SROs to explain in the NMS plan the process by which they solicited 
views of their members regarding the creation, implementation, and 
maintenance of the consolidated audit trail, a summary of the views of 
such members, and how the plan sponsors took such views into account in 
preparing the NMS plan.\214\ In addition, the Rule requires the NMS 
plan submitted to the Commission for its consideration to provide for 
the creation of an Advisory Committee to afford SRO members, and other 
interested parties as permitted by the NMS plan,\215\ the opportunity 
to have input on the creation, implementation, and maintenance of the 
consolidated audit trail.\216\ The Commission also notes that nothing 
in the Rule precludes the SROs, as plan sponsors, from consulting with 
others, including the SIPs and vendors, as they craft the NMS plan. 
Finally, pursuant to Rule 608(b)(1), the NMS plan will be published for 
public comment.\217\ Thus, all interested persons, including market 
participants, regulatory authorities, and the general public, will have 
an opportunity to provide meaningful comments on the details and costs 
of the NMS plan submitted to the Commission, which the Commission will 
review and consider.
---------------------------------------------------------------------------

    \213\ See CBOE Letter, p. 7.
    \214\ See Rule 613(a)(1)(xi).
    \215\ See Rule 613(b)(7)(i). Because members of the SROs will be 
required to report data pursuant to the NMS plan, the Rule provides 
that the plan must require that the Advisory Committee include 
representatives of the member firms of the SROs. However, the 
Commission believes that it is advisable for the SROs to consider 
including other interested parties such as SIPs, vendors, investors, 
and/or academics on the Advisory Committee. In addition, the 
Commission expects that the Advisory Committee would include the 
Commission's Chief Technology Officer as an observer. See Section 
III.B.3.b., infra.
    \216\ See Rule 613(b)(7).
    \217\ 17 CFR 242.608(b)(1).
---------------------------------------------------------------------------

    In response to the commenter that believed that the objectives of 
the consolidated audit trail could be achieved ``with a `few tweaks' to 
the existing trade reports and by extending OATS,'' \218\ the 
Commission notes, as described above, that existing trade reports and 
the current OATS process combined do not meet many of the requirements 
the Commission believes are essential for a consolidated audit trail. 
The Commission therefore believes that an NMS plan, as noted above, 
provides an effective mechanism for the SROs to create, implement, and 
maintain a consolidated audit trail meeting such requirements. However, 
it also notes that the adopted Rule does not preclude the 
infrastructure, nomenclature, format, or any other aspects of an 
existing order audit trail system, such as OATS, from being used for 
the consolidated audit trail, provided the NMS plan proposing to 
establish such an audit trail otherwise meets the requirements of Rule 
613. The Commission stresses that existing order audit trails lack 
critical information such as the identity of the customer, data on 
principal orders or quotes, and a way to link orders across markets--
information that the Commission believes is essential to the 
consolidated audit trail.\219\
---------------------------------------------------------------------------

    \218\ See Angel Letter, p. 3.
    \219\ See Section II.A., supra. The Commission notes that, in 
the Proposing Release, it used the term ``proprietary orders'' to 
describe orders that were generated for the account of a broker-
dealer. See Proposing Release, supra note 4, at 32570.
    To avoid confusion with the proposed ``Volcker Rule,'' which 
proposes new regulations with respect to ``proprietary'' trading by 
commercial banks and their affiliates, the Commission is using the 
term ``principal orders'' in this Release to describe orders that 
were generated for the account of a broker-dealer. See Securities 
Exchange Act Release No. 65545 (October 12, 2011), 76 FR 68846 
(November 7, 2011) (File No. S7-41-11).

---------------------------------------------------------------------------

[[Page 45743]]

B. Elements of the NMS Plan

    As discussed above, the adopted Rule requires the SROs to submit an 
NMS plan to create, implement, and maintain a consolidated audit 
trail.\220\ As adopted, the Rule permits the SROs to consider a wider 
array of solutions, in creating, implementing, and maintaining a 
consolidated audit trail. The Rule, however, also sets forth certain 
minimum requirements of the consolidated audit trail that must be 
included in the NMS plan submitted by the SROs to the Commission for 
its consideration. The Commission believes that it is important to set 
forth certain minimum requirements to ensure that the consolidated 
audit trail will be designed in a way that provides regulators with the 
accurate, complete, accessible, and timely market activity data they 
need for robust market oversight. The minimum audit trail requirements 
that must be included in the NMS plan submitted by the SROs are 
discussed below.
---------------------------------------------------------------------------

    \220\ See Section I., supra.
---------------------------------------------------------------------------

1. Recording and Reporting
a. Products and Transactions Covered
    As proposed, Rule 613 would have applied to secondary market 
transactions in all NMS securities, which includes NMS stocks and 
listed options.\221\ In the Proposing Release, the Commission also 
addressed the possibility of expanding the scope of the consolidated 
audit trail over time. Specifically, proposed Rule 613(i) would have 
required the NMS plan to include a provision requiring each national 
securities exchange and national securities association to jointly 
provide to the Commission, within two months after effectiveness of the 
NMS plan, a document outlining how such exchanges and associations 
would propose to incorporate into the consolidated audit trail 
information with respect to equity securities that are not NMS 
securities, debt securities, primary market transactions in NMS stocks, 
primary market transactions in equity securities that are not NMS 
securities, and primary market transactions in debt securities. The 
document also would have been required to identify which market 
participants would be required to provide the additional data and to 
include an implementation timeline and a cost estimate for including 
such data in the consolidated audit trail.\222\ The Commission 
requested comment on whether expanding the consolidated audit trail to 
include the products and transactions specified above was an 
appropriate approach to the eventual expansion of the consolidated 
audit trail, and, if so, an appropriate and realistic timetable for 
doing so.
---------------------------------------------------------------------------

    \221\ See proposed Rule 613(c)(5).
    \222\ The Commission notes that any expansion of the 
consolidated audit trail to cover non-NMS securities would be 
effectuated through notice and comment.
---------------------------------------------------------------------------

    Several commenters expressed opinions on the scope of the products 
and transactions proposed to be covered by the Rule and how their 
inclusion in the consolidated audit trail should be phased in under the 
Rule.\223\ One commenter urged the Commission to consider including 
additional asset classes in the scope of the products covered by the 
Rule, and specifically questioned the value of the consolidated audit 
trail without the inclusion of information on futures and other 
derivatives.\224\
---------------------------------------------------------------------------

    \223\ See Liquidnet Letter, p. 2 (suggesting limiting the scope 
of the first phase of audit trail implementation to end-of-day-
reporting to ensure that it can be completed in a timely and cost-
effective manner; this commenter also recommended that the first 
phase apply the consolidated audit trail to all market participants, 
not just the SROs, as proposed). See also FIF Letter, p. 7 
(suggesting that the consolidated audit trail cover just NMS 
stocks--then at a later date, all NMS securities, including 
options); FINRA Proposal Letter, p. 5 (suggesting several phases of 
expansion, beginning with NMS stocks and over-the-counter (``OTC'') 
equity securities, and ultimately including standardized options, 
fixed income securities, conventional options, and security-based 
derivatives in the consolidated audit trail); SIFMA Letter, p. 16-17 
(believing that OATS could form the basis for the consolidated audit 
trail, stating that OATS should be modified to include non-Nasdaq-
listed securities, listed options, quotes, street side and exchange-
to-exchange routing and market making and recommending phasing in 
NMS stocks first, then any additional data elements, then listed 
options and, finally, non-NMS securities); FIF Letter II, p. 2 
(suggesting that the consolidated audit trail have ``multi-
instrument capabilities, most importantly options and futures but 
also fixed income and other instruments).
    \224\ See Broadridge Letter, p. 4.
---------------------------------------------------------------------------

    The Commission also received comment on the proposed Rule's 
approach for considering a possible future expansion of the products 
and transactions covered by the consolidated audit trail. One commenter 
believed that its technology would allow development of a platform that 
would support multiple asset classes and expansion of the consolidated 
audit trail for use by other regulators.\225\ Other commenters 
expressed general support for expanding the scope of products 
covered.\226\ One specifically suggested expanding the scope of the 
Rule, for example, to include the ``creation of instruments that 
underlie the securities that make up [mortgage-backed securities] and 
[asset-backed securities].'' \227\ Another suggested expanding the 
consolidated audit trail to all securities submitted to an exchange or 
clearing agency.\228\ Yet another commenter, however, argued against 
allowing the exchanges, through the NMS plan, to have primary 
responsibility for specifying the data requirements of non-exchange-
traded asset classes, stating that exchanges lacked experience with 
these instruments.\229\
---------------------------------------------------------------------------

    \225\ See Nasdaq Letter II, p. 3.
    \226\ See Liquidnet Letter, p. 2; FINRA Proposal Letter, p. 5; 
SIFMA Letter, p. 16-17; Marketcore Letter, p. 1.
    \227\ See Marketcore Letter, p. 1.
    \228\ See Ameritrade Letter, p. 3. See also Mansfield Letter, p. 
1 (suggesting other data, including ``metrics'' and ``market 
environmental information'' to be included in the consolidated audit 
trail).
    \229\ See Direct Edge Letter, p. 4.
---------------------------------------------------------------------------

    The Commission has considered the comments discussed above and is 
adopting the Rule as proposed with respect to the scope of the 
securities that must be covered at this time, but, as described below, 
acknowledges the importance of a mechanism for considering other types 
of products in the future. Specifically, the adopted Rule requires that 
consolidated audit trail data be collected for all NMS securities.\230\ 
However, the Commission also is adopting the requirement that the NMS 
plan require the SROs to jointly submit a document outlining a possible 
plan for expansion of the consolidated audit trail, as proposed, but 
with three modifications from the proposed Rule.
---------------------------------------------------------------------------

    \230\ See Proposing Release, supra note 4, at 32568-70; Rule 
613(c)(5).
---------------------------------------------------------------------------

    Rule 613(i) requires that the SROs jointly provide the Commission a 
document outlining how the SROs could incorporate the following 
additional products into the consolidated audit trail: Equity 
securities that are not NMS securities, debt securities, primary market 
transactions in equity securities that are not NMS securities, and 
primary market transactions in debt securities (``expansion 
document''). The adopted Rule also requires the expansion document to 
include details for each order and reportable event that may be 
required to be provided, which market participants may be required to 
provide the data, an implementation timeline and a cost estimate. The 
first modification from the proposed Rule is a technical change 
clarifying that Rule 613(i) is requiring the SROs to provide

[[Page 45744]]

the Commission with a document that outlines how an expansion of the 
consolidated audit trail could be accomplished in the future and is 
not, at this time, requiring that the SROs commit to expanding the 
consolidated audit trail beyond secondary market transactions in NMS 
securities.\231\ However, the Commission notes that Rule 613(i) retains 
the requirement that SROs include an implementation timeline and a cost 
estimate; in this regard, the Commission expects that the SROs will 
address fully in the expansion document how any such expansion of the 
consolidated audit trail could be implemented in practice, and that 
such document would include sufficient detail for the Commission to 
ascertain how the SROs could proceed with such expansion. The 
Commission would expect to make the expansion document publicly 
available on its Web site and to solicit a wide range of comment on it 
to further inform and facilitate the expansion of the consolidated 
audit trail if appropriate, taking into account the relevant 
considerations contemplated by Rule 613(a)(1). In addition, the 
expansion document could inform the detailed plans that are to be 
prepared at least every two years by the CCO of the NMS plan.\232\
---------------------------------------------------------------------------

    \231\ See Rule 613(i). Specifically, Rule 613(i) now provides 
that the SROs provide a document outlining how such exchanges and 
associations ``could'' incorporate non-NMS securities into the 
consolidated audit trail, rather than how the exchanges and 
associations ``would propose to'' incorporate non-NMS securities; 
and that the exchanges and associations should provide details for 
each order and reportable event that ``may'' be required to be 
provided, and which market participants ``may'' be required to 
provide the data. As proposed, the comparable provision of Rule 
613(i) required that the exchanges and associations should provide 
details for each order and reportable event that ``would'' be 
required to be provided, and which market participants ``would'' be 
required to provide the data.
    \232\ See Section III.B.3.b., infra.
---------------------------------------------------------------------------

    In addition, after considering the comments received relating to 
the potential expansion of the consolidated audit trail and how such an 
expansion might occur,\233\ the Commission is making the second 
modification to the proposed Rule to extend the deadline for submitting 
the expansion document from two months to six months from the date of 
effectiveness of the NMS plan approved by the Commission. The 
Commission believes that the additional four months will provide the 
time necessary after the approval of the NMS plan by the Commission for 
the SROs to consider how they might expand the consolidated audit trail 
to capture orders and trading in these additional securities and thus 
will aid the Commission in receiving an outline or plan from the 
exchanges and associations that has had the benefit of additional time 
for analysis and planning. Finally, given the extension of the deadline 
for submitting the expansion document and the importance of information 
regarding primary market information in NMS stocks relative to other 
types of transactions as discussed in Section III.B.1.a. below, the 
Commission is removing the requirement that the expansion document 
discuss all primary market transactions in NMS stocks and is, instead, 
as discussed later, requiring that a discussion of the feasibility, 
benefits, and costs of incorporating into the consolidated audit trail 
information about allocations in primary market transactions in NMS 
securities be addressed with the NMS plan submission.\234\ However, the 
expansion document must still include a discussion of primary market 
transactions in equity securities that are not NMS securities.
---------------------------------------------------------------------------

    \233\ See Ameritrade Letter, p. 3; Liquidnet Letter, p. 2; 
Marketcore Letter, p. 1; FINRA Proposal Letter, p. 5; SIFMA Letter, 
p. 16-17.
    \234\ See Rule 613(a)(1)(vi). See also Section III.C.2.a.i., 
infra.
---------------------------------------------------------------------------

    The Commission agrees in principle with the commenters that 
advocated a phased approach to implementation.\235\ The Commission, 
however, has determined not to modify the proposed scope of the Rule, 
which applies to orders in NMS securities. The Commission also adopts 
substantially its proposed implementation timeframes that apply if and 
when the NMS plan is approved,\236\ except that the NMS plan may 
provide up to one additional year before small broker-dealers will be 
required to provide information to the central repository.\237\
---------------------------------------------------------------------------

    \235\ See note 222, supra.
    \236\ See Rule 613(a)(3), which states that the NMS plan must 
require the plan sponsors: (i) Within two months after effectiveness 
of the NMS plan to select a plan processor; (ii) within four months 
after effectiveness of the NMS plan to synchronize their business 
clocks and require the members of each such exchange and association 
to synchronize their business clocks; (iii) within one year after 
effectiveness of the NMS plan to provide to the central repository 
the data specified in Rule 613(c); (iv) within fourteen months after 
effectiveness of the NMS plan to implement a new or enhanced 
surveillance system(s) as required by Rule 613(f); (v) within two 
years after effectiveness of the NMS plan to require their members, 
except those members that qualify as small broker-dealers as defined 
in Sec.  240.0-10(c), to provide to the central repository the data 
specified in Rule 613(c); and (vi) within three years after 
effectiveness of the NMS plan to require their members that qualify 
as small broker-dealers as defined in Sec.  240.0- 0(c) to provide 
to the central repository the data specified in Rule 613(c).
    \237\ See Section III.D., infra.
---------------------------------------------------------------------------

    The Commission continues to believe that the Rule's requirement to 
include secondary market transactions in all NMS securities (i.e., both 
listed equities and options) is a reasonable first step in the 
implementation of the consolidated audit trail. In addition, the 
Commission believes that applying the Rule solely to NMS securities 
should allow for a less burdensome implementation of the consolidated 
audit trail as compared to applying the Rule to a broader set of 
securities,\238\ in large part because market participants already have 
experience with audit trails for transactions in these securities. And, 
as discussed in detail above,\239\ there are many significant benefits 
of a consolidated audit trail that includes NMS securities (even if it 
is only limited to NMS securities).
---------------------------------------------------------------------------

    \238\ The Commission also believes that limiting the application 
of the Rule initially to only NMS securities should help ensure that 
the implementation schedule prescribed by the Rule is achievable. 
See Section III.D., infra.
    \239\ See Section II.A.2, supra.
---------------------------------------------------------------------------

    With regards to a phased approach to implementation, the Commission 
notes that the data recording and reporting requirements would apply 
initially, as proposed, to the SROs but not to their members. This will 
allow members additional time to, among other things, implement the 
systems and other changes necessary to provide the required information 
to the central repository, including capturing customer and order 
information that they may not have previously been required to collect. 
Should the SROs determine that additional implementation phases might 
be appropriate (e.g., applying the Rule first to equities and then to 
listed options), the Commission notes that the Rule does not preclude 
the SROs from proposing such phases, so long as the outer time 
parameters specified in the Rule, which the Commission is adopting as 
proposed, are met.\240\
---------------------------------------------------------------------------

    \240\ See note 223, supra.
---------------------------------------------------------------------------

    The Commission agrees with commenters that the inclusion of 
additional products (even at a later date) could further enhance the 
ability of the SROs and the Commission to conduct effective market 
oversight for financial products currently trading in the 
marketplace.\241\ The Commission also

[[Page 45745]]

believes that it could be beneficial for the consolidated audit trail 
to be expanded over a reasonable period of time to include information 
on primary market transactions in equity and debt securities, as this 
data could be used to quickly assess potential violations of various 
rules under the Exchange Act such as, for example, Regulation M and 
Rule 10b-5.\242\ For example, the primary market transaction data would 
allow regulators to more quickly identify whether any participant in an 
offering sold short prior to the offering in violation of Regulation M. 
The primary market transaction data would allow for identification of 
the cost basis for purchases by intermediaries and make it easier to 
assess whether subsequent mark-ups to investors in primary offerings 
are fair and reasonable and, if not, whether there has been a violation 
of the antifraud provisions of the federal securities laws, including 
Rule 10b-5.
---------------------------------------------------------------------------

    \241\ The Commission notes that the financial markets have 
become increasingly interrelated, with transactions occurring in the 
futures markets affecting transactions in the securities markets. To 
the extent that instruments other than NMS securities (e.g., futures 
on a securities index or security-based swaps) can be substitutes 
for trading in NMS securities, or are otherwise linked to such 
trading (e.g., as part of a strategy that involves multiple 
products), having access to an audit trail that includes these 
instruments would improve regulators' ability to more quickly detect 
potentially manipulative or other illegal activity that could occur 
across markets. The Commission recognizes, however, that any such 
expansion to include products not under the Commission's 
jurisdiction, and thus not contemplated by this Rule, would need to 
be coordinated with the CFTC or other applicable regulatory 
authorities, and would likely require a separate rulemaking, which 
would include a consideration of the costs and benefits of such an 
expansion. In this regard, the Commission believes that it could be 
beneficial to discuss with the CFTC, at the appropriate time, the 
possibility of including within the consolidated audit trail data 
relating to futures or swap products regulated by the CFTC that are 
based on securities. The Commission is therefore directing the 
Commission staff to work with the SROs, the CFTC staff, and other 
regulators and market participants to determine how other asset 
classes, such as futures, might be added to the consolidated audit 
trail. The information from such an expanded consolidated audit 
trail could benefit both the CFTC and the Commission.
    An example of a non-NMS security is a security-based swap. The 
Commission notes that, separately, it has proposed rules requiring 
the reporting of security-based swap information to registered 
security-based swap data repositories (``SDR'') or the Commission. 
See Securities Exchange Act Release No. 63446, File No. S7-34-10 
(November 19, 2010), 75 FR 75208 (December 2, 2010) (proposing 
Regulation SBSR under the Exchange Act providing for the reporting 
of security-based swap information to registered security-based SDR 
or the Commission, and the public dissemination of security-based 
swap transaction, volume, and pricing information); see also 
Securities Exchange Act Release No. 63447, File No. S7-35-10 
(November 19, 2010), 75 FR 77306 (December 10, 2010) (proposing 
rules governing the SDR registration process, duties, and core 
principles).
    \242\ See 17 CFR 242.100 et seq.; 17 CFR 240.10b-5. Rule 105 of 
Regulation M prohibits the short selling of equity securities that 
are the subject of a public offering for cash and the subsequent 
purchase of the offered securities from an underwriter or broker or 
dealer participating in the offering if the short sale was effected 
during a period that is the shorter of the following: (i) Beginning 
five business days before the pricing of the offered securities and 
ending with such pricing; or (ii) beginning with the initial filing 
of such registration statement or notification on Form 1-A or Form 
1-E and ending with the pricing. Thus, Rule 105 prohibits any person 
from selling short an equity security immediately prior to an 
offering and purchasing the security by participating in the 
offering.
    Rule 10b-5 provides that ``[i]t shall be unlawful for any 
person, directly or indirectly, by the use of any means or 
instrumentality of interstate commerce, or of the mails or of any 
facility of any national securities exchange, (a) [t]o employ any 
device, scheme, or artifice to defraud, (b) [t]o make any untrue 
statement of a material fact or to omit to state a material fact 
necessary in order to make the statements made, in the light of the 
circumstances under which they were made, not misleading, or (c) 
[t]o engage in any act, practice, or course of business which 
operates or would operate as a fraud or deceit upon any person, in 
connection with the purchase or sale of any security.''
---------------------------------------------------------------------------

    The Commission considered the comment letter that agreed that 
``policing the market requires a comprehensive approach'' but asserted 
the exchanges should not be primarily responsible for specifying 
requirements relating to asset-backed securities and other debt 
instruments, including swap instruments that are not exchange-
traded.\243\ In response, the Commission notes the Rule requires the 
SROs to submit a document outlining a plan for the possible expansion 
of the NMS plan to non-NMS securities--namely debt securities and 
equity securities that are not NMS securities.\244\ The Commission also 
notes that FINRA, the SRO responsible for oversight of trading in the 
over-the-counter market, would participate in the preparation of such 
expansion document, and expects that FINRA would provide substantial 
input as to how the consolidated audit trail might be expanded to 
include non-NMS securities. Because the consolidated audit trail will 
be jointly owned and operated by the SROs pursuant to the NMS plan, 
however, the Commission believes that the involvement of all of the 
SROs in any potential expansion process is appropriate.
---------------------------------------------------------------------------

    \243\ See Direct Edge Letter, p. 4.
    \244\ See Rule 613(i).
---------------------------------------------------------------------------

    The Commission also notes that any expansion of the consolidated 
audit trail to include transactions in non-NMS securities would be 
effected through public notice and comment, and take into account the 
relevant considerations contemplated by Rule 613(a)(1). Furthermore, 
adopted Rule 613(b)(7), discussed in more detail later in this 
Release,\245\ requires the NMS plan to include an Advisory Committee, 
which includes members of the plan sponsors and other interested 
parties as set by the NMS plan,\246\ that would be available to provide 
consultation on matters concerning the central repository, including 
the securities subject to the Rule. Therefore, the Commission believes 
that the participation of FINRA, the public, and the Advisory Committee 
should assist the SROs in devising a document outlining the expansion 
of the consolidated audit trail to other securities.
---------------------------------------------------------------------------

    \245\ See Section III.B.3.b., infra.
    \246\ See note 2145, supra.
---------------------------------------------------------------------------

    The Commission continues to believe that the expansion document 
required by Rule 613(i) will provide valuable information to the 
Commission and help inform the Commission about the likely efficacy of 
expanding the scope of the consolidated audit trail to include 
information on equity securities that are not NMS securities, debt 
securities, primary market transactions in equity securities that are 
not NMS securities, and primary market transactions in debt securities. 
In addition, the expansion document will aid the Commission in 
assessing the feasibility and impact of the plan sponsors' proposed 
approach.
    The Commission acknowledges that plan sponsors will incur costs to 
prepare the expansion document. For example, plan sponsors will be 
required to address, among other things, details for each order and 
reportable event for which data may be submitted; which market 
participants may be required to provide the data; an implementation 
timeline; and a cost estimate. Thus, the plan sponsors must, among 
other things, undertake an analysis of technological and computer 
system acquisitions and upgrades that would be required to incorporate 
such an expansion. The Commission, however, believes that it would be 
beneficial to receive a document outlining how the plan sponsors could 
incorporate into the consolidated audit trail securities in addition to 
NMS securities, such as over-the-counter equity and debt securities, as 
soon as practicable. This is because such an expansion document will 
aid the Commission in assessing both the feasibility of expanding the 
audit trail to these additional securities, possibly including, as 
commenters urged, instruments that underlie mortgage-backed securities 
and asset-backed securities, and the resulting potential benefits to 
the securities markets as a whole if the consolidated audit trail is 
expanded in the manner described in the document submitted by the plan 
sponsors pursuant to Rule 613(i).
b. Orders and Quotations
    As proposed, Rule 613 would have required that information be 
provided to the central repository for every order in an NMS security 
originated or received by a member of an exchange or FINRA. Proposed 
Rule 613(j)(4) would have defined ``order'' to mean: (1) Any order 
received by a member of a national securities exchange or national

[[Page 45746]]

securities association from any person; (2) any order originated by a 
member of a national securities exchange or national securities 
association; or (3) any bid or offer.\247\ In sum, the Commission 
proposed that the Rule cover all orders (whether for a customer or for 
a member's own account), as well as quotations in NMS stocks and listed 
options.\248\
---------------------------------------------------------------------------

    \247\ See Proposing Release, supra note 4, at 32570; proposed 
Rule 613(j)(4).
    \248\ Id.
---------------------------------------------------------------------------

    The Commission requested comment about the scope of its proposed 
definition of ``order,'' including whether principal orders \249\ 
should be included in the scope of the consolidated audit trail and 
whether there are any differences between orders and quotations that 
should be taken into account with respect to the information that would 
be required to be provided to the central repository. The Commission 
also requested comment on whether non-firm quotations should be 
included in the consolidated audit trail and marked to show that they 
are not firm.\250\
---------------------------------------------------------------------------

    \249\ See note 219, supra.
    \250\ See Proposing Release, supra note 4, at 32571.
---------------------------------------------------------------------------

    Commenters generally supported the inclusion of principal orders in 
the definition of ``order,'' \251\ but some expressed concern about 
including market maker quotations in the consolidated audit trail.\252\ 
In particular, these commenters thought that the volume of quotes 
proposed to be collected was so large that it would require market 
participants to increase the capacity of their systems that would 
transmit data to the central repository, and thus recommended that 
market maker quotations be exempted from the Rule's reporting 
requirements.\253\ One of these commenters specifically suggested that 
the Rule use the same approach as is currently used for the COATS--
which contains order, quote (but only the top of market quote) and 
transaction data for all market participants.\254\
---------------------------------------------------------------------------

    \251\ See FINRA Letter, p. 10; SIFMA Letter, p. 15; Liquidnet 
Letter, p. 3; FINRA Proposal Letter, p. 6.
    \252\ See SIFMA Letter, p. 13; CBOE Letter, p. 5.
    \253\ See SIFMA Letter, p. 13; CBOE Letter, p. 5.
    \254\ See CBOE Letter, p. 5. See also Options Settlement Order, 
supra, note 60. See, e.g., Securities Exchange Act Release No. 50996 
(January 7, 2005), 70 FR 2436 (order approving proposed rule change 
by CBOE relating to Phase V of COATS).
---------------------------------------------------------------------------

    The Commission also received two comments regarding the inclusion 
of non-firm orders and quotes in the consolidated audit trail. One 
commenter, consistent with the proposed Rule, stated that only firm 
orders and quotes should be included.\255\ Another commenter, however, 
believed that the proposed Rule did not go far enough, and stated that 
the Rule should require that information relating to indications of 
interest or similar communications be reported to, among other things, 
assist the SROs and the Commission in detecting ``spoofing,'' \256\ 
where a market participant enters and quickly cancels limit orders or 
quotations with the intent of having those non-bona fide orders or 
quotations change the NBBO or create a misperception of the available 
market liquidity to induce others to change their trading decisions.
---------------------------------------------------------------------------

    \255\ See Liquidnet Letter, p. 3.
    \256\ See Ameritrade Letter, p. 3.
---------------------------------------------------------------------------

    In addition to the comments regarding inclusion of principal and 
non-firm orders and quotes in the consolidated audit trail, some 
commenters suggested ways to narrow the definition of ``order.'' One 
commenter would exempt ``non-trading transfers of securities within a 
legal entity, such as internal journals of securities within a desk or 
aggregation unit,'' from the mandatory reporting requirements.\257\ 
Another commenter--an options exchange--recommended that the Commission 
only require consolidated NBBO data to be reported with respect to 
options quotations, noting that there are millions of quotes per day on 
its exchange and that certain options, including out-of-the-money 
options, are subject to a high volume of quotation updates but generate 
limited trading activity.\258\
---------------------------------------------------------------------------

    \257\ See SIFMA Letter, p. 15.
    \258\ See BOX Letter, p. 3.
---------------------------------------------------------------------------

    The Commission considered the comments regarding the scope of the 
quotes and orders that should be included in the Rule's definition of 
``order,'' and acknowledges that costs will be incurred by SROs and 
their members to record and report this information to the central 
repository and by the central repository to receive, consolidate, store 
and make accessible such information.\259\ The Commission also 
acknowledges that requiring the recording and reporting of all quotes 
and orders may entail more costs, such as additional development time 
and storage capacity, than if the Commission did not require the 
recording and reporting of market maker quotes or out-of-the-money 
options. Nevertheless, because the Commission continues to believe that 
many of the benefits of a consolidated audit trail can only be achieved 
if all orders and quotations are included, the Commission is adopting 
the definition of ``order'' in Rule 613(j)(4) (renumbered as Rule 
613(j)(8)), as proposed, to include orders received by a member of an 
exchange or FINRA from any person, any order originated by a member of 
an exchange or FINRA, and any bid or offer, including principal 
orders.\260\
---------------------------------------------------------------------------

    \259\ Such costs might include the costs to purchase or build 
new systems and/or costs to modify existing systems to record and 
report the required data. As discussed in Section I., supra, the NMS 
plan would include detailed information about costs for the public 
and the Commission to consider.
    \260\ See Rule 613(j)(4).
---------------------------------------------------------------------------

    The Commission believes it is important for the consolidated audit 
trail to capture information for all principal orders and market maker 
quotations because principal orders and market maker quotations 
represent a significant amount of order and transaction activity in the 
U.S. markets. Effective surveillance of their trading is critical to 
detecting a variety of types of potential misconduct such as 
manipulation and trading ahead. By providing regulators comprehensive 
information about principal orders and market maker quotations 
throughout the U.S. markets--information that is not available to 
regulators today using existing audit trails--the consolidated audit 
trail would allow regulators to efficiently surveil for manipulative 
and other illegal activity by market making and other proprietary 
trading firms. In addition, any comprehensive market reconstruction or 
other market analysis would need to take into account principal orders 
and market maker quotations--which, as noted above, constitute a large 
percentage of the orders and trades in today's markets--to provide a 
complete and accurate picture of market activity.
    Furthermore, the Commission believes that including principal 
orders and market maker quotations in the consolidated audit trail 
would permit SROs to more efficiently monitor the market for violations 
of SRO rules. Such monitoring requires determination of the exact 
sequence of the receipt and execution of customer orders in relation to 
the origination and execution of principal orders or market maker 
quotations. For example, SROs would be able to use the consolidated 
audit trail data to more efficiently detect instances when a broker-
dealer receives a customer order and then sends a principal order or 
quote update to an exchange ahead of the customer order, potentially 
violating the trading ahead prohibitions in SRO rules.\261\
---------------------------------------------------------------------------

    \261\ See, e.g., FINRA Rule 5320; NYSE Arca Equities Rule 6.16.
---------------------------------------------------------------------------

    In addition, information on principal orders or market maker 
quotations could

[[Page 45747]]

be useful in investigating illegal ``spoofing.'' The availability to 
regulators of comprehensive information about principal orders and 
market maker quotations would allow them to more efficiently and 
effectively identify the source of the orders or quotations and, thus, 
better determine whether the quoted price was manipulated or simply a 
response to market forces.
    A further example where information on principal orders and market 
maker quotations would enhance regulatory efforts is in reviewing 
``layering'' or other manipulative activity. Layering is a form of 
market manipulation where orders are placed close to the best buy or 
sell price with no intention to trade in an effort to falsely overstate 
the liquidity in a security. Layering attempts to manipulate the shape 
of the limit order book to move the price of a security or influence 
the trading decisions of others. Layering is often effected with 
principal orders, so inclusion of principal orders in the consolidated 
audit trail would aid regulators in the detection of this manipulative 
practice.\262\
---------------------------------------------------------------------------

    \262\ See Section II.A., supra.
---------------------------------------------------------------------------

    The Commission considered the comment that recommended excluding 
certain quotations, such as those generated for out-of-the-money 
options, from the definition of ``orders'' required to be reported to 
the central repository.\263\ The Commission, however, believes that 
such quotations must be included in the consolidated audit trail. 
Although there may be a high volume of quotations in out-of-the-money 
options with limited resulting trading activity, the Commission 
believes that having a record of those quotations is necessary to allow 
regulators to surveil high-speed quoting strategies for manipulative or 
other illegal behavior and to assess the impact of market making and 
other high-frequency quoting behaviors on the quality of the markets. 
Including these quotations is necessary for example, because the 
Commission may investigate allegations of a broker-dealer engaging in 
the practice of flooding the market with out-of-the-money option 
quotations for the purpose of manipulating the price of the option or 
related security, or to overload exchange execution systems. Based on 
the foregoing, to ascertain whether any illegal activity might be 
occurring through the misuse of quoting, the consolidated audit trail 
must require all bids and offers to be collected and reported to the 
central repository.
---------------------------------------------------------------------------

    \263\ See BOX Letter, p. 3.
---------------------------------------------------------------------------

    The Commission also considered the comment that asserted that 
``non-trading transfers of securities within a legal entity, such as 
internal journals of securities within a desk or aggregation unit'' 
should be exempt from the reporting requirements of the Rule.\264\ In 
response to this comment, the Commission notes that Rule 613 does not 
require the reporting of such transfers because they are not 
``orders,'' as defined under Rule 613(j)(8). However, Rule 613 does 
require the NMS plan to require the reporting of the internal routing 
of orders at broker-dealers.\265\
---------------------------------------------------------------------------

    \264\ See SIFMA Letter, p. 15.
    \265\ See Rule 613(c)(7)(ii)(F). The Commission notes that the 
NMS plan submitted by the plan sponsors would need to provide 
appropriate detail as to how orders routed within a single broker-
dealer would be reported. For example, the NMS plan would need to 
address the routing of an order received by a customer-facing sales 
desk within a broker-dealer to a separate trading or market-making 
desk within the same broker-dealer that actually determines how to 
execute the order.
---------------------------------------------------------------------------

    The Commission also considered the comment that recommended 
including indications of interest in the definition of ``order.'' \266\ 
The Commission, however, is not including indications of interest in 
the definition of ``order'' for purposes of the consolidated audit 
trail because the Commission believes that the utility of the 
information such data would provide to regulators would not justify the 
costs of reporting the information. Indications of interest are 
different than orders because they are not firm offers to trade, but 
are essentially invitations to negotiate. As such, the Commission 
believes that indications of interest are less likely to be used as a 
vehicle for illegal activity, such as manipulation or layering, because 
they would be less likely to induce a response from other market 
participants.
---------------------------------------------------------------------------

    \266\ See Ameritrade Letter, p. 3.
---------------------------------------------------------------------------

c. Persons Required To Report Information to the Central Repository
    Under proposed Rule 613(c)(5), each national securities exchange 
and its members would have been required to collect and provide to the 
central repository certain data for each NMS security registered or 
listed on a national securities exchange, or admitted to unlisted 
trading privileges on such exchange; and, under proposed Rule 
613(c)(6), each national securities association and its members would 
have been required to collect and provide to the central repository 
certain data for each NMS security for which transaction reports would 
be required to be submitted to a national securities association. 
Proposed Rule 613(c)(7) would have required each national securities 
exchange, national securities association, and any member of such 
exchange or association to collect and provide to the central 
repository certain details, delineated in such Rule, for each order and 
each reportable event. The Commission requested comment on whether 
requiring SROs and their members to report the required order 
information to the central repository was appropriate.
    Several commenters broadly objected to the requirement that all 
broker-dealers report consolidated audit trail information to the 
central repository and/or proposed alternatives to such a 
requirement.\267\ One commenter suggested that introducing brokers 
should be permitted to rely on their clearing firms for reporting to 
the central repository, arguing that requiring separate reporting by 
introducing brokers and clearing firms ``will only dilute the economic 
benefits realized by Introducing Brokers through such clearing 
arrangements and may result in increased costs to customers.''\268\ 
This commenter also stated that it does not believe there is 
appreciable benefit to the Commission, FINRA or the markets in general 
in mandating reporting by introducing brokers.\269\
---------------------------------------------------------------------------

    \267\ See CBOE Letter, p. 5; TIAA-CREF Letter, p. 2; Wachtel 
Letter, p. 1; SIFMA Letter p. 13; FINRA Proposal Letter, p. 5-6; 
GETCO Letter, p. 3-4; Nasdaq Letter II, p. 3.
    \268\ See TIAA-CREF letter, p. 2-3. Another commenter echoed 
this concern and recommended that the consolidated audit trail 
develop a means to avoid such duplicative reporting, explaining that 
this is a problem with the current OATS system. See Wells Fargo 
Letter, p. 2.
    \269\ See TIAA-CREF letter, p. 2.
---------------------------------------------------------------------------

    Similarly, another commenter urged the Commission to exclude 
broker-dealers from the consolidated audit trail reporting requirements 
if they route their orders exclusively to another reporting firm that 
is solely responsible for further routing decisions, on the basis that 
this would essentially result in duplicative reporting.\270\ In 
addition, this commenter recommended the Commission exempt small 
broker-dealers from the reporting requirements if compliance would be 
unduly burdensome.\271\ Another commenter, a small broker-dealer that 
manually handles orders, specifically suggested that the Commission 
adopt a provision similar to FINRA Rule 7470, which provides FINRA 
staff the authority to grant exemptions to broker-dealers that solely 
handle orders manually from

[[Page 45748]]

OATS recording and data transmission requirements.\272\
---------------------------------------------------------------------------

    \270\ See FINRA Proposal Letter, p. 5-6.
    \271\ Id.
    \272\ See Wachtel Letter, p. 1. The Commission notes any 
exemptions granted by FINRA under FINRA Rule 7470 may not exceed a 
period of two years, unless extended. See FINRA Rule 7470. FINRA's 
authority to grant exemptions under FINRA Rule 7470 expires on July 
10, 2015. See FINRA Rule 7470(c).
---------------------------------------------------------------------------

    Three commenters argued that broker-dealers should not be required 
to report quotation information to the central repository that is 
available from other market participants.\273\ Specifically, one 
commenter argued that broker-dealers should not be required to report 
information to the central repository that has already been reported to 
an SRO (e.g., market maker quotes) because the SRO would also be 
reporting the information to the central repository.\274\ Another 
commenter stated that it ``believes that, rather than requiring quote 
reporting by broker-dealers, only the exchanges and FINRA (through its 
Alternative Display Facility and proposed Quotation Consolidation 
Facility) should be required to report quotations,'' and added that 
``[t]he exchanges and FINRA are in a position to provide quotation 
information at a lower cost and with more accuracy.'' \275\ Similarly, 
a third commenter urged the Commission to consider ``whether 
surveillance systems could rely on quotation information disseminated 
by the SROs,'' instead of requiring all quotation data to be sent 
separately to the repository.\276\
---------------------------------------------------------------------------

    \273\ See CBOE Letter, p. 5-6; SIFMA Letter, p. 13; GETCO 
Letter, p. 3-4.
    \274\ See CBOE Letter, p. 5-6 (stating its belief that ``it 
would be redundant for both the market makers and the exchanges to 
all submit this information to the CAT. We recommend that the 
exchanges be permitted to submit information on market maker quotes 
to the CAT. Market makers who submit quotes to an exchange would 
have no obligation other than to correctly identify themselves to 
the exchange as the party submitting the quotation. The exchange 
could add the rest of the required information (participant 
identifier, unique order identifier, etc.) to the quote and transmit 
it to the CAT'').
    \275\ See SIFMA Letter, p. 13.
    \276\ See GETCO Letter, p. 3-4. Another commenter proposed to 
develop a platform that would collect audit trail information from 
the SROs and other sources of information, and thus reduce the 
obligations on broker-dealers to report data. See Nasdaq Letter II, 
p. 3.
---------------------------------------------------------------------------

    The Commission considered the comments objecting to the requirement 
that broker-dealers report all consolidated audit trail information to 
the central repository. However, for the reasons discussed below, the 
Commission is adopting the requirements as proposed with regard to the 
obligation of members to report required data to the central 
repository.\277\ Specifically, the Commission is adopting Rules 
613(c)(5) and (6) as proposed. Rule 613(c)(5) provides that ``[t]he 
national market system plan submitted pursuant to this section shall 
require each national securities exchange and its members to record and 
report to the central repository the information required by [Rule 
613(c)(7)] for each NMS security registered or listed for trading on 
such exchange or admitted to unlisted trading privileges on such 
exchange,'' and Rule 613(c)(6) provides that ``[t]he national market 
system plan submitted pursuant to this section shall require each 
national securities association and its members to record and report to 
the central repository the information required by paragraph (c)(7) of 
this section for each NMS security for which transaction reports are 
required to be submitted to the association.''
---------------------------------------------------------------------------

    \277\ See Rules 613(c)(5) through (7).
---------------------------------------------------------------------------

    In essence, the Commission believes these provisions are 
appropriate because they require each party--whether a broker-dealer, 
exchange or ATS--that takes an action with respect to an order, and 
thus has the best information with respect to that action, to record 
and report \278\ that information to the central repository.\279\ For 
example, the broker-dealer originating an order--whether received from 
a customer or generated as a principal order--is in the best position 
to record the terms of that order, including the time of origination, 
as well as the unique customer and order identifiers. If the 
originating broker-dealer is required to record the time each order in 
a rapid series of principal orders is generated, for example, 
regulators will be able to more accurately reconstruct the sequence of 
those orders for purposes of conducting market surveillances for 
manipulative or other illegal activity, or for performing market 
reconstructions. In addition, requiring the originating broker-dealer 
to record the time an order was received from a customer could then 
help regulators more accurately determine whether the broker-dealer 
quickly traded ahead of the customer order. On the other hand, if the 
recording and reporting requirements initially applied only to the 
executing or routing broker-dealer, or the exchange in the case of 
market maker quoting, regulators would not know the precise time the 
order or quote was originated, and would not be able to implement or 
perform as efficiently effective surveillances, such as those discussed 
above. In addition, the lack of precise order origination time could 
interfere with the ability of regulators to perform accurate market 
reconstructions or analyses, particularly with respect to high 
frequency trading strategies. Thus, the Commission believes that every 
broker-dealer (and exchange) that touches an order must record the 
required data with respect to actions it takes on the order, 
contemporaneously with the reportable event, to ensure that all 
relevant information, including the time the event occurred, is 
accurately captured and reported to the consolidated audit trail.\280\
---------------------------------------------------------------------------

    \278\ The Commission notes that the Rule does not preclude the 
NMS plan from allowing broker-dealers to use a third party to report 
the data required to the central repository on their behalf. In 
particular, the Commission recognizes that introducing brokers may 
wish to contract with clearing broker-dealers for this purpose and 
that the SROs may need to amend their rules to address the 
allocation of responsibility between the parties. In such cases, the 
Commission expects that the clearing contract, as mandated by the 
SRO's rules, as amended, would address the allocation of 
responsibility for the reporting of required data.
    \279\ The Commission has adopted Rule 613(c)(5) and (6) using 
the terms ``record'' and ``report'' the required audit trail data, 
rather than ``collect'' and ``provide'' the required audit trail 
data, as proposed. See also Section III.B.1.e., infra.
    \280\ The Rule as adopted requires the NMS plan submitted to the 
Commission for its consideration to require broker-dealers and SROs 
to record and report to a central repository only the audit trail 
information for actions each took with respect to an order. For 
example, if a member receives an order from a customer, the member 
will be required to report its receipt of that order (with the 
required information) to the central repository. If the member then 
routes the order to an exchange for execution, the member will be 
required to report the routing of that order (with the required 
information) to the central repository. Likewise, the exchange 
receiving the routed order will be required to report the receipt of 
that order from the member (with the required information) to the 
central repository. If the exchange executes the order on its 
trading system, the exchange will be required to report that 
execution of the order (with the required information) to the 
central repository, but the member will not also be required to 
report the execution of the order. If the member executes the order 
in the OTC market, however, rather than routing the order to an 
exchange (or other market center) for execution, the member will be 
required to report the execution of the order (with the required 
information) to the central repository. In this regard, there is no 
duplicative reporting of audit trail information because each market 
participant is required to report only the audit trail data for the 
actions it has taken with respect to an order.
    The Commission notes that, for orders that are modified or 
cancelled, Rule 613(c)(7)(iv) would require the broker-dealer who 
received the modification from a customer, for example, to report 
the order modification to the central repository. Thus, if broker-
dealer A received a modification to a customer's order from the 
customer, broker-dealer A would be required to report such 
modification to the central repository. If broker-dealer A had 
already routed the customer's order to another broker-dealer 
(``broker-dealer B''), the customer's modification would also need 
to be reported by broker-dealer A to broker-dealer B. The receipt of 
the customer's modification by broker-dealer B would also need to be 
reported to the central repository, pursuant to Rule 613(c)(7)(iv). 
The same reporting obligations would apply if the modification were 
originated by broker-dealer A.
---------------------------------------------------------------------------

    While a broker-dealer will be required to record any actions it 
takes with

[[Page 45749]]

respect to an order because such recordation would capture information, 
particularly the time stamp, which is needed by regulators for the 
reasons discussed above, the Commission notes that nothing in the Rule 
precludes the NMS plan submitted to the Commission for its 
consideration from allowing an introducing broker or other broker-
dealer to use a third party, such as a clearing broker-dealer, to 
report the data recorded by the introducing broker or other broker-
dealer to the central repository.
    The Commission acknowledges that SROs and their members will incur 
costs to record and report the audit trail data required by Rules 
613(c)(5), 613(c)(6) and 613(c)(7).\281\ The Commission also 
acknowledges that, in some instances, the information required to be 
recorded and reported by some market participants, for example, market 
makers, may indeed be available from other market participants (in the 
case of market makers, the exchanges) and that there might be 
additional costs for all market participants to record and report 
information. However, for the reasons noted above, the Commission 
believes that requiring every market participant that touches an order 
to record and report the required audit trail data to the central 
repository, and thus requiring these market participants to incur these 
costs is appropriate. The Commission believes that such costs will 
depend on the exact details of how information is to be recorded and 
reported to the central repository, including whether third-parties, 
such as clearing-brokers or exchanges, facilitate the transmission of 
such data. But because these costs depend on details that are not being 
prescribed by the Commission, Rule 613 requires that the SROs must, in 
their proposal of the specific mechanisms by which data will be 
reported to the central repository, include cost estimates of their 
solution, as well as a discussion of the costs and benefits of the 
various alternatives considered but not chosen.\282\ More so, as 
discussed above in Section I, once the Commission receives the 
submitted NMS plan, it will be able to use such plan-specific details 
and costs estimates, as well as public comment on the NMS plan, in 
determining whether to approve the NMS plan.
---------------------------------------------------------------------------

    \281\ Such costs might include the costs to purchase or build 
new systems and/or costs to modify existing systems to record and 
report the required data. As discussed in Section I., supra, the NMS 
plan would include detailed information about costs for the public 
and the Commission to consider.
    \282\ See Section III.C.2.iii., infra.
---------------------------------------------------------------------------

    The Commission also considered the comment that small broker-
dealers should be granted an exemption from the Rule,\283\ and, as 
discussed in Section III.D., is adopting Rule 613(a)(3)(vi), which 
provides that the NMS plan shall require each SRO to require small 
broker-dealers to provide audit trail data to the central repository 
within three years after effectiveness of the NMS plan, as opposed to 
within two years as proposed.\284\ The Commission believes that 
completely exempting small broker-dealers from reporting requirements 
would be contradictory to the goal of Rule 613, which is to create a 
comprehensive audit trail. In effect, an exemption to small broker-
dealers from the requirements of the Rule would eliminate the 
collection of audit trail information from a segment of the broker-
dealer community and would thus result in an audit trail that does not 
capture all orders by all participants in the securities markets for 
NMS securities. The Commission notes that illegal activity, such as 
insider trading and market manipulation, can be conducted through 
accounts at small broker-dealers just as readily as it can be conducted 
through accounts at large broker-dealers. In addition, granting an 
exemption to certain broker-dealers might create incentives for 
prospective wrongdoers to utilize such firms to evade effective 
regulatory oversight through the consolidated audit trail. The 
Commission recognizes, however, that small broker-dealers, particularly 
those that operate manual systems, might be particularly impacted 
because of their more modest financial resources and may need 
additional time to upgrade to an electronic method of reporting audit 
trail data to the central repository, and thus believes that allowing 
the NMS plan to permit such broker-dealers up to an extra year to begin 
reporting data to the central repository if the plan sponsors believe 
such an accommodation is reasonable, is appropriate. The Commission 
believes up to an additional year could allow small broker-dealers 
extra time to explore the most cost-effective and most efficient method 
to comply with the Rule. The Commission acknowledges that permitting 
small broker-dealers up to three years to begin reporting the required 
audit trail data to the central repository will delay the ability of 
regulatory authorities to obtain full information about all orders from 
all participants, which in turn will result in delaying the full 
regulatory benefit of the consolidated audit trail. However, the 
Commission believes that such an accommodation to small broker-dealers 
is reasonable, given the fact that small broker-dealers may face 
greater financial constraints in complying with Rule 613 as compared to 
larger broker-dealers.\285\ The Commission also notes that many small 
broker-dealers are introducing broker-dealers and may be able to use 
their clearing broker-dealers to report the data to the central 
repository, thereby potentially reducing some of their costs.
---------------------------------------------------------------------------

    \283\ See Wachtel Letter, p. 1.
    \284\ See Section III.D., infra.
    \285\ If a clearing broker-dealer receives an order from a small 
broker-dealer during the period between the time the Rule is 
applicable to large broker-dealers and the time the Rule is 
applicable to small broker-dealers, the broker-dealer performing the 
clearing function for the small introducing broker will be subject 
to only the requirements of the Plan applicable directly to the 
clearing broker-dealer, while the small introducing broker will not 
be subject to the reporting requirements at that time.
---------------------------------------------------------------------------

d. Reportable Events and Consolidated Audit Trail Data Elements
    As proposed, Rule 613 would have required SROs and their respective 
members to provide certain information regarding each order and each 
``reportable event'' to the central repository. A reportable event 
would have been defined in proposed Rule 613(j)(5) to include, but not 
be limited to, the receipt, origination, modification, cancellation, 
routing, and execution (in whole or in part) of an order.
    For the reportable event of receipt and origination of an order, 
proposed Rule 613(c)(7)(i) would have required the reporting of the 
following data elements: (1) Information of sufficient detail to 
identify the customer; (2) a unique customer identifier for each 
customer; (3) customer account information; (4) a unique identifier 
that would attach to an order at the time of receipt or origination by 
the member; (5) a unique identifier for the broker-dealer receiving or 
originating an order; (6) the unique identifier of the branch office 
and registered representative receiving or originating the order; (7) 
the date and time (to the millisecond) of order receipt or origination; 
and (8) the material terms of the order.
    For the reportable event of routing of an order, proposed Rule 
613(c)(7)(ii) would have required the reporting of the following 
information by the member or SRO that is doing the routing, each time 
an order is routed: (1) The unique order identifier; (2) the date on 
which an order was routed; (3) the exact time (in milliseconds) the 
order was routed; (4) the unique identifier of the broker-dealer or 
national securities exchange that routes the order; (5) the unique 
identifier of the broker-dealer or

[[Page 45750]]

national securities exchange that receives the order; (6) the identity 
and nature of the department or desk to which an order is routed if a 
broker-dealer routes the order internally; and (7) the material terms 
of the order.
    Rule 613(c)(7)(iii), as proposed, also would have required the 
collection and reporting by the SRO or member receiving a routed order 
of the following information: (1) The unique order identifier; (2) the 
date on which the order is received; (3) the time at which the order is 
received (in milliseconds); (4) the unique identifier of the broker-
dealer or national securities exchange receiving the order; (5) the 
unique identifier of the broker-dealer or national securities exchange 
routing the order; and (6) the material terms of the order.
    For the reportable events of modification or cancellation of an 
order, proposed Rule 613(c)(7)(iv) would have required the following 
data be collected and reported: (1) The date and time (in milliseconds) 
that an order modification or cancellation was originated or received; 
(2) the price and remaining size of the order, if modified; (3) the 
identity of the person responsible for the modification or cancellation 
instruction; and (4) other modifications to the material terms of the 
order.
    For full or partial executions of an order, proposed Rule 
613(c)(7)(v) would have required the following information to be 
collected and reported to the central repository: (1) The unique order 
identifier; (2) the execution date; (3) the time of execution (in 
milliseconds); (4) the capacity of the entity executing the order 
(whether principal, agency, or riskless principal); (5) the execution 
price; (6) the size of the execution; (7) the unique identifier of the 
national securities exchange or broker-dealer executing the order; and 
(8) whether the execution was reported pursuant to an effective 
transaction reporting plan or pursuant to the OPRA Plan.
    The Commission received comments on the information proposed to be 
recorded and reported to the central repository for each reportable 
event (i.e., the consolidated audit trail data elements) but did not 
receive comments on the proposed definition of reportable event in 
proposed Rule 613(j)(5) (i.e., the events that trigger consolidated 
audit trail reporting requirements). However, the Commission is making 
clarifying changes to proposed Rule 613(j)(5) (renumbered as Rule 
613(j)(9)) to define a ``reportable event'' as including the original 
receipt of a customer's order by a broker-dealer; the origination of an 
order by a broker-dealer (i.e., a principal order); and the receipt of 
a routed order. Thus, Rule 613(j)(9), as adopted, provides that ``[t]he 
term reportable event shall include, but not be limited to, the 
original receipt or origination, modification, cancellation, routing, 
and execution (in whole or in part) of an order, and receipt of a 
routed order.'' The Commission believes these changes from the proposal 
are appropriate because they conform Rule 613(j)(9) to the provisions 
of Rule 613(c)(7). Specifically, Rule 613(c)(7) is structured around 
each ``reportable event;'' therefore, audit trail data is listed 
according to the data that must be reported upon ``original receipt or 
origination'' of an order (Rule 613(c)(7)(i)); ``routing'' of an order 
(Rule 613(c)(7)(ii)); ``receipt of an order that has been routed'' 
(Rule 613(c)(7)(iii)); ``modification or cancellation'' of an order 
(Rule 613(c)(7)(iv)); and ``execution'' of an order (Rule 613(c)(7)(v) 
and (vi)).
    As noted above, the Commission received comments on the information 
proposed to be recorded and reported to the central repository with 
each reportable event (i.e., the consolidated audit trail data 
elements) and, in response, is adopting the Rule with certain 
modifications from the proposed Rule with respect to certain of the 
consolidated audit trail data elements. In so adopting the Rule, the 
Commission acknowledges that costs will be incurred by SROs and their 
members to record and report this information to the central repository 
and by the central repository to receive, consolidate, store and make 
accessible such information.\286\ However, the Commission believes that 
the costs to SRO members for reporting this information, and the costs 
to the central repository for collecting and storing this information, 
will significantly depend on the exact details of how this information 
will be gathered and transmitted by the various types of market 
participants covered by Rule 613. The Commission is therefore requiring 
the SROs to include as part of the NMS plan submitted to the Commission 
for its consideration pursuant to the Rule, details of how each of the 
different data elements would be recorded, reported, collected, and 
stored, as well as cost estimates for the proposed solution, and a 
discussion of the costs and benefits of alternate solutions considered 
but not proposed. The Commission also notes that the SROs are not 
prohibited from proposing additional data elements not specified in 
Rule 613 if the SROs believe such data elements would further, or more 
efficiently, facilitate the requirements of the Rule.
---------------------------------------------------------------------------

    \286\ In particular, the Commission acknowledges that certain 
elements are not collected by existing audit trails and thus SROs 
and members would incur additional costs to record and report such 
information. The Commission also acknowledges that there might be 
additional costs with respect to assigning customer identifiers, the 
broker-dealer identifiers and the order identifiers because such 
assignments might, depending on the NMS plan, require coordination 
amongst various different entities and possibly further systems 
changes.
---------------------------------------------------------------------------

    Once the SROs have submitted an NMS plan with these details, the 
Commission will be able to use this information to determine whether to 
approve the NMS plan. The Commission at this time is only directing the 
SROs to develop and submit a detailed NMS plan that includes each of 
the data elements. The Commission is not making a final determination 
of the nature and scope of the data elements to be included in the 
consolidated audit trail--as discussed above, these determinations will 
be made after the SROs submit the NMS plan, and the Commission and 
public have had an opportunity to consider the proposed data elements.
    Rather, at this time the Commission is only making a more limited 
determination. The benefits the Commission and the public will receive 
from being able to consider the detailed costs and benefits of the 
specific set of data elements submitted to the Commission for its 
consideration pursuant to the Rule justify the costs of preparing the 
NMS plan with such data elements included.
    A discussion of these consolidated audit trail data elements 
follows.
i. Material Terms of the Order
    As proposed, Rule 613 would have required broker-dealers to report 
the material terms of the order upon origination or receipt of an order 
and upon routing, modification, and cancellation of an order.\287\ 
Proposed Rule 613(j)(3) (renumbered as Rule 613(j)(7)) defined material 
terms of the order to include, but not be limited to, the following 
information: (1) The NMS security symbol; (2) the type of security; (3) 
price (if applicable); (4) size (displayed and non-displayed); (5) side 
(buy/sell); (6) order type; (7) if a sell order, whether the order is 
long, short, or short exempt; \288\ (8) if a short sale,

[[Page 45751]]

the locate identifier; (9) open/close indicator; (10) time in force (if 
applicable); (11) whether the order is solicited or unsolicited; (12) 
whether the account has a prior position in the security; (13) if the 
order is for a listed option, option type (put/call), option symbol or 
root symbol, underlying symbol, strike price, expiration date, and 
open/close; and (14) any special handling instructions.
---------------------------------------------------------------------------

    \287\ See proposed Rules 613(c)(7)(i)(I), 613(c)(7)(ii)(G), 
613(c)(7)(iii)(F), and 613(c)(7)(iv)(D).
    \288\ A broker or dealer currently must mark all sell orders of 
any equity security as long, short, or short exempt. See Rule 
200(g)(1) under the Exchange Act, 17 CFR 242.200(g)(1). A sell order 
may be marked short exempt only if the conditions of Rule 201(c) or 
(d) under the Exchange Act are met (17 CFR 242.201(c) and (d)). See 
Rule 200(g)(2) under the Exchange Act, 17 CFR 242.200(g)(2).
---------------------------------------------------------------------------

    The Commission requested comment on whether there are any items of 
information that are required to be recorded and reported by existing 
audit trail rules, or to be provided to the SROs or the Commission upon 
request, that were not proposed but should have been included in the 
Rule. One commenter suggested that two data elements be added to aid 
regulators in detecting the original source of orders that violate laws 
or are involved in market manipulations.\289\ Specifically, this 
commenter recommended that the proposed Rule should capture the 
identity of the individual who originated the order (in addition to 
identifying the firm) and the system he or she used to originate the 
order.\290\ Another commenter questioned the need for information 
regarding whether an account has a prior position in a security.\291\ 
The commenter expressed skepticism about the value of knowing, in real 
time, whether the customer has a prior position in the security, since 
the length of time the position has been held would not be captured. 
This commenter also questioned how the Commission's requirement that 
the prior position in a security be reported would work in the 
situation where a client has multiple accounts but it is the first time 
the client has opened a position in one of the accounts.\292\ Another 
commenter provided specific information on the exact data elements that 
it could incorporate into the consolidated audit trail if it were 
chosen as the central processor under Rule 613.\293\
---------------------------------------------------------------------------

    \289\ See Kumaraguru Letter, p. 1.
    \290\ Id.
    \291\ See Ameritrade Letter, p. 3.
    \292\ Id.
    \293\ See FINRA Proposal Letter, Appendix A.
---------------------------------------------------------------------------

    The Commission considered the views of the commenter that 
questioned the value of knowing whether a customer has a prior position 
in a security. The Commission also considered the commenter's concern 
about potential reporting complications for clients with multiple 
accounts, as well as general comments urging the Commission to reduce 
the burdens of the Rule, and is adopting proposed Rule 613(j)(3) 
(renumbered as Rule 613(j)(7)) with modifications to delete certain 
data elements.
    After considering the commenters' views, and re-evaluating the 
necessity of requiring certain specific data elements, the Commission 
has determined not to require the locate identifier (if a short sale); 
whether the order is solicited or unsolicited; and whether the account 
has a prior position in the security. The Commission believes the 
consolidated audit trail can still achieve significant benefits without 
requiring the routine recording and reporting of these specific data 
elements to the central repository.\294\ While this information may be 
useful for certain investigations and market analyses, the Commission 
believes that this additional data could be readily obtained from a 
follow-up request to a broker-dealer if the other data required by 
proposed Rule 613(j)(3), particularly relating to the customer behind 
the order, is included in the consolidated audit trail. Thus, the 
Commission believes that it is unnecessary to require this additional 
data to be reported as a standard part of the consolidated audit trail. 
In effect, the Commission believes that the benefits of having these 
specific audit trail data elements are minimal. As such, the Commission 
does not believe the benefits to the Commission and the public to 
consider the detailed costs and benefits of such data elements justify 
the costs to SROs for including them in their NMS plan submission.
---------------------------------------------------------------------------

    \294\ See Section II.A.2., supra.
---------------------------------------------------------------------------

    In response to the commenter who recommended that the proposed Rule 
should capture the identity of the individual who originated the order 
(in addition to identifying the firm) and the system he or she used to 
originate the order,\295\ the Commission notes that Rule 613 defines 
``customer'' as: ``(i) The account holder(s) of the account at a 
registered broker-dealer originating the order; and (ii) any person 
from whom the broker-dealer is authorized to accept trading 
instructions for such account, if different from the account 
holder(s).'' \296\ The Rule does not require the identification of the 
individual registered representative who placed the order.\297\ 
Further, the Commission does not believe that ``the system he or she 
used to originate the order'' is of significant enough regulatory value 
to require that information to be recorded and reported under Rule 613 
at this time.
---------------------------------------------------------------------------

    \295\ See Kumaraguru Letter, p. 1.
    \296\ See Rule 613(j)(3); see also Section 
III.B.1.d.iii.(C).(2)., infra (discussing the definition of 
``customer'' as applied to investment advisers).
    \297\ See Section III.B.1.d.ii., infra, for a discussion of the 
proposed requirement to report the unique identifier of the 
registered representative receiving or originating an order.
---------------------------------------------------------------------------

(A) Order Type
    As proposed, the Rule would have required that members report the 
order type as an element of the material terms of an order. In the 
Proposing Release, the Commission explained that the proposed Rule does 
not specify the exact order types (e.g., market, limit, stop, pegged, 
stop limit) that could be reported under the Rule in recognition that 
order types may differ across markets and an order type with the same 
title may have a different meaning at different exchanges.\298\ The 
Commission also noted that markets are frequently creating new order 
types and eliminating existing order types. Thus, the Commission 
preliminarily believed that it would not be practical to include a list 
of order types in the proposed Rule as part of the required information 
to be reported to the central repository.
---------------------------------------------------------------------------

    \298\ See Proposing Release, supra note 4, at 32575.
---------------------------------------------------------------------------

    The Commission received one comment in response to its request for 
comment on its proposed approach to handling order types. This 
commenter believed that the Commission did not think that order types 
were needed for the consolidated audit trail, and argued that this 
information is ``essential for any attempts to use the order data to 
reconstruct the state of the limit order book at any point in time.'' 
\299\ The Commission agrees that information about an order's type is 
important and notes that the Rule, as proposed, did require order types 
to be reported.\300\ Thus, the Commission is adopting the Rule, as 
proposed, to require plan sponsors to include in the NMS plan submitted 
to the Commission for its consideration a requirement for SROs and 
members to report the order type as an element of the material terms of 
an order. The Rule, however, does not provide an exhaustive list of 
order types, as the Commission continues to believe that it is not 
feasible to do so in its Rule, for the reasons stated in the Proposing 
Release.\301\ Rather, the Commission believes the plan sponsors should 
be responsible for determining how to describe and categorize specific 
order types in the NMS plan or in the NMS plan's technical 
specifications, as there is more flexibility to amend such

[[Page 45752]]

documents and the SROs would have the most familiarity with the 
variations among the order types on their markets. The Commission notes 
that specific order types may differ across markets, and even an order 
type with the same title may have a different meaning at different 
exchanges. Further, SROs regularly develop new order types to respond 
to changes in market structures and trading strategies, and any list of 
order types will likely need to be updated over time.
---------------------------------------------------------------------------

    \299\ See Angel Letter, p. 2-3.
    \300\ Order type information is important because it reflects 
the intention of the person originating an order with regard to how 
an order should be handled, and also provides information regarding 
the potential impact of orders on the market.
    \301\ See Proposing Release, supra note 4, at 32575.
---------------------------------------------------------------------------

(B) Special Handling Instructions
    The proposed Rule also would have required that that any special 
handling instructions be reported as part of the material terms of an 
order.\302\ The Commission specifically requested comment in the 
Proposing Release on whether the Rule should require, as part of the 
disclosure of special handling instructions, the disclosure of an 
individual algorithm that may be used by a member or customer to 
originate or execute an order, and, if so, how such an algorithm should 
be identified. The Commission received one comment noting the 
importance of requiring the special handling instructions to be 
included in the consolidated audit trail.\303\ This commenter believed 
that special handling instructions were important for reconstructing 
the limit order book.\304\ Regarding algorithms, commenters generally 
were not in favor of unique identifiers for algorithms.\305\ One 
commenter urged against requiring customer information at the level of 
``individual strategy, trading desk, or particular algorithm * * *.'' 
\306\ Another commenter stated that the proposed rule should not 
require that unique customer identifiers be affixed to computer 
algorithms.\307\ This commenter pointed out that algorithms change 
daily, which would result in uncertainty about whether new identifiers 
are needed. Further, the commenter argued that firms would need to 
develop safeguards to ensure proprietary algorithms and trading 
strategies are not appropriated by competitors. This commenter 
suggested that, instead of requiring a unique customer identifier, the 
Commission could require that a ``flag'' be appended to orders 
generated by an algorithm.
---------------------------------------------------------------------------

    \302\ See proposed Rule 613(j)(3).
    \303\ See Angel Letter, p. 2-3.
    \304\ Id.
    \305\ See Managed Funds Association Letter, p. 2; SIFMA Letter, 
p. 11; SIFMA Drop Copy Letter, p. 2.
    \306\ See Managed Funds Association Letter, p. 2.
    \307\ See SIFMA Letter, p. 11. SIFMA subsequently submitted an 
alternative proposal that did not include a flag for algorithms, 
citing lack of clarity in the Commission's definition of algorithmic 
order, and stating that the FIX standard lacks existing fields to 
flag such orders. Id. at 2.
---------------------------------------------------------------------------

    The Commission agrees with the commenter that supported the 
proposed requirement that special handling instructions be reported 
\308\ and is adopting this requirement as proposed.\309\ The Commission 
believes that such information will be useful to regulators in 
attempting to recreate an SRO's limit order book for market 
reconstructions. When performing market reconstructions, it is 
important for regulators not only to have information regarding what 
orders were on the book, but the conditions or special instructions 
attached to those orders. Such information can be of key importance in 
determining the amount of accessible liquidity at any price point and 
whether or not certain orders were entitled to be executed at various 
price levels.
---------------------------------------------------------------------------

    \308\ See Angel Letter, p. 2-3.
    \309\ See Rule 613(j)(7).
---------------------------------------------------------------------------

    Additionally, the Commission considered the comments received 
regarding whether an individual algorithm should be reported and 
identified as part of an order's special handling instructions, and has 
determined not to adopt that requirement in recognition that algorithms 
change frequently and therefore it may be difficult to determine when 
and if new algorithm identifiers are necessary. The Commission also 
considered one commenter's concern regarding the proprietary nature of 
algorithms and the risk of competitors appropriating algorithms if they 
were required to be identified in the consolidated audit trail. 
However, the Commission notes that, because the disclosure of whether 
an order is a result of an algorithm that makes trading decisions based 
on a programmed investment strategy might be useful for the Commission 
and the SROs to sort or filter trade data to re-construct market events 
or to better evaluate potentially manipulative behavior or intent, the 
SROs may want to consider whether it would be feasible to include a 
``flag'' or other indicator that would reveal whether an order was the 
result of an algorithmic trading calculation. Such a flag would not 
identify the actual algorithm used, but could instead indicate whether 
the order was the result of an algorithmic trade. Appending such a 
``flag'' or indicator may aid regulatory authorities in their efforts 
to make preliminary assessments about market activity and better allow 
the SROs and the Commission to monitor the usage of algorithms over 
time. The Commission acknowledges that by not requiring that algorithms 
be recorded and reported to the central repository, the consolidated 
audit trail may not contain an audit trail data element that might 
prove useful to regulatory authorities. The Commission, however, 
believes that, should regulatory authorities need such information, 
regulators can submit a request for this information and obtain the 
information about whether the order was the result of an algorithm 
readily from the broker-dealer that handled the order.
ii. Unique National Securities Exchange, National Securities 
Association and Broker-Dealer Identifiers
    The Commission proposed to require each member originating or 
receiving an order from a customer, and each national securities 
exchange, national securities association, and member that subsequently 
handles the order to report its own unique identifier to the central 
repository. Proposed Rule 613(c)(7)(i)(E) (renumbered as 
613(c)(7)(i)(C)) would have provided that any member of an SRO, that 
originally receives from a customer or originates a principal order, 
shall collect and electronically report ``the unique identifier of the 
broker-dealer receiving or originating the order.'' Similarly, proposed 
Rule 613(c)(7)(ii)(D) provided that the SRO or any member of such SRO 
that routes an order shall collect and electronically report ``the 
unique identifier of the broker-dealer or national securities exchange 
routing the order.'' Proposed Rule 613(c)(7)(ii)(E) provided that the 
SRO or any member of such SRO routing an order shall collect and 
electronically report ``the unique identifier of the broker-dealer or 
national securities exchange receiving the order.'' Proposed Rule 
613(c)(7)(iii)(D) provided that the SRO or any member of such SRO that 
receives an order shall collect and electronically report ``the unique 
identifier of the broker-dealer or national securities exchange 
receiving the order.'' Proposed Rule 613(c)(7)(iii)(E) provided that 
the SRO or any member of such SRO that receives an order shall collect 
and electronically report ``the unique identifier of the broker-dealer 
or national securities exchange routing the order.'' Proposed Rule 
613(c)(7)(iv)(E) required, for a modification or a cancellation of an 
order, the identity of the person giving such instruction. Proposed 
Rule 613(c)(7)(v)(F) provided that the SRO or any member of such SRO 
that executes an order in whole or part report ``the unique identifier 
of the broker-dealer or national securities

[[Page 45753]]

exchange executing the order.'' Further, the Commission proposed to 
require a member receiving an order from a customer to report, if 
applicable, ``the unique identifier of the branch office and the 
registered representative receiving or originating the order.'' \310\
---------------------------------------------------------------------------

    \310\ See Proposed Rule 613(c)(7)(i)(F).
---------------------------------------------------------------------------

    Commenters generally supported the proposed use of unique 
identifiers for exchanges and broker-dealers.\311\ One commenter 
explained that cross-market surveillance efforts are unduly complicated 
if a single market participant has a different identifier for each 
market, and stated that the current market participant identifier 
(``MPID'') system needed to be updated.\312\ This commenter, however, 
questioned whether it was necessary for branch office and registered 
representative information to be included in the consolidated audit 
trail, stating that the information would increase the amount of data 
reported to the consolidated audit trail, but would be useful only in 
certain circumstances.\313\ In another letter, the same commenter 
proposed to use Central Registration Depository (``CRD'') numbers to 
uniquely identify broker-dealers.\314\ Under this system, the commenter 
suggested that SROs would be required to link the CRD numbers to unique 
MPIDs to create a cross-referenced database, so that data could be 
searched and retrieved at the firm level (by CRD number) or by the 
unique market center identifiers used by firms for each transaction on 
a specific market center.\315\ For activity not occurring on a national 
securities exchange, the commenter proposed continued reporting with 
MPIDs currently used for OATS reporting.\316\ Another commenter 
supported the use of MPIDs as unique identifiers for broker-dealers, 
suggesting that the MPIDs of the firms originating each order should be 
added to the trade report, but stated that only FINRA and the 
Commission should be allowed to access this information.\317\
---------------------------------------------------------------------------

    \311\ See SIFMA Letter, p. 12; Liquidnet Letter, p. 6; FINRA 
Letter, p. 4; FINRA Proposal Letter, p. 6.
    \312\ See FINRA Letter, p. 4 (explaining that ``multiple firms 
can currently be represented by a single MPID that is used for 
market access arrangements and is assigned to another firm that has 
no direct relationship to the trading activity being reported under 
that MPID''). This commenter also supported the use of more specific 
``sub-identifiers'' to allow regulators to distinguish between desks 
or trading units within a firm.
    \313\ Id. at p. 9. FINRA also requested that the Commission 
reconsider the need for reporting the identification of the 
beneficial owner, the identification of the person exercising 
investment discretion, and the unique identifier of the branch 
office and registered representative. For further discussion of this 
comment, see note 170 supra and accompanying text.
    \314\ See FINRA Proposal Letter, p. 6, 13. The CRD is the 
central licensing and registration system operated by FINRA which 
contains employment, qualification and disciplinary histories for 
securities industry professionals who do business with the public.
    \315\ See FINRA Proposal Letter, p. 6, 13.
    \316\ Id. at p. 6.
    \317\ See Angel Letter, p. 2.
---------------------------------------------------------------------------

    After considering commenters' views requesting additional 
flexibility with respect to the unique identifiers requirement for 
national securities exchanges, national securities associations, and 
members, the Commission has determined to adopt the Rule to require 
plan sponsors to include in the NMS plan submitted to the Commission 
for its consideration a requirement for such unique identifiers, 
substantially as proposed. The Commission, however, has made two 
technical changes to the Rule text from the proposal to: (1) Add a 
defined term, ``CAT-Reporter-ID,'' in adopted Rule 613(j)(2) to refer 
to these unique identifiers, and (2) expressly permit that a ``code'' 
be used that uniquely and consistently identifies the national 
securities exchange, national securities association, or member. 
Specifically, adopted Rule 613(j)(2) provides that ``[t]he term CAT-
Reporter-ID shall mean, with respect to each national securities 
exchange, national securities association, and member of a national 
securities exchange or national securities association, a code that 
uniquely and consistently identifies such person for purposes of 
providing data to the central repository.''
    In response to the commenters that stated that firms' current MPIDs 
or CRD numbers may work as a viable unique broker-dealer identifier, 
the Commission believes it is appropriate to leave the decision of 
whether to specify an existing identifier, such as a firm's MPID or CRD 
number, or some other identifier such as one created under the unique 
legal entity identifier (LEI) standard under development by the 
International Standards Organization (``ISO'') (ISO 17442),\318\ as the 
unique broker-dealer identifier, to the plan sponsors to assess and 
propose in the NMS plan. Therefore, while the adopted Rule continues to 
require the NMS plan to require these unique identifiers, the Rule does 
not specify which identifier to use, nor does the Rule specify the 
process for assigning unique broker-dealer identifiers.\319\ In this 
regard, the Commission expects the plan sponsors to establish a 
process, to be described in the NMS plan, by which every national 
securities exchange, and every member of a national securities exchange 
or national securities association, can obtain a CAT-Reporter-ID.
---------------------------------------------------------------------------

    \318\ This standard is being developed by Technical Committee 68 
(TC68) of ISO, in whose meetings a Commission staff representative 
participates. Its final publication is subject to the resolution of 
specific issues on implementation, operating procedures, and the 
need to coordinate with a global legal entity identifier initiative 
conducted by the global regulatory community, in which a Commission 
staff representative is also participating.
    \319\ One commenter requested the Commission consider how the 
Department of the Treasury's newly-created Office of Financial 
Research (``OFR'') would impact reporting requirements imposed by 
the consolidated audit trail. See SIFMA Letter, p. 22-23. The 
commenter noted that the collection powers granted to the OFR, as 
well as its authority to require standardized reporting of data, 
could affect how data is submitted to the consolidated audit trail. 
Id. at p. 22. The commenter suggested that any information that is 
provided to the consolidated audit trail should not be required to 
be provided to the OFR again or in a different format. Id. The 
Commission understands that the OFR has been participating in and 
encouraging efforts by interested parties to have a standard for 
assigning unique entity identifiers created by an internationally 
recognized standards body (``IRSB'') and that the ISO has issued a 
draft ISO standard, ISO 17442, for the financial services industry 
that is proposed to provide a viable global solution for the 
accurate and unambiguous identification of legal entities engaged in 
financial transactions. See ISO Press Release ``ISO Financial 
Services Standard Wins Industry Support Six Months Ahead of 
Publication,'' July 25, 2011. Because the ISO standard is still in 
draft form and issues of implementation, governance and operating 
procedures remain to be resolved, the Commission does not believe 
that it is appropriate for it to mandate the use of the ISO standard 
at this time. The Commission notes, however, that to the extent that 
unique entity identifiers become available from an IRSB, Rule 613 
provides SROs with sufficient flexibility to submit, if they so 
chose, an NMS plan that makes use of those identifiers and requires 
all or some reporting parties to obtain such identifiers, assuming 
such identifiers otherwise meet the requirements of the Rule.
---------------------------------------------------------------------------

    The Commission also is adopting, substantially as proposed, rules 
requiring the NMS plan submitted to the Commission for its 
consideration to require each SRO and its members to report the unique 
identifier of the broker-dealer or SRO for each reportable event in the 
life of an order to the central repository, except to make two 
technical changes: to include the new defined term, ``CAT-Reporter-ID'' 
and to require the CAT-Reporter-ID or Customer-ID, if applicable, of 
the person giving a cancellation or modification instruction.\320\ 
Specifically, Rule 613(c)(7)(i)(C), as adopted, provides that any 
member of an SRO that originally receives from a customer or originates 
a principal order shall record and report ``[t]he CAT-Reporter-ID of 
the broker-dealer receiving or originating the order.'' Rule 
613(c)(7)(ii)(D) provides that any national securities exchange or

[[Page 45754]]

any member of an SRO that routes an order shall record and report 
``[t]he CAT-Reporter-ID of the broker-dealer or national securities 
exchange routing the order.'' Rule 613(c)(7)(ii)(E) provides that any 
national securities exchange or member of an SRO that routes an order 
shall record and report ``[t]he CAT-Reporter-ID of the broker-dealer, 
national securities exchange, or national securities association to 
which the order is being routed.'' Rule 613(c)(7)(iii)(D) provides that 
the SRO or any member of an SRO that receives a routed order shall 
record and report ``[t]he CAT-Reporter-ID of the broker-dealer, 
national securities exchange, or national securities association 
receiving the order.'' Rule 613(c)(7)(iii)(E) provides that the SRO or 
any member of an SRO that receives a routed order shall record and 
report ``[t]he CAT-Reporter-ID of the broker-dealer or national 
securities exchange routing the order.'' Rule 613(c)(7)(iv)(F) provides 
that the SRO or any member of an SRO that receives an instruction to 
modify or cancel an order shall record and report ``[t]he CAT-Reporter-
ID of the broker-dealer or Customer-ID of the person giving the 
modification or cancellation instruction.'' Rule 613(c)(7)(v)(F) 
provides that the national securities exchange or any member of an SRO 
that executes an order in whole or part shall record and report ``[t]he 
CAT-Reporter-ID of the broker-dealer or national securities exchange 
executing the order.'' Rule 613(c)(7)(vi)(B) provides that, if an order 
is executed in whole or part, a member of an SRO shall record and 
report ``[t]he CAT-Reporter-ID of the clearing broker or prime broker, 
if applicable.''
---------------------------------------------------------------------------

    \320\ See proposed Rule 613(c)(7)(iv)(E) (requiring the 
reporting of the identity of the person giving a modification or 
cancellation instruction for an order); adopted Rule 
613(c)(7)(iv)(F) (requiring the CAT-Reporter-ID or Customer-ID of 
such person instead).
---------------------------------------------------------------------------

    The Commission notes that CAT-Reporter-IDs will be reported to the 
central repository for each reportable event that the member or SRO is 
reporting to the central repository. The requirement to report CAT-
Reporter-IDs in this manner will help ensure that regulators can 
determine which market participant took action with respect to an order 
at each reportable event. The Commission does not believe that the CAT-
Reporter-ID of each member or market that touches an order needs to be 
tagged to and travel with an order for the life of the order, as long 
as the CAT-Reporter-ID of the member or exchange taking the action is 
reported to the central repository, and an order identifier(s) is 
reported at every reportable event of the order. The Commission 
believes the details of how these data are reported to the central 
repository, and the specific methodologies used by the central 
repository to assemble time-sequenced records of the full life-cycle of 
an order, is best left to the expertise of the SROs as they develop the 
NMS plan to be submitted to the Commission for its consideration. 
Instead, as adopted, Rule 613 requires that data in the central 
repository be made available to regulators in a linked fashion so that 
each order can be tracked from origination through modification, 
cancellation, or execution, and that the parties routing or receiving 
routes, or otherwise performing such actions, are identified for every 
reportable event.
    After considering the comment opposing the requirement to report to 
the central repository the unique identifier of the branch office and 
registered representative receiving or originating an order,\321\ the 
Commission has reconsidered the requirement in proposed Rule 
613(c)(7)(i)(F) and is not adopting this requirement.\322\ While this 
audit trail data may be useful in the context of certain investigations 
or market analyses, upon further consideration, the Commission believes 
that this information need not be required by Rule 613 because it is 
not critical information to help identify the customer responsible for 
trading a security, nor to capturing the entire life of an order as it 
moves from origination to execution or cancellation. In addition, the 
Commission believes that a requirement that a unique identifier of the 
branch office and registered representative receiving or originating 
the order be reported may not provide enough information in an initial 
assessment of whether illegal or manipulative activity is occurring in 
the marketplace to warrant that this information be required in the 
audit trail created by Rule 613. Further, should regulators determine 
that the identity of the branch office and registered representative 
receiving or originating the order is needed to follow-up on a specific 
issue, they may request the information directly from the broker-dealer 
as broker-dealers are required to make and keep records identifying the 
registered representative that receives an order pursuant to Exchange 
Act Rules 17a-3(a)(6)(i) \323\ and 17a-4(b)(1).\324\ As such, the 
Commission does not believe the benefits of including this information 
in the consolidated audit trail justify the costs to SROs for requiring 
them to devise a methodology to identify the branch offices and 
registered representatives receiving or originating an order, and a 
mechanism for reporting this type of data to the central repository.
---------------------------------------------------------------------------

    \321\ See note 313, supra.
    \322\ See proposed Rule 613(c)(7)(i)(F).
    \323\ 17 CFR 240.17a-3(a)(6)(i).
    \324\ 17 CFR 240.17a-4(b)(1).
---------------------------------------------------------------------------

iii. Unique Customer Identifier
(A) Proposed Rule
    As proposed, Rule 613 would have required every SRO and broker-
dealer to report a unique customer identifier to the central repository 
for any order originated by or received from such customer.\325\ 
Specifically, proposed Rule 613(c)(7)(i)(B) (renumbered as Rule 
613(c)(7)(i)(A)) would have required that a national securities 
exchange, national securities association or any member of such 
exchange or association that originally receives or originates an order 
to collect and electronically report ``a unique customer identifier for 
each customer.'' In the Proposing Release, the Commission noted that 
the unique customer identifier should remain constant for each 
customer, and have the same format, across all broker-dealers.\326\
---------------------------------------------------------------------------

    \325\ See Rule 613(j)(3) for a definition of ``customer.''
    \326\ See Proposing Release, supra note 4, at 32573; proposed 
Rule 613(c)(7)(i)(B).
---------------------------------------------------------------------------

    The Commission requested comment on possible ways to develop and 
implement unique customer identifiers. For example, the Commission 
solicited input about who should be responsible for generating the 
identifier; whether a unique customer identifier, together with the 
other information with respect to the customer that would be required 
to be provided under the proposed Rule, would be sufficient to identify 
individual customers; and whether there were any concerns about how the 
customer information would be protected. The Commission specifically 
requested comment on what steps should be taken to ensure that 
appropriate safeguards are implemented with respect to the submission 
of customer information, as well as the receipt, consolidation, and 
maintenance of such information in the central repository.
(B) Comments on Proposed Rule 613(c)(7)(i)(B)
    The Commission received comments that supported the general notion 
that identifying customers in an audit trail would be beneficial for 
regulatory purposes.\327\ One commenter stated that a customer 
identifier on an order-by-order basis would ``enhance significantly the 
audit trails of the

[[Page 45755]]

markets.'' \328\ Similarly, another commenter agreed that identifying 
the customer would be useful to regulators for purposes of market 
surveillance and enforcement.\329\ Another commenter noted that it 
``fully supports more granularity in an order audit trail, such as 
obtaining high-level customer identity information (e.g., large trader 
identification), so that patterns of trading across multiple market 
centers can be quickly and readily identified, and [the commenter] 
agrees that the timeframe needed to identify customers should be 
greatly reduced; however, [the commenter] question[s] the utility of 
receiving the identity of both the beneficial owner and the person 
exercising the investment discretion, if different, for each and every 
order reported to the consolidated audit trail.'' \330\
---------------------------------------------------------------------------

    \327\ See CBOE Letter, p. 2; Managed Funds Association Letter, 
p. 2; FINRA Letter, p. 9; SIFMA Drop Copy Letter, p. 1; SIFMA 
Letter, p. 9.
    \328\ See CBOE Letter, p. 2.
    \329\ See Managed Funds Association Letter, p. 2.
    \330\ See FINRA Letter, p. 9.
---------------------------------------------------------------------------

    However, other commenters disagreed with the need for a unique 
customer identifier and the proposed Rule's requirements for reporting 
a unique customer identifier with every order. These commenters 
generally focused on the complexity and cost of the systems changes 
required to implement the unique customer identifier requirement for 
every customer; \331\ the complexity in the process for assigning 
unique customer identifiers; \332\ the alternative ways that a customer 
could be identified without requiring a unique customer identifier as 
proposed; \333\ and the concerns about how the privacy of customers 
might be compromised if every customer was assigned a unique customer 
identifier.\334\
---------------------------------------------------------------------------

    \331\ See SIFMA Drop Copy Letter, p. 1. See also SIFMA Letter, 
p. 9.
    \332\ See Liquidnet Letter, p. 4; SIFMA Letter, p. 10-11; Knight 
Letter, p. 2; Scottrade Letter, p. 1; Direct Edge Letter, p. 3; 
FINRA Proposal Letter, p. 4.
    \333\ See Angel Letter, p. 2; FIF Letter, p. 2; BOX Letter, 2.
    \334\ See SIFMA Letter, p. 10; Wells Fargo Letter, p. 3; Ross 
Letter, p. 1; ICI Letter, p. 3; FIF Letter, p. 2.
---------------------------------------------------------------------------

    One commenter discussed the complexity and cost of the systems 
changes required to implement the unique customer identifier 
requirement, as set forth in the Rule.\335\ This commenter, who did not 
believe the Commission should require a unique customer identifier for 
every customer, noted the ``complexity of the technology development 
work involved'' in adding this identifier to the audit trail.\336\ The 
commenter added that the work required to update internal architecture 
to report customer identifiers would be ``substantial'' because broker-
dealer systems and processes may access and maintain customer (and 
proprietary) identification information in different ways and at 
different levels of specificity, and that sales and trading systems 
would need to be modified to report the unique customer identifiers 
with every order. This commenter also noted the ``significant costs'' 
generally associated with requiring a unique customer identifier.\337\
---------------------------------------------------------------------------

    \335\ See SIFMA Drop Copy Letter, p. 1. See also SIFMA Letter, 
p. 9.
    \336\ Id.
    \337\ See SIFMA Letter p. 9, 10.
---------------------------------------------------------------------------

    A few commenters also submitted their views on the complexity of 
the process for assigning unique customer identifiers.\338\ One 
commenter noted that the process for assigning unique customer 
identifiers that the Commission discussed in the Proposing Release 
(i.e., generating unique customer identifiers based on the input by a 
broker-dealer of a customer's social security number or tax 
identification number) would not create an administrative burden on 
individuals and non-broker-dealer entities.\339\ Another commenter, 
however, noted difficulties associated with implementing a centralized 
process for assigning, storing and utilizing standardized customer 
identifiers \340\ and another commenter characterized the 
``implementation of a centralized customer identification system'' as a 
``monumental task.'' \341\ Another commenter believed that to satisfy 
the Rule's requirements, the industry would need to implement a 
completely new market-wide system to satisfy the unique customer 
identifier requirement, noting that this might not be feasible on the 
proposed timeline.\342\ Another commenter characterized the collection 
of a unique customer identifier as a ``significant project unto 
itself.'' \343\ One commenter observed that given the large number of 
retail investors (some with multiple accounts), the complexities 
associated with tracking retail investors' accounts, and the relatively 
small and infrequent amount of trading by typical retail investors, the 
Rule should not require unique customer identifiers for every 
customer.\344\ Another commenter urged the Commission to specify 
whether the process required that a unique customer identifier be 
submitted at the time an order is originated or received and the 
procedure to be followed if an identifier is not available.\345\
---------------------------------------------------------------------------

    \338\ See Liquidnet Letter, p. 4; SIFMA Letter, p. 10-11; Knight 
Letter, p. 2; Scottrade Letter, p. 1; Direct Edge Letter, p. 3; 
FINRA Proposal Letter, p. 4; SIFMA Letter, p. 11.
    \339\ See Proposing Release, supra note 4, at 32573; Liquidnet 
Letter, p. 4.
    \340\ See SIFMA Letter, p. 10.
    \341\ See Knight Letter, p. 2.
    \342\ See Scottrade Letter, p. 1. See also Knight Letter, p. 2; 
Direct Edge Letter, p. 4.
    \343\ See Direct Edge Letter, p. 3.
    \344\ See FINRA Proposal Letter, p. 4.
    \345\ See SIFMA Letter, p. 11.
---------------------------------------------------------------------------

    A few commenters suggested alternative ways to identify a customer, 
rather than through a unique customer identifier.\346\ One commenter 
suggested that customers could be identified by amending the current 
trade report.\347\ Another commenter believed that ``sophisticated 
analysis could identify trading activity that might be coordinated, 
without using an account identifier, and that regulators could then 
perform further analysis to determine who traded by using [EBS] and 
other methods already available to the staff.'' \348\ Another commenter 
noted that a possible method for identifying customers could be by 
linking customer information in EBS to trading information in 
OATS.\349\ Another commenter noted that ``[i]t makes economical sense 
to use the current OATS and COATS audit trails and to expand those 
audit trails to include additional customer information, thereby 
providing a more complete audit trail for regulatory oversight for post 
trade analysis rather than building another audit trail system.'' \350\
---------------------------------------------------------------------------

    \346\ See Angel Letter, p. 2; FIF Letter, p. 2; BOX Letter, p 2.
    \347\ See Angel Letter, p. 2. This commenter stated that ``[i]t 
would be relatively simple and cheap to add four fields to each 
trade report that would contain the account numbers of the buyer and 
seller and the Market Participant Identifier (MPID) for the original 
order entry firms.''
    \348\ See FIF Letter, p. 2. This commenter recommended that the 
requirement for such unique customer identifiers be tabled until 
after regulators have experience using CAT without this identifier.
    \349\ See FIF Letter, p. 2.
    \350\ See BOX Letter, p. 2.
---------------------------------------------------------------------------

    Commenters also discussed the need for both a large trader 
identification number under Rule 13h-1 under the Exchange Act, the 
Commission's Rule implementing the large trader reporting system,\351\ 
and a unique customer identifier under Rule 613.\352\ One commenter 
stated that the Commission could alleviate some of the burdens of the 
proposed Rule, and increase the effectiveness of an identification 
system, if it required only large trader identification numbers to be 
reported instead of requiring a unique customer identifier for every 
customer.\353\ This commenter believed that the Commission and the SROs 
are unlikely

[[Page 45756]]

to be interested in routine transactions by small investors and would 
much more likely need accurate information about the orders of large 
traders because they are most likely to engage in transactions large 
enough to impact prices.\354\ Another commenter noted that an 
alternative would be to only identify entities that have sponsored or 
direct access to market centers via a relationship with a sponsoring 
market participant and to identify customers whose trading activity 
would be required to be disclosed pursuant to Rule 13h-1.\355\
---------------------------------------------------------------------------

    \351\ See Section II.A.3., supra.
    \352\ See SIFMA Letter, p. 11; FINRA Proposal Letter, p. 6-7.
    \353\ See SIFMA Letter, p. 11.
    \354\ Id. See also FINRA Proposal Letter, Appendix B (setting 
forth a method for identifying large traders through the 
``registration of unique market participant identifiers rather than 
by requiring broker-dealers to provide the CAT processor with any 
large trader numbers assigned by the SEC in order reports, thereby 
minimizing the ability of market participants to reverse engineer a 
large trader's identity or trading strategy'').
    \355\ See FINRA Proposal Letter, p. 6-7.
---------------------------------------------------------------------------

    Certain commenters discussed concerns about how the privacy of 
customers might be compromised if every customer was assigned a unique 
customer identifier.\356\ One commenter, noting the Commission's 
discussion in the Proposing Release that the unique customer 
identifiers could be based on a customer's social security number or 
taxpayer identification number, believed that the Commission's approach 
raises ``serious privacy concerns.'' \357\ Another commenter noted that 
``there is a legitimate privacy concern with having the unique customer 
identifier available to the marketplace, and creating a means to 
protect that privacy would add tremendous incremental cost to the 
[consolidated audit trail].'' \358\ One commenter questioned how long 
and at what level customer information would be encrypted,\359\ and 
another noted that ``[t]he proposal needs to clarify who will have 
access to customer data and how confidentiality will be ensured.'' 
\360\
---------------------------------------------------------------------------

    \356\ See SIFMA Letter, p. 10; Wells Fargo Letter, p. 3; Ross 
Letter, p. 1; ICI Letter, p. 2; FIF Letter, p. 2.
    \357\ See SIFMA Letter, p. 10 (noting that ``in recent years, 
increased concerns about identity theft and client confidentiality 
have led the securities industry to move away from using social 
security identification numbers or taxpayer identification numbers 
as a way to monitor clients and customers. The SEC has affirmed that 
it would guard access to customer social security and taxpayer 
identification numbers with even more safeguards than it does other 
information in the central repository of the consolidated audit 
trail. Although the SEC has a strong record of protecting investor 
privacy, the very presence of potentially billions of unique 
customer identifiers tied to personal information in a central 
repository would create a substantial risk of misuse and identity 
theft. The risk of unique customer identifiers being stolen or 
misused would be magnified in a real-time reporting system'').
    \358\ See Wells Fargo Letter, p. 3. However, this commenter also 
noted that, ``[w]hile the full panoply of privacy concerns that flow 
from having a unique order identifier being available to every 
participant in the order execution process may be difficult to 
assess, creating a system that has that unique identifier available 
for primarily the post trade review likely solves both the privacy 
and cost issues in a manner reasonable for both clients, market 
participants and regulators.'' Id.
    \359\ See Ross Letter, p. 1 (asking at what level of security to 
encrypt customer data, and for how long to encrypt it for, as well 
as how long the Commission would need to decrypt the customer's 
name--whether on a real time or overnight basis, and noting that 
data encryption is expensive and could enlarge message sizes.) See 
also ICI, p. 3 (suggesting that the Commission expressly state who 
would have access, when they could access it, and how they could use 
it; and also recommending requiring that all data sent to the 
central repository be encrypted and that certain fields be 
``masked'' or that reporting of information in such fields be 
delayed until end-of-day to reduce concerns about leaked information 
being used for frontrunning).
    \360\ See FIF Letter, p. 2.
---------------------------------------------------------------------------

(C) Adopted Rule
(1) Need for a Unique Customer Identifier
    The Commission recognizes that the implementation of the unique 
customer identifier requirement may be complex and costly, and the 
reporting of a unique customer identifier will require SROs and their 
members to modify their systems to comply with the Rule's requirements. 
The Commission, however, believes that unique customer identifiers are 
vital to the effectiveness of the consolidated audit trail. The 
inclusion of unique customer identifiers should greatly facilitate the 
identification of the orders and actions attributable to particular 
customers and thus substantially enhance the efficiency and 
effectiveness of the regulatory oversight provided by the SROs and the 
Commission. Without the inclusion of unique customer identifiers, many 
of the benefits of a consolidated audit trail as described above in 
Section II.2. would not be achievable.
    For example, unique customer identifiers will make regulatory 
inquiries and investigations more efficient by eliminating delays 
resulting from the current need to send information requests to 
individual market participants in search of this key information, as 
well as reducing the burden on regulators and market participants of 
such requests.\361\ The identity of the customer is often necessary to 
tie together potential manipulative activities that occur across 
markets and through multiple accounts at various broker-dealers. 
Existing audit trails, however, do not identify the customer 
originating the order and thus do not allow SRO and Commission 
regulatory staff to quickly and reliably track a person's trading 
activity wherever it occurs in the U.S. securities markets. A unique 
customer identifier connected to each order will allow the SROs and the 
Commission to more quickly identify the customer that originated each 
order and therefore potentially more quickly and efficiently stop 
manipulative behavior through the submission of orders. In certain 
cases this might limit the losses of parties injured by malfeasance who 
currently may suffer losses during the weeks or months that it can 
currently take for regulators to obtain customer information through 
written requests for information.
---------------------------------------------------------------------------

    \361\ Because existing SRO audit trails do not require customer 
information to be reported, regulators must request that information 
identifying the customer, often from a multitude of sources, which 
can result in significant delays in investigating market anomalies 
or violative trading. Additionally, indirect access to an exchange 
(such as ``sponsored access'' arrangements) also has made it more 
difficult to use the current EBS system and Rule 17a-25 to identify 
the originating customer because the broker-dealer through whom an 
order is sent to an exchange may not know or have direct access to 
information identifying the customer who originally submitted the 
order.
---------------------------------------------------------------------------

    Further, unique customer identifiers will aid regulators in 
reconstructing broad-based market events. Specifically, having unique 
customer identifiers will aid regulators in determining how certain 
market participants behaved in response to market conditions and may 
even reveal the identity of the market participant(s) who caused or 
exacerbated a broad-based market event. More so, unique customer 
identifiers would enable regulators to disaggregate the market activity 
of different participants in ways that could help address many 
important questions related to equity and equity options market 
structure, ranging from more detailed analyses of the potential impacts 
of high frequency trading, to studies of market liquidity, to trend 
analyses of the trading costs and general efficiency by which investors 
use our public markets to acquire or dispose of their securities 
holdings.
    The Commission has considered commenters' concerns about the 
complexity of the process for creating and assigning unique customer 
identifiers and understands and acknowledges that the process of 
creating and assigning unique customer identifiers may not be simple 
and may result in additional costs to SROs and their members.\362\ The 
Commission also considered the commenters' views that there may be 
alternative ways to identify the customer responsible for orders, and 
that, in the view of some

[[Page 45757]]

commenters, every individual customer need not be identified for 
purposes of an audit trail. As noted above, the Commission believes 
that the identification of each customer responsible for every order is 
critical to the effectiveness of a consolidated audit trail and does 
not agree that the commenters' alternative means of identifying a 
customer would be as effective as the method proposed by Rule 613. For 
example, the Commission considered the comment that customers could be 
identified by amending the trade report, but this approach would fail 
to identify customers associated with orders that are not 
executed.\363\ Additionally, account numbers are assigned by broker-
dealers for their own customers only, and account numbers vary between 
broker-dealers. Thus, the identity of a customer from a specific 
account number would not be apparent to regulators without the time-
consuming requests for information Rule 613 specifically is seeking to 
avoid. The use of unique customer identifiers would permit regulators 
to readily trace market activity by the same customer back to that 
unique customer identifier even if such market activity were affected 
across multiple accounts and broker-dealers.
---------------------------------------------------------------------------

    \362\ See notes 331-334, supra, and accompanying text.
    \363\ See Angel Letter, p. 2.
---------------------------------------------------------------------------

    The Commission also considered the recommendations of some 
commenters that the consolidated audit trail should use the large 
trader identifier instead of a unique customer identifier.\364\ The 
Commission, however, does not believe that the commenters' approach 
will address the regulatory need to obtain information on and to 
identify the holders of accounts for all order activity in the market 
for NMS securities because the use of the large trader identifier alone 
would identify only those traders that self-report as ``large traders'' 
pursuant to Rule 13h-1 and are assigned a large trader unique 
identifier. Thus, under the commenters' suggested approach, only a very 
small portion of customers--the very largest traders in the market--
would be assigned a unique identifier for purposes of the consolidated 
audit trail. Smaller traders, however, also can be perpetrators of 
illegal activity, or otherwise impact the market. Accordingly, the 
Commission believes that information on all customers is necessary to 
achieve the goal of Rule 613.
---------------------------------------------------------------------------

    \364\ See SIFMA Letter, p. 9-11; FINRA Proposal Letter, p. 4 and 
6.
---------------------------------------------------------------------------

    Despite the wide and disparate array of views from commenters on 
the costs, complexities, and most efficient methodologies to generate 
and collect unique customer identifiers, the Commission believes that 
the potential benefits of including this information in the 
consolidated audit trail justify the costs to the SROs in requiring 
that they develop and include a detailed framework for unique customer 
identification as part of the NMS plan to be submitted for 
consideration by the Commission and the public. Therefore, the 
Commission is adopting the Rule substantially as proposed to provide 
that the NMS plan must require every member to report a unique customer 
identifier to the central repository upon origination or receipt of an 
order as required by Rule 613(c)(7)(i)(A). The Commission, however, is 
changing the term ``unique customer identifier,'' as used in the 
proposed Rule, to the term ``Customer-ID.'' Adopted Rule 613(j)(5) 
defines the term ``Customer-ID'' to mean, ``with respect to a customer, 
a code that uniquely and consistently identifies such customer for 
purposes of providing data to the central repository.'' \365\
---------------------------------------------------------------------------

    \365\ For purposes of the following discussion, the Commission 
will use the terms ``unique customer identifier'' and ``Customer-
ID'' interchangeably.
---------------------------------------------------------------------------

    Given the complexity and the various existing options for 
identifying a customer, the Commission believes that the plan sponsors, 
by engaging in a detailed process that combines their own expertise 
with that of other market participants, are in the best position to 
devise a methodology for, and estimate the costs of, including customer 
identifiers in the consolidated audit trail. Once the NMS plan was 
submitted, the Commission and the public would then be able to consider 
the details and costs of such a framework.
    The Commission notes that the Rule does not specify the process for 
assigning the unique customer identifiers, or the format for such 
identifiers; rather, the Rule contemplates that the plan sponsors have 
the flexibility to determine the precise way to assign or ``code'' 
these identifiers. In this regard, the Commission expects the plan 
sponsors to establish a process by which every broker-dealer can, in a 
cost-effective manner, obtain a unique customer identifier, or 
Customer-ID, for each of their customer(s).\366\ The Commission also 
expects the plan sponsors to establish a process by which unique 
customer identifiers are reported to the central repository, and how 
this information is linked to the name and address of customers as 
stored in the central repository. The Commission further notes that 
Rule 613 does not specify that unique customer identifiers must be 
attached to every reportable event as orders are routed from one market 
or broker-dealer to another, or that these identifiers are reported at 
the same time and fashion as other customer-identifying information. 
Rather, the Commission is relying on the SROs, and other market 
participants,\367\ to develop a proposal that maximizes efficiency and 
security, and that data in the central repository be made available to 
regulators in a linked fashion so that each order, and all subsequent 
reportable events, can be readily traced back to one or more customers 
through their unique identifiers.
---------------------------------------------------------------------------

    \366\ Under the Rule, each customer would be assigned a unique 
customer identifier, or Customer-ID. However, an order may have more 
than one Customer-ID if the account holder differs from the person 
from whom the broker-dealer is authorized to take trading 
instructions or if more than one person is an account holder for the 
account or is authorized to give trading instructions for the 
account.
    \367\ See Rule 613(a)(1)(xi).
---------------------------------------------------------------------------

    In response to the commenter that questioned what should happen if 
a unique customer identifier was not available,\368\ the Commission 
notes that the Rule does not set out a process for addressing a 
situation where a unique customer identifier is not available to a 
broker-dealer and/or customer. Instead, the Commission believes that 
the plan sponsors are in the best position to address this situation as 
they develop the overall process for assigning unique customer 
identifiers. In response to the comment that requested the Commission 
specify whether a unique customer identifier is required to be reported 
at the time an order is originated or received,\369\ the Commission 
notes that Rule 613(c)(7)(i)(A) requires that the NMS plan require that 
this information be recorded contemporaneously with the reportable 
event, but permits the reporting of the identifier by 8:00 a.m. Eastern 
Time on the trading day following the day such information has been 
recorded.\370\ In addition, in response to the commenter that believed 
that the consolidated audit trail should identify market participants 
with direct or sponsored access to markets,\371\ the Commission notes 
that under the Rule, to assure the Commission and the SROs of an 
accurate and complete audit trail for every action that every market 
participant takes with respect to an order, the sponsored party will be 
assigned a Customer-ID and the

[[Page 45758]]

sponsoring broker-dealer will be assigned a CAT-Reporter ID under Rule 
613.
---------------------------------------------------------------------------

    \368\ See SIFMA Letter, p. 11.
    \369\ See SIFMA Letter, p. 11.
    \370\ See Section III.B.1.e., infra.
    \371\ See FINRA Letter, p. 8-9.
---------------------------------------------------------------------------

    The Commission also considered the privacy and security concerns 
that commenters raised with respect to the use of Customer-IDs.\372\ In 
response to these comments, the Commission is revising proposed Rule 
613, as discussed in more detail in Section III.B.2.e. below, to 
include additional mechanisms to safeguard the privacy and 
confidentiality of the audit trail data, including the Customer-ID, in 
large part to address the privacy concerns raised by commenters.\373\ 
In response to the commenter that questioned when and at what level 
customer information would be encrypted,\374\ the Commission notes 
that, while Rule 613 does not explicitly require that this information 
be encrypted, the Rule contains several safeguards to ensure the 
privacy and confidentiality of the audit trail data. Specifically, 
adopted Rule 613(e)(4) requires the NMS plan to include policies and 
procedures, including standards, to be used by the plan processor to 
ensure the security and confidentiality of all information reported to 
the central repository. In addition, one of the considerations the NMS 
plan must address is how the security and confidentiality of all 
information, including customer information, reported to the central 
repository, will be ensured.\375\ Based on these provisions, the 
Commission believes that plan sponsors would need to make sure customer 
information is protected, and the plan sponsors could require such data 
to be encrypted.
---------------------------------------------------------------------------

    \372\ See ICI Letter, p. 2-4; SIFMA Letter, p. 10-11; Angel 
Letter, p. 2; Ross Letter, p. 1.
    \373\ See Section III.B.2.e., infra.
    \374\ See Ross Letter, p. 1.
    \375\ See Rule 613(a)(1)(iv).
---------------------------------------------------------------------------

    Additionally, the Commission believes that privacy concerns also 
could be mitigated if the plan sponsors determine, as permitted by Rule 
613, that the unique customer identifiers not travel with the order, 
and instead be reported to the central repository only upon the receipt 
or origination of an order. Therefore, if the plan sponsors make this 
decision, the SROs and their members will not be able to use the unique 
customer identifier to track the identity of a customer(s) or a 
customer's order flow.\376\ While the unique customer identifier will 
be linked to information that is sufficient to identify a customer 
(e.g., the name and address of the customer) and customer account 
information \377\ at the central repository, this information will be 
accessible only by regulators for regulatory purposes.\378\ The 
Commission also notes that the plan sponsors could determine not to 
require that a customer's social security number or tax identification 
number be used as a customer's unique identifier to the extent they 
believe that there are privacy and confidentiality concerns.
---------------------------------------------------------------------------

    \376\ See also Section III.B.2.e., infra, for a discussion of 
the provisions in the NMS plan designed to protect the privacy and 
confidentiality of the consolidated audit trail data.
    \377\ See Rule 613(j)(4).
    \378\ See Rule 613(e)(2). See also Section III.B.2.d., infra.
---------------------------------------------------------------------------

(2) Definition of ``Customer''
    As proposed, Rule 613(j)(1) (renumbered as Rule 613(j)(3)) defined 
``customer'' as ``[t]he beneficial owner(s) of the account originating 
the order; and [t]he person exercising investment discretion for the 
account originating the order, if different from the beneficial 
owner(s).'' The Commission received two comments regarding the 
inclusion of beneficial owners in the definition of customer. One 
commenter questioned the use of a unique customer identifier for both a 
beneficial owner of an account and the person exercising investment 
discretion, if different, and noted that if a trade comes into 
question, the person exercising investment discretion, not the 
beneficial owner, likely will be the ``first person of interest in any 
type of review or investigation of such trading activity.'' \379\ 
Another commenter requested further clarity regarding the definition of 
``customer'' for purposes of Rule 613, and suggested that the 
Commission should define ``beneficial owner'' to be sure this term is 
applied correctly.\380\ This commenter specifically stated that ``[t]he 
SEC should also provide a definition for the terms `beneficial owner' 
and `customer' to eliminate any doubts as to whom these labels apply. 
For example, is the `customer' the entity directing the trade or the 
beneficial owner of the account?'' and added that, ``for registered 
investment advisers, the unique customer identifier should be 
associated with the investment adviser rather than the underlying 
beneficial owner. Frequently, investment advisers aggregate orders for 
multiple beneficial owners in `bulk' orders that are routed together 
and allocated on an average-priced basis to ensure best execution.'' 
\381\
    In response to commenters' concerns about the use of the term 
``beneficial owner,'' the Commission is revising Rule 613(j)(1), as 
proposed (renumbered as Rule 613(j)(3)), to state that ``[t]he term 
`customer' shall mean: (i) [t]he account holder(s) of the account at a 
registered broker-dealer originating the order; and (ii) [a]ny person 
from whom the broker-dealer is authorized to accept trading 
instructions for such account, if different from the account 
holder(s).'' The Commission believes that the revised Rule will provide 
it with the customer information required to achieve the objectives of 
the consolidated audit trail.\382\
---------------------------------------------------------------------------

    \379\ See FINRA Letter, p. 9.
    \380\ See SIFMA Letter, p. 11.
    \381\ Id.
    \382\ The Commission also notes that it retains the authority to 
request additional information from broker-dealers (and other market 
participants it regulates) where information about a customer of a 
broker-dealer beyond that required by Rule 613(j)(3) is needed to 
fulfill its mission.
---------------------------------------------------------------------------

    In adopting this revised definition, the Commission is clarifying 
its intent that, with respect to the ``account holder'' reference under 
Rule 613(j)(3), the NMS plan submitted to the Commission for its 
consideration must require broker-dealers to capture information on 
only the individuals or entities that currently are required to be 
recorded in the books and records of the broker-dealer pursuant to Rule 
17a-3(a)(9) under the Exchange Act.\383\ Because this provision does 
not require broker-dealers to obtain information about their account 
holders beyond what they are required to obtain today, the Commission 
believes the modification to the proposed Rule is appropriate because 
it will reduce the proposed Rule's burden on broker-dealers in 
recording and reporting information about a ``customer,'' as that term 
will be defined under Rule 613(j)(3). The Commission notes that, under 
the Rule, as adopted, for joint accounts--where two individuals are 
required to provide information under Rule 17a-3 of the Exchange Act 
for one account--information for both persons listed on the joint 
account would be recorded and reported under Rule 613.\384\
---------------------------------------------------------------------------

    \383\ Rule 17a-3(a)(9), among other things, requires a broker-
dealer to make and keep a record of the name and address of the 
``beneficial owner'' of each cash or margin account with the broker-
dealer. 17 CFR 240.17a-3(a)(9). Rule 613 is not intended to alter in 
any way the information that a broker-dealer is currently required 
to obtain under Rule 17a-3(a)(9).
    \384\ The Commission notes that, under Rule 613, both joint 
account holders would also receive their own unique customer 
identifier.
---------------------------------------------------------------------------

    The Commission also believes that it is important to capture the 
person that has authority to give trading instructions to a broker-
dealer for an account, if different from the account holder, because 
such person likely will be of interest in a review or investigation of 
activity in such account.

[[Page 45759]]

Thus, the Commission is modifying the proposed Rule to clarify its 
intent that under Rule 613 the NMS plan also must capture, in the 
definition of customer, ``[a]ny person from whom the broker-dealer is 
authorized to accept trading instructions, if different from the 
account holder(s).'' \385\ Knowing the identity of the person who is 
authorized to give the broker-dealer trading instructions for an 
account, whether the account holder or an adviser or other third party, 
is a vital component in the investigative process. Further, when 
investigating violations of the federal securities laws, it is 
important to promptly identify all potentially relevant parties who may 
have made trading or investment decisions, which could include both the 
person authorized to give the broker-dealer trading instructions for 
such account and the account holder.\386\
---------------------------------------------------------------------------

    \385\ See Rule 613(j)(3)(ii).
    \386\ For the purpose of Rule 613(j)(3), natural persons who are 
employed by an entity that is an account holder, and who are 
authorized to trade for that account, are not considered different 
from the account holders, and are therefore not covered by Rule 
613(j)(3)(i).
---------------------------------------------------------------------------

    Pursuant to the revised definition of ``customer'' under adopted 
Rule 613, for example, if an order is entered to buy or sell securities 
for the account of an investment company or other pooled investment 
vehicle (a ``fund''), the Rule will capture, in the definition of 
customer, the fund itself or, if the account at the broker-dealer is 
held only in the name of the fund's investment adviser from whom the 
broker-dealer is authorized to accept trading instructions, the Rule 
will capture the investment adviser.\387\ If the account at the broker-
dealer is held in the name of the fund itself, the Rule will capture 
both the name of the fund (pursuant to Rule 613(j)(3)(i)), as well as 
the name of the fund's investment adviser from whom the broker-dealer 
is authorized to accept trading instructions (pursuant to Rule 
613(j)(3)(ii)). In addition, if an adviser enters an order on behalf of 
clients that each maintain separate accounts at the broker-dealer 
originating the order, using those accounts, the Rule would capture 
both the adviser--as the person providing trading instructions to the 
broker-dealer (pursuant to Rule 613(j)(3)(ii))--and the clients, who 
are the account holders at the broker-dealer (pursuant to Rule 
613(j)(3)(i)). If an adviser instead enters an order to buy or sell 
securities using its own account held at the broker-dealer originating 
the order, the Rule would capture the adviser (pursuant to Rule 
613(j)(3)(i)) but would only capture any client accounts to which the 
adviser allocates executed trades (pursuant to Rule 613(c)(7)(vi)) if 
those client accounts were held separately at the same broker-dealer as 
well.
---------------------------------------------------------------------------

    \387\ Pursuant to the definition of ``customer'' under adopted 
Rule 613, the Rule would not capture owners of a fund because they 
are not the account holders at the broker-dealer.
---------------------------------------------------------------------------

    Furthermore, in cases where multiple individuals in the same 
trading firm transact through a single account maintained at a broker-
dealer in the name of that trading firm, the Rule will require the NMS 
plan to require recording and reporting of the Customer-ID of the 
trading firm associated with that account, and not the Customer-IDs of 
the individual traders who had placed the orders.\388\ The Commission 
understands that in some cases broker-dealers may have knowledge of the 
individual traders transacting within the same firm-wide account, and 
may even provide reports to the firm holding the account that 
summarizes trade activity according to individual trader. Because such 
information is not captured by the Rule, but may be useful in informing 
regulators about the potential manipulative activities, the SROs may 
wish to consider how such information might be incorporated into the 
consolidated audit trail in the future.
---------------------------------------------------------------------------

    \388\ This is because, for the purpose of Rule 613(j)(3), 
natural persons who are employed by an entity that is an account 
holder, and who are authorized to trade for that account, are not 
considered different from the account holders, and are therefore not 
covered by Rule 613(j)(3)(ii).
    If an individual creates and operates two separate entities (as 
an employee of each such entity) that each maintain a trading 
account at one or more broker-dealers, the broker-dealers would be 
required to record and report the Customer-IDs of those entities, 
and not the customer ID of the individual trader.
---------------------------------------------------------------------------

    The Commission is also modifying a related provision of the Rule, 
Rule 613(c)(7)(i)(A), to reflect that more than one Customer-ID must be 
provided upon original receipt or origination of an order if the 
account holder and the person authorized to give the broker-dealer 
trading instructions for such account are different or if more than one 
person is an account holder for the account (such as, for example, 
joint account holders). Specifically, Rule 613(c)(7)(i)(A) provides 
that ``Customer-ID(s)'' (i.e., multiple Customer-IDs) must be provided 
for each customer, if that is applicable. In addition, the Commission 
notes that every ``customer,'' as defined by Rule 613(j)(3) will be 
assigned a Customer-ID; thus, two Customer-IDs maybe associated with 
one order under the Rule.
iv. Unique Order Identifier
    As proposed, the Rule would have required the NMS plan to require 
each member of an exchange or FINRA to attach, to each order received 
or originated by the member, a unique order identifier that would be 
reported to the central repository and that would remain with that 
order throughout its life, including routing, modification, execution, 
or cancellation. Specifically, proposed Rule 613(c)(7)(i)(D) 
(renumbered as Rule 613(c)(7)(i)(B)) would have provided that the 
national market system plan shall require each national securities 
exchange, national securities association, and any member of such 
exchange or association to collect and electronically provide to a 
central repository details for each order and each reportable event, 
including, but not limited to, ``a unique identifier that will attach 
to the order at the time the order is received or originated by the 
member and remain with the order through the process of routing, 
modification, cancellation, and execution (in whole or in part).'' In 
the Proposing Release, the Commission stated that the use of such an 
identifier would allow the SROs and the Commission to efficiently link 
all events in the life of an order and help create a complete audit 
trail across all markets and broker-dealers that handle the order.\389\ 
Proposed Rules 613(c)(7)(ii)(A), 613(c)(7)(iii)(A), and 613(c)(7)(v)(A) 
would have required the reporting of a unique order identifier to the 
central repository for the reportable events of routing and execution. 
The Commission did not propose to mandate the format of such an 
identifier or how the identifier would be generated.
---------------------------------------------------------------------------

    \389\ See Proposing Release, supra note 4, at 32576.
---------------------------------------------------------------------------

    The Commission requested comment on whether a unique order 
identifier that would remain with the order for its life would be 
necessary or useful for an effective consolidated audit trail. The 
Commission also specifically requested comment on, among other things, 
the feasibility and merits of its proposed approach for attaching a 
unique order identifier to an order, as well as on how multiple 
``child'' orders that may result if the original ``parent'' order is 
subsequently broken up, or an aggregation of multiple original orders 
into a single order, should be addressed.
    Several commenters expressed opinions on the proposed unique order 
identifier requirement, with some noting that the Commission's proposal 
imposed ``significant'' burdens or challenges on market participants, 
and others offering alternatives to the

[[Page 45760]]

Commission's approach to identifying orders.\390\ For example, some 
commenters suggested that the Rule permit the approach used for OATS 
reporting, in which the broker-dealer initiating or receiving an order 
would generate its own order identifier, but pass on a separate routing 
identifier to the entity to which it routes the order, which would 
generate its own order identifier, but retain and report that routing 
identifier as well, so that information about the order can be linked 
together as it is passed from venue to venue.\391\ One of these 
commenters also believed that the OATS approach would avoid certain 
complexities that could occur with a unique order identifier, such as 
when the original order is broken up into multiple ``child'' 
orders.\392\ In a subsequent comment letter, the commenter stated that 
it could require two new order event types that would allow customer 
orders handled on a riskless principal or agency basis to be linked to 
the related representative orders.\393\ Another of the commenters 
suggested that ``the adopted CAT filing should require that an order be 
tracked through its lifecycle and [the Commission should] leave the 
technical details to [a] requirements analysis.'' \394\
---------------------------------------------------------------------------

    \390\ See Thomson Reuters Letter, p. 3; Liquidnet Letter, p. 6-
7; SIFMA Letter, p. 12; FINRA Letter, p. 7; FIF Letter, p. 3; FIF 
Letter II, p. 2.
    \391\ See Liquidnet Letter, p. 6-7; SIFMA Letter, p. 12; FINRA 
Letter, p. 7; FIF Letter, p. 3.
    \392\ See FINRA Letter, p. 7-8. FINRA expressed concern that, if 
two child orders from the same parent order are sent to the same 
market center, regulators would need to look at time stamps and 
other attributes, such as share quantity and price, to attempt to 
create an accurate linkage for each individual child order. FINRA 
stated that this complexity could be avoided if members used a 
separate unique routed order identifier for each routed order. Id.
    \393\ See FINRA Proposal Letter, p. 7-8.
    \394\ See FIF Letter II, p. 2.
---------------------------------------------------------------------------

    Another commenter was concerned that, if the originating firm's or 
customer's name was used as part of the unique order identifier, this 
could create ``potential privacy information risks as every new 
destination (both internally across information barriers within a firm 
and externally across broker-dealers) would see where an order 
originated.'' \395\ Similarly, a third commenter supported the OATS 
approach of linking a series of separate order identifiers in part 
because it believed that, if a unique identifier were to pass from 
firm-to-firm, there was a risk that information about the origin of an 
order might be inferred.\396\ Yet another commenter recommended that 
the Commission standardize how the order identifier should be 
structured to ensure consistent reporting between firms, instead of 
leaving this decision to the plan sponsors.\397\
---------------------------------------------------------------------------

    \395\ See SIFMA Letter, p. 12. See also SIFMA Drop Copy Letter, 
p. 2 (suggesting a routed order identifier or a child order 
identifier which would be separate from the unique order identifier 
of the parent order, and would be reported to the consolidated audit 
trail separately on a non-real-time basis, as well as linkage 
information).
    \396\ See FIF Letter, p. 3 (recommending the linking of the 
order information in a fashion similar to OATS whereby the 
information would only be available to regulators).
    \397\ See SIFMA Letter, p. 12. In addition, another commenter 
suggested that order identifiers should be unique by broker and day, 
similar to the approach used by OATS. See Liquidnet Letter, p. 7.
---------------------------------------------------------------------------

    The Commission has considered the comments received regarding the 
requirement that the NMS plan mandate a unique order identifier, and is 
adopting Rule 613 with significant modifications \398\ that provide 
more flexibility for the SROs, as the plan sponsors, to determine 
whether the NMS plan will require a single unique order identifier or a 
``series of order identifiers.'' Specifically, the Rule, as adopted, 
requires that every order have a ``CAT-Order-ID,'' defined as ``a 
unique order identifier or series of unique order identifiers that 
allows the central repository to efficiently and accurately link all 
reportable events for an order, and all orders that result from the 
aggregation or disaggregation of the order.'' \399\
---------------------------------------------------------------------------

    \398\ See Rule 613(c)(7)(i)(B); Rule 613(c)(7)(ii)(A); Rule 
613(c)(7)(iii)(A); Rule 613(c)(7)(iv)(A); Rule 613(c)(7)(v)(A); Rule 
613(c)(7)(vi)(C); and Rule 613(j)(1).
    \399\ See Rule 613(j)(1).
---------------------------------------------------------------------------

    The Commission has modified the Rule from the proposal so that the 
SROs can draw upon their own expertise, as well as those of other 
market participants, in developing the most accurate and efficient 
methodology for tracking an order through its life. Thus, the SROs may 
submit an NMS plan in which they require a single unique order ID to 
travel with each originating order; the SROs may submit an NMS plan in 
which, as suggested by a number of commenters, a series of order IDs, 
each generated by different market participants, is reported to the 
central repository in a manner that allows for the accurate linking of 
reportable events; or the SROs may submit an NMS plan based on any 
other methodology that meets the requirements of the Rule.
    The Commission expects that the details of the methodology proposed 
by the SROs in the NMS plan will, in part, be based on how the 
generation and reporting of order identifiers would interact with other 
technical details involving order tracking in the consolidated audit 
trail, such as the potential for multiple orders to be aggregated, 
routed, and disaggregated. However, though the Commission is not 
prescribing a particular methodology, the Rule does require that SROs 
take into account a number of considerations, such as accuracy and 
cost, in designing their methodology.\400\
---------------------------------------------------------------------------

    \400\ See Section III.C.2.a., infra.
---------------------------------------------------------------------------

    The Commission notes that, with this modification, a wider array of 
possible solutions is now available to the SROs as they develop the NMS 
plan to be submitted to the Commission for its consideration, including 
those that may better accommodate the infrastructure of existing audit 
trails and thereby potentially, and possibly significantly, reduce 
implementation burdens. As indicated above, several commenters 
suggested that the Rule accommodate the linked order identifier 
approach, currently used by OATS.\401\ However, the Commission also 
notes that, though the adopted Rule could accommodate such an approach, 
there historically have been limitations on the accuracy and 
reliability of linking orders in OATS.\402\ It will therefore be very 
important for the NMS plan to demonstrate how the approach it has 
selected will ensure that information about all reporting events 
pertaining to an order will be efficiently and accurately linked 
together in a manner that allows regulators efficient access to a 
complete order audit trail.\403\ As discussed below, the reliability, 
accuracy, and confidentiality of the data reported to and maintained by 
the central repository, as well as the method by which the data in the 
central repository can be accessed by regulators, are considerations 
for the Commission in evaluating the NMS plan.\404\
---------------------------------------------------------------------------

    \401\ See FIF Letter, p. 3; Liquidnet Letter, p. 7; SIFMA 
Letter, p. 12; SIFMA Drop Copy Letter, p. 12; FINRA Letter, p. 8.
    \402\ See Section II.A., supra.
    \403\ See Rule 613(j)(1). For example, one of the methods that 
the SROs could consider using to demonstrate the efficacy of their 
approach would be to engage appropriate third party experts to 
confirm that the system's proposed design and functionality would 
achieve its stated accuracy and reliability benchmarks.
    \404\ See Section III.C.2.a.i., infra; Rule 613(a)(1)(iii) and 
(iv).
---------------------------------------------------------------------------

    The Commission emphasizes that, under the adopted Rule, regardless 
of the specific method chosen by the SROs, all orders reported to the 
central repository must be made available to regulators in a uniform 
electronic format and in a form in which all events pertaining to the 
same originating order are linked together in a manner that ensures 
timely and accurate retrieval of the information for all reportable 
events

[[Page 45761]]

for that order.\405\ The Commission believes the consolidated audit 
trail will still achieve significant benefits with this modification.
---------------------------------------------------------------------------

    \405\ See Rule 613(e)(1).
---------------------------------------------------------------------------

    The Commission recognizes the complexities of order routing in 
today's markets, including, as noted by a commenter,\406\ the frequent 
splitting of larger orders into numerous ``child'' orders or the 
bundling of smaller orders into one larger order. The Commission 
believes, however, that since, in today's complex markets, orders are 
currently and routinely aggregated and disaggregated, practical 
solutions to record such orders can be developed by the plan sponsors 
to ensure they are accurately and efficiently tracked through a variety 
of aggregation and disaggregation events.
---------------------------------------------------------------------------

    \406\ See FINRA Letter, p. 4-7.
---------------------------------------------------------------------------

    With regard to the concern expressed by a commenter that the use of 
an order identifier(s), as required by Rule 613, could provide the 
ability to deduce the origin of an order, thereby revealing 
confidential trading strategies or raising privacy concerns,\407\ the 
Commission notes that this commenter assumed that a unique order 
identifier ``would very likely require members to include the 
originating firm's or customer's name as part of the identifier.'' 
\408\ The Commission believes, however, that the SROs will be able to 
devise a way to assign order identifiers--through random number 
sequences or otherwise--that would protect the identity of broker-
dealers and their customers from disclosure to persons other than 
authorized regulatory personnel. The Commission also notes that, as 
discussed in Section III.B.2.e. infra, the adopted Rule requires the 
NMS plan submitted to the Commission for its consideration to 
incorporate a variety of policies and procedures to ensure the security 
and confidentiality of all information reported to the central 
repository.
---------------------------------------------------------------------------

    \407\ See SIFMA Letter, p. 12. See also FIF Letter, p. 3.
    \408\ See SIFMA Letter, p. 12.
---------------------------------------------------------------------------

    Furthermore, because the Rule requires the SROs to discuss the 
details of each aspect of the NMS plan submitted to the Commission for 
its consideration, the Commission and the public will be able to 
consider how well the methodology the SROs developed to link reportable 
events for the same order meets the considerations of accuracy and 
reliability, as well as those of security and confidentiality. The 
Commission will then be able to use this information in determining 
whether to approve the NMS plan submitted.
v. Time Stamp
    The proposed Rule would have required SROs and their members to 
report the date and time, to the millisecond, that an order was 
originated or received, routed out, and received upon being routed, 
modified, cancelled, and executed.\409\ Specifically, proposed Rules 
613(c)(7)(i)(H) (renumbered as 613(c)(7)(i)(E)), 613(c)(7)(ii)(C), 
613(c)(7)(iii)(C), 613(c)(7)(iv)(B) (renumbered as 613(c)(7)(iv)(C)), 
and 613(c)(7)(v)(C) provided that the ``time of order receipt or 
origination (in milliseconds)'' would be recorded for every order 
originated or received, routed, modified, cancelled or executed, by a 
broker-dealer or SRO.
---------------------------------------------------------------------------

    \409\ See proposed Rules 613(c)(7)(i)(H), 613(c)(7)(ii)(C), 
613(c)(7)(iii)(C), 613(c)(7)(iv)(B), 613(c)(7)(v)(C).
---------------------------------------------------------------------------

    Several commenters expressed opinions on the time stamp 
requirement. One commenter believed a millisecond standard was not 
precise enough, explaining that many exchanges currently execute orders 
in less than a millisecond.\410\ This commenter explained that, to 
detect the manipulative or fraudulent behavior of high frequency 
traders, it is necessary that time stamps be accurate to a level more 
detailed than the speed at which trades are executed; otherwise, it 
would not be possible to determine the time sequence in which trades 
occurred. The commenter suggested that reports from execution venues 
(e.g., exchanges, ATSs, dark pools, and large internalizers) should be 
required to be accurate to 0.01 milliseconds.\411\ This commenter also 
suggested that a more liberal time stamp standard of one second might 
be more appropriate for low-volume broker-dealers.\412\ Another 
commenter, however, expressed concern about the proposed millisecond 
time stamp requirement, explaining that, ``[a]lthough firm systems tend 
to capture time stamps in milliseconds, reporting in milliseconds would 
require changes to internal systems given that existing audit trails 
such as OATS require reporting of time stamps accurate only to the 
second.'' \413\ Another commenter believed that, because computers have 
a certain rate of error when keeping time (``time drift''), it is 
difficult to sequence orders based on millisecond time stamps.\414\ As 
a result, according to this commenter, there is ``no real value in 
requiring data to this level of specificity [based on milliseconds], 
especially if the goal of time stamping is to sequence the lifecycle of 
a single order as it moves from origination to execution.'' \415\
---------------------------------------------------------------------------

    \410\ See Endace Letter, p. 1-2.
    \411\ See Endace Letter, p. 1. The Commission notes that this 
commenter also suggested that the same time increment be extended to 
market data feeds to help increase transparency and deter fraudulent 
activity; however, this comment is outside the scope of this 
Release.
    \412\ Id. at 2-3.
    \413\ See SIFMA Letter, p. 14.
    \414\ See FIF Letter, p. 6-7.
    \415\ Id. See Section III.B.1.d.v., infra, for further 
discussions of ``time drift'' and the issues raised by this 
commenter in that regard.
---------------------------------------------------------------------------

    The Commission has considered the comments regarding the precision 
of the proposed time stamp requirement for the consolidated audit trail 
and is adopting the millisecond time stamp requirement with 
modifications from the proposal.\416\ As adopted, the Rule provides 
that the NMS plan submitted shall require the time stamps as set forth 
in Rule 613(d)(3).\417\ Rule 613(d)(3) provides that the NMS plan must 
require each SRO and its members to ``[u]tilize the time stamps 
required by paragraph (c)(7) of this section, with at minimum the 
granularity set forth in any national market system plan submitted 
pursuant to this section, which shall reflect current industry 
standards and be at least to the millisecond.'' Rule 613(d)(3) also 
provides that, ``[t]o the extent that the relevant order handling and 
execution systems of any national securities exchange, national 
securities association, or member of such exchange or association 
utilize time stamps in increments finer than the minimum required by 
the national market system plan, such plan shall require such national 
securities exchange, national securities association, or member to 
utilize time stamps in such finer increments when providing data to the 
central repository, so that all reportable events reported to the 
central repository by any national securities exchange, national 
securities association, or member can be accurately sequenced.'' Rule 
613(d)(3) further provides that ``[t]he national market system plan 
shall require the sponsors of the national market system plan to 
annually evaluate whether industry standards have evolved such that the 
required time stamp standard should be in finer increments.''
---------------------------------------------------------------------------

    \416\ See Proposed Rules 613(c)(7)(i)(H), 613(c)(7)(ii)(C), 
613(c)(7)(iii)(C), 613(c)(7)(iv)(B), and 613(c)(7)(v)(C).
    \417\ See Rules 613(c)(7)(i)(E), 613(c)(7)(ii)(C), 
613(c)(7)(iii)(C), 613(c)(7)(iv)(C), and 613(c)(7)(v)(C).
---------------------------------------------------------------------------

    The Commission notes that SIPs currently support millisecond time 
stamps \418\ and other entities in the

[[Page 45762]]

securities industry currently conduct business in millisecond 
increments or finer.\419\ The Commission believes that, given the speed 
with which the industry currently handles orders and executes trades, 
it is important that the consolidated audit trail utilize a time stamp 
that will enable regulators to better determine the order in which 
reportable events occur. The entry time of orders can be critical to 
enforcement cases. For example, the timing between order origination 
and order entry is important in investigating possible market abuse 
violations, such as trading ahead of a customer order. In general, 
determining whether a series of orders rapidly entered by a particular 
market participant is manipulative or otherwise violates SRO rules or 
federal securities laws, otherwise being able to reconstruct market 
activity, or performing other detailed analyses, requires the audit 
trail to sequence each order accurately. The Commission believes that, 
for many types of common market activities that operate at the level of 
milliseconds or less, time stamps in increments greater than a 
millisecond would not allow this sequencing with any reasonable degree 
of reliability.
---------------------------------------------------------------------------

    \418\ See, e.g., Securities Industry Automated Corporation's 
(``SIAC'') Consolidated Quotation System (``CQS'') Output 
Specifications Revision 40 (January 11, 2010); SIAC's Consolidated 
Tape Service (``CTS'') Output Specifications Revision 55 (January 
11, 2010); and Nasdaq's Unlisted Trading Privileges Plan Quotation 
Data Feed Interface Specifications Version 12.0a (November 9, 2009).
    \419\ See, e.g., http://batstrading.com/resources/features/bats_exchange_Latency.pdf (describing, among other things, the 
time it takes to accept, process, and acknowledge or fill a member 
order).
---------------------------------------------------------------------------

    In response to the comment that a millisecond standard is not 
sufficiently precise, as many exchanges currently execute orders in 
less than a millisecond,\420\ adopted Rule 613(d)(3) provides that the 
NMS plan must require that, to the extent that the order handling and 
execution systems of any SRO or broker-dealer utilize time stamps in 
increments finer than the minimum required by the NMS plan time stamps, 
such SRO or member must use time stamps in such finer increments when 
reporting data to the central repository, so that reportable events 
reported to the central repository by any SRO or member can be 
accurately sequenced. The Commission believes this approach will 
improve the accuracy of records with respect to the sequencing of 
events that occur very rapidly, especially with respect to those market 
participants that have elected to use time stamps in increments finer 
than a millisecond.
---------------------------------------------------------------------------

    \420\ See Endace Letter, p. 1.
---------------------------------------------------------------------------

    The Commission recognizes, as a commenter noted,\421\ that 
computers have a certain rate of deviation when keeping time. The 
requirement that clocks be synchronized within a level of granularity 
to be specified in the NMS plan \422\ is designed to ensure that time 
drift does not exceed a defined level of deviation. However, the 
Commission believes that time stamps reported with a millisecond or 
finer granularity would still provide significant benefits even, 
contrary to one commenter's assertion,\423\ if the time drift between 
systems is larger than a millisecond. This is because such time stamps 
would still allow an accurate sequencing of reportable events as may 
commonly occur within in a single system, tied to a single clock, at 
levels of a millisecond or finer (e.g., high-frequency trading 
algorithms). Any drift of such a system's clock relative to the clocks 
of other systems may of course hinder the time-sequencing of cross-
system events, but it would not preclude the ability of regulators from 
performing a detailed, accurate time-sequenced analysis of all the 
orders, cancellations, modifications, and executions performed by the 
specific system of interest.\424\ In this regard, the Rule is analogous 
to the current requirements for OATS reporting: FINRA requires clocks 
to be synchronized to the second, and requires time stamps to be 
reported to FINRA in seconds, unless those time stamps are captured by 
the FINRA member in milliseconds, in which case they must reported to 
FINRA in milliseconds (notwithstanding the clock sync remaining at a 
second).\425\
---------------------------------------------------------------------------

    \421\ See FIF Letter, p. 7.
    \422\ See Section III.B.1.h., infra, for a discussion of clock 
synchronization.
    \423\ See FIF Letter, p. 6-7.
    \424\ Similarly, although reporting in increments finer than a 
millisecond would also enable the accurate time-sequencing of events 
originating from within a single system or systems operating off the 
same clock, the Commission recognizes that the effects of time drift 
across the clocks of different systems could limit the efficacy of 
time-sequencing sub-millisecond events across those systems.
    \425\ See FINRA's Order Audit Trail System, Frequently Asked 
Questions, http://www.finra.org/Industry/Compliance/MarketTransparency/OATS/NMS/P122893 (last visited on May 15, 2012).
---------------------------------------------------------------------------

    The Commission acknowledges that changes (with their associated 
costs) might be required to internal broker-dealer systems to comply 
with a millisecond time stamp requirement. However, given the benefits 
outlined above, and the apparent widespread use of millisecond time 
stamps in the industry today,\426\ the Commission believes the cost of 
requiring the SROs to develop a plan that provides for millisecond time 
stamps, and to discuss the costs and benefits of the specific solution 
chosen, is justified.
---------------------------------------------------------------------------

    \426\ See Endace Letter, p. 1 (stating that ``[t]oday Exchanges 
such as NYSE Euronext and BATS are claiming that they are executing 
orders in less than a millisecond (see Wall Street Journal on the 
January 6th 2010) and are displaying details of these trades in 
increments of milliseconds on their market data feeds. Clearly from 
an Exchange perspective the publishing of trade data at one 
millisecond increments is not just possible, its current practice. 
However, Endace believes that one millisecond increments is not good 
enough''); SIFMA Letter, p. 14 (acknowledging that, ``[a]lthough 
firm systems tend to capture time stamps in milliseconds, reporting 
in milliseconds would require changes to internal systems given that 
existing audit trails such as OATS require reporting of time stamps 
accurate only to the second'').
---------------------------------------------------------------------------

    The Commission also acknowledges that broker-dealers who presently 
report time stamps to OATS in millisecond increments, but whose systems 
direct and capture their order activity in finer time increments, could 
incur costs associated with these time stamps being reported to the 
central repository with the same granularity at which they are recorded 
by the broker-dealers.\427\ The Commission recognizes that there may be 
alternatives to reporting events in finer than millisecond increments 
that enable the central repository to use a different method for 
accurately time-sequencing sub-millisecond events originating from 
within a system or systems on a single clock. Therefore, in developing 
the NMS plan to be submitted to the Commission for its consideration, 
if the SROs identify one or more such alternatives, the Commission 
believes that they should address such alternatives in the NMS 
plan,\428\ how such alternatives (i.e., an alternative to reporting in 
finer than millisecond increments) would ensure that reportable events 
may be accurately time-sequenced at the sub-millisecond level, and the 
costs associated with such alternatives both on their own terms and 
relative to a requirement to report events in the same sub-millisecond 
time stamp as used by a broker-dealer for directing and capturing 
orders.\429\
---------------------------------------------------------------------------

    \427\ See SIFMA Letter, p. 14.
    \428\ See Rule 613(a)(1)(xii).
    \429\ See Rule 613(a)(1)(vii).
---------------------------------------------------------------------------

    The Commission also notes that, because millisecond time stamps may 
become inadequate to investigate trading as technology evolves and 
trading speeds increase, the adopted Rule requires that the NMS plan 
submitted to the Commission for its consideration require the plan 
sponsors to annually evaluate whether industry standards have evolved 
such that a finer increment time stamp is appropriate. As this approach 
is tied to the then-current industry standard used to assess whether to 
shorten the future time stamp increment, the Commission also believes 
that this approach helps assure that the time stamps in the 
consolidated

[[Page 45763]]

audit trail will be in line with technological developments. Should the 
industry standard move to a finer time standard, the plan sponsors 
could modify the minimum standard required by the NMS plan by 
submitting an amendment to the NMS plan under Rule 608 of Regulation 
NMS. Such an amendment would need to be considered and would be subject 
to approval by the Commission, as well as subject to public notice and 
comment.\430\
---------------------------------------------------------------------------

    \430\ See Rule 608(b)(1) under Regulation NMS, 17 CFR 
242.608(b)(1).
---------------------------------------------------------------------------

vi. Additional Routing Data Elements
    Proposed Rules 613(c)(7)(ii) and (iii) would have required that 
certain additional information be collected and reported specifically 
to allow regulators to track the life of an order through the routing 
process. The Commission requested comment as to whether information 
regarding the routing of orders would be necessary or useful for an 
effective consolidated audit trail, and asked if any information, in 
addition to the data elements proposed, should be included in the 
consolidated audit trail relating to routing.
    One commenter noted that the proposed Rule would capture the 
routing of an order internally within a broker-dealer, but not the 
routing of an order internally within an exchange from one execution 
system to another.\431\ This commenter also noted that, as proposed, 
the Rule would not require an SRO or member to report information 
indicating that an order was ``flashed'' or otherwise displayed in a 
``step-up'' mechanism.\432\ The commenter believed that this 
information would be important for the consolidated audit trail to 
capture.\433\
---------------------------------------------------------------------------

    \431\ See GETCO Letter, p. 4.
    \432\ Id.
    \433\ Id.
---------------------------------------------------------------------------

    The Commission believes that it is important to capture the routing 
of an order internally within a broker-dealer to, for example, evaluate 
best execution practices.\434\ Capturing the time at which a broker-
dealer received a customer's order and the time that such order was 
executed can help determine if the broker-dealer delayed acting on its 
customer's order. The time at which an order was routed can affect the 
evaluation of whether the broker-dealer fulfilled its best execution 
obligations, and, thus, the Commission believes that this internal 
broker-dealer routing information should be captured by Rule 613. The 
Commission, however, does not believe that data regarding order 
processing (i.e., management of an order) within exchange systems is as 
useful as data regarding internal routing within a broker-dealer \435\ 
because, for example, unlike broker-dealers, exchanges do not have best 
execution obligations. Further, any issues with an SRO's internal 
processing would occur at a single venue--the SRO--and, thus, there 
could be direct follow-up with the SRO. Additionally, the Commission 
notes that the consolidated audit trail will not collect information 
indicating whether orders were flashed or displayed in a ``step-up'' 
mechanism as it concerns an exchange's internal processing and 
dissemination to its members of an order in the instance when the 
exchange cannot execute the order because the exchange does not have 
any available trading interest at the NBBO (depending on the side of 
the order).\436\ Orders that are flashed or displayed through a ``step-
up'' mechanism are not executable because they are displayed only to 
members of an exchange as an indication of a broker-dealer's interest. 
The Commission believes it is appropriate not to require the reporting 
of these flashed or ``stepped-up'' orders to the central repository 
because, as noted above, the Commission believes that the tracing of 
processes within an exchange is not as material to regulators as the 
routing of orders between markets. Further, as stated, SROs do not have 
the same legal obligations with regard to handling customer orders as 
broker-dealers; therefore, the Commission does not believe it is 
necessary, at this time, to require the consolidated audit trail to 
track an SRO's internal processing of orders.
---------------------------------------------------------------------------

    \434\ OATS rules currently require the recording and reporting 
of orders routed internally. See FINRA Rule 7440(c).
    \435\ The Commission acknowledges that certain orders received 
by an exchange may be routed to another exchange; however, the 
routing of such an order to the other exchange is largely subject to 
the rules of the exchange and Rule 613 will capture such routing as 
a reportable event.
    \436\ In general, flash orders are communicated to certain 
market participants and either executed immediately or withdrawn 
immediately after communication. The Commission has proposed and 
sought comment on whether to amend Rule 602 of Regulation NMS under 
the Exchange Act to eliminate an exception for the use of flash 
orders by equity and options exchanges. See Securities Exchange Act 
Release Nos. 60684 (September 18, 2009), 74 FR 48632 (September 23, 
2009); 62445 (July 2, 2010), 75 FR 39625 (July 9, 2010).
---------------------------------------------------------------------------

    The Commission has considered the comments related to the data that 
is required to be recorded and reported when an order is routed and is 
adopting Rules 613(c)(7)(ii) and (iii) substantially as proposed.\437\ 
The Commission notes that the Rule requires that the NMS plan require 
the broker-dealer routing an order and the broker-dealer receiving a 
routed order--both actions that are defined as ``reportable events'' 
under Rule 613--record and report the CAT-Reporter-ID of the broker-
dealer routing the order and the CAT-Reporter-ID of the broker-dealer 
receiving the routed order. The Commission believes the requirement to 
report this information on both the routing and receiving end of a 
route is not duplicative but, rather, is useful. Specifically, 
information regarding when a broker-dealer received a routed order 
could prove useful in an investigation of allegations of best execution 
violations to see if, for example, there were delays in executing an 
order that could have been executed earlier. In addition, if a market 
participant is required to report when it receives an order, regulators 
could solely rely on information gathered directly from that market 
participant when examining or investigating the market participant. For 
example, if a regulator needs to investigate a delay between the time a 
market participant received an order and the time the market 
participant acted on the order, under Rule 613, as adopted, the 
regulator could use information recorded and reported by the market 
participant itself, rather than rely on information about the receipt 
and action taken on the order that would be provided by a third party. 
Information from a third party may be less accurate in general and may 
not accurately reflect events to the extent there are latencies in 
order transmission. In addition, the Commission relies on data such as 
that which would be recorded under Rule 613(c)(7)(ii) and (iii) to 
improve its understanding of how markets operate and evolve, including 
with respect to the development of new trading practices, the 
reconstruction of atypical or novel market events, and the implications 
of new markets or market rules. For these reasons, the Commission 
believes that it is important to have both the routing broker-dealer 
and the receiving broker-dealer report their CAT-Reporter-IDs to the 
central repository, and that such information could aid regulatory 
authorities when analyzing the trades of market participants.\438\
---------------------------------------------------------------------------

    \437\ See Section III.B.1.d.vi., supra, for a discussion of the 
modifications to Rule 613(c)(7)(ii) through (iii).
    \438\ The Commission notes that OATS rules also require both the 
FINRA reporting member routing an order and the FINRA reporting 
member receiving the order to record and report certain audit trail 
data. See FINRA Rule 7440(C). See also Rule 613(c)(7)(ii)(D) and 
Rule 613(c)(7)(iii)(D) through (E).
---------------------------------------------------------------------------

    To reflect terms that have been modified elsewhere in the Rule as

[[Page 45764]]

adopted, the terms ``unique order identifier'' and ``unique 
identifier'' in Rule 613(c)(7)(ii) and (iii) have been replaced with 
the terms ``CAT-Order-ID'' and ``CAT-Reporter-ID.'' In addition, Rule 
613(c)(7)(ii) and (iii) now reflect the new time stamp requirement 
contained in Rule 613(d)(3). Specifically, Rules 613(c)(7)(ii)(C) and 
613(c)(7)(iii)(C) provide that the time at which an order is routed or 
received must be recorded and reported pursuant to Rule 613(d)(3), 
rather than simply in milliseconds as proposed. The Commission believes 
these conforming changes are appropriate to reflect the revised terms 
in the adopted Rule.
vii. Additional Modification, Cancellation, or Execution Data Elements
    In addition to the data elements discussed above, proposed Rules 
613(c)(7)(iv) and (v) would have required that certain information be 
collected and provided specifically to allow regulators to track the 
life of an order through modification, cancellation, or execution. The 
Commission requested comment as to whether information required under 
the Rule as proposed would be sufficient to create a complete and 
accurate consolidated audit trail, and asked if any information, in 
addition to the data elements proposed, should be included in the 
consolidated audit trail relating to modifications, cancellations, or 
executions.
    In response, one commenter noted that broker-dealer order 
management systems may differ in their treatment of order modifications 
and cancellations, as some, for example, may capture or report only 
modified data elements, and not necessarily all of the elements of a 
modified order.\439\ The commenter recommended that the consolidated 
audit trail accommodate such differences, and further suggested 
requiring only the submission of the order identifier for a cancelled 
order, not the order's other data elements.\440\ Another commenter 
believed that, ``[a]s in the case of the current OATS system, execution 
data provided to the consolidated audit trail should identify where the 
trade was publicly reported and have a common identifier that links the 
audit trail execution reports for the buy and sell orders to the public 
trade report.'' \441\
---------------------------------------------------------------------------

    \439\ See SIFMA Drop Copy Letter, p. 4.
    \440\ Id.
    \441\ See Liquidnet Letter, p. 7.
---------------------------------------------------------------------------

    After consideration of the comments regarding the specific audit 
trail data required for orders that are modified, cancelled, or 
executed, the Commission is adopting Rules 613(c)(7)(iv) and (v) 
substantially as proposed, with a modification to require that the NMS 
plan include a requirement that the CAT-Order-ID for such orders also 
be recorded and reported to the central repository. This modification 
is designed to ensure that an order identifier be reported for orders 
that have been modified or cancelled. The Commission believes that the 
order identifier is a critical piece of information that will 
efficiently link an order across markets. Adopted Rules 613(c)(7)(iv) 
and (v) will also require that the NMS plan submitted to the Commission 
for its consideration require the recording and reporting of the CAT-
Reporter-ID of the broker-dealer or Customer-ID of the person giving 
the modification or cancellation instruction to reflect the new 
terminology of the adopted Rule. In addition, Rules 613(c)(7)(iv) and 
(v) reflect the new time stamp requirement contained in Rule 613(d)(3), 
as adopted. Specifically, Rules 613(c)(7)(iv)(C) and 613(c)(7)(v)(C) 
provide that the time at which an order is modified, cancelled, or 
executed must be recorded and reported pursuant to Rule 613(d)(3), 
rather than simply in milliseconds as proposed.
    The Commission believes it is necessary to require the NMS plan to 
require the information under Rule 613(c)(7)(iv) and (v) for each order 
and reportable event because it will assist the Commission and SROs in 
identifying all changes made to an order (including an execution) and 
those market participants responsible for the changes (or execution). 
The Commission believes this information, in combination with the 
proposed information pertaining to order receipt or origination, will 
provide regulators with a comprehensive view of all material stages and 
participants in the life of an order. Among other things, this order 
information should help regulators investigate suspicious trading 
activity in a more efficient manner than is currently possible. 
Regulators will have access to information identifying the customer 
behind the order and will also see how a customer's order is handled 
across markets. This data also will improve regulators' understanding 
of how markets operate and evolve, including with respect to the 
development of new trading practices, the reconstruction of atypical or 
novel market events, and the implications of new markets or market 
rules. In addition, the Commission believes that most of the data 
proposed to be recorded and reported by the Rule for order 
modification, cancellation, and execution is data that most broker-
dealers already generate in the course of handling an order pursuant to 
the existing audit trail requirements of several SROs.\442\
---------------------------------------------------------------------------

    \442\ See, e.g., FINRA Rule 7440(d); Nasdaq Rule 6950; NYSE Rule 
132B.
---------------------------------------------------------------------------

    The Commission notes that regulatory staff at an SRO or the 
Commission could use execution information required under Rule 
613(c)(7)(v), which will be consolidated with the other audit trail 
information required under Rule 613 to, for example, detect patterns of 
reported and unreported transactions effected by a broker-dealer in a 
particular security by comparing the data reported to the central 
repository regarding an execution with information reported pursuant to 
a transaction reporting plan or the OPRA Plan. Depending on the results 
of that analysis, regulators may undertake further inquiry into the 
nature of trading by that broker-dealer to determine whether the public 
received accurate and timely information regarding executions, and 
whether the broker-dealer complied with the trade reporting obligations 
contained in SRO rules. Patterns of reported and unreported 
transactions by a particular broker-dealer could also be indicia of 
market abuse, including the failure to obtain the best execution for 
customer orders, or possible market manipulation. Thus, the ability to 
compare the consolidated order execution data, including customer 
information, with the trades reported to the consolidated tape would be 
an important component of an effective market surveillance program that 
is not possible today because regulators currently do not have access 
to comprehensive cross-market audit trail data, and the process of 
identifying customers is very labor intensive, time-consuming, and 
error prone.
    In response to the commenter that recommended that the consolidated 
audit trail accommodate differences in the treatment of modifications 
by broker-dealer order management systems (i.e., those that report only 
the modified data elements, not the entire order), and suggested that 
only an order identifier be reported for a cancellation, not the 
cancelled order's other data elements,\443\ the Commission notes that 
Rule 613 does not require all of the data elements of a modified order 
to be reported to the central repository. The Rule only requires the 
NMS plan to require the reporting of the CAT-Order-ID; the date and 
time the modification

[[Page 45765]]

is received or originated; the CAT-Reporter ID of the broker-dealer or 
the Customer-ID of the person giving the modification instruction; if 
modified, the price and remaining size of the order; and any other 
changes to the material terms of the order. The adopted Rule also 
requires the NMS plan to require the date and time a cancellation is 
received or originated and the CAT-Reporter-ID of the broker-dealer, or 
Customer-ID of the person, giving the cancellation instruction to be 
reported to the central repository. The Commission believes this will 
ensure that regulators can determine the market participant or person 
responsible for the cancellation of an order,\444\ and the date and 
time of the cancellation.
---------------------------------------------------------------------------

    \443\ See SIFMA Drop Copy Letter, p. 4.
    \444\ See Section III.B.1.iii., supra.
---------------------------------------------------------------------------

    In response to the commenter that suggested that the Rule should 
require that the execution data be linked with the public trade report 
using a common identifier,\445\ the Commission notes that Rule 
613(c)(7)(v)(G) requires the NMS plan submitted to the Commission for 
its consideration to require that, for an order that has been executed, 
the SRO or member that executes the order must report to the central 
repository whether the execution was reported pursuant to an effective 
transaction reporting plan or OPRA, as applicable. The Commission has 
considered the commenter's further suggestion that a common identifier 
link the audit trail execution reports for the buy and sell orders to 
the public trade report and is not mandating such a requirement under 
Rule 613; the Commission believes that Rule 613 and its requirements 
provide a sufficient initial framework for collecting audit trail data 
that will enhance the ability of regulators to surveil the market for 
NMS securities.\446\ Accordingly, the Commission is adopting Rule 
613(c)(7)(v)(G), as proposed, which requires that the plan sponsors 
include in the NMS plan submitted to the Commission for its 
consideration a requirement that the broker-dealer report to the 
central repository whether a trade was reported pursuant to an 
effective transaction reporting plan or OPRA.
---------------------------------------------------------------------------

    \445\ See Liquidnet Letter, p. 7.
    \446\ While the Commission is not requiring that execution data 
be linked with the public trade report using a common identifier, 
the Commission notes that the Rule does not prohibit the SROs from 
including a provision in the NMS plan for the establishment of a 
common identifier to link the audit trail execution reports for buy 
and sell orders to the public trade report.
---------------------------------------------------------------------------

e. Rule 613(c)(3): Information To Be Recorded Contemporaneously With 
the Reportable Event and Reported to the Central Repository by 8:00 
a.m. Eastern Time on the Trading Day Following the Day Such Information 
Has Been Recorded
i. Proposed Rule 613(c)(3)
    As proposed, Rule 613(c)(3) would have required the NMS plan to 
require each SRO and member to collect and provide to the central 
repository, on a ``real time'' basis, key data for each order and each 
reportable event, including the origination or receipt of an order, as 
well as the routing, cancellation, modification, or execution of the 
order.\447\ Specifically, the proposed Rule would have provided that 
``[t]he national market system plan submitted pursuant to this section 
shall require each national securities exchange, national securities 
association, and member to collect and provide to the central 
repository the information required by paragraphs (c)(7)(i) through (v) 
of this section on a real time basis.'' \448\ In the Proposing Release, 
the Commission noted that ``real time'' meant ``immediately and with no 
built in delay from when the reportable event occurs.'' \449\
---------------------------------------------------------------------------

    \447\ See Rule 613(j)(9) for a definition of ``reportable 
event.''
    \448\ See proposed Rule 613(c)(3).
    \449\ See Proposing Release, supra note 4, at 32572.
---------------------------------------------------------------------------

ii. Comments on Proposed Rule 613(c)(3)
    The Commission received a variety of comments about the 
achievability of the real-time requirement; the accuracy of audit trail 
data that would be collected and provided in real time; the necessity, 
merits and usefulness of real-time audit trail data; the costs of real-
time reporting; and the proposed Rule's requirement that all audit 
trail data be collected and reported in real time. These comments are 
discussed below.
    Several commenters believed that reporting data on a real-time 
basis was achievable.\450\ Of these comments, one commenter stated that 
its current systems could be used to support real-time reporting, and 
that real-time reporting may be easier to achieve than intraday or end-
of-day batch processing.\451\ Similarly, another commenter, endorsing 
the use of FIX Protocol, stated that FIX Protocol is already widely 
used throughout the financial industry, and that ``[a]ll FIX messages 
are generated in real time for trading.'' \452\
---------------------------------------------------------------------------

    \450\ See Thomson Reuters Letter, p. 3; Aditat Letter, p. 2; 
FTEN Letter p. 3; Ameritrade Letter, p. 1 (stating that the 
scalability of its systems could support real-time reporting); 
Nasdaq Letter II, p. 3 (stating that a platform supported by FTEN 
and SMARTS technology would support the real-time provision of 
data).
    \451\ See Ameritrade Letter, p. 1.
    \452\ See Aditat Letter, pp. 1-2. FIX Protocol is a series of 
messaging specifications for the electronic communication of trade-
related messages. It has been developed through the collaboration of 
banks, broker-dealers, exchanges, industry utilities and 
associations, institutional investors, and information technology 
providers from around the world. See What is FIX? available at 
http://fixprotocol.org/what-is-fix.shtml (last visited on May 7, 
2011).
---------------------------------------------------------------------------

    A significant number of commenters, however, expressed concern 
about the proposed requirement that the audit trail data be collected 
and provided to the central repository in real time.\453\ Some of these 
commenters focused on the effect a real-time reporting requirement 
would have on their systems, and the systems changes that might be 
needed to achieve real-time reporting. Specifically, commenters argued 
that a real-time collection and provision requirement would require 
many industry participants to build entirely new systems or to 
undertake significant technological upgrades to comply with a real-time 
reporting requirement.\454\ Other commenters stated that real-time 
reporting would strain their order handling systems and result in 
latencies and delays in the processing of customer orders.\455\ 
Additionally, one commenter questioned the ability of a real-time 
consolidated audit trail system to handle periods of immense volume, 
like the volume on May 6, 2010.\456\
---------------------------------------------------------------------------

    \453\ See Scottrade Letter, p. 1; ICI Letter, pp. 4-6; FINRA/
NYSE Euronext Letter, p. 4; GETCO Letter, p. 2; BATS Letter, pp. 1-
2; SIFMA Letter, pp. 3-8; SIFMA February 2012 Letter, p. 1; CBOE 
Letter, pp. 4-5; Direct Edge Letter, p. 3; FINRA Letter, pp. 10-13; 
Wells Fargo Letter, p. 3; Knight Letter, pp. 2-3; Leuchtkafer 
Letter; Broadridge Letter, p. 3; FIF Letter, p. 4; SIFMA Drop Copy 
Letter, p. 1; Ross Letter, p. 1; FINRA Proposal Letter, p. 3; FIA 
Letter, pp. 1-2.
    \454\ See Scottrade Letter, pp. 1-2; ICI Letter, pp. 4-5; SIFMA 
Letter, pp. 4-5; Knight Letter, p. 2. See also BATS Letter, p. 2; 
Broadridge Letter, p. 3; FIF Letter, p. 4; GETCO Letter, pp. 3-4; 
CBOE Letter, p. 4; FIA Letter, p. 2. In particular, FIA noted its 
belief that ``real-time reporting accounts for a significant portion 
of the considerable costs associated with the CAT.'' See FIA Letter, 
p. 2.
    \455\ See FINRA/NYSE Euronext Letter, p. 5; FINRA Letter, p. 13; 
SIFMA Letter, p. 5; CBOE Letter, p. 4 (stating that, ``given the 
increased speed of order submission, quote changes, and order 
cancellation, modifications and executions, a real time submission 
requirement could strain the systems capacities and computer 
resources of SROs and many member firms'').
    \456\ See FINRA Letter, p. 13. See also Berkeley Letter, p. 2 
(noting the ``peta-scale'' problem of collecting audit trail data 
generally).
---------------------------------------------------------------------------

    Other commenters who expressed concern about the real-time 
reporting requirement questioned the accuracy of data that would be 
reported in real

[[Page 45766]]

time.\457\ One commenter, for example, noted that there would not be an 
opportunity for data validation if consolidated audit trail data were 
required to be reported in real time.\458\ Another commenter stated 
that the real-time processing required by real-time reporting would 
create data integrity issues and, thus, lead to poorer data quality as 
compared to an approach with a more liberal timeframe, such as next 
day, or ``T+1,'' reporting.\459\ FINRA similarly commented that the 
data integrity issues that arise when audit trail data is provided on a 
T+1 basis would be exacerbated by a real-time system.\460\ FINRA stated 
that it performs over 40 billion data validations of order events 
submitted through OATS every day, and requires its members to repair 
rejected OATS data.\461\
---------------------------------------------------------------------------

    \457\ See FINRA/NYSE Euronext Letter, p. 5-6; Knight Letter, p. 
2-3; CBOE Letter, p. 4; Wells Fargo Letter, p. 3; FINRA Letter, p. 
11-12; SIFMA Letter, p. 5; Direct Edge Letter, p. 3; FIA Letter, p. 
2.
    \458\ See FINRA/NYSE Euronext Letter, p. 5-6 (noting that 
``drawing conclusions based solely on real time data increases the 
potential for inaccuracy because the data has not gone through the 
full range of validations * * * .''). See also Wells Fargo Letter, 
p. 3 (``[A]ccurate market information often does not happen in real 
time.''); FINRA Letter, p. 11-12 (stating that current order-
handling practices make ``accurate real time order reporting 
problematic, and automated surveillance is only useful if the 
underlying data is accurate and complete * * * .''); SIFMA Letter, 
p. 5 (``There also would be data integrity costs in the form of less 
reliable data, or data that would have to be revised or resubmitted 
where it otherwise may not have been required if firms had a short 
window of time to more thoroughly `scrub' or validate their 
submissions.''); Direct Edge Letter, p. 3 (``Real-time data may be 
less reliable than information collected after the validations that 
come with settling a transaction.'').
    \459\ See Knight Letter, p. 2-3. See also CBOE Letter, p. 4 
(``[G]enerally our belief is that next day (T+1) data, which 
incorporates additional information such as cleared trade data, is a 
better report resource for generating surveillance and compliance 
reviews.''); FINRA/NYSE Euronext Letter, p. 6 (stating that, ``from 
a market surveillance standpoint, reliable and complete data 
received on a T+1 basis * * * is generally superior to unvalidated 
real-time data''); FIA Letter, p. 2 (``We believe the Commission's 
Proposal overvalues any potential benefits achieved by real-time 
reporting as compared to reporting on day after trade, or `T+1,' 
basis.'').
    \460\ See FINRA Letter, p. 11-12.
    \461\ Id. at p. 11.
---------------------------------------------------------------------------

    A number of commenters discussed whether a real-time reporting 
requirement is necessary. One commenter stressed that the real-time 
availability of data would facilitate the identification of cross-
market events and their origins.\462\ This commenter explained that a 
platform developed using FTEN and SMARTS technology would include real-
time risk management and surveillance capabilities.\463\ However, most 
commenters did not believe that real-time data typically would be 
useful to the Commission and SROs.\464\ One commenter explained that 
using audit trail data before having an opportunity to validate it 
``may result in a severely distorted picture of trading and interfere 
with effective oversight.'' \465\ Another commenter stated that ``real-
time order information is inherently incomplete and could even be 
inaccurate and therefore misleading to the users of the data.'' \466\ 
Some commenters were of the view that the Commission had significantly 
overvalued the regulatory benefit of real-time data.\467\ One of these 
commenters noted that, ``[b]ased on its experience in conducting 
surveillance, [it] does not believe that it is essential that all of 
the information proposed to be captured in the CAT be received real 
time or near-real-time.'' \468\ A commenter suggested that, to the 
extent any information had to be submitted in real time, it should be 
limited to data related to certain key events, such as order receipt 
and origination, order transmittal, execution, modification, and 
cancellation.\469\ Other commenters generally questioned the value of 
real-time audit trail data, arguing that regulators would still need to 
rely on traditional investigative techniques, such as taking testimony, 
to establish securities law violations.\470\ Another commenter believed 
that ``[m]any potential uses for the data, including enforcement 
inquiries probing market behavior, may require either multiple days' 
worth of data, or data from other markets that is not available on a 
real-time basis,'' limiting the ability to use such real-time data 
provided by the consolidated audit trail.\471\
---------------------------------------------------------------------------

    \462\ See Nasdaq Letter I, p. 9-10.
    \463\ See Nasdaq Letter II, p. 3.
    \464\ See ICI Letter, p. 5; Leuchtkafer Letter; GETCO Letter, p. 
2; FIA Letter, p. 2; Scottrade Letter, p. 2; BATS Letter, p. 2; 
Angel Letter, p. 3; Broadridge Letter, p. 3; CBOE Letter, p. 4; 
FINRA/NYSE Euronext Letter, p. 4, 6; FINRA Letter, p. 11; SIFMA 
Letter, p. 3, 7; SIFMA Drop Copy Letter, p. 1; FINRA Proposal 
Letter, p. 4, 10-11.
    \465\ See FINRA Letter, p. 11.
    \466\ See SIFMA February 2012 Letter, p. 1.
    \467\ See FINRA/NYSE Euronext Letter, p. 4; FINRA Letter, p. 11; 
FIA Letter, p. 2.
    \468\ See FINRA Proposal Letter, p. 4.
    \469\ See SIFMA Drop Copy Letter, p. 1-2. See also FINRA 
Proposal Letter, p. 10.
    \470\ See GETCO Letter, p. 2; BATS Letter, p. 2.
    \471\ See FIA Letter, p. 2.
---------------------------------------------------------------------------

    Some commenters questioned whether the substantial costs that would 
be associated with providing the data on a real-time basis would 
outweigh the benefits.\472\ One commenter believed that ``the SEC has 
significantly overestimated the incremental utility of real-time data 
over data received on a T+1 basis'' and that ``the costs associated 
with the breadth of real-time reporting proposed by the Commission 
would be significant and far outweigh the minimal regulatory benefit 
gained by such a reporting system.'' \473\
---------------------------------------------------------------------------

    \472\ See Scottrade Letter, p. 1-2; FINRA/NYSE Euronext Letter, 
p. 4; GETCO Letter, p. 2; BATS Letter, p. 2; SIFMA Letter, p. 3-8; 
SIFMA February 2012 Letter, p. 1; CBOE Letter, p. 4; FINRA Letter, 
p. 11-13; Wells Fargo Letter, p. 3; FIA Letter, p. 2.
    \473\ See FINRA/NYSE Euronext Letter, p. 4. Similarly, FINRA 
believes '' the SEC has significantly overvalued the regulatory 
benefits to be achieved * * * while underestimating some of the 
problems with relying on real-time data. This is true not only 
because certain information is difficult, if not impossible, to 
provide on a real-time basis, but also because real-time data is 
less reliable.'' See FINRA Letter, p. 10-11. See also SIFMA February 
2012 Letter, p. 1 (stating, ``[a]ny potential incremental benefit of 
receiving this information on a real-time basis is, in our view, 
substantially outweighed by the additional expense and 
implementation delays associated with building and maintaining a 
real-time system''); FIA Letter, p. 2 (``It is not apparent to us 
from the Proposal that the additional costs associated with a real-
time audit trail, compared to a T+1 audit trail, would be offset by 
any incremental benefits to the Commission.'').
---------------------------------------------------------------------------

    Some commenters who questioned the value of the real-time reporting 
requirement also suggested that the Commission consider a different 
timeframe for the reporting of audit trail information. Several 
commenters, for example, suggested a later timeframe for reporting 
audit trail data to the central repository. One commenter, an exchange, 
stated that ``[o]ur strong preference would be for submission of 
information to the central repository through a batch process after the 
close of the trading day involved.'' \474\ Another commenter suggested 
a compromise whereby broker-dealers would be subject to next day (or 
later) reporting requirements, while the SROs could leverage their 
existing real-time monitoring tools and provide real-time trading 
information for use in the consolidated audit trail.\475\ Several 
commenters recommended that the Commission permit end-of-day 
reporting.\476\ One commenter noted that end-of-day reporting would 
alleviate some of the practical challenges firms would face with a 
requirement to identify beneficial owners on a real-time basis.\477\ 
Another commenter suggested that a reporting deadline of 10-15 minutes 
would be substantially more workable than a ``real-time'' reporting 
requirement.\478\ Finally, one commenter

[[Page 45767]]

suggested that broker-dealers and SROs should retain audit trail 
information, and submit it only upon regulatory request, so that the 
central repository would only collect data needed for investigations or 
surveillance purposes.\479\
---------------------------------------------------------------------------

    \474\ See CBOE Letter, p. 4.
    \475\ See SIFMA Letter, p. 3; see also SIFMA February 2012 
Letter, p. 1 (questioning the regulatory need for real-time data 
versus data provided on an ``end-of-day or `T+1'' basis); FIA 
Letter, p. 2.
    \476\ See Scottrade Letter, p. 2; ICI Letter, p. 5; BATS Letter, 
p. 2; Angel Letter, p. 3; Broadridge Letter, p. 3.
    \477\ See ICI Letter, p. 6.
    \478\ See SIFMA Drop Copy Letter, p. 1. The commenter stated 
that ``implementation options and complexity are significantly 
different if the reporting regime is within `minutes' rather than 
`seconds.' If real-time reporting is required in seconds, then 
significant re-engineering is required within broker-dealer order 
management systems and trading systems to support such a requirement 
(e.g., passing additional information between systems, performance 
tuning to compensate for additional processing of payload). Instead, 
if the definition of real-time allows for reporting within minutes 
(e.g., 10-15 minutes) of the events, it would be substantially less 
intrusive on order management systems and may allow for greater 
flexibility in designing reporting systems architecture and more 
standardized content for events such as order modifications, as 
described below. Also, as with prior implementations of new trade 
reporting regimes in the U.S. (e.g., ACT and TRACE), having more 
liberal reporting timeframes for an appropriate initial period 
(e.g., 12 months or more) to provide a sufficient period to optimize 
processes would be very helpful.'' This commenter also questioned 
``the need for real-time reporting of the entire set of data 
elements in the CAT proposal,'' and believed that ``reporting on a 
T+1 (or in some cases later) basis should satisfy the SEC's stated 
regulatory objectives more efficiently.'' Id. See also Nasdaq Letter 
II, p. 3 (stating its proposed platform could support the provision 
of data in real time or within 10-15 minutes using drop copies).
    \479\ See GETCO Letter, p. 4. The commenter also believed this 
approach would lower the costs of the consolidated audit trail.
---------------------------------------------------------------------------

    One commenter, who did not specifically advocate either real time 
or reporting on an end-of-day basis, supported a requirement that all 
trades be reported in a standardized format that will be accessible to 
the SEC at the end of each trading day.\480\
---------------------------------------------------------------------------

    \480\ See Bean Letter, p. 1.
---------------------------------------------------------------------------

    Some commenters suggested alternative means of collecting audit 
trail information, assuming such audit trail data would not be on a 
real-time basis and would not be through the reporting regime set forth 
by Rule 613. For example, one commenter suggested the Commission 
consider ``a consolidation'' of [OATS] and [COATS], audit trails that 
are produced on a T+1 basis; and a review of the prospect of extracting 
specific real-time data from surveillance reports currently used by 
SROs to perform post trade analysis, such as the Large Option Position 
Report * * * and large trader reports, to obtain real-time risk 
information that may impact a particular NMS issue or the market in 
general.'' \481\ This commenter believed that a requirement of real-
time reporting should be considered only after other available sources 
of data have been carefully reviewed, and only to the extent that such 
a requirement is both necessary and economically feasible.\482\ Another 
commenter, however, urged the Commission not to ``lower its 
expectations for the CAT and accept a more limited audit trail based 
exclusively on existing systems.'' \483\ One commenter suggested that 
the Commission consider a ``hybrid'' approach that would enhance 
elements of the quotation and transaction information reported in real 
time, while collecting and reporting more specific order information on 
a T+1 basis or later.\484\
---------------------------------------------------------------------------

    \481\ See BOX Letter, p. 2.
    \482\ Id. at p. 3.
    \483\ See Nasdaq Letter II, p. 2.
    \484\ See FINRA/NYSE Euronext Letter, p. 6. This commenter 
stated that ``[a]n alternative to the all-encompassing real time 
order audit trail set forth in the Proposal would be to standardize 
and consolidate existing real time reporting systems (e.g., 
enhancing trade reporting and quotation systems with standardized 
and uniform identification for all broker-dealers) and enhance 
existing reporting requirements where the need is narrowly 
focused.'' See also FINRA Proposal Letter, p. 3-4, 10-11.
---------------------------------------------------------------------------

    Two commenters commented on the meaning of ``real time.'' \485\ One 
commenter noted that ``[our members] request clarification on the 
definition of real-time data submission as it relates to each data 
element required by CAT. The granularity/definition of real-time for 
each element will have a major impact on SROs, their members and CAT 
system development from both a data quality and database design 
perspective . * * *'' \486\ The other commenter noted that the ``[t]he 
term `real time' is used throughout the document, but never defined. 
(There are several distinct meanings in the computer industry.)'' \487\
---------------------------------------------------------------------------

    \485\ See FIF Letter, p. 4; Ross Letter, p. 1.
    \486\ See FIF Letter, p. 4.
    \487\ See Ross Letter, p. 1.
---------------------------------------------------------------------------

    The Commission also received comments specifically relating to the 
cost of reporting the audit trail information in real time under the 
Rule as proposed. One commenter believed it would cost $1.25 million in 
initial costs to comply with the Rule as proposed.\488\ The commenter 
divided its $1.25 million estimate into development costs of $750,000 
and hardware costs of $500,000 (including hardware, circuits, 
etc.).\489\ In addition, this commenter believed the development 
timeframe would be 9-12 months ``once final architecture is drafted,'' 
and would require approximately 6,000 hours of development work.\490\ 
Notably, this commenter said that ``[t]he assumptions that drove this 
analysis were that any real time reporting of order events would 
leverage the capabilities contained within the [OATS] reporting today 
and that the revised real time system would retire the legacy systems 
of Bluesheets, OATS, OTS and TRACE.'' \491\ With respect to ongoing 
costs to provide information, this commenter also stated that it 
believed the Commission had underestimated the ongoing costs of the 
proposal.\492\ However, another commenter, who opined that the goals of 
the consolidated audit trail could be achieved for significantly lower 
costs than the Commission originally estimated, stated that, if the 
Rule permitted market participants to modify existing systems for 
collecting and reporting audit trail information, the consolidated 
audit trail objectives could ``be achieved and perhaps even 
surpassed.'' \493\
---------------------------------------------------------------------------

    \488\ See Ameritrade Letter, p. 2.
    \489\ Id.
    \490\ Id.
    \491\ Id.
    \492\ Id.
    \493\ See Thomson Reuters Letter, p. 2.
---------------------------------------------------------------------------

iii. Adopted Rule 613(c)(3)
    As described in detail below, the Commission is adopting Rule 613 
with two significant modifications to the proposed requirement that the 
NMS plan submitted to the Commission for its consideration require the 
collection and provision of key audit trail data to the central 
repository on a ``real time'' basis. First, the Rule, as adopted, no 
longer requires the real-time reporting of consolidated audit trail 
data but, instead, provides that order event audit trail data must be 
reported ``by 8:00 a.m. Eastern Time on the trading day following the 
day such information has been recorded by the national securities 
exchange, national securities association or member.'' \494\ Second, 
the adopted Rule clarifies that this data is to be recorded 
``contemporaneously with the reportable event,'' instead of in ``real 
time.'' \495\
---------------------------------------------------------------------------

    \494\ See Rule 613(c)(3). The Rule further provides that the NMS 
plan ``may accommodate voluntary reporting prior to 8:00 a.m. 
Eastern Time, but shall not impose an earlier reporting deadline on 
the reporting parties.'' Id.
    \495\ Id.
---------------------------------------------------------------------------

(A) Reporting of Audit Trail Data by 8:00 a.m. Eastern Time on the 
Trading Day Following the Day Such Information Has Been Recorded
    The Commission has considered the commenters' concerns regarding a 
``real-time'' reporting requirement for audit trail data, including its 
achievability and cost effectiveness; the accuracy of audit trail data 
recorded and reported in real time; and the necessity, merits, and 
usefulness of real-time audit trail data.\496\
---------------------------------------------------------------------------

    \496\ See Scottrade Letter, p. 1-2; Angel Letter, p. 3; ICI 
Letter, p. 3-6; FINRA/NYSE Euronext Letter, p. 4, 6; GETCO Letter, 
p. 2; BATS Letter, p. 1-2; SIFMA Letter, p. 3-8; CBOE Letter, p. 4-
5; Direct Edge Letter, p. 3; FINRA Letter, p. 10-13; Wells Fargo 
Letter, p. 3; Knight Letter, p. 2-3; Leuchtkafer Letter; Broadridge 
Letter, p. 3; FIF Letter, p. 4; SIFMA Drop Copy Letter, p. 1; Ross 
Letter, p. 1; FINRA Proposal Letter, p. 3; Nasdaq Letter II, p. 3-4; 
FIA Letter, p. 1-2.

---------------------------------------------------------------------------

[[Page 45768]]

    On the one hand, the Commission recognizes that there may be very 
considerable costs imposed on the industry if audit trail data was 
required to be reported to the central repository in real time--indeed, 
the Commission, in the Proposing Release, estimated the costs of 
creating a real-time consolidated audit trail by assuming that such a 
requirement would necessitate the wholesale creation of new industry-
wide systems. On the other hand, the Commission also received a variety 
of comments suggesting that real-time reporting could be achieved in a 
cost-effective manner.\497\ And yet other commenters suggested a hybrid 
approach. For example, SIFMA commented that, although it believed real-
time reporting as originally proposed by the Commission would be too 
costly, intra-day reporting of a subset of audit data delayed 10-15 
minutes would be possible. SIFMA further described how such reporting 
might be accomplished through the use of ``drop-copy'' data.\498\
---------------------------------------------------------------------------

    \497\ See Thomson Reuters Letter, p. 3; Aditat Letter, p. 2; 
FTEN Letter p. 3; Ameritrade Letter, p. 1 (stating that the 
scalability of its systems could support real-time reporting); 
Nasdaq Letter II, p. 3 (stating that a platform supported by FTEN 
and SMARTS technology would support the real-time provision of 
data).
    \498\ See SIFMA Drop Copy Letter.
---------------------------------------------------------------------------

    With respect to concerns about the accuracy of consolidated audit 
trail data if real-time reporting were required, the Commission 
recognizes that the real-time reporting of data could result in 
accuracy issues to the extent SROs and broker-dealers would need to re-
enter the required audit trail data into a separately prepared 
regulatory report containing the required audit trail data for 
submission to the central repository, as is the case today with OATS 
reports.\499\ The Commission notes, however, that the use of certain 
existing technologies, such as ``drop copies'' described by SIFMA, 
could provide reliable and accurate audit trail data to the central 
repository because such ``drop copies'' would reflect the information 
captured by an SRO or member's order management and execution systems 
to enter, route, modify, and execute or cancel orders.
---------------------------------------------------------------------------

    \499\ See Section II.A.1.c., supra.
---------------------------------------------------------------------------

    The Commission believes that, whether or not real-time reporting of 
data is required, the creation, implementation, and maintenance of a 
consolidated audit trail will likely be a complex and significant 
undertaking for the industry. It therefore recognizes the practical 
advantages of a more incremental, or more gradual, approach to such an 
undertaking. After considering the many comments received on the use of 
real-time data by regulators, the Commission has recognized that, 
although there might be some additional benefits to receiving data and 
monitoring the markets intra-day (such as for certain enforcement 
investigations and the facilitation of real-time cross-market 
surveillance), the majority of the regulatory benefits gained from the 
creation of an industry-wide consolidated audit trail, as described in 
the Proposing Release, do not require real-time reporting. Indeed, the 
extent of the potential uses of a consolidated audit trail discussed in 
Section II.A.2., supra, which do not rely on a real-time reporting 
requirement, illustrate the value of a consolidated audit trail even if 
data is not reported in real-time. Instead, the Rule, as adopted, 
provides that the NMS plan must require that order event data be 
reported ``by 8:00 a.m. Eastern Time of the trading day following the 
day such information has been recorded by the national securities 
exchange, national securities association or member.'' \500\
---------------------------------------------------------------------------

    \500\ See Rule 613(c)(3). The Commission notes that Rule 613, as 
proposed, was inconsistent in its use of the terms ``provide'' and 
``report.'' To eliminate this inconsistency, the Commission is 
replacing all uses of ``provide'' with ``report,'' which the 
Commission believes more accurately describes the requirement the 
Commission is imposing on national securities exchanges, national 
securities associations, and members.
---------------------------------------------------------------------------

    The Commission notes that, while the Rule provides that the NMS 
plan must impose a reporting deadline of 8:00 a.m. Eastern Time of the 
trading day following the day such information has been recorded by the 
national securities exchange, national securities association or 
member, the Rule also provides that the NMS plan may accommodate SROs 
and members that voluntarily satisfy their reporting obligations 
earlier.\501\
---------------------------------------------------------------------------

    \501\ See note 494, supra.
---------------------------------------------------------------------------

    The Commission acknowledges that, by replacing the requirement that 
the SROs develop a plan for real-time reporting with a requirement for 
reporting by 8:00 a.m. the next trading day, the Commission has 
precluded the possibility that, as some commenters suggested, a 
mandatory real-time reporting NMS plan might be developed by the SROs 
for consideration by the Commission and the public.\502\ However, given 
the overall scope and complexity of creating a consolidated audit 
trail, the Commission has determined that it would be more beneficial 
to have the SROs and their members focus on those key aspects of a 
consolidated audit trail that the Commission believes would be the most 
useful for improving regulatory oversight and monitoring (including, 
but not limited to, the use of unique customer identifiers, the ability 
to accurately link an order across its lifecycle, the inclusion of 
market making quotes, and the addition of options data), rather than 
focus on how to develop an NMS plan for real-time reporting that may 
not yield benefits that are equally as useful.\503\ The Commission also 
believes that, as a consequence of this modification, the Rule, as 
adopted with the 8:00 a.m. reporting deadline, will more readily 
accommodate a consolidated audit trail that could build upon existing 
audit trail infrastructures. Meeting the requirement of the Rule may no 
longer necessitate the creation of completely new infrastructures. In 
particular, the Commission notes that the OATS technical specifications 
require OATS data to be reported by 8:00 a.m. the following calendar 
day.\504\ Thus, the Rule, as adopted, would permit the SROs to submit 
an NMS plan to the Commission for its consideration with reporting 
timeframes comparable to OATS' requirement, with which all FINRA 
members are presently capable of complying.\505\ As a result, broker-
dealers might need to make fewer systems changes to comply with the

[[Page 45769]]

Rule than they would have had to make if real-time reporting were 
required, though, as discussed in Section II.C.4., supra, OATS in its 
present form would still need to be modified to meet certain of the 
other requirements of this Rule.\506\ Nevertheless, as suggested by 
many commenters, fewer systems changes to comply with the Rule should 
lead to lower costs incurred by broker-dealers.\507\
---------------------------------------------------------------------------

    \502\ See note 453, supra, and accompanying text.
    \503\ The Commission notes that, consistent with adopting an 
incremental approach to the creation of a consolidated audit trail, 
even though it is not requiring audit-trail data to be reported in 
real time, it is adding various additional requirements, discussed 
in Section III.C.2.a., infra, to the Rule regarding the evolution of 
the consolidated audit trail, including the possibility for reduced 
reporting times in the future as technologies evolve.
    \504\ The current OATS technical specifications require OATS 
reporting by 8:00 a.m. on the calendar day after the reportable 
event. The Commission notes that the FINRA rules for OATS reporting, 
however, require that data ``shall be transmitted on the day such 
event occurred''--unless information required by FINRA Rule 7440(b), 
(c), or (d) (order receipt and origination; order transmittal; order 
modifications, cancellations, and executions) is unavailable--in 
such cases, OATS requires reporting on the day the information 
becomes available. See FINRA Rule 7450(b)(2). Because of the 
discrepancy between the technical specifications and the applicable 
FINRA rule, the Commission approved FINRA's proposed rule change to 
allow OATS reporting as late as 8:00 a.m. the next day. See 
Securities Exchange Act Release No. 66021 (December 21, 2011), 76 FR 
81551 (December 28, 2011).
    \505\ The Commission notes that the Rule, as adopted, provides 
that an NMS plan must require information to be reported by 8:00 
a.m. the following trading day, while OATS requires information to 
be reported by 8:00 a.m. the following calendar day. Thus, the Rule 
as adopted provides for a longer reporting period than does OATS 
with respect to weekends and holidays.
    \506\ As noted in the Proposing Release, supra note 4, at 32592, 
broker-dealers that rely mostly on their own internal order routing 
and execution management systems would have needed to make changes 
to or replace those systems to collect and report the required order 
and reportable event information to the central repository to comply 
with the proposed Rule.
    \507\ See e.g., BATS Letter, p. 2; CBOE Letter, p. 2-3; Wells 
Fargo Letter, p. 2; Knight Letter, p. 3; High Speed, p. 1; FTEN 
Letter p. 1; Correlix Letter, p. 2; Thomson Reuters Letter, p. 2; 
FINRA Proposal Letter, p. 16; FINRA/NYSE Euronext Letter, p. 7.
---------------------------------------------------------------------------

    An additional consequence of the Commission's decision not to 
require real-time reporting is that, since meeting the requirements of 
the Rule may no longer necessitate the wholesale creation of new 
systems, the Commission's proposed cost estimates, which were based on 
this assumption, may no longer be applicable. As discussed in Section 
II.C.2., supra, the Commission believes that given the many different 
ways in which the SROs may develop an NMS plan that meets an 8:00 a.m. 
reporting requirement, the costs of such reporting will be highly 
dependent on the details of the specific plan proposed. The Rule, as 
adopted, therefore directs the SROs to provide these details, along 
with associated costs, in the NMS plan submitted to the Commission for 
the Commission and the public to consider. The Commission will be able 
to consider this information when determining whether to approve the 
NMS plan submitted.
(B) Recording of Audit Trail Data Contemporaneously With the Reportable 
Event
    As noted above, the Rule as proposed would have required SROs and 
their members to ``collect'' audit trail data ``on a real time basis.'' 
In response to commenters who commented on the meaning of ``real 
time,'' the Commission is adopting this provision with modifications 
from the proposed Rule. Specifically, Rule 613(c)(3), as adopted, 
requires that ``[t]he national market system plan submitted pursuant to 
this section shall require each national securities exchange, national 
securities association, and member to record the information required 
by paragraphs (c)(7)(i) through (v) of this section contemporaneously 
with the reportable event.''
    The Commission believes that the term ``contemporaneously'' better 
reflects its intent, as noted in the Proposing Release, that 
information should be collected immediately and with no built-in delay 
from when the reportable event occurs. While, in response to 
commenters, the Commission is no longer requiring the real-time 
reporting of information, the Commission believes it is important for 
SROs and broker-dealers to ``record'' the events contemporaneously. The 
Commission expects that compliance with this requirement will not be 
difficult for SROs and broker-dealers with automated systems, which 
will contain much, if not all, of the data to be reported to the 
central repository as a result of processing and saving a record of any 
actions taken by the SRO or broker-dealer. On the other hand, broker-
dealers that do not use automated systems will have to ensure that 
reportable events are manually recorded as they are occurring. In 
addition, the adopted Rule uses the term ``record'' in Rule 613(c)(3), 
instead of the proposed term ``collect,'' because the Commission 
believes that term more accurately reflects its intent that a 
contemporaneous record be made when an order event occurs.
f. More Flexible Format for Reporting Consolidated Audit Trail Data to 
the Central Repository
    In the Proposing Release, the Commission expressed its preliminary 
view that data would need to be collected and provided by SROs and 
their members to the central repository in a uniform electronic format 
to assure regulators that they will have ready access to comparable 
cross-market data.\508\ Specifically, Rule 613(c)(2), as proposed, 
provided that ``[t]he national market system plan submitted pursuant to 
this section shall require each national securities exchange, national 
securities association, and member to collect and provide to the 
central repository the information required by paragraph (c)(7) of this 
section in a uniform electronic format.''
---------------------------------------------------------------------------

    \508\ See Proposing Release, supra note 4, at 32572.
---------------------------------------------------------------------------

    However, the Commission received comments suggesting that audit 
trail data does not necessarily need to be provided by SROs and their 
members to the central repository in a uniform electronic format, and 
that such data instead could be converted automatically into a uniform 
format by the central repository or a third party using existing 
technology, which could result in lower cost for the securities 
industry than originally estimated.\509\ Specifically, two commenters 
indicated that technology exists today to convert or ``normalize'' data 
that may be produced from disparate systems into a uniform format and 
that, as a result, implementation of the consolidated audit trail could 
be simpler and less costly than originally contemplated by the 
Commission.\510\ One of these commenters stated that a number of risk 
management services and surveillance systems currently receive 
automatically-generated copies, or ``drop copies,'' of order and 
execution messages, in real time, from a variety of broker-dealers and 
exchanges, and convert that information into a common standard 
format.\511\ Two other commenters suggested that firms that currently 
use FIX should be allowed to continue utilizing FIX,\512\ stating that 
FIX's prevalence in the financial industry would make it cheaper and 
easier to use FIX as the protocol of the consolidated audit trail.\513\ 
Another commenter stated it could collect information directly from 
exchanges and other sources of information to minimize reporting 
obligations, and could leverage its own technology to get information 
directly from exchanges.\514\
---------------------------------------------------------------------------

    \509\ See FTEN Letter, p. 3-4, 13-15; Thomson Reuters Letter, p. 
2-3.
    \510\ Id.
    \511\ See FTEN Letter, p. 4, 12, 14. See also SIFMA Drop Copy 
Letter.
    \512\ See FIX Letter, p. 1; Aditat Letter, p. 2.
    \513\ Id.
    \514\ See Nasdaq Letter II, p. 3.
---------------------------------------------------------------------------

    In response to these comments, the Commission has modified this 
aspect of the proposed Rule. Specifically, adopted Rule 613(c)(2) 
allows the NMS plan to provide that SROs and their members can report 
data either ``in a uniform electronic format'' or ``in a manner that 
would allow the central repository to convert the data to a uniform 
electronic format, for consolidation and storage.'' \515\ In light of 
the comments that data from multiple sources could be converted into a 
uniform format,\516\ this modification provides SROs with the 
flexibility, in devising the NMS plan, to better accommodate a range of 
proposals, including those based on leveraging technology in a cost-
effective manner by permitting data to be converted to a uniform 
electronic format at the broker-dealer level or at the central 
repository. The Commission does not believe this change will reduce the 
accuracy or accessibility of the audit trail data provided to 
regulators (since

[[Page 45770]]

the Rule still requires data to ultimately be provided to regulators in 
a uniform electronic format).
---------------------------------------------------------------------------

    \515\ See Rule 613(c)(2).
    \516\ See FTEN Letter, p. 3-4, 13; Thomson Reuters Letter, p. 2-
3. See also SIFMA Drop Copy Letter.
---------------------------------------------------------------------------

    Further, by providing the SROs the ability to use a number of 
approaches to normalization, broker-dealers and SROs may not need to 
make substantial changes to their order management and execution 
systems to comply with Rule 613; instead, the central repository or the 
broker-dealers could convert such data into a uniform electronic 
format, and the Rule now provides the plan sponsors with the 
flexibility to use this approach in the NMS plan submitted to the 
Commission for its consideration. The Commission believes that, to the 
extent it avoids requiring broker-dealers and SROs to make substantial 
changes to their order management and execution systems to comply with 
Rule 613 regarding a uniform electronic format, this type of approach 
could be a more efficient and cost-effective method for collecting the 
specified audit trail data required by the Rule.\517\ The Commission 
expects that the NMS plan submitted for its consideration will specify 
how any normalization approach that might be included in the plan will 
lead to accurate and reliable data.\518\
---------------------------------------------------------------------------

    \517\ The Commission believes that, if the NMS plan does not 
require data to be reported to the central repository in a uniform 
format, broker-dealers and SROs may not have to make substantial 
changes to their order management and execution systems to comply 
with Rule 613, and thus may face lower costs than if data were 
required to be reported in a uniform format because in that 
instance, broker-dealers may need to make substantial changes to 
their order management and execution systems to comply with Rule 
613. The Commission acknowledges, however, that there would be costs 
to convert data to a ``uniform electronic format for consolidation 
and storage.'' On balance, however, the Commission preliminarily 
believes that broker-dealers might benefit from economies of scale 
when normalizing data.
    \518\ See Rule 613(a)(1)(iii).
---------------------------------------------------------------------------

g. Timeframe for Reporting Other Data Elements to the Central 
Repository
i. Proposed Rule 613(c)(4)
    While most order and execution information would have been required 
to be reported to the central repository on a real-time basis under the 
proposed Rule, the Commission also recognized that not all information 
required to be reported to the consolidated audit trail would be 
available to the SROs and their members in real time.\519\ In general, 
the audit trail data required under this timeframe reflected 
information not typically available until later in the order handling 
and execution process. This information that would have been provided 
on an extended timeframe included: (1) The account number for any 
subaccounts to which the execution is allocated (in whole or part); (2) 
the unique identifier of the clearing broker or prime broker (if 
applicable); (3) the unique order identifier of any contra-side 
order(s); (4) special settlement terms (if applicable); (5) the short 
sale borrow information and identifier; (6) the amount of a commission, 
if any, paid by the customer and the unique identifier of the broker-
dealer(s) to whom the commission is paid; and (7) the cancelled trade 
indicator (if applicable) (collectively, ``supplemental audit trail 
data'').\520\ Proposed Rule 613(c)(4) would have permitted the 
supplemental audit trail data to be reported to the central repository 
promptly after the national securities exchange, national securities 
association, or member received the information, but in no instance 
later than midnight of the day that the reportable event occurs or the 
SRO or member receives such information.
---------------------------------------------------------------------------

    \519\ See Proposing Release, supra note 4, at 32578.
    \520\ See proposed Rule 613(c)(4), 613(c)(7)(vi) through (vii).
---------------------------------------------------------------------------

    The Commission solicited comments on proposed Rule 613(c)(4) and 
its requirement that certain audit trail information not available in 
real time be reported promptly after the national securities exchange, 
national securities association, or member received the information, 
but in no instance later than midnight of the day that the reportable 
event occurs or the SRO or member receives such information. One 
commenter believed that the timeframe for reporting the specific 
consolidated audit trail data listed above should be lengthened to T+1 
or later.\521\ This commenter was concerned that requiring broker-
dealers to report certain data elements by midnight could disrupt the 
trading of certain products.
---------------------------------------------------------------------------

    \521\ See SIFMA Letter, p. 8; SIFMA Drop Copy Letter, p. 1.
---------------------------------------------------------------------------

ii. Adopted Rule 613(c)(4)
    After considering the commenter's views on proposed Rule 613(c)(4), 
the Commission is adopting the Rule with three modifications from the 
proposed Rule. First, to parallel the 8:00 a.m. deadline by which order 
event data must be reported to the central repository under adopted 
Rule 613(c)(3), adopted Rule 613(c)(4) requires that the NMS plan 
provide that supplemental audit trail data be reported by 8:00 a.m. 
Eastern Time on the trading day following the day the member receives 
the audit trail data, and provides that the plan may accommodate 
voluntary reporting prior to 8:00 a.m. Eastern Time, but shall not 
impose an earlier reporting deadline on the reporting parties.
    Second, the adopted Rule no longer requires the reporting of (1) 
special settlement terms, (2) the amount of commission, if any, paid by 
the customer, and the unique identifier of the broker-dealer to whom 
the commission is paid, and (3) the short sale borrow information and 
identifier. Third, adopted Rule 613(c)(4) requires that the NMS plan 
provide for the reporting of certain customer identification and 
customer account information by 8:00 a.m. Eastern Time on the trading 
day following the day the member receives such data, instead of in 
``real time,'' as proposed.\522\ These modifications are discussed in 
more detail below.
---------------------------------------------------------------------------

    \522\ See Rule 613(c)(7)(viii).
---------------------------------------------------------------------------

(A) Reporting Timeframe
    In response to the comments regarding the timing for reporting of 
consolidated audit trail data elements,\523\ the Commission is adopting 
Rule 613(c)(4) with modifications to the timeframe for reporting 
supplemental audit trail data. Specifically, the Rule no longer 
requires that supplemental audit trail data be reported ``promptly'' 
after the broker-dealer receives the information but no later than 
midnight of the day that the reportable event occurred; rather, adopted 
Rule 613(c)(4) requires the NMS plan to provide that supplemental audit 
trail data be reported by 8:00 a.m. Eastern Time on the trading day 
following the day the broker-dealer receives such information. Although 
the NMS plan may permit broker-dealers to report such information prior 
to that time, it may not require such earlier reporting. The Commission 
believes it is appropriate that there be an extended timeframe for 
reporting this data because this information (e.g., allocation to 
subaccounts) might not be available until later in the order handling 
and execution process and, on balance, the Commission does not believe 
it is necessary that it be reported to the central repository 
``promptly''. Instead, the modification to Rule 613(c)(4), as proposed, 
now requires that the NMS plan provide that the supplemental audit 
trail data be reported by 8:00 a.m. Eastern Time following the day the 
member receives the information, which parallels the adopted Rule 
613(c)(3) timeframe for reporting event data. The Commission believes 
this more flexible standard should reduce implementation burdens and 
simplify the requirements of adopted Rule 613, without materially

[[Page 45771]]

reducing the utility of the consolidated audit trail.
---------------------------------------------------------------------------

    \523\ See Section III.B.1.g.i., supra.
---------------------------------------------------------------------------

    The Commission notes that it has made a clarifying change to Rule 
613(c)(4), as proposed, to specify that the obligation to report the 
supplemental audit trail data to the central repository only falls on a 
broker-dealer, and not on a national securities exchange or national 
securities association.\524\ The Commission believes that this change 
is appropriate because only broker-dealers receive the types of audit 
trail data described in Rule 613(c)(vi) through (viii).\525\
---------------------------------------------------------------------------

    \524\ Rule 613(c)(4) now requires that ``each member of a 
national securities exchange or national securities association'' 
provide the information set forth in the Rule; as proposed, Rule 
613(c)(4) required ``each national securities exchange, national 
securities association, and member'' to provide the information set 
forth in the Rule.
    \525\ The Commission has also amended Rule 613(c)(4), as 
proposed, to include the provision of information sufficient to 
identify the customer and customer account information. See Rule 
613(c)(7)(viii); Section III.B.1.g.ii.(C)., supra.
---------------------------------------------------------------------------

(B) Elimination of Certain Data Elements
    As previously noted, proposed Rule 613(c)(4) would have required 
that the following information be reported to the central repository: 
(1) The account number for any subaccounts to which the execution is 
allocated (in whole or part); (2) the unique identifier of the clearing 
broker or prime broker (if applicable); (3) the unique identifier of 
any contra-side order(s); (4) special settlement terms (if applicable); 
(5) the short sale borrow information and identifier; (6) the amount of 
a commission, if any, paid by the customer and the unique identifier of 
the broker-dealer(s) to whom the commission is paid; and (7) cancelled 
trade indicator (if applicable).\526\
---------------------------------------------------------------------------

    \526\ See proposed Rule 613(c)(4), 613(c)(7)(vi), 
613(c)(7)(vii).
---------------------------------------------------------------------------

    After considering general comments suggesting that the Commission 
reduce the proposed reporting obligations under Rule 613, the 
Commission is not requiring the following data elements to be reported 
to the central repository: (1) Special settlement terms; (2) the amount 
of commission, if any, paid by the customer; (3) the unique identifier 
of the broker-dealer to whom the commission is paid; and (4) the short 
sale borrow information and identifier.\527\ While this data may be 
useful in the context of certain investigations or market analyses, 
upon further consideration, the Commission believes that these data 
elements should not be required by Rule 613 because the Commission does 
not typically find that these particular audit trail data elements 
provide enough information relevant to an initial assessment of whether 
illegal or manipulative activity is occurring in the marketplace to 
warrant that they be required as a standard part of the audit trail 
created by Rule 613. If the Commission or the SROs find that such 
information would be useful to their regulatory responsibilities, they 
may request the information directly from the broker-dealer with the 
obligation to record this information, although requests related to 
short sale borrow information may pose unique challenges. In effect, 
the Commission believes that the benefit of having these specific audit 
trail data elements in the consolidated audit trail at this time is 
unlikely to justify the recording and reporting burden on broker-
dealers of providing these elements, particularly in light of the other 
information required to be reported under Rule 613 and the regulators' 
ability to obtain this information through a follow-up request. The 
Commission notes that, if the SROs believe that having such data 
elements as part of the consolidated audit trail could be useful to 
their regulatory responsibilities, the SROs could determine to require 
SROs and their members to record and report such data as part of the 
NMS plan.
---------------------------------------------------------------------------

    \527\ See proposed Rules 613(c)(7)(vi)(D), 613(c)(7)(vi)(E), and 
613(c)(7)(vi)(F).
---------------------------------------------------------------------------

    With respect to the account number for any subaccounts to which the 
execution is allocated (in whole or in part)--an audit trail data 
element that will be required by Rule 613(c)(4), as adopted--the 
Commission notes that obtaining allocation information is important 
because part of the goal of Rule 613 is to obtain audit trail 
information for the life of an order, which would include how an order 
was ultimately allocated (i.e., to which specific customer and 
account). The Commission notes, however, that the Rule requires the NMS 
plan to require a broker-dealer to report only the account number of 
any subaccounts to which an execution is allocated that is contained in 
its own books and records for accounts and subaccounts it holds; there 
is no obligation for the broker-dealer to obtain any additional 
information about accounts or subaccounts from other broker-dealers or 
non-broker-dealers who submitted the original order. The Commission 
further notes that broker-dealers will remain subject to existing 
regulatory requirements, including recordkeeping and suitability 
requirements (e.g., ``know your customer'' rules). Including the 
account number of any subaccounts to which an execution is allocated in 
the consolidated audit trail will allow regulators to understand how an 
allocation of the securities was made among customers of a broker-
dealer to, for example, determine if the broker-dealer was favoring a 
particular customer, to better understand the economic interests of the 
customer, or as it relates to possible enforcement actions. Similarly, 
having information regarding the identity of the clearing broker or 
prime broker for the transaction, the identity of any contra-side 
order(s), and a cancelled trade indicator by 8:00 a.m. Eastern Time on 
the trading day following the day that the member receives such 
information will aid the Commission and the SROs in knowing all of the 
parties that touched an order (including the clearing broker, prime 
broker, and contra-side party to the order), and whether the order was 
cancelled. The Commission believes that all of this information will 
facilitate regulatory improvements as discussed above in Section 
II.A.2.
(C) Movement of Certain Data Elements From Event Data to Supplemental 
Audit Trail Data
    As proposed, Rule 613 would have required that, in addition to the 
Customer-ID, customer account information and other specified 
information sufficient to identify a customer be reported in real 
time.\528\ The Commission requested comment about the feasibility of 
this requirement. Several commenters expressed concern over the 
proposed requirement that customer information be reported in real time 
upon origination or receipt of an order.\529\ One commenter believed 
that leakage of customer information could ``negatively impact investor 
willingness to trade in the U.S. markets,'' \530\ and, instead, urged 
regulators to rely on EBS to provide customer information.\531\ Another 
commenter did not think it was feasible to provide customer information 
in real time.\532\ Another commenter suggested that the Commission 
``pare down its list of data points to focus on what would appear

[[Page 45772]]

on a trade ticket and certain client demographic information.'' \533\ 
This commenter explained that its suggested approach ``makes sense 
because for most brokers pulling trade ticket information from frontend 
systems will be straightforward, and client demographics should be 
easily pulled and populated onto a system for easy retrieval.'' \534\ 
Another commenter was of the view that only customer information 
regarding the person exercising investment discretion for the account 
originating the order, such as an investment adviser, should be 
required to be reported.\535\ This commenter explained that if a trade 
is not executed an investment advisor would not typically provide 
information about the owners of the underlying accounts to the broker-
dealer and thus this commenter suggested that it would be more 
practical to disclose underlying account information in relation to 
executed trades.\536\ Another commenter suggested that there be a 
``requirements analysis'' that considers the availability of order and 
trade data, and noted that allocation data is not available at the time 
of order entry.\537\
---------------------------------------------------------------------------

    \528\ See Proposing Release, supra note 4, at 32573; proposed 
Rule 613(c)(7)(i)(A), (C).
    \529\ See Liquidnet Letter, p. 3; Direct Edge Letter, p. 4 
(emphasizing that it would be more important for exchanges to obtain 
the identity of the brokers on both sides of an execution for cross-
market surveillance purposes); SIFMA Letter, p. 6, 9; Ameritrade 
Letter, p. 3.
    \530\ See FIF Letter, p. 2-3.
    \531\ This commenter suggested an alternative if the Commission 
believed customer information was necessary, using both EBS and 
OATS: EBS could send the central repository customer account 
information (including account number), and OATS would add a field 
for the account number to link the OATS reports and customer 
information together. Id. at p. 2-3.
    \532\ See SIFMA Letter, p. 6, 9.
    \533\ See Ameritrade Letter, p. 2-3.
    \534\ Id.
    \535\ See Liquidnet Letter, p. 3.
    \536\ See Liquidnet Letter, p. 3, 5-6.
    \537\ See FIF Letter II, p. 2.
---------------------------------------------------------------------------

    In recognition of commenters' concerns that this information may 
not be available in real time \538\ and to reduce the reporting burdens 
on broker-dealers, the Commission is moving data elements, including 
the customer's name, address, and account information, and large trader 
identifier (if applicable) (collectively defined as ``customer 
attributes'') from the order event data category to the supplemental 
audit trail data category.\539\ As a result, the Commission is adopting 
the Rule to provide that the NMS plan require that customer attributes 
\540\ including the customer's name, address,\541\ and customer account 
information be reported under Rule 613\542\ no later than 8:00 a.m. 
Eastern Time on the trading day following the day that the member 
receives the information.\543\ The Commission expects that the 
Customer-ID will be able to be linked to the customer attributes in the 
consolidated audit trail.
---------------------------------------------------------------------------

    \538\ See SIFMA Letter, p. 6; Liquidnet Letter, p. 3.
    \539\ See also Rule 613(j)(4) which defines ``customer account 
information'' to include, but not be limited to, account number, 
account type, customer type, date account opened, and large trader 
identifier (if applicable).
    \540\ Rule 613(j)(3), as adopted, defines the term ``customer'' 
to mean the account holder(s) of the account at a registered broker-
dealer originating the order; and any person from whom the broker-
dealer is authorized to accept trading instructions for such 
account, if different from the account holder(s).
    \541\ See Proposing Release, supra note 4, at 32573.
    \542\ The Commission notes that, under the Rule, a broker-dealer 
must only report the account number for the account the customer 
used to submit an order, not the account numbers for all accounts of 
a customer.
    \543\ See Rule 613(c)(4).
---------------------------------------------------------------------------

    The Commission believes that, to realize many of the objectives of 
a consolidated audit trail, the specific attributes of a customer must 
be recorded and, when needed, made available to regulators. Without 
these customer attributes, the data recorded is effectively anonymized, 
which would prevent regulators from using the enhanced consolidated 
audit trail data to take any enforcement action against specific 
individuals. The Commission believes customer attributes \544\ are 
necessary because regulatory authorities need to accurately and 
efficiently identify the customer to effectively surveil and analyze 
the markets, and enforce the securities laws. For example, as noted in 
the Proposing Release,\545\ a trader may trade through multiple 
accounts at multiple broker-dealers. Being able to identify the account 
holder aids in the identification and investigation of suspicious 
trading activity. Accordingly, the unique customer identifier that is 
required to be reported to the central repository for original receipt, 
origination, modification, or cancellation of an order,\546\ and that 
links together all reportable events by the same customer, must 
ultimately link back to information regulators could use to identify 
the party. With this information, regulators could more quickly 
initiate investigations, and more promptly take appropriate enforcement 
action. While this information could be requested from broker-dealers 
by the Commission and the SROs on a case-by-case basis, the Commission 
believes that achieving these benefits requires having such information 
maintained in a uniform format that is readily accessible to the 
Commission and the SROs.
---------------------------------------------------------------------------

    \544\ As adopted, Rule 613(c)(7)(viii) provides that, ``[f]or 
original receipt or origination of an order, the following 
information: (A) Information of sufficient detail to identify the 
customer; and (B) Customer account information'' be recorded and 
reported to the central repository.
    \545\ See Proposing Release, supra note 4, at 32578.
    \546\ See Section III.B.1.d.iii., supra.
---------------------------------------------------------------------------

    Furthermore, in response to the commenters concerns with respect to 
the confidentiality of this sensitive information,\547\ and as 
discussed in more detail below, the adopted Rule includes requirements 
for enhanced safeguards with respect to the privacy and confidentiality 
of consolidated audit trail data, including customer information.\548\
---------------------------------------------------------------------------

    \547\ See FIF Letter, p. 3.
    \548\ See Section III.B.3.b., infra.
---------------------------------------------------------------------------

    In response to the commenter who suggested only information 
appearing on the trade ticket and certain client demographic 
information \549\ be collected, the Commission notes that it may be 
feasible for the NMS plan to allow customer identifying and account 
information to be reported by a broker-dealer to the central repository 
only when the customer opens or closes an account (or at the time the 
consolidated audit trail is first implemented for pre-existing 
accounts)--this information may not need to be re-reported with every 
order.\550\ Under this approach, the specified customer attributes may 
be stored in the central repository and automatically linked to an 
order whenever an order with the applicable Customer-ID is reported. As 
the Commission noted in the Proposing Release,\551\ broker-dealers 
today, as part of their books and records requirements, must take 
reasonable and appropriate steps to ensure the accuracy of the customer 
information with respect to orders received.\552\ Following adoption of 
the Rule, and the creation and implementation of the consolidated audit 
trail, broker-dealers will continue to be subject to this requirement 
as they report customer information to the central repository. The 
Commission believes that allowing the specified customer attributes to 
be reported to the central repository by 8:00 a.m. Eastern Time on the 
trading day following the day that a broker-dealer first receives this 
information appropriately balances the regulatory need with the 
practical burdens of supplying it in real time as originally proposed.
---------------------------------------------------------------------------

    \549\ See Ameritrade Letter, p. 2-3.
    \550\ However, if any information previously reported by a 
broker-dealer to the central repository changes, the broker-dealer 
would need to report the updated information to the central 
repository by 8:00 a.m. Eastern Time on the trading day following 
the day that the broker-dealer receives the updated information.
    \551\ See Proposing Release, supra note 4, at 32566.
    \552\ See, e.g., Rules 17a-3, 17a-4, 17a-25 under the Exchange 
Act, 17 CFR 240.17a-3, 17a-4, 17a-25.
---------------------------------------------------------------------------

    In response to the commenter who stated that an investment adviser 
would not typically provide information about the owners of the 
underlying accounts to the broker-dealer if the trade is not 
executed,\553\ the Commission notes that, in the case of an adviser 
that enters an order to buy or sell securities using its own account 
held at the broker-dealer originating the order, the Rule, as adopted, 
would only require the NMS

[[Page 45773]]

plan to require the capture of information about the owners of the 
underlying client accounts for which the order was placed if there is 
an executed trade, and if the executed trade is allocated (pursuant to 
Rule 613(c)(7)(vi)) to the accounts of the adviser's clients at the 
same broker-dealer.\554\ However, the Commission notes that, in the 
case of an adviser that enters an order on behalf of clients that each 
maintain separate accounts at the broker-dealer originating the order, 
using those accounts, the Rule would require the NMS plan to require 
the capture of both the adviser--as the person providing trading 
instructions to the broker-dealer (pursuant to Rule 613(j)(3)(ii))--and 
the clients, who are the account holders at the broker-dealer (pursuant 
to Rule 613(j)(3)(i)), even if the order did not result in execution.
---------------------------------------------------------------------------

    \553\ See Liquidnet Letter, p. 3, 5-6.
    \554\ See Rule 613(j)(3); see also Section 
III.B.1.d.iii.(C)(2)., supra (discussing the definition of 
``customer'' as applied to investment advisers).
---------------------------------------------------------------------------

    Finally, in the Proposing Release,\555\ the Commission specifically 
requested comment on whether there are laws or other regulations in 
other jurisdictions that would limit or prohibit members from obtaining 
the proposed customer information for non-U.S. customers. The 
Commission also requested comment on how members currently obtain such 
information. If broker-dealers did encounter special difficulties in 
obtaining customer information from other jurisdictions, the Commission 
requested comment on how the proposed consolidated audit trail 
requirements should be modified to address such difficulties.
---------------------------------------------------------------------------

    \555\ See Proposing Release, supra note 4, at 32573.
---------------------------------------------------------------------------

    The Commission received one comment on this issue.\556\ The 
commenter expressed concern that, if broker-dealers were forced to 
refuse orders from non-U.S. customers because the laws of another 
jurisdiction prohibited disclosure of certain customer information, 
U.S. broker-dealers would be penalized and trading activity may shift 
offshore.\557\ The commenter recommended that the Commission adopt a 
limited exemption that would allow broker-dealers to accept orders from 
non-U.S. broker-dealers without providing customer information, in 
recognition of the fact that these broker-dealers are subject to 
regulation in their home countries.\558\
---------------------------------------------------------------------------

    \556\ See SIFMA Letter, p. 21.
    \557\ Id.
    \558\ Id.
---------------------------------------------------------------------------

    In the Rule, as adopted, ``customer'' is defined as ``(i) [t]he 
account holder(s) of the account at a registered broker-dealer 
originating the order; and (ii) [a]ny person from whom the broker-
dealer is authorized to accept trading instructions for such account, 
if different from the account holder(s).'' Under this definition, the 
non-U.S. broker-dealer referred to above is the ``customer'' of the 
U.S. broker-dealer for purposes of the rule. The U.S. broker-dealer 
would be required to record customer information for transactions in 
NMS securities only with respect to its foreign broker-dealer customer. 
There is no requirement to record information about the customers of 
such foreign broker-dealer. Because the Rule as adopted does not 
require a non-U.S. broker-dealer placing orders in NMS securities 
through a U.S. broker-dealer to provide information about its customers 
to the consolidated audit trail, the Commission believes that the 
requested limited exemption is unnecessary.
    Although the Commission is aware that the privacy laws of some, but 
not all, foreign jurisdictions may hinder a foreign broker-dealer's 
ability to disclose personal identifying and account information of 
their customers absent customer authorization, the Rule as adopted does 
not require the foreign broker-dealer to disclose this information 
about its customers.\559\ Accordingly, a non-U.S. customer desiring to 
trade in the U.S. markets would be permitted to do so through a foreign 
broker-dealer without having to disclose its personal data to the 
consolidated audit trail. Because the Rule as adopted does not require 
a foreign broker-dealer to disclose personal identifying and account 
information of its customers to the consolidated audit trail, the 
Commission does not believe that trading in NMS securities will shift 
offshore as a result of the customer identification requirements.
---------------------------------------------------------------------------

    \559\ The Rule does, of course, require the NMS plan submitted 
to the Commission for its consideration to require the foreign 
broker-dealer to disclose information about itself to the U.S. 
broker-dealer, as such information would be expected to be part of 
the records of the U.S. broker-dealer holding a foreign broker-
dealer account.
---------------------------------------------------------------------------

h. Clock Synchronization
    As proposed, Rules 613(d)(1) and (2) required that the NMS plan 
filed with the Commission include a requirement that each SRO and its 
members synchronize their business clocks that they use for the 
purposes of recording the date and time of any event that must be 
reported to the time maintained by the National Institute of Standards 
and Technology (``NIST''), consistent with industry standards.\560\ The 
SROs and their members also would have been required to annually 
evaluate the clock synchronization standard to determine whether it 
should be changed to require finer increments, consistent with any 
changes to industry standards.\561\ This clock synchronization would 
have been required to occur within four months after effectiveness of 
the NMS plan.\562\
---------------------------------------------------------------------------

    \560\ See proposed Rule 613(d)(1).
    \561\ See proposed Rule 613(d)(2).
    \562\ See proposed Rule 613(a)(3)(ii).
---------------------------------------------------------------------------

    A few commenters expressed concerns with the Commission's proposed 
approach to clock synchronization, and a few commenters provided 
comments specifically relating to the Commission's estimated costs 
relating to clock synchronization.\563\ One commenter preferred a 
synchronization standard measured in seconds and believed that 
synchronizing at the millisecond level would require specialized 
software configurations and expensive hardware.\564\ This commenter 
also was of the view that there could be material problems with systems 
latency if processors were required to re-synchronize clocks every few 
seconds to address ``time drift'' issues--further deviations from the 
time maintained by the NIST that may occur after a clock is 
synchronized.\565\ Another commenter suggested that a clock 
synchronization standard shorter than the three second standard 
currently required by FINRA for OATS compliance might be impossible to 
achieve across market participants.\566\ A third commenter was 
concerned that implementing clock synchronization could require firms 
to make modifications to a variety of related applications.\567\ One 
commenter noted that synchronizing clocks to milliseconds would require 
costly specialized software and hardware.\568\
---------------------------------------------------------------------------

    \563\ See SIFMA Letter, p. 14; FIF Letter, p. 6-7; Broadridge 
Letter, p. 3; Endace Letter, p. 2.
    \564\ See FIF Letter, p. 6.
    \565\ See FIF Letter, p. 6-7 (stating that currently ``time 
drift'' is an issue, despite advancements in synchronization 
technology, with at least one exchange experiencing time drifts 
between one and three seconds, and the SIP having its own time 
drift).
    \566\ See SIFMA Letter, p. 14.
    \567\ See Broadridge Letter, p. 3.
    \568\ See FIF Letter, p. 7.
---------------------------------------------------------------------------

    On the other hand, one commenter--a provider of data capture and 
time stamping technology--noted that ``[t]he advent of relatively low 
cost GPS receivers that derive absolute timing information accurate to 
better than 0.1 micro-seconds has significantly eased the problem of 
clock synchronization across multiple global locations,'' that ``[s]uch 
technology costs a few thousands of dollars per installation,'' and 
that ``[i]t is already in use by exchanges and high frequency

[[Page 45774]]

traders.'' \569\ Another commenter expressed support generally for the 
Commission's proposed approach to clock synchronization.\570\
---------------------------------------------------------------------------

    \569\ See Endace Letter, p. 2.
    \570\ See Liquidnet Letter, p. 8.
---------------------------------------------------------------------------

    After considering the comments received on this issue, the 
Commission is adopting Rule 613(d)(1) as proposed. As this provision 
requires that the NMS plan require clock synchronization consistent 
with industry standards, the Commission expects the NMS plan that is 
submitted to specify the time increment within which clock 
synchronization must be maintained, and the reasons the plan sponsors 
believe this represents the industry standard. The Commission notes 
that FINRA currently requires its members to synchronize their business 
clocks used for OATS reporting to within one second of the time 
maintained by NIST.\571\ The Commission believes that the current 
industry standard for conducting securities business is more rigorous 
than one second. For example, as one commenter noted, technology used 
today by exchanges and high frequency trading firms synchronizes clocks 
to increments well within the millisecond level.\572\ The Commission 
recognizes, as another commenter noted, that some firms may need to 
upgrade their technology to meet the industry standard,\573\ and that 
there will be attendant costs for such upgrading.\574\
---------------------------------------------------------------------------

    \571\ See OATS Reporting Technical Specifications (May 3, 2011), 
available at http://www.finra.org/web/groups/industry/@ip/@comp/@regis/documents/appsupportdocs/p123579.pdf (last accessed December 
8, 2011). In addition, FINRA allows clock drift of an additional two 
seconds before re-synchronization is required.
    \572\ See Endace Letter, p. 2.
    \573\ See FIF Letter, p. 6-7.
    \574\ The Commission notes that one commenter suggested that the 
cost might be limited because GPS receivers could be used and 
installed for a few thousand dollars per installation. See Endace 
Letter, p. 2.
---------------------------------------------------------------------------

    The Commission continues to believe that it is appropriate to 
require members of the securities industry to synchronize their clocks 
to the time maintained by NIST. Effective clock synchronization is 
essential to maintaining an accurately time-sequenced consolidated 
audit trail, particularly one where time stamps will be in millisecond 
increments or less. Because the consolidated audit trail will capture 
trading activity occurring across markets, if the business clocks used 
by SROs and their members for the purposes of recording the date and 
time for reportable events are not properly and consistently 
synchronized, the consolidated audit trail data will not be accurately 
time-sequenced. It is critical for the consolidated audit trail to 
allow regulators the capability to accurately determine the order in 
which all reportable events occur.\575\
---------------------------------------------------------------------------

    \575\ See Section III.B.1.d.v., supra (explaining the importance 
to enforcement cases of an accurately timed record of order events).
---------------------------------------------------------------------------

    The Rule as proposed required that both the SROs and their members 
annually evaluate the clock synchronization standard to determine 
whether it should be changed to require finer increments, consistent 
with any changes in the industry standard.\576\ The Commission believes 
that the obligation to evaluate the clock synchronization standard 
annually should be borne by the SROs as the plan sponsors, not SRO 
members. The Commission believes that it is appropriate for the SROs, 
as regulators of the securities markets and users of the consolidated 
audit trail data, to have the obligation to evaluate whether a change 
in the clock synchronization standard is warranted.\577\ Therefore, the 
adopted Rule provides that the NMS plan shall require SROs to evaluate 
annually the clock synchronization standard set forth in the NMS 
plan.\578\
---------------------------------------------------------------------------

    \576\ See proposed Rule 613(d)(2).
    \577\ See Rule 613(d)(2).
    \578\ Rule 613(d)(2) provides that ``[e]ach national securities 
exchange and national securities association [shall] evaluate 
annually the clock synchronization standard to determine whether it 
should be shortened, consistent with changes in industry standards * 
* *.''
---------------------------------------------------------------------------

    The Commission recognizes, as a commenter noted,\579\ that time 
drift is an issue that must be addressed by the plan sponsors, to 
prevent a deterioration of the accuracy of the data in the consolidated 
audit trail. Therefore, the Commission expects the NMS plan to address 
the maximum amount of time drift that would be allowed before clocks 
must be re-synchronized, and why this is consistent with the industry 
standard.
---------------------------------------------------------------------------

    \579\ See FIF Letter, p. 7.
---------------------------------------------------------------------------

    As with many other aspects of the Rule, the costs of this 
requirement are highly dependent on the details of the solution 
proposed by the SROs because the Commission is leaving it up to the 
SROs to determine the maximum allowable time drift. As such, the SROs 
must discuss in their submitted plan the clock-synchronization standard 
they proposed, what alternatives were considered, and the rationale 
behind their choice. Once the NMS plan is received, the Commission, as 
well as the public, will be able to consider the extent to which the 
proposed synchronization standard supports the ability of regulators to 
fully achieve the benefits afforded by the creation of a cross-market 
consolidated audit trail.
2. Central Repository
a. Central Repository as a Facility of the SROs
    As proposed, Rule 613(e) required that the NMS plan provide for the 
creation and maintenance of a central repository,\580\ which would have 
been a ``facility'' of each exchange and FINRA.\581\ The central 
repository would have been jointly owned and operated by the exchanges 
and FINRA, and the NMS plan would have been required to provide, 
without limitation, the Commission and SROs with access to, and use of, 
the data reported to and consolidated by the central repository for the 
purpose of performing their respective regulatory and oversight 
responsibilities pursuant to the federal securities laws, rules, and 
regulations.\582\ Each of the exchanges and FINRA would have been a 
sponsor of the plan \583\ and, as such, would have been jointly 
responsible for selecting a plan processor to operate the central 
repository.\584\
---------------------------------------------------------------------------

    \580\ See proposed Rule 613(e)(1).
    \581\ The term ``facility'' is defined in Section 3(a)(2) of the 
Exchange Act, with respect to an exchange, to include ``its 
premises, tangible or intangible property whether on the premises or 
not, any right to use such premises or property or any service 
thereof for the purpose of effecting or reporting a transaction on 
an exchange (including, among other things, any system of 
communication to or from the exchange, by ticker or otherwise, 
maintained by or with the consent of the exchange), and any right of 
the exchange to the use of any property or service.'' 15 U.S.C. 
78c(a)(2).
    \582\ See proposed Rule 613(e)(2).
    \583\ See proposed Rule 613(a)(4).
    \584\ See proposed Rule 613(a)(3)(i).
---------------------------------------------------------------------------

    The Commission requested comment on the need for a central 
repository to receive and retain the consolidated audit trail 
information, whether there would be alternatives to creating a central 
repository for the receipt of order audit trail information, and 
whether it would be practical or appropriate to require the SROs to 
jointly own and operate the central repository.
    A few commenters discussed the proposed ownership structure of the 
central repository.\585\ One commenter argued that the central 
repository should be owned and operated by the Commission, or a non-SRO 
formed specifically to operate the central repository, and expressed 
concern that the central repository could be used by SROs as a source 
of revenue through the imposition of penalties.\586\ Another commenter 
recommended that the Commission own the repository and not outsource it 
to a third party, explaining

[[Page 45775]]

that, in systemically important events, it may be necessary to have 
immediate and direct access to the data, without an intermediary.\587\ 
Yet another commenter noted that the decision to use OATS or another 
system as the basis for the consolidated audit trail system should be 
separate from the choice of the party that will be responsible for 
building and operating the central repository.\588\
---------------------------------------------------------------------------

    \585\ See Ameritrade Letter, p. 4; High Speed Letter, p. 1; BATS 
Letter, p. 2.
    \586\ See Ameritrade Letter, p. 4.
    \587\ See High Speed Letter, p. 1.
    \588\ See BATS Letter, p. 2.
---------------------------------------------------------------------------

    The Commission received a couple of comments specifically regarding 
the costs of the creation and maintenance of the central repository. 
FINRA, in one of its comment letters, submitted a ``blueprint'' for a 
version of a consolidated audit trail based on enhancements to OATS--
though without certain key elements proposed to be required by the 
adopted Rule--and estimated initial costs for developing the repository 
to be between $100 million and $125 million, with ongoing annual costs 
to be between $30 million and $40 million.\589\ Another commenter 
suggested the use of cloud computing for the central repository which 
it believed would cost less than $10 million per year.\590\
---------------------------------------------------------------------------

    \589\ See FINRA Proposal Letter, p. 14-16.
    \590\ See High Speed Letter, p. 1.
---------------------------------------------------------------------------

    The Commission has considered the comments and is adopting as 
proposed the requirement in Rule 613(e)(1) that the NMS plan provide 
for the creation of a central repository. The Commission believes that 
having a central repository is important to ensuring access to 
consolidated data for the Commission and SROs, and for ensuring 
consistency, quality, and security in the audit trail data.
    As adopted, Rule 613(e)(1) does not dictate a particular audit 
trail collection system to be used as the central repository for the 
consolidated audit trail, but, instead, delineates the required core 
features of such a system.
    The Commission considered the commenter's recommendation that it 
should own the central repository \591\ but determined that such 
ownership is not necessary as long as the central repository has the 
core features articulated in the Rule, the Commission and SROs have 
full access to the audit trail data for regulatory purposes, and the 
central repository is a facility of each SRO subject to Commission 
oversight.\592\ The Commission notes that, because the central 
repository will be jointly owned by, and a facility of, each SRO, it 
will be subject to Commission oversight. The Commission will have 
unfettered access to the data in the central repository without being 
its owner.
---------------------------------------------------------------------------

    \591\ See Ameritrade Letter, p. 4.
    \592\ See note 581, supra (describing the nature of a 
``facility'').
---------------------------------------------------------------------------

    The Commission also considered the comment that the central 
repository should be owned by a non-SRO specifically formed to operate 
the central repository.\593\ The Commission, however, believes that it 
will have more regulatory authority over the central repository as a 
facility of each SRO than it would have if the central repository were 
owned or operated by a non-SRO. First, the Commission has the statutory 
obligation to oversee the SROs, including facilities thereof, and to 
ensure that SROs enforce compliance by their members with the 
respective SRO's rules, and the federal securities laws, rules, and 
regulations.\594\ Second, a facility of an SRO is subject to the rule 
filing requirements of Section 19(b) of the Exchange Act.\595\
---------------------------------------------------------------------------

    \593\ See Ameritrade Letter, p. 4.
    \594\ See, e.g., 15 U.S.C. 78b; 15 U.S.C. 78f(b); 15 U.S.C. 78o-
3(b); 15 U.S.C. 78s(h)(1).
    \595\ Section 19(b)(1) of the Exchange Act defines the term 
``proposed rule change'' to mean ``any proposed rule or rule change 
in, addition to, or deletion from the rules of [a] self-regulatory 
organization.'' Pursuant to Section 3(a)(27) and 3(a)(28) of the 
Exchange Act, the term ``rules of a self-regulatory organization'' 
means (1) the constitution, articles of incorporation, bylaws and 
rules, or instruments corresponding to the foregoing, of an SRO, and 
(2) such stated policies, practices and interpretations of an SRO 
(other than the Municipal Securities Rulemaking Board) as the 
Commission, by rule, may determine to be necessary or appropriate in 
the public interest or for the protection of investors to be deemed 
to be rules.
---------------------------------------------------------------------------

    In response to the commenter who expressed concern that the plan 
sponsors would use the central repository to generate revenue through 
penalties,\596\ the Commission notes that any penalty provisions must 
be provided in the NMS plan submitted to the Commission for its 
consideration, or in a future amendment to the NMS plan, if the NMS 
plan is approved. The Commission will review the NMS plan submitted for 
its consideration, which also will be subject to public notice and 
comment, to assure itself that the NMS plan is designed to be applied 
fairly and otherwise in a manner consistent with the Exchange Act. The 
Commission expects that the NMS plan's penalty provisions would provide 
sufficient detail regarding the circumstances in which any penalties 
would apply, and any restrictions on how payments of such penalties may 
be used, to permit the Commission to determine that such penalty 
provisions are fair and consistent with the Exchange Act. As the 
central repository will be a facility of the plan sponsors, the rules 
governing it must be consistent with the Exchange Act.\597\ In 
addition, future amendments to the penalty provisions would either be 
reviewed as an amendment to the NMS plan, under Rule 608 of Regulation 
NMS, or, because the central repository is a facility of the SROs, as a 
proposed rule change of the central repository under Section 19 of the 
Exchange Act.\598\ Additionally, the Commission has the authority to 
review any action taken or failure to act by any person under an 
effective NMS plan, pursuant to Rule 608(d)(1) of Regulation NMS.\599\ 
Lastly, any penalty provisions included in the NMS plan approved by the 
Commission will be subject to the Commission's inspection and 
examination program of SROs to ensure they are implemented fairly in a 
manner consistent with the Exchange Act.\600\
---------------------------------------------------------------------------

    \596\ See Ameritrade Letter, p. 4.
    \597\ See note 581, supra (describing the nature of a 
``facility'').
    \598\ 15 U.S.C. 78s.
    \599\ 17 CFR 242.608(d)(1). If the Commission does not make a 
finding that the action or failure to act is consistent with the 
provisions of the NMS plan and was applied in a manner consistent 
with the Act, or if it finds that such action or failure to act 
imposes any burden on competition not necessary or appropriate in 
furtherance of the purposes of the Act, the Commission, by order, 
can set aside such action and/or require such action with respect to 
the matter reviewed as the Commission deems necessary or appropriate 
in the public interest, for the protection of investors, and the 
maintenance of fair and orderly markets, or to remove impediments 
to, and perfect the mechanisms of, the NMS plan. 17 CFR 
242.608(d)(3).
    \600\ The Commission notes that, as part of its inspection and 
examination program, its staff has the authority to examine the 
application of any penalty provisions in the NMS plan to determine 
whether they have been applied fairly. In this manner, the 
Commission will be able to monitor how the plan sponsors have 
applied any penalty provisions set out in the NMS plan approved by 
the Commission.
---------------------------------------------------------------------------

    In response to the comments regarding the costs of the creation and 
maintenance of a central repository, the Commission notes that the 
costs would be highly dependent on the decisions the SROs make with 
respect to each of the areas in which the Commission has provided 
flexibility to the SROs in crafting the NMS plan to be submitted to the 
Commission for its consideration. For example, cost estimates could 
vary depending on whether the NMS plan requires unique order 
identifiers or permits ``a series of order identifiers.'' Such cost 
estimates also could vary because the Rule does not specify details 
regarding, among other things, the security and confidentiality 
procedures of the central repository, the system for assigning customer 
identifiers, the format(s) of data reported to the central repository, 
the methods by which regulators will access data in the central 
repository, whether an annual independent evaluation will be

[[Page 45776]]

required, how reportable events related to the same order will be 
linked, or how errors will be processed. Such information will be known 
only after the filing of the NMS plan and, thus, the Commission 
believes it is appropriate to defer consideration of such costs until 
the NMS plan is submitted for its consideration. Once it is submitted, 
the Commission will be able to use this information in determining 
whether to approve the NMS plan.
    The Commission notes that other provisions of the Rule that are 
applicable to the central repository, discussed below, have been 
modified from the proposal, including provisions relating to the format 
in which the data may be reported,\601\ and to the security and 
confidentiality of the consolidated audit trail data.\602\
---------------------------------------------------------------------------

    \601\ See Section III.B.2.b., infra; Rule 613(e)(1).
    \602\ See Section III.B.2.e., infra; Rule 613(e)(4)(i).
---------------------------------------------------------------------------

b. Receipt, Consolidation, and Retention of Data
1. Audit Trail Data
    In addition to providing for the creation and maintenance of the 
central repository, Rule 613(e), as proposed, also would have required 
the central repository to receive, consolidate, and retain all data 
reported by the SROs and their members pursuant to the Rule and the NMS 
plan.\603\
---------------------------------------------------------------------------

    \603\ See proposed Rule 613(e)(1).
---------------------------------------------------------------------------

    The Commission is adopting, substantially as proposed, the 
provisions in Rule 613(e) regarding the responsibility of the central 
repository to receive, consolidate, and retain the audit trail data, 
but with a few modifications to reflect changes the Commission made to 
other sections of Rule 613.\604\
---------------------------------------------------------------------------

    \604\ See Sections III.B.1.d. and III.B.1.f., supra.
---------------------------------------------------------------------------

    The first change to Rule 613(e)(1) is a conforming change to the 
modification in adopted Rule 613(c)(2) that permits the NMS plan to 
provide that audit trail data be reported to the central repository 
either in a uniform electronic format, or in a manner that would allow 
the central repository or a third party to convert the data to a 
uniform electronic format for consolidation and storage.\605\ Given the 
need for cross-market comparability and ready access,\606\ the adopted 
Rule requires that, to the extent the NMS plan does not require that 
data be reported to the central repository in a uniform electronic 
format, the central repository must convert the data to a uniform 
electronic format for consolidation and storage.\607\ The Commission 
notes that, regardless of whether the NMS plan submitted to the 
Commission for its consideration elects to have the central repository 
normalize audit trail data reported, the Rule requires the central 
repository to consolidate and store the data in a uniform electronic 
format.
---------------------------------------------------------------------------

    \605\ See Rule 613(c)(2); see Section III.B.1.f., supra.
    \606\ See Proposing Release, supra note 4, at 32564. See also 
Section III.B.2.d., infra.
    \607\ See note 516, supra.
---------------------------------------------------------------------------

    The second change to Rule 613(e)(1) reflects the Commission's view 
that, while it is appropriate to provide the plan sponsors with the 
flexibility to determine how an order will be identified, audit trail 
data must be stored in the central repository in a manner that will 
allow order information to be retrieved in a timely and accurate 
fashion. Accordingly, adopted Rule 613(e)(1) requires that the audit 
trail data consolidated in the central repository be stored ``in a form 
in which all events pertaining to the same originating order are linked 
together in a manner that ensures timely and accurate retrieval * * * 
for all reportable order events for that order.'' The Commission notes 
that, regardless of whether the NMS plan submitted to the Commission 
for its consideration elects to use a series of order identifiers or a 
unique order identifier, the Rule requires the central repository to be 
able to link together all reporting events pertaining to an order.
    In looking ahead to considering the overall cost of creating, 
implementing, and maintaining a consolidated audit trail in connection 
with the NMS plan, the Commission recognizes that, in addition to the 
costs to SRO members who would be required to record and report data to 
the central repository, there also will be costs associated with 
creating and maintaining a central repository. These costs may include: 
(1) The purchase and maintenance of servers and systems to receive, 
consolidate, and retain audit trail data, and to allow access to and 
searches on the data; (2) the development of policies and procedures 
relating to the timeliness, accuracy, completeness, security, and 
confidentiality of the data collected; (3) the development and 
maintenance of a comprehensive information security program for the 
central repository; and (4) dedicated staff, including a CCO.
2. NBBO Information, Transaction Reports, and Last Sale Reports
    In addition to receiving, consolidating, and retaining audit trail 
data reported pursuant to Rule 613(c), Rule 613(e)(5), as proposed, 
would have required the central repository to collect and retain, on a 
current and continuing basis and in a format compatible with the 
information collected pursuant to Rule 613(c)(7),\608\ the NBBO 
information for each NMS security,\609\ as well as transaction reports 
reported pursuant to an effective transaction reporting plan filed with 
the Commission pursuant to, and meeting the requirements of, Rule 601 
of Regulation NMS under the Exchange Act.\610\ In addition, last sale 
reports reported pursuant to the OPRA Plan filed with the Commission 
pursuant to, and meeting the requirements of, Rule 608 of Regulation 
NMS under the Exchange Act would have been required to be collected and 
retained.\611\
---------------------------------------------------------------------------

    \608\ See Section III.B.1.d., supra.
    \609\ See proposed Rule 613(e)(5)(i).
    \610\ The effective transaction reporting plans include the CTA 
Plan and the UTP Plan. See note 101, supra; proposed Rule 
613(e)(5)(ii).
    \611\ See proposed Rule 613(e)(5)(iii).
---------------------------------------------------------------------------

    One commenter expressed its belief that, ``[a]s in the case of the 
current OATS system, execution data provided to the consolidated audit 
trail should identify where the trade was publicly reported and have a 
common identifier that links the audit trail execution reports for the 
buy and sell orders to the public trade report.'' \612\ The Commission 
believes that the proposed requirement for the central repository to 
collect and retain NBBO information, as well as transaction reports and 
last sale reports,\613\ would facilitate the ability of SRO and 
Commission staff to search across order, NBBO, and transaction 
databases. Moreover, inclusion of NBBO information would permit 
regulators to compare order execution information to the NBBO 
information readily as all of the information will be available in a 
compatible format in the same database. This information also would be 
available to the Commission to assist in its oversight efforts.
---------------------------------------------------------------------------

    \612\ See Liquidnet Letter, p. 7. See also Section III.B.d.vii., 
supra.
    \613\ See proposed Rule 613(e)(5)(i) through (iii).
---------------------------------------------------------------------------

    Additionally, requiring the central repository to collect and 
retain the NBBO and transaction information in a format compatible with 
the order execution information would aid in monitoring for regulatory 
compliance (e.g., Rule 201 of Regulation SHO). Also, this information 
would be useful in conducting market analyses (e.g., how order entry 
affects NBBO prices and depth). The Commission believes that the 
requirement that the central repository collect transaction reports 
reported pursuant to the CTA, UTP, and OPRA plans \614\ would allow 
regulators to more efficiently evaluate certain

[[Page 45777]]

trading activity. For example, a pattern of unreported trades may cause 
the staff of an SRO to make further inquiry into the nature of the 
trading to determine whether the public is receiving accurate and 
timely information regarding executions and that market participants 
are continuing to comply with the trade reporting obligations under SRO 
rules. Similarly, a pattern of unreported transactions could be indicia 
of market abuse, including failure to obtain best execution for 
customer orders or possible market manipulation. The Commission 
believes that having the quotation and transaction information 
currently collected with respect to NMS securities in the same data 
repository--and in a compatible format--as part of the consolidated 
audit trail would enhance regulatory efficiency when analyzing the 
data.
---------------------------------------------------------------------------

    \614\ See proposed Rule 613(e)(7)(i) through (iii).
---------------------------------------------------------------------------

    After considering the comment on this provision,\615\ the 
Commission is adopting proposed Rule 613(e)(5)(ii) and (e)(5)(iii) 
(renumbered as Rule 613(e)(7)(ii) and (e)(7)(iii)), as proposed, and 
the requirement of proposed Rule 613(e)(5)(i) (renumbered as Rule 
613(e)(7)(i)) for the NMS plan to require the central repository to 
collect and retain NBBO information for each NMS security substantially 
as proposed, but is clarifying that the NBBO information must include 
size and quote condition.\616\ NBBO size information is integral to 
determining whether best execution and order handling requirements were 
satisfied for a particular order because these requirements depend on 
the relationship between the size of the order and the displayed size 
at the NBBO. NBBO quote condition information is integral to 
determining whether or not quotes are immediately accessible. For 
example, quote condition information that identifies whether the quote 
reflecting the NBBO was automated, and therefore subject to trade-
through protection, or manual \617\ may be an important consideration 
in determining whether the duty of best execution was satisfied. The 
NBBO price, size, and quote condition is used by regulators to evaluate 
members for compliance with regulatory requirements, such as the duty 
of best execution or Rule 611 of Regulation NMS.\618\ The Commission 
acknowledges that there will be costs to the central repository to 
purchase and to retain NBBO information, transaction reports, and last 
sale reports. However, the Commission believes that the benefits 
associated with having such information included in the central 
repository justify the costs to the SROs of requiring that they include 
this in the NMS plan submitted to the Commission for its review.
---------------------------------------------------------------------------

    \615\ See Liquidnet Letter, p. 7.
    \616\ Quote condition is a field in the CQS feed that provides 
information on a quote, including whether such quote is an opening 
quote, closing quote, news pending, slow on ask side, slow on bid 
side, order imbalance or non-firm quote. See CQS Output Multicast 
Line Interface Specification, Version 48 (October 11, 2011), 
Appendix G.
    \617\ Manual quotes are not eligible for automatic execution and 
do not have trade through protection under Rule 611 of Regulation 
NMS. See 17 CFR 242.600(57) for a definition of a protected bid or 
protected offer.
    \618\ 17 CFR 242.611.
---------------------------------------------------------------------------

3. Retention of Information
    As proposed, Rule 613(e)(6) would have provided that the NMS plan 
require the central repository to retain the information collected 
pursuant to Rule 613(c)(7) and (e)(5) in a convenient and usable 
standard electronic data format that is directly available and 
searchable electronically without any manual intervention for a period 
of not less than five years. The information would have been required 
to be available immediately, or, if immediate availability could not 
reasonably and practically be achieved, a search query would have been 
required to begin operating on the data not later than one hour after 
the search query is made.\619\
---------------------------------------------------------------------------

    \619\ See proposed Rule 613(e)(6).
---------------------------------------------------------------------------

    One commenter suggested that the Commission modify the time 
standard for the availability of older data to a next day (or later) 
standard, as the need for regulators to have immediate access to the 
data diminishes over time. The commenter stated that a requirement that 
the data be made available the next day, or after another longer period 
of time, would be less burdensome on the consolidated audit trail 
system and less costly, while still meeting the needs of 
regulators.\620\ Another commenter believed that there could be 
difficulties in querying and analysis because the proposal did not 
specify how the data would be stored in the central repository.\621\
---------------------------------------------------------------------------

    \620\ See Nasdaq Letter I, p. 10-11.
    \621\ See Ross Letter, p. 1.
---------------------------------------------------------------------------

    In response to the commenters' concerns, the Commission is 
modifying the proposed Rule. Specifically, Rule 613(e)(8) (renumbered 
from proposed Rule 613(e)(6)) provides that ``[t]he national market 
system plan submitted pursuant to this section shall require the 
central repository to retain the information collected pursuant to 
[Rules 613(c)(7) and (e)(7)] in a convenient and usable standard 
electronic data format that is directly available and searchable 
electronically without any manual intervention for a period of not less 
than five years.'' The adopted Rule does not require, as was proposed, 
that the consolidated audit trail data be available immediately, or if 
immediate availability cannot reasonably and practically be achieved, 
any search query must begin operating on the data not later than one 
hour after the search query is made.\622\
---------------------------------------------------------------------------

    \622\ See proposed Rule 613(e)(6).
---------------------------------------------------------------------------

    The Commission believes that it is unnecessary for the Rule to 
require a timeframe within which consolidated audit trail data must be 
available or a timeframe for when a search must begin after the query 
is made because, as discussed below,\623\ the Rule, as adopted, 
includes a provision that requires the NMS plan to specifically address 
the ``time and method by which the data in the central repository will 
be made available to regulators, in accordance with paragraph (e)(1) of 
this section, to perform surveillance or analyses, or for other 
purposes as part of their regulatory and oversight responsibilities.'' 
\624\ The Commission will consider the response to this provision 
contained in the NMS plan submitted by the plan sponsors to the 
Commission, regarding the time and method by which the data in the 
central repository can be accessed and used by regulators as part of 
their regulatory and oversight responsibilities--which would encompass 
queries--as it evaluates the NMS plan. The Commission believes this 
provision provides flexibility to the SROs to devise an access 
requirement that meets the needs of regulators in a cost-effective and 
timely manner,\625\ rather than establishing a strict deadline for all 
data to be accessible from the central repository.
---------------------------------------------------------------------------

    \623\ See Section III.C.2.a.i., infra.
    \624\ See Rule 613(a)(1)(ii).
    \625\ The Commission acknowledges there would be costs to the 
central repository for retaining data received or collected by the 
central repository pursuant to Rule 613. As discussed in Section I., 
supra, the NMS plan submitted to the Commission for its 
consideration will include a detailed analysis of the costs of the 
Rule for the Commission and the public to consider after the NMS 
plan has been submitted.
---------------------------------------------------------------------------

c. Timeliness, Accuracy, Integrity, and Completeness of the 
Consolidated Data
    As proposed, Rule 613(e)(4)(ii) would have required the NMS plan to 
include policies and procedures, including standards, for the plan 
processor to ensure the timeliness, accuracy, and completeness of the 
data provided to the central repository. In addition, proposed Rule 
613(e)(4)(iii) would have required that the NMS plan include policies 
and procedures, including standards for the plan processor to reject 
data provided to

[[Page 45778]]

the central repository that does not meet these validation parameters, 
and for SROs and members to re-transmit corrected data. Finally, 
proposed Rule 613(e)(4)(iv) would have required that the NMS plan 
include policies and procedures, including standards, to ensure the 
accuracy of the consolidation by the plan processor of the data 
provided to the central repository.
    The Commission requested comment on these proposed 
requirements.\626\ The Commission asked if this approach was practical 
to ensure the integrity of the data, and whether there were alternative 
methods that would achieve the same purpose that would be preferable. 
The Commission also requested comment on how much latency would result 
from a validation procedure.
---------------------------------------------------------------------------

    \626\ See Proposing Release, supra note 4, at 32582.
---------------------------------------------------------------------------

    The Commission received comments focusing concern on the potential 
for errors in the consolidated audit trail and the negative effects of 
errors in the consolidated audit trail.\627\ One commenter stated that 
the ``key principles [that] best ensure that the regulatory goals of 
the consolidated audit trail are met in a cost efficient manner'' 
include a system that ``avoids data quality issues through data 
validation safeguards and a structure that reads data as close to the 
point of origin as possible to avoid data translation errors when data 
is processed through intermediary applications.'' \628\ Another 
commenter stated that ``the CAT facility would also need a mechanism to 
identify and correct data that was inaccurate.'' \629\ Another 
commenter noted that, ``if any other protocol [other than FIX] is used 
a translation is required to transform data into a different protocol. 
This introduces error and offers the potential for manipulation of the 
data. Using FIX means the SEC is looking at the original format of the 
data.'' \630\
---------------------------------------------------------------------------

    \627\ See Aditat Letter, p. 2; FIF Letter, p. 4; FINRA Letter, 
p. 11; Nasdaq Letter I, p. 8.
    \628\ See Nasdaq Letter I, p. 8.
    \629\ See FIF letter, p. 4.
    \630\ See Aditat Letter, p. 2.
---------------------------------------------------------------------------

    As a point of reference, summary data about OATS provided by FINRA 
to Commission staff indicates that approximately 0.25% of the intra-
firm data reported daily by members contains errors.\631\ Additionally, 
according to FINRA, when errors relating to the linkage of order 
reports are detected, members have no obligation to correct the 
errors.\632\ As a result, approximately 1-2% of each day's recorded 
events remain unmatched (i.e., multi-firm events, such as order 
routing, that cannot be reconciled).\633\ This deficiency in the OATS 
process diminishes the completeness and overall usefulness of the audit 
trail OATS creates.
---------------------------------------------------------------------------

    \631\ See Commission Staff Memorandum, supra, note 64.
    \632\ Id.
    \633\ Id.
---------------------------------------------------------------------------

    In a comment letter, FINRA discussed the challenge of obtaining 
accurate audit trail information if the data was required in real time, 
and it noted the actions it undertakes to ensure the accuracy and 
completeness of its audit trail data and minimize errors.\634\ FINRA 
stated that, ``to ensure the integrity of OATS data submitted, FINRA 
performs over 152 separate OATS data validations on each order event, 
each of which can result in OATS data submissions being rejected and 
generating an error message.\635\ As a result, FINRA performs over 40 
billion separate checks each day to ensure OATS data conforms to all 
applicable specifications.\636\ Members are then required by rule to 
repair and resubmit such data that did not meet OATS 
specifications.\637\ Although members' OATS compliance rates are very 
high on average, almost 425,000 reports per day, on average, are 
rejected and must be corrected.\638\ Accordingly, to use audit trail 
data before such validations have been performed may result in a 
severely distorted picture of trading and interfere with effective 
oversight.'' \639\
---------------------------------------------------------------------------

    \634\ See FINRA Letter, p. 11.
    \635\ Id.
    \636\ Id.
    \637\ Id.
    \638\ Id.
    \639\ Id. FINRA also noted, however, that ``compliance rates for 
OATS steadily improved over time as members gained experience with 
the system. For example, when the OATS rules were first implemented, 
the match rate between executed orders and the related trade report 
submitted to an NASD transaction reporting system was only 76%. 
Currently, this match rate is consistently over 99%, which reflects 
the significant time and effort that has been expended by the 
industry to make their systems OATS compliant. FINRA believes that 
creation of a new system, rather than building off of an existing 
reporting infrastructure, will necessarily create a learning curve 
and lead to reduced compliance rates over the short-term.'' Id. The 
Commission acknowledges that there could be a learning curve for 
compliance with the NMS plan requirements for the reporting of data. 
The Commission, however, expects the NMS plan to minimize such 
reduced compliance rates to the extent reasonably practicable.
---------------------------------------------------------------------------

    With respect to mechanisms to ensure compliance by SROs with the 
requirements of the plan, one commenter stated that ``Commission rules 
should focus on the reasonable design of systems, processes and 
procedures to fulfill their objectives and patterns and practice of 
non-compliance rather than looking to any failure as a rule violation. 
This is particularly important in the context of data errors or similar 
matters.'' \640\
---------------------------------------------------------------------------

    \640\ See Nasdaq Letter I, p. 13.
---------------------------------------------------------------------------

    Finally, another commenter believed that ``major market 
participants'' should retain ``detailed information of all network 
packets and trade data at both the ingress and egress of their 
infrastructure.'' \641\ This commenter believed that this information 
would not need to be forwarded to ``any audit authority'' but explained 
that such information could be used by regulators in the event a 
``denial of service'' attack were to occur at a network level to slow 
market activities or hinder the flow of market information. This 
commenter further explained that having this information would 
``greatly improve confidence in the integrity of data and act as a 
further deterrence for fraudulent activity.'' \642\
---------------------------------------------------------------------------

    \641\ See Endace Letter, p. 2-3.
    \642\ Id. at p. 3.
---------------------------------------------------------------------------

    After consideration of the comments received, the Commission is 
adopting Rule 613(e)(4)(ii) substantially as proposed. Thus, the NMS 
plan must have policies and procedures, including standards, to ensure 
the timeliness, accuracy, and completeness of the data received. The 
Commission believes that audit trail data that is timely, accurate, and 
complete is critical to the usefulness and effectiveness of Rule 613. 
However, the Commission is adding the term ``integrity'' to the list of 
items that the policies and procedures adopted by the plan sponsors, as 
set forth in Rule 613(e)(4)(ii), must address.\643\ The addition of 
``integrity'' is designed to help emphasize that data should not be 
subject to benign or malicious alteration, so that such data would be 
consistent and reliable at each point of transmission throughout its 
lifecycle (i.e., transmission from the SRO or member to the central 
repository, data extraction, transformation and loading at the central 
repository, data maintenance and management at the central repository, 
and data access by regulators). The Commission believes that the 
integrity of the audit trail data is critical to the usefulness and 
effectiveness of the consolidated audit trail.
---------------------------------------------------------------------------

    \643\ Rule 613(e)(4)(ii) provides that the NMS plan shall 
include policies and procedures, including standards, to ensure the 
timeliness, accuracy, integrity, and completeness of the data 
provided to the central repository.
---------------------------------------------------------------------------

    The Commission also is adopting Rule 613(e)(4)(iv), renumbered as 
Rule 613(e)(4)(iii), as proposed, which provides that the NMS plan 
submitted shall include policies and procedures, including standards, 
to be used by the

[[Page 45779]]

plan processor to ensure the accuracy of the consolidation by the plan 
processor of the data reported to the central repository. The 
Commission believes that policies and procedures, including standards, 
to be used to ensure accuracy of the consolidated data are important 
and necessary because the benefits of ensuring that data is accurately 
reported to the central repository would be lost if the consolidation 
process is not as equally robust. The regulatory benefits of a 
consolidated audit trail are therefore based, in part, on the 
timeliness, accuracy, completeness, and integrity of the data 
ultimately available to regulators from the central repository.
    As described above in Sections III.B.1.f. and III.B.1.d.iv., the 
adopted Rule provides the SROs with more flexibility than the proposed 
Rule in developing (a) the format(s) of data to be reported to the 
central repository, and (b) the methods by which order identifiers will 
be used to link reportable events. Accordingly, the Commission expects 
the policies and procedures included in the NMS plan submitted to the 
Commission for its consideration to apply to both the transmission of 
audit trail data from SROs and their members to the central repository, 
and the consolidation and retention of that data, and other information 
collected pursuant to the Rule, by the central repository, including, 
but not limited to, any normalization or conversion of the data to a 
uniform electronic format, and procedures for how reportable events are 
accurately linked. The Commission believes that it is critical to the 
usefulness of the consolidated audit trail that the SROs and their 
members report data in a manner that is accurate and complete, and that 
the central repository takes any and all appropriate measures to 
consolidate and retain that data in the same manner. To the extent the 
data is not accurate or complete, the ability of SRO and Commission 
staff to utilize the data to accomplish the goal of the consolidated 
audit trail will be compromised.\644\
---------------------------------------------------------------------------

    \644\ See Section II.A., supra.
---------------------------------------------------------------------------

    In light of the comments the Commission received that noted the 
concern about the potential for errors in the consolidated audit trail, 
as well as the impact such errors may have on the consolidated audit 
trail,\645\ the Commission is revising Rule 613(e)(4)(iii) as proposed 
(renumbered as Rule 613(e)(6)(i)). Specifically, Rule 613(e)(6)(i) 
requires the NMS plan submitted to the Commission for its consideration 
to ``[s]pecify a maximum error rate to be tolerated by the central 
repository for any data reported pursuant to Rule 613(c)(3) and (c)(4); 
describe the basis for selecting such maximum error rate; explain how 
the plan sponsors will seek to reduce the maximum error rate over time; 
describe how the plan will seek to ensure compliance with such maximum 
error rate and, in the event of noncompliance, will promptly remedy the 
causes thereof.'' \646\ Rule 613(e)(6)(ii) states that the NMS plan 
shall ``[r]equire the central repository to measure the error rate each 
business day and promptly take appropriate remedial action, at a 
minimum, if the error rate exceeds the maximum error rate specified in 
the plan.'' Rule 613(e)(6)(iii) and (iv) provide that the NMS plan 
shall ``[s]pecify a process for identifying and correcting errors in 
the data reported to the central repository pursuant to [Rule 613(c)(3) 
and (c)(4)], including the process for notifying the national 
securities exchanges, national securities associations, and members who 
reported erroneous data to the central repository about such errors, to 
help ensure that such errors are promptly corrected by the reporting 
entity, and for disciplining those who repeatedly report erroneous 
data; and * * * [s]pecify the time by which data that has been 
corrected will be made available to regulators.'' \647\
---------------------------------------------------------------------------

    \645\ See Aditat Letter, p. 2; FIF Letter, p. 4; FINRA Letter, 
p. 11; Nasdaq Letter I, p. 8.
    \646\ See Rule 613(e)(6)(i). The term ``error rate'' is defined 
in Rule 613(j)(6) to mean ``[t]he percentage of reportable events 
collected by the central repository in which the data reported does 
not fully and accurately reflect the order event that occurred in 
the market.'' The SROs should consider calculating an aggregate 
error rate as well as error rates for subcategories such as trade 
reporting and quote reporting.
    \647\ See Rule 613(e)(6)(iii) through (iv).
---------------------------------------------------------------------------

    As noted above, the Commission believes the availability of 
accurate consolidated data is a critical component of a useful and 
effective audit trail. Ideally, there would be no errors in the 
recording or reporting of any audit trail data element, and every data 
element of every reportable event would be accurately recorded by the 
SROs and their members, and then accurately reported to the central 
repository under Rule 613, resulting in a consolidated audit trail that 
reflects all actions relating to every order in the market for 
securities. However, because the Commission understands that, to some 
extent, errors in reporting audit trail data to the central repository 
will occur, the Commission believes it is appropriate to adopt a 
provision in Rule 613 that requires the NMS plan to set forth the 
maximum error rate to be tolerated by the central repository in the 
reporting of audit trail data, as well as to specify a process for 
identifying and correcting such errors.\648\
---------------------------------------------------------------------------

    \648\ See Rule 613(e)(6).
---------------------------------------------------------------------------

    The Commission notes that the Rule leaves to the plan sponsors the 
ability to determine the acceptable maximum error rate, although the 
Rule does require that the NMS plan must explain the basis for 
selecting such rate. The Rule also requires the NMS plan submitted to 
the Commission for its consideration to set forth how the plan sponsors 
will seek to reduce such maximum error rate over time, thereby 
increasing the accuracy of audit trail data. Further, the Rule requires 
the NMS plan to have in place a means to ensure compliance with the 
maximum error rate so that SROs and their members are incentivized to 
comply with the maximum error rate, and to set forth a plan for 
promptly remedying the causes for any noncompliance.
    Since the Rule leaves many of the specific details regarding error 
rates and error-correction processes for the plan sponsors to 
determine, and because the accuracy and completeness of data ultimately 
received by regulators is of such significance to the effective use of 
a consolidated audit trail, the Commission, as well as the public, 
would likely consider such details very important in their overall 
evaluation of the submitted plan. Furthermore, given that the approval 
of any plan by the Commission would, in part, be based on expectations 
of maximum error rates, the Commission believes it is equally important 
for objective measures to be reported that track how well the plan is 
meeting such expectations. Thus, to ensure the accuracy of the audit 
trail data generally meets these expectations, Rule 613(e)(6)(ii) also 
requires that the error rate identified in the NMS plan be measured 
each business day and that remedial action be taken if, on any given 
day, the error rate exceeds the maximum error rate set forth in the NMS 
plan.\649\
---------------------------------------------------------------------------

    \649\ The Commission recognizes that in any complex system there 
is always a risk of occasional unexpected errors, or errors caused 
by rare and unexpected events. However, the Commission believes 
that, by tracking error rates on a daily basis, the SROs, and the 
Commission would be able to observe any repeated patterns or longer-
term trends that suggest more systematic problems or concerns with 
data collection, reporting, or consolidation processes.
---------------------------------------------------------------------------

    The Commission also believes it is appropriate to require the SROs 
to formulate a process for identifying and dealing with errors, and to 
require that the SROs or the members reporting erroneous data be 
notified that an error

[[Page 45780]]

in reporting has occurred.\650\ In addition, the Commission believes it 
is appropriate to require the SROs to develop a process to help ensure 
that errors are promptly corrected by the reporting SRO or member. The 
Commission understands that requirements similar to these are currently 
implemented by FINRA as part of their OATS process, though cross-firm 
errors, such as those leading to irreconcilable or unmatched routes, 
are not generally corrected under the OATS process.\651\ The Commission 
further believes that disciplining SROs and members that repeatedly 
report erroneous audit trail data, as required by Rule 613(e)(6)(iii), 
is appropriate given the need to maintain an accurate consolidated 
audit trail for regulatory purposes. Finally, given that the NMS plan 
submitted to the Commission for its consideration is required to 
specify a process for correcting errors, the Commission also believes 
it is appropriate to require, pursuant to Rule 613(e)(6)(iv), that the 
NMS plan submitted to the Commission for its consideration specify the 
time by which data that has been corrected will be made available to 
regulators. In reviewing the NMS plan submitted for its consideration, 
the Commission will therefore be able to consider the time that 
uncorrected but consolidated data (which was reported to the central 
repository by 8:00 a.m. Eastern Time on the trading day following the 
day such information was recorded) would be available for use by 
regulators, the expected error rate of this data, and the time at which 
a corrected version of this data would be made available to regulators. 
These three parameters will help inform regulators as to the potential 
effectiveness of starting different types of surveillance and 
monitoring activities at different times.\652\
---------------------------------------------------------------------------

    \650\ See Rule 613(e)(6)(iii) through (iv).
    \651\ See Commission Staff Memorandum, supra note 64.
    \652\ See Rule 613(a)(1)(ii).
---------------------------------------------------------------------------

    The Commission acknowledges there would be costs to the central 
repository associated with developing policies and procedures related 
to the timeliness, accuracy, integrity, and completeness of data, 
including, but not limited to, processes for identifying and correcting 
errors in the audit trail data received, and measuring the error rate 
on a daily basis. However, the size of these costs depends 
significantly on the specific details of the NMS plan submitted to the 
Commission for its consideration. Once the SROs submit the NMS plan to 
the Commission for its consideration specifying the details, 
parameters, and estimated costs of such processes, as well as the 
maximum error rate expected under such processes, the Commission and 
the public will be able to consider this information when determining 
whether to approve the NMS plan.
d. Access to the Central Repository and Consolidated Audit Trail Data 
for Regulatory and Oversight Purposes
    As proposed, each national securities exchange and national 
securities association, as well as the Commission, would have had 
access to the central repository for the purposes of performing its 
respective regulatory and oversight responsibilities pursuant to the 
federal securities laws, rules, and regulations.\653\ This access would 
have included all systems of the central repository, and the data 
reported to and consolidated by the central repository.\654\ In 
addition, the Commission proposed to require that the NMS plan include 
a provision requiring the creation and maintenance by the central 
repository of a method of access to the consolidated data.\655\ This 
method of access would have been required to be designed to include 
search and reporting functions to optimize the use of the consolidated 
data. The Commission requested comment on whether it should allow the 
consolidated audit trail data to be made available to third parties, 
such as for academic research.
---------------------------------------------------------------------------

    \653\ See proposed Rule 613(e)(2).
    \654\ Id.
    \655\ See proposed Rule 613(e)(3).
---------------------------------------------------------------------------

    One commenter supported limiting access to the consolidated audit 
trail data to the Commission and SROs for regulatory purposes, but 
suggested it would also be appropriate to share the data with the 
CFTC.\656\ Other commenters supported the idea of providing 
``anonymized'' data for academic use, as long as appropriate controls 
were established to assure regulators and market participants that 
confidential trading information could not be revealed.\657\ 
Specifically, one commenter endorsed the use of the data ``with 
appropriate safeguards'' by academic researchers, explaining that it 
will ``promote understanding of the markets,'' and ``lead to better 
policy decisions and thus more fair and orderly markets.'' \658\ 
Similarly, another commenter also supported the use of the data by 
certain third parties and stated that ``[a]ccess to real-world data can 
help research immensely.'' \659\
---------------------------------------------------------------------------

    \656\ See Liquidnet Letter, p. 8-9. See also SIFMA Letter, p. 
19.
    \657\ See Angel Letter, p. 3; Albany Letter, p.1-4; and TIAA-
CREF Letter, p.4.
    \658\ See Angel Letter, p. 3.
    \659\ See Albany Letter, p. 1-3. This commenter acknowledged the 
privacy concerns involved in making the data available for academic 
research, but stated that researchers have faced similar challenges 
before and researchers are capable of developing a way to access and 
share information without the risk of divulging trading strategies 
or identities. The commenter also stated that data released after a 
delay would limit the data's usefulness.
---------------------------------------------------------------------------

    The Commission also received a comment that argued for extending 
access to the consolidated audit trail data to certain individuals who 
have a fiduciary responsibility to shareholders of a company. This 
commenter explained that such access would allow them to audit all 
trading activity in the equity or other derivative securities of that 
company.\660\
---------------------------------------------------------------------------

    \660\ See Van Bokkelen Letter, p. 1.
---------------------------------------------------------------------------

    The Commission recognizes there may be certain benefits to the 
types of expanded access to data in the central repository that has 
been suggested by various commenters, but, for the reasons discussed 
below, it is adopting the provisions in Rule 613 regarding access by 
regulatory authorities at the SROs and the Commission to the systems 
operated by the central repository, and to the data received, 
consolidated, and retained by the central repository, substantively as 
proposed in Rule 613(e)(3), but with one clarification regarding the 
requirement for access by regulators.\661\ Specifically, Rule 
613(e)(3), as adopted, provides that ``[t]he national market system 
plan submitted pursuant to this section shall include a provision 
requiring the creation and maintenance by the plan processor of a 
method of access to the consolidated data stored in the central 
repository that includes the ability to run searches and generate 
reports.'' As proposed, Rule 613(e)(3) would have provided that the 
central repository must have a ``reporting function.'' The Commission 
believes that this language is ambiguous and may have implied that the 
central repository was required to do more than respond to search 
queries. Accordingly, the Commission is replacing the requirement in 
proposed Rule 613(e)(3) that the central repository provide ``search 
and reporting functions'' with the requirement that there be ``the 
ability to run searches and generate reports.'' The change in language 
from that contained in the Rule, as proposed, is not intended to

[[Page 45781]]

change the substance of the requirement.
---------------------------------------------------------------------------

    \661\ See Rule 613(e)(3). See also Rule 613(a)(1)(ii) (requiring 
the NMS plan to detail how readily the NMS plan will allow data in 
the central repository to be accessed by regulators, as well as the 
regulators' manner of access); see also Section III.C.2.a.i., infra.
---------------------------------------------------------------------------

    In response to the commenter who suggested sharing data with the 
CFTC, the Commission notes that it has shared information with the CFTC 
in the past and that it intends to continue sharing information when 
the situation so warrants. The Commission notes that, among other 
arrangements, it currently has information-sharing agreements with 
other regulators. The Commission also agrees with commenters that there 
may be benefits to allowing academics or other third parties to have 
access to data collected by the central repository. Academic and other 
third-party analyses are helpful to the Commission in performing its 
own evaluation of the economic costs and benefits of regulatory policy. 
The Commission also notes that one commenter believes that the ability 
of companies to detect manipulative trading activity in their 
securities could be enhanced if certain individuals, who have a 
fiduciary responsibility to shareholders, were given access to limited 
consolidated audit trail data. However, because the creation and 
implementation of the consolidated audit trail is in the formative 
stage, and in light of commenters' concerns about the privacy and 
security of the information, the Commission believes it is premature to 
require that the NMS plan require the provision of data to third 
parties.
    Though the Commission is not specifying a particular process, or 
any details, regarding the mechanism(s) by which regulators will access 
data in the central repository, the Rule requires the SROs to provide 
such details and cost estimates in its NMS plan submitted to the 
Commission for its consideration.\662\ Further, as discussed below in 
Section III.C.2.c., the Commission is providing the SROs with detailed 
regulator use cases for how regulators would likely make use of the 
data in the central repository. These regulator use cases are designed 
to help the SROs respond with sufficient details in the NMS plan 
submitted to the Commission for its consideration so that, along with 
associated cost estimates also required to be provided by the SROs, the 
Commission and the public will be able to fully consider the NMS plan 
submitted.
---------------------------------------------------------------------------

    \662\ See Sections III.C.2.a.i through ii., infra; Rule 
613(a)(1)(ii) through (vii).
---------------------------------------------------------------------------

e. Confidentiality of Consolidated Data
    Rule 613(e)(4)(i), as proposed, would have required that the NMS 
plan include policies and procedures, including standards, to be used 
by the plan processor to ensure the security and confidentiality of all 
information reported to, and maintained by, the central repository. The 
plan sponsors and employees of the plan sponsors and central repository 
would have been required to agree to use appropriate safeguards to 
ensure the confidentiality of such data, and not to use such data other 
than for surveillance and regulatory purposes.\663\ As proposed, Rule 
613 also would have required the NMS plan to include mechanisms to 
ensure compliance by the plan sponsors and their members with the 
requirements of the plan.\664\
---------------------------------------------------------------------------

    \663\ See proposed Rule 613(e)(4)(i). However, a plan sponsor 
also would be permitted to use the data it submits to the central 
repository for commercial or other purposes as otherwise permitted 
by applicable law, rule or regulation. Id.
    \664\ See proposed Rule 613(h)(3), Rule 613(g)(4).
---------------------------------------------------------------------------

    In the Proposing Release, the Commission solicited comments 
regarding what steps should be taken to ensure appropriate safeguards 
with respect to the submission of customer information, as well as the 
receipt, consolidation, and maintenance of such information in the 
central repository. The Commission requested comment on the issue of 
appropriate safeguards to be put in place by the SROs and the central 
repository to help ensure confidentiality. The Commission also asked 
whether the proposed Rule should: (1) Require that SROs put in place 
specific information barriers or other protections to help ensure that 
data is used only for regulatory purposes; (2) provide for an audit 
trail of the SROs' personnel access to, and use of, information in the 
central repository to help monitor for compliance with appropriate 
usage of the data; and (3) include a requirement that the NMS plan 
include policies and procedures to be used by the plan processor to 
ensure the security and confidentiality of information reported to, and 
maintained by, the central repository be expanded to include the 
content of any searches or queries performed by the SROs or the 
Commission on the data.\665\
---------------------------------------------------------------------------

    \665\ See Proposing Release, supra note 4, at 32582.
---------------------------------------------------------------------------

    Several commenters expressed concern about how to best ensure the 
confidentiality of the data collected.\666\ One commenter generally 
argued that safeguards for the audit trail data had not been 
sufficiently addressed in the Proposing Release.\667\ Another commenter 
recommended that the operator of the central repository and the SROs be 
required to implement security policies, processes, and practices 
consistent with industry best practices for the protection of sensitive 
information and that such policies, processes, and practices be audited 
on an annual basis by a third-party expert.\668\ Similarly, one 
commenter suggested that vendors also should implement best practices 
with regard to security, reliability, and integrity of data.\669\ 
Another commenter stated that SROs should be subject to the same 
privacy and data protection standards as those to which broker-dealers 
are subject, and that SRO members should not be held responsible, and 
be indemnified by the SROs, for any breaches of customer or firm 
information.\670\
---------------------------------------------------------------------------

    \666\ See Scottrade Letter, p. 2 (expressing concern that 
trading strategies and confidential customer information could be at 
risk from cyber-attacks or accidental data breaches); ICI Letter, p. 
2-4; Ross Letter, p. 1; Liquidnet Letter, p. 4. See also Ameritrade 
Letter, p. 3; Thomson Reuters Letter, p. 4; BATS Letter, p. 3; 
Managed Funds Association Letter, p. 2-3.
    \667\ See Ameritrade Letter, p. 3-4.
    \668\ See Liquidnet Letter p. 4.
    \669\ See Thomson Reuters Letter, p. 4.
    \670\ See TIAA-CREF Letter, p. 4.
---------------------------------------------------------------------------

    One commenter offered several specific recommendations for 
enhancing the security of audit trail information.\671\ This commenter 
suggested that the Commission should expressly state who would have 
access to the data, when they could access it, and how they could use 
it, and further recommended that all data sent to the central 
repository be encrypted, and that certain fields be ``masked'' or be 
subject to delayed end-of-day reporting.\672\ In addition, this 
commenter suggested that the Commission and each SRO should adopt a 
robust information security program, and that the Commission should 
explain how it intends to treat requests for audit trail data.\673\
---------------------------------------------------------------------------

    \671\ See ICI Letter, p. 2-4.
    \672\ Id. at 3.
    \673\ Id.
---------------------------------------------------------------------------

    Another commenter suggested that the Rule more explicitly enunciate 
permissible and impermissible uses of the consolidated audit trail and 
suggested including a requirement regarding the SROs' personnel access 
to and use of audit trail data, as well as a commitment by the 
Commission to review each SRO with respect to the adequacy of 
information barriers.\674\ Similarly, a commenter suggested that access 
to audit trail data be limited to employees of regulators whose 
function is to monitor and surveil that market.\675\ This commenter 
supported the restriction that consolidated audit trail

[[Page 45782]]

data only be used for regulatory purposes.\676\
---------------------------------------------------------------------------

    \674\ See BATS Letter, p. 3.
    \675\ See Managed Funds Association Letter, p. 2-3.
    \676\ Id.
---------------------------------------------------------------------------

    One commenter asked how and at what level customer data would be 
encrypted.\677\ This commenter listed specific aspects of data 
encryption that would need to be addressed, and noted that potential 
burdens could be associated with encryption.\678\ Finally, one 
commenter recommended that the Commission express its intention to 
withhold audit trail data from the public pursuant to Freedom of 
Information Act (``FOIA'') \679\ exemptions.\680\
---------------------------------------------------------------------------

    \677\ See Ross Letter, p. 1.
    \678\ Id.
    \679\ 5 U.S.C. 552.
    \680\ See ICI Letter, p. 4.
---------------------------------------------------------------------------

    The Commission considered the concerns expressed by commenters 
about the sensitivity of much of the information that will be 
consolidated by the central repository, and believes that maintaining 
the confidentiality of customer and other information reported to the 
central repository is essential. Without adequate protections, market 
participants would risk the exposure of highly-confidential information 
about their trading strategies and positions.
    The Commission notes that it currently has controls and systems for 
its own use and handling of audit trail information. Nevertheless, 
given the sensitivity of certain information that will be produced by 
the consolidated audit trail--as well as the fact that such information 
should be more readily available and provided in a more usable format 
than existing audit trail information--the Commission intends to review 
the controls and systems that it currently has in place for the use and 
handling of audit trail information. The Commission further intends to 
evaluate whether any additional controls and systems may be required to 
adequately protect the sensitive information provided to it under the 
consolidated audit trail.\681\
---------------------------------------------------------------------------

    \681\ For example, appropriate confidentiality protections will 
need to be programmed in any Commission systems that collect, store, 
or access data collected from the central repository. In addition, 
it may be appropriate to establish multiple access levels for 
Commission staff so that staff members are allowed only as much 
access as is reasonably necessary in connection with their duties.
---------------------------------------------------------------------------

    In addition, adopted Rule 613(e)(4)(i) requires that the NMS plan 
include policies and procedures that are designed to ensure 
implementation of the privacy protections that are necessary to assure 
regulators and market participants that the NMS plan provides for 
rigorous protection of confidential information reported to the central 
repository. Specifically, adopted Rule 613(e)(4)(i)(A) requires that 
``[a]ll plan sponsors and their employees, as well as all employees of 
the central repository, agree to use appropriate safeguards to ensure 
the confidentiality of such data and agree not to use such data for any 
purpose other than surveillance and regulatory purposes, provided that 
nothing in [Rule 613(e)(4)(i)(A)] shall be construed to prevent a plan 
sponsor from using the data that it submits to the central repository 
for regulatory, surveillance, commercial, or other purposes as 
otherwise permitted by applicable law, rule, or regulation.'' Further, 
in response to a comment,\682\ adopted Rule 613(e)(4)(i)(B) adds the 
requirement to the Rule, as proposed, that the plan sponsors adopt and 
enforce rules that: (1) Require information barriers between regulatory 
staff and non-regulatory staff with regard to access and use of data in 
the central repository, and (2) permit only persons designated by plan 
sponsors to have access to the data in the central repository.\683\ In 
addition, the Commission is modifying the Rule, as proposed, to require 
that the plan processor must: (1) develop and maintain a comprehensive 
information security program, with dedicated staff, that is subject to 
regular reviews by the central repository's CCO, (2) require the 
central repository to have a mechanism to confirm the identity of all 
persons permitted to access the data, and (3) maintain a record of all 
instances where such persons access the data.\684\
---------------------------------------------------------------------------

    \682\ See ICI Letter, p. 3
    \683\ Rule 613(e)(4)(i)(B); see ICI Letter, p. 3 (recommending 
that ``the confidential nature of the information supports limiting 
access to the CAT data to regulators and repository staff'').
    \684\ See Rule 613(e)(4)(i)(C). The Commission expects that the 
central repository's CCO would be responsible for determining the 
frequency of these regular reviews in the first instance, in 
accordance with industry standards for the review of information 
security, taking into account the sensitivity of the data stored in 
the central repository. See Rule 613(b)(5) for a description of the 
CCO.
---------------------------------------------------------------------------

    The Commission believes these provisions should create a framework 
for the SROs to establish a thorough and exacting process for helping 
ensure the continued effectiveness of the confidentiality safeguards. 
Further, the Commission believes these additional provisions are 
appropriate because they clarify the types of confidentiality 
safeguards that the NMS plan submitted to the Commission for its 
consideration must have to preserve the confidentiality of the 
information that is received, consolidated, and retained by the central 
repository. The provision requiring information barriers is designed 
to, for example, protect and prevent audit trail data, which are to be 
used only for regulatory purposes, from being communicated to any 
personnel at an SRO that are engaged in non-regulatory or business 
activities. Additionally, the Rule's requirement that policies and 
procedures submitted as part of the NMS plan provide that: (i) Only 
persons designated by the plan sponsors have access to the central 
repository data, (ii) the plan processor have a mechanism to confirm 
the identity of all persons permitted access to the data, and (iii) the 
plan processor maintain a record of all instances where such persons 
access the data. These provisions are designed to assure regulators and 
market participants that only designated persons are allowed access to 
the consolidated audit trail data, and that the central repository will 
have a method to track such access. With respect to the commenter that 
suggested the Commission more explicitly enunciate permissible and 
impermissible uses of the consolidated audit trail,\685\ the Commission 
notes that any security and confidentiality provisions included in the 
NMS plan approved by the Commission will be subject to the Commission's 
inspection and examination program of SROs to ensure that they are 
implemented fairly in a manner consistent with the Exchange Act.\686\
---------------------------------------------------------------------------

    \685\ See BATS Letter, p. 3. See also Managed Funds Association 
Letter, p. 2-3.
    \686\ The Commission notes that, as part of its inspection and 
examination program, its staff has the authority to examine the 
application of any security and confidentiality provisions in the 
NMS plan to determine whether they have been applied fairly. In this 
manner, the Commission will be able to monitor how the plan sponsors 
have applied any such provisions set out in the NMS plan approved by 
the Commission, and whether their uses of the consolidated audit 
trail were consistent with the plan and the Exchange Act.
---------------------------------------------------------------------------

    The Commission believes that an outline or overview description of 
the policies and procedures that would be implemented under the NMS 
plan submitted to the Commission for its consideration would be 
sufficient to satisfy the requirement of the Rule. The Commission 
believes it is important for the NMS plan submitted to the Commission 
to establish the fundamental framework of these policies and 
procedures, but recognizes the utility of allowing the plan sponsors 
flexibility to subsequently delineate them in greater detail with the 
ability to make modifications as needed.
    The Commission considered the comment that asked when and at what 
level customer information would be encrypted.\687\ The Commission 
notes

[[Page 45783]]

that, while Rule 613 does not require that this information be 
encrypted, the Rule contains several safeguards, discussed in this 
section, to ensure the privacy and confidentiality of the audit trail 
data. Based on these provisions,\688\ the Commission believes that plan 
sponsors would need to make sure customer information is protected, 
which could be accomplished by data encryption, if they so choose. 
Additionally, the Commission notes that the unique customer identifier 
is only reported once to the central repository--by the broker-dealer 
that is either originating the order or is the original recipient of 
the order. Because the unique customer identifier does not travel with 
the order as it is routed to other market participants, only the 
originating broker-dealer should be able to determine the identity of 
the customer of the order. The Commission considered the comment that 
recommended that the Commission express its intention to withhold audit 
trail data from the public pursuant to FOIA.\689\ The adopted Rule 
places no affirmative obligations on the Commission to provide 
information to any third parties. Further, the Commission believes 
there are bases under FOIA to withhold customer information, including 
5 U.S.C. 552(b)(4) (trade secrets, commercial or financial 
information), 5 U.S.C. 552(b)(6) (personal information affecting an 
individual's privacy), and 5 U.S.C. 552(b)(8) (records related to 
examinations of financial institutions). The Commission intends to 
assert all appropriate exemptions in response to a FOIA request for 
information related to the consolidated audit trail's customer 
information.
---------------------------------------------------------------------------

    \687\ See Ross Letter, p. 1.
    \688\ Specifically, adopted Rule 613(e)(4) requires the NMS plan 
to include policies and procedures, including standards, to be used 
by the plan processor to ensure the security and confidentiality of 
all information submitted to the central repository. In addition, 
one of the considerations the NMS plan must address is how the 
security and confidentiality of all information, including customer 
information, submitted to the central repository, will be ensured. 
See Rule 613(a)(1)(iv).
    \689\ See ICI Letter, p. 4.
---------------------------------------------------------------------------

    The Rule, as adopted, also states that the NMS plan must require 
the SROs to adopt penalties for non-compliance with any policies and 
procedures of the plan sponsors or central repository, described above, 
with respect to information security.\690\ The Commission believes this 
provision is appropriate because it provides an incentive to SROs to 
comply with the central repository's information security program. The 
Commission encourages SROs to include in their comprehensive 
information security program developed and maintained by the plan 
processor provisions for notifying any customer or other market 
participant whose information may have been compromised by a security 
breach, so that appropriate remedial steps may be taken.
---------------------------------------------------------------------------

    \690\ See Rule 613(e)(4)(i)(D).
---------------------------------------------------------------------------

    Additionally, given the importance of the security of data 
consolidated in the central repository, and in response to the 
commenter who recommended an annual third-party audit of the security 
of the central repository,\691\ the Commission has added Rule 613(e)(5) 
to require the NMS plan submitted to the Commission for its 
consideration to address whether there will be an annual, independent 
evaluation of the security of the central repository and (1) if so, 
provide a description of the scope of such planned evaluation, and (2) 
if not, provide a detailed explanation of the alternative measures for 
evaluating the security of the central repository that are planned 
instead. As with most information technology systems, the central 
repository's system will include measures to assure regulators and 
market participants of the security of the system. An independent 
evaluation of the security of the central repository could aid the 
central repository in identifying and correcting potential areas of 
weakness or risk. While the Commission is leaving it to the plan 
sponsors to determine whether the NMS plan will require an annual 
audit, given the confidential nature of information that will be stored 
at the central repository, the Commission believes that the NMS plan 
submitted to the Commission for its consideration must, at a minimum, 
address whether such an audit is appropriate.
---------------------------------------------------------------------------

    \691\ See Liquidnet Letter, p. 4.
---------------------------------------------------------------------------

    The Commission also notes that, as discussed below,\692\ it is 
adding a specific provision that requires the NMS plan submitted to the 
Commission for its consideration to discuss the security and 
confidentiality of the information reported to the central 
repository.\693\ With this information, the Commission, as well as the 
public, will be able review in detail how the NMS plan proposes to 
ensure the security and confidentiality of such information in deciding 
whether to approve the NMS plan.
---------------------------------------------------------------------------

    \692\ See Section III.C.2.a.i., infra.
    \693\ See Rule 613(a)(1)(iv).
---------------------------------------------------------------------------

    The Commission believes that, collectively, these provisions are 
appropriate because of the confidential and commercially valuable 
information that the central repository will contain. The Commission 
believes that the purpose and efficacy of the consolidated audit trail 
would be compromised if the Commission, the SROs and their members 
could not rely on the confidentiality and security of the information 
stored in the central repository. The Commission acknowledges there 
would be costs associated with a comprehensive information security 
program, including, but not limited to, compensating a CCO and a 
dedicated staff, and establishing policies and procedures, as well as 
for an annual, independent evaluation of the central repository's 
security (if such an evaluation is required by the NMS plan submitted 
to the Commission for its consideration) or alternative measures (if 
such an evaluation is not). Once the SROs have submitted the NMS plan 
to the Commission that, as required, contains details about the 
security and confidentiality of the audit trail data, the Commission 
and the public will be able to consider this information when 
evaluating the NMS plan.
3. Other Required Provisions of the NMS Plan
a. Compliance With the NMS Plan
1. Exchanges and Associations
    As proposed, Rule 613(h) would have provided that each plan sponsor 
shall comply with the provisions of an NMS plan submitted pursuant to 
the proposed Rule and approved by the Commission.\694\ In addition, the 
proposed Rule would have provided that any failure by a plan sponsor to 
comply with the provisions of the NMS plan could be considered a 
violation of the proposed Rule.\695\ The proposed Rule also would have 
required that the NMS plan include a mechanism to ensure compliance by 
the sponsors with the requirements of the plan.\696\
---------------------------------------------------------------------------

    \694\ See proposed Rule 613(h)(1).
    \695\ See proposed Rule 613(h)(2).
    \696\ See proposed Rule 613(h)(3).
---------------------------------------------------------------------------

    One commenter expressed concern that there would be competitive 
implications if the NMS plan were to include provisions that would 
permit SROs to assess penalties against one another for non-
compliance.\697\ This commenter recommended, instead, that the NMS plan 
include a ``fee recoupment'' provision so the plan administrator could 
recoup costs incurred as a result of an error by a particular SRO.\698\ 
The commenter maintained that a ``fee recoupment'' provision, coupled 
with the risk of Commission disciplinary action for a ``pattern or 
practice'' of non-

[[Page 45784]]

compliance, would be a sufficient penalty.\699\
---------------------------------------------------------------------------

    \697\ See Nasdaq Letter I, p. 13.
    \698\ Id.
    \699\ Id.
---------------------------------------------------------------------------

    After considering the comment received on the issue of compliance 
with the NMS plan by exchanges and associations,\700\ the Commission is 
adopting Rule 613(h) substantially as proposed, with a modification to 
Rule 613(h)(3) to specify that a mechanism to ensure compliance by the 
sponsors of the NMS plan with the requirements of the plan ``may 
include penalties where appropriate'' and a technical modification to 
proposed Rule 613(h)(1) and (2).\701\ The Commission believes that 
specifying that the mechanism to ensure compliance by the sponsors of 
the NMS plan may include a penalty provision where appropriate provides 
the plan sponsors with an appropriate tool--including potential 
disciplinary action--to help ensure compliance by SROs with the terms 
and provisions of the NMS plan.\702\ The Commission notes that a 
penalty provision could provide an incentive for each SRO to comply 
with all the provisions of the NMS plan because each SRO will seek to 
avoid incurring any penalty under the Rule. The incentive to avoid a 
penalty could also reduce the risk of non-compliance with the Rule. The 
Commission notes, however, that the adopted Rule does not mandate that 
the NMS plan's enforcement mechanism include penalties, as there might 
be other mechanisms to enforce or encourage compliance with the Rule, 
and the Commission believes that the SROs, in the first instance, 
should design such mechanisms in their role as plan sponsors. However, 
the Commission expects that if the SROs design compliance mechanisms 
that do not incorporate penalties, they would explain in the NMS plan 
how such mechanisms are expected to help ensure compliance by SROs with 
the terms and provisions of the NMS plan.\703\
---------------------------------------------------------------------------

    \700\ Id.
    \701\ This technical modification simplifies the language of 
Rule 613(h)(1) and (2) from the proposal. Adopted Rule 613(h)(1) and 
(2) deletes the language ``submitted pursuant to this section'' and 
``of which it is a sponsor.'' Adopted Rule 613(h)(1) and (2), like 
the proposed Rule, requires each SRO to comply with the provisions 
of the NMS plan ``approved by the Commission.'' Because each SRO 
will be a member of the NMS plan approved by the Commission, it is 
not necessary to include the phrases not adopted.
    \702\ Any such provision would be subject to notice and comment 
pursuant to Rule 608 of Regulation NMS.
    \703\ The Commission notes that any failure by a national 
securities exchange or national securities association to comply 
with the provisions of the NMS plan approved by the Commission will 
be considered a violation of Rule 613, and that the Commission could 
take appropriate steps to address such a violation, including 
imposing penalties as appropriate. See Rule 613(h)(2).
---------------------------------------------------------------------------

    With respect to the comment concerning the potential competitive 
implications of allowing the plan sponsors to impose penalties against 
each other for non-compliance, the Commission notes that it will 
carefully review the NMS plan submitted for its consideration, 
including any proposed mechanisms to help ensure compliance with the 
NMS plan and the adopted Rule, to help ensure that penalty provisions, 
if any, are designed to be applied fairly and in a manner consistent 
with the Exchange Act.\704\ As the central repository will be a 
facility \705\ of the SROs, the rules governing it must be consistent 
with the Exchange Act. In addition, any future amendment to the penalty 
provisions applicable to the SROs would either be reviewed as an 
amendment to the NMS plan (effected through public notice and comment 
and taking into account the relevant considerations contemplated by 
Rule 613(a)(1)) or, because the central repository is a facility of the 
SROs, as a proposed rule change of the central repository under Section 
19 of the Exchange Act.
---------------------------------------------------------------------------

    \704\ See Section III.B.2.a., supra.
    \705\ See supra note 581 (describing the nature of a 
``facility'').
---------------------------------------------------------------------------

    The Commission notes that the Commission's examination authority 
under Section 17 of the Exchange Act \706\ extends to the central 
repository because it is a facility of the SROs and, thus, the 
Commission will have the opportunity to inspect the central repository 
and its books and records for compliance with any penalty provisions 
set out in the NMS plan. Additionally, the Commission has the authority 
to review any actions taken under the NMS plan, pursuant to Rule 
608(d)(1) of Regulation NMS,\707\ for burdens on competition, among 
other matters.\708\
---------------------------------------------------------------------------

    \706\ 15 U.S.C. 78q.
    \707\ 17 CFR 242.608(d)(1).
    \708\ Id.
---------------------------------------------------------------------------

    In response to the comment suggesting a ``fee recoupment'' 
provision in the NMS plan, the Commission notes that Rule 613(b)(4), as 
adopted, provides that ``[t]he national market system plan submitted 
pursuant to this section shall include a provision addressing the 
manner in which the costs of operating the central repository will be 
allocated among the national securities exchanges and national 
securities associations that are sponsors of the plan, including a 
provision addressing the manner in which costs will be allocated to new 
sponsors to the plan.'' In this regard, to the extent a ``fee 
recoupment'' is a method for recouping costs incurred by the central 
repository as a result of an error in reporting to the consolidated 
audit trail, as stated by a commenter,\709\ the Commission notes that, 
pursuant to Rule 613(b)(4), the plan sponsors may, if they deem it 
appropriate, include a fee recoupment provision in the NMS plan 
submitted to the Commission for its consideration.\710\
---------------------------------------------------------------------------

    \709\ See Nasdaq Letter I, p. 13.
    \710\ Any such provision would be subject to notice and comment 
pursuant to Rule 608 of Regulation NMS.
---------------------------------------------------------------------------

2. Members
    Proposed Rule 613(g) would have included provisions to subject 
members of each SRO to the requirements of Rule 613. Specifically, as 
proposed, the Rule would have required each SRO to file with the 
Commission, pursuant to Section 19(b)(2) of the Exchange Act \711\ and 
Rule 19b-4 thereunder,\712\ a proposed rule change to require its 
members to comply with the requirements of the proposed Rule and the 
NMS plan.\713\ Further, the proposed Rule directly would have required 
each member to (1) collect and submit to the central repository the 
information required by the Rule, and (2) comply with the clock 
synchronization requirements of the proposed Rule.\714\ The proposed 
Rule also would have required that the NMS plan include a provision 
that each SRO, by subscribing to and submitting the plan to the 
Commission, agrees to enforce compliance by its members with the 
provisions of the plan.\715\ Finally, the proposed Rule would have 
required the NMS plan to include a mechanism to ensure compliance with 
the requirements of the plan by the members of each SRO that is a 
sponsor of the NMS plan submitted pursuant to this Rule and approved by 
the Commission.\716\
---------------------------------------------------------------------------

    \711\ 15 U.S.C. 78s(b)(2).
    \712\ 17 CFR 240.19b-4.
    \713\ See proposed Rule 613(g)(1). This provision in the 
proposed Rule echoes the requirement contained in Rule 608 that 
``each self-regulatory organization also shall, absent reasonable 
justification or excuse, enforce compliance with any such plan by 
its members and persons associated with its members.'' 17 CFR 
242.608(c).
    \714\ See proposed Rule 613(g)(2).
    \715\ See proposed Rule 613(g)(3).
    \716\ See proposed Rule 613(g)(4).
---------------------------------------------------------------------------

    One commenter expressed the view that ``enforcement of [the 
consolidated audit trail] . . . should be accomplished through a 
policies and procedures rule framework--similar to that of Regulation 
NMS. To enforce the rule from a strict liability perspective would 
simply be the wrong approach and would result in thousands of technical

[[Page 45785]]

(non-material) violations, which is clearly not the intent of the 
rule.'' \717\
---------------------------------------------------------------------------

    \717\ See Knight Letter, p. 3.
---------------------------------------------------------------------------

    After considering the comment regarding Rule 613's provisions on 
compliance with the Rule by members of the SROs, the Commission is 
adopting Rule 613(g) substantially as proposed, with technical 
modifications to proposed Rule 613(g). These technical modifications 
simplify the language of Rule 613(g). Adopted Rule 613(g) does not 
include the phrase that applied the requirements therein to each member 
of an SRO ``that is a sponsor of the national market system plan 
submitted pursuant to this section and approved by the Commission.'' 
Because each SRO will be a member of the NMS plan approved by the 
Commission, it is not necessary to include the deleted language.
    In addition, the Commission modified Rule 613(g)(2) as proposed to 
provide that, ``[e]ach member of a national securities exchange or 
national securities association shall comply with all the provisions of 
any approved national market system plan applicable to members.'' This 
change requires members to comply with all applicable provisions of the 
NMS plan as approved by the Commission instead of with the specific 
provisions contained in the Rule relating to recording and reporting 
data and clock synchronization since the requirements contained in the 
NMS plan may differ or be more specific than the requirements stated in 
the Rule.
    To be in compliance with the NMS plan, members must record and 
report all data elements required by the NMS plan within the time 
specified in the plan. To this end, the plan sponsors must develop a 
way to ensure that each member that takes action with respect to an 
order (e.g., originates, receives, routes, modifies, cancels or 
executes an order) records and reports all required elements associated 
with a reportable event, as the plan sponsors must also develop a 
mechanism to address any lapses in compliance with the NMS plan with a 
goal of ensuring the central repository is receiving a complete record 
of the life of an order.
    The Commission does not agree with the commenter that believed that 
enforcement of the consolidated audit trail will necessarily ``result 
in thousands of technical (non-material) violations, which is clearly 
not the intent of the rule.'' \718\ The Commission notes that the 
adopted Rule does not address the means of achieving compliance with 
the requirements of the consolidated audit trail. Rather, adopted Rule 
613(g) simply provides that the SROs must submit proposed rule changes 
to require their members to comply with the requirements of an NMS plan 
approved by the Commission.
---------------------------------------------------------------------------

    \718\ See Knight Letter, p. 3.
---------------------------------------------------------------------------

    The Commission acknowledges there would be costs to the SROs for 
filing with the Commission proposed rule changes to require their 
members to comply with Rule 613 and the NMS plan approved pursuant 
thereto. The Commission, however, believes that the Rule should include 
these rule filing requirements for the reasons discussed above.
b. Operation and Administration of the NMS Plan
    Proposed Rule 613(b) sets forth requirements concerning the 
operation and administration of the NMS plan. As proposed, Rule 
613(b)(1) would have required that the NMS plan include a governance 
structure to ensure fair representation of the plan sponsors and 
provisions governing the administration of the central repository, 
including the selection of a plan processor. Rule 613(b)(2), as 
proposed, also would have required the plan sponsors to include in the 
NMS plan a provision addressing the requirements for the admission of 
new sponsors to the plan and the withdrawal of sponsors from the plan. 
In addition, proposed Rule 613(b)(3) would have required the NMS plan 
to include a provision addressing the percentage of votes required by 
the plan sponsors to effectuate amendments to the plan, and proposed 
Rule 613(b)(4) would have required that the plan sponsors develop a 
process for allocating among themselves the costs associated with 
creating and maintaining the central repository, including a provision 
addressing the manner in which such costs would be allocated to 
sponsors who join the plan after it has been approved.
    Finally, proposed Rule 613(b)(5) would have required the NMS plan 
to require the appointment of a CCO to regularly review the operation 
of the central repository to assure its continued effectiveness in 
light of market and technological developments, and make any 
appropriate recommendations to the plan sponsors for enhancement to the 
nature of the information collected and the manner in which it is 
processed. In the Proposing Release, the Commission stated that it 
expected the CCO would establish the procedures necessary to ensure 
that the operations of the central repository keep pace with technical 
developments and to make any necessary upgrades or changes to the 
central repository to maintain its efficacy.\719\
---------------------------------------------------------------------------

    \719\ See Proposing Release, supra note 4, at 32585.
---------------------------------------------------------------------------

    The Commission received comments addressing the proposed 
requirements for operation and administration of the NMS plan.\720\ One 
commenter suggested that the NMS plan should contain a voting mechanism 
that requires less than unanimity, and with an effective tie breaking 
mechanism.\721\ This commenter also recommended that the governance 
structure ``limit the ability of individual SROs to make modifications 
on a unilateral basis that could escalate costs by forcing the operator 
and firms to absorb costs that do not advance the interests of 
investors.'' \722\
---------------------------------------------------------------------------

    \720\ See Nasdaq Letter I, p. 3, 13; Direct Edge Letter, p. 5; 
FIF Letter, p. 1, 8; FINRA Letter, p. 15; SIFMA February 2012 
Letter, p. 1.
    \721\ See Nasdaq Letter I, p. 3, 13.
    \722\ Id. at p. 3.
---------------------------------------------------------------------------

    Two commenters expressed views on the selection and role of the 
plan processor.\723\ One suggested that the SROs should select the 
processor through a ``request for proposal.'' \724\ Another commenter 
generally believed that the allocation of plan processor costs 
warranted more consideration.\725\ This commenter expressed concern 
with regard to the SROs owning the plan processor, noting in particular 
that unanimous consent would be required for all board actions.\726\ 
This commenter stated that the plan processor alone should handle 
rulemaking and compliance, subject to oversight by an ``industry 
group.'' \727\ Another commenter stated that, ``[r]egarding the 
governance of the national market system plan [contemplated] by the 
proposal, we wish to reiterate that the SEC should provide the broker-
dealer industry with an official `seat at the table' alongside the 
SROs, so that [the broker-dealers] can review and comment on system 
requirements as they are being developed and vote on plan amendments 
going forward.'' \728\
---------------------------------------------------------------------------

    \723\ See FIF Letter, p. 1; Direct Edge Letter, p. 5.
    \724\ See FIF Letter, p. 8.
    \725\ See Direct Edge Letter, p. 4-5.
    \726\ Id. at p. 5.
    \727\ Id.
    \728\ See SIFMA February 2012 Letter, p. 1.
---------------------------------------------------------------------------

    After considering these comments, for the reasons discussed below, 
the Commission is adopting Rule 613(b) as proposed, but with the 
addition of two new requirements. Specifically, in addition to the 
provisions included in the proposed rule,\729\ Rule 613(b), as

[[Page 45786]]

adopted, provides that the national market system plan submitted shall 
include: ``a provision requiring the plan sponsors to provide to the 
Commission, at least every two years after effectiveness of the 
national market system plan, a written assessment of the operation of 
the consolidated audit trail * * *, [and] an Advisory Committee * * * 
includ[ing] representatives of the member firms of the plan 
sponsors.''\730\
---------------------------------------------------------------------------

    \729\ Proposed Rule 613(b) required that the NMS plan include 
``a governance structure to ensure fair representation of the plan 
sponsors, and administration of the central repository, including 
the selection of the plan processor, * * * [a] provision addressing 
the requirements for the admission of new sponsors of the plan and 
the withdrawal of existing sponsors from the plan, * * * [a] 
provision addressing the percentage of votes required by the plan 
sponsors to effectuate amendments to the plan, * * * [a] provision 
addressing the manner in which the costs of operating the central 
repository will be allocated among the national securities exchanges 
and national securities associations that are sponsors of the plan, 
including a provision addressing the manner in which costs will be 
allocated to new sponsors to the plan* * * [and the] appointment of 
a Chief Compliance Officer to regularly review the operation of the 
central repository to assure its continued effectiveness in light of 
market and technological developments, and make any appropriate 
recommendations for enhancements to the nature of the information 
collected and the manner in which it is processed.''
    \730\ See Rule 613(b)(6); Rule 613(b)(7).
---------------------------------------------------------------------------

    The requirement that the NMS plan require the appointment of a CCO 
to regularly review the operation of the central repository and make 
any appropriate recommendations for enhancements \731\ is one method to 
facilitate the consolidated audit trail's ability to evolve over time 
in terms of technology, functionality, and accuracy. Adopted Rule 
613(b)(6) supplements this requirement by now requiring that the NMS 
plan ``include a provision requiring the plan sponsors to provide to 
the Commission, at least every two years after effectiveness of the 
national market system plan, a written assessment of the operation of 
the consolidated audit trail. Such document shall include, at a 
minimum: (i) [a]n evaluation of the performance of the consolidated 
audit trail including, at a minimum, with respect to data accuracy 
(consistent with [Rule 613(e)(6)]), timeliness of reporting, 
comprehensiveness of data elements, efficiency of regulatory access, 
system speed, system downtime, system security (consistent with [Rule 
613 (e)(4)]), and other performance metrics to be determined by the 
Chief Compliance Officer, along with a description of such metrics; 
(ii) [a] detailed plan, based on such evaluation, for any potential 
improvements to the performance of the consolidated audit trail with 
respect to any of the following: improving data accuracy; shortening 
reporting timeframes; expanding data elements; adding granularity and 
details regarding the scope and nature of Customer-IDs; expanding the 
scope of the NMS plan to include new instruments, and new types of 
trading and order activities; improving the efficiency of regulatory 
access; increasing system speed; reducing system downtime; and 
improving performance under other metrics to be determined by the Chief 
Compliance Officer; (iii) [a]n estimate of the costs associated with 
any such potential improvements to the performance of the consolidated 
audit trail, including an assessment of the potential impact on 
competition, efficiency, and capital formation; and (iv) [a]n estimated 
implementation timeline for any such potential improvements, if 
applicable.'' \732\ The Commission believes these provisions will help 
plan sponsors understand and evaluate any deficiencies in the operation 
of the consolidated audit trail and to propose potential enhancements 
to the NMS plan, as appropriate, taking cost effectiveness into 
consideration. These provisions also will allow the Commission to 
assess any such potential improvements, accounting for the 
considerations contemplated by Rule 613(a)(1), the specific 
requirements of the approved NMS plan, and any changes or additions to 
these requirements that the Advisory Committee, the SROs, or the 
Commission may wish to consider in the future. The Commission believes 
that such enhancements, if any, to the consolidated audit trail could 
improve the ability of the SROs and the Commission to conduct effective 
market oversight by keeping up with continually-changing technologies 
and markets, by, for example, allowing the SROs and the Commission to 
conduct their market oversight more quickly, accurately, and/or 
comprehensively, as well as possibly at lower costs. Similarly, the 
Commission believes that adding granularity and details regarding the 
scope and nature of Customer-IDs, adding new instruments, or including 
new trading or order activities could allow regulators to have a more 
complete picture of the markets and market participants, which could 
also lead to more effective market oversight. The Commission believes 
that performing this assessment no later than every two years is 
reasonable given the rapid speed at which the markets and related 
technologies are evolving. The Commission also believes that the 
written assessment, required by Rule 613(b)(6), will help inform the 
Commission about the likely feasibility, costs, and impact of, and the 
plan sponsors' approach to, the consolidated audit trail evolving over 
time. The Commission would expect to make the document publicly 
available on its Web site.
---------------------------------------------------------------------------

    \731\ See Rule 613(b)(5).
    \732\ See Rule 613(b)(6). The written assessment could also 
further inform the extent to which it could be appropriate to share 
certain information collected by the consolidated audit trail with 
third parties. See Section III.B.2.d.
---------------------------------------------------------------------------

    In response to the comment requesting that the broker-dealer 
industry receive a ``seat at the table'' regarding governance of the 
NMS plan,\733\ the adopted Rule requires that the NMS plan submitted to 
the Commission for its consideration include a provision requiring the 
creation of an Advisory Committee, composed at least in part by 
representatives of the members of the plan sponsors, ``to advise the 
plan sponsors on the implementation, operation and administration of 
the central repository.'' \734\ Further, the adopted Rule requires that 
the NMS plan submitted to the Commission for its consideration require 
that ``[m]embers of the Advisory Committee shall have the right to 
attend any meetings of the plan sponsors, to receive information 
concerning the operation of the central repository, and to provide 
their views to the plan sponsors.'' \735\ Pursuant to the Rule, the NMS 
plan also shall set forth the term and composition of the Advisory 
Committee, which composition shall include representatives of the 
member firms of the plan sponsor.\736\ The Rule further provides that 
the plan sponsors may meet without the Advisory Committee members in 
executive session if, by affirmative vote of a majority of the plan 
sponsors, the plan sponsors determine that such an executive session is 
required.\737\ The Commission believes that, given the scope of the 
Rule, both in terms of the market participants that may be affected by 
the Rule and the breadth of the audit trail information that will be 
collected, it is important that the plan sponsors solicit input from 
their members because this could help inform the plan sponsors of any 
expected or unexpected operational or technical issues that may arise 
in the implementation of the Rule and/or the operation of the central 
repository, and help assure the Commission and market participants that 
any requirements imposed on SRO members will be

[[Page 45787]]

accomplished in a manner that takes into account the burdens on SRO 
members. The Commission believes that the Advisory Committee could 
provide members of the SROs with a forum for informing the plan 
sponsors of any potential implementation or operational issues faced by 
them in connection with the consolidated audit trail. Plan sponsors 
also will be able to draw on the knowledge and experience of these 
members to help assure the Commission and market participants that any 
requirements imposed on SRO members will be accomplished in a manner 
that takes into account the costs to SRO members. The Commission also 
believes that an Advisory Committee could help foster industry 
consensus on how to approach and resolve possible issues that may be 
disputed, and approaches that may conflict, regarding operation of the 
consolidated audit trail. In this regard, the Commission encourages the 
plan sponsors to, in the NMS plan, provide for an Advisory Committee 
whose composition includes SRO members from a cross-section of the 
industry, including representatives of small-, medium- and large-sized 
broker-dealers.
---------------------------------------------------------------------------

    \733\ See SIFMA February 2012 Letter, p. 1.
    \734\ See Rule 613(b)(7)(i).
    \735\ See Rule 613(b)(7)(ii).
    \736\ See Rule 613(b)(7)(i).
    \737\ See Rule 613(b)(7)(ii).
---------------------------------------------------------------------------

    The Commission believes the requirement for the NMS plan to create 
the Advisory Committee, as well as the requirement in Rule 
613(a)(1)(xi), discussed below, that requires the NMS plan to require a 
discussion of the process by which the plan sponsors solicited the 
views of their members on the creation, implementation, and maintenance 
of the consolidated audit trail, a summary of those views, and how the 
plan sponsors took those views into account when preparing the NMS 
plan, are responsive to commenters' views that more input by industry 
representatives, such as members of the SROs who are subject to the 
requirements of Rule 613, would be advantageous to the creation, 
implementation, and maintenance of the consolidated audit trail.\738\
---------------------------------------------------------------------------

    \738\ See Rule 613(a)(1)(xi); Section III.C.2.a.iii.c., infra, 
for a discussion of the tenth consideration.
---------------------------------------------------------------------------

    In addition, because the members of the Advisory Committee will 
have the right to attend all meetings of the plan sponsors (with the 
exception of executive sessions), to receive information concerning the 
operation of the central repository, and to provide their views to the 
plan sponsors, the governance process of the central repository will be 
more transparent to all market participants that will be affected by 
Rule 613. Further, the Commission believes the inclusion of SRO members 
on the Advisory Committee will increase the efficacy of the central 
repository. These market participants will have first-hand experience 
with the operation of the central repository, as they are required to 
report data to the facility, allowing them to provide informed input on 
any problems currently facing the central repository of which they are 
aware, and on any future actions that the central repository might or 
should take to address such problems. Finally, the Commission believes 
that an Advisory Committee structure that also permits the plan 
sponsors to meet in executive session without members of the Advisory 
Committee appropriately balances the need to provide a mechanism for 
industry input into the operation of the central repository, against 
the regulatory imperative that the operations and decisions regarding 
the consolidated audit trail be made by SROs who have a statutory 
obligation to regulate the securities markets, rather than by members 
of the SROs, who have no corresponding statutory obligation to oversee 
the securities markets.
    The Commission also considered the comment that provided other 
suggestions on the governance of the NMS plan and believes that the 
commenter's concerns regarding a unanimity requirement in the NMS plan 
have merit.\739\ Accordingly, the Commission urges the SROs to take 
into account the need for efficient and fair operation of the NMS plan 
governing the consolidated audit trail, and consider the 
appropriateness of a unanimity requirement and the possibility of a 
governance requirement other than unanimity, or even super-majority 
approval, for all but the most important decisions. The Commission 
believes that an alternate approach may be appropriate to avoid a 
situation where a significant majority of plan sponsors--or even all 
but one plan sponsor--supports an initiative but, due to a unanimous 
voting requirement, action cannot be undertaken.\740\ Therefore, the 
Commission believes the SROs should consider alternative governance 
structures that would ensure that decisions made by the SROs are both 
achieved and implemented efficiently, in the interest of advancing the 
Commission's mission. The Commission notes that the NMS plan submitted 
to the Commission for its consideration will be published for public 
comment, and industry participants will have an opportunity at that 
time to submit comments on the governance structures proposed by the 
plan sponsors. Further, the Commission believes, as discussed above, 
that unanimity need not be the standard for decision-making with regard 
to matters relating to the operation of the consolidated audit trail. 
Thus, the plan sponsors have flexibility under the Rule to determine 
the governance structures that will facilitate the effective and 
efficient oversight of the plan processor.
---------------------------------------------------------------------------

    \739\ See Nasdaq Letter I, p. 3, 13.
    \740\ See, e.g., Options Order Protection and Locked/Crossed 
Market (Securities Exchange Act Release No. 60405 (July 30, 2009), 
74 FR 39362 (August 6, 2009)) (including a unanimous voting 
requirement).
---------------------------------------------------------------------------

    In response to the comments regarding the selection and role of the 
plan processor,\741\ the Commission believes that the SROs, as the plan 
sponsors of the NMS plan governing the operation of the consolidated 
audit trail, should retain the authority to select and oversee the plan 
processor. The Commission believes that the SROs are in the best 
position to understand how the plan processor should operate and to 
address the need for changes when necessary. The SROs also have the 
flexibility under the Rule to consult the Advisory Committee, for 
example, to assist the SROs in their selection process and in their 
determination of whether modifications are necessary to address 
innovations in the industry if they believe that such participation is 
needed.
---------------------------------------------------------------------------

    \741\ See FIF Letter, p. 1; Direct Edge Letter, p. 5.
---------------------------------------------------------------------------

    The Commission acknowledges that, in addition to the many costs and 
burdens associated with the creation, implementation, and maintenance 
of a consolidated audit trail, with regards to the specific 
requirements discussed in this section, there would be costs to the 
SROs for appointing a CCO to the central repository, providing the 
Commission with the written assessment of the operation of the 
consolidated audit trail, and creating an Advisory Committee.\742\ For 
the reasons discussed above, the Commission believes these requirements 
are important to the efficient operation and practical evolution of the 
consolidated audit trail, and are responsive to many commenters' 
concerns about governance structure, cost allocations, and the 
inclusion of SRO members as part of the planning process. The 
Commission is therefore requiring the SROs to include these 
requirements in the NMS plan submitted to the Commission for its 
consideration. After the SROs submit

[[Page 45788]]

the NMS plan, the Commission and the public will have more detailed 
information in evaluating the NMS plan.
---------------------------------------------------------------------------

    \742\ As discussed and for the reasons set forth in Section I., 
supra, in light of the multi-step process for developing and 
approving an NMS plan that will govern the creation, implementation, 
and maintenance of a consolidated audit trail, the Commission is 
deferring a detailed analysis of costs and benefits of this 
requirement of the Rule until after the NMS plan has been submitted.
---------------------------------------------------------------------------

c. Surveillance
    As proposed, Rule 613(f) would have required each SRO subject to 
the Rule to develop and implement a surveillance system, or enhance 
existing surveillance systems, reasonably designed to make use of the 
consolidated audit trail data. The Rule, as proposed, also would have 
required each SRO to implement its new or enhanced surveillance system 
within fourteen months after the effectiveness of the NMS plan.\743\
---------------------------------------------------------------------------

    \743\ See proposed Rule 613(a)(3)(iv).
---------------------------------------------------------------------------

    Commenters generally expressed support for the proposal's 
requirement that SROs implement surveillance systems that make use of 
the consolidated information.\744\ One commenter stated that the 
enhanced surveillance that could be achieved with the audit trail would 
likely attract additional trading volume to the U.S. markets and that 
the consolidated audit trail would benefit the SROs by permitting them 
to conduct surveillance themselves, thus ``reducing their risks and 
their costs.'' \745\ Another commenter noted that the proposed 
consolidated audit trail would be a ``critical first step toward 
consolidated market surveillance,'' and would lower costs for markets 
and their participants through economies of scale.\746\ A third 
commenter opined that a centralized database such as the consolidated 
audit trail is necessary to bring together data from exchanges, ECNs, 
and dark pools to properly regulate trading.\747\ However, one 
commenter maintained that a ``Commission-mandated market regulator'' 
would be costly for the securities industry and create the potential 
for a lack of surveillance innovation.\748\ A commenter recommended 
that the Commission monitor the surveillance systems and provide 
guidance to the SROs in establishing their surveillances.\749\ Finally, 
one commenter suggested that outsourcing surveillance to regulators 
could result in lower costs for markets, and recommended several 
specific security and analytical features for such a surveillance 
system.\750\
---------------------------------------------------------------------------

    \744\ See Nasdaq Letter I, p. 10; Thomson Reuters Letter, p. 4.
    \745\ See Thomson Reuters Letter, p. 4.
    \746\ See FINRA/NYSE Euronext Letter, p. 3-4. See also Nasdaq 
Letter I, p. 8.
    \747\ See IAG Letter, p. 2.
    \748\ See BATS Letter, p. 2-3.
    \749\ See Nasdaq Letter I, p. 10.
    \750\ See iSys Letter, p. 2-3.
---------------------------------------------------------------------------

    After considering the comments, for the reasons discussed below, 
the Commission is adopting Rule 613(f) as proposed. Specifically, the 
Rule requires that each SRO develop and implement a surveillance 
system, or enhance existing surveillance systems, reasonably designed 
to make use of the consolidated information contained in the 
consolidated audit trail.\751\ The Commission believes that it is 
appropriate to require SROs to enhance their surveillance programs to 
make full use of the increased functionalities and the timeliness of 
the consolidated audit trail. Additionally, because trading and 
potentially manipulative activities could take place across multiple 
markets, the Commission supports efforts to coordinate surveillance 
among the SROs, such as through a plan approved pursuant to Rule 17d-2 
under the Exchange Act,\752\ or through regulatory services agreements 
between SROs. In this regard, as commenters have noted, SROs could 
``outsource'' surveillance efforts to another SRO, if there are 
efficiencies to be gained. With respect to the comment regarding the 
benefits to be gained by creating a ``single market regulator,'' the 
Commission believes that mandating such an entity or structure goes 
beyond the scope of the Rule.\753\
---------------------------------------------------------------------------

    \751\ See Rule 613(f).
    \752\ 17 CFR 240.17d-2.
    \753\ The Commission has examined the issue of a single market 
regulator in the past, specifically in the Intermarket Trading 
Concept Release (see Securities Exchange Act Release No. 47849 (May 
14, 2003), 68 FR 27722 (May 20, 2003)); however, a single regulator 
structure is not suggested by the adopted Rule.
---------------------------------------------------------------------------

    The Commission notes that it intends to review its own surveillance 
activities in light of the consolidated audit trail and intends to take 
steps to enhance its surveillance capabilities to take advantage of 
consolidated audit trail data. The Commission anticipates that such 
steps will be informed by--and may in turn help inform--the 
surveillance enhancement measures required to be taken by the SROs 
under adopted Rule 613(f).
    The Commission also is adopting Rule 613(a)(3)(iv) as proposed, 
which requires the NMS plan to require each SRO to implement its new or 
enhanced surveillance system within fourteen months after the 
effectiveness of the NMS plan. Since Rule 613(a)(3)(iii) will require 
the NMS plan to require SROs to begin reporting to the central 
repository within one year after effectiveness of the NMS plan, the 
Commission believes the two additional months provided by this 
timeframe is reasonable and sufficient to allow SROs to update their 
surveillance systems and allow for testing of new surveillances.
    The Commission acknowledges there would be costs to the SROs for 
developing and implementing surveillance systems, or enhancing existing 
surveillance systems, reasonably designed to make use of the 
consolidated audit trail. However, the Commission believes it may be 
possible for SROs to retire some of their existing, and perhaps less-
efficient, audit trail and surveillance systems once the consolidated 
audit trail is operational. As discussed in Section III.C.a.iv. below, 
the adopted Rule requires the SROs to consider and discuss the 
potential for costs savings if other SRO systems, and their associated 
surveillances, were migrated to the consolidated audit trail.\754\ Once 
such information is submitted in the NMS plan submitted to the 
Commission for its consideration, the Commission and the public will be 
able to consider the information in evaluating the NMS plan.
---------------------------------------------------------------------------

    \754\ These cost savings may accrue to any SRO that would no 
longer need to operate a retired system, as well as to any SRO 
members that would no longer be required to report to such systems.
---------------------------------------------------------------------------

C. NMS Plan Process

    As proposed, Rule 613(a)(1) would have required each SRO to jointly 
file on or before 90 days from approval of the Rule an NMS plan to 
govern the creation, implementation, and maintenance of a consolidated 
audit trail and a central repository. Section III.A. above discusses 
the use of an NMS plan to create, implement, and maintain a 
consolidated audit trail. This Section focuses on the process the SROs 
must follow when submitting to the Commission the NMS plan that 
satisfies the requirements discussed in Section III.B. above and the 
process the Commission will undergo when evaluating whether to approve 
the NMS plan.
1. Comments on the NMS Plan Process
    The Commission received several comments regarding how best to 
develop an NMS plan that will govern the creation and implementation of 
a consolidated audit trail, as well as the time needed to do so. 
Several commenters suggested that the Commission undergo a RFP or RFI 
process to create a consolidated audit trail.\755\ Specifically, one 
commenter suggested that the Commission outline a set of goals it 
intends to achieve through creation of a consolidated audit trail and 
allow an industry working group to

[[Page 45789]]

determine the data elements that must be reported and other technical 
requirements.\756\ Another commenter opined that an RFP process would 
facilitate the identification of the costs and benefits of the audit 
trail, as well as the consideration of a wider range of technological 
solutions.\757\ Further, some commenters requested more specific 
information about the audit trail system to determine the best approach 
for implementing the consolidated audit trail.\758\
---------------------------------------------------------------------------

    \755\ See FIF Letter, p. 1, 9; FIF Letter II, p. 1-2; STA 
Letter, p. 2; Direct Edge Letter, p. 2-3, 5. See also Section 
II.C.3.
    \756\ See FIF Letter II, p. 2.
    \757\ Id. at p. 3.
    \758\ See Broadridge Letter, p. 2; FIF Letter, p. 8. See also 
Ross Letter, p. 1 (discussing examples of information security 
details to consider); Nasdaq Letter I, p. 6 (stating that the 
proposed Rule provided ``incomplete technical information on which 
design and features make the most sense'').
---------------------------------------------------------------------------

    Some of these commenters stressed that more time should be allotted 
for the planning and design of the NMS plan due to the comprehensive 
business analysis that would be needed in the initial stages of the 
consolidated audit trail.\759\ Commenters recommended extensive, ``up-
front business analysis,'' \760\ explaining that if conducted ``during 
the CAT plan development process, [they] are confident that issues 
would emerge earlier in the process, leading to more efficient and 
cost-effective solutions.'' \761\ The commenters believed that the 
business analysis would require many discussions involving the 
Commission, the SROs and teams comprising members of the securities 
industry.\762\ The commenters also suggested that the business analysis 
could include an RFI ``to engage potential solution providers early in 
the process,'' \763\ and stated that the time needed to perform the 
analysis to produce a ``detailed blueprint for CAT'' \764\ would be 
closer to six months,\765\ rather than the proposed 90 days.\766\ As a 
basis for their suggestions, one of the commenters provided a breakdown 
of the time and the types of work needed for FINRA's expansion of OATS 
to all NMS securities.\767\ This commenter noted that over one-third of 
the time required for the project was spent on conducting business 
analysis, and that one-third of the time was spent on project 
development.\768\
---------------------------------------------------------------------------

    \759\ See FIF Letter II, p. 2-3; STA Letter, p. 2. See also 
Nasdaq Letter I, p. 6.
    \760\ See FIF Letter II, p. 1, 3; STA Letter, p. 1, 3. See also 
Nasdaq Letter I, p. 6.
    \761\ See FIF Letter II, p. 2; STA Letter, p. 1.
    \762\ See FIF Letter II, p. 1; STA Letter, p. 1-2.
    \763\ See FIF Letter II, p. 2; STA Letter, p. 2.
    \764\ See FIF Letter II, p. 1-2; STA Letter, p. 2.
    \765\ See FIF Letter II, p. 2; STA Letter, p. 2-3.
    \766\ See proposed Rule 613(a)(1).
    \767\ See FIF Letter II, p. 3. The commenter also provided the 
cost to the industry for the expansion of OATS to all NMS stocks--
$48 million. The Commission notes that this is the cost for the 
project as a whole, not solely for the planning phase, and therefore 
is not entirely attributable to the cost of the creation and filing 
of the NMS plan required by Rule 613.
    \768\ The time remaining was spent on ``testing and other 
activities.'' See FIF Letter II, p. 3.
---------------------------------------------------------------------------

    In addition, some commenters noted that a consolidated audit trail 
could be implemented in a number of ways, and thus recommended that the 
Commission replace the specific system requirements of the proposed 
Rule with more general ``end-user'' requirements, perform an analysis 
of how existing audit trail systems do and do not meet the needs of 
regulators, and perhaps even engage in a formal RFP process.\769\
---------------------------------------------------------------------------

    \769\ See Nasdaq Letter I, p. 12; FIF Letter II, p. 2-3; STA 
Letter, p. 1-3; Direct Edge Letter, p. 2-3, 5.
---------------------------------------------------------------------------

2. Adopted Rule
    After considering the comments regarding the NMS plan process, the 
Commission is adopting proposed Rule 613(a)(1) with modifications. 
First, the Rule now requires the SROs to provide much more information 
and analysis to the Commission as part of their NMS plan submission. 
These requirements have been incorporated into the adopted Rule as 
``considerations'' that the SROs must address, and generally mandate 
that the NMS plan discuss: (1) The specific features and details of the 
NMS plan (e.g., how data will be transmitted to the central repository, 
and when linked data will be available to regulators); (2) the SROs' 
analysis of NMS plan costs and impact on efficiency, competition, and 
capital formation; (3) the process followed by the SROs in developing 
the NMS plan (e.g., solicitation of input from members of the SROs); 
and (4) the information about the implementation and milestones of the 
consolidated audit trail. Second, the Commission is furnishing further 
details about how it envisions regulators would use, access, and 
analyze consolidated audit trail data through a number of ``use 
cases.'' Third, the Commission is extending the amount of time allowed 
for the SROs to submit the NMS plan from 90 days from the date of 
approval of Rule 613 to 270 days from the date of publication of the 
Adopting Release in the Federal Register. A discussion of these 
modifications and the ``use cases'' follows.
a. NMS Plan Considerations
    As noted above,\770\ the Commission believes that the collective 
effect of the modifications and additions described above will be to 
significantly expand the solution set that could be considered by the 
SROs for creating, implementing, and maintaining the consolidated audit 
trail and provide the SROs with increased flexibility in how they 
choose to meet the requirements of the adopted Rule. Further, given 
these changes to the Rule discussed above and the wide array of 
commenter's views on how to best implement a consolidated audit 
trail,\771\ the Commission expects that the SROs will seriously 
consider various options as they develop the NMS plan to be submitted 
to the Commission for its consideration. The costs and benefits of the 
consolidated audit trail are highly dependent on the specific solutions 
proposed by SROs.
---------------------------------------------------------------------------

    \770\ See Section I., supra.
    \771\ See, e.g., FINRA Letter, p. 14 (advocating that SROs build 
off existing audit trails to develop a consolidated audit trail) and 
Nasdaq Letter I, p. 11-12 (arguing against building off existing 
audit trail systems and supporting the development of new system to 
establish a consolidated audit trail). See also Section II.C.4., 
supra.
---------------------------------------------------------------------------

    Accordingly, as part of the multi-step process for developing and 
approving an NMS plan that will govern the creation, implementation, 
and maintenance of a consolidated audit trail, the Commission is 
deferring its economic analysis of the actual creation, implementation, 
and maintenance of a consolidated audit trail itself (in contrast to 
the costs of the actions the SROs are required to take upon approval of 
the adopted Rule \772\) until such time as it may approve the NMS plan 
submitted to the Commission for its consideration. In light of the 
expanded set of solutions that should be available as a result of the 
changes described above and to facilitate a more robust economic 
analysis, the adopted Rule now requires the SROs to provide much more 
information and analysis to the Commission as part of their NMS plan 
submission. The Commission is therefore requiring the SROs to discuss, 
as part of their NMS plan ``considerations'' that detail how the SROs 
propose to implement the requirements of the plan, cost estimates for 
the proposed solution, and a discussion of the costs and benefits of 
alternate solutions considered but not proposed.
---------------------------------------------------------------------------

    \772\ These actions include the requirement that the SROs 
develop an NMS plan, utilizing their own resources and undertaking 
their own research that addresses the specific details, cost 
estimates, considerations, and other requirements of the Rule.
---------------------------------------------------------------------------

    This additional information and analysis are intended to ensure 
that the Commission and the SROs have sufficiently detailed information 
to carefully consider all aspects of the NMS plan ultimately submitted 
by the SROs, facilitating an analysis of the extent to which the NMS 
plan would allow regulators to effectively and

[[Page 45790]]

efficiently carry out their responsibilities. The NMS plan submitted by 
the SROs will be published for public comment and reviewed by the 
Commission for consistency with the Exchange Act and the rules 
thereunder. As a result, all interested persons, including market 
participants, regulatory authorities, and the general public, will have 
an opportunity to provide meaningful comments on the details and costs 
of the NMS plan submitted, which the Commission will review and 
consider.
i. Features and Details of the NMS Plan
    The first six considerations the Rule requires the SROs to address 
in the NMS plan relate to the features and details of the NMS plan. 
These six considerations require the NMS plan to specify and explain 
the choices made by the SROs to meet the requirements specified in the 
Rule for the consolidated audit trail. The Commission intends to use 
the discussion of these considerations to evaluate the NMS plan 
submitted for its consideration and how well it meets the objectives 
described in Section II.B.2.

 Rule 613(a)(1)(i)

    Rule 613(a)(1)(i) requires the NMS plan submitted to discuss 
``[t]he method(s) by which data is reported to the central repository, 
including, but not limited to, the sources of such data and the manner 
in which the central repository will receive, extract, transform, load 
and retain such data. * * *'' The Rule also requires the NMS plan to 
discuss the basis for selecting such method(s).
    The Commission believes that requiring that the NMS plan discuss 
the method(s) by which data is reported to the central repository is 
important because the method for reporting data and the source of the 
data are significant to the effectiveness of the consolidated audit 
trail and could affect, and potentially enhance, the reliability and 
the accuracy of the data that is reported to the central 
repository.\773\ Discussing such method(s), as well as the basis for 
selecting such method(s), should help assure the Commission that the 
plan sponsors have considered the various alternatives and selected the 
method(s) that best achieves the objectives of the consolidated audit 
trail in a cost-effective manner.\774\ In addition, Rule 613(a)(1)(i) 
requires that the NMS plan describe how the central repository will 
receive, extract, transform, load, and retain data because the 
Commission believes that this information is integral to a 
comprehensive understanding of the operation of the central repository 
proposed in the NMS plan.
---------------------------------------------------------------------------

    \773\ See Section III.B.2.c., supra.
    \774\ The Commission notes that another related consideration 
that must be discussed by the NMS plan includes the alternative 
approaches to creating the consolidated audit trail that the plan 
sponsors considered. See Rule 613(a)(1)(xii).

---------------------------------------------------------------------------
 Rule 613(a)(1)(ii)

    Rule 613(a)(1)(ii) requires the NMS plan to address ``[t]he time 
and method by which the data in the central repository will be made 
available to regulators, in accordance with [Rule 613(e)(1)] to perform 
surveillance or analyses, or for other purposes as part of their 
regulatory and oversight responsibilities.''
    The time and method by which data will be made available to 
regulators are fundamental to the utility of the consolidated audit 
trail because the purpose of the consolidated audit trail is to assist 
regulators in fulfilling their responsibilities to oversee the 
securities markets and market participants.\775\ The NMS plan submitted 
should discuss these issues in detail, guided, in particular, by the 
issues and questions raised in the ``Regulator Use Cases'' described in 
Section III.C.2.b., below.
---------------------------------------------------------------------------

    \775\ See Section II.A., supra, for additional discussion of the 
timeliness of access to current audit trail data.
---------------------------------------------------------------------------

    The importance of this consideration was discussed in the Proposing 
Release.\776\ The Commission emphasized the necessity of the data being 
in a uniform electronic format so that regulators would be able, among 
other things, to effectively and efficiently detect and investigate 
illegal trading across markets, without having to spend valuable time 
and resources reconciling audit trail formatting differences in the 
data.\777\ In addition, the Proposing Release noted that requiring the 
order and trade data to be collected in one location in a single format 
would allow regulators ready access to the data for use in market 
reconstructions, market analyses, surveillance and investigations,\778\ 
as regulators could then retrieve the information that they need much 
faster than the current process of requesting data from multiple 
parties without having to reconcile disparate audit trail information. 
Also, in the Proposing Release, the Commission noted the importance of 
SRO regulatory staff having direct access to consolidated audit trail 
data.\779\ The Commission continues to believe that it is vital that 
regulators have ready access to the consolidated audit trail data in 
the central repository so that this information can be effectively and 
efficiently used in fulfilling their regulatory responsibilities.
---------------------------------------------------------------------------

    \776\ See Proposing Release, supra note 4, at 32564.
    \777\ Id. at 32564-32565 and 32594. Differences in audit trail 
data requirements between markets can hinder the ability of 
regulators to piece together related illegal trading activity 
occurring across several markets.
    \778\ Id. at 32594.
    \779\ Id. at 32567.

---------------------------------------------------------------------------
 Rule 613(a)(1)(iii)

    Rule 613(a)(1)(iii) requires the NMS plan to address ``[t]he 
reliability and accuracy of the data reported to and maintained by the 
central repository throughout its lifecycle, including transmission and 
receipt from market participants; data extraction, transformation and 
loading at the central repository; data maintenance and management at 
the central repository; and data access by regulators.''
    The Commission believes the reliability and accuracy of the data is 
a critical aspect of the consolidated audit trail, because the 
usefulness of the data to regulators would be significantly impaired if 
it is unreliable or inaccurate. If the reliability and accuracy of 
reported data is not maintained by the central repository during the 
period it is required to be retained and throughout the various uses to 
which it may be put by regulators, then its value to regulators will be 
substantially diminished.
    Accordingly, the NMS plan submitted should discuss in detail, among 
other things, how the consolidated audit trail envisioned by the 
sponsors would be designed, tested, and monitored to ensure the 
reliability and accuracy of the data collected and maintained by the 
central repository (e.g., during transmission from the SRO or member to 
receipt by the central repository,\780\ data extraction, transformation 
and loading at the central repository,\781\ data maintenance and 
management at the central repository,\782\ and data access by 
regulators \783\).
---------------------------------------------------------------------------

    \780\ ``Transmission from the SRO or member to receipt by the 
central repository'' refers to the process through which SROs and 
their members report data to the central repository.
    \781\ ``Data extraction, transformation and loading at the 
central repository'' is the process during which the central 
repository accepts data reported by the SROs and their members, 
converts it into a uniform electronic format, if necessary, and 
receives it into the central repository's internal systems.
    \782\ ``Data maintenance and management at the central 
repository'' refers to the process for storing data at the central 
repository, indexing the data for linkages, searches, and retrieval, 
dividing the data into logical partitions when necessary to optimize 
access and retrieval, and the creation and storage of data backups.
    \783\ As noted in Section III.B.1.d.iv., supra, for example, 
regardless of whether the NMS plan elects to use a series of order 
identifiers or a unique order identifier, it will be very important 
to demonstrate how the approach selected in the NMS plan will ensure 
that information about all events pertaining to an order will be 
reliably and accurately linked together in a manner that allows 
regulators efficient access to complete order information.

---------------------------------------------------------------------------

[[Page 45791]]

    The Commission notes that, when proposing Rule 613, it highlighted 
the importance of this consideration by emphasizing that the 
reliability and accuracy of the data are critical to the integrity and 
effectiveness of the consolidated audit trail.\784\ Indeed, Rule 
613(e)(4)(ii), like the proposed Rule, specifically requires the plan 
sponsors to establish policies and procedures for the plan processor to 
ensure the timeliness, accuracy, and completeness of the audit trail 
data reported to the central repository.
---------------------------------------------------------------------------

    \784\ See Proposing Release, supra note 4, at 32582, 32596.

---------------------------------------------------------------------------
 Rule 613(a)(1)(iv)

    Rule 613(a)(1)(iv) requires the NMS plan to discuss ``[t]he 
security and confidentiality of the information reported to the central 
repository.''
    The Commission is including this consideration because it believes 
that keeping the data secure and confidential is crucial to the 
efficacy of the consolidated audit trail and the confidence of market 
participants. Exposure of highly-confidential information about the 
trading strategies and positions of market participants through a 
security breach, for example, could impact the confidence of the public 
in the central repository and in trading on the U.S. markets. The 
Commission understood the importance of security and confidentiality 
provisions when it proposed Rule 613(e)(4) to require the NMS plan to 
include policies and procedures, including standards, to be used by the 
plan processor to ensure the security and confidentiality of all 
information reported to, and maintained by, the central 
repository.\785\ Numerous commenters also noted the importance of 
maintaining the security and the confidentiality of the data collected 
pursuant to the proposed Rule.\786\

    \785\ In addition, proposed Rule 613(e)(4)(i) required plan 
sponsors, and employees of the plan sponsors and central repository 
to agree to use appropriate safeguards to ensure the confidentiality 
of such data, and not to use such data other than for surveillance 
and regulatory purposes.
    \786\ See Scottrade Letter, p. 2; ICI Letter, p. 2-4; Liquidnet 
Letter, p. 4; Ameritrade Letter, p. 3; Thomson Reuters Letter, p. 4; 
BATS Letter, p. 3; Managed Funds Association Letter, p. 2-3; Ross 
Letter, p. 1. The Commission notes that it is adopting Rule 
613(e)(4) with modifications--the Commission has added provisions to 
the Rule to help ensure the confidentiality of the data submitted to 
and retained by the central repository. See Section III.B.2.e., 
supra.
---------------------------------------------------------------------------

 Rule 613(a)(1)(v)

    Rule 613(a)(1)(v) requires the NMS plan to address ``[t]he 
flexibility and scalability of the systems used by the central 
repository to collect, consolidate and store consolidated audit trail 
data, including the capacity of the consolidated audit trail to 
efficiently incorporate, in a cost-effective manner, improvements in 
technology, additional capacity, additional order data, information 
about additional securities or transactions, changes in regulatory 
requirements, and other developments.''
    The Commission believes that the flexibility and scalability of the 
systems used by the central repository are important to the 
effectiveness of the consolidated audit trail, and, accordingly, the 
Commission believes the NMS plan under Rule 613 should address 
potential ``built-in'' obsolescence that may arise as a result of the 
SROs' choice of systems or technology. For this reason, the NMS plan 
should address how, taking into consideration the costs and benefits, 
including the potential impact on competition, efficiency, and capital 
formation, the consolidated audit trail systems might be designed to 
accommodate: (1) Potential growth in the trading volume or message 
traffic relating to NMS securities; (2) possible expansion to include 
other non-NMS securities; \787\ (3) additional data fields that the 
SROs or the Commission might determine to require in the future (such 
as new order characteristics); and (4) potential technological 
developments that might allow the consolidated audit trail to be 
operated in a more timely, reliable, and cost-effective manner.
---------------------------------------------------------------------------

    \787\ Rule 613(i) requires the NMS plan to include a provision 
requiring each SRO to jointly provide to the Commission a document 
outlining how the consolidated audit trail could be expanded to 
products other than NMS securities. See also Section III.B.1.a., 
supra. The consideration of flexibility and scalability of the 
systems requires the SROs to address whether the system proposed in 
the SRO's NMS plan submission can accommodate the expansion, while 
the document required by Rule 613(i) will discuss more broadly how 
the SROs could incorporate into the consolidated audit trail 
information with respect to equity securities that are not NMS 
securities, debt securities, primary market transactions in equity 
securities that are not NMS securities, and primary market 
transactions in debt securities, including details for each order 
and reportable event that may be required to be provided, which 
market participants may be required to provide the data, an 
implementation timeline, and a cost estimate.
---------------------------------------------------------------------------

    As noted in the Commission's Concept Release on equity market 
structure,\788\ the market for trading securities has changed 
dramatically in recent years and, as technology advances, trading 
systems and trading strategies also change. The Commission believes 
that it is important for the consolidated audit trail to keep pace with 
market developments. It must be designed in a way that allows it to do 
so efficiently and in a cost-effective manner to assure regulators of 
its continued usefulness. Thus, the Commission has identified the 
flexibility and scalability of the systems used by the central 
repository to collect, consolidate, and store audit trail data as a 
consideration that must be discussed in the NMS plan submitted to the 
Commission for its consideration. To sufficiently address this 
consideration, the Commission expects the NMS plan to describe in 
detail how the consolidated audit trail envisioned by the sponsors 
would be designed to accommodate additional message traffic for orders 
in NMS securities, how readily capacity could be expanded, and the 
existence of any capacity limits. The Commission also would expect the 
NMS plan to discuss in detail the extent to which the proposed 
consolidated audit trail could accommodate potential additional data 
elements, order characteristics, and other types of securities such as 
non-NMS securities, debt securities, primary market transactions in 
equity securities that are non-NMS securities, and primary market 
transactions in debt securities, how quickly this could be done, and 
whether any limits exist on the ability of the proposed system to 
accommodate these types of changes. Additionally, the Commission would 
expect the NMS plan to further discuss whether and how the consolidated 
audit trail could be upgraded to keep pace with improvements in 
technology, such as improvements to the speed of systems processing.
---------------------------------------------------------------------------

    \788\ See Concept Release on Equity Market Structure, supra note 
87.
---------------------------------------------------------------------------

    The Commission believes these descriptions are important because, 
otherwise, what initially appears to be an effective and cost-effective 
NMS plan could become significantly less so over time as markets evolve 
and if, for example, order volumes increase, new order types are 
developed, and additional data elements or other types of securities, 
such as non-NMS securities, debt securities, primary market 
transactions in equity securities that are non-NMS securities, and 
primary market transactions in debt securities, are potentially 
incorporated into the consolidated audit trail.
    The Commission notes that issues relating to the potential 
flexibility and scalability of the consolidated audit trail were raised 
in the Proposing Release. For example, the Commission stated that, 
while the proposal was limited to NMS securities, the Commission 
ultimately intended the consolidated

[[Page 45792]]

audit trail to cover secondary market transactions in other securities 
and information on primary market transactions.\789\ In fact, as 
discussed above, the Commission specifically proposed that the NMS plan 
contain provisions relating to the possible expansion of the 
consolidated audit trail to products other than NMS securities.\790\ In 
addition, in the Proposing Release, the Commission specifically noted 
its concerns with the lack of scalability of the existing EBS system 
and the fact that the volume of transaction data subject to reporting 
under the EBS system can be significantly greater than the system was 
intended to accommodate in a typical request for data.\791\
---------------------------------------------------------------------------

    \789\ See Proposing Release, supra note 4, at 32568-32569.
    \790\ Id. at 32569-70.
    \791\ Id. at 32567.

---------------------------------------------------------------------------
 Rule 613(a)(1)(vi)

    Rule 613(a)(1)(vi) requires the NMS plan to address ``[t]he 
feasibility, benefits, and costs of broker-dealers reporting to the 
consolidated audit trail in a timely manner: (A) [t]he identity of all 
market participants (including broker-dealers and customers) that are 
allocated NMS securities, directly or indirectly, in a primary market 
transaction; (B) [t]he number of such securities each such market 
participant is allocated; and (C) [t]he identity of the broker-dealer 
making each such allocation.''
    In the Proposing Release, the Commission stated that ``it would be 
beneficial to provide for the possible expansion of the consolidated 
audit trail to include information on primary market transactions in 
NMS stocks'' and required in proposed Rule 613 that the plan sponsors 
address such expansion in a document provided to the Commission within 
two months after effectiveness of the NMS plan.\792\ The Commission 
continues to believe, for the reasons set forth below, that a potential 
expansion of the consolidated audit trail to cover primary market 
transactions would be beneficial. Specifically, the Commission believes 
that the SROs should address--at the time of the submission of the NMS 
plan to the Commission, rather than as part of a later expansion plan--
the feasibility, benefits, and costs of recording and reporting 
information about allocations of NMS securities in primary market 
transactions as part of the consolidated audit trail.
---------------------------------------------------------------------------

    \792\ See Proposing Release, supra note 4, at 32569 and 32610. 
The Commission noted in the Proposing Release that a ``primary 
market transaction is any transaction other than a secondary market 
transaction and refers to any transaction where a person purchases 
securities in an offering.'' Proposing Release at n. 167.
---------------------------------------------------------------------------

    As with the data sources discussed in Section II.A, the sources of 
information currently available to the Commission regarding allocations 
of NMS securities in primary market transactions are each limited in 
their ability to provide accurate, complete, accessible, and timely 
information.\793\ For example, while the Commission and FINRA can 
request information about allocations from the books and records of 
broker-dealers, such requests are unduly cumbersome for both regulators 
and market participants, potentially involving multiple time-consuming 
individual requests.\794\ Other sources of information about 
allocations of NMS securities in primary market transactions--including 
public sources \795\--are also limited in certain respects.\796\
---------------------------------------------------------------------------

    \793\ See Section II.A. for a discussion of these four 
qualities.
    \794\ See, e.g., Exchange Act Rules 17a-3 and 17a-4 (requiring 
broker-dealers to make and keep ``records of purchases and sales of 
securities'').
    \795\ Regulation S-K requires registrants to provide information 
related to the number of offered securities that are underwritten by 
each syndicate member in an effort to describe the nature of the 
obligation of the syndicate members with respect to the offered 
securities. See 17 CFR 229.508(a). This information comprises 
investor-focused disclosures, rather than information that may be 
needed by regulators for investigative and other purposes, such as 
the information contemplated by Rule 613(a)(1)(vi).
    \796\ For example, FINRA rules require the lead underwriters of 
an IPO to collect and provide issuers--but not the public, FINRA, or 
the Commission--with names of institutional investors who received 
allocations and aggregated information regarding the allocation to 
retail investors. See FINRA Rule 5131(d).
    The Depository Trust Company (``DTC'') also collects information 
on some IPO allocations in its IPO Tracking System at the discretion 
of the lead underwriter. See 61 FR 25253 (May 20, 1996). However, as 
well as being discretionary and therefore only addressing a subset 
of primary market transactions, the IPO Tracking System only 
includes allocations to persons with DTC accounts, which generally 
excludes retail investors.
---------------------------------------------------------------------------

    In light of these limitations, data about the allocations of NMS 
securities in primary market transactions could also improve market 
analysis by the Commission and the SROs, which could in turn help 
better inform rulemaking and other policy decisions. Specifically, such 
data might aid the Commission and the SROs in better understanding the 
role of such allocations in the capital formation process. Combining 
this data with the secondary market data to be collected by the 
consolidated audit trail could allow regulators to calculate investor 
positions and when and how the investors receiving allocations sell 
their securities. Such data could also facilitate a better 
understanding of how securities are allocated in a primary market 
transaction, how allocations differ across broker-dealers and 
investors, and what types of investors are allocated securities. This 
analysis is virtually infeasible on a market-wide basis today because 
the data collection process using current sources of information is so 
cumbersome.
    In addition, if the consolidated audit trail included data 
regarding the allocations of NMS securities in primary market 
transactions, SROs could be better able to monitor for compliance with 
their rules related to such transactions.\797\ The data also could more 
broadly assist SROs in their examinations and investigations related to 
allocations in initial public offerings (``IPOs'') and other primary 
market transactions by providing a richer data set for evaluating 
possible compliance issues. For example, the SROs could use IPO 
allocation information, combined with the secondary market transaction 
information in a consolidated audit trail, to run surveillance on 
whether sales in the IPO auction were marked accurately (i.e., ``long'' 
or ``short'') and in compliance with applicable requirements.\798\ 
Allocation data could also allow SROs to conduct surveillance for ``red 
flags'' they might develop regarding potential suitability issues 
related to customer allocations, as well as potentially improper 
allocations to customers (such as kickbacks).
---------------------------------------------------------------------------

    \797\ See, e.g., FINRA Rules 5130 and 5131. FINRA Rule 5130 
imposes certain restrictions on primary market transactions. FINRA 
Rule 5131 prohibits certain allocation practices such as 
``spinning,'' which refers to an underwriter's allocation of IPO 
shares to directors or executives of investment banking clients in 
exchange for receipt of investment banking business. See Securities 
Exchange Act Release No. 64521 (May 18, 2011), 76 FR 29808 (May 23, 
2011) (Order Approving SR-FINRA-2011-017). Certain ``quid pro quo'' 
practices are also addressed by FINRA Rule 5131.
    \798\ Currently, SROs must request customer account information 
during examinations of broker-dealers to check for compliance with 
order marking rules.
---------------------------------------------------------------------------

    The Commission could also enhance its own examination and 
investigation processes if data regarding the allocations of NMS 
securities in primary market transactions were included in the 
consolidated audit trail. Without access to a single centralized 
database of allocations, Commission staff must rely on more limited 
data sources that generally enable only either broad-based sweeps or 
one-off investigations based on particularized suspicion of wrongdoing. 
Because the relevant data would be readily available for analysis, 
including information about allocations as part of the consolidated 
audit trail could facilitate the Commission's identification of 
particular risks and exam candidates. Other examinations

[[Page 45793]]

undertaken by the Commission staff address whether employees of a 
regulated entity are in compliance with the rules applicable to their 
transactions related to primary market transactions. Having allocation 
information available before such an examination commences could allow 
staff to enhance their pre-examination research, better focus on the 
sources of potential violations, and ultimately foster more effective 
and efficient examinations.
    In investigations related to primary market transactions, the 
Commission staff generally must obtain data from underwriters post-
transaction, which can take considerable time owing to the limitations 
on current sources of data noted above.\799\ Including data about the 
allocations of NMS securities in primary market transactions in the 
consolidated audit trail could enable investigations to proceed more 
efficiently and to more quickly assess whether alleged violations of 
various rules under the Exchange Act, such as Regulation M and Rule 
10b-5, warrant investigation.\800\ In addition, the Commission believes 
that information about allocations could help the SROs and Commission 
investigate allegations of improper allocations, such as allocations 
subject to ``spinning'' \801\ or ``laddering.'' \802\ Currently, these 
types of investigations would require requesting data from 
underwriters, and in some cases, other parties (such as investment 
advisors) involved in the primary market transaction.
---------------------------------------------------------------------------

    \799\ This approach also may unduly burden the lead underwriter 
as the ``gatekeeper'' of such information and prevents the 
Commission and SROs from pursuing investigative techniques that may 
rely on reaching out to individual market participants for 
preliminary information without using the underwriter.
    \800\ See note 242, supra.
    \801\ See note 795, supra.
    \802\ ``Laddering'' is a practice that generally refers to 
inducing investors to give orders to purchase shares in the 
aftermarket at particular prices in exchange for receiving IPO 
allocations. See NYSE/NASD IPO Advisory Committee report and 
Recommendations (May 2003), at 6, available at http://www.finra.org/web/groups/industry/@ip/@reg/@guide/documents/industry/p010373.pdf.
---------------------------------------------------------------------------

    Given these potential benefits, the Commission believes that it is 
important--consistent with its view in the Proposing Release--for the 
SROs to address the feasibility, benefits, and costs of recording and 
reporting information about allocations of NMS securities in primary 
market transactions as part of the consolidated audit trail. However, 
unlike other potential additions to the consolidated audit trail--e.g., 
the inclusion of debt securities--that will be contemplated later in 
expansion plans, allocations of NMS securities in primary market 
transactions are uniquely tied to the central element of the NMS plan--
the reporting of data regarding trading in NMS securities. For example, 
allocations in primary market transactions may have a significant 
impact on trading and other activity in the secondary market, and 
behavior in the primary market may influence behavior in the secondary 
market through initial pricing and other mechanisms. More broadly, IPOs 
and other primary market transactions continue to be a source of 
particular interest for market participants and observers because of, 
among other things, their role in the capital formation process. In 
light of these considerations, the Commission believes it is 
appropriate to require the SROs to address allocations of NMS 
securities in primary market transactions at the time that the NMS plan 
is submitted under adopted Rule 613(a)(1), rather than as part of an 
expansion plan under adopted Rule 613(i).
    At the same time, the Commission recognizes that firms may use 
systems and methods to handle information regarding allocations of NMS 
securities in primary market transactions that differ from those used 
to handle information regarding secondary market transactions in such 
securities. Such differences may affect the extent to which information 
regarding allocations may be readily incorporated into the consolidated 
audit trail described by the NMS plan mandated by Rule 613. For 
example, the unique features of allocations of NMS securities in 
primary market transactions may require different reporting timeframes, 
different information security controls, or additional data elements 
that would not be required for other information being reported to the 
central repository and that are not contemplated by Rule 613. Because 
of these potential differences, the Commission believes it is 
appropriate to require the SROs to address the feasibility, costs, and 
benefits of their members reporting information regarding allocations 
of NMS securities in primary market transactions, rather than require 
the NMS plan to require such reporting at the outset.
    The Commission acknowledges that plan sponsors nevertheless will 
incur costs to address the feasibility, benefits, and costs of 
incorporating information about allocations of NMS securities in 
primary market transactions into the consolidated audit trail. Among 
other things, the plan sponsors will need to undertake an analysis of 
technological and computer system acquisitions and upgrades that would 
be required to include information about such allocations. However, 
given the potential benefits described above of including such 
information in the consolidated audit trail, the Commission believes 
these costs are justified.
ii. Analysis of the NMS Plan
    As noted above, in consideration of the views expressed, 
suggestions for alternatives, and other information provided by those 
commenting on the proposed Rule, the Commission is adopting Rule 613 
with significant modifications to a number of the proposed 
requirements. In certain instances these modifications alter the data 
and collection requirements of the proposed Rule. In other instances, 
the adopted Rule has been altered to be less prescriptive, and hence 
less limiting, in the means the SROs may use to meet certain 
requirements. These modifications significantly expand the solution set 
that could be considered by the SROs for creating, implementing, and 
maintaining a consolidated audit trail and thus provide the SROs with 
increased flexibility in how they choose to meet the requirements of 
the adopted Rule, relative to the solution set that would have been 
available under the requirements of the proposed Rule.
    Because these modifications permit a wider array of solutions to be 
considered by the SROs, including solutions that could capitalize on 
existing systems and standards,\803\ the assumptions underlying the 
Commission's cost estimate in the Proposing Release that new, large-
scale market systems would need to be developed from scratch may no 
longer be valid.\804\ Thus, as part of the multi-step process for 
developing and approving an NMS plan that will govern the creation, 
implementation, and maintenance of a consolidated audit trail, the 
Commission is deferring its economic analysis of the actual creation, 
implementation, and maintenance of a consolidated audit trail itself 
(in contrast to the costs of the actions the SROs are required to take 
upon approval of the adopted Rule) \805\ until such time

[[Page 45794]]

as it may approve any NMS plan submitted to the Commission for its 
consideration--that is, after the NMS plan, together with its detailed 
information, including cost estimates for the creation, implementation, 
and maintenance of the consolidated audit trail, and analysis, has been 
submitted by the SROs to the Commission and there has been an 
opportunity for public comment. The Commission believes that the 
information and analyses will help inform public comment regarding the 
NMS plan and will help inform the Commission as it evaluates whether to 
approve the NMS plan. In this way, the Commission can be better 
informed about the costs for the development, implementation, and 
maintenance of the consolidated audit trail that benefit from cost data 
and information provided by the SROs in conjunction with--and guided 
by--their development of an NMS plan that complies with the 
requirements of the adopted Rule. In addition, as noted above,\806\ the 
Rule includes a mandate that in determining whether to approve the plan 
and whether the plan is in the public interest, the Commission must 
consider the impact of the NMS plan on efficiency, competition, and 
capital formation.

    \803\ See, e.g., FINRA Letter, p. 14; SIFMA Letter, p. 16-18.
    \804\ The methodology in the Proposing Release assumed that the 
scope of the required systems changes would be comparable to those 
made in connection with Regulation NMS. See Proposing Release, supra 
note 4, at 32597 n. 352. See also Section I., supra.
    \805\ These actions include the requirement that the SROs 
develop an NMS plan, utilizing their own resources and undertaking 
their own research that addresses the specific details, cost 
estimates, considerations, and other requirements of the Rule.
    \806\ See Section I., supra.

---------------------------------------------------------------------------
 Rule 613(a)(1)(vii)

    Rule 613(a)(1)(vii) requires the NMS plan to include ``[t]he 
detailed estimated costs for creating, implementing, and maintaining 
the consolidated audit trail as contemplated by the national market 
system plan, which estimated costs should specify: (A) [a]n estimate of 
the costs to the plan sponsors for creating and maintaining the central 
repository; (B) [a]n estimate of the costs to members of the plan 
sponsors, initially and on an ongoing basis, for reporting the data 
required by the national market system plan; (C) [a]n estimate of the 
costs to the plan sponsors, initially and on an ongoing basis, for 
reporting the data required by the national market system plan; and (D) 
[h]ow the plan sponsors propose to fund the creation, implementation, 
and maintenance of the consolidated audit trail, including the proposed 
allocation of such estimated costs among the plan sponsors, and between 
the plan sponsors and members of the plan sponsors.'' \807\
---------------------------------------------------------------------------

    \807\ See Rule 613(a)(1)(vii).
---------------------------------------------------------------------------

    Commenters opined on the costs of funding the consolidated audit 
trail in general.\808\ One commenter stated that the Commission should 
give ``important consideration to alternative means to help fund the 
creation of what is essentially a public utility in [the consolidated 
audit trail],'' suggesting the Commission ``should itself pay user fees 
to help build and run the [consolidated audit trail],'' or that the 
government should underwrite low-cost loans for market participants 
aimed to pay the costs of the consolidated audit trail.\809\ Another 
commenter suggested that the cost of creating and maintaining the 
central repository should be shared among all market participants, 
including broker-dealers, ATSs, and exchanges.\810\ Another commenter 
stated that, if the Commission requires the SROs to fund the creation 
of the consolidated audit trail (i.e., the central repository), SROs 
may be forced to raise transaction fees, which would ``resurrect the 
distortions caused by high transaction fees, potentially increase the 
use of flash orders, if allowed, and discourage trading activity.'' 
\811\
---------------------------------------------------------------------------

    \808\ See Wells Fargo Letter, p. 4; SIFMA Letter, p. 22.
    \809\ See Wells Fargo Letter, p. 4.
    \810\ See Liquidnet Letter, p. 9.
    \811\ See SIFMA Letter, p. 22.
---------------------------------------------------------------------------

    The Commission also received comments regarding the allocation of 
the costs of the consolidated audit trail.\812\ One commenter 
emphasized that the NMS plan must provide for an equitable allocation 
of costs, including the sharing of expansion costs by the parties that 
benefit from any new products added to the consolidated audit 
trail.\813\ One commenter suggested that the Commission should require 
trading venues to allocate system costs for the consolidated audit 
trail ``at least partially based on message traffic * * * .'' \814\ 
Similarly, another commenter, opining that exchanges currently bear a 
disproportionate amount of the costs for market surveillance and noting 
that exchanges would also be forced to shoulder the costs of the 
consolidated audit trail, suggested that other venues, such as ATSs and 
internal broker-dealer platforms, should bear a proportionate share of 
the costs of creating, implementing, and maintaining the consolidated 
audit trail.\815\ This commenter also suggested that the Commission 
fund the audit trail using fees assessed on high frequency traders who 
cancel a ``disproportionately high'' percentage of their orders,\816\ 
arguing that this ``would have the added benefit of deterring a 
practice that, at best, adds little value in the price discovery 
process and, at worst, is potentially manipulative or even 
fraudulent.'' \817\
---------------------------------------------------------------------------

    \812\ See Nasdaq Letter I, p. 13-14; BOX Letter, p. 3; Liquidnet 
Letter, p. 9; Kaufman Letter, attachment p. 3.
    \813\ See Nasdaq Letter I, p. 13-14.
    \814\ See Kaufman Letter, attachment p. 3.
    \815\ See Schumer Letter, p. 1.
    \816\ Id. at p. 1-2.
    \817\ Id. at p. 2.
---------------------------------------------------------------------------

    The Commission believes that the issues surrounding how the 
consolidated audit trail should be funded, and how costs in creating, 
implementing, and maintaining the consolidated audit trail should be 
allocated, are important, and the Rule requires information about those 
issues to be provided by the SROs in the NMS plan submitted to the 
Commission for its consideration. In response to comments and in 
recognition that an initiative of the size and scope of the 
consolidated audit trail necessarily will require substantial 
expenditures by the SROs and their members, the Commission is 
requiring, pursuant to Rule 613(a)(1)(vii), the SROs to include in the 
NMS plan, a discussion of costs and how such costs will be allocated. 
As discussed above, the Commission believes that the SROs will incur 
costs to create and maintain the central repository.\818\ Also, as 
discussed above, SROs and their members may need to make systems 
changes or to purchase new systems to record and report the data 
required by the NMS plan to the central repository.\819\ SROs and their 
members will incur upfront costs, as well as ongoing costs to record 
and report such information. Because, as noted above, these costs can 
only be analyzed once the SROs narrow the array of choices they have 
and develop a detailed NMS plan,\820\ the Commission believes that the 
most robust approach for estimating these costs is for the SROs to 
provide such cost estimates in conjunction with, and guided by, their 
development of the NMS plan. The Commission believes that a fulsome 
discussion in the NMS plan of the estimated costs to SROs and their 
members will aid commenters in providing useful comments that will 
further the Commission's understanding of the cost implications of the 
consolidated audit trail. In addition, a fulsome discussion will aid 
the Commission in its evaluation of whether to approve the NMS plan and 
in conducting its own analysis of the costs and benefits of the NMS 
plan.
---------------------------------------------------------------------------

    \818\ See Section III.B.2., supra.
    \819\ See Section III.B.1., supra.
    \820\ See Section I., supra.
---------------------------------------------------------------------------

    There also would be costs associated with establishing and 
operating the central repository that will be jointly owned by the plan 
sponsors. The Commission believes it is important to understand how the 
plan sponsors plan

[[Page 45795]]

to allocate such costs among themselves to help inform the Commission's 
decision regarding the possible economic or competitive impact of the 
NMS plan amongst the SROs. In addition, although the plan sponsors 
likely would initially incur the costs to establish and fund the 
central repository directly, they may seek to recover some or all of 
these costs from their members. If the plan sponsors seek to recover 
costs from their members, the Commission believes that it is important 
to understand the plan sponsors' plans to allocate costs between 
themselves and their members, to help inform the Commission's decision 
---------------------------------------------------------------------------
regarding the possible economic or competitive impact of the NMS plan.

 Rule 613(a)(1)(viii)

    Rule 613(a)(1)(viii) requires the NMS plan to include ``[a]n 
analysis of the impact on competition, efficiency, and capital 
formation of creating, implementing, and maintaining the national 
market system plan.''
    Rule 608(a)(4)(ii)(C) under Regulation NMS already requires every 
NMS plan submitted to the Commission to be accompanied by an analysis 
of the impact on competition of implementation of the plan.\821\ This 
requirement is designed to help inform the Commission's evaluation of 
whether the NMS plan will impose a burden on competition that is not 
necessary or appropriate in furtherance of the purposes of the Exchange 
Act. The Rule re-states the application of the Rule 608(a)(4)(ii)(C) 
requirement to provide an analysis of the NMS plan's impact on 
competition and imposes a requirement that the NMS plan also include an 
analysis of the impact on efficiency and capital formation.\822\
---------------------------------------------------------------------------

    \821\ See 17 CFR 242.608(a)(4)(ii)(C).
    \822\ See Rule 613(a)(1)(viii).
---------------------------------------------------------------------------

    These requirements are designed to help inform the Commission's 
understanding of whether the NMS plan may promote efficiency and 
capital formation. As an initial matter, the SROs will be providing an 
analysis of the economic consequences of the NMS plan they develop and 
propose. As noted above, because the specific requirements of the NMS 
plan will not be known until the NMS plan is submitted, and the SROs 
will be providing that analysis, the Commission will consider the 
impact of the proposed consolidated audit trail on efficiency, 
competition, and capital formation in deciding whether to approve the 
NMS plan. The Commission, however, will consider such analysis in 
determining whether to approve the NMS plan and whether the plan is in 
the public interest under Rule 608(b)(2). \823\
---------------------------------------------------------------------------

    \823\ See Rule 613(a)(5).
---------------------------------------------------------------------------

iii. Process Followed To Develop the NMS Plan
    The following two considerations require the NMS plan to address 
how the SROs solicited the input of their members and other appropriate 
parties in their design of the NMS plan, and to detail the alternative 
consolidated audit trail designs considered and rejected by the SROs. 
These considerations will inform the Commission's evaluation of the NMS 
plan submitted for its consideration.

 Rule 613(a)(1)(xi)

    Rule 613(a)(1)(xi) requires the NMS plan to discuss ``[t]he process 
by which the plan sponsors solicited views of their members and other 
appropriate parties regarding the creation, implementation, and 
maintenance of the consolidated audit trail, a summary of the views of 
such members and other parties, and how the plan sponsors took such 
views into account in preparing the national market system plan.''
    The Commission believes that the SROs' consideration of the views 
of their members is important because, given the scope of the Rule, it 
will affect many market participants and will require them to report a 
broad range of audit trail information. Ensuring that market 
participants with varied perspectives have a role in developing the NMS 
plan submitted to the Commission for its consideration could help 
inform the plan sponsors of operational or technical issues that may 
arise in the implementation of the NMS plan, and help assure the 
Commission and market participants that the requirements imposed on 
members are done so in an efficient and cost-effective manner.\824\ 
Similarly, the Commission believes it is important that the SROs 
consider the views of other parties--such as back office service 
providers, market operations specialists, and technology and data 
firms--as may be appropriate in light of the Rule's goal of creating, 
implementing, and maintaining a complex system that may entail changes 
to multiple other systems and functionalities involved across the 
lifecycle of an order. Such parties could offer operational and 
technical expertise to the SROs, including, among other things, by 
identifying issues that may arise in the interface between legacy and 
new systems. In addition, the inclusion of such parties in the 
deliberative process could also result in the introduction of 
additional alternative approaches.
---------------------------------------------------------------------------

    \824\ See Section II.C.3., supra, for a summary of comments 
suggesting wider involvement in the development of the consolidated 
audit trail.
---------------------------------------------------------------------------

    The Commission also believes that it is appropriate to require the 
SROs to set out in the NMS plan a summary of the views expressed by 
such members and other parties and how the SROs took those views into 
account in developing the NMS plan. This requirement is designed to 
inform the Commission about the extent to which the SROs considered the 
views of their members and other appropriate parties as they undertook 
the complex task of developing the NMS plan for a consolidated audit 
trail, to facilitate a cost estimate by the SROs that takes into 
account the costs members will incur in creating, implementing, and 
maintaining the consolidated audit trail, as well as to encourage the 
consideration of reasonable alternative approaches contemplated by Rule 
613(a)(1)(xii) in the plan formulation process.
    The Commission received several comments advocating inclusion of 
the broker-dealer community and other appropriate parties in the 
planning of the consolidated audit trail.\825\ One commenter, with 
respect to NMS plan governance, urged the inclusion of ``an official 
`seat at the table' alongside the SROs'' for members of the broker-
dealer industry.\826\ Another commenter recommended that the Commission 
seek greater SRO and broker-dealer involvement in the front-end 
planning before adopting a final rule to make all parties aware of 
potential design tradeoffs, and establish appropriate timelines for 
implementation and compliance.\827\ A further commenter advocated 
allowing working groups to engage in dialogue with the Commission, 
broker-dealers and the SROs to effectively conduct the business 
analysis needed to build the consolidated audit trail.\828\ 
Additionally, one commenter suggested that the Commission staff should 
form and engage working groups comprised of representatives from the 
``affected constituents,'' specifically brokers and ``key technology 
vendors,'' \829\ and that such working groups could work with the 
Commission to develop a request for proposal.'' \830\ Similarly, 
another commenter urged the Commission to require an industry working 
group of

[[Page 45796]]

SROs and a representative group of broker-dealers to address the 
``complexities involved in developing such a system.'' \831\ One 
commenter suggested encouraging the participation of issuers and other 
market participants in the creation of the consolidated audit 
trail,\832\ and another commenter advocated the inclusion of ``broad 
industry participation from the SEC, FINRA, exchange, broker dealer and 
vendor communities.'' \833\
---------------------------------------------------------------------------

    \825\ See FIF Letter II, p. 2; SIFMA February 2012 Letter, p. 1; 
STA Letter, p. 1-2.
    \826\ See SIFMA February 2012 Letter, p. 1.
    \827\ See Broadridge Letter, p. 2.
    \828\ See FIF Letter II, p. 2, STA Letter, p. 1-2.
    \829\ See Direct Edge Letter, p. 2.
    \830\ See Direct Edge Letter, p. 2.
    \831\ See Ameritrade Letter, p. 2.
    \832\ See IAG Letter, p. 3 (also recommending that the 
consolidated audit trail, in general, should involve a reduction in 
its size and scope, as well as a review of the capabilities of 
existing systems).
    \833\ See FIF Letter II, p. 1-3. See also STA Letter, p. 1-3 
(recommending the same, but with the inclusion of the investor 
community and institutional asset managers).
---------------------------------------------------------------------------

    The Commission considered the comments recommending wider industry 
involvement in the creation of the consolidated audit trail and 
believes that, since the consolidated audit trail will be a regulatory 
tool used by the SROs and the Commission, it is appropriate for the 
SROs, when developing the NMS plan, to request input from the 
securities industry as well as technological advice. The Commission 
believes that this input should be sought during the preparation of the 
NMS plan submitted to the Commission for its consideration,\834\ during 
the comment process,\835\ and subsequent to the approval of an NMS 
plan.\836\
---------------------------------------------------------------------------

    \834\ See also Rules 613(a)(1)(vii)(A) and (D), respectively 
requiring ``[a]n estimate of the costs to the plan sponsors for 
establishing and maintaining the central repository'' and an 
explanation of ``[h]ow the plan sponsors propose to fund the 
creation, implementation, and maintenance of the consolidated audit 
trail, including the proposed allocation of such estimated costs 
among the plan sponsors, and between the plan sponsors and members 
of the plan sponsors.''
    \835\ The Commission notes that any NMS plan submitted and any 
amendment to the plan would be subject to notice and public comment, 
during which members of the industry and other interested persons 
may provide comments on the NMS plan. 17 CFR 242.608(b)(1).
    \836\ See Rule 613(b)(7). See also Section III.B.3.b., supra.

---------------------------------------------------------------------------
 Rule 613(a)(1)(xii)

    Rule 613(a)(1)(xii) requires the NMS plan to discuss ``[a]ny 
reasonable alternative approaches to creating a consolidated audit 
trail that the plan sponsors considered in developing the national 
market system plan, including, but not limited to, a description of any 
such alternative approach; the relative advantages and disadvantages of 
each such alternative, including an assessment of the alternative's 
costs and benefits; and the basis upon which the plan sponsors selected 
the approach reflected in the national market system plan.'' \837\ The 
Commission believes this consideration is appropriate because it 
reflects the view, supported by commenters, that there are alternative 
approaches to creating, implementing, and maintaining the consolidated 
audit trail. The Commission believes that requiring the SROs to discuss 
alternatives considered helps ensure that the plan sponsors have 
appropriately weighed the merits of the various approaches that might 
be considered to create, implement, and maintain the consolidated audit 
trail, by requiring the NMS plan to describe the alternatives that the 
plan sponsors considered before making any significant decision with 
respect to the consolidated audit trail, and the relative advantages 
and disadvantages, including costs and benefits, of such alternatives. 
The Commission also believes that requiring transparency with respect 
to alternative approaches and the decisionmaking process of the SROs 
will facilitate public comment on the NMS plan and the wisdom of the 
approach selected by the plan sponsors. Similarly, such transparency 
should provide the Commission with useful insights into the rationale 
for the approach chosen by the plan sponsors as it considers whether to 
approve the NMS plan submitted to the Commission. The Commission also 
notes that this consideration complements Rule 613(a)(1)(vii), 
discussed above, which requires that the NMS plan discuss the detailed 
estimated costs to the plan sponsors for creating, implementing, and 
maintaining the consolidated audit trail, because this consideration 
requires the NMS plan to provide the costs of the alternatives that 
were not adopted by the plan sponsors in the NMS plan submitted to the 
Commission.
---------------------------------------------------------------------------

    \837\ See Rule 613(a)(1)(xii).
---------------------------------------------------------------------------

iv. Implementation and Milestones of the Consolidated Audit Trail
    The following two considerations are designed to elicit additional 
information from the plan sponsors about the implementation and 
milestones of the consolidated audit trail. These will inform the 
Commission's evaluation of the NMS plan submitted to the Commission for 
its consideration, particularly in the degree to which the consolidated 
audit trail can replace existing data sources and in how effectively 
the proposed plan will meet the objectives discussed in Section II.B.2.

     Rule 613(a)(1)(ix)

    Rule 613(a)(1)(ix) requires the NMS plan to discuss ``[a] plan to 
eliminate existing rules and systems (or components thereof) that will 
be rendered duplicative by the consolidated audit trail, including 
identification of such rules and systems (or components thereof); to 
the extent that any existing rules or systems related to monitoring 
quotes, orders, and executions provide information that is not rendered 
duplicative by the consolidated audit trail, an analysis of: (A) 
[w]hether collection of such information remains appropriate; (B) [i]f 
still appropriate, whether such information should continue to be 
separately collected or should instead be incorporated into the 
consolidated audit trail; and (C) [i]f no longer appropriate, how the 
collection of such information could be efficiently terminated; the 
steps the plan sponsors propose to take to seek Commission approval for 
the elimination of such rules and systems (or components thereof); and 
a timetable for such elimination, including a description of the 
phasing-in of the consolidated audit trail and phasing-out of such 
existing rules and systems (or components thereof).'' \838\
---------------------------------------------------------------------------

    \838\ See Rule 613(a)(1)(ix).
---------------------------------------------------------------------------

    As noted in the Proposing Release and above, many exchanges and 
FINRA each have their own disparate audit trail rules.\839\ Thus, a 
member of the various exchanges and FINRA could be subject to the audit 
trail rules of, and be required to submit different information to, 
more than one exchange and FINRA. In addition, several commenters 
discussed the potential reduction in costs for the creation, 
implementation, and maintenance of a consolidated audit trail if 
existing SRO audit trail requirements were eliminated. In particular, 
one commenter stated that, ``over the long-term, the costs of 
developing a carefully designed and appropriately scaled consolidated 
audit trail could be offset in part by eliminating the individual SRO 
reporting requirements imposed under existing audit trail systems.'' 
\840\ This commenter also urged the SROs and the Commission ``to rely 
to the fullest extent possible on the consolidated audit trail data for 
market reconstructions, investigations, and analysis, rather than 
requesting data from broker-dealers. This would be more efficient for 
both firms and regulators and would help maximize the utility of the 
consolidated audit trail.'' \841\
---------------------------------------------------------------------------

    \839\ See Proposing Release, supra note 4, at 32595.
    \840\ See SIFMA Letter, p. 2.
    \841\ Id.

---------------------------------------------------------------------------

[[Page 45797]]

    Another commenter similarly stated that ``a consolidated trail and 
consolidated market surveillance should achieve economies of scale that 
ultimately lower costs for both the markets themselves and the market 
participants.'' \842\ This commenter further reasoned that, ``[r]ather 
than each SRO separately maintaining its own surveillance staff and 
surveillance programs that are searching for the same behavior, and 
thus creating redundancies, certain technology and staff resources can 
be consolidated into a single enterprise with costs equitably allocated 
across all SROs.'' \843\ However, the commenter also pointed out that 
``[s]uch consolidation, of course, would not preclude individual SROs 
from conducting surveillance for unique attributes and rules of its 
marketplace, ensuring that specialized market expertise continues to 
inform surveillance and oversight of trading on that market.'' \844\
---------------------------------------------------------------------------

    \842\ See FINRA Letter, p. 2.
    \843\ Id. at p. 2-3.
    \844\ See FINRA/NYSE Euronext Letter, p. 4.
---------------------------------------------------------------------------

    Many other commenters shared similar opinions with regards to the 
efficiency effects that a consolidated audit trail would have on market 
participants and their requirements to provide data to regulators. One 
commenter, for example, listed as one of seven benefits of a 
consolidated audit trail that ``it would reduce the time and resources 
required by market participants to respond to case-by-case requests 
from regulators.'' \845\ Another commenter stated that it ``agrees with 
the Commission that the implementation of the proposed consolidated 
audit trail would likely render unnecessary existing audit trails and 
data obtained through the equity blue sheets system.'' \846\ Similarly, 
another commenter also ``agree[d] with the Commission that in 
calculating the total cost to the industry of the audit trail it is 
important to consider offsetting savings from the retirement of 
redundant data feeds such as OATS, OTS, COATS, ISG Equity Audit Trail, 
and EBS. In addition, the industry may be able to avoid the cost of 
compliance with the Commission's proposed Large Trader Reporting System 
if the consolidated audit trail contains sufficient information to meet 
those requirements.'' \847\
---------------------------------------------------------------------------

    \845\ See Liquidnet Letter, p. 1.
    \846\ See BATS Letter, p. 4. See also FIA Letter, p. 1; FIF 
Letter II, p. 2.
    \847\ See Nasdaq Letter I, p. 11. The Commission notes that this 
comment letter was submitted prior to the adoption of the Large 
Trader Reporting Rule. See note 1, supra, and accompanying text.
---------------------------------------------------------------------------

    The Commission recognizes that the creation of a consolidated audit 
trail could result in efficiency gains for market participants with 
respect to their regulatory data reporting requirements and for 
regulators with respect to their surveillance activities. The 
Commission also recognizes that the consolidated audit trail could 
render existing rules and systems that contain the same requirements as 
the consolidated audit trail redundant. While the Commission is not at 
this time requiring that existing rules and systems be eliminated, the 
Rule requires that the NMS plan provide a plan to eliminate existing 
rules and systems (or components thereof), including identification of 
such rules and systems (or components thereof). Further, to the extent 
that any existing rules or systems related to monitoring quotes, 
orders, and executions provide information that is not rendered 
duplicative by the consolidated audit trail, such plan must also 
include an analysis of (1) whether the collection of such information 
remains appropriate, (2) if still appropriate, whether such information 
should continue to be separately collected or should instead be 
incorporated into the consolidated audit trail, and (3) if no longer 
appropriate, how the collection of such information could be 
efficiently terminated. Finally, such plan must also provide the steps 
the plan sponsors propose to take to seek Commission approval for the 
elimination of such rules and systems (or components thereof); and a 
timetable for such elimination, including a description of how the plan 
sponsors propose to phase in the consolidated audit trail and phase out 
such existing rules and systems (or components thereof).
    The Commission believes that the implementation of a plan to 
eliminate duplicative existing rules, systems, and/or components of 
such rules and systems, will result in increased efficiency to market 
participants who need to comply with the disparate reporting 
requirements for orders and with repeated requests for data by 
regulators who cannot obtain the data they need from existing sources 
of information.

 Rule 613(a)(1)(x)

    Rule 613(a)(1)(x) requires the NMS plan to include ``[o]bjective 
milestones to assess progress toward the implementation of the national 
market system plan.''
    The creation of a consolidated audit trail is crucial to the 
effective oversight of the U.S. securities markets, but at the same 
time is an initiative of substantial scope and complexity. Accordingly, 
to ensure that the consolidated audit trail is established in a timely 
and logical manner, and that the SROs can be held accountable for 
maintaining a workable implementation schedule, the NMS plan submitted 
is required to set forth a series of detailed objective milestones, 
with projected completion dates, toward implementation of the 
consolidated audit trail. In addition to being useful for the 
Commission in its evaluation of the NMS plan, the milestones will be 
used by the Commission in its supervision of the implementation of the 
consolidated audit trail. Such milestones could include, but are not 
limited to: publication and implementation of the methods for obtaining 
a CAT-Reporter-ID and the Customer-ID database, testing of the 
collection of order and execution data from a representative subset of 
broker-dealers, initial access to the central repository for 
regulators, demonstration of linking the full lifecycle of events for 
select test orders, cancels, modifications, and executions, and 
integration of trade and quote data as currently reported by trading 
venues into the central repository.
v. Commission Review
The Commission believes these considerations represent fundamental 
characteristics of a meaningful plan to establish an effective and 
efficient consolidated audit trail. The Commission will assess the NMS 
plan's discussion of the considerations described as part of its 
evaluation of the NMS plan.\848\ The Commission notes that, if the NMS 
plan submitted does not comply with the requirements of the Rule, or if 
the Commission determines changes are necessary or appropriate, the 
Commission may amend the NMS plan pursuant to Rule 608(b)(2) of 
Regulation NMS with such changes or subject to such conditions as the 
Commission may deem necessary or appropriate, taking into account the 
considerations contemplated in Rule 613(a)(1).\849\ In addition, should 
the NMS plan and the consolidated audit trail not keep pace with market 
or technological developments, such that its efficiency or 
effectiveness becomes

[[Page 45798]]

impaired,\850\ the Commission itself may, pursuant to Rule 608(b), 
propose an amendment to the NMS plan.\851\
---------------------------------------------------------------------------

    \848\ To further facilitate this review, the Commission expects 
that the plan sponsors would keep minutes of their meetings to 
formulate the NMS plan, and that such minutes would be readily 
reviewable by the Commission.
    \849\ 17 CFR 242.608(b)(2). To approve such a plan, the 
Commission must find that such plan or amendment is necessary or 
appropriate in the public interest, for the protection of investors 
and the maintenance of fair and orderly markets, to remove 
impediments to, and perfect the mechanisms of, a national market 
system, or otherwise in furtherance of the purposes of the Act.
    \850\ See Rules 613(a)(1)(v), (b)(6), (d)(2). See also Sections 
III.B. and III.C.2.a.i., supra (discussing the consideration of 
flexibility and scalability of the systems used by the central 
repository; the requirement that the NMS plan require the plan 
sponsors to provide a written assessment with an evaluation of, and 
a detailed plan to improve, the performance of the consolidated 
audit trail at least every two years; and the requirement to 
annually evaluate the clock synchronization and time stamp 
standards).
    \851\ 17 CFR 242.608(a)(2). For example, if the requirements of 
the plan are not amended after the annual evaluation of the clock 
synchronization and time stamp standards to be consistent with 
changes in the industry standards, the Commission has the authority 
and means to propose an amendment to those requirements of the plan. 
The Commission can approve an amendment to an effective national 
market system plan that was initiated by the Commission, by rule. 17 
CFR 242.608(b)(2).
---------------------------------------------------------------------------

b. Regulator Use Cases
    In light of the comments recommending that the Commission undertake 
an RFP process and provide more ``business requirements'' \852\ the 
Commission believes that it is useful to provide further details about 
how it envisions regulators would use, access, and analyze consolidated 
audit trail data through a number of ``use cases,'' as might typically 
be found in an RFP. These ``use cases'' and accompanying questions set 
forth below are derived directly from the considerations described in 
adopted Rule 613(a)(1), which, as discussed in Section III.C.2.a., 
originated from key principles of the consolidated audit trail that had 
been highlighted by the Commission in the Proposing Release. 
Specifically, these ``use cases'' describe the various ways in which, 
and purposes for which, regulators would likely use, access, and 
analyze consolidated audit trail data. By describing how regulators 
would use the consolidated audit trail data, the ``use cases'' and the 
related questions are meant to elicit a level of detail about the 
considerations that should help the SROs prepare an NMS plan that 
better addresses the requirements of the adopted Rule. They should also 
aid the Commission and the public in gauging how well the NMS plan will 
address the need for a consolidated audit trail. In particular, the 
``use cases'' will assist in gauging how well the NMS plan will 
specifically address the needs outlined in this Rule, by describing the 
features, functions, costs, benefits, and implementation times of the 
plan.
---------------------------------------------------------------------------

    \852\ See FIF Letter, p. 1, 9; FIF Letter II, p. 1-2; Direct 
Edge Letter, p. 2-3, 5; Section III.C.1.a., supra.
---------------------------------------------------------------------------

    The Commission notes that it is not including these ``use cases'' 
and accompanying questions to endorse a particular technology or 
approach to the consolidated audit trail; rather, these ``use cases'' 
and accompanying questions are designed to aid the SROs' understanding 
of the types of useful specific information that the NMS plan could 
contain that would assist the Commission in its evaluation of the NMS 
plan. The Commission also notes that its description of ``use cases'' 
includes a non-exclusive list of factors that SROs could consider when 
developing the NMS plan. The SROs also may include in the NMS plan 
submitted to the Commission for its consideration any other information 
regarding how data would be stored or accessed that the SROs believe 
the Commission or the public may find useful in evaluating the NMS plan 
submitted.
1. Analyses Related to Investigations and Examinations
    The Commission expects that the consolidated audit trail will 
provide regulators the ability to more efficiently conduct targeted 
investigations and examinations. These generally require being able to 
conduct several types of queries on large amounts of data and extract 
targeted segments of such data. These targeted segments are likely to 
be much smaller than the bulk extractions discussed in Section 
III.C.2.b.2., below.
    Off-Line Analysis. Regulators are likely to frequently require the 
extraction of relatively small amounts of select data from the 
consolidated audit trail database at the central repository for their 
own ``off-line'' analyses.\853\ For example, a regulator may need to 
extract data on all orders in a particular stock, by a particular 
customer, on a particular day, or based on any other combination of 
fixed search criteria.\854\ Though the total data extracted may be 
small, the number of records that need to be searched to find such data 
may be enormous.
---------------------------------------------------------------------------

    \853\ For purposes of these use-cases, an ``off-line'' analysis 
is defined to be any analysis performed by a regulator based on data 
that is extracted from the consolidated audit trail database, but 
that uses the regulator's own analytical tools, software, and 
hardware.
    \854\ Fixed search criteria are those that are based on specific 
pre-defined data elements that are stored in the consolidated audit 
trail database. In contrast, dynamic search criteria are those that 
are based on numerical levels, thresholds, or other combinations of 
mathematical formula or logic that would require some amount of 
additional calculations to be performed on, and derived from, pre-
defined data elements already stored in the database to complete the 
search operation and return to the user the data that meets the 
requested criteria.
---------------------------------------------------------------------------

    i. What technical or procedural mechanisms will regulators be 
required to use to request data extractions? Does the NMS plan provide 
for a front-end user interface to perform search and extractions? If 
not, what types of tools or technologies would regulators need to 
implement to send search and extract requests to the database? Would 
regulators be permitted to write and submit their own queries (e.g., 
Structure Query Language or ``SQL'') to the database directly? Would 
the central repository write and submit queries on behalf of a 
regulator at the regulator's request?
    ii. What response times should regulators expect from search and 
extract requests? Would a search for all trades in a given security by 
a given customer over a specified period of time return a response with 
all requested data in one minute? One hour? Overnight? How would this 
response time scale with the amount of data requested? With the amount 
of data being searched?
    iii. How would the database effectively process simultaneous 
requests by multiple users at one or more regulators? Will each request 
be queued serially? Can they be processed in parallel? What is the 
effect of simultaneous requests on response times? Would there be 
limits to the number of search queries that can be performed at the 
same time? Would there be limitations on the size of the extractions 
from such queries?
    iv. A wide range of users at regulators may need to search and 
extract data for analysis. How are users to be administered? If the NMS 
plan contemplates a front-end user interface, what validation and 
security mechanisms will ensure that only permitted users will have 
access to such data? If the plan contemplates direct access through a 
means other than a front-end user interface, what security and 
validation mechanisms would regulators need to deploy to interact with 
the database?
    Dynamic Search and Extraction. At times, regulators may need to 
identify and extract small amounts of data from the database based on 
dynamic search criteria that might require the database to perform 
calculations on stored data to meet the specified criteria. A few 
examples of dynamic criteria are: searching for trades with trade sizes 
above a certain threshold, searching for trades in securities with 
execution prices that change more than a certain percentage in a given 
period of time, and searching for orders that are canceled within a 
certain period of time.
    i. Does the NMS plan contemplate allowing for dynamic search 
criteria to operate directly on the database? If so, how would the 
dynamic search criteria

[[Page 45799]]

be specified and run? What, if any, limitations would there be on the 
types of search criteria that can be requested? What are the 
implications for response times? If the plan contemplates a front-end 
user interface, will dynamic search criteria be included? If the plan 
allows for dynamic search criteria through a means other than a front-
end user interface, what types of tools or technologies would 
regulators need to implement to request dynamic searches? Have the plan 
sponsors considered whether such tools or technologies and the 
personnel to use them are currently available to the regulators?
    ii. If the NMS plan does not contemplate dynamic search criteria, 
please explain how regulators would be able to use the consolidated 
audit trail data to perform such searches. Would data need to be 
downloaded in bulk by the regulators to accomplish these types of 
searches off-line (see below for related questions)?
2. Analyses Related to Monitoring, Surveillance, and Reconstruction
    In addition to targeted analysis of select data from the 
consolidated audit trail database, regulators will also require the 
analysis of data in bulk form. For example, the Commission is likely to 
use consolidated audit trail data to calculate detailed statistics on 
order flow, order sizes, market depth and rates of cancellation, to 
monitor trends and inform SRO and Commission rulemaking. To satisfy the 
surveillance requirements of Rule 613(f), regulators may want the 
ability to feed consolidated audit trail data into analytical ``alert'' 
programs designed to screen for potential illegal activities such as 
insider trading or spoofing. Surveillances might also benefit if 
regulators are able to link consolidated audit trail data with 
databases on certain types of material news events or market 
participants. This would allow regulators to isolate and aggregate data 
on trading in advance of those news events or by those participants. If 
preliminary analyses showed problems, the regulators could then request 
significant amounts of data for a more thorough and detailed follow-up 
analysis. In the event of a large scale market event like the May 6, 
2010 ``flash crash,'' regulators are likely to use consolidated audit 
trail data to reconstruct market events on the day of the event, 
including but not limited to reconstructing entire order books and 
trading sequences.
    i. What, if any, SRO surveillance data could be replaced by the 
consolidated audit trail while still improving SROs' ability to 
surveil?
    ii. How will the NMS plan allow regulators to address these types 
of large-scale, on-going data analyses?
    iii. In addition to providing regulators with the ability to search 
and extract data, will the NMS plan provide regulators with access to 
any plan-hosted applications or interfaces (i.e., those that operate on 
plan-based systems and resources) that would enable users to perform 
data analyses on, or create reports or graphs from, data stored in the 
database (such application or interfaces collectively known as ``hosted 
analytical tools'')? If so, how would regulators use and access such 
tools? What are the limitations of such tools? Would the tools allow 
regulators to perform the analyses discussed in the examples presented 
above?
    iv. If the NMS plan does not provide regulators with hosted 
analytical tools, how would regulators be expected to use their own 
resources, software, and hardware to perform such analyses? Would the 
plan provide regulators with an application programming interface 
(``API'') that allows regulators to develop their own tools that 
interact directly with the consolidated audit trail database? If so, 
what will the form of such API be? Are there limitations to the number 
of systems that could connect to the database? How will the plan 
negotiate priorities for connectivity, searches and queries done via 
the API? Will there be limitations to the types of queries that could 
be performed through the API? What types of in-house technologies and 
systems would be required for regulators to connect to the consolidated 
audit trail in this fashion?
    v. If the NMS plan does not provide regulators with analytical 
tools and services and does not provide an API for regulators to 
connect their own analytics systems to the database, what mechanism 
would the plan provide to regulators for accessing bulk data in a way 
that allows for large-scale analyses? Would the plan allow for end-of-
day downloads of an entire day's activity so that regulators could load 
this information into their own systems for such analysis? If so, how 
is access to such a download to be controlled and implemented? How long 
would it take to transmit an entire day's worth of consolidated audit 
trail data to each of the regulators that requires such access? 10 
minutes? One hour? Multiple hours? Longer than overnight? Do these time 
estimates reflect that multiple regulators are likely to simultaneously 
download consolidated audit trail data each night? What types of 
technologies or systems would be required for regulators to download 
this data? What are the expected sizes of such a data download? What 
type of systems would each regulator need to deploy to store and 
analyze this data? Have the plan sponsors considered whether such 
systems and the personnel to operate them are currently available to 
the regulators?
    vi. Does the plan contemplate data streaming as a method of 
transmitting bulk data to each regulator? If so, what is the form and 
mechanism of such data streaming? Would the streaming occur intraday as 
data is reported to, and processed by, the database, or would the 
streaming occur after all (or a majority of, or such other criteria) 
data was reported to, and processed by the database (e.g. overnight 
streaming)? How would intraday streaming impact the accuracy or 
completeness of the data received by regulators? Would data be 
transmitted through different methods or with varying delays by 
different SROs?
    vii. If the plan does not contemplate any bulk data analyses or 
means of transmitting data to regulators on a bulk overnight basis or 
in an intraday or overnight streaming fashion, describe what 
alternative mechanisms, if any, could be used to enable regulators to 
perform the types of analyses described at the beginning of the section 
(b), as well as the various examples described throughout this document 
of how regulators would make use of consolidated audit trail data.
3. Order Tracking and Time Sequencing
    As discussed in detail throughout this Release, one of the key 
requirements of the consolidated audit trail is to provide regulators 
with a complete record of all of the events that stem from a particular 
order, from routing to modification, cancellation, or execution. In 
addition, these events must be stored by the central repository in a 
linked manner--using either a unique order identifier or a series of 
unique order identifiers, as discussed in Section III.B.1.d.iv.--so 
that regulators can quickly and accurately extract a time-sequenced 
history of each event related to an order.
    i. What methods will the plan use to create the linkages for order 
events as described above? How will regulators access and search on 
data in a linked fashion?
    ii. What is the technical form of the order identifier(s) that 
broker-dealers will be required to send to the consolidated audit trail 
database so that these linkages can be created? To what extent will 
broker-dealers be able to generate such identifier(s) using their 
current systems? To what extent will broker-dealers need to collect or 
track

[[Page 45800]]

new data, or modify their systems, to generate such identifier(s)?
    iii. Will the transmission of economic data (such as a price) be 
sent separately, or via a different technical mechanism, from 
noneconomic data (such as the identity of a customer)?
    iv. What other changes, if any, will be required of systems 
typically in use by broker-dealers to provide such data? To what extent 
can existing broker-dealer systems be employed? What modifications will 
be necessary? What are the costs and technological ramifications of 
such changes?
    v. What changes, if any, will be required of the systems currently 
in use by regulators to receive such data? To what extent can existing 
regulatory systems be employed? What modifications will be necessary? 
What are the costs and technological ramifications of such changes?
    vi. If data reformatting is required, how much must be done by each 
broker-dealer using its own systems and resources prior to sending data 
to the central repository, versus being done on the receiving end by 
the central repository using plan-based systems and resources?
    vii. If multiple methods for collecting and aggregating are 
contemplated by the NMS plan, what are the pros and cons of each 
method?
    viii. How will the plan ensure orders and subsequent events are 
properly time-sequenced? At what level of granularity will time stamps 
be stored for each event? Milliseconds? Microseconds? Picoseconds? 
Describe any differences in the accuracy at which events originating in 
the same broker-dealer system can be sequenced versus events across 
different systems at the same broker-dealer, or systems at different 
broker-dealers. What type of synchronization of clocks will be employed 
to minimize inter-system timing inaccuracies?
    ix. If time stamps are not stored at a sufficient level of 
granularity to properly sequence events, what other data or mechanisms 
will the NMS plan provide to meet the requirement that regulators be 
able to time-sequence events?
    x. Even if time stamps are sufficiently granular to meet the time-
sequencing requirements of today, how would the plan contemplate 
increasing that granularity as the speed of trading increases?
4. Database Security, Contingency Planning, and Prospects for Growth
    The data stored in the consolidated audit trail database will 
contain confidential detailed records of trade and order flow by 
customer.
    i. How will the plan ensure the security of the database in a way 
that provides for flexible access by permitted users at multiple 
regulators (i.e., the Commission and the SROs), but denies access to 
all other non-permitted users?
    ii. What are the plan's policies and procedures with regards to 
security? Will the plan make use of any specific national or 
international security standards? If so, which ones? Will the plan make 
use of third-party reviews of its security procedures?
    iii. What types of contingency and backup plans will be employed by 
the plan to safeguard against the loss of data due to technical 
failures? Will the plan make use of live failover mechanisms so that 
data being sent to the database is not inadvertently lost in the event 
of a failure? Will contingency plans provide regulators with 
uninterrupted access to the database? If not, what are the expectations 
for recovery times under different failure scenarios?
    iv. As order and trade volumes increase, how does the plan 
contemplate handling the need for increased capacity and throughput? 
Would the plan be able to accommodate a doubling in daily volume 
without materially altering the basic technologies and architecture? A 
ten-time increase? A 100-times increase?
5. Database Access
    As part of an investigation or examination, regulators may need to 
analyze historical trades and orders in the database maintained by the 
central repository (though not trade and order events occurring prior 
to the implementation of the consolidated audit trail).
    i. How much historical data will be stored ``on-line'' in the 
database and be available for immediate search and extraction?
    ii. How will data be archived if it is no longer stored on-line? 
How will regulators access and search data that has been archived?
    iii. Will third parties have access to historical data? How will 
this access differ from the regulatory access?
c. Extension of Time for Submission of NMS plan
    Proposed Rule 613 required the SROs to jointly file the NMS plan 
within 90 days from approval of Rule 613. The Commission received a 
comment letter specifically suggesting that a six-month period, rather 
than the 90-day period originally proposed, would be more appropriate 
for the submission of the NMS plan to ensure that the NMS plan is 
drafted with an informed understanding of how order and trade 
processing works so that the consolidated audit trail systems are 
capable of achieving the Commission's objectives.\855\ To this end the 
commenter recommended that the Rule mandate the formation of 
cross[hyphen]market participant working groups; outline the objectives 
of consolidated audit trail rather than identify technical 
requirements; and allow six months for the cross[hyphen]participant 
working groups to perform a requirements analysis as part of the 
development of the NMS plan.\856\
---------------------------------------------------------------------------

    \855\ See FIF Letter II, p. 2. See also STA Letter, p. 2 
(stating ``[t]he SEC should allow six months for the CAT selection 
process rather than the two months currently identified in the 
proposed release'').
    \856\ See FIF Letter II, p. 3.
---------------------------------------------------------------------------

    In response to this commenter and other commenters that suggested 
that the Commission rely on an industry working group to create the 
consolidated audit trail \857\ and to provide sufficient time for the 
SROs to draft the additional provisions required by the Rule \858\ and 
to prepare responses to the considerations and the use cases for 
inclusion in the NMS plan,\859\ the Commission is extending the 
timeframe for the submission of the NMS plan from 90 days from approval 
of Rule 613 to 270 days from the date of publication of the Adopting 
Release in the Federal Register.\860\
---------------------------------------------------------------------------

    \857\ See Direct Edge Letter, p. 2-3, 5. See also STA Letter, p. 
1-3.
    \858\ These additional provisions relate to: (1) The security 
and confidentiality of the central repository (see Rule 
613(e)(4)(i)(A) through (D) and Section III.B.2.e., supra); (2) 
error rates (see Rule 613(e)(6) and Section III.B.2.c., supra); (3) 
an Advisory Committee (see Rule 613(b)(7) and Section III.B.3.b., 
supra); (4) a retrospective assessment of the performance of the 
consolidated audit trail, as well as a plan to improve its 
performance (see Rule 613(b)(6)(i) through (iv) and Section 
III.B.3.b., supra); and (5) potential penalties (see Rule 613(h)(3) 
and Section III.B.3.a.1., supra).
    \859\ See Sections III.C.2.a. and c., supra.
    \860\ See Section I., supra. See also Section III.D., infra, for 
a discussion of the timelines pertaining to the implementation of 
the consolidated audit trail.
---------------------------------------------------------------------------

3. NMS Plan Costs
a. NMS Plan Cost Estimates
    This section sets forth the Commission's estimates of the costs to 
prepare and file the NMS plan. As noted above, as part of the multi-
step process for developing and approving an NMS plan that will govern 
the creation, implementation, and maintenance of a consolidated audit 
trail, the Commission is deferring its economic analysis of the 
consolidated audit trail (other than with respect to the NMS plan) 
until after the NMS plan, together with its detailed information and 
analysis, has been submitted by the

[[Page 45801]]

SROs to the Commission for its consideration and there has been an 
opportunity for public comment.\861\ The Commission believes that an 
economic analysis of the consolidated audit trail is more appropriately 
performed once the SROs narrow the expanded array of choices they have 
and developed a detailed NMS plan.\862\ At that time, the Commission 
will have available to it detailed information provided by the SROs, 
and any additional information provided by commenters once the NMS plan 
is published for comment. The cost estimates set forth below, 
therefore, only reflect the Commission's estimates as to the costs to 
the SROs for developing an NMS plan to be submitted to the Commission. 
These cost estimates do not reflect the much more significant initial 
and ongoing costs that would be incurred if such NMS plan were approved 
by the Commission and the implementation of the consolidated audit 
trail begins.
---------------------------------------------------------------------------

    \861\ See Section I., supra. See also Rule 613(a)(5) (providing, 
in part, that the Commission ``shall consider the impact of the 
national market system plan, or amendment, as applicable, on 
efficiency, competition, and capital formation'').
    \862\ See Section I., supra.
---------------------------------------------------------------------------

    The Commission notes that the requirement to develop and submit the 
NMS plan also is a collection of information within the meaning of the 
Paperwork Reduction Act of 1995 (``PRA'').\863\ Section IV. below 
describes in detail the burdens associated with the requirement that 
the SROs develop and submit an NMS plan.
---------------------------------------------------------------------------

    \863\ 44 U.S.C. 3501 et. seq.
---------------------------------------------------------------------------

i. Preliminary Cost Estimates from Proposing Release
    In the Proposing Release, the Commission estimated that each SRO, 
on average, would incur an aggregate one-time cost of approximately 
$234,000 \864\ to prepare and file the NMS plan, for an estimated 
aggregate cost of about $3.5 million.\865\
---------------------------------------------------------------------------

    \864\ Commission staff estimated that each SRO would expend (400 
Attorney hours x $305 per hour) + (100 Compliance Manager hours x 
$258 per hour) + (220 Programmer Analyst hours x $193 per hour) + 
(120 Business Analyst hours x $194 per hour) = $213,540 per SRO to 
prepare and file the NMS plan. Commission staff also estimated that 
each SRO would outsource, on average, 50 hours of legal work, at an 
average hourly rate of $400, for a total of $20,000 per SRO, for an 
aggregate one-time cost to prepare and file an NMS plan of $233,540 
per SRO. See Proposing Release, supra note 4, at 32596.
     The $305 per hour figure for an Attorney; the $258 per hour 
figure for a Compliance Manager; the $193 per hour figure for a 
Programmer Analyst; and the $194 per hour figure for a Business 
Analysis (Intermediate) were from SIFMA's Management & Professional 
Earnings in the Securities Industry 2008, modified by Commission 
staff to account for an 1800-hour work-year and multiplied by 5.35 
to account for bonuses, firm size, employee benefits, and overhead. 
Based on industry sources, the Commission estimated that the hourly 
rate for outsourced legal services in the securities industry is 
$400 per hour.
    \865\ Commission staff estimated that the SROs would incur an 
aggregate one-time cost of ($233,540 per SRO) x (15 SROs) = 
$3,518,100 to prepare and file an NMS plan.
---------------------------------------------------------------------------

    In making these estimates, the Commission assumed that the cost of 
developing and filing the NMS plan pursuant to the proposed Rule would 
be comparable to the cost to create other existing NMS plans.\866\ 
Underlying the Commission's estimates were estimates of the amount of 
time the Commission believed would likely be spent by Programmer 
Analysts, Business Analysts, Attorneys, and Compliance Managers. The 
Commission did not receive any comments on these specific cost 
estimates.
---------------------------------------------------------------------------

    \866\ See Proposing Release, supra note 4, at note 299.
---------------------------------------------------------------------------

ii. Revised Cost Estimates
    As noted above, the Commission based its original estimates of the 
cost to prepare and file the NMS plan on the costs incurred with 
existing NMS plans. The adopted Rule, however, has been modified from 
the proposed Rule in several significant ways that differentiate the 
costs to prepare the NMS plan from all other existing NMS plans. These 
modifications require the SROs to: (1) Provide additional information 
and analysis while addressing the considerations that are set forth in 
Rule 613(a)(1); \867\ (2) include additional provisions that were not 
required by the proposed Rule relating to enforcement mechanisms,\868\ 
security and confidentiality,\869\ and the preparation of a document 
every two years that contains a retrospective assessment of the 
performance of the consolidated audit trail, as well as a plan to 
improve its performance; \870\ (3) address error rates; \871\ and (4) 
provide for the creation of an Advisory Committee.\872\
---------------------------------------------------------------------------

    \867\ See Rule 613(a)(1)(i) through (xii); Section III.C.2.a., 
supra.
    \868\ See Rule 613(h)(3); Section III.B.3.a.1., supra.
    \869\ See, e.g., Rule 613(e)(4)(i)(A) through (D). For example, 
Rule 613(e)(4)(i)(A) requires that the NMS plan require that all 
plan sponsors and their employees, as well as all employees of the 
central repository, agree to use appropriate safeguards to ensure 
the confidentiality of such data and not use such data for purposes 
other than surveillance or regulatory purposes. Additionally, Rule 
613(e)(4)(i)(B) requires the NMS plan to require that each SRO adopt 
and enforce rules that: (1) Require information barriers between 
regulatory staff and non-regulatory staff with regard to access and 
use of data in the central repository and (2) permit only persons 
designated by plan sponsors to have access to the data in the 
central repository. See Section III.B.2.e., supra.
    \870\ See Rule 613(b)(6)(i) through (iv). See Section 
III.B.3.b., supra.
    \871\ See Rule 613(e)(6)(i) through (ii). See Section 
III.B.2.c., supra. See also Rule 613(e)(6)(iii) through (iv).
    \872\ See Rule 613(b)(7).
---------------------------------------------------------------------------

(A) Revised Initial Costs To Create and File the NMS Plan
    In light of these modifications to the proposed Rule, the 
Commission no longer believes that the cost of developing and filing 
the NMS plan pursuant to the proposed Rule would be sufficiently 
comparable to the cost to create other existing NMS plans to use those 
costs as a basis for developing a cost estimate for the NMS plan 
required by Rule 613. Instead, as discussed in more detail below, the 
Commission is increasing its estimated costs for the development and 
filing of the NMS plan due to the increases in the hours that likely 
would be spent to create the NMS plan by the SROs.\873\ The Commission 
also is adjusting its preliminary cost estimate for the creation and 
filing of an NMS plan to reflect updated 2011 wage figures, as well as 
the registration of two additional SROs, since the preliminary 
estimates were developed.\874\ Specifically, the Commission now 
estimates that the aggregate one-time cost for creating and filing an 
NMS plan would be approximately $718,000 per SRO,\875\ or approximately 
$12.2 million

[[Page 45802]]

in the aggregate,\876\ compared to an initial estimate of $234,000 per 
SRO, or approximately $3.5 million in the aggregate, to prepare and 
file an NMS plan.\877\
---------------------------------------------------------------------------

    \873\ Commission staff now estimates that each SRO would expend 
700 Attorney hours, 300 Compliance Manager hours, 880 Programmer 
Analyst hours, and 880 Business Analyst hours.
    \874\ The $378 per-hour figure for an Attorney; the $279 per 
hour figure for a Compliance Manager; the $196 per hour figure for a 
Programmer Analyst; and the $201 per hour figure for a Business 
Analyst (Intermediate) are from SIFMA's Management & Professional 
Earnings in the Securities Industry 2011, modified by Commission 
staff to account for an 1800-hour work-year and multiplied by 5.35 
to account for bonuses, firm size, employee benefits, and overhead. 
At the time the Proposing Release was published, there were 14 
national securities exchanges. On August 13, 2010, the Commission 
granted the application of BATS-Y Exchange for registration as a 
national securities exchange. See Securities Exchange Act Release 
No. 62719, 75 FR 51295 (August 19, 2010). Additionally, on April 27, 
2012, the Commission granted the application of BOX Options Exchange 
for registration as a national securities exchange. See Securities 
Exchange Act Release No. 66871, 77 FR 26323 (May 3, 2012).
    \875\ Commission staff estimates that each SRO would incur an 
aggregate one-time cost of (700 Attorney hours x $378 per hour) + 
(300 Compliance Manager hours x $279 per hour) + (880 Programmer 
Analyst hours x $196 per hour) + (880 Business Analyst hours x $201 
per hour) = $697,660 per SRO to prepare and file an NMS plan. In 
addition, Commission staff estimates that each SRO would incur a 
one-time external cost of (50 legal hours x $400 per hour) = 
$20,000. As a result, the Commission staff estimates that the 
aggregate one-time cost to each SRO to prepare and file an NMS plan, 
including external costs, would be ($20,000 in external costs) + 
($697,660 in aggregate internal costs) = $717,660 per SRO to prepare 
and file an NMS plan.
    \876\ Commission staff estimates that the SROs would incur an 
aggregate one-time cost of ($717,660 per SRO) x (17 SROs) = 
$12,200,200 to prepare and file an NMS plan.
    \877\ See Proposing Release, supra note 4, at 32596.
---------------------------------------------------------------------------

    The Commission believes that these revised estimates, which include 
internal SRO personnel time and external legal costs, are appropriate 
based on the impact of the modifications to the proposed Rule on each 
of the job categories underlying the estimates. The Commission believes 
that the modifications to the proposed Rule will require SRO Programmer 
Analysts, Business Analysts, Attorneys, and Compliance Managers to 
expend additional time to address the requirements of the Rule. As 
discussed in more detail below, the Commission anticipates that the 
SROs will spend additional time on many activities, including: (1) 
Research; (2) discussions with members, committees and with industry 
associations; (3) vendor negotiations; (4) making decisions regarding 
the various options and increased flexibility provided by the adopted 
Rule; \878\ (5) reviewing alternative NMS plans; (6) choosing between 
alternative plans and negotiating to reach a consensus on a single NMS 
plan; (7) providing a detailed estimate of the costs associated with 
that NMS plan; and (8) drafting the NMS plan. The Commission also 
believes that these increased estimates are appropriate in light of the 
comments, including the comment that the Commission underestimated the 
time the SROs would spend on business analyses to be performed in 
designing the NMS plan based on the experience of broker-dealers, 
vendors and SROs when OATS was expanded to all NMS stocks.\879\ In 
response, as discussed below, the Commission is increasing its 
estimated Programmer Analyst, Business Analyst, Attorney, and 
Compliance Manager hours.
---------------------------------------------------------------------------

    \878\ See Section I., supra.
    \879\ See FIF Letter II, p. 2-3. See also STA Letter, p. 2-3.
---------------------------------------------------------------------------

    The Commission notes that the average hourly and cost estimates per 
SRO for creating and filing the NMS plan likely overestimated the costs 
for some of SROs and underestimated the costs for other SROs. The 
Commission also believes that certain SROs, particularly those SROs 
under the same holding company, may decide to collaborate and realize 
some cost savings on a per SRO basis. On balance, however, the 
Commission believes that, these hours and cost estimates are reasonable 
on average even if they may not be precise for any specific SRO.
(i) Programmer Analyst
    The Commission is increasing its Programmer Analyst hour estimates 
from 220 hours to 880 hours per SRO. As discussed in more detail below 
in Section IV.D.2.a.i., the Commission anticipates that a Programmer 
Analyst would need to spend substantially more time to address the 
considerations included in the Rule and the ``use cases.'' Programmer 
Analysts may be involved in the NMS plan research, any industry 
discussions, negotiations with vendors and SROs, and in developing cost 
estimates for the consolidated audit trail. Thus, for these reasons, 
the Commission believes it appropriate to increase substantially its 
estimate of the number of hours expended by Programmer Analysts in the 
creation and filing of the NMS plan.
(ii) Business Analyst
    The Commission is increasing its Business Analyst hour estimates 
from 360 hours to 880 hours per SRO. As discussed in more detail below 
in Section IV.D.2.a.ii., the Commission anticipates that a Business 
Analyst would spend substantially more time to address the 
considerations and the ``use cases,'' and overall, an amount of time 
that is comparable to the time that would likely be spent by Programmer 
Analysts because Business Analysts will likely be involved in many of 
the same tasks as Programmer Analysts, but have separate 
responsibilities as well.
(iii) Attorney
    The Commission is increasing its estimates for the hours an 
Attorney would likely spend to prepare and file an NMS plan from 400 
hours to 700 hours per SRO. As discussed in more detail in Section 
IV.D.2.a.iii. below, the Commission anticipates that an Attorney would 
spend substantially more time than previously estimated to draft the 
NMS plan.
(iv) Compliance Manager
    The Commission is increasing its Compliance Manager hour estimate 
from 100 hours to 300 hours per SRO. As discussed in more detail below 
in Section IV.D.2.a.iv., the Commission anticipates that a Compliance 
Manager would spend substantially more time than previously estimated 
to draft the NMS plan.
4. Consideration of Burden on Competition and Promotion of Efficiency, 
Competition, and Capital Formation
    Section 3(f) of the Exchange Act requires the Commission, whenever 
it engages in rulemaking and is required to consider or determine 
whether an action is necessary or appropriate in the public interest, 
to also consider, in addition to the protection of investors, whether 
the action would promote efficiency, competition, and capital 
formation. Further, Section 23(a)(2) of the Exchange Act requires the 
Commission, when making rules under the Exchange Act, to consider the 
impact such rules would have on competition. Section 23(a)(2) prohibits 
the Commission from adopting any rule that would impose a burden on 
competition not necessary or appropriate in furtherance of the purposes 
of the Exchange Act.
    The Commission has focused its economic analysis in this Release on 
the requirement that the SROs develop an NMS plan, rather than on the 
actual creation, implementation, and maintenance of a consolidated 
audit trail itself, and is deferring its economic analysis of the 
actual creation, implementation, and maintenance of a consolidated 
audit trail itself until such time as it may approve the NMS plan 
submitted to the Commission for its consideration. The Commission's 
consideration of the Rule's impact on efficiency, competition, and 
capital formation is consistent with this approach. Because the Rule 
focuses only on the process and the requirement of the development of 
an NMS plan, the Commission believes that the adopted Rule will have 
minimal, if any, impact on efficiency, competition, and capital 
formation.
    The Commission regards the adopted Rule as only a step in the 
multi-step process of developing and approving an NMS plan that will 
govern the creation, implementation, and maintenance of a consolidated 
audit trail and the Commission recognizes that the creation, 
implementation, and maintenance of a consolidated audit trail itself 
could potentially have effects on efficiency, competition, and capital 
formation. Therefore, Rule 613(a)(5) specifically provides that the 
Commission will consider the impact of the NMS plan submitted to the 
Commission for its consideration on efficiency, competition, and 
capital formation in determining whether to approve the plan or any 
amendment thereto. A complete consideration of the impact of the NMS 
plan, or any amendment thereto, on efficiency,

[[Page 45803]]

competition, and capital formation, however, requires information that 
will not be known until the SROs submit their NMS plan or any amendment 
thereto. Accordingly, the Commission is deferring this analysis until 
such time as it may approve the NMS plan, or any amendment thereto, 
submitted by the SROs. To facilitate the consideration of such possible 
impacts, the Rule requires SROs to provide their own analysis of the 
plan's potential impact on efficiency, competition, and capital 
formation.

D. Implementation of Rule 613 After Approval of the NMS Plan

    Proposed Rule 613(a)(3) sets forth a timetable for the 
implementation of the consolidated audit trail once the Commission has 
approved an NMS plan. The Commission proposed that the data collection 
and submission requirements would have applied first to the national 
securities exchanges and FINRA, and then to their individual 
members.\880\ Specifically, proposed Rule 613(a)(3)(iii) would have 
required the plan sponsors to provide to the central repository the 
data to be required by the Rule within one year after effectiveness of 
the NMS plan. Members of the exchanges and FINRA would have been 
required to begin providing to the central repository the data required 
by the proposed Rule two years after the effectiveness of the NMS 
plan.\881\ This phased approach was intended to allow members 
additional time to implement the systems changes necessary to begin 
providing the information to the central repository, including 
developing procedures to capture any new information required, such as 
the unique customer and order identifiers.
---------------------------------------------------------------------------

    \880\ See proposed Rule 613(a)(3)(iii).
    \881\ See proposed Rule 613(a)(3)(v).
---------------------------------------------------------------------------

    Additionally, proposed Rule 613(g)(1) would have required each SRO 
to file a proposed rule change with the Commission on or before 120 
days from approval of Rule 613 to require its members to comply with 
Rule 613. Further, proposed Rule 613(i) would have required the plan 
sponsors to jointly provide to the Commission, within two months after 
effectiveness of the NMS plan, a document outlining how the plan 
sponsors would propose to incorporate into the consolidated audit trail 
information with respect to equity securities that are not NMS 
securities, debt securities, primary market transactions in NMS stocks, 
primary market transactions in equity securities that are not NMS 
securities, and primary market transactions in debt securities, 
including details for each order and reportable event that would be 
required to be provided, which market participants would be required to 
provide the data, an implementation timeline, and a cost estimate.
    Although one commenter agreed that the consolidated audit trail 
could be implemented according to the timeline originally 
proposed,\882\ and another urged the Commission to expedite 
implementation of Rule 613,\883\ several commenters stated that more 
time would be necessary to develop and implement the NMS plan.\884\ 
Many commenters suggested extended timelines for various aspects of the 
consolidated audit trail.\885\ Two commenters, however, argued that the 
timetable for implementation should be shortened,\886\ and one of the 
commenters suggested that the Commission use existing infrastructure, 
naming OATS as an example, as the basis of the audit trail to save 
implementation time.\887\ Another commenter requested that the 
Commission move the deadline for submission of the joint document from 
the SROs outlining a proposal of how an expansion could occur from two 
months, as proposed, to one year after approval of the NMS plan, to 
allow time to choose a technology provider and build the infrastructure 
of the system, stating that ``[i]t would be far better to develop the 
design for the initial products and leverage this knowledge to later 
phases.'' \888\
---------------------------------------------------------------------------

    \882\ See Nasdaq Letter I, p. 3.
    \883\ See Bean Letter, p. 1.
    \884\ See FINRA/NYSE Euronext Letter, p. 8; FINRA Letter, p. 15; 
Scottrade Letter, p. 1; CBOE Letter, p. 7; FIF Letter, p. 8; FIF 
Letter II, p. 2-3; STA Letter, p. 2-3; Nasdaq Letter I, p. 6-7; 
Wells Fargo Letter, p. 2-3; Direct Edge Letter, p. 2-3.
    \885\ See CBOE Letter, p. 6; Thomson Reuters Letter, p. 3; 
Liquidnet Letter, p. 2-3, 9; Ameritrade Letter, p. 3; Nasdaq Letter 
I, p. 7-9; Scottrade Letter, p. 1; SIFMA Letter, p. 13. See also FIF 
Letter, p. 8; FIF Letter II, p. 2-3; STA Letter, p. 2-3; Wells Fargo 
Letter, p. 2-3; FINRA/NYSE Euronext Letter, p. 8; FINRA Letter, p. 
15.
    \886\ See Kaufman Letter, Attachment p. 1; Schumer Letter, p. 1.
    \887\ See Schumer Letter, p. 1.
    \888\ See Nasdaq Letter I, p. 7.
---------------------------------------------------------------------------

    The Commission also received two comment letters recommending that 
the Rule contain an exemption to accommodate the business model of 
small broker-dealers.\889\
---------------------------------------------------------------------------

    \889\ See FINRA Proposal Letter, p. 5-6; and Wachtel Letter, p. 
1.
---------------------------------------------------------------------------

    After considering the comments regarding the proposed timeline for 
implementation of the Rule, the Commission is adopting Rule 613 with 
changes to the proposed Rule. First, the Commission is adopting a 
deadline of 60 days from effectiveness of the NMS plan (rather than 120 
days from approval of the Rule, as originally proposed) by when each 
SRO must file with the Commission proposed rule changes to require its 
members to comply with the requirements of the Rule and the adopted NMS 
plan,\890\ so that SROs can sequence their efforts by acting first on 
developing the NMS plan to be submitted to the Commission for its 
consideration, and then on proposed rules requiring compliance by their 
members. Second, in response to the commenter that advocated extending 
the deadline for the plan sponsors for submission of the joint document 
outlining how an expansion could occur from two months, as proposed, to 
one year after effectiveness of the approved NMS plan, the Commission 
is modifying the proposed Rule so that the document will be due to the 
Commission within six months (rather than two months as proposed) after 
the approval of the NMS plan. The Commission believes that this 
additional four months will provide the time necessary after the 
submission of the NMS plan to the Commission for the SROs to plan how 
to expand the consolidated audit trail to capture orders and trading in 
these additional securities.\891\
---------------------------------------------------------------------------

    \890\ See Rule 613(g)(1).
    \891\ The Commission notes that the SROs could begin drafting 
the document even before an NMS plan is approved by the Commission.
---------------------------------------------------------------------------

    The Commission has considered the comment letters that requested an 
exemption from the proposed Rule for small broker-dealers,\892\ but, as 
discussed above,\893\ does not believe that it is appropriate to 
completely exempt smaller broker-dealers from the requirements of the 
consolidated audit trail. While the Commission does not believe that it 
is appropriate to completely exempt smaller broker-dealers from the 
Rule, the Commission, in response to commenters' concerns regarding the 
potential difficulties for small broker-dealers, is modifying the time 
by when the NMS plan may require small broker-dealers to comply with 
Rule 613. The Commission is permitting the SROs in the NMS plan to 
allow small broker-dealers up to three years after effectiveness, 
rather than two years as proposed, to begin reporting data to the 
central repository in recognition that some of these firms may still be 
handling orders manually and thus will need additional time to upgrade 
to an electronic method.\894\

[[Page 45804]]

Additionally, because many of these broker-dealers may have limited 
resources, the Commission encourages plan sponsors to propose in the 
NMS plan a requirement that small broker-dealers report data to the 
central repository within three years after effectiveness of the NMS 
plan, as the Commission believes that providing small broker-dealers a 
longer implementation time should assist such broker-dealers in 
identifying the most cost-effective and the most efficient manner in 
which to procure third-party software or make any systems modifications 
or other changes to comply with Rule 613.
---------------------------------------------------------------------------

    \892\ See FINRA Proposal Letter, p. 5-6; Wachtel Letter, p. 1.
    \893\ See Section III.B.1.c., supra.
    \894\ See Rule 613(a)(3)(vi); see also Rule 613(a)(3)(v).
---------------------------------------------------------------------------

    Rule 613(a)(3)(vi) uses the definition of ``small broker-dealer'' 
contained in Exchange Act Rule 0-10: ``Small entities under the 
Securities Exchange Act for purposes of the Regulatory Flexibility 
Act.'' \895\ Rule 0-10(c) defines a ``small broker-dealer'' as a broker 
or dealer that: (1) Had total capital (net worth plus subordinated 
liabilities) of less than $500,000 on the date in the prior fiscal year 
as of which its audited financial statements were prepared pursuant to 
240.17a5(d) or, if not required to file such statements, a broker or 
dealer that had total capital (net worth plus subordinated liabilities) 
of less than $500,000 on the last business day of the preceding fiscal 
year (or in the time that it has been in business, if shorter); and (2) 
is not affiliated with any person (other than a natural person) that is 
not a small business or small organization as defined in this 
section.\896\ The Commission believes that applying this definition is 
appropriate because it is an existing regulatory standard that is an 
indication of small entities for which regulators should be sensitive 
when imposing regulatory burdens.
---------------------------------------------------------------------------

    \895\ 17 CFR 240.0-10.
    \896\ 17 CFR 240.0-10(c).
---------------------------------------------------------------------------

    The Commission notes that not all of the timeframes for 
implementation are being revised.\897\ As discussed in Section 
III.B.1.f., above, the Commission has learned through the comment 
process that technology exists today to ``normalize'' information 
collected for the consolidated audit trail into a uniform electronic 
format, which will allow the required data to be captured and reported 
to the central repository more readily than the Commission originally 
anticipated. Accordingly, the Commission believes the remaining 
proposed implementation timeframes are reasonable and is adopting them 
as proposed.
---------------------------------------------------------------------------

    \897\ Pursuant to Rules 613(a)(3)(i) through (vi), the NMS plan 
must require the SROs to meet the following implementation 
deadlines: (1) Within two months after effectiveness of the national 
market system plan jointly (or under the governance structure 
described in the plan) select a person to be the plan processor; (2) 
within four months after effectiveness of the national market system 
plan synchronize their business clocks and require members of each 
such exchange and association to synchronize their business clocks 
in accordance with Rule 613(d); (3) within one year after 
effectiveness of the national market system plan provide to the 
central repository the data specified in Rule 613(c); (4) within 
fourteen months after effectiveness of the national market system 
plan implement a new or enhanced surveillance system(s) as required 
by Rule 613(f); (5) within two years after effectiveness of the NMS 
plan, require members of each such exchange and association (except 
those that qualify as small broker-dealers as defined in Sec.  
240.0-10(c)) to provide to the central repository the data specified 
in Rule 613(c); and (6) within three years after effectiveness of 
the national market system plan require members of each such 
exchange and association that qualify as small broker-dealers as 
defined in Sec.  240.0-10(c) to provide to the central repository 
the data specified in Rule 613(c).
---------------------------------------------------------------------------

IV. Paperwork Reduction Act

    Certain provisions of the Rule contain ``collection of information 
requirements'' within the meaning of the PRA. The Commission published 
notice requesting comment on the collection of information requirements 
in the Proposing Release and submitted the proposed collection to the 
Office of Management and Budget (``OMB'') for review in accordance with 
44 U.S.C. 3507 and 5 CFR 1320.11. An agency may not conduct or sponsor, 
and a person is not required to respond to, a collection of information 
unless it displays a currently valid OMB control number. The control 
number for Rule 613 is OMB Control No. 3235-0671 and the title of the 
new collection of information is ``Creation of a Consolidated Audit 
Trail Pursuant to Section 11A of the Securities Exchange Act of 1934 
and Rules thereunder.''
    This Release includes the Commission's estimates of the costs to 
create and file the NMS plan.\898\ As noted above, the Commission is 
deferring its economic analysis of the consolidated audit trail (other 
than with respect to the NMS plan) until after the NMS plan, including 
the detailed information and analysis, has been submitted by the SROs 
and there has been an opportunity for public comment.\899\ Similarly, 
the Commission is discussing below its estimates of the burden hours 
associated with the development and filing of the NMS plan but is 
deferring its discussion of the much more significant burden hours 
associated with the other paperwork requirements of the consolidated 
audit trail. The Commission also is deferring its discussion of the 
ongoing burden hours associated with the NMS plan because such ongoing 
burdens would only be incurred if the Commission approves the NMS plan. 
Instead, the Commission will defer these discussions until after the 
NMS plan, including the detailed information and analysis, has been 
submitted by the SROs and there has been an opportunity for public 
comment.
---------------------------------------------------------------------------

    \898\ See Section III.C.3., supra.
    \899\ See Rule 613(a)(5) (providing, in part, that the 
Commission ``shall consider the impact of the national market system 
plan on efficiency, competition, and capital formation''). See also 
Section I., supra.
---------------------------------------------------------------------------

A. Summary of Collection of Information Under Rule 613

    Rule 613 requires the SROs to develop and file an NMS plan to 
govern the creation, implementation, and maintenance of a consolidated 
audit trail and central repository for the collection of information 
for NMS securities.\900\ The NMS plan must require each SRO and its 
respective members to provide certain data to the central repository in 
compliance with Rule 613.\901\ The NMS plan also must include a 
discussion of specified considerations,\902\ and certain provisions 
related to administration and operation of the plan \903\ and the 
operation of the central repository.\904\

[[Page 45805]]

Further, the NMS plan is required to include certain provisions related 
to compliance by the SROs and their members with the requirements of 
the Rule and the NMS plan.\905\
---------------------------------------------------------------------------

    \900\ See Rule 613(a)(1).
    \901\ See Rule 613(c).
    \902\ See Rule 613(a)(1)(i) through (xii).
    \903\ For example, the NMS plan must include provisions: (1) To 
ensure fair representation of the plan sponsors; (2) for 
administration of the central repository, including selection of the 
plan processor; (3) addressing the requirements for admission of new 
plan sponsors and withdrawal of existing plan sponsors; (4) 
addressing the percentage of votes required by the plan sponsors to 
effectuate amendments to the plan; (5) addressing the manner in 
which the costs of operating the central repository would be 
allocated among the SROs that are sponsors of the plan, including a 
provision addressing the manner in which costs would be allocated to 
new sponsors to the plan; (6) requiring the appointment of a Chief 
Compliance Officer to regularly review the operation of the central 
repository to assure its continued effectiveness, and make any 
appropriate recommendations for enhancements to the nature of the 
information collected and the manner in which it is processed; and 
(7) including an enforcement mechanism to ensure that each SRO and 
member is collecting and providing to the central repository the 
information required. See Rule 613(b), 613(g)(4), and 613(h)(3).
    \904\ For example, the NMS plan must include a provision 
requiring the creation and maintenance by the plan processor of a 
method of access to the data stored in the central repository, that 
includes the ability to run searches and generate reports. See Rule 
613(e)(3). Additionally, the NMS plan is required to include 
policies and procedures, including standards, to be used by the plan 
processor to: (1) Ensure the security and confidentiality of all 
information submitted to the central repository; (2) ensure the 
timeliness, accuracy, integrity and completeness of the data 
provided to the central repository; (and (3) ensure the accuracy of 
the consolidation by the plan processor of the data provided to the 
central repository. See Rule 613(e)(4). The NMS plan also must 
include a provision requiring the plan sponsors to provide to the 
Commission, at least every two years after effectiveness of the 
national market system plan, a written assessment of the operation 
of the consolidated audit trail. See Rule 613(b)(6). The NMS plan is 
also required to include an Advisory Committee to advise the plan 
sponsors on the implementation, operation and administration of the 
central repository. See Rule 613(b)(7). Further, the NMS plan must 
specify a maximum error rate to be tolerated by the central 
repository for the data it collects, and processes for identifying 
and correcting errors in the data, for notifying the entities 
responsible for the reporting of the erroneous data, and for 
disciplining those who repeatedly report erroneous data. See Rule 
613(e)(6)(i) through(iv). The NMS plan must also specify as a time 
by which the corrected data will be available to regulators. See 
Rule 613(e)(6)(iv).
    \905\ The NMS plan must include: (1) A provision that makes each 
SRO that sponsors the plan responsible for enforcing compliance by 
its members with the provisions of the plan; and (2) mechanisms to 
ensure that plan sponsors and their members comply with the 
requirements of the plan. See Rules 613(g)(3), 613(g)(4), and 
613(h)(3).
---------------------------------------------------------------------------

    The Commission believes that requiring an NMS plan imposes a 
paperwork burden on the SROs associated with preparing and filing the 
joint NMS plan.

B. Use of Information

    The information contained in the NMS plan submitted to the 
Commission for its consideration will provide the Commission and the 
public with detailed information regarding how the consolidated audit 
trail will be created, implemented, and maintained in order for the 
Commission and the public to be able to carefully consider all aspects 
of the NMS plan. Further, the information contained in the NMS plan 
should facilitate an analysis of how well the NMS plan will allow 
regulators to effectively and efficiently carry out their 
responsibilities.

C. Respondents

    Rule 613 applies to the 16 national securities exchanges and to one 
national securities association (FINRA) currently registered with the 
Commission.\906\
---------------------------------------------------------------------------

    \906\ At the time the Proposing Release was published, there 
were 14 national securities exchanges. On August 13, 2010, the 
Commission granted the application of BATS-Y Exchange for 
registration as a national securities exchange. See Securities 
Exchange Act Release No. 62719, 75 FR 51295 (August 19, 2010). 
Additionally, on April 27, 2012, the Commission granted the 
application of BOX Options Exchange for registration as a national 
securities exchange. See Securities Exchange Act Release No. 66871, 
77 FR 26323 (May 3, 2012).
---------------------------------------------------------------------------

D. Total Annual Reporting and Recordkeeping Burden for the Creation and 
Filing of the NMS Plan

1. Preliminary Burden Hour Estimates from Proposing Release
    In the Proposing Release, the Commission estimated that each SRO, 
on average, would spend approximately 840 hours of legal, compliance, 
information technology, and business operations time to prepare and 
file the NMS plan. All together the SROs would spend an estimated 
12,600 hours.\907\ The Commission's 840 hour estimate included internal 
personnel time and external legal costs--400 Attorney hours, 100 
Compliance Manager hours, 220 Programmer Analyst hours, and 120 
Business Analyst hours. Commission staff also estimated that each SRO 
would outsource, on average, 50 hours of legal time to develop and 
draft the NMS plan, at an average hourly rate of $400, for a total 
external cost of $20,000 per SRO.\908\ All together, the SROs would 
spend an estimated $300,000 in external costs.\909\
---------------------------------------------------------------------------

    \907\ Commission staff estimated that each SRO would spend an 
aggregate one-time amount of (400 Attorney hours) + (100 Compliance 
Manager hours) + (220 Programmer Analyst hours) + (120 Business 
Analyst hours) x (15 SROs) = 12,600 burden hours to prepare and file 
the NMS plan.
    \908\ Based on industry sources, the Commission estimated that 
the hourly rate for outsourced legal services in the securities 
industry is $400 per hour.
    \909\ Commission staff estimated that the SROs would spend 
($20,000 per SRO) x (15 SROs) = $300,000 in external costs to 
develop and draft the NMS plan.
---------------------------------------------------------------------------

    In making these estimates, the Commission assumed that the burden 
hours necessary for preparing and filing the NMS plan pursuant to the 
proposed Rule would be comparable to the burden hours needed to create 
other existing NMS plans.\910\ The Commission's estimates included 
anticipated work hours for Programmer Analysts, Business Analysts, 
Attorneys and Compliance Managers. The Commission did not receive 
comments on any of these burden estimates.
---------------------------------------------------------------------------

    \910\ See Proposing Release, supra note 4, at 32596.
---------------------------------------------------------------------------

2. Revised Burden Hour Estimates
    As noted above, the Commission based its original estimates of SRO 
burden hours to prepare and file the NMS plan on the burden hours spent 
for existing NMS plans. The Commission, however, has modified the 
proposed Rule in several significant ways that differentiate the burden 
hours to prepare the NMS plan from all other existing NMS plans. These 
modifications require the SROs to expand the NMS plan in the following 
four ways: (1) Provide additional information and analysis to address 
the considerations that are set forth in Rule 613(a)(1); \911\ (2) 
include additional provisions that were not required by the proposed 
Rule relating to enforcement mechanisms,\912\ security and 
confidentiality,\913\ and the preparation of a document every two years 
that contains a retrospective assessment of the performance of the 
consolidated audit trail, as well as a plan to improve its performance; 
\914\ (3) address error rates; \915\ and (4) provide for the creation 
of an Advisory Committee.\916\
---------------------------------------------------------------------------

    \911\ See Rule 613(a)(1)(i) through (xii); Section III.C.2.a., 
supra.
    \912\ See Rule 613(h)(3); Section III.B.3.a.1., supra.
    \913\ See, e.g., Rule 613(e)(4)(i)(A) through (D). For example, 
Rule 613(e)(4)(i)(A) requires that the NMS plan require that all 
plan sponsors and their employees, as well as all employees of the 
central repository, agree to use appropriate safeguards to ensure 
the confidentiality of such data and not use such data for purposes 
other than surveillance or regulatory purposes. Additionally, Rule 
613(e)(4)(i)(B) requires the NMS plan to require that each SRO adopt 
and enforce rules that: (1) Require information barriers between 
regulatory staff and non-regulatory staff with regard to access and 
use of data in the central repository and (2) permit only persons 
designated by plan sponsors to have access to the data in the 
central repository. See Section III.B.2.e., supra.
    \914\ See Rule 613(b)(6)(i) through (iv). See Section 
III.B.3.b., supra.
    \915\ See Rule 613(e)(6)(i) through (ii). See Section 
III.B.2.c., supra. See Rule 613(e)(6)(iii) through (iv).
    \916\ See Rule 613(b)(7).
---------------------------------------------------------------------------

a. Revised Initial Burden Hours Needed To Prepare and File the NMS Plan
    In light of these modifications to the proposed Rule, the 
Commission is increasing substantially its estimated burden hours 
needed for the development and filing of the NMS plan. The Commission 
also is adjusting its preliminary burden hour estimates for the 
preparation and filing of an NMS plan to reflect the registration of 
two additional SROs after it issued the preliminary estimates.\917\ The 
Commission now estimates that the aggregate one-time burden hour amount 
for preparing and filing an NMS plan would be approximately 2,760 
burden hours with $20,000 in external costs per SRO,\918\ or 
approximately 46,920 burden hours and $340,000 in external costs in the 
aggregate,\919\ compared to an

[[Page 45806]]

initial estimate of 840 burden hours per SRO with $20,000 in external 
costs, or approximately 12,600 burden hours in the aggregate and 
$300,000 in external costs, to prepare and file an NMS plan.\920\
---------------------------------------------------------------------------

    \917\ See note 906, supra.
    \918\ Commission staff estimates that each SRO would spend an 
aggregate one-time amount of (700 Attorney hours) + (300 Compliance 
Manager hours) + (880 Programmer Analyst hours) + (880 Business 
Analyst hours) = 2,760 burden hours per SRO to prepare and file an 
NMS plan. In addition, Commission staff estimates that each SRO 
would incur a one-time external cost of (50 legal hours x $400 per 
hour) = $20,000.
    \919\ Commission staff estimates that the SROs would incur an 
aggregate one-time amount of (2,760 burden hours per SRO) x (17 
SROs) = 46,920 burden hours to prepare and file an NMS plan. 
Commission staff estimates that ($20,000 per SRO) x (17 SROs) = 
$340,000 in external costs to prepare and file the NMS plan.
    \920\ See Proposing Release, supra note 4, at 32596.
---------------------------------------------------------------------------

    The Commission believes that these revised estimates, which include 
internal SRO personnel time and external legal costs, are appropriate 
based on the Commission's analysis, set forth below, of the impact of 
the modifications to the proposed Rule on each of the job categories 
underlying the estimates. The Commission believes that the 
modifications to the proposed Rule will require SRO Programmer 
Analysts, Business Analysts, Attorneys, and Compliance Managers to 
expend additional time to address the requirements of the Rule. As 
discussed in more detail below, the Commission anticipates that the 
SROs will spend additional time on many activities, including: (1) 
Research; (2) discussions with members, committees and with industry 
associations; (3) vendor negotiations; (4) making decisions regarding 
the various options and increased flexibility provided by the adopted 
Rule; \921\ (5) reviewing alternative NMS plans; (6) choosing between 
alternative plans and negotiating to reach a consensus on a single NMS 
plan; (7) providing a detailed estimate of the costs associated with 
that NMS plan; and (8) drafting the NMS plan. The Commission also 
believes that these increased estimates are appropriate in light of the 
comments, including the comment that asserted that the Commission 
underestimated the time the SROs would spend on the business analyses 
to be performed in designing the NMS plan, based on the experience of 
broker-dealers, vendors and SROs when OATS was expanded to all NMS 
stocks.\922\ In response, as discussed in more detail below, the 
Commission is increasing its estimated Programmer Analyst, Business 
Analyst, Attorney and Compliance Manager hours.
---------------------------------------------------------------------------

    \921\ See Section I., supra.
    \922\ See FIF Letter II, p. 2-3. See also STA Letter, p. 2-3.
---------------------------------------------------------------------------

    The Commission notes that these revised average hourly and cost 
estimates per SRO for creating and filing the NMS plan likely 
overestimated the costs for some of SROs and underestimated the costs 
for other SROs. The Commission also believes that certain SROs, 
particularly those SROs under the same holding company, may decide to 
collaborate and realize some cost savings on a per SRO basis. On 
balance, however, the Commission believes that, these revised hours and 
cost estimates are reasonable on average even if they may not be 
precise for any specific SRO.
(i) Programmer Analyst
    The Commission is increasing its estimates for the hours a 
Programmer Analyst would likely spend with respect to the preparation 
and filing of the NMS plan from 220 hours, as originally estimated, to 
880 hours per SRO. The Commission anticipates that a Programmer Analyst 
would need to spend substantially more time to address the 
considerations included in the Rule and the ``use cases.'' 
Specifically, the SROs will need to rely on Programmer Analysts to help 
address many of the considerations, as many of those are of a technical 
nature. For example, several of the considerations relate to the 
specific features and details of the NMS plan. Programmer Analysts 
likely will be consulted when the SROs are considering the specific 
features and details of the NMS plan. The Programmer Analysts likely 
will provide guidance and information regarding whether a particular 
feature or detail is technologically possible. The SROs also likely 
will consult Programmer Analysts when drafting the additional 
provisions required by the Rule. For example, in drafting the security 
and confidentiality provisions, Programmer Analysts, who may have 
knowledge about the information security practices and issues, may be 
consulted to provide input on a draft provisions in light of 
technologies with respect to security and confidentiality. Programmer 
Analysts also may be consulted with respect to addressing errors rates 
because such analysts may have a technical understanding of trading and 
reporting systems and be able to provide recommendations on how errors 
that are introduced can be addressed. In each of these instances, 
Programmer Analysts may be involved in the NMS plan research, any 
industry discussions, negotiations with vendors and SROs, and in 
developing cost estimates for the consolidated audit trail. Thus, for 
these reasons, the Commission believes it appropriate to increase its 
estimate of the number of hours expended by Programmer Analysts in the 
creation and filing of the NMS plan.
(ii) Business Analyst
    The Commission is increasing its estimates for the hours a Business 
Analyst would likely spend with respect to the preparation and filing 
of an NMS plan from 360 hours per SRO, as originally estimated, to 880 
hours per SRO. The Commission anticipates that a Business Analyst would 
spend substantially more time to address the considerations and the 
``use cases.'' Overall, the Commission anticipates that this amount of 
additional time will be comparable to the additional time that would 
likely be spent by Programmer Analysts for the same reasons because 
Business Analysts will likely be involved in many of the same tasks as 
Programmer Analysts, albeit with separate responsibilities. The SROs 
will need to rely on Business Analysts to help address many technical 
considerations that have relevance to the business and operations of 
SROs. The Commission also believes that the SROs will need to rely on 
Business Analysts to work with the Programmer Analysts and the 
Compliance Managers to analyze the business impact of particular 
features and details of the NMS plan. Because Rule 613 is less 
prescriptive than the proposed Rule, Business Analysts may have a 
larger role in helping to determine which option the NMS plan will 
propose. Business Analysts also will likely be involved in determining 
the cost estimates and in analyzing the NMS plan's impact on 
efficiency, competition, and capital formation. The SROs also likely 
will consult with Business Analysts when drafting the responses to the 
considerations and the ``use cases,'' as well as the additional 
provisions required by the Rule. For example, the SROs likely will 
consult with Business Analysts on the feasibility, benefits, and costs 
of any technological upgrades that may be required in order to provide 
the allocation information described in Rule 613(a)(1)(vi). Further, in 
drafting the security and confidentiality provisions, Business Analysts 
may have knowledge about the costs and the business risks of certain 
security and confidentiality decisions. Business Analysts also may be 
consulted with respect to addressing error rates because any decisions 
made may impact business operations and the cost estimates. Further, 
Business Analysts may likely be consulted by Attorneys with respect to 
the performance assessment and improvement plan. In each of these 
instances, Business Analysts may be involved in the NMS plan research, 
any industry discussions (particularly with members and other SROs), 
negotiations with vendors and SROs, and in developing cost estimates 
for the

[[Page 45807]]

consolidated audit trail. Thus, for these reasons, the Commission 
believes it is appropriate to increase its estimate of the number of 
hours expended by Business Analysts in the creation and filing of the 
NMS plan.
(iii) Attorney
    The Commission is increasing its Attorney hour estimates from 400 
hours to 700 hours per SRO. The Commission now anticipates that an 
Attorney would spend substantially more time than the Commission had 
previously estimated to draft the NMS plan. The NMS plan that Attorneys 
would draft must now include a discussion of the considerations and the 
additional provisions required by the Rule, and must reflect additional 
consultations with Programmer Analysts, Business Analysts and 
Compliance Managers. Further, the NMS plan drafted also would likely 
reflect additional consultation on the ``use cases.'' The NMS plan 
proposal would also likely require Attorney work on the Advisory 
Committee requirement and on the NMS plan policies and procedures to be 
used by the plan processor \923\ to ensure the security and 
confidentiality and accuracy of the information submitted to the 
central repository.\924\ Attorney work would also be required on the 
mechanism to enforce compliance by plan sponsors with the NMS plan, as 
required by Rule 613(h)(3), including penalty provisions, if the plan 
sponsors deem appropriate. The Commission believes that an Attorney 
would also be involved in the NMS plan research, any industry 
discussions, negotiations with vendors, negotiations with SROs (in 
particular, to reach consensus on an NMS plan), and in developing cost 
estimates for the consolidated audit trail. Thus, for these reasons, 
the Commission believes it appropriate to increase its estimate of the 
number of hours expended by Attorneys in the creation and filing of the 
NMS plan.
---------------------------------------------------------------------------

    \923\ See Rule 613(e)(4). The Commission believes that an 
outline or overview description of the policies and procedures, 
including standards, to be used by the plan processor that would be 
implemented under the NMS plan submitted to the Commission for its 
consideration would be sufficient to satisfy the requirement of the 
Rule. The Commission believes it is important for the NMS plan to 
establish the fundamental framework of these policies and 
procedures, but recognizes the utility of allowing the plan sponsors 
flexibility to subsequently delineate them in greater detail with 
the ability to make modifications as needed. See Section III.B.2.e., 
supra.
    \924\ See Rule 613(e)(4)(i)(A) through (D).
---------------------------------------------------------------------------

(iv) Compliance Manager
    The Commission is increasing its Compliance Manager hour estimates 
from 100 hours to 300 hours per SRO. The Commission now anticipates 
that a Compliance Manager would spend substantially more time than the 
Commission had previously estimated to draft the NMS plan. Compliance 
Managers likely will help shape provisions of the NMS plan that deal 
with monitoring member and SRO compliance with the NMS plan's 
requirements. Compliance Managers likely will also be involved in the 
Advisory Committee requirement. They likely will also work on NMS plan 
policies and procedures to be used by the plan processor to ensure the 
security and confidentiality and accuracy of the information submitted 
to the central repository, and to ensure that these policies and 
procedures are feasible for SRO compliance and for member 
compliance.\925\ They will likely also work on the mechanism to enforce 
compliance by plan sponsors with the NMS plan, as required by Rule 
613(h)(3), including penalty provisions, if the plan sponsors deem 
appropriate. Further, Compliance Managers will also work on NMS plan 
provisions that address error rates and performance assessment and 
improvement. The Commission believes that Compliance Managers may also 
be involved in the NMS plan research and industry discussions 
(particularly with regard to SRO and member compliance issues). Thus, 
for these reasons, the Commission believes it is appropriate to 
increase its estimate of the number of hours expended by Compliance 
Managers in the creation and filing of the NMS plan.
---------------------------------------------------------------------------

    \925\ See Rule 613(e)(4)(i)(A) through (D).
---------------------------------------------------------------------------

E. Collection of Information Is Mandatory

    The collection of information discussed above is a mandatory 
collection of information.

F. Confidentiality

    The Rule requires that the data to be recorded and reported to the 
central repository will only be available to the SROs and the 
Commission for the purpose of performing their respective regulatory 
and oversight responsibilities pursuant to the federal securities laws, 
rules, and regulations.\926\ Further, the NMS plan submitted to the 
Commission for its consideration pursuant to the adopted Rule is 
required to include policies and procedures to ensure the security and 
confidentiality of all information submitted to the central repository, 
and to ensure that all plan sponsors and their employees, as well as 
all employees of the central repository, use appropriate safeguards to 
ensure the confidentiality of such data and shall agree not to use such 
data for any purpose other than surveillance and regulatory 
purposes.\927\
---------------------------------------------------------------------------

    \926\ See Rule 613(e)(2).
    \927\ See proposed Rule 613(e)(4)(i).
---------------------------------------------------------------------------

G. Retention Period of Recordkeeping Requirements

    The SROs are required to retain records and information pursuant to 
Rule 17a-1 under the Exchange Act.\928\ Members are required to retain 
records and information in accordance with Rule 17a-4 under the 
Exchange Act.\929\
---------------------------------------------------------------------------

    \928\ 17 CFR 240.17a-1.
    \929\ 17 CFR 240.17a-4.
---------------------------------------------------------------------------

V. Regulatory Flexibility Act Certification

    The Regulatory Flexibility Act (``RFA'') \930\ requires Federal 
agencies, in promulgating rules, to consider the impact of those rules 
on small entities. Section 603(a) of the Administrative Procedure Act, 
as amended by RFA, generally requires the Commission to undertake a 
regulatory flexibility analysis of all proposed rules, or proposed rule 
amendments, to determine the impact of such rulemaking on ``small 
entities.'' \931\ Rule 605(b) of the RFA states that this requirement 
shall not apply to any proposed rule or proposed rule amendment, which 
if adopted, would not ``have a significant economic impact on a 
substantial number of small entities.''\932\
---------------------------------------------------------------------------

    \930\ 5 U.S.C. 601 et seq.
    \931\ Although Section 601(6) of the RFA defines the term 
``small entity,'' the statute permits agencies to formulate their 
own definitions. The Commission has adopted definitions for the term 
``small entity'' for the purposes of Commission rulemaking in 
accordance with the RFA. Those definitions, as relevant to this 
rulemaking, are set forth in Rule 0-10, 17 CFR 240.0-10. See 
Securities Exchange Act Release No. 18451 (January 28, 1982), 47 FR 
5215 (February 4, 1982) (File No. AS-305).
    \932\ 5 U.S.C. 605(b).
---------------------------------------------------------------------------

    In the Proposing Release, the Commission requested comment on 
whether proposed Rule 613 would have a significant economic impact on a 
substantial number of small entities, and, if so, what would be the 
nature of any impact on small entities.\933\ The Commission also 
requested that commenters provide empirical data to support the extent 
of such impact.\934\ The Commission received two comments on the 
general anticipated effect of the proposed Rule on small-broker 
dealers; FINRA and a small broker-dealer that solely handles orders 
manually requested that an exemption from the proposed Rule be adopted 
to accommodate the business model of

[[Page 45808]]

small broker-dealers.\935\ In response to the commenters, the 
Commission amended the Rule as proposed to provide additional time for 
small broker-dealers to comply with the reporting requirements of Rule 
613.\936\ The Commission notes that none of the comment letters 
received specifically responded to the Commission's initial regulatory 
flexibility analysis.
---------------------------------------------------------------------------

    \933\ See Proposing Release, supra note 4, at 32607.
    \934\ Id.
    \935\ See FINRA Proposal Letter, p. 5-6 and Wachtel Letter, p. 
1.
    \936\ See Rule 613(a)(3)(vi).
---------------------------------------------------------------------------

    As proposed and as adopted, Rule 613 requires the SROs to file an 
NMS plan to create, implement, and maintain the consolidated audit 
trail. In response to commenters and as discussed in this release, the 
Commission has modified the proposed Rule to provide the SROs with a 
range of options and greater flexibility for how they choose to meet 
the requirements of the Rule. As a result, the Commission will not know 
the specific requirements of the NMS plan until it is filed with the 
Commission, and cannot analyze how the NMS plan will impact small 
entities until then. At this time, there are no small entities 
``subject to the requirements'' of Rule 613.\937\
---------------------------------------------------------------------------

    \937\ Section 604(a)(4) of the RFA.
---------------------------------------------------------------------------

    However, because Rule 613 requires that the national securities 
exchanges and national securities associations (i.e., FINRA) file an 
NMS plan with the Commission, for purposes of the RFA, the Commission 
is undertaking an analysis of how the NMS plan filing requirement will 
impact the exchanges and FINRA to ascertain whether the exchanges and 
FINRA are ``small businesses.'' Paragraph (e) of Rule 0-10 provides 
that for the purposes of the RFA, an exchange is considered a ``small 
business'' if it has been exempted from the reporting requirements of 
Rule 601 of Regulation NMS,\938\ and is not affiliated with any person 
(other than a natural person) that is not a small business or small 
organization as defined in Rule 0-10. Under this standard, none of the 
national securities exchanges subject to Rule 613 is a ``small 
business'' for purposes of the RFA. In addition, FINRA is not a small 
entity as defined in Rule 0-10.\939\ Therefore, the Commission believes 
that Rule 613, which requires that the SROs file an NMS plan with the 
Commission to create, implement, and maintain the consolidated audit 
trail, will not have a significant economic impact on a substantial 
number of small entities because this requirement will only apply to 
the existing national securities exchanges and national securities 
associations, which do not qualify as small entities pursuant to the 
RFA.
---------------------------------------------------------------------------

    \938\ 17 CFR 242.601.
    \939\ 13 CFR 121.201.
---------------------------------------------------------------------------

    For the foregoing reasons, the Commission hereby certifies that, 
pursuant to 5 U.S.C. 605(b), Rule 613 will not have a significant 
economic impact on a substantial number of small entities.

VI. Statutory Authority

    Pursuant to the Exchange Act and particularly, Sections 2, 3(b), 5, 
6, 11A, 15, 15A, 17(a) and (b), 19, and 23(a) thereof, 15 U.S.C. 78b, 
78c(b), 78e, 78f, 78k-1, 78o, 78o-3, 78q(a) and (b), 78s and 78w(a), 
the Commission is adopting Rule 613 of Regulation NMS, as set forth 
below.

Text of Rule

List of Subjects in 17 CFR Part 242

    Brokers, Reporting and recordkeeping requirements, Securities.

    In accordance with the foregoing, Title 17, Chapter II, of the Code 
of Federal Regulations is amended as follows.

PART 242--REGULATIONS M, SHO, ATS, AC, AND NMS AND CUSTOMER MARGIN 
REQUIREMENTS FOR SECURITY FUTURES

0
1. The authority citation for part 242 continues to read as follows:

    Authority:  15 U.S.C. 77g, 77q(a), 77s(a), 78b, 78c, 78g(c)(2), 
78i(a), 78j, 78k-1(c), 78l, 78m, 78n, 78o(b), 78o(c), 78o(g), 
78q(a), 78q(b), 78q(h), 78w(a), 78dd-1, 78mm, 80a-23, 80a-29, and 
80a-37.


0
2. Add Sec.  242.613 to read as follows:


Sec.  242.613  Consolidated audit trail.

    (a) Creation of a national market system plan governing a 
consolidated audit trail.
    (1) Each national securities exchange and national securities 
association shall jointly file on or before 270 days from the date of 
publication of the Adopting Release in the Federal Register a national 
market system plan to govern the creation, implementation, and 
maintenance of a consolidated audit trail and central repository as 
required by this section. The national market system plan shall discuss 
the following considerations:
    (i) The method(s) by which data will be reported to the central 
repository including, but not limited to, the sources of such data and 
the manner in which the central repository will receive, extract, 
transform, load, and retain such data; and the basis for selecting such 
method(s);
    (ii) The time and method by which the data in the central 
repository will be made available to regulators, in accordance with 
paragraph (e)(1) of this section, to perform surveillance or analyses, 
or for other purposes as part of their regulatory and oversight 
responsibilities;
    (iii) The reliability and accuracy of the data reported to and 
maintained by the central repository throughout its lifecycle, 
including transmission and receipt from market participants; data 
extraction, transformation and loading at the central repository; data 
maintenance and management at the central repository; and data access 
by regulators;
    (iv) The security and confidentiality of the information reported 
to the central repository;
    (v) The flexibility and scalability of the systems used by the 
central repository to collect, consolidate and store consolidated audit 
trail data, including the capacity of the consolidated audit trail to 
efficiently incorporate, in a cost-effective manner, improvements in 
technology, additional capacity, additional order data, information 
about additional securities or transactions, changes in regulatory 
requirements, and other developments;
    (vi) The feasibility, benefits, and costs of broker-dealers 
reporting to the consolidated audit trail in a timely manner:
    (A) The identity of all market participants (including broker-
dealers and customers) that are allocated NMS securities, directly or 
indirectly, in a primary market transaction;
    (B) The number of such securities each such market participant is 
allocated; and
    (C) The identity of the broker-dealer making each such allocation;
    (vii) The detailed estimated costs for creating, implementing, and 
maintaining the consolidated audit trail as contemplated by the 
national market system plan, which estimated costs should specify:
    (A) An estimate of the costs to the plan sponsors for establishing 
and maintaining the central repository;
    (B) An estimate of the costs to members of the plan sponsors, 
initially and on an ongoing basis, for reporting the data required by 
the national market system plan;
    (C) An estimate of the costs to the plan sponsors, initially and on 
an ongoing basis, for reporting the data required by the national 
market system plan; and
    (D) How the plan sponsors propose to fund the creation, 
implementation, and maintenance of the consolidated audit

[[Page 45809]]

trail, including the proposed allocation of such estimated costs among 
the plan sponsors, and between the plan sponsors and members of the 
plan sponsors;
    (viii) An analysis of the impact on competition, efficiency and 
capital formation of creating, implementing, and maintaining of the 
national market system plan;
    (ix) A plan to eliminate existing rules and systems (or components 
thereof) that will be rendered duplicative by the consolidated audit 
trail, including identification of such rules and systems (or 
components thereof); to the extent that any existing rules or systems 
related to monitoring quotes, orders, and executions provide 
information that is not rendered duplicative by the consolidated audit 
trail, an analysis of:
    (A) Whether the collection of such information remains appropriate;
    (B) If still appropriate, whether such information should continue 
to be separately collected or should instead be incorporated into the 
consolidated audit trail; and
    (C) If no longer appropriate, how the collection of such 
information could be efficiently terminated; the steps the plan 
sponsors propose to take to seek Commission approval for the 
elimination of such rules and systems (or components thereof); and a 
timetable for such elimination, including a description of how the plan 
sponsors propose to phase in the consolidated audit trail and phase out 
such existing rules and systems (or components thereof);
    (x) Objective milestones to assess progress toward the 
implementation of the national market system plan;
    (xi) The process by which the plan sponsors solicited views of 
their members and other appropriate parties regarding the creation, 
implementation, and maintenance of the consolidated audit trail, a 
summary of the views of such members and other parties, and how the 
plan sponsors took such views into account in preparing the national 
market system plan; and
    (xii) Any reasonable alternative approaches to creating, 
implementing, and maintaining a consolidated audit trail that the plan 
sponsors considered in developing the national market system plan 
including, but not limited to, a description of any such alternative 
approach; the relative advantages and disadvantages of each such 
alternative, including an assessment of the alternative's costs and 
benefits; and the basis upon which the plan sponsors selected the 
approach reflected in the national market system plan.
    (2) The national market system plan, or any amendment thereto, 
filed pursuant to this section shall comply with the requirements in 
Sec.  242.608(a), if applicable, and be filed with the Commission 
pursuant to Sec.  242.608.
    (3) The national market system plan submitted pursuant to this 
section shall require each national securities exchange and national 
securities association to:
    (i) Within two months after effectiveness of the national market 
system plan jointly (or under the governance structure described in the 
plan) select a person to be the plan processor;
    (ii) Within four months after effectiveness of the national market 
system plan synchronize their business clocks and require members of 
each such exchange and association to synchronize their business clocks 
in accordance with paragraph (d) of this section;
    (iii) Within one year after effectiveness of the national market 
system plan provide to the central repository the data specified in 
paragraph (c) of this section;
    (iv) Within fourteen months after effectiveness of the national 
market system plan implement a new or enhanced surveillance system(s) 
as required by paragraph (f) of this section;
    (v) Within two years after effectiveness of the national market 
system plan require members of each such exchange and association, 
except those members that qualify as small broker-dealers as defined in 
Sec.  240.0-10(c) of this chapter, to provide to the central repository 
the data specified in paragraph (c) of this section; and
    (vi) Within three years after effectiveness of the national market 
system plan require members of each such exchange and association that 
qualify as small broker-dealers as defined in Sec.  240.0-10(c) of this 
chapter to provide to the central repository the data specified in 
paragraph (c) of this section.
    (4) Each national securities exchange and national securities 
association shall be a sponsor of the national market system plan 
submitted pursuant to this section and approved by the Commission.
    (5) No national market system plan filed pursuant to this section, 
or any amendment thereto, shall become effective unless approved by the 
Commission or otherwise permitted in accordance with the procedures set 
forth in Sec.  242.608. In determining whether to approve the national 
market system plan, or any amendment thereto, and whether the national 
market system plan or any amendment thereto is in the public interest 
under Sec.  242.608(b)(2), the Commission shall consider the impact of 
the national market system plan or amendment, as applicable, on 
efficiency, competition, and capital formation.
    (b) Operation and administration of the national market system 
plan.
    (1) The national market system plan submitted pursuant to this 
section shall include a governance structure to ensure fair 
representation of the plan sponsors, and administration of the central 
repository, including the selection of the plan processor.
    (2) The national market system plan submitted pursuant to this 
section shall include a provision addressing the requirements for the 
admission of new sponsors of the plan and the withdrawal of existing 
sponsors from the plan.
    (3) The national market system plan submitted pursuant to this 
section shall include a provision addressing the percentage of votes 
required by the plan sponsors to effectuate amendments to the plan.
    (4) The national market system plan submitted pursuant to this 
section shall include a provision addressing the manner in which the 
costs of operating the central repository will be allocated among the 
national securities exchanges and national securities associations that 
are sponsors of the plan, including a provision addressing the manner 
in which costs will be allocated to new sponsors to the plan.
    (5) The national market system plan submitted pursuant to this 
section shall require the appointment of a Chief Compliance Officer to 
regularly review the operation of the central repository to assure its 
continued effectiveness in light of market and technological 
developments, and make any appropriate recommendations for enhancements 
to the nature of the information collected and the manner in which it 
is processed.
    (6) The national market system plan submitted pursuant to this 
section shall include a provision requiring the plan sponsors to 
provide to the Commission, at least every two years after effectiveness 
of the national market system plan, a written assessment of the 
operation of the consolidated audit trail. Such document shall include, 
at a minimum:
    (i) An evaluation of the performance of the consolidated audit 
trail including, at a minimum, with respect to data accuracy 
(consistent with paragraph (e)(6) of this section), timeliness of 
reporting, comprehensiveness of data elements, efficiency of regulatory 
access, system speed, system downtime,

[[Page 45810]]

system security (consistent with paragraph (e)(4) of this section), and 
other performance metrics to be determined by the Chief Compliance 
Officer, along with a description of such metrics;
    (ii) A detailed plan, based on such evaluation, for any potential 
improvements to the performance of the consolidated audit trail with 
respect to any of the following: improving data accuracy; shortening 
reporting timeframes; expanding data elements; adding granularity and 
details regarding the scope and nature of Customer-IDs; expanding the 
scope of the national market system plan to include new instruments and 
new types of trading and order activities; improving the efficiency of 
regulatory access; increasing system speed; reducing system downtime; 
and improving performance under other metrics to be determined by the 
Chief Compliance Officer;
    (iii) An estimate of the costs associated with any such potential 
improvements to the performance of the consolidated audit trail, 
including an assessment of the potential impact on competition, 
efficiency, and capital formation; and
    (iv) An estimated implementation timeline for any such potential 
improvements, if applicable.
    (7) The national market system plan submitted pursuant to this 
section shall include an Advisory Committee which shall function in 
accordance with the provisions set forth in this paragraph (b)(7). The 
purpose of the Advisory Committee shall be to advise the plan sponsors 
on the implementation, operation, and administration of the central 
repository.
    (i) The national market system plan submitted pursuant to this 
section shall set forth the term and composition of the Advisory 
Committee, which composition shall include representatives of the 
member firms of the plan sponsors.
    (ii) Members of the Advisory Committee shall have the right to 
attend any meetings of the plan sponsors, to receive information 
concerning the operation of the central repository, and to provide 
their views to the plan sponsors; provided, however, that the plan 
sponsors may meet without the Advisory Committee members in executive 
session if, by affirmative vote of a majority of the plan sponsors, the 
plan sponsors determine that such an executive session is required.
    (c) Data recording and reporting.
    (1) The national market system plan submitted pursuant to this 
section shall provide for an accurate, time-sequenced record of orders 
beginning with the receipt or origination of an order by a member of a 
national securities exchange or national securities association, and 
further documenting the life of the order through the process of 
routing, modification, cancellation, and execution (in whole or in 
part) of the order.
    (2) The national market system plan submitted pursuant to this 
section shall require each national securities exchange, national 
securities association, and member to report to the central repository 
the information required by paragraph (c)(7) of this section in a 
uniform electronic format, or in a manner that would allow the central 
repository to convert the data to a uniform electronic format, for 
consolidation and storage.
    (3) The national market system plan submitted pursuant to this 
section shall require each national securities exchange, national 
securities association, and member to record the information required 
by paragraphs (c)(7)(i) through (v) of this section contemporaneously 
with the reportable event. The national market system plan shall 
require that information recorded pursuant to paragraphs (c)(7)(i) 
through (v) of this section must be reported to the central repository 
by 8:00 a.m. Eastern Time on the trading day following the day such 
information has been recorded by the national securities exchange, 
national securities association, or member. The national market system 
plan may accommodate voluntary reporting prior to 8:00 a.m. Eastern 
Time, but shall not impose an earlier reporting deadline on the 
reporting parties.
    (4) The national market system plan submitted pursuant to this 
section shall require each member of a national securities exchange or 
national securities association to record and report to the central 
repository the information required by paragraphs (c)(7)(vi) through 
(viii) of this section by 8:00 a.m. Eastern Time on the trading day 
following the day the member receives such information. The national 
market system plan may accommodate voluntary reporting prior to 8:00 
a.m. Eastern Time, but shall not impose an earlier reporting deadline 
on the reporting parties.
    (5) The national market system plan submitted pursuant to this 
section shall require each national securities exchange and its members 
to record and report to the central repository the information required 
by paragraph (c)(7) of this section for each NMS security registered or 
listed for trading on such exchange or admitted to unlisted trading 
privileges on such exchange.
    (6) The national market system plan submitted pursuant to this 
section shall require each national securities association and its 
members to record and report to the central repository the information 
required by paragraph (c)(7) of this section for each NMS security for 
which transaction reports are required to be submitted to the 
association.
    (7) The national market system plan submitted pursuant to this 
section shall require each national securities exchange, national 
securities association, and any member of such exchange or association 
to record and electronically report to the central repository details 
for each order and each reportable event, including, but not limited 
to, the following information:
    (i) For original receipt or origination of an order:
    (A) Customer-ID(s) for each customer;
    (B) The CAT-Order-ID;
    (C) The CAT-Reporter-ID of the broker-dealer receiving or 
originating the order;
    (D) Date of order receipt or origination;
    (E) Time of order receipt or origination (using time stamps 
pursuant to paragraph (d)(3) of this section); and
    (F) Material terms of the order.
    (ii) For the routing of an order, the following information:
    (A) The CAT-Order-ID;
    (B) Date on which the order is routed;
    (C) Time at which the order is routed (using time stamps pursuant 
to paragraph (d)(3) of this section);
    (D) The CAT-Reporter-ID of the broker-dealer or national securities 
exchange routing the order;
    (E) The CAT-Reporter-ID of the broker-dealer, national securities 
exchange, or national securities association to which the order is 
being routed;
    (F) If routed internally at the broker-dealer, the identity and 
nature of the department or desk to which an order is routed; and
    (G) Material terms of the order.
    (iii) For the receipt of an order that has been routed, the 
following information:
    (A) The CAT-Order-ID;
    (B) Date on which the order is received;
    (C) Time at which the order is received (using time stamps pursuant 
to paragraph (d)(3) of this section);
    (D) The CAT-Reporter-ID of the broker-dealer, national securities 
exchange, or national securities association receiving the order;
    (E) The CAT-Reporter-ID of the broker-dealer or national securities 
exchange routing the order; and

[[Page 45811]]

    (F) Material terms of the order.
    (iv) If the order is modified or cancelled, the following 
information:
    (A) The CAT-Order-ID;
    (B) Date the modification or cancellation is received or 
originated;
    (C) Time the modification or cancellation is received or originated 
(using time stamps pursuant to paragraph (d)(3) of this section);
    (D) Price and remaining size of the order, if modified;
    (E) Other changes in material terms of the order, if modified; and
    (F) The CAT-Reporter-ID of the broker-dealer or Customer-ID of the 
person giving the modification or cancellation instruction.
    (v) If the order is executed, in whole or part, the following 
information:
    (A) The CAT-Order-ID;
    (B) Date of execution;
    (C) Time of execution (using time stamps pursuant to paragraph 
(d)(3) of this section);
    (D) Execution capacity (principal, agency, riskless principal);
    (E) Execution price and size;
    (F) The CAT-Reporter-ID of the national securities exchange or 
broker-dealer executing the order; and
    (G) Whether the execution was reported pursuant to an effective 
transaction reporting plan or the Plan for Reporting of Consolidated 
Options Last Sale Reports and Quotation Information.
    (vi) If the order is executed, in whole or part, the following 
information:
    (A) The account number for any subaccounts to which the execution 
is allocated (in whole or part);
    (B) The CAT-Reporter-ID of the clearing broker or prime broker, if 
applicable; and
    (C) The CAT-Order-ID of any contra-side order(s).
    (vii) If the trade is cancelled, a cancelled trade indicator.
    (viii) For original receipt or origination of an order, the 
following information:
    (A) Information of sufficient detail to identify the customer; and
    (B) Customer account information.
    (8) All plan sponsors and their members shall use the same 
Customer-ID and CAT-Reporter-ID for each customer and broker-dealer.
    (d) Clock synchronization and time stamps. The national market 
system plan submitted pursuant to this section shall require:
    (1) Each national securities exchange, national securities 
association, and member of such exchange or association to synchronize 
its business clocks that are used for the purposes of recording the 
date and time of any reportable event that must be reported pursuant to 
this section to the time maintained by the National Institute of 
Standards and Technology, consistent with industry standards;
    (2) Each national securities exchange and national securities 
association to evaluate annually the clock synchronization standard to 
determine whether it should be shortened, consistent with changes in 
industry standards; and
    (3) Each national securities exchange, national securities 
association, and member of such exchange or association to utilize the 
time stamps required by paragraph (c)(7) of this section, with at 
minimum the granularity set forth in the national market system plan 
submitted pursuant to this section, which shall reflect current 
industry standards and be at least to the millisecond. To the extent 
that the relevant order handling and execution systems of any national 
securities exchange, national securities association, or member of such 
exchange or association utilize time stamps in increments finer than 
the minimum required by the national market system plan, the plan shall 
require such national securities exchange, national securities 
association, or member to utilize time stamps in such finer increments 
when providing data to the central repository, so that all reportable 
events reported to the central repository by any national securities 
exchange, national securities association, or member can be accurately 
sequenced. The national market system plan shall require the sponsors 
of the national market system plan to annually evaluate whether 
industry standards have evolved such that the required time stamp 
standard should be in finer increments.
    (e) Central repository.
    (1) The national market system plan submitted pursuant to this 
section shall provide for the creation and maintenance of a central 
repository. Such central repository shall be responsible for the 
receipt, consolidation, and retention of all information reported 
pursuant to paragraph (c)(7) of this section. The central repository 
shall store and make available to regulators data in a uniform 
electronic format, and in a form in which all events pertaining to the 
same originating order are linked together in a manner that ensures 
timely and accurate retrieval of the information required by paragraph 
(c)(7) of this section for all reportable events for that order.
    (2) Each national securities exchange, national securities 
association, and the Commission shall have access to the central 
repository, including all systems operated by the central repository, 
and access to and use of the data reported to and consolidated by the 
central repository under paragraph (c) of this section, for the purpose 
of performing its respective regulatory and oversight responsibilities 
pursuant to the federal securities laws, rules, and regulations. The 
national market system plan submitted pursuant to this section shall 
provide that such access to and use of such data by each national 
securities exchange, national securities association, and the 
Commission for the purpose of performing its regulatory and oversight 
responsibilities pursuant to the federal securities laws, rules, and 
regulations shall not be limited.
    (3) The national market system plan submitted pursuant to this 
section shall include a provision requiring the creation and 
maintenance by the plan processor of a method of access to the 
consolidated data stored in the central repository that includes the 
ability to run searches and generate reports.
    (4) The national market system plan submitted pursuant to this 
section shall include policies and procedures, including standards, to 
be used by the plan processor to:
    (i) Ensure the security and confidentiality of all information 
reported to the central repository by requiring that:
    (A) All plan sponsors and their employees, as well as all employees 
of the central repository, agree to use appropriate safeguards to 
ensure the confidentiality of such data and agree not to use such data 
for any purpose other than surveillance and regulatory purposes, 
provided that nothing in this paragraph (e)(4)(i)(A) shall be construed 
to prevent a plan sponsor from using the data that it reports to the 
central repository for regulatory, surveillance, commercial, or other 
purposes as otherwise permitted by applicable law, rule, or regulation;
    (B) Each plan sponsor adopt and enforce rules that:
    (1) Require information barriers between regulatory staff and non-
regulatory staff with regard to access and use of data in the central 
repository; and
    (2) Permit only persons designated by plan sponsors to have access 
to the data in the central repository;
    (C) The plan processor:
    (1) Develop and maintain a comprehensive information security 
program for the central repository, with dedicated staff, that is 
subject to regular reviews by the Chief Compliance Officer;

[[Page 45812]]

    (2) Have a mechanism to confirm the identity of all persons 
permitted to access the data; and
    (3) Maintain a record of all instances where such persons access 
the data; and
    (D) The plan sponsors adopt penalties for non-compliance with any 
policies and procedures of the plan sponsors or central repository with 
respect to information security.
    (ii) Ensure the timeliness, accuracy, integrity, and completeness 
of the data provided to the central repository pursuant to paragraph 
(c) of this section; and
    (iii) Ensure the accuracy of the consolidation by the plan 
processor of the data provided to the central repository pursuant to 
paragraph (c) of this section.
    (5) The national market system plan submitted pursuant to this 
section shall address whether there will be an annual independent 
evaluation of the security of the central repository and:
    (i) If so, provide a description of the scope of such planned 
evaluation; and
    (ii) If not, provide a detailed explanation of the alternative 
measures for evaluating the security of the central repository that are 
planned instead.
    (6) The national market system plan submitted pursuant to this 
section shall:
    (i) Specify a maximum error rate to be tolerated by the central 
repository for any data reported pursuant to paragraphs (c)(3) and 
(c)(4) of this section; describe the basis for selecting such maximum 
error rate; explain how the plan sponsors will seek to reduce such 
maximum error rate over time; describe how the plan will seek to ensure 
compliance with such maximum error rate and, in the event of 
noncompliance, will promptly remedy the causes thereof;
    (ii) Require the central repository to measure the error rate each 
business day and promptly take appropriate remedial action, at a 
minimum, if the error rate exceeds the maximum error rate specified in 
the plan;
    (iii) Specify a process for identifying and correcting errors in 
the data reported to the central repository pursuant to paragraphs 
(c)(3) and (c)(4) of this section, including the process for notifying 
the national securities exchanges, national securities association, and 
members who reported erroneous data to the central repository of such 
errors, to help ensure that such errors are promptly corrected by the 
reporting entity, and for disciplining those who repeatedly report 
erroneous data; and
    (iv) Specify the time by which data that has been corrected will be 
made available to regulators.
    (7) The national market system plan submitted pursuant to this 
section shall require the central repository to collect and retain on a 
current and continuing basis and in a format compatible with the 
information consolidated and stored pursuant to paragraph (c)(7) of 
this section:
    (i) Information, including the size and quote condition, on the 
national best bid and national best offer for each NMS security;
    (ii) Transaction reports reported pursuant to an effective 
transaction reporting plan filed with the Commission pursuant to, and 
meeting the requirements of, Sec.  242.601; and
    (iii) Last sale reports reported pursuant to the Plan for Reporting 
of Consolidated Options Last Sale Reports and Quotation Information 
filed with the Commission pursuant to, and meeting the requirements of, 
Sec.  242.608.
    (8) The national market system plan submitted pursuant to this 
section shall require the central repository to retain the information 
collected pursuant to paragraphs (c)(7) and (e)(7) of this section in a 
convenient and usable standard electronic data format that is directly 
available and searchable electronically without any manual intervention 
for a period of not less than five years.
    (f) Surveillance. Every national securities exchange and national 
securities association subject to this section shall develop and 
implement a surveillance system, or enhance existing surveillance 
systems, reasonably designed to make use of the consolidated 
information contained in the consolidated audit trail.
    (g) Compliance by members.
    (1) Each national securities exchange and national securities 
association shall file with the Commission pursuant to section 19(b)(2) 
of the Act (15 U.S.C. 78s(b)(2)) and Sec.  240.19b-4 of this chapter on 
or before 60 days from approval of the national market system plan a 
proposed rule change to require its members to comply with the 
requirements of this section and the national market system plan 
approved by the Commission.
    (2) Each member of a national securities exchange or national 
securities association shall comply with all the provisions of any 
approved national market system plan applicable to members.
    (3) The national market system plan submitted pursuant to this 
section shall include a provision requiring each national securities 
exchange and national securities association to agree to enforce 
compliance by its members with the provisions of any approved plan.
    (4) The national market system plan submitted pursuant to this 
section shall include a mechanism to ensure compliance with the 
requirements of any approved plan by the members of a national 
securities exchange or national securities association.
    (h) Compliance by national securities exchanges and national 
securities associations.
    (1) Each national securities exchange and national securities 
association shall comply with the provisions of the national market 
system plan approved by the Commission.
    (2) Any failure by a national securities exchange or national 
securities association to comply with the provisions of the national 
market system plan approved by the Commission shall be considered a 
violation of this section.
    (3) The national market system plan submitted pursuant to this 
section shall include a mechanism to ensure compliance by the sponsors 
of the plan with the requirements of any approved plan. Such 
enforcement mechanism may include penalties where appropriate.
    (i) Other securities and other types of transactions. The national 
market system plan submitted pursuant to this section shall include a 
provision requiring each national securities exchange and national 
securities association to jointly provide to the Commission within six 
months after effectiveness of the national market system plan a 
document outlining how such exchanges and associations could 
incorporate into the consolidated audit trail information with respect 
to equity securities that are not NMS securities, debt securities, 
primary market transactions in equity securities that are not NMS 
securities, and primary market transactions in debt securities, 
including details for each order and reportable event that may be 
required to be provided, which market participants may be required to 
provide the data, an implementation timeline, and a cost estimate.
    (j) Definitions. As used in this section:
    (1) The term CAT-Order-ID shall mean a unique order identifier or 
series of unique order identifiers that allows the central repository 
to efficiently and accurately link all reportable events for an order, 
and all orders that result from the aggregation or disaggregation of 
such order.
    (2) The term CAT-Reporter-ID shall mean, with respect to each 
national securities exchange, national securities association, and 
member of a national securities exchange or national

[[Page 45813]]

securities association, a code that uniquely and consistently 
identifies such person for purposes of providing data to the central 
repository.
    (3) The term customer shall mean:
    (i) The account holder(s) of the account at a registered broker-
dealer originating the order; and
    (ii) Any person from whom the broker-dealer is authorized to accept 
trading instructions for such account, if different from the account 
holder(s).
    (4) The term customer account information shall include, but not be 
limited to, account number, account type, customer type, date account 
opened, and large trader identifier (if applicable).
    (5) The term Customer-ID shall mean, with respect to a customer, a 
code that uniquely and consistently identifies such customer for 
purposes of providing data to the central repository.
    (6) The term error rate shall mean the percentage of reportable 
events collected by the central repository in which the data reported 
does not fully and accurately reflect the order event that occurred in 
the market.
    (7) The term material terms of the order shall include, but not be 
limited to, the NMS security symbol; security type; price (if 
applicable); size (displayed and non-displayed); side (buy/sell); order 
type; if a sell order, whether the order is long, short, short exempt; 
open/close indicator; time in force (if applicable); if the order is 
for a listed option, option type (put/call), option symbol or root 
symbol, underlying symbol, strike price, expiration date, and open/
close; and any special handling instructions.
    (8) The term order shall include:
    (i) Any order received by a member of a national securities 
exchange or national securities association from any person;
    (ii) Any order originated by a member of a national securities 
exchange or national securities association; or
    (iii) Any bid or offer.
    (9) The term reportable event shall include, but not be limited to, 
the original receipt or origination, modification, cancellation, 
routing, and execution (in whole or in part) of an order, and receipt 
of a routed order.

    By the Commission.

    Dated: July 18, 2012.
Elizabeth M. Murphy,
Secretary.

    Note: The following exhibit will not appear in the Code of 
Federal Regulations.

Exhibit A

Key to Comment Letters Cited in Adopting Release Proposal To Implement 
Consolidated Audit Trail (File No. S7-11-10)
    1. Letter from Rep. Melissa L. Bean, U.S. Congress, to Mary 
Schapiro, Chairman, Commission, dated May 20, 2010 (``Bean 
Letter'').
    2. Letter from Norris W. Beach to Elizabeth M. Murphy, 
Secretary, Commission, dated May 26, 2010 (``Beach Letter'').
    3. Letter from Steven Vannelli to Elizabeth M. Murphy, 
Secretary, Commission, dated May 26, 2010 (``Vannelli Letter'').
    4. Letter from Simhan Mandyam, Managing Partner, Triage Life 
Sciences LLC, to Elizabeth M. Murphy, Secretary, Commission, dated 
May 26, 2010 (``Triage Letter'').
    5. Letter from Paul Drescher, Registered Principal, Foothill 
Securities, Inc., to Elizabeth M. Murphy, Secretary, Commission, 
dated May 28, 2010 (``Foothill Letter'').
    6. Letter from Chandler Green to Elizabeth M. Murphy, Secretary, 
Commission, dated June 1, 2010 (``Green Letter'').
    7. Letter from Dan T. Nguyen, Wealth Management Company, to 
Elizabeth M. Murphy, Secretary, Commission, dated June 5, 2010 
(``Wealth Management Letter'').
    8. Letter from Nicos Anastaspoulos to Elizabeth M. Murphy, 
Secretary, Commission, dated June 6, 2010 (``Anastaspoulos 
Letter'').
    9. Letter from Ning Wen, Sales Director, Know More Software, 
Inc., to Heather Seidel, Division of Trading and Markets, Assistant 
Director, Commission, dated June 9, 2010 (``Know More Letter'').
    10. Letter from John McCrary to Elizabeth M. Murphy, Secretary, 
Commission, dated June 11, 2010 (``McCrary Letter'').
    11. Letter from Howard Meyerson, General Counsel, and Vlad 
Khandros, Market Structure and Public Policy Analyst, Liquidnet, to 
Elizabeth M. Murphy, Secretary, Commission, dated July 19, 2010 
(``Liquidnet Letter'').
    12. Letters from Justin S. Magruder, President, Noetic Partners, 
Inc., to Elizabeth M. Murphy, Secretary, Commission, dated July 22, 
2010 and August 3, 2010 (``Noetic Partners Letter I'' and ``Noetic 
Partners Letter II).
    13. Letter from Martin Koopman, Director, Aditat, to Elizabeth 
M. Murphy, Secretary, Commission, dated July 28, 2010 (``Aditat 
Letter'').
    14. Letter from Courtney Doyle McGuinn, FPL Operations Director, 
FIX Protocol Limited, to Elizabeth M. Murphy, Secretary, Commission, 
dated August 5, 2010 (``FIX Letter'').
    15. Letter from Senator Edward E. Kaufman, U.S. Senate, to 
Elizabeth M. Murphy, Secretary, Commission, dated August 5, 2010 
(``Kaufman Letter'').
    16. Letter from Mahesh Kumaraguru to Elizabeth M. Murphy, 
Secretary, Commission, dated August 5, 2010 (``Kumaraguru Letter'').
    17. Letter from R. T. Leuchtkafer to Elizabeth M. Murphy, 
Secretary, Commission, dated August 5, 2010 (``Leuchtkafer 
Letter'').
    18. Letter from Horst Simon, Associate Laboratory Director for 
Computing Sciences and Division Director, Computational Research 
Department, and David Leinweber, Director, LBNL Center for 
Innovative Financial Technology Computing Sciences, Lawrence 
Berkeley National Laboratory, to Elizabeth M. Murphy, Secretary, 
Commission, dated August 8, 2010 (``Berkeley Letter'').
    19. Letter from Peter A. Bloniarz, Dean, College of Computing & 
Information, University of Albany, George Berg, Associate Professor 
and Chair, Department of Computer Science, University of Albany, 
Sandor P. Schuman, Affiliated Faculty, Department of Informatics, 
University of Albany, to Elizabeth M. Murphy, Secretary, Commission, 
dated August 9, 2010 (``Albany Letter'').
    20. Letter from Christopher Nagy, Managing Director Order 
Strategy, Co-Head Government Relations, and John Markle, Deputy 
General Counsel, Co-Head Government Relations, TD AMERITRADE, Inc., 
to Elizabeth M. Murphy, Secretary, Commission, dated August 9, 2010 
(``Ameritrade Letter'').
    21. Letter from James J. Angel, Associate Professor of Finance, 
Georgetown University, Commission, dated August 9, 2010 (``Angel 
Letter'').
    22. Letter from Eric J. Swanson, Senior Vice President and 
General Counsel, BATS Exchange, Inc., to Elizabeth M. Murphy, 
Secretary, Commission, dated August 9, 2010 (``BATS Letter'').
    23. Letter from Anthony D. McCormick, Chief Executive Officer, 
Boston Options Exchange Group, LLC, to Elizabeth M. Murphy, 
Secretary, Commission, dated August 9, 2010 (``BOX Letter'').
    24. Letter from Charlie J. Marchesani, President Broadridge 
Financial Solutions, Inc., to Elizabeth M. Murphy, Secretary, 
Commission, dated August 9, 2010 (``Broadridge Letter'').
    25. Letter from Eric W. Hess, General Counsel, Direct Edge 
Holdings, LLC, to Elizabeth M. Murphy, Secretary, Commission, dated 
August 9, 2010 (``Direct Edge Letter'').
    26. Letter from Marcia E. Asquith, Senior Vice President and 
Corporate Secretary, FINRA, to Elizabeth M. Murphy, Secretary, 
Commission, dated August 9, 2010 (``FINRA Letter'').
    27. Letter from Marcia E. Asquith, Senior Vice President and 
Corporate Secretary, FINRA, and Janet McGinness Kissane, Senior Vice 
President and Corporate Secretary, NYSE Euronext, to Elizabeth M. 
Murphy, Secretary, Commission, dated August 9, 2010 (``FINRA/NYSE 
Euronext Letter'').
    28. Letter from Ted Myerson, Chief Executive Officer, Doug 
Kittelsen, Chief Technology Officer, and M. Gary LaFever, General 
Counsel and Chief Corporate Development Officer, FTEN, to Elizabeth 
M. Murphy, Secretary, Commission, dated August 9, 2010 (``FTEN 
Letter'').
    29. Letter from Karrie McMillan, General Counsel, Investment 
Company Institute, to Elizabeth M. Murphy, Secretary,

[[Page 45814]]

Commission, dated August 9, 2010 (``ICI Letter'').
    30. Letter from Stuart J. Kaswell, Executive Vice President, 
Managing Director and General Counsel, Managed Funds Association, to 
Elizabeth M. Murphy, Secretary, Commission, dated August 9, 2010 
(``Managed Funds Association Letter'').
    31. Letter from Dror Segal and Lou Pizzo, Mansfield Consulting, 
LLC, to Elizabeth M. Murphy, Secretary, Commission, dated August 9, 
2010 (``Mansfield Letter'').
    32. Letter from Andrew C. Small, General Counsel, Scottrade, to 
Elizabeth M. Murphy, Secretary, Commission, dated August 9, 2010 
(``Scottrade Letter'').
    33. Letter from Devin Wenig, Chief Executive Officer, Markets 
Division, Thomson Reuters, to Elizabeth M. Murphy, Secretary, 
Commission, dated August 9, 2010 (``Thomson Reuters Letter'').
    34. Letter from Jon Feigelson, Senior Vice President, General 
Counsel and Head of Corporate Governance, TIAA-CREF Individual and 
Institutional Services, LLC, to Elizabeth M. Murphy, Secretary, 
Commission, dated August 9, 2010 (``TIAA-CREF Letter'').
    35. Letter from Ronald C. Long, Director, Regulatory Affairs, 
Wells Fargo Advisors, to Elizabeth M. Murphy, Secretary, Commission, 
dated August 9, 2010 (``Wells Fargo Letter'').
    36. Letter from John A. McCarthy, General Counsel, GETCO, to 
Elizabeth M. Murphy, Secretary, Commission, dated August 10, 2010 
(``GETCO Letter'').
    37. Letter from Michael Erlanger, Managing Principal, 
Marketcore, Inc., to Commission, dated August 10, 2010 (``Marketcore 
Letter'').
    38. Letter from Edward J. Joyce, President and Chief Operating 
Officer, Chicago Board Options Exchange, Inc., to Commission, dated 
August 11, 2010 (``CBOE Letter'').
    39. Letter from Leonard J. Amoruso, Senior Managing Director and 
General Counsel, Knight Capital Group, Inc., to Elizabeth M. Murphy, 
Secretary, Commission, dated August 11, 2010 (``Knight Letter'').
    40. Letter from Jose Manso, Executive Vice President, Sales and 
Marketing, Middle Office Solutions LLC, to Commission, dated August 
11, 2010 (``Middle Office Letter'').
    41. Letter from Manisha Kimmel, Executive Director, Financial 
Information Forum, to Elizabeth M. Murphy, Secretary, dated August 
12, 2010 (``FIF Letter'').
    42. Letter from John Harris, Chief Executive Officer, BondMart 
Technologies, Inc., to Commission, dated August 12, 2010 (``BondMart 
Letter'').
    43. Letter from Joan C. Conley, Senior Vice President and 
Corporate Secretary, NASDAQ OMX Group, Inc., to Elizabeth M. Murphy, 
Secretary, dated August 12, 2010 (``Nasdaq Letter I'').
    44. Letter from Patrick J. Healy, Chief Executive Officer, 
Issuer Advisory Group LLC, to Elizabeth M. Murphy, Secretary, 
Commission, dated August 15, 2010 (``IAG Letter'').
    45. Letter from James T. McHale, Managing Director and Associate 
General Counsel, Securities Industry and Financial Markets 
Association, to Elizabeth M. Murphy, Secretary, Commission, dated 
August 17, 2010 (``SIFMA Letter'').
    46. Letter from Mike Riley, Chief Executive Officer, Endace 
Technology Limited, to Elizabeth M. Murphy, Secretary, Commission, 
dated August 30, 2010 (``Endace Letter'').
    47. Letter from Terry Keene, Chief Executive Officer, 
Integration Systems LLC, to Elizabeth M. Murphy, Secretary, 
Commission, dated November 12, 2010 (``iSys Letter'').
    48. Letter from Bonnie K. Wachtel, Wachtel & Co., Inc., to 
Elizabeth M. Murphy, Secretary, Commission, dated November 24, 2010 
(``Wachtel Letter'').
    49. Letter from Richard A. Ross to Elizabeth M. Murphy, 
Secretary, Commission, dated December 6, 2010 (``Ross Letter'').
    50. Letter from James T. McHale, Managing Director and 
Associated General Counsel, Securities Industry and Financial 
Markets Association, to David Shillman, Associate Director, Division 
of Trading and Markets, Commission, dated January 12, 2011 (``SIFMA 
Drop Copy Letter'').
    51. Letter from Daniel J. Connell, Chief Executive Officer, 
Correlix, Inc., to Elizabeth M. Murphy, Secretary, Commission, dated 
February 4, 2011 (``Correlix Letter'').
    52. Letter from Richard A. Ross, Founder, High Speed Analytics, 
to Elizabeth M. Murphy, Secretary, Commission, dated February 9, 
2011 (``High Speed Letter'').
    53. Letter from Michael Belanger, President, Jarg Corporation; 
Joseph Carrabis, Chief Regulatory Officer and Founder, NextStage 
Evolution; Wayne Ginion, Vice President, Enterprise Infrastructure 
Services; and David Morf, Partner, Senior Regional Economics 
Advisor, Founding Member, Center for Adaptive Solutions, to 
Elizabeth M. Murphy, Secretary, Commission, dated April 6, 2011 
(``Belanger Letter'') (note, this letter is an amended letter that 
replaces a letter submitted by the same parties on March 30, 2011).
    54. Letter from Richard G. Ketchum, Chairman and Chief Executive 
Officer, FINRA, to Robert Cook, Director, Division of Trading and 
Markets, and Carlo DiFlorio, Director, Office of Compliance 
Inspections and Examinations, Commission, dated April 6, 2011 
(``FINRA Proposal Letter'').
    55. Letter from Senator Charles E. Schumer, U.S. Senate, to Mary 
L. Schapiro, Chairman, Commission, dated May 9, 2011 (``Schumer 
Letter'').
    56. Letter from Joan C. Conley, Senior Vice President and 
Corporate Secretary, NASDAQ OMX Group, Inc., to Elizabeth M. Murphy, 
Secretary, Commission, dated November 18, 2011 (``Nasdaq Letter 
II'').
    57. Letter from Geraldine M. Lettieri to Elizabeth M. Murphy, 
Secretary, Commission, dated November 29, 2011 (``Lettieri 
Letter'').
    58. Letter from James T. McHale, Managing Director and 
Associated General Counsel, Securities Industry and Financial 
Markets Association, to Robert Cook, Director, Division of Trading 
and Markets, Commission, dated February 7, 2012 (``SIFMA February 
2012 Letter'').
    59. Letter from John M. Damgard, President, Futures Industry 
Association, to Elizabeth M. Murphy, Secretary, Commission, dated 
February 22, 2012 (``FIA Letter'').
    60. Letter from Manisha Kimmel, Executive Director, Financial 
Information Forum, to Elizabeth M. Murphy, Secretary, Commission, 
dated March 2, 2012 (``FIF Letter II'').
    61. Letter from Jennifer Setzenfand, Chairman, Security Traders 
Association, dated March 7, 2012 (``STA Letter'').
    62. Letter from Dr. Gil Van Bokkelen, Chairman and Chief 
Executive Officer, Athersys, Inc., to Mary Schapiro, Chairman, 
Commission, dated March 14, 2012 (``Van Bokkelen Letter'').

[FR Doc. 2012-17918 Filed 7-31-12; 8:45 am]
BILLING CODE 8011-01-P