July 2020 was the final date of phased-in compliance for customers and account reporting as set out under the SEC’s Consolidated Audit Trail (CAT) guidelines. With compliance requirements now in place, Umang Chhibber of Cloudreach, Ruchi Nanda and Sanjay Shah, both of Microsoft, discuss what’s in store for organizations mandated to comply.

From Flash Crash to CAT

Some 3,600 broker-dealers and 13 exchanges are required to report every trade activity (including cancellations, modifications and executions) in compliance with the CAT. Once it’s fully up and running, the CAT will be the world’s largest data repository of securities transactions, ingesting more than 58 billion records a day.1

The catalyst for the CAT was the Flash Crash in May 2010 – in about 30 minutes, nearly $1 trillion in U.S. equity value in the Dow Jones Industrial Average was lost. The CAT will provide regulators with timely access to comprehensive trading data, enabling them to effectively conduct research, reconstruct market events, monitor market behavior, and identify and investigate misconduct.2

Umang Chhibber, Cloud Solutions Architect at Cloudreach, Ruchi Nanda, Microsoft’s Industry Solutions Manager, Capital Markets and Sanjay Shah, Senior Cloud Solution Architect at Microsoft give their perspectives on the challenges facing organizations and Cloudreach’s CAT Compliance as a Service (CCaaS) solution.

What implications does CAT compliance present for broker-dealers and exchanges?

Umang: At peak time, an organization may have to transform as many as six million transactions per day into FINRA – that is extremely burdensome on both technology and teams. The biggest struggle is not having the underlying infrastructure in place to handle the aggressive timeline and transaction volume. The sheer task of building that, and having the knowledge and skill set to manage and maintain it, is a significant challenge. Organizations must choose a technology stack that’s able to deliver.

Ruchi: Meeting the various deadlines for CAT regulations is challenging and that has been further impacted by the pandemic. Capital market firms need to comply with these pressing regulatory requirements or face high fines for non-compliance.

And navigating market volatility is a concern. How do they scale up on a high trading day? Many firms may face on-premise capacity issues or be unable to send reports to FINRA on a timely basis.

How are financial organizations currently addressing these challenges?

Umang: While the technology and some processes might be different, most organizations are using an in-house approach. Internal teams are tasked with taking all data and moving it to different subsets, databases and formats, whether that be in the cloud or on-premise. The data is then shipped back, validated, repackaged and sent to FINRA. It might sound straightforward, but a lot goes on behind the scenes to extract data from the core system and transform it. Some are uploading to the cloud because their legacy systems don’t have the performance capacity.

Sanjay: CAT compliance is impacting both large and small organizations. There are 3,600 broker-dealers and 13 exchanges across the U.S. It’s very costly to create an in-house solution, especially one that can scale to the volatility in the market.

How are organizations planning to develop more robust CAT systems to meet future compliance and timeline requirements?

Umang: The problem is, since they’re struggling now to just address basic needs and meet timelines, they don’t have the time to think about how to evangelize to the next level. They’re trying to do continuous improvement as they’re learning – but that’s not a practical long-term approach. Some organizations are trying to evolve internally and others are looking for or waiting to see if some outside help becomes available.

What are the most important capabilities for a financial organization’s CAT system?

Umang: Data security is paramount. That’s why so many organizations are trying to address this challenge in-house – they already have security principles in place. 

Efficiency is another consideration. Right now, they have a minimum viable approach to meet the objectives. If FINRA changes the guidelines – and that is an expectation – they need to have the agility to respond. 

Trackability and reporting is important. There is limited intelligence available around how much data is being handled, how well it’s being handled and how efficient the process is. Insight is key.

Ruchi: Overall workflow automation is very important because it saves a lot of manual overhead –  and error detection and parsing is instant and automatic. For example, when reports are sent to FINRA and feedback is received, there could be thousands of transactions to process, so bulk categorizations create efficiency.

How will the Cloudreach CAT Compliance as a Service (CCaaS) solution help organizations meet and manage compliance requirements and why is Microsoft Azure such a well-suited platform? 

Umang: Our solution will make their lives easier by offloading the effort of building and transforming data. It’s a completely consumable product and a managed service can sit in their environment from a compliance and security perspective.

With its focus on the enterprise market, Microsoft is uniquely positioned to provide insights and technology.  We saw an opportunity to jointly solve and make a difference for all of these financial organizations.

Ruchi: Compared to an on-premise solution, the Cloudreach CCaaS solution will provide cost savings in terms of people, process and existing system overhead. As I stated earlier, daily process workflow automation replaces manual invention and creates a lot of efficiency. 

Microsoft really elevates the level of compliance and security. We make an enormous investment to maintain a robust security and governance framework, investing $1B annually in security and employing 4,400 people to maintain Azure security.

It is hard to beat that investment with an internal solution.

Sanjay: Microsoft Azure has immense scaling capacity, so organizations will realize savings during fluctuating trading days. Solution will also offer connectivity to FINRA from MS data centers.

What are the key technologies Cloudreach is leveraging to address the market challenges?

Umang: We’re focused on building a solution that’s serverless – a cloud native solution that leverages cloud services using technologies like Cosmos DB, Data Factory, Azure Data Lake, and Databricks. We are leveraging microservices and other native Azure components to ensure fast data processing and Azure Synapse Analytics for audit trail components.

Additionally, Cloudreach has built a complete user interface – it’s our IP – that spans across middle tier and data tier and provides visibility of data as it flows and the processes it triggers. It becomes a window into what’s happening and delivers reporting capabilities.

We also have a process to integrate our CCaaS solution into an organization’s existing identity solution to ensure the on-premise security is intact.

More about the Cloudreach CCaaS Solution

Want to learn more about how the Cloudreach CCaaS solution can help your financial organization achieve CAT compliance? Click here!

Cloudreach’s strategic partnership with Microsoft and deep Azure expertise make our practice the leading Azure-only partner globally. With 13 Azure gold competencies and 400+ Azure exams and certifications, our Azure specific solutions help you leverage the power of Microsoft platforms.

CAT NMS News Release – 2019

2  SEC Press Release – 2016