On Wednesday, Sept. 6, 2023, the U.S. Securities and Exchange Commission (“SEC”) issued an Order approving an amended funding model for the Consolidated Audit Trail (the “CAT”), setting in motion the full-scale operation of the CAT, a system that the SEC’s Chair hailed, asserting in a Sept. 6 Statement “[a]t its core, the consolidated audit trail was created to enable regulators to track activity efficiently and accurately in National Market System securities. [The CAT allows regulators] to trace orders from originations, modifications, cancellations, routings, and executions.” In this regard, see my Oct. 2, 2023 blog “Compromised CAT: SEC Seeks a ‘Big Brother’ of ‘Real Time’ Market Information,” which lays out the history and difficulties in getting the CAT to its current state.
One absolute requirement for the CAT to function as intended is the collection and transmission of accurate market data by market entities. Just 16 days after the Commission’s Order concerning the CAT, the SEC issued two enforcement Orders imposing sanctions on Goldman Sachs & Co. LLC (“Goldman Sachs,” a wholly owned subsidiary of The Goldman Sachs Group, Inc., characterized by the SEC as “a global financial services firm”) and on Citadel Securities LLC (“Citadel,” characterized by the SEC as “one of the largest broker-dealers in the U.S. equities market”). Each enforcement action imposed substantial civil penalties and other requirements because the respondent in each case failed to collect and report timely and accurate market information.
THE GOLDMAN SACHS ENFORCEMENT ORDER
Sometime in the development of securities regulation after the creation of the SEC and the passage of the Securities Act of 1933 and particularly the Securities Exchange Act of 1934 (as amended, the “34 Act”), the Commission began a practice of sending questionnaires to market makers, broker/dealers, and clearing houses to gain information about specific trades or market activity. These questionnaires were printed on blue paper for ready identification and were mailed to the addressees to be answered and mailed back. Not surprisingly, these questionnaires became known as “Blue Sheets.” Beginning in the late 1980’s, both the questionnaires and the responses were transmitted electronically, using (in those pre-Internet days) hard-wired interconnections installed under the aegis of the Securities Industry Automation Corporation (“SIAC”), a subsidiary of the New York Stock Exchange. By 2001 the SEC determined that electronic interconnectivity would support a broader information collection system, where specific information was collected using a standardized format. Accordingly, on May 20, 2000, the SEC proposed new Rule 17a-25 under the 34 Act, which elicited significant commentary from the affected market participants, including their ability to provide all the requested information when asked. On June 29, 2001, after assessing those comments, the SEC issued the adopting release (the “Adopting Release”) for Rule 17a-25, and that Rule became effective on Aug. 9, 2001.
As stated in the Adopting Release, the purposes of Rule 17a-25 and the entire system of electronic blue sheets (“EBS”) were to
- “assist in the examination for and investigation of possible federal securities law violations, primarily involving insider trading or market manipulation;” and
- “to conduct market [event] reconstruction.”
This sounds much like the explanation of the reasons for the creation of the CAT. Under the provisions of the Rule and related regulations, the same EBS’s were to be shared with the Office of Fraud Detection and Market Intelligence of the Financial Industry Regulatory Authority (“FINRA”), a self-regulatory organization to which broker/dealers (except rare, specifically exempt broker/dealers) must belong. EBS’s require the addressee to provide the following information:
- Name of the security involved;
- Date and place (which market) of the questioned trade;
- Size of the transaction; and
- List of counterparties to the transaction.
Not surprisingly, given the human capacity for error, sometimes the requested information was given inaccurately, not infrequently due to coding errors in the respondent’s EBS system. The SEC imposed a series of financial sanctions on the “miscreants,” ranging from $2.5 million assessed on Scott Trade in 2014 for six years of inaccurate data; to $3.2 million assessed on Cantor, Fitzgerald & Co., which filed EBS’s containing 34,884,409 transactions with incomplete data; to $875,000 assessed on Morgan Stanley for 869 faulty EBS’s covering 156,678 options; to $7 million assessed on Citigroup in 2016 for inaccurate reports on 26,810 transactions.
Goldman Sachs itself had been a repeat offender, having been sanctioned by the New York Stock Exchange in January 2006 and by the FINRA in both June 2010 and June 2014. In the current case, from November 2012 through October 2022 Goldman Sachs’ EBS system did not work as required. The resulting SEC sanctions Order states that Goldman Sachs:
“submitted EBS in response to 52,147 requests from the Commission, at least 22,192 of which contained deficient trade data for at least 163 million transactions as a result of 43 different types of issues that impacted its EBS reporting. Some 9,650 of the 22,192 deficient submissions were made on or after March 20, 2018.”
The sanctions Order details that the inaccurate and/or incomplete EBS information involved:
“order execution times [due to a format error 2,363,000 transaction were reported in Central Time instead of the actual Eastern Time], transaction type identifiers [a coding error caused approximately 100 million transactions to show the type identifier as ‘blank’,; exchange codes [i.e., which trading platform was involved], ticker symbols, and transaction prices…”
That Order notes that the EBS errors included:
- reporting aggregate rather than individual execution data for certain foreign affiliates;
- reporting long sales as short sales (approximately 86,000 transactions were misreported);
- failing to report cross trades;
- failing to record post-settlement “fails” (i.e., the transactions were undone);
- failing to provide complete historical data for certain types of options (for example Goldman Sachs “misreported the options buy/sell codes for approximately 18,827,000 transactions due to [a foul up in the Goldman Sachs’] EBS reporting code);”
- and providing inaccurate firm and/or customer identifying information, including large trader identifiers and taxpayer identification numbers, and zip/country codes.
Further, the SEC found that Goldman Sachs “did not have a reasonable process to verify that all of the information it was reporting was accurate.” The sanctions Order notes that Goldman Sachs “did not conduct adequate periodic sampling, manual validation, and review of information received from third parties” and did not have “proper quality controls in place to ensure the completeness and accuracy of its EBS data prior to its submissions.” The deficiencies were discovered only after Goldman Sachs began an internal review of its EBS system in 2018. The sanctions Order does acknowledge that Goldman Sachs voluntarily engaged in a thorough (if slow) examination and restructuring of its EBS system.
The sanction Order finds that Goldman Sachs violated the record-keeping requirements AND the accurate reporting requirements of Section 17(a)(1) of the 34 Act and Rules 17a-4(j) and 17a-25 thereunder. The Order expressly notes that in settling with Goldman Sachs “the Commission considered remedial acts undertaken by Respondent and cooperation afforded the Commission.” Then the SEC ordered Goldman Sachs to cease and desist from any continuing or similar violations of the cited statute and rules. Goldman Sachs was censured by the SEC and ordered to pay a civil penalty of $6 million. In addition, FINRA imposed a parallel $6 million civil penalty for the same EBS failures.
THE CITADEL ENFORCEMENT ORDER
The Citadel Order notes that Citadel as of May 2023 executed approximately 35% of ALL U.S.-listed securities and 22% of U.S. equities volume, involving more than 11,000 U.S.-listed securities. Any deficiency in required reporting is by definition “Material.” As set out in the Citadel Order, “from September 2015 through September 2020… Citadel Securities INADVERTENTLY [emphasis added] marked certain short sale orders as long sales, and long sales as short sales, while handling orders [as a market aggregator] on behalf of its broker-dealer clients. As a result, an estimated millions of sell orders were mismarked.” The Order goes on to note that the violations “occurred as a result of a coding error in the logic used to compute Citadel [Securities’] position calculated for Regulation SHO purposes when [filling] client orders filled on a riskless-principal basis.”
The SEC found that the coding error caused intraday inaccuracies in the reported Citadel positions in those securities. The coding error was first discovered by Citadel in September 2020 as part of a regulatory compliance review. The error was estimated to have resulted in millions of mismarked orders.
Regulation SHO was issued by the SEC on July 28, 2004, and became effective on Jan. 3, 2005. It was intended to curtail so-called “naked short selling,” where securities (not owned by the seller) were sold to cause the market price of the securities to decline. It was seen as particularly important for regulating the use of block trading (where large volumes of a security are gathered for resale) and arbitrage (a frequent occurrence in the wake of tender offers). Regulation SHO was strengthened in 2009, to include required reporting of “close out” positions; and again in 2010, to restrict the price at which a security could be sold short in a declining market to impede further price erosion. Both revisions can be seen as resulting from the 2008 Great Recession that resulted in the Dodd-Frank Act of 2010, under which the SEC was instructed to develop a robust reporting system to inform market participants of who might hold short positions in securities.
The Citadel Order makes several points of note:
- the coding error caused minutes and sometimes hours of delay in completing the required position calculations;
- “this delay did not benefit Citadel Securities or its trading strategies”;
- the mismarked orders constituted the primary reason Citadel did not report that IT was engaging in short sales (i.e., sales of securities in excess of the amount of the same securities otherwise held by Citadel); and
- Citadel had “two automated surveillance tools,” as part of its compliance policies and procedures, but those “policies and procedures did not detect either the coding error or the firm’s mismarking of orders as a result of the coding error.”
In 2020, Citadel finally discovered the coding error and reprogrammed the firm’s systems. As part of determining the effects of the error, Citadel realized that it had failed to keep the required accurate and complete records needed to file proper EBS’s with FINRA and the Commission and had in fact filed inaccurate EBS’s in violation of Rule 17a-25. The Commission also determined that Citadel violated Rule 200(g) of Regulation SHO for inaccurately marking whether Citadel transactions were long or short.
In addition to noting the inadvertence of Citadel’s violations, the Citadel Order expressly acknowledged consideration for both Citadel’s remedial actions and cooperation with the SEC during its investigation. As part of the Settlement covered by the Order, Citadel was required to:
- confirm in writing the remediation of the way it records certain parts of transactions to eliminate the delayed treatment of those parts;
- review all of Citadel’s trading systems and supervisory policies and procedures, specifically including the computer system logic;
- submit a written report of the review within 90 days; and
- submit a confirming report from Citadel’s Chief Compliance Officer, including each undertaking completed accompanied by written evidence of compliance.
Recognizing that these reports will contain confidential and competitive business information, the Order expressly provided that the reports shall remain “non-public” except as a Court or the Commission may otherwise direct, or as the parties agree. The SEC ordered that Citadel cease and desist from further violations of the cited regulations and censured Citadel. The Commission also ordered Citadel to pay a civil money penalty of $7 million. Mark Cave, the Associate Director of the SEC’s Division of Enforcement, in a Sept. 22, 2023 Press Release concerning the Citadel case, stated:
Compliance with the order marking requirements of Reg SHO is a key component of regulatory efforts to curtail abusive market practices…This action against Citadel Securities demonstrates that …failure to comply with … Reg SHO can have negative downstream consequences on the accuracy of the firm’s electronic records, including its electronic blue sheet reporting, depriving the Commission of important information about the markets it regulates.
THE OCT. 13, 2023 REVISIONS TO FORM SHO
On Friday, Oct. 13, 2023, the SEC (by a 3-2 vote) adopted a new Rule 13f-2 and a revised Form SHO in a 315 page release requiring institutional money managers to (according to the SEC’s Short Sale Disclosure Fact Sheet) “report on Form SHO certain short position[s] and short activity data. The Commission will thereafter aggregate and publish certain data collected from Form SHO.” The two dissenting Commissioners objected to the level of detail required on the revised Form and the costs of compliance, noting that much of the relevant information was already available from data collection systems used by FINRA and the other Self-Regulatory Organizations (i.e., the exchanges). In addition, according to a Wall Street Journal article, one of the Dissenters suggested that the changes could “discourage short selling and, therefore, curb the market’s ability to appropriately price assets.” That same Wall Street Journal article contains a statement from the Chief Executive of the Alternative Investment Management Association welcoming the SEC’s decision not to require disclosure of individual fund short positions, noting that a European Union regulation that did “limits implementation of long/short strategies and therefore curtails market liquidity.” Much like the wisdom of Werner von Heisenberg’s Uncertainty Principle, the presence of the observer affects the outcome.
In the Fact Sheet, the Commission once again pointed to the Dodd-Frank Act of 2010 as mandating that the SEC adopt rules to “make certain short sale related data publicly available.” This data, the Commission claimed, will “help inform market participants regarding the overall short sale activity … and will bolster the Commission’s and other regulators’ oversight of short selling.” Interestingly, the Rule 13f-2 Adopting Release also amended the CAT “to supplement the short sale data made available to the Commission” with an express requirement that the data include short selling activity undertaken as part of “bona fide market making activities,” for which a broker-dealer might otherwise claim an exemption from reporting under Regulation SHO. The Rule 13f-2 Adopting Release allows a period of 12 months after Rule 13f-2 becomes effective (60 days following publication in the Federal Register), before the affected institutional money managers must comply with the Rule. The amendment to the CAT requires compliance 18 months after the Rule becomes effective.
SOME CONCLUDING OBSERVATIONS
The SEC drive for data generally, and in the case of the CAT, specifically, bespeaks the almost ingrown bureaucratic mindset that more is always better, without necessarily any regard for either cost or benefit. The CAT, with its millions in costs (accrued and future), questionable concerns for the privacy of investors, and failure to address the more fundamental issue posed by a society that accepts the surveillance of American investors, is discussed at some length in my Oct. 2, 2023 blog “Compromised CAT.”
How ironic, then, to learn from the Goldman Sachs and Citadel enforcement actions that two of the largest and most sophisticated capital market participants cannot get their electronic systems, even in discrete areas, to function as required (and intended). There was no intention to provide inaccurate data; at most, the cases show negligence on the part of the two respondents in the collection and processing of data. The CAT is based upon a presumption that accurate and timely data can be collected and reported. The real world, as detailed here, strongly suggests that such a notion is more SEC hubris than rational expectation. Perhaps there is a further need for evaluating the entire concept of a “universal market reporting system.”