Mar. 6, 2023
March 6, 2023
File No. S7-02-23
March 6, 2023
Dear Commissioners:
I am an Unidentified Federal Official (UFO) employed by the U.S. Securities and Exchange Commission (SEC or Commission). As the SEC's ethics standards require me to state: The SEC, as a matter of policy, disclaims responsibility for any private publication or statement by any of its employees. The views expressed herein are those of UFO and do not necessarily reflect the views of the Commission, the Commissioners, or other members of the Commission's staff.
If adopted, the proposed rule as it relates to the authorization of the collection of covered securities transactions and holdings data from financial institutions through a third-party automated compliance system would be arbitrary, capricious and unreasonable. If adopted without changes to the automated compliance system (or prior to an additional comment period), Commission staff should urge that National Treasury Employees Union Chapter 293 file suit on their behalf. As described below, the proposal is redundant because the SEC already has tools at its disposal that surveils employees. The Commission should instead focus precious taxpayer resources on surveilling unscrupulous actors in the securities industry rather than paying third parties to fill the role that the Commissions Office of Ethics Counsel should be doing.
First, the Consolidated Audit Trail, or CAT, is the largest database of securities transactions, containing all daily equity and listed options transactions executed in the United States of America. It also contains a significant amount of personally identifiable information (PII) on every client of U.S. broker-dealers. The SEC charged the self-regulatory organizations (SROs), such as FINRA and the equities and options exchanges, with the sole responsibility to develop and operate the CAT. Broker-dealers are obligated to report all daily equity and options transaction data to the CAT and will ultimately be obligated to report sensitive client PII to the CAT. The SROs have sole authority to control and protect the data once it is submitted to the CAT.
The CAT Customer Account and Information System, or CAIS, is in the launch phase and contains the names, addresses, and years of birth for all retail customers, as well as the types of accounts they hold. Further, when fully implemented, the CAIS will contain additional PII related to authorized traders for every retail account that has one. Every retail investor will have their PII held in a single database owned and operated by the current 23 SROs operating under the direction of the SEC. This includes SEC employees. Why must the Commission divert resources to have a separate automated system to surveil its own employees when presumably its own employees are already under surveillance in the CAT?
Second, Commission employees already pre-clear every single securities transaction they make before executing the order and then report the execution of that order a few days afterwards. We currently use the Personal Trading Compliance System to do so. We also annually submit (with optional account number redaction) statements that contain all of our securities transactions for ourselves and covered family members over the preceding years. Why must you subject SEC employees to additional or different, unnecessary requirements of providing third-party government contractors access to our brokerage accounts? You put the national security of the United States at risk by providing an additional point of hackers information on government employees. Our brokerage statements should be kept in-house at the SECs Office of Ethics Counsel. Resources should be spent on bad actors and providing SEC staff the necessary resources to supervise the securities industry, not on this endeavor. The
current system with PTCS is tedious, but it is working. Don't change it.
Third, the Commission seems to assume that its own employees cant be trusted to report properly. We are already subject to background checks by the Defense Counterintelligence and Surveillance Agency, most of us are members of the bar and have a duty to behave ethically, we submit annual OGE Form 450s, and we comply with the trading rules prescribed by the SEC on its staff. If your employees are assumed crooked, couldn't they just by-pass the third-party automated system with a different broker-dealer not covered by the automation process? Or not tell you who they have a brokerage account with? We are the good guys who comply with the rules. Employees of other financial regulators (e.g., The Federal Reserve Board) are not subject to the same standards as Commission employees and can trade more freely than a Commission employee. How about using the Commissions surveillance methods to enforce the rules on the members of Congress who, according to press reports, commit insider tradi
ng without Commission enforcement?
A proposed rule needs more examples of problems they are trying to solve before imposing an alleged solution. The 24 page release does not meet the standards that we place on our own releases imposed upon the securities industry to protect investors. This rule-making as it relates to third party compliance systems is an embarrassment as far as rule-makings go. Reasoned decision making applies here. The reasoning is unsupported. Please do not adopt this rule as it relates to the automation of third-party compliance.
Sincerely,
/s/ UFO of SEC
Unidentified Federal Official employed by the U.S. Securities and Exchange Commission