Mar. 8, 2023
March 8, 2023 The proposal to have employee trade reporting handled through a third party service has both potential benefits and potential drawbacks. Whether it is a good idea depends on details of the implementation that have not been shared in the proposed rule. First: advantages of the proposal. The current process of assembling and redacting a full year's worth of statements each year, in addition to pre- and post-trade reporting, is burdensome and may impact the Commission's ability to retain talented staff. The proposal would eliminate that burden. Second: disadvantages of the proposal. As written the rule could be interpreted to permit a third party to have complete access to all of the same information that employees and their family members have for their securities accounts. This has led other staff members to express concern that third parties should not have access to this sensitive data, and that at least under the current system, we have the ability to redact what we share, somewhat protecting ourselves from the risk of a security breach. I agree with this concern, IF entire statements still have to be accessed/transmitted. But as set forth below, I am hopeful that as implemented, the proposal would not require as much data to be transmitted. Given that the Commission itself does not have a good record of protecting its employees' personal information, a system in which more limited information is transmitted -- through a third party that is used by numerous industry participants and has a demonstrated track record of k eeping information confidential -- could be an improvement. I tentatively support the proposal, IF the only data transmitted is information about individual transactions. So my broker sees that I made a trade, its systems connect to the third party, which notifies the SEC of the trade. The SEC then has that trade info in some kind of database, either its own, or the third party's. Importantly, given the automated nature of this reporting, it should not ALSO be necessary for anyone -- whether me or the third party -- to transmit entire account statements to the SEC. The year-end statement submissions under the current regime are merely a check on our compliance with the PTCS reporting, which is an honor system with year-end verification through the statements. Once the trade reporting is automated, there will be nothing for the SEC to double-check, and therefore no reason to collect statements at all. Ideally, the individual transaction data would be transmitted with an identifier that is NOT our social security number, and there should be no need to transmit additional data such as our address. Even account numbers could be partially masked. All of these details should be clearly covered in the SEC's contract with the third party. My expectation is that the way this system would work is the third party, with our consent, would be given access to specific data, which I imagine would be pushed out to the third party by the brokerage firm as part of the settlement process. The third party should NOT have unfettered access to log in to our accounts and poke around, and it should not be downloading, saving or sending entire account statements to anyone. It would have been helpful if these data security and privacy issues had been addressed in the proposed rule, because they are significant. However, on the assumption that they will be taken into account appropriately in implementing the proposed rule, I support it.