Subject: File No. S7-11-10
From: R T Leuchtkafer

August 6, 2010

Thank you for the opportunity to comment on the "Consolidated Audit Trail," Release 34-62174 (File S7-11-10) ("Release"). The Release seeks to establish by rule a real-time, centralized and comprehensive audit trail of transaction data for National Market System ("NMS") securities. The SEC estimates the five year industry cost of this audit trail to be approximately $14 billion, with $4 billion in startup costs and approximately $2 billion per year in operating costs. The justification for the rule is to enable the SEC and SROs to surveil the NMS equity markets in real-time, and to detect and prevent market abuses in real-time. In particular, the facility would enable the SEC and SROs to "monitor for the manipulation of security prices, and detect the use of manipulative or deceptive devices in the purchase or sale of a security" and to "in a more timely manner, identify potential manipulative or other illegal activity" because "Manipulative activity by some market participants can result in other market participants, such as retail investors, losing money." Importantly, "The longer that manipulative behavior goes undetected over time, the greater the potential harm to investors." The specific abuses the Release mentions include price manipulations, spoofing, layering, front running, marking the close, and insider trading.

Track Record

Given the significant expense of the proposed tool - more expensive than the SEC itself, more than the combined profits of the equities exchanges, more expensive than FINRA, more expensive than NASA's latest mission to Mars - it is useful to look at the SEC's and the industry's recent success at detecting and prosecuting market abuses in NMS securities. And with the exception of a handful of insider trading cases, that success is limited. There could be many reasons for this limited success, including the lack of a $14 billion tool. Or there could be other reasons.

Most people would be surprised to learn that in the first half of 2010, according to public records, the SEC filed no cases at all for spoofing, layering, front running, and marking the close in NMS securities. FINRA's record in NMS securities for the first half of 2010 is similar. The SEC filed a handful of new insider trading cases, and just one new case of price manipulation. Looking back, this is fairly typical. So far as I can tell, for example, front running hasn't been prosecuted in years. Neither has marking the close. I could not find any new spoofing or layering cases anywhere in NMS securities - none at all - since 2002, for which the spoofer paid $12,000 in disgorged profits.

There certainly is fraud and abuse in financial services. It is very disturbing to read case after case of Ponzi schemes, misappropriation of funds, deceit, and theft that the SEC and FINRA prosecute every day, and we should be grateful for these regulators. They protect all of us, and especially the weakest and most vulnerable - quite literally widows surviving on pensions - from harm.

There is also a lot of fraud in the pink sheets. But the enforcement record in NMS securities is very weak, $14 billion is a lot of money, and there may be other reasons for this weak performance than the lack of a real-time database. What are they? In part, for abuses like price manipulations, it is because of the unfortunate quasi-legitimacy of high-speed, short-term speculative trading, such that the SEC itself wonders in print whether "order anticipation" and "momentum ignition" strategies are abusive and should be banned, as opposed to branding them abusive a priori. It is because market making has been wholly deregulated in the last 10 years, and so any high-speed, short-term speculative strategy that could possibly be justified as market making (or liquidity provision) is untouched. Run a thought experiment and ask "What is price manipulation?" Now, try to distinguish whatever definition you arrived at from any other speculative strategy or, better, take the other side and defend yourself against regulators by claiming to (a) provide liquidity or (b) engage in arbitrage or (c) deploy quantitative strategies or (d) run some other kind of short-term, speculative strategy. The Release uses some form of the word "manipulate" over 50 times, and yet there is no actionable definition of "manipulate" such that any reasonable observer could expect any reasonable payoff from that $14 billion database, ever. There is no actionable definition of "manipulate" such that any engineer could write a database search to detect it and not also find thousands of spurious signals ("spurious" under current theory and practice). At the current rate of two new NMS price manipulation cases per year, it works out to an astonishing $1.4 billion per case over the next five years, and these likely buried among thousands of false signals and unsuccessful investigations. The amount of money at stake in the lone new price manipulation case filed so far in 2010? About $255,000.


There are probably two factors driving the $14 billion expense. The first is the quantity of the data, and the second is the requirement for data to be delivered in real-time instead of at end of day, or even T+n. The quantity of data is irreducible if the database is to be meaningful and comprehensive. If anything, the database includes too few data fields, but the SROs can determine that during design. The Release justifies data delivery in real-time because of the need for timely surveillance, and, given that the violative conduct in the price manipulation case mentioned above occurred from August, 2009 through December, 2009, while the case itself wasn't filed until March, 2010, anything that improves the SEC's timeliness is welcome.

Systems need data on the same time scale as when systems make decisions. Biweekly payroll systems need biweekly data. Real-time trading systems need real-time data. Can regulators review and investigate signals in real-time, and step in and stop market participants from trading in real-time? That is very doubtful, and as a practical matter - given the thousands of false signals any such system will throw off because of the crippled state of "manipulate" theories - impossible. As Chris Concannon said in Businessweek, the SEC is "building a real-time system to be used by an agency that can't act in real-time." There is no description in the Release of how the SEC will create such a real-time decision-making capability. And if it tried, there would be chaos in the markets. Do we really imagine an SRO or the SEC will step in and tell JP Morgan to stop trading immediately because a database in Rockville, Maryland generated a signal? Do we really imagine the SEC will step in and tell Mrs. Betty Johanssen of Red Lake, Minnesota to cancel her market order in 3M because it might be destabilizing? Set aside the tiny number of market abuse cases every year and suppose the Release gives regulators tools to uncover hundreds of cases (doubtful, see below), the current theory of market abuses like price manipulation, spoofing, marking the close, and the others requires an investigation to discover intent and prove scienter, so it is impossible for the SEC or any other regulator to claim it can act against these abuses in real-time.

A comprehensive database of NMS transaction activity is a very good idea. Standard market participant identifiers and standard reporting formats can only help improve market surveillance. Market participants trade on any one of 50 different market centers, and there can be no doubt whether market regulators need a consolidated data repository of some kind. But a $14 billion database to detect and thwart "manipulative or other illegal activity" in real-time is far too much money spent on an unachievable goal. The principle objective should be to build the database as cost-effectively as possible, to scale its delivery timelines to realistic regulatory decision-making timelines, to demonstrate its utility to the public, and, if regulators improve their decision-making timelines, to revisit the question of real-time data delivery later.

Natural Experiments

There is what economists call a "natural experiment" for a consolidated audit trail. The OATS audit trail is, as FINRA describes it, "an integrated audit trail of order, quote, and trade information for Nasdaq and OTC equity securities." Quoted in Securities Industry News, Professor James Angel recently called OATS a "really nice audit trail." But about the consolidated audit trail proposed in the Release, he reasonably asked whether regulators are "really going to have the analytical expertise to understand what they get?"

Do regulators understand what they get from OATS? Reviewing FINRA disciplinary actions for the first half of 2010, we find several sanctions for market abuses in pink sheet names, but none for market abuses like spoofing, price manipulations and front running in NMS securities. We also find scores of fines and sanctions for OATS reporting violations -badly formatted data, miscoded data, late data, missing data. If you're going to have a database, the data has to be reliable, so FINRA must rigorously enforce OATS rules. An important question to ask is whether the regulatory burden of maintaining OATS is justified by its regulatory success in uncovering market abuse. In 1996, the SEC ordered OATS to be "an audit trail sufficient to reconstruct the markets promptly and effectively surveil them," yet so far as we can glean from the public record the SEC hasn't had a spoofing case in NMS securities since 2002, or a front running case in NMS securities since the Watley squawk box case in 2003, or a marking the close case in NMS securities since 2003. Now, in 2010, the Release asks for $14 billion to "monitor and surveil the securities markets as well as to perform market reconstructions."

Industry experience with OATS suggests regulators will need a significant infrastructure to examine firms for compliance with the Release's data reporting requirements, to remediate errors, and to issue fines for violative conduct. Observing that OATS compliance, remediation and industry fines are a large part of OATS infrastructure and FINRA disciplinary actions, while the number of market abuse enforcement actions for violations like spoofing, price manipulation and front running is small, it is reasonable to ask whether regulators end up captured by their databases. How will the Release's audit trail be any different?

The SEC's record with insider trading is much more impressive, and the proposed audit trail will undoubtedly improve that record by including account holder data. We don't know the underlying rate of insider trading violations, so we can't predict by how much that record will improve, but surely it will be significant. In most cases, however, the insider acts days, weeks or even months ahead of the release of material information and a stock's subsequent price reaction, so it is difficult to imagine how real-time data can improve regulator timeliness.

Apart from insider trading, it's possible we have so few new cases of various market abuses because regulators were so successful in the past. It's possible there is no front running, closing prices aren't being marked, and no one is spoofing. If that's true, there's no need for a $14 billion database. It's also possible that beginning in about 2002, regulators lost their ability to detect front running, marking the close, spoofing, and other abuses and we just didn't know about it until now, almost a decade later. Saying "Rapid technological advances and regulatory developments have produced fundamental changes in the structure of the securities markets, the types of market participants, the trading strategies employed, and the array of products traded," the Release argues that case. If this is true, we must suppose that every single case since 2003 - every one - of market abuses like spoofing, front running, and marking the close was effected in such a way to take advantage of those "fundamental changes" in the market, which isn't credible. Fundamental changes did not move in lockstep across the range of NMS securities, either. Many NMS securities still trade mainly on their listing market. Trading in Nasdaq-listed securities in general saw "rapid technological advances and regulatory developments" about five years earlier than did NYSE or (non-ETF) AMEX securities, and yet the record among them appears to be no different. So, what happened? We don't know, but it stretches belief it has all been attributable to the lack of real-time data.

Single Point of Failure

The Release requires that all SROs adapt their surveillance systems to use the new consolidated audit trail, which will force a universal surveillance dependency on a single facility, a facility with many potential points of failure. The implications of this are significant, undercut the Release's aspiration for real-time surveillance, and introduce a significant systemic failure point. As a simple analogy, imagine if all equities and options trading in the United States operated through a single facility. Would that imply operational reliability or would it imply operational risk?

Under the universal regime proposed by the Release, an error or delay from any reporting entity - exchange, dark pool or other ATS, or broker firm - can introduce error into or delay processing of surveillance for all of the equities and options markets in the United States. How does surveillance proceed if data is late or compromised? If surveillance processing for a given day has completed, and it's later discovered a reporting entity sent bad data, or data was missing, is all of the data reprocessed? Is there any room for an SRO to, in effect, declare self-help against the consolidated audit trail and proceed with surveillance processing even though a reporting entity is late? If timeliness is an imperative, if "it is critical to the integrity of the consolidated audit trail that data submitted to the central repository be submitted in a timely manner and be accurate and complete," if SROs must "make use of the consolidated information contained in the consolidated audit trail" and the SEC "believes the systems that carry out this surveillance should be updated" to operate in real-time - and setting aside the unrealistic expectation that regulators themselves can operate in real-time - what happens when this system breaks? Judging from OATS, such a system might "break" (in the sense of receiving late, incomplete or bad data from reporting firms) every day.

Bridge to Nowhere

The Release is unrealistic, too ambitious. It supposes that a new database will improve regulatory success in detecting and punishing market abuses, but the record of the last 10 years suggests the problem isn't with the data, the problem is somewhere else.

The problem might be definitional. For example, how do you prove "spoofing" or "layering" when in a post-Reg NMS world every order is at risk and it is perfectly legal to submit 1,000 orders a second? How do you prove price manipulation when you accept almost any quantitative strategy as legitimate and, indeed, when some products actually depend on "price manipulation" so market prices reflect a security's real value? How is "front running" or "trading ahead" even relevant when firms ping market centers with IOCs and buy data feeds telling them exactly where hidden interest rests, or when the buy-side says the operative theory of front running is an anachronism in todays markets? How do you prove "manipulation" when you can't define it or distinguish it from what might otherwise be perfectly legal activity?

The problem might also be regulatory capture as staff circulate out of the SEC and SROs and into member firms, and - presumably in good faith, with the best intentions - use their contacts and relationships to defuse enforcement actions. The problem might be labor market dynamics, because firms usually pay more than regulators so regulatory staff get trained and, just when they rise to more senior positions, circulate to firms simply to improve their incomes.

The problem might also be - in part - databases, since no single regulator has a consolidated and comprehensive view of trading, and it is well worth the expense and effort to implement standard broker identifiers across markets and build a simple T+n consolidated audit trail, at least among SROs, and let the SROs experiment with new surveillance technologies. Based on such a pilot, and with any actual success in revitalizing market surveillance, the SEC can reasonably demand more.

Given that we don't know what the problem is, however, a $14 billion database justified by abuses largely undetected and unprosecuted for nearly a decade, with no credible explanation as to why that is so, along with a mandate to insert that database as a critical component of the National Market System, is a regulatory bridge to nowhere.