Consolidated Audit Trail
The Consolidated Audit Trail, universally known as CAT, is a single, centralized database designed to capture the complete life story of every order in the U.S. equity and listed options markets, from the moment it is created through every subsequent event, modification, cancellation, routing, and execution, until that order's life concludes. It is the largest and most comprehensive market surveillance system U.S. regulators have ever built, and it exists specifically to give the SEC and FINRA a single, unified source of truth for reconstructing exactly what happened, and who was responsible, during any given moment of market activity, across every venue an order touched along the way.
Why CAT Exists: The 2010 Flash Crash
CAT's origin traces directly to a single, dramatic market event. On May 6, 2010, U.S. equity markets experienced what became known as the Flash Crash, a rapid, roughly thirty-six-minute collapse and recovery in which major indexes including the Dow Jones Industrial Average briefly plunged by hundreds of points before largely recovering, with more than 20,000 trades executed at prices regulators later determined were clearly erroneous and disconnected from any genuine underlying market value. In the aftermath, regulators discovered a genuinely troubling gap in their own capabilities: they lacked a comprehensive, unified data source capable of quickly reconstructing what had actually happened across the many different exchanges, market makers, and trading systems involved. Piecing together even a basic account of the event took months, drawing on fragmented, inconsistent data scattered across numerous separate systems that had never been designed to work together in the first place.
SEC Chair Mary Jo White later summarized the underlying problem directly: without a consolidated audit trail, regulators lacked ready access to a comprehensive, accurate database of orders entered and trades executed across the U.S. securities markets, making it increasingly difficult to safeguard investors and markets in an era of high-frequency trading, algorithmic strategies, and order flow fragmented across dozens of competing venues. The existing tools available at the time, including FINRA's own Order Audit Trail System and the SEC's older Electronic Blue Sheets process, were each inadequate in their own way: OATS covered only equity orders and excluded options entirely, while Electronic Blue Sheets relied on slow, manual requests for trading information that introduced significant delay and human error into any reconstruction effort. Neither system offered the real-time, cross-market, order-lifecycle view regulators concluded they genuinely needed.
From Rule 613 to a Working System
The SEC proposed what became CAT's foundational rule on May 26, 2010, just weeks after the Flash Crash, and formally adopted SEC Rule 613 under the Securities Exchange Act of 1934 on July 11, 2012, described in Securities Exchange Act Release No. 67457, 77 FR 45722. Rule 613 did not itself build CAT; instead, it directed every national securities exchange and FINRA, collectively referred to as the Participants, to jointly develop and submit a National Market System Plan, the CAT NMS Plan, detailing exactly how they would create, implement, and maintain the system together. The SEC approved this CAT NMS Plan on November 15, 2016, formally setting the joint construction project in motion.
Rule 613 itself sets out the minimum substantive scope the resulting system had to satisfy: an accurate, time-sequenced record of orders beginning with the original receipt or origination of an order, and continuing through every subsequent routing, modification, cancellation, and execution, whether in whole or in part. This "reportable event" concept, defined broadly enough to capture essentially every meaningful thing that can happen to an order during its lifetime, remains the conceptual backbone of the entire system today. Rule 613 also required detailed customer identification, meaning CAT was designed from the outset to link every order not merely to the firm that handled it, but to the actual underlying customer or account behind it, a genuinely significant expansion beyond what earlier systems like OATS had ever required.
A Difficult, Delayed Construction Process
CAT's actual construction proved considerably more difficult than its 2012 adoption might have suggested. The Participants initially selected Thesys Technologies to build the system, but the project's first phase, launched November 15, 2018, arrived roughly a year later than originally planned and without the full functionality regulators and the industry had expected. Following continued technical difficulties, the exchanges announced in January 2019 that they would switch to a new technology vendor, and FINRA itself, through its subsidiary FINRA CAT, LLC, was subsequently selected as the successor Plan Processor in February 2019, taking over responsibility for the system's ongoing technical operation.
Industry-side reporting followed its own extended, carefully phased rollout, discussed in detail in the FINRA Rule 6895 entry elsewhere in this dictionary. Large broker-dealers began reporting their first category of equity data on June 22, 2020, with options reporting and additional data categories phasing in over the following two years, and the full scope of CAT reporting, covering every category of Industry Member across every applicable data type, did not reach complete, industry-wide implementation until July 2022, nearly a full decade after Rule 613's original 2012 adoption.
How CAT Is Actually Governed
CAT operates under a distinctive, somewhat unusual governance structure. The exchanges and FINRA jointly own and operate Consolidated Audit Trail, LLC, commonly called CAT NMS, LLC or CAT LLC, the entity formed specifically to arrange for and oversee CAT's creation, implementation, and ongoing maintenance under Rule 613. This creates a structural dynamic worth understanding directly: the same Participants responsible for enforcing CAT compliance against their own members also collectively own and run the system those members must report into, a dual role that shapes much of how CAT's governance and cost-allocation questions get resolved. Day-to-day technical operation falls to FINRA CAT, LLC in its capacity as Plan Processor, responsible for operating the CAT Reporter Portal, managing data validation and error feedback, and processing the enormous volume of daily submissions from broker-dealers across the industry.
Each individual Participant, including FINRA, separately adopted its own Compliance Rule implementing Rule 613's requirements against its own members, which is why FINRA's Rule 6800 Series, covered extensively elsewhere in this dictionary, exists as a distinct FINRA rule series even though its substantive content mirrors nearly identical compliance rules every other exchange has adopted in parallel. The SEC itself sits above this entire structure as the ultimate overseer, responsible for approving any changes to the CAT NMS Plan, supervising how the Participants enforce compliance, and using CAT data directly for its own market surveillance, investigation, and policy-making purposes.
What CAT Actually Captures
CAT's scope covers NMS Securities, meaning exchange-listed stocks, OTC Equity Securities, and Listed Options, encompassing essentially the full range of order-driven activity across the U.S. equity and options markets. For every order within this scope, Industry Members must record and report each Reportable Event across that order's complete lifecycle: its original receipt or origination, every subsequent routing between firms or venues, any modification to its material terms, cancellation, and execution in whole or in part, along with the eventual allocation of any resulting position to specific underlying accounts. Every one of these events is linked together using a unique CAT-Order-ID, allowing the Central Repository to reconstruct an order's entire journey across every firm and venue it touched, even where that order was split, aggregated with other orders, or routed repeatedly before finally executing.
Critically, and unlike its OATS predecessor, CAT requires this order-level data to be tied directly to actual customer and account identity, discussed in depth in the FINRA Rule 6840 entry elsewhere in this dictionary, giving regulators the ability to trace trading activity not merely to a reporting firm but to the specific underlying customer or account actually responsible for a given order. This customer-linkage capability is precisely what gives CAT its investigative power: regulators can use it to detect patterns like spoofing, layering, and wash trading that might otherwise be difficult to identify when order data from different venues and different points in an order's lifecycle sits scattered across disconnected systems.
An Evolving, Currently Contested System
CAT has continued to evolve substantially since reaching full implementation in 2022, and it remains, as of mid-2026, a genuinely live and actively contested regulatory program rather than a settled, static piece of infrastructure. The SEC issued exemptive relief on February 10, 2025 eliminating the requirement to report certain highly sensitive personally identifiable information, including full Social Security Numbers, complete dates of birth, and account numbers, generating open disagreement among the SEC's own commissioners about the wisdom of that change; one commissioner characterized the move as reducing unnecessary privacy risk, while another, dissenting, characterized it as meaningfully weakening the system's investigative usefulness. The SEC has continued pursuing cost-reduction measures since, including an order reducing CAT's operating costs issued September 30, 2025, described by the SEC's Chair as marking "a new day for the CAT," and a further cost-reduction amendment approved March 27, 2026.
Most significantly for CAT's longer-term future, the SEC issued a formal Concept Release on April 16, 2026, seeking public comment on CAT itself and on other audit trails and data sources more broadly, an unusually open-ended step that signals the SEC is genuinely reconsidering fundamental questions about CAT's design, cost, scope, and even its continued necessity in its current form, rather than simply fine-tuning an already-settled system. Commissioner statements accompanying this release reflect a range of views on where this reconsideration should lead, and the process remains actively unresolved as of this writing, with no firm timetable yet established for when the SEC might act on whatever feedback this Concept Release ultimately generates. Firms and practitioners should treat CAT's current scope and requirements as the present state of a system still very much subject to significant, ongoing debate at the highest levels of the SEC, rather than a permanently fixed regulatory baseline.
Relevance Across FINRA's Examination Programs
The SIE, Series 63, and Series 65 do not test CAT in any operative detail, since these exams focus on conceptual market structure, state securities law, and investment adviser fiduciary obligations rather than the technical infrastructure underlying market surveillance. Candidates preparing for any of these three exams benefit from a basic, high-level awareness that CAT exists and what general purpose it serves, but are not expected to know its specific reporting mechanics, deadlines, or governance structure.
Series 7 candidates should understand CAT at a conceptual level as the system that gives regulators visibility into essentially all order activity across the equity and options markets, reinforcing broader product and market structure knowledge without requiring technical mastery of the underlying compliance rules. Series 24 candidates, by contrast, need genuine, operational command of CAT's requirements, since supervising a firm's CAT compliance program is a real, substantial responsibility for any principal overseeing trading operations, spanning the full range of technical, timing, and data-quality obligations detailed throughout the FINRA Rule 6800 Series entries elsewhere in this dictionary. Series 57 candidates handling order entry and execution directly interact with CAT's requirements daily, whether or not they think of their routine order-handling responsibilities in those explicit terms, since virtually every order-related action they take generates a corresponding CAT reporting obligation somewhere in the firm's infrastructure.
The Working Professional's Vantage Point
For compliance officers, CAT represents one of the most operationally demanding ongoing regulatory obligations a broker-dealer faces, touching nearly every part of a firm's trading infrastructure, from order management systems through clock synchronization, customer account data, and recordkeeping. Unlike many FINRA rules that govern a specific, narrow slice of a firm's business, CAT compliance is genuinely universal: FINRA has been explicit that there are no exclusions or exemptions of any kind based on firm size or type of trading activity, meaning even the smallest broker-dealer handling any order in an NMS Security, OTC Equity Security, or Listed Option bears full CAT reporting responsibility.
Compliance professionals should treat CAT monitoring as a standing organizational priority rather than a project with a defined endpoint, tracking not only FINRA's own Rule 6800 Series rule filings but also developments at the CAT NMS Plan and SEC level directly, since, as illustrated throughout this dictionary's individual rule entries, many of CAT's most significant recent changes have originated at the Plan or SEC level before ever being reflected in FINRA's own rule text.
Technology and operations professionals building or maintaining CAT reporting infrastructure should understand that CAT's requirements span virtually every layer of a firm's trading technology stack, from the accuracy of business clocks and the granularity of recorded timestamps, through the correct identification of customers and accounts, to the underlying recordkeeping systems preserving all of this data for regulatory examination. A firm's CAT program is only as strong as its weakest link across this full chain, meaning a genuinely effective compliance approach requires close, continuous coordination between compliance, technology, and operations functions rather than treating CAT as a project any single department can own in isolation.
Finally, professionals advising newer market entrants, whether a startup broker-dealer or a firm expanding into a new line of business involving order handling for the first time, should understand that CAT compliance is not something that can be deferred or phased in gradually the way it was for firms present during the original 2018 through 2022 rollout. A firm beginning CAT reporting today enters directly into the full, mature scope of the system's requirements from its very first reportable order, with no remaining grace period or incremental on-ramp available, making early, thorough CAT infrastructure planning an essential prerequisite to launching any new order-handling business line rather than a detail that can reasonably be addressed after the fact.
