Managed Funds Association (MFA) submitted a response jointly with the Securities Industry and Financial Markets Association (SIFMA) and the SIFMA Asset Management Group (AMG) to the Financial Industry Regulatory Authority (FINRA) about data security for the consolidated audit trail (CAT).
MFA, SIFMA, and SIFMA AMG urged FINRA to provide much greater transparency into the specific data security standards deployed by FINRA CAT and the CAT NMS Plan to ensure the CAT data set allows for appropriate regulatory use but also is subject to best-in-class data protection standards with respect to the proprietary data it will receive. MFA, SIFMA, and SIFMA AMG requested information around seven key areas:
- Information Security Classification Standards & Subsequent Controls
- Amazon Web Services (AWS)
- Information Lifecycle
- Encryption Keys
- Structured Encryption
- Non PII Data
- CAT Data Security Audit
