Access to CAT Data is limited to the SEC and SRO regulatory staff, with access to customer and account data (which is stored and handled separately from the order and trade data) further restricted. Participants’ authorized regulatory users must execute a Safeguard of Information Affidavit prior to access, which provides, among other things, that authorized regulatory users must maintain the confidentiality and security of CAT Data and only use CAT Data for regulatory purposes. In addition, a CAT Security Awareness Training Course is made available to all authorized regulatory users by the Plan Processor; Participants’ authorized regulatory users are required to complete the training prior to accessing CAT Data.

In accordance with the objective set forth in the Rule 613 Adopting Release and the CAT NMS Plan Approval Order, the CAT is used to enable the analysis and reconstruction of broad-based market events, facilitate market analysis in support of regulatory decisions, and support market surveillance, investigations, and other enforcement activities.

A limited number of Plan Processor personnel may also access the data in conjunction with supporting operation of the CAT System. These Plan Processor personnel are subject to various controls including execution of a Safeguard of Information Affidavit, background checks, CAT-specific security awareness training, and security monitoring.