It was more than a year ago that the U.S. Securities and Exchange Commission (SEC) cracked down on a group of hackers and traders who obtained confidential, non-public information about publicly traded companies by hacking websites for press releases. A recently released report by a cybersecurity company suggests that such insider trading continues, although this time with data obtained through phishing from personnel at publicly traded companies who typically file reports to investors with the SEC.
There has already been much commentary on the impact that President Trump and his administration will have on government enforcement efforts. Trump has made it clear that he intends to streamline government regulation of business in order to spur the economy. He’s also promised to dismantle Dodd-Frank, the law that started the SEC and CFTC whistleblower programs. If Trump succeeds in getting government off the back of businesses, then that will likely mean less enforcement actions against these businesses for running afoul of regulations that don’t fit into Trump’s plan.
The Supreme Court issued its decision in Salman v. United States today, the first insider trading case to reach the Justices in more than 20 years. The Supreme Court upheld the standard from its prior ruling, Dirks v. SEC, 463 U.S. 646 (1983) and concluded that a tipper personally benefits from a gift of confidential information to a trading relative or friend because it is as if the insider traded himself and then gifted the profits to the recipient. Our previous post on the case is here.
The Southern District of New York has seen a resurgence in government lawsuits over insider trading in 2016 following a 2015 decline that has been attributed by commentators to the Second Circuit’s decision in U.S. v. Newman. The U.S. Attorney’s Office there, led by Preet Bharara, has filed charges against 11 individuals so far this year, a pace that hasn’t happened since 2012, when the office filed cases against 17 people.
For years, the Securities and Exchange Commission has been discussing building a database of information about stock and options trading activity. The Consolidated Audit Trail (CAT) system took another step closer to creation when the SEC voted to open the plan to public comment yesterday.
Last year, we speculated about the likelihood that the Supreme Court would accept a significant insider trading case at the urging of the Justice Department. Although the Supreme Court denied cert in United States v. Newman from the Second Circuit, the subject of the DOJ request a few months ago, it will now review an insider trading conviction from the Ninth Circuit: United States v. Salman.
The insider trading case brought against the Ukrainian investment banking firm Jaspen Capital Partners and its chief executive as part of the SEC’s recent freeze on accounts trading early on information from hacked press releases has resolved with an agreement to pay the Securities and Exchange Commission $30 million.
The allegations in these cases involve the identification of companies expected to make newsworthy announcements, the hacking of three different press release sites to obtain the news early, and the passing of information to various traders to buy or sell stocks on the basis of the nonpublic information.
Insider trading is prosecuted under the anti-fraud section 10(b) of the Securities Act and Rule 10b-5. Although insider trading typically involves a corporate insider with nonpublic information, it can also apply to outsiders who acquire material, non-public company information under the misappropriation theory popularized by U.S. v. O’Hagan, 521 U.S. 642 (1997).
This is one of the first, if not the first, settlement of a securities case involving hacking. We expect more cases of this type in the future involving both insider trading and improper disclosures by public companies. In this case, the SEC is continuing to pursue the other defendants in the ring.
The SEC has brought an enforcement action against a small group of hackers who fed nonpublic information stolen from press release distribution companies and then passed the information to traders who profited through insider trading with the tips.
The hackers and traders stole information about the corporate releases of more than thirty companies. According to the complaint, they posed as employees and customers of the press release companies and then used proxy servers to mask their identities. The scheme allowed them to learn about upcoming earnings announcements early and then pass that information on to a network of traders in several different countries to trade on that information. The insider trading violations netted them more than $100 million in illegal profits over the five year period.
The press release suggests that the SEC used their analytical trade analysis tools in order to find the suspicious trading patterns rather than a whistleblower. However, this is the type of enforcement action that might have resulted from a SEC whistleblower tip. The program allows individuals to provide information about violations of the federal securities laws, including insider trading, to the government. An insider trading whistleblower, if there was one in this or another case, would stand to be awarded between 10 and 30 percent of the recovery if they were eligible for an award.
Cybersecurity has been a big area recently for the SEC as intrusions into public companies have allowed previously nonpublic information to be passed to traders who can take advantage of it in the stock market. In June, the SEC was reportedly looking for a hacking group known as FIN4 that was hacking into biotechnology and healthcare companies for inside information that they could use to profit on.
The SEC is looking for data breaches of confidential information such as mergers at eight listed companies in connection with an insider trading investigation that is being called the first securities investigation of its kind.
The Securities & Exchange Commission investigation was launched because of a report by FireEye Inc, a security company, about a group that has been called FIN4. The group has been trying to breach email accounts in biotech, pharmaceutical and other health care companies in order to take advantage of confidential, market-moving information such as mergers.
We’ve talked before about the possibility of cybersecurity whistleblowers receiving rewards for reporting hacking and insufficient disclosures by publicly traded companies, but this is the first example that I have seen of an electronic security com pay that might have discovered something that could lead to a whistleblower reward. The SEC must collect more than $1 million in an enforcement action to make an individual eligible for an incentive of between 10 and 30 percent of the total collected.
Hacking has been big news lately, and we’re not talking about the Sony hack around Christmas:
A Polish airline grounded dozens of flights because of a five hour cyber attack that disrupted their flight plan system. If confirmed, this would be one of the first instances of delayed or canceled fights due to hacking. Earlier this year, there were reports that a passenger hacked an airplane’s flight control system through the on-board wifi.
The St. Louis Cardinals’ front office is accused of hacking into the business intelligence of the Houston Astros. Federal prosecutors have issued subpoenas to the Cardinals, Astros and MLB looking for information.
A cyber attack against the Office of Personnel Management that stole federal employee data has been called the most devastating in our nation’s history, according to Senator John Boozman (R-Ark). The breach of the computer systems in late 2014 went undetected for month and now reportedly affects up to 18 million federal workers.
Federal Judge Suspends Insider Trading Case Amid Questions of In-House Judge Appointment Constitutionality
The Securities and Exchange Commission’s appointment process for administrative law judges is under fire, with a federal judge ruling that it is likely unconstitutional while suspending an insider trading case scheduled to start next week.
The SEC’s in-house administrative courts have been under criticism recently, as critics charge that the forum is biased in the securities regulator’s favor and the rules unfairly strip defendants of procedures available in federal court.
The SEC has five administrative law judges and is bringing an increasing number of cases to its internal tribunal rather than federal court. A litigant in an upcoming insider trading case challenged the constitutionality of the tribunal. The U.S. District Judge considering the injunction halted the trial, set to start next week, pending a final decision on the arguments.
We have not read a copy of the ruling, but from the Wall Street Journal article discussing it, it appears that the basis of the challenge is the appointment process rather than the fairness of the procedure. The judge found the Constitution requires a judge be appointed by the people running the agency. The SEC Commissioners did not approve their hiring. Instead, they were hired through the office of in-house judges.
The SEC is expected to have its Commissioners issue appointments in response. In the meantime, defense attorneys are probably salivating at potential challenges to present, and maybe even past, administrative court actions.
Have questions about how this might affect a tip under the whistleblower program? Contact one of our SEC whistleblower lawyers for additional information. They can be reached by our contact form or by phone at 1-800-590-4116.