anton4.jpg

Cybercrime Meets Insider Trading

The SEC announced on Tuesday charges against 32 defendants involved in an unprecedented illicit scheme deployed in the US and overseas. The scheme involved hacking websites of newswire services and stealing unpublished information about numerous public companies in order to enter into illicit trades that resulted in record profits.

The case "illustrates the risks posed for our global markets by today's sophisticated hackers," SEC chief Mary Jo White said. "Today's international case is unprecedented in terms of the scope of the hacking at issue, the number of traders involved, the number of securities unlawfully traded and the amount of profits generated."

The international scheme involves players in Ukraine, Russia, Malta, Cyprus, France and the United States. Two Ukrainian hackers used advanced techniques including phishing (emails with links sent to employees that, once clicked, give access to a firm’s network) to access press websites and extract information about corporate earnings before it went public, and then relay the information to traders who allegedly paid the hackers a flat fee or a percentage of the profits from trades executed based on stolen material non-public information. As a result of hacking the computer servers of the news agencies, the trader defendants gained an unfair trading advantage over other market participants because they knew the content of the press releases before that information was publicly announced. The scheme operated for over 5 years and generated profits over $100 million. The defendants allegedly stole more than 100,000 press releases before they were publicly issued.

Our Perspective

The case shows the novel applications of cyber-crime and the importance of asserting rigorous cyber-controls. It also shows the significance of protecting information you relay to third parties and the critical importance of vendor cyber-due diligence—your data is only as safe as the weakest link of the chain. ie vendor that holds it. Numerous publicly-traded companies including Panera Bread Co and Radio Shack uploaded information about their earnings to the hacked websites which thus became repositories of critical data.

The SEC charges can be found here:

http://www.sec.gov/news/pressrelease/2015-163.html

The U.S. Attorney’s Office for the District of New Jersey and the U.S. Attorney’s Office for the Eastern District of New York announced parallel criminal charges against several of the defendants in the SEC’s action.

Newsletter

Get the latest compliance news and insights - delivered weekly. The SEC3 Communique covers all compliance topics. CCO3 focuses on CCO topics.
tip: check both to keep informed!

Communiques

Pre-Dating & Back-Dating are Equally Risky

The SEC today suspended three accountants formerly of BDO USA LLP for improper professional conduct during its 2013 audit of AmTrust Financial Services Inc., an exchange-listed insurance company. According to the... read more »

Fiduciary Duty

On Friday, September 28, 2018 the SEC charged LendingClub Asset Management (LCA) and its former president Renaud Laplanche with fraud for improperly using fund money to benefit LendingClub Corporation (LendingClub),... read more »

Exciting Summer Project -- Dig Into Some Sand or Dig Into Your Firm's Best Ex Pr…

The Office of Compliance Inspections and Examinations (OCIE) issued a risk alert July 11 targeting investment advisers’ most common deficiencies with regard to their best execution obligations under the Investment... read more »

SEC Adopts Fund Liquidity Reporting and Disclosure Changes

The final week of June was a busy one for SEC releases following the SEC’s June 28th open meeting. Among these was a revisit of Rule 22e-4 under the Investment... read more »

More SEC Settlements - This Time Form PF Filing Deficiencies

On June 1st, the SEC announced settlements with 13 RIAs who repeatedly failed to file Form PF reports. Most of these firms never filed over the review period (2012 through... read more »

Two Recent Enforcement Actions Against Private Fund Advisers

The industry should not misinterpret the SEC’s 2018 National Exam Program Priorities as a shift away from private fund advisers. As discussed during the SEC’s recent National Compliance Outreach Seminar... read more »

Events

Chief Compliance Officer Roundtable: Breakfast Briefing - November 8, 2018

When: November 8, 2018 Where: Blank Rome LLP | The Chrysler Building | 405 Lexington Avenue | New York, NY 10174 | 22nd Floor Boardroom | Phone: 212.885.5000 Schedule: 9:00-9:30am - Networking...

Dorsey PF 2018 Symposium

When: September 26, 2018 (8:30 am - 6 pm Where: Dorsey & Whitney LLP | 51 W. 52nd Street | New York, NY 10019 Directions > SEC3’s President, Janaya Moscony will join...

Chief Compliance Officer Roundtable: Breakfast Briefing - June 14, 2018

When: June 14, 2018 Where: Blank Rome LLP | The Chrysler Building | 405 Lexington Avenue | New York, NY 10174 | 22nd Floor Boardroom | Phone: 212.885.5000 Schedule: 9:00-9:30am - Networking...

Webinar: 2018 SEC Exam Priorities & Recent Exam Highlights

Don’t miss the opportunity to meet with us in person to discuss the topics that matter most to you. Tobin S. Cochran, Managing Member/President of Focus 1 Associates, LLC and...

Chief Compliance Officer Roundtable: Breakfast Briefing - February 7, 2018

When: February 7, 2018 Where: Blank Rome LLP | The Chrysler Building | 405 Lexington Avenue | New York, NY 10174 | 22nd Floor Boardroom | Phone: 212.885.5000 Schedule: 9:00-9:30am - Networking...

Upcoming Events - September & October 2017

Upcoming Events Don’t miss the opportunity to meet with us in person to discuss the topics that matter most to you. SEC3 is teaming up with industry experts in NYC to discuss...

May 23, 2017 - Webcast: WannaCry Ransomware: Were You Really Protected or Just L…

When: Tuesday, May 23rd, 2017 | Schedule: 12pm - 1pm EST Who: Paul Caiazzo, CEO and Co-Founder, TruShield Security Solutions Michael Brice, Founder, BW Cyber Services John Lukan, Managing Director, SEC Compliance Consultants, Inc. We...

June 14, 2017 - Compliance Breakfast Briefing

8:30-9:00am - Networking and Continental Breakfast 9:00-10:30am - Program Location: Willkie Farr & Gallagher LLP | 600 Travis Street | Suite 2310 | Houston, TX Barry Barbash from Willkie Farr & Gallagher LLP,...

June 13, 2017 - Compliance Breakfast Briefing

8:30-9:00am - Networking and Continental Breakfast 9:00-10:30am - Program Location: Haynes and Boone, LLP | 2323 Victory Avenue | Suite 700 | Dallas, TX 75219 Validated parking is available in the garage attached...

May 31, 2017 - Chicago

9:00-9:30 a.m - Networking and Continental Breakfast 9:30-11:00 a.m - Program Location: Baker & McKenzie LLP | 300 East Randolph Drive | Suite 5000 | Chicago, IL 60601 Kristin Gonzalez and Jerome Tomas...

May 17, 2017 (NYC WIMF)

This event is by invitation only. Please email info@seccc.com to learn more.

May 15, 2017 (NYC Chief Compliance Officer Roundtable)

9:00-9:30am - Networking and Continental Breakfast 9:30-11:00am - Program Location: Blank Rome LLP | The Chrysler Building | 405 Lexington Avenue | New York, NY 10174 | 22nd Floor Boardroom | Phone:...

Webcast: The Most Insidious Cybersecurity Threat Is Also The Least Understood

When: Tuesday, April 25th | Schedule: 12pm - 1pm EST Who: Paul Caiazzo, CEO and Co-Founder, TruShield Security Solutions Michael Brice, Founder, BW Cyber Services John Lukan, Managing Director, SEC Compliance Consultants, Inc. Ransomware, the...

CCO Liability (Part III): Managing Liability Webinar

In this webinar, panelists discuss indemnifications and insurance as potential remedies to address the direct financial risks to a CCO. Attendees will learn: What terms and conditions should Chief Compliance Officers be...

Webinar: CCO Liability (Part III): Managing Liability: Navigating Indemnities an…

When: Tuesday, February 21, 2017 Schedule: 11:00am ET / 10:00am CT / 9:00am MT / 8:00am PT / 7:00am AT Description of Webinar: The National Society of Compliance Professionals is pleased to host...