A Motivated Agency: The SEC Closing the Loop on the Edgar System Cyber Breach

You may recall after Clayton took the helm as Chairman at the SEC, the agency disclosed that it had its own cyber breach and the Edgar system was compromised. Today, the SEC announced charges against nine defendants for participating in a scheme to hack the SEC’s EDGAR system and extract nonpublic information to use for illegal trading. The SEC charged a Ukrainian hacker, two other entities and six individual traders in California, Ukraine, and Russia.

The SEC’s complaint alleges that the Ukrainian hacker, Oleksandr Ieremenko, used hacking techniques to gain access to EDGAR in 2016 and extract nonpublic “test files”. These test files allow companies to submit in advance of their official filings to ensure EDGAR will process the filings as intended. Issuers sometimes elected to include actual, nonpublic information in these test filings, including quarterly earnings results not yet released to the public. The information was passed to individuals who used it to trade between the time the files were extracted and when the companies released the information to the public. The traders traded before at least 157 earnings releases from May to October 2016 and generated at least $4.1 million in illegal profits.

Enforcement Division Co-Director Stephanie Avakian was quoted in the release, saying “International computer hacking schemes like the one we charged today pose an ever-present risk to organizations that possess valuable information. Today’s action shows the SEC’s commitment and ability to unravel these schemes and identify the perpetrators even when they operate from outside our borders.”

We expect the SEC to grow increasingly efficient at identifying trading anomalies and tracing them back to their source. Despite multiple steps to conceal the fraud, including using an offshore entity and shell accounts to place trades, Staff from the Market Abuse Unit, the Cyber Unit and IT Forensics, with assistance from various other divisions, were able to collaborate and expose the common element behind the traders’ successes, providing evidence that each of them traded based on information hacked from EDGAR.