by Avi Gesser, James H.R. Windels, Joseph A. Hall, Laura Turano, and Zachary Shapiro

The recent convictions of two traders for using hacked press releases and the settlement of SEC insider trading charges against a former Equifax manager highlight the significant insider trading risks companies face when dealing with a cyber event.  These risks come in two forms.

First, there is the risk that someone (either inside or outside the company) has gained unauthorized electronic access to material nonpublic information (“MNPI”) about the company or one of its business or transaction partners, and will use that information for illegal securities trading purposes.  On July 6, a jury in Brooklyn convicted two traders for securities fraud, money laundering and computer intrusion for using hacked press releases to trade on MNPI.  To reduce that risk, companies can adopt various cybersecurity measures such as two-factor authentication, access controls, encryption, phishing training, network segmentation, and system monitoring.  Davis Polk’s Cyber Portal 2.0, which is now available to our clients, provides detailed checklists and other resources to help companies reduce cybersecurity risks. Continue reading →