SEC vs Virtu: Why Firms Need to Maintain Robust Information Barriers
In September this year, the Securities and Exchange Commission (SEC) filed a civil lawsuit against Virtu Financial, one of the world’s largest electronic trading firms and non-bank market makers, alleging its Americas business had misled clients about the safeguarding of their confidential trading data.
The regulator was concerned that Virtu hadn’t given its clients the full picture regarding its information barriers, and alleged that the firm had failed to establish, maintain, and enforce written policies and procedures reasonably designed to prevent the misuse of material nonpublic information (MNPI). Although Virtu wasn’t accused of using any data inappropriately, the SEC said its proprietary traders could have used it to profit by trading ahead of clients’ future orders.
Virtu hadn’t tried to conceal these hypothetical vulnerabilities but quite the opposite: in a spirit of cooperation, the firm claims it had identified and voluntarily reported them to the SEC during a routine examination in 2019, making the regulator’s decision to sue all the more surprising.
Why is this Case Significant and What Does SEC vs Virtu Mean for Other Firms?
The SEC’s lawsuit against Virtu indicates that it is willing to enforce its information barrier rules aggressively, even when there is no suggestion that insider trading has taken place or MNPI has been used inappropriately.
The message from the SEC is clear: firms must ensure they have reliable information barriers in place to prevent misuse of MNPI. This includes even the most basic information security measures, such as avoiding shared, generic usernames and passwords. They must assess their business-specific MNPI risks; evaluate how effective their policies and procedures are in protecting against them; and periodically test them to identify any potential gaps or weaknesses, which will then need to be addressed.
Protecting Your Firm Against Misuse of MNPI
Establishing the appropriate barriers, policies, procedures, controls, and training to avoid information leakage and mitigate MNPI risk requires automating manual or semi-manual compliance processes, which enables the firm to rapidly identify and address any insider trading activity. However, many systems are not designed to adapt quickly to regulatory changes.
Compliance software technology solutions must be able to capture all relevant information and monitor large flows of MNPI, ensure it is properly segregated, and provide a holistic view of the data via a single source of truth. Star’s Insider Trading Solution gives financial services firms certainty in their ability to monitor and detect insider trading. This provides the compliance team with the confidence that the firm is meeting its regulatory obligations and ensures the firm’s reputation is beyond reproach.
For more information on how to protect your firm against misuse of MNPI, download our ebook.