While most of the attention of regulators is focused on market abuse by regulated financial services firms, the full range of publicly listed companies are now also being encouraged to pay more attention to these issues. The reason is simple – widening company share ownership by employees (especially senior management) and the attendant risks of inside information leading to market abuse. Combined with the increased penalties for issuers as a result of new regulations such as MAR and MiFID in Europe, the cost of getting this wrong is certainly going up.
Misbehaviour by members of company management has a long and troubling history representing a recurring theme through the annuls of white collar crime in many jurisdictions around the world. But what many find even more interesting are the examples in which members of management were accused of insider trading but later cleared. The reputational costs of these investigations have often been devastating for both the company and the individuals involved and remain a salutary tale of why it is increasingly important for listed companies to have robust systems to track company share ownership, periods of restricted share trading and actual trading activity.
Last year’s Equifax data hack scandal is a great example: five employees were at first accused but only one was later found to be guilty of insider trading. This group included senior executives who suffered potentially crippling damage to their reputations. The ensuing investigations took a great deal of time because the company had no system to monitor restricted periods or trading in company shares by employees. This meant that they were unaware of any suspicious activity and had no easy way to evidence what had happened. It is a story that any company would wish to avoid and there are certainly tools that offer companies a level of control to assure greater peace of mind.
The key challenges for companies lie in a few, fairly obvious areas. The first is deal activity, something known by a fairly small group of individuals, but news of which could have a big impact on stock prices. There needs to be a clear set of procedures around this and a system that monitors activity.
A second area of risk is around results announcements, where most companies have well established policies that block stock trading for a period of time before company results are announced. While this is an area with typically established procedures, companies may not have systems that monitor and evidence activity in a robust fashion and this gap can create dangerous problems in the event something goes wrong.
A third source of risk surrounds the issuance of new securities or a secondary offering. Issuance involves many of the same challenges as deal activity and requires the same standard of control. A company’s legal and/or investment banking advisors should be providing guidance in these areas but the use of a system that monitors activity and traces timing and results with a bullet-proof audit trail will be invaluable in de-fusing potential scandals or protecting the company’s position if an accusation proves correct. A company that can quickly demonstrate that it is truly on top of these issues will come out far better than one who just looks surprised or perplexed.
The connecting threads in all of these situations are clear and properly executed policies and procedures plus the appropriate system to provide both controls and auditability. ComplySci has been used by the financial services industry for many years to help those regulated firms manage exactly this kind of risk. It permits comprehensive monitoring and control at the touch of a button that will satisfy the most demanding board scrutiny or regulatory investigation. It is a tool that all publicly listed companies should have as part of their risk management armoury – before something appears in the morning newspaper, not after.