A recent Securities and Exchange Commission (SEC) action highlights the need for regulated entities and public companies to have in place policies to prevent insider trading and to follow such policies. In July 2011, Janney Montgomery Scott LLC (Janney), a registered broker-dealer, settled an administrative proceeding in which the SEC alleged that Janney willfully violated section 15(g) of the Securities Exchange Act of 1934 the (Exchange Act), which requires registered broker-dealers to establish, maintain, and enforce written policies and procedures reasonably designed to prevent the misuse of material nonpublic information by such broker-dealers and their associates. Without admitting or denying the SEC's findings, Janney consented to an order, pursuant to sections 15(b) and 21C of the Exchange Act, requiring Janney to pay a civil penalty of $850,000 and to retain an independent compliance consultant to review Janney's policies and procedures and report to the SEC.
The Janney order took noticeable efforts to educate regulated and covered entities about their obligations to both maintain and enforce adequate policies and procedures to prevent misuse of material nonpublic information. As explained in the order, the SEC found that for nearly five years, Janney failed to institute and/or maintain adequate policies and procedures for its Equity Capital Markets division, creating the risk that material, nonpublic information could be used for insider trading. The SEC's list of violations included Janney's failure to:
- adequately monitor trading in the securities of companies to which Janney provided investment banking advice;
- maintain an adequate e-mail firewall between its investment banking and research staff;
- enforce its policies and procedures to prohibit noncompliance personnel from chaperoning meetings between investment banking and research staff;
- revise its policies and procedures to address its use of analysts in multiple roles, including working with investment bankers on business opportunities and deals; and
- enforce its policy that all Janney employees receive approval to maintain brokerage accounts at firms other than Janney.
Concerns about insider trading do not only affect registered entities such as broker-dealers and investment advisors, they also affect public companies. As a result of the Insider Trading and Securities Fraud Enforcement Act of 1988 (ITSFEA), insider trading policies have become a mainstay of corporate compliance programs. Since the enactment of ITSFEA, federal regulations impacting insider trading have further evolved as a result of the Sarbanes-Oxley Act of 2002 and the Dodd-Frank Wall Street Reform and Consumer Protection Act. The heightened scrutiny of the insider trading landscape today compels consideration by public companies to adopt appropriate policies to prevent insider trading and to enforce compliance with these policies.
Entity Obligations and Controlling Persons Liability
Prior to 1984, the SEC's remedy for insider trading violations was essentially limited to it seeking injunctions against future violations and disgorgement of ill-gotten profits (or losses avoided). With the Insider Trading Sanctions Act of 1984, Congress gave the SEC the authority to seek up to a three times civil money penalty for insider-trading violations. In 1988, in response to a wave of Wall Street insider trading scandals, Congress enacted ITSFEA, and specifically three provisions aimed at curtailing illegal insider trading. First, Congress imposed an affirmative obligation on regulated entities (including broker-dealers and investment advisors) to adopt, maintain, and enforce policies and procedures designed to prevent insider trading. These requirements are contained in section 15(f) of the Exchange Act and section 204A of the Investment Advisors Act (Advisors Act).
Second, ITSFEA also provided that other covered entities (including public companies) may be subject to insider trading penalties for violations by persons that they have been deemed to have directly or indirectly controlled. Control person liability would apply to an entity where it failed to carry out its express statutory obligations to enact, maintain, and enforce adequate insider trading policies and procedures. Under section 21A of the Exchange Act, in order to impose controlling person liability on an entity the SEC must prove one of two conditions:
- The controlling person knew or was reckless in not knowing that the controlled person was likely to engage in insider trading and failed to take appropriate steps before the violation occurred; or
- For brokers and investment advisors, they knowingly or recklessly failed to adopt, maintain, or enforce the policies and procedures designed to prevent insider trading under section 15(f) of the Exchange Act or Section 204A of the Advisors Act.
As a result, public companies have an affirmative obligation to develop compliance programs designed to prevent violations by controlled persons.
Third, ITSFEA expanded the definition of "controlling persons" to (1) provide an incentive for organizations to internally police potential insider trading activities among its employees, (2) impose an affirmative duty on broker-dealers and investment advisors to maintain reasonably effective written compliance programs, (3) codify a private right of action for "contemporaneous traders," (4) increase penalties for all Exchange Act violations, and (5) permit the SEC to pay bounties to persons who provide information about inside trading.
Controlling person liability would not apply where the "controlling person acted in good faith and did not directly or indirectly induce" the violation. However, such exposure to liability would exist where a "controlling person" allows access to material non-public information (about itself or another entity) without implementing procedures to prevent insider trading or improper disclosure by the "controlled person." Under section 15 of the Securities Act of 1933, controlling person liability will apply "unless the controlling person has no knowledge of or reasonable ground to believe in the existence of the facts by reason of which the liability of the controlled person is alleged to exist."
SEC Report of Investigation on RSA
The SEC previously set forth its views on insider trading policies in a Report of Investigation issued pursuant to section 21(a) of the Exchange Act (RSA Report) regarding the conduct of the Retirement Systems of Alabama (RSA). In the RSA Report, released in March 2008, the SEC discussed its investigation into whether RSA violated insider trading laws by purchasing shares of the Liberty Corporation using material, nonpublic information it had received about a prospective acquisition of Liberty by Raycom Media, Inc. RSA was involved in the discussion and negotiation of the Liberty-Raycom deal as the parent guarantor of Raycom. RSA then purchased 73,700 Liberty shares during the two weeks immediately prior to the public announcement of the transaction in August 2005. After the public announcement, the price of Liberty stock rose significantly, increasing the value of RSA's Liberty shares by more than $700,000.
In the RSA Report, the SEC noted the following deficiencies in RSA's compliance efforts:
- RSA's personnel involved in the violations, including its CEO, lacked clear understanding of the securities law duties and risks implicated in the Liberty-Raycom transaction.
- Neither RSA's in-house general counsel nor outside counsel were tasked with monitoring the company's compliance with the securities laws, nor were they consulted before the trades, and RSA did not have a practice of seeking advice from its counsel regarding such issues.
- If RSA had a reasonable compliance program in place, it likely would not have purchased Liberty stock prior to the public announcement of the transaction.
At the time of the RSA Report, RSA had no program, policy, practice, or training to ensure that its investment staff understood and complied with federal securities laws in general or insider trading laws in particular. RSA did not have a compliance officer, and the responsibilities of its general counsel did not include oversight of RSA's investment activities.
Ultimately, the SEC decided not to seek or to impose penalties against RSA for the following articulated reasons:
- RSA took remedial action, including compensating sellers of the Liberty stock RSA purchased;
- Any penalties imposed by the SEC would be paid from Alabama public employee contributions to the funds managed by RSA;
- RSA cooperated in the staff's investigation;
- RSA's CEO cooperated in the staff's investigation, acknowledged error in directing RSA's purchases of Liberty stock, and authorized remedial action;
- No individual profited from the stock purchases and violations; and
- RSA adopted a compliance program aimed at preventing future violations.
The SEC decided to issue the RSA Report "to emphasize the responsibilities of all investment professionals, including large public retirement systems and other public entities, under the federal securities laws and to highlight the risks of not having a compliance program." As was demonstrated in the RSA and Janney cases, companies that fail to institute and enforce effective compliance programs expose themselves to charges for insider trading and controlling person liability.
Establishing Proper Control Procedures
In addition to concerns about stepped-up enforcement efforts, the financial crisis that closed out the last decade has particularly highlighted practices that are worth revisiting in the context of insider trading policies, including, among others, of allowing employee hedging, pledging, or short selling of company securities, or other derivative transactions that have similar effect. The financial crisis focused attention on the issues arising in connection with market products used by executives of public companies to sell their interests, and companies should revisit their compliance programs to ensure that they properly consider current investment activities of their employees. The following should be considered in properly aligning compliance programs with insider trading regulations:
Having a Company Policy
Companies should institute policies governing trading of their securities by officers, directors, employees, and others with inside information (insiders), targeted at preventing trades at times when insiders may be in possession of material nonpublic information. Policies and procedures are not one-size fits all and covered entities should develop individual policies and procedures that are tailored to their specific operation, industry and employee base.
Implementing Effective Monitoring Procedures
It is important to establish appropriate monitoring procedures that will not only serve to detect potentially problematic trades, but will also serve as a deterrent against violations of the policy and federal securities laws. Potential breach of an insider trading policy can be costly (both economically and to the reputation of the company). Ensuring that the policies are designed to promote compliance with the insider trading laws will provide greater protection from the risk of claims from regulators and private parties.
Pre-clearance Requirements and Blackout Periods
In order to promote greater oversight, companies should require pre-clearance of trading of company securities by appropriate insiders with a designated member of management and a trading blackout period for such insiders. This does not suggest that such pre-clearance and blackout procedures be used for all employees. Each company is different and the universe of insiders to be covered by such procedures needs to be considered on a company-by-company basis. Quarterly blackout periods should range from the time period during a quarter when results begin to be known, which can be 30 to 45 days before the end of the quarter, to one to two days after the end of the quarter. It is important for the blackout period to provide for time after the earnings are released for the news to be absorbed by the public. Instituting pre-clearance measures serves three very important purposes: (1) they provide added protection for the company against accusations that it enabled or neglected insider trading violations, (2) they provide added protection for directors and officers of the company against claims of insider trading by lessening the likelihood of inadvertent insider trading, and (3) they allow the company access to real time information on the trading activities of its officers and directors, which fosters better compliance with Form 4 (Beneficial Ownership) reporting.
For ongoing monitoring, companies with existing pre-clearance requirements should evaluate whether additional officers or employees should be covered by their pre-clearance requirements and blackout periods in light of their potential direct or indirect access to material non-public information. In addition, for companies undergoing specific events (i.e., the consideration of major strategic decisions, customer acquisitions, government investigations, etc.), adopting specific procedures and blackout periods for those employees and insiders involved with or having knowledge of such events should be considered. All pre-clearance policies should make clear that the imposition of any special blackout period or the fact that any intended trade has been denied pre-clearance should itself be treated as confidential information, and should only be disclosed to those persons with a need to know such information.
Additionally, all insiders should be cautioned that even if there is no blackout in place that they cannot trade if they possess any material nonpublic information.
Consultants, Contractors, and Other Outside Resources
Such companies and individuals retained by a public company for their specialized expertise should be considered as market professionals who should adhere to the company's policies and procedures governing insider trading. Public companies should ensure that their policies and procedures address how to maintain the confidentiality of material non-public information that they shares with their consultants and contractors. In appropriate situations, companies should have such outsiders represent that they have their own insider trading policies.
Protecting Confidential Information
Nonpublic information should be narrowly disseminated to employees on a need to know basis. It is important to educate insiders on the nature and scope of insider trading regulations and their obligations to uphold company policies and procedures for handling and maintaining the confidentiality of any material nonpublic information.
Sharing Information About and Trading in Securities of Other Companies
Employees should be advised through the company's code of conduct and policies that they should not trade in the securities of other companies based on information learned while working at the company or derived from their course of dealings with those third-party companies.
Training and Awareness
It is important for employees to understand the significant ramifications that can result from using or disclosing material nonpublic information to anyone (including co-workers, family members, or others). Companies should conduct training programs regarding their insider trading policies periodically with employees for ongoing monitoring and updating, and effectively communicating any updates to these policies to their employees. Training and awareness programs should also effectively communicate the consequences that the employee and the company could face for violations of insider trading regulations.
Pledging, Hedging, Short Sales, and Other Similar Activities
SEC rules have required that companies disclose pledging arrangements by management in their annual proxies. Additionally, the Dodd-Frank Act requires the SEC to adopt rules requiring companies to provide additional disclosures regarding employee and director hedging arrangements. The SEC has not yet issued such rules, but they are required to mandate disclosure as to whether or not employees or board members are permitted to engage in hedging transactions regarding their holdings of company securities. As a result of what will be new disclosure requirements, companies should consider adopting policies or adding provisions to existing insider trading policies that cover these types of transactions as well as procedures for disclosing such arrangements in their proxy, including: (1) prohibiting hedging transactions for employees and directors; (2) subjecting hedging transactions to a pre-approval process; or (3) restricting the types of hedging transactions that may be undertaken.
Rule 10b5-1 Plans
Companies should encourage insiders who wish to sell company stock to institute Rule 10b5-1 plans as a complement to the company's insider trading policies, which permit insiders to achieve liquidity for their stock positions in an orderly and controlled manner, while providing a safe harbor to the individual from insider trading violations. Rule 10b5-1 trading plans, when properly adopted, have become an effective means for insiders to continue to trade in their company's securities even when they are aware of material non-public information and even during a blackout period. An effective insider trading policy should specifically acknowledge the use of Rule 10b5-1 plans as an exception to the general prohibitions on trading while in possession of material non-public information. Companies can institute separate procedures or incorporate procedures for Rule 10b5-1 plans into their existing insider trading policy. Parameters for Rule 10b5-1 plans should consider: (1) specifying when a plan may be entered into (e.g ., outside of a blackout period); (2) pre-approval procedures for the plan; (3) a cooling-off period before the first trade under a Rule 10b5-1 plan is permitted; (4) restrictions on termination of, and the entry into successive plans; (5) limitations on modifications to plans, (e.g., mandatory waiting periods before modifications can take effect); and (6) the disclosure of the entry into Rule 10b5-1 plans.
A well-designed and properly implemented insider trading policy creates an effective prophylactic against inadvertent insider trading, and provides a mechanism for a company to demonstrate that appropriate steps have been taken to prevent insider trading violations, and to assert a defense against "controlling person" liability for trades made by its insiders under the Exchange Act.