How to Protect Your Investment Management Firm from a Material Non-Public Information (MNPI) Breach

The leakage of material non-public information (MNPI) and the use of MNPI in trading is prohibited globally and is a significant risk to investment management firms. However, identifying MNPI leaks or the insider trading offenses that may follow can be challenging.  

What is MNPI? 

MNPI is information that is not public knowledge nor generally available to investors but would likely influence an investment decision.

“Material” refers to the nature of the information and whether a reasonable investor would consider it important for an investment decision. “Non-public” specifically maintains that the information is not publicly known or available at the moment. 

In this blog, we explore what an MNPI breach looks like, when and where it is most likely to occur, and strategies for protecting your firm from an MNPI leak. 

What Does an MNPI Breach Look Like? 

Insider trading becomes a risk to firms when MNPI is leaked, and trading activities are conducted because of insider information. In many instances, MNPI breaches are intentional and come about when someone privy to MNPI advises an acquaintance to make a trade or sell stocks using the information.

However, a breach can also happen unintentionally due to poor internal controls or weak information barriers within a firm.  

Whether intentional or unintentional, firms can be penalized heavily if they are not able to identify and prevent MNPI breaches.

Regulating bodies such as the SEC are particularly concerned with external meetings that have the potential to involve the exchange of MNPI, as they can be a source of insider trading and other securities law violations. Some types of external meetings regulators pay close attention to in the context of MNPI include: 

• Investor Meetings and Conference Calls: Market participants often hold meetings and conference calls with investors, analysts, and other stakeholders. These meetings can be a platform for discussing sensitive information about a company's financial performance, strategic plans, and upcoming announcements. 
• Analyst Meetings: Publicly traded companies may hold meetings with equity analysts to provide updates on their operations, financial results, and more. These meetings can provide analysts with access to MNPI, which could influence their research reports and stock recommendations. 
• Industry Conferences: Conferences attended by representatives of publicly traded companies can involve discussions about industry trends, company performance, and future prospects.  
• Merger and Acquisition Discussions: When companies engage in M&A negotiations or due diligence, the information exchanged is often highly sensitive and not public.  
• Government Meetings: Companies in regulated industries may have meetings with government agencies to discuss regulatory changes, investigations, or other matters. 
• Private Placements and Offerings: In private placements and offerings of securities, companies may meet with potential investors to discuss investment terms, business plans, and other non-public information. 
• Advisory Relationships: Investment management advisers, including hedge funds and private equity firms, may meet with clients or potential clients.  

To mitigate the risk of MNPI breaches during these external meetings, companies and individuals are expected to have strict compliance policies and procedures in place. This includes procedures for handling confidential information, restricting access to MNPI, and ensuring that employees and representatives do not trade on or disclose non-public information inappropriately. Failure to adhere to these guidelines can lead to legal and regulatory consequences, including enforcement actions by the regulators.

Top Ways to Protect Your Investment Management Firm from MNPI Breaches 

•  Comprehensive Policies and Information Barrier Programs: Investment management firms should have comprehensive insider trading and material information conduct policies that prescribe not only how MNPI should be managed but also how transactions should be executed. These policies should also explain how access to company assets is permitted and what authorization processes are in place for trades that require preclearance.
•  Maintain Sound Due Diligence and Preclearance Procedures: Organizations need to have procedures in place that prevent employees from misusing confidential information the firm is aware it possesses. These procedures should include prohibiting specific employees in the know about confidential information from trading and preclearance processes for individuals likely to have regular access to MNPI.   
• Cybersecurity Measures:  While reviewing your firm’s insider trading policies, it is important to ensure they adequately address cybersecurity events and that when such an event occurs, the policies’ provisions are considered to mitigate associated MNPI breaches. Investment management firms should adopt cybersecurity measures like encryption, multi-factor authentication, access controls, network segmentation, and system monitoring to protect against external data breaches and potential internal MNPI compliance breaches. Cybersecurity should also be addressed in employee training, which should include information on risks such as phishing. 
• Trade Surveillance: Trade surveillance technology can help firms identify whether someone has significantly profited from a trade in a way that may indicate MNPI has been leaked. Insider trading algorithms can monitor price spikes between the execution price of a trade and the price movement of the instrument to identify out-of-the-ordinary behavior. Further, a restricted list algorithm can enable firms to monitor the trading activity of individuals on a restricted list for particular instruments in a given time period.
• Clear and Concise Documentation: Sufficient documentation and record-keeping are crucial. Compliance staff need to document investigations into trades that have been flagged as potential insider trading offenses and the findings of these inquiries that support the decision of whether or not market abuse has taken place.  

How SteelEye Can Help Prevent MNPI Breaches for Investment Management Firms  

SteelEye’s RegTech solution provides insider trading algorithms, restricted list monitoring, and even news and social media data that provide an additional layer of context for investigations. 

The MNPI compliance solution from SteelEye includes: 

• Cloud-based, machine-learning-enabled intelligent alerts that detect anomalies in firms’ communications and transactions  
• Easy to use case manager with auto-trade reconstruction functionality – making it easy to investigate and report suspected instances of MNPI breaches or insider trading offenses 
• News and social media monitoring for contextual insights that may help determine if insider trading has occurred   
• Intelligent communications surveillance with an AI-driven lexicon to identify information leakages 
  

Learn More

Learn more about SteelEye's fully integrated trade surveillance solution or request a demo.