Skip to main content
August 21, 2019

SEC Data Analysis in Insider Trading Investigations

The CLS Blue Sky Blog

Recent SEC enforcement actions charging senior lawyers at Apple and SeaWorld with insider trading provide reason to dust off company insider trading policies and assess whether updates or additional training are needed. As sanctuaries for corporate America's most valuable confidential information, law departments are among the first places that regulators look when trying to determine the source of a trader's material nonpublic information.

Insider trading enforcement remains a cornerstone of the SEC's enforcement program. Over the past ten years, the SEC has significantly enhanced its insider trading surveillance, detection and investigative capabilities. Through the adoption of new investigative approaches and the development of new technology, the SEC staff has indicated that it has the ability to connect "patterns of trading to sources of material nonpublic information" as never before. The implication of this ability is that not only can the SEC use trading data to establish potential relationships among and between traders, but it can use relationship information to deduce whether they have sources of prohibited information who are common to them. According to the SEC, it uses "data analysis tools to detect suspicious patterns such as improbably successful trading across different securities over time."

And yet, despite these capabilities, people continue to engage in insider trading believing, apparently, that there is little chance their illicit trading will be detected.

Such was the case of Fei Yan, the husband of a corporate law firm associate. In August, 2018, the SEC charged Yan with insider trading for trading stock and options ahead of two corporate transactions on which his wife and her law firm were working. According to the SEC staff, Yan "allegedly searched the internet for 'how sec detect unusual trade' before making a trade that the agency flagged as suspicious through data analysis." In describing how it connected Yan's trades to information obtained from his wife (who was not charged), the SEC staff stated that "Yan attempted to evade detection by researching prior SEC cases against insider traders and using a brokerage account in a different name, but we identified profitable trades in deals advised by the same law firm and traced them back to him."

The Market Abuse Unit and Its Analysis and Detection Center

In 2010, the SEC's Division of Enforcement established five specialized units. One of those units – the Market Abuse Unit (MAU) – was tasked with developing new investigative approaches to insider trading enforcement. A goal of the MAU was to identify "patterns, connections and relationships among traders and institutions at the outset of investigations," and to develop and implement "automated trading data analysis" that would provide the SEC with a strategic advantage in the manner in which it conducts trading investigations.

To fulfill its mandate, the MAU established the Analysis and Detection Center (A&D Center), a virtual, decentralized group within the MAU comprised of industry specialists who possess unique quantitative and analytical skill sets. In testimony before Congress in November 2015, then-SEC Chair Mary Jo White testified that "[e]nforcement staff is also implementing new analytical tools to detect suspicious trading patterns to assist with insider trading and market manipulation investigations."


A key technological initiative of the MAU's A&D Center is ARTEMIS, the Advanced Relational Trading Enforcement Metrics Investigation System. According to the SEC, ARTEMIS focuses "on the analysis of suspicious trading patterns and relationships among multiple traders." The SEC has stated that "ARTEMIS combines about 10 billion equity and options trade records from SEC and FINRA and uses advanced analytics, created by Division staff, to rank trades bases on different metrics."

The Enforcement staff can use ARTEMIS not only to identify new suspicious trades but also to find "previously undetected traders who might be involved in an existing investigation." It does this, according to then-Commissioner Michael Piwowar, by combining "historical trading and account holder data with other data sources to enable longitudinal, multi-issuer and multi-trader data analyses."

While the SEC does not say what metrics it uses to rank traders, the fact that it is employing sophisticated statistical analysis to identify hard-to-detect trading significantly increases the likelihood that a person who trades on material nonpublic information will be identified, even where they go to great lengths to avoid detection. For example, in connection with a 2017 insider trading case involving seven individuals who generated millions in profits by trading on confidential information on 30 impending corporate deals, the SEC stated that "[d]ata analysis allowed the SEC's enforcement staff to uncover the illicit trading despite the traders' alleged use of shell companies, code words and an encrypted, self-destructing messaging application to evade detection.

The Trader-Based Approach to Insider Trading Investigations

Armed with its ARTEMIS technology, the SEC has also adopted new investigative approaches. Historically, the Division of Enforcement utilized a "security-based" approach to investigating insider trading. In a "security-based" approach, the SEC reacts to news about a merger, acquisition or corporate earnings announcement involving a particular issuer and then conducts an investigation to identify individuals whose trading in that specific security is suspicious.

With the formation of the MAU in 2010, the Division of Enforcement began to consider new, proactive approaches to how insider trading investigations are done. Using what is called a "trader-based" approach, the MAU focuses not on a particular issuer but on traders whose trading activity indicates that they have multiple securities that are common to them. The MAU then looks for patterns of trading in multiple securities among traders who may be acting concert or have common sources of material nonpublic information. For instance, in announcing an August 2015 case against 32 defendants involving an international hacking scheme, Chair White stated that "[w]e now have new technological tools and investigative approaches that allow us not only to pinpoint suspicious trading across multiple securities but also to identify relationships among traders."

Implications for Legal Departments

The SEC has never been more effective at detecting and investigating insider trading than it is today. Recent actions against senior lawyers in large, well-known companies suggest that insider trading by in-house lawyers may be on the rise. If true, this could have serious implications for legal departments and the companies they serve. For example, in early May, 2019, the SEC brought an insider trading action against the life-long friend and house guest of the general counsel at Cintas Corporation who, unbeknownst to the lawyer, stole information from the lawyer's home office concerning an impending acquisition.

While the lawyer was plainly a victim of his friend's misconduct and there was no suggestion of wrongdoing by him, the case raised questions about whether in-house lawyers in general are doing enough to protect the material nonpublic information entrusted to them. It is only a matter of time before the SEC begins to question whether corporate insider trading policies are reasonably designed and whether companies are doing enough to train their employees on compliance with the insider trading laws. Given the SEC's increasing use of data analysis in insider trading investigations, it is foreseeable that we will see more enforcement actions where lawyers either traded on, or were the common sources of, material nonpublic information.