Material non-public information: protect your integrity
Material non-public information is a bit of a mouthful, but you might already know it by another name; insider trading. And the exposure of this sensitive data can result in devastating financial losses and regulatory penalties.
Written by a human
Protecting the integrity of your business has never been more important; as ruined reputations lead to high customer churn, supplier disengagement and a slow road to recovery. So, learn about exactly what constitutes as material nonpublic information, which regulations focus on it, and how to keep your company safe from breaches.
What is material non public information (MNPI)?
Material non-public information (MNPI) refers to the secrets about your business that could affect the decisions of investors. It’s the confidential information that, if shared, could result in unfair advantages and insider trading.
Some types of MNPI include:
- Financial results
- Contracts and partnerships
- Strategic plans, such as mergers and acquisitions
The individuals who typically have access to MNPI are employees within the business. It’s important to prevent both intentional and accidental breaches. These can arise through a range of scenarios, such as a disgruntled ex-employee who wants revenge, or a simple slip-up from an employee with a conflict of interest.
Therefore, putting specific barriers, detection and response measures in place are key to prevent MNPI from ruining your growth, and your company’s reputation.
MNPI breaches in the news
Even while regulations have provided adequate deterrence measures against insider trading, there are still cases of violations that reach the news.
Deutsche bank employee abuses MNPI
Between 2006 and 2010, two personal friends in the UK used their close relationship to gain insider information and pass this to securities traders for profit. The scheme was so successful because Mr Dodgeson worked at Deutsche bank, where he gained MNPI and passed it onto his accountant friend, Mr Hinds.
Hinds then used a high-end encryption, pay-as-you-go devices and nicknames to protect the friends’ anonymity, when he passed this information onto three separate securities traders. At least six trades were made, leading to profits of approximately £7.4million. The pair were each sentenced to 7 years in prison.
Unique MNPI breach in the pharmaceuticals industry
Matthew Panuwat was charged with insider trading by the SEC in April 2024, in an unusual case, dubbed “shadow insider trading”. This describes his trading of third party securities, instead of those related to his employers, due to material non-public information. Mr Panuwat’s job involved M&A discussions at a pharmaceutical firm, and it was in this role that he learned about an upcoming takeover of his firm by Pfizer. Knowing that the stock price of competitors would increase when this news was made public, he purchased securities of a competitor firm within minutes. Mr Panuwat made over $107,000 from this trade.
Which regulations mention MNPI?
The UK and EU’s Market Abuse Act (MAR) is the main regulation which references protecting MNPI. In the US, the Insider Trading Prohibition Act (ITPA) is the most relevant regulation.
MAR
The financial Markets Abuse Regulation was introduced in 2016, and section 1.3 of the Act focuses on Insider Dealing. Three of the examples of insider dealing noted within MAR are:
- “Frontrunning” – putting in a personal trade ahead of a business trade in anticipation of market impact
- Entering into a large transaction in order to change a company’s share price prior to a takeover
- Employee sells their shares after learning that the company has lost its largest contract, but before this knowledge becomes public
The MAR also defines unlawful disclosure of insider information and market manipulation to provide a clear cut line between acceptable and unacceptable. The penalties for violating this act range from up to 10 years of imprisonment to an unlimited fine.
Insider Trading Prohibition Act (ITPA)
The ITPA defines illegal insider trading slightly differently, with a standard definition and a knowledge requirement. It says that trading while aware of MNPI is only wrongful if the info was obtained by:
- Theft
- Violation of intellectual property laws
- Deceptive practices like misappropriation
- Breaches of confidential nature, such as contracts
The accompanying knowledge requirement explains that even if the individual who commits the trade doesn’t know how the information was obtained, specifically tries not to find out, or ignores the origins of their information, it’s still defined as insider trading. Penalties for violations of the ITPA range from fines of up to $5 million for individuals, and $25 million for financial institutions. The maximum prison sentence is 20 years.
How to protect your MNPI?
While it might sound easy to protect your organization’s MNPI, ‘just tell your employees that this is confidential’ isn’t a reliable strategy. Instead, you need clear and specific internal controls, comprehensive due diligence and an automated compliance strategy.
If not, you’ll face a higher risk of joining the plethora of recent insider trading news.
Internal controls
Internal controls are the most common prevention method against MNPI breaches, particularly because they put the liability of responsibility onto individual employees, rather than the company. In fact, the more specific and clear these policies are, the better.
Your MNPI sharing documents should strive to answer questions like:
- How should MNPI be managed?
- How will employees be trained to handle sensitive or confidential information?
- What constitutes a conflict of interest?
- How regularly will you review trades for suspicious activity?
Alongside policies and documentation, cybersecurity and data security standards can also be effective as internal controls. For example, mandating multi-factor authentication and training your employees against cyberthreats, such as phishing, can help protect MNPI. A hands-on compliance officer is also recommended.
Due diligence
Comprehensive due diligence in the context of MNPI refers to implementing surveillance, and thoroughly investigating when suspicious activity is detected.
It begins way before material non-public information is even shared. Organizations must verify that the employee it is being shared with has no conflicting relationships or exposure to sensitive situations, for example. Know Your Vendor and third party certifications are two good ways to qualify potential partners. MNPI due diligence also requires regular reviews for suspicious activity, and risk alerts to limit the impacts if MNPI is shared externally.
Automate compliance with Global Relay
Finally, there are lots of tools available to help your organization meet its MNPI requirements and protect its confidential information from getting into the wrong hands.
Global Relay streamlines all business communications into one single app, no matter if you make phone calls, text messages, whatsapps or social media accounts. Including direct conversations with internal teams and external clients, you’ll eliminate compliance risk by separating business and personal.