The Importance of a Strong Insider-Trading Compliance Program

By Bruce Carton

At a recent Compliance Week event, a chief compliance officer observed that in her public company, the compliance department and the legal department disagree on the importance of implementing a strong insider-trading compliance program. The compliance department has struggled in its efforts to get a strong program in place because the company’s legal department is not very supportive, she said. Meanwhile, the legal department isn’t interested in devoting much time or money into such a program and seems content to let employees who are foolish enough to engage in insider trading hang by their own rope. The legal department’s focus, she reports, is on avoiding corporate exposure in any insider-trading flare-up, and seems to assume that should an insider-trading investigation occur, the corporation may be better served by having no program at all rather than having one that failed to prevent insider trading.

I’m surprised to hear that a legal department at a public company would hold this view, but perhaps I shouldn’t be. Indeed, many securities enforcement lawyers have told me through the years that they continue to encounter public companies—typically smaller ones—that have no insider-trading policy or compliance program whatsoever. In any event, this compliance officer’s observations raise some interesting questions: Is it a mistake for public companies to eschew solid insider-trading policies and programs? If so, why? What are the potential consequences for having poor or non-existent policies in this area, and what are the potential benefits for having a strong program in place?

Exposure to Liability for Insider Trading by Employees

The short answer to the question of whether public companies have exposure to liability for insider trading by employees is, in theory, yes. But as a practical matter, the reality is that the liability is extremely limited. All public companies are not subject to the same requirements that apply to regulated entities such as broker-dealers and investment advisers. Under Section 15(f) of the Securities Exchange Act of 1934 and Section 204A of the Investment Advisors Act, such regulated entities are specifically required to adopt, maintain, and enforce policies and procedures designed to prevent insider trading. Indeed, regulated entities can be subject to “control person” liability if they “knowingly or recklessly failed to establish, maintain, or enforce” the insider-trading policies or procedures required by these laws.

Although control person liability exists for all public companies, it is far more difficult to prove and seldom charged in the insider-trading context. Under Section 21(a) control person liability against a public company requires the government to show that the company failed to prevent insider trading and actually “knew or recklessly disregarded” the fact that an employee was about to engage in illegal insider trading—a much more daunting task then proving the absence of an insider-trading policy.

Benefits of Insider-Trading Policies and Compliance Programs

Because public companies are not subject to Section 15 of the Exchange Act and Section 204A of the Investment Advisers Act, they have discretion as to how they choose to deal with insider-trading issues. But that doesn’t mean they are free to ignore the issue. Securities lawyers advise that public companies should still put meaningful insider-trading policies and programs in place, however, for a number of reasons:

1. The SEC may still be lurking

In March 2008, the SEC issued a rare report under Section 21(a) of the Exchange Act, which authorizes the agency to investigate violations of the federal securities laws and to then “publish information concerning any such violations.” The March 2008 report, which concerned the conduct of the Retirement Systems of Alabama, was the first report issued under Section 21(a) in over three years (the SEC’s Website indicates that there have been just seven 21(a) reports issued in the past decade).

In its report, the SEC noted that RSA, the retirement system for Alabama state and local employees, relied on an in-house investment staff to manage more than $30 billion in assets. RSA, however, “had no program, policy, practice, or training to ensure that its investment staff understood and complied with the federal securities laws in general or insider-trading laws in particular.” The absence of any insider-trading policy or program became an issue when, according to the SEC, RSA employees received inside information that Raycom Media would soon acquire Liberty Corp., and then engaged in insider trading by purchasing 73,700 Liberty shares prior to the public announcement of the transaction.

The SEC stated in the report that while a state pension fund such as RSA is not subject to the statutes that require an insider-trading policy—just as public companies are not—RSA was still subject to the anti-fraud provisions of the federal securities laws and to control person liability under Section 21(a) of the Exchange Act. The SEC observed that RSA’s improper trading could have been prevented if RSA had adequate insider-trading policies and procedures in place and that most of the RSA personnel involved in the matter did not have a clear understanding of the insider-trading laws. The SEC added that its report was intended to “emphasize the responsibilities of all investment professionals, including large public retirement systems and other public entities, under the federal securities laws and to highlight the risks they undertake when they operate without a compliance program.”

In the three years since the RSA report, the SEC has yet to bring a case against a public company for failing to have adequate insider-trading policies in place. Given the RSA report’s affirmative policy statement in a previously ignored area of the law, however, securities lawyers such as Michael Lowman of Jenner & Block believe that it is critical for public companies to have an insider-trading compliance program in place. This seems particularly true given the SEC’s current crusade against insider trading, which has taken an expansive view of the scope of insider-trading laws.

2. Protecting employees

It is common for public companies to award stock or options to executives and even to lower-level employees. As case after case demonstrates, however, many of these recipients do not understand how insider-trading laws govern their ability to purchase and sell company stock. In addition, public company executives and other employees are often placed in positions where they learn material, non-public information about other public companies that would preclude them from trading in the securities of those companies or even discussing this information with third parties.

Written insider-trading policies, compliance programs, and training are therefore an important way for public companies to help executives and employees avoid liability. In the SEC’s recent “expert network” insider-trading cases, for example, many of the experts involved were employees of public companies who accepted outside consulting engagements that involved analysis of their own industries and companies. A clear policy prohibiting employees from serving as experts of this type might prevent them from carelessly or unknowingly getting into trouble in the first place.

3. Avoiding reputational damage and legal fees

Even if a company does not face significant exposure as a result of an employees’ violations of insider-trading laws, other considerations support implementing an insider-trading compliance program. For starters, companies whose employees become embroiled in the latest insider-trading scandal often become part of the story and can be tarred with the same brush. Although a policy will not deter misconduct by an employee who sets out to commit a crime, it may help keep honest employees from crossing the line and keep a company’s name out of unwanted headlines. In addition, a company that avoids an SEC investigation by educating its employees also helps itself avoid the significant costs—including executives’ time and large legal fees—that inevitably result when regulators or prosecutors begin demanding documents and testimony as part of their investigations.

In short, while there is some time and expense required for a public company to put a solid insider-trading policy and program in place, the return on this investment is easily worth the cost. Public companies should view such costs as a cheap measure of insurance against possible legal exposure at the corporate level, inadvertent violations by employees, and reputational damage and legal fees for the company.

Originally published in Compliance Week. Reprinted with permission.
© 2011 Haymarket Media, Inc. All Rights Reserved. Compliance Week can be found at http://www.complianceweek.com. Call (888) 519-9200 for more information.