|
4 MARKET WATCH - INSIDE INFORMATION PRACTICES
4.1 FSA review of inside information practices
In the April 2007 edition of the Charles Russell Public Companies
Update we mentioned that the FSA was undertaking a review
of the controls over inside information in mergers and acquisitions,
the results of which would include a summary of good practice
relating to control and procedures in this area.
In the July edition of Market Watch (issue 21), the FSA published
the results of this review, together with a series of recommendations
of good practice, which are summarised below.
4.2 Areas for improvement
The review highlighted eight key areas in which improvements
could be made:
| • |
It was found that firms are often too complacent
with regard to information leaks. For example, all of
those firms spoken to by the FSA were confident that information
leaks did not originate from within their firm. As these
firms included some of those most active in UK takeovers,
the FSA concludes that firms were "perhaps too complacent
that their own procedures were already robust". |
| • |
Many firms had not formulated a policy detailing
when an internal review should be carried out, following
a leak occurring on a deal to which they were party to
inside information. The FSA felt that consideration should
be given to what should trigger an internal review, such
as the specificity of a press story, recent staff changes,
etc. It was also thought that more frequent internal reviews
would deter staff members from leaking information. |
| • |
Firms often make too many people privy to
inside information (one firm approached had 200 people
on an insider list). Firms could exercise more rigour
in the compilation of the insider list. |
| • |
The information technology policies and
controls at many firms could be improved to prevent access
to inside information by those not on an insider list.
|
| • |
In some non-regulated or non-professional
firms it was found that many employees were not trained
fully on market abuse. In other cases, only professional
staff were trained, but support staff were not. |
| • |
If third parties are engaged, it was found
that confidentiality letters were relied upon, even when
there was no assurance that those to whom the information
was passed had the necessary controls to maintain confidentiality. |
| • |
Monitoring of Personal Account dealing by
employees was not carried out by most non-regulated/non-professional
firms. |
| • |
Many firms use code words when dealing with
confidential information. The effectiveness of this practice
was called into question due to ineffectiveness as a result
of poorly chosen names, making them easy to interpret. |
4.3 Good Practice Recommendations
Whilst the review focused on controls in relation to public
takeovers, it was noted that the points raised also applied
to other firms handling inside information or other types
of relevant information. During the review, the FSA paid particular
attention to the controls in six areas:
4.3.1 High level policies and procedures
High level policies and procedures should be in place and
should be well understood by all relevant staff, as they are
key to a firm setting its approach to keeping inside information
secure.
| • |
Policies and procedures should be formal,
clearly documented and regularly reviewed and updated;
|
| • |
They should be used in conjunction with
up-to-date, complete and accurate insider lists; |
| • |
The FSA recommend that media contact be
handled only by a dedicated team; |
| • |
Internal audits should be carried out at
regular intervals; and |
| • |
Staff policies should be in place, and should
be clear and comprehensive, allowing formal "whistleblowing"
procedures for staff, and ensuring that staff are properly
vetted etc. |
4.3.2 The 'Need to Know' Concept and Information Barriers
| • |
Firms should have a clear policy for making
people insiders, and the number of those who need to know
about a deal should be strictly monitored, with new additions
justified and/or cleared with senior management. |
| • |
All those who are passed inside information
should be made clear of their responsibilities in relation
to it. |
| • |
Where possible, only the required amount
of information should be revealed to an insider. |
| • |
If an insider is removed from the list it
is important to inform the other insiders of this. |
| • |
If possible, teams working on a deal should
be separated from one another, and 'Chinese Walls' should
be used between them. |
| • |
Due diligence research could be performed
offsite to reduce the chance of anyone guessing that something
is happening. |
| • |
A clear policy on the disposal of confidential
documents should be in place, as should policies for discussion
or use of documents in public spaces and public transport.
Code names should be used where possible on documents,
and email transmission of documents should be minimised
and regulated. Hard copy distribution should also be monitored
closely. |
4.3.3 Information Technology (IT)
Improvements to many aspects of firms IT controls could be
made to limit access to inside information:
| • |
Access should be restricted to named individuals
instead of an open access policy to whole departments. |
| • |
When an individual leaves the firm their
access should be totally removed quickly. |
| • |
Secured data rooms could also be used to
ensure that access to the portal is secure, and all access
and storage devices e.g. Blackberries, Memory Sticks should
be password protected and encrypted. |
| • |
Any IT support staff involved with the team
should be trained and treated as members of the team. |
| • |
All efforts should be made to ensure that
data and email is secure and only accessible by those
it is intended for. |
| • |
Security checks on IT systems should also
be carried out to ensure that they are secure. |
4.3.4 Training
Firms should ensure that all staff are fully aware of their
responsibilities (at the outset of their employment and during
the course of it) and that they are clear on the code of conduct:
| • |
There should be induction training and refresher
courses for all staff, including support staff, with update
training sessions, should new rules be introduced. |
| • |
Firms should ensure that their culture constantly
reminds staff of their responsibilities. |
| • |
All training should be recorded, and the
knowledge tested. |
| • |
Maintain accurate and up-to-date training
records. |
4.3.5 The Way That Information is Passed to Third Parties
When passing information to third parties, the issuer and/or
his advisors do not know whether the firm they are passing
it to has the necessary controls to keep the information confidential.
While the signing of confidentiality letters is important,
it may also be beneficial to adapt the approach to cater for
the experience, or lack thereof, of the parties to whom information
is to be passed.
| • |
Formal written procedures should be kept; |
| • |
Where possible, third parties should be
informed of inside information as late as possible; |
| • |
When they are made aware orally, third parties
should have their responsibilities explained for clarity; |
| • |
Care should be taken when undertaking conflict
checks to ensure that enough information to "put
two and two together" is not given away. |
4.3.6 Personal Account Dealing Policies.
| • |
Staff should be aware that they are not
to use the information they obtain for personal gain.
The report highlighted that some firms did not make their
staff fully aware of this. Firms employed a wide range
of policies, from blanket bans, mild control, to no monitoring
of PA dealings. |
| • |
It is important to maintain written guidelines
for any personal account dealing by staff, which should
extend to accounts which staff have power of attorney
over, and to their immediate families. |
| • |
Trading not directly related to the deal,
but which may be affected by it, should also be limited. |
| • |
Certain staff should also be subject to
a blanket ban on PA dealings, which may be determined
by the firm. |
| • |
To further control personal account dealings,
firms could require staff to use a specified broker, require
them to declare their holdings each year or keep a log
of permission requests and outcomes. |
4.4 Conclusion
Obligations in relation to the handling of inside information
and the maintenance of insider lists came into effect in July
2005. The FSA review suggests there is still some disparity
in the way in which inside information is being handled by
firms. Hopefully the Good Practice Recommendations published
with the results of the review should close the gap and provide
a standard to be met across all firms.
If you require further information on any matter covered
in this note, please contact your principal contact at Charles
Russell or Simon
Gilbert, Clive
Hopewell or Alexander
Keepin (London), Francis
Rundall, Richard
Norton or Adrian
Mayer (Cheltenham) or Catherine
Drew or Geoff
Sparks (Guildford) or Peter
Elliott (Oxford) on 0207 203 5000.
This information has been prepared by Charles Russell LLP
as a general guide only and does not constitute advice on
any specific matter. We recommend that you seek professional
advice before taking action. No liability can be accepted
by us for any action taken or not taken as a result of this
information. Charles Russell LLP is not authorised under the
Financial Services and Markets Act 2000 but we are able in
certain circumstances to offer a limited range of investment
services to clients because we are members of the Law Society.
We can provide these investment services if they are an incidental
part of the professional services we have been engaged to
provide.
|
