Bridging the Week by Gary DeWaal: August 10 – 14 and 17, 2015 (Hacking, Layering, Dark Pools; Manipulation, Position Limits and Fiduciary Duties)

Jump to: Bridging the Week    Cleared Swaps    Compliance Weeds    Cybersecurity    Dark Pools and Internalization    Federal Energy Regulatory Commission    Forum Selection    Legal Weeds    Managed Money    Manipulation    My View    Position and Trade Reporting    Position Limits    Reg SHO    Trade Practices (including Disruptive Trading)   
Email Print
Published Date: August 16, 2015

Enforcement actions – both in the United Kingdom and the United States – dominated the most notable developments regarding financial services firms last week. In the US, a network of 32 persons were charged civilly by the SEC and some defendants were also criminally indicted by the US Department of Justice for hacking into newswires, and trading on non-public information prior to the information’s public distribution. In the UK, five defendants were fined the equivalent of almost US $12 million for manipulative trading activity; while back in the US, an administrative law judge upheld FERC charges that BP Group companies manipulated natural gas prices in Houston, Texas, to benefit their trading position following a hurricane in 2008. As a result, the following matters are covered in this week’s edition of Bridging the Week:

Video Version:

Article Version:

Hackers and Traders Charged by SEC and Department of Justice in International Securities Fraud Scheme

The computer servers of three major newswire companies were allegedly hacked as part of an elaborate illicit stock-trading scheme that resulted in civil charges being filed last week by the Securities and Exchange Commission against 32 defendants. Nine of these persons were also subject to criminal indictments filed in Brooklyn, New York, and Newark, New Jersey, by the US Department of Justice

According to the SEC and the DoJ, Ivan Turchynov and Oleksandr Ieremenko, both from the Ukraine, masterminded the scheme by hacking into the newswire companies’ servers from 2010 through 2015 to steal press releases regarding publicly traded companies before they were made public. Many of these stolen releases contained quarterly and annual earning information. The hackers stole more than 150,000 press releases, claimed the DoJ.

The two hackers worked with a network of traders in the US and abroad who paid the hackers for the stolen information in return for a flat fee or percentage of any trading profits. The SEC said the defendants generated over US $100 million in profits trading on the illicit information.

The newswire companies were Marketwired, L.P., PR Newswire Association LLC and Business Wire. According to the SEC’s complaint in this matter,

The hacker defendants used deceptive means to gain unauthorized access to the Newswire Services’ computer systems, using tactics such as: (a) employing stolen username/password information of authorized users to pose as authorized users; (b) deploying malicious computer code designed to delete evidence of the computer attacks; (c) concealing the identity and location of the computers used to access the Newswire Services’ computers; and (d) using back-door access-modules.

The SEC seeks an injunction and asset freeze against the defendants, as well as damages and disgorgement. The DoJ also seeks penalties from and imprisonment for each defendant.

Compliance Weeds: As I have written before, there are only two types of financial services firms: those that have experienced cybersecurity breaches and addressed them, and those that have experienced cybersecurity breaches and did not know. By now all financial service firms—no matter what size—should have assessed or be in the process of assessing the scope of their data (e.g., customer information, proprietary), potential cybersecurity risk, protective measures in place, consequences of a breach and cybersecurity governance (e.g., how would they react if a breach occurred) in order to evaluate their cybersecurity needs and develop a robust protective program. Engaging an outside consultant to try to penetrate a firm’s system is also advisable, as is ensuring that each third-party service provider that accesses a firm’s data has its own, robust cybersecurity program. (Click here for a detailed discussion of cybersecurity and a comprehensive checklist of practical measures in the June 24, 2015 Advisory “Cyber-Attacks: Threats, Regulatory Reaction and Practical Proactive Measures to Help Avoid Risks” by Katten Muchin Rosenman LLP.)


Compliance Weeds: Two lessons learned: If a firm seeks to transfer trades between accounts of the same beneficial ownership, use the designated contract market’s transfer trade provisions. Do not use wash trades or exchange for related position transactions. (Click here to access, e.g., CME Rule 853 and here to access ICE Futures U.S. Rule 4.11 regarding transfer trades.) Likewise, keep in mind it doesn’t matter how long a position limit violation occurs. Even less than 12 minutes is sufficient for a violation. (Click here for more details regarding this reference in the article “FC Stone Companies and Goldman Sachs Receive Largest Fines in CME Group’s 27 Disciplinary Actions Cascade” in the July 26, 2015 edition of Bridging the Week.)

Legal Weeds: It may seem odd that a US federal judge invites the Securities and Exchange Commission to cure a problem that it warns will cause him otherwise to enjoin commencement of an administrative hearing against the subject of an enforcement action, gives the SEC seven days to fix the problem, but, notwithstanding, the SEC declines the invitation. The SEC must fear that if it, in fact, cures every current situation where an administrative law judge was not appointed by one of its commissioners, it opens to attack under the Appointments Clause of the US Constitution ongoing hearings, as well as prior and pending decisions rendered by ALJs. Stay tuned.

My View: If the CFTC adopted a rule and sought to amend it, the Commission would first propose the revised rule and seek public input before adopting a finalized amendment, as required under the Administrative Procedure Act. However, apparently, CFTC staff believe they can amend or even cancel no-action relief unilaterally and unexpectedly – no matter how widespread reliance on the relief may be. In its no-action letter extending certain relief to non-US swaps dealers for the fifth time, three CFTC divisions expressly write, “[a]s with all no-action letters, the Divisions retain the authority to condition further, modify, suspend, terminate or otherwise restrict the terms of the no-action relief provided herein, in its discretion.” If true, this dangling of a Damoclean sword over non-US swap dealers renders Commissioner Giancarlo’s exhortation even more critical to implement: CFTC staff should formally withdraw their November 2013 advisory that said if a non-US swap dealer regularly uses personnel or agents in the US to facilitate swaps with non-US persons, the non-US swaps dealer must comply with certain transaction-level requirements.

And more briefly:

For more information, see:

ALJ Upholds Natural Gas Manipulation Charges Against BP by FERC:

Bank of England Head to Chancellor of the Exchequer: Give Me the Power:

Barbara Duka Obtains Preliminary Injunction Against SEC Prosecuting Her in an Administrative Tribunal:

SEC Dismissal:
Preliminary Injunction:

Disgorgement and Fines Ordered in Two CME Group Disciplinary Actions Alleging Position Limit Violations:

Best Eagle:

Encore! Encore! CFTC Again Extends Relief to Certain Non-US Swap Dealers Relying on US Operations:

See also statement of Commissioner J. Christopher Giancarlo:

ESMA Proposes to Rethink Third-Country CCP Recognition Process and Other Aspects of EMIR Framework:

Guggenheim Partners Agrees to Pay US $20 Million Penalty for Alleged Conflicts Non-Disclosure to Clients:

Hackers and Traders Charged by SEC and Department of Justice in International Securities Fraud Scheme:

Department of Justice (NJ):

ICE Futures Europe Updates REMIT Q&As:

SEC Sanctions ITG and Affiliate for Dark Pool Abuses:

UK High Court Penalizes Traders GBP 7.5 Million for Layering:

Yet Another Firm Fined by FINRA for Reg SHO Violations:

The information in this article is for informational purposes only and is derived from sources believed to be reliable as of August 15, 2015. No representation or warranty is made regarding the accuracy of any statement or information in this article. Also, the information in this article is not intended as a substitute for legal counsel, and is not intended to create, and receipt of it does not constitute, a lawyer-client relationship. The impact of the law for any particular situation depends on a variety of factors; therefore, readers of this article should not act upon any information in the article without seeking professional legal counsel. Katten Muchin Rosenman LLP may represent one or more entities mentioned in this article. Quotations attributable to speeches are from published remarks and may not reflect statements actually made.

Recent Commentaries




Gary DeWaal

Gary DeWaal is currently Special Counsel with Katten Muchin Rosenman LLP in its New York office focusing on financial services regulatory matters. He provides advisory services and assists with investigations and litigation.

Social Media:


Katten is a firm of first choice for clients seeking sophisticated, high-value legal services in the United States and abroad.

Our nationally recognized practices include corporate, financial services, litigation, real estate, environmental, commercial finance, insolvency and restructuring, intellectual property, and trusts and estates.

Our approximately 650 attorneys serve public and private companies, including nearly half of the Fortune 100, as well as a number of government and nonprofit organizations and individuals.

We provide full-service legal advice from locations across the United States and in London and Shanghai.


Gary DeWaal
Katten Muchin Rosenman LLP
575 Madison Avenue
New York, NY 10022-2585


Request Information »

Join Mailing List »