SEC Warns Against Selling Stock During Security Incidents

Following the Equifax data breach and the Meltdown/Spectre scandals, the U.S. Security and Exchanges Commission (SEC) issued a warning reminding executives that trading stock during such incidents classifies as insider trading and is punishable by law. In both of those incidents the CEOs and other executives sold stock after learning about the security issues, but before the problems were publicly revealed.

SEC Warning

The SEC issued new guidance to clarify that company executives are not allowed to trade on insider information, such as knowing that their company suffered a data breach, until the information is made public.

The commission added that these are not new rules; they've been in place for a while. However, after several Equifax and Intel stock sales during the internal investigation of their respective security issues, the SEC thought it should issue a reminder:

Directors, officers, and other corporate insiders must not trade a public company's securities while in possession of material nonpublic information, which may include knowledge regarding a significant cybersecurity incident experienced by the company.

Equifax Data Breach

Equifax experienced one of the most devastating data breaches in U.S. history, as the personal information of over 145 million Americans was exposed. Meanwhile, several executives, including the Equifax CEO at that time, Richard Smith, sold stock worth over $1.8 million after learning of the data breach and before making the information public.

However, despite the SEC issuing the new guidance and clarifying that this was illegal, it previously declined to investigate the Equifax executives for insider trading. The executives are still under criminal investigation by the Justice Department.

Intel’s Meltdown

Although Intel said that its CEO’s stock sale was “planned” for last fall, it turned out that Krzanich planned the sale only after learning about the Meltdown and Spectre vulnerabilities from Google. Again, this should not be allowed, according to the SEC’s new guidance, but for now it’s not clear if the agency is pursuing an investigation against Krzanich.

Either way, other companies were put on notice if they allow their executives to sell stock during internal security incident investigations, but how well the companies respect this new guidance may depend on how willing the SEC is to enforce its own rules when companies break them.

Create a new thread in the UK News comments forum about this subject
This thread is closed for comments
3 comments
Comment from the forums
    Your comment
  • das_stig
    So SEC have proof Krzanich broke the law and are they prosecuting him and anybody who helped him ... dig deeper !
  • 13thmonkey
    Anonymous said:
    So SEC have proof Krzanich broke the law and are they prosecuting him and anybody who helped him ... dig deeper !



    All they'd have to do it setup pre-arranged monthly 'sells' of stock that are planned to take place automatically, if nothing is going wrong, buy back, if it is, don't buy back. The pre-arrangement probably gets them off from thoughts of it being insider trading.
  • _lc_
    "Although Intel said that its CEO’s stock sale was “planned” for last fall, it turned out that Krzanich planned the sale only after learning about the Meltdown and Spectre vulnerabilities from Google."

    This ammunition should be most welcomed by running and upcoming lawsuits against Intel. Krzanich is going to dig a deep hole into his company ...