Recent regulatory actions focused on policies and procedures designed to safeguard material, non‐public information

The purpose of this paper is to review recent regulatory enforcement actions sanctioning firms for failure to safeguard material, non‐public information (MNPI).

The paper reviews recent enforcement actions and examines the implications for other firms who may face similar scrutiny from regulators for deficient policies and procedures and controls relating to their information barriers; makes recommendations on how firms can avoid similar mistakes through improving internal controls.

Firms need to be especially vigilant in protecting their MNPI by reviewing their policies and procedures to reflect the firm's current business model. Firms must also take steps to ensure that supervisors fully understand their role in implementing and enforcing the firm's policies and procedures.

Firms should conduct a comprehensive review of their business to understand which units come into possession of MNPI and how related entities interact with one another and could potentially share MNPI. Once these tasks are complete, firms will be better positioned to review their policies and procedures relating to safeguarding MNPI. Failure to do so may result in substantial monetary fines and being forced to retain an independent consultant.

The paper serves as a reminder to firms about the implications of failing to have adequate controls to safeguard MNPI from both a monetary and public relations standpoint.