Friday, June 24, 2022

Rethinking Insider Trading Compliance Policies in Light of the SEC's New "Shadow Trading" Theory of Insider Trading Liability

In August 2021, the SEC announced that it had charged Matthew Panuwat with insider trading in violation of Section 10(b) of the Securities Exchange Act of 1934. Panuwat was the head of business development at Medivation, a mid-sized biopharmaceutical company when he learned that his company was set to be acquired by Pfizer at a significant premium.

If Panuwat had purchased Medivation stock in advance of the announcement of the acquisition, it is likely he would have been liable for insider trading under the classical theory. Liability for insider trading under the classical theory arises when a firm issuing stock, its employees, or its other agents strive to benefit from trading (or tipping others who then trade) that firm’s stock based on material nonpublic information. Here the insider (or constructive insider) violates a fiduciary duty to the counterparty to the transaction (the firm’s current or prospective shareholders) by not disclosing the information advantage drawn from the firm’s material nonpublic information in advance of the trade.

If Panuwat had purchased shares of Pfizer in advance of the announcement, then it is likely he would have been liable under the misappropriation theory. Liability for insider trading under the misappropriation theory arises when one misappropriates material nonpublic information and trades (or tips another who trades) on it without first disclosing the intent to trade to the information’s source. As the Supreme Court held in United States v. O’Hagan, 521 U.S. 642, 652 (1997), the “misappropriation theory premises liability on a fiduciary-turned-trader’s deception of those who entrusted him with access to confidential information” by duping them out of “the exclusive use of that information.”

But Panuwat did not trade in either Medivation or Pfizer. Instead, he purchased stock options in Incyte, another pharmaceutical company that was similar in size and market focus to Medivation. According to the SEC’s litigation release, “Panuwat knew that investment bankers had cited Incyte as a comparable company in discussions with Medivation and he anticipated that the acquisition of Medivation would likely lead to an increase in Incyte’s stock price.” Panuwat’s gamble paid off. Incyte’s stock price increased 8% when Pfizer’s acquisition of Medivation was announced. Panuwat earned $107,066 from his trade.

Panuwat moved to dismiss the SEC’s insider trading charges, arguing that his trading in the shares of an unrelated third-party issuer did not violate any recognized theory of insider trading liability.  While the district court acknowledged this was a case of first impression, it denied Panuwat’s motion and permitted the SEC to proceed with its first enforcement action under the "shadow trading" theory of insider trading liability.

The principal basis for the court’s decision seems to be that Panuwat’s trading arguably violated the misappropriation theory by breaching the broad terms of Medivation’s insider trading policy, which includes the following language:

During the course of your employment…with the Company, you may receive important information that is not yet publicly disseminated…about the Company. … Because of your access to this information, you may be in a position to profit financially by buying or selling or in some other way dealing in the Company’s securities…or the securities of another publicly traded company, including all significant collaborators, customers, partners, suppliers, or competitors of the Company. … For anyone to use such information to gain personal benefit is illegal.

To me, the most interesting question raised by the Panuwat case, and the problem of shadow trading more generally, is why would Medivation (or any company) adopt such a broadly worded insider trading policy? How did this broad proscription on employee trading benefit Medivation’s shareholders?

Medivation’s shareholders could not have been harmed by Panuawat’s trading. Such trading could not affect Medivation’s stock price, nor could it put the acquisition in jeopardy. So why is the blanket proscription against trading in “another publicly traded company” in the policy at all? The final sentence of the policy as quoted above suggests that the drafters were under the impression that such trading would be illegal under the securities laws. This may be true under the misappropriation theory, but only because Medivation chose to make it so by including the language in the policy. What if Medivation’s policy had instead provided something like the following language:

Because of your access to this information, you may be in a position to profit financially by trading in the Company’s securities, or the securities of its customers and suppliers. Such trading is strictly prohibited. Nothing in this policy should, however, be read as prohibiting your trading or dealing in any other issuers’ securities unless expressly restricted by the Company.

Under this policy, the SEC would have had no basis for the charge that Panuwat’s trading violated the misappropriation theory. In other words, it is entirely up to issuers whether they want to expose themselves and their employees to “shadow trading” liability. But if such exposure to liability does not benefit an issuer’s own shareholders, it can only hurt them (by needlessly exposing the company’s employees and the company itself to direct or derivative insider trading liability). So what business justification is there for issuers to include the broader language in their insider trading compliance policies? I hope readers will offer their thoughts in the comments below.

Compliance, Financial Markets, John Anderson, Securities Regulation, White Collar Crime | Permalink


First, compliance policies may be wisely drafted to cover what is unlawful—and more—as a means of clearly identifying the bounds of employee behavior that comply with law (rather than those that violate law). In this way, the firm adopting the policy can easily determine when it will stand with its employees (and when it will not) if a possible unlawful act is identified. An employee who abides by the policy merits the firm’s support because they have clearly acted within the bounds of the law (or at least what the firm believed at the time the policy was drafted was within the bounds of the law).

Second, given that misappropriation liability for trading or tipping relies on the breach of a fiduciary or fiduciary-like duty of trust and confidence to the source of material nonpublic information, an employee’s unauthorized use of an employer’s material nonpublic information in trading activity may breach their fiduciary duty to that employer. Of course, proof of the existence and extent of the fiduciary duty, the material and nonpublic nature of the information, and the existence of scienter would all be necessary to find the employee liable. Nevertheless, given the relatively open contours of misappropriation liability, the broad reference in the policy seems apt. (By saying that, I am not necessarily agreeing with the application of the shadow insider trading theory in this or any other case. More on that at another time.)

I will leave it at that for now. But I do have legal questions about the theory itself. I do plan to take that up somewhere soon. Maybe I should use my next post to get into it a bit . . . .

Posted by: joanheminway | Jun 26, 2022 2:30:11 PM

Thanks Joan. I agree with all your points about nature of the misappropriation theory and the goal of compliance policies. I guess my point here is that since the legality of the trading turns on the scope of the duties outlined in the compliance policy itself--by including the broader language the issuer is voluntarily expanding the risk of insider trading liability for itself and its employees. If this expanded liability for shadow trading protects its shareholders somehow, then it makes sense. But if it doesn't protect the firm or its shareholders it doesn't.

Posted by: John P. Anderson | Jun 26, 2022 2:47:40 PM

Thanks for narrowing this down a bit, John. Very helpful. But I press on . . . .

You say that "since the legality of the trading turns on the scope of the duties outlined in the compliance policy itself--by including the broader language the issuer is voluntarily expanding the risk of insider trading liability for itself and its employees." I am not so sure about that, in the end. The duty of trust and confidence on which insider trading liability is based is classified in leading decisions as a fiduciary or fiduciary-like duty. Notwithstanding Rule 10b5-2(b)(1)), as the Cuban case illustrates, that type of enhanced duty may not arise from a mere promise or contract promising confidentiality.

Taking the argument a bit further, it seems appropriate to acknowledge the significant number of judicial opinions rejecting arguments that employment policies are enforceable contracts. At issue in some of those cases is whether there was a true agreement on the part of the employee or whether there was a true meeting of the minds on the nature of any deemed agreement. Accordingly, an insider trading policy may not meet the Rule 10b5-2(b)(1) requirement of a person agreeing “to maintain information in confidence.”

In sum, for the policy to expand employee liability, a court must find (1) that any duty "created" in the policy is a fiduciary one or creates an enhanced fiduciary-like relationship--beyond that of mere employee/agency fiduciary duties—or (2) that the policy constitutes an agreement recognized under Rule 10b5-2(b)(1) (and, in the latter case, may have to affirm the validity of Rule 10b5-2(b)(1) in context, given the trial court opinion in the Cuban case). At least that’s where my head is at on this right now. I am interested in your reactions, of course.

Posted by: joanheminway | Jun 26, 2022 5:19:03 PM

Thanks for this, Joan. I agree with all your points about how the application of the misappropriation theory may be far more limited than the SEC sometimes tries to press it. I had these (and other) limitations in mind when I state that the broad language of the Medivation policy “may” be exposing the company and its employees to insider trading liability. After all, the broad language of the policy appears to be the court’s principal justification for allowing the case to proceed. So, my limited point here in the blog is that Medivation could have avoided the RISK of charges had it adopted a more narrowly tailored policy, without the “securities of another publicly traded company” language. What interests me most is how this broad language could possibly benefit the firm or its shareholders. Perhaps the drafters had the typical M&A event in mind—where another company looks to acquire Medivation—but that scenario can be covered by more narrow language specifically referring to M&As, or by the language I suggest in the blog: “unless expressly restricted by the Company.” Outside the context of customers, suppliers, or M&A scenarios—I struggle to find a reason why Medivation should care whether an employee trades in the securities of other companies while in possession of MNPI. (But maybe our readers can think of some good reasons.) If there are no benefits to shareholders, then the broad language creates a risk of liability to employees and the firm without a corresponding gain.
PS—I also have concerns about the legal viability of the “shadow trading” theory of insider trading liability itself—but I’ll save that for another day. I’m excited to read your future posts/articles on this!

Posted by: John P. Anderson | Jun 26, 2022 8:52:56 PM

One possible business rationale for this internal policy is to get employees to focus on work and advancing Medivation’s technology, rather than getting distracted by looking for trading opportunities based on what they learn at the office.

Posted by: Andrew Schwartz | Jun 27, 2022 4:23:16 AM

Thanks Andrew! That is a possible justification, and perhaps it is the obvious one. It is certainly a rationale my friend, Mike Guttentag, would wholeheartedly agree with (if you haven’t already, see his new article, Avoiding Wasteful Competition: Why Trading on Inside Information Should be Illegal, 86 Brooklyn L. Rev. 895 (2021)). Let’s place that benefit on one side of the scale. Now, place on the other the risk of insider trading liability under this new “shadow trading” theory. Remember, under the Rule 10b5-1 “awareness” test, this risk could reach ALL employees who trade in other companies’ shares while in possession of MNPI, regardless of whether that MNPI caused the trade. It could also expose the employing firm to derivative liability in each case. Is the investigation/litigation risk (as well as the risk of losing a good employee) worth it? Maybe, but I doubt it—especially if the SEC is serious about perusing these cases. Regardless, your and Joan’s comments are convincing me that this is a worthwhile article topic!

Posted by: John P. Anderson | Jun 27, 2022 5:38:18 AM

I appreciate this further reply. I may not be making myself clear enough, but I am truly not sure that Medivation could have anticipated that it “could have avoided the RISK of charges had it adopted a more narrowly tailored policy, without the ‘securities of another publicly traded company’ language.” Let me explain further the basis for my judgment on this.

It would surprise me if Medivation had the specific scenario at issue in this case in mind when it drafted its plan. Even if it had, it would surprise me if Medivision had or could have anticipated the SEC’s summary judgment argument and the trial court’s acceptance of it—each relying on the broad policy language as potentially expansive of the fiduciary obligations essential to insider trading liability, rather than on misappropriation principles generally. So, my best guess is that Medivation, as I note in my initial comment above, was merely taking a well-worn conservative approach to drafting its insider trading compliance plan in a broad manor to protect its interests.

Which brings me to your question: what are those interests? Andrew raises one. Without having thought about this for very long, I will add a few more.

Medivation could have seen the following as advantages in adopting a broadly prophylactic insider trading policy: protection of its employees from even the risk of a legal action for insider trading; clear avoidance of Section 20(a) or 21A liability (however remote the possibility of control person liability might be in this scenario); and evasion of the public relations and reputational harm that comes with an employee being charged with insider trading. These are, of course, among the standard reasons for compliance policies. There may be more that I am not thinking of, but those three interests immediately sprung to mind. They depend on you seeing the world that existed for Medivation at the time the policy was drafted in the way I describe above.

In general, your post and your responses here seem to assume Medivation could or should have known or anticipated that its policy would be successfully used by the SEC in the way it was in SEC v. Panuwat. As a former drafter of these policies, I just do not see that. I am of the view that Medivation could not easily have predicted what has transpired.

Two quick additional points that are somewhat related to the above.

First, it seems appropriate to observe that, in drafting its policy, Medivation may have wanted a relatively clear, turnkey insider trading solution. If I understand your alternative language properly, if the firm does not expressly restrict trading in another firm’s securities, employees are free to trade—potentially subjecting them to risk if the firm fails to identify an insider trading risk involving another firm’s securities. Although it has been a while since I have been engaged in decision making on compliance policies, relying exclusively on a firm’s judgment to shut down trading—without more generally cautioning employees about using undisclosed proprietary information gained from the firm in securities trading decisions—would not be my first-choice drafting option. Why? Because the contours of insider trading are uncertain and firm employees making decisions on trading blackouts and restrictions may inadvertently forget to include a firm on the restricted list. Including both a general statement and providing for employees to determine blackouts around earnings releases and extraordinary transactions would be a more comfortable approach, for me.

Second, SEC v. Panuwat is itself evidence of the broad and uncertain overall contours of U.S. insider trading law that make policy drafting in this area difficult. While the denial of the motion to dismiss relied on Medivation’s policy language, the SEC may well have had shadow trading in mind as an enforcement theory independent of the Medivation policy and just picked Panuwat as a super test case—one that could survive a motion to dismiss. So, I am skeptical that the Medivation policy language, primarily or taken alone, exposed Mr. Panuwat to a risk of legal action. No doubt his trading pattern caught the SEC’s attention, and they went rooting around for a theory. Having said that, it seems the SEC did find the policy before it brought the enforcement action (noting the litigation release here:, so it did likely fuel the enforcement fire, so to speak.

Thanks for stimulating all this thought! I have enjoyed the conversation.

Posted by: joanheminway | Jun 27, 2022 7:24:51 AM

All excellent points, Joan! I think you are probably correct that Medivation just didn't anticipate the "shadow trading" theory when it drafted its compliance policy, and it was just trying to cover itself with a "play-it-safe" approach in an already uncertain area of the law that is full of unanticipated land mines. I wonder how much thought the SEC is giving to the havoc its creative insider trading enforcement theories can cause for compliance departments. Whatever the rationale for such broad language before Panuwat, however, I suspect issuers will be revisiting their insider trading compliance policies going forward (if the SEC continues to persue this theory). We will see!

Posted by: John P. Anderson | Jun 27, 2022 7:43:26 AM

Hey, John, former SEC official here weighing in. I think the driving force here is that even trading in a different company's stock could impact the employer. At least in theory, were there to be enough trading activity in a competitor's stock (yes, recognizing this would require significant volume) could allow market-watchers to infer something about the company--for example, sizable shorting of a competitor (combined with the ordinary rumor mill) could suggest the company is in merger talks, driving up the price of the company's stock and potentially jeopardizing the transaction. Yes, this is all somewhat remote, but it's understandable why a company wouldn't want to get into a line-drawing exercise and instead would impose a blanket ban on using confidential information for personal gain.

Posted by: Marc | Jun 27, 2022 7:53:16 AM

Post a comment