Share this post
A Swedish issuer received a penalty of more than SEK 1 million (€88,290). The company was found to have failed to publish inside information as soon as possible on one occasion and to have incorrectly generated and maintained insider lists in two cases.
This anonymised case should serve as a reminder for issuers of all sizes about their obligations under the Market Abuse Regulation (MAR). The importance of remaining compliant is emphasised by the fact that delayed release of inside information is rarely tolerated by NCAs. The gap between the company in question becoming aware of the inside information and publishing that information was just 23 minutes in one of the cases.
It is also a cautionary tale about not relying on permanent insider lists to meet your legal requirements.
Background
Company A is a Swedish issuer that was, during 2017, a contract partner of Company B. On two separate occasions within three weeks of each other, the businesses agreed on collaborations which, once made public, could have positively affected their share prices.
Company B released the information immediately. However, Company A failed to follow suit. Following the first agreement, Company A received the information during the afternoon, but it delayed assessment of the information until its CEO came out of meetings at the end of the working day. Eventually, the company issued a press release the following morning.
After the second agreement, Company B released its information and Company A issued its information 23 minutes later.
The Swedish Financial Supervisory Authority investigated both cases to ascertain whether Company A had breached the requirements of MAR.
The outcome
Although Company A argued that MAR requires issuers to release inside information “as soon as possible” after becoming aware of it and not “immediately,” the regulator felt that, on the first occasion, it had failed to comply with MAR.
In its defence, Company A asserted that it had to confirm the veracity of the information and that it qualified as inside information before drafting its press release. The issuer claimed that it made sense to wait for its CEO to be involved in that analysis. However, the regulator dismissed that argument and considered the delay to be unacceptable. One of the reasons being that Company A’s relationship with Company B was established and that Company A should have been monitoring Company B’s activity and been aware that there would be inside information released.
For the second piece of inside information, the regulator agreed that the delay of 23 minutes was not considered a serious breach of MAR.
Insider lists
However, in investigating the issue, the regulator found that Company A had failed in its obligation to create and maintain event-based insider lists. Issuers must create a new list for each piece of information, inform insiders of their inclusion and have them acknowledge it, as well as keep the list updated when individuals gain or lose access to that information.
In the case of Company A, when the regulator demanded to see its insider lists, it could only provide ‘permanent lists’ rather than event-based lists. The regulator concluded that Company A had failed to create lists in the correct format and that they did not detail the information that the insiders had access to, who had access to it or when they became aware of it.
The decision
The regulator found that Company A had breached Articles 17 and 18 of MAR regarding the delayed disclosure of the first piece of inside information and had non-compliant insider lists in both cases. Although Company A appealed, the Swedish administrative court upheld the decision. However, it did reduce the overall sanction to just over SEK1 million.
What this means
For issuers, this means that you should create an event-based insider list for every piece of inside information, even if you do not intend to delay disclosure. The investigation found that, even with just a 23-minute hiatus between receiving the information and publishing it, Company A should have drawn up a compliant list.
Many issuers may have assumed that a list was unnecessary in that sort of situation, but this case gives a legal precedent that could inform future investigations across the European Union. This ruling means that many companies will have to rethink their processes for dealing with insider lists.
This means that you must carry out the process of creating the list, informing insiders and requesting they enter their details. You must also have them recognise their responsibilities as a matter of urgency whenever there is inside information.
Using an automated system like InsiderLog makes it easy to generate your list because it sends reminders to insiders until they take action. Being able to show that you have taken every possible step to meet your obligations will help you demonstrate your commitment to compliance. The intuitive system also means you can create the list more easily than by using spreadsheets or other solutions.
It also further bolsters the message that you cannot rely on a permanent insider list for compliance. ESMA is keen for issuers to include as few people as possible in this type of list. Adding too many people to a permanent list inflates it and could hinder a potential investigation, as was the situation with Company A; the regulator could not ascertain who did have access to the information.
Get help with insider lists
InsiderLog is a digital tool that automates the management of inside information and insider lists. It saves time and ensures compliance with MAR, reducing the chance of human error and making sure you have access to all the records you need and an audit trail as evidence of your efforts.
Request a demo of InsiderLog today.
