Latest Insider-Trading Case Highlights Law Firms’ Risks

Latest Insider-Trading Case Highlights Law Firms’ Risks
March 20, 2014 8:23 p.m. ET
Clients rely on big law firms to safeguard all manner of secrets, from intellectual property to confidential information about big-ticket mergers.But a handful of high-profile insider trading schemes—including one revealed this weekthat allegedly turned on tips from an employee at New York law firm Simpson Thacher & Bartlett LLP—highlight the internal risks firms face at a time when sensitive information can be accessed with just a few keystrokes.
“Your employees are your highest risk,” said Linn Freedman, a partner at Nixon Peabody LLP and head of the firm’s privacy and data protection group, who isn’t involved in the latest case. “If someone is going to commit a criminal act, there is only so much you can do to prevent it.”
Prosecutors allege that Steven Metro, a former managing clerk with Simpson Thacher, leaked confidential information on a number of transactions by accessing material on the firm’s computer system. The law firm is known for its work in private equity and mergers and acquisitions. “Metro told the Middleman that he did so in a way that he believed would leave no evidence that he had accessed the documents, which would possibly expose the scheme,” according to a civil complaint by the Securities and Exchange Commission.
A lawyer for Mr. Metro couldn’t be reached for comment on Thursday. Earlier this week the lawyer said his client intended to plead not guilty.
Thirty years ago, confidential files would have been kept in locked cabinets or conference rooms. Now they are stored electronically, often on firmwide networks where lawyers can access documents from offices around the globe. Much of the work on big mergers and acquisitions deals happens in what’s called a data room—a virtual platform where due diligence materials are placed so that bankers, consultants and other attorneys can access the information without logging onto a law firm’s server.
Some firms have strict procedures in place intended to keep word from leaking out about potential deals involving public companies. They might use code names for certain clients, or ensure that documents relating to the transaction can only be read by members of that team.
Still, enterprising lawyers or staffers have other ways to find out about big transactions, from water cooler chatter to more calculated efforts, such as checking in on a firm’s conference room schedule to see if a number of rooms are booked under one client’s name.
In at least one instance in the alleged insider-trading scheme at Simpson Thacher—when Mr. Metro, who held a clerical role at the firm, accessed information about Tyco International Ltd. TYC +0.05% ‘s plans to buy Brink’s Home Security Holdings Inc.—he had also billed time in connection with the deal, according to the SEC complaint, and so could reasonably have been given access to the information.
Simpson Thacher declined to comment for this article. “We have strong internal controls in place and will review our systems and procedures to determine if there are ways in which they could be further strengthened,” the firm said in a statement on Wednesday.
Many law firms are reluctant to discuss such breaches, which can do considerable harm to a firm’s reputation. The legal profession was rocked when in 2011 prosecutors uncovered an insider-trading scheme that netted $32 million over a 17-year period during which attorney Matthew Kluger leaked confidential information he accessed while working at a number of top law firms. Mr. Kluger later pleaded guilty.
To be sure, such leaks also occurred long before law firms migrated to electronic platforms. For example, in 1986 Ilan Reich, a takeover lawyer with Wachtell, Lipton, Rosen & Katz, pleaded guilty to two criminal counts for his role in an insider-trading scandal involving Dennis B. Levine, an investment banker at Drexel Burnham Lambert Inc. Mr. Levine also pleaded guilty.
“Some of the firms are very sophisticated and have considered the insider threat and have dealt with access control accordingly,” said Eric Friedberg, an executive chairman at Stroz Friedberg, a computer forensics and investigations firm that has consulted on these issues with a number of firms. “Some haven’t.”
Locking down information can run counter to the culture at many law firms, where attorneys are accustomed to collaborating on work. Extra layers of security can slow things down, especially when new lawyers are added to a team and need to get up to speed quickly.
“Information is not useful if you can’t share it, and far-flung enterprises have to share it with personnel in far-flung places,” said Joel Brenner, a Washington, D.C., legal consultant and former inspector general of the National Security Agency.
And while some law firms have taken steps to limit who can see such data, security experts say even the best internal controls can’t do much to stop insiders who have access from abusing it.
“Most people behave honorably,” Mr. Brenner said. “But it doesn’t take many bad apples in a barrel to cause a stink.”

About bambooinnovator
Kee Koon Boon (“KB”) is the co-founder and director of HERO Investment Management which provides specialized fund management and investment advisory services to the ARCHEA Asia HERO Innovators Fund (, the only Asian SMID-cap tech-focused fund in the industry. KB is an internationally featured investor rooted in the principles of value investing for over a decade as a fund manager and analyst in the Asian capital markets who started his career at a boutique hedge fund in Singapore where he was with the firm since 2002 and was also part of the core investment committee in significantly outperforming the index in the 10-year-plus-old flagship Asian fund. He was also the portfolio manager for Asia-Pacific equities at Korea’s largest mutual fund company. Prior to setting up the H.E.R.O. Innovators Fund, KB was the Chief Investment Officer & CEO of a Singapore Registered Fund Management Company (RFMC) where he is responsible for listed Asian equity investments. KB had taught accounting at the Singapore Management University (SMU) as a faculty member and also pioneered the 15-week course on Accounting Fraud in Asia as an official module at SMU. KB remains grateful and honored to be invited by Singapore’s financial regulator Monetary Authority of Singapore (MAS) to present to their top management team about implementing a world’s first fact-based forward-looking fraud detection framework to bring about benefits for the capital markets in Singapore and for the public and investment community. KB also served the community in sharing his insights in writing articles about value investing and corporate governance in the media that include Business Times, Straits Times, Jakarta Post, Manual of Ideas, Investopedia, TedXWallStreet. He had also presented in top investment, banking and finance conferences in America, Italy, Sydney, Cape Town, HK, China. He has trained CEOs, entrepreneurs, CFOs, management executives in business strategy & business model innovation in Singapore, HK and China.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: