SEC untangles spider’s web

However, there was a fascinating development from the SEC last week, albeit
not necessarily a pleasant one, for US-listed businesses.

In an emergency federal court action, the SEC charged two Estonian men, the
aptly named Oliver Peek, alongside Kristjan Lepik and the investment firm they
work for, Lohmus Haavel & Wiisemann, with allegedly operating a fraudulent
scheme to gain electronic access to 360 market announcements from more than 200
US public companies before publication, and using this to make at least $7.8m
(£4.45m) in profits from buying and selling shares.

The charge alleged that Lohmus became a client of news and regulatory filings
provider Business Wire and tried to access its secure client database using what
is known as a ‘spider program’. The defendants then bought long or sold short
the stocks of companies whose information they had stolen. The ‘spider’
systematically retrieved sensitive, secure password-protected information from
Business Wire’s website.

‘We acted to stop a pernicious securities fraud and to preserve funds for
investors,’ claimed administrator Daniel M Hawke.

However, for those listed companies expecting state-of-the-art firewalls and
IT security, it’s disturbing to note that those looking to use technology to
cheat and steal will always be one step ahead of the ‘good guys’.

So how did the SEC work out what was going on? It simply looked at the number
of shares traded prior to the announcement of market-shaking events, in a bit of
old-fashioned investigating.

To be fair, the SEC had to do some high-tech detective work and look through
Business Wire’s online logs, tracing back through various other internet-based
sources to Oliver Peek and pals.

So when you send a release through the Regulatory News Service, just ask them
to make sure to look out for spiders.

Kevin Reed edits Accountancy Age’s technology page

Related reading