This post was written by Amy J. Greer.
The latest account intrusion case brought by the SEC had all of the usual hallmarks: a foreign national; hacking into accounts; and trading long distance. But this newest case revealed a potentially more dangerous threat: unfettered and direct access to the markets by those out to commit fraud, whose identifies are hidden through omnibus trading accounts or sponsored market access arrangements. For the first time, the SEC has taken action to try to limit that threat.
Account intrusion cases are not new, unfortunately. The SEC brought the first of these cases when I was still at the agency, back in December 2006. And I was a part of the team that brought the case, against a Belize corporation, located in Estonia, run by a Russian national, which tells you everything you need to know about how difficult it was to effect service – but we did, eventually. In that case, known as Grand Logistic, S.A., which was the name of the company (seemed pretty apt), the SEC also froze some of the assets, since they remained in a US brokerage account, as well as working with foreign regulators to attempt repatriate some of the assets that had been moved out of those accounts. Much about this sounds too familiar to the case brought by the SEC last week against a Latvian national, Igor Nagaicevs, who appears to have gotten away with this conduct for over a year and to have absconded with the cash – $850,000.
For those unfamiliar with the account intrusion scheme, it’s really just the latest incarnation of a pump-and-dump: a trader with a knack for hacking will buy or sell short, in his own account (preferably a rather secretive account where the trader’s identity will not be obvious to snoopy regulators and SROs), a security that is generally relatively thinly traded; then our hacker will hack into a legitimate brokerage account (like yours or mine) and, using the assets in that account, either cash or cash created by selling holdings, will create movement in the security he already has purchased (the “pump”) by buying or selling a lot more. Then, the fraudster dumps his own holdings, making a little killing, all artificially generated by his own actions.
Now, there are at least two other parties to this scheme that do not involve our trader/hacker guy: the trading firm that is giving him market access and the victim brokerage, where the accounts are getting hacked. Up until last week, neither of these had ever been charged by the SEC. In regard to the victim brokerage firms, they have been making their account holders whole, at rather significant cost. For that reason, and presumably because they are also taking whatever steps are humanly possible to prevent such activity, and also because, perhaps appropriately, the SEC rarely takes action against those viewed as victims, the SEC has never acted against these victim brokerage firms. But with this most recent Nagaicevs case, the SEC has decided that it is had enough with these omnibus trading accounts and sponsored market access arrangements that mask the identity of the actual traders, especially when those traders turn out to be committing frauds. Accordingly, the SEC has charged these various unregistered trading firms and their principals, and several of them have settled the charges, including Alchemy, KM, Zanshin, and Mercury, Richard V. Rizzo, and Mercury and Hyatt. Veiled, unfettered access by traders to the markets is potentially dangerous. The frailty of the markets was well demonstrated in the “flash crash” and many market participants are less than confident that the reasons for that were fully identified (and some think the reasons have yet to be identified at all). “Hidden” traders are also free to trade on material nonpublic information. The degree of potential mischief making is somewhat self-evident. Beginning to close off an avenue for such trouble-making seems like a really necessary first step.