The Financial Services Authority has identified sloppy IT controls as a key contributor to insider trading leaks in the M&A industry.
The UK watchdog kicked off a review of business practices last year as market stats showed regular share price movements ahead of public disclosure of take-over activity.
The review has pinpointed complacency, open access to IT systems and security issues around the use of Blackberrys, memory sticks and laptops.
"Some firms were careful in limiting the number of people made official insiders but had not considered the implications of open access IT systems, meaning that non insiders could also, theoretically, access inside information," states the FSA. "Some firms had not considered IT security issues surrounding the use of Blackberrys, laptops and storage media."
The watchdog was also unimpressed by the volume of e-mail traffic generated during takeover deals, and the failure of firms to encrypt information flows or use code words to avoid inadvertent disclosures.
Among the remedies, the FSA has suggested the use of secure data rooms -accessible only by insiders - dedicated IT support for deal teams, and more security on mobile phones, Blackberrys, laptops and memory devices. The FSA also suggests firms should employ 'ethical hackers' to check the robustness of IT systems and keep abreast of any new methods of data theft.
Sally Dewar, FSA director of Markets, comments: "All firms who handle inside information relating to takeovers should review the robustness of their own controls against the findings from this review and make any necessary improvements that they can make.
"Key to these improvements will be the development of a Statement of Good Practice to assist non-regulated firms who participate in the M&A sector. We will be working closely with a range of external stakeholders to develop this."
The full FSA report can be read here:Download the document now 88.9 kb (PDF File)