HomeLearnBoKEvents & Case StudiesFinancial Services Insider Misuse and Insider Trading
Back to Hub
Last Reviewed: 2026-06-24
Reviewer: ITMG® Security Advisory
BoK Reference Sheet
Reference Case study

Financial Services Insider Misuse and Insider Trading

Financial-services and market-abuse insider events involve trusted access to customer, account, payment, trading, transaction, or material nonpublic information that is used or disclosed without authorization.

Based on real event: SEC insider-trading action involving former Pfizer employee and MNPI.

Incident Case Analysis & Real-World Context

Case basis: Based on real event. The SEC charged a former Pfizer statistician and another individual with insider trading ahead of an announcement about successful clinical-trial results. The matter illustrates how trusted access to material nonpublic information can be misused for personal trading or shared with others outside the organization.

Why This Event Pattern Matters

MNPI misuse is an insider-risk concern because it combines access governance, information barriers, compliance surveillance, communication monitoring, HR processes, and regulatory exposure.

Common Event Scenarios & Progression Path

Access to confidential deal, trial, earnings, research, customer, or market-moving information.

Trading activity or external communication near a sensitive event.

Potential tipping to friends, family, business partners, or external actors.

Need to connect cyber, compliance, and HR evidence.

IRCF™ Capability Alignment

Lessons from this event pattern directly map to the following canonical Insider Risk Capability Framework™ (IRCF™) components for organizational capability improvement:

Oversight and ComplianceGovernanceIAMData ProtectionMonitoringAnalysisInvestigationRisk Management and Reporting

Insider Threat Matrix Alignment

Matrix mapping includes means through legitimate information access, preparation through collection or sharing of MNPI, and infringement through unauthorized use or disclosure. Avoid Matrix mapping where the evidence is purely trading surveillance without system behavior.

*The Insider Threat Matrix™ is an open framework maintained by Forscie Limited for computer-enabled insider threat investigations.

Controls & Safeguards to Leverage

Information barriers and need-to-know access to MNPI.
Deal-room and sensitive-project access reviews.
Employee trading and outside-account surveillance where applicable.
Controls on forwarding, downloading, and external sharing of sensitive information.
Escalation between Compliance, Legal, Security, HR, and business leadership.

Relevant Program Metrics & KPIs

Metric
MNPI access exceptions.
Metric
Information-barrier violations.
Metric
Employee trading alerts tied to sensitive information access.
Metric
Deal-room access review completion.
Metric
Time to legal and compliance escalation.

Legal, Privacy, and Ethical Cautions

MNPI cases may involve securities law, employment law, privacy, whistleblower rules, record retention, regulatory reporting, and privilege. Avoid giving securities-law advice; route case-specific issues to counsel.

Source References & Investigation Fact-Verification

SEC, Press Release 2023-123, SEC Charges Former Pfizer Statistician with Insider Trading Ahead of COVID-19 Announcement, June 29, 2023.

Operationalize This Learning

Need to evaluate whether this scenario is covered in your environment? Use RiskTKO® or request a Guided Exposure Assessment to evaluate your current control coverage, capability maturity, and exposure trends.