SEC charges Virtu over alleged failure to safeguard insititutional customers’’ trade


The Securities and Exchange Commission today filed charges against broker-dealer Virtu Americas LLC and its parent company, Virtu Financial Inc. (collectively, Virtu), for making materially false and misleading statements and omissions regarding information barriers to prevent the misuse of sensitive customer information.

As alleged in the SEC’s complaint, Virtu Americas and its affiliates operated two businesses that it purported to have walled off from each other: an order execution service for large institutional customers, whereby Virtu Americas executed customer orders, typically for a commission, and a proprietary trading business, through which Virtu Americas bought and sold securities for its own accounts and benefit. From approximately January 2018 through the beginning of April 2019, however, Virtu Americas allegedly failed to safeguard a database that contained all post-trade information generated from customer orders routed to, and executed by, Virtu Americas, including customer identifying information and other material nonpublic information. The SEC’s complaint alleges that this database was accessible to practically anyone at Virtu Americas and its affiliates, including their proprietary traders, through two sets of widely known and frequently shared generic usernames and passwords. Virtu Americas’ failure to safeguard this information created significant risk that its proprietary traders could misuse it or share it outside Virtu Americas. For example, a Virtu Americas proprietary trader allegedly could observe that Virtu Americas had executed the orders of a large institutional customer throughout the day, understand that the same customer may follow a similar trading pattern over the next days, and take advantage of such information by trading ahead of the customer’s subsequent orders.

Nonetheless, during this fifteen-month period when Virtu Americas failed to establish, maintain, and enforce policies and procedures reasonably designed to prevent the misuse of that information, Virtu misled customers about the existence and adequacy of such information barriers. As alleged in the SEC’s complaint, in some instances Virtu overstated the controls, barriers and processes it had in place to secure its institutional customers’ post-execution trade data, and in others falsely represented to those customers that only employees with a need to see such information - a group that did not include proprietary traders - could do so. Following these false and misleading statements, a number of institutional customers continued to use Virtu Americas to execute their orders, resulting in significant commissions for Virtu Americas.

“At a time when Virtu Americas handled around a quarter of all market orders placed by retail investors in the U.S., we allege that proprietary traders had nearly unfettered access to material nonpublic information about its institutional customers’ trades - information which could be abused for personal gain,” said Gurbir S. Grewal, Director of the SEC’s Division of Enforcement. “Despite the absence of any critical safeguards whatsoever around this information, we further allege that Virtu repeatedly misled institutional customers and the market about how Virtu Americas was protecting this valuable data to generate significant commissions. Today’s enforcement action not only holds Virtu accountable for its failings, but also sends a strong message to firms that they must do much more than use shared, generic usernames and passwords to protect against and prevent the misuse of material nonpublic information.”

“Virtu allegedly painted a materially misleading picture as to the safeguards it had in place to protect its customers’ confidential information, even when customers specifically asked about the firm’s handling of their post-trade information,” said Carolyn M. Welshhans, Associate Director of the SEC’s Enforcement Division. “As our enforcement action shows, the SEC is committed to ensuring that firms provide accurate information for customers to make their investment decisions.”

The SEC’s complaint, filed in U.S. District Court for the Southern District of New York, alleges that Virtu violated Sections 17(a)(2) and 17(a)(3) of the Securities Act of 1933, and that Virtu Americas violated Section 15(g) of the Securities Exchange Act of 1934, and seeks permanent injunctive relief, disgorgement with prejudgment interest, and civil penalties.

The SEC’s investigation was conducted by Alexandra M. Arango and David Bennett of the Market Abuse Unit, and supervised by David A. Becker, Paul Kim, Joseph Sansone, and Ms. Welshhans. The litigation will be led by Damon Taaffe under the supervision of James Carlson and James Connor. The Division of Examinations conducted an examination that contributed to the investigation.


By on Wed, 13 Sep 2023 10:21:00 GMT
Original link