Email data loss prevention

Intelligent DLP: a better way for investment firms to enforce information barriers

by Marcus White
Published on 7th Dec 2022

An information barrier (otherwise known as an ethical wall) is the physical or electronic separation of people within a firm that prevents confidential information from passing between them. These barriers are key to preventing conflicts of interest, maintaining compliance with regulations, and avoiding MNPI (material non-public information) breaches.

However, the current method many organizations use for enforcing information barriers is labor-intensive and prone to errors. For such an important process, there’s a better and more proactive way – intelligent DLP.

The risk of an MNPI breach

The SEC filed 760 enforcement actions in fiscal year 2022, a 9% increase from 2021. They recovered a record $6.4bn – a huge increase from the $3.852bn recovered the previous year. According to Gurbir S. Grewal, Director of the Division of Enforcement, “While we set a Commission record this past fiscal year for total money ordered at $6.4 billion, including a record $4.2 billion in penalties, we don’t expect to break these records and set new ones each year because we expect behaviors to change. We expect compliance.”

Breaching regulations around insider trading can result in hefty fines and, in some cases, even imprisonment. Below are three recent examples of regulation breaches:

  • 2021: the FCA charged an ex-Goldman Sachs employee and his brother for fraud and insider trading after allegedly profiting from information about deals Goldman worked on.
  • 2021: the SEC charged AT&T with violating Regulation FD (“Reg FD”) for selectively disclosing MNPI to research analysts.
  • 2022: the SEC charged two Chinese tech executives fines of $556,580 and $200,254 for insider trading following an investigation that revealed share sales made ahead of poor earnings.

Employee training, surveillance, reviews, and trading restrictions are all key ways to protect against MNPI breaches. However, while many MNPI breaches result from the intentional sharing of information, breaches can also occur due to unintentional sharing that passed through weak information barriers. For example, an employee accidentally emailing sensitive information to the wrong person within their organization. 

How are Wall Street firms currently enforcing information barriers?

Email is the most common way data is lost or misdirected. As a result, it’s also one of the most common ways that information barriers are breached. Many firms still rely on static, rules-based email data loss prevention (DLP) offered by Microsoft 365 and secure email gateways (SEGs) to prevent these breaches. However, this is not sufficient. 

It requires too much administrative overhead to maintain static DLP policies, especially when working with multiple clients or people and organizations with similar names. Static DLP is also unable to understand the context in which individuals share information to dynamically prevent emerging risks.

Once static rules have been manually set, they often over-prompt people, resulting in ‘click fatigue.’ This can lead to users clicking past genuine risks out of frustration or IT teams having to relax their static rules to make them more workable over time but less secure. In our 2021 Data Loss Prevention Report, in which we surveyed 500 IT leaders, we found that 100% of them were frustrated with their traditional email  DLP tools and that 42% believed over half of their email security incidents were going undetected.

At the moment, compliance teams spend time going back through emails and retrospectively scanning for potential breaches of information barriers via manual keyword searches. If they discover that an information barrier has been breached, they then have to report the breach to the SEC. At this point the firm will have to suspend trading of the security. They’re covered from a regulatory perspective, but there is an impact to the bottom line while business is stopped.

Proactively enforce information barriers with intelligent DLP

Intelligent email DLP solutions such as Egress Prevent let security teams dynamically update keywords, terms, and policies in line with existing systems and data sources within their organization. As part of the Egress Outlook Add-in and combined with our gateway infrastructure, Prevent uses both supervised and unsupervised machine learning technology to dynamically analyze risk and uphold information barriers in real time.  

Prevent can scan emails to determine whether there is sensitive or identifiable data in the message content. It then interrogates the recipient and their domain to spot any potential breach or conflict of interest and determine whether they should access this information. If a risk is identified, a clear prompt explains the risk so that the user can avoid a potentially costly security incident. 

Egress Prevent demo

Content, recipient, and domain analysis lead to dynamic alerts (and the option to block) emails for users who deliberately or accidentally attempt to breach information barriers. This moves the point of triage to the end user and reduces the number of events for compliance teams to deal with. As this is preventative rather than reactive, trading won’t need to be suspended every time a potential breach is discovered – they can be dealt with in real time. 

Learn how to avoid disclosure of information and conflicts of interest through information barriers enforced by intelligent DLP.