Flexible working, and working from home have risen significantly post-Covid, and it’s now much more common for employers to offer working from home as a full-time or part-time option. While this can increase overall productivity and provide a better overall quality of life for the employee, there are additional risks that can arise for the business. One of these has been highlighted in recent weeks in the case of Tyler Loudon, read about it here, where the SEC has found him guilty of making illegal profits, based on trading on inside information, for which he faces a financial penalty, and also potential criminal charges.
The article notes that Mr. Loudon overheard conversations that his wife was having while there were both in home offices 20 feet away from one another. The content of these conversations related to M&A transactions that her employer, BP, was involved in. Mr. Loudon bought shares off the back of this information and profited $1.76 million from these trades, when BP announced its takeover of TravelCenters. While his wife did not directly give this information to Mr. Loudon, nor did she know of the sale purchase, BP also terminated her employment.
When working in an official company office, there are significant controls in place to ensure that private information remains as such, and does not get disclosed, either intentionally or by accident. There can be both physical barriers between public and private side employees (separate offices / dealing floors), as well as digital ones (media and email monitoring). Almost certainly as part of a regulatory requirement, the risks around inside information dissemination will be considered when a risk assessment is carried out. The inherent risks for private side employees are high, and so controls need to be suitably considered to mitigate this risk.
Over Covid, the FCA warned that firms should consider insider trading risks while people were working from home, and it's clearly a difficult one to mitigate entirely. You need to consider:
Data security is also important, ensuring that communication is carried out over secure VPN channels to avoid potentially less secure home WiFi.
Asking employees to carry out a risk assessment in their home work space, highlighting any risks and asking them to rank their own controls onsite, is a great way to educate employees and to ensure that regulatory concerns are being fully considered. Using a SaaS platform like RISKGRID ensures that your employees can easily and cheaply carry out a risk assessment in their home work place and communicate any concerns around controls back to their employer – it also allows the employer to extend their risk assessments to all sites where business takes place, rather than just to “official” locations.
The ability to carry out a risk assessment and self-certify is hugely valuable when working from home in the regulated space, and ensuring that assessments are easy to carry out and monitor is critical for both employees and employers.
If you’d like further information on how to use RISKGRID for carrying out risk assessments both on- and off-site, please reach out to us at [email protected]
Input your search keywords and press Enter.