IT consultant Steven Oakes has today been sentenced in the County Court at Melbourne to a total effective sentence of three years imprisonment, and ordered that he be released after serving 18 months of the term of imprisonment, on his own recognisance to be of good behaviour for 18 months, after pleading guilty to a total of 11 charges for insider trading, unauthorised access to data with the intention to commit a serious offence (insider trading) and the alteration of electronic devices required by ASIC.
Between January 2012 and February 2016, Mr Oakes hacked into the private computer network of Melbourne-based financial publisher, Port Phillip Publishing (PPP). Mr Oakes attended within the vicinity of PPP’s secure Wi-Fi network and used hacking software to intercept and decrypt Wi-Fi data to obtain the network login credentials of PPP staff. He did this with the intention of using PPP’s information to engage in insider trading.
The inside information was buy recommendations for shares in particular ASX listed companies from unpublished PPP stock recommendation reports. The publication of a buy recommendation by PPP for a particular company typically caused an increase in that company’s share price.
Mr Oakes used this inside information on 70 occasions to buy shares in 52 different companies, before the reports with the buy recommendations were published. He made profits from selling the shares soon after the publication of the reports (18-136MR).
During ASIC’s investigation, ASIC Enforcement officers visited Mr Oakes at his home and gave him a compulsory Notice under the ASIC Act requiring him to immediately produce to the officers particular electronic devices. Mr Oakes failed to produce the devices at that time, instead providing them at a later date. When the devices were analysed by ASIC digital forensic analysts, they found that Mr Oakes had altered the devices to delete data relating to ASIC’s investigation. (See more in the ASIC infographic below)
‘Technology-enabled offending, including cyber-related market misconduct, has been a priority for ASIC’s Enforcement teams. Despite the sophistication of cyber criminals, ASIC can identify and investigate suspicious market activity connected to computer hacking activities, as it did in the case against Mr Oakes. Traders should be aware that ASIC continues to focus on cyber-related offending,’ ASIC Commissioner Cathie Armour said.
In sentencing Mr Oakes, Her Honour Judge Fox said Mr Oakes was ‘motivated by greed’, that ‘insider trading is a form of cheating. It is not a victimless crime’. Her Honour also stressed, ‘if you access a secure computer network to commit a crime, you should expect to go to jail’.
The Commonwealth Director of Public Prosecutions prosecuted the matter.
The emergence of cyber-related offending is amongst the most significant concerns for financial markets and the economy at large.
ASIC continues to pursue cyber-related market offending but also encourages all entities operating in Australia’s financial markets to improve their cyber resilience, to combat against these sophisticated crimes.
Given the central role that firms operating in Australia’s financial markets play in our economy, the cyber resilience of these firms and participants in our financial markets is a key focus for ASIC.
ASIC’s Report 555 provides a snapshot of the cyber resilience of firms operating in Australia’s financial markets. It identifies key trends from self-assessment surveys completed by financial markets firms and highlights existing good practices and areas for improvement.
ASIC uses specialist markets surveillance technologies for its supervision of markets, involving the analysis of large volumes of trading data, and real-time surveillance. These technologies enable ASIC to detect, understand and respond to misconduct such as insider trading.
Published by Australian Securities & Investments Commission. Reproduced with permission.