As insiders of Synenco Energy Inc. feverishly negotiated a takeover bid last spring, they did not know the progress of their talks was being monitored by an unseen observer.
Regulators revealed Monday that an information technology analyst working at TD Securities Inc. in Calgary was reading the personal e-mails of investment bankers working on the deal, and bought Synenco securities using undisclosed information about a pending offer from French energy giant Total SA.
Although based in Calgary, Fadi Hurani admitted he traded through a brokerage account set up in Montreal under a relative's name.
The investigation comes amid a string of recent cases in which people apparently far from the inner circles of corporate power have been accused of trading on information they allegedly obtained by illicitly reading e-mails.
While it appears no senior officials involved in any of the recent cases knew their companies' confidential information had been breached, regulators say firms are responsible for ensuring critical e-mail is not intercepted.
Alberta Securities Commission spokeswoman Tamera Van Brunt said companies "must remain vigilant" in securing insider information that is communicated by e-mail.
"It is up to each company to ensure the security of insider information, whether it is transferred electronically or physically, and stress to staff the importance of security and the possible consequences of using insider information," she said.
Most of the recent cases involve people who had access to e-mails by working in information technology jobs, or by knowing people in such positions.
Two weeks ago, for example, the Ontario Securities Commission accused a former employee of Celestica Inc. of illegal insider trading, alleging he had obtained unauthorized access to e-mails of the company's executives.
The OSC alleged Rajeev Thakur made a profit of $640,000 after allegedly obtaining access to e-mails of senior executives from his sister, who worked in the information technology department. Mr. Thakur was a director in Celestica's Business Processing Outsourcing Strategies division, but was not a senior executive. The regulator's allegations have not been proved.
Kent Kaufield, who leads the Canadian technology and security risk practice at Ernst & Young, said some companies are adopting methods to control so-called "privileged users" who have access to confidential information because they work in tech support or similar jobs.
He said companies can put extra security around the e-mail of key people who are likely to have confidential information, or can regularly rotate the amount of access given to privileged users so no individual can always look at sensitive e-mails. There is also software to track the activities of privileged users to detect unusual behaviour.
"It's hard to contain it 100 per cent," he said. "But there's absolutely ways in high-risk areas to at least make the wall a little higher so people have to work harder, or at least make the opportunity for them to get detected that much better."
In a settlement agreement approved Monday by the Alberta and Quebec securities regulators, Mr. Hurani admitted he made a profit of $92,456 buying Synenco call option contracts before the Total bid was announced in April.
He also admitted to buying shares of Spectra Energy Income Fund last year after reading e-mails about a pending offer to buy all the outstanding shares of the trust. He admitted he earned $26,017 on the purchases.
"Hurani's position gave him access to confidential information and personal e-mails stored on the network drives located on the Calgary server for TD Bank," the settlement agreement states.
Mr. Hurani agreed to pay a penalty of $236,946 and costs of $20,000 toward the investigations. He is also banned from trading securities for seven years except in a registered retirement or education plan.
In an earlier case, the OSC and the U.S. Securities and Exchange Commission accused a former e-mail administrator working at a subsidiary of MDS Inc. of accessing confidential e-mails received by senior executives about takeover target Molecular Devices Corp. of California.
Shane Suman was accused of buying shares of Molecular Devices in the days before the takeover bid was announced. Regulators alleged Mr. Suman and his wife earned a profit of almost $1-million (U.S.) from the trading.
Mr. Suman has denied the allegations.
The OSC also last year accused a legal secretary of law firm Bennett Jones LLP of earning a profit of $51,569 by making stock purchases over a three-year period based on conversations with staff working on deals, and by reviewing file materials, including e-mail.
In a settlement with the commission, Betty Leung admitted she used confidential information to trade securities in eight companies between 2005 and 2008.
Janet McFarland