Federal authorities have charged 30 people in connection with an insider trading network that allegedly operated for over a decade by exploiting access controls at several large U.S. law firms.
Singapore Summit: Meet the largest APAC brokers you know (and those you still don't!)
The case involves licensed attorneys, financial professionals, and a web of offshore brokerage accounts, and it raises specific questions about how professional services firms manage access to sensitive deal information.
How the Scheme Worked
At the center of the indictment is Nicolo Nourafchan, a licensed attorney who worked at multiple large law firms. Prosecutors allege he used his authorised access to law firm document management systems to view confidential materials on nearly 30 pending M&A transactions, including deals he was not assigned to.
"An FBI Boston investigation has resulted in charges against 30 individuals for their roles in a global insider trading scheme that netted tens of millions in illicit profits.
— Watcher.Guru (@WatcherGuru) May 6, 2026
The FBI executed arrests in AL, CA, FL, NJ, and NY today for individuals who are accused of…
He then passed that material non-public information to a network of middlemen and traders in exchange for cash payments running into the hundreds of thousands of dollars.
To avoid detection, the network traded through shell companies and foreign brokerage accounts in Switzerland and Panama. Members used burner phones and coded language referring to the health of a "rabbi" to signal the status of a pending deal.
The investigation relied on encrypted message recovery and trade timing analysis to connect the participants.
"Everyone charged today is accused of scoring significant profits from expected market moves and making out like bandits," said FBI Special Agent Ted E. Docks. "Anyone who engages in insider trading fundamentally undermines the trust necessary for our financial markets to function."
Where the Controls Failed
For compliance and risk officers, the indictment identifies several specific failure points worth examining. Nourafchan could view deal documents across the firm's network without being a member of the deal teams involved.
That points to an absence of least-privilege access controls, which is a basic information security principle that limits system access to what a user's role actually requires.
The scheme reportedly continued while Nourafchan was on a leave of absence, suggesting his credentials were not suspended when his active status changed.
On the brokerage side, the use of shell companies and foreign accounts to conceal the source of trades puts pressure on a persistent weak point: identifying the ultimate beneficial owner behind suspiciously timed positions across multiple jurisdictions.
- 2 GlobeNewswire Employees Are Suspected of Insider Trading by the OSC
- SEC Indicts 5 Russians for $82M Hacking and Insider Trading Scheme
- SEC to Settle with Five Involved in Insider Trading Scheme
What the Case Signals For the Industry
The SEC's involvement over the course of a multi-year investigation reflects the agency's growing capacity to link trade activity across global markets back to a single source through data analysis.
The broader takeaway for the brokerage and professional services industry is operational rather than abstract. External security perimeters matter less when internal access controls are not enforced at the role level.
The threat in this case was not an external intrusion — it was a credentialed user browsing files he was not supposed to see, for years, without triggering an alert. Defendants are spread across California, Florida, New York, and overseas.
The case also comes as regulators and prosecutors are increasingly scrutinising insider trading across prediction markets and crypto-linked event contracts.
