Despite the fact that the American Security and Exchange Commission has charged that a Maltese company was heavily involved in the biggest-ever prosecuted case of insider trading cyber-fraud linked to the trading of securities, the Maltese authorities have so far remained curiously silent on the case.

Questions sent to the Malta Financial Services Authority, the police force and the Finance Ministry last Wednesday remained unanswered by the time of going to print yesterday.

On Tuesday, it emerged that American investigators are alleging that a Maltese company, Exante Ltd, was one of the major players in an international cyber-fraud securities trading ring in which hackers gave the company confidential earnings information for numerous publicly traded companies, before the information was released to the public, from press releases it had stolen from at least two newswire services.

The Maltese company and others involved in the ring then allegedly used that stolen information to trade securities and reap over US$100 million in unlawful profits. 

Out of that US$100 million, Exante Ltd, whose offices are located at the Portomaso Tower, is alleged to have raked in US$24.5 million in “ill-gotten gains” - accounting for close to a quarter of the entire worth of the scam, which American investigators are calling the biggest case of its kind ever prosecuted.

 

Exante denies allegations

In a statement on Friday night, Exante vehemently denied any involvement in the scam.

“It is unfortunate that the SEC complaint does not reflect Exante’s services, its business model, and the regulatory conditions Exante operates in, the company said in a statement.  “Exante works under license number IS/52182, issued by the Malta Financial Services Authority. Exante is a broker and provides direct market access (DMA) to most markets in the world.

“Contrary to the claims made in the complaint and subsequently in the media, Exante is not, and has never been, a hedge fund, and Exante has never traded US stocks for its own account. Instead, Exante simply executes trades ordered by and for the account of its customers, not by or for Exante itself.

“Exante is unaware of any contact or affiliation by Exante or its directors, owners, or employees with any of the “Hacker Defendants” or “Dubovoy Group Defendants” named in the SEC complaint or with any of the defendants named in the related criminal proceeding.  Nor does Exante believe that it received any illegally obtained or other inside information regarding public companies.  Exante is not a defendant in the criminal proceeding, and none of its directors, owners, or employees has been charged in either proceeding. 

“Exante continues its operation in full, and our employees will continue to do their best to ensure that our clients receive outstanding service paired with security of their assets.

“Exante has been working hard to create a strong recognisable brand with a solid standing, and any illicit trading will not be tolerated. We are closely co-operating with all authorities (SEC and MFSA) to attempt to rectify the misunderstandings, and are ready to provide assistance and hopefully resolve the matter in the near future.

“Exante has engaged Howard Schiffman, a former SEC prosecutor, and Eric A Bensky of Schulte Roth & Zabel LLP, a US-headquartered law firm that routinely represents major financial services organisations, to represent it in the SEC proceeding.”

 

Despite protestations, Exante in the crosshairs

The hackers allegedly worked in concert with a network of traders, one of which was Exante, who paid the hackers for the stolen information - either through a flat fee or a percentage of the illicit profits gained from the illegal trading on the information.

A lawsuit filed by the US Security and Exchange Commission on Monday named the Maltese company as one of 15 that prematurely received company earnings reports from the international hacking ring between 2010 and 2015.  A further 17 individuals, mostly hackers, were also named as defendants.

Although based and incorporated in Malta, Exante’s five directors are all Russian and Latvian nationals, while its €13.6 million shareholding is owned by Russian and Latvian individuals, as well as by companies based in the Cayman Islands and the British Virgin Islands.

According to a complaint filed by the SEC in the New Jersey District Court on Monday, Exante - which American investigators said “purports to be a Malta-based hedge fund” - holds proprietary trading accounts at Interactive Brokers and at Lek Securities, which were used in connection with the securities trading scam.  In all, American investigators say Exante itself raked in US$24.5 in “in ill-gotten gains” through trades over the platforms.

In its complaint, the SEC explains that several of Exante’s directors are also owners of another co-defendant company, Global Hedge Capital Fund Ltd, and that the two entities share employees.

The SEC details how, “Exante and Global Hedge frequently made illicit trades in the same securities, on the same days and around the same time, and often through the same IP addresses.”

Global Hedge Capital Fund Ltd, meanwhile, according to the SEC, “purports to be a Cayman Islands-based hedge fund with its principal place of business in Moscow, Russian Federation.

“Several of its owners are directors of Exante and the two entities share employees. Global Hedge has a proprietary trading account at Interactive Brokers. In connection with the fraudulent scheme, Global Hedge executed unlawful trades in that account resulting in over $3.8 million in ill-gotten gains, often in the same securities, on the same days and close to the same times, and often through the same IP addresses as Exante.”

US authorities said that beginning in 2010 and continuing as recently as May, they gained access to more than 100,000 press releases that were about to be issued by Marketwired; PR Newswire in New York; and Business Wire of San Francisco. The press releases contained earnings figures and other corporate information.

The defendants then used roughly 800 of those news releases to make trades before the information came out, exploiting a time gap ranging from hours to three days, prosecutors said in their court filings.

How the scam worked, according to the SEC:

1.                   The hackers stole the press releases and passed them to the traders in the window of time between when the press releases were uploaded to the newswire service's system and when the press releases were publicly issued. As a result, the trader defendants had an unfair trading advantage over other market participants because they knew the content of the press releases before that information was publicly announced.

2.                   The defendant traders capitalized on this advantage by initiating trades before the press releases were issued to the public. The defendant traders bought or sold securities depending on their anticipation of how the market would respond to the information in the stolen press releases.

3.                   The traders used deceptive means to conceal their access the stolen releases and make payments to the hackers. The traders also concealed their trading activities through use of multiple accounts and entities.

4.                   Then, after the press release was publicly issued, and the price of the securities changed as the market learned the previously undisclosed information, the defendant traders reaped enormous profits.

5.                   Collectively, the traders used this stolen information to realise over $100 million in illicit gains.

6.                   At least some of the defendants have continued to pursue this scheme at one or more newswire services. As recently as May 2015, some of the defendants traded in front of press releases issued from a third newswire service that had been hacked.