Resources / Fraud and Financial Crime / Insider Dealing

Introduction

Insider dealing is the trading of financial instruments based on information that is not publicly available, and that would, if it were, have a material effect on the price. It is one of the oldest and most consistently prosecuted forms of financial crime. And it remains, despite decades of regulatory effort and increasingly sophisticated surveillance, a live problem.

Market abuse, of which insider dealing is the most serious form, strikes at the foundations of fair markets. The principle that all investors should have access to the same information at the same time is central to how markets are supposed to function. When some participants have access to information others do not, they gain an unfair advantage. The people on the other side of their trades are at a disadvantage. Over time, if markets are perceived to be unfair, confidence in them erodes.

This briefing is written for compliance professionals, legal teams, risk managers, and senior managers in regulated firms and issuers, including listed companies. It summarises key concepts and typical control expectations, but it is not legal advice, and it is not a substitute for jurisdiction-specific counsel on a particular set of facts. It explains the legal and regulatory framework, what inside information is and why it is harder to define in practice than it sounds, how the FCA approaches enforcement, what effective controls look like, and the common failure points that enforcement cases repeatedly expose.

The focus is on the UK regime under the UK Market Abuse Regulation (UK MAR). Where relevant, the guide notes the EU position under the EU Market Abuse Regulation (EU MAR) post-Brexit and the areas where the two frameworks have begun to diverge.

This guide reflects the position as of May 2026. The FCA's enforcement approach to market abuse is active and developing. Readers should monitor FCA Market Watch publications and enforcement notices for current guidance and emerging issues.

The legislative and regulatory framework

The development of UK market abuse law

The regulation of insider dealing in the UK has developed over several decades. The Companies Securities (Insider Dealing) Act 1985 was the first UK statute to criminalise insider dealing explicitly. The Criminal Justice Act 1993, which remains the primary criminal statute for insider dealing, updated and consolidated the criminal framework.

The Financial Services and Markets Act 2000 (FSMA) established the FCA's predecessor, the Financial Services Authority, and its successor powers, including the civil market abuse regime. Historically, FSMA's Section 118 defined market abuse and provided the regulator with a civil enforcement route alongside the criminal route; it was later repealed when the Market Abuse Regulation framework took effect.

The EU Market Abuse Regulation came into effect in July 2016, replacing and significantly strengthening the earlier Market Abuse Directive. It introduced a more unified framework across EU member states, expanded the scope of what constitutes market abuse, and introduced new obligations for issuers and market participants.

Following Brexit, EU MAR was incorporated into UK law as UK MAR by the EU (Withdrawal) Act 2018, amended by the Market Abuse Exit Regulations 2019 to ensure it operates effectively in the UK context, with the onshored regime applying from the end of the transition period on 31 December 2020. The substantive prohibitions and obligations are materially the same, but the UK and EU regimes have begun to diverge in certain areas as each develops its own post-Brexit approach.

UK MAR: the core prohibitions

UK MAR creates three core civil prohibitions. In serious cases, the same or related conduct may also expose individuals (and sometimes firms) to criminal liability under separate offences.

Insider dealing. Insider dealing under UK MAR occurs when a person who possesses inside information uses that information to acquire or dispose of financial instruments to which that information relates, or attempts to do so. It also covers recommending or inducing another person to engage in insider dealing based on inside information, and unlawfully disclosing inside information to another person.

The prohibition applies to anyone who possesses inside information and who knows, or ought to know, that it is inside information. It does not require that a person be an employee of the issuer. A consultant, an adviser, a printer, a family member who overhears a conversation, all can fall within the prohibition if they receive inside information and trade on it.

Unlawful disclosure of inside information. It is prohibited to disclose inside information to another person except in the normal course of the exercise of employment, a profession, or duties. This prohibition sits alongside the insider dealing prohibition and is relevant in its own right: the person who tips off a trader may be liable for unlawful disclosure even if they do not trade themselves.

The normal course exception is important. Inside information necessarily passes between people in the legitimate conduct of business. Lawyers advising on a transaction have inside information. Investment bankers working on a deal have inside information. The question is whether the disclosure was in the normal exercise of their function and whether appropriate controls were in place.

Market manipulation. Market manipulation is a broader category of conduct that distorts the proper functioning of markets. It covers transactions or orders that give false or misleading signals about the supply, demand, or price of a financial instrument, or that secure the price at an abnormal or artificial level. It also covers disseminating information that gives false or misleading impressions about financial instruments, including through social media and online platforms.

Market manipulation is distinct from insider dealing in that it does not require the use of inside information. A trader who places and cancels large orders to create a false impression of demand, a practice known as spoofing, may have no inside information at all but is still committing market abuse.

The Criminal Justice Act 1993

The Criminal Justice Act 1993 (CJA 1993) remains the primary criminal statute for insider dealing. It creates offences of dealing in price-affected securities while in possession of inside information, encouraging another to deal, and disclosing inside information otherwise than in the proper performance of one's employment, office, or profession.

Criminal prosecution for insider dealing carries a maximum sentence of ten years' imprisonment and an unlimited fine for offences committed on or after 1 November 2021; for earlier offences, the maximum was seven years. The FCA has discretion whether to pursue insider dealing under the civil UK MAR regime, the criminal CJA 1993 regime, or both. In practice, the FCA often opens cases on a dual-track basis and decides which route to pursue as the evidence develops.

The civil route is available where the standard of proof (balance of probabilities) and the speed of resolution make it more appropriate. Criminal prosecution is reserved for the most serious cases: those involving systemic conduct, significant profits, abuse of a position of professional trust, or where the public interest in criminal sanctions is high.

Enforcement responsibilities

The FCA is the primary enforcement body for market abuse in the UK. It has a range of powers, including investigation, civil enforcement through financial penalties, and criminal prosecution. The FCA's market monitoring function analyses transaction reporting data, order book data, and other market data to identify suspicious patterns.

Operators of UK trading venues are required under UK MAR to detect and report suspicious transactions and orders to the FCA through a Suspicious Transaction and Order Report (STOR). Persons professionally arranging or executing transactions are also required to submit STORs where they have reasonable grounds to suspect that an order or transaction might constitute market abuse, including attempted market abuse.

The FCA has repeatedly emphasised that STORs are a major source of market abuse intelligence and a common trigger for investigations, underscoring their importance as a detection mechanism. The quality of STORs matters: the FCA's 2025 STOR review raised concerns about the quality of reports, noting that many lacked a clear rationale or detailed analysis. STORs that are submitted as a precaution without substantive analysis provide limited intelligence value.

Post-Brexit divergence

While UK MAR and EU MAR remain substantially aligned, the two regimes have begun to develop separately. The EU's Listing Act, which entered into force in December 2024, introduced changes to MAR, including modifications to disclosure obligations for issuers, with some provisions taking effect in December 2024 and others, including key changes to the treatment of protracted processes, taking effect in June 2026. These changes include removing the requirement to disclose intermediate steps in protracted processes and updating the PDMR transaction notification threshold.

The UK has not made equivalent changes, meaning that issuers with financial instruments admitted to trading on both UK and EU venues face the additional complexity of navigating two increasingly different frameworks. This is an area that requires careful monitoring for firms operating across both jurisdictions.

The FCA is also developing a market abuse regime for cryptoassets as part of the broader UK crypto regulatory framework being developed through 2026, which would extend insider dealing and market manipulation prohibitions to qualifying cryptoassets admitted to trading on regulated platforms.

Inside information in practice

The definition of inside information sounds straightforward. In practice, determining what is and is not inside information is one of the most consistently difficult challenges in market abuse compliance. Getting it wrong in either direction creates real risk.

The four-part definition

Under UK MAR, inside information must meet four cumulative criteria. It must be of a precise nature. It must not have been made public. It must relate directly or indirectly to an issuer or financial instrument. And it must be of a kind which, if it were made public, would be likely to have a significant effect on the price of the financial instruments.

Precise nature. Information is of a precise nature if it indicates a set of circumstances which exist or may reasonably be expected to come into existence, or an event which has occurred or may reasonably be expected to occur, and is specific enough to enable a conclusion to be drawn as to the possible effect of those circumstances or events on the price of the financial instruments.

In practice, the precision test requires that the information be specific enough to be actionable. Rumour, general market speculation, or a vague sense that a company may be in difficulty may not meet the precision test. Specific financial results, the terms of a proposed transaction, or confirmation of a regulatory investigation are more likely to meet it.

Intermediate steps in a protracted process can constitute inside information before the outcome is known. A board's preliminary decision to explore a merger may be inside information even before any deal is agreed.

Not made public. Information that has been published, even if not widely circulated, is generally not inside information. The test is whether the information is accessible to those who normally use the relevant market. Selective disclosure to a limited group does not make information public.

This is an important practical point. Briefing an analyst on a non-attributable basis, or providing information to a small number of institutional investors ahead of a public announcement, does not make that information public. It may, depending on the circumstances, constitute unlawful disclosure.

Significant price effect. The information must be price-sensitive, likely to have a significant effect on price if made public. This is assessed by reference to what a reasonable investor would likely use as part of the basis of their investment decisions.

Price sensitivity is not always obvious in advance. Information that seems routine may be highly significant in context. A seemingly modest piece of clinical trial data may be highly price-sensitive for a pharmaceutical company at a critical stage of development. A change in accounting treatment may be significant for a highly leveraged company. Context matters enormously.

How inside information moves through organisations

Understanding how inside information flows through an organisation is essential for designing effective controls. Inside information rarely stays in one place. It moves.

Corporate transactions are a primary source. When a company is considering a merger, an acquisition, or a significant disposal, inside information is created at the moment that the process begins and must be carefully managed until the public announcement. That information will typically be known to the board, corporate advisers, legal counsel, and potentially investment banks. Each of those parties manages its own information barriers and its own insider lists.

Financial results are another significant source. Interim and full-year results that are materially different from market expectations are inside information until announced. The period between results being finalised and their public release is a critical control window.

Regulatory and legal developments can also generate inside information. A significant regulatory investigation, a material litigation outcome, or a licence revocation are all potentially price-sensitive. The challenge is that these developments often emerge gradually, and identifying the point at which information has become sufficiently precise and significant to constitute inside information requires careful judgment.

The aggregation problem

One of the more complex practical challenges is what is sometimes called the mosaic or aggregation problem. An individual piece of information may not, on its own, constitute inside information. But the combination of several pieces of non-public information, each individually innocuous, may together enable a conclusion about price-sensitive matters.

An analyst who has access to multiple separate pieces of information, a supplier's order book, a logistics company's shipping data, a company's employment advertisements, may be able to construct a picture of a company's trading performance that would not be apparent from any single piece. Whether this crosses the line into inside information is a genuinely difficult question that requires careful legal and compliance judgment.

Safe harbours and legitimate behaviour

UK MAR provides certain safe harbours and legitimate behaviour defences. Buyback programmes and stabilisation measures carried out in accordance with specified conditions are exempt. Market soundings, conducted in accordance with the market sounding framework in UK MAR, provide a degree of protection for the disclosure of inside information in the context of gauging investor interest before a transaction.

The market sounding framework is important for practitioners. It allows issuers and their advisers to sound out investors about a potential transaction, provided specific procedures are followed: identifying whether the information being disclosed is inside information, obtaining the consent of the person being sounded out, and making a record of the process. Done correctly, it provides protection. Departing from the framework materially increases the risk that a disclosure will be treated as unlawful.

The FCA's enforcement approach

Understanding how the FCA approaches market abuse enforcement is an important context for designing effective controls. The FCA has been consistently clear that market abuse is a high priority and that enforcement will remain assertive.

The FCA's strategic approach

The FCA's 2025 to 2030 strategy identifies fighting financial crime as one of four core priorities. Market abuse and insider dealing enforcement are explicitly central to this, with the FCA emphasising enhanced scrutiny of firms' systems and controls to prevent and detect financial crime. In her October 2025 speech, Therese Chambers, the FCA's Joint Executive Director of Enforcement and Market Oversight, confirmed that the FCA is pursuing more criminal prosecutions than ever before.

The FCA's updated enforcement approach, published in June 2025, emphasises fewer investigations conducted faster. The FCA is raising the bar for opening a full investigation, focusing its enforcement resources on cases where the evidence is strong and the public interest in action is clear. For compliance professionals, this means that the FCA cases that do proceed are likely to be well-evidenced and vigorously pursued.

The dual-track approach

The FCA has discretion to pursue insider dealing cases either as a civil matter under UK MAR or as a criminal matter under the CJA 1993. In practice, cases are often opened on a dual-track basis, with the decision on which route to pursue made as the evidence develops.

The civil route imposes a lower burden of proof, the balance of probabilities rather than beyond a reasonable doubt, and typically results in financial penalties. It is faster and more suitable for cases where criminal sanctions are not warranted.

Criminal prosecution is reserved for more serious cases: those involving significant or repeated misconduct, egregious abuse of a position of trust, or where deterrence requires criminal sanction. A criminal conviction can result in up to ten years' imprisonment for offences committed on or after 1 November 2021, and an unlimited fine.

In December 2025, the FCA imposed a civil financial penalty of £309,843 on Russel Gerrity, a petrophysical consultant, for insider dealing. Mr Gerrity's role gave him access to non-public information about oil and gas exploration results, which he used to trade in the shares of relevant companies. The case is notable for several reasons: the subject was a third-party consultant rather than an employee, the conduct occurred over several years, and the FCA pursued it civilly despite the seriousness of the conduct. Mr Gerrity settled and received a settlement discount. The FCA noted that the investigation originated from STORs.

In November 2025, the FCA commenced criminal proceedings against two individuals, Bobosher Sharipov and Bekzod Avazov, for insider dealing. These proceedings are ongoing as of May 2026.

What the FCA looks for

The FCA's surveillance approach focuses on patterns in transaction data, order book behaviour, and STOR submissions. It looks for suspicious trading in timing, volume, or direction relative to what is known about the market and the relevant issuer at the time. Unusual options activity, trades placed just before price-sensitive announcements, and trading by individuals with access to inside information are all patterns that attract attention.

Off-channel communications are an increasing focus. The use of personal messaging applications such as WhatsApp, Signal, or encrypted platforms for business communications that should be recorded is both a separate compliance failure and a practical aid to potential wrongdoers. The FCA has noted the use of off-channel communications in several enforcement cases and has signalled that it will continue to scrutinise this area. Firms should ensure that their communications policies are clear, that business communications take place on monitored channels, and that the policy is actively enforced.

The FCA also closely monitors insider lists. Where trading by persons on an insider list is suspicious, or where a firm's insider list management appears inadequate, this will attract scrutiny. An insider list that is not accurately maintained, omits relevant persons, or is not kept confidential, undermines the control framework it is designed to support.

The STOR framework

STORs are one of the FCA's most important intelligence sources and are frequently a trigger for market abuse investigations. The obligation to submit STORs falls on operators of trading venues and on persons who professionally arrange or execute transactions.

The quality of STORs has been a consistent concern for the FCA. The FCA's 2025 review noted that a significant proportion of STORs lacked a clear rationale or sufficient detail. A STOR that reports suspicion without explaining the factual basis and analysis is likely to be of limited intelligence value and may expose the firm to questions about whether it is meeting the spirit and practical expectations of the obligation. A good STOR clearly describes the suspicious conduct, explains why it is suspicious, provides the relevant transaction data, and includes any contextual information that may assist the FCA's assessment.

Firms should treat their STOR submission process as a genuine compliance obligation, not a precautionary filing exercise. This requires adequate surveillance systems that can detect suspicious patterns, trained staff who understand what to look for and how to assess it, and a clear escalation and submission process that ensures STORs are submitted without delay.

Governance and control framework

Effective insider dealing prevention requires a control framework that is proportionate to the organisation's exposure, and that addresses the full lifecycle of inside information, from its creation through to its public disclosure or destruction.

Insider lists

Issuers and persons acting on their behalf are required under UK MAR to maintain insider lists identifying all individuals who have access to inside information. Insider lists must be provided to the FCA on request.

Maintaining accurate insider lists requires a clear process for identifying when inside information has been created, who needs access to it, and how that access is managed and recorded. The list must be updated promptly when new persons are added or when a person's status changes. It must record the date on which each person obtained access to the information.

Each person on an insider list must be informed in writing of the legal and regulatory duties this entails and of the sanctions that apply to insider dealing and unlawful disclosure. This acknowledgement requirement is not a formality. It is an important element of the control framework, ensuring that people understand the significance of the information they hold.

Insider list management is an area in which the FCA has consistently identified weaknesses. Incomplete lists, lists that are not updated promptly, and lists maintained without the required acknowledgements from those included all represent control failures that attract regulatory scrutiny.

Information barriers

Information barriers, sometimes referred to as Chinese walls, are the internal controls designed to prevent the flow of inside information between parts of an organisation that should not have access to it. In a bank, for example, the corporate finance team advising on a transaction should be separated from the trading desk through a combination of physical, technological, and procedural controls.

Effective information barriers require more than a policy. They require physical or logical separation of the relevant functions, controls over electronic access to shared systems and documents, clear procedures for crossing the wall (which should be documented and approved), staff training on both sides of the barrier, and monitoring to verify that the barrier is functioning as intended.

The effectiveness of information barriers has been challenged by the increasing integration of financial services firms and the shift to remote working. A barrier that relies on physical separation of floors in an office may be significantly less effective when staff work from home and use shared technology infrastructure. This is an area that has required firms to revisit their control frameworks in recent years.

Personal account dealing

Personal account dealing controls restrict employees' ability to trade in securities that may be affected by inside information they hold through their employment. These controls are a core element of insider dealing prevention in any firm whose employees regularly receive price-sensitive information.

A personal account dealing policy typically requires employees to declare their personal investment accounts, to obtain pre-clearance before making trades in relevant securities, to observe restricted periods during which trading is prohibited, and to submit regular notifications of their holdings and transactions.

The controls need to be proportionate to the role. An employee in a corporate finance team working on live transactions needs more restrictive controls than a back-office employee with no access to client or transaction information. Risk-based calibration of personal account dealing controls is appropriate, provided the risk assessment is genuinely conducted.

Monitoring of personal account dealings is essential. A policy that exists but is not monitored provides false assurance. Surveillance of employee trading, particularly in securities connected to live matters, is part of a robust control framework.

Closed periods and trading restrictions

Persons discharging managerial responsibilities (PDMRs) are subject to specific restrictions under UK MAR. They are prohibited from conducting transactions in the issuer's securities during closed periods: defined periods ahead of the announcement of interim and annual financial results, and other periods designated by the issuer.

PDMR notification requirements also apply. PDMRs must notify the issuer and the FCA of transactions in the issuer's financial instruments once the applicable notification threshold is met, and must do so promptly. The issuer must then publish the information. These requirements exist to ensure transparency about the trading activity of those with the most direct access to inside information about the issuer.

Issuers should maintain clear processes for managing closed periods, including advance notice to relevant individuals, a mechanism for handling requests for exemptions in exceptional circumstances, and monitoring compliance. Breaches of closed-period restrictions attract regulatory sanctions and represent a significant reputational risk to the individuals and the company concerned.

Market soundings

Market soundings allow issuers and their advisers to gauge investor appetite for a potential transaction before it is publicly announced. UK MAR provides a framework for conducting soundings in a way that can protect the disclosing market participant where the framework is followed. Departing from the framework materially increases the risk that a disclosure of inside information will be treated as unlawful, and firms should be cautious about assuming any disclosure is in the normal course without the market-sounding procedures being applied.

Issuer disclosure obligations

Issuers have specific obligations under UK MAR to disclose inside information to the public as soon as possible. The default position is immediate disclosure, with limited grounds for delaying disclosure (where the issuer can identify a legitimate interest, the delay does not mislead the public, and confidentiality is maintained), and any delay in public disclosure must satisfy the statutory conditions for delay.

Delay in disclosure is permitted only where the issuer can demonstrate that immediate disclosure would be likely to prejudice its legitimate interests, that delay is not likely to mislead the public, and that it is able to ensure the confidentiality of the information. Where disclosure has been delayed, the issuer must notify the FCA that there was a delay at the time of the public disclosure and must be able to explain and evidence the basis for that delay if requested.

Managing the disclosure obligation requires a clear internal process: identifying inside information, assessing whether delay is justified, maintaining confidentiality during any delay, and ensuring that disclosure is made at the right time and in the right manner. The process needs senior management oversight and legal input. Ad hoc or informal handling of disclosure decisions is a significant risk.

Surveillance and monitoring

Market surveillance systems that monitor trading activity for suspicious patterns are a core element of the control framework for firms with relevant obligations. The FCA's Market Watch 79 report, published in May 2024, flagged widespread failures in market abuse surveillance systems, including automated alerts that did not operate as intended, inadequate testing, and failure to monitor relevant trade data.

The FCA's message is clear: having a surveillance system is not enough. It must work. Systems must be tested regularly to ensure alerts are functioning correctly, that relevant instruments and data are being monitored, and that alert thresholds are appropriately calibrated. A surveillance system that generates too few alerts, or whose alerts are not reviewed promptly or by people with sufficient context, does not provide adequate protection.

Surveillance should cover not just electronic trading but also communications. The monitoring of electronic communications, email, chat, and messaging platforms where permitted, is an important source of evidence about potential misconduct and a deterrent against it.

Common failure points

Enforcement cases and regulatory reviews consistently identify the same weaknesses. Understanding where controls most commonly fail is useful both for designing effective programmes and for identifying where existing frameworks need attention.

Inside information is not identified promptly

One of the most common failures is a delay between the creation of inside information and its formal identification and management as such. In a large organisation managing multiple transactions or processes simultaneously, the point at which information crosses the threshold into inside information is not always obvious or agreed upon. By the time the formal control framework is activated, the information may already have moved further than it should.

Building the practice of promptly assessing whether new information is inside information into the relevant workflows, particularly in corporate finance, legal, and investor relations functions, reduces this risk. The question should be asked at the outset of any significant process, not when an announcement is imminent.

Insider lists are inadequate

Incomplete, out-of-date, or poorly maintained insider lists are a consistent finding in regulatory reviews and enforcement cases. Lists that do not reflect who actually has access to the information, that are not updated when new people join a project, or that lack the required acknowledgements from those listed all represent control failures.

The discipline of maintaining accurate insider lists reflects the broader discipline of managing inside information. An organisation that cannot tell the FCA exactly who had access to specific inside information at any given time has a significant problem, both evidentially and in terms of its ability to investigate its own conduct if questions arise.

Information barriers break down in practice

Information barriers that look robust on paper can fail in practice for a range of reasons: informal conversations between colleagues on different sides of a wall, shared technology access that was not identified when the barrier was designed, or a culture in which the barrier's purpose is not well understood. The test of a barrier is not whether it exists but whether it works.

Regular testing of information barriers, including through internal audit review, is important. Firms should also train staff on both sides of a barrier on what it means in practice, what they can and cannot share, how to handle situations where someone from the other side contacts them, and what to do if they become aware of a potential breach.

Personal account dealing controls are not monitored

Policies that require pre-clearance and mandatory reporting of employee trades are only effective if they are monitored. Where compliance teams are not checking that clearances are being sought, that reports are being made, and that trading patterns are consistent with what employees have declared, the policy provides false assurance.

The case of a former analyst at a global bank, who received a financial penalty in January 2025 following a conviction in the previous year for insider dealing and fraud, illustrates the personal consequences of breaching these controls. The sentencing judge noted the serious breach of trust involved. Personal account dealing monitoring is not bureaucracy for its own sake. It is a control that exists because the risks are real.

STOR quality is insufficient

The FCA's concern about STOR quality is consistent and well-documented. STORs that are submitted without an adequate rationale, or as a precaution rather than based on a genuine assessment, do not fulfil the purpose of the obligation. Firms need to invest in the capability to produce good-quality STORs: surveillance systems that identify suspicious patterns, trained staff who can assess those patterns and articulate why they are suspicious, and a submission process that ensures reports are made promptly.

Off-channel communications are not managed

The use of personal messaging applications for business communications that should be recorded and monitored is both a separate compliance failure and a practical weakening of the controls against insider dealing. If relevant communications occur on WhatsApp rather than on monitored email or chat systems, the firm's ability to detect and investigate potential misconduct is significantly reduced.

The FCA has been consistently clear about its expectations in this area. Firms should have explicit policies on the use of off-channel communications, should actively monitor compliance with those policies, and should take the issue seriously when breaches are identified.

Implementation checklist

The following checklist covers the core elements of an effective insider dealing prevention and detection framework. It is intended as a practical reference for compliance teams reviewing their existing arrangements or building them from scratch.

A final note

Insider dealing is not a victimless crime. The person on the other side of a trade made on the basis of inside information is at a genuine disadvantage. If the practice is widespread, it undermines confidence in the fairness of markets and ultimately harms their ability to allocate capital efficiently.

The FCA's consistent focus on market abuse reflects a genuine commitment to market integrity that underpins the broader financial system. And the enforcement record shows that the risk of being caught is real, for individuals, including those who are not employees of the issuer, and for firms whose controls are found to be inadequate.

Effective insider dealing prevention is not about building the most elaborate compliance framework. It is about identifying where inside information is created in your specific organisation, understanding how it moves, putting proportionate controls in place to manage it, training the people who work with it, and monitoring whether those controls are working. The firms that do this well are the ones that would be comfortable if the FCA asked to see their arrangements.