According to the Market Abuse Regulation (MAR) Article 18, an insider list is a record of all individuals with access to material, non-public inside information that could affect the value of a financial instrument if it were to be made public.
Purpose and importance
Maintaining event-based insider lists is an obligation under MAR to prevent insider trading. People with material knowledge could misuse it to gain an unfair advantage over investors in the market.
Creating an insider list is necessary when there is delayed or no formal disclosure of inside information to the public. In such a case, the issuer, or anyone acting on their behalf, must create an event-based insider list to record the existence of the information, and the parties who know about it, until disclosure.
In case of multiple pieces of inside information available simultaneously, issuers must create separate event-based lists for each.
Permanent insider lists are also used by some companies to identify individuals with open access to inside information at all times.
Details required on an insider list
Under MAR, an insider list must specify the following:
- The nature of the information
- The names and personal details of individuals who know about it, such as address, phone number, date of birth and national ID
- The date and time when each person was given access and the reasoning behind it
- The date of creating the list
Updates and record retention
It is necessary to make updates to insider lists as soon as any changes occur, such as a new individual with access or an additional reason for including a person in the list.
Issuers are obliged to retain all versions of the list in order to provide them to the national competent authority (NCA) if required. Additionally, MAR requires organisations to keep records of insider lists for at least five years after the last update in case of an investigation.
Potential sanctions for non-compliance
Firms must have a strong compliance strategy in place to manage insider lists. Under MAR, failing to properly maintain, update and provide insider lists can result in fines of up to €1 million.