In a circular letter the Spanish National Securities Market Commission (CNMV) sets guidelines on the information barriers or Chinese Walls established in entities acting or advising on investment in the securities markets. This is to prevent the uncontrolled flow or improper use of confidential information generated in another part of the advising company.
The implementation and specification of these rules must be carried out by each entity according to its own needs and risks. The CNMV recommends that the rules be included in their Internal Conduct Regulations. The rules will increase market transparency and thus provide increased security for investors.
To this effect, entities are to define the areas which, due to the nature of their activities, should be separated from the rest of the organization. Information barriers should be established between these and other areas, and between each of them and the organization itself.
These Chinese Walls should at least ensure the confidential information of a separate area is only available to the relevant people. To enforce this, members will sign express written agreements not to disclose information to unauthorized persons, except as expressly permitted. Other measures may be advisable. For example: the physical separation of separate areas; restricted access to rooms and offices; protection of records, files and databases; the use of working codes or code names, etc.
When a decision requires the approval of someone whose seniority within the organization is above the Chinese Walls, it must be ensured that this person is excluded from privileged information concerning the securities in question. An entirely different situation would result if this person limits him or herself to establishing general investment criteria, neither approving nor recommending the specific investment.
In the event of issues or public offerings of securities, the control system should allow verification of the information contained in the prospectus, taking into account any confidential information which may exist in the entity's various separate areas.
Supervision of compliance with these rules should be entrusted to a responsible person, for example, one reporting directly to the board of directors. This person should be in charge of managing and supervising the systems for containment of information. Their responsibilities would include:
- ensuring employees and executives are aware of the internal rules in this area;
- preparing a list of the securities about which the entity has privileged or confidential information; and
- continuous supervision of transactions performed on the securities market by the entity itself, on its own behalf or on behalf of its clients, and the transactions performed by its employees and executives.