Viceroy research group were the ones to break the Steinhoff scandal, exposing gross financial misreporting on Steinhoffs financials and resulting in Steinhof's share price dropping from R46 to R6 per share.
I suspect Viceroy had short positions on Steinhoff and made quite a bundle. After tasting this legitimate success, they attempted a similar tactic with Capitec bank, a very successful and fast growing South African bank.
They released a research report stating that Capitec has unsustainable and bad debt levels and will soon suffer huge losses due to this bad debt. This opinion was largely unfounded and fears were dissipated with the South African reserve bank making a statement that Capitec's business is sound, but not before capitec suffered a short term drop in their share price.
And so Viceroy have hit upon a very lucrative business strategy, and AMD is next in line...
 - https://www.dailymaverick.co.za/opinionista/2017-12-13-the-s...
 - https://www.fin24.com/Companies/Retail/steinhoff-drops-to-un...
 - https://www.dailymaverick.co.za/article/2018-02-02-viceroy-u...
 - https://www.iol.co.za/business-report/companies/capitec-shar...
Of course the SECs view that any trading on US stocks is under it's jurisdiction, and Section 9(a)(4) of the SEC Act. It's known as stock bashing, it's a fairly usual form of market manipulation and attacking big American corporations like this is a great way of getting SEC attention.
So whilst it's potentially lucrative, it's also probably illegal and more a game of when they get big enough to be picked up by the SEC rather than anything else.
It's worth noting AMD's stock has not moved significantly right now, and these anonymous, rather weak accusations are unlikely to be effective, which would leave this strategy quite unprofitable.
-edit: somehow transposed India and South Africa
For the record I view their actions in the case of Capitec and AMD as attempts at blatant (unlawful??) market manipulation.
-edit Oh and there is also a difference between India and South Africa :P
Minor nit: while section 9 does deal in market manipulation overall, “stock bashing” usually refers to the activity prohibited by section 9(a)(2), concerning price manipulation through actual trading of securities (e.g. trading collusion to pump prices up). Section 9(a)(4) does concern public statements about securities; to quote it:
...make any statement, which was at the time and in the light of the circumstances under which it was made, false or mis- leading with respect to any material fact, and which that person knew or had reasonable ground to believe was so false or mis- leading.
In practice, this is not cut and dry. As a security researcher I’m not personally thrilled about vulnerability disclosures being overhyped, but we have ample precedent for people with a financial interest making polarizing statements about companies. This is the modus operandi of activist investors, and the SEC doesn’t usually go after someone unless their claims are flagrantly untrue. That brings me to my next point:
> So whilst it's potentially lucrative, it's also probably illegal and more a game of when they get big enough to be picked up by the SEC rather than anything else.
I doubt it’s illegal. More precisely speaking, I doubt a successful legal action will be brought against the researchers. They took a few liberties with the severity of the vulnerability, but there is a vulnerability. The level of dishonesty they’re demonstrating doesn’t categorically make their statements untrue, nor does it quite rise to actual fraud. Hyperbole, sure. But outright dishonesty, no.
Reasonable people can disagree about the severity of the vulnerability, but there exists a vulnerability. Similarly, activist investors are historically controversial, and to some extent routinely engage in hyperbole. The truth or falsity of their claims are not typically straightforward. They are not typically challenged by the SEC despite this, even when their actions get widespread media coverage.
I suspect there will be an SEC investigation.
I would hope that intentionally spreading false information to manipulate stock prices would be illegal, but it may be hard to draw the line between subjective interpretation, intentionally misleading interpretation, and outright lies.
Trading on a security vulnerability that has not been made public is, on a basic level, not insider trading. Contrary to popular belief, there is nothing illegal about trading on material, nonpublic data. Insider trading requires the trader to have a confidentiality agreement governing the data with the company, or to have a fiduciary duty to shareholders of the company.
There are basically two situations in which trading on the vulnerability would be illegal insider trading:
1. You work for the company, or are a consultant engaged by the company, and you have knowledge of the vulnerability, or
2. You report the vulnerability to the company as an outsider and, in the process, enter into a confidentiality agreement.
Regarding scenario 2, merely reporting a vulnerability wouldn’t cut it. If you report the vulnerability through a channel that requires you to accept a confidentiality agreement as part of the terms and conditions of reporting (such as a bug bounty platform, like Hackerone or BugCrowd), then you can’t trade on it. On the other hand, if you report the vulnerability through a channel with no constraints, such as to a security@ email address, you have no confidentiality agreement.
Not insider trading, but definitely worthy of SEC inquiry. It's like a short position pump-and-dump.
No, it's not. Short selling is not a populist activity, but it's essential for disciplined price discovery. This type of behavior is EXACTLY what the SEC and other regulators want to encourage: self regulation. This is a market solution to a market problem. These vulns may or may not be significant, and the people behind the release may be shady...but this is what society should want to see from market participants. It's no different than performing forensic accounting and discovering massive fraud. There have to be incentives for investors to perform due diligence, and if people only get compensated by rising prices, there will be no incentive to uncover the frauds.
Furthermore: using market-based incentives risks undermining other approaches - even when that's to the detriment of society. Here too there are indications of that: for maximum gain, a speculator needs to cause a scare - and thus needs to cause maximum damage and impact (on the AMD stock - if indeed that's what they're doing). It's no coincidence that responsible disclosure was not followed here! Whether in the long run that's actually a bad thing isn't something I'm sure of - but it's a factor that does need considering.
Finally: self regulation is intellectually neat: and that's a risk, because people are biased towards simple and clever sounding solutions. There's nothing wrong with trying that approach; but assuming that SEC and other regulators themselves are rational actors in this matter strikes me as being overly optimistic. They aren't immune to partisan politics; and may suffer from regulatory capture. We should at least be open to the risk that some self-regulating processes may simply be inefficient. (The alternative need not be no self-regulation whatsoever).
Perhaps I misunderstood this, but it seems to say that since stock regulators are human with inherent human failings, they should take a larger role in stock trading? That seems confused; what is meant here?
This is different than "performing forensic accounting and discovering massive fraud". It's more like performing forensic accounting, finding only a few errors, but nevertheless claiming massive fraud.
The real reason this is not insider trading is that there is no information provided from the inside here - simply deducing facts from outside information is both legal and ethical (though if you do have material inside information, claiming that it could have been deduced from outside is not a defense.)
Nit: “material inside information” isn’t illegal, and would not have to be defended at all ordinarily. Material, nonpublic information can be deduced from the outside, in which case it’s not illegal, because you are not an insider by confidentiality or fiduciary requirements. In fact, you can even trade on information provided to you by an insider with such constraints, so long as you were not entered into agreement with the same constraints, and so long as there is no quid pro quo between the parties.
1. Though lately, the SEC has been getting more aggressive and trying to lower the bar for a quid pro quo to “friendship”...
I'm not a lawyer.
> The offices shown in the CTS-Labs interview don’t exist, its CGI.
> shorting the AMD stock to make a quick buck. In fact, both CTS-Labs and Viceroy Research, very ‘ethically’, disclose that they could be doing just that.
Material, nonpublic information is of course not illegal to trade on, on its own. It’s not generally illegal to trade on unpublished vulnerabilities. But it’s routine to be forcibly entered into a confidentiality agreement as part of the process of reporting a vulnerability. For example, reporting a vulnerability through Bugcrowd or Hackerone would immediately make it illegal for you to trade on the knowledge of the vulnerability.
I assume the researchers were savvy enough to report the vulnerability in such a way that did not enter them into a confidentiality agreement. That said, AMD may lean on the widespread commonalities of how many responsible disclosure processes do work with respect to confidentiality in order to try and establish a precedent. They’ll make arguments about reasonable disclosure windows before publication, etc. This is, to my eyes, the best case for someone trying to bring a case forward. If the researchers implicitly agreed to a confidentiality agreement (for example, if the page with security contact information has “browsewrap” terms and conditions, or if buying an AMD product at all has such terms), it will be messy, but they’ll be probably fine, I think.
However, if they actually reported the vulnerability through a medium that explicitly forces confidentiality, I think they’re actually screwed.
1. Legally speaking. I decline to comment on ethics.
1. That they are "computer nerds", in your words, is inconsequential. Their in-group will not be a deciding factor, for better or worse. This isn't high school, and the SEC has a minimum level of professionalism it does adhere to.
2. Your characterization is, more broadly speaking, not well-founded. Activist investors are not, as a rule, white collar criminals. in fact they're not typically any sort of criminal. The SEC doesn't need to practice restraint or extend arbitrary leniency (something the SEC is not known for, for any group), because the activity tends to only rarely overstep legal boundaries.
3. This behavior is not seen as aberrant for any outsiders, and it's not normalized to only some group in "Big Wall Street." For example, I'm an outsider to activist investing, and I find nothing aberrant about it at all. In fact I think of it somewhat positively.
If you engage in willful intentional deception, you are not an activist investor. You would be engaging in fraud and illicit market manipulation. I find it very bizarre that you would claim these malicious actors as activist investors. Most of the rest of your complaints with my statements seem to stem from your notion that I would do the same. I do not.
> There’s a notification on CTS-Labs site that it may have a financial interest in the companies it investigates (shorting AMD stock is practically a pastime in financial circles).
I guess you could try to ruin some people by leaking fake inside information like this and getting them to load up on AMD puts.
If that was possible, I can see this move being profitable, but if it was to move the actual AMD price it was a failure.
> The CTS-labs.com domain name was registered on June 25, 2017, around when the Meltdown exploits were privately revealed to Intel.
which somehow sounds "queer" to me, particularly in an article attempting to debunk a possible "conspiracy", I mean June 25, 2017 is also surprisingly around the time the UK parliament was cyber-attacked and the time the large Brian Head fire started in Utah, what gives?
Shorting on the other hand is quite legitimate and so is pointing out you opinions.
The other domain does appear on Google for me.
>cts-labs.com is a parked domain (last time we checked).
>Domain parking refers to the registration of an internet domain name without that domain being associated with any services such as e-mail or a website
They released a video version of the article here if that helps you: https://www.youtube.com/watch?v=ZZ7H1WTqaeo&t=628s
By the way: There were also some very interesting pieces by Matt Levine on Bloomberg about the legal implications of independent short-selling "research groups" like Viceroy. If you can't show that they are acting in bad faith, it is apparently not illegal to publish biased "research" to move the stock down.
Edit: Ok, just saw that there were already other threads about this topic. However this article adds some additional research and statements from industry insiders, probably it would make sense to just change the title.