Mandatory Data Breach Disclosure and Insider Trading
研究发现,当州法律要求企业披露数据泄露事件后,内部人通过卖出股票获利更多,尤其在治理薄弱、网络安全风险高的公司中更明显,但严格执法可抑制此行为。
ABSTRACT We examine whether mandatory data breach disclosure affects insider‐selling behavior and find that selling profits are greater after states require firms to disclose data breaches. The effect is more pronounced for firms with weaker corporate governance, higher cybersecurity risk, and without prior investment in material cyber protection programs. However, insiders profit less when they operate in states with stricter laws and face higher litigation risks. The evidence is consistent with managers personally hedging risks in the capital market when mandatory disclosure laws designed to protect customers are weakly enforced. Laws designed to improve transparency in the product markets may have the unintended effect of reducing the integrity of financial markets. However, insider sales also facilitate the incorporation of bad news in stock prices, making idiosyncratic crashes less likely.