Two Regulators, One Lesson: What Recent French and Spanish Insider Dealing Decisions Tell Compliance Teams

Within a few weeks of each other, two European regulators made insider dealing decisions public. One was a French enforcement decision; the other, a Spanish sanctions resolution published in the official state gazette. The cases are unrelated, but read together they make the same point, and it is a point worth carrying into any market abuse training programme.

Insider dealing liability does not stop with the insider. It reaches the person who passes a tip on, and the person who receives it and trades. Every fact and figure below is drawn from the regulators' own published documents.

1. The French case: a plausible family transmission route

In a decision of 20 May 2026, the AMF Enforcement Committee fined two individuals a total of €50,000 for insider dealing breaches connected to the takeover of a listed company.

The Committee found that inside information about the takeover existed no later than 10 June 2021 and remained inside information until the deal was announced on 26 July 2021. A person in a management position at the company held that information. The AMF relied on a plausible family transmission route for that information: from the manager to his brother-in-law, from the brother-in-law to that person's brother, and from him to a cousin. The regulator did not need to prove the exact source of the leak or the precise route by which the information travelled.

The two individuals at the end of that route bought shares before the announcement. One acquired shares across three accounts, his own, his wife's, and a newly opened account in his father's name, for a combined €63,236. The other bought shares for €40,497. Both sold within hours of the announcement, realising gains of more than €32,000 between them. They were fined €30,000 and €20,000 respectively.

Two features of the decision deserve attention. First, the manager who originally held the information was not sanctioned, and neither was the brother-in-law identified as the likely conduit. The sanctions ultimately imposed were against M. Ytane Mamou, the person found to have traded on the information and to have recommended the investment to his cousin, and M. Houri, the person found to have used that recommendation. Second, the AMF stated openly that it did not need to identify the source of the leak, or establish a separate primary offence, in order to sanction the people who traded.

What this means in practice: A regulator can sanction insider dealing without ever proving who leaked the information. What it needs is a body of serious, precise and consistent indicators showing that holding the information is the only thing that explains the trades, first-ever share purchases, dormant accounts suddenly used, an account opened in a relative's name days before an announcement, everything sold the moment the news breaks.

2. The Spanish case: disclosure and trading ahead of an acquisition

In a resolution published in the Spanish official state gazette on 11 May 2026, the CNMV made public two sanctions for very serious breaches connected to an offer by Atrys Health to acquire Aspy Global Services.

The CNMV fined Francisco José Elías Navarro €100,000 for unlawfully disclosing inside information to Gerard Piqué Bernabéu, the information concerning the start of talks over the acquisition. It fined Gerard Piqué Bernabéu €200,000 for acquiring shares in the target company while in possession of the inside information, and selling them at a profit days later, shortly after the information was made public.

The figures are worth pausing on. The person who received the tip and traded on it was fined twice as much as the person who disclosed the information. The penalty did not track proximity to the source. It tracked the conduct.

3. An important point on the Spanish decision

The CNMV sanctions are final in administrative terms. They are not, however, beyond challenge. Gerard Piqué Bernabéu has filed a contentious-administrative appeal before the National Court against the CNMV Council's resolution, and that appeal is, at the time of writing, pending.

This is itself a useful reminder for compliance teams: a published sanction and a finally settled matter are not always the same thing. The findings described above are the regulator's, set out in a public resolution, and they remain subject to judicial review.

4. What the two cases share

The cases come from different regulators, different countries and different years of underlying conduct. What connects them is the law. MAR applies across the EU, and Article 14 prohibits three forms of conduct: insider dealing or attempted insider dealing, recommending or inducing another person to engage in insider dealing, and unlawful disclosure of inside information. Article 8 explains the mechanics, including that using a recommendation or inducement can itself amount to insider dealing where the person knows, or ought to know, that it is based on inside information.

The French case involved dealing on inside information and recommending an investment to another person. The Spanish case involved unlawful disclosure by one person and dealing by another. The broader lesson is that enforcement risk does not stop with classic insiders. The people sanctioned were one or more steps removed from the information.

In the French case, inexperience and reliance on a relative's recommendation did not prevent liability. More broadly, receiving and acting on a tip is not a safe position under MAR.

What this means in practice: A market abuse programme built only around the figure of the insider, the person on the insider list, the person with access, is incomplete. Training should also cover tipping chains, recommendations and inducements, unlawful disclosure, and trading by people who are one or more steps removed from the original source of the information. The people most often caught are at the end of a chain, and they rarely think of themselves as doing anything wrong. Training has to reach them.

Related resources

For a structured walkthrough of market abuse obligations and the controls firms are expected to maintain, read our blog article Market Abuse Compliance Checklist: A Self-Assessment Tool for EU-Regulated Firms.

If you would like a practical working tool, our free Market Abuse Compliance Checklist provides a ready-to-use self-assessment template for reviewing your firm's market abuse arrangements.

Know what supervisors are looking for.

Our Market Abuse: Basic Concepts, Real Cases, Statistics & Supervisory Insights seminar works through real enforcement decisions like these, the standard of proof regulators actually apply, and the conduct prohibited under Articles 8 and 14 MAR across a tipping chain.

→ Enrol in the Market Abuse seminar

Sources: AMF Commission des sanctions, decision of 20 May 2026, procedure n° 25-04, published on the AMF website; CNMV sanctions resolution published in the Boletín Oficial del Estado on 11 May 2026, reference BOE-A-2026-10225.