The Invisible Insider

Quick Answer

What does The Invisible Insider Decision Lab put on the table for a public company leadership team?

A federal securities investigation that originates outside the organization, inside a vendor relationship the company signed twelve months ago and has not thought about since. The Lab places the CEO, CCO, General Counsel, CFO, CIO/CISO, CHRO, and Head of Procurement in a single room with a developing crisis — and asks them to navigate the disclosure timing, regulatory engagement, vendor relationship, and Board communication decisions that determine the organization’s posture for the next eighteen months.

It is not a hypothetical exercise. Every decision the room makes — when to retain outside counsel, whether to self-report, how to brief the Audit Committee, what to say to investors — translates directly into the actions the leadership team would take in a real incident. The room leaves with written commitments and a 30-day follow-up.

Designed For Public Company Leadership

Built for the executive teams of publicly traded companies who have not yet had a vendor-originated insider trading incident — and want to make the decisions in a conference room rather than under SEC scrutiny.

Particularly relevant for: life sciences and biotech companies with clinical trial data vendors; fintech and financial services firms with trading system access providers; SaaS platforms with payment processor or analytics vendors; and any public company that has signed an MSA with a third-party service provider in the past 24 months.

Tuesday 9:47 AM

Alex Reyes, a senior technical support specialist at Meridian Data Systems, is on-site at your company under an active vendor support contract. He is fixing a database synchronization error in the clinical trial management system. While running diagnostics, an automated FDA gateway notification populates on his screen: NDA-APPROVED — BNX-4471 — EFFECTIVE TODAY. Your primary oncology asset has just been approved. The press release will not go out until Wednesday morning.

Tuesday 10:30 AM

Susan Reyes — Alex’s sister, a registered nurse in another state — purchases 800 shares of your company’s stock at $24.20 per share through her retail brokerage account. She has no prior trading history in your stock.

Wednesday 8:00 AM

The FDA approval is announced publicly. Your stock opens at $41.50 — a 73% overnight move on the news.

Thursday 11:04 AM

Your CCO receives two automated alerts within ten minutes of each other. The first: an equity surveillance flag on the Tuesday 10:30 AM trade — small retail account, no prior history. The second: a DLP system flag on the Tuesday 9:47 AM vendor support session, confirming a read of the FDA gateway notification screen. She pulls the timestamps. Forty-three minutes apart. She runs the names. Same surname, public records confirm siblings.

Thursday 11:47 AM

The CCO calls the executive team into the boardroom. Outside counsel has not been retained. The Board has not been briefed. The SEC has not been contacted. No public statement has been made. The next ninety minutes will determine the organization’s posture for the next eighteen months.

Role 01

Chief Executive Officer

Owns organizational posture, Board relationship, and the reputational consequences of every decision the room makes. The CEO’s instinct to “manage this between executives” with the vendor’s CEO is the wrong call in a federal investigation — and the Lab surfaces why before it matters.

Role 02

Chief Compliance Officer

Discovered the incident. Called this meeting. Owns the regulatory posture decision, the investigation scope, the Audit Committee briefing, and the question of whether this triggers a broader vendor compliance audit. The CCO sits at the center of every decision the room makes.

Role 03

General Counsel

The privileged architect. Every conversation that happens before outside counsel is retained is potentially discoverable. The Lab forces a decision that the GC’s instinct often delays — and surfaces what gets lost when that decision waits.

Role 04

Chief Financial Officer

Owns the disclosure question. Materiality assessment, the 8-K decision, insurance notification obligations, and how the incident is framed in any Board communication. The CFO’s instinct that “this is operational, not financial” is the materiality trap the Lab is built to expose.

Role 05

Chief Information Officer / CISO

The DLP found this. Evidence preservation, the vendor access architecture, the suspension decision, and the inventory of every other vendor with comparable access — all flow through the CIO/CISO seat. The Lab makes the technical detail the executive conversation it should be from the start.

Role 06

Chief Human Resources Officer

Internal communication, talent retention through eighteen months of regulatory scrutiny, and Board coordination alongside the CEO. The CHRO’s communication instincts are essential — and the Lab surfaces why this is not primarily a communication challenge.

Role 07

Head of Procurement

Signed the MSA twelve months ago. Now owns the inventory of every other vendor with comparable access, the template language that needs to change, and the question of whether training certification becomes a contractual requirement going forward. The procurement seat is where the structural fix begins.

When to retain outside counsel.

Now or after internal fact-gathering. Privilege protection versus the instinct to “understand what happened first.” The decision that shapes every other decision in the next 72 hours.

Whether and when to self-report to the SEC.

The cooperation calculus. Self-reporting credit versus the risk of preceding the regulator’s investigation. The CCO’s posture decision intersects with the GC’s privilege framework and the CFO’s materiality assessment.

Vendor access posture.

Suspend Alex only, suspend the entire Meridian relationship, or maintain access pending investigation. Each option has forensic, contractual, and operational consequences. None of them is obviously right.

Disclosure timing and the 8-K question.

Is this 8-K-disclosable? Under which Item? The materiality question that the CFO’s instinct will read one way and the GC’s analysis will read another, with the CEO holding the casting vote on a decision that becomes part of the public record.

The Board engagement timeline.

When to brief the Board Chair. When to brief the Audit Committee. How much detail is in each conversation? What the Board needs to authorize before any external action is taken.

Phase 2 — Twenty-Four Hours Later

In the second half of the session, time advances twenty-four hours. The pressures the room thought were manageable in Phase 1 have compounded from multiple directions simultaneously.

External signals arrive that change the calculus on every Phase 1 decision. The room is no longer choosing between internal-only paths. Public attention, regulatory engagement, and Board oversight all arrive within hours of each other — and the leadership team must reconcile commitments made under low-pressure conditions with decisions that now have hours, not days.

The full Phase 2 injection — including the specific compounding pressures, the optional mid-Phase escalation, and the after-action review framework — is provided in the Lab kit.

Written commitments with named owners and deadlines.

Every decision the room makes is captured in the After-Action Review template — what will be done, by whom, by when, with what dependencies.

A one-page executive summary memo.

Ready for distribution to the Board, the Audit Committee, ownership, or external counsel within one week of the session.

A scheduled 30-day check-in.

Set before the room leaves. Progress against each commitment is reviewed at 30 days using the structured follow-up template — and the same template carries forward to 60 and 90 days as needed.

A shared understanding of authority boundaries.

The most durable outcome. The room leaves knowing what each seat owns in this category of incident — and where authority transfers between seats. That understanding is the muscle memory that operates the next time, when it is not a Lab.

Facilitator Guide

Complete session script with phased narration, discussion prompts, expected responses, and debrief guidance.

Executive Slide Deck

Professionally designed presentation that guides participants through the exercise. Sequenced to match the Facilitator Guide.

Seven Executive Role Cards

One per leadership role, with primary concerns, owned decisions, and the predictable blind spot most common to that seat.

Scenario Injection Cards

Time-stamped facts that land at scripted moments. Includes Phase 1 discovery card, Phase 2 escalation card, and optional mid-discussion pressure injection.

After-Action Review

Structured framework for capturing commitments live in the room — owners, deadlines, dependencies.

Executive Summary Template

Ready-to-use one-page memo for the Board, Audit Committee, or ownership.

30-Day Follow-Up Template

Structured accountability tool to track commitments and progress between the session and the next leadership review.

Lab 02: The MSA You Didn’t Read →

The companion Lab — the same scenario viewed from the vendor’s side. Designed for the CEO and leadership team at service providers whose clients are publicly traded.

The Microlearning Scenario Behind This Lab →

The four-angle scenario that the Lab is built on — Alex, Susan, Rachel, and Marcus. For frontline training rather than executive-level decision sessions.

Compliance Conversations Ep. 11 →

The audio companion. The plumber analogy, the misappropriation theory, the 43-minute gap, and the supply chain shift in plain language.