Federal prosecutors in Boston unsealed charges against 30 defendants on May 7, 2026, in a decade-long insider trading scheme that prosecutors say generated tens of millions of dollars in illicit profits [1]. The case centers on Nicolo Nourafchan, a Yale Law School graduate who worked successively at Sidley Austin, Latham & Watkins, and Goodwin Procter, three of the largest law firms in the world [1][2]. Prosecutors allege Nourafchan accessed confidential merger and acquisition data from law firm computer networks and passed that information to a network of traders in exchange for kickbacks [1]. The Securities and Exchange Commission filed a parallel civil enforcement action the same day against 21 individuals [2].
The indictment, brought by the U.S. Attorney's Office for the District of Massachusetts, charges violations including securities fraud and money laundering [1][3]. The alleged scheme ran for approximately 10 years, during which Nourafchan held associate-level positions that granted him access to deal-sensitive client files [1]. Prosecutors and the SEC allege the information was exploited ahead of public announcements in multiple M&A transactions, allowing traders to take positions before prices moved [2]. Robert Yadgarov is among the named co-defendants [1]. The international scope of the conduct, spanning multiple countries, distinguishes this case from more limited single-firm insider trading prosecutions.
U.S. Attorney Leah B. Foley for the District of Massachusetts is overseeing the criminal matter [1]. The SEC's parallel civil complaint, filed in federal court, seeks disgorgement, prejudgment interest, and civil penalties against the 21 named individuals [2]. The simultaneous criminal and civil filings reflect a coordinated enforcement posture, a structure regulators have deployed in prior high-profile securities fraud matters to maximize both deterrence and recovery.
The case raises specific questions about law firm network security and the adequacy of access controls over confidential deal documents. Prosecutors allege Nourafchan obtained information through internal computer systems rather than through direct client contact alone, placing law firm cybersecurity protocols directly at issue [1][3]. No law firm has been charged, and the named firms have not been identified as targets. The defendants face arraignment proceedings in the District of Massachusetts. If convicted on the most serious counts, they face substantial federal prison terms under securities fraud and money laundering statutes.