Over the past two weeks, three different clients – a utility, an electronics manufacturer, and an insurance company – have asked essentially the same question: Are our existing policies sufficient to address the risks posed by prediction markets? The question is coming up with increasing frequency, and for good reason.
Prediction markets have moved quickly from a niche concept to a practical compliance issue. Platforms such as Kalshi and Polymarket now allow users to place bets on a wide range of real-world events, including outcomes that may intersect with company operations, strategy, or confidential information.
For compliance officers, the issue is not entirely new. The underlying risks – misuse of confidential information (including tipping), conflicts of interest, and, in some cases, the ability to influence outcomes for personal benefit – are familiar. What is new is the breadth of activity that can be leveraged for personal gain.
The question now is not whether prediction markets warrant attention, but how compliance teams should respond to these emerging risks.
Understanding the Compliance Risk
Prediction markets do not introduce entirely new categories of risk, but they broaden how familiar risks arise in practice. For example, most insider trading policies were written with securities markets in mind. They focus on trading in a company’s stock or debt, and on categories of information – earnings results; major litigation; possible acquisitions, divestitures or joint ventures; senior leadership changes – that have traditionally been understood as confidential. Prediction markets have dramatically expanded both the types of information that can be monetized and the markets in which that monetization can occur.
An employee who knows a deal is imminent might not think to ask whether betting on that outcome on a prediction platform implicates the company’s insider trading policy – particularly if the policy does not mention these markets. Similarly, an employee who has insight into operational details – such as internal timelines, scheduling, or the likely content of a public disclosure – may view placing a bet based on that information as low risk or outside the scope of existing policies, when in fact it raises the same types of concerns. In some cases, employees may be in a position not just to predict an outcome, but to influence it. In addition, activity in prediction markets could signal information to the securities markets. These dynamics create risks that traditional policies do not always address.
The regulatory picture adds another layer of complexity. The Commodity Futures Trading Commission (CFTC) has asserted primary jurisdiction over prediction markets, treating event contracts as derivatives under the Commodity Exchange Act. The SEC may also assert jurisdiction where contracts resemble securities, and the two agencies have announced coordination on overlapping issues. The Department of Justice has similarly signaled that it expects to bring prediction-market fraud cases. Multiple states have also attempted to regulate these platforms, though the CFTC is actively asserting federal preemption of those efforts. Companies with international operations should also consider how regulatory frameworks in other jurisdictions may apply and be alert to regulatory developments outside the United States.
The fact that regulatory lines are still being drawn is not a reason for companies to hesitate, however. Regulatory uncertainty does not limit company liability under existing law, and the cost of building compliance controls now is substantially lower than the cost of a government investigation later.
At the same time, the relative newness of this issue and the surrounding regulatory uncertainty create real risk for employees, who may not understand how existing rules apply to activity in these markets. This is where compliance teams come in – to provide practical guidance and help employees navigate an evolving and uncertain landscape.
Policies: Start with What You Have
Most companies do not need to create a standalone prediction market policy. A more practical approach is to revise existing policies – insider trading, confidential information, conflicts of interest, and the code of conduct – to make clear that they expressly extend to this activity.
In many cases, companies will find that their existing policies can be read to cover prediction market activity. But that is not the same as communicating that coverage clearly. In an environment that is evolving quickly, ambiguity creates risk – particularly where employees may not intuitively connect existing rules to new forms of conduct.
For that reason, the better approach is to remove that ambiguity. When clients ask, “Does our confidential information policy already cover this?” the answer is often: possibly, but that may not be enough. The key question is not whether the policy reaches this conduct as written, but whether it does so in a way that employees will understand and apply in practice. Appropriate targeted revisions might include:
For companies with higher exposure – such as financial institutions, companies engaged in active transactions, or organizations with broad access to sensitive information (such as professional services firms) – more tailored restrictions may be appropriate. In some cases, this could include blackout-style limitations on participation in prediction markets tied to company events.
Training: Closing the Gap Between Policy and Understanding
Policy updates are necessary, but they are not sufficient. A central challenge with prediction markets is that many employees do not understand that existing compliance obligations apply in this context. A policy that covers prediction markets only works if employees read it, understand it, and connect it to their actual behavior.
Training should help employees understand what prediction markets are and how they function. Many may not appreciate that these platforms involve regulated financial instruments rather than informal or recreational activity.
Training should also provide concrete examples of the types of information that could create risk. This should go beyond traditional examples, such as earnings results or M&A activity, to include operational and timing-related information that employees may not otherwise view as sensitive.
Tipping risk warrants particular attention. Employees who would never trade on confidential information themselves may not recognize that sharing that information with a spouse, friend, or family member who then places a bet creates liability for the employee and potential exposure for the company.
Training on this topic does not need to be extensive. A focused module incorporated into existing training, or a targeted communication to relevant employee groups, can go a long way toward closing the awareness gap. For higher-risk populations, such as senior executives and members of the board of directors, more tailored or role-specific training may be appropriate.
Controls: Monitoring, Disclosure, and Pre-Clearance
Beyond policies and training, companies should consider whether additional controls are appropriate given the specific risk profile.
Monitoring. Organizations with greater exposure may consider whether monitoring for unusual trading activity tied to company events is feasible. While this is more complex than traditional securities monitoring, it may be appropriate in certain contexts. At a minimum, companies should understand whether existing surveillance tools have blind spots with respect to prediction markets.
Disclosure and certification. Some companies already require periodic certifications regarding securities trading. Extending these processes to include prediction market activity is a relatively low-cost way to promote accountability and signal expectations.
Pre-clearance. Some organizations may require employees in sensitive roles to seek approval before engaging in prediction market activity related to the company or its business. This approach mirrors practices already in place for securities trading and may be appropriate where employees have access to particularly sensitive information or the ability to influence outcomes.
A risk-based approach is essential. Not every company (or every category of employees) needs the same level of controls, but companies should be able to articulate why their approach is proportionate to their specific risks.
Reputational and Cultural Considerations
Some risks associated with prediction markets do not fit neatly within traditional legal frameworks but still warrant attention. Even where conduct may not clearly violate any law, it may raise legitimate questions about whether employees are using their roles for personal gain – and whether that perception is consistent with the company’s culture and expectations.
For example, an employee involved in planning a product launch or public announcement may have a general sense of timing or likely outcomes based on internal discussions. Placing a bet tied to those events – even without relying on clearly confidential information – may not violate any specific policy, but could still raise concerns about the use of company knowledge for personal benefit.
Compliance officers should consider whether existing conflicts of interest policies adequately address conduct that, while arguably legal, could create the perception that employees are exploiting their roles for personal gain. In many cases, existing frameworks will be broad enough to cover these situations. But even where that is the case, their application to prediction markets should be made explicit and reinforced through training.
The goal is not merely to preserve the ability to enforce after the fact, but, more importantly, to heighten awareness and prevent issues from arising in the first place.
What to Do Now
The compliance community is still catching up to the pace of development in prediction markets, and formal guidance from regulators remains limited. That said, the core principles at stake – prohibitions on the misuse of confidential information and the duty of loyalty – are not new. They apply here, and compliance teams that help employees, executives, and board members understand how these principles apply – and the consequences of getting it wrong – can protect both the organization and its stakeholders.
As a practical matter, compliance officers should consider the following:
The regulatory framework will evolve rapidly. The underlying principles are more steadfast. Compliance teams that apply those principles deliberately and explicitly to this new context will be well positioned to protect both the organization and its employees.
Search the site
Prediction markets have not created entirely new compliance risks—but they have dramatically expanded how familiar risks arise. Employees may not realize that betting on real‑world outcomes using inside knowledge raises
I didn’t mean for anyone to get hurt. I told myself it was no big deal—just a small favor, a little cash, something everyone does. But when the product failed
I am not exactly a worker bee or a boss. I stand somewhere in between, guarding everyone in the company from the lowest employee to the highest leader. I am
For so long, I felt like an outsider—the lone compliance voice carrying the weight of keeping everyone on track. But then the big boss pulled me aside and said, ‘You
Subscribe now to keep reading and get access to the full archive.