In what prosecutors described as a case that “reinforces a decades-old message,” a Google security engineer was arrested and charged on 27 May 2026 with fraud, money laundering, and commodities violations after allegedly using his company’s confidential internal data to win more than $1.2 million on Polymarket — the cryptocurrency-based decentralised prediction market platform.
Michele Spagnuolo, 36, an Italian citizen living in Switzerland who has worked for Google since 2014, appeared in the Southern District of New York following the unsealing of a federal criminal complaint. The Commodity Futures Trading Commission (CFTC) filed a parallel civil complaint the same day, seeking restitution, disgorgement, civil penalties, and permanent trading bans. Google placed Spagnuolo on leave and stated it is cooperating with law enforcement.
The case is remarkable for what it reveals about the intersection of Silicon Valley’s data advantage, the rapidly growing prediction market industry, and the emerging regulatory framework being built around platforms like Polymarket that are increasingly being watched — and used — by mainstream financial and intelligence communities.
1. The Case: What Spagnuolo Is Accused of Doing
According to the federal complaint unsealed in New York, Michele Spagnuolo — operating under the Polymarket username “AlphaRaccoon” — used access to Google’s internal data systems to place a series of prediction market bets with near-certain knowledge of outcomes that the general trading public had no way to know.
Between October and December 2025, Polymarket had listed prediction market contracts around Google’s annual “Year in Search” — Google’s publicised ranking of the most-searched people, topics, and trends of the year. These markets asked questions like “Who will be Google’s most-searched person in 2025?” with various individuals listed as possible outcomes. The markets attract genuine uncertainty from the public: before Google’s December announcement, the outcome is genuinely unknown to outsiders.
It was not unknown to Spagnuolo. As a staff information security engineer at Google since 2014, he had access to an internal software tool containing confidential “Year in Search” data — Google’s ongoing, real-time ranking of trending search terms. This tool was marked with a “Google Confidential” banner in red text. Prosecutors allege Spagnuolo accessed this data and used it to place Polymarket bets on outcomes he already knew, or had strong probability to predict, from Google’s internal systems.
2. The Insider Data: Google’s “Year in Search” Tool
Google’s “Year in Search” is one of the company’s most anticipated annual content releases — a ranking of the top trending searches, people, and topics that became cultural touchstones during the year. The public announcement, typically made in late November or early December, is a significant media event that drives substantial traffic and social media discussion.
What the public does not know — and what Spagnuolo allegedly knew — is that this data does not crystallise on publication day. Google’s internal systems continuously track search trends throughout the year, giving Google’s analysts and certain employees access to an evolving picture of who and what is trending, updated in near-real time. This is not just a marketing tool; it is part of Google’s core product intelligence infrastructure.
Prosecutors allege that Spagnuolo accessed this data system — described as available to employees for legitimate internal purposes — and used the data it contained not for any Google business purpose but to inform his Polymarket trading. The key allegation is not that he hacked into a restricted system; it is that he used authorised access to confidential data for a purpose expressly prohibited by Google’s policies: personal financial gain.
Google’s statement after the arrest confirmed this framing: “The employee accessed our marketing material using a tool available to all employees, but using such confidential information to place bets is a serious breach of our policies.”
3. Understanding Polymarket and Prediction Markets
Polymarket is a decentralised prediction market platform built on the Polygon blockchain. Users place bets using USDC (a US dollar-pegged stablecoin), taking positions on whether specific events will occur. The markets operate like binary options: if the outcome you bet on occurs, your position pays out at $1 per share; if it does not, you lose your stake. Market prices reflect the collective probability assigned to each outcome by all participants.
Prediction markets are considered valuable tools for information aggregation — they have a track record of being more accurate forecasters of election outcomes, economic events, and other measurable phenomena than polls or expert opinion in some contexts. This has driven significant institutional and media attention: outlets including Bloomberg, Reuters, and the Wall Street Journal regularly cite Polymarket prices as part of their election and economic coverage.
Why Polymarket Attracts Insider Trading Risk
The characteristics that make prediction markets valuable — real-money stakes on real-world outcomes — are also the characteristics that create insider trading risk. Any person who has access to non-public information that resolves a prediction market question has the same advantage that a stock market insider trader has: certainty (or near-certainty) about an outcome that the market prices as uncertain.
The core issue is that prediction markets draw their participants from exactly the populations most likely to have access to material non-public information: journalists, government officials, corporate employees, and researchers. The “Year in Search” market is a natural magnet for Google employees with search data access. A market about a pharmaceutical drug’s FDA approval is a natural target for pharmaceutical employees. A market about a military operation is a natural target for anyone with security clearances.
4. The Specific Bets and the AlphaRaccoon Account
The complaint details a specific sequence of trades that illustrates the alleged scheme:
The Kendrick Lamar Bet (October 2025)
Spagnuolo initially placed Polymarket bets that Kendrick Lamar would be Google’s most-searched person of 2025. This was a plausible prediction — Lamar had headlined the 2025 Super Bowl halftime show and was a cultural figure at the peak of his visibility. Internal Google data at the time apparently supported this position.
The Pivot to D4vd (November–December 2025)
As October and November progressed, internal Google data showed a shift: D4vd, an alt-pop singer with a growing but less mainstream profile, was surging in Google search trends. Spagnuolo’s AlphaRaccoon account began placing new bets — this time on D4vd — at a point when the public Polymarket market was assigning “near-zero probability” to D4vd being the top-searched person of the year.
The complaint describes this timing as the clearest evidence of insider information use: the market had near-zero confidence in D4vd because the public had no information suggesting D4vd was trending. Spagnuolo, allegedly, had exactly that information from Google’s internal systems.
The December Payoff
When Google publicly announced its Year in Search 2025 results on 4 December 2025, D4vd was revealed as the top-searched person of the year. Spagnuolo’s AlphaRaccoon account collected approximately 3.9 million USDC.e — the stablecoin’s enhanced variant — from the resolved prediction market contracts. Between 4 and 10 December 2025, as the markets resolved, approximately $1.2 million in winnings was transferred out of the AlphaRaccoon account.
Prosecutors note that across approximately 25 prediction market contracts, Spagnuolo “placed bets with near-perfect accuracy across approximately 25 unlikely outcomes” — a statistical pattern that prosecutors argue is consistent with foreknowledge rather than exceptional market analysis. The total amount at risk across all bets was approximately $2.75 million.
5. The Legal Charges: Insider Trading and Its Application to Crypto Markets
Spagnuolo faces three categories of charges in the criminal complaint:
- Commodities fraud — Polymarket operates on a blockchain using cryptocurrency (USDC), bringing it under the CFTC’s jurisdiction over derivatives and prediction markets. Using material non-public information to trade on such a platform constitutes commodities fraud under the Commodity Exchange Act.
- Wire fraud — The broader fraud charges covering the scheme to deceive Polymarket counterparties by trading with information asymmetry they could not know about.
- Money laundering — The transfer and conversion of the USDC.e proceeds, which prosecutors characterise as proceeds of fraud.
U.S. Attorney Jay Clayton stated: “This week’s charges reinforce a decades-old message: corporate insiders cannot use confidential business information to turn a profit in our markets.”
Why This Case Matters for Crypto Markets Regulation
The Spagnuolo prosecution is significant for the regulatory history of prediction markets and crypto-based financial instruments. For years, the question of whether insider trading laws applied to Polymarket-style platforms was legally uncertain — traditional SEC insider trading doctrine applies to securities, and there was debate about whether prediction market contracts on crypto platforms constituted securities or commodities.
The CFTC’s decision to file its own complaint alongside the criminal charges effectively resolves this ambiguity for prediction markets: they are treated as commodity markets under CFTC jurisdiction, and the full insider trading framework — including the duty-of-loyalty doctrine that prohibits using employer’s confidential information for personal trading gain — applies.
6. Polymarket’s Role: Cooperation and Integrity Measures
Polymarket issued a statement notable for its detail about the company’s cooperation with law enforcement: “Polymarket worked closely with the U.S. Attorney’s Office for the Southern District of New York and the CFTC, and is the only prediction platform to date whose cooperation has led to insider trading charges in the United States. We are committed to maintaining accurate, fair, and transparent markets.”
This cooperation is significant because Polymarket is a blockchain-based platform — its trades are pseudonymous but permanently recorded on the Polygon blockchain. The company’s ability to cooperate with law enforcement to identify the AlphaRaccoon account holder suggests that Polymarket maintains KYC (Know Your Customer) data that can link wallet addresses to real identities, at least for users who completed identity verification.
Following the case, Polymarket announced it is tightening security and abuse detection procedures to identify statistically anomalous trading patterns that may indicate insider information use.
7. Broader Implications for Prediction Markets and Tech Employees
The Spagnuolo case has immediate implications for several overlapping communities:
Technology Company Employees
The case makes explicit a risk that many tech employees may not have fully considered: the data and systems you access as part of your employment at a technology company may create significant prediction market trading advantages — and using those advantages is legally identical to the insider trading that has resulted in criminal convictions in traditional securities markets for decades. Google’s “Year in Search” data is a relatively benign example. Consider the same logic applied to Apple employees with product launch data, Amazon employees with logistics and sales data, or Meta employees with advertising performance data that reflects economic trends before they become public.
Prediction Market Participants
For sophisticated Polymarket users, the case introduces a new dynamic: counterparties may be trading with material non-public information. The market price of a prediction market contract now carries the implicit question of whether insiders are systematically mispricing it. For arbitrageurs and information traders who participate in prediction markets based on their analysis, the presence of insider trading adds noise that is difficult to distinguish from signal.
Corporate Information Security Professionals
The specific detail that Spagnuolo is a staff information security engineer is pointed. Information security professionals routinely have access to sensitive business data as part of their role — log data, security incident data, product roadmap data, compliance data. The Spagnuolo case is a reminder that this access carries fiduciary obligations that extend beyond the office and into personal financial activities.
8. The Second Polymarket Case: Army Sergeant and the Maduro Raid
The Spagnuolo arrest is the second high-profile insider trading case involving Polymarket in 2026. In April, then-active U.S. Army Special Forces Master Sergeant Gannon Ken Van Dyke was arrested on charges that he used classified information about a classified U.S. military operation to bet on prediction market contracts related to the outcome of the operation to capture Venezuelan President Nicolás Maduro. Prosecutors said Van Dyke made more than $400,000 on his trades.
Van Dyke pleaded not guilty and the case is proceeding. The two cases together suggest that Polymarket’s market-making in high-stakes geopolitical and cultural events is creating systematic insider trading opportunities for people with institutional access to the relevant information — and that U.S. law enforcement is actively investigating and prosecuting these cases.
The pattern is creating pressure on Polymarket to implement stricter controls, and on other prediction market platforms (Kalshi, Metaculus, Manifold) to consider their own exposure. It also creates a policy question: should prediction market platforms be required to implement trading restrictions similar to those imposed on stock market participants with material non-public information access?
9. Frequently Asked Questions
Using prediction markets is generally legal. What is illegal — and what Spagnuolo is charged with — is using material non-public information obtained through employment to place trades with an information advantage unknown to the market. Tech employees who participate in Polymarket or other prediction markets should avoid placing trades on topics where their employer’s confidential data would be relevant, just as they should avoid trading their employer’s stock based on material non-public information.
The CFTC has authority over commodity markets and derivatives. Prediction market contracts that settle in cryptocurrency and relate to real-world events are treated as commodity contracts under the Commodity Exchange Act. The CFTC regulated Polymarket’s US operations and is the primary federal regulator for this category of instrument. The parallel criminal charges are brought under wire fraud and money laundering statutes, which apply regardless of asset class.
This is the key question the case raises. On-chain transactions are pseudonymous but permanent — the AlphaRaccoon wallet’s transaction history is publicly visible. However, linking that wallet to Spagnuolo’s identity required Polymarket’s cooperation, suggesting Polymarket had KYC data mapping the wallet to a verified identity. A platform with no KYC and no user data would make identification substantially harder, though sophisticated blockchain forensics can sometimes trace wallet identities through exchange deposit patterns and IP data.
Polymarket has positioned its cooperation with law enforcement as a feature, not a liability — emphasising that it is the first prediction platform whose cooperation led to insider trading charges. The company has announced enhanced anomaly detection for unusual trading patterns. The cases may actually increase institutional confidence in Polymarket by demonstrating that manipulative trading is detectable and prosecutable, potentially supporting arguments for regulatory legitimacy of the platform.
Conclusion
The Spagnuolo case is a landmark in the history of prediction market regulation and a warning for the growing category of technology company employees who have been treating their workplace data access and their personal financial activities as entirely separate domains. They are not separate. The fiduciary obligations that prohibit insider trading on public stock markets apply with equal force to commodity markets, prediction markets, and emerging crypto-based financial instruments.
More broadly, the case illustrates the unique information advantage that employees at major technology platforms can hold. Google’s search data is not just a business asset — it is a real-time picture of what the world is paying attention to, updated continuously. That picture has economic value far beyond Google’s own business. As prediction markets expand and mature, the temptation to monetise insider access to such datasets will continue to grow. The Spagnuolo prosecution is the regulatory system’s answer to that temptation.
For the cybersecurity and IT community — particularly information security professionals — the case is a reminder that your professional access to sensitive systems carries professional responsibilities that do not end at the office door.
IT Consulting & Cybersecurity · Saudi Arabia
Protecting Your Business in the Digital Economy
Cases like Spagnuolo’s highlight how the line between corporate data and personal activity is increasingly scrutinised. Visit To Me helps Saudi businesses implement data governance policies, access controls, and cybersecurity frameworks that protect both the company and its employees.
Leave a Reply