On Wednesday morning, federal agents arrested Michele Spagnuolo in New York. The 36-year-old Google information security engineer — an Italian citizen resident in Switzerland — allegedly used internal Google search data to make $1.2 million on Polymarket's international platform, betting through an account named AlphaRaccoon on Google's own "Year in Search 2025" markets. He knew the singer D4vd would be the most-searched person of the year while Polymarket priced that outcome at near-zero. He had the company's confidential data. The trading public didn't.

Polymarket announced the arrest the same day, crediting its market integrity infrastructure with flagging the trader. It's the second arrest resulting from a Polymarket criminal referral. Two for two.

The tweet ends with a line that's hard to disagree with:

"Blockchain trading is transparent, traceable, and bad actors leave footprints."

That is correct. And the Spagnuolo case proves it twice over — because according to the complaint, he didn't just place the bets. He "took deliberate steps to conceal his unlawful use of nonpublic information by attempting to obscure the source and ownership of his unlawful proceeds." He tried to hide. The footprints caught him anyway.

In fact, they caught him in two layers. The on-chain trail showed what happened — every Year-in-Search bet, every fill, every transfer. But the identity — connecting AlphaRaccoon to Michele Spagnuolo — came from a different source. Per the SDNY complaint, investigators identified him through KYC records held by the cryptocurrency on-ramp and off-ramp companies that converted his fiat to USDC and back. Polymarket's referral identified the wallet's behavior. The crypto KYC layer attached the name. Both pieces were needed. Neither piece alone is sufficient.

We've been making this argument for two posts now — that on-chain settlement turns prediction markets into the most transparent financial markets ever created, and that the right integrity response is to read the public data, not to subpoena it. Polymarket adopting this framing publicly is a meaningful moment. The thesis has moved from analysis to operational reality.

A second number from Polymarket's own integrity page is the part of this story almost nobody is talking about.

Ninety.

Polymarket discloses on its integrity site that it has referred 90+ accounts to law enforcement. Two of those referrals have resulted in arrests. Eighty-eight remain in some stage of investigation, cooperation, or pre-charge analysis.

That second number — ninety — is where the argument actually gets interesting.

What Two-for-Two Really Means

Polymarket's framing is true and earned. The Van Dyke case (the Army Special Forces master sergeant who allegedly netted $409,000 trading on classified Maduro intelligence) and now the Spagnuolo case (the Google engineer who allegedly made $1.2 million on his employer's search data) both came from Polymarket-initiated referrals to federal authorities. The platform built surveillance infrastructure, used it, referred the cases, and prosecutions followed.

The argument that "the system works" is real. Two arrests is more than zero. The infrastructure exists, the process functions, the criminal justice system has reached its first prediction market insider trading conviction in history. Anyone who said this couldn't happen on a decentralized, crypto-settled platform was wrong, and Polymarket gets to take that lap.

But two arrests from ninety-plus referrals is also a ratio. And the ratio is roughly 2%.

Compress the entire flow into a single view:

These figures aren't directly comparable — Polymarket's 90+ comes from active platform surveillance, while Harvard's 210,718 is academic statistical analysis with a different threshold for "suspicious," and there's substantial overlap and methodology drift between them. But even allowing for that, the order-of-magnitude gap between detection and enforcement outcome is the point. Each step in the funnel loses roughly 99% of the volume above it. The bottleneck isn't detection. It's the entire enforcement pipeline downstream of detection.

The other 98% of Polymarket's own referrals — the eighty-eight or more accounts flagged as suspicious enough for the platform to refer to law enforcement — remain unresolved in public. Some are surely still under active investigation. Some will eventually become charges. Some may already have been declined for reasons that aren't disclosed. But the bottleneck between "platform identifies suspicious behavior" and "arrest is announced" is the entire enforcement apparatus — federal prosecutors, agency resources, evidentiary thresholds, prosecutorial discretion.

The platform can refer. The system has to convert. And right now the conversion rate is roughly one in fifty.

Two Cases, Two Completely Different Insiders

There's something easy to miss about the two arrests, and it widens the problem considerably.

Van Dyke and Spagnuolo committed the same crime — trading on material non-public information — but they had nothing else in common. Van Dyke was a soldier with a security clearance trading on classified government intelligence about a military operation. Spagnuolo was a software engineer trading on private corporate data about his employer's search trends. One is a national security insider. The other is a corporate insider. The only thing connecting them is that both found a prediction market priced on something they secretly already knew.

That's the part that should worry anyone thinking about prediction market integrity. The insider-trading problem isn't confined to a single domain like national security, where the universe of people with access is small and already monitored. It's any domain. Anyone with material non-public information about anything a market is priced on can exploit it — a Google engineer who sees search data, a film studio employee who knows box office numbers, a polling firm staffer who sees results before release, a corporate insider who knows an earnings figure, a sports team doctor who knows an injury status.

Prediction markets are now priced on thousands of real-world outcomes across every conceivable domain. Each of those markets has its own population of potential insiders, most of whom are not under any kind of trading surveillance because they don't work in finance and never imagined their access to ordinary corporate data could become a securities-fraud problem. Spagnuolo wasn't a Wall Street trader. He was an engineer who realized his everyday access to search analytics was worth $1.2 million on a market about search analytics.

The attack surface isn't a list of clearance-holders. It's everyone with privileged information about anything. That makes domain-specific monitoring impossible and makes scalable, behavior-based, on-chain surveillance the only model that could plausibly keep up.

The Manufacturing Problem

There's a deeper observation underneath the two-categories point, and it's the one almost nobody is naming out loud.

Prediction markets aren't just revealing insider trading. They're creating it.

Consider the Year-in-Search data Spagnuolo allegedly traded on. Inside Google, it's a marketing input — interesting, confidential, useful for coordinating a December press release. Outside Google, before December 4, 2025, it was worth approximately nothing on the open market. There was no buyer for "next month's Year in Search list." No black market for premature search trend data. No tabloid would pay for it. No competitor would risk litigation to obtain it. The information existed, it was confidential, and it sat dormant — because no one outside Google had any reason to monetize it.

Then Polymarket launched markets on the Year in Search outcomes. And suddenly the same data became worth $1.2 million.

This pattern isn't limited to the Google case. Dustin Gouker traced it in his analysis of the MrBeast editor who allegedly traded Kalshi contracts using inside knowledge of YouTube video performance — information that has zero monetary value outside a prediction market. The same logic applies to Survivor outcome bets, to internal poll results, to any of the thousands of niche real-world outcomes prediction markets now price contracts on.

Alex Goldenberg, a Rutgers fellow with the NYU Institute for the Study of Emerging Threats, put it sharply in a recent post: "Every company whose data, decisions, or actions can resolve a prediction market contract now has a new insider threat surface. Not just trading on what you know but also doing things to make your bets pay out."

The second half of that sentence is the part that should haunt anyone thinking about market integrity. It's not just that insiders can trade on what they know. It's that they can take actions to make markets resolve favorably. A studio employee who knows the box office tracking can short a market on opening weekend. But the same employee — if they had the right access — could also leak a negative review to depress opening weekend. Information asymmetry becomes outcome asymmetry. The contracts don't just reveal MNPI; they create incentives to manipulate the underlying reality the contracts are priced on.

This is the structural problem prediction markets have not yet confronted as an industry. Every new market is a new insider attack surface. Most have no monitoring of any kind because the universe of potential insiders doesn't overlap with finance. And the value of the inside information is wholly created by the market itself — there's no equivalent "legitimate market" the contracts displace.

For some prediction market categories — large geopolitical events, presidential elections, broad macroeconomic outcomes — the public-interest benefit of price discovery may genuinely outweigh the manufactured-incentive cost. The information is already widely sought, already partially priced into other markets, already public-interest. Adding a prediction market provides a sharper signal without creating wildly new incentives.

For other categories — niche corporate data, internal media metrics, sports outcomes where small numbers of people have material knowledge — the manufactured-incentive cost may exceed the price-discovery benefit. The data wasn't valuable before. Now it is. And the people who hold it weren't being monitored. Now they need to be.

This doesn't mean prediction markets are bad. It means the integrity argument has to extend past detection of bad actors into a more uncomfortable question: which markets, by their very existence, are manufacturing the bad acting they then have to police?

The Footprints Argument Cuts Both Ways

Polymarket is right that bad actors leave footprints on a blockchain. The platform's tweet implies a particular framing of that fact: the platform sees the footprints, the platform refers them, the system follows up. Two-for-two is the evidence.

The same fact admits a different reading. If the footprints are public — and they are, that's the point — then the platform isn't the only entity that can see them. Researchers can see them. Journalists can see them. Regulators can see them. Competitors can see them. Anyone with the right tools and the inclination to look can see them.

That's not a hypothetical. It already happened. Multiple times. By multiple actors. Independently.

Eight different actors. Eight different read paths. Two of them by Polymarket's formal surveillance pipeline.

One row in that table deserves a closer look. On December 4, 2025 — the same day Google announced the Year-in-Search results — a Polymarket-affiliated X account, @PolymarketMoney, posted: "$1.15M profit in 24 hours trading Google search markets. Who is AlphaRaccoon?" That was six months before Spagnuolo's arrest. The trades looked obviously suspicious to anyone watching public on-chain data in real time. The footprints weren't subtle. They were so visible that even Polymarket's own social-media presence flagged them publicly the same day. The formal referral, the federal investigation, and the eventual arrest all came later — through the slower legal pipeline.

The indictment in the Van Dyke case itself credits "reports of unusual trading in Maduro-related contracts on Polymarket [that] appeared in the press and on social media" with bringing scrutiny to the conduct. The independent on-chain reads preceded the platform's referral pipeline in the most prominent case.

This isn't a criticism of what Polymarket has done. It's an observation about what the on-chain transparency argument actually proves. If "blockchain trading is transparent and bad actors leave footprints" is true — and it is — then the enforcement model that follows from that fact can't end with the platform that runs the market.

Why Platform-Led Surveillance Has a Ceiling

There's a structural reason single-platform integrity infrastructure, however well-intentioned, has limits.

A platform monitoring its own markets has misaligned incentives at the edges. Not in the obvious cases — the Van Dyke case was egregious enough that no platform would have looked the other way. But in the marginal cases, where the trader is a high-volume customer, where the pattern is suggestive but not conclusive, where the referral risks reputational fallout, where the trader's positions are net favorable to the market's resolution — the platform has reasons to look harder, look softer, or look elsewhere. This isn't a critique of any specific decision Polymarket has made. It's the inherent feature of any system where the regulated entity is the surveillance layer.

A single platform can only see its own markets. Cross-venue surveillance — the same trader operating wallets on Polymarket, Kalshi, Limitless, and emerging venues — requires data the platform doesn't have. A trader sophisticated enough to evade detection on one platform will simply move to another. Platform-led surveillance is structurally myopic.

The 90+ figure is itself an argument for independence. If Polymarket is finding that much suspicious activity on its own platform, the actual incidence of suspicious activity across the entire prediction market industry is meaningfully larger. Some is on Kalshi (which is off-chain and which subpoena-model investigations therefore fit). Some is on Limitless. Some will be on Predict.fun. Some is on platforms that don't exist yet. The integrity story isn't a Polymarket story. It's an industry story. The infrastructure has to be too.

Two-for-two also means ninety minus two. Eighty-eight referrals haven't produced public arrests. The 210,718 wallet-market pairs Harvard found haven't produced any. The bottleneck between "suspicious behavior" and "enforcement outcome" is the entire federal investigative pipeline, and that pipeline doesn't scale to the volume of patterns the public data already reveals. The math doesn't work even if every platform built the world's best internal surveillance team. The constraint is upstream of the platforms.

Where This Goes

Polymarket's announcement today is good news. Two arrests from referrals is a genuine accomplishment, and the public commitment to on-chain transparency as an integrity feature is exactly the right framing. The platform deserves credit for naming the structural property — bad actors leave footprints — that makes prediction markets uniquely auditable.

But the announcement also illuminates the next problem. If footprints are public, the enforcement model that follows isn't "platforms refer, federal prosecutors charge." That model produced two cases in roughly five months from a known pool of ninety-plus suspicious accounts. Scaled to the Harvard figure of 210,718 suspicious pairs, the math gives you decades of investigative backlog before a fraction is addressed.

What follows from the on-chain footprints argument is something different: continuous, public, cross-venue surveillance infrastructure that anyone can build on, that researchers can extend, that journalists can investigate from, that regulators can subscribe to as a data input, that platforms can use to supplement their own internal monitoring, and that operates at the speed of the data — not at the speed of subpoenas and prosecutorial discretion.

Polymarket reading the footprints on its own markets is necessary infrastructure. It is not sufficient infrastructure.

Two-for-two is a real number.

Ninety is a real number.

210,718 is a real number.

The question isn't whether the footprints exist. Polymarket has now publicly confirmed they do. The question is who else is reading them — and whether the integrity story for this industry ends with the platforms that run the markets or extends past them to the independent layer the data structurally enables.

The footprints are public. The next chapter of the integrity story belongs to whoever builds the infrastructure to read them at scale.

Further Reading

The factual claims in this post are drawn from public sources. Verify, extend, build on them:

• SDNY press release on the Spagnuolo charges — the official SDNY filing on the second prediction market insider trading prosecution

• Dustin Gouker, "The Polymarket-Google Case, And How Prediction Markets Manufacture Insider Trading Incentives" — the analysis that articulated the manufacturing-of-incentives framing

• Polymarket Market Integrity Policy — Polymarket's own disclosure of its surveillance program, referral process, and the 90+ figure cited above

• Bubblemaps — wallet clustering and pattern analysis tools featured in the 60 Minutes prediction market segment

• Department of Justice press release on the Van Dyke indictment — the official SDNY filing on the first case

• Sidley Austin: "The First Prediction Market Insider Trading Case" — legal analysis of the Van Dyke prosecution

• House Oversight Committee letters to Polymarket and Kalshi (May 22, 2026) — the congressional investigation context

• The Harvard prediction market study — the research identifying $143M in suspected insider profits across 210,718 wallet-market pairs (published March 2026)

• NYT, CNN, and CBS 60 Minutes coverage — the journalism that has independently surfaced suspicious trading patterns from public on-chain data

This is the thirteenth installment in the Assymetrix Intelligence Brief series.

Previous: "Congress Is Investigating Prediction Markets. The Data Was Always Public."

Related: "A Soldier Used Classified Intelligence to Make $400K on Polymarket. The Data Saw It First."

Assymetrix is building the cross-venue, on-chain intelligence layer that turns public ledgers into readable, structured surveillance data — independent of any single platform.

assymetrix.com/blog