In a stark 3-2 vote along political lines, the SEC announced today that it was proposing new rules relating to finders.  Essentially, if the proposed rules are, ultimately, approved, the SEC will sharply change the position it has maintained for over 8 decades, allowing unregistered finders to sell securities to the investing public while receiving transaction based compensation.  See https://www.sec.gov/news/press-release/2020-248.  

If approved, the proposed rules would permit 2 categories of finders.  Both types of finders would be allowed to solicit accredited investors for investments in various issuers.   There are restrictions on the activities the finders could engage in as well as certain disclosure requirements for one category.  Nonetheless, the breadth of the proposed rules is significant because it represents a sea change from the SEC’s previous position that any transaction based compensation paid to persons who solicit investors would require broker-dealer registration.

These proposals also apparently conflict with recent state activities on finders and business brokers.  For example, the State of New York proposed actually registering finders.   See https://securitiescompliancesentinel.foxrothschild.com/broker-dealer-registration/fox-rothschilds-securities-industry-group-members-ernie-badway-and-alex-kerzhner-publish-alert-on-nysags-pandemic-rule-making-on-finders-and-business-brokers/.  

There is a 30-day comment period for these proposed rules after publication in the Federal Register, and the SEC is encouraging interested parties to comment.

Recently, the Office of Compliance Inspections and Examinations (“OCIE”) released an alert to broker-dealers and registered investment advisers regarding the risks associated with credential stuffing.  See https://www.sec.gov/files/Risk%20Alert%20-%20Credential%20Compromise.pdf.

Credential stuffing is an automated attack on web-based user accounts and direct network login account credentials. Cyber attackers obtain lists of usernames, email addresses, and corresponding passwords from the “dark web,” and then use automated scripts to try to compromise user names and passwords on other websites. OCIE believes that credential stuffing is emerging as a more effective way for attackers to obtain unauthorized access to customer accounts and/or BD or RIA firm systems rather than traditional “brute force” password attacks, attempts to guess a password using numerous combinations. The successful attack, using either method, allows access to customer accounts and, possibly, the firms’ systems, allowing for the theft of customer and firm accounts.

The OCIE staff observed an increase in the frequency of credential stuffing attacks, and BD and RIA failures to mitigate the risks of such attacks.   The findings included problems with the use of systems hosted by third-party vendors and personally identifiable information (“PII”) through the website of BD or RIA.  Such use would facilitate  an attacker’s ability to control a customer account at the firm or the customer’s accounts at other institutions according to the OCIE report.

OCIE determined that customers using the same password or login usernames were a prime target for these attacks.  Further, OCIE suggested that firms update their Regulation S-P and Regulation S-ID policies and programs to address these risks. Similarly, OCIE found certain practices could protect client accounts, including, but not limited to: (1) policies and procedures relating to updating and improving passwords; (2) employing Multi-Factor Authentication (“MFA”), where multiple “verification methods” authenticate the person logging in to an account; (3) Completely Automated Public Turing test to tell Computers and Humans Apart (“CAPTCHA”), requiring users to confirm they are actual humans and not automated scripts; (4) improving controls to detect and prevent multiple login “fingerprints” for sessions, along with the use of a web application firewall (“WAF”) to detect and inhibit credential stuffing attacks; and (5) monitoring the dark web.

Firms should consider their current practices, and any potential limitations of those practices.  Further, firms should consider if the firm’s customers and staff are properly informed on securing their accounts.  If not, OICE strongly recommends that improvements be made quickly.

In sum, BDs and RIAs should remain vigilant and proactively address emergent cyber risks; review their customer account protection safeguards; identity theft prevention programs; and consider updating such programs or policies as necessary. Firms should seek out experienced securities counsel to assist in these tasks and engage their customers in this process because, like the Pandemic, we are all in this together.

Money service businesses received a reprieve last week that will make cryptocurrency firms very happy since they will be able to more easily expand across the United States. The Conference of State Bank Supervisors (“CSBS”) – 48 state regulators – agreed on a regulatory system for money services’ businesses, including a single set of supervisory rules and exam program conducted by state regulators.

The new regime applies to nearly 80 large payment and cryptocurrency firms, doing business of over $1 trillion annually. In recent years, state regulators have been working together to address complaints that the state-by-state supervisory system is redundant and overly burdensome. Cryptocurrency firms, typically are licensed state by state, but, under the new arrangement, a group of state examiners will jointly supervise a business, instead of individual states. This approach should be more efficient with states sharing information; however, states may still conduct independent examinations.

In short, this new regime should make it easier for cryptocurrency firms to operate. However, seasoned counsel is still necessary to manage this new path for cryptocurrency firms.

The United States Securities and Exchange Commission (“SEC”) adopted amendments to the definitions of both accredited investor under Securities Act of 1933 (“Securities Act”) Regulation D Rule 501 and qualified institutional buyer (“QIB”) under Securities Act Rule 144A.

Under the new accredited investor definition, the following parties would now be considered accredited investors: (1) designated professionals, such as those persons currently holding, in good standing, the FINRA Series 7, Series 65 and Series 82 licenses, others may follow; (2) private fund knowledgeable employees, including, but not limited to,  executive officers, directors, general partners, trustees, advisory board members, or other affiliated fund persons overseeing the fund’s investments or investment activities, but it does not include those persons performing solely clerical, secretarial or administrative functions; (3) rural business investment companies (RBICs); (4) family offices and family clients; and (5) entities meeting $5 million investment threshold.  The SEC also indicated that limited liability companies (“LLC”) meeting the $5 million asset test are accredited investors, and that their managers were considered executive officers.  QIBs now include: (1) LLCs, who own and invest at least $100 million in securities of non-affiliated issuers; and (2) any institutional investor meeting the $100 million threshold.

The SEC did not change the current dollar test limits.  However, the SEC permitted those persons, who cohabit together to be considered a “spousal equivalent,” for the purposes of determining accredited investors, thus, allowing the pooling of resources for the test.

This was a modest movement by the SEC to broaden the definitions of both accredited investors and QIBs.  It will be interesting to see if these definitional changes actually expands the pool of investors.  Nonetheless, it is critical that those persons seeking to raise money from investors seek out securities counsel to ensure proper adherence to these new definitions, among other things.

FINRA’s National Adjudicatory Counsel (“NAC”), recently, affirmed a disciplinary panel decision significantly sanctioning a broker-dealer for paying unregistered persons and entities.  See https://www.finra.org/sites/default/files/2020-07/NAC_2014042606902_Silver-Leaf_062920.pdf.

FINRA alleged, among other things, that a broker-dealer paid transaction-based compensation to “unregistered finders,” and non-registered entities owned by its registered persons.   Ultimately, the NAC agreed that, over a 3 year period, the broker-dealer paid and/or shared certain transaction-based compensation with unregistered finders and entities affiliated with registered persons, rather than paying the registered persons directly. The NAC noted that the broker-dealer had previously been warned after an examination by the United States Securities and Exchange Commission’s (“SEC”) Staff, but it seemed to ignore this warning, and then went onto wrongfully pay over $2 million to these unregistered persons and entities.

The writing has been on the wall for some time.  FINRA Rules prohibit FINRA members from paying such transaction-based compensation to non-members, and this position has been consistent.  See NASD Notice to Members 05-18.  FINRA has been clear that broker-dealers violate industry rules if they pay transaction-based compensation in connection with nearly all securities transactions to an unregistered person or entity.  Additionally, the NAC made it clear that broker-dealers could not pay transaction-based compensation to entities affiliated with its registered persons, rather than paying the registered persons directly, relying upon the SEC’s previously published guidance.

In sum, broker-dealers should consult with secured securities counsel before entering into business relationships with “finders” or third parties that raise business opportunities. Member firms may not pay success compensation to these parties.  Finally, there are no exemptions– pay the registered representatives, not their companies.

The SEC’s Office of Compliance Inspections and Examinations (“OCIE”) conducted a series of examinations into private fund advisers. See the SEC risk alert here. To say the least, OCIE was not pleased with the results, indicating a significant percentage of these advisers had compliance issues.  In particular, OCIE found problems with: (1) conflicts of interest; (2) fees and expenses; and (3) material non-public information policies and procedures.

OCIE found that these private advisers had numerous conflicts of interest issues, noting that these issues may be violations of the Investment Advisers Act of 1940 (“Advisers Act”). In particular, the conflicts of interest related to: (1) investment allocations; (2) multiple clients; (3) financial relationships between clients/investors and the adviser; (4) preferential liquidity rights; (5) advisers having interests in recommended investments; (6) coinvestments; (7) service providers; (8) fund restructurings; and (9) cross-transactions. OCIE believed these conflicts were not being addressed by private fund advisers. Such commentary indicates that the SEC Staff will take action in the future if it continues.

Additionally, OCIE indicated problems with fees and expenses allegedly being perpetrated by private fund advisers. For example, OCIE found the difficulties with: (1) fee and expense allocations with sharing of expenses, among other things; (2) fees and expenses for “Operating partners” without adequate disclosure; (3) valuation; and (4) monitoring/board/deal fees and fee offsets. These items may create financial irregularities causing greater problems in the operation of the funds, and, as such, the SEC Staff may consider these problems to rise to the level of actual Advisers Act violations.

Finally, OCIE identified ethical issues relating to the use and handling of material non-public information. OCIE found that private fund advisers needed to establish, maintain, and enforce written policies and procedures reasonably designed to prevent the misuse of non-public material information in that the private fund advisers had to address insiders, outside consultants, and employees. Private fund advisers also apparently were missing procedures involving trading restrictions, gifts and entertainment, among other things.

In short, these findings should serve as a wake-up call for private fund advisers. It demonstrates the need for proper procedures in consultation with securities counsel before the SEC Enforcement Staff comes knocking at the door.

The SEC’s Office of Compliance and Inspections (“OCIE”), recently, issued an alert—more like a shot across the bow—to BDs and RIAs regarding its concerns over activities in the industry concerning the challenges encountered by COVID-19.  See https://www.sec.gov/files/Risk%20Alert%20-%20COVID-19%20Compliance.pdf.  As part of its efforts, OCIE made certain recommendations concerning: (1) investor asset protection; (2) personnel supervision; (3) fees, expenses, and financial transactions policies; (4) investment fraud; (5) business continuity plans; and (6) sensitive information protection.

OCIE complained that firms were not doing enough to protect investor assets. OCIE wants firms to make sure they have the appropriate practices in place to guard client assets. OCIE also believes that firms are not doing enough to supervise their personnel given the health issues surrounding COVID-19. OCIE wants firms to ensure that these people are properly supervised since most are not readily capable of oversight and interaction not working at firms.

Similarly, OCIE identified firms having problems with controls relating to their fees, expenses, and financial transactions. Firms, apparently, according to OCIE, have not been informing clients of these items, and possibly creating financial conflicts of interest when certain transactions are made. Coupled with these conflicts, OCIE has found evidence of investment fraud as well.

Firms were also found to have not properly executed their business continuity plans. OCIE was particularly concerned that certain firms were not properly executing critical business functions during the pandemic. Essentially, OCIE was accusing many firms of “dropping the ball.” Finally, OCIE indicated that firms were not protecting sensitive customer information, since, among other things, firms were using remote access and personally-owned devices, as well as personnel creating records away from the firms.

In short, OCIE encourages firms to remain vigilant regarding fraudulent activity, customer information, conflicts of interest, and supervision, among other things. Contacting securities counsel is one way of preparing for an eventual OCIE examination as well compliance before it is too late.

Alerts

Delaware adopted new amendments to its General Corporation Law (DGCL) on July 16, 2020. Amendments to sections 102, 110, 116, 145, 212, 228, 232, 251, 363, 365 and 367 appear to respond to the COVID-19 pandemic, while others modify proxy information exchange, emergency provisions for businesses and the rules regarding public benefit corporations.

We detail these amendments below.

Section 102 – Company Naming and Director Liability

Section 102(a) was amended to add “registered series of a limited partnership” to the list of names from which a corporate name must be distinguishable in the state of Delaware’s records.

Section 102(b)(7) allows a provision in a corporation’s certificate of incorporation to eliminate or limit the liability of directors for monetary damages for certain breaches of fiduciary duties. It also provides that any future amendment, repeal or elimination of such a provision shall not affect a corporation’s application to an act or omission by a director that occurred before the amendment, repeal or elimination, unless the provision states otherwise at the time of the act or omission.

Section 110 – Expanded Emergency Action Measures for Boards of Directors

Section 110(a) was amended to include additional circumstances under which a board of directors can take emergency action, specifically including an epidemic, pandemic or declaration of a national emergency by the U.S. government. The list of triggering events is not exhaustive and includes a catch-all provision for “other similar conditions.”

Additionally, Section 110 was amended to provide that if a quorum cannot readily be convened, a majority of directors present may adopt emergency bylaws. It also permits the board of directors to postpone or change the location of a stockholder meeting and postpone record dates and payment dates of dividends, subject to special rules for publicly traded corporations. Emergency bylaws may contain any provision “practical and necessary” to address the circumstances of the emergency, notwithstanding any different provisions in the DGCL or the corporation’s charter. A corporation that changes the record date or payment date pursuant to this provision is required to provide stockholders with a notice of the change as promptly as practicable (and, in any event, before the original record date). For corporations subject to the reporting requirements of the Securities Exchange Act of 1934, notice must be given by means of a Securities and Exchange Commission filing.

Section 110(i) tracks a prior order by the governor of Delaware permitting the postponement of annual meetings or the transition of annual meetings to remote means. It also allows corporations that had declared a dividend for which the record date had not yet occurred to postpone the dividend to a later date under certain circumstances.

The amendments to this Section 110 are effective retroactively as of Jan. 1, 2020.

Section 116 – Electronic Signatures

Section 116 broadens the definition of “electronic signature and eliminates the carve-out in Section 116(b) for electronic execution of board, stockholder and incorporator consents in lieu of a meeting unless the certificate of incorporation expressly provides otherwise.

Section 145 –Definition of Company “Officer”

Amended Section 145(c) redefines who is deemed an “officer” regarding any act or omission occurring after December 31, 2020. The new definition includes the president, chief accounting officer, chief executive officer, chief financial officer, chief legal officer, chief operating officer, controller and treasurer of a corporation.

The amendments to this section also add a new Section 145(c)(2), which permits a corporation to indemnify any other person who is not a present or former director or officer of the corporation against expenses (including attorneys’ fees) actually and reasonably incurred by such person when they successfully defend claims against them.

The amendments to Section 145(c) take effect after Dec. 31, 2020.

Section 212 – Electronic Execution/Transmission of Proxy Information

Section 212(c) was amended to allow for the electronic execution and transmission of proxy information provided it includes or is delivered with information enabling the corporation to determine the date of delivery and the identity of the stockholder granting the proxy.

Section 228 – Electronic Consent

Section 228 was amended to allow for electronic consent of stockholders or members in lieu of meeting.

Section 232 – Email Notices to Stockholders

Section 232(b) was revised to permit corporations to give notice under Section 232(a) to stockholders by electronic mail to the address of the stockholder set forth in the corporation’s records, without the stockholder’s prior consent.

Section 251 – Domestic Corporation Mergers

Amended Section 251 eliminates, with some limited exceptions, a requirement applicable to certain domestic corporation mergers, that immediately following the effective time of the merger, the organizational documents of the surviving entity contain provisions identical to the certificate of incorporation of the constituent corporation immediately prior to the effective time of the merger.

Section 363 – Voting Requirements for Converting Business to Public Benefit Corporation

The amendment to this section reduces the voting requirement from two-thirds to a simple majority for converting a regular business corporation to a public benefit corporation and vice versa. It also repeals Section 363(b)(2), which applies this change to certain mergers involving conversion of shares to or from a public benefit corporation.

The repeal of Section 363(b)(2) will be effective with respect to a merger or consolidation consummated pursuant to an agreement entered into (or, with respect to a merger consummated pursuant to Section 253, resolutions of the board of directors adopted) on or after July 16, 2020.

Section 365 – Balancing Decisions by Directors

The amended Section 365 clarifies that under Section 365(c), a director will not be considered “interested” for purposes of a balancing decision required by Section 365(a) based solely on his or her ownership of, or interest in, the stock of a public benefit corporation, except to the extent such ownership would create a conflict if the company were not a public benefit corporation. Also, absent a conflict of interest, a failure to satisfy the balancing requirement will not constitute an act or omission not in good faith for the purposes of Section 102(b)(7) or Section 145, unless the certificate of incorporation specifically provides otherwise. This eliminates the need to provide in the certificate of incorporation a provision to protect directors for breaches under Section 365(c) by making this the statutory default.

Section 367 – Pursuing Balancing Lawsuits

The amendment to Section 367 clarifies that any lawsuit to enforce the balancing requirement must be brought by plaintiffs owning at least 2% of the public benefit corporation’s outstanding shares or, in the case of certain listed companies, shares with a value of at least $2 million if that number is lower.

The attorneys of Fox Rothschild’s Corporate Department remain ready to assist companies in navigating these issues with regard to the new provisions of Delaware law and other pandemic- related issues. For questions about this client alert, please contact Jesse Fishman at jfishman@foxrothschild.com or 609-895-6729, or Ankita Patel apatel@foxrothschild.com 609-844-3029 or any member of the firm’s national Corporate Department.

Recently, the United States District Court of the District of Columbia refused to dismiss money laundering charges against a defendant who was allegedly engaged in a darknet cryptocurrency scheme.   See U.S. v. Harmon, Case Number 1:19-cr-00395-BAH (D.D.C. July 24, 2020) .

Essentially, the defendant tried to claim that, when he transferred more than 350,000 bitcoins, he was not transferring “money,” and, therefore, not subject to operating an unlicensed money transmitting business, in violation of 18 U.S.C. § 1960(a); and engaging, without a license, in the business of money transmission, D.C. Code § 26-1001(10), in violation of the District of Columbia’s Money Transmitters Act, D.C. Code § 26-1023(c).  The government had alleged that, over a 3 year period, the defendant exchanged over 350,000 bitcoins worth over $300 million.  Further, the government claimed that this was all part of a conspiracy to enrich the defendant as well as allowing the defendant’s customers to facilitate other illicit activities.  The bitcoins allowed these nefarious actions to be hidden.

The federal court rejected that argument indicating that, although the statute did not provide a definition for money, courts provide the statutory term with its ordinary meaning.  As such, the federal court held that the ordinary definition of money as a “medium of exchange, method of payment, or store of value” covered bitcoins, and determined that the defendant was transmitting money from one location to another to hide the bitcoin’s original source.  Thus, the federal court found that these activities qualified as a money transmission, and, as a result, it was an unlicensed money transmitting business.

Accordingly, it is critical that, before engaging in these types of bitcoin transactions, parties should consult with counsel to avoid being the subject of a criminal investigation and potential indictment.

Fox Rothschild’s Securities Industry Group and Labor & Employment Department have updated the firm’s National Survey on Restrictive Covenants, a quick reference guide for in-house counsel and human resource professionals in a variety of industries.

Restrictive covenant law is in a constant state of flux and varies considerably from state to state. Our national survey helps companies keep up with the latest changes to state laws, including increased requirements for creating enforceable restrictive covenants.