Skip to main content
Article | FINEX Observer

SEC enforcement is not just a public company concern: What private companies need to know

Financial, Executive and Professional Risks (FINEX)

By Nicholas Bolton | November 18, 2019

Private companies are subject to SEC oversight too, and this has implications for your D&O policy.

Private companies are subject to SEC oversight too, and this has implications for your D&O policy. Regardless of a company's status as publicly traded or privately held, the SEC has authority to investigate all companies that seek to raise capital from U.S. investors.

It is a common misconception that publicly traded companies are the sole target of regulatory enforcement as it pertains to securities. In order to understand why that misconception has manifested, it is helpful to start by considering the plethora of securities litigation aimed at public companies. Those who operate within the public company D&O liability sphere will be acutely aware of the record number of securities class actions that have been filed since 2017. This has been driven, in large part, by the escalating number of merger objection litigation claims, event-driven claims (think non-traditional root causes, such as cyber breaches, adverse weather events, etc., as opposed to the traditional accounting misrepresentation trigger) and the augmented rate year over year at which private companies are undertaking initial public offerings. Increasingly, the plaintiffs' bar is employing an inventive array of mechanisms to bring suit against both publicly traded and private companies alleging violations of securities laws, and it appears that there is little that will dampen their enthusiasm to proceed in this fashion for the foreseeable future.

Whether these securities class actions are brought with or without merit, the protections afforded to investors in public companies by the federal securities laws (namely the Securities Act of 1933 and the Securities Exchange Act of 1934) are both well-documented and designed to ensure an established framework of compliance for publicly traded companies. These laws intend to ensure adequate safeguards and disclosures for those individuals who wish to invest in these companies. Indeed, the Securities and Exchange Commission (SEC" Division of Enforcement is the established watchdog in this arena, with the authority to investigate possible violations of the federal securities laws committed by publicly traded companies and their executives.

But what about private companies? Much less has been written about the extent to which the SEC has authority in the privately held space. Those who place executive lines of insurance coverage will, of course, be familiar with the SEC's oversight of financial institutions (two key regulations being the Investment Advisers Act of 1940 and the Investment Company Act of 1940), but there is less familiarity with how non-financial institution private companies fall within the SEC's purview.

As previously alluded to, the common assumption is that the dividing line for SEC oversight is the public versus private company distinction. The distinction gives rise to differences in D&O coverage for public versus private companies, including coverage for securities claims granted in a public company D&O policy wording and, conversely, the securities offering exclusion found within private company D&O policy wordings. It is a timely reminder, then, that all companies seeking to raise capital from U.S. investors are subject to the SEC's anti-fraud provisions.

The anti-fraud provisions are set forth in Section 10(b) of the Securities Exchange Act of 1934 and Rule 10b-5 promulgated thereunder. Section 10(b) provides as follows:

"It shall be unlawful for any person, directly or indirectly…to use or employ, in connection with the purchase or sale of any security registered on a national securities exchange or any security not so registered…any manipulative or deceptive device or contrivance in contravention of such rules and regulations as the Commission may prescribe as necessary or appropriate in the public interest or for the protection of investors."i

Clearly, the SEC's authority under 10(b) extends even to those securities not registered on a national securities exchange. Even those transactions that meet certain exemption criteria are subject to the SEC's oversight, which means responsibility lies with all companies for all false or misleading statements they may make as part of the offering process. As if being subject to the SEC's authority isn't enough, companies are also subject to individual state laws ('blue sky laws') which are enforced by the individual state's own securities regulator, who also has the authority to bring enforcement actions for fraud against companies undertaking offerings, even if those offerings also meet any exemptions outlined under the Securities Act. The underlying message, then, is that all companies undertaking offerings in the U.S. are subject to the SEC's anti-fraud provisions, regardless of whether they are public or private, and regardless of whether the offerings they are undertaking meet exemption thresholds outlined in the Securities Act.

While the rate at which private companies are undertaking IPOs has recently increased, the number of publicly traded companies is certainly a lot lower than it used to be. For example, at the end of 1996, there were 8,090 public companies in the U.S. At the end of 2018, there were 4,397.ii In turn, the number of 'Unicorn' companies, i.e., those privately held entities with valuations exceeding $1B, has proliferated in recent years. Several of these companies have conducted IPOs in recent months, but the journey to becoming publicly traded hasn't always been smooth. As more information is filed publicly with the SEC as part of the IPO process than would otherwise have previously been available, frequent concerns among investors include (1) the underlying substance upon which the superlative valuations are predicated (which becomes increasingly subject to challenge when previously undisclosed financial data is made available), and (2) that such companies have not grown adequately from an operational, regulatory and compliance perspective in line with their valuation.

This was a core focus of the SEC's Silicon Valley Initiative in 2016. In this regard, Mary Jo White (then chair of the SEC) had made clear that "the risk of distortion and inaccuracy is amplified because start-up companies, even quite mature ones, often have far less robust internal controls and governance procedures than most public companies."iii As a result, we can only expect that the SEC's focus on private companies will intensify, particularly as many companies' valuations (most notably in the tech sector) quickly outgrow their internal controls.

So, what are some of the steps that private companies should take to ensure that their D&O coverage is sufficiently broad? First, seek to minimize the extent to which the Publicly Traded Securities exclusion (found in private company D&O forms) will apply, by ensuring that the exclusion at a minimum includes carve-backs for the following:

  • Ensure that the purchase or sale of securities are exempt from the requirement to be registered under the Securities Act of 1933 (or foreign equivalent).
  • Ensure that the exclusion is limited to public offerings of equity securities of the organization, versus debt securities. Public offerings of debt securities should not be subject to the policy exclusion.
  • Make sure that all pre-IPO activity (roadshows etc.) is not excluded, and that coverage is also included for any failed initial public offering, to the extent that the IPO does not take place.

Finally, it is vital to ensure that the policy includes broad investigation coverage for all directors and officers. Regulatory inquiries can be protracted and costly and often will not meet the definition of claim as it is set out within the base D&O policy. Building this coverage into the policy will assist in protecting the C-Suite as they navigate the increasingly challenging private company regulatory environment.

i Section 10(b) of the Securities Exchange Act of 1934 is codified at 15 U.S.C. § 78j.
ii The World Bank,
iii Mary Jo White, Keynote Address at the SEC-Rock Center on Corporate Governance Silicon Valley Initiative (March 31, 2016)

Title File Type File Size
FINEX D&O Observer Fall 2019 PDF 6.5 MB

FINEX Financial Institutions

Contact Us