by Jor Law & Charles Kaufman
In 2010, as part of the aftermath of the Global Financial Crisis of 2008, Congress adopted the Dodd-Frank Wall Street Reform and Consumer Protection Act. While mainly targeting the financial services industry, the act also required the Securities and Exchange Commission to adopt rules banning specified felons and other “bad actors” from participating in private offerings of securities under Rule 506 of Regulation D under the Securities Act of 1933. The SEC fulfilled its mandate by adopting Rule 506(d) in 2013.This rule requires a company to investigate the background of its officers, directors, owners and other associates before using Rule 506 - the most powerful capital-raising tool available to private companies and private investment funds, and one on which many EB-5 offerings also rely. As a result, this type of investigation has become a key component of the due diligence process for companies and projects raising EB-5 funds.
Why Rule 506?
Congress singled out Rule 506 offerings as an activity where felons and wrongdoers must be identified and banned because these offerings represent approximately one trillion dollars per year of largely unregulated financial transactions. Rule 506 is also the fundraising tool of choice for private issuers and funds, including hedge funds and private equity funds (in addition to EB-5 funding vehicles). The collapse of the private funds managed by Bernard L. Madoff, which prosecutors estimated to involve a $65 billion fraud, revealed that even ostensibly sophisticated investors could fail to identify fictitious investments on a scale large enough to damage the national economy and destroy the personal finances of many. While the “bad actor” rules themselves would have done nothing to stop the Madoff fraud, new Rule 506(d) stands for the proposition that even wealthy and sophisticated investors are entitled to an assumption that persons legally offering them securities are not convicted felons or persons who have been cast out of the more regulated sectors of the financial community for their misdeeds.
Rule 506 is a safe harbor under the Securities Act that allows issuers to sell an unlimited amount of securities to an unlimited number of “accredited investors” – investors who theoretically have the sophistication or financial resources to invest wisely and withstand losses – without registering the securities with the SEC. Absence of registration means that the company selling securities to raise capital, known as the “issuer,” can avoid the time, expense and management distraction of clearing a prospectus with the SEC, an intimidating process most often associated with a company “going public” in an IPO. In addition, an issuer that raises funds under Rule 506 – even tens or hundreds of millions of dollars –can also often remain private and avoid the reporting and compliance burdens of becoming a public company.
The Importance of Due Diligence
The Bad Actor Disqualifications make Rule 506 unavailable if an issuer or specified “covered persons” committed the bad acts listed in Rule 506(d), meaning that securities would have to be registered if no other exemption is available. A private offering that claims reliance on Rule 506, but involves a disqualified issuer or individuals, may therefore be an illegal offering in violation of Section 5 of the Securities Act unless some other exemption from registration can be found to cover the offering. In particular, when an offering is advertised through a “general solicitation,” as permitted under Rule 506(c) adopted under the JOBS Act, where no other exemption would be available, disqualification will make the offering an illegal public offering, and the issuer’s officers and managers can face harsh penalties under the Securities Act even if no fraud has actually occurred.
The last line of defense that can shield the company and its good actors from liability – and restore the availability of Rule 506 – is to show that the issuer did not know of the disqualification and, in the exercise of reasonable care, could not have known that a disqualification existed.
The emphasized words in the preceding sentence create a “due diligence” defense that not only shields from liability but affirms the exempt, legal nature of the offering. Those words also create an obligation for well advised issuers to conduct a reasonable investigation to discover if any covered person is a bad actor. The Rule instructs that the nature of the inquiry will vary based on the specifics of the issuer and the offering.
In the view of many practitioners, a reasonable inquiry under Rule 506(d) should at a minimum identify all covered persons, ask if they have committed any of the bad acts, and include a background check that includes all publicly available records that would report the convictions, orders, judgments and other actions that comprise the bad acts. Such a background check should also follow up with greater scrutiny any “red flags” indicating possible bad acts that appear in threshold research.
In determining when an investigation goes beyond the reasonable, it is useful to keep in mind that neither Congress nor the SEC intended to regulate Rule 506 out of existence. Therefore, reasonable Rule 506(d) due diligence should not add prohibitive costs to an offering unless the investigation uncovers wrongdoing or other problems that require broadened investigation and remediation beyond the investigation’s original purpose.
A bad actor whose conduct occurred prior to September 23, 2013, when the rules became effective, will not be disqualified; rather, the issuer must notify investors of the bad acts before they buy. The notice requirement for “grandfathered” bad acts is subject to the identical due diligence standard that applies to disqualification. Failure to disclose prior bad acts will also result in a loss of the exemption under Rule 506, with the same potential for civil or criminal liability.
Covered persons under 506(d) generally fall into four broad categories:
- The issuer itself
- Individuals who control the issuer, for example, the principals of a regional center or developer that will be general partner or manager of an EB-5 fund
- Beneficial owners - individuals or companies that control 20 percent or more of the issuer’s voting securities
- Individuals and companies associated with the offering, including company officers, fund managers and “promoters.”
The Bad Acts
The bad acts specified under Rule 506(b) generally fall into the following categories:
- Convictions for crimes – either felonies or misdemeanors – involving securities
- Court orders or decrees that bar the covered person from specific activities involving securities
- Orders of state and federal banking, insurance and commodities regulators
- SEC orders that prohibit a covered person from engaging in specified business activities or order a person to stop committing fraud or illegal offerings
- Expulsion from membership in a securities exchange or a national securities association for failing to follow just and equitable principles of trade
- Making or underwriting a registered offering that was stopped or suspended by the SEC, or is currently the subject of investigations or proceedings for a stop order or suspension
- Orders of the U.S. Postal Service related to false representations (i.e., mail fraud).
The Rule has varying “look back” periods for the bad acts. Generally, a bad act disqualifies the covered person or must be disclosed (if the act falls within the grandfathering period) if it occurred within five years of the contemplated Rule 506 offering. However, criminal convictions for covered persons other than the issuer have a look-back period of 10 years. Orders that bar the covered person from business activities or enjoin the covered person from committing wrongful acts will be disqualifying bad acts if the bar or injunction is effective at the time of the contemplated Rule 506 offering.
Phased Due Diligence Review
Companies planning an EB-5 offering should begin the due diligence process early, and for regional centers and developers that regularly raise EB-5 funds, bad actor due diligence should be an ongoing process, integrated into the general background checks performed when engaging team members and strategic partners for projects.
This article lays out a phased approach to Rule 506(d) due diligence – it is just one manner by which bad actor checks might be accomplished. Rather than leaping to the minute criteria of the Rule, one could begin with broad categories of potential bad acts. While this approach will result in “false positives” – people who have committed misdeeds that don’t ultimately disqualify them –it should rule out bad acts for the vast majority of covered persons, eliminating the need to investigate further. When a potential problem is found, the investigator can more closely examine the conduct and determine if it falls within the bad acts.
Identification of Covered Persons. The first step in any inquiry will be to identify the covered persons. Managers, general partners, directors and executive officers, officers preparing offering materials or communicating with investors, financial advisors and brokers are all easily identified and classified as covered persons. The issuer should work with securities counsel to determine if covered persons exist in any of the Rule’s more technically defined categories.
Phase One Review
A phase one review would generally include a questionnaire with checklist of bad acts and room for explanation. Because it is not reasonable to assume that bad actors always tell the truth, questionnaires are not sufficient. However, they can flag problems for both the covered person and the issuer that warrant a deeper analysis. A brief questionnaire with a few broad questions, rather than simply cutting and pasting the entire text of Rule 506(d) and adding checkboxes, would be the goal during phase one. For example, “Have you ever been the subject of an order issued by any state or federal agency?” will cover many of the Bad Act categories, and the vast majority of respondents will check “no.” For those who check yes, the issuer can inquire further whether the order came from a bank or securities regulator and about the content of the order.
The next part of review will be a search of public records. Most companies will engage an outside investigator for this purpose. Some of these searches should be tailored – for example a check for good standing with FINRA may be sufficient for a broker dealer. But in general the search should include:
- Confirmation of identity and all names used by the covered person
- Search engines (e.g. Google), social networking sites and news databases
- Federal criminal databases
- Disciplinary records of the SEC, CFTC, federal banking authorities and the U.S Postal Service
- Criminal records and disciplinary records of securities, banking and insurance regulators in states where the covered person lived or worked during the past ten years
The searches should include not just the individual’s name, but the individual’s employers. The investigator should give careful thought as to what other names and aliases the covered person may have used to provide confidence that the searches conducted would have reasonably disclosed any of the bad acts in the U.S. and states where the individual reasonably may have lived.
Any positive findings should be discussed with securities counsel to determine if it is a bad act that disqualifies the covered person or requires disclosure.
Phase Two Review
The issuer should initiate a Phase Two investigation into the details of any bad act detected during Phase One. In addition, further investigation is warranted if any other “red flags” appeared during Phase One. Red flags will vary by business or industry, and officers of the issuer should discuss with investigators specific issues to watch for. Some of the more common red flags would be:
- A “near miss” – finding an act by the covered person that would have been a bad act under Rule 506(d) if it had occurred more recently or in a different industry
- Unexplained loss or lapse of a professional license in the securities or financial industry
- Civil suits or criminal proceedings alleging fraud or deception in industries not involving finance or securities
- Serving as an officer, director or employee of an entity charged or sued for fraudulent acts, especially a pattern of such acts.
If Phase One identified any red flags, and the failure to disclose the red flag on the questionnaire was a false response, the issuer should follow up with the individual to understand the reason for the omission, to make further inquiries and (apart from offering concerns) consider whether grounds exist to terminate the individual’s employment or engagement by the issuer.
The issuer should also consider whether conducting more targeted searches in the area or industry of the red flag activity is warranted. It would also be advisable to broaden the search of state criminal records and regulatory agencies to include additional states where the covered person may have lived or worked, and criminal records and disciplinary records of securities, banking and insurance regulators in states where the covered person lived or worked during the past ten years.
No investigation is perfect – even the most exhaustive investigation may fail to discover a covered person’s bad acts, even as it depletes the issuer’s resources. Fortunately, the due diligence defense under Rule 506(b), and the regulators enforcing it, do not require perfection; rather a reasonable inquiry is all that is required. Advance planning and careful formulation of the investigation process can assure that reasonably detectible bad acts are, in fact, detected and that the proceeds of the offering benefit the issuer and not its investigators and lawyers.
 17 CFR § 230.506, Instruction to paragraph (d)(2)(iv).