Compendium

Securities Regulation Deep Dive — Disclosure, Insider Trading, Crypto

32 min read

Securities Regulation Deep Dive — Disclosure, Insider Trading, Crypto

United States securities regulation is a layered scheme built on two foundational New Deal statutes — the Securities Act of 1933 (the primary-market “truth in securities” statute) and the Securities Exchange Act of 1934 (the secondary-market disclosure-and-fraud statute) — plus a series of crisis-driven overlays (1940 Investment Company and Advisers Acts after the 1937-39 SEC studies; Sarbanes-Oxley 2002 after Enron and WorldCom; Dodd-Frank 2010 after the global financial crisis; JOBS Act 2012 to ease capital formation; FAST Act 2015; CARES Act 2020). The Securities and Exchange Commission, FINRA and other SROs, the PCAOB, and the federal courts implement and interpret it. State “blue sky” laws preserve concurrent jurisdiction subject to broad federal preemption under NSMIA 1996.

This note covers (i) the registration regime and disclosure architecture; (ii) Rule 10b-5 antifraud doctrine including insider trading; (iii) the Sarbanes-Oxley + Dodd-Frank overlay; (iv) the crypto-securities frontier 2017-2026; and (v) the proxy and governance landscape. A sibling note (securities-regulation-and-ma-practice) treats M&A practice and tender offers in depth.

See also

Foundational Architecture

The 1933 and 1934 Acts

  • Securities Act of 1933 (15 USC §§ 77a-77aa) — governs the offer and sale of securities (“primary market” or “issuer transactions”).
    • § 5 — prohibits offer and sale unless a registration statement has been filed (gun-jumping prohibition pre-filing; quiet period during waiting; statutory prospectus required during post-effective sales). Three time periods (pre-filing, waiting, post-effective) with different rules.
    • § 11 (15 USC § 77k) — strict-liability cause of action against issuer, directors, underwriters, named experts, and signers of registration statement for material misstatements/omissions in the registration statement at the time it became effective. Due-diligence defense for non-issuers under § 11(b)(3).
    • § 12(a)(1) — rescission remedy for sales in violation of § 5.
    • § 12(a)(2) — near-strict-liability cause of action for material misstatements/omissions in a “prospectus or oral communication.” Gustafson v Alloyd Co, 513 U.S. 561 (1995) limited to public offerings.
    • § 17(a) — antifraud (no private right of action in most circuits per Finkel v Stratton, 962 F.2d 169 (2d Cir 1992)).
  • Securities Exchange Act of 1934 (15 USC §§ 78a-78qq) — governs the secondary market and ongoing reporting.
    • Created the SEC (§ 4).
    • § 10(b) + Rule 10b-5 — fraud in connection with the purchase or sale of any security. The most-litigated provision in securities law.
    • § 12 — registration of securities listed on a national exchange (12(b)) or held by 2,000+ record holders / 500+ non-accredited (12(g)).
    • § 13(a) — periodic reporting (annual 10-K, quarterly 10-Q, current 8-K, proxy statements DEF 14A).
    • § 13(d) + § 13(g) — beneficial ownership reporting at 5% (Schedule 13D active, 13G passive). SEC amendments October 2023 shortened 13D filing to 5 business days (from 10 calendar) and accelerated 13G amendments.
    • § 14(a) — proxy solicitation rules.
    • § 14(d)-(e) — tender offer rules (Williams Act 1968).
    • § 16 — insider reporting (Form 3 on becoming insider, Form 4 within 2 business days, Form 5 annual) and short-swing profit disgorgement (16(b)).

Other Securities Statutes

  • Trust Indenture Act of 1939 (15 USC §§ 77aaa-77bbbb) — debt-indenture form requirements.
  • Investment Company Act of 1940 (15 USC §§ 80a-1 to 80a-64) — mutual funds, closed-end funds, ETFs, business development companies. Leverage caps (1934 Senior Securities concept; § 18); affiliated transactions (§ 17); custody (§ 17(f)).
  • Investment Advisers Act of 1940 (15 USC §§ 80b-1 to 80b-21) — registration of investment advisers; fiduciary duties; antifraud (§ 206). SEC v Capital Gains Research Bureau, 375 U.S. 180 (1963) — fiduciary duty as foundation. Dodd-Frank Title IV raised federal-registration threshold to $100M+ AUM (with private-fund advisers subject to lower thresholds).
  • Sarbanes-Oxley Act of 2002 — Public Law 107-204. Section 302 CEO/CFO certifications (financial statements + ICFR); Section 404(a) management ICFR assessment + 404(b) auditor attestation (smaller reporting companies exempt from 404(b)); Section 906 criminal certification (18 USC § 1350); PCAOB establishment (Title I); auditor independence (Title II); analyst conflicts (Title V); attorney conduct (§ 307); whistleblower protection (§ 806); criminal penalties (Title XI).
  • Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 — Public Law 111-203. Title VII derivatives; Title IX investor-protection enhancements (Say-on-Pay, clawbacks, whistleblower bounty); Title X CFPB.
  • JOBS Act of 2012 — Emerging Growth Company status (5-year on-ramp, scaled disclosure); Reg A+ (5M cap post-2021); Reg D 506(c) general solicitation with verified accredited investors; Title VI confidential filing for EGCs.
  • FAST Act 2015, Economic Growth Act 2018, Crypto-asset legislation (FIT21 House passage May 2024; awaiting Senate action 2026).

Registration vs Exemption

The threshold question for any offering: is the security exempt from registration or must it be registered?

Section 5 default

§ 5(a) prohibits sale of unregistered securities in interstate commerce. § 5(c) prohibits even offers before the registration statement is filed. Exemptions are construed narrowly; burden on issuer.

Section 4 transaction exemptions

  • § 4(a)(1) — “transactions by any person other than an issuer, underwriter, or dealer.” The bedrock secondary-market exemption. Defines “underwriter” (§ 2(a)(11)) broadly to capture distribution chain.
  • § 4(a)(2) — “transactions by an issuer not involving any public offering.” Private-placement exemption. SEC v Ralston Purina, 346 U.S. 119 (1953) — offerees must be able to “fend for themselves.”
  • § 4(a)(5) — accredited-investor exemption for offerings up to $5M.
  • § 4(a)(6) — Reg CF crowdfunding statutory exemption.
  • § 4(a)(7) — secondary private-resale exemption (FAST Act 2015).

Regulation D — the workhorse

17 CFR § 230.500-508. Three primary safe harbors:

  • Rule 504 — up to $10 million per 12 months; preempts state regulation only if specific conditions met.
  • Rule 506(b) — no dollar limit; unlimited accredited investors plus up to 35 non-accredited “sophisticated” purchasers; no general solicitation; if any non-accredited, detailed disclosure required (effectively closes 506(b) to non-accredited in practice for cost reasons).
  • Rule 506(c) — JOBS Act addition (effective September 2013) — no dollar limit; accredited investors only; general solicitation permitted; issuer must take “reasonable steps to verify” accredited status (cannot rely on self-certification).

Reg D dominates private-placement fundraising — over $4 trillion raised annually across Reg D filings (Form D data). Most venture-capital and private-equity rounds use 506(b) or 506(c).

Regulation A (Reg A+)

17 CFR § 230.251-263. Two tiers:

  • Tier 1 — up to $20M per 12 months; state blue-sky review required (preempted only for Tier 2).
  • Tier 2 — up to 50M by SEC 2021); audited financials; ongoing reporting (annual 1-K, semi-annual 1-SA, current 1-U); state blue-sky preempted under NSMIA.

The “mini-IPO” of choice for smaller companies wanting public investors without full S-1.

Regulation Crowdfunding (Reg CF)

17 CFR §§ 227.100-503. JOBS Act Title III. Up to $5 million per 12 months through SEC-registered funding portals (Wefunder, Republic, StartEngine, Honeycomb Credit). Investment limits per individual based on income/net worth.

Rule 144 — resale safe harbor

17 CFR § 230.144. Defines circumstances under which sellers are not deemed “underwriters” for § 4(a)(1) purposes.

  • Holding period — 6 months for restricted securities of reporting issuers; 1 year for non-reporting issuers.
  • Volume limitations for affiliates — 1% of outstanding (or weekly average trading volume for exchange-listed) per 3 months.
  • Manner of sale — broker’s transactions or directly with market maker; no solicitation.
  • Current public information — issuer must be reporting and current in filings.
  • Form 144 filing — required for affiliates’ sales over thresholds.
  • Non-affiliate resales of reporting issuer restricted securities — free of all conditions after one year holding.

Rule 144A — private resales to QIBs

17 CFR § 230.144A. Resales to “qualified institutional buyers” (QIBs — institutional purchasers with $100M+ in invested securities). Workhorse for institutional debt markets and “Rule 144A equity” offerings parallel to public IPOs (frequent in foreign-issuer transactions).

Other key exemptions

  • Regulation S (17 CFR § 230.901-905) — offshore-offering exemption; “Category 1” (foreign issuers without SUSMI) through “Category 3” (most restrictive) safe harbors; 40-day or 1-year distribution compliance periods.
  • § 3(a) class exemptions — securities of certain issuers (governments, banks, eleemosynary, building and loans, intrastate § 3(a)(11) / Rule 147 / Rule 147A).
  • § 3(b) exemptions — small offerings (Reg A roots).

Disclosure — the S-1, 10-K, 10-Q, 8-K, DEF 14A

Registration statements

  • Form S-1 — general-form domestic registration statement (IPO use). Three parts: Part I (prospectus delivered to investors); Part II (supplemental information, exhibits, undertakings); Part III (signatures, undertakings).
  • Form S-3 — short-form shelf registration available to “well-known seasoned issuers” (WKSIs) and other eligible issuers. Allows takedowns from shelf without re-review.
  • Form S-4 — registration for business combinations (M&A).
  • Form F-1, F-3, F-4 — foreign private issuer equivalents.
  • Form 10 — Exchange Act registration (used when registering a class of securities under § 12 without an offering).

Periodic reports

  • Form 10-K — annual report; due 60/75/90 days after fiscal year end based on filer category (large accelerated / accelerated / non-accelerated). Audited financial statements; MD&A (Item 303); risk factors (Item 105 of Reg S-K, with Item 1A discussion in 10-K); business description (Item 101); legal proceedings (Item 103); cybersecurity (Item 106 added 2023); executive compensation (Item 402); ICFR assessment + auditor attestation.
  • Form 10-Q — quarterly report; due 40/45 days after quarter end based on filer category. Unaudited financial statements (reviewed by independent auditor under SAS 100); updated MD&A; risk-factor updates.
  • Form 8-K — current report; generally 4 business days after triggering event. Items 1.01 (material agreement entry); 1.02 (termination); 2.01 (acquisition/disposition); 2.02 (earnings release); 4.01 (change in auditor); 5.02 (change in directors/officers); 8.01 (Reg FD disclosure); etc.
  • Form 20-F — annual report for foreign private issuers.
  • Form 6-K — current foreign-private-issuer report (lower-frequency standard than 8-K).
  • DEF 14A — definitive proxy statement (Annual Meeting). Includes CD&A (Item 402(b) of Reg S-K), executive compensation tables, audit committee report, director nominations.

Regulation S-K and Regulation S-X

  • Reg S-K (17 CFR § 229) — substantive non-financial disclosure items (business, properties, legal proceedings, MD&A, executive compensation, market info, etc.).
  • Reg S-X (17 CFR § 210) — form and content of financial statements (periods presented, basis of presentation, segment reporting, pro forma).
  • Item 303 (MD&A) — Management’s Discussion and Analysis. Known trends, demands, commitments, events, uncertainties that are reasonably likely to result in material change. Heavily litigated — Stratte-McClure v Morgan Stanley, 776 F.3d 94 (2d Cir 2015); Indiana Public Retirement System v SAIC, 818 F.3d 85 (2d Cir 2016); NVIDIA securities class actions on crypto-driven GPU demand 2021-22.
  • Item 105 (Risk Factors) — material risk factors written in plain English. Macquarie Infrastructure v Moab Partners, 601 U.S. 257 (2024) — pure omission cannot give rise to Rule 10b-5 liability without a duty to disclose; tightened the half-truth doctrine.

MD&A and risk factors as litigation flashpoints

The 2023 Item 106 cybersecurity rules require 8-K reporting of material cybersecurity incidents within 4 business days of materiality determination (with limited national-security delay) and annual 10-K disclosure of cybersecurity risk management. SEC v SolarWinds (S.D.N.Y. Oct 2023) — alleged misleading risk factors and disclosure-controls failures; Judge Engelmayer’s July 2024 ruling dismissed most claims, allowed limited public-statement claims to proceed.

Sarbanes-Oxley § 302 and § 404

  • § 302 — CEO and CFO must certify each periodic report (10-K and 10-Q): (i) report does not contain untrue statement of material fact or omit material fact; (ii) financial statements fairly present in all material respects; (iii) signers responsible for and have designed disclosure controls and procedures; (iv) disclosed material weaknesses in internal control over financial reporting to auditors and audit committee.
  • § 404(a) — Management’s annual assessment of ICFR effectiveness (10-K Item 9A).
  • § 404(b) — Auditor’s attestation on management’s ICFR assessment (large accelerated and accelerated filers only — smaller reporting companies exempt).
  • § 906 — criminal certification (knowingly false: up to 5M / 20 years).

PCAOB Auditing Standard AS 2201 governs the auditor’s ICFR audit. Material weakness (reasonable possibility of material misstatement) versus significant deficiency (less severe) is the central judgment.

Regulation FD

17 CFR § 243.100-103, effective October 23, 2000. Prohibits selective disclosure of material non-public information by issuers and their personnel to securities-market professionals or holders likely to trade. Must broadly disseminate (typically 8-K or webcast) simultaneously with intentional disclosure; non-intentional, must “promptly” disclose (within 24 hours or beginning of next trading day). SEC v Siebel Systems, 384 F. Supp 2d 694 (S.D.N.Y. 2005) — narrowly construed materiality. SEC enforcement actions against Office Depot 2010 (1M), First Solar 2014, AT&T June 2021 (6.25M).

Rule 10b-5 and Insider Trading

Section 10(b) + Rule 10b-5

Section 10(b) prohibits “any manipulative or deceptive device or contrivance” in connection with securities transactions. Rule 10b-5 (17 CFR § 240.10b-5):

It shall be unlawful for any person … (a) To employ any device, scheme, or artifice to defraud, (b) To make any untrue statement of a material fact or to omit to state a material fact necessary in order to make the statements made, in the light of the circumstances under which they were made, not misleading, or (c) To engage in any act, practice, or course of business which operates or would operate as a fraud or deceit upon any person, in connection with the purchase or sale of any security.

The implied private right of action — Kardon v National Gypsum, 73 F. Supp 798 (E.D. Pa. 1947); Superintendent of Insurance v Bankers Life, 404 U.S. 6 (1971); Blue Chip Stamps v Manor Drug Stores, 421 U.S. 723 (1975) (purchaser-seller standing).

Elements of a 10b-5 claim

  • Material misrepresentation or omissionTSC Industries v Northway, 426 U.S. 438 (1976) — “substantial likelihood that the disclosure would have been viewed by the reasonable investor as having significantly altered the total mix of information made available.” Basic v Levinson, 485 U.S. 224 (1988) — for contingent events (mergers), materiality depends on probability and magnitude.
  • ScienterErnst & Ernst v Hochfelder, 425 U.S. 185 (1976) — required “mental state embracing intent to deceive, manipulate, or defraud.” Negligence insufficient. Recklessness sufficient in most circuits. Tellabs v Makor Issues & Rights, 551 U.S. 308 (2007) — PSLRA pleading requires “strong inference” of scienter at least as compelling as competing non-fraudulent inference.
  • Connection with purchase or saleBlue Chip Stamps (1975).
  • RelianceAffiliated Ute Citizens v United States, 406 U.S. 128 (1972) (presumption for omissions); Basic v Levinson, 485 U.S. 224 (1988) — fraud-on-the-market presumption for efficient-market trading. Halliburton II, 573 U.S. 258 (2014) — Basic presumption survives but rebuttable on market-efficiency or price-impact at class-certification. Goldman Sachs v Arkansas Teacher, 594 U.S. 113 (2021) — court must consider all evidence of price impact at class certification, including generic-statement defense.
  • Economic loss + loss causationDura Pharmaceuticals v Broudo, 544 U.S. 336 (2005) — loss causation requires linkage between misrepresentation and economic loss (not just inflated purchase price).

Pleading — PSLRA

The Private Securities Litigation Reform Act of 1995 (Public Law 104-67) raised pleading bars:

  • Particularity for false statements (Rule 9(b) heightened) — must specify each statement, why it was false, and reasons it was misleading.
  • Strong inference of scienter (15 USC § 78u-4(b)(2)) — Tellabs standard.
  • Automatic discovery stay during motion to dismiss.
  • Lead-plaintiff selection (typically largest financial stake institutional investor).
  • Safe harbor for forward-looking statements (15 USC § 78u-5).

The Securities Litigation Uniform Standards Act of 1998 (SLUSA) preempts state-law class actions alleging fraud in connection with covered securities; Cyan v Beaver County Employees Retirement Fund, 583 U.S. 416 (2018) — Securities Act class actions can proceed in state court (a major plaintiffs’ avenue, particularly in California).

Insider trading

10b-5 reaches insider trading under two doctrinal threads:

Classical theory

  • Chiarella v United States, 445 U.S. 222 (1980) — financial printer who deduced takeover targets had no duty to target shareholders; not liable. Established: 10b-5 insider-trading liability requires breach of a fiduciary duty to the counterparty to the trade or to the source of the information.
  • Dirks v SEC, 463 U.S. 646 (1983) — tippee liability requires (i) tipper breached fiduciary duty by tipping; (ii) tipper received personal benefit; (iii) tippee knew or should have known.
  • Salman v United States, 580 U.S. 39 (2016) — gift of information to trading relative or friend satisfies personal-benefit requirement; unanimous Court resolved Second Circuit’s Newman confusion.
  • United States v Newman, 773 F.3d 438 (2d Cir 2014) — required tippee to know of specific personal benefit to tipper; effectively overruled by Salman.
  • United States v Martoma, 894 F.3d 64 (2d Cir 2018) — superseded opinion after Salman, narrowed Newman further.

Misappropriation theory

  • United States v O’Hagan, 521 U.S. 642 (1997) — adopted misappropriation theory; lawyer who traded on confidential client information owed duty to the source (his law firm and its client), even though he had no fiduciary relationship to the target’s shareholders. § 10(b) reaches trader’s deception of the source.
  • Rule 10b5-1 (17 CFR § 240.10b5-1) — codifies awareness as element (“aware” of material non-public information at time of trading).
  • Rule 10b5-2 — defines “duty of trust or confidence” for misappropriation theory: explicit agreement, history/pattern of confidences, family relationships (spouses, parents/children, siblings).

Rule 10b5-1 trading plans

Adopted 2000 to provide affirmative defense for pre-planned trading. SEC December 2022 amendments imposed:

  • Mandatory cooling-off period — 90 days for directors/officers (or 2 business days after 10-Q/10-K); 30 days for issuer plans.
  • Director/officer certifications.
  • No overlapping plans (with limited carve-outs).
  • One single-trade plan per 12 months.
  • Disclosure in 10-Q/10-K (Item 408 of Reg S-K) of plans adopted/terminated.
  • 8-K disclosure of plan amendments.

Tender-offer trading — Rule 14e-3

17 CFR § 240.14e-3 — broader than 10b-5; prohibits trading by anyone in possession of material non-public information about a tender offer that has commenced or is about to commence and who knows the information originated from the bidder or target or its insiders. No fiduciary breach required (broadest insider-trading rule). Upheld in O’Hagan (1997).

Notable insider-trading prosecutions

  • Galleon — Raj Rajaratnam (S.D.N.Y. 2011) — 14 counts, 11-year sentence, $92.8M penalty. First major use of wiretaps in insider-trading prosecution.
  • SAC Capital — Steven Cohen and Mathew Martoma — SAC pleaded guilty November 2013 to wire/securities fraud, $1.8B penalty, closed to outside investors. Martoma sentenced 9 years.
  • Rajat Gupta (former McKinsey + Goldman Sachs director) — 2012 conviction for tipping Rajaratnam; 2 years.
  • Phil Mickelson / Carl Icahn / Bill Walters — 2016-17 Dean Foods tips; Walters convicted 2017.
  • Coinbase insider tradingUnited States v Wahi (S.D.N.Y. 2022) — first crypto insider-trading prosecution.

Section 16 short-swing profits

  • 10% beneficial owners + directors + officers (“statutory insiders”).
  • Form 3 (becoming insider), Form 4 (within 2 business days of change, per SOX), Form 5 (annual).
  • § 16(b) disgorges to the issuer profits from any purchase-and-sale within 6 months. Strict liability; no scienter. Gollust v Mendell, 501 U.S. 115 (1991).
  • Section 16 enforcement is private (plaintiff’s attorneys + standing under § 16(b)).

Manipulation and Other Antifraud

Manipulation under §§ 9 and 10

  • § 9(a)(2) — manipulation of exchange-traded securities (wash sales, matched orders, manipulative purchases/sales).
  • § 10(b) + Rule 10b-5 — broader.
  • Spoofing and layering — modernized cases including SEC v Lek Securities; criminal under Dodd-Frank-amended 7 USC § 6c(a)(5) (CEA).
  • Pump-and-dump / cherry-picking / front-running — recurring enforcement themes.

Market-making and PFOF

Payment for order flow (PFOF) compensation from market makers to retail brokerages (Citadel Securities, Virtu) for routing orders. Disclosed under Rule 606. Heavily contested post-GameStop January 2021; SEC’s Order Competition Rule (Reg Best Execution + Rule 605 + Rule 615) proposals 2022; finalized in part September 2024.

Crypto-Securities — the 2017-2026 Frontier

The Howey test

SEC v W.J. Howey Co, 328 U.S. 293 (1946) — citrus-grove leaseback arrangement was an “investment contract” under § 2(a)(1) of the 1933 Act. The four-factor test:

  1. Investment of money,
  2. In a common enterprise,
  3. With expectation of profits,
  4. To be derived from the efforts of others.

This test has driven crypto enforcement since 2017.

Early crypto guidance and enforcement

  • DAO Report (SEC July 25, 2017) — applied Howey to The DAO; tokens were securities; no enforcement action against DAO but clear notice to industry.
  • SEC v Telegram, 448 F. Supp 3d 352 (S.D.N.Y. 2020) — TON / Gram tokens were securities under Howey; preliminary injunction granted; Telegram returned $1.2B to investors.
  • SEC v Kik Interactive, 492 F. Supp 3d 169 (S.D.N.Y. 2020) — Kin tokens were unregistered securities; $5M penalty.
  • SEC v LBRY, 639 F. Supp 3d 211 (D.N.H. 2022) — LBRY Credit tokens were securities; injunction.

SEC v Ripple Labs, 682 F. Supp 3d 308 (S.D.N.Y. 2023)

Judge Analisa Torres’s July 13, 2023 summary judgment ruling:

  • Institutional sales of XRP directly to sophisticated buyers ($728M) were unregistered investment-contract offerings.
  • Programmatic sales on exchanges to unknown buyers ($757M) were not investment contracts because buyers lacked privity-of-reasonable-expectation linking their gains to Ripple’s efforts (the so-called “programmatic” distinction).
  • Other distributions (employee compensation, third-party services) — not investment contracts.
  • August 2024 final judgment imposed $125M civil penalty and injunctions.
  • SEC appealed October 2024; Ripple cross-appealed; voluntarily dismissed by both parties August 2025 after SEC settlement policy shift.

SEC v Coinbase, 730 F. Supp 3d 286 (S.D.N.Y. 2024)

Filed June 6, 2023. Judge Katherine Polk Failla’s March 27, 2024 motion-to-dismiss ruling largely sustained:

  • Coinbase operated as an unregistered exchange, broker, and clearing agency.
  • “Staking-as-a-service” program was an unregistered offering.
  • Coinbase Wallet broker claim dismissed.

SEC voluntarily dismissed with prejudice February 27, 2025 under the Trump SEC.

SEC v Binance (D.D.C. 2023)

Filed June 5, 2023. CZ pleaded guilty in parallel DOJ prosecution November 2023 ($4.3B aggregate penalty across DOJ, OFAC, CFTC, FinCEN); CZ sentenced 4 months April 2024. SEC civil case voluntarily dismissed May 2025.

Bitcoin and ether spot ETF approvals

  • Bitcoin spot ETFs approved January 10, 2024 (after Grayscale v SEC, 82 F.4th 1239 (D.C. Cir Aug 2023) reversed denial as arbitrary-and-capricious). BlackRock IBIT, Fidelity FBTC, ARK ARKB, Bitwise BITB, Grayscale GBTC, others launched January 11, 2024. Net inflows passed $50B by end-2024.
  • Ether spot ETFs approved May 23, 2024; launched July 23, 2024. BlackRock ETHA, Fidelity FETH, Grayscale ETHE/ETH.
  • Solana / XRP / Avalanche / Hedera filings pending 2025-26.

SEC and CFTC jurisdictional contest

  • CFTC asserts authority over Bitcoin and Ether as commodities; CFTC v BitMEX, CFTC v Binance, CFTC v Mango Markets; predicate authority in CFTC v McDonnell, 287 F. Supp 3d 213 (E.D.N.Y. 2018) (Coin Drop Markets) and CFTC v Patrick K McDonnell.
  • FIT21 Act (HR 4763) — House passed 279-136 May 22, 2024; would split jurisdiction (digital commodities to CFTC; investment-contract tokens to SEC), allow registration as “digital asset broker-dealer,” and provide explicit secondary-market exemption for sufficiently decentralized network tokens. Senate did not act in 118th Congress; reintroduced in 119th Congress; passage pending 2026.

Stablecoins

  • Tether (USDT)18.5M; CFTC October 2021 $41M).
  • USDC (Circle) — money-services-business framework; subject to state money-transmitter and federal CFTC scrutiny; Circle SEC IPO June 2024 (S-1 filed January).
  • Federal stablecoin legislation — Clarity for Payment Stablecoins Act / Lummis-Gillibrand Payment Stablecoin Act / GENIUS Act considered 2024-26.
  • NYDFS BitLicense — primary state framework for crypto operations in New York; PYUSD (PayPal, Paxos issued) launched 2023 under NYDFS approval.

Sarbanes-Oxley and Internal Controls

Beyond § 302/404 above:

  • Audit Committee (§ 301 / Rule 10A-3) — must be independent (no compensation from company except for board service; not an affiliate). Pre-approves audit + non-audit services. Establishes whistleblower procedures.
  • Non-audit prohibitions (§ 201) — auditors barred from bookkeeping, financial-information-system design, valuation, actuarial, internal-audit outsourcing, management functions, HR, broker-dealer/investment-banking, legal services, expert services unrelated to audit.
  • Auditor rotation — partner rotation every 5 years (no firm rotation despite PCAOB consideration).
  • Loan prohibitions (§ 402) — no personal loans to directors or executive officers (Sarbanes ended Tyco/Adelphia-style executive lending).
  • Reporting on insider transactions (§ 403) — accelerated Form 4 filing to 2 business days.
  • Forfeiture of bonuses (§ 304) — CEO/CFO must reimburse any bonus + incentive + equity received in 12 months preceding a restatement due to misconduct.
  • Whistleblower retaliation (§ 806 — 18 USC § 1514A) — civil action for retaliation against employees who report securities-law violations. Lawson v FMR, 571 U.S. 429 (2014) — covers contractors/subcontractors of public companies. Murray v UBS Securities, 601 U.S. 23 (2024) — no retaliatory-intent requirement; contributing-factor causation only.
  • Document destruction (§ 1102 — 18 USC § 1519) — felony to alter/destroy records to obstruct.

PCAOB inspections — annual for firms auditing 100+ issuers; triennial for smaller firms. PCAOB inspections of Chinese audit firms became flashpoint — Holding Foreign Companies Accountable Act 2020 + PCAOB-CSRC August 2022 statement of protocol + December 2022 PCAOB inspection determination.

Dodd-Frank Executive Compensation and Governance

  • Say-on-Pay (§ 951) — non-binding shareholder vote on executive compensation at least once every 3 years; frequency vote at least once every 6 years (most companies vote annually).
  • Pay-Versus-Performance (§ 953(a), Item 402(v) of Reg S-K, effective 2023 proxy) — table comparing executive comp actually paid versus financial performance over 5 years.
  • CEO Pay Ratio (§ 953(b), Item 402(u)) — ratio of CEO total compensation to median employee compensation.
  • Clawback Rule (§ 954 — final rule October 2022, exchanges adopted October 2023) — listed issuers must claw back incentive-based compensation from current/former executives for 3-year period preceding a restatement. No misconduct required.
  • Hedging disclosure (§ 955, Item 407(i)) — disclose whether directors, officers, employees can hedge or offset equity.
  • Compensation Committee independence (§ 952) — heightened independence + advisor independence.
  • Whistleblower bounty (§ 922 — 17 CFR § 240.21F) — 10-30% of monetary sanctions over 279M to 14 whistleblowers; cumulative bounties since program inception exceed 279M to a Ericsson whistleblower (May 2023); $114M (October 2020).

SPACs

Special Purpose Acquisition Companies — shell companies that IPO with the intent to acquire an operating company within 18-24 months (de-SPAC merger). Peak 2020-21 (613 SPAC IPOs raising $162B in 2021). Subsequent collapse — most post-2020 SPAC mergers underperformed, many failed.

  • Sponsor promote — typically 20% founder shares plus warrants.
  • Trust account — IPO proceeds held in trust, redeemable by public shareholders if they don’t approve the de-SPAC.
  • PIPEs — common bridging financing for de-SPACs.
  • SEC SPAC Rules (final January 2024; effective July 2024) — required enhanced de-SPAC disclosure (Item 1605 of Reg S-K); deemed target a “co-registrant” with § 11 liability exposure; rescinded forward-looking-statement safe harbor for de-SPAC projections; aligned de-SPAC with traditional-IPO underwriting liability.

Proxy Solicitation and Shareholder Activism

Schedule 14A and Rule 14a-8

DEF 14A — definitive proxy. Rule 14a-8 — shareholder-proposal rule, allowing proposals of $25,000 in stock or 1% ownership held for 3 years. Procedural and substantive grounds for exclusion under § 14a-8(i): (1) improper under state law; (3) violation of proxy rules; (5) relevance (< 5% revenue / assets / earnings + not significantly related); (7) ordinary business; (8) director elections (post-AFSCME v AIG 2006 SEC carve-back).

SEC Staff Legal Bulletins 14L (November 2021) and 14M (February 2025) re-interpret ordinary-business and economic-relevance exclusions, swinging exclusion practice with administrations.

Universal proxy — Rule 14a-19

Effective September 1, 2022. All director nominees on a single proxy card in contested elections; eliminated split-card workaround. Major activist tool. DraftKings contests, Disney/Trian (2024), Norfolk Southern (2024), Engine No 1 v ExxonMobil (2021 — though pre-universal proxy).

13D and active investors

Schedule 13D — required at 5% with active intent; amendments within 2 business days of “material change.” Schedule 13G — passive investors (qualified institutional, exempt). SEC October 2023 amendments shortened 13D initial filing to 5 business days (from 10 calendar) and accelerated 13G amendments to within 45 days of quarter-end (from 45-day annual). Required disclosure of cash-settled derivatives under modernized swap-and-cash-settled-equity-derivative interpretation (subject to Archegos-driven amendments).

Beneficial ownership and § 13(d) groups

CSX v Children’s Investment Fund (2nd Cir 2011), Bulldog Investors v SEC (1st Cir 2011) on activist group formation. Total-return-swap disclosure (Wolfson v US 2017; recent UnitedHealth subpoena 2024).

State Blue Sky and NSMIA Preemption

  • State blue sky lawsHall v Geiger-Jones, 242 U.S. 539 (1917) upheld state regulation.
  • Uniform Securities Act (1956, revised 1985 and 2002) — model state act adopted by most states.
  • NSMIA 1996 — preempted state registration/qualification for “covered securities” (listed on national exchange; investment companies; § 4(a)(2) institutional offerings; Reg D Rule 506 offerings; offers to qualified purchasers). States retain antifraud authority + notice filings.

SROs and FINRA

  • FINRA (formed 2007 from NASD + NYSE Regulation) — broker-dealer SRO. Rules: 2010 series (general standards); 4500 series (member regulation); 5000 series (securities offerings); FINRA OATS / CAT reporting.
  • NYSE, Nasdaq, Cboe — exchange SROs.
  • MSRB (Municipal Securities Rulemaking Board) — municipal-dealer SRO.
  • NFA (futures) — CFTC SRO.
  • PCAOB — accounting-firm SRO (created by SOX); board appointed by SEC.

FINRA enforcement actions, OBE (Order Audit Trail System) violations, BCP / business-continuity requirements, suitability (Reg BI for retail and Suitability Rule 2111 for non-retail), CAT (Consolidated Audit Trail rolling out 2018-23) — daily operational landscape for broker-dealers.

PCAOB Oversight

  • Inspections — annual for firms with > 100 issuer audits (Big Four + few others); triennial otherwise.
  • AS 2201 — ICFR audit standard.
  • AS 3101 — auditor’s report including Critical Audit Matters (CAMs).
  • AS 1000 — general responsibilities (effective 2025).
  • Enforcement — civil money penalties (up to 5 million per individual); censures; bars (temporary or permanent); revocation of registration. Recent enforcement against PwC India (settled 2024), KPMG audit-trail-leak case (2018-22 fallout), Marcum (multiple SPAC audit deficiencies).

Climate, ESG, and Cybersecurity Disclosure

SEC final rule “Enhancement and Standardization of Climate-Related Disclosures for Investors” adopted March 6, 2024. Required:

  • Material climate-related risks (transition + physical) in 10-K Item 6.
  • Governance and oversight of climate risks.
  • Effects on strategy, business model, outlook.
  • Climate-related targets and goals if material.
  • Scope 1 and Scope 2 GHG emissions disclosure for large accelerated and accelerated filers — phased in — limited assurance initially, reasonable assurance later. Scope 3 disclosure dropped from final rule (vs proposed).

Multiple legal challenges consolidated in Eighth Circuit; SEC voluntary stay April 4, 2024; rule effectively dormant pending litigation. Subsequent rescission expected under Trump SEC 2025.

California SB 253 (Climate Corporate Data Accountability Act) and SB 261 (Climate-Related Financial Risk Act), signed October 2023, require Scope 1+2+3 disclosure (SB 253, 500M+ revenue) for companies doing business in California. Effective 2026-27. Implementing regulations in process at CARB; first-year reports anticipated 2026.

Cybersecurity disclosure rule

Final rule effective December 18, 2023 (later effective for smaller reporting companies). Two main elements:

  • 8-K Item 1.05 — material cybersecurity incident disclosure within 4 business days of materiality determination. Limited national-security delay available (Attorney General notification).
  • 10-K Item 106 — annual cybersecurity risk management, strategy, governance disclosure including board oversight + management role.

Early enforcement signals:

  • SEC v SolarWinds — October 30, 2023 — first major case alleging false cybersecurity disclosures + internal-controls weakness. Judge Engelmayer July 18, 2024 dismissed most claims; only certain pre-incident public-statement claims survived. SDNY appeals 2025.
  • SEC v R.R. Donnelley — June 18, 2024 settlement, $2.125M penalty, internal-controls violation.
  • SEC v Unisys, Avaya, Check Point, Mimecast — October 2024 charges and settlements, $4.95M aggregate; misleading SolarWinds incident disclosures.

Foreign Issuer Disclosure

Foreign Private Issuers (FPIs) have parallel but lighter-touch regime:

  • Definition (Rule 405) — foreign issuer that is not a foreign government; or for the Securities Act, a foreign issuer where less than 50% of outstanding voting securities held by US residents, OR none of (a) majority of directors/officers US citizens/residents, (b) more than 50% of assets in US, (c) business principally administered in US. Annual testing.
  • Form 20-F — annual report (4 months after fiscal year end). Different from 10-K.
  • Form 6-K — current report (no 8-K equivalent; “promptly” submitted to extent material elsewhere).
  • No quarterly reports required (though many file 6-Ks with quarterly info).
  • MJDS (Multi-Jurisdictional Disclosure System) — bilateral US-Canada — Canadian issuers may use Canadian disclosure documents for US offerings.

Holding Foreign Companies Accountable Act (HFCAA)

December 2020. Public Law 116-222. Requires PCAOB to determine whether able to inspect foreign auditors; companies whose auditors not inspectable subject to delisting after 2 consecutive years of non-inspectable audits (later reduced to “Accelerating Holding Foreign Companies Accountable Act” 2022 — 2 years from 3). PCAOB-CSRC Statement of Protocol August 2022 + December 2022 PCAOB determination that inspections could proceed in mainland China + Hong Kong; status under continuous review.

SEC Enforcement Mechanics

Investigation

  • MUI (Matter Under Inquiry) — informal preliminary review.
  • Formal Order of Investigation — Commission-issued, authorizes subpoenas.
  • Wells Notice — notice of intended enforcement, opportunity to submit Wells Submission (defense). Disclosure obligations triggered for issuers (likely 8-K Item 8.01).
  • Cooperation credit — Seaboard Report (2001), updated guidance over the years. Includes self-reporting, cooperation, remediation, internal controls.

Sanctions

  • Civil penalties — Tier 1 (statutory minimums, no fraud or specific intent), Tier 2 (fraud or deliberate disregard), Tier 3 (gross/persistent fraud + substantial loss).
  • DisgorgementLiu v SEC, 591 U.S. 71 (2020) — Court limited disgorgement to net profits and ordered allocation to victims when feasible. Statutorily authorized for SEC by NDAA 2021 § 6501 codified at 15 USC § 78u(d)(7) — 10-year limitations period.
  • Officer-and-Director (O&D) bar — under § 305(b) of SOX strengthened “unfit to serve” standard.
  • Permanent injunction — collateral consequence in bankruptcy, broker-dealer registration.
  • Cease-and-desist — administrative remedy.

Administrative vs federal-court venue

Lucia v SEC, 585 U.S. 237 (2018) — SEC ALJs are Officers under Appointments Clause; must be appointed by Commission. Jarkesy v SEC, 603 U.S. 109 (June 27, 2024) — Seventh Amendment right to jury trial precludes SEC from imposing civil penalties in administrative proceedings for fraud-based securities violations. The SEC must bring such actions in federal district court. Major shift in SEC enforcement architecture; SEC adapted by routing fraud-based cases to federal court.

Whistleblower bounty program

Dodd-Frank § 922, 17 CFR § 240.21F. Awards 10-30% of monetary sanctions exceeding 279M awarded to 14 individuals; cumulative over 279M (May 2023 Ericsson FCPA whistleblower); 110M (September 2020). Internal-reporting eligibility — Digital Realty Trust v Somers, 583 U.S. 149 (2018) — whistleblower must report to SEC (not just internally) for anti-retaliation protection.

Investment Company Act of 1940

Comprehensive regulation of pooled-investment vehicles:

  • Definition — issuer holding itself out as primarily engaged or proposes to engage in investing/reinvesting/trading in securities; or in business of doing so and owns investment securities exceeding 40% of total assets.
  • Open-end (mutual funds), closed-end (NYSE-listed CEFs), unit investment trusts (UITs).
  • ETFs — operate under exemptive orders (pre-2019) or Rule 6c-11 (effective December 2019) — provided portfolios disclosed, no semi-transparent (limited semi-transparent ETFs under separate orders).
  • Money market funds — Rule 2a-7 with substantial 2014 + 2023 amendments (NAV floats for institutional prime + tax-exempt; liquidity fees; redemption gates revised).
  • BDCs (Business Development Companies) — § 54 election under ‘40 Act for closed-end fund investing in private US companies; enhanced reporting.

Affiliated transactions

§ 17(a)-(d) prohibits joint transactions with affiliates absent exemption; § 17(b) exemption procedure. Conflict-driven structural rule.

Section 13(f)

Institutional investment managers with $100M+ in 13(f) securities must file Form 13F within 45 days of quarter end disclosing holdings. Confidential treatment for limited categories (build-up positions). Common-form public proxy of institutional ownership.

Section 13F shorts? — Form SHO + § 929X / Form PF

Dodd-Frank § 929X added new short-position reporting authority; SEC final rule October 2023 (Rule 13f-2) requires institutional managers above thresholds to report monthly short-position data via new Form SHO; SEC publishes aggregated data. Effective January 2025.

Form PF and Private Funds

Dodd-Frank Title IV. Form PF — SEC-registered private-fund advisers (hedge fund + private equity + liquidity fund) report systemic-risk data. Threshold-based reporting (large hedge fund + large liquidity fund + large PE > $2B AUM).

Private Fund Adviser Rules

SEC adopted August 2023. Required quarterly statements + annual audits + adviser-led secondary transparency + preferential-treatment disclosure + prohibition on certain activities (charging fees for unperformed services). National Association of Private Fund Managers v SEC, Fifth Circuit June 5, 2024 — vacated rule entirely as exceeding SEC’s authority over private fund advisers under Advisers Act § 211(h).

Regulation Best Interest and Form CRS

SEC adopted June 5, 2019, effective June 30, 2020. Broker-dealers + investment advisers serving retail customers:

  • Reg BI (17 CFR § 240.15l-1) — broker-dealer recommendations must be in retail customer’s “best interest” considering customer’s investment profile, without placing broker-dealer’s interests ahead. Four components: disclosure, care, conflicts, compliance.
  • Form CRS — relationship summary delivered to retail customers; standardized format.
  • Investment Adviser Interpretation — clarified fiduciary duty of investment advisers (separate from broker-dealer Reg BI).

Tested in courts — XY Planning Network v SEC, 963 F.3d 244 (2d Cir 2020) — upheld Reg BI against challenge by competing fiduciary-standard advocates.

Practical Practice Notes

  • Audit-committee dynamics — independence + audit-committee financial expert + executive sessions with auditors; quarterly committee meetings minimum.
  • Disclosure controls vs ICFR — DCP (disclosure controls and procedures, broader); ICFR (financial reporting, narrower). Different SOX provisions.
  • Material-event escalation — 8-K Item 1.01 ($1B+ material agreement?), Item 4.02 (non-reliance on prior financial statements — restatement trigger), Item 5.02 (officer/director change).
  • Pre-clearance windows + 10b5-1 — most public companies maintain quarterly blackout windows (earnings + a buffer); 10b5-1 plans permit trading during blackouts.
  • SOX 302 sub-certifications — internal cascade from CEO/CFO down to segment / division leaders.
  • Materiality — both quantitative (5% of pre-tax income classical benchmark) and qualitative (SAB 99 — Stenger v Lehman Brothers); Matrixx Initiatives v Siracusano, 563 U.S. 27 (2011) — statistical significance not required for materiality.
  • WKSI eligibility1B+ debt issued in past 3 years; loses if material 1934 Act violations or repeat-bad-actor events.

Adjacent

Graph View