The U.S. Securities and Exchange Commission (SEC) has centralized cross-border enforcement resources to move faster across jurisdictions, align with foreign regulators, and scrutinize the gatekeepers that enable access to U.S. markets. Issuers with offshore operations, counterparties, or service providers should assume heightened scrutiny and align disclosures, controls, and diligence accordingly, following this September 5, 2025, action.
What are some key developments and their implications?
Key takeaways
- Expect quicker requests and coordinated evidence collection through foreign authorities; assume non‑U.S. records are reachable on short timelines.
- Gatekeepers—auditors, bankers, promoters, transfer agents, and certain consultants—are a focus. Disclosures will be read against what workpapers and compliance files actually show.
- Thinly traded issuers face heightened market‑abuse and dealer‑registration scrutiny. OTC quotation hygiene under Exchange Act Rule 15c2‑11 belongs on the disclosure‑committee checklist.
What’s changed and why it matters
- Cross‑border evidence flow: Cooperation tools (including IOSCO‑style memoranda) enable faster access to audit workpapers, subscriber records, and bank data in supported jurisdictions.
- Mature analytics: The staff’s surveillance stacks link trading patterns across accounts, venues, and borders; anomalies are more likely to surface even without a whistleblower.
- Gatekeeper accountability: Enforcement actions increasingly treat gatekeeper failures as issuer risk; expect filings to be tested against underlying records and confirmations.
- Quotation risk: Lapses under Rule 15c2‑11 can push securities into limited quotation venues, impairing liquidity and capital‑raising options even when fundamentals are unchanged.
It should be clear that publicly traded companies need to act to accommodate these SEC changes. What should those actions be?
Five steps
- A Board/Audit Committee Briefing. Inventory cross-border touchpoints (subsidiaries, banks, auditors, transfer agents, promoters/finders). Clarify oversight owners and record locations.
- Offering Diligence Expansion. Add scopes for social-promotion activity, promoter/finder vetting, and cross-border funds and data flows. Prepare keeper memos suitable for production.
- Disclosure Alignment. Update MD&A, risk factors, and ICFR/DCP to match what auditors and banks can evidence. Eliminate gaps between narrative and underlying records.
- OTC Readiness. Confirm 15c2-11 current-information status, Form 211/Qualified IDQS posture, and vendor processes to avoid Expert Market migration.
- Monitoring & Escalation. Define thresholds for retail-driven chatter, unusual volume/volatility, and messaging-app club activity. Preserve artifacts, timestamp decisions, and route to legal/compliance promptly.
Watch for problem areas your controls should catch. What might those be?
Red flags
- Sudden, coordinated messaging‑app traffic tied to spikes in thin‑float names.
- Inconsistencies between filed disclosures and auditor/bank workpapers or confirmations.
- Gaps in 15c2‑11 “current information” leading to quotation interruptions or Expert Market migration.
- Promoter/finder relationships without vetted contracts, clear scope, or traceable payments.
- Unexplained cross‑border cash or data flows, or use of unapproved vendors for critical functions.
Offering & capital‑markets diligence—targeted upgrades
- Add social‑promotion and message‑board sweeps to offering diligence; archive artifacts with hashes and timestamps.
- Re‑underwrite counterparties that routinely buy, convert, or distribute securities to ensure Section 15 broker‑dealer status is properly analyzed; escalate borderline “dealer” fact patterns.
- Require written scopes and compliance representations from IR/promoter vendors; prohibit compensated communications without pre‑clearance.
Disclosure & governance adjustments
- Embed Rule 15c2‑11 hygiene in the disclosure‑committee calendar; task an owner and back‑up for “current information” updates.
- Refresh risk factors to reflect market‑abuse surveillance, gatekeeper exposure, and cross‑border evidence realities.
- Confirm internal control and disclosure‑control narratives match actual evidence paths (e.g., third‑party confirmations for offshore ops).
Cross‑border privacy and data‑transfer notes
- Treat non‑U.S. personal and business data as in‑scope for preservation and lawful transfer; coordinate with privacy counsel where GDPR or similar regimes apply.
- Document data‑mapping (systems, vendors, locations) so production can be fast, defensible, and consistent with local law.
The legal landscape for public companies engaged in cross-border transactions is complex and ever-changing. This SEC approach to cross-border matters is the latest example, and one of many. It’s wise for in-house counsel to coordinate with their outside counsel to ensure continued legal compliance with U.S. securities laws and regulations.
