September 15, 2014

Panel Discussion: Data Security, Breach Response, and Emergency Management

I was honored to be asked by The Infusion Group to participate in a panel discussion on business security issues with some top thought leaders in North Carolina for the Innovate Work Summit Digital Series. Topics included data security, risk management, breach response, and emergency management. I enjoyed hearing the insights of these three smart, accomplished people. Please feel free to view the video on YouTube and share it with others who might be interested.


September 9, 2014

Social Media: Maximizing the Rewards while Minimizing the Risks

(This article was published in the Carolina Banker magazine by the North Carolina Bankers Association in the Fall 2014 issue.)

Social Media for Financial Institutions: Maximizing the Rewards while Minimizing the Risks

By now almost everyone knows that social media has tremendous potential for businesses of all kinds to connect with important constituent groups.  The average American spends 37 minutes per day on social media.  Facebook alone has more than 1.2 billion users, and a quarter of them log in more than five times per day.  Twitter has twice as many users as the United States has citizens.  In addition to marketing products and services to customers and prospects, banks now use social media to obtain feedback and market intelligence, recruit and engage employees, and enhance shareholder relationships.  These attractive opportunities do not come without risk; fortunately, however, these can be mitigated by an effective social media compliance and risk management program. 

Regulatory Attention

A few months ago, the Federal Financial Institutions Examination Council ("FFIEC"), which includes representatives from federal and state regulators, issued guidance for banks regarding the legal, operational and reputational risks associated with social media.  Soon, examiners will likely expect banks to have written risk assessments and social media policies and procedures.

The FFIEC guidance addressed many — but not all — of the outstanding banking law questions about social media.  Most of the regulations the guidance discusses involves the nature and placement of consumer disclosures, recordkeeping, and other straightforward issues.  The guidance also raised more complex issues, however, such as the risk of disparate impact, an anti-discrimination legal theory favored by the Consumer Financial Protection Bureau.  Not all of the outstanding questions were addressed by the guidance, however, so good, practical judgment will be needed to apply existing regulations in a new environment.  For example, customer privacy issues can arise in social media that require banks to respond to customer communications differently than other businesses might.

Importantly, the guidance states that even banks that do not have any official social media accounts should still consider the risks posed by social media, document the risk assessment, and adopt any policy needed to address identified risks.  Risks faced by banks that do not have an official social media account include reputational risks of negative comments and complaints by customers, as well as risks posed by employees' use of social media.  The regulators have made clear that a bank may be held responsible for an employee's social media use if it appears the employee is acting on behalf of the bank and the bank has not taken adequate steps to address the risk.  (How certain are you that none of your bank's employees are talking about the bank's products and services on their own social media accounts?)

Reputation Management

A widespread concerns among bankers about social media is the potentially damaging effects of publicly-aired customer complaints.  This is a real risk, but it is important to note that it is present whether or not a bank has a social media presence.  Disgruntled customers can — and do — air grievances on social media and customer review websites whether or not you have a Facebook page or Twitter profile.  If your bank has a presence on social media, however, you may have a better opportunity to identify and address those grievances. 

Both legal and practical considerations in determining whether, and how, to respond to a public complaint.  Well-crafted social media policies and procedures, coupled with a well-trained and savvy team, can effectively handle most public complaints, and may achieve net-positive outcomes.  When the commenter can be identified, the recommended approach is usually to simply ask the customer to remove the offending post.  If a commenter refuses to remove a false, misleading, or abusive comment voluntarily, you may resort to dealing with platform provider (e.g., Facebook, Twitter, Google, Yelp, etc.).  Each platform has terms and conditions that establish unique criteria for removing posts.  Understanding these criteria can help you draft a request to the platform that is more likely to result in the removal of an offending comment.  A letter sent from a knowledgeable lawyer on behalf of the bank is often helpful.


Social media presents opportunities for others to impersonate or "spoof" the bank.  However, this can happen whether or not a bank is active on social media, and in fact, by being active in social media, a bank can actually reduce the likelihood and effectiveness of these nefarious efforts.  Fortunately, most social media platforms are generally quick to shut down fraudulent accounts.


Social media and promotional contests seem to go together like peanut butter and jelly.  They can be useful tools to encourage social sharing of your bank's content.  As with any promotional contest, various state and federal laws must be observed, and liability and reputational risks must be mitigated.  Also, some social media platforms restrict certain types of promotions.  It may be worthwhile to consult a knowledgeable lawyer before beginning any contest or drawing.

Developing a Policy, Procedures, and Implementation Team

The size and complexity of a social media program should be commensurate with the degree of the bank's involvement in social media.  For example, a bank that uses only one platform (e.g. Facebook) should have a more focused program.  A bank using several media (e.g., Facebook, LinkedIn, Twitter, Yelp, Google +, and YouTube) should have more comprehensive procedures.

The FFIEC advises that a social media program should be designed with participation from specialists in compliance, technology, information security, legal issues, human resources, and marketing.  Ideally, a team will be small, with individuals whose expertise spans more than one of these categories.  After a program is crafted, it can be implemented by a smaller team or an individual, with support from specialists as necessary. 

A recent survey revealed that banks in the southeastern United States  have the lowest rates of social media participation in the nation.  In some other regions of the country, banks are more than three times as likely to have a social media presence.  Given the size of the potential audiences and the high level of user engagement, it seems likely that more banks in our region will implement or expand social media strategies soon.  Though all risks cannot be eliminated, a well-crafted plan can manage the risks while maximizing the rewards. 

September 7, 2014

Moving to the Triangle

The time has come.  For several years, I've worked with clients from across the state and beyond, travelling all over North Carolina.  New Bern has been a wonderful place to call home.  My family loves the small-town, coastal lifestyle.  In recent years, however, I have found myself travelling more and more, which has generally resulted in less family time.  We have concluded that it is time to move to the Triangle so that I can be closer to more of my clients and generally spend a little less time travelling.  Ward and Smith, P.A. has been very supportive of this decision.
We will be living in Raleigh by the end of this month.  I look forward to getting involved in the community and making some new friends.  We also look forward to seeing many of our Triangle-area friends on a more regular basis.
I intend to be back in New Bern regularly to see clients and friends, just as I already spend time the other cities in which Ward and Smith has offices.

I will maintain a presence in the New Bern office, but my primary office address will be:

Ward and Smith, P.A.
5430 Wade Park Boulevard
Wade II, Suite 400
(Post Office Box 33009, Zip 27636-3009)
Raleigh, NC 27607
P: 919.277.9100
F: 919.277.9177 

The office is located directly across Edwards Mill Road from the PNC Arena.

August 16, 2014

Boards of Directors and Information Security Risks

Directors should take an active role in managing data security risks rather than leaving it up to management and IT staff, according to recent remarks by SEC Commissioner Luis Aguilar.

Commissioner Aguilar recently delivered a speech at the New York Stock Exchange in which he emphasized that cybersecurity has become a “top concern” and pleaded with corporate directors to “take seriously their obligation to make sure that companies are appropriately addressing those risks.”

The Commissioner reported that U.S. companies experienced a 42% increase from 2011 to 2012 in the number of successful cyber-attacks. He also pointed out a number of recent high-profile incidents, including the following:
  • The October 2013 cyber-attack on the software company Adobe in which data from more than 38 million customer accounts was breached;
  • The December 2013 cyber-attack on Target, in which the payment card data of approximately 40 million Target customers and the personal data of up to 70 million Target customers was breached;
  • The January 2014 cyber-attack on Snapchat, a mobile messaging service, in which a reported 4.6 million user names and phone numbers were leaked;
  • The multiple cyber-attacks against several large U.S. banks, in which their public websites have been shut down for hours at a time; and
  • The numerous cyber-attacks on securities exchanges. (According to a 2012 global survey of 46 securities exchanges, 53% reported experiencing a cyber-attack in the previous year.)
Commissioner Aguilar said that cybersecurity has become a "top concern" of American companies over a relatively short period of time. That's good news. But, according to the Commissioner, directors themselves should be involved in addressing cybersecurity risks.

The essence of Commissioner Aguilar's comments related to the board’s role in corporate governance and overseeing risk management. He pointed out that since the financial crisis, there has been an increased focus on how boards address risk management. While acknowledging that primary responsibility for risk management has historically belonged to management, he emphasized that boards are responsible for ensuring that the corporation has established appropriate risk management programs and for overseeing how management implements those programs. Not surprisingly, he mentioned the SEC's 2009 rule change which calls for the public disclosure of the board's role in risk management (usually in a proxy statement).

In addition to the SEC's rule changes, proxy advisory firms appear to be applying pressure to boards to focus on data security risks. A prominent proxy advisory firm has recommended that shareholders vote against the election of most of Target's directors because of their alleged “failure…to ensure appropriate management of [the] risks” resulting in Target’s December 2013 breach.

The result of these influences is encouraging: Boards have begun to assume greater responsibility for overseeing the risk management efforts of their companies, according to evidence cited by the Commissioner. For example, according to a survey of 2013 proxy statements filed by S&P 200 companies, the full boards have almost universally assumed responsibility for the risk oversight of their respective companies.

The Commissioner concluded by expressing his view that "board oversight of cyber-risk management is critical to ensuring that companies are taking adequate steps to prevent, and prepare for, the harms that can result from such attacks. There is no substitution for proper preparation, deliberation, and engagement on cybersecurity issues."

You can read the Commissioner's full remarks here.

(c) Matt Cordell 2013

July 30, 2014

Is Bank Regulatory Relief Gaining Momentum?

Banks have been pleading with Congress for regulatory relief for as long as I can recall.  (For example, before the ink on the Dodd-Frank Act was dry, bankers were warning of the harmful effects of the cumulative regulatory burdens attributable to the Act.)  It appears bankers' advocacy efforts may now be closer to achieving results.
The House Financial Services Committee approved three regulatory reform bills this week.
  • The "Community Bank Mortgage Servicing Asset Capital Requirements Study Act of 2014," H.R. 4042, would delay the implementation of the Basel III rules that relate to capital requirements for mortgage servicing assets until a study is completed. 
  • The the "Access to Affordable Mortgages Act of 2014,'' H.R. 5148, would amend the Truth in Lending Act to exempt from certain appraisal standards certain "high-risk" mortgages of $250,000 or less if the loan stays on the balance sheet of the lender for three years. The act also would exempt certain individuals from penalties for failure to make reports regarding certain appraisers.
  • The "Regulation D Study Act," H.R. 3240, would require the Government Accountability Office (GAO) to study the impact of the Fed’s reserve requirements on depository institutions and consumers.
Other bills introduced in Congress would provide further relief if they can get the momentum to pass:
  • The "Portfolio Lending and Mortgage Access Act," H.R. 2673,  would amend the Truth in Lending Act by deeming any residential mortgage to be a "qualified mortgage" for as long as it remains on a bank's balance sheet.
  • The "Community Institution Mortgage Relief Act of 2014," H.R. 4521, would expand the CFPB’s small servicers exception to include servicers of 20,000 mortgage loans or fewer.  It would also exclude loans secured by a first lien on a dwelling that are held by creditors with assets of $10 billion or less.
  • The "Financial Regulatory Clarity Act of 2014," H.R. 4466, would require the federal banking agencies to consider whether any new regulation proposed is inconsistent with, or duplicative of, existing regulations. 
Whether any of these bills will make it to the Senate, much less the President's desk, is difficult to predict.

July 21, 2014

New N.C. Statute Gives Lenders More Options When Developers Default

Lenders now have a bit more to think about when making a loan to a developer of a planned community. 
A few days ago, the General Assembly enacted, and the Governor signed into law, important amendments to the Planned Community Act regarding the transfer of the declarant's rights and the liability of the declarant's successor in interest.  The legislation is House Bill 330 / Session Law 2014-57 (titled "An Act Amending the North Carolina Planned Community Act regarding the Transfer of Special Declarant Rights"). 
By way of reminder, a "declarant" is almost always a developer of a planned community or condominium who creates restrictions on the use of the property which are described in a "declaration."  That developer has the opportunity to reserve certain rights to itself as the "declarant." Although there is no requirement that a developer reserve declarant rights for itself, it is common to do so, and it would be very unusual for a planned community or condominium developer to not to name itself the declarant.  (For more information on declarants, see this article by my law partner Sam Franck.)
So, what happens when a lender must forclose on a developer who is a declarant of a planned community?  Does the lender become the declarant?
The new Act says (basically) that unless the deed of trust provides otherwise, a creditor who acquires property through foreclosure acquires all "special declarant rights" related to the property, if the creditor files in the county records an "instrument" that "requests" those rights.  (The deed of trust is not required to state that special declarant rights will be transferred, but the judgment or instrument that conveys the titled must.)  The definition of "special declarant rights" in GS 47F-1-102(28) is as follows:   
"Special declarant rights" means rights reserved for the benefit of a declarant including, without limitation, any right (i) to complete improvements indicated on plats and plans filed with the declaration; (ii) to exercise any development right; (iii) to maintain sales offices, management offices, signs advertising the planned community, and models; (iv) to use easements through the common elements for the purpose of making improvements within the planned community or within real estate which may be added to the planned community; (v) to make the planned community part of a larger planned community or group of planned communities; (vi) to make the planned community subject to a master association; or (vii) to appoint or remove any officer or executive board member of the association or any master association during any period of declarant control."
As I read the Act, the creditor is free to assume some--but not all--of the special declarant rights, if it wishes.  Furthermore, the Act says that a creditor can state in the recorded instrument that it intends only to hold special declarant rights to transfer them to a third party, in which case the creditor cannot exercise any special declarant rights, but will avoid the liabilities or obligations of the declarant. 
The Act answers a number of questions but will require creditors to give some consideration when the deed of trust is drafted and when the creditor decides to exercise its rights by foreclosure, deed on lieu, or in a bankruptcy proceeding.

The upshot is that lenders now have more control as to which, if any, of the declarant's rights they want to inherit when a developer goes under.
You can read the full Act for yourself here.

Img content: runner310            

July 4, 2014

New Tax Changes in North Carolina

July means the start of a new fiscal year for the State of North Carolina, which means some new changes to the tax code become effective.  Below are brief descriptions of some of the key changes:

Elimination of Back to School (August) Sales Tax Holiday.

N.C. General Statutes Section 105-164.13C provided an exemption for certain items of tangible personal property sold between the first Friday in August and the following Sunday.  It included clothing, footwear, and school supplies of $100 or less per item; school instructional materials of $300 or less per item; sports and recreation equipment of $50 or less per item, computers of $3,500 or less per item; and computer supplies of $250 or less per item will be exempt.  Clothing accessories, jewelry, cosmetics, protective equipment, wallets, furniture, items used in a trade or business, and rentals were never covered by the exemption to begin with.  The elimination of this exemption is expected to yield $14.7 million during  fiscal year 2014-2015.  
Elimination of Energy Star Products Tax Holiday
N.C.G.S. 105-164.13D provided an exemption from sales and use tax from the first Friday in November through the following Sunday for Energy Star products.  An "Energy Star qualified product" is "a product that meets the energy efficient guidelines set by the [EPA] and the United States Department of Energy and is authorized to carry the Energy Star label."  Items purchased for use in a trade or business and rentals were not covered by the exemption.  This sales tax holiday was enacted in 2008, and eliminating it is expected to bring $1.6 million in FY14-15 . 
Elimination of Sales Tax Exemption for Bakery Thrift Stores

A bakery thrift store is a retail outlet of a bakery that sells at wholesale over 90% of the items it makes and sells at the retail outlet day-old bread returned to it by retailers.  The exemption from sales tax was enacted in 2007, and its repeal is expected to result in $3.9 million in revenue in FY14-15.
Cap on Sales Tax Refund for Nonprofit Entities

Nonprofits will begin paying sales tax on purchases that exceed $666 million in a fiscal year.   In other words, the exemption is now capped at $45 million annually.   
Income Requirement for Farm Equipment Emption 

Farm equipment will continue to be exempt from sales tax, but only if the farm has a certificate showing annual gross income from farming operations of $10,000.   More than 40,000 farm exemption certificates are currently outstanding.  North Carolina has more than 52,000 farms, according to the 2007 USDA Census of Agriculture.  There are a number of issues that remain to be addressed in connection with this change.  The change in this exemption is expected to result in $16.5 million in revenue for FY14-15. 
Sales Tax on Energy

State sales tax will now be due on electricity and piped natural gas at the combined general rate.  The combined general rate is the State's general rate of tax plus the sum of the rates of the local sales taxes authorized for all counties. The current combined general rate is 7%.  A number of other taxes on electricy and natural gas are repealed in connection with this change, including the following:
  • Franchise taxes on electric power, water, and public sewerage companies (G.S. 105-116). 
  • Distribution of electric power company franchise tax to cities (G.S. 105-116.1). 
  • The 3% sales tax discount for municipalities that sell electricity (G.S. 105-164.21A). 
  • Payments in lieu of franchise taxes required of electric cities and joint power agencies (G.S. 159B-27(b) through (e)).


July 2, 2014

Opposition to Operation Choke Point Grows

image by skambalu
Opposition to Operation Choke Point continues to mount.
"Operation Choke Point" is an ongoing program of the U.S. Department of Justice under which it investigates banks' relationships with payment processors, so-called "payday lenders," and other companies believed to be at higher risk for violations of law. Bankers report being pressured to terminate relationships with these businesses even if no malfeasance is identified. Operation Choke Point is controversial because it has the potential to penalize banks and other lawful businesses simply because an agency of the executive branch disfavors certain types of businesses. Industries that have reportedly been targeted by Operation Choke Point include the following:
  • Ammunition Sales
  • Coin Dealers
  • Credit Repair Services
  • Dating Services
  • Firearms Sales
  • Fireworks Sales
  • Government Grants
  • Home-Based Charities
  • Life-Time Guarantees
  • Life-Time Memberships
  • Money Transfer Networks
  • Online Gambling
  • Payday Loans
  • Pharmaceutical Sales
  • Ponzi Schemes
  • Pornography
  • Multi-Level Marketing
  • Surveillance Equipment
  • Telemarketing
  • Tobacco Sales
  • Travel Clubs

A bill has recently been introduced in Congress to prevent federal banking regulators from exerting similar pressure. The bill would prohibit bank regulators from using their "safety and soundness" authority over banks to discourage banks from serving customers engaged in legal activities. Banks would benefit from a safe harbor with respect to business customers that are licensed, registered as a money services business, or have obtained a reasoned legal opinion confirming the legality of the business.

The bill was introduced by Representative Blaine Luetkemeyer (R-MO). Luetkemeyer explained that the legislation "would ensure that existing laws are interpreted as intended, overzealous and inappropriate use of regulatory and enforcement tools is curbed, and financial institutions have the security and ability to return to the business of offering products and services to a variety of industries including ammunition sales, fireworks sales and pharmaceutical sales." He went on to write that "[i]n an effort to drive legally-operating, licensed and regulated companies out of business, federal banking regulators in cahoots with the Department of Justice are placing so much regulatory pressure on financial institutions that certain businesses not viewed favorably by the Attorney General and the Administration are eventually choked-off from the financial services they need to survive. That notion goes against the very nature of our free market system. It is time to stop these backdoor attempts by government bureaucrats to blackmail and threaten businesses simply because they morally object to entire sectors of our economy.”

The bill was referred to the House Committee on Financial Services last week. 

At least one group has taken the litigation route. An association of consumer lending companies (Community Financial Services Association of America) filed a lawsuit against the federal financial regulators in early June, claiming that through Operation Choke Point, the FDIC, the Fed, and the OCC have informally pressured banks to cut off consumer lenders' access to banking services, which "exceeds the agencies’ statutory authority." You can read the Complaint here.

image material by via foter
It remains to be seen whether legislation or litigation will force the Operation Choke Point to "tap out."

July 1, 2014

We can FINALLY remove those pesky IRS Circular 230 disclosures from our email messages!

If you've received an email from an attorney, accountant, or tax preparer in the past several years, it almost certainly included some barely-comprehensible fine print about tax advice, often with the caption "IRS Circular 230 Notice." The number of trees killed as a direct result of the extra pages of printed email messages resulting from these notices probably numbers in the millions.

Section 330 of title 31 of the U.S. Code authorizes the Secretary of the Treasury to regulate professionals who practice before the Treasury Department, such as attorneys and accountants. The Secretary published regulations governing practice before the IRS in 31 CFR part 10 and reprinted the regulations as "Treasury Department Circular No. 230."   Circular 230 says that regulated professionals must meet certain standards of conduct with respect to written tax advice or face suspension or disbarment.   In layman's terms, the IRS said "if you provide tax advice to your clients that we don't like, we will take away your livelihood."  The warning was an over-reaction a reaction to the tax avoidance schemes of the 1990s.  The language of Circular 230 was so broad, and the fear of the IRS's wrath so widespread, that regulated professionals started putting a disclaimer on every single email message--automatically.  Everything from friendly jokes, to emails scheduling appointments, to actual tax advice bore the disclaimer that "this does not constitute tax advice upon which you can rely."

Mercifully, those days are now behind us.  New rules issued by the IRS in June include this statement: “Treasury and the IRS expect that these amendments will eliminate the use of a Circular 230 disclaimer in e-mail and other writings.”


June 29, 2014

Crowdfunding Law Made Simple

photo by Twose
One of the topics I am often asked about these days, and one of the subjects that even smart, well-informed people seem to be most confused about, is "crowdfunding."  It seems appropriate, therefore, to offer a basic, high-level summary of the topic here on the N.C. Business & Banking Law Blog.   

Is crowdfunding just a bunch of hype?

Crowdfunding is a Really Big Deal.  Entrepreneurs and owners of businesses with growth potential have historically found it somewhat difficult to access the money that individuals and institutions have accumulated and want to invest without going through traditional gatekeepers (i.e., Wall Street).  This is largely because federal and state securities laws have limited their ability to raise investment capital from anyone other than well-to-do people in their immediate sphere of influence (in SEC-speak, "nonpublic offerings" to "accredited investors").  Most inventors and entrepreneurs do not have enough high net worth friends and business associates to raise large amounts of capital.  The securities rules were designed to protect investors that Congress or the SEC deemed vulnerable, but they had the unfortunate consequence of hampering the efficient flow of investment dollars.  However, recent changes to securities laws (including crowdfunding) are making it much less burdensome to borrow money or raise equity capital.   Crowdfunding will make it possible to raise investment money from virtually anyone.

What does the JOBS Act of 2012 have to do with crowdfunding?

The federal JOBS Act (Jumpstart Our Business Startups Act), enacted on April 5, 2012, required the SEC to write regulations to implement many of its various provisions.  More than two years later, the SEC has not yet finalized rules to implement Title III of the JOBS Act, known as the "crowdfunding" section of the law.  The JOBS Act also called for a new Rule 506(c) to allow a similar method of raising capital, but with important distinctions, which are covered below.

So what exactly is crowdfunding?

Many (perhaps most) of the media and many others who are unfamiliar with the JOBS Act have been referring to multiple methods of soliciting and raising investment as "crowdfunding."  This is often incorrect.  People are using the term to describe a number of different capital-raising methods, only two of which are actually crowdfunding.

Most people are familiar with websites like and that allow inventors and entrepreneurs to raise money for new products and services.   These sites existed before the JOBS Act and are unaffected by securities law because no equity or debt is being offered or sold.   People who contribute to campaigns on these websites usually have some personal affinity for the cause or an expectation of receiving the product or service if a sufficient amount of funds are pledged to enable the project to be completed.  Basically, this is not crowdfunding. The important thing to know about these websites, however, is that they demonstrate how popular actual crowdfunding sites are are likely to be, and they are probably the models on which crowdfunding sites will be designed.

Crowdfunding is offering and selling securities to the crowd, by which I mean both accredited and non-accredited investors.  (Accredited investors are essentially those who have $1,000,000 in assets, excluding equity in their primary residences, or $200,000 in annual individual income. Congress and the SEC think that accredited investors are less vulnerable to fraud.)   The crowdfunding rules the SEC proposed in July 2013 (in response to the JOBS Act mandate, but which are not yet final nor effective) will allow people to sell up to $10,000 of debt or equity to each individual as long as they do not raise more than one million dollars in a 12-month period. The SEC's leadership and staff are widely believed to be philosophically opposed to the idea of crowdfunding, and they seem to be attempting (i) to delay finalizing rules and (ii) to make the process difficult.  (The SEC believes that crowdfunding will result in widespread fraud and that the victims will be among society's most vulnerable.)

What is a Rule 506(c) public/private placement?

Another new legal avenue for fundraising that is not actually "crowdfunding" involves the process allowed by new SEC Rule 506(c), which--as mentioned above--the SEC was required to create by the JOBS Act.  Rule 506(c) allows businesses to offer securities to the general public and raise unlimited investment with relatively low compliance costs, provided they sell only to "accredited investors" who have been reasonably verified as such.  Rule 506(c) is very attractive because of the ability to publicly advertise the offering using social media, investing websites, newspapers, magazines, television, radio, and--someday soon--crowdfunding websites.  In the months since Rule 506(c) became effective in October of 2013, billions have already been raised using its provisions. 

What about single-state crowdfunding?

Largely due to frustration at the SEC's foot-dragging, some states have enacted crowdfunding laws to permit limited offerings to investors in certain states without complying with the SEC's more burdensome rules.

A bill (the NC JOBS Act, or House Bill 680) was introduced in the North Carolina House of Representatives in April 2013 to permit intra-state crowdfunding.  After a couple of rounds of amendments, it was passed by the House in June 2013 by a 103-to-1 margin.  The bill now sits in the Senate Commerce Committee, which along with the Senate Finance Committee, must approve it before the full Senate can vote.

The NC JOBS Act would create an exemption from North Carolina's securities registration requirements for offers and sales of securities (also known as the Blue Sky Law) that meet certain criteria.   The requirements of the current version of the proposed crowdfunding provisions include the following:

  • The offering must meet the requirements of the federal exemption for intrastate offerings under Section 3(a)(11) of the Securities Act of 1933.
  • The issuing entity must be organized under the laws of North Carolina (no out-of-state entities).
  • All purchasers must be residents of North Carolina.
  • No more than one million dollars can be raised in 12 months, unless prospective investors have been given audited financial statements, in which case the limit is two million dollars.
  • No more than two thousand dollars can be received from a non-accredited investor.
  • A notice filing with the Securities Division of the Secretary of State's office.
  • An offering circular must be provided to prospective investors and to the Securities Division.
  • Risk disclosures and certifications.
  • Website registration requirements.
  • A bank must act as escrow agent for investment funds collected during the offering period.
  • Officers and directors of the issuing entity cannot receive commissions on sales of securities unless they register themselves as a "dealer" or "salesman."
  • Quarterly reporting to investors.
As you can see, the North Carolina crowdfunding proposal is more restrictive than the SEC's proposal. 

(To better understand the interplay between federal securities laws and state securities laws, see my article here, which was first published in 2008 by, but note that it is now out-of-date.)

More information is available.

This has been a brief summary of some key points relating to crowdfunding, but there is much more that I have not covered in this article.  I have done a little bit of speaking, writing, and tweeting about crowdfunding, but my law partner Jim Verdonik knows more about it than anyone I know.  He has written about it on his blog, Entrepreneur Intersection, and in the Triangle Business Journal.  If you're interested in hearing more about crowdfunding, or have a group that might be interested in having me or Jim speak, please let me know.