Rule 506(c), the provision arising out of the JOBS Act that enables companies to raise capital using general solicitation and advertising while still being exempt from SEC registration requirements, has always had the potential to revolutionize the capital raising process. With the ability of companies to connect easily with potential investors anywhere via the internet and social media, one could imagine a world where this supplants private placements under Rule 506(b), in which the investor base is, by definition, limited based on existing relationships with the company or its broker-dealer. While the use of Rule 506(c) has grown since enactment, it has nowhere near the usage rate of Rule 506(b). In 2017, Rule 506(c) offerings represented only 4% in dollar amount of all Regulation D offerings.

Perhaps it’s just a matter of time for the investor and issuer communities to get used to Rule 506(c), but it’s worth considering whether the requirements of the rule are dampening interest. One of the differences of 506(c) versus 506(b) is that all investors must be accredited investors. However, in practice, many or perhaps most of Rule 506(b) offerings are to accredited investors only, as doing so removes the information requirement applicable if there is even one non-accredited investor. Rather, I think the issue is with the other main difference between the two rules: for Rule 506(c) offerings, there must be a process of reasonable verification of each investor’s accredited investor status, as opposed to the long-standing process under Rule 506(b) of relying on the investor’s own written representation in a subscription agreement or accredited investor questionnaire.

Anecdotally, I can report that many companies believe that many or most investors have privacy concerns surrounding accredited investor verification, making it difficult to convince investors to participate. The verification process typically requires investors to provide evidence of income or net worth such as tax returns and brokerage statements, and it’s understandable that many would not want to provide such materials to a startup they are investing in, which may not have the best data security. However, the SEC has always made clear that third parties could handle the verification for the investor or the issuer. This could be the investor’s own accounting or law firm, which may already have the sensitive information in its possession. This is a reasonable solution, but many of these professionals are not familiar with the process of accredited investor verification and may be reluctant to put their name behind such a statement.

Another option is to engage a third party verification service. Investors may be reluctant to do this as well (“why would I send my tax returns to some company I’ve never heard of?”).  However, while there is a lot of knee jerk reaction against divulging personal information in a new way, it’s worth reflecting on how routinely we provide such information to strangers. We provide social security and credit card numbers to customer service professionals who, theoretically, could use them for nefarious purposes. Even more relevant to accredited investor verification, we readily provide tax returns and brokerage statements to lenders as part of the mortgage approval process. Perhaps we can distinguish this by noting that many banks are larger and more established, but on the other hand many homeowners chase low rates by finding relatively obscure lenders online. Why is it any more risky from a privacy perspective to provide sensitive information to an online lender than it is to an accredited investor verification service? In either case, their business would be threatened by a failure to maintain adequate security of this sensitive information.

Again, it may be that the investor community just needs more time to get used to the verification process. The challenge is to overcome investor fears (and companies’ perceptions of those fears).