TLDR
Enforcement attorneys read PPMs backward, starting with the subscription agreement, then use of proceeds, then risk factors. They look for inconsistencies between what the PPM promises and what the company actually does with investor funds. The PPM is the single most important document in any private placement enforcement action.
Why Enforcement Reads Your PPM Backward
When I reviewed private placement memoranda as an SEC enforcement attorney, I never started at the beginning. The cover page, the introduction, the business description -- those sections are where the marketing language lives, and marketing language rarely reveals compliance failures. The real story of a private placement is told in the subscription agreement, the use of proceeds section, and the gaps between what was disclosed and what actually happened.
Enforcement attorneys develop a reading methodology that is fundamentally different from how issuers, investors, or even transactional counsel approach these documents. We read backward because the end of the PPM contains the commitments -- the subscription agreement terms, the representations investors are asked to make, the acknowledgments they sign. Those commitments tell us whether the issuer structured the offering for compliance or structured it to raise money as quickly as possible with minimal disclosure friction.
The distinction matters because the structure of the subscription process reveals the issuer's intent more reliably than the disclosure language. An issuer that requires detailed suitability questionnaires, imposes investment minimums consistent with accredited investor thresholds, and provides a reasonable review period before accepting subscriptions is demonstrating compliance infrastructure. An issuer that accepts subscriptions immediately, imposes no independent verification, and makes closing contingent only on reaching a funding minimum is signaling that capital formation, not compliance, is the priority.
The Subscription Agreement: Where Cases Begin
The subscription agreement is the first document enforcement examines because it establishes the evidentiary framework for the entire offering. Every representation the investor makes in the subscription agreement becomes a potential issue if the enforcement investigation reveals that the issuer knew or should have known the representation was inaccurate. If the subscription agreement asks the investor to represent that they are an accredited investor, and the issuer accepted the subscription without any verification, the representation is functionally meaningless from an enforcement perspective.
The most problematic subscription agreements are the ones that contain extensive investor representations but minimal issuer obligations. When the investor is required to represent suitability, acknowledge risks, and waive certain claims, but the issuer provides no corresponding commitment to verify those representations, the agreement reads like a liability shield rather than a compliance document. Enforcement attorneys recognize this pattern immediately, and it colors their review of everything else in the PPM.
Defensible subscription agreements include specific accredited investor verification procedures, provide for a reasonable cooling-off period, require the issuer to reject subscriptions from investors who do not meet applicable standards, and create a clear paper trail documenting the basis for each investor's qualification. The additional work required to build these features into the subscription process is minimal compared to the defensive value they provide if the offering is later reviewed.
Use of Proceeds: The Promise That Becomes Evidence
The use of proceeds section is the most litigated provision in private placement enforcement actions for a simple reason: it is the easiest to compare against reality. When an issuer states that 60% of proceeds will be used for product development and enforcement discovers that 60% was actually used for management compensation and office renovations, the case practically builds itself. The PPM becomes the evidence of what was promised, and the bank records become the evidence of what was delivered.
Vague use of proceeds language does not protect issuers -- it exposes them. When a PPM states that proceeds will be used for "general corporate purposes" or "working capital and general administration," enforcement treats this as an admission that the issuer did not have a specific plan for the money. In the context of an enforcement investigation, the absence of a specific plan is often indistinguishable from the absence of a legitimate plan.
The defensible approach is to provide line-item categories with estimated percentages, acknowledge that actual deployment may vary based on business conditions, and identify the factors that would cause reallocation. This level of specificity serves two purposes: it gives investors the information they need to evaluate the investment, and it gives the issuer a defensible position if actual use of proceeds differs from estimates for legitimate business reasons. The key distinction enforcement draws is between good-faith deviation from disclosed estimates and systematic misuse of proceeds that was never intended to follow the stated plan.
Risk Factors: What Missing Risks Actually Signal
Risk factors in PPMs serve a different function than risk factors in SEC filings. In a registered offering, risk factors are reviewed by the SEC staff and deficiencies result in comment letters. In a private placement, no one reviews the risk factors until something goes wrong. This means the risk factor section of a PPM is effectively self-policing, and the quality of risk factor disclosure is a direct reflection of the issuer's compliance commitment.
Enforcement evaluates PPM risk factors by comparing what was disclosed against what was known or reasonably knowable at the time of the offering. When enforcement identifies a material risk that the issuer clearly knew about -- industry regulatory developments, pending litigation, management conflicts, financial condition deterioration -- and that risk is absent from the PPM, the omission creates a presumption of intentional nondisclosure. The issuer then bears the burden of explaining why a known material risk was not disclosed.
The most effective risk factor sections are specific to the issuer rather than generic. A cannabis company PPM that contains only generic regulatory risk language without addressing federal illegality, IRC Section 280E, banking instability, and licensing concentration risk has effectively disclosed nothing. Enforcement reads generic risk factors as form-over-substance compliance -- the issuer included a risk factor section because it knew it was supposed to, but did not invest the effort to identify and disclose the actual risks of the specific investment.
Management Background: The Section Nobody Verifies
Management background disclosures in PPMs are among the most frequently deficient sections enforcement encounters. The typical pattern is that management provides biographical information to counsel, counsel includes it in the PPM without independent verification, and the offering proceeds with management backgrounds that contain material omissions. These omissions are not always intentional -- management may genuinely not understand what requires disclosure -- but the effect is the same: investors make investment decisions based on incomplete information about the people running the company.
Enforcement routinely runs background checks on management identified in PPMs under investigation. This includes FINRA BrokerCheck searches, state regulatory database searches, federal and state court docket searches, bankruptcy filing searches, and SEC EDGAR searches for involvement in prior reporting companies. When these searches reveal information that should have been disclosed in the PPM -- prior regulatory actions, undisclosed litigation, involvement in failed companies, bankruptcy filings -- the omission becomes evidence of either intentional concealment or inadequate compliance procedures.
Securities counsel drafting PPMs should conduct independent background verification for every individual identified in the management section. This includes officers, directors, promoters, significant shareholders, and any person whose background, experience, or history would be material to a reasonable investor's decision. The cost of this verification is nominal compared to the liability created by management background omissions.
Compensation and Fee Disclosure: Hidden Conflicts
Compensation disclosure in PPMs must be comprehensive, specific, and complete. This means disclosing all forms of direct and indirect compensation to management, founders, promoters, finders, and placement agents for services related to the offering and to the ongoing operations of the company. The disclosure should include cash compensation, equity grants, consulting fees, success fees, expense reimbursements, and any other form of economic benefit flowing from the offering or the company to these individuals.
The most common compensation disclosure failure is the omission of finder's fees or referral compensation paid to unregistered persons for introducing investors. These arrangements are independently problematic because they often constitute unregistered broker-dealer activity, but the failure to disclose them in the PPM compounds the issue by creating an additional securities fraud theory. Enforcement views undisclosed compensation as a conflict of interest that investors are entitled to evaluate before making an investment decision.
Related party transactions and dual-role compensation present particular disclosure challenges. When management serves both as an officer of the issuer and as a consultant receiving separate fees, or when the company leases space from an entity controlled by management, these arrangements must be fully disclosed with enough detail for an investor to evaluate whether the terms are commercially reasonable. Enforcement reviews these disclosures against the company's actual financial records, and inconsistencies are treated as evidence of concealment.
Prior Offering History: Integration Red Flags
The integration doctrine is one of the most consequential and least understood concepts in private placement compliance. Integration treats multiple offerings as a single offering if they are sufficiently connected in terms of timing, type of consideration, class of investors, purpose, and whether the offering plan contemplated multiple raises. If multiple offerings are integrated, each must comply with the conditions of a single exemption, which often fails because the combined offering characteristics exceed the limitations of any single exemption.
PPMs should affirmatively address integration by disclosing prior offerings within the relevant lookback period, explaining the relationship between the current offering and prior or contemplated future offerings, and articulating why each offering qualifies as a separate transaction under applicable safe harbors. The failure to address integration in the PPM does not prevent enforcement from analyzing the issue -- it simply means the issuer has no documented basis for its integration position if questioned.
Based on my experience in SEC enforcement, integration analysis frequently reveals offering structures that were designed to circumvent registration requirements rather than genuinely qualify for separate exemptions. When an issuer conducts multiple Regulation D offerings in rapid succession to the same or overlapping investor groups for the same general corporate purpose, the integration analysis almost always fails. The PPM for each offering should demonstrate independent business justification and structural separation sufficient to support non-integration treatment.
Fixing Your PPM Before It Becomes Exhibit A
The time to fix a PPM is before the first subscription is accepted, not after enforcement begins its review. Issuers frequently underinvest in PPM preparation because they view the document as a fundraising impediment rather than a compliance asset. This perspective is fundamentally wrong. A well-drafted PPM is the single most effective defense against private placement enforcement actions, and the investment required to produce one is a fraction of the cost of defending a deficient offering.
The PPM review process should include independent verification of all management backgrounds, detailed analysis of use of proceeds with line-item specificity, comprehensive risk factor development tailored to the issuer's specific circumstances and industry, complete compensation disclosure for all persons receiving any form of economic benefit from the offering, integration analysis covering all prior and contemplated future offerings, and subscription agreement provisions that reflect actual compliance procedures rather than boilerplate representations.
When I review PPMs for clients today, I apply the same analytical framework I used as an enforcement attorney. I read the document backward, starting with the subscription agreement. I compare the use of proceeds against the company's financial projections and operating budget. I verify management backgrounds independently. I evaluate risk factors against what I know about the industry and the company's specific circumstances. And I ask the question that enforcement will ask: if this offering goes wrong and an investor complains, will this PPM demonstrate that the issuer acted in good faith with full disclosure, or will it become the prosecution's primary exhibit?
10 Key Points
- 1.Enforcement attorneys read PPMs backward, starting with the subscription agreement and working forward to the risk factors. The order in which investors sign and send money reveals more about the offering's compliance posture than the disclosure language itself.
- 2.The use of proceeds section is the single most litigated provision in private placement enforcement actions. Vague language like 'general corporate purposes' or 'working capital' invites scrutiny when enforcement compares stated use with actual fund deployment.
- 3.Missing risk factors are more damaging than poorly written ones. When enforcement reviews a PPM and identifies a material risk that was known at the time of the offering but not disclosed, the absence creates a presumption of intentional omission.
- 4.Management background sections frequently contain material omissions including prior regulatory actions, undisclosed litigation, bankruptcy filings, and involvement in failed offerings. Enforcement routinely runs background checks against PPM disclosures.
- 5.Compensation disclosure in PPMs must include all forms of direct and indirect compensation to management, promoters, finders, and placement agents. Undisclosed compensation arrangements are among the most common PPM enforcement findings.
- 6.The integration doctrine means your PPM cannot be drafted in isolation. Prior and subsequent offerings must be analyzed for integration risk, and the PPM should affirmatively address why the current offering qualifies as a separate transaction.
- 7.Investor suitability representations in the subscription agreement must be substantive, not pro forma. Enforcement looks at whether the issuer had a reasonable basis to believe each investor met the applicable suitability or accreditation standards.
- 8.PPMs for cannabis, AI, and cryptocurrency offerings receive heightened enforcement scrutiny because these industries involve additional regulatory frameworks that compound standard securities disclosure obligations.
- 9.The PPM is the primary exhibit in most private placement fraud cases. Draft every sentence assuming it will be read aloud in a courtroom or quoted in an SEC complaint. If a statement is not defensible under cross-examination, revise it.
- 10.A well-drafted PPM does not prevent enforcement action, but it provides the strongest possible defense. The difference between a defensible PPM and a problematic one is usually 40-60 hours of additional legal work during the drafting phase.
Frequently Asked Questions
What is a PPM and when is it required?
A Private Placement Memorandum is a disclosure document provided to prospective investors in a private securities offering. While technically not required by federal securities law for all private placements, a PPM serves as the primary evidence that the issuer provided adequate disclosure to investors. Without a PPM, the issuer bears the burden of proving through other evidence that all material information was communicated. Practically, every private placement should use a PPM.
How does enforcement actually use the PPM in investigations?
The PPM becomes the central exhibit in enforcement investigations. Enforcement attorneys compare the PPM's representations against the issuer's actual conduct, financial records, and fund deployment. They look for inconsistencies between what was promised and what was delivered, undisclosed risks that were known at the time of the offering, and compensation arrangements that were not properly disclosed.
What are the most common PPM deficiencies enforcement finds?
The five most common deficiencies are: vague or misleading use of proceeds language, missing or incomplete risk factors, undisclosed management compensation or conflicts of interest, failure to disclose management's regulatory or litigation history, and inadequate investor suitability verification procedures. Any one of these deficiencies can form the basis of an enforcement action.
Why does enforcement read the PPM backward?
Enforcement attorneys start with the subscription agreement because it reveals what representations investors were asked to make and what disclosures they acknowledged receiving. They then examine use of proceeds because this is where most fraud is evidenced. Risk factors come last because by that point, the attorney already knows what risks should have been disclosed based on the actual business operations.
How specific should the use of proceeds section be?
Specific enough that an enforcement attorney can compare your stated use with your bank records and find them consistent. This means providing line-item categories with estimated percentages, identifying significant anticipated expenditures, and avoiding catch-all categories that exceed 15-20% of total proceeds. 'General corporate purposes' should never be more than a minor residual category.
What risk factors do cannabis company PPMs typically miss?
Cannabis PPMs most frequently omit or inadequately address: the risk that federal enforcement could seize assets or freeze accounts despite state legality, IRC Section 280E impact on effective tax rates and cash flow, banking instability including the risk of account closure without notice, key person dependency in license-holding structures, and the risk that interstate commerce prohibitions limit expansion strategies.
What risk factors do AI company PPMs typically miss?
AI company PPMs commonly fail to disclose: the risk that AI capability claims in marketing materials may create securities liability if they overstate actual functionality, data dependency and the risk of training data access loss, regulatory uncertainty regarding AI governance frameworks, the risk that competitive technology renders current models obsolete, and IP ownership uncertainties for AI-generated outputs.
What risk factors do cryptocurrency company PPMs typically miss?
Cryptocurrency PPMs frequently omit: the risk of retroactive securities classification of token offerings, regulatory enforcement trends targeting digital asset issuers, custody and security risks specific to digital assets, the risk of exchange delisting, and the impact of evolving money transmission regulations on business operations.
How should management backgrounds be disclosed?
Every officer, director, and promoter identified in the PPM should have a complete disclosure including: all positions held during the prior five to ten years, any regulatory actions or investigations, all litigation as a party, any bankruptcy filings, any involvement in offerings that resulted in investor losses, and any sanctions or bars from regulated industries. Omissions in this section are treated as intentional by enforcement.
What compensation must be disclosed in a PPM?
All compensation of any kind to management, founders, promoters, finders, and placement agents must be disclosed. This includes salaries, bonuses, equity grants, consulting fees, commissions, success fees, expense reimbursements, and any indirect benefits such as use of company property or services. The disclosure should cover both the current offering period and any ongoing compensation commitments.
What is the integration doctrine and how does it affect PPMs?
The integration doctrine is an SEC concept that treats multiple offerings as a single offering if they are sufficiently connected. If offerings are integrated, each must comply with the conditions of a single exemption, which often fails. PPMs should affirmatively address integration by explaining the relationship to prior and contemplated future offerings and why each qualifies as a separate transaction under the applicable safe harbor.
How does a PPM differ from an offering circular or prospectus?
A PPM is used in private placements exempt from SEC registration. An offering circular is used in Regulation A offerings that require SEC qualification. A prospectus is used in registered offerings under the Securities Act. The key difference is the regulatory review: prospectuses and offering circulars go through SEC review, while PPMs do not. This means the PPM must be self-policing for compliance.
Should the PPM include financial projections?
Generally, projections should be avoided in PPMs unless they are presented with robust assumptions, sensitivity analysis, and clear cautionary language. The Private Securities Litigation Reform Act's safe harbor for forward-looking statements does not apply to private offerings. Any projections included in a PPM will be compared against actual results by enforcement attorneys in any subsequent investigation.
What investor suitability procedures does enforcement expect?
Enforcement expects issuers to take affirmative steps to verify investor suitability beyond simply obtaining a signed subscription agreement. This includes collecting financial information sufficient to confirm accredited investor status, maintaining records of the verification process, rejecting investors who do not meet applicable standards, and documenting the basis for each suitability determination.
How often should a PPM be updated during an ongoing offering?
A PPM should be updated whenever there is a material change in the information disclosed. This includes changes in business operations, financial condition, management, use of proceeds, risk profile, or any other information that a reasonable investor would consider important. In practice, PPMs for offerings lasting more than 90 days should be reviewed quarterly for potential updates.
Can a good PPM prevent an enforcement action?
A well-drafted PPM cannot prevent enforcement action, but it provides the strongest possible defense. When enforcement reviews an offering, the quality and completeness of the PPM is the first factor evaluated. A thorough, accurate PPM demonstrates good faith compliance and often results in either no action or reduced sanctions compared to offerings with deficient disclosure.
What is the cost of a properly drafted PPM?
A properly drafted PPM from qualified securities counsel typically costs between $15,000 and $50,000 depending on the complexity of the offering, the issuer's industry, and the number of prior offerings that require integration analysis. This cost should be viewed against the potential liability of a deficient PPM, which can include disgorgement of all offering proceeds, civil penalties, and personal liability for officers and directors.
Should the PPM reference SEC enforcement actions against similar companies?
Yes, when recent enforcement actions in the issuer's industry are publicly available and material. Referencing relevant enforcement actions demonstrates that the issuer is aware of regulatory trends and has considered the implications for its own compliance. This is particularly important for cannabis, cryptocurrency, and AI companies where industry-specific enforcement activity is well documented.
How does flat-fee engagement help with PPM quality?
Under hourly billing, there is economic pressure to minimize the time invested in PPM drafting, particularly for management background research, risk factor development, and use of proceeds specificity. Flat-fee engagement eliminates this pressure, ensuring that the full 40-60 hours typically required for a defensible PPM is invested without the client monitoring the clock. The result is uniformly higher quality disclosure.
What should I do if I discover errors in a PPM after investors have already subscribed?
Contact securities counsel immediately. Depending on the nature and materiality of the error, options include supplemental disclosure to all investors with a rescission offer, amendment of the PPM for future investors, or in some cases, unwinding subscriptions received under the deficient disclosure. The worst approach is to do nothing, as continued use of a known-deficient PPM converts a disclosure error into potential fraud.
This article was written by Frederick M. Lehrer, Esq., a former SEC Division of Enforcement Staff Attorney and Special Assistant United States Attorney (Southern District of Florida) with over 30 years of securities law experience. Florida Bar No. 888400.