Client Alert – Banking, Insurance and Finances | March 2016

Relief in Criteria for Individual Classified Investors in Connection with Private Offering of Securities in Israel

• On February 24, 2016 the Minister of Finance issued an order amending the criteria for qualifying as an individual sophisticated investor for the purpose of private placement/offering of securities under the Israeli Securities Law, 1968. The amendment will become effective within 30 days from the date of its publication.
• The amendment consists of relief in these criteria, principally the cancellation of the criteria requiring experience or expertise in the capital markets and a minimum number of transactions, a decrease in the required threshold of liquid assets from NIS 12 million to NIS 8 million, and the addition of an alternative criteria of annual income or a combination of liquid assets and annual income with lower thresholds.
• The offeror must verify the existence of the conditions in accordance with the Israel Securities Authority (ISA) position of the ISA as previously published by the ISA.
• The criteria for an individual eligible client under the Regulation of Investment Advice, Investment Marketing and Portfolio Management Law, 1995 remain unchanged, resulting in a difference between the definition of an individual sophisticated investor for purposes of private placements/offerings under the securities law and the definition of an individual eligible client under the Advice law for the purposes of exemption from the licensing requirements in providing investment advice, investment marketing or portfolio management services.

General

The Israeli Securities Law, 1968 (the “Law“) establishes rules for the public offering of securities in Israel. Among others, the Law provides that the offer or sale of securities to the public in Israel requires publication of a prospectus approved by the Israel Securities Authority (“ISA“). The Law further states that an offer or sale of securities made to “sophisticated investors” listed in the first supplement to the Law (the “Classified Investors“) does not constitute a public offering – such offer is also known as private placement or offering.

Among the “Classified Investors” listed in the first supplement to the Law, item 12 to the supplement refers to an individual (natural person) investor who meets certain criteria. On February 24, 2016, the Securities Order (amendment of the first Addendum to the law), 2016 was published. The Order provides relief to such criteria and will become effective 30 days following its publication.

The Former Criteria for Individual “Classified Investors”

Before the Order becomes effective, in order for an individual to be considered as a Classified Investor, at least two of the three following criteria[1] (the “Former Criteria“) must be satisfied:

• the total value of liquid assets (deposits, financial assets and securities) he/she owns is more than NIS 12 million (currently approximately USD 3 million);

• he/she has expertise and skills in the capital market or was employed for at least one year in a professional position that requires expertise in the capital markets; and

• he/she made at least 30 trades, on average, in each of the previous four quarters.

The New Criteria for Individual “Classified Investors”

The Order amends the criteria for individual Classified Investors in two ways: (a) by cancelling the second criterion of expertise or experience and the third criterion of performance and minimum transactions; and (b) by lowering the threshold of liquid assets (in the first criterion) and adding two other alternatives – (i) minimum annual income and (ii) minimum annual income and minimum liquid assets with lower thresholds.

Accordingly, item 12 to the first supplement to the Law was amended to provide that an individual will be considered as Classified Investor for purposes of the private placement/offering of securities if he/she meets at least one of three new criteria:

• the total value of its liquid assets[2] exceeds NIS 8 million (currently approximately USD 2 million);

• its income in each of the last two years exceeds NIS 1.2 million (currently approximately USD 308 thousand) or the income of its family unit[3] exceeds NIS 1.8 million (currently approximately USD 462 thousand); or

• the total value of its liquid assets exceeds NIS 5 million (currently approximately USD 1.3 million) and either its income in each of the last two years exceeds NIS 600,000 (currently approximately USD 154 thousand) or such income of its family unit exceeds NIS 900,000 (currently approximately USD 231 thousand).

Method for Verifying the Compliance of an individual with the Classified Investor Criteria

In accordance with the first supplement to the Law, for purposes of private placements/offerings to Classified Investors, it required to receive from each such investor, including individual investors, prior to any purchase of securities its written consent that he/she meets the conditions listed above and that he/she is aware and agrees to the consequences of being such investor.

With respect to an individual Classified Investor (as well as certain corporations), the ISA has previously published its position[4] (the “ISA Position“) concerning the method of verifying compliance by an individual Classified Investor with the eligibility criteria.  Currently, this position remains unchanged (although it may be adapted to the wording of the Order) and was strengthened in light of the requirement in the Order that the offeror of the securities will examine the Classified Investors.

According to the ISA Position, in order to verify compliance of an individual with the eligibility criteria regarding liquid assets, the offeror has two alternatives:

• obtain written approval of an accountant, lawyer, or in appropriate circumstances other external body, which the offeror has reasonable grounds to rely on, certifying that it took reasonable measures (apart from the investor’s declaration) to verify that the investor complies with the definition, and specifying those measures; or

• carry out the examination of the investor compliance independently, while relying on external evidence and information presented to it by the investor.

We assume that it is possible to implement those verification methods also regarding the income alternative (or the alternative which combines income and liquid assets).

According to the ISA Position, the verification of the offerees eligibility criteria listed above must be performed on the date of the sale (prior to the sale), while on the date of the offer it is sufficient to obtain the offeree’s declaration with respect to its compliance with the eligibility criteria.

The ISA Position also states that if a sale is made to the same Classified Investor within a period of one year from the date on which its compliance was verified in the manner described above, it is sufficient to obtain its declaration that it still meets the eligibility criteria (provided the offeror does not know otherwise and believed in good faith that the investor is still Classified Investor).

The Regulatory Difference between the Advice Law and the Securities Law

The Advice Law stipulates that investment advice, investment marketing or portfolio management services require a license, except in circumstance determined under the law. One exception relates to the provision of such services to eligible clients, including individual who meets the Former Criteria.

As noted above, the Order amended the criteria for individual Classified Investors for purposes of the Securities Law. However, no similar amendment was made to the criteria for eligible clients under the Advice Law, although originally the ISA proposed to apply the amendment also to the Advice Law.

Because the Order modifies the first supplement to the Securities Law without any corresponding change in the Advice Law, it created a regulatory difference between the exemption from the licensing requirement under the Advice Law and the exemption for private placements/offerings under the Securities Law. This gap is particularly relevant to anyone who provides investment advice services, investment marketing or portfolio management services to eligible clients in Israel without a license (such as certain foreign banks and asset managers) because even if apparently it can offer in Israel securities or financial assets without a prospectus to individual investors who meets the new criteria prescribed in the Order, practically it will not be able to provide them with advisory services in connection with the products if the investors do not meet the Former Criteria pursuant to the Advice Law.

______________

[1] Item 12 of the first supplement to the Securities Law refers to item 9 in the definition of “eligible client” in the first supplement to the Regulation of Investment Advice and Investment Portfolio Management Law, 1995 (the “Advice Law“).

[2] The term “liquid assets” is defined in the Order as cash, deposits, financial assets (units or shares in registered funds, options, futures contracts, structures and professional training funds), and traded securities.

[3] The term “family unit” is defined in the Order as an individual and his/her family members who live with him or whose livelihoods are dependent on each other.

[4] Legal staff position number 103-35: “Private offering to sophisticated investors”.

 

For further information regarding this newsletter, please contact via phone or email to Ofer Hanoh, Adv., head of our banking, insurance and financial services department (at [email protected] or 03-6074510) or to Yigal Binyamini, Adv., partner in our banking, insurance and financial services department ([email protected] or 03-6074510).

Gross, Kleinhendler, Hodak, Halevy, Greenberg & Co. (GKH), is one of the leading law firms in Israel, with some 150 attorneys. GKH specializes, both in Israel and abroad, in various fields of law including Mergers and Acquisitions, Capital Markets, Technology, Banking, Project Finance, Litigation, Antitrust and Competition, Energy and Infrastructure, Environmental Law, Intellectual Property, Labor Law and Tax.

This alert is prepared as an informational service to clients and colleagues of Gross, Kleinhendler, Hodak, Halevy, Greenberg & Co. (GKH) and the information presented is not intended to provide legal opinions or advice. Readers should seek professional legal advice regarding the matters about which they are particularly concerned.

Adv. Anat Klein refers to the stability clause in the Natural Gas Plan | 15-16/2/2016

The stability clause in the Natural Gas Plan, which has provoked public discussion, is also discussed in legal proceedings. Adv. Anat Klein addresses the issue (Hebrew):

Read on Globes Online (15/2/2016)

Globes16.2.2015

Read on NRG (15/2/2016)

Read on Behadrey Haredim (16/2/2016)

Read full article on Arutz Sheva (17/2/2016)

Read on Hamahane Haharedi (25/2/2016):

HamahaneHaharedi25.2.2016_1

HamahaneHaharedi25.2.2016_2

Legal Update – Securities | February 2016

Foreign Companies Offering Securities to the Public in Israel

On February 17, 2016 (the “Effective Date”) a new Amendment to “Schedule Four” under the Israeli Securities Law 5728-1968 will come into effect (the “Amendment” and “Securities Law” accordingly). The Amendment adds new corporate governance matters and revises existing ones that apply under the Companies Law 5759-1999 and its Regulations (“Companies Law” and “Regulations” accordingly) to Foreign Companies, which were incorporated outside of Israel and offer shares or bonds to the public in Israel (“Foreign Companies” or “Company”). The Amendment does not aim to apply to Foreign Companies that offered securities to the Israeli public prior to the Effective Date which will continue to be subject to the former Schedule Four until such time as they offer securities to the Israeli public after the Effective Date[1]. The main purpose of the Amendment is to avoid ‘regulatory gaps’ between the requirements that apply to Israeli companies and those that apply to Foreign Companies as a result of amendments made to the Companies Law over the past few years. Below is a brief overview describing the Amendment.

Read full Update:

PDF Icon

Cyber Update | February 2016

Cyber Update

February 2016

Proposed Regulations on Cyber Exports

The Defense Export Controls Agency (“DECA“) in the Israeli Ministry of Defense published proposed regulations on January 7, 2016, concerning the control of cyber exports substantially more restrictive than the Wassenaar Arrangement. Comments on the proposed regulations may be submitted through March 3, 2016. In the text box appears a free translation of the draft regulations with highlighting of the language proposed to be added by DECA; a proposal that goes beyond the Wassenaar Arrangement.

The Wassenaar Arrangement is an international export control regime. Member countries agree to coordinate their export restrictions on conventional arms and dual-use goods and technologies. In 2013, the Wassenaar Arrangement was amended to include controls over certain (a) software and/or systems equipment and components, specially designed or modified for the generation, operation or delivery of or communication with Intrusion Software; and (b) technology to develop Intrusion Software. Israel is not a member of the Wassenaar Arrangement but generally follows the Wassenaar Arrangement, and automatically incorporated the Intrusion Software updates to the Arrangement from 2013 by updating the Israeli Import-Export Order (Regulation of the Export of Dual-Use Goods and Services) (the “Wassenaar Order“) in January 2014. Under the Israeli Wassenaar Order, all controlled dual-use technologies require an export license, either from the Ministry of the Economy for civilian use exports, or from the Ministry of Defense for defense use exports.

The draft regulations include several major, far sweeping changes.

  • DECA is proposing to control Intrusion Software and systems that include Intrusion Software. DECA is proposing to control the Intrusion Software products, and not just the means for creating or delivering the Intrusion Software products. This means that Intrusion Software and Intrusion Software Systems will be controlled, unless they fall into the exemptions for not being considered Intrusion Software.
  • The draft regulation also proposes to regulate software, systems, equipment and components specially designed or modified to simulate use, operation or communication with Intrusion Software against another. In essence, all penetration testing systems, equipment and components will be controlled. However, the proposed regulation carves out an exception for penetration testing services.
  • The draft regulation proposes to also control software, systems, equipment and components specially designed or modified to protect strategic security systems or to protect warfare equipment against Intrusion Software. The modification can be done by the end user, in which case, the product would be subject to control. The concept of strategic security systems is not well defined. For example, would a civilian nuclear energy plant be considered a strategic security system, simply because it is part of the critical infrastructure?
  • Additionally, under the draft, software, systems, equipment and components specially designed or modified to protect or monitor communication lines on a national level, would also be controlled. Again, if the modification to the product can be capable of being done by the end user, in such a way that it would allow protection or monitoring of communication lines on a national level, then it will be subject to control. Thus, an exporter must examine whether the particular item was specifically designed to protect or monitor communication lines on a national level or could be modified to do so.
  •  The draft regulation attempts to also control systems, equipment and components to perform Digital Forensics or to simulate Digital Forensics which meet the criteria in the proposed regulation. Any export sales of such Digital Forensics software will be subject to control. Some of these products are currently sold in large quantities to multiple purchasers. The ability to obtain licenses per sale will be burdensome. Some Israeli users of Digital Forensic software will need to obtain export licenses for their overseas activity; for example, when an Israeli accounting firm will perform an international audit and will need to export its systems, equipment and components to perform Digital Forensics, it will need to obtain an export license from the Ministry of Economy for this purpose. Some cybersecurity products that are ‘off-grid’ integrate a Digital Forensic type element to capture and download the Static Data of intrusion attempts and other information, which may cause the entire product to become subject to control based on the proposed regulations.
  • Perhaps one of the most problematic elements of the proposed regulation, is the proposal to control Vulnerabilities, unless they fall within a narrow set of exceptions. The exceptions are when the Vulnerability is delivered exclusively to the proprietary owner of the code that is at risk, or the Vulnerability is available in the public domain (on a list that DECA acknowledges), or the Vulnerability is intended for use in defense products only manufactured by the company holding that Vulnerability. In addition, the proposal would control systems or software specially designed or modified to automatically detect Vulnerabilities in order to use them in Intrusion Software against another. In other words, software that automatically detects Vulnerabilities would not be controlled. However, if it automatically detects Vulnerabilities in order to be used in Intrusion Software against another, then it would be controlled. DECA believes that only a small percentage of the industry will be subject to control as a result of these proposals on Vulnerabilities.

There is great concern among investors and both large and small companies in the field that these far sweeping proposals will have a chilling effect on the cyber industry in Israel. Some international companies considering investing in the cyber industry have already indicated that they will wait and see what will pan out with these regulations. It is unfortunate that DECA has made these proposals just after IVC Research announced that in 2015 20% of the capital invested in Israeli hi-tech was in the cyber field. The Israeli government has been promoting the State as a cyber capitol, and these regulations may end up making Israel a cyber desert.

Israel is not a cyber-oasis. Rather it is part of the international technology community and must be part of the international technology regulation. This is one of the reasons why Israel follows the Wassenaar Arrangement. Less than six months ago, the Bureau of Industry and Security in the U.S. Department of Commerce withdrew export control proposals on Intrusion Software that also would have been more expansive than the Wassenaar Arrangement. This came after more than 250 companies submitted comments on those proposals. Currently, BIS is looking at proposals to make the controls less strict than Wassenaar.

Israel should seriously consider whether it wants to be the “lone wolf” – the only country with extreme cyber export regulation that will have a chilling effect on its cyber industry, especially when it is so dependent upon international investment and cooperation. If the U.S. is considering less stringent regulation, it would be prudent to discuss with the U.S. regulators and counterparts the proposals they are considering, and coordinate the Israeli proposals so they will work together to the advantage of the international cyber business community.

GKH clients concerned they may be affected by the proposed regulations, or interested in submitting comments to DECA, are invited to contact the GKH Cyber Desk for more information: [email protected]

 

PROPOSED DRAFT FOR CHARACTERIZING CONTROLLED PRODUCTS AND KNOWLEDGE IN THE CYBER FIELD

The blue bold text indicates additions to the Wassenaar Arrangement Dual-Use list

Definitions:

“Intrusion Software”

Software specially designed or modified to avoid detection by ‘monitoring tools’, or to defeat ‘protective countermeasures’ of a computer or network capable device, and performing any of the following:

a. The extraction of data or information, from a computer or network capable device, or the modification of data of a system or user; or

b. The modification of the standard execution path of a program or process in order to allow the execution of externally provided instructions; or

c. disruption of functional abilities of the system or causing physical damage to the system.

 

“Intrusion Software” does not include any of the following:

a. Hypervisors, debuggers or Software Reverse Engineering (SRE) tools;

b. Digital Rights Management (DRM) software; or

c. Software designed to be installed by manufacturers, administrators or users, for the purposes of asset tracking or recovery.

 

“Network-Capable Devices” include mobile devices and smart meters.

“Monitoring Tools” – software or hardware devices, that monitor system behaviors or processes running on a device. This includes antivirus (AV) products, end point security products, Personal Security Products (PSP), Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS) or firewalls.

“Protective Countermeasures”– techniques designed to ensure the safe execution of code, such as Data Execution Prevention (DEP), Address Space Layout Randomization (ASLR) or sandboxing” (mechanism for downloading software safely).”

“Vulnerability”- imperfection in a code or a protocol, which can be exploited in order to harm a system or software.

“Digital Forensics”- obtaining, analyzing or restoring data through a physical interface to computing equipment or storage such as computers, cellphone devices, hard discs, satellite navigation devices, USB components, smart cards and SIM cards.

“Static Data”- data that is maintained in a hard disc or in different storage equipment that does not require an electrical power source in order to maintain the data.

“Volatile Data”- data that is maintained in equipment that requires electrical power in order to maintain the data.

 

 Additions to the controls list:

Systems, Equipment and Components:

1. Intrusion Software and systems including Intrusion Software.

2. Systems, equipment, and components therefor, specially designed or modified for the generation, operation or delivery (pasting) of, or communication with, Intrusion Software including systems, equipment and components specially designed or modified to simulate use, operation or communication with Intrusion Software against another, and not including providing services intended to check systems’ immunity against attack (PT).

3. Systems, equipment and components specially designed or modified to protect strategic security systems or to protect warfare equipment against Intrusion Software. 

4. Systems, equipment, and components specially designed or modified to protect or monitor communication lines on a national level.

5. Systems, equipment, and components to perform Digital Forensics or to simulate Digital Forensics that was:

a. Specially designed to perform or use techniques to prevent the possibility of changing data, in order to copy the data in its entirety; or

b. Specially designed to perform data analysis in order to:

            i.    Restore Static Data created by the system or user;

           ii.    Detection or analysis of Volatile Data created by the system or user.

 

Software:

6. Software specially designed or modified for the generation, operation or delivery (pasting) of, or communication with, Intrusion Software, including software specially designed or modified to simulate use, operation or communication with Intrusion Software against another, and not including providing services intended to check systems’ immunity against attack (PT).

7. Software specially designed or modified to protect strategic security systems or to protect warfare equipment against Intrusion Software.

8. Software specially designed or modified to protect or monitor communication lines on a national level.

 

Technology and Knowledge:

9. Technology and knowledge for the development of Intrusion Software.

10. Vulnerability, not including the following:

a. Vulnerabilities delivered exclusively to whoever developed the code or protocol, or someone on their behalf;

b. Vulnerabilities made available in the public domain.

c. Vulnerabilities intended to use in defense products only, manufactured in the Company holding the Vulnerability or the Company. In this section “Company” includes a company that is a subsidiary or has a subsidiary as defined in the Israeli Securities Law, 5728-1968.

11. System or software specially designed or modified to automatically detect Vulnerabilities, in order to use them in Intrusion Software against another.