Table of Contents

I. Introduction
    A. Why Does Classification Matter to the Average Investor?
    A.1. Private Entity Reporting Exemptions
    A.2. Government Accounting Exemptions
    A.3. Government Investment in Varied Industries
II. How Does Classification Work? The Quick and Dirty Summary.
    A. What Is Executive Order 13526?
    B. Classification Authorities
    C. Classification Standards, Categories, and Levels
    C.1. Brief Summary of Derivative Classification
    D. Restrictions on Classification and Corner Cases
    E. Duration
    F. Declassification
    F.1. Authority to Declassify
    F.2. Automatic Declassification
    F.3. Declassification by Review
    G. Access and Distribution
    H. Challenging Classification and Requesting Declassification of Information
III. Classification and Government Accounting, a Summary of Federal Accounting Exemptions for Classified Information
    A. Covered Entities
    B. Reporting Exceptions
IV. Classification and Private Entities, a Summary of Classification Exemptions for Private Entities
V. How Does Classification Impact You as an Investor?
VI. About Us

February 10, 2019

I. Introduction

Investing is a field fraught with risk and has a long and sometimes less than savory history. As a result, there are a myriad of laws and regulations meant to protect and inform investors, and ensure material information about potential investments is not concealed or fabricated. However, there is a substantial subsection of investment opportunities that collides with perhaps the most famous category of concealed information, that which is classified for national security purposes. As the private sector becomes more and more involved in military and intelligence projects, it is natural that the allure of investment in such contractor entities grows. This creates a collision between the requirements for transparency that are usually imposed on corporate entities and the opposite requirements for secrecy in the name of national security.

Over this article, we hope to outline how classification works and what classification-related exemptions investors should be aware of. Even if an investor might not be able to get access to the classified information, understanding the rules surrounding it might be helpful to an investor looking to invest in the securities of private government contractors (e.g., defense and intelligence contractors or most financial institutions1), or even the securities offered by the federal government itself. To this end, we’ll be covering how classification works and providing a resource for investors summarizing our past discussions in previous articles of relevant reporting exemptions created by national security exemptions.

One thing to keep in mind is, colloquially, the term “confidentiality” can be applied in a variety of circumstances, from trade secrets and non-disclosure agreements to keeping a friend’s personal secret, secret. There’s a large body of law on general confidentiality, which we won’t be discussing here. For the purposes of this article, we’ll be referring to confidentiality as one of the levels of classification, discussed below.

A. Why Does Classification Matter to the Average Investor?

Information is critical to investors. The more you have, the more certain your investments become, and large swaths of law protect an investor’s right to the information they need to make informed decisions. Classification, however, runs counter to this principle, and it is often difficult to determine if a particular classified fact even exists. This can prove problematic for an investor looking to invest in companies undertaking military or intelligence contracts, or basing their investment decisions on government accounting data.

A.1. Private Entity Reporting Exemptions

Normally, the SEC requires a great deal of information to be disclosed in their filings, and filing entities have to comply with internal accounting regulations. SEC Rule 10b-5 prohibits acts or omissions that result in fraud or deceit in connection with purchase or sale of any security. It is a violation to make any untrue statement of a material fact or to omit to state a material fact in connection to the purchase or sale of a security. However, if the entity of concern is dealing with a classified project, there is a great swath of information that they cannot share with investors, material or not, and they can get a waiver to allow them to depart from accounting practices and legally “cook the books.” Understanding what sort of information an entity can (and often must) conceal is nowhere near as useful as knowing any hidden material facts, but it nonetheless serves some purpose in the risk assessment of said securities.

A.2. Government Accounting Exemptions

Federal entities are also required to obfuscate classified information in their accounting practices, under new rules by FASAB. While investors don’t exactly buy stock directly in the government (that’s what taxes and campaign contributions are for), the money spent on different programs, or on the enforcement of regulations for different industries, can prove informative for an investor. If portions of the government’s books are classified (and in some cases shifted around among federal entities), this can have an effect on an investor’s analysis of investment prospects in virtually any field. In addition to this, investors are able to purchase government-backed securities, such as Treasury bonds, which have a more direct connection to the financial state of the federal government. If an investor can’t see the actual underlying information, understanding the framework by which the information is hidden is the next best thing.

A.3. Government Investment in Varied Industries

While the federal term for “investment” doesn’t quite mean the same thing as for private investors, a great deal of federal “investment” makes its way to the private sector. (https://www.cbo.gov/sites/default/files/113th-congress-2013-2014/reports/44974-federalinvestment.pdf) For instance, federal R&D investment often comes in the form of grants to private entities, who can then tout that funding as part of a market prospectus. If you base your investment decision on the availability of government investment funds, then it is valuable to understand the underlying rules of classification and the resulting exemptions in the federal financial statements.

II. How Does Classification Work? The Quick and Dirty Summary.

The how and why of classification is currently covered by Executive Order (EO) 13526, which we’ll explain in this article. Basically, the classification of information is largely a purview of the executive branch. While the power to classify information is delegated down a chain of bureaucracy, it starts with the President, Vice President, and agency heads. Then, once the information is classified, it’s a tangle of classification levels, standards, and restrictions, which determines everything from who can view the information to when its classification expires. However, none of that will be open to the public, so the closest an investor can get is by understanding how the system works, and where it touches their interests.

If you’re interested in more information on classification, beyond this article, each agency with original classification authority prepares a classification guide. These guides are supposed to facilitate proper and uniform classification and should be reviewed and updated according to the executive order. While those guides themselves are often classified, the Office of the Director of National Intelligence approved the release of a 2014 version of their guide in a FOIA request. (https://www.dni.gov/files/documents/FOIA/DF-2015-00044%20(Doc1).pdf)

A. What Is Executive Order 13526?

Over the history of the U.S., classification standards and rules have generally been an issue addressed via executive order. While there have been laws protecting classified information, such as the Espionage Act of 1917 and the Intelligence Identities Protection Act of 1982, today classified information is essentially entirely covered by a 2009 executive order issued by former President Barack Obama. Executive Order 13526 revoked and supplanted previous executive orders on the issue and modified the existing regulations codified in 32 C.F.R. 2001. Its rules, focused a bit more on the declassification process than its predecessors, provide the framework for modern classification in the U.S. The order, not surprisingly a bit on the byzantine side of things, covers who is authorized to classify information, when and how it can be classified, the various levels of classification, and when classified info ceases to be classified. There’s an enormous amount of other regulatory issues here from various agencies and laws that impact this, but Executive Order 13526 (EO 13526, or “the Order”, available at https://www.archives.gov/isoo/policy-documents/cnsi-eo.html) is certainly the best place to start when it comes to understanding classification.

B. Classification Authorities

The actual parties with original classification authority (unconditioned power to classify information) are: the President or Vice President in the performance of their official duties, agency heads and officials designated by the President in the Federal Register, and U.S. government officials delegated authority to do so (EO 13526 Section 1.3). This delegation and authorization likely represents the largest portion of people who are actually doing the classification on a day-to-day basis. However, there are limitations on this type of delegation.

It’s generally the agency heads doing the delegation when it comes to classification authority. However, any delegation of classification authority has to be limited to the absolute minimum possible to execute the necessary duties. What’s more, as soon as their need for this delegation of authority ends, the agency heads are required to revoke the authority grant.

There are different levels of classification available that have different effects (EO 13526 Section 1.2). We will discuss the actual differences in these classifications later in this article. However, not every grant of authority is created equal when it comes to these different types of classification. The “Top Secret” level of classification cannot be delegated at all and is restricted to the President, Vice President, and named agency heads. The “Secret” or “Confidential” level of classification can be done more broadly, even beyond the initial three groups discussed above. The authority can be delegated by a senior agency official who had previously had the authority delegated to them by their agency head. These delegations all have to be made in writing and identify the official delegating the delegee by name and position title. Delegating a certain level of authority also grants the delegee authority to classify information at all levels below their authority grant.

The original classification authorities (the President, Vice President, and agency heads) are required by EO 13526 to receive a certain amount of training. The training includes instruction on the proper safeguarding of classified information and of the criminal, civil, and administrative sanctions that may be brought against an individual who fails to protect classified information from unauthorized disclosure.

Despite these restrictions, there are provisions for exceptional cases where an employee, government contractor, licensee, certificate holder, or grantee of an agency produces information they believe to require classification and does not have the authority to implement that classification (EO 13526 Section 1.3(e)). In this case, they can treat the information as if it were classified and give it the same level of protection actual classified information would have. However, the information must be promptly sent to the agency officer or employee who could appropriately determine the classification status of the information. The agency then has 30 days to decide whether to classify the information; during this time the information is treated as classified. If the entity creating the information isn’t sure which agency they should send the request to, they can send it up the ladder to the Director of the Information Security Oversight Office who will make a determination as to classification level and/or which agency should have jurisdiction over the subject matter. For instance, if a defense contractor or a financial institution is handling information they believe requires classification, like a new invention or money for intelligence operations, they can treat it as such and immediately notify the relevant agency, and that agency has 30 days to decide what to do.

C. Classification Standards, Categories, and Levels

In order to be classified at all, information needs to meet certain standards (EO 13526 Section 1.1). From there, it can be further separated into different levels of classification as discussed above. The base classification standards of EO 13526 require, before any bit of information can be classified: (1) somebody with authority sufficient to classify the information; (2) the information must be owned by, produced by or for, or is under the control of the U.S. (a moderately complicated topic we will not be going into great depth on here for interests of length); (3) the information falls within one of the approved classification categories—something we will get into below; and (4) a person of sufficient authority determines that “unauthorized disclosure of the information reasonably could be expected to result in damage to the national security, which includes defense against transnational terrorism, and the original classification authority is able to identify or describe the damage.”

The first of the elements, sufficient authority, is discussed above. The second obviously covers any information produced by the government itself or its agencies. It also covers, among other things, information created by government contractors—including many financial institutions—to a large extent. However, as mentioned, the exact breadth of what this element encompasses is a source of some debate. This debate is somewhat stymied by the fact that courts take a general position where they do not question whether something has been properly made classified, providing great deference to the government on this issue. (See “Challenging classification: a third option,” by Stephen Aftergood, available at https://www.rcfp.org/journals/news-media-and-law-fall-2015/challenging-classification-th/).

The third element, proper classification categories, is much easier to explain as they are more or less explicitly described in EO 13526. In order to qualify for classification, information must address one of the following categories: (1) military plans, weapons systems, or operations; (2) foreign government information; (3) intelligence activities (including special activities), intelligence sources or methods, or cryptology; (4) foreign relations or foreign activities of the United States, including confidential sources; (5) scientific, technological, or economic matters relating to the national security, which includes defense against transnational terrorism; (6) United States Government programs for safeguarding nuclear materials or facilities; (7) vulnerabilities or capabilities of systems, installations, infrastructures, projects, plans, or protection services relating to the national security, which includes defense against transnational terrorism; or (8) weapons of mass destruction. These fairly specific categories, taken together, cover an enormous amount of information. However, these kinds of restrictions are crucially important to limiting a tool as potentially damaging to government transparency as classification.

The final element, damage to national security, is not one that’s often questioned in the courts due to the deference shown. Some things, like unauthorized disclosure of foreign government information, are presumed to damage national security. However, it’s a fully factual analysis, and the classification’s justification is usually not something that can itself be revealed. That being said, the level of damage that can potentially be caused by disclosure of the information is the key to the different classification of information.

There are three levels of classification, addressed to some degree above (EO 13526 Section 1.2). First, “Top Secret” information must be reasonably expected to cause articulable grave damage to the national security were it disclosed. “Secret” classified information has a similar standard but must only cause “serious” damage. “Confidential” information must only be reasonably expected to cause damage to national security—full stop. The actual distinctions here are incredibly vague on their face. From a scholarly standpoint, there are some instructional guidelines as to what qualifies for each level. For instance, “grave damage” includes but is not limited to information where disclosure could cause “armed hostilities against the United States or its allies; disruption of foreign relations vitally affecting the national security; the compromise of vital defense plans or complex cryptologic and communications intelligence systems; the revelation of sensitive intelligence operations; and the disclosure of scientific or technical developments vital to national security” (EO 111652, Section 1(A)). However, on a practical level, it is hard to clearly delineate what goes where as the courts generally presume information to be properly classified. This means there’s very little in the way of practical examples to go off of.

C.1. Brief Summary of Derivative Classification

There is one more form of classification that is fairly commonly used—derivative classification (EO 13526 Section 2.1-2.2). This is the classification information generally created using already classified information—incorporating it into something else, paraphrasing or restating it, etc. It doesn’t include duplication or reproduction of classified information as that’s automatically considered classified at the same level as the origin information.

Derivative classification is unique in that it does not require the person classifying it to have classification authority. Basically, it’s assumed that it is proper that such information should be classified at the same level as the source information. What’s more, all derivatives of already derivative information also carry forward the classification level of the highest classification level contained within the product.

D. Restrictions on Classification and Corner Cases

Under EO 13526, not all information is appropriate for classification. Obviously the majority of policing of this would be internal, but there are many enumerated situations in which information cannot be classified. Information cannot be made classified to: “(1) conceal violations of law, inefficiency, or administrative error; (2) prevent embarrassment to a person, organization, or agency; (3) restrain competition; or (4) prevent or delay the release of information that does not require protection in the interest of the national security” (EO 13526 Section 1.7). In other words, confidentiality is not supposed to be used as a tool for a cover-up, to gain economic advantage, or really for any purpose other than protecting national security. Scientific research is an especially questionable subject when it comes to classification and needs to be clearly related to national security before it can qualify.

Once something has initially been declassified, a topic we will discuss below, it can be reclassified, but there are some limitations that wouldn’t apply when it first received classified status. First, there needs to be a reclassification action commenced by an agency head who determines, in writing, that national security requires reclassification. After that, it must be determined that the information can be reasonably recovered, and there must be a report to the Director of the Information Security Oversight Office. This is also the process used to classify or reclassify information in response to a Freedom of Information Act (FOIA) request or a request under the Privacy Act of 1974. However, in order to limit the potential for abuse of the classification system in the face of a FOIA request or other similar request, classification or reclassification determinations where there is already a request for the information must be considered on a document-by-document basis with the personal participation—or at a minimum under the direction of—an agency head, deputy agency head, or senior agency official.
There is also a bit of an odd situation for classification when it comes to large compilations of information where only part of it could reasonably be classified. This is because sometimes the holes in information within such compilations can say nearly as much as the actual information. In these scenarios, the government is allowed to classify the entire compilation if the information revealed by what is excluded would independently meet the requirements of classification discussed above (EO 13526 Section 1.7(e)).

E. Duration

EO 13526 also implements requirements on the duration of applied classification (EO 13526 Section 1.5). In general, it is up to the original classification authority to determine when something is declassified, subject to certain restrictions in the order. There is a maximum classification duration of 10 years, or 25 years for particularly sensitive information. If the authority does set a date, the information is automatically declassified on that date. If the agency declines to pick a specific date, the information is presumed to declassify 10 years from the date of the original decision, unless the agency determines the information’s sensitivity is such that it merits a 25-year duration. Authorities can extend the duration of classification by following the procedures of this order (in essence, starting from scratch to show the information should still be classified). Information that was previously marked for some form of an indefinite duration of classification under previous executive orders also needs to comply with these rules on duration.

F. Declassification

Once the duration on classification has expired, or an authority otherwise feels information shouldn’t be classified, the order lays out rules on how to go about declassifying information. There are three main categories of declassification: Automatic Declassification, Systematic Review, and Mandatory Review (EO 13526 Part 3).

F.1. Authority to Declassify

First, the original authority that classified the information, or their successor, can authorize declassification (EO 13526 Section 3.1). This authority can also be delegated, or exercised by a supervisory authority. Second, the Director of National Intelligence (DNI) always has authority over information or intelligence relating to intelligence sources, methods, or activities. The agency head or the senior agency official can also determine if and when a piece of information that still meets classification requirements nonetheless should be declassified in the public’s interest.

Additionally, one of the core developments of this new executive order was the creation of a National Declassification Center in the National Archives (EO 13526 Section 3.7). Its purpose is “to streamline declassification processes, facilitate quality-assurance measures, and implement standardized training regarding the declassification of records determined to have permanent historical value.” Their purview extends to storing records, dealing with historical records, interagency declassification, and developing measures and guidelines for dealing with classified information. As a result, they enjoy broad authority over declassification efforts.

F.2. Automatic Declassification

Records over 25 years old that have permanent historical value under title 44 of the U.S. Code (USC) were automatically declassified without review in 2006. This process is set to repeat every December 31st, subject to a few exceptions (EO 13526 Section 3.3).

For instance, an agency head may exempt information from automatic declassification if it would reveal a confidential source, assist in the development of a WMD, impair U.S. cryptologic systems or activities, impair state-of-the-art weapons systems, reveal actual war plans that remain in effect, reveal information that would seriously and demonstrably impair relations between the U.S. and a foreign government, impair the protection of the President and Vice President, impair national security or reveal vulnerabilities, or violate any other statute, treaty, or international agreement. If an agency head wants to authorize such an exemption, they must notify the President, who may direct that agency head to not exempt the file, or declassify it at an earlier date. Information exempted from automatic declassification is still subject to mandatory and systematic declassification review.

There are also a few situations where the 25-year deadline is extended. Files in an integral file block are declassified as a block, dependent on the most recent record in that block. A delay of 5 years can be applied to classified information contained in microforms, motion pictures, audiotapes, videotapes, or comparable media that make a review for possible declassification exemptions more difficult or costly. A delay of 3 years may be applied to files that were transferred from another agency, or if it is discovered that files were inadvertently passed over for review.

F.3. Declassification by Review

Agencies also have to establish their own programs for mandatory and systematic declassification review, for records exempted from automatic declassification, to ensure information that no longer meets the order’s requirements is declassified (EO 13526 Sections 3.4-3.6). Additionally, the National Declassification Center conducts its own review program for records in their custody (EO 13526 Section 3.7). The Secretary of Defense may establish procedures regarding cryptologic information, and the Director of Central Intelligence may do so for information pertaining to intelligence activities.

For systematic programs, records of interest to researchers, or likely to be declassified, should be prioritized in such programs (EO 13526 Section 3.4). For mandatory review programs, information is subject to review if there is a request with sufficient specificity for the agency to locate the information with a reasonable amount of effort, that information has not been subject to such a request in the last 2 years, and that information is not otherwise exempt (like information originating from the incumbent President or Vice President) (EO 13526 Section 3.5-3.6). A mandatory review request can be made by a member of the public, but the specificity requirements limit the success of such actions. (See “Challenging classification: a third option,” by Stephen Aftergood, available at https://www.rcfp.org/journals/news-media-and-law-fall-2015/challenging-classification-th/ very interesting surface-level analysis of the declassification options available to the public.) Decisions on declassification can be appealed by the requestor or the classifying agency.

G. Access and Distribution

Obviously, the primary purpose of classification is to prevent access to, or distribution of, information that is classified. With that in mind, it should come as little surprise that a great deal of EO 13526 is dedicated to the limited circumstances in which somebody can access classified information (EO 13526 Part 4).

In order to be allowed access to classified information, a person must be OK’d for access by an agency head or their designee, sign a non-disclosure agreement, and have a demonstrable need to know the information (EO 13526 Section 4.1). Once you meet these criteria, you still are required to receive some level of training on how to safeguard the secrecy of the classified information. What’s more, you’re still not allowed to take the classified information anywhere beyond the control of the originating agency. You can’t even take it off the premises where it’s located without authorization from a suitable agency official. The agencies themselves are required to go to great lengths to ensure they implement policies to maintain these rules and limit access to classified information. The information can’t even travel beyond the agency it originates in without following a series of procedures.

So, lo and behold, the most secretive information in the country has rules to keep it secret. Access and distribution are limited to need-to-know and emergencies where there is an imminent threat to life or the country. Even then, agencies are required to reveal the absolute minimum necessary, and the information disclosed in this way is not considered declassified after the fact.

There are a few special access programs that can break these usual rules (EO 13526 Section 4.3). The Secretaries of State, Defense, and Energy, and the Director of Central Intelligence, or the principal deputy of each, may create a special access program as necessary as long as they are kept to an absolute minimum. These special access programs can only be made pursuant to a statute or where there is an exceptional vulnerability or threat and the normal way of determining who can access the information won’t work. The programs must be kept as small as possible.

Surprisingly, there are also some exceptions for historical research (EO 13526 Section 4.4). The EO allows for the usual need-to-know rules to be waived to some degree when a person is conducting historical research. Similar exceptions are provided to past Presidents and Vice Presidents, as well as those previously occupying certain policy-making positions where they were appointed by a President.

Specific waivers to access rules can be granted by the head of the agency where the classified information originated if they do so in writing and take additional steps to make sure the information is safeguarded consistent with the rules of the EO (EO 13526 Section 4.3).

H. Challenging Classification and Requesting Declassification of Information

What happens if you want to challenge the classification status of information? Let’s say you made a FOIA request and are told the information is classified and get nothing for your efforts, or perhaps you are barred from viewing financials of a government contractor and think they are improperly classified. Well, the unfortunate news is that you’re usually going to be out of luck, but there are some ways to challenge the appropriateness of the classification status of information and to request that it be declassified and made available to the public. However, those challenges are primarily available to those who already have access to the information and are authorized holders of the information (See EO 13526 Section 1.8). The primary methods for a private citizen to challenge classification are the MDR process discussed above or through the Freedom of Information Act; both require fairly specific knowledge of the classified information.

This is a frustrating state of affairs to many in the public, but it makes at least some sense in that there’s no way to know whether something is properly classified without knowing what the information is in the first place. Under the EO, authorized holders of information are expected to challenge classification on their own initiative where they believe something should either not have been classified in the first place or is due for declassification. (See id.) How often does that happen? It’s classified.

However, there are genuine protections for those in government who would ensure maximum government transparency by making sure the tool of classification is used appropriately. They are ostensibly protected from retaliation by the language of the EO. What’s more, the EO requires that these concerns be addressed by an actual impartial panel. The classification then undergoes an internal review and even an internal appeals process through the Interagency Security Classification Appeals Panel.

To the public, challenging classification is mostly out of reach beyond the very narrow scope of the mandatory declassification proceedings discussed above. As mentioned above, the Courts give great deference to classification and generally consider it improper to consider whether information should classified in a court setting. (See “Challenging classification: a third option,” Stephen Aftergood).

There are some rules on how classified information is handled in criminal cases, mostly outlined in the Classified Information Procedures Act, but even then, those rules are mostly focused on maintaining the secrecy of the information. (See Synopsis of Classified Information Procedures Act, available at https://www.justice.gov/jm/criminal-resource-manual-2054-synopsis-classified-information-procedures-act-cipa).

III. Classification and Government Accounting, a Summary of Federal Accounting Exemptions for Classified Information

Once a piece of information has been classified, it can have a snowball effect on every government agency even tangentially involved with it. For instance, federal government entities have quite a few situations where they can, and often are required to, omit or alter their financial statements to protect classified information. The Federal Accounting Standards Advisory Board (FASAB) created an accounting standard for this purpose: Statement of Federal Financial Accounting Standards 56 (“SFFAS 56” or “Standard 56”). SFFAS 56 allows federal agencies, and an enormous number of entities associated with the government, to alter and outright omit spending information where it is necessary to protect classified information. For a more detailed explanation of SFFAS 56, you can read FASAB Statement 56: Understanding New Government Financial Accounting Loopholes, available at https://constitution.solari.com/fasab-statement-56-understanding-new-government-financial-accounting-loopholes/ .

A. Covered Entities

The actual reporting entities empowered by the standards of SFFAS 56 include organizations that are included in the government-wide General Purpose Federal Financial Report (GPFFR). This includes any entities that are (1) budgeted for by elected officials of the federal government, (2) owned by the federal government, or (3) controlled by the federal government with risk of loss or expectation of benefits. These entities, and the entities that fall under their purview, are separated into several categories: component reporting entities, consolidated entities, and disclosure entities.

Component reporting entities are the various entities that both prepare their own GPFFR, and are within a larger reporting entity. This includes executive departments, independent agencies, government corporations, legislative agencies, and federal courts. Their GPFFRs are then consolidated into the government-wide GPFFR. Under the component reporting entities and included in their GPFFRs are various other organizations, from smaller departments to government contractors, which are split into two further categories: disclosure entities and consolidation entities.

Consolidation entities are entities like agencies and departments, and are reported by a larger entity as part and parcel of their financial reporting, as if they were one economic entity. Generally, a consolidation entity (1) is financed through taxes and other non-exchange revenues, (2) is governed by the Congress and/or the President, (3) imposes or may impose risks and rewards to the federal government, and (4) provides goods and services on a non-market basis. For instance, a department or corporation established by Congress to perform a government function is a classic example of a consolidation entity.

Disclosure entities, on the other hand, are financially independent organizations. These organizations still need to be included in the government-wide GPFFR but do not fully meet the four characteristics of consolidated entities. They include quasi-governmental entities, organizations in receiverships and conservatorships, and organizations owned or controlled through federal government intervention actions. A good example would be government- established non-profits that have a significant portion of their board appointed by the President but are entirely funded by their own activities.

However, despite all appearances, the Federal Reserve System and bailout entities are expressly excluded from the government-wide GPFFR. In particular, this includes entities like Freddie Mac and Fannie Mae. If the government obtains rights in another entity that would give them the sort of control that normally makes a disclosure entity, but it gains those rights when it guarantees or pays a debt, those rights don’t count for determining a reporting entity.

B. Reporting Exceptions

In general, disclosure entities are required to provide their financial reporting in a manner which is clear, concise, meaningful, and transparent. There are, however, a few new exceptions.

The first exception allows disclosure entities to modify their financial reports to prevent the disclosure of classified information in an unclassified GPFFR so long as these modifications do not change the net results of operations and net position.

This means that, when done to conceal confidential information, entities can, and are essentially required to, shift money from one line item to another so long as the totals stay consistent. The rule also allows entities to omit the line item entirely while retaining the amounts so as to maintain the same net results. This means that readers of these reports will never know if the amounts reported spent on specific projects or things are an accurate representation. Further, given the rationale of this being a national security precaution, there will not be any narrative in these reports explaining or revealing where a modification has taken place. If they can maintain net position in their reports, an entity can even omit a project entirely by folding it into another department or project within the same entity.

The second exception to reporting requirements of Standard 56 allows the reporting entity which the consolidation entity is consolidated with to modify reports to avoid disclosure of confidential information even if that modification changes net results of operations or net position. The reporting entity can move the financials of the consolidation entity or even choose not to include them in its report; full stop.

The final exception to accounting standards within Standard 56 doesn’t do much at the moment but has the greatest potential to undermine financial transparency in the future. It allows FASAB to issue Interpretations of Standard 56 in the future, which would allow other modifications to financial reports for the purpose of avoiding disclosure of classified information. FASAB can, and likely will, release these Interpretations over time. These Interpretations can allow modifications to reporting without regard for maintaining an entity’s net results or net position in their reporting. Those Interpretations may even be classified themselves, resulting in a portion of the federal government’s accountability standards being concealed from the public.

IV. Classification and Private Entities, a Summary of Classification Exemptions for Private Entities

As a threshold matter, any documents filed with the SEC are subject to a general national security exemption under 17 CFR 240.0-6, which requires that no “. . . document filed with the Commission or any securities exchange shall contain any document or information which . . . has been classified.” However, the SEC still requires the filing of “a statement from an appropriate department or agency of the United States to the effect that such document or information has been classified or that the status thereof is awaiting determination.” This statement must be in writing and must be obtained prior to reporting (or in lieu of reporting) any classified information to the SEC.

Second, certain internal accounting and external reporting requirements can be waived for private entities by the Director of National Intelligence. Normally, issuers of securities need to “make and keep books, records, and accounts, which, in reasonable detail, accurately and fairly reflect the transactions and dispositions of the assets of the issuer” and maintain internal accounting according to generally accepted accounting principles (GAAP) (see 15 USC 78m(b)(2)). Failing to do so can result in criminal liability. A waiver from the Director of National Intelligence (DNI) can remove some of those requirements, allowing private entities to deviate from GAAP and even alter their books if the waiver allows.

The waiver can be issued to:

“. . . any person acting in cooperation with the head of any Federal department or agency responsible for such [classified] matters if such act in cooperation with such head of a department or agency was done upon the specific, written directive of the head of such department or agency pursuant to Presidential authority to issue such directives. Each directive issued under this paragraph shall set forth the specific facts and circumstances with respect to which the provisions of this paragraph are to be invoked. Each such directive shall, unless renewed in writing, expire one year after the date of issuance.” (15 U.S. Code § 78m(b)(3)(A), available at https://www.law.cornell.edu/uscode/text/15/78m)

The use of this particular exemption was always allowed by statute, but the power was delegated to the DNI in an obtusely named presidential memo by President G.W. Bush to the Director of National Intelligence, “Memorandum on Assignment of Function Relating to Granting of Authority for Issuance of Certain Directives,” stating

“I hereby assign to you [the Director of National Intelligence] the function of the President under . . . [15 U.S.C. 78m(b)(3)(A)]. In performing such function, you should consult the heads of departments and agencies, as appropriate.” (Memorandum for the Director of National Intelligence (May 5, 2006, available at https://www.gpo.gov/fdsys/pkg/FR-2006-05-12/html/06-4538.htm).

Presidential memos have no legal requirements in order to be used. They simply direct an agency to act in a certain manner. This particular memo granted the required “Presidential authority” of section 78m(b)(3)(A) to the Director of National Intelligence, enabling the Director to exempt private contractors from SEC reporting requirements.

V. How Does Classification Impact You as an Investor?

As we’ve discussed, information is key to making prudent investment decisions, and securities regulation is focused on ensuring investors get that information. On the other hand, the laws surrounding classified information are the exact opposite, and are concerned with ensuring some information sees the light of day just in time to graduate from college and get a law degree.

If that information only mattered to the government and potential enemies, that wouldn’t be a problem. However, the federal government is deeply entangled with the private sector, especially when it comes to private military and intelligence contractors, and various government grants. Even more, the government itself issues securities, like Treasury bonds, whose value is dependent in some part on the government’s own finances (which are now classified).

There is obviously a push and pull between transparency and security. Classification isn’t just a tool of obfuscation; it has genuine value in protecting the interests of the country. Classified information is virtually essential to operating the U.S. government. However, it still creates a closed system where the existing oversight is also classified and is almost completely opaque to an outside observer or investor. There is no independent auditor outside the classification system to ensure that all use of classification is compliant with the executive order. This lack of information is an issue when analyzing an investment with some relationship to classified information—just like it would be for any other security. Especially when dealing with government contractors, it’s important to understand what information will be available to you and what material information cannot be relied on in making an informed decision in moving forward on your investments. The rule here is the rule for all investment: be informed, determine what sources you can trust, and then weigh your risks.

VI. About Us

This article was written and edited by Michele Ferri and Jonathan Lurie of The Law Offices of Lurie and Ferri for use by the Solari Report. Michele Ferri and Jonathan Lurie and both practicing attorneys out of California. The Law Offices of Lurie and Ferri focus on working with start-up businesses as well as on intellectual property and business law issues. They can be found at http://www.lflawoffices.com/ or contacted at partners@lflawoffices.com.
________________
i. Financial institutions are considered federal contractors for legal purposes if they: (1) are FDIC insured or insured by the National Credit Union Association; (2) serve as a federal fund depository; or (3) hold a federal contract exceeding $10,000.