Summary
The Securities Act of 1933 makes every offer or sale of a security subject to SEC registration unless an exemption applies. 15 U.S.C. § 77e, 15 U.S.C. § 77c, 15 U.S.C. § 77d. AI startups avoid registration by relying on a chain of exemptions. At founding, Section 4(a)(2) of the Securities Act covers founder stock. 15 U.S.C. § 77d(a)(2). Rule 701 exempts equity compensation to employees and advisors. 17 C.F.R. § 230.701. Rule 506(b) of Regulation D exempts limited offers and sales of securities from SEC registration without regard to dollar amount of offering. 17 C.F.R. § 230.506(b). A major tax incentive, the qualified small business stock exclusion under Section 1202, can eliminate federal capital gains tax on founder and early investor shares held more than five years. 26 U.S.C. § 1202. Once a startup goes public or crosses certain holder thresholds, it must register under the Exchange Act and disclose material cybersecurity incidents within four business days of determining the incident is material. Exchange Act Section 12 registration triggers, SEC cybersecurity incident disclosure guide. The SEC actively enforces Rule 10b-5 against AI washing (misleading claims about artificial intelligence) and private class actions over AI disclosures have surged. No single federal statute governs AI in securities, but the existing framework already imposes significant obligations on AI startups at every step.
What triggers federal securities law when an AI startup is formed
When a startup issues stock to its founders, it is offering and selling a security. Under Section 5 of the Securities Act, every offer or sale must be registered with the SEC or qualify for an exemption. 15 U.S.C. § 77e. Registration is costly and time consuming, so startups use an exemption from the start.
The most basic exemption is Section 4(a)(2), which covers transactions by an issuer that do not involve a public offering. 15 U.S.C. § 77d(a)(2). There is no dollar limit and no mandatory SEC filing, though good practice demands written subscription agreements and board resolutions. The exemption is narrow enough for founder issuances and small friends and family rounds, but it is not a practical foundation for raising venture capital from outside investors. For that, startups turn to Regulation D.
How do AI startups give equity to employees and advisors without registration
Rule 701 under the Securities Act creates a specific exemption for private companies issuing stock under a written compensatory benefit plan. 17 C.F.R. § 230.701. The exemption covers securities granted to employees, officers, directors, consultants, and advisors who are natural persons.
A company can sell an amount of equity in any 12 month period up to the greatest of three limits including $1 million, 15 percent of total assets, and 15 percent of the outstanding class of the security being offered.
If the total sales under Rule 701 exceed $10 million in a 12 month period, the company must deliver enhanced disclosures to each recipient. Those disclosures include a summary of the material terms of the plan (or, if the plan is subject to ERISA, the summary plan description required by ERISA), financial statements required by Part F/S of Form 1-A dated within 180 days, and information about the risks associated with investment in the securities. 17 C.F.R. § 230.701. The company must keep records of the plan, valuations, and compliance calculations.
Rule 701 stock is restricted and cannot be freely resold. That restriction matters for later registration thresholds. Also, Rule 701 securities are not covered securities under federal preemption, meaning individual states can still require registration. 17 C.F.R. § 230.701, 15 U.S.C. § 77r. This is a practical compliance step that early stage companies sometimes overlook.
Why qualified small business stock matters for every AI startup
The federal tax code rewards early investors and founders who hold startup equity for the long term. Under Section 1202, a non corporate taxpayer can exclude from federal capital gains tax a portion of the gain on the sale of qualified small business stock, or QSBS, held more than five years. 26 U.S.C. § 1202.
To qualify, the stock must be original issue from a domestic C corporation with gross assets of $50 million or less at all times before and immediately after issuance (raised to $75 million for stock issued after July 4, 2025). 26 U.S.C. § 1202, Carta. At least 80 percent of the corporation’s assets must be used in an active trade or business. The benefit is not available to S corporations or LLCs, a fact that often pushes AI startups to incorporate as C corporations from day one.
The exclusion changed under the One Big Beautiful Bill Act, enacted July 4, 2025. The table below shows the key differences.
| Rule | Stock acquired on or before July 4, 2025 | Stock acquired after July 4, 2025 |
|---|---|---|
| 100% exclusion holding period | 5 years | 5 years |
| Tiered exclusion | None | 50% after 3 years, 75% after 4 years |
| Maximum exclusion per issuer per taxpayer | Greater of $10 million or 10x basis | $15 million (indexed for inflation from 2027) |
| Gross asset limit at issuance | $50 million | $75 million |
The numbers are large. Between 2012 and 2022, taxpayers claimed more than $152 billion in QSBS exclusions. Equitable Growth. Filers with total positive income over $1 million accounted for 74.4 percent of the excluded gains claimed by individuals. The benefit is worth tens or hundreds of millions to a successful AI company’s founders and early investors, so careful planning around QSBS eligibility is a core part of startup structuring.
A related provision, Section 1045, lets a taxpayer defer gain on QSBS held more than six months if the proceeds are rolled into other QSBS within 60 days. The holding period of the old stock tacks onto the replacement stock. 26 U.S.C. § 1223(13). That rollover can preserve the five year clock across multiple startup investments.
How AI startups raise capital with SAFEs
The simple agreement for future equity, or SAFE, is the dominant early stage fundraising instrument. Introduced by Y Combinator in 2013, a SAFE is not debt. It does not accrue interest, has no maturity date, and carries no repayment obligation. Instead, the investor receives the right to equity when a triggering event occurs, typically a future equity financing or an acquisition. SEC
SAFEs are securities under federal law and must be sold under an exemption, almost always Regulation D Rule 506(b) or, on platforms like AngelList, Rule 506(c) or Regulation Crowdfunding. SEC Investor Bulletin, Investopedia, Law firm analysis, Startup law analysis. In the first quarter of 2025, SAFEs represented 90 percent of all pre seed deals on Carta, and over a recent 12-month period they made up 64 percent of seed rounds, compared with 27 percent for priced equity and 10 percent for convertible notes. Carta
Almost all SAFEs today are post money SAFEs, which calculate ownership after the new money is included. That standard captures 87 percent of all SAFEs issued in the third quarter of 2024. Carta. The earlier pre money SAFE calculates ownership before the new money, which made founder dilution harder to track.
A SAFE round still requires a Form D filing within 15 calendar days of the first sale if it relies on Regulation D. SEC. The exemption and filing requirements are driven by the securities being sold, not the instrument’s name.
What are the main Regulation D exemptions for an AI startup
Regulation D provides three safe harbors from registration under Section 4(a)(2). Most AI startups use Rule 506(b) or Rule 506(c). Rule 504 is less common.
Rule 506(b) allows an issuer to raise an unlimited amount of money from an unlimited number of accredited investors and up to 35 non accredited but sophisticated investors. General solicitation (public advertising) is prohibited. Under Rule 506(b), the issuer must have a reasonable belief that each purchaser is an accredited investor, based on the facts and circumstances including the issuer’s relationship to and information about the purchaser. Self-certification by checking a box alone, without any other knowledge of the purchaser’s financial circumstances, is not sufficient. SEC guidance on assessing accredited investors
Rule 506(c) was added by the JOBS Act and took effect in 2013. It permits general solicitation, including social media and demo day presentations. However, every purchaser must be an accredited investor and the issuer must take reasonable steps to verify that status. The rule provides five non-exclusive and non-mandatory safe harbor verification methods under paragraph (c)(2)(ii), namely reviewing IRS forms for the two most recent years and obtaining a written income representation for income, reviewing account statements and a consumer report and obtaining a written net worth representation for net worth, written confirmation from a registered broker dealer, SEC registered investment adviser, licensed attorney, or CPA, for persons who purchased in the issuer’s Rule 506(b) offering as accredited investors before September 23, 2013 and continue to hold those securities, a written certification of continued accredited status, and for persons previously verified under paragraph (c)(2)(ii), a written representation of continued status valid for five years. 17 C.F.R. § 230.506(c)(2)(ii)
Both rules require a Form D filed within 15 calendar days of the first sale. Both rules produce covered securities under federal law, meaning state registration is preempted, though states can still require a notice filing and fee. 15 U.S.C. § 77r
Rule 504 exempts offerings up to $10 million in any 12-month period. Sales may be made to any number of investors regardless of wealth or sophistication. However, state blue sky registration is not preempted for Rule 504 offerings, and Rule 504 accounts for a small fraction of Regulation D offerings compared to Rule 506. SEC Rule 504 page, SEC exempt offerings FAQ, SEC Reg D statistics
An accredited investor is defined in Rule 501(a). For an individual, the income test is $200,000 in each of the past two years (or $300,000 joint) with a reasonable expectation of the same in the current year, or a net worth over $1 million excluding a primary residence. Since 2020, persons holding certain professional licenses like the Series 7, 65, or 82 also qualify. Any organization described in section 501(c)(3) of the Internal Revenue Code, corporation, Massachusetts or similar business trust, partnership, or limited liability company with more than $5 million in total assets and not formed for the specific purpose of acquiring the securities offered, and any director, executive officer, or general partner of the issuer (or of a general partner of the issuer), are also accredited. 17 C.F.R. § 230.501(a)
What other capital raising exemptions exist
Beyond Regulation D, two other federal exemptions matter for AI startups that want to reach non accredited investors or raise money from a broad public.
Regulation Crowdfunding (Reg CF) permits an eligible company to raise up to $5 million in a 12-month period through an SEC registered intermediary, either a broker dealer or a funding portal. 17 C.F.R. Part 227. Non accredited investors face investment limits. If either annual income or net worth is below $124,000, the limit is the greater of $2,500 or 5 percent of the greater of the two. If both are at or above $124,000, the limit is 10 percent of the greater, capped at $124,000 in aggregate across all Reg CF offerings in a 12-month period. Accredited investors have no cap. The issuer must file a Form C and an annual report on Form C-AR. Securities are restricted and cannot be resold for one year. Reg CF has a small footprint in the venture ecosystem. As of the end of 2024, there were 83 registered funding portals and a total of roughly $1.3 billion in cumulative proceeds raised across all offerings ever. The median issuer had about $80,000 in total assets and three employees. SEC DERA
Regulation A is a scaled public offering exemption in two tiers. Tier 1 allows raises up to $20 million in 12 months. Tier 2 allows up to $75 million. Both tiers require SEC qualification of an offering circular, comparable to a mini registration. Tier 2 also requires audited financial statements and ongoing semiannual reporting. There is no limit on who can invest. Regulation A, sometimes called a mini-IPO, is an exempt offering that permits a company to offer and sell securities to the public through a process less extensive than a registered offering, but it raises less than one percent of the amount raised under Regulation D Rule 506(b) and 506(c) combined. SEC, SEC Chairman remarks
How do startups avoid having multiple offerings treated as one
A startup often runs several raises in a calendar year, a SAFE round, an option grant program under Rule 701, a later priced Series A. The integration doctrine asks whether two nominally separate offerings should be treated as a single integrated offering for exemption purposes, potentially causing one or both to lose their exemption. Rule 152 of the Securities Act provides four non exclusive safe harbors that prevent integration. 17 C.F.R. § 230.152
Safe Harbor 1, two offerings separated by more than 30 calendar days will not be integrated. Safe Harbor 2, Rule 701 offerings, employee benefit plan offerings, and Regulation S offshore offerings are never integrated with other offerings. Safe Harbor 3, a registered offering under a filed registration statement is not integrated. Safe Harbor 4, an offering using general solicitation followed by a non general solicitation offering is not integrated if at least 30 days pass and certain conditions are met. Most startups rely on Safe Harbors 1 and 2 as a matter of routine.
There is also a bad actor safety screen. Rule 506(d) disqualifies an issuer from relying on any Rule 506 exemption if the issuer, its directors, executive officers, general partners, managing members, or beneficial owners of 20 percent or more of the issuer’s outstanding voting equity securities have been convicted of certain securities crimes or are subject to SEC or court orders within a specified lookback period. 17 C.F.R. § 230.506(d) The disqualification also reaches Regulation CF and Regulation A. A clean background check on key principals is a necessary diligence step before any exempt offering.
When does an AI startup have to register with the SEC
A company can stay private for a long time, but Section 12(g) of the Exchange Act forces registration once the company grows past certain thresholds. If an issuer has total assets exceeding $10 million and a class of equity securities held of record by either 2,000 or more persons, or 500 or more persons who are not accredited investors, it must register that class within 120 days after the fiscal year end in which it crossed the threshold. 15 U.S.C. § 78l(g), SEC
The JOBS Act of 2012 raised those numbers from 500 holders total. Employee compensation plan securities are excluded from the held of record count. Rule 12g5-1 provides a non exclusive safe harbor for plan securities that meet the Rule 701(c) conditions. 17 C.F.R. § 240.12g5-1(a)(8)(ii). A startup with a growing option pool and many small angel investors must track its holder count. Once registered, the company becomes subject to periodic reporting (Forms 10-K, 10-Q, 8-K) and proxy rules. Many AI startups actively manage their cap table to stay below the 2,000 holder line until they are ready to go public on their own timeline.
What cybersecurity incident disclosure a public AI company must make
The SEC’s cybersecurity disclosure rules require public companies (other than smaller reporting companies) beginning December 18, 2023 to disclose a material cybersecurity incident on Form 8-K within four business days after it determines the incident is material. The disclosure must describe the material aspects of the nature, scope, and timing of the incident, and the material impact or reasonably likely material impact on the company. SEC
Materiality follows the standard Supreme Court definition, that information is material if a reasonable shareholder would consider it important in making an investment decision. That standard is familiar from Rule 10b-5 and Section 11. The clock starts when the company makes the materiality determination, not when it first learns of the incident. Disclosure can be delayed for up to 120 days with written consent from the U.S. Attorney General for national security or public safety reasons.
The rule also created annual reporting obligations under Regulation S-K Item 106 in the Form 10-K. Companies must describe their processes, if any, for assessing, identifying, and managing material risks from cybersecurity threats, and the board’s oversight of those risks. SEC
In the first year of the rule, 24 companies filed a Form 8-K under Item 1.05. After the SEC’s May 2024 guidance discouraging use of Item 1.05 for non-material incidents, reporting shifted. Since April 2024, 41 companies filed incident reports, 26 under the voluntary Item 8.01 and 15 under the mandatory Item 1.05. Tax alert The SEC also enforced pre rule conduct. Flagstar Bancorp settled in December 2024 after filing a Form 8-K stating no evidence of unauthorized customer data access when it had learned one day earlier that attackers had exfiltrated sensitive customer data. NYU Compliance
For an AI startup that goes public, the cybersecurity rules are as immediate as any other public company obligation. A breach of training data, model weights, or research infrastructure can be material, especially when it touches customer data or core product capabilities.
What is AI washing and how does the SEC enforce it
AI washing means making false or misleading claims about a company’s use of artificial intelligence in order to attract investment or customers. The SEC enforces AI washing under Rule 10b-5 of the Exchange Act and Section 17(a) of the Securities Act, the general antifraud provisions. Together, they prohibit material misstatements or omissions in connection with the offer, purchase, or sale of securities. 17 C.F.R. § 240.10b-5, 15 U.S.C. § 77q(a)
The SEC brought its first AI washing actions in March 2024 against two investment advisers, Delphia (USA) Inc. and Global Predictions Inc., settling for a combined $400,000 in civil penalties. Delphia had falsely stated in SEC filings, a press release, and on its website that it used AI in its investment processes, while Global Predictions made false claims on its website and social media about its purported use of AI. SEC
The first AI washing action against a public company came in January 2025 with Presto Automation Inc., a Nasdaq listed restaurant technology company. The SEC charged that Presto overstated the capabilities of its Presto Voice AI product and failed to disclose that the underlying speech recognition technology belonged to a third party and required significant human intervention. SEC Admin. Proceeding 33-11352-S
The most serious case to date involves Nate, Inc. and its founder and former CEO Albert Saniger. In April 2025, the SEC and the Department of Justice filed parallel civil and criminal actions alleging that Saniger raised more than $42 million by telling investors the company’s shopping app used AI to process transactions. In fact, contract workers overseas handled them manually. The automation rate was claimed at over 90 percent but was essentially zero. The SEC charged violations of Rule 10b-5 and Section 17(a). The DOJ charged securities fraud and wire fraud, each carrying a maximum 20-year prison sentence. Saniger resides in Spain, and as of mid-2025 service had not been completed. Law firm analysis
The SEC’s focus on AI is institutionalized. In February 2025, the agency established the Cyber and Emerging Technologies Unit, or CETU, with approximately 30 fraud specialists and attorneys targeting AI, cybersecurity, and blockchain misconduct. SEC press release At the Securities Enforcement Forum West in May 2025, a CETU enforcement attorney stated that rooting out AI washing fraud schemes is an immediate priority. The SEC filed 456 enforcement actions in fiscal year 2025 and secured about $17.9 billion in monetary relief. SEC The Division of Examinations named AI as a top focus area in its fiscal year 2026 priorities.
Every statement an AI startup makes in pitch decks, websites, Form D filings, and disclosure documents should be capable of objective verification. A broad claim of AI powered without defined metrics can become an enforcement risk if the technology is still under development or involves significant human assistance.
How are private securities class actions targeting AI claims
Private plaintiffs have followed the SEC’s lead. In 2025, 16 AI related securities class action filings were recorded, more than the entire 2024 total, and they accounted for 57 percent of the total Maximum Dollar Loss Index for the year. Tax alert
The theories are expanding beyond AI washing. A suit filed against Reddit in June 2025 alleges the company failed to disclose that Google’s AI Overviews were materially reducing Reddit’s search referral traffic and advertising revenue. That marks a shift toward claims that a company understated AI related risk from third party technology rather than overstating its own AI. Around the same time, a class action against Apple alleged misleading statements about the timing and readiness of AI powered Siri enhancements for the iPhone 16. Apple moved to dismiss. Law firm analysis
The pattern is clear. The combination of an SEC enforcement priority and an active plaintiffs’ bar means that AI disclosure is a material litigation risk for any public AI company or any private company nearing an IPO. Even a startup raising a large late stage round can face antifraud exposure if its investor communications are inaccurate.
What regulatory changes are coming for AI and securities law
The SEC proposed far reaching AI conflict rules in July 2023 that would have required broker dealers and investment advisers to identify and eliminate or neutralize conflicts of interest from using predictive data analytics and AI in investor interactions. Two commissioners dissented, and industry commenters criticized the breadth of the proposal. The SEC withdrew the proposal in June 2025 under the new administration, and there is no indication that it will be reintroduced in similar form. SEC, Congressional Research Service
In December 2025, the SEC’s Investor Advisory Committee voted to recommend that the Commission issue guidance requiring issuers to define AI in their disclosures, to disclose board oversight of AI, and to report how AI deployment affects operations. Chair Paul Atkins and Commissioner Hester Peirce expressed skepticism about new prescriptive AI requirements, signaling that the current disclosure framework based on materiality is likely to remain the central tool. Law firm analysis No rulemaking has been initiated as of May 2026.
David Woodcock was appointed Director of the SEC’s Division of Enforcement effective May 4, 2026. SEC His tenure will shape the pace and emphasis of AI enforcement for the next several years. The CETU and the Division of Examinations’ focus on AI suggest that enforcement will remain active even if new rulemaking is paused.
For now, the law for AI startups is not a separate AI statute. It is the existing Securities Act and Exchange Act, applied with an intense focus on whether claims about AI are accurate, supportable, and disclosed.
Key takeaways
- Use a written compensatory benefit plan and track Rule 701 limits from day one. Cross the $10 million aggregate sales threshold and enhanced disclosures kick in.
- Work with counsel to maintain QSBS eligibility. The difference between a $15 million exclusion and no exclusion can be the largest single tax event in a founder’s life.
- File Form D within 15 calendar days after the first SAFE sale. Late or missing filings from past rounds can complicate due diligence for a Series A.
- Pick Regulation D Rule 506(b) or 506(c) based on whether the startup intends to publicly solicit. The verification burden under 506(c) is real and cannot be met with a simple check box.
- Watch the Section 12(g) thresholds. A large option pool and many small angel investors can trigger a registration requirement the company is not yet ready to meet.
- Treat any statement about AI capabilities in a pitch deck, website, or Form D as a potential source of 10b-5 liability. Every claim should be verifiable and drafted with the same care as a public disclosure.
- Build a cybersecurity incident response plan that includes a step for materiality determination. The four business day clock starts when the company decides an incident is material, not when the breach occurred.
- Monitor SEC enforcement priorities. The CETU’s stated priority is AI washing, and the Division of Examinations will scrutinize whether companies’ practices match their AI claims.
Frequently asked questions
Q:What is a SAFE and why do AI startups use it instead of a convertible note?
A:A SAFE is a simple agreement for future equity. It gives an investor the right to receive stock in a later priced round, a sale, or an IPO. Unlike a convertible note, a SAFE carries no interest, no maturity date, and no repayment obligation. AI startups use them because they are fast and standard. Post money SAFEs now capture almost 90 percent of SAFE issuances.
Q:What is an accredited investor?
A:An individual whose income has exceeded $200,000 (or $300,000 joint) in each of the past two years with a reasonable expectation of the same in the current year, or whose net worth is over $1 million excluding the primary residence. Certain professional license holders and the issuer’s directors and executive officers also qualify. 17 C.F.R. § 230.501(a)
Q:How long do I have to hold QSBS to get the 100 percent exclusion?
A:Five years. For stock issued after July 4, 2025, there is a tiered exclusion that provides 50 percent after three years and 75 percent after four years. 26 U.S.C. § 1202
Q:What happens if I forget to file Form D?
A:There is no single bright line penalty for a late Form D, but a missing or inaccurate filing can be an enforcement risk and will surface in buyer due diligence. The exemption is not conditioned on filing, but a pattern of noncompliance can erode a company’s ability to rely on Regulation D down the road.
Q:Can an AI startup use Regulation Crowdfunding instead of a traditional venture round?
A:Yes, up to $5 million in a 12-month period, but the offering must go through an SEC registered intermediary. The non accredited investor investment limits and the one year resale restriction make it a better fit for consumer facing AI products with a broad user base than for standard venture backed companies.
Q:What triggers the four business day cybersecurity disclosure deadline?
A:The deadline starts when the company determines the incident is material. Material means a reasonable shareholder would consider it important. There is no bright line dollar threshold. The SEC has brought enforcement actions where a company filed a Form 8-K that was misleading about a cybersecurity incident, including a case where the company stated it had no evidence of unauthorized access to customer information despite knowing that attackers had accessed and exfiltrated sensitive customer data. NYU Compliance, NYU Compliance
Q:Can the SEC bring criminal charges for AI washing?
A:The SEC brings only civil actions. Criminal charges come from the Department of Justice. In the Nate, Inc. case, the DOJ charged the founder with securities fraud and wire fraud, each carrying up to 20 years in prison. The SEC filed a parallel civil suit. DOJ Press Release, Litigation Release LR-26282
Q:Do I need a lawyer for a SAFE round?
A:There is no legal requirement, but a lawyer is standard practice. A SAFE is a security, and the exemption depends on compliance with Regulation D. Counsel also ensures the terms are market, the cap table is accurate, and no integration or bad actor problems exist.
Q:What is the best legal structure for an AI startup seeking QSBS?
A:A Delaware C corporation. LLCs and S corporations cannot issue QSBS. Because the benefit requires gross assets of $75 million or less at issuance, many startups incorporate early as a C corp and carefully track asset valuations before each funding round.
Subscribe to The Compute Law Brief
The Compute Law Brief is a free weekday newsletter on the law of AI infrastructure across tax, real estate, construction, power, and deals. The big US build markets and federal law. Three minutes a morning. No paywall, and no email gate to read the blog. Subscribe if you want it in your inbox.
Junde Liu, JD, LL.M. (Taxation) candidate at UF Law. Originally published on Compute Law Blog. This article is general information and does not constitute legal advice. Reading it does not create an attorney client relationship. The reader should not act on the basis of any content here without first consulting a licensed attorney in the relevant state. Last reviewed for accuracy May 23, 2026.