- Cybersecurity company Cloudflare is about to become public company, possibly as soon as this week, and there are indicators that investors are ready to buy in.
- However, the company also quietly updated its S-1 filing to go public to disclose that it may have broken the law in ways including including selling its services to terrorists, to narcotics traffickers, and to governments being sanctioned by the US.
- It also may have violated laws governing exporting encryption technology, it said in the filing.
- Cloudflare has for years faced scrutiny over its role in protecting some of the darkest corners of the internet.
- Visit Business Insider’s Tech homepage for more stories
Cloudflare gave a strong indication that its IPO roadshow is going well, when on Wednesday it increased its pricing range on Wednesday to $12 to $14 per share — up from $10 to $12 per share.
This should value the company at between $3.5 billion and $4.1 billion at the time of its IPO, exceeding its last private valuation of $3.25 billion. The company is expected to go public later this week, possibly as soon as Thursday.
But then the company also raised eyebrows by filing an amended S-1 form, its IPO prospectus, in which it admitted it may have violated US law. It sold its services to entities blacklisted by US government including terrorists, narcotics traffickers and sanctioned governments, it said in the filing.
Specifically, Cloudflare said (emphasis ours):
“We identified that our products were used by, or for the benefit of, certain individuals and entities included in OFAC’s Specially Designated Nationals and Blocked Persons List (the SDN List), including entities identified in OFAC’s counter-terrorism and counter-narcotics trafficking sanctions programs, or affiliated with governments currently subject to comprehensive U.S. sanctions. A small number of these parties made payments to us in connection with their use of our platform.”
It also disclosed it may have broken US laws governing exporting encryption hardware.