Cloudflare, Doing IPO, Reports It May Have Broken US Sanctions

Cybersecurity company Cloudflare submitted “incorrect information” on hardware exports to the Commerce Department and received payments from people and entities on a sanctions list of foreigners, it told the SEC this month. It voluntarily disclosed possible violations to the Bureau of Industry and Security and Office of Foreign Assets Control this year. It took “remedial measures” to prevent future violations, and agencies are reviewing the potential violations, the company said. The firm said it sells products to “certain OFAC-sanctioned regions” through the use of general licenses. The company didn't comment further Friday. The SEC filing involved an initial public offering, which the agency acted on Thursday, the firm said then. In the first day of trading in U.S. markets under the NET ticker Friday, shares closed up 20 percent at $18.