Compliance Field notes

Who Authorized This Issuance? The Question Most Cap Tables Can't Answer

An issuance your cap table shows but no one can prove the board approved is the gap diligence opens with. Why it happens, what it costs, and what an authorized equity record looks like.

June 14, 2026 8 min read
A board reviewing and signing the authorization behind a share issuance

On this page

  1. What an authorization record actually is
  2. Why cap tables lose the authorization
  3. What the gap costs at diligence
  4. Why a clean cap table is not the same as an authorized one
  5. What an authorized equity record looks like
  6. The bottom line

There is a question a buyer's counsel asks on almost every diligence call, and it is rarely the one founders prepare for. It is not "how many shares are outstanding?" The cap table answers that. It is not "who holds them?" The cap table answers that too. The question is quieter and harder: "Who authorized this issuance, and can you show me?"

That is the moment a clean-looking cap table starts to wobble. The founder can point to the row. The row says 250,000 common shares issued to an early engineer in the second year. The certificate exists. The engineer has voted, received updates, been treated as a shareholder by everyone for every purpose that matters. But the question was not whether the shares exist. The question was who approved issuing them, and where that approval is written down. And for a surprising number of companies, the honest answer is that nobody can find it.

This is a field-notes piece, not a legal guide. It is about the gap between recording that an equity transaction happened and proving it was authorized, why that gap opens so quietly, and what it takes to close it before someone with diligence training opens the file.

What an authorization record actually is

Every equity transaction in a corporation is supposed to rest on an act of authority. A share issuance is authorized by the board, by resolution or written consent, naming the recipient, the class, the number of shares, and the consideration. An option grant is approved by the board, usually against a pool the board already authorized. A transfer that the constating documents make subject to board approval needs that approval on the record. A dividend is declared by the board before it is paid. A restricted stock award and its repurchase terms are approved before the shares are issued.

The authorization record is the document that proves the act of authority happened: the resolution or consent, with its date, its signatories, and the specific terms it approved. It is not the cap table entry. It is not the certificate. It is the thing that makes the cap table entry and the certificate legitimate rather than merely present.

The distinction sounds academic until you watch a reviewer work. The cap table tells the reviewer what the company believes is true. The authorization record tells the reviewer why the company is entitled to believe it. A reviewer who cannot connect the two does not assume the issuance was valid. They assume it is a question, and questions on a closing calendar cost money.

Why cap tables lose the authorization

The authorization rarely goes missing on purpose. It goes missing because the cap table and the minute book are maintained as two separate habits, on two separate cadences, by two separate sets of hands.

The cap table is a living operational tool. A founder updates it the day a hire signs, the day a SAFE lands, the day a transfer is agreed. It is fast, and being fast is the point. The authorization, by contrast, is a governance act that is supposed to happen first but is treated as paperwork that can happen later: at the next board meeting, when the lawyer circulates consents, when someone gets around to it. The cap table moves at the speed of the business. The authorization moves at the speed of whoever maintains the minute book, which in an early company is often no one in particular.

So the two drift. The issuance is entered because the business needs the cap table current. The resolution is deferred because nothing forces it to happen at the same moment. The intention is always to circle back. Sometimes someone does. Often the deferral simply outlives everyone's memory of it, and the first person to notice the gap is a reviewer two years later who finds the row and asks for the consent that should sit behind it. We walked through this exact pattern, among others, in the records findings that delay closings: a share issuance recorded in the register and on the certificate stub, never authorized by a board resolution, is the single most common finding in early-stage records.

The same drift shows up in transfers, where the cap table treats a departing co-founder as out while the authorization that should have approved the buyout never happened, a dynamic we covered in how share transfers quietly corrupt ownership records. In every case the mechanism is identical. The record of the event is easy and immediate. The record of the authority behind the event is deferred, and deferral is where it dies.

What the gap costs at diligence

An issuance the company cannot tie to an authorization does not usually kill a deal. It does three smaller things, and they add up.

First, it slows the closing. The buyer's counsel cannot rely on the certificate as evidence of a valid issuance without the authority behind it, so they ask the seller to produce it. If it exists somewhere, the seller spends billable hours finding it. If it does not, the seller produces a ratifying resolution after the fact, which the board signs now to bless something it did two years ago. Either way the closing waits, and a closing that waits is a closing that costs more.

Second, it weakens the seller's position. A backdated or ratifying consent is not invisible. The buyer's counsel notes it in the disclosure schedule, and a finding in the disclosure schedule is leverage. It becomes a reason for an indemnity carve-out covering any future challenge to that ownership, which means the seller carries exposure on that issuance for years after the wire clears. What a diligence lawyer reads in your minute book walks through how reviewers treat exactly these flags once they find them.

Third, and most corrosively, it changes the tenor of the whole review. A reviewer who finds one issuance without its authorization stops trusting the cap table as a record and starts treating every row as something to verify. The review that should have taken a week takes three. Trust in the file is the thing you are actually selling at diligence, and a single unauthorized issuance is enough to spend it.

Why a clean cap table is not the same as an authorized one

This is the part worth being honest about, because most cap table software does not solve it. A modern cap table tool is very good at the cap table: it tracks shares, classes, options, and dilution, and it keeps the math correct. What it generally does not do is hold the authorization behind each transaction and refuse to record the transaction without it. The issuance goes in because you typed it in. Nothing in the tool asks who approved it or stores the proof.

That is the gap. A cap table can be perfectly clean, perfectly reconciled, and still be undefensible, because clean tells you the numbers agree, not that the events behind the numbers were authorized. The two questions are different, and diligence asks the second one. We think a cap table that cannot answer "who authorized this" is only doing half its job, which is part of why we built Octelligence cap tables on top of the same record that holds the authorizations, rather than as a separate ledger that floats above the minute book. Octelligence now keeps an authorization record for equity transactions so an issuance, a grant, a transfer, or a dividend declaration is tied to the act that approved it, not just the entry that records it. It is also where we draw a real line against tools like Carta and Pulley, which manage equity well but leave the authorization to live somewhere else, if it lives anywhere at all.

What an authorized equity record looks like

None of this is exotic. It is the same discipline diligence is checking for, run by the company ahead of the buyer instead of by the buyer in front of the company. An equity record that survives the "who authorized this" question can produce, for every transaction, with no reconstruction:

  • A board authorization for every issuance. A resolution or written consent naming the recipient, class, number of shares, and consideration, dated on or before the issuance, referenced from the register entry. See our how-to on issuing shares for the sequence.
  • An approval behind every option grant. Board approval against an authorized pool, with the grant date, agreement, and approval all referencing the same date and valuation.
  • Authority on every transfer that requires it. Where the constating documents make a transfer subject to board approval, the approval is on the record alongside the instrument and the cancelled certificate.
  • A declaration behind every dividend. A board resolution declaring the dividend before it is paid, with the record date and amount, sitting in the minute book rather than only in the bank record.
  • Approval behind every restricted stock award. The award and its repurchase or vesting terms approved before the shares are issued, so the reverse-vesting clock and the authority that started it agree.

The connective tissue is the same in each line: the equity event and the authority for it are one record, created together, not two habits that are supposed to meet later. When they are one record, the "who authorized this" question has an answer the moment it is asked, and the answer is a document, not a search. The broader governance version of this discipline, across resolutions and registers, is what we cover in directors' resolutions and the wider digital corporate records, and the founder-level view of why the cap table has to tie back to the record at all is in cap table basics for founders.

The bottom line

"Who authorized this issuance?" is a small question that exposes a large gap. The cap table records what happened. The authorization records who was allowed to make it happen, and the second record is the one that is most often deferred, and most often missing when it matters. Reconstructing it on a closing calendar is slow, expensive, and visible. Capturing it at the moment of the transaction costs nothing, because the authority was supposed to come first anyway.

If a financing or a sale is anywhere in your eighteen-month window, the cheapest hour you can spend this week is to take the last two years of equity transactions, line by line, and check that each one can point to the authorization behind it. The governance maturity assessment gives you a baseline for how exposed your records are if diligence opens tomorrow. Most of what slows a closing is found in the gap between the cap table and its authorizations, by the people who own them, before a buyer's counsel finds it first.

Related posts

Related posts

Back to blog
Equity that survives diligence
Every issuance backed by its authorization.

Run issuances, grants, transfers, and dividend declarations through a cap table built on the same record that holds the board authorization behind each one.

See cap tables Run the assessment