WilmerHale discusses SEC Probe of Corporate Interactions with Whistleblowers

According to a February 25, 2015 Wall Street Journal report, in recent weeks the SEC has sent requests to a number of companies seeking years of nondisclosure agreements, employment contracts and other documents as part of an agency probe into the potential silencing of corporate whistleblowers.[1] The reported probe comes as SEC officials have expressed concerns about “pre-taliation”—the alleged use of express provisions in employment agreements, codes of conduct and severance agreements designed to deter employees from voluntarily communicating with the SEC. Chief of the SEC’s Whistleblower Office, Sean McKessy, has repeatedly warned that the agency’s Enforcement Division is looking not only at companies that use such provisions, but also at the attorneys responsible for drafting them.[2]

The reported SEC inquiry also comes several months after a coalition of whistleblower advocacy groups and plaintiffs firms submitted a petition seeking SEC rulemaking to curb the use of tactics allegedly designed to undermine the SEC’s whistleblower bounty program.[3] The coalition filed a second petition in July 2014 urging the SEC to launch a series of field hearings on whistleblower retaliation and to create an Advisory Committee on Whistleblower Reporting and Protection. The coalition cited several types of contractual provisions that can create inappropriate barriers between whistleblowers and the SEC, including:

  • Confidentiality agreements that prohibit employees from producing or disclosing the terms of such agreements to any individual or entity, without a carve out for law enforcement and regulatory authorities;
  • Provisions that permit employees to make a complaint or claim to any federal, state or other government agency, but by doing so waive his or her right to receive compensation or relief arising from such a complaint or claim;
  • Provisions that require employees to notify their employer of any communications with the SEC or other governmental agencies; and
  • Provisions that require employees to represent that they have not made a prior claim or complaint about the employer to the SEC, or shared confidential company information with any third-party, including the SEC or other government agencies.

SEC Whistleblower Rule 21F-17(a)

SEC Rule 21F-17(a) instructs that “[n]o person may take any action to impede an individual from communicating directly with the Commission staff about a possible securities law violation, including enforcing, or threatening to enforce, a confidentiality agreement . . . with respect to such communications.”[4]

Information Sought in the SEC’s Probe

According to the Wall Street Journal, the SEC’s request seeks “every nondisclosure agreement, confidentiality agreement, severance agreement and settlement agreement [the companies] entered into with employees since Dodd-Frank went into effect, as well as documents related to corporate training on confidentiality.” The Journal reports that the SEC’s request also asked for “all documents that refer or relate to whistleblowing” and a list of terminated employees.

Mitigating Risks in Employment Agreements

All companies should review their employment agreements, codes of conduct, internal reporting policies and separation agreements to confirm that they do not expressly or impliedly interfere with the employees’ right to report to the SEC under Dodd Frank. In particular, express provisions that prohibit employees from voluntarily communicating with regulators without prior internal reporting pose a risk that the SEC will take the position that such provisions violate SEC Rule 21F-17(a).

While less obvious, even plain vanilla annual compliance certifications and non‑disparagement, confidentiality and non-disclosure provisions can put companies at risk of SEC scrutiny. For example, many standard confidentiality provisions provide that no proprietary or confidential information of the company may be shared with any third party, except if the employee is compelled to do so, and even then may be shared only after notification to the employer. If not carefully drafted to carve out interactions with regulators, these provisions could be read as interfering with an employee’s ability to communicate with the SEC.

Mitigating Whistleblower Risks Generally

In light of the SEC’s focus on whistleblower retaliation, companies should consider implementing the following risk mitigation strategies:

  • Processes to review internal reports of compliance concerns
  • Written procedures for safeguarding the identity of reporting employees
  • Periodic mandatory training for managers on confidentiality and anti-retaliation
  • Regular communications across the organization about internal reporting mechanisms
  • Internal processes to resolve retaliation complaints

For a more detailed discussion about mitigating the retaliation risks associated with whistleblowers, see Don’t Tread on Whistleblowers: Mitigating and Managing Retaliation Risks — Part II [5] available here.

ENDNOTES

[1] See Rachel Louise Ensign, SEC Probes Companies’ Treatment of Whistleblowers, Wall Street Journal, Feb. 25, 2015.

[2] See Ben DiPietro, SEC Warns To Take Whistleblowers Seriously, Wall Street Journal, Sept. 17, 2014 (discussing remarks by SEC Whistleblower Office Chief Sean McKessy who warned, “If you are an in-house lawyer drafting language saying you can’t come to the SEC, it’s not just the company that is in peril, you are too.”).

[3] Launched in 2011, the program offers individuals who report potential securities violations to the SEC a reward of between 10 and 30 percent of any monetary recovery exceeding $1 million.

[4] 17 C.F.R. § 240.21F-17(a).

[5] SEC. REG. & LAW REP., 46 SRLR 167 (Jan. 27, 2014).

The full and original memorandum was published by WilmerHale LLP on February 27, 2015, and is available here.