There is no longer any doubt that the SEC is serious about implementing its whistleblower program. According its most recent award announcement, the program has now paid more than $50 million to whistleblowers since its 2011 inception.
Another award last week is noteworthy not only for its eye-catching amount (between $1.4 million and $1.6 million), but also for a wrinkle that further indicates the SEC’s commitment to encouraging whistleblowers.
The details are skimpy since the SEC is required by law to protect the confidentiality of the whistleblower and, therefore, cannot disclose anything that could, directly or indirectly, compromise the whistleblower’s identity. The SEC’s announcement does reveal, however, that the whistleblower claimant was a “compliance professional” employed by the company in question.
The SEC noted the general rule that it will not consider information obtained by a whistleblower who is “[a]n employee whose principal duties involve compliance or internal audit responsibilities.” There are, however, exceptions to this rule. In this case, the applicable exception is for a compliance officer who has
“a reasonable basis to believe that disclosure of the information to the [SEC] is necessary to prevent the relevant entity from engaging in conduct that is likely to cause substantial injury to the financial interest or property of the entity or investors.” (Exchange Act Rule 21F-4(b)(4)(v)(A))
Andrew Ceresney, Director of the SEC’s Division of Enforcement, stated that:
“This compliance officer reported misconduct [to the SEC] after responsible management at the entity became aware of potentially impending harm to investors and failed to take steps to prevent it.”
This is the second time the SEC has made a whistleblower award to an employee with internal audit or compliance responsibility. The first award, which I blogged about back in September 2014, relied on a different exception to the general internal audit/compliance employee prohibition that permits awards when:
- at least 120 days have elapsed since such an employee provided information regarding a possible violation to the company’s audit committee, chief legal officer, chief compliance officer or superior,
- the company has not taken “appropriate timely action,” and
- the SEC has not otherwise already received the information.
This latest award, and the SEC’s willingness to utilize another exception to the general internal audit/compliance employee prohibition, highlights the SEC’s increased focus on expanding its whistleblower program.
Therefore, and as always, it is a good idea to consider the following:
- Educate employees, including internal audit and compliance personnel, about the company’s commitment to a culture of compliance, the existence of the company’s internal reporting process and the benefits of internal, rather than SEC, reporting.
- Take all reports of wrongdoing seriously. Be sure that any investigations are properly designed to fit the circumstances. Properly document the reasons for closing or resolving an internal investigation.
- Act in a “timely manner,” which generally means within 120 days at the latest, but in some cases may be much sooner.
- Communicate with the potential whistleblower throughout the process so that he or she will know the complaint is being taken seriously.
- Be aware of, and sensitive to, foreign laws or customs that may impact internal communications and investigations regarding possible wrongdoing.
- Be alert to any behavior that could be seen as improper retaliation against the potential whistleblower.
- Remember that confidentiality provisions or other contractual limitations cannot be used to prevent someone from reporting to the SEC (see this Doug’s Note).