New Rules Give Incentives to Whistleblowers
The whistleblower law applies to information submitted to the SEC since July 21, 2010, the date that Dodd-Frank was enacted. After Aug. 12, individuals seeking an award under this bounty program can submit information to the SEC online.
Under the final rule, whistleblowers are eligible to receive an award of 10 to 30 percent of the amount of penalties or recoveries of $1 million or more arising from violations of the federal securities laws. The final rule relaxes many proposed rule requirements, making a greater number of individuals eligible for awards.
Most importantly, the final rule does not require whistleblowers to report through internal corporate channels before providing information to the SEC. Corporate compliance officers are justifiably concerned that this will undermine internal ethics and compliance programs because there is no requirement that a whistleblower work with a supervisor or manager to resolve problems, or even call a company hotline.
The final rule defines a whistleblower as a person who provides information to the SEC relating to a possible violation of the securities laws that has occurred, is ongoing, or is about to occur. To qualify for an award, the whistleblower must “voluntarily” provide “original” information based on “independent” knowledge or analysis that leads to “a successful enforcement action” and “monetary sanctions” exceeding $1 million.
The SEC issued the proposed rule implementing Dodd-Frank for comment in November 2010. In an attempt to encourage internal reporting, for the final rule the SEC added the incentive of a higher potential award for employees who first contact or simultaneously contact their companies before filing information with the commission.
Also, an employee can make an internal report to a company compliance program for up to 120 days prior to submitting that information to the SEC and still qualify for a whistleblower award. But the SEC stopped short of imposing a precondition that a whistleblower use an internal company compliance process.
The final rule broadened the definition of a whistleblower. Under the proposed rule, whistleblowers could submit information regarding a “potential” violation of the securities laws. The final rule adopted a definition that covers all reports of “possible” violations. The information need not relate to a significant or “material” violation. The SEC did not want to limit the number of submissions it receives. As long as a whistleblower has a “reasonable belief” that the information he or she is providing relates to a possible securities law violation, at a minimum the submitter will be protected by the employer anti-retaliation provisions of the law.
Senior corporate management necessarily relies on compliance personnel, attorneys and auditors to assist in making key decisions. A major concern under the final whistleblower rule is that all of these sources can qualify as whistleblowers. The whistleblower rule limits, but does not completely exclude, the possibility that company attorneys and auditors could become whistleblowers.
For other individuals, including the company’s own compliance personnel, the rule undercuts confidentiality by stating that whistleblowers qualify as having “independent knowledge” of wrongdoing if they believe disclosing information to the SEC is necessary to: prevent substantial injury to the financial interest of the company or its shareholders; stop a company from impeding an investigation of misconduct; or at least 120 days have passed since a report was made to the company’s audit committee, chief legal officer, chief compliance officer, or supervisor.
Ironically, individuals can collect an award by blowing the whistle on themselves. Relying on the premise that it can “use a rogue to catch a rogue,” the SEC rule does not bar wrongdoers from qualifying as whistleblowers. The SEC will at least consider factors that would reduce the award to a whistleblower that was involved in misconduct, including his or her role and intent, any financial benefit received and delay in reporting. The final rule also emphasizes that there is no general amnesty for individuals who provide information as whistleblowers.
As more than 1,500 letters to the SEC during the notice and comment period confirm, the Dodd-Frank whistleblower requirements are complex and the program is controversial. The SEC’s own explanation of the final rule exceeds 80 pages (76 Fed. Reg. 34300).
To adequately address Dodd-Frank, companies should assess how the whistleblower rule will affect them and take steps to promote effective internal reporting channels, enhance investigation procedures, review compliance staffing and support and consider all other aspects of their ethics programs.
Dorn McGrath is a shareholder (firstname.lastname@example.org) and Caitlin Stapleton is an associate (email@example.com) in the Greenberg Traurig, LLP government contracts practice group. Wayne Lee is a shareholder (firstname.lastname@example.org) in the Greenberg Traurig, LLP corporate and securities practice group. The views expressed are solely those of the authors.