On May 25, 2011, the SEC issued final rules governing the new whistleblower bounty program mandated by last year’s Dodd-Frank financial reform law. Under the new rules, if a whistleblower provides information to the SEC regarding federal securities law violations that leads to a successful enforcement action against a company of $1 million or more, the whistleblower is entitled to collect a reward of 10% to 30% of the penalties collected. The new rules also flesh out the related provisions of Dodd-Frank designed to protect whistleblowers from employer retaliation.
There has been a fair degree of controversy within the business community regarding this new program. Much of the controversy lies with the incentives the program provides for employees to report potential violations directly to the SEC rather than first reporting them to a company’s internal corporate compliance program.
Despite objections by numerous members of Congress and a 3-2 split vote by the SEC commissioners, those incentives remain in the final version of the SEC whistleblower rules. The SEC revised the rules so that the size of a reward given to a whistleblower can be increased if the whistleblower utilized internal compliance controls or decreased if the whistleblower interfered with those internal controls. However, this only impacts the size of an already-sizable reward, not the ability to receive it.
Fortunately for public companies, there have also been a number of protections built into the SEC’s whistleblower program that encourage companies to be proactive and to deal with potential issues internally in an effective manner, rather than becoming subject to an SEC enforcement action.
Employees whose principal duties involve a compliance or internal audit function generally are exempted from being eligible for the whistleblower bounty (unless they have a reasonable basis to believe that they will be impeded from fulfilling their function). Attorneys (both in-house and outside counsel) and a company’s outside auditors are generally excluded as well. These carve-outs from the whistleblower program are designed to encourage companies to utilize and fortify their internal compliance functions. They also encourage open communication with outside attorneys and auditors, all to preemptively manage the company’s compliance with the federal securities laws.
Are the new Dodd-Frank whistleblower rules much ado about nothing? Possibly to a certain extent, but SEC enforcement actions are more common than a typical public company executive might expect. The SEC initiated 681 enforcement actions in their fiscal year ended September 30, 2010, with 144 cases involving securities offerings, 126 “issuer and reporting disclosure” cases, 106 “delinquent filings” cases and 53 insider trading cases. Total penalties awarded in SEC judicial and administrative proceedings during the 2010 fiscal year were $1.03 billion. General economic conditions are trending upwards at this time, but one would reasonably expect SEC enforcement actions to increase in response to the Dodd-Frank whistleblower rules and the related establishment of the SEC’s Office of the Whistleblower.
Public companies are advised to review their existing whistleblower policy as soon as possible, and to consider making changes to the policy that further encourage employees to report potential federal securities law violations to one or more of (i) the company’s audit committee, (ii) senior management of the company, (iii) a selected internal compliance officer or (iv) the company’s outside legal counsel or outside auditors.
Thompson & Thompson LLP has prepared a model Dodd-Frank Whistleblower Policy that is based upon prior iterations of whistleblower policies designed to comply with the Sarbanes-Oxley Act of 2002 and other existing whistleblower laws. The goal of this model Whistleblower Policy is to minimize company exposure to SEC whistleblower claims by (i) encouraging compliance with federal securities laws, and (ii) encouraging internal reporting of potential violations.
Some public companies may also want to consider implementing a carefully structured internal bonus program designed to monetarily incentivize employees to report internally rather than to the SEC. While this is a novel concept not currently garnering attention in the general legal community, in many circumstances, it will be in the financial and reputational best interest of a public company to remedy a potential federal securities law violation internally and pay an employee bonus rather than become subject to an SEC enforcement action.
The new rules take effect approximately the end of July 2011, or 60 days after publication in the Federal Register. Our attorneys can promptly tailor a draft whistleblower policy to your company’s particular circumstances. Please feel free to contact one of our attorneys for more information.