A trio of enforcement actions brought by the Securities and Exchange Commission in September sounds a warning bell for all companies to revisit their existing employee agreements, being particularly mindful of potential violations of the SEC’s whistleblower protection rule. They also impart many compliance lessons.
All three SEC orders, brought against both privately held and publicly traded companies, individually address violations of Rule 21F-17, which states that “[n]o person may take an action to impede an individual from communicating directly with the Commission staff about a possible securities law violation.”
As SEC Enforcement Division Director Gurbir Grewal cautioned, “Entities employing confidentiality, separation, employment, and other related agreements should take careful notice. The Commission takes seriously the enforcement of whistleblower protections, and those drafting or using these types of agreements should take equally seriously their obligations to ensure that they don’t impede whistleblowers from contacting the Commission.”
Below is a discussion of both the warnings that companies should heed from the SEC’s enforcement actions, as well as the compliance lessons that each imparts.
Ensure employment agreements expressly permit employees to report potential securities law violations
In one SEC enforcement action, a company was ordered to pay a $10 million SEC settlement for requiring employees to sign agreements prohibiting the disclosure of confidential information to anyone outside the company, unless authorized by the firm or required by law, court order, or a governmental or regulatory body.
The firm broadly defined “confidential information” as “any information gained in the course of employment that could reasonably be expected to be damaging to [the firm] if disclosed to third parties.” According to the SEC order, no exception was provided for “voluntary communications with the Commission concerning possible securities laws violations.”
Policy language must be consistent in all internal documents and training material
In the same enforcement action discussed above, the employer later revised its internal policies, notifying employees over email that they can communicate with regulators and government agencies regarding possible law violations. However, at the time, it had not revised its employment and separation agreements to include the same whistleblower protection language.
The compliance lesson this imparts is the importance of ensuring all policies, the company’s code of conduct, employment agreements, separation agreements, and compliance training material include the same uniform language throughout. Any conflicting or restrictive language that exists elsewhere could result in a violation of the SEC’s whistleblower protection rule.
Putting conditions on employees’ financial incentives may impede whistleblower rights
Another common theme to arise in recent SEC enforcement actions is the SEC taking to task companies that put conditions on employees’ rights to financial incentives. In one case, for example, a company was charged with requiring certain departing employees to sign separation agreements attesting they had not filed a complaint with any federal agency in order to receive post-termination payments due to them.
In another instance, the company included language in its separation agreements that expressly stated that departing employees retained their right to file a whistleblower report with a governmental agency, “but not the right to recover money damages or other individual legal or equitable relief awarded by any such governmental agency.” According to the SEC, such a restriction undermines the purpose of Rule 21F-17(a) and impedes participation in the Commission’s whistleblower program.
“It is critical that employees are able to communicate with SEC staff about potential violations of the federal securities laws without compromising their financial interests or the confidentiality protections of the SEC’s whistleblower program,” said Eric Werner, Regional Director of the SEC’s Fort Worth office.
Privately held companies may also be held to account
“Both private and public companies must understand that they cannot take actions or use separation agreements that in any way disincentivize employees from communicating with SEC staff about potential violations of the federal securities laws,” said Jason Burt, Regional Director of the SEC’s Denver Office. “Any attempt to stifle or discourage this type of communication undermines our regulatory oversight and will be dealt with appropriately.”
A written policy alone may be enough to trigger a Rule 21F-17 violation
Another cautionary tale for compliance professionals that the SEC continues to demonstrate time and time again is that a company Rule 21F-17 violation may arise even in the absence of a whistleblower retaliation claim. Conflicting or missing language in company policies, procedures, employment agreements, and/or separation agreements may be cause enough for the SEC to bring an enforcement action for a Rule 21F-17 violation.
Compliance lessons
Taken together, the broader compliance lessons to take from recent SEC enforcement actions can be viewed in the context of the remedial measures taken by the companies targeted by the SEC. For example, ensure separation agreements make clear that departing employees are not restricted from communicating with any governmental agency, including the SEC.
Secondly, separation agreements should in no way limit an employee’s ability to receive any financial award for providing information to the SEC for a securities law violation. An example of such language, as cited in one SEC order, may include, “Nothing in this agreement shall bar or impede in any way your ability to seek or receive any monetary award or bounty from any governmental agency or regulatory or law enforcement authority in connection with protected ‘whistleblower’ activity.”
For other firms with similar language in their employee agreements and/or separation agreements that could constitute a Rule 21F-17 violation, consider notifying employees who have signed such agreements of their rights under the SEC’s whistleblower protection rule before the agency comes knocking.
Additional compliance measures to consider include revising separation agreements across the company’s global operations, if necessary; training compliance staff or compliance liaisons on the SEC’s whistleblower protection rule; and further having employees certify that they understand their rights.
For more information on the DOJ Evaluation of Corporate Compliance Programs, check out the annotated guidance from the most recent updates:
