In 2010, Congress gave the U.S. Securities and Exchange Commission (SEC) the ability to pay monetary awards to whistleblowers whose tips lead to successful enforcement actions. After a slow start, the program is in full swing, with tips pouring in as the SEC increasingly pays out big awards, more than $107 million to date. The SEC has declared that its whistleblower program has “transformed” the agency and that it intends to bring more and more enforcement actions based on insider tips.

Over the last month, the SEC has been particularly active, bringing a pair of enforcement actions against two companies who asked employees to waive their right to recover awards under the SEC’s whistleblower program and also issuing two significant awards to whistleblowers.

This recent activity is a reminder that public companies need to ensure that they have an effective internal whistleblower program and the need to review policies and agreements with employees to ensure they do not run afoul of SEC rules that prohibit companies and individuals from attempting to stifle an SEC whistleblower.

SEC Penalizes Two Companies for Illegal Severance Agreements

While the SEC rules predictably prohibit retaliation against a person who reports under the SEC’s whistleblower program, the rules also prohibit anyone from taking action to impede an individual from reporting a potential violation. Rule 21F-17 provides: “No person may take any action to impede an individual from communicating directly with the Commission staff about a possible securities law violation, including enforcing, or threatening to enforce, a confidentiality agreement . . . with respect to such communications.”

Last year, the SEC penalized a company who required witnesses in internal investigations to sign confidentiality agreements. Recently, the SEC brought two enforcement actions to further expand the reach of Rule 21F-17.

In August, the SEC announced enforcement actions against two companies (BlueLinx Holdings, Inc. and Health Net, Inc.) whose severance agreements required outgoing employees to waive their right to monetary awards from the SEC’s whistleblower program. Of note, neither company’s severance agreement prohibited the former employee from submitting a tip to the SEC or participating in an investigation. Indeed, after the SEC’s whistleblower rules were promulgated, as part of its regular periodic review and update of its agreements, Health Net revised its form severance agreement to specifically state the former employees were not prohibited from participating in a government investigation, but rather just forfeited the right to obtain an award for doing so. Although the SEC did not find that the severance agreements actually caused anyone to not report a potential violation, the SEC fined BlueLinx $250,000 and Health Net $360,000 and required each to take corrective action to make clear their former employees are not prohibited from participating in the SEC’s whistleblower program.

The SEC has made clear that it will continue to pursue companies or individuals who put up any barriers or take action to chill employees and former employees from coming forward with information about potential securities violations. Rule 21F-17 applies not only to severance agreements, but any other agreements that require confidentiality or put up any barrier, even if in good faith, to an individual from reporting to the SEC.

Notably, in the BlueLinx consent order, the Commission took the step of approving specific language for the company to use in all of its Severance Agreements and/or any other agreements with its employees that include prohibitions on the use or disclosure of confidential information relating to the company:

Protected Rights. Employee understands that nothing contained in this Agreement limits Employees' ability to file a charge or complaint with the Equal Employment Opportunity Commission, the National Labor Relations Board, the Occupational Safety and Health Administration, the Securities and Exchange Commission or any other federal, state or local governmental agency or commission (“Government Agencies”). Employee further understands that this Agreement does not limit Employees' ability to communicate with any Government Agencies or otherwise participate in any investigation or proceeding that may be conducted by any Government Agency, including providing documents or other information, without notice to the Company. This Agreement does not limit Employees' right to receive an award for information provided to any Government Agencies.

Two Important Whistleblower Awards

Investigations of potential Foreign Corrupt Practices Act (FCPA) violations continue to be very active, with both the SEC and Department of Justice (DOJ) beefing up their units and the DOJ issuing policies to incentivize self-reporting and requiring more individual accountability. The SEC recently added its own carrot by paying the first ever FCPA-related whistleblower award. The award was reportedly paid by the SEC to a BHP Billiton insider for information related to an investigation into bribery of Asian and African officials during the 2008 Beijing Olympics. If the report is accurate, the $3.5 million award appears to be the SEC’s first FCPA-related whistleblower award.

In addition to the FCPA award, the SEC also recently awarded its second highest payment — $22 million — to a former Monsanto executive who provided the SEC with information about accounting improprieties involving the company’s popular Roundup product. The executive’s tip led to Monsanto paying an $80 million penalty in a settled SEC enforcement action. To date, the SEC has paid out more than $107 million in awards in just the first five years of its program, which will continue to increase as the program results in more enforcement actions.

How Can Companies Protect Themselves?

Unfortunately, whistleblowers do not have to first report internally to be eligible to receive an SEC award, although the SEC says doing so could result in a bigger award. The fear that many companies have is getting blindsided by an SEC investigation of conduct never reported internally. When reported internally, a company has the opportunity to control the situation by investigating the potential misconduct and, when needed, remediating the issue and self-reporting to appropriate authorities. Indeed, companies who detect, remediate and self-report misconduct can receive less severe sanctions under policies of the SEC and other agencies. Beyond governmental leniency, there are other benefits to companies who can handle misconduct on the front end, including limiting the monetary and reputational fallout after the violations are publically disclosed.

The SEC will continue to actively pursue whistleblower cases. Companies need to remain active by monitoring their internal review processes and listening to their employees and former employees when they come forward with information. Out of whistleblower award recipients who were current or former employees, approximately 80% raised their concerns internally before reporting any wrongdoing to the SEC. For this reason, it is important that companies have their contracts and internal procedures reviewed, and provide internal training, to ensure that they are well-positioned to avoid run away whistleblowers. If a potential whistleblower raises concerns internally, it is imperative that companies consult with legal counsel to protect themselves and properly manage the report.