The SEC announced on Wednesday that BlueLinx Holdings Inc. has agreed to pay a $265,000 penalty for including a provision in its severance agreements that required outgoing employees to waive their rights to monetary recovery if they filed a charge or complaint with the SEC or other federal agencies. Press Rel. No. 2016-157. According to the SEC’s order, approximately 160 BlueLinx employees have signed severance agreements that contained the provision since it was added to all of BlueLinx’s severance agreements in or about June 2013.

The provision violates Rule 21F-17 of the Exchange Act, which became effective on August 12, 2011, and prohibits any action to impede an individual from communicating with the SEC about a possible securities law violation. The purpose of the adoption of Rule 21F-17 was “to encourage whistleblowers to report possible violations of the securities laws by providing financial incentives, prohibiting employment-related retaliation, and providing various confidentiality guarantees.” See In the Matter of BlueLinx Holdings Inc., Release No. 78528. Because the severance agreement required employees leaving the company to waive potential whistleblower awards or risk losing payments and other benefits under the agreement, it ran afoul of Rule 21F-17.

In addition to the civil penalty, BlueLinx committed to (1) amend its severance agreements to make clear that employees may report possible securities law violations to the SEC and other federal agencies without BlueLinx’s prior approval and without having to forfeit any resulting whistleblower award and (2) make reasonable efforts to contact former employees who had executed severance agreements after August 12, 2011, to notify them that BlueLinx does not prohibit former employees from providing information to the SEC staff or from accepting SEC whistleblower awards.

BlueLinx consented to the cease-and-desist order without admitting or denying the SEC’s findings.

This is the third time that the SEC has charged violations of Rule 21F-17. In June, Merrill Lynch agreed to settle charges that it violated Rule 21F-17 in connection with certain statements in its severance agreements, and last year KBR settled similar charges in connection with certain restrictive language in confidentiality agreements used in the course of internal investigations. Like those orders, the SEC’s latest order is yet another example of the SEC holding companies liable for Rule 21F-17 violations without any evidence that any employee had actually been prevented from disclosing confidential information to the government. Thus, even in the absence of whistleblower concerns, companies should expect the SEC to continue to scrutinize language included in employment agreements, severance agreements, and other employment policies.

In fact, the Enforcement Division has been sending out requests to public issuers asking for copies of corporate confidentiality policies. It is not clear whether the companies contacted have been the subject of a whistleblower complaint or whether the staff is randomly selecting issuers. Moreover, the Office of Compliance, Inspections and Examinations has been routinely asking registrants during examinations for copies of employment agreements, severance agreements, employment policies, and any other documents that contain “confidentiality” provisions to ensure that they do not contain language that could be construed as interfering with the rights of whistleblowers.

Based on the SEC’s interest in enforcing Rule 21F-17, all employers should review such agreements and policies to ensure that they do not contain provisions that violate the rule.