Who can tune out those periodic blaring interruptions to our favorite television programs?
This is a test. For the next 60 seconds, this station will conduct a test of the Emergency Broadcast System. This is only a test. In the event of an emergency . . . .
Last Monday’s announcement by the U.S. Commodity Futures Trading Commission (CFTC) of a $10-million-plus whistleblower award was such a blaring interruption in the regularly scheduled programming for entities and individuals regulated by the Commodity Exchange Act.1 But unlike those momentary television tests, the CFTC’s announcement signals a real emergency for companies that have yet to create cultures of compliance and adopt whistleblower programs that incentivize internal reporting. This alert discusses the CFTC’s record-breaking whistleblower bounty and its place within the recent enforcement efforts by the Securities and Exchange Commission (SEC), as well as the Internal Revenue Service (IRS), to incentivize corporate insiders and others to report wrongdoing for cash.
The Whistleblower Programs
The Dodd-Frank Wall Street Reform and Consumer Protection Act, signed into law in 2010 and referred to as Dodd-Frank, promised to improve accountability and transparency in the financial system.2 To that end, Dodd-Frank increased regulatory enforcement of the securities and commodities industries through the creation of Whistleblower Offices and whistleblower bounty programs at the SEC and at the CFTC.3 Both whistleblower programs reward individuals with 10 to 30 percent of the recovery when the individual’s original information has led to SEC or CFTC enforcement actions in which more than $1 million in sanctions was ordered.
The IRS also maintains a Whistleblower Office, established by the Tax Relief and Health Care Act of 2006, to process tips received from individuals who spot tax problems.4 The IRS’s whistleblower program rewards individuals with 15 to 30 percent of the recovery when the individual’s original information has led to an IRS enforcement action in which more than $2 million (including taxes, penalties, and interest) was ordered.5
The CFTC’s Record-Breaking Award Signals a Shift in Enforcement Strategy
Despite their shared origin and essentially identical regulatory schemes, the whistleblower programs at the SEC and the CFTC have proceeded at different speeds during the past almost-six years. The SEC wasted no time in embracing whistleblower information as an engine of its enforcement strategy and paying significant bounties in return. Since 2010, the SEC’s whistleblower office has issued 20 final orders approving awards to 22 individuals for a total of $54 million.6 In 2015 alone, the SEC paid over $37 million to whistleblowers in the securities industry.7 In April 2015, for example, a compliance officer-turned-whistleblower received an award between $1.4 and $1.6 million.8 Thus far in 2016, the SEC has already ordered two awards, including one for $700,000 to a company outsider who conducted a detailed analysis that led to a successful SEC enforcement action.9
These substantial awards – and the resulting publicity – have resulted in a marked increase in the number of tips that the SEC receives. Indeed, the SEC received almost 4,000 tips in 2015, representing a 30 percent increase since 2012.10 This in turn has permitted the SEC to commence more investigations and make significant financial recoveries that the SEC believes have helped bring the securities industry into greater compliance with the law. And this is only the beginning: SEC Chair Mary Jo White has stated that “the [whistleblower] program is a success – and we will work hard at the SEC to build on that success.”11 While not regulated by Dodd-Frank, the IRS’s Whistleblower Office has used the same strategy, awarding over $315 million to 500 whistleblowers between fiscal year 2011 and June 30, 2015.12
The CFTC’s use of whistleblower bounties to incentivize an increase in the reporting of possible commodities law violations has been more tentative. The CFTC announced its first whistleblower award of approximately $240,000 on May 20, 2014. The second award of approximately $290,000 was announced on September 29, 2015. The paucity of awards in number and amount may have given those in the commodity futures, commodity options, and swaps trading markets reason to believe that whistleblower information would not play such a key role in their regulator’s enforcement strategy. The CFTC’s public statement in 2013 that its view for “right now” was that “we don’t enforce” the anti-retaliation provision of Dodd-Frank13 may have chilled potential whistleblowers from coming forward. Or the whistleblowers’ original information to the CFTC may simply not have been “hot” enough to warrant dramatic awards.
But whatever the reason for the CFTC’s slow start, its third whistleblower bounty is a game changer. It announced last Monday that it has awarded more than $10 million to an individual whistleblower in the commodities space. While the law prohibits the CFTC from disclosing information that might directly or indirectly reveal a whistleblower’s identity, simple math tells us that the CFTC must have recovered between approximately $33.5 million and $100 million to result in such an award. The subject matter could have regarded price manipulation, disseminating false information into the marketplace, trading ahead or front-running customer orders, wash sales, Ponzi schemes, or foreign exchange fraud.14
What is clear is that with this bounty, the CFTC has sent a purposeful message to whistleblowers-in-waiting: “An award this size shows the importance that the commission places on incentivizing future whistleblowers.”15
Give Whistleblowers-in-Waiting a Better Option
Many whistleblowers, however, claim that they tried to report their concerns within the company before taking external action. A study conducted in 2010 concluded that almost 90 percent of employees who filed False Claims Act suits had previously reported their concerns internally to compliance employees or supervisors.16 While regulators have made clear that attempts to interfere with or discourage whistleblowing will not be tolerated, companies regulated by the Commodity Exchange and Securities Exchange Acts can, and should, create programs that encourage their employees to come to the company with their good faith concerns, so that the company is alerted to, and can work to resolve, substantive issues.
- Periodically assess and update the company’s code of conduct, ethics, and whistleblower policies. While Dodd-Frank does not require internal reporting before an employee is eligible for a whistleblower bounty,17 it does allow an employee to “hold her place” in line for up to 120 days to receive a bounty by making an internal report.18 A company is best served by having in place clear, written, and easy-to-follow protocols for employees to escalate ethics and compliance issues. Along with a clear and well-publicized non-retaliation policy, a company can incentivize internal reporting by making sure its employees have access to multiple and independent reporting channels. The processes for internal investigations – including circling back with the whistleblower –should be clearly spelled out and followed. Providing a safe channel for employees’ complaints, and responding transparently and effectively when they are made, can help the company get a head start on addressing the issue even if an external complaint is ultimately made or regulators commence an investigation for any reason. A good faith employee with genuine concerns about the company’s conduct can be a strong asset if that employee alerts the company to a substantive issue before the issue can escalate to cause damages and reputational harm.
- Create a culture of compliance – with substantive and anti-retaliation laws. Policies are effective only if they are followed and seen as being followed. Companies should consider how to emphasize compliance as a priority, for example by ensuring that compliance is a meaningful factor in employee review, promotion, and compensation decisions. At a minimum, the company’s lack of tolerance for retaliation must be clear. While the CFTC does not enforce the anti-retaliation provisions of Dodd-Frank, the SEC does – and the CFTC could always change its enforcement strategy. And the federal, state, and local protections of whistleblowers are only continuing. Depending on the anti-retaliation provision at issue, employees may be entitled to private rights of action for, among other things, reinstatement, back pay, or double back pay with interest, litigation costs, expert witness fees, and reasonable attorneys’ fees. To the extent that any companies were hoping they could ignore the whistleblower trend, this latest award should be a signal that business as usual must include an emphasis on compliance and non-retaliation.
- Avoid language in separation agreements that could be seen as impeding whistleblowers from reporting to regulators. In April 2015, the SEC brought charges under Rule 21F-17(a) against a company that included in a confidentiality agreement a blanket statement that prohibited employees from disclosing information about an internal investigation without approval from the company’s legal department. The SEC’s basis was that the language impeded whistleblowers from reporting to the SEC.19 While companies can note in a separation agreement that an employee never reported a concern about a violation of securities and commodities law – if that is indeed the case – and bar disclosure of communications with company counsel that are privileged, separation agreements should be drafted to avoid prohibiting an employee from reporting a potential violation of the law to appropriate regulators.
The CFTC’s $10-million-plus whistleblower bounty is an opportunity for companies in the securities and commodities space to review their response to internal complaints and invest in a reporting program that incentivizes employees to report problems internally first. Companies can take back the remote control from their employees and the regulators by adopting an atmosphere of prevention, transparency, and compliance.