The Securities and Exchange Commission (SEC) announced today that it had made good on its prior promises to take a hard look at employment agreements and policies that could be viewed as attempting to keep securities fraud complaints in-house. In KBR, Inc., Exchange Act Release No. 74619 (April 1, 2015), the agency announced an enforcement action and settlement with KBR in which KBR agreed to amend its Confidentiality Statement to provide further disclosures to employees regarding their right to communicate directly with government agencies, notify KBR employees who had signed the Statement in the past, and pay a $130,000 civil penalty.

The SEC concluded that KBR’s Confidentiality Statement violated SEC Rule 21F-17, adopted by the SEC after the Dodd-Frank Wall Street Reform and Consumer Protection Act was enacted in 2010. SEC Rule 21F-17 provides that “[n]o person may take any action to impede an individual from communicating directly with the Commission staff about a possible securities law violation, including enforcing, or threatening to enforce, a confidentiality agreement . . . with respect to such communications.” 

According to the SEC Order, under its compliance program, KBR required that employees who were interviewed as part of the company’s internal investigations into internal reports of potential illegal or unethical conduct, including potential securities violations, sign a Confidentiality Statement at the start of any company interview. The KBR Confidentiality Statement provided in part:

I understand that in order to protect the integrity of this review, I am prohibited from discussing any particulars regarding this interview and the subject matter discussed during the interview, without the prior authorization of the Law Department.  I understand that the unauthorized disclosure of information may be grounds for disciplinary action up to and including termination of employment.

The SEC found that although it was not aware of any instance in which a KBR employee was actually prevented from communicating directly with the SEC, the Confidentiality Statement “impedes such communications by prohibiting employees from discussing the substance of their interview without clearance from KBR’s law department under penalty of disciplinary action including termination of employment,” thereby undermining the purpose of Rule 21F to “encourage[] individuals to report to the Commission.”

As part of the enforcement action,  KBR agreed to amend its Confidentiality Statement to include this provision:

Nothing in this Confidentiality Statement prohibits me from reporting possible violations of federal law or regulation to any governmental agency or entity including but not limited to the Department of Justice, the Securities and Exchange Commission, the Congress, and any Inspector General, or making other disclosures that are protected under the whistleblower provisions of federal law or regulation. I do not need the prior authorization of the Law Department to make any such reports or disclosures and I am not required to notify the company that I have made such reports or disclosures.

Additionally, KBR agreed to contact KBR employees who signed the Confidentiality Statement from August 21, 2011 to the present informing them of the SEC Order and including a statement that they need not seek permission from KBR’s General Counsel before communicating with any governmental agency. The SEC also assessed a civil penalty of $130,000.

In a press release announcing the decision, Sean McKessy, Chief of the SEC’s Office of the Whistleblower, is quoted as saying: “KBR changed its agreements to make clear that its current and former employees will not have to fear termination or retribution or seek approval from company lawyers before contacting us. . . .  Other employers should similarly review and amend existing and historical agreements that in word or effect stop their employees from reporting potential violations to the SEC.”

This appears to be the next step in the SEC Whistleblower Division’s initiative to crack down on agreements that it views as violating SEC Rule 21F-17. In widely reported remarks before the Georgetown University Law Center Corporate Counsel Institute last spring, McKessy indicated that the agency was “actively looking for examples of confidentiality agreements, separation agreements, employee agreements that . . . in substance say ‘as a prerequisite to get this benefit you agree you’re not going to come to the commission or you’re not going to report anything to a regulator.’” And just this past February, it was reported that the SEC had delivered official letters to several companies seeking several years’ worth of their employee agreements, including nondisclosure and separation agreements.

In recent months, we have seen similar actions regarding agreements or policies by the Equal Employment Opportunity Commission (EEOC) and the National Labor Relations Board. Employers should review their existing employment policies and employment agreements, including confidentiality, non-disclosure and separation agreements, for any provisions that might go astray of these agency enforcement initiatives. As part of this enforcement action, the SEC found that the amended language cited above was acceptable in the employer’s Confidentiality Statement. Employers should consider including this language or similar language in their agreements and policies specifying that the reporting of potential violations law or regulations to government agencies is not prohibited, and indicating that no prior employer approval is required.

Given this enforcement action by the SEC, it may be just a matter of time before the SEC also weighs in on whether employers can prohibit employees from taking and disclosing company documents in connection with their alleged whistleblowing activities.