On March 2, 2015, the Securities and Exchange Commission (SEC) announced the first award under its whistleblower program to a former company officer. Here, the former officer collected a bounty between $475,000 and $575,000. Although the SEC maintained confidentiality of the whistleblower’s identity as required by law and provided few details about the underlying case, the matter still provides some further insight into the SEC’s evolving whistleblower program. We discuss the award below.

The Dodd-Frank Wall Street Reform and Consumer Protection Act amended the Securities Exchange Act of 1934 to create a new bounty program for whistleblowers modeled loosely on the qui tam mechanism found in the False Claims Act. Under the whistleblower rules, the SEC is authorized to pay awards to whistleblowers that provide the SEC with “original information” about a securities law violation and that information leads to a successful SEC enforcement action resulting in monetary sanctions over $1 million. The size of the award can range from 10 to 30 percent of the amount recovered in the enforcement action, and the SEC has considerable authority to determine the amount of the whistleblower bounty within that range. The rules also broadly prohibit retaliation against whistleblowers, and require the SEC  to maintain the anonymity of the whistleblower’s identity.

Under the SEC rules, a putative whistleblower’s original information must generally be derived from the whistleblower’s own independent knowledge or independent analysis. Unless an exception applies, the SEC will not consider information to be derived from a whistleblower’s independent knowledge or independent analysis if the whistleblower obtained the information while serving as an officer, director, trustee or partner of an entity and another person informed the whistleblower of allegations of misconduct, or the whistleblower learned the information in connection with the entity’s processes for identifying, reporting and addressing possible violations of law. But the SEC rules also include several exemptions that permit an officer or other high-level insider to collect an award, notwithstanding the general rule. For example, an officer or other insider can report to the SEC and later collect a bounty if investors will be substantially harmed if a potential violation is not immediately reported, if there is a reasonable belief that the company is engaging in conduct that would impede an investigation, or if 120 days after reporting a potential violation internally the company has not taken sufficient steps to remedy the situation.

Due to the rules protecting the confidentiality of the whistleblower’s identity, the SEC’s order provides little detail about the circumstances surrounding the March 2 award, including the basis of the securities law violation. But in light of statements made to news media by SEC enforcement personnel, as well as by the anonymous whistleblower’s own lawyer, it appears that the whistleblower reported the violation internally to his or her employer, but the employer failed to take appropriate action within the 120-day window. Thus, the former officer was permitted to collect an award for his or her report to the SEC after the agency obtained sanctions against the defendant company.

This award, the SEC’s fifteenth overall, once again underscores that the SEC is serious about its whistleblower bounty program. Many critics of the program continue to express concern that the bounty program incents employees to go directly to the SEC and bypass the company’s own internal reporting systems, which hampers a company’s ability to identify and correct potential wrongdoing as early as possible. Similarly, the lack of detail surrounding each announcement of a whistleblower award gives public companies and other regulated entities precious little information to use to improve their own compliance programs.

Although the SEC bounty program will continue to put stress on public companies’ ability to operate internal whistleblowing systems, maintaining a robust and credible internal reporting system continues to remain the best way to manage these situations. We believe most employees prefer to resolve concerns within the organization’s own internal systems and approach regulators or other third parties only as a last resort when they feel that their concerns are not being adequately addressed. Companies are well served when they set the appropriate “tone at the top” and operate internal reporting programs that employees view as objective and trustworthy. Based on the scant details available here, it appears that the whistleblowing officer in fact lost faith in his or her employer’s internal systems, which in turn drove him or her to report to the SEC.