The U.S. Commodity Futures Trading Commission’s (CFTC) Whistleblower Incentives and Protection program went quietly into effect on October 24th. The CFTC rules (available here) have not drawn as much attention as the strikingly similar SEC whistleblower program. The comparative scarcity of public commentary, however, does not fairly reflect the potential impact of the CFTC’s program for regulated entities. Like the SEC program, the implications of the CFTC whistleblower rules are significant. Below I (briefly) review the CFTC whistleblower rules, discuss the areas which have garnered some public attention, and highlight several key areas where the CFTC rules differ from the SEC whistleblower program. Regulated entities should take note.
The CFTC whistleblower rules, described more fully in an earlier Subject to Inquiry post, reward whistleblowers who provide to the CFTC original information that leads to a successful enforcement action resulting in monetary sanctions in excess of $1 million. In such a case, the whistleblower is eligible for an award of 10-30% of the sanctions collected in a CFTC enforcement matter or, in certain circumstances, a related action based on the same original information. The amount of any award is determined by the CFTC, in its discretion, based on certain criteria (e.g. the significance of the information and degree of assistance provided by the whistleblower).
Under the CFTC rules, whistleblowers may be eligible for an award based on a tip, complaint, or referral made anytime after Dodd-Frank was signed into law in July 2010. Moreover, whistleblowers may be eligible for an award based on the submission of information that relates to a violation that occurred prior to the enactment of Dodd-Frank.
The CFTC whistleblower program closely mirrors the whistleblower rules adopted by the SEC earlier in this year. And like the SEC rules, the following comprise the most talked about – and, indeed, the most significant – aspects of the final rules for regulated entities:
- The rules do not require a whistleblower to report potential securities laws violations internally through a regulated entity’s compliance, legal, or audit procedures before submitting a tip to the Commission;
- A whistleblower can receive a bounty based on an internal report, regardless of whether they report to the Commission, if the regulated entity later self-reports to the Commission; and
- The whistleblower protections set out in the program apply regardless of whether the information submitted reveals an actual violation.
The CFTC rules differ from the SEC rules in several key areas. While this is not a comprehensive list of every distinction, the following items appear to be most critical for regulated entities to understand:
- Unlike the SEC rules, the CFTC rules contain no exclusion for employees of public accounting firms. As a practical matter, this means outside auditors of CFTC-regulated entities may report to the CFTC suspected violations and qualify for a bounty.
- CFTC whistleblowers can recover awards from multiple regulators. A would-be SEC whistleblower is ineligible for an SEC bounty if he or she has already received an award from the CFTC based on the same information. Under the CFTC rules, however, a whistleblower is eligible for an award regardless of whether he or she has previously been compensated by another regulator. As a practical matter, this means a whistleblower may be eligible for a second bounty payment from the CFTC if he or she receives the SEC award first.
- The SEC rules do not ordinarily impute to the whistleblower a formal request for production directed to the whistleblower’s employer (e.g. a subpoena or request for voluntary production). Under the CFTC rules, however, a request for documents or information directed to an employer is presumptively attributed to the would-be whistleblower.
- Under the Commodity Exchange Act, CFTC whistleblowers have two years from the date of allegedly retaliatory action to bring a retaliation claim. This is noticeably shorter than the period afforded SEC whistleblowers, who have six years from the date of the alleged violation to file a claim, or three years from when the retaliation became known to the whistleblower.
While the full impact of the CFTC rules is yet to be determined, it is important for regulated entities to understand the new Whistleblower Incentives and Protection program, and to take steps internally to address them. Companies that have not already done so should develop, improve, and promote internally corporate compliance and reporting policies and procedures. To that end, entities should consider reviewing and updating their internal whistleblower programs, putting in place a dedicated team to review internal complaints, and establishing procedures for handling tips.
We will continue to report on the CFTC whistleblower program as enforcement and reporting trends become clear.