Why it matters: On April 1, 2015, the SEC announced its first-ever enforcement action against a company for using restrictive language in confidentiality agreements with witnesses interviewed during internal investigations that has the potential to improperly stifle whistleblowers and impede the whistleblowing process. The ruling should encourage companies to review confidentiality, severance and other employment-related agreements to ensure that they do not contain similar language discouraging whistleblowing.

Detailed discussion: In its first-ever enforcement action against a company for putting language in its confidentiality agreements with employees that could potentially stifle whistleblowers, the SEC announced on April 1, 2015 that it had charged Houston-based global technology and engineering firm KBR, Inc. (KBR) with violating Rule 21F-17 enacted under the Dodd-Frank Act to protect the whistleblowing process.

In its press release accompanying the cease-and-desist order filed that day, the SEC alleged that, in connection with internal investigations into possible securities law violations, KBR required witnesses in interviews to sign confidentiality statements containing “language warning that they could face discipline and even be fired if they discussed the matters with outside parties without the prior approval of KBR’s legal department” in violation of Rule 21F-17. Rule 21F-17, which went into effect in August 2011, provides in relevant part that “[n]o person may take any action to impede an individual from communicating directly with the Commission staff about a possible securities law violation, including enforcing, or threatening to enforce, a confidentiality agreement . . . with respect to such communications.”

The SEC’s order quotes the somewhat standard language at issue from KBR’s form confidentiality agreement: “I understand that in order to protect the integrity of this review, I am prohibited from discussing any particulars regarding this interview and the subject matter discussed during the interview, without the prior authorization of the Law Department. I understand that the unauthorized disclosure of information may be grounds for disciplinary action up to and including termination of employment.”

Although the SEC admitted that there were no specific allegations that the language in KBR’s confidentiality agreement impeded any KBR employee from reporting a possible securities violation to the SEC or that KBR had ever taken action to enforce the language against anyone, the key issue for the SEC was that it had the potential to do so. As the SEC said in the press release: “Any company’s blanket prohibition against witnesses discussing the substance of the interview has a potential chilling effect on whistleblowers’ willingness to report illegal conduct to the SEC.”

In that connection, Sean McKessy, Chief of the SEC’s Office of the Whistleblower, seemed to give a “heads-up” to other companies that other such actions may be in the works: “Other employers should similarly review and amend existing and historical agreements that in word or effect stop their employees from reporting potential violations to the SEC.” Indeed, The Wall Street Journal reported on February 25 that in the weeks prior the SEC had issued requests to several companies for copies of “every nondisclosure agreement, confidentiality agreement, severance agreement and settlement agreement they entered into with employees since Dodd-Frank went into effect, as well as documents related to corporate training on confidentiality, including ‘all documents that refer or relate to whistleblowing’ and a list of terminated employees.”

To settle the matter, and without admitting to any liability, KBR agreed to pay a penalty of $130,000 and voluntarily amend its confidentiality agreements to add the following language, presumably “blessed” by the SEC, making it clear that employees are free to report possible securities violations to the SEC and other federal agencies without retaliation or first having to contact KBR for approval: “Nothing in this Confidentiality Statement prohibits me from reporting possible violations of federal law or regulation to any governmental agency or entity, including but not limited to the Department of Justice, the Securities and Exchange Commission, the Congress, and any agency Inspector General, or making other disclosures that are protected under the whistleblower provisions of federal law or regulation. I do not need the prior authorization of the Law Department to make any such reports or disclosures and I am not required to notify the company that I have made such reports or disclosures.” Importantly, this language does not appear to breach the attorney-client privilege that applies to the communications during the employee interview itself.

SEC Director of Enforcement Andrew Ceresney summed it up by stating that “[b]y requiring its employees and former employees to sign confidentiality agreements imposing pre-notification requirements before contacting the SEC, KBR potentially discouraged employees from reporting securities violations to us . . . SEC rules prohibit employers from taking measures through confidentiality, employment, severance, or other type of agreements that may silence potential whistleblowers before they can reach out to the SEC. We will vigorously enforce this provision.”

In light of the foregoing, now would be a good time for companies to dust off their form agreements having to do with employees (confidentiality, employment, severance, etc.) and review them for language that could be perceived by the SEC to potentially stifle whistleblowers.

See here for the SEC press release issued on 4/1/15 regarding KBR, Inc.

See here for the Order dated 4/1/15, In the Matter of KBR, Inc. Instituting Cease-And-Desist Proceedings Pursuant to Section 21C of the Securities Exchange Act of 1934, Making Findings, and Imposing a Cease-And-Desist Order.

For more on this matter, refer to the 2/25/15 Wall Street Journal article “SEC Probes Companies’ Treatment of Whistleblowers” by Rachel Louise Ensign.