At a conference last month at Georgetown University Law Center’s Corporate Counsel Institute, the Chief of the SEC’s Office of the Whistleblower, Sean McKessy, warned corporate counsels against drafting contracts that attempt to dissuade would-be whistleblowers from reporting company wrongdoing to the SEC. According to McKessy, his office is “actively looking for examples of confidentiality agreements, separation agreements, [and] employee agreements” that condition certain benefits on not reporting activities to regulators, including the SEC. In addition to warning of potential liability for the companies, McKessy specifically warned corporate counsel about drafting such provisions—reminding them of the SEC’s power to bar a lawyer from practicing before the Commission.1
McKessy’s statements are a useful reminder to companies that the Dodd-Frank Wall Street Reform and Consumer Protection Act (“Dodd-Frank”), which became law in 2010, imposed some important changes in relation to whistleblower protection. In addition to creating the financial incentives (up to 30 percent of monetary sanctions) for whistleblowers that report securities law violations to the SEC, Dodd-Frank also enhanced anti-retaliation protections for whistleblowers. The SEC created the Office of the Whistleblower and adopted Regulations 21F-1 through 21F-17 to implement the whistleblower regime. Rule 21F-17 prohibits “any action to impede an individual from communicating directly with the Commission staff about a possible securities law violation, including enforcing, or threatening to enforce, a confidentiality agreement.” McKessy’s recent comments make clear that the SEC is interpreting this provision broadly and taking enforcement of its provisions seriously.
Indeed, even before McKessy’s public statement, the SEC was reported to have launched an investigation of an employer related to its confidentiality agreement that barred employees from disclosing fraud allegations to anyone, including federal investigators.2 We would expect that the SEC will continue to keep a watchful eye on how employers address confidentiality agreements or provisions to ensure that those provisions do not run afoul of the broad protections afforded whistleblowers by Dodd-Frank or water down the incentive structure for reporting violations created by the statute.
The SEC’s broad reading of Rule 21F-17 is consistent with the SEC’s expansive view of who is a whistleblower and Dodd-Frank’s anti-retaliation provisions generally. As illustrated by the SEC’s amicus filing in Liu v. Siemens AG—a case before the Second Circuit Court of Appeals addressing the issue of whether an internal whistleblower must report wrongdoing to the SEC to qualify for the anti-retaliation protections of Dodd-Frank—the SEC believes its Rule 21F-2 “protects any employee who engages in any of the [specified] whistleblowing activities . . . irrespective of whether the employee separately reports the information to the [SEC].”3 Notably, the Fifth Circuit has taken the contrary position: whistleblowers may only avail themselves of the anti-retaliation protections of Dodd- Frank if they report wrongdoing to the SEC.4 These differing interpretations will likely ultimately be settled by the Supreme Court.
The recent publicity around whistleblower rewards5 as well as McKessy’s comments on vigilance around confidentiality agreements are a reminder to human resource departments and legal counsel to review all agreements with current and former employees, including confidentiality agreements, severance agreements and codes of conduct to ensure that those documents do not contain provisions that run afoul of the prohibitions of Rule 21F-17. That exercise, however, can prove challenging given the uncertainty around whether broad confidentiality clauses (i.e., prohibiting disclosure to third parties generally) or non-disparagement clauses (i.e., prohibiting employees from making disparaging remarks about the company to third parties generally) would be interpreted by the SEC as violating Rule 21F-17. Until the SEC takes some action in this area or provides some concrete guidance, companies should be cautious about drafting and enforcing broadly worded confidentiality or other provisions, particularly where there is a chance that the enforcement of those provisions might be viewed as impeding a purported whistleblower’s ability to report conduct to the SEC or other regulatory bodies. In addition, it continues to be a best practice for employers to provide avenues for their employees to report concerns about potential wrongdoing internally with the hope that any potential problem can be addressed promptly.