The Conference Board uses cookies to improve our website, enhance your experience, and deliver relevant messages and offers about our products. Detailed information on the use of cookies on this site is provided in our cookie policy. For more information on how The Conference Board collects and uses personal data, please visit our privacy policy. By continuing to use this Site or by clicking "OK", you consent to the use of cookies. 

31 May. 2011 | Comments (0)

As you all may well know by now, the SEC has adopted its final rules to create a whistleblower bounty program as part of the Dodd-Frank Act by a familiar 3-2 split vote. The rules, which go into effect 60 days after they are submitted to Congress or published in the Federal Register, has begun a second wave of client memos from some law firms. Some of the early memos focus on the controversy over the possibility that the new $452 million SEC whistleblower bounty program could undermine the work of internal audit and compliance programs that were strengthened following the passage of the Sarbanes-Oxley Act in 2002. The fact that the SEC did not mandate employees must first go through those internal compliance programs led many to argue (including Commissioners Troy Paredes and Kathleen Casey) the bounty program would cause many whistleblowers to bypass their company programs. Their belief is that with the SEC now offering big monetary rewards for information leading to a successful enforcement of a securities violation and disgorgement of funds the agency will take the agency longer to investigate an alleged action than the company itself. For a good description of the controversy on the SEC vote, check out the FEI blog post by Edith Orenstein. By the way, the SEC whistleblower rules have been very much on the minds of audit committee members of public companies, according to KPMG’s Audit Committee Institute. In a survey taken at its 2011 Audit Committee Issues Conference, ACI reported that 45 percent of those polled at the conference were very concerned about the impact of the expanded bounty program on the ability of the company to discover and address compliance issues. To see the full report, click here. Here’s a snapshot of the final rules approved by the SEC on May 25, according to the agency’s own fact sheet: A whistleblower is deemed to have provided information voluntarily if the whistleblower has provided information before the government, a self-regulatory organization or the Public Company Accounting Oversight Board asks for it directly from the whistleblower or the whistleblower’s representative. Original information must be based upon the whistleblower’s independent knowledge or independent analysis, not already known to the Commission and not derived exclusively from certain public sources. A whistleblower’s information can be deemed to have led to a successful enforcement action if:
  • The information is sufficiently specific, credible and timely to cause the Commission to open a new examination or investigation, reopen a closed investigation, or open a new line inquiry in an existing examination or investigation.
  • The conduct was already under investigation when the information was submitted, and the information significantly contributed to the success of the action.
  • The whistleblower reports original information through his or her employer’s internal whistleblower, legal, or compliance procedures before or at the same time it is passed along to the Commission; the employer provides the whistleblower’s information (and any subsequently-discovered information) to the Commission; and the employer’s report satisfies the other whistleblower requirements.
The SEC obtains monetary sanctions totaling $1 million from the whistleblower’s information (this includes an aggregate of multiple cases brought to the agency by the same whistleblower and the award can range from 10 percent to 30 percent of the sanctions). (And now for the controversy.) The final rules do not require that employee whistleblowers report violations internally in order to qualify for an award. However, the rules strengthen incentives that had been proposed and add certain additional incentives intended to encourage employees to utilize their own company’s internal compliance programs when appropriate to do so. After looking over several client memos from well-known law firms, I found three that came out following the May 25 SEC decision that address the whistleblower issue. These are the memos I believe are worth reading…
  • SEC Adopts New Rules to Encourage Whistleblowers, Martin Lipton, Steven A. Rosenblum, John F. Savarese, Wayne M. Carlin, Karessa L. Cain of Wachtell, Lipton, Rosen & Katz, May 26, 2011. Excerpt: One of the most actively debated aspects of the new whistleblower program has been whether individuals should be required to report possible violations via a company’s internal compliance processes before going to the SEC with the information. (See our memorandum of November 19, 2010 here.) Many companies and other commentators have suggested that companies should be afforded an opportunity to investigate and address potential violations, and they have expressed concern that the new rules will undermine the effectiveness of internal reporting and compliance programs and the ability of companies to detect, address and prevent instances of corporate misconduct. The possibility of SEC payments could also motivate whistleblowers to delay reporting violations internally or otherwise interfere with internal compliance processes in order to enhance the likelihood of a bounty payment from the SEC. … The active participation of employees and others who are best positioned to detect wrongdoing and alert their company to early warning signs is an essential component of an effective compliance program. Notwithstanding the new whistleblower rules, and the unfortunate incentives they may create to bypass internal reporting, it remains as important as ever to continue to develop and promote a robust internal compliance program.
  • A Divided SEC Issues Final Dodd-Frank Whistleblower Program Rules, Jordan Eth, Randall Fons, and Justin Hoogs, Morrison & Foerster, May 25, 2011. Excerpt: There is little doubt that the new whistleblower program will result in increased SEC enforcement activity. But it is likely that the program, especially as now structured, will also cause an uptick in tips and complaints being provided to companies’ internal compliance programs and hotlines. As a result, companies should review and update their compliance and ethics programs to ensure their programs allow them to identify, investigate, and handle possible misconduct quickly and effectively. In investigating or reviewing whistleblower tips or concerns, companies should be aware that their actions, both before and after the information is received, may well be reviewed by the SEC with the benefit of hindsight. As a result, a plan of action for dealing with tips or concerns must be well-designed and effective. Companies should also reinforce the message to employees that adherence to the securities laws is a consistent and core value, and that concerns will be taken seriously. Experience with other statutes suggests that whistleblowers are often employees who raised concerns internally and felt that issues were not adequately addressed by their employers. When an SEC investigation is instituted, a company is often in for a long and difficult period. Understanding how to deal with whistleblowers and the concerns they raise can minimize the disruption and expense that begins when the SEC enforcement division comes calling.
  • SEC Adopts Whistleblower Rules, Cydney Posner of Cooley Morgan & Lewis, May 25, 2011. Excerpt: As I emailed yesterday [May 24], the proposal has been quite controversial, and that controversy continued into today's meeting, with both Commissioners [Kathleen] Casey and [Troy] Paredes voting against adoption. In particular, as noted yesterday, the issue of whether the SEC should mandate prior or contemporaneous internal compliance reporting has been extremely contentious, with some arguing that mandatory internal reporting might deter some whistleblowers and others contending that allowing whistleblowers to bypass the entities' internal compliance programs would undermine the ability of these entities to identify and promptly remediate fraud or other wrongdoing, especially if the bad acts were not ultimately within the province of the SEC. According to the majority, the rules have successfully calibrated the balance on this and other challenging policy issues: The SEC did not opt to mandate that whistleblowers report through an entity's internal compliance program as a condition to receiving awards, instead leaving that decision in the hands of each whistleblower; however, as discussed below, the final rules did increase the incentives for internal reporting. The SEC believed that the optimal approach was to encourage internal reporting where appropriate, but, where inappropriate, to allow the individual whistleblower to make that determination.
  • About the Author:Gary Larkin

    Gary Larkin

    Gary Larkin is a research associate in the corporate leadership department at The Conference Board in New York. His research focuses on corporate governance, including succession planning, board compo…

    Full Bio | More from Gary Larkin


0 Comment Comment Policy

Please Sign In to post a comment.

    Subscribe to the Governance Blog
    Support Our Work

    Support our nonpartisan, nonprofit research and insights which help leaders address societal challenges.






    Organization Design Conference

    Organization Design Conference

    November 17 - 18, 2020