The Securities and Exchange Commission, continuing its crackdown on “pretaliation” strikes against whistleblowers, will now integrate those efforts into its nationwide examination and inspection program for financial firms.
A new risk alert from the Office of Compliance Inspections and Examinations informs registrants that it will include a review of registrants’ compliance with rules impacting whistleblowers and potential whistleblowers that arose out of the Dodd-Frank Act.
The alert describes risks that firms may consider to: assess their supervisory, compliance and/or other risk management systems related to these risks; and make any changes, as appropriate, to address or strengthen those systems. “The adequacy of supervisory, compliance and other risk management systems can be determined only with reference to the profile of each specific firm and other facts and circumstances,” OCIE wrote.
OCIE says its examinations of registered investment advisers and registered broker-dealers will review, among other things, compliance manuals, codes of ethics, employment agreements, and severance agreements to determine whether provisions in those documents pertaining to confidentiality of information and reporting of possible securities law violations may raise concerns under Rule 21F-17 of the SEC’’s whistleblower regulations. This review is included in examinations as examiners deem appropriate.
The Dodd-Frank Act amended the Securities Exchange Act by adding Section 21F, entitled “Securities Whistleblower Incentives and Protection.” In response, the Commission adopted Rule 21F-173. Effective since August 2011, it provides that “no person may take any action to impede an individual from communicating directly with the Commission staff about a possible securities law violation, including enforcing, or threatening to enforce, a confidentiality agreement…with respect to such communications.”
Recent enforcement actions have identified certain provisions of confidentiality or other agreements required by employers as contributing to violations of Rule 21F-17 because they contained language that, by itself or under the circumstances in which the agreements were used, impeded employees and former employees from communicating with the Commission concerning possible securities law violations. This potential chilling effect can be especially pronounced when documents, such as severance agreements, stipulate that an employee may forfeit all benefits if he or she violates any terms of the agreement.
Among the activities that have fueled recent enforcement actions: severance agreements requiring the signatory to waive his or her right to any monetary recovery pursuant to Section 21F; severance agreements including language requiring the signatory to waive his or her right to any monetary recovery related to a government investigation; severance agreements limiting the types of disclosures employees could make to the Commission or other government authorities; and requiring witnesses to sign a confidentiality statement agreeing that they would not discuss the subject matter without prior approval of the company’s law department.
During a review, OCIE staff will assesses whether employee documents contain provisions similar to those in agreements the Commission has found to violate Rule 21F-17, including provisions that: purport to limit the types of information that an employee may convey to the Commission or other authorities; and require departing employees to waive their rights to any individual monetary recovery in connection with reporting information to the government.
Staff will also assesses whether these documents contain other language that may contribute to violations of Rule 21F-17 by impeding employees or former employees from communicating with the Commission. This may include language that:
require an employee to represent that he or she has not assisted in any investigation involving the registrant;
prohibit any and all disclosures of confidential information, without any exception for voluntary communications with the Commission concerning possible securities laws violations;
require an employee to notify and/or obtain consent from the registrant prior to disclosing confidential information, without any exception for voluntary communications with the Commission concerning possible securities laws violations; or
purport to permit disclosures of confidential information only as required by law, without any exception for voluntary communications with the Commission concerning possible securities laws violations.
When examining registrants’ compliance with Rule 21F-17, OCIE is citing deficiencies and making referrals to the Division of Enforcement where appropriate.
Registrants are encouraged to consider the issues identified in this Risk Alert to evaluate whether their compliance manuals, codes of ethics, employment agreements, severance agreements, and other documents contain language that may be inconsistent with Rule 21F-17.