Print
E-MailMartin Lipton is a founding partner of Wachtell, Lipton, Rosen & Katz, specializing in mergers and acquisitions and matters affecting corporate policy and strategy. This post is based on a Wachtell Lipton firm memorandum by Mr. Lipton, Steven A. Rosenblum, John F. Savarese, Wayne M. Carlin and Karessa L. Cain.
Recently, the SEC adopted controversial new rules that create significant financial incentives for whistleblower employees to report suspected securities law violations directly to the SEC, potentially circumventing company compliance programs in the process. Under the new rules, which were adopted pursuant to Section 922 of the Dodd-Frank Act, the SEC will pay awards to whistleblowers who voluntarily provide the SEC with original information about a violation of securities laws that leads to a successful enforcement action brought by the SEC and that results in monetary sanctions exceeding $1 million.
The size of potential bounty payments may range from 10% to up to 30% of the total monetary sanctions collected in successful SEC and related actions. In some cases, this could result in multimillion dollar cash payments to whistleblowers. The final rules set forth the SEC’s methodology for determining awards, with specified factors weighing in favor of an increase in the reward size and others weighing in favor of a reduction in the reward size. In addition, the rules provide that various persons will not be eligible for whistleblower payments, including compliance and internal audit personnel, but an exception is provided for such personnel if they believe disclosure “may prevent substantial injury to the financial interest or property” of the company or investors, and at least 120 days have elapsed since the whistleblower reported the information internally at the company or became aware of information that was already known to the company.
One of the most actively debated aspects of the new whistleblower program has been whether individuals should be required to report possible violations via a company’s internal compliance processes before going to the SEC with the information. (See our memorandum of November 19, 2010 here.) Many companies and other commentators have suggested that companies should be afforded an opportunity to investigate and address potential violations, and they have expressed concern that the new rules will undermine the effectiveness of internal reporting and compliance programs and the ability of companies to detect, address and prevent instances of corporate misconduct. The possibility of SEC payments could also motivate whistleblowers to delay reporting violations internally or otherwise interfere with internal compliance processes in order to enhance the likelihood of a bounty payment from the SEC.
Although the SEC declined to require whistleblowers to report violations internally in the first instance in order to be eligible for a bounty, it did incorporate certain provisions in its final rules which are intended to strengthen incentives for employees to utilize corporate internal compliance programs, including the following:
- A whistleblower’s voluntary participation in a company’s internal compliance system is a factor that can increase the amount of an award and, conversely, a whistleblower’s interference with internal compliance and reporting is a factor that can decrease the amount of an award.
- A whistleblower who reports original information to a company’s compliance and reporting system will get credit for all information that is in turn provided by the company to the SEC, regardless of whether the information was included in the whistleblower’s report to the company or generated by the company in its investigation of the matter.
- A whistleblower will be deemed to have reported information to the SEC on the date that he or she makes an internal report to a company, so long as the whistleblower or the company subsequently reports the information to the SEC within 120 days of the initial internal report.
In recent years – and particularly following the advent of the Sarbanes-Oxley Act in 2001 – many public companies have spent considerable time and effort to enhance the effectiveness of their internal compliance systems by, for example, creating a whistleblower hotline, cultivating a “tone at the top” that places a premium on legal compliance and ethics, establishing a “zero tolerance” policy for misconduct, promptly investigating reports of misconduct, and taking appropriate preventive and remedial measures. Such programs have become an integral part of good corporate governance and are essential for companies to effectively monitor and deter misconduct that has far-reaching consequences for the company, its shareholders and other stakeholders. The active participation of employees and others who are best positioned to detect wrongdoing and alert their company to early warning signs is an essential component of an effective compliance program. Notwithstanding the new whistleblower rules, and the unfortunate incentives they may create to bypass internal reporting, it remains as important as ever to continue to develop and promote a robust internal compliance program.
