The Sarbanes-Oxley Act provides enhanced protection for whistleblowers [Section 806 of the Act adds 18 U.S.C. § 1514A (2002)]. The new section 806 provides protection for employees who act as whistleblowers in a corporation subject to federal securities laws reporting requirements. The new section prohibits a corporation “or any officer, employee, contractor, subcontractor, or agent of such company,” from discharging, demoting, suspending, harassing, or discriminating against any employee for whistle blowing. Any action by a whistleblower must “be commenced not later than 90 days after the date on which the violation occurs” by filing a complaint with the Secretary of Labor. An officer, as an employee of the issuer, should be protected like any other employee under the whistle-blowing provisions. This would be consistent with the approach of modern corporate statutes, such as the Revised Model Business Corporations Act, which distinguishes between directors and officers in part because of the employee status of officers, but imposes similar fiduciary duties on both. Because officers are burdened, however, with fiduciary duties to corporations substantially similar to those of directors, as a result of officers not being “ordinary” employees, an argument could be made that the whistle-blowing protections ought not to extend to them. This argument, however, defies the intent of whistle-blowing provisions to encourage disclosure.
The more interesting question involves the directors. Whistle-blowing provisions do not cover non-employee directors. Yet, the Sarbanes-Oxley Act appears to impose greater regulation on the specifics of behavior deemed minimally necessary to comply with directors’ duties of care. It is not clear, however, that the Sarbanes-Oxley Act has substantially altered the substance of director fiduciary duties in general, except to the extent of adding detail (and thus limiting discretion) with respect to certain conduct. . . . . . Moreover, the statute creates some traps for the unwary employee. For example, an employee that conveys the information to the press or inferior employees may not be subject to the protection of the Act, since these groups are not included within the class of persons to which information may be conveyed. If the information conveyed is not connected to the violations referenced in the Act, the conveyance of that information, including perhaps otherwise confidential business information which might, after the fact, not be deemed to constitute information relating to a covered violation, would not be protected by the Act. Moreover, the affected employee must file a complaint with the Secretary of Labor within 90 days after the date on which the violation occurs. Failure to meet this requirement, like similar failures in the context of race and sex discrimination, may have jurisdictional, and therefore preclusive, effect. One can speculate that this very short statute of limitations will operate as a fairly effective trap for the unwary. Many employees otherwise entitled to protection will find themselves unable to rely on the protection of the Sarbanes-Oxley Act for waiting too long to assert their rights. . . . . There is one caveat: It is not clear whether section 806’s whistle-blower provisions protect employees other than those of the reporting company. Backer, Larry Catá, "The Sarbanes-Oxley Act: Federalizing Norms for Officer, Lawyer and Accountant Behavior." St. Johns Law Review 76:897-952 (2002) at 936, 939-40.
SEC Implements Final Whistleblower Rules to Address Concerns of Undermined Internal Compliance Programs
On May 25, 2011, the SEC adopted final rules implementing the whistleblower provisions of the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 (“Dodd-Frank”). Among other things, Dodd-Frank established a whistleblower program that requires the SEC to pay an award under certain circumstances to eligible whistleblowers who voluntarily provide the SEC with original information about a federal securities law violation that leads to successful enforcement actions resulting in monetary sanctions exceeding $1,000,000, with monetary awards ranging between 10% to 30% percent of the monetary sanctions imposed. The new rules define certain terms critical to the operation of the whistleblower program, outline the procedures for applying for awards and the SEC’s procedures for making decisions on claims, and generally explain the scope of the whistleblower program to the public and to potential whistleblowers.
Since the passage of Dodd-Frank, parties potentially affected by whistleblower activity have questioned the scope of the new law and how the monetary incentives for whistleblower activity could reduce the effectiveness of a company’s existing compliance, legal, audit and similar internal processes for handling potential violations of the federal securities laws.
The SEC’s rules do not require whistleblowers to use internal compliance programs before making a whistleblower submission to the SEC. However, the rules attempt to address the potential for employees to bypass their company’s internal compliance programs by providing incentives for internal compliance. First, the rules treat an employee as a whistleblower as of the date that employee reports the information internally – as long as the employee provides the same information to the SEC within 120 days. The SEC intended for this rule to preserve an employee’s priority for a possible award where the employee reports the information internally first. Second, the rules provide that a whistleblower can receive an award for reporting original information to a company’s internal compliance program, if the company reports information to the SEC that leads to a successful SEC action, and in such instance, all the information provided by the company to the SEC will be attributed to the whistleblower. Finally, the SEC is also allowed to consider higher percentage awards for whistleblowers who first report their information through effective internal compliance programs and may decrease awards for interference with internal compliance and reporting.
To address concerns raised by the possibility of compliance personnel and independent auditors attempting to use information they obtain through their positions to make whistleblower claims, the rules also clarify that certain categories of people are not eligible for awards and information obtained through attorney-client communications would be excluded. Focusing on those groups with established professional obligations that play a critical role in achieving compliance with the federal securities laws, the rules include certain exclusions for these professionals and others under the definition of “independent knowledge.”
The rules are available on the SEC’s website at http://www.sec.gov/rules/final/2011/34-64545.pdf.