As new areas of the law emerge, driven in part by technology and the free flow of information, federal agencies are becoming more aggressive with a tried and true carrot-and-stick approach to law and regulatory enforcement.
In a recent PLI panel on government enforcement priorities in May 2024, Brent Wible, Chief Counselor, Office of the Assistant Attorney General, Department of Justice (DOJ or Department); Daniel Gitner, Chief of the Criminal Division, US Attorney’s Office for the Southern District of New York (SDNY or the Office); and Antonia Apps, Director of the New York Regional Office of the Securities and Exchange Commission (SEC or Commission) shared their thoughts, priorities and practices in 2024 enforcement and beyond.
All of the government lawyers stressed that the DOJ and enforcement agencies are open and are actively encouraging whistleblowers with new incentives and programs. To that end, Mr. Gitner from the SDNY stated very directly that corporations need to understand that there is a “need for speed” in corporate self-disclosures. Otherwise, whistleblowers will be closing the door to the benefits of corporate self-disclosures. Put differently, enforcement agencies do not want a corporation to complete lengthy internal investigations before reporting.
A uniform theme and stance taken by all is that whistleblowers are valuable, and bounties will be paid in cash or in deferred prosecution agreements or possibly both. Whistleblowers must be protected. Internal and external whistleblowers should be encouraged.
This article focuses on three whistleblower initiatives—(i) the SEC’s Whistleblower Program, (ii) the SDNY Whistleblower Pilot Program and (iii) DOJ’s Pilot Whistleblower Program for voluntary self-disclosure—and how those programs may impact a corporation’s response to whistleblowers, internal investigations, and disclosures.
SEC 21F WHISTLEBLOWER PROGRAM
Since its inception more than a decade ago, the SEC’s Whistleblower Program is widely viewed as successfully incentivizing whistleblower reports of violations of the securities laws. In its 2023 fiscal year, the SEC received more than 18,000 tips from whistleblowers and issued the most awards to whistleblowers ever in one year, totaling nearly US$600 million. That year, the Commission also issued its largest ever award of US$279 million to a single whistleblower.1
What is the SEC’s Whistleblower Program?
Section 21F of the Securities Exchange Act of 1934, codified as part of the Dodd-Frank Wall Street Reform and Consumer Protection Act, requires the SEC to pay awards to whistleblowers who provide information to the SEC about violations of federal securities laws.2 Accordingly, the SEC has issued a series of rulemakings implementing Section 21F to create its whistleblower program. To qualify as a whistleblower, an individual must voluntarily provide the SEC with original information in writing about a possible violation of federal securities law that has occurred, is ongoing, or is about to occur.3 To qualify for an award, this information must lead to a successful enforcement action with monetary sanctions totaling more than US$1 million.4
“Original” information means that it cannot be found in publicly available sources and is not already known by the Commission, but is instead the product of the whistleblower’s independent knowledge or analysis.5 A submission is “voluntary” if the whistleblower provides it to the SEC before receiving a regulatory request or demand for information relating to the same subject matter. Therefore, a submission of information that is made in response to a request, inquiry, or demand by the SEC, the Public Company Accounting Oversight Board, a self-regulatory organization (such as the Financial Industry Regulatory Authority), or a separate federal or state governmental body does not qualify as a voluntary submission.6 Additionally, a submission that is required under a legal or contractual duty to the Commission is not considered voluntary and is thus ineligible for an award.7
The SEC’s whistleblower rules also include anti-retaliation protections intended to ensure that the incentives provided to whistleblowers for reporting are not outweighed by a fear of reprisal from their employer. Under Rule 21F-17, companies are prohibited from interfering with or impeding a whistleblower’s communications to the SEC about a possible violation of the securities laws, including through enforcement or threatened enforcement of a confidentiality agreement that may be read to prevent whistleblower communications with the SEC.8
The SEC is taking violations of Rule 21F-17 seriously and has increased enforcement activity in this area over the last two years. The Commission brought a number of actions, with significant civil penalties, focused on corporate agreements containing confidentiality language that, according to the SEC, does not provide an express exception for whistleblower communications. The enforcement actions extend to different types of companies, including publicly traded companies, privately held companies, broker-dealers and investment advisers, and to a variety of forms of agreements with employees and customers alike.9
For example, a gaming company paid US$35 million to settle claims that it had violated the whistleblower protection rule by requiring former employees to execute separation agreements that obligated them to notify the company of any request for information received from the Commission, in addition to compliance failures regarding workplace complaints.10 In January 2024, the SEC settled the largest ever standalone Rule 21F-17 case, imposing US$18 million in civil penalties against a dually registered investment adviser and broker dealer for allegedly requiring clients to sign a confidential release agreement—without expressly allowing for direct communications to regulators regarding potential securities law violations—in order to receive certain credit or settlement payments.11 In another case involving US$10 million in civil penalties, the Commission charged a registered investment adviser with a standalone violation of Rule 21F-17 based on employment agreements that contained a confidentiality clause prohibiting external disclosure of confidential company information, without a carve-out for voluntary communications with the SEC concerning possible violations of the securities laws.12 As recently stated by the co-chief of the SEC Enforcement Division’s Asset Management Unit, “Investors, whether retail or otherwise, must be free to report complaints to the SEC without any interference. Those drafting or using confidentiality agreements need to ensure that they do not include provisions that impede potential whistleblowers.”13
SDNY WHISTLEBLOWER PILOT PROGRAM
In February 2024, the SDNY launched a whistleblower pilot program. The purpose of the program is to encourage early and voluntary self-disclosure of criminal conduct by individual participants.14 The program is applicable to disclosures of conduct committed by public or private companies, exchanges, financial institutions, investment advisers, or investment funds involving fraud or corporate control failure or affecting market integrity, or criminal conduct involving state or local bribery or fraud relating to federal, state, or local funds.15 In exchange for a qualifying self-disclosure, the Office will enter into a non-prosecution agreement with the whistleblower.16
Given that a non-prosecution agreement is promised, the SDNY has identified factors to determine whether a whistleblower qualifies for a discretionary non prosecution agreement. The most salient include: whether and to what extent the misconduct is unknown to either SDNY or the DOJ; whether the information is disclosed voluntarily to SDNY and not in response to an inquiry or obligation to report misconduct; whether the whistleblower provides substantial assistance in the investigation and prosecution of culpable individuals, and in the investigation and prosecution of the disclosed conduct; whether the whistleblower truthfully and completely discloses all criminal conduct they participated in and are aware of; whether the whistleblower is a chief executive officer or chief financial officer of a public or private company, who is not eligible for the pilot program; and the adequacy of noncriminal sanctions, such as remedies imposed by civil regulators.
Mr. Gitner said the defense bar is coming around to a non-prosecution carrot for individuals involved in wrongdoing within the corporation. Mr. Gitner said that SDNY seeks early discussions, and the pilot program seems to be driving toward that goal.
DOJ PILOT PROGRAM ON VOLUNTARY SELF-DISCLOSURES FOR INDIVIDUALS
In March 2024, the DOJ announced an upcoming program to reward whistleblowers who report corporate crimes. The new program seeks to bolster existing whistleblower programs established by the SEC (discussed above), the Commodities Future Trading Commission (CFTC), the Internal Revenue Service, and the Financial Crimes Enforcement Network.17 Accordingly, the program will offer rewards to whistleblowers who provide information on misconduct that is not under the jurisdiction of those agencies. In particular, the Department is interested in criminal abuses of the US financial system, foreign corruption cases outside of the SEC’s jurisdiction, and domestic corruption cases. In order to qualify, an individual must provide original, nonpublic, and truthful information that assists the Department in uncovering “significant corporate or financial misconduct” and is previously unknown to the agency.18 Like the SEC and CFTC, the Department does not plan to provide awards for information that is submitted under a preexisting duty or in response to an inquiry.19 Access to the program is only available where existing programs or qui tam actions do not exist. Additionally, the whistleblower in this program cannot be involved in the criminal activity itself. After compensation to victims, the whistleblower will receive a portion of the resulting forfeiture as a reward.20
Interestingly, however, it appears the Department may be moving away from offering monetary awards to whistleblowers. In April 2024, the Department introduced a pilot program that tracks with the SDNY and offers mandatory non prosecution agreements to individuals who provide information on corporate misconduct.21 Under the program, an individual must voluntarily self-disclose original information to the Criminal Division about criminal misconduct that is not previously known to the Department. The information must be “truthful and complete,” meaning it must include all known information relating to the misconduct, including the individual’s own culpability. In particular, the Department seeks information on violations by financial institutions; violations related to market integrity committed by financial institutions, investment advisers, investment funds, or public or private companies; foreign corruption and bribery violations by public or private companies; violations relating to health care fraud or illegal health care kickbacks; fraud or deception against the United States in connection with federally funded contracting; and bribery or kickbacks to domestic public officials by public or private companies. The whistleblower also cannot be a chief executive officer, chief financial officer, or those equivalents of a public or private company; or an elected or appointed foreign government or domestic government official; nor can the whistleblower have a previous felony conviction or a conviction of any kind involving fraud or dishonesty. Irrespective of this program, the Department still has the discretion of offering a non-prosecutorial agreement to individuals who may not meet the above criteria in full, subject to Justice Manual and Criminal Division procedures.22
TAKEAWAYS
The takeaways here for corporate in-house legal departments are:
- Federal agencies are incentivizing whistleblowers with cash and non-prosecution agreements. It is clear that wrongdoers and witnesses now more than ever have several whistleblower programs from which to choose. As a result, corporations must become more vigilant at detecting wrongdoing and effectively utilizing internal reporting systems. Careful consideration of an early self-disclosure to the appropriate agency may also be warranted. Internal investigations will take a heightened priority to aid the c-suite and board on disclosure decisions.
- Not only is protecting whistleblowers a priority but encouraging whistleblowers through heightened compliance programs, updated hotlines or other internal reporting programs should be considered. You may also wish to consider offering financial incentives for timely reporting to the corporation’s internal reporting program. All of which will benefit the company in any government disclosure.
- The enforcement risk for companies under the SEC’s whistleblower rules is real and potentially significant, including with respect to day-to-day business activities (such as entering into client or employee confidentiality agreements) that may not otherwise be recognized as creating regulatory exposure. Companies may wish to revisit their standard contracts and compliance materials to ensure that any confidentiality provisions align with Rule 21F-17.
We acknowledge the contributions to this publication from our summer associate Minu Nagashunmugam.
1 https://www.sec.gov/newsroom/enforcement-results-fy23.
2 https://www.sec.gov/about/offices/owb/reg-21f.pdf, p. 2.
3 https://www.sec.gov/about/offices/owb/reg-21f.pdf, p. 2.
4 https://www.sec.gov/about/offices/owb/reg-21f.pdf, p. 3.
5https://www.sec.gov/about/offices/owb/reg-21f.pdf, p. 5.
6 https://www.sec.gov/about/offices/owb/reg-21f.pdf, p. 5.
7 https://www.sec.gov/about/offices/owb/reg-21f.pdf, p. 5.
8 https://www.sec.gov/about/offices/owb/reg-21f.pdf, p. 28.
9 The SEC’s Office of the Whistleblower has stated that violations of Rule 21F-17 may be triggered by “internal policies, procedures, and guidance, such as codes of conduct, compliance manuals, training materials, and other such documents.” SEC, Whistleblower Protections (last updated July 1, 2024) https://www.sec.gov/enforcement-litigation/whistleblower-program/whistleblower-protections#anti-retaliation.
11 In re JP Morgan Sec. LLC, File No. 3-21829 (Jan. 16, 2024), https://www.sec.gov/files/litigation/admin/2024/34-99344.pdf.
12 In re D.E. Shaw & Co., L.P., File No. 3-21775 (Sept. 29, 2023), https://www.sec.gov/files/litigation/admin/2013/34-70396.pdf.
13 SEC Press Release (Jan. 16, 2024), https://www.sec.gov/newsroom/press-releases/2024-7.
14 https://www.justice.gov/d9/2024-05/sdny_wb_policy_effective_2-13-24.pdf
15 https://www.justice.gov/d9/2024-05/sdny_wb_policy_effective_2-13-24.pdf
16 https://www.justice.gov/d9/2024-05/sdny_wb_policy_effective_2-13-24.pdf
19 https://www.justice.gov/criminal/media/1347991/dl?inline
21https://www.justice.gov/criminal/media/1347991/dl?inline
22 https://www.justice.gov/criminal/media/1347991/dl?inline
