SEC Extends Whistleblower Protection Rules to Private Business Use of Employee Confidentiality Agreements
The use of confidentiality agreements at the beginning and end of an employment relationship is a common practice in the business world. For good reason, public and private businesses need to protect their valuable information from competitor hands. Over the last eight years, the United States Securities and Exchange Commission (SEC) limited publicly held businesses’ use of confidentiality agreements that in any way discouraged the reporting of potential securities law violations to the SEC and government entities.[i] In contrast, private companies did not have it on their radar to vet standard form employee agreements for SEC compliance – until now, with a recent enforcement action.[ii]
Background
A key feature of the SEC’s whistleblower protection regime is Rule 21F-17(a), which prohibits taking “any action to impede an individual from communicating directly with the Commission staff about a possible securities law violation, including enforcing, or threatening to enforce, a confidentiality agreement ... with respect to such communications.”
Since its adoption, the SEC has applied Rule 21F-17(a) to routine confidentiality agreements, anti-disparagement clauses, or internal policies that could theoretically discourage potential whistleblowers from bringing their concerns to the SEC. SEC Rule 21F-17 enforcement actions came in several flavors. First, the SEC has taken the view that confidentiality agreements must expressly permit the employee to report potential securities violations to the government. Second, company confidentiality agreements may not limit the employee’s ability to recover any financial reward that they may receive for reporting potential violations. According to the SEC, removing a potential financial reward for reporting suspected violations may reduce whistleblower reporting incentives. Next, the company may not impose any obligation on the employee to notify the company if the SEC contacts them seeking information about the company. Finally, a company cannot condition their severance agreements on a representation that the exiting employee has not filed a complaint with a government agency.[iii] The SEC has taken a prophylactic approach to interpreting Rule 21F-17(a). From the SEC’s view, it simply does not matter that there is no proof that any person ever had a concern or was in any way discouraged from reporting potential securities law violations to the SEC.
What Has Changed
Recently, the SEC charged a privately owned, Nebraska-based energy and technology company (the “Company”) with violating its whistleblower protection rules. The Company’s standard severance agreement imposed confidentiality requirements on its departing employees. The agreement provided that “nothing in this agreement is intended to limit in anyway your right or ability to file a charge or claim with any federal, state or local agency.” However, the agreement required exiting employees to forego any recovery of a monetary award for filing their claim or participating in the governmental agency investigation or action. The agreement also required the waiver of any resulting equitable relief, such as reinstatement.
While 22 of the Company’s former employees signed the agreement in question, the SEC noted that it found no instances where any employee was actually discouraged from reporting any potential securities law violations or that the Company took any affirmative steps to prevent any employee communication or cooperation with the SEC. Despite this, the SEC found that “[the] separation agreements raised impediments to participation in the Commission’s whistleblower program by having the employees forego the critically important financial incentives that are intended to encourage persons to communicate directly with the Commission staff about possible securities law violations. Such restrictions on accepting financial awards for providing information regarding possible securities law violations to the Commission undermine the purpose of Section 21F and Rule 21F-17(a) …”
In addition to the entry of a cease-and-desist order, the Company paid $225,000 for the violation. While this penalty may appear very high for victimless conduct, the penalty could have been much higher. Indeed, the SEC noted that the Company received a reduced sanction based on its proactive remedial measures. The Company revised its form severance agreements “to make clear that the agreement does not in any way limit a separated employee’s ability to obtain an incentive award in connection with providing information to governmental agencies.” Additionally, the Company contacted all of its former employees and retracted the limitation on the receipt of any award or equitable relief.
In announcing the enforcement action, the SEC made a strong pronouncement:
“Both private and public companies must understand that they cannot take actions or use separation agreements that in any way disincentivize employees from communicating with SEC staff about potential violations of the federal securities laws” and “[a]ny attempt to stifle or discourage this type of communication undermines our regulatory oversight and will be dealt with appropriately.”
Key Takeaways
The SEC Order represents a new push into the way privately held businesses manage their employment relationships. The SEC has staked its position that the use of any restriction that may discourage whistleblower activity will be sanctioned regardless of the nature of the business’ ownership. All businesses, public or private, should take the opportunity to review their employee separation and confidentiality agreements with an eye to the Order, especially in the employment context. Businesses should revise their standard agreements to assure that they: (i) expressly permit the employee to report potential legal violations to the government; (ii) place no limit on the employee’s ability to recover any financial reward that they may receive for reporting potential violations (whistleblowing); (iii) impose no obligation to notify the company if the government seeks information about the company; and (iv) avoid requiring an employee represent that they have not filed a complaint with a government agency.
However, the SEC Order does not appear to prohibit employees from entering into a separation agreement permitting them to file administrative charges with the EEOC, DOL or other similar agencies after signing, but waiving their right to any recovery based on those administrative charges in exchange for a separation payment, as many standard separation agreements require.
[i] See In re KBR, Inc., Exchange Act Rel. No. 74619 (April 1, 2015); In re Merrill Lynch, Peirce, Fenner & Smith, Inc., Exchange Act Rel. No. 78141 (June 23, 2016); In re BlueLinx Holdings, Inc., Exchange Act Rel. No. 78528 (Aug. 10, 2016); In re HealthNet, Inc., Exchange Act Rel. No. 78590 (Aug. 16, 2016); In re Anheuser-Busch InBev SA/NV, Exchange Act Rel. No. 78957 (Sept. 28, 2016); In re NeuStar, Inc., Exchange Act Rel. No. 79593 (Dec. 19, 2016); In re SandRidge Energy, Inc., Exchange Act Rel. No. 79607 (Dec. 20, 2016); In re BlackRock, Inc., Exchange Act Rel. No. 79804 (Jan. 17, 2017); In re Homestreet, Inc., et al., Exchange Act Rel. No. 79844 (Jan. 19, 2017); In re Brinks Co., SEC Exchange Act Rel. No, 95138 (June 22, 2022).
[ii] See In re Monolith Resources, LLC, Exchange Act Re. No. 98322 (Sept. 8, 2023). To date, the only “non-public” company that the SEC brought an enforcement action against that included a Rule 21F-17(a) charge was where the company was accused of engaging in a fraudulent securities offering and used confidentiality provisions in investor settlement agreements in an attempt to prevent investor complaints to the SEC. See SEC v. Collectors Café, Inc.,et ano, 19-CV-04355-LGS-GWG (S.D.N.Y. Nov. 4, 2019)
[iii] In re CBRE, Inc., Exchange Act Re. No. 98429 (Sept. 19, 2023).