Attention Private Companies… The SEC Crackdown on Anti-Whistleblowing Agreements Concerns You Too

Bounties and Fines

Whistleblowing has become a fact of life for business. And whistleblowing enforcement is a top U.S. Securities and Exchange Commission priority, with a growing number high profile, “send-a-message” cases.

The SEC whistleblower program, launched in 2011 as part of Wall Street reform legislation, has expanded rapidly, taking off in 2016. To date, the Commission has awarded more than $85 million to 32 whistleblowers in enforcement cases imposing over $504 million in sanctions on businesses. [1]

The frequency and size of whistleblower awards have increased over time, from one award of $50,000 in 2012 to 10 awards amounting to $26 million through June 2016. Six of the 10 awards were over $1 million; one was for $17 million paid to one person. The money awarded through the first six months of 2016 represents over 30 percent of all the whistleblower funds the SEC has distributed since 2011. [2]

Private Companies Can Be SEC Targets

Although private companies don’t file periodic reports with the SEC they’re still subject to certain federal securities laws and regulations, including SEC whistleblowing enforcement, when they conduct securities offerings.

  • Privately-held businesses seeking to raise capital should take a second look at their confidentiality agreements which may expose them to SEC enforcement.

No SEC Bounty Award Waivers

In two recent high profile cases, the SEC fined publicly traded Health Net Inc. [3] and BlueLinx Holdings Inc. [4] for requiring departing employees in severance agreements to sign away their right under federal law to receive whistleblower awards.

In the Health Net case, 600 employees signed agreements in which they waived the right to a financial award “to the maximum extent permitted by law”. Despite this qualifying language, the agreements were viewed as violating the SEC’s Whistleblower Protection Rules. And, notably, the Commission said there was no evidence anyone had actually been deterred from reporting wrongdoing to the agency but nevertheless took action because of the “chilling effect” on potential whistleblowers.

According to the SEC, the waivers removed “the critically important financial incentives” designed to encourage potential whistleblowers to contact the Commission. Health Net settled the matter by dropping the waiver and paying a $340,000 “monetary sanction”. Building products distributor BlueLinx paid a $265,000 penalty in a similar settlement. Neither firm admitted or denied liability.

Employee Gag Clauses Barred

The HN and BLH cases, which targeted government bounty waivers, represent an increasingly aggressive posture by the SEC in defense of whistleblowers and the federal whistleblowing regime and are part of a SEC focus on the area.

Previously, for example, the Commission brought employee gag cases such as the one against technology and engineering firm KBR, Inc. [5] for barring employees involved in internal investigations from tipping off the SEC about securities law violations, and the Bank of America’s Merrill Lynch brokerage arm, [6] for prohibiting employees from contacting the Commission without first telling B of A’s lawyers. Both cases were settled, the firms fined and the communication restrictions dropped.

Federal Whistleblower Rules

The Sarbanes-Oxley Act of 2002 (“SOX”), passed after the accounting scandals of the early 2000’s, and the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 (“Dodd-Frank”), adopted following the global credit crisis, both offer protections for employees who face retaliation for “blowing the whistle” on corporate misconduct. Dodd-Frank also greatly increases the financial incentives to employees who report potential securities law violations to regulators. [7], [8].

In 2011, the SEC adopted Regulation 21F and Rule 21F-17 [9], under Dodd-Frank, which bars companies from taking any action that could “impede an individual from communicating directly” with the SEC.

Tips to Avoid SEC Whistleblower Enforcement


  • Have securities counsel (not an employment lawyer [10]) review:
    – employment
    – non-disclosure (NDA)
    – confidentiality, and
    – severance agreements
    – employee handbooks
    – internal policies and procedures
    for language that could be interpreted as impeding employees from contacting the SEC or having a chilling effect on that contact, or that is otherwise inconsistent with how the SEC interprets its own rules.


  • Adopting whistleblower policy which clearly states that there will be no retaliation for reporting.
  • Providing several ways to report a violation, including by email, a toll-free hotline and a confidential/anonymous disclosure system.
  • Offering periodic training on the company’s whistleblower policy and assure employees that their complaints will be handled appropriately.
  • Taking immediate action upon receipt of a whistleblower complaint. The SEC has emphasized that the promptness with which a company self-reports misconduct is an important factor in considering whether to grant leniency for cooperating in the SEC’s investigations and enforcement efforts.
  • Reviewing and potentially expanding the scope of the company’s directors’ and officers ‘insurance policy to ensure adequate coverage in the event of a SEC investigation, as the SEC Whistleblower Rules are resulting in an increasing number SEC investigations in the area.

Do Not:

  • Have a policy that suspected wrongdoing must be reported internally before being reported externally. NB: Companies can encourage – but cannot require – that employees report federal securities violations and possible violations internally.
  • Require employees to “pre-notify” the company or disclose after the fact if they’ve filed complaints or claims with a government agency. NB: Some companies require employees to sign an annual acknowledgment that they have reported any potential issues about which they have information – this practice raises a red flag.
  • Require waivers of any government monetary awards
  • Condition an employee’s right to indemnification in litigation or other employment-related benefits on following company policies that limit the employee’s ability to report wrongdoing to the SEC.
  • Attempt to confirm with employees in exit interviews or separation agreements that the employee is not aware of any possible violations.

  1. SEC Press Rel., 2016-136, Jul.8, 2016
  2. Id. Whistleblower monies are paid from a common SEC fund, not by respondent companies.
  3. In the Matter of Health Net, Inc., Sec. Act Rel. No. 78590, Aug. 16, 2016,
  4. In the Matter of BlueLinx Holdings Inc., Sec. Act Rel. No. 78528, Aug. 10, 2016, SEC
  5. In the Matter of KBR, Inc., Sec. Act Rel. No. 74619, Apr. 1, 2015.
  6. In the Matter of Merrill Lynch, Pierce, Fenner & Smith Professional Clearing Corp., Sec. Act. Rel. 78141, Jun. 23, 2016.
  7. The relevant provision of Rule 21F-17 provides that in any action by the SEC resulting in monetary sanctions exceeding $1 million, the SEC “shall pay an award,” in an amount between 10-30% of the monetary sanctions collected, to whistleblowers who “voluntarily provided original information to the [SEC] that led to the successful enforcement” of the action. 15 U.S.C. § 78u-6(b). This could happen, for example, where one or more whistleblowers voluntarily provide original information regarding a violation or possible violation of the federal securities laws and the information leads to one or more enforcement actions that result in monetary sanctions exceeding $1 million. 

    In addition to the financial incentives for whistleblowers, Section 922 of Dodd-Frank creates a private right of action for whistleblowers who suffer retaliation which prohibits employers from discharging, demoting, suspending, threatening, harassing or otherwise discriminating against a whistleblower because of any lawful act or report by the whistleblower.

  8. Whether Dodd-Frank’s Whistleblower Protections Apply Where An Employee Reports Internally And Not To The SEC.
    See J. Harper, et al., “The Expanding Scope of Whistleblower Protections”, Harvard Law School Forum on Corporate Governance and Financial Regulation, May 21, 2014.
  9. SEC Regulation 21F, SEC Staff Communications with Whistleblowers, 

    SEC Rule 21F-17, SEC Staff Communications with Whistleblowers, 

    Rule 21F-17 only covers communications with SEC staff. The U.S. Department of Labor, the Commodity Futures Trading Commission and the Internal Revenue Service have their own whistleblowing programs.

  10. In contrast to SEC whistleblower awards, employers are legally allowed to prohibit employees from recovering anything in an EEOC action after signing severance agreements that include a settlement payment. The U.S. Equal Employment Opportunity Commission takes action against companies directly on behalf of employees and so doesn’t provide awards for the receipt of information in the same way that the SEC does.