National Whistleblowers Center Report to the Securities and Exchange Commission (PDF version )
Table of Contents
On November 3, 2010, the Securities and Exchange
Commission (SEC) published its Proposed Rules for Implementing the
Whistleblower Provisions of Section 21F of the Securities and Exchange Act of
1934. This report constitutes a
formal submission to the SEC in accordance with the Administrative Procedure
Act on behalf of the National Whistleblowers Center (NWC), a non-profit,
tax-exempt public interest organization, along with the numerous whistleblowers
to whom the NWC provides assistance.
The SEC explicitly requested comments on the
potential impact of the Dodd-Frank Wall Street Reform Act's whistleblower
reward provisions on internal corporate compliance programs. The SEC expressed interest in obtaining
empirical data on this issue.
Based on this request, the NWC has undertaken a
comprehensive study of the impact that other qui tam reward programs have had on employee reporting
behaviors. As set forth in this
report, the objective data demonstrates that whistleblower reward laws have no impact whatsoever on the viability of
internal corporate compliance programs or the willingness of employees to
report suspected violations to their employers. The concerns raised by numerous corporate commentators are
not in any way supported by the actual underlying data.
Issues created by the overlap of corporate compliance
programs and whistleblower disclosures are not new issues.
As early as 1984, the current Executive Director of the NWC worked directly with
whistleblowers who raised internal complaints within their corporate
structures, and attempted to develop a strong legal analysis ensuring that
employees who worked within compliance programs would be protected. In 1985, he co-authored an amicus brief filed with the U.S. Court
of Appeals for the Tenth Circuit on this issue, urging the Court to fully
protect compliance employees who raised concerns within the corporate
structure. See Exhibit 1, Kansas
Gas & Electric v. Brock (all Exhibits are available online at our website,
please see the addresses listed at the conclusion of this document).
The NWC has assisted in drafting and advocating for
legislation that explicitly provides legal protection for employees who raise
concerns within their corporate structures. The NWC participated in the drafting of both the Dodd-Frank
and Sarbanes-Oxley anti-retaliation provisions to ensure that those laws
protected employees who chose to work internally with their employers.
Based on its many years of
public policy and legal advocacy experience, the NWC is well-versed in all of
the major issues concerning internal reporting, and remains fully committed to
supporting rules and laws that fully protect employees who raise whistleblower
concerns within their corporate structure. The NWC has always maintained that employees should be
protected regardless of whether they choose to report concerns internally or
The position of the NWC stands in stark contrast with
the numerous corporations now petitioning the SEC and claiming that they want
to protect and encourage internal whistleblowing. Since 1984, when counsel for the NWC first became involved
with this issue, we are not aware of any corporation in the United States that
has ever urged any federal court to protect employees who chose to file their
whistleblower claims internally. Quite
the contrary, corporations have consistently argued that disclosures to
supervisors and internal compliance offices are not protected.
This issue has been addressed in hundreds of
cases. Even before 1984, in the
early infancy of whistleblower protections, publicly traded companies and their
agents aggressively attempted to convince the courts that internal complaints
were not a protected activity and only those whistleblowers who made
disclosures to government agencies were protected from retaliation. These arguments stretch back to
significant number of courts have agreed with the strained and tortured legal
analysis that the regulated community has advocated for more than a generation,
and have ruled that disclosures to internal compliance programs are not
protected. It is deeply troubling
that the same lawyers and corporations who have spent nearly forty years
arguing for their right to retaliate against employees who report their
concerns to supervisors and internal compliance offices, would now argue that
these programs would be harmed if whistleblowers are given protection for
disclosures made directly to the government. Their new-found faith in the protection that whistleblowers
who make such reports will receive is disingenuous.
mandates that both internal and external whistleblowing be equally
protected. The better line of
legal cases make no distinction between the legal rights of an employee who
chooses to work within the corporate structure and the employee who chooses to
report his or her concerns directly to the government. The SEC rules should support this
policy, and should not limit the rights of employees who disclose fraud or
violations of law to the government based on the office or program to which
that employee feels comfortable contacting.
The public interest is served by creating policies
and procedures that encourage the reporting of suspected violations to the
appropriate authorities, regardless of whether those authorities are simply a
first-line supervisor, a hot-line, the SEC, a state attorney general, Congress
or the Attorney General of the United States.
This report carefully analyzes the impact qui tam whistleblower reward laws have
on the reporting behaviors of employees, with a focus on whether or not laws,
such as the Dodd-Frank reward provision, impact on the willingness of employees
to report their concerns internally to managers or compliance officials. The report also seeks to identify
whether qui tam laws encourage
employees who themselves work in compliance departments to bypass their chains
of command and file qui tam claims in
order to obtain a reward.
In addition, this report discusses other factors
related to the compliance issue, and other important questions raised by the
SEC in its Proposed Rules. Based
on the NWC's nearly 25-year track record of supporting legal protections for
internal whistleblowers, and the empirical study presented in this report, the
NWC makes specific recommendations for the Final Rule.
The existence of a qui tam or whistleblower rewards program
has no negative impact whatsoever on the willingness of employees to utilize
internal corporate compliance programs or report potential violations to their
Based on a review of
qui tam cases filed between 2007-2010
under the False Claims Act (FCA), the overwhelming majority of employees
voluntarily utilized internal reporting processes, despite the fact that they
were potentially eligible for a large reward under the FCA. The statistics are as follows:
89.7% of employees who would eventually file a
qui tam case initially reported their concerns internally, either to
supervisors or compliance departments.
10.3% of employees who would eventually file a
qui tam case reported their concerns directly to the government.
4.7% of employees who would eventually file a qui
tam case worked in compliance departments.
0.9% of employees who would eventually file a qui
tam case worked in compliance, and did not initially contact their supervision
prior to contacting the government.
methodology of our study is explained at the conclusion of this report.
Impact of Qui Tam Laws on Internal Reporting
The existence of a qui tam whistleblower
reward program has no impact on the willingness of employees to internally
report potential violations of law, or to work with their employer to resolve
compliance issues. Our statistical
study of qui tam cases decided in the
past four years demonstrates that approximately 90% of all employees who would
eventually file a qui tam lawsuit
initially attempted to resolve their disputes internally.
These statistical findings are consistent with
other reviews. For example, in its
May 13, 2010 issue, the New England Journal of Medicine published a "Special
Report" examining the behaviors of qui
tam whistleblowers who won large False Claims Act judgments against the
pharmaceutical industry. See Exhibit 2, Special
Report. This report also found
that "nearly all" of the whistleblowers "first tried to fix matters internally by talking to
their superiors, filing an internal complaint or both." In fact, 18 of the 22 individuals in
the control group initially attempted to report their concerns internally. The four individuals who reported their
concerns to the government were not employees of the defendant companies (i.e.
they were "outsiders" who "came across" the frauds in the course of their
business), and therefore had no "internal" avenues through which to voice their
concerns. It would thus be fair to
say that every qui tam whistleblower
who had the opportunity to report internally in fact did so.
Moreover, many of the cases in the NWC's study
where employees reported directly to the government involved very special
circumstances. For example, in one
case, the initial report to the government was testimony before a Grand
Jury. It clearly would have been
inappropriate for that employee to discuss confidential Grand Jury testimony
with his or her employer.
The Journal's conclusion that "nearly all" of the
whistleblowers try to report their concerns internally is entirely consistent
with the larger study conducted by the NWC and stands squarely contrary to the
baseless concerns raised by industry that "greedy" employees will avoid
internal compliance programs in pursuit of "pie in the sky" rewards.
The truth is that the
overwhelming majority of employees who eventually file qui tam cases first raise their concerns within the internal
The qui tam
reward provision of the False Claims Act has existed for more than 20 years and
has resulted in numerous large and well-publicized rewards to
whistleblowers. However, contrary
to the disingenuous assertions by corporate commenters, the existence of this
strong and well-known qui tam rewards
law has had no effect whatsoever on
whether a whistleblower first brings his concerns to a supervisor or internal
compliance program. There is no
basis to believe that the substantively identical qui tam provisions in the Dodd-Frank law will in any way discourage
internal reporting. See Exhibit 3, Chart
of Employee Reporting: Internal vs. External.
Impact of Qui Tam Laws on Compliance Reporting
4.7% of Plaintiff Employees
worked in compliance
Only 1 Plaintiff Employee
contacted a Government Agency without first raising the concern within the
The existence of large qui tam rewards did not cause compliance employees to abandon their
obligations and secretly file FCA cases and seek large rewards.
The fact that compliance officials could learn of
frauds, and file qui tam lawsuits to
obtain significant monetary rewards had no impact on the reporting processes of
employees working in compliance departments. Only 4.5% of qui tam relators
worked in compliance programs. There
was no spike in the number of compliance-associated employees filing qui tam cases and there is no reasonable
basis to believe that permitting employees who work on compliance to file qui tam suits will in any way undermine
internal compliance reporting.
Of those compliance-relators, only one case concerned an employee who reported
his concerns directly to the government, without first trying to resolve the
This one case is clearly an
exception. In that case, Kuhn v. Laporte County Comprehensive Mental
Health Council, the Department of Health and Human Services Inspector
General was conducting an audit of the company's Medicaid billing. During the audit, the whistleblower
learned that the company's internal "audit team" was altering documents
to cover-up "numerous discrepancies," including a "forged"
signatures and so-called "corrections" to "billing
codes." The employee reported
this misconduct directly to the United States Attorney's Office. The disclosures to the government were not provided as part of a qui tam lawsuit. Instead, the employee believed that
these disclosures would help "protect" the employer from
"federal prosecution" based on the voluntary disclosures.
Indeed, this case
highlights exactly why it is important to permit compliance employees to report
directly to the government. When
the compliance department itself is engaged in misconduct, where else could
this whistleblower have gone? See Exhibit 4, Chart
of Compliance Employee Reporting.
Internal Compliance Must be Fully Protected
In a December 15, 2010,
letter the Association of Corporate Counsel ("Association") stated that
corporate attorneys "value" "effective corporate internal compliance and
repotting systems." See Exhibit 5, Association
Letter, p. 1. They go further
and argue "in-house counsel are the pioneers in establishing and facilitating
corporate whistle blowing systems and safeguards." Association p. 3. The evidence does not support this claim. First, there is no support in the
record that current "corporate culture" encourages and rewards employees who
blow the whistle. That is why
Congress enacted § 21F of the Securitas and Exchange Act -- to help create such
a new culture.
Moreover, in the area of whistleblowing, in-house
counsels have actively and aggressively undermined internal compliance programs
for over 25 years. As early
as 1984, corporations and their attorneys have consistently argued that
employees who report to internal compliance programs are not whistleblowers and are not
protected under whistleblower laws.
One of the first such cases was Brown
& Root v. Donovan, in which a quality assurance inspector was fired
after making an internal complaint
about a violation of law. See Exhibit 6, Brown
& Root v. Donovan.
In that case, Ronald Reagan's appointed Secretary
of Labor ruled that such internal disclosures were protected and ordered the
whistleblower to be reinstated.
Brown & Root disagreed, and appealed the case to the U.S. Court of
Appeals for the Fifth Circuit.
That court agreed with Brown & Root and upheld the termination. The employee's career was ruined because
he failed to raise his concerns to government officials. The Fifth Circuit explicitly held that
to be a whistleblower an employee must contact a "competent organ of
Since that date, in court after court, under law
after law, corporate attorneys have aggressively argued that contacts with
internal compliance programs are not
protected activities. This
is why organizations such as the National Whistleblowers Center have
consistently urged Congress to amend existing whistleblower laws to ensure that
internal reporting is protected, and to include language in new legislation
that explicitly protects internal reporting.
The statements filed by the Association are
disingenuous and misleading. Their
clients and attorneys have for years and years argued against protecting
internal whistleblowers. In
contrast, the NWC and its attorneys have championed these protections for over
25 years, and have succeed in fixing many whistleblower laws to prevent
corporate counsel from undermining their own programs. In fact, shortly after the Brown & Root decision was issued,
the current Executive Director was the co-author of a 1985 amicus brief filed
in the U.S. Court of Appeals for the Tenth Circuit urging that Court not to
follow Brown & Root.
Since the Brown
& Root ruling, courts have been divided over whether contacts with
managers or compliance programs are protected activities. All courts have ruled that contacts
with government agents are protected.
To demonstrate this point, we examined two
categories of cases. First are cases under the banking whistleblower protections
laws. Second are retaliation cases
filed under the False Claims Act.
Under the banking law,
numerous cases have examined whether employees who report to managers or
compliance departments are protected.
All of the surveyed decisions demonstrate that internal disclosures are not protected. Banks have successfully urged court after court to undermine
internal reporting structures and they have obtained rulings that reports to
compliance officials about violations of law are not protected. The only protected disclosures were
those made to the government.
These findings are set forth in Exhibit 7, Chart
of Cases Under Federal Banking Whistleblower Laws.
Our review of the False
Claims Act revealed a similar result.
Reviewing published retaliation cases from 2007-2010 demonstrate that,
in all but two cases, corporate attorneys and their clients argued that
internal disclosures were not protected. The court rulings are evenly split as
to whether a qui tam relator is
protected for disclosures made to internal compliance, but the position of
corporate counsel is uniformly against protection. Again, every court and every corporate counsel agree that
contacts with the government are protected. Exhibit 8, Chart
of Cases in which Corporations Argued that Internal Reporting was not Protected,
sets forth the results of this survey:
Given the Commission's stated commitment to
fostering effective internal compliance programs, and the new-found faith that
corporate commenters, like the Association, have expressed in the protection
that employees will receive in when making reports to such programs, the
Commission should establish a rule that contacts with internal compliance departments
and employee supervisors have the same protection as contacts with the
SEC. Given the corporate track
record on these issues, this mandate must be established by a formal rule.
If the regulated communities and the SEC are truly interested
in promoting internal compliance programs, we hereby recommend that the SEC
adopt and make the following rules final:
* All contacts
with an Audit Committee or any other compliance program shall be considered, as
a matter of law, an initial contact with the SEC;
regulated companies shall be strictly prohibited from retaliating against any
employee who makes a disclosure to an Audit Committee or a compliance program
concerning any potential violation of law or any "suspicious activities". This is consistent with the recommended
standards of the Association of Certified Fraud Examiners. See
Exhibit 9, Excerpts
from the ACFE's 2010 "Report to the Nations on Occupational Fraud and Abuse".
regulated companies shall be required to track all internal complaints, and
demonstrate how such complaints have been resolved;
with 48 C.F.R. Chapter 1, all audit committees and compliance programs shall be
required to "timely disclose" to the SEC "credible evidence of a violation" of
law or SEC rules. See 73 Federal Register 67064, 67065 (November 12, 2008). When making these disclosures, if the
information originated with a whistleblower, the identify of that whistleblower
shall be provided to the SEC, and that submission shall be deemed to qualify as
an application for a reward under § 21F;
* Should an internal complaint result in a finding of a violation, and
lead to the Commission issuing a fine, penalty or disgorgement, the employee
whose application was submitted through the internal complaint process shall be
fully eligible for a reward.
With these rules in place, corporations would be
free to develop and utilize their internal compliance programs to encourage
employees to report problems within the company without undermining an
employee's unequivocal statutory right to file a claim directly with the
Commission. See NLRB v. Scrivener, 405 U.S. 117 (1972) ("Which employees
receive statutory protection should not turn on the vagaries of the selection
Should Adopt the Federal Acquisition Regulation Rules for Corporate Compliance
Both the Commission and the
regulated community have strongly asserted that effective internal compliance
programs are important in guarding against fraud. However, it is well-documented that existing standards for corporate compliance programs are ineffective.
For example, the Rand Center for Corporate Ethics
and Governance published "Perspectives of Chief Ethics and Compliance Officers
on the Detection and Prevention of Corporate Misdeeds: What the Policy Community Should Know,"
Rand Institute for Civil Justice Center (2009)
(Michael D. Greenberg). As part of
this program Rand published a paper by Donna Boehme highly respected compliance
executive and the former Chief of Compliance for BP. Ms. Boehme explained many of the problems experienced by compliance
programs, and why these programs fail.
She understood that the lack of commitment and the failure to create strong
policies often resulted in these programs serving as "window dressing." See
Exhibit 10, Boehme
In the context of the False
Claims Act, the United States took steps to ensure that compliance programs
moved from simply being "window dressing" to becoming more substantive tools in
the anti-fraud program. The United
States determined that existing compliance programs were not effective, and
instituted rulemaking proceedings within the Civilian Agency Acquisition
Council and the Defense Acquisition Regulations Council to mandate stronger and
more ethical compliance programs.
While these rulemaking applications were pending, Congress enacted
Public Law 110-252, Title VI, Chapter 1, that required the Councils to
implement new compliance rules consistent with the applications that had been
filed by various federal agencies.
See 73 Federal Register 67064, 67065 (November
12, 2008). These rules
establish reasonable ethical standards for compliance programs that have
responsibility for reviewing compliance with federal contracts. As part of the present rulemaking
process, the SEC should adopt these standards and issue a Final Rule requiring
the regulated community to implement compliance programs that follow these
Significantly, the FAR Case 2007-006 rules
explicitly cover all violations of the False Claims Act. In enacting these rules, the United
States did not undermine the qui tam provisions
of the FCA, and did not place any limits on employees filing FCA
complaints. There is no
requirement that employees report their concerns to the new mandated compliance
programs, and there is no limit on qui
tam rewards for employees who exercise their right to report concerns
directly to the Justice Department.
The SEC should adopt rules to ensure that
compliance programs are effective.
These rules should in no way limit whistleblower rights under § 21F, and
must ensure that employees have the freedom to confidentially and effectively
report misconduct within their own corporations. The rules should explicitly mandate the application of the
FAR Case 2007-006 rules to all companies regulated by the SEC. Moreover, the SEC should require
compliance programs to implement the proposals set forth in the Boehme-Rand
Sarbanes-Oxley Act Prohibits the SEC from Adopting Rules that Could Interfere
with Whistleblower Disclosures
Neither the regulated community
nor the SEC can lawfully create any rule that would create a financial
disincentive or otherwise discourage a person from filing a complaint with the
SEC or disclosing potential criminal conduct to law enforcement.
In its December 15, 2010 letter to the SEC, the
Association of Corporate Counsel raised a concern that the final Dodd-Frank Act
rules could "undermine corporate compliance regimes." See Exhibit 1, Association
Letter, p. 4. The
Association pointed to the various internal corporate reporting requirements in
the Sarbanes Oxley Act, as a justification for this "principle." Id., p. 2.
The Association is incorrect. The Sarbanes-Oxley Act creates near
absolute protection for employees who contact any federal law enforcement
agency regarding the violation of any federal law. This part of the statute is not a mere "principle." Section 1107 of the Sarbanes-Oxley Act criminalizes any attempt to interfere
with the right of any person to contact the SEC concerning any violation of
law. The section sets forth an
overriding public policy, implicit or explicit in every federal whistleblower
law, that employees can always choose
to report concerns directly to law enforcement, regardless of any other
program, private contract, rule or regulation.
If other sections of Sarbanes-Oxley raised an issue
as to whether or not any person could take concerns directly to the government,
section 1107 answered those questions.
Section 1107 is explicit, clear and unequivocal:
"Whoever knowingly, with the intent to retaliate, takes any
action harmful to any person, including interference with the lawful employment
or livelihood of any person, for providing to a law enforcement officer any
truthful information relating to the commission or possible commission of any
Federal offense shall be fined under this title or imprisoned not more then 10
years, or both."
18 U.S.C. § 1513(e).
Significantly, Section 1107 of SOX is a criminal
statute that applies to "any person," including government employees. Thus, if a public sector employee
(federal or state) took "any action" that was "harmful to any person" including
actions that may harm any person's "livelihood," that public employee would be
guilty of a crime. Section 1107
demonstrates the great importance Congress placed on the right of employees to
report any reasonably suspected violation of federal law to any law enforcement
The application of Section 1107 of the
Sarbanes-Oxley Act to disclosures under the Dodd-Frank Act was made explicit in
the statute, ensuring that there would be no mistake about the application of
this very important legal policy, rule and principle in the implementation of
Dodd-Frank both by government employees and regulated industries.
Section 21F(h)(1)(A)(iii) explicitly incorporates
section 1107 of Sarbanes-Oxley into the Dodd-Frank Act. The definition of a Dodd-Frank
protected disclosure includes "any lawful act done by the whistleblower . . .
in make disclosures that are required or protected under . . . section 1513(e)
of title 18, United States Code . . .." Section 1513(e) of the Code is where section 1107 of
the Sarbanes-Oxley Act was codified.
No Commission rule can interfere, directly or
indirectly with the right of employees to disclose any potential violation of
law to the SEC, and no rule or regulation of the Commission can interfere with
the "livelihood" of any person who makes such a disclosure. Disclosures to law enforcement are
among the most cherished forms of protected activity, and must be safeguarded
not only by the Commission, but the regulated community.
The rulemaking authority of the SEC under
Dodd-Frank is limited. Rules are
permitted that simply "implement the provisions" of section 21F. All such implementing regulations are
required to be "consistent with the purposes" of the Act. Since one of the core purposes of the
Act is to permit the free and unfettered communication of information from
employees to law enforcement agencies, it is incumbent upon the SEC to strongly
reaffirm this right.
It would constitute an illegal contract and a
potential obstruction of justice for any employer to implement a rule that directly
or indirectly restricted an employee's right to communicate with federal law
enforcement. If a company
initiated a program that based eligibility for financial incentives on whether
or not an employee first communicated his or her concerns to a company, before
going to federal law enforcement, any such policy would be void. If such a program were used against a
whistleblower who chose to make a protected disclosure under Section 1107 of
Sarbanes-Oxley and/or Section 21F(h)(1)(A)(iii), it would constitute an adverse
employment action under both of these laws, and could subject the company to
severe criminal penalties.
Obviously, the SEC cannot implement any rules that
would permit corporations to violate sections 1107 of SOX or 21F(h) of
Dodd-Frank. Any impediment
contained in the Proposed Rule published by the SEC must be struck. The request by various industry groups
to authorize such restrictions on protected disclosures are not only misplaced
as a matter of law, they are troubling as a matter of policy.
Any Final Rule published by
the SEC must fully, clearly and unequivocally reaffirm an employee's right to
contact the SEC (or any other federal law enforcement agency) and raise
concerns about any violation of any federal law (including, but not limited to,
violations of the Securities and Exchange Act). Furthermore, the Final Rule should require every regulated
company to inform their employees of this right, and ensure that no employment
contract or work rule interferes with this right. Finally, there can be no financial disincentive on any
employee who exercises his or her right to contact federal law
enforcement. The Final Rule must
ensure that an employee's decision to report his concerns directly to the
government, as opposed to his or her management and/or compliance program will
have no impact whatsoever on eligibility and/or the calculation of the amount
of reward for which an employee may obtain.
Should Adopt the Recommendations Made by its Inspector General
On March 29, 2010, the SEC's Office of Inspector
General (OIG) published a comprehensive analysis of the SEC's pre-Dodd-Frank
whistleblower rewards program.
This report is hereby incorporated in its entirety into this rulemaking
submission. See Exhibit 11, "Assessment
of the SEC's Bounty Program".
The OIG carefully studied the SEC's past practices
in processing whistleblower reward-based tips in light of its understanding
that proposals were pending in Congress to upgrade the rewards program. The OIG made nine specific
recommendations. The SEC
Enforcement Division approved all of these recommendations. See
Exhibit 12, SEC
Enforcement Division Memorandum.
The Proposed Rule did not
reference the OIG recommendations, nor did it reference the fact that the Enforcement
Division reviewed these recommendations and concurred.
All of the recommendations of the OIG should be
incorporated into the Final Rule.
OIG Recommendation #1: Public outreach con-cerning
the existence of the SEC bounty program.
The Final Rule should implement this recommendation. We propose the following: All regulated companies shall be
required to prominently post notice of the SEC's § 21F program, informing
employees of their right to file claims directly with the SEC, and their right
to file such claims anonymously.
Regulated companies shall also be required to conduct annual trainings that
inform employees of their rights under §21F, including the anti-retaliation
In order to encourage employees to utilize internal
compliance programs, the SEC should, by regulation, mandate that contacting an
internal compliance program or a supervisor is a protected disclosure, and will
be treated the same as if an employee had contacted the SEC.
The requirement to post notice of employee rights
is a common feature in various whistleblower laws, and is mandated by the
Nuclear Regulatory Commission under its safety regulations. 10 C.F.R. § 50.7.
OIG Recommendation # 2: Post notice and information on the SEC's public web site of
the SEC's reward program. This
recommendation should be implemented into the Final Rule, as it is key to
ensuring that the filing procedures for whistleblowers are not complicated or
discouraging. The filing
procedures set forth in the Proposed Rule are far to complex, and have terms
and requirements that would both confuse employees, and may make them fearful
of even filing a claim.
The OIG set forth four categories of information
that a whistleblower would have to file with the SEC on a form. These categories are reasonable, and
the initial filing form for the whistleblower should only require this
information. The current proposal
is too complex.
Additionally, the OIG recommendation included a
standard certification that the whistleblower assert that his or her
information was "true, correct and complete," etc. This is standard language. The Proposed Rule's oath provision is far to complex, and
may intimidate a layperson from signing the form.
Implicit in the OIG recommendation is the fact that
the reward process is initiated by the filing of an initial claim. There is no requirement to file
follow-up forms. This should be
followed in the Final Rule. The
multi-form process contained in the Proposed Rule is costly, complex and will
result in mistakes. A claim should
be initiated with a simple form and request for information.
OIG Recommendations #s 3, 5-7: Establish follow-up policies for
processing claims, tracking claims, facilitating communications between the SEC
and whistleblowers and creating a case file. These recommendations are common sense, and should be
implemented in a "user friendly" manner.
Once the application is filed, the Whistleblower
Office should follow-up and carefully track all filings. If additional information is needed,
the Whistleblower Office should facilitate communications between the
responsible SEC officials and the whistleblower, so that the whistleblower can
work directly with the government to ensure that all violations are detected,
and that the final enforcement is complete. The case should have a file number. The employee should be provided regular updates on the
status of the case. We propose
90-day notice letters.
When the SEC believes that they will obtain a fine,
penalty or disgorgement, discussions should be initiated with the whistleblower
to determine the nature of his or her contribution to the final penalties that
will be imposed, and, if possible, the reward amounts should be part of the
final resolution of a case. The
SEC should work with the whistleblower and attempt to reach a consent agreement
as to the proper basis for the reward, and the percentage of reward. There should be a strong policy goal
that the Whistleblower Office and the whistleblower reach an agreement and
voluntarily establish the amount of a reward. This will eliminate administrative costs, facilitate
cooperation between the SEC and the whistleblower and expedite the payment of
rewards. Only if there is a
disagreement and a settlement is not reached should the issues related to the
reward to forwarded to the Commission for a final determination, and ultimately
potential judicial review.
OIG Recommendation # 4: Criteria for rewards.
Congress established the criteria, and the Commission should strictly
follow that criteria. The
Commission does not have the legal authority to substantively change this
criteria. The implementation of
the criteria must be consistent with the "purpose" of § 21F, which is to
encourage employees to report violations and provide generous financial rewards
and incentives for these reports.
§ 21F(j). The Commission
cannot use its rulemaking authority to reduce the scope of the Act, or create
criteria that could discourage employees from fully and aggressively utilizing
the programs established in § 21F.
OIG Recommendation # 8: Incorporate the best practices from the Department of
Justice and the Internal Revenue Service.
This is perhaps the single most important recommendation. Under the False Claims Act, the
Department of Justice has significant experience in working with whistleblowers
in a reward-based program. Under
the FCA best practices have been developed, and numerous issues have been
resolved either by a court or by Congress when it amended the law in 1986, 2009
and 2010. These precedents and
policies should form the basis of the SEC program. The Proposed Rule, in many ways, tries to cover old ground
already carefully reviewed under the FCA.
These precedents should, for the most part, be followed. In regard to the IRS program, the IRS
has implemented a "user friendly" application and follow-up procedure. These can serve as further models for
the SEC rule.
Should Adopt the Leahy-Grassley Recommendations
After the enactment of the Sarbanes-Oxley Act, the
two principal sponsors of the whistleblower provisions in that law wrote a
letter to the then-Chairman of the SEC, Mr. William Donaldson. See
Exhibit 13, Leahy-Grassley Letter. Senators Patrick Leahy and Charles
Grassley set forth specific proposals for SEC action to protect
whistleblowers. The Leahy-Grassley
recommendations were fully supported under law and policy. Unfortunately, the SEC did not
properly respond to these recommendations, and the potential enforcement powers
implicit or explicit in the Sarbanes-Oxley Act were lost. This significantly contributed to the
failure of the SOX whistleblower provisions over the next six years.
Under Dodd-Frank there are even stronger policy and
legal justifications for the Commission to implement the Leahy-Grassley
recommendations. We hereby request
the SEC incorporate these recommendations into the Final Rule.
and Recommendations for Final Rule
Conclusion #1: The existence of a strong qui tam reward program will have no impact
on internal employee reporting activities.
Conclusion #2: the evidence does not support employer concerns
that Dodd-Frank will interfere with existing compliance programs.
Conclusion #3: There is no factual basis to justify
any restrictions on an employee's right to obtain monetary rewards based on
whether he utilized an internal compliance program.
Conclusion #4: The systemic problems with corporate
internal compliance programs are not related to qui tam law rewards and exist regardless of whether employees file
whistleblower complaints with the government. The SEC should adopt the FAR rule
governing corporate compliance programs, and should mandate that these programs
operate in a manner consistent with the Rand report.
Conclusion #5: The SEC must ensure, through a formal rule, that reports to internal compliance programs are fully protected. The decades-long history of regulated companies opposing such protections in judicial proceedings must be ended. The definition of protected disclosures should conform to the standards recommended by the Association of Certified Fraud Examiners.
Conclusion #6: The recommendations of the SEC's
Inspector General should be fully implemented in a manner consistent with the
requirement that the Dodd-Frank reward provisions be "user-friendly".
#7: By formal rule, the SEC must
establish that disclosures submitted to internal compliance programs be
afforded the same level of protection as direct disclosures to the SEC. In this regard, the SEC should
establish, by rule, that it will consider a claim or disclosure filed
internally within a company to constitute a formal request for a reward under
SEC § 21F. The SEC should
establish rules to adjudicate these claims and require that the regulated
companies establish procedures for timely notification of such employee
#8: The SEC should implement rules
consistent with the recommendations filed with the Commission in by Senators
Leahy and Grassley.
#9: Any action by an employer that
in any way limits an employee's right or incentive to contact the SEC, regardless
of whether or not the employee first utilized a compliance program, is highly
illegal and constitutes an obstruction of justice.
Conclusion #10: The SEC's rules cannot create any
disincentive for employee to contact the SEC or file claims directly with the
SEC. The SEC's rules must be neutral
in regard to the reporting mechanism an employee uses to report a potential
violation. Whether an employee
files an anonymous claim with the SEC, a non-anonymous claim directly with the
SEC and/or whether an employee utilized an internal compliance program, must
have no impact whatsoever on the right of an employee to file a claim and/or
the amount of reward given to the employee.
Conclusion # 11: The SEC cannot create any disincentive
for reporting, or restrict the class of persons who are eligible for a reward,
by creating any form of exclusion for a recovery that is not explicitly
authorized under the Act.
The Securities and
Exchange Commission, in its Notice of Proposed Rulemaking, requested
empirically based proposals and comments on key aspects of its rule.
Study Based on Similar Qui Tam Laws. This study focused on cases filed under
the False Claims Act, 31 U.S.C. § 3730(h). This law was chosen for three reasons. First, it is the longest standing qui tam law in the United States and the
Dodd-Frank Act's reward provisions are modeled on this law. Second, the current version of the law
has been in effect since 1986, and consequently provides a sufficiently large
sample of cases to draw statistically-significant conclusions. Third, given the duration of the law,
and the fact that its reward provisions have been the subject of numerous news
articles, the law is well known in the relevant job markets. Fourth, given the similarities in the
reward features, the long-standing existence of the Act, and the fact that
rewards under this law have been well publicized, cases studies under the FCA
represent the most reliable indicator of the potential impact the Dodd-Frank
Act will have on employees eligible for rewards under its provisions.
Study Based on Cases in which Employee Reporting Behaviors are
In order to obtain data on employee behaviors, the study focused on FCA
cases that included a "subsection (h)" claim. Subsection (h) is the anti-retaliation
provision of the FCA. Subsection
(h) cases were selected because these cases offered the best opportunity for an
objective discussion of employee behavior. Under the law, the employee must demonstrate what he or she
did in order to engage in protected activity under the Act. This is only one element of a case, but
generally it must be discussed in each case, as the court must determine
whether or not an employee established his or her prima facie case.
filing an FCA case directly with the United States government is considered a
protected activity, subsection (h) cases offered an opportunity to study
employee-reporting behaviors. Most
of the cases contained a brief factual recitation of how the employee "blew the
whistle," and ultimately came to be a qui
Study Based on Cases Decided After the Existence of Rewards Would be
Known Within the Relevant Employee-Employer Markets. The FCA has been actively used by
whistleblowers since 1986 (when the Act was amended and modernized). The study limited its review of
employee cases to those decided from January 1, 2007 to the present. The modern cases were selected in order
to best duplicate employee behaviors once a qui
tam law has been in existence for a sufficient amount of time for employees
to learn about its potential usage.
In other words, be limiting the review to modern cases the study could
focus on employee behaviors based on the fact that the law had been in active
use for over 20 years, and numerous newspaper and television stories had been
published making the public aware of the large multi-million dollar rewards
potentially available under the FCA.
Using a Standardized and Objective Method to Locate Cases Eliminated
Bias in the Sample. In
order to eliminate basis from the case selection process, the NWC reviewed all cases in which a 31 U.S.C. 3730(h)
case was decided at the district court level from January 1st, 2007 until
December 15th, 2010. These
cases were found by Shepardizing "31 U.S.C. 3730" in the LexisNexis online database
under the index "31 U.S.C. sec. 3730 (h)", and restricting the results to those
cases filed after 2007. This
search method produced a list of all cases filed since 2007 that contained a
citation to 31 U.S.C. 3730(h). United
States District Court cases in which a 3730(h) claim was filed were then
extracted from this list, creating a population of 128 cases to be examined. All of the included cases are listed in
the Exhibits listed throughout this Report.
The Objectively Identified Cases
in the Sample were Reviewed in order to Determine Employee Reporting
located, each case was separately reviewed. In some cases it was impossible to determine the reporting
history of the employee. Other
cases did not concern legitimate qui tam filings. In the cases where it was unable to
determine the method used by the employee to initially reported the alleged
fraud, the full appellate history of the case was then examined. Despite this further review, 21 cases
proved impossible to determine the status of internal reporting or were
otherwise clearly inapplicable based on the factual statements set forth in
these cases. The cases that were
excluded from the study are set forth in Exhibit 14, Chart
of Non-Applicable Cases Excluded from Survey.
This left a final
population of 107 cases that were then analyzed to determine if the
employee-plaintiff reported the alleged fraud internally before filing a
lawsuit, whether or not they worked in a compliance or quality assurance
related position for their former employer, and if the Plaintiff engaged in a
"protected action" under 31 U.S.C. 3730(h).
The National Whistleblowers Center would like
to thank Staff Attorney Erik D. Snyder for his legal research, analysis, and
editorial contributions to this Report.
In addition, the National Whistleblowers Center would like to thank Law
Clerk Greg Dobbels for his assistance in reviewing False Claims Act cases.
About the National Whistleblowers Center
Whistleblowers Center (NWC) is an advocacy organization with a more than 20 year
history of protecting the rights of individuals to speak out about wrongdoing
in the workplace without fear of retaliation. Since 1988, the NWC has supported
whistleblowers in the courts and before Congress, achieving victories for
environmental protection, nuclear safety, government ethics and corporate
accountability. The NWC also
sponsors several educational and assistance programs, including an online
resource center on whistleblower rights, a speakers bureau of national experts
and former whistleblowers, and a national attorney referral service run by
the NWC's sister group the National Whistleblower Legal Defense and
Education Fund (NWLDEF). The
National Whistleblowers Center is a non-partisan, non-profit organization based
in Washington, DC.
Exhibit 1, Kansas
Gas & Electric v. Brock
2, Special Report
3, Chart of Employee Reporting: Internal vs. External
Exhibit 4, Chart of Compliance Employee
5, Association Letter
6, Brown & Root v. Donovan
7, Chart of Cases Under Federal Banking Whistleblower Laws
8, Chart of Cases in which Corporations Argued that Internal Reporting was not
9, Excerpts from the ACFE's 2010 "Report to the Nations on Occupational Fraud
10, Boehme Paper
11, "Assessment of the SEC's Bounty Program"
12, SEC Enforcement Division Memorandum
13, Leahy-Grassley Letter
Exhibit 14, Chart of Non-Applicable Cases
Excluded from Survey