The Impact of Qui Tam on Internal Compliance
National Whistleblower Center Report to the U.S. Securities and Exchange Commission in 2010
Proposed Rule Changes by SEC
On November 3, 2010, the Securities and Exchange Commission (SEC) published its Proposed Rules for Implementing the Whistleblower Provisions of Section 21F of the Securities and Exchange Act of 1934. This report constitutes a formal submission to the SEC in accordance with the Administrative Procedure Act on behalf of the National Whistleblower Center (NWC), a non-profit, tax-exempt public interest organization, along with the numerous whistleblowers to whom the NWC provides assistance.
The SEC explicitly requested comments on the potential impact of the Dodd-Frank Wall Street Reform Act’s whistleblower reward provisions on internal corporate compliance programs. The SEC expressed interest in obtaining empirical data on this issue.
Based on this request, the NWC has undertaken a comprehensive study of the impact that other qui tam reward programs have had on employee reporting behaviors. As set forth in this report, the objective data demonstrates that whistleblower reward laws have no impact whatsoever on the viability of internal corporate compliance programs or the willingness of employees to report suspected violations to their employers. The concerns raised by numerous corporate commentators are not in any way supported by the actual underlying data.
Issues created by the overlap of corporate compliance programs and whistleblower disclosures are not new issues.
As early as 1984, the current Executive Director of the NWC worked directly with whistleblowers who raised internal complaints within their corporate structures, and attempted to develop a strong legal analysis ensuring that employees who worked within compliance programs would be protected. In 1985, he co-authored an amicus brief filed with the U.S. Court of Appeals for the Tenth Circuit on this issue, urging the Court to fully protect compliance employees who raised concerns within the corporate structure. See Exhibit 1, Kansas Gas & Electric v. Brock (all Exhibits are available online at our website, please see the addresses listed at the conclusion of this document).
The NWC has assisted in drafting and advocating for legislation that explicitly provides legal protection for employees who raise concerns within their corporate structures. The NWC participated in the drafting of both the Dodd-Frank and Sarbanes-Oxley anti-retaliation provisions to ensure that those laws protected employees who chose to work internally with their employers.
Based on its many years of public policy and legal advocacy experience, the NWC is well-versed in all of the major issues concerning internal reporting and remains fully committed to supporting rules and laws that fully protect employees who raise whistleblower concerns within their corporate structure. The NWC has always maintained that employees should be protected regardless of whether they choose to report concerns internally or externally.
The position of the NWC stands in stark contrast with the numerous corporations now petitioning the SEC and claiming that they want to protect and encourage internal whistleblowing. Since 1984, when counsel for the NWC first became involved with this issue, we are not aware of any corporation in the United States that has ever urged any federal court to protect employees who chose to file their whistleblower claims internally. Quite the contrary, corporations have consistently argued that disclosures to supervisors and internal compliance offices are not protected.
This issue has been addressed in hundreds of cases. Even before 1984, in the early infancy of whistleblower protections, publicly traded companies and their agents aggressively attempted to convince the courts that internal complaints were not a protected activity and only those whistleblowers who made disclosures to government agencies were protected from retaliation. These arguments stretch back to 1971.
Tragically, a significant number of courts have agreed with the strained and tortured legal analysis that the regulated community has advocated for more than a generation, and have ruled that disclosures to internal compliance programs are not protected. It is deeply troubling that the same lawyers and corporations who have spent nearly forty years arguing for their right to retaliate against employees who report their concerns to supervisors and internal compliance offices would now argue that these programs would be harmed if whistleblowers are given protection for disclosures made directly to the government. Their new-found faith in the protection that whistleblowers who make such reports will receive is disingenuous.
The law mandates that both internal and external whistleblowing be equally protected. The better line of legal cases makes no distinction between the legal rights of an employee who chooses to work within the corporate structure and the employee who chooses to report his or her concerns directly to the government. The SEC rules should support this policy, and should not limit the rights of employees who disclose fraud or violations of law to the government based on the office or program to which that employee feels comfortable contacting.
The public interest is served by creating policies and procedures that encourage the reporting of suspected violations to the appropriate authorities, regardless of whether those authorities are simply a first-line supervisor, a hot-line, the SEC, a state attorney general, Congress or the Attorney General of the United States.
This report carefully analyzes the impact qui tam whistleblower reward laws have on the reporting behaviors of employees, with a focus on whether or not laws, such as the Dodd-Frank reward provision, impact on the willingness of employees to report their concerns internally to managers or compliance officials. The report also seeks to identify whether qui tam laws encourage employees who themselves work in compliance departments to bypass their chains of command and file qui tam claims in order to obtain a reward.
In addition, this report discusses other factors related to the compliance issue, and other important questions raised by the SEC in its Proposed Rules. Based on the NWC’s nearly 25-year track record of supporting legal protections for internal whistleblowers, and the empirical study presented in this report, the NWC makes specific recommendations for the Final Rule.
Summary of NWC Findings
The existence of a qui tam or whistleblower rewards program has no negative impact whatsoever on the willingness of employees to utilize internal corporate compliance programs or report potential violations to their managers.
Based on a review of qui tam cases filed between 2007-2010 under the False Claims Act (FCA), the overwhelming majority of employees voluntarily utilized internal reporting processes, despite the fact that they were potentially eligible for a large reward under the FCA. The statistics are as follows:
- 89.7% of employees who would eventually file a qui tam case initially reported their concerns internally, either to supervisors or compliance departments.
- 10.3% of employees who would eventually file a qui tam case reported their concerns directly to the government.
- 4.7% of employees who would eventually file a qui tam case worked in compliance departments.
- 0.9% of employees who would eventually file a qui tam case worked in compliance, and did not initially contact their supervision prior to contacting the government.
The methodology of our study is explained at the conclusion of this report.
Impact of Qui Tam Laws on Internal Reporting
The existence of a qui tam whistleblower reward program has no impact on the willingness of employees to internally report potential violations of law, or to work with their employer to resolve compliance issues. Our statistical study of qui tam cases decided in the past four years demonstrates that approximately 90% of all employees who would eventually file a qui tam lawsuit initially attempted to resolve their disputes internally.
These statistical findings are consistent with other reviews. For example, in its May 13, 2010 issue, the New England Journal of Medicine published a “Special Report” examining the behaviors of qui tam whistleblowers who won large False Claims Act judgments against the pharmaceutical industry. See Exhibit 2, Special Report. This report also found that “nearly all” of the whistleblowers “first tried to fix matters internally by talking to their superiors, filing an internal complaint or both.” In fact, 18 of the 22 individuals in the control group initially attempted to report their concerns internally. The four individuals who reported their concerns to the government were not employees of the defendant companies (i.e. they were “outsiders” who “came across” the frauds in the course of their business), and therefore had no “internal” avenues through which to voice their concerns. It would thus be fair to say that every qui tam whistleblower who had the opportunity to report internally in fact did so.
Moreover, many of the cases in the NWC’s study where employees reported directly to the government involved very special circumstances. For example, in one case, the initial report to the government was testimony before a Grand Jury. It clearly would have been inappropriate for that employee to discuss confidential Grand Jury testimony with his or her employer.
The Journal’s conclusion that “nearly all” of the whistleblowers try to report their concerns internally is entirely consistent with the larger study conducted by the NWC and stands squarely contrary to the baseless concerns raised by industry that “greedy” employees will avoid internal compliance programs in pursuit of “pie in the sky” rewards. The truth is that the overwhelming majority of employees who eventually file qui tam cases first raise their concerns within the internal corporate process.
The qui tam reward provision of the False Claims Act has existed for more than 20 years and has resulted in numerous large and well-publicized rewards to whistleblowers. However, contrary to the disingenuous assertions by corporate commenters, the existence of this strong and well-known qui tam rewards law has had no effect whatsoever on whether a whistleblower first brings his concerns to a supervisor or internal compliance program. There is no basis to believe that the substantively identical qui tam provisions in the Dodd-Frank law will in any way discourage internal reporting. See Exhibit 3, Chart of Employee Reporting: Internal vs. External.
Impact of Qui Tam Laws on Compliance Reporting
– 4.7% of Plaintiff Employees worked in compliance
– Only 1 Plaintiff Employee contacted a Government Agency without first raising the concern within the corporation.
The existence of large qui tam rewards did not cause compliance employees to abandon their obligations and secretly file FCA cases and seek large rewards.
The fact that compliance officials could learn of frauds, and file qui tam lawsuits to obtain significant monetary rewards had no impact on the reporting processes of employees working in compliance departments. Only 4.5% of qui tam relators worked in compliance programs. There was no spike in the number of compliance-associated employees filing qui tam cases and there is no reasonable basis to believe that permitting employees who work on compliance to file qui tam suits will in any way undermine internal compliance reporting.
Of those compliance-relators, only one case concerned an employee who reported his concerns directly to the government, without first trying to resolve the issues internally.
This one case is clearly an exception. In that case, Kuhn v. Laporte County Comprehensive Mental Health Council, the Department of Health and Human Services Inspector General was conducting an audit of the company’s Medicaid billing. During the audit, the whistleblower learned that the company’s internal “audit team” was altering documents to cover-up “numerous discrepancies,” including a “forged” signatures and so-called “corrections” to “billing codes.” The employee reported this misconduct directly to the United States Attorney’s Office. The disclosures to the government were not provided as part of a qui tam lawsuit. Instead, the employee believed that these disclosures would help “protect” the employer from “federal prosecution” based on the voluntary disclosures.
Indeed, this case highlights exactly why it is important to permit compliance employees to report directly to the government. When the compliance department itself is engaged in misconduct, where else could this whistleblower have gone? See Exhibit 4, Chart of Compliance Employee Reporting.
Reports to Internal Compliance Must be Fully Protected
In a December 15, 2010, letter the Association of Corporate Counsel (“Association”) stated that corporate attorneys “value” “effective corporate internal compliance and reporting systems.” See Exhibit 5, Association Letter, p. 1. They go further and argue “in-house counsel are the pioneers in establishing and facilitating corporate whistleblowing systems and safeguards.” Association p. 3. The evidence does not support this claim. First, there is no support in the record that current “corporate culture” encourages and rewards employees who blow the whistle. That is why Congress enacted § 21F of the Securitas and Exchange Act — to help create such a new culture.
Moreover, in the area of whistleblowing, in-house counsels have actively and aggressively undermined internal compliance programs for over 25 years. As early as 1984, corporations and their attorneys have consistently argued that employees who report to internal compliance programs are not whistleblowers and are not protected under whistleblower laws. One of the first such cases was Brown & Root v. Donovan, in which a quality assurance inspector was fired after making an internal complaint about a violation of the law. See Exhibit 6, Brown & Root v. Donovan.
In that case, Ronald Reagan’s appointed Secretary of Labor ruled that such internal disclosures were protected and ordered the whistleblower to be reinstated. Brown & Root disagreed, and appealed the case to the U.S. Court of Appeals for the Fifth Circuit. That court agreed with Brown & Root and upheld the termination. The employee’s career was ruined because he failed to raise his concerns to government officials. The Fifth Circuit explicitly held that to be a whistleblower an employee must contact a “competent organ of government.”
Since that date, in court after court, under law after law, corporate attorneys have aggressively argued that contacts with internal compliance programs are not protected activities. This is why organizations such as the National Whistleblower Center have consistently urged Congress to amend existing whistleblower laws to ensure that internal reporting is protected, and to include language in new legislation that explicitly protects internal reporting.
The statements filed by the Association are disingenuous and misleading. Their clients and attorneys have for years and years argued against protecting internal whistleblowers. In contrast, the NWC and its attorneys have championed these protections for over 25 years, and have succeeded in fixing many whistleblower laws to prevent corporate counsel from undermining their own programs. In fact, shortly after the Brown & Root decision was issued, the current Executive Director was the co-author of a 1985 amicus brief filed in the U.S. Court of Appeals for the Tenth Circuit urging that Court not to follow Brown & Root.
Since the Brown & Root ruling, courts have been divided over whether contacts with managers or compliance programs are protected activities. All courts have ruled that contacts with government agents are protected.
To demonstrate this point, we examined two categories of cases. First are cases under the banking whistleblower protection laws. Second are retaliation cases filed under the False Claims Act.
Under the banking law, numerous cases have examined whether employees who report to managers or compliance departments are protected. All of the surveyed decisions demonstrate that internal disclosures are not protected. Banks have successfully urged court after court to undermine internal reporting structures and they have obtained rulings that reports to compliance officials about violations of law are not protected. The only protected disclosures were those made to the government. These findings are set forth in Exhibit 7, Chart of Cases Under Federal Banking Whistleblower Laws.
Our review of the False Claims Act revealed a similar result. Reviewing published retaliation cases from 2007-2010 demonstrate that, in all but two cases, corporate attorneys and their clients argued that internal disclosures were not protected. The court rulings are evenly split as to whether a qui tam relator is protected for disclosures made to internal compliance, but the position of corporate counsel is uniformly against protection. Again, every court and every corporate counsel agree that contacts with the government are protected. Exhibit 8, Chart of Cases in which Corporations Argued that Internal Reporting was not Protected, sets forth the results of this survey:
Given the Commission’s stated commitment to fostering effective internal compliance programs, and the new-found faith that corporate commenters, like the Association, have expressed in the protection that employees will receive in when making reports to such programs, the Commission should establish a rule that contacts with internal compliance departments and employee supervisors have the same protection as contacts with the SEC. Given the corporate track record on these issues, this mandate must be established by a formal rule.
If the regulated communities and the SEC are truly interested in promoting internal compliance programs, we hereby recommend that the SEC adopt and make the following rules final:
* All contacts with an Audit Committee or any other compliance program shall be considered, as a matter of law, an initial contact with the SEC;
* All regulated companies shall be strictly prohibited from retaliating against any employee who makes a disclosure to an Audit Committee or a compliance program concerning any potential violation of law or any “suspicious activities”. This is consistent with the recommended standards of the Association of Certified Fraud Examiners. See Exhibit 9, Excerpts from the ACFE’s 2010 “Report to the Nations on Occupational Fraud and Abuse”.
* All regulated companies shall be required to track all internal complaints, and demonstrate how such complaints have been resolved;
* Consistent with 48 C.F.R. Chapter 1, all audit committees and compliance programs shall be required to “timely disclose” to the SEC “credible evidence of a violation” of law or SEC rules. See 73 Federal Register 67064, 67065 (November 12, 2008). When making these disclosures, if the information originated with a whistleblower, the identify of that whistleblower shall be provided to the SEC, and that submission shall be deemed to qualify as an application for a reward under § 21F;
* Should an internal complaint result in a finding of a violation, and lead to the Commission issuing a fine, penalty or disgorgement, the employee whose application was submitted through the internal complaint process shall be fully eligible for a reward.
With these rules in place, corporations would be free to develop and utilize their internal compliance programs to encourage employees to report problems within the company without undermining an employee’s unequivocal statutory right to file a claim directly with the Commission. See NLRB v. Scrivener, 405 U.S. 117 (1972) (“Which employees receive statutory protection should not turn on the vagaries of the selection process”).
The SEC Should Adopt the Federal Acquisition Regulation Rules for Corporate Compliance
Both the Commission and the regulated community have strongly asserted that effective internal compliance programs are important in guarding against fraud. However, it is well-documented that existing standards for corporate compliance programs are ineffective.
For example, the Rand Center for Corporate Ethics and Governance published “Perspectives of Chief Ethics and Compliance Officers on the Detection and Prevention of Corporate Misdeeds: What the Policy Community Should Know,” Rand Institute for Civil Justice Center (2009) (Michael D. Greenberg). As part of this program Rand published a paper by Donna Boehme highly respected compliance executive and the former Chief of Compliance for BP. Ms. Boehme explained many of the problems experienced by compliance programs, and why these programs fail. She understood that the lack of commitment and the failure to create strong policies often resulted in these programs serving as “window dressing.” See Exhibit 10, Boehme Paper.
In the context of the False Claims Act, the United States took steps to ensure that compliance programs moved from simply being “window dressing” to becoming more substantive tools in the anti-fraud program. The United States determined that existing compliance programs were not effective, and instituted rulemaking proceedings within the Civilian Agency Acquisition Council and the Defense Acquisition Regulations Council to mandate stronger and more ethical compliance programs. While these rulemaking applications were pending, Congress enacted Public Law 110-252, Title VI, Chapter 1, that required the Councils to implement new compliance rules consistent with the applications that had been filed by various federal agencies.
See 73 Federal Register 67064, 67065 (November 12, 2008). These rules establish reasonable ethical standards for compliance programs that have responsibility for reviewing compliance with federal contracts. As part of the present rulemaking process, the SEC should adopt these standards and issue a Final Rule requiring the regulated community to implement compliance programs that follow these rules.
Significantly, the FAR Case 2007-006 rules explicitly cover all violations of the False Claims Act. In enacting these rules, the United States did not undermine the qui tam provisions of the FCA, and did not place any limits on employees filing FCA complaints. There is no requirement that employees report their concerns to the new mandated compliance programs, and there is no limit on qui tam rewards for employees who exercise their right to report concerns directly to the Justice Department.
The SEC should adopt rules to ensure that compliance programs are effective. These rules should in no way limit whistleblower rights under § 21F, and must ensure that employees have the freedom to confidentially and effectively report misconduct within their own corporations. The rules should explicitly mandate the application of the FAR Case 2007-006 rules to all companies regulated by the SEC. Moreover, the SEC should require compliance programs to implement the proposals set forth in the Boehme-Rand paper.
The Sarbanes-Oxley Act Prohibits the SEC from Adopting Rules that Could Interfere with Whistleblower Disclosures
Neither the regulated community nor the SEC can lawfully create any rule that would create a financial disincentive or otherwise discourage a person from filing a complaint with the SEC or disclosing potential criminal conduct to law enforcement.
In its December 15, 2010 letter to the SEC, the Association of Corporate Counsel raised a concern that the final Dodd-Frank Act rules could “undermine corporate compliance regimes.” See Exhibit 1, Association Letter, p. 4. The Association pointed to the various internal corporate reporting requirements in the Sarbanes Oxley Act, as a justification for this “principle.” Id.,p. 2.
The Association is incorrect. The Sarbanes-Oxley Act creates near-absolute protection for employees who contact any federal law enforcement agency regarding the violation of any federal law. This part of the statute is not a mere “principle.” Section 1107 of the Sarbanes-Oxley Act criminalizes any attempt to interfere with the right of any person to contact the SEC concerning any violation of law. The section sets forth an overriding public policy, implicit or explicit in every federal whistleblower law, that employees can always choose to report concerns directly to law enforcement, regardless of any other program, private contract, rule or regulation.
If other sections of Sarbanes-Oxley raised an issue as to whether or not any person could take concerns directly to the government, section 1107 answered those questions. Section 1107 is explicit, clear and unequivocal:
“Whoever knowingly, with the intent to retaliate, takes any action harmful to any person, including interference with the lawful employment or livelihood of any person, for providing to a law enforcement officer any truthful information relating to the commission or possible commission of any Federal offense shall be fined under this title or imprisoned not more then 10 years, or both.”
18 U.S.C. § 1513(e).
Significantly, Section 1107 of SOX is a criminal statute that applies to “any person,” including government employees. Thus, if a public sector employee (federal or state) took “any action” that was “harmful to any person” including actions that may harm any person’s “livelihood,” that public employee would be guilty of a crime. Section 1107 demonstrates the great importance Congress placed on the right of employees to report any reasonably suspected violation of federal law to any law enforcement agency.
The application of Section 1107 of the Sarbanes-Oxley Act to disclosures under the Dodd-Frank Act was made explicit in the statute, ensuring that there would be no mistake about the application of this very important legal policy, rule and principle in the implementation of Dodd-Frank both by government employees and regulated industries.
Section 21F(h)(1)(A)(iii) explicitly incorporates section 1107 of Sarbanes-Oxley into the Dodd-Frank Act. The definition of a Dodd-Frank protected disclosure includes “any lawful act done by the whistleblower . . . in make disclosures that are required or protected under . . . section 1513(e) of title 18, United States Code . . ..” Section 1513(e) of the Code is where section 1107 of the Sarbanes-Oxley Act was codified.
No Commission rule can interfere, directly or indirectly with the right of employees to disclose any potential violation of law to the SEC, and no rule or regulation of the Commission can interfere with the “livelihood” of any person who makes such a disclosure. Disclosures to law enforcement are among the most cherished forms of protected activity and must be safeguarded not only by the Commission but the regulated community.
The rulemaking authority of the SEC under Dodd-Frank is limited. Rules are permitted that simply “implement the provisions” of section 21F. All such implementing regulations are required to be “consistent with the purposes” of the Act. Since one of the core purposes of the Act is to permit the free and unfettered communication of information from employees to law enforcement agencies, it is incumbent upon the SEC to strongly reaffirm this right.
It would constitute an illegal contract and a potential obstruction of justice for any employer to implement a rule that directly or indirectly restricted an employee’s right to communicate with federal law enforcement. If a company initiated a program that based eligibility for financial incentives on whether or not an employee first communicated his or her concerns to a company, before going to federal law enforcement, any such policy would be void. If such a program were used against a whistleblower who chose to make a protected disclosure under Section 1107 of Sarbanes-Oxley and/or Section 21F(h)(1)(A)(iii), it would constitute an adverse employment action under both of these laws, and could subject the company to severe criminal penalties.
Obviously, the SEC cannot implement any rules that would permit corporations to violate sections 1107 of SOX or 21F(h) of Dodd-Frank. Any impediment contained in the Proposed Rule published by the SEC must be struck. The request by various industry groups to authorize such restrictions on protected disclosures are not only misplaced as a matter of law, they are troubling as a matter of policy.
Any Final Rule published by the SEC must fully, clearly and unequivocally reaffirm an employee’s right to contact the SEC (or any other federal law enforcement agency) and raise concerns about any violation of any federal law (including, but not limited to, violations of the Securities and Exchange Act). Furthermore, the Final Rule should require every regulated company to inform their employees of this right, and ensure that no employment contract or work rule interferes with this right. Finally, there can be no financial disincentive on any employee who exercises his or her right to contact federal law enforcement. The Final Rule must ensure that an employee’s decision to report his concerns directly to the government, as opposed to his or her management and/or compliance program will have no impact whatsoever on eligibility and/or the calculation of the amount of reward for which an employee may obtain.
The SEC Should Adopt the Recommendations Made by its Inspector General
On March 29, 2010, the SEC’s Office of Inspector General (OIG) published a comprehensive analysis of the SEC’s pre-Dodd-Frank whistleblower rewards program. This report is hereby incorporated in its entirety into this rulemaking submission. See Exhibit 11, “Assessment of the SEC’s Bounty Program”.
The OIG carefully studied the SEC’s past practices in processing whistleblower reward-based tips in light of its understanding that proposals were pending in Congress to upgrade the rewards program. The OIG made nine specific recommendations. The SEC Enforcement Division approved all of these recommendations. See Exhibit 12, SEC Enforcement Division Memorandum.
The Proposed Rule did not reference the OIG recommendations, nor did it reference the fact that the Enforcement Division reviewed these recommendations and concurred.
All of the recommendations of the OIG should be incorporated into the Final Rule.
OIG Recommendation #1: Public outreach concerning the existence of the SEC bounty program. The Final Rule should implement this recommendation. We propose the following: All regulated companies shall be required to prominently post notice of the SEC’s § 21F program, informing employees of their right to file claims directly with the SEC, and their right to file such claims anonymously. Regulated companies shall also be required to conduct annual training that informs employees of their rights under §21F, including the anti-retaliation provisions.
In order to encourage employees to utilize internal compliance programs, the SEC should, by regulation, mandate that contacting an internal compliance program or a supervisor is a protected disclosure, and will be treated the same as if an employee had contacted the SEC.
The requirement to post notice of employee rights is a common feature in various whistleblower laws and is mandated by the Nuclear Regulatory Commission under its safety regulations. 10 C.F.R. § 50.7.
OIG Recommendation # 2: Post notice and information on the SEC’s public web site of the SEC’s reward program. This recommendation should be implemented into the Final Rule, as it is key to ensuring that the filing procedures for whistleblowers are not complicated or discouraging. The filing procedures set forth in the Proposed Rule are far to complex, and have terms and requirements that would both confuse employees, and may make them fearful of even filing a claim.
The OIG set forth four categories of information that a whistleblower would have to file with the SEC on a form. These categories are reasonable, and the initial filing form for the whistleblower should only require this information. The current proposal is too complex.
Additionally, the OIG recommendation included a standard certification that the whistleblower assert that his or her information was “true, correct and complete,” etc. This is standard language. The Proposed Rule’s oath provision is far to complex, and may intimidate a layperson from signing the form.
Implicit in the OIG recommendation is the fact that the reward process is initiated by the filing of an initial claim. There is no requirement to file follow-up forms. This should be followed in the Final Rule. The multi-form process contained in the Proposed Rule is costly, complex and will result in mistakes. A claim should be initiated with a simple form and request for information.
OIG Recommendations #s 3, 5-7: Establish follow-up policies for processing claims, tracking claims, facilitating communications between the SEC and whistleblowers and creating a case file. These recommendations are common sense, and should be implemented in a “user friendly” manner.
Once the application is filed, the Whistleblower Office should follow-up and carefully track all filings. If additional information is needed, the Whistleblower Office should facilitate communications between the responsible SEC officials and the whistleblower, so that the whistleblower can work directly with the government to ensure that all violations are detected, and that the final enforcement is complete. The case should have a file number. The employee should be provided regular updates on the status of the case. We propose 90-day notice letters.
When the SEC believes that they will obtain a fine, penalty or disgorgement, discussions should be initiated with the whistleblower to determine the nature of his or her contribution to the final penalties that will be imposed, and, if possible, the reward amounts should be part of the final resolution of a case. The SEC should work with the whistleblower and attempt to reach a consent agreement as to the proper basis for the reward, and the percentage of reward. There should be a strong policy goal that the Whistleblower Office and the whistleblower reach an agreement and voluntarily establish the amount of a reward. This will eliminate administrative costs, facilitate cooperation between the SEC and the whistleblower and expedite the payment of rewards. Only if there is a disagreement and a settlement is not reached should the issues related to the reward to forwarded to the Commission for a final determination, and ultimately potential judicial review.
OIG Recommendation # 4: Criteria for rewards. Congress established the criteria, and the Commission should strictly follow that criteria. The Commission does not have the legal authority to substantively change this criteria. The implementation of the criteria must be consistent with the “purpose” of § 21F, which is to encourage employees to report violations and provide generous financial rewards and incentives for these reports. § 21F(j). The Commission cannot use its rulemaking authority to reduce the scope of the Act, or create criteria that could discourage employees from fully and aggressively utilizing the programs established in § 21F.
OIG Recommendation # 8: Incorporate the best practices from the Department of Justice and the Internal Revenue Service. This is perhaps the single most important recommendation. Under the False Claims Act, the Department of Justice has significant experience in working with whistleblowers in a reward-based program. Under the FCA best practices have been developed, and numerous issues have been resolved either by a court or by Congress when it amended the law in 1986, 2009 and 2010. These precedents and policies should form the basis of the SEC program. The Proposed Rule, in many ways, tries to cover old ground already carefully reviewed under the FCA. These precedents should, for the most part, be followed. In regard to the IRS program, the IRS has implemented a “user-friendly” application and follow-up procedure. These can serve as further models for the SEC rule.
The SEC Should Adopt the Leahy-Grassley Recommendations
After the enactment of the Sarbanes-Oxley Act, the two principal sponsors of the whistleblower provisions in that law wrote a letter to the then-Chairman of the SEC, Mr. William Donaldson. See Exhibit 13, Leahy-Grassley Letter. Senators Patrick Leahy and Charles Grassley set forth specific proposals for SEC action to protect whistleblowers. The Leahy-Grassley recommendations were fully supported under law and policy. Unfortunately, the SEC did not properly respond to these recommendations, and the potential enforcement powers implicit or explicit in the Sarbanes-Oxley Act were lost. This significantly contributed to the failure of the SOX whistleblower provisions over the next six years.
Under Dodd-Frank there are even stronger policy and legal justifications for the Commission to implement the Leahy-Grassley recommendations. We hereby request the SEC incorporate these recommendations into the Final Rule.
Conclusions and Recommendations for Final Rule
Conclusion #1: The existence of a strong qui tam reward program will have no impact on internal employee reporting activities.
Conclusion #2: the evidence does not support employer concerns that Dodd-Frank will interfere with existing compliance programs.
Conclusion #3: There is no factual basis to justify any restrictions on an employee’s right to obtain monetary rewards based on whether he utilized an internal compliance program.
Conclusion #4: The systemic problems with corporate internal compliance programs are not related to qui tam law rewards and exist regardless of whether employees file whistleblower complaints with the government. The SEC should adopt the FAR rule governing corporate compliance programs and should mandate that these programs operate in a manner consistent with the Rand report.
Conclusion #5: The SEC must ensure, through a formal rule, that reports to internal compliance programs are fully protected. The decades-long history of regulated companies opposing such protections in judicial proceedings must be ended. The definition of protected disclosures should conform to the standards recommended by the Association of Certified Fraud Examiners.
Conclusion #6: The recommendations of the SEC’s Inspector General should be fully implemented in a manner consistent with the requirement that the Dodd-Frank reward provisions be “user-friendly”.
Conclusion #7: By formal rule, the SEC must establish that disclosures submitted to internal compliance programs be afforded the same level of protection as direct disclosures to the SEC. In this regard, the SEC should establish, by rule, that it will consider a claim or disclosure filed internally within a company to constitute a formal request for a reward under SEC § 21F. The SEC should establish rules to adjudicate these claims and require that the regulated companies establish procedures for timely notification of such employee filings.
Conclusion #8: The SEC should implement rules consistent with the recommendations filed with the Commission in by Senators Leahy and Grassley.
Conclusion #9: Any action by an employer that in any way limits an employee’s right or incentive to contact the SEC, regardless of whether or not the employee first utilized a compliance program, is highly illegal and constitutes an obstruction of justice.
Conclusion #10: The SEC’s rules cannot create any disincentive for employee to contact the SEC or file claims directly with the SEC. The SEC’s rules must be neutral in regard to the reporting mechanism an employee uses to report a potential violation. Whether an employee files an anonymous claim with the SEC, a non-anonymous claim directly with the SEC and/or whether an employee utilized an internal compliance program, must have no impact whatsoever on the right of an employee to file a claim and/or the amount of reward given to the employee.
Conclusion # 11: The SEC cannot create any disincentive for reporting, or restrict the class of persons who are eligible for a reward, by creating any form of exclusion for a recovery that is not explicitly authorized under the Act.
The Securities and Exchange Commission, in its Notice of Proposed Rulemaking, requested empirically based proposals and comments on key aspects of its rule.
Study Based on Similar Qui Tam Laws. This study focused on cases filed under the False Claims Act, 31 U.S.C. § 3730(h). This law was chosen for three reasons. First, it is the longest standing qui tam law in the United States and the Dodd-Frank Act’s reward provisions are modeled on this law. Second, the current version of the law has been in effect since 1986, and consequently provides a sufficiently large sample of cases to draw statistically-significant conclusions. Third, given the duration of the law, and the fact that its reward provisions have been the subject of numerous news articles, the law is well known in the relevant job markets. Fourth, given the similarities in the reward features, the long-standing existence of the Act, and the fact that rewards under this law have been well publicized, cases studies under the FCA represent the most reliable indicator of the potential impact the Dodd-Frank Act will have on employees eligible for rewards under its provisions.
Study Based on Cases in which Employee Reporting Behaviors are Discussed. In order to obtain data on employee behaviors, the study focused on FCA cases that included a “subsection (h)” claim. Subsection (h) is the anti-retaliation provision of the FCA. Subsection (h) cases were selected because these cases offered the best opportunity for an objective discussion of employee behavior. Under the law, the employee must demonstrate what he or she did in order to engage in protected activity under the Act. This is only one element of a case, but generally it must be discussed in each case, as the court must determine whether or not an employee established his or her prima facie case.
Because filing an FCA case directly with the United States government is considered a protected activity, subsection (h) cases offered an opportunity to study employee-reporting behaviors. Most of the cases contained a brief factual recitation of how the employee “blew the whistle,” and ultimately came to be a qui tam relator.
Study Based on Cases Decided After the Existence of Rewards Would be Known Within the Relevant Employee-Employer Markets. The FCA has been actively used by whistleblowers since 1986 (when the Act was amended and modernized). The study limited its review of employee cases to those decided from January 1, 2007 to the present. The modern cases were selected in order to best duplicate employee behaviors once a qui tam law has been in existence for a sufficient amount of time for employees to learn about its potential usage. In other words, be limiting the review to modern cases the study could focus on employee behaviors based on the fact that the law had been in active use for over 20 years, and numerous newspaper and television stories had been published making the public aware of the large multi-million dollar rewards potentially available under the FCA.
Using a Standardized and Objective Method to Locate Cases Eliminated Bias in the Sample. In order to eliminate basis from the case selection process, the NWC reviewed all cases in which a 31 U.S.C. 3730(h) case was decided at the district court level from January 1st, 2007 until December 15th, 2010. These cases were found by Shepardizing “31 U.S.C. 3730” in the LexisNexis online database under the index “31 U.S.C. sec. 3730 (h)”, and restricting the results to those cases filed after 2007. This search method produced a list of all cases filed since 2007 that contained a citation to 31 U.S.C. 3730(h). United States District Court cases in which a 3730(h) claim was filed were then extracted from this list, creating a population of 128 cases to be examined. All of the included cases are listed in the Exhibits listed throughout this Report.
The Objectively Identified Cases in the Sample were Reviewed in order to Determine Employee Reporting Behaviors. Once located, each case was separately reviewed. In some cases it was impossible to determine the reporting history of the employee. Other cases did not concern legitimate qui tam filings. In the cases where it was unable to determine the method used by the employee to initially reported the alleged fraud, the full appellate history of the case was then examined. Despite this further review, 21 cases proved impossible to determine the status of internal reporting or were otherwise clearly inapplicable based on the factual statements set forth in these cases. The cases that were excluded from the study are set forth in Exhibit 14, Chart of Non-Applicable Cases Excluded from Survey.
This left a final population of 107 cases that were then analyzed to determine if the employee-plaintiff reported the alleged fraud internally before filing a lawsuit, whether or not they worked in a compliance or quality assurance related position for their former employer, and if the Plaintiff engaged in a “protected action” under 31 U.S.C. 3730(h).
The National Whistleblower Center would like to thank Law Clerk Greg Dobbels for his assistance in reviewing False Claims Act cases.
About the National Whistleblower Center
The National Whistleblower Center (NWC) is an advocacy organization with a more than 20-year history of protecting the rights of individuals to speak out about wrongdoing in the workplace without fear of retaliation. Since 1988, the NWC has supported whistleblowers in the courts and before Congress, achieving victories for environmental protection, nuclear safety, government ethics, and corporate accountability. The NWC also sponsors several educational and assistance programs, including an online resource center on whistleblower rights, a speakers bureau of national experts and former whistleblowers, and a Whistleblower Legal Assistance Program run by the NWC affiliated group the National Whistleblower Legal Defense and Education Fund (NWLDEF). The National Whistleblower Center is a non-partisan, non-profit organization based in Washington, DC.
Exhibit 1, Kansas Gas & Electric v. Brock
Exhibit 2, Special Report
Exhibit 3, Chart of Employee Reporting: Internal vs. External
Exhibit 4, Chart of Compliance Employee Reporting
Exhibit 5, Association Letter
Exhibit 6, Brown & Root v. Donovan
Exhibit 7, Chart of Cases Under Federal Banking Whistleblower Laws
Exhibit 8, Chart of Cases in which Corporations Argued that Internal Reporting was not Protected
Exhibit 9, Excerpts from the ACFE’s 2010 “Report to the Nations on Occupational Fraud and Abuse”
Exhibit 10, Boehme Paper
Exhibit 11, “Assessment of the SEC’s Bounty Program”
Exhibit 12, SEC Enforcement Division Memorandum
Exhibit 13, Leahy-Grassley Letter
Exhibit 14, Chart of Non-Applicable Cases Excluded from Survey