No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe
Jump to a Section
  • At the Office
    • Ethics
    • HR Compliance
    • Leadership & Career
    • Well-Being at Work
  • Compliance & Risk
    • Compliance
    • FCPA
    • Fraud
    • Risk
  • Finserv & Audit
    • Financial Services
    • Internal Audit
  • Governance
    • ESG
    • Getting Governance Right
  • Infosec
    • Cybersecurity
    • Data Privacy
  • Opinion
    • Adam Balfour
    • Jim DeLoach
    • Mary Shirley
    • Yan Tougas
No Result
View All Result
Corporate Compliance Insights
Home Compliance

The SEC’s Increasing Focus on Employer-Employee Confidentiality Agreements

by Lisa Banks
August 1, 2016
in Compliance, HR Compliance
Could your employee contracts prevent whistleblowing? And is that a good thing?

with co-author Michael Filoromo

The U.S. Securities and Exchange Commission (SEC) has repeatedly found that confidentiality agreements that work to prevent or discourage whistleblowers from reporting to the Commission are unenforceable.  This protection is based in SEC Rule 21F-17(a), which provides:

No person may take any action to impede an individual from communicating directly with the Commission staff about a possible securities law violation, including enforcing, or threatening to enforce, a confidentiality agreement . . . with respect to such communications.

This rule is potentially broad enough to apply to nearly all confidentiality and non-disclosure agreements that employers require of current employees.  It also applies to separation, severance or settlement agreements, which generally include confidentiality provisions.  The SEC has made publicly and abundantly clear that the Commission intends to enforce this provision stringently, even where there is no direct evidence that an agreement impeded a would-be whistleblower.

The SEC Speaks Out on Chilling Confidentiality Language

Lawyers representing whistleblowers before the SEC have observed a trend among employers that seek to comply with – and in some cases circumvent – Rule 240.21F-17(a).  These efforts take a number of forms in severance and settlement agreements and may require that employees:

  • Certify that they have not shared confidential information with any third party;
  • Waive their right to an SEC award, or assign any award received to the employer; and/or
  • Inform the (former) employer of any contact with or inquiries from government agencies.

Such terms are familiar to the usual releases and waivers required of a departing employee and may be uncontroversial in other contexts.  For example, it is lawful to require that a former employee forfeit any moneys recovered as a result of a discrimination claim brought by the Equal Employment Opportunity Commission (EEOC) on behalf of a class that includes the former employee.  But these provisions can have a different purpose and effect in the context of the SEC Whistleblower Program – one that the SEC views as running afoul of its regulations.

The SEC Office of the Whistleblower has taken a very aggressive stance against such employer tactics.  Whistleblower Office Chief Sean McKessy has stressed that the SEC was on the lookout for contracts that impeded whistleblowers in any way from bringing information about company wrongdoing to the SEC.  McKessy said, “[W]e are actively looking for examples of confidentiality agreements, separation agreements, employee agreements that … in substance say ‘as a prerequisite to get this benefit you agree you’re not going to come to the commission or you’re not going to report anything to a regulator.'”[1]

The SEC Knocks Merrill Lynch’s Confidentiality Agreements

On June 23, 2016, the SEC announced that it had come to an agreement with Merrill Lynch, Pierce, Fenner & Smith Inc. (Merrill Lynch) and its parent corporation, Bank of America Corp., to settle an SEC enforcement action.  In addition to penalizing Merrill Lynch for misusing customer assets, the enforcement action and settlement referenced the company’s confidentiality agreements.  The SEC criticized severance agreements Merrill Lynch had drawn up with some employees.  According to the Commission, these agreements:

[P]rohibited [employees] from disclosing any aspect of the confidential information or trade secrets of [Merrill Lynch] or any of its subsidiaries or affiliates to any person or entity outside these entities except pursuant to formal legal process or unless the former employee first obtained the written approval of an authorized [Merrill Lynch] representative.

The SEC added:

While the agreement expressly permitted an individual to disclose confidential information pursuant to an order or other requirement of a court, administrative agency, or other authority, it did not permit an individual to voluntarily disclose confidential information to such bodies.[2]

Merrill Lynch admitted wrongdoing to settle charges and agreed to pay a $415 million fine.  It also significantly revised its confidentiality agreements, policies and procedures and implemented a mandatory annual whistleblower-training program for all employees at Merrill Lynch and Bank of America.  The companies also agreed to annually provide employees with a summary of their rights and protections under the SEC’s Whistleblower Program.

While the provision in Merrill Lynch agreements presents a clear violation of Rule 21F-17, other settlement provisions that more subtly dissuade employees from reporting potential securities violations to the SEC may be the next targets.  For instance, the SEC may not look favorably on provisions that:

  • Prohibit an employee from criticizing or disparaging the company and/or its practices;
  • Insist that an employee attest to having alerted the employer to all concerns, compliance issues, violations of law or ethics issues of which he or she is aware at the time of execution of a settlement agreement;
  • Require employees to cooperate with the employer in any future litigation or investigation by government agencies; or
  • Limit the employee’s right to claim an SEC whistleblower award in the future.

Other Government Agency Interest in Confidentiality Agreements

Notably, the SEC is not alone in its interest in employer-employee confidentiality agreements.  The National Labor Relations Board, EEOC and Financial Industry Regulatory Authority, to name a few, have taken action against employer-employee confidentiality agreements in recent years.  In addition, a March 2015 report by the State Department’s Office of Inspector General scrutinized confidentiality agreements that the 30 largest State Department contractors have required their employees to sign.[3]

Conclusion

Government scrutiny of employer-employee agreements is a relatively new development as it relates to whistleblowers.  The SEC has made clear that in the interest of encouraging whistleblowers, it takes a broad view of what may dissuade employees from reporting legal violations to the government entities.  The SEC’s interest in the subject should put employers on notice to take a fresh look at language in such agreements and to monitor closely any enforcement actions or guidance the SEC provides.  Failing to do so can be costly.

[1] Brian Mahoney, SEC Warns In-House Attys Against Whistleblower Contracts, Law360 (Mar. 14, 2014), http://www.law360.com/articles/518815/sec-warns-in-house-attys-against-whistleblower-contracts.

[2] In the Matter of Merrill Lynch, Pierce, Fenner & Smith Incorporated and Merrill Lynch Professional Clearing Corp., SEC Release No. 78141 (June 23, 2016), Order Instituting Cease-and-Desist Proceedings Pursuant to Sections 15(b) and 21C of the Securities Exchange Act of 1934, Making Findings, and Imposing Remedial Sanctions and a Cease-and-Desist Order, at 19, available at https://www.sec.gov/litigation/admin/2016/34-78141.pdf.

[3] Office of the Inspector General, Review of the Use of Confidentiality Agreements by Department of State Contractors, U.S. Department of State (Mar. 2015), available at https://oig.state.gov/system/files/esp-15-03.pdf.


Previous Post

The Top 4 Trade Compliance Strategies for Doing Business in India

Next Post

EU Commission’s Approval of Amended EU-U.S. Privacy Shield – Comedy or Tragedy?

Lisa Banks

Lisa Banks

Lisa BanksLisa J. Banks is a founding partner with the whistleblower and employment law firm Katz, Marshall & Banks, LLP, in Washington, D.C. She concentrates her practice on claims related to whistleblower retaliation, SEC and CFTC whistleblower tips, employment discrimination, sexual harassment, Title IX and contractual employment disputes. She is co-author of the comprehensive whistleblower law treatise Whistleblower Law: A Practitioner's Guide, an exhaustive guide to the dozens of federal and state whistleblower law affecting virtually every industry in the country, and has also published the CFTC Whistleblower Practice Guide, a comprehensive handbook for CFTC whistleblowers and their lawyers. Ms. Banks earned her law degree from the University of Denver College of Law. She can be reached at banks@kmblegal.com.

Related Posts

dod pentagon

CMMC 2.0 Creates New Compliance Calculus for Defense Contractors

by Shrav Mehta
July 3, 2025

Simplified framework still poses significant challenges for smaller defense industrial base participants

Integreon Launch

Integreon Launches AI-Enabled Legal & Regulatory Compliance Services

by Corporate Compliance Insights
July 2, 2025

Integreon has launched AI-enabled legal and regulatory compliance services powered by ContractPodAi's Leah intelligence platform to automate compliance processes and...

SpeakUp Launch

SpeakUp Launches AI Phone Agent and Disclosure Management Platform

by Corporate Compliance Insights
July 2, 2025

SpeakUp has launched two new solutions — an AI-powered disclosure and approval management platform called SpeakUp Paths and an AI...

Riskonnect Launch

Riskonnect Launches AI Governance Solution for Risk Management

by Corporate Compliance Insights
July 2, 2025

Riskonnect has launched an AI governance solution integrated within its risk management platform to help organizations manage AI-related risks and...

Next Post
Compliance officers take note: Privacy Shield has been amended

EU Commission’s Approval of Amended EU-U.S. Privacy Shield – Comedy or Tragedy?

No Result
View All Result

Privacy Policy | AI Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Research
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2025 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT
No Result
View All Result
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe

© 2025 Corporate Compliance Insights