with co-author Michael Filoromo
The U.S. Securities and Exchange Commission (SEC) has repeatedly found that confidentiality agreements that work to prevent or discourage whistleblowers from reporting to the Commission are unenforceable. This protection is based in SEC Rule 21F-17(a), which provides:
No person may take any action to impede an individual from communicating directly with the Commission staff about a possible securities law violation, including enforcing, or threatening to enforce, a confidentiality agreement . . . with respect to such communications.
This rule is potentially broad enough to apply to nearly all confidentiality and non-disclosure agreements that employers require of current employees. It also applies to separation, severance or settlement agreements, which generally include confidentiality provisions. The SEC has made publicly and abundantly clear that the Commission intends to enforce this provision stringently, even where there is no direct evidence that an agreement impeded a would-be whistleblower.
The SEC Speaks Out on Chilling Confidentiality Language
Lawyers representing whistleblowers before the SEC have observed a trend among employers that seek to comply with – and in some cases circumvent – Rule 240.21F-17(a). These efforts take a number of forms in severance and settlement agreements and may require that employees:
- Certify that they have not shared confidential information with any third party;
- Waive their right to an SEC award, or assign any award received to the employer; and/or
- Inform the (former) employer of any contact with or inquiries from government agencies.
Such terms are familiar to the usual releases and waivers required of a departing employee and may be uncontroversial in other contexts. For example, it is lawful to require that a former employee forfeit any moneys recovered as a result of a discrimination claim brought by the Equal Employment Opportunity Commission (EEOC) on behalf of a class that includes the former employee. But these provisions can have a different purpose and effect in the context of the SEC Whistleblower Program – one that the SEC views as running afoul of its regulations.
The SEC Office of the Whistleblower has taken a very aggressive stance against such employer tactics. Whistleblower Office Chief Sean McKessy has stressed that the SEC was on the lookout for contracts that impeded whistleblowers in any way from bringing information about company wrongdoing to the SEC. McKessy said, “[W]e are actively looking for examples of confidentiality agreements, separation agreements, employee agreements that … in substance say ‘as a prerequisite to get this benefit you agree you’re not going to come to the commission or you’re not going to report anything to a regulator.'”
The SEC Knocks Merrill Lynch’s Confidentiality Agreements
On June 23, 2016, the SEC announced that it had come to an agreement with Merrill Lynch, Pierce, Fenner & Smith Inc. (Merrill Lynch) and its parent corporation, Bank of America Corp., to settle an SEC enforcement action. In addition to penalizing Merrill Lynch for misusing customer assets, the enforcement action and settlement referenced the company’s confidentiality agreements. The SEC criticized severance agreements Merrill Lynch had drawn up with some employees. According to the Commission, these agreements:
[P]rohibited [employees] from disclosing any aspect of the confidential information or trade secrets of [Merrill Lynch] or any of its subsidiaries or affiliates to any person or entity outside these entities except pursuant to formal legal process or unless the former employee first obtained the written approval of an authorized [Merrill Lynch] representative.
The SEC added:
While the agreement expressly permitted an individual to disclose confidential information pursuant to an order or other requirement of a court, administrative agency, or other authority, it did not permit an individual to voluntarily disclose confidential information to such bodies.
Merrill Lynch admitted wrongdoing to settle charges and agreed to pay a $415 million fine. It also significantly revised its confidentiality agreements, policies and procedures and implemented a mandatory annual whistleblower-training program for all employees at Merrill Lynch and Bank of America. The companies also agreed to annually provide employees with a summary of their rights and protections under the SEC’s Whistleblower Program.
While the provision in Merrill Lynch agreements presents a clear violation of Rule 21F-17, other settlement provisions that more subtly dissuade employees from reporting potential securities violations to the SEC may be the next targets. For instance, the SEC may not look favorably on provisions that:
- Prohibit an employee from criticizing or disparaging the company and/or its practices;
- Insist that an employee attest to having alerted the employer to all concerns, compliance issues, violations of law or ethics issues of which he or she is aware at the time of execution of a settlement agreement;
- Require employees to cooperate with the employer in any future litigation or investigation by government agencies; or
- Limit the employee’s right to claim an SEC whistleblower award in the future.
Other Government Agency Interest in Confidentiality Agreements
Notably, the SEC is not alone in its interest in employer-employee confidentiality agreements. The National Labor Relations Board, EEOC and Financial Industry Regulatory Authority, to name a few, have taken action against employer-employee confidentiality agreements in recent years. In addition, a March 2015 report by the State Department’s Office of Inspector General scrutinized confidentiality agreements that the 30 largest State Department contractors have required their employees to sign.
Government scrutiny of employer-employee agreements is a relatively new development as it relates to whistleblowers. The SEC has made clear that in the interest of encouraging whistleblowers, it takes a broad view of what may dissuade employees from reporting legal violations to the government entities. The SEC’s interest in the subject should put employers on notice to take a fresh look at language in such agreements and to monitor closely any enforcement actions or guidance the SEC provides. Failing to do so can be costly.
 Brian Mahoney, SEC Warns In-House Attys Against Whistleblower Contracts, Law360 (Mar. 14, 2014), http://www.law360.com/articles/518815/sec-warns-in-house-attys-against-whistleblower-contracts.
 In the Matter of Merrill Lynch, Pierce, Fenner & Smith Incorporated and Merrill Lynch Professional Clearing Corp., SEC Release No. 78141 (June 23, 2016), Order Instituting Cease-and-Desist Proceedings Pursuant to Sections 15(b) and 21C of the Securities Exchange Act of 1934, Making Findings, and Imposing Remedial Sanctions and a Cease-and-Desist Order, at 19, available at https://www.sec.gov/litigation/admin/2016/34-78141.pdf.
 Office of the Inspector General, Review of the Use of Confidentiality Agreements by Department of State Contractors, U.S. Department of State (Mar. 2015), available at https://oig.state.gov/system/files/esp-15-03.pdf.Corporate Compliance Insights is a wholly owned subsidiary of Conselium Executive Search, the global leader in compliance search.