No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
    • On-Demand Webinars: Earn CEUs
  • Subscribe
  • Home
  • About
    • About CCI
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
    • On-Demand Webinars: Earn CEUs
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Featured

Whistleblower Laws: Current Issues

by Corporate Compliance Insights
July 18, 2018
in Featured, Leadership and Career
Whistleblower Laws: Current Issues

Q&A with Rick Schroeder of Jones Walker

Rick Schroeder, leader of the Corporate Compliance & White Collar Defense Practice at Jones Walker in New Orleans, discusses whistleblower laws and protections with CCI’s Publisher, Maurice Gilbert.

Maurice Gilbert: What is the most important challenge for compliance officers relating to whistleblower laws, in your opinion?

Rick Schroeder: A common problem we see is that there is a misunderstanding of who is a “whistleblower” and what that really means. The fact is that there are a number of federal and state whistleblower laws, and they do not use the same definition. Even if you focus on the talked-about laws creating whistleblower protections in the area of securities laws, namely Sarbanes-Oxley and Dodd-Frank, currently they have different definitions. A whistleblower under Sarbanes-Oxley includes anyone who reports alleged violations relating to mail fraud, wire fraud, bank fraud, securities fraud or any rule or regulation of the Securities and Exchange Commission; or any provision of federal law relating to fraud against shareholders either to federal regulatory or law enforcement authorities; or to any person “with supervisory authority over the employee.” Dodd-Frank only applies to persons who provide unique information directly to the SEC pursuant to and consistent with its rules. The distinction matters. Dodd-Frank’s anti-retaliation provisions as well as its bounty program only kick in if you qualify as a Dodd-Frank whistleblower.

MG: Have there been recent developments about which compliance personnel should be aware?

RS: Yes. There have been changes in substance and enforcement policy on almost an annual basis. The distinction discussed above between Sarbanes-Oxley whistleblowers and Dodd-Frank whistleblowers was made very clear in the U.S. Supreme Court’s recent decision in Digital Realty Trust, Inc. v. Somers, a case where an employee was denied Dodd-Frank’s whistleblower protections because he had only reported internally and not directly to the SEC. The Commission has also recently proposed rule changes that would limit the size of some of the larger whistleblower awards and that would allow the Commission to make awards to persons reporting less significant violations resulting in de minimis fines. Presently, a bounty is only paid when the information provided results in a financial fine of greater than $1 million. The proposed rule would allow for awards even in circumstances where enforcement action was taken, but there was a smaller fine. For purposes of retaliation protection, an individual would be required to report information about possible securities laws violations to the Commission “in writing.” To be eligible for a bounty award or to obtain heightened confidentiality protection, the whistleblower must submit information on what is referred to as a “Form TCR” or through the Commission’s online tips portal. Finally, the bounty program would be broadened to include matters settled by the Department of Justice or state attorneys general through deferred or non-prosecution agreements, rather than only through settled SEC actions.

The point is that whistleblower laws, at the federal and state level, are very dynamic.

MG: Are whistleblower laws on balance helpful or harmful to compliance programs?

RS: There is debate about that. Some feel they are harmful in that they create an incentive to circumvent internal reporting channels. Clearly, that school of thought grew as a result of the Somers decision, where a would-be whistleblower would lose Dodd-Frank protections as well as bounty eligibility if he reported first internally, only to see his company then self-report the violation. Because the company self-reported, the reporter would no longer be the one to provide the SEC with original information, even if the reporter later went directly to the SEC. While this may seem like a complicated matter for an employee to work through, employees who witness serious violations often seek legal counsel, and frankly, any good lawyer would recommend reporting directly to the SEC and then internally. Detractors also point to the fact that the vast majority of whistleblower complaints are simply not valid. The SEC gets thousands of reports each year, and a very small fraction are found to relate to significant or even valid violations. Company compliance personnel are in a much better position to know very quickly whether a suspected violation has any merit, and the sooner they become aware of an issue, the sooner they can investigate and put a stop to any bad behavior.

The other school of thought is that whistleblower laws complement and even improve internal compliance programs in any number of ways. First, just the fact that they exist causes compliance personnel to be more vigilant in preventing violations. Also, greater effort is placed on protection of employees who internally report violations.

There is truth to both sides of the debate. One thing we have found is that if a company has a genuine and robust compliance program, it really does not matter what whistleblower laws there are and whether an employee reports to the government or not. That company will always be ready to respond and to defend its program and its handling of reported potential violations.

MG: What do you recommend compliance departments do to ensure compliance with whistleblower laws while preserving effective internal processes?

RS: There are a number of elements of a good compliance program that automatically ensure compliance with whistleblower laws. Let me mention three of the most relevant steps you can take.

1. Understand the specific laws that apply to your company’s operations.

All good compliance programs, as part of their policy build-out and risk assessment processes, identify and understand all federal, state and international laws that apply to their business operations, including whistleblower laws. When you do that, I bet you will remove the word “whistleblower” from any of your program documents or polices, because, as I said at the outset, there is no one definition and you should not label every reporter a whistleblower.

You will also understand that compliance with those laws involves more than just providing anonymous hotlines in some cases, or preventing retaliation; it also involves carefully checking all of your employee agreements and policies to ensure you are not “chilling” or impeding employees from reporting directly to the SEC. Rule 21F-17 provides, for example, that “No person may take any action to impede an individual from communicating directly with the Commission staff about a possible securities law violation, including enforcing, or threatening to enforce, a confidentiality agreement … with respect to such communications.” Employee agreements, such as termination agreements and confidentiality agreements, can inadvertently contain language that the SEC believes employees may misapprehend.

2. A well-designed and well-publicized internal reporting mechanism is a critical component of every corporate compliance program.

In order to encourage employees to use internal reporting channels, companies must promote a culture of improvement based on self-analysis. Successful companies look forward to discovering internal problems, because this drives a process of learning, adjusting and improving. This only works, however, if employees are educated on the internal reporting policy, believe in its outcomes and trust that they won’t face retaliation or other negative consequences for making internal reports.

3. (And this is critical) Ensure that employees understand that internal reporting is mandatory, not voluntary.

Regardless of whether they choose to report to the SEC, they have an obligation as a matter of company policy to report internally, anonymously or otherwise. Hopefully they will feel comfortable reporting without the cover of anonymity, but in any event, they must report. We have seen many cases where employees felt that reporting only to the government was “OK” and consistent with company policy. It should not be.

Companies can and should use compliance certification processes that require all employees to certify either that they have no knowledge of any violations of law or company policy or that they have reported any potential violations internally. The primary reason for certifications is to ensure internal reports are made so that the underlying issue may be addressed.

Another benefit occurs if an employee makes an external report in the future, because the company will be better prepared to address the issue with the government, having already conducted its own investigation, or, if the issue was never reported internally, it can check that employee’s past certification forms to determine whether there is a contradiction between prior certification forms and the external report of a potential violation. The SEC has committed to encouraging internal reporting of violations. Hold them to it.

 

Rick Schroeder leads the Corporate Compliance & White Collar Defense Practice at Jones Walker. He is based in New Orleans. He represents local, national and international companies, particularly in the energy and natural resource sectors, and their officers and employees in business and corporate compliance matters, internal investigations and government enforcement proceedings.

Mr. Schroeder has particular experience in developing comprehensive corporate compliance programs that address the broad array of high-risk areas companies face today. He has designed and assisted in the implementation of global corporate compliance programs for public and private companies with domestic and international operations, as well as conducted risk assessments and compliance program evaluations.


Tags: Dodd-Frank ActSECSOX ComplianceWhistleblowing
Previous Post

Family, Friends, and the FCPA: The Credit Suisse Enforcement Action

Next Post

Using Culture to Manage Complexity and Ethical Risk

Corporate Compliance Insights

Corporate Compliance Insights

Corporate Compliance Insights

Related Posts

collage of hands texting

From Inquiry to Response: What to Do When Regulators Come Knocking for Text Messages

by Lauren Tringali and Brian Corbin
September 20, 2023

Financial institutions have been hit with billions of dollars’ worth of fines in the past couple of years for failing...

papers stacked up in office

ASC 606 & IFRS 15 Standards Aren’t New. Why Are So Many Firms Still Falling Short?

by Tom Zauli
September 18, 2023

Auditors and government agencies have given a wide latitude when it comes to enforcement of ASC 606 and IFRS 15...

businesswoman looking at stack of documents for audit

Annual Survey: Companies Spending More Time on SOX Compliance

by Staff and Wire Reports
September 15, 2023

Nearly three in four organizations are looking for ways to further enable automation of their SOX compliance processes, according to...

illustration representing sec cybersecurity rules

Everything You Need to Know About the SEC’s New Cybersecurity Rules

by David Lynn
September 6, 2023

Following the release of much-anticipated cybersecurity reporting guidelines for public companies, questions may persist about specifics of the new rules....

Next Post
lines of orange paper dolls holding hands

Using Culture to Manage Complexity and Ethical Risk

Available SQ
New call-to-action

Jump to a Topic

AML Anti-Bribery Anti-Corruption Artificial Intelligence (AI) Automation Banking Board of Directors Board Risk Oversight Business Continuity Planning California Consumer Privacy Act (CCPA) Communications Management Corporate Culture COVID-19 Cryptocurrency Culture of Ethics Cybercrime Cyber Risk Data Analytics Data Breach Data Governance DOJ Download Due Diligence Enterprise Risk Management (ERM) ESG FCPA Enforcement Actions Financial Crime Financial Crimes Enforcement Network (FinCEN) GDPR HIPAA Know Your Customer (KYC) Machine Learning Monitoring RegTech Reputation Risk Risk Assessment Sanctions SEC Social Media Risk Supply Chain Technology Third Party Risk Management Tone at the Top Training Whistleblowing
No Result
View All Result

Privacy Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2023 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
    • On-Demand Webinars: Earn CEUs
  • Subscribe

© 2023 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT