SEC’s Focus on Whistleblower Protection Practices Continues

On September 9, 2024, the U.S. Securities and Exchange Commission (SEC) announced that it settled charges against seven public companies for alleged violations of Securities Exchange Act Rule 21F-17. According to the SEC, these companies’ employment, separation, and other agreements restricted employees’ abilities to communicate with the SEC about potential securities law violations by the companies, including by prohibiting the employees from collecting whistleblower awards for reporting such violations. The seven companies were fined over $3 million in combined civil penalties.

Less than a week earlier, on September 4, 2024, the SEC announced a similar settlement with a broker-dealer and two affiliated investment advisers. There, the SEC alleged that the firms required clients to sign confidentiality agreements that prohibited them from reporting potential securities law violations to the SEC or state regulators. The registrants were fined a combined civil penalty of $240,000.

Contexte

Rule 21F-17 was implemented by the SEC on August 12, 2011, as part of a larger set of whistleblower protection rules in connection with the Dodd-Frank Wall Street Reform and Consumer Protection Act. Rule 21F-17 specifically prohibits “any action to impede an individual from communicating directly with the [SEC] about a possible securities law violation, including enforcing, or threatening to enforce, a confidentiality agreement … with respect to such communications.” The purpose of the whistleblower protection rules, including Rule 21F-17, was to “encourage whistleblowers to report possible violations of the securities laws by providing financial incentives, prohibiting employment-related retaliation, and providing various confidentiality guarantees.”[1] Several years after its implementation, in mid-2015, the SEC began bringing enforcement actions for alleged violations of Rule 21F-17.

Principaux enseignements

Whistleblower protection practice cases are not new for the SEC. But these recent enforcement actions underscore the SEC’s focus on them, and the facts and circumstances highlight the expansive approach the SEC is taking — both in terms of the kinds of agreements and counterparties involved and the nature of impediments deemed violative. The SEC also has signaled that it is looking at practices wholistically, viewing restrictive language in one section of an agreement in combination with other sections or even other agreements. And importantly, the SEC does not need to identify any instance where an individual was prevented from disclosing information to the SEC because of the language in the agreements. The standard is simply that an individual could have been prevented from doing so.

In terms of penalties for Rule 21F-17 violations, the amounts can range greatly and can be substantial, depending on the context. Not surprisingly, two primary factors seem to be the level of restriction imposed by the language and the number of individuals impacted by the language. For example, in the recent settlement involving $19,500 in sanctions, the SEC referenced only two allegedly violative agreements in the order. In the settlement involving $1,386,000 in sanctions, on the other hand, the SEC referenced more than 150 allegedly violative agreements in the order. Remedial actions, including proactive removal of the offending language and outreach to previously affected individuals, can also lessen the severity of a sanction, and perhaps even avoid one entirely.

These enforcement actions serve as a reminder for companies, public and private, large and small, as well as regulated entities, to pay careful attention when drafting any agreements or other documents containing confidentiality or reporting provisions such as internal policies and procedures or codes of conduct. It also is important for companies and regulated entities to review any previously drafted agreements or documents with any relevant constituencies — employees, contractors, consultants, clients, etc. — to ensure the language in them does not run counter to the protections afforded in Rule 21F-17.

If you have questions about Rule 21F-17 and the SEC’s focus on whistleblower protections, contact the authors of this publication or your Foley & Lardner attorney.

[1] Implementation of the Whistleblower Provisions of Section 21F of the Securities Exchange Act of 1934, Release No. 34-64545, at 197 (Aug. 12, 2011).