The Securities and Exchange Commission (the “SEC”) recently announced that it paid a whistleblower award of more than $22 million, when a whistleblower’s detailed tip and extensive assistance helped the SEC halt a well-hidden fraud at the company where the whistleblower worked. With that award, the SEC has now paid out more than $100 million to whistleblowers who have helped the agency investigate and prosecute securities fraud. This large award followed recently issued settlements with two publicly held companies for violating a Rule that prohibits companies (and others) from interfering with potential whistleblowers’ communications with the SEC staff, Rule 21F-17 of the Securities Exchange Act of 1934 (the “Exchange Act”). In each case, the company involved paid substantial civil penalties. These recent activities highlight the value that the SEC places on its whistleblower program and serve as a wakeup call to publicly held companies to ensure that internal practices, policies and agreements do not contravene the requirements of the Dodd-Frank Wall Street Reform and Consumer Protection Act (the “Dodd-Frank Act”).
The Dodd-Frank Act amended the Exchange Act by adding Section 21F, entitled “Whistleblower Incentives and Protection.” The purpose of Rule 21F was to encourage whistleblowers to report possible securities law violations by providing financial incentives and certain protections against retaliatory acts. As part of the rule-making authority granted to it under the Dodd-Frank Act, the SEC adopted a number of rules, including Rule 21F-17, which provides that “[n]o person may take any action to impede an individual from communicating directly with the [SEC] staff about a possible securities law violation, including enforcing, or threatening to enforce, a confidentiality agreement.”
On August 10, 2016, the SEC announced a settlement with BlueLinx Holdings Inc. (“BlueLinx”) based on a charge that a confidentiality provision in its severance agreements violated Rule 21F-17. BlueLinx had used several forms of severance agreements over a five year period, and the SEC charged that each one violated Rule 21F-17. Specifically, the agreements (i) prohibited a departing employee from sharing confidential information about BlueLinx, unless the employee was compelled to do so by law or legal process, (ii) required the departing employee to provide written notice to (and in some cases, to obtain written consent from) BlueLinx prior to disclosing any such information, and (iii) required a departing employee to agree to waive the right to any monetary recovery in connection with any complaint or charge such departing employee may file with an administrative agency. The SEC found that “[r]estrictions on the ability of employees to share confidential corporate information regarding possible securities law violations with the [SEC] and to accept financial awards for providing information to the [SEC]…undermine the purpose of Section 21F…and violate Rule 21F-17(a).”
BlueLinx agreed to pay a civil penalty of $265,000. It also agreed to include the following provision in its severance agreements and any other employee agreements that included prohibitions on the use or disclosure of confidential information:
“Protected Rights. Employee understands that nothing contained in this Agreement limits Employee’s ability to file a charge or complaint with the Equal Employment Opportunity Commission, the National Labor Relations Board, the Occupational Safety and Health Administration, the Securities and Exchange Commission or any other federal, state or local governmental agency or commission (“Government Agencies”). Employee further understands that this Agreement does not limit Employee’s ability to communicate with any Government Agencies or otherwise participate in any investigation or proceeding that may be conducted by any Government Agency, including providing documents or other information, without notice to the Company. This Agreement does not limit Employee’s right to receive an award for information provided to any Government Agencies.”
In addition to paying a penalty and modifying its employee agreements going forward, BlueLinx was also required to contact former employees who signed severance agreements and provide them with (i) an internet link to the cease-and-desist order, and (ii) a statement that BlueLinx does not prohibit former employees from either (1) providing information to, or communicating with, SEC staff without notice to the Company; or (2) accepting a whistleblower award from the SEC.
Less than a week after the BlueLinx order, the SEC issued a similar order against Health Net, Inc. (“Health Net”). Like BlueLinx, Health Net’s severance agreements prohibited departing employees from receiving whistleblower awards from the SEC. The SEC found that by including such prohibitions in its agreements, Health Net “directly targeted the SEC’s whistleblower program by removing the critically important financial incentives that are intended to encourage persons to communicate with the [SEC] staff about possible securities law violations.”
Like BlueLinx, Health Net settled with the SEC. It agreed to pay a civil penalty of $340,000 and to reach out to former employees who signed agreements that contained the violative language and provide them with (i) an internet link to the cease-and-desist order, and (ii) a statement that Health Net does not prohibit former employees from either providing information to, or communicating with, SEC staff without notice to the Company, or accepting a whistleblower award from the SEC.
In light of the SEC’s recent focus on its whistleblower programs and its desire to continue to protect whistleblower rights, companies should review all forms of agreements with employees containing any restrictions on either (i) the use or disclosure of confidential information or (ii) the recovery of financial incentives in connection with any administrative agency action.
 The SEC previously settled two other actions for violations of Rule 21F-17, see Press Release 2016-128, Merrill Lynch to Pay $415 Million for Misusing Customer Cash and Putting Customer Securities at Risk (June 23, 2016), available at https://www.sec.gov/news/pressrelease/2016-128.html; Press Release 2015-54, SEC: Companies Cannot Stifle Whistleblowers in Confidentiality Agreements (Apr. 1, 2015), available at https://www.sec.gov/news/pressrelease/2015-54.html.