EMBARGOED! is going on hiatus for August and will be back in September with a new format. In the meantime, check out our back catalog and keep up to date with our trade alerts on millerchevalier.com.
Subscribe * Apple Podcasts * Spotify * Amazon Music * Google Podcasts * Stitcher
Questions? Contact us at podcasts@milchev.com.
EMBARGOED! is not intended and cannot be relied on as legal advice; the content only reflects the thoughts and opinions of its hosts.
***Stay sanctions free.***
Welcome to the only roundtable podcast in compliance as we celebrate our second century of shows. In 2021, Everything Compliance was honored by W3 as a top talk show in podcasting. In this episode, we have the quartet of Jonathan Marks, Jay Rosen, Tom Fox, and Matt Kelly. In this episode, we discuss some technical issues which have all been thinking about. We conclude with our fan-favorite Shout Outs and Rants.
1. Matt Kelly takes a deep dive into the CCO certification issue focusing on the term ‘reasonable.’ He rants about the LIV exhibit golf tour and the insane amount of money being spent by Saudi Arabia to rehabilitate its reputation through sports.
2. Jonathan Marks explores auditing business segments and what it means for auditors and investors. He shouts out SEC Chairman Gary Gensler on the 20th anniversary of the enactment of SOX.
3. Tom Fox looks at the bribery schemes used in the Biotronik FCA action and mines them for lessons learned for the anti-corruption compliance professional. He shouts out to Vin Scully, the former play-by-play announcer for the Los Angeles Dodgers.
4. Jay Rosen explores FCA USA LLC’s fraudulent emissions criminal action. He shouts out to Celtic great Bill Russell, who died this week.
The members of the Everything Compliance are:
• Jay Rosen– Jay is Vice President, Business Development Corporate Monitoring at Affiliated Monitors. Rosen can be reached at JRosen@affiliatedmonitors.com
• Karen Woody – One of the top academic experts on the SEC. Woody can be reached at kwoody@wlu.edu
• Matt Kelly – Founder and CEO of Radical Compliance. Kelly can be reached at mkelly@radicalcompliance.com
• Jonathan Armstrong –our UK colleague is an experienced data privacy/protection lawyer with Cordery in London. Armstrong can be reached at jonathan.armstrong@corderycompliance.com
• Jonathan Marks is Partner, Firm Practice Leader – Global Forensic, Compliance & Integrity Services at Baker Tilly. Marks can be reached at jonathan.marks@bakertilly.com
The host and producer, ranter (and sometime panelist) of Everything Compliance is Tom Fox, the Voice of Compliance. He can be reached at tfox@tfoxlaw.com. Everything Compliance is a part of the Compliance Podcast Network.
In today’s edition of Daily Compliance News:
We recently had some interesting news regarding whistleblowers and whistleblowing that I thought compliance professionals should be cognizant of going forward. These matters included a Securities and Exchange Commission (SEC) bounty award to two whistleblowers which detailed reasons for the award. Additionally, there have also been two enforcement actions brought by the SEC where companies had surreptitiously tried to prevent former employees from whistleblowing to the SEC through craft Non-Disclosure Agreement (NDA) language.
Whistleblower Bounty Awards
The SEC issued one Order announcing two anonymous whistleblower awards. As noted, the whistleblowers were anonymous as was the company whom they blew the whistle on. Claims Review Staff (“CRS”) had four claimants to evaluate for an award and settled on two of them, Claimants 1 & 2. Claimant 1 was awarded $13 million, and Claimant 2 was awarded $3.3 million. The Order listed six reasons why Claimant 1 was awarded the bulk of the whistleblower bounty. (1) Claimant 1’s tip was the initial source of the investigation; (2) Claimant 1’s tip exposed abuses in (Redacted), that would have been difficult to detect without Claimant 1’s information; (3) Claimant 1 provided the SEC staff with extensive and ongoing assistance during the course of the investigation, including identifying witnesses, including (Redacted) and helping staff understand complex fact patterns and issues related to the matters under investigation; (4) the Commission used information Claimant 1 provided to devise an (Redacted) and finally, Claimant 1, “persistently alerted the Commission to the ongoing abusive practices for a number of years before the investigation was opened.”
Claimant 2 received their award based upon the following factors: (1) Claimant 2 was a valuable first-hand witness who also provided helpful information relevant to the practices, although several years after the SEC had received Claimant 1’s information; (2) Claimant 2 provided information and documents, participated in staff interviews, and provided clear explanations to the staff regarding the issues that Claimant 2 brought to the staff’s attention; (3) Claimant 2’s information gave the staff a more complete picture of how events from an earlier period impacted the Firm’s practices and provided information which the SEC staff was able to use in settlement discussions with the Firm’s counsel. However, and most significantly, and in contrast to Claimant 1, “Claimant 2 delayed reporting to the Commission for several years after becoming aware of the wrongdoing. Accordingly, we find that Claimant 2 unreasonably delayed reporting to the Commission and that Claimant 2’s award should be set at Redacted in light of all the facts and circumstances.”
Attempts to Impede SEC Reporting
Since at least the KBR, Inc.’s pretaliation enforcement action, the SEC has made clear that companies cannot impede, contractually through an NDA, the ability of a reporter to whistleblow to the SEC. A Law360 article, by Steven J. Pearlman, Pinchos Goldberg and Alexandra Oxyer, lawyers from Proskauer Rose LLP, detailed two recent SEC enforcement actions where companies were found to have wrongfully attempted to circumvent Rule 21F-17 under the Securities Exchange Act of 1934, which “prevents companies from, among other things, using confidentiality agreements to impede whistleblowing to the SEC.”
In the first matter, styled In the Matter of David Hansen, the SEC found that Hansen, an executive of NS8, Inc., had an employee who “raised concerns internally that NS8 was overstating its number of paying customers, including that the information used to formulate external communications to potential and existing investors allegedly was false. The employee also raised the concerns directly to the executive and later submitted a tip to the SEC. After making a report to the SEC, the employee told the executive that unless the company addressed the allegedly inflated customer data, he would reveal his allegations to the company’s customers, investors and any other interested parties.”
Hansen and the company Chief Executive Officer (CEO), “allegedly took steps to remove the employee’s access to the company’s information technology systems. The executive also allegedly used the company’s administrative account to access the employee’s company computer and obtain his passwords to his email and social media accounts. The company then discharged the employee. The SEC concluded that in restricting the employee’s access to the company’s IT systems and in monitoring his online activities, the executive substantially interfered with the employee’s ability to communicate with the SEC about his concerns in violation of Rule 21F-17.”
The second matter, In the Matter of The Brink’s Company, the SEC found that from at least April 2015 through April 2019, Brinks used an NDA that prohibited employees from disclosing confidential company information to any third party without the prior written approval of Brinks. This NDA threatened current and former employees with liquidated damages and legal fees if they failed to notify the company prior to disclosing any financial or business information to third parties. Most significantly, the NDA did not provide an exemption for potential SEC whistleblowers. Perhaps most damning for Brinks was that after the KBR enforcement action, Brinks modified its NDA by adding a $75,000 liquidated damages provision for violations of the agreement. While the reason(s) is not clear from the SEC Order, Brinks was assessed a $400,000 penalty for its blatant attempts to keep employees from reporting to the SEC.
While the Brinks matter seems straight-forward, the Order did note that Brinks was made aware of the KBR Order, so the company was on actual knowledge of what the legal requirements were and still disobeyed them. However, the Hansen matter does seem a bit less clear. The Proskauer lawyers noted, the Order “could be read to reflect an exceedingly broad view of the protections afforded to SEC whistleblowers under Rule 21F-17 — protecting employees who have threatened to broadcast company information to third parties other than the SEC, such as customers or investors, or even the media. This could jeopardize the privacy of sensitive data and other confidential information and trade secrets, which could present a range of significant risks to companies.” They also noted a vigorous dissent from Commissioner Heather Pierce.
The whistleblower awards remind all compliance professionals the power of internal reporting and the cost when internal reporters are not listened to and take their concerns the SEC. The enforcement actions involving Hansen and Brinks demonstrate the SEC takes concerns of company actions to, in any way, stop employees from bringing information to the SEC very seriously and will vigorously enforce the protections afforded to whistleblowers.
