The Securities and Exchange Commission (SEC) has been cracking down on companies that engage in pre-taliation, imposing increasing fines. This was evident in the recent case of JP Morgan, which faced an $18 million sanction for including a pre-taliation clause in their contracts. This enforcement action highlighted companies’ importance in addressing pre-taliation risk by implementing contract language that protects individuals’ rights to report misconduct. Matt Kelly and I recently had the chance to take a deep dive into the decision in a recent episode of Compliance into the Weeds.
Corey Schuster, co-chief of the Asset Management Unit in the SEC Division of Enforcement, said in an SEC Press Release, “Whether retail or otherwise, must be free to report complaints to the SEC without interference. Those drafting or using confidentiality agreements must ensure that they do not include provisions impeding potential whistleblowers.” Gurbir Grewal, Director of the SEC Enforcement Division, added, “Whether in your employment contracts, settlement agreements or elsewhere, you simply cannot include provisions that prevent individuals from contacting the SEC with evidence of wrongdoing.” Matt noted in his blog post on the case, “SEC enforcement against pre-taliation is not exactly news, since the agency has been filing such cases since 2016 — but until now, those enforcement actions have always been about companies using pre-taliation clauses in contracts with employees. Now we have our first case over pre-taliation against customers — and it came with the biggest pre-taliation fine we’ve ever seen.”
Pre-taliation occurs when a company restricts individuals from speaking out about corporate misconduct to regulators. While previous pre-taliation cases primarily focused on restrictions placed on employees, the JP Morgan securities case marked a significant shift. For the first time, the SEC sanctioned a company for imposing a pre-taliation clause on customers. This expands the range of individuals who may fall victim to pre-taliation and underscores the need for companies to be vigilant in their compliance efforts.
Companies must understand that pre-taliation clauses are problematic, regardless of whether they are included in employment contracts, settlement agreements, or elsewhere. The SEC has clarified that provisions preventing individuals from contacting the SEC with evidence of wrongdoing are unacceptable. Compliance officers must conduct regulatory assessments to understand applicable laws and review contracts for problematic language.
The fines imposed by the SEC for pre-taliation cases have been increasing over time. In the case of JP Morgan securities, the $18 million sanction was the largest fine ever seen for a simple fix. The remediation action required in these cases is relatively straightforward: companies must delete the problematic language from their agreements and inform anyone who signed the old language that they are free to report misconduct to the SEC or any other regulator. While the mechanics of executing this remediation may be challenging for large organizations with contracts stored in different data warehouses, the basic idea remains the same.
It is worth noting that in most pre-taliation cases, companies rarely enforce the pre-taliation clauses. They often become an afterthought, and it is only years later that companies realize their mistake and attempt to rectify it. The SEC’s message is clear: companies must proactively identify and correct problematic language in their contracts to avoid facing significant fines.
The CBRE pre-taliation enforcement action serves as an example of effective remediation practices. CBRE swiftly identified and corrected problematic clauses, updated its code of conduct, and provided training on SEC rules to its compliance team. This proactive approach helped them avoid more severe penalties and garnered praise from the SEC. Here, Kelly noted,
- Within one month of learning about the SEC investigation, revising all its U.S. severance agreement templates to assure compliance was followed by an audit of similar agreements worldwide, reviewing some 300 templates used by CBRE affiliates in 54 countries.
- We are updating the CBRE Code of Conduct to add new language against pre-taliation.
- Training more than 50 members of the compliance team globally on the Rule 21F-17 language added to all relevant templates;
- They were undertaking a mandatory re-certification process, where more than 100,000 employees worldwide certified that they had reviewed the updated Code of Conduct and attested to their understanding that they were always free to bring concerns to regulators without any advanced notice to CBRE.
Compliance officers face the challenge of balancing various factors when addressing pre-taliation risk. They must consider the impact of state laws, federal whistleblower protection laws, and securities laws that may apply to their company. Conducting a regulatory assessment and thoroughly reviewing contracts can help identify potential areas of concern.
In conclusion, the SEC’s increasing fines for company pre-taliation highlight the importance of compliance and the need for companies to address pre-taliation risk. Companies must eliminate pre-taliation clauses from their contracts and ensure individuals can report misconduct to regulators. Companies can mitigate the risk of facing significant fines and reputational damage by taking proactive measures and conducting thorough assessments.
