By Mauro Viskovic, Esq.
Although it has been nearly eleven years since The Dodd-Frank Wall Street Reform and Consumer Protection Act (“Dodd-Frank”) was enacted, many companies continue to violate Dodd-Frank by failing to incorporate the necessary whistle-blower protections in their employee confidentiality agreements.
Pursuant to Dodd-Frank, the Securities Exchange Commission (“SEC”) promulgated Rule 21F-17 to ensure companies could not interfere with an individual’s efforts to raise concerns and communicate directly with the SEC. SEC Rule 21F–17(a) prohibits companies from impeding their employees (or any other person, including independent consultants) from communicating directly with the SEC about a possible securities law violation, including enforcing, or threatening to enforce, a confidentiality agreement.
Importantly, while Rule 21F-17 is an SEC rule, it applies to any employer, not just public companies. Therefore, private companies must also ensure that their agreements comply with these requirements.
In a recently settled SEC enforcement action, the defendant-employer asked employees to sign an acknowledgement, upon hire and on an annual basis, that they had received, read, and would adhere to the defendant’s employee manual. The employee manual contained a “Communications with Regulators” section that stated, in relevant part:
“Employees are also strictly prohibited from initiating contact with any Regulator without prior approval from the Legal or Compliance Department. This prohibition applies to any subject matter that might be discussed with a Regulator, including an individual’s registration status with FINRA. Any employee that violates this policy may be subject to disciplinary action by the Firm.”
Among other things, the defendant’s annual compliance training materials contained a slide with a section titled “Communication with Regulators” and a sub-bullet point that stated:
“Employees are prohibited from initiating contact with any regulator without prior approval from Legal or Compliance, including conversation[s] regarding an individual’s registration status with FINRA.”
The SEC stated it was not aware of any specific instances in which an employee was prevented from communicating with Commission staff about potential securities laws violations or that the defendant took action to enforce the employee manual’s restriction or otherwise prevent such communications. Nevertheless, the SEC found the defendant willfully violated Rule 21F-17 and assessed the defendant a civil monetary penalty of $208,912.00.
Companies can implement a few simple best practices to avoid sanctions and ensure compliance with Rule 21F–17. Primarily, companies should explicitly state in policies and agreements that employees are not precluded from reporting potential violations of law to governmental regulators or providing information regarding such violations, while also making clear that employees need not seek permission to communicate with the SEC before doing so. Nor should companies attempt to set limits on the types of information that can be shared with the SEC. Finally, companies should not limit an employee’s right to receive monetary awards from government agencies as a result of making disclosures, such as those available under Dodd-Frank’s award program.
A sample provision that aims to address compliance with Rule 21F-17 might read as follows:
“Nothing in this Agreement shall be construed as prohibiting you from disclosing Confidential Information when required to do so by law, by legal process, by a court of competent jurisdiction, by any governmental agency having supervisory authority over the business of the Company or by any administrative body or legislative body with jurisdiction to order you to divulge, disclose or make accessible such information. Additionally, nothing in this Agreement shall be construed as prohibiting you from reporting possible violations of federal law or regulation to any governmental agency or entity, or making other disclosures that are protected under the whistleblower protections of federal law or regulation. You do not need the prior authorization of the Company to make any such reports or disclosures and you are not required to notify the Company that you have made such reports or disclosures.”
To help avoid costly and burdensome regulatory inquiries, companies should review their compliance manuals, codes of ethics, employment agreements, severance agreements, and other documents to ensure that they do not contain language that could be viewed as inconsistent with Rule 21F–17.
Weiss Zarett represents start-up and small business with a broad range of their legal issues, including the drafting of employment documents. If you wish to have your employment documents reviewed for compliance with applicable laws, please email Mauro Viskovic, Esq. at email@example.com or call us at (516) 627-7000.
About the Author:
Mauro Viskovic is a Partner in the Firm’s corporate and transactions practice group, where he focuses on providing high quality and cost-effective solutions to clients’ legal matters. He represents entrepreneurs through all stages of their ventures’ development, including advice on structure, initial company formation and organization, employment matters, private financings, commercial transactions, mergers and acquisitions and liquidity events. In addition, Mauro represents investors in all aspects of corporate finance transactions and also focuses his practice on the representation of private investment fund advisers and portfolio managers.
Weiss Zarett Brofman Sonnenklar & Levy, P.C. is a Long Island law firm providing a wide array of legal services to the members of the health care and financial services industries, including corporate and transactional matters, employment, civil and administrative litigation, regulatory issues, bankruptcy and creditors’ rights, and commercial real estate transactions.
ATTORNEY ADVERTISING: PRIOR RESULTS DO NOT GUARANTEE FUTURE OUTCOMES.