Whistleblower protection in the digital age


Whistleblower protection in the digital age Ethical BoardroomBy Stephen M. Kohn – Partner at Kohn, Kohn and Colapinto, Chairman at whistleblowers.org



Whistleblower protection has radically changed in the US over the past 15 years. Top corporate officials, including all directors, officers and compliance managers, can (and have) blown the whistle directly to government regulators.

They can do so confidentially or anonymously on potential violations related to corporate fraud, money laundering or violations of the Foreign Corrupt Practices Act. Nondisclosure agreements cannot prevent this whistleblowing. Even information classified as a ‘trade secret’ can be reported to law enforcement investigators. Not only are these types of disclosures protected, those who provide ‘original information’ in accordance with the rules of the Internal Revenue Service (IRS), Securities and Exchange Commission (SEC) or Department of Justice (DOJ) can qualify for multimillion-dollar rewards. Under the new whistleblower laws, compensation can be paid without any public notice and neither the public nor the whistleblower’s employers have a right to learn their identity.

This is all radically different from the whistleblowing depicted in popular culture. It has nothing to do with employee grievances or the stealing of national security secrets. Done correctly, an employer never learns the identity of the whistleblowers and, thus, traditional employment retaliation cases become relics of a time when whistleblowers lacked safe, confidential and effective reporting mechanisms.

These changes need to be embraced, not opposed. The issue is no longer the whistleblower, but whether a company will tolerate criminal activity in order to profit. Turning a blind eye to corruption can have disastrous consequences. Unquestionably, the new whistleblower laws have been very effective in enabling the government to detect otherwise well-hidden frauds. As employees learn of the opportunity to blow the whistle safely and effectively, the impact of these laws will expand. The effectiveness of these laws is already a matter of public record.[1] As understood by the former chairman of the SEC, they are our best hope in ending widespread corporate fraud, incentivising companies to have effective and independent compliance programmes and ensuring that honest companies that do not cheat the market can compete with those who want to break the law for profit.[2]

Trying to silence whistleblowers is the biggest mistake any corporate executive can make. It can constitute a criminal obstruction justice.[3] Retaliation will drive honest employees away from internal corporate compliance programmes and into confidential government programmes, where the whistleblowers can be effective informants to the DOJ, IRS or SEC.

As an attorney who has worked on corporate fraud cases years before the enactment of the Sarbanes-Oxley Act (SOX), the progress of these whistleblower protections was logical and absolutely necessary. Here is how we got where we are.

Prior to the collapse of ENRON and WorldCom, employees on Wall Street had no effective whistleblower protections. There was no federal law covering employees who reported securities frauds and the handful of cases filed under state law were forced to arbitrate their employment disputes in pro-employer forums.

The fact that there were highly credible whistleblowers at both WorldCom and ENRON – two of whom were named by Time Magazine as #Persons of the Year in 2002 – triggered a change in public attitudes toward whistleblowers. Senators Patrick Leahy  (D-Vermont) and Chuck Grassley (R-Iowa) obtained unanimous bi-partisan support for the first securities fraud whistleblower law, approved as an amendment to SOX. Additionally, the then chair of the House Judiciary Committee, Rep. Jim Sensenbrenner (R-Wisconsin), successfully included another amendment to the law. It made economic,  job-related retaliation against ‘any person’ who reported, in good faith, possible crimes to any federal law enforcement official, a felony, subjecting the retaliator to up to 10 years in prison. This also passed.

Under SOX, employee whistleblowers were promised job protection. Their reports to internal compliance programmes were also fully protected.

A strong message was sent, but corporate behaviour did not change. Companies were very effective in undermining these reforms. Instead of embracing the reforms mandated by Congress, in case after case corporations used every legal trick to defeat the whistleblowers. They tried to exempt subsidiaries or mutual fund companies from coverage, they successfully narrowed the scope of protected disclosures, they forced employees to arbitrate their cases in pro-employer forums and they were highly successful in defeating the vast majority of whistleblower claims. Thousands of employees who relied upon SOX lost their jobs.

In regard to compliance programmes, companies also tried to work around the new procedures that protected internal whistleblowers. The most common tactic was to have compliance programmes report ultimately to the company’s General Counsel. Under Supreme Court precedent, corporations worked to ensure that whistleblower disclosures to attorney-supervised compliance programmes were covered under a corporate attorney-client privilege, giving the company an option to keep the whistleblower information secret and open confidential investigations on those who made the reports.[4]

All in all, the first go-around with SOX was a failure. The overwhelming majority of employees who filed claims lost. But, in hindsight, the failure of corporate executives to embrace and enhance the SOX reforms was a massive mistake.

Reform failures

Between 2002 to 2008, whatever trust may have been forged between corporate management and employee whistleblowers, as had been envisioned by Congress as part of the SOX reforms, was lost. The 2008 financial crisis laid bare these failures, both in terms of the protections afforded under law and the abysmal failure of Wall Street to change its anti-whistleblower culture. Thus, it is not surprising that when Congress again looked at Wall Street reforms in 2009 and 2010, the failure of the whistleblower programmes was one of the major topics revisited.

As part of discussions leading to the Dodd-Frank Act reforms, this author discussed the whistleblower laws with representatives from the Senate Banking Committee.[5] The views of these congressional staff members were clear – if an employee is ever known to be a whistleblower, their career on Wall Street is over. The committee staff, had clearly reviewed the history behind SOX and most likely interviewed numerous employees, were emphatic as to their opinion as to how whistleblowers were treated by corporate executives.

The heart of the Dodd-Frank Act’s Wall Street reforms directly confronted the reality that employees who worked in financial services faced and the failures of SOX. The reforms were numerous:

  • SOX itself was reformed. Jury trials were guaranteed, mandatory arbitration was prohibited and subsidiaries were directly covered
  • Anonymous whistleblowing was permitted under the Securities and Commodity Exchange Acts
  • Qui tam rewards were made available to whistleblowers whose information resulted in an enforcement action in which the SEC or CFTC obtained sanctions of more than $1million
  • The definition of a whistleblower was changed from an ‘employee’ to ‘any individual with original information’

After Dodd-Frank was enacted, a rulemaking battle erupted within the SEC. Corporations wanted to limit the rights of their executives or compliance officials to blow the whistle. Rules were proposed that would have blocked the ability of directors, officers, trustees, partners, audit committee members or chief compliance officers to benefit from the new reforms. Instead of embracing change, or creating a culture that would encourage whistleblowing, every major corporation and trade association that weighed in on the new Dodd-Frank rule making proceedings wanted to limit the scope of the law and block all executives from qualifying as whistleblowers entitled to a reward.

Not surprisingly, those efforts failed. The statutory definition of a whistleblower as meaning ‘any individual’ could not be squared with the efforts to strip entire classes of ‘individuals’ from coverage. At the end of the day, under intense pressure from Wall Street, the SEC reached a compromise on executive whistleblowing. Officers, partners and directors of corporations and other employees who had a fiduciary duty to prevent fraud were given a qualified right to blow the whistle to the government and obtain a monetary reward.[6]

The rules governing executive whistleblowing are simple. If a company engaged in retaliation or if a fraud is very large, executives can immediately report those violations confidentially or anonymously to the SEC and qualify for a reward. Moreover, if a company is informed of a fraud, but fails to self-report that fraud to the SEC within 120 days, any executive and/or individual employed in a compliance capacity can report those issues to the government, anonymously and confidentially and obtain a monetary reward.

Under the IRS programme, there is no waiting period whatsoever and executives can immediately report tax frauds and money laundering violations to the IRS.

The ability to report violations anonymously and confidentially has made it possible for high-ranking executives to safely blow the whistle to the SEC, IRS and the Commodity Futures Trading Commission (CFTC). Moreover, although the IRS does not permit anonymous whistleblowing, its rules providing near iron-clad confidentiality protections are, in many ways, even stronger then the SEC and CFTC requirements.

Executives are taking advantage of these new options. And they should. There is no reason for any employee, including an executive vice president, a CFO, a chief compliance officer, or a member of the board of directors of a publicly traded company, to ignore the new whistleblower rules. If a company is profiting from illegal activities, such as fraud, money laundering or foreign bribery, there is a realistic and effective avenue to report these crimes and qualify for monetary rewards.

In FY 2018, the IRS reported that whistleblowers triggered the collection of more than $1.4billion in criminal fines, civil forfeitures and reporting violations[7] and 217 whistleblowers received a total of $312,207,590 in rewards. Other programmes were similarly successful. Under the securities commodities and government fraud/qui tam reward programmes, billions upon billions of dollars in frauds were recovered and whistleblowers obtained $301,728,654 under the False Claims Act programme, $160million under the SEC programme and another $75million under the CFTC programme.[8] All in all, in FY 2018 whistleblowers who reported original information that resulted in actual collection of sanctions from fraudsters obtained more than $856million in awards.

Disappointing response

In the face of this unprecedented success in whistleblowing, what was the response of major corporations and the Chamber of Commerce? As incredible as it may seem, the Chamber of Commerce, claiming to represent ‘three million companies and professional organisations’ argued before the Supreme Court that employees who reported frauds internally to their companies were not protected as whistleblowers under the Dodd-Frank Act. The Chamber pointed favourably to cases in which employees who reported to the Audit Committee, the General Counsel and the Chief Compliance Officers and were fired.[9]

This is worth repeating. The Chamber of Commerce and its corporate allies, argued successfully to the Supreme Court that employees who wanted to be protected as whistleblowers under the Dodd-Frank Act, were required to bypass internal reporting structures and report their concerns directly to the SEC in order to be protected from retaliation under the Dodd-Frank Act.

“The rules governing executive whistleblowing are simple. If a company engaged in retaliation or if a fraud is very large, executives can immediately report those violations confidentially or anonymously to the SEC and qualify”

These arguments should have been condemned by every responsible corporation in the United States. Corporations should have defended their internal reporting structures and compliance programmes and demanded that the Supreme Court protect employees who reported internally. But not one corporation made this argument. Although this silence was deafening, it was most revealing as to the state of corporate culture and the acceptance of whistleblowing.

On 21 February 2018, the Supreme Court sided with the Chamber of Commerce and unanimously held that in order to be a protected whistleblower under the Dodd-Frank Act, an employee was required to report their concerns directly to the SEC. The whistleblower in that case, who reported his concerns to the company’s directors, lost. The Supreme Court upheld his termination and the de facto destruction of his career and livelihood.

The Supreme Court, siding with the Chamber of Commerce, held: The ‘definition’ of a whistleblower under the Dodd-Frank Act was ‘unequivocal.’ To be a whistleblower an individual must report ‘a violation of the securities laws to the Commission.’ (emphasis by the Supreme Court).

This case, known as Digital Reality v. Somers, should be viewed as among the most important whistleblower cases ever decided by the Supreme Court. It laid bare the animus that runs deep in corporate culture against whistleblowers. It demonstrated the wisdom and practical necessity of the confidentiality requirements given to whistleblowers who expose violations under the Securities or Commodity Exchange Acts, the Foreign Corrupt Practices Act and the Internal Revenue Act. It demonstrated that the fear of retaliation was well-founded and that whistleblowers needed to listen carefully to the unanimous verdict of the Supreme Court (as fully supported by the Chamber of Commerce): ‘The ‘core objective’ of Dodd-Frank’s robust whistleblower programme  is ‘to motivate people who know of securities law violations to tell the SEC.’’

Executives who witness fraud should take advantage of the governing whistleblower rules to safely report their concerns in the manner demanded by the Supreme Court in Digital. This is the outcome that the Chamber of Commerce so viciously argued for and, for better or worse, it turned out to be correct. If you want protection as a whistleblower, the best route is to anonymously and confidentially report your concerns, in the manner set forth under the controlling laws, to the appropriate government agency and work with that agency to ensure that every corporation plays by the same rules and that criminal practices, such as money laundering, bribery and securities and tax frauds, are driven from the market. Reporting crimes to the police is not radical. It is the cornerstone of good citizenship.


About the Author:

Stephen M. Kohn is a partner in the law firm of Kohn, Kohn and Colapinto and serves as the Chairman of the Board of Directors of the https://www.whistleblowers.org. He has represented whistleblowers since 1984 and won the largest individual whistleblower reward ever obtained ($104 million to a Swiss Bank whistleblower). He is the author of numerous books on whistleblower law, including The New Whistleblower’s Handbook: A Step-by-Step Guide to Doing What’s Right and Protecting Yourself (Lyons Press, 2017).