The proposed SEC whistleblower rules excluded certain company personnel from making whistleblower claims. For instance, a person with legal, compliance, audit, supervisory, or governance responsibilities for an entity could not be a whistleblower if the information was communicated to that person with the reasonable expectation that he or she would take appropriate steps to cause the entity to respond to the violation. In addition, a person could not be a whistleblower if the information that was obtained from or through an entity’s legal, compliance, audit, or similar functions or processes for identifying, reporting, and addressing potential non-compliance with applicable law. Each rule was subject to an exception that made the exclusion inapplicable if the entity did not disclose the information to the SEC in a reasonable time, or proceeded in bad faith.
The rationale for these proposed exclusions was not implementing the Dodd-Frank Act in a way that created incentives for responsible persons who are informed of wrongdoing, or others who obtain information through an entity’s legal, audit, compliance, and similar functions, to circumvent or undermine the proper operation of the entity’s internal processes for responding to violations of law. The SEC was concerned about creating incentives for company personnel to seek a personal financial benefit by “front running” internal investigations and similar processes that are important components of effective company compliance programs.
Like most areas of the proposed rules, the SEC received extensive comments on this portion of the proposal. While the policy driving the exclusions remains in place, the rules have been revised to be more specific. The following are now excluded from being whistleblowers if the information was obtained because the potential whistleblower was:
- An officer, director, trustee, or partner of an entity and another person informed the potential whistleblower of allegations of misconduct, or the person learned the information in connection with the entity’s processes for identifying, reporting, and addressing possible violations of law;
- An employee whose principal duties involve compliance or internal audit responsibilities, or the potential whistleblower was employed by or otherwise associated with a firm retained to perform compliance or internal audit functions for an entity;
- Employed by or otherwise associated with a firm retained to conduct an inquiry or investigation into possible violations of law; or
- An employee of, or other person associated with, a public accounting firm, if the potential whistleblower obtained the information through the performance of most engagements required of an independent public accountant under the federal securities laws and that information related to a violation by the engagement client or the client’s directors, officers or other employees.
Like every rule, there are exceptions. The foregoing exclusions do not apply if:
- The potential whistleblower has a reasonable basis to believe that disclosure of the information to the SEC is necessary to prevent the relevant entity from engaging in conduct that is likely to cause substantial injury to the financial interest or property of the entity or investors;
- The potential whistleblower has a reasonable basis to believe that the relevant entity is engaging in conduct that will impede an investigation of the misconduct; or
- At least 120 days have elapsed since the potential whistleblower provided the information to the relevant entity’s audit committee, chief legal officer, chief compliance officer (or their equivalents), or his or her supervisor, or since the potential whistleblower received the information, if the potential whistleblower received it under circumstances indicating that the entity’s audit committee, chief legal officer, chief compliance officer, or his or supervisor was already aware of the information.
Check dodd-frank.com frequently for updates on the Dodd-Frank Act and other important securities law matters.