Wednesday, 19 November 2014
The SEC’s whistleblower program was enacted as part of the Dodd-Frank Wall Street Reform act to award ‘high-quality, original information that results in an SEC enforcement action with sanctions exceeding $1 million.’ The program continues to gain momentum and break new ground with a recent award of $300,000 to an employee in the audit and compliance division of a company who complained to the SEC after the company failed to act on unspecified allegations provided to the company. 
Whilst not the first award of its kind, nor by any means the largest by quantum, it was the first award to an employee in the internal audit division of a company. 
Compliance officers are often in the best position to observe and report on insider trading and other securities violations. As Sean McKessy, Chief of the SEC’s Office of the Whistleblower, explained: 
Individuals who perform internal audit, compliance, and legal functions for companies are on the front lines in the battle against fraud and corruption. They often are privy to the very kinds of specific, timely, and credible information that can prevent imminent fraud or stop an ongoing one.
Mr McKessy also summarised the eligibility requirements for an award to a compliance officer: 
These individuals may be eligible for an SEC whistleblower award if their companies fail to take appropriate, timely action on information they first reported internally. 
Specifically, compliance personnel are ineligible to participate in the whistleblower program unless they report the apparent violation internally, then wait 120 days before approaching the commission1, which is exactly what the whistleblower did in this case. Unfortunately no details have been published about the nature of the allegations raised.
One of the hallmarks of a robust and effective whistleblower regime is that it protects the whistleblower. This means that published award claim judgements often appear cryptic and opaque. This is because most of the salient information is redacted to ‘protect the confidentiality of whistleblowers and the [SEC] cannot disclose any information that might directly or indirectly reveal a whistleblower’s identity.’ 
But in an interesting twist to this story, the SEC mistakenly included a case reference number in its initial press release (later redacted), which linked the $300,000 award to an insider trading investigation involving clean-air technology company CECO Environmental. The whistleblower’s identity was not directly revealed.
We would hope that such a mistake is a one off and won’t act as a deterrent to employees from coming forward, worried that their identity may be exposed. Such risks may be more present for employees in the smaller internal audit team of, say, an environmental company, when compared to that of an external audit division of an accounting firm.
On the whole, however, this case and the precedent it sets may very well result in many more employees, in similar compliance positions, coming forward in the future. This is especially the case as the SEC has demonstrated that it will apply the 120-day exception to the rule that compliance officers are ineligible to participate in the whistleblower program. In turn, this will have implications for companies, who will now be much more compelled to take action on internal compliance reporting within 120 days or risk facing an SEC investigation. 
By comparison, Australia’s formal whistleblower programs do not possess an awards regime. An awards mechanism is an additional incentive, perhaps even a form of whistleblower protection - of a financial kind - for potentially sacrificing oneself in the pursuit of altering the troubling status quo at an organisation. 
If you want to know more, our recent Forensic Matters publication Blowing the whistle: Protection for whistleblowers in Australia discusses the protections offered to whistleblowers in Australia, and the importance of an effective whistleblower program.

1. See section 21F of the Securities Exchange Act of 1934.
1. See here for the redacted SEC media release -
2. See here for the award claim judgement -
3. FCPA blog post -