(COPY) (COPY) (COPY)

On November 15, 2021, the U.S. Securities and Exchange Commission (SEC) released its annual whistleblower report. The whistleblower program, created in 2010 through the Dodd-Frank Wall Street Reform and Consumer Protection Act, provides monetary awards to individuals who report possible violations of the federal securities laws to the SEC.

Under the program, eligible whistleblowers whose original tips lead to successful enforcement actions can receive as much as 30% of any monetary sanctions collected by the SEC. And in this respect, fiscal year 2021 was a banner year. The SEC report shows that 108 individuals were collectively awarded more than $563 million from 86 enforcement actions. This sum is greater than the total number of whistleblowers who received awards, and the total amount awarded to them, in all prior years since the program’s inception combined. Included in this total is an award of $114 million given to a single tipster – the largest in program history.

Not only did the SEC pay more to successful tipsters in fiscal year 2021 than prior years, but a greater percentage of successful insider tipsters – e.g. current or former employees or contractors – did not report internally before bringing concerns to the SEC. This is notable because although prospective insider whistleblowers are not required by law to make a prior internal report, doing so may lead to a higher reward. And in recent years over 80% of successful insider tipsters addressed suspected violations internally before reporting to the SEC. However, that percentage dropped to 75% in fiscal year 2021 – out of approximately 65 internal whistleblowers, roughly 16 went to the SEC without internally reporting concerns in any way. These whistleblowers did not go through any formal reporting mechanisms; they did not raise concerns with supervisors or compliance personnel; in fact, they did not know if their supervisors or compliance personnel were aware of the violations before they went to the SEC.

This lapse in internal reporting suggests a potentially troubling disconnect between employees and internal compliance programs in the wake of the sudden expansion of remote work caused by the COVID-19 pandemic, for which few companies were prepared. Decreased face-to-face interaction has increased the onus on employees to independently figure out when and how to report potential problems. With less of an ability to raise concerns through in-person conversations with supervisors or by dropping into human resources, employees may be confused about how to raise issues, or less comfortable doing so in a remote setting. As a further barrier, less frequent interaction with supervisors and local compliance personnel may make employees less open to sharing concerns with the appropriate people.

Companies should note that fiscal year 2021 was a record-breaking year in one more way: Overall incoming tips to the SEC reached all-time highs. In fiscal year 2021, the SEC received over 12,200 tips, which is nearly double the number of tips from fiscal year 2020. (The SEC received 6,911 tips in 2020, now the second-highest tip year.) Given this steep upward trajectory, as well as the likely persistence of some measure of remote work for the foreseeable future, companies should expect these trends to continue in 2022.

The Cleary Gottlieb Crisis Management Handbook, Chapters VI and XI provide guidance for developing strong internal reporting procedures. An essential frontline for successful compliance programs is mid-level management. The Handbook recommends that managers be active in facilitating internal reporting, encouraging employees to report anything that may raise a legal or ethical concern, and maintaining multiple avenues for internal reporting.

Companies should consider providing additional training to management to familiarize them with compliance procedures and equip them with best practices. Managers should be held responsible for creating open lines of communication with their direct reports and reporting any issues brought to their attention through appropriate channels.

Importantly, with the growing ubiquity of remote work, companies should closely review their internal reporting programs to ensure that they are transparent and adapted for off-site employees, for example, by having a well-publicized and easily accessible anonymous tipline. Companies should incorporate internal reporting procedures into onboarding and training programs to ensure that employees are aware of available reporting channels. As employees are on-site less frequently, managers or compliance personnel should proactively and regularly reach out to remote personnel to encourage them to report concerns, establish rapport and comfort in doing so, and ensure they know where and how to do so.

Internal reporting is a company’s first line of defense to a potential global crisis. Through publicizing and promoting appropriate internal reporting procedures, companies have the opportunity to investigate and correct issues before they become headlines. When appropriate, early awareness also enables companies to self-report issues to regulatory bodies. This opportunity has a limited time horizon that generally disappears once authorities learn of violations from other sources, such as internal whistleblowers.

Advanced awareness also preserves a company’s ability to cooperate early in any governmental investigations, with the assistance of counsel. Early cooperation can provide substantial benefits, such as lower penalties or fines, or even the declination of prosecution or enforcement action altogether. Strong internal reporting mechanisms are essential for enabling companies to take advantage of these opportunities and head off crisis.

 

www.clearygottlieb.com