The United States Government’s recent legislative activities have highlighted employee accountability as an essential factor of a successful compliance programme. In 2002, the Sarbanes-Oxley Act (SOX) was passed, which identified confidential employee reporting as an important method of learning about potential misconduct within a business.
In 2010, the United States Congress took another step to push employee reporting to the forefront by including a whistleblower provision in the Dodd-Frank Act. This provision created a federally-administered whistleblower programme to financially reward whistleblowers who make reports that lead to enforcement actions by the Securities and Exchange Commission (SEC).
The most important feature of the Dodd-Frank whistleblower programme is the anti-retaliation provision, which protects whistleblowers from retaliation from their company or co-workers and demonstrates the growing importance of non-retaliation as a necessary component of confidential reporting. Section 806 of the SOX also provides for whistleblower protection. In A Resource Guide to the US Foreign Corrupt Practices Act, the Department of Justice (DOJ) identified non-retaliation as one of the ten hallmarks of an effective compliance programme. Consequently, there has been a growing trend for best-practice compliance programmes to include non-retaliation as a key aspect and inform employees of this guarantee through various as provided for in the guidelines or applicable regulations.
However, two United States court cases involving the Dodd-Frank whistleblower provision show a possible disparity between federal efforts to stress non-retaliation and the actual delivery of this promise by companies to their employees. Some companies may be willing to discuss non-retaliation as a key feature of their compliance programmes but may not always be willing to guarantee protection to good-faith reporters.
In Asadi v GE Energy, the United States Court of Appeals for the Fifth Circuit held that the Dodd-Frank whistleblower protections only apply to those who report to the SEC and do not apply to reporters who only make disclosures internally. In another case, Liu v Siemens AG, the United States Court of Appeals for Second Circuit held that the anti-retaliation provision of the Dodd-Frank Act does not apply to reporters disclosing potential misconduct that occurred abroad.
If global corporations promote the importance of ethics and non-retaliation, yet argue against the right of employees to receive protection for internal disclosures (even if the protection would be through the SEC), how can employees sincerely buy into any organisational compliance programme? If corporations can instruct employees about compliance laws with global application like the Foreign Corrupt Practices Act (FCPA), promote compliance across the business and stress honest reporting on potential violations, yet cannot afford protection to good-faith reporters, what value does the compliance programme have?
Companies claiming to guarantee non-retaliation as a feature of their compliance programmes should be willing to provide protection to employees reporting in good-faith, whether non-retaliation is required by the law or not. In the cases of Asadi and Liu, it’s important to highlight the steadfastness held by the programme when claimed through their whistleblowing system.
Employees who make good-faith reports internally should be protected from retaliation
Employees should be able to make good-faith reports internally without fear of retribution. A 2010 survey by the Association of Certified Fraud Examiners noted that close to 40 percent of misconduct issues identified by companies were learned about through confidential reporting hotlines, while only 14 percent of issues were discovered through internal audits and 17 percent through reviews by management. Thus, confidential reporting is an extremely effective way for companies to learn about and remediate wrongdoing and providing protection from retaliation is paramount to keeping this avenue open.
Some may argue that companies should be able to handle reports of misconduct as they choose to, pointing to decisions like Asadi as evidence that while there is growing federal legislation promoting the importance of non-retaliation, companies are not legally bound to provide protection to good-faith reporters. In Asadi, the plaintiff, who served as GE Energy’s Iraq Country Executive in Jordan, reported potential FCPA violations to his supervisor. One year after making these internal reports, GE Energy fired him. As mentioned above, the Fifth Circuit held that the anti-retaliation provision of the Dodd-Frank Act does not apply to whistleblowers making reports internally.
Companies should not necessarily rely on the Asadi decision as a precedent, however. In Bussing v COR Clearing LLC, a Nebraska, United States district court held that the anti-retaliation provisions do apply to those who report internally by looking at the plain meaning of the word ‘whistleblower’: ‘a person who tells police, reporters, etc., about something (such as a crime) that has been kept secret’.
Whistleblowers reporting foreign misconduct should also be protected
It is well known that the FCPA, SOX and other compliance laws that the SEC enforcements apply in other jurisdictions. Every year companies enter into agreements with the SEC and DOJ for violations of these key compliance laws, usually stemming from corrupt acts committed in offices abroad and resulting in fines worth hundreds of millions of dollars. However, the Liu decision shows that employees working for global companies would not be protected from retaliation under the Dodd-Frank Act when making internal disclosures regarding conduct that occurred abroad, whether that conduct breaches the FCPA or other key compliance regulations.
While the decision as to whether the Dodd-Frank provisions apply extraterritorially is for the courts to decide, for companies that operate on a culture of transparency and the promise of non-retaliation it shouldn’t matter – a company should always protect its employees from retaliation, even if the reported acts occurred abroad.
The fact that some companies may instill a programme based on transparency, ethics and integrity but then argue that good-faith reporters should not receive protection (even if the protection would be levied by the SEC) demonstrates that compliance programmes need more than just robust controls – they need to be infused and run with sincerity to demonstrate consistent outcomes.
Things to think about
While companies must be familiar with relevant laws and important legal decisions, responsibility should always remain with organisations to operate by the values they preach. Accountability has often centred on employees, but companies must set an example for employees by demonstrating accountability in their dealings.