Contributing Lawyers


Cyndee Todgham Cherniak

United States

Susan Kohn Ross


Andrew Hudson

Whistleblower Incentives – Potential Problem for Traders?

When the Dodd-Frank Wall Street Reform and Consumer Protection Act. Pub.L. 111-203, was signed into law in July 2010, it contained provisions which were designed to encourage whistle blowing, the thinking being that if you provide a large enough reward, people will talk. The hew and cry in corporate America was that by not including the requirement the whistleblower first take his or her concerns to the company, what the government had done is undermine all the corporate governance programs and efforts which have been put in place since Sarbanes-Oxley. What should also have been mentioned were the Foreign Corrupt Practices Act compliance programs which are current favorites due to Justice Dept. priorities, but for international traders, that also potentially meant undermining the cargo security and other corporate governance programs which had been put in place post-9/11. 

Many have suggested the Securities and Exchange Commission (SEC) would overcome this criticism by enacting regulations which recommend reporting to the company occur first. Many thought the SEC would do something as simple as say for your complaint to have more credibility with us, you will need to show you reported it first to the company and your employer failed to take timely action. Not surprisingly, the fact that disgruntled former or current employees could now take “original” information to the SEC and seek their reward had many shivering in their boots.

True, the context for Dodd-Frank is publicly traded companies, thereby resulting in SEC enforcement, but the fact is that Customs and Border Protection has long had provisions in place to pay rewards to informants, regardless of whether the company was publicly traded or privately held. There are similar provisions in place with most federal law enforcement agencies. Truthfully, there is little change in the way federal agencies approach enforcement whether the company is publicly traded or privately held, so for those who work at privately held companies, you cannot afford to ignore the standards being set for publicly traded companies.

Even if the claimed violation is untrue, the damage is done to the company just by having the SEC opening its inquiry or making allegations. Just as in so many other situations, the cost of responding to the inquiries of a regulatory agency is a costly and time-consuming process. Also, let’s be honest, no matter how compliant a company tries to be, its employees are human and people do make mistakes. The key question is how does the company respond when those mistakes are identified?

Will the end result be that complaints are taken to the government first and the company second? We do know that even in the face of CBP’s long standing informant award procedure, typically individuals bring their concerns to their company first. It could be the reason for that is CBP’s program is not well-known. Instead, perhaps we can look to the False Claims Act and the Tax Fraud cases for historical context.  In both situations, the whistleblower provisions are well known and have resulted in a large number of cases. Will that change? Perhaps. The SEC is saying it is receiving one tip per day regarding violations of the Foreign Corrupt Practices Act. Will that increase under Dodd -Frank?

Some clarity is coming into focus. The proposed rules were published on December 2nd. So far, it looks like the SEC has taken the criticism to heart. It is encouraging individuals to “report up” within their company first by allowing them to keep their place in line by only then “reporting out” to the SEC within 90 days of the report to the company.  “Original” information belongs to he who reports it first. By this means, the SEC is allowing the whistleblower to get credit with the SEC based on the date the violation is reported to the company. There are also indications those who “report up” first will be eligible for higher reward percentages. The reward range provided by statute is between 10% and 30% and hinges on the amount recovered exceeding $1 million,  see Section 922.  

Wisely, those with legal, compliance, audit, supervisory or governance responsibility may not become whistleblowers provided they received information about the violation(s) with the expectation they would take corrective action. At the same time, if the company acted in bad faith or fails to report within a reasonable period of time, those individuals may become whistleblowers. In other words, just like the export, ISA and prior disclosure requirements, for example, once you find out about the violation, you must report it to the government. Further, as is typical in the trade context, the information is considered eligible or “original” only so long as it is reported before the agency (in this case the SEC) initiates an investigation and a recovery ensues.

As a further encouragement to companies, the SEC has said that if it allows a company to conduct an internal investigation prior to the Commission initiating its actions, the company will be given meaningful credit for its subsequent cooperation, see also the Seaboard Report at



Whether your company is publicly traded or privately held, what should you do? First, establish as a matter of policy that compliance is a hallmark of the company’s operations and applies to everyone, not just the little guys. Second, make sure there is in place a meaningful way for individuals to report violations, usually done through a hot-line, but accomplished in such a way that the individual’s identity does not become publicly known. Next, increase awareness and visibility about the internal reporting procedure and include monetary and other incentives to those who report wrongdoing.

Whatever the context for the alleged violations and regardless of whether or not you are working for a publicly traded company, be prepared to answer a series of questions from the regulators:

1)  What is the nature of the misconduct involved?

2)  How did the misconduct arise?

3)  At what level within the organization did the misconduct occur?

4)  How long did it last?

5)  What harm was inflicted by the misconduct?

6)  How was the misconduct detected?

7)  Who uncovered it?

8)  How quickly was it reported and to whom?

9)  What corrective steps were taken and how long did it take to put them in place?

10) What disciplines within the company were involved in creating and implementing the corrective action?

11)  Did the company act prudently to learn the truth of the events?

12)  Who was involved in the process?

13)  Did the company promptly and fully report the misconduct to the appropriate regulatory agency/agencies?

14)  Did the company cooperate with the investigation conducted by any regulatory agency/agencies to which it reported the misconduct?

15)  Is the proposed corrective action sufficient to avoid similar misconduct in the future?


For those who have had the misfortune to become familiar with the Sentencing Guidelines, or otherwise had a serious run-in with any regulatory agency, this list of questions is quite familiar. It forms the starting point for your dealings to resolve the consequences of the misconduct. It is by no mean an exhaustive list of all the questions or concerns that may arise, but it surely is a good starting point to figure out how to quickly and effectively work through the significant damage triggered by serious misconduct and hopefully will lower the likelihood of civil liability from the fallout which ensues.

Leave a Reply

remember my information