Employers Beware: SEC Whistleblower Enforcement Actions are Targeting Workplace Agreements

Paula Lopez, April 10, 2015.

On April 1, 2015 the Securities and Exchange Commission (“SEC”) brought its first enforcement action against an employer, KBR, Inc., because of the terms of a confidentiality statement it had employees sign during an internal fraud investigation relating to military contracts.    The SEC instituted the enforcement action against KBR under the Dodd-Frank Wall Street Reform and Consumer Protection Act (“Dodd-Frank Act”) and the rules and regulations it had passed as part of the Act’s implementation.

The SEC’s enforcement action was targeted at a confidentiality statement that KBR required employees to sign prior to being interviewed as part of an internal fraud investigation, which stated:

“I understand that in order to protect the integrity of this review, I am prohibited from discussing any particulars regarding this interview and the subject matter discussed during the interview, without the prior authorization of the Law Department.  I understand that the unauthorized disclosure of information may be grounds for disciplinary action up to and including termination of employment.”

The troublesome language in this provision is the threat of disciplinary action, including termination, if the employee were to disclose any of the matters involved in the fraud investigation with third parties and the requirement that employees obtain prior authorization from the company’s law department before making any disclosures.

Congress passed the Dodd-Frank Act after the financial crisis as a way to encourage whistleblowers to report likely instances of fraud and other misconduct in the financial industry.  The Dodd-Frank Act provides whistleblowers with financial incentives and offers them protection by prohibiting retaliation by their employers.  The SEC then issued rules and regulations relating to the implementation of the Dodd-Frank Act.  From this effort came Rule 21F-17 (a) prohibiting employers from interfering with their employees’ rights to communicate with the SEC about possible securities law violations.  Rule 21F-17 (a) states “[n]o person may take any action to impede an individual from communicating directly with the Commission staff about a possible securities law violation, including enforcing, or threatening to enforce, a confidentiality agreement … with respect to such communications.”  The rule became effective on August 12, 2011.

According to the SEC’s Order and Findings in the KBR case, its investigation into KBR’s confidentiality statements did not reveal that any KBR employee was deterred from reporting likely violations to the SEC by the confidentiality statement they had signed or that KBR enforced the statements in a manner intended to prevent any employees from reporting to the SEC.  However, the SEC found that the language in the confidentiality statement violates Rule 21F-17(a) because it impedes communication between its employees and the SEC.

The SEC’s enforcement action against KBR was settled the same day it was announced.  The SEC accepted an Offer of Settlement made by KBR, the terms of which include an agreement from KBR to pay $130,000.00 penalty and to amend its confidentiality agreement to include a statement that makes it clear to its employees that nothing in the confidentiality statement prohibits them from reporting possible violations to any government agency or other entity and that no prior consent from the company is required before making such disclosures.  KBR also agreed to contact all KBR employees who had signed the confidentiality agreement between August 12, 2011 (the rule’s effective date) and the present and to provide them with a copy of the SEC’s order and the amendment to the confidentiality agreement.  As part of the settlement, KBR neither admitted nor denied any of the findings in the SEC order.

The SEC has made it clear that will not tolerate employers’ attempts to undermine the purpose of the Dodd-Frank Act and the SEC’s power to investigate financial fraud by requiring employees to sign agreements with secrecy provisions. The SEC’s whistleblower chief, Sean McKessy has also stated that it will not only go after employers using “creatively drafted” agreements intended to dissuade company whistleblowers from reporting to the SEC but also the in-house attorneys that drafted the agreements by revoking their ability to appear before the SEC.

The enforcement action against KBR is only the beginning of things to come.  As reported by the Wall Street Journal, the SEC has sent letters to various companies requesting to review copies of employment agreements, non-disclosure agreements, severance agreements, settlement agreements and other work-related agreements signed by employees since the Dodd-Frank Act was enacted.  This reflects the SEC’s intent not to limit its enforcement of Rule 21F-17(a) to contract provisions in pending investigations but to actively seek out and independently prosecute violations of this rule.

Some provisions that the SEC is likely to find violate Rule 21F-17(a) are provisions that threaten to take disciplinary action against employees for disclosing information to government agencies, prohibit employees from recovering financially in exchange for making disclosures, or require employees to obtain consent from the employer before disclosing information to governmental entities or other agencies. While employers are free to have their employees sign confidentiality agreements intended to protect legitimate business interests such as trade secrets or confidential business information, such agreements should be narrowly tailored so as not to have a chilling effect on the SEC’s goals of encouraging employees to disclose likely instances of financial fraud or on employees who wish to report on potential fraud or abuse.