Menu

Conduct & Ethics

Whistleblowing, and How It Pays

Regulators increase rewards for enforcement assistance; SEC reports “unprecedented” public participation.

Friday, August 30, 2024

By L.A. Winokur

Advertisement

When Clifford Rossi, a veteran of several senior risk management positions, joined Citigroup in 2007, he was told “per the general counsel’s office” to have “no contact” with an officer tagged as a whistleblower.

“I learned this was a guy who, for at least a couple of years, had flagged all sorts of problems in the mortgage business and had been pushed aside and shunned,” Rossi recalled. “They didn’t want to hear from him.”

In 2008, the senior colleague brought his allegations to regulators, recounted Rossi, then Citi’s Consumer Lending Group chief risk officer, now a University of Maryland professor-of-the-practice.

And “it turned into a firestorm.”

Threat of Damage

Whistleblowing is now established – and legitimized in post-financial crisis regulations – as a potent contributor to bringing misconduct to light and levying penalties. But it is also a risk that, if allowed to escalate, can do significant damage to, if not destroy, a company, its culture and reputation.

Companies that have adopted in their governance processes codes of conduct and provisions for lodging whistleblower-type complaints would prefer to keep their business in-house, preventing issues from getting out of hand.

But this may be getting harder to do as whistleblowers who feel shunned or retaliated against turn to the outside for relief.

allison-herren-leeAllison Herren Lee: “Anti-retaliation provisions are clear.”

“Retaliation is real,” acknowledged Allison Herren Lee, a former member of the Securities and Exchange Commission who is currently of counsel to whistleblower defense firm Kohn, Kohn & Colapinto (KKC).

“If you talk about whistleblowers who have actually uncovered real misconduct, the answer in almost every case is they have tried internally to say something,” she observed. “In a very large percentage of the cases, they have faced some form of retaliation.

“It’s rare you find a situation where there’s none, and frankly, it’s a little surprising to me because the anti-retaliation provisions are so clear.”

Protecting Their Rights

In July, the Consumer Financial Protection Bureau issued a circular that warned against intimidation, such as with nondisclosure agreements, as a potential violation of federal whistleblower protections.

A working paper co-authored by KKC partner Stephen M. Kohn came up with “compelling empirical evidence supporting Congress’ recent proposals to amend laws like the Dodd-Frank Act to include robust protection against retaliation for whistleblowers who report misconduct internally,” said a January KKC press release. “Notably, a 2018 Supreme Court ruling in Digital Realty Trust Inc. v. Somers removed Dodd-Frank protections for internal whistleblowers.”

Surveying “documented reporting behavior involved in Sarbanes-Oxley Act and Dodd-Frank Act whistleblower retaliation cases over an eight-year period,” the research found “internal whistleblowers constitute over 90% of retaliation cases.”

The National Whistleblower Center, which KKC partners created in 1988, cautioned, “While hotlines often promise confidentiality or anonymity, companies may still be able to identify the employee based on the complaint.”

What Drives Them?

“Most of the time, in my experience, whistleblowers are deeply offended at the misconduct and don’t want to view themselves as working for an organization that would engage in that kind of behavior,” Lee opined. “They want to see it stop.”

When they seek recourse outside their organizations, money may not be the initial motivator, but it can certainly sweeten the pot.

The whistleblower program adopted by the SEC in 2011 protects confidentiality and pays rewards for voluntarily providing information leading to a “successful enforcement action” with “monetary sanctions over $1 million.” The take: 10% to 30% of the money collected.

According to an annual report for fiscal year 2023, the SEC had received nearly 83,000 tips and awarded more than $1.9 billion to 397 whistleblowers since the program’s inception.

f1-whistleblowing-how-it-pays-240830

Whistleblower tips annually to the SEC.

Record Participation

The SEC reported that it saw an “unprecedented level of public participation,” having received over 18,000 tips in fiscal 2023 – almost 50% more than the previous year’s record. It received “a record number of applications for awards” and shelled out nearly $600 million, “the highest annual total by dollar value in the program’s history.”

The agency said that one award, for almost $279 million, was the “largest” to date.

The most common complaint categories were manipulation (24%); offering fraud (19%); initial coin offerings and crypto asset securities (14%); and corporate disclosures and financials (10%).

On August 23, the SEC revealed that it had paid a total of $98 million to two whistleblowers. Three days later, it said $24 million went to two others in a separate case. 

Similar reward rules stemming from the 2010 Dodd-Frank Act apply in the Commodity Futures Trading Commission’s program.

“Since issuing its first award in 2014, the CFTC has granted whistleblower awards amounting to approximately $380 million. Those awards are associated with enforcement actions that have resulted in monetary sanctions totaling more than $3.2 billion,” the agency said in announcing an $8 million award in June. An award of over $1 million followed on August 8.

Going Bigger

lmonaco-150x190Deputy Attorney General Lisa Monaco

Lee attributed the SEC’s whistleblowing success to its “tap[ping] into a tried-and-true tradition in capital markets: financial incentives.”

Upping the ante, in a March speech to a white-collar-crime conference, Deputy Attorney General Lisa Monaco announced plans for a “Department of Justice-run whistleblower rewards program.” Details of the pilot were published August 1.

“Going back to the days of ‘Wanted’ posters across the old West, law enforcement has long offered rewards to coax tipsters out of the woodwork,” Monaco noted.

Suggesting the SEC and CFTC programs as a model for the DOJ, Lee posted in April on the Harvard Law School Forum on Corporate Governance: “History has demonstrated that without guaranteed incentives, whistleblowers are far less likely to come forward.”

Getting Buy-In

What are companies to do?

“Promote an environment where there’s truly no fear of retribution for bringing something up,” Rossi recommended. “You’ve got to get people bought into the idea you really mean it, that management really means it.”

Rossi proposed human resources as perhaps best positioned to bring together business and risk management teams to “make the case for how they’re going to create a culture where people can bring issues to the table without blowback.”

Companies need a “rigorous and well-publicized policy that invites internal complaints,” Lee advised, and a “thorough investigatory function on the other end of that process so you make it clear to all employees that you welcome their input; want to hear from them on concerns; and that they have a path to report, if necessary, outside of their reporting lines.”

They also should “devote enough resources to investigate leads; ensure that people understand the status of those investigations; and have more communication with whistleblowers where they feel heard and know somebody has actually run down what their concerns are,” the ex-SEC commissioner contended.

“Own the Process”

“Depending upon the size of a company and all of the silos that exist inside it, somebody needs to own the process instead of just reacting in the moment, especially when the allegations may reflect directly on the recipient of the complaint,” Lee added. She believes risk management and board risk committees could play “a big role.”

“It’s important to emphasize how much more control companies have than they think they do,” she maintained. “If companies would do more listening, investigating and communicating back to the whistleblowers, they can head off a lot more problems.”

“I want to know, as the head of risk or business, if there is something going on that is creating smoke,” Rossi remarked. “I want to put it out before it becomes a fire.”

 

L.A. Winokur is a veteran business journalist based in the San Francisco Bay Area.




Advertisement

We are a not-for-profit organization and the leading globally recognized membership association for risk managers.

weChat QR code.
red QR code.

BylawsCode of ConductPrivacy NoticeTerms of Use © 2024 Global Association of Risk Professionals