On December 1st, I had participated in a panel at [ACI’s International Conference on the FCPA] with other experts from in-house legal and compliance departments and AmLaw 100 law firms to discuss recent trends and developments in the SEC’s Whistleblower program. More importantly, we discussed what companies can be doing to mitigate the ever-increasing risk of becoming the subject of an SEC Whistleblower complaint and subsequent investigation.

First, a little background. The SEC’s Whistleblower program (the “Program”) has exploded in popularity in recent years and has unsurprisingly gained a momentum that is unlikely to slow down any time soon. In existence since August of 2011, the Program was created in connection with the passage of the Dodd-Frank Act. From its inception through the SEC’s fiscal year ended September 30, 2020 the Program had paid total awards of $562 million to 106 individuals. In the SEC’s fiscal year 2021 alone – and pay attention to this – the SEC paid an astounding $564 million to 108 individuals. That represents more in the last year, both in terms of dollars and claimants paid, than in the entirety of the Program’s nine previous years! For additional context, the SEC paid a total of $175 million to 39 individuals during its fiscal year 2020 – which also was a record-breaking year compared to prior years.

On the panel we discussed some of the more interesting cases from fiscal 2021 – my personal favorite was the whistleblower who received an award of $36 million dollars even though they were culpable in the underlying scheme. We also covered some of the factors that have led to the increase in Program tips and what companies can do to mitigate the risk of becoming the subject of an SEC enforcement investigation.

Two significant developments in recent years have been the U.S. Supreme Court’s ruling in Digital Reality Trust, Inc. v. Somers, which concluded that a whistleblower must file a complaint directly with the SEC in order to avail themselves of the anti-retaliation provision of the Dodd-Frank Act, and COVID – which forced large portions of the work force into remote working conditions.

The consensus take-away from our panel was that companies need to up their game if they want employees to choose internal reporting channels over other means. Some steps companies should consider include:

  • Continually assessing reporting channels to ensure that they’re best suited for the evolving structure of the business (think work from home vs. office vs. hybrid);
  • Providing training to mid-level managers and others who may be the recipients of ‘informal’ complaints so that they can identify concerns that should be escalated;
  • Finding ways to reinforce to employees that whistleblowers complaints are taken seriously and investigated thoroughly; and
  • Fiercely guarding against retaliation for internally raised concerns.

More controversially, our panel posited whether companies should consider creating their own internal bounty program. What do you think?