SEC Expands Enforcement of Whistleblower Impeding Rule to Confidentiality Agreements

In an enforcement case announced Jan. 16, 2024, the SEC continued its expansive application of Whistleblower Protection Rules preventing any person or entity from impeding whistleblowing. The SEC announced settled charges and imposed an $18 million civil penalty against a dually registered investment adviser and broker-dealer alleging that confidentiality provisions in the firm’s settlement and release agreements with retail clients impeded potential whistleblowers in violation of SEC rules. In the settled order,¹ the SEC alleged that even though the firm’s standard settlement and release terms permitted clients to respond to SEC inquiries, the agreements nonetheless ran afoul of rules against impeding whistleblowers because they did not permit clients to voluntarily contact the SEC.

The SEC’s newest application of the rule against impeding whistleblowers is a warning to asset managers, public companies, and private companies alike. Contractual provisions similar to those under SEC scrutiny are routinely included in settlement and release agreements with retail clients across the financial services industry. The SEC Enforcement program will likely continue its aggressive interpretation of relevant rules to any number of settlements and contractual provisions that could potentially impede whistleblowers.

The SEC’s Rule Preventing Action to Impede Whistleblowers

The Dodd-Frank Act amended the Securities Exchange Act of 1934 to add Section 21F-17, which was intended to encourage whistleblowers to report possible securities law violations to the SEC. Among other things, Section 21F-17 provides financial incentives and confidentiality protections to whistleblowers. The SEC subsequently adopted Rule 21F-17(a) (aka the “Whistleblower Impeding Rule”), which provides in relevant part:

No person may take any action to impede an individual from communicating directly with the Commission staff about a possible securities law violation, including enforcing, or threatening to enforce, a confidentiality agreement . . . with respect to such communications.²

The SEC’s Enforcement Division has been extraordinarily aggressive in enforcing the Whistleblower Impeding Rule, bringing cases for separation agreements or compliance policies that contained language potentially impeding whistleblowers, even in instances when the agency acknowledged that no evidence suggested whistleblowers had actually been impeded.³  

Previously, Whistleblower Impeding Rule cases stemmed from alleged violative language in employee separation agreements⁴ and legal and compliance training materials,⁵ as well as the removal of a whistleblower’s access to company systems.⁶ While the Commission had previously alleged that settlement agreement provisions with a private company’s investors violated the Whistleblower Impeding Rule⁷, since the rule’s adoption in July 2010, the agency had not alleged violations relating to confidentiality provisions in settlement and release agreements between an SEC registrant and its retail clients.

The SEC’s Recent Enforcement Action

The SEC’s most recent case is groundbreaking because it alleged that a relatively common type of settlement and release confidentiality provision may violate the Whistleblower Impeding Rule. According to the order, in the periodic settlement of minor disputes with retail clients, the respondent firm routinely offered payments or credits ranging from $1,000 to $165,000, and in return asked clients to sign a release of liability provision. The firm’s standard release also contained the following confidentiality provision:

[the client] shall keep this Agreement confidential and not use or disclose (including but not limited to, media statements, social media, or otherwise) the allegations, facts, contentions, liability, damages, or other information relating in any way to the Account, including but not limited to, the existence or terms of this Agreement.

Notably, the confidentiality provision contained an explicit carve-out for communications with regulators, which stated in relevant part:

Notwithstanding, [client] and [client’s] attorneys are neither prohibited nor restricted from responding to any inquiry about this settlement or its underlying facts by FINRA, the SEC, or any other government entity or self-regulatory organization, or as required by law.

Despite this carve-out for responding to regulators’ inquiries, the settled order alleged that the confidentiality provision violated the Whistleblower Impeding Rule because it had “prohibited clients from affirmatively reporting” potential violations to the Commission staff. As a result of this nuanced distinction, the SEC imposed an $18 million civil penalty against the firm.

Key Takeaways

• The Whistleblower Impeding Rule has broad applicability, which includes investment advisers, broker-dealers, public companies and private companies.
• The SEC has taken the position that it need not prove that whistleblowers or potential whistleblowers were actually impeded in order to establish a violation of the Whistleblower Impeding Rule.
• Language in any form of confidentiality agreement or training materials that prohibits, limits, or arguably dissuades individuals from affirmatively reporting potential securities law violations to the SEC Staff may violate the Whistleblower Impeding Rule. This may include employment agreements, separation agreements, and settlement/release agreements with customers or investors.
• The SEC has alleged a variety of common provisions may violate the Whistleblower Impeding Rule, including language that:
  • Limits information that employees or clients may provide to the SEC.
  • Requires employees or clients to waive rights to recovery to any monetary recovery in connection with reporting wrongdoing to the government.
  • Requires employees to notify and/or obtain consent from the company prior to disclosure of information, or to notify the company after being contacted by the government.
  • Requires employees to affirmatively represent that they have not/will not assist the government in investigations.
  • Prohibits disclosure of confidential information, without explicit carve-outs for affirmative or voluntary communications to the SEC about possible securities law violations.
• Although other factors may weigh against such an approach, one direct way to avoid SEC scrutiny may be to include in relevant agreements affirmative statements that those agreements do not preclude a signatory from reporting suspected violations to government agencies.⁸

For more information about the SEC’s enforcement actions involving the whistleblower rules, possible changes to standard settlement/release confidentiality provisions, and other topics related to handling potential whistleblowers, please contact one of the Haynes Boone lawyers below.

¹ In the matter of J.P. Morgan Securities LLC 
² 17 CFR § 240.21F-17.
³ See, e.g., In the Matter of Activision Blizzard, Inc. at p. 5.
⁴ In the Matter of D.E. Shaw & Co., L.P. 
⁵ In the Matter of Guggenheim Securities, LLC 
⁶ In the Matter of David Hansen
⁷ SEC v. Collector’s Coffee, Inc., et al. 
⁸ See, e.g., In the Matter of KBR, Inc. (recognizing respondent’s “remedial step” of revising relevant agreements to include such affirmative statements).