Whistleblower regulations are evolving, and at the core of this evolution are programs that are designed to incentivize individuals to alert authorities when inappropriate action has taken place
The U.S. Department of Justice (DOJ) has taken another step against corporate malfeasance by incentivizing cooperation from individuals involved in misconduct. While the new program applies to all companies, experts have said it specifically targets banks, investment funds, and the healthcare industry.
The new pilot program, announced in April by the DOJ’s criminal division, explicitly offers to forego prosecutions for individuals who cooperate with investigations into wrongdoing at their employer. It builds upon earlier efforts to credit companies for voluntarily reporting internal misconduct.
The Pilot Program on Voluntary Self-Disclosure for Individuals offers non-prosecution agreements (NPAs) to individuals who proactively provide original information to the DOJ’s criminal division concerning specified types of corporate criminal misconduct. “Receiving such information will help us investigate and prosecute criminal conduct that might otherwise go undetected or be impossible to prove, and will, in turn, further encourage companies to create compliance programs that help prevent, detect, and remediate misconduct and to report misconduct when it occurs,” the DOJ stated in announcing the pilot.
Experts said the program will raise the bar for companies by offering NPAs to participants in misconduct, a key distinction from earlier policies.
“This marks the first time a DOJ program has explicitly offered to forego prosecution of an individual in exchange for their cooperation against a company,” the law firm Paul Weiss said in an analysis in recent memo to clients.
Targeting certain violations
Although the program applies broadly to misconduct by any public or private company, it emphasizes corporate malfeasance at banks, investment funds, and healthcare providers. Specifically, the program targets violations that are:
-
-
- by financial institutions, their insiders or agents, including schemes covered by statutes related to money laundering, anti-money laundering, registration of money transmitting businesses, fraud, and fraud against or compliance with financial institution regulators
- related to the integrity of financial markets undertaken by financial institutions, investment advisors, or investment funds; by or through public companies or private companies with 50 or more employees; or by any insiders or agents of any such entities
- related to foreign corruption and bribery by, through, or related to public or private companies, including violations of the Foreign Corrupt Practices Act, the Foreign Extortion Prevention Act, and anti-money laundering statutes
- related to healthcare fraud or illegal healthcare kickbacks by or through public companies or private companies with 50 or more employees
-
Experts noted that the DOJ program complements other regulatory efforts to encourage whistleblowers to provide information that could help expose corporate misconduct.
“These whistleblower programs supplement existing programs with other enforcement authorities, such as the [Securities and Exchange Commission],” said law firm Wilmer Hale in a note to clients. “We expect to see continued attention on and incentives for whistleblowers, not just from the DOJ but also from other enforcement authorities.”
Retaliation problem with internal whistleblowing programs
Recent studies have pointed to deficiencies in corporate whistleblowing programs that encourage employees to come forward when witnessing behavior that puts their organization at risk. A major hurdle has been the risk of retaliation against employees.
New research published by a team of legal experts in January showed that corporate whistleblowers who report through internal channels face higher rates of retaliation than those who report to the government. The study, which examined eight years of whistleblower retaliation cases under the Dodd-Frank Act and the Sarbanes-Oxley Act (SOX), found that more than 90% of the retaliation cases involved internal whistleblowers, the authors said in an analysis published by New York University’s Law School.
“These findings are of particular importance in light of Congressional efforts to amend the Dodd-Frank Act to extend anti-retaliation protections for internal whistleblowers. They also validate the importance of regulations by the U.S. Securities and Exchange Commission (SEC) and Commodity Futures Trading Commission (CFTC) that explicitly do not require whistleblowers to make internal reports prior to qualifying for a reward under the Dodd-Frank,” the authors said.
Compliance programs need review
With regulators and enforcement authorities coaxing employees to disclose corporate wrongdoing amid persistent retaliatory threats at many organizations, corporations would be wise to review their compliance policies, experts said.
“The probability of detection for wrongdoers continues to increase with this program and the other federal bounty programs,” said Jordan Thomas, an attorney at SEC Whistleblower Advocates, a law firm that helps corporate whistleblowers. “Responsible organizations would be wise to redouble their efforts to create a culture where people blow the whistle internally. And, where violations have occurred, smart companies will self-report to federal law enforcement and regulatory organizations — before it is too late.”
Other firms offered similar advice. Since the DOJ program will cover a range of potential misconduct, including fraud and bribery, “companies should consider reviewing and updating their whistleblowing policies and procedures (or adopting them if needed),” Paul Weiss told clients. “These policies and procedures should address the assessment and prompt internal investigation of allegations of misconduct, as well as non-retaliation against whistleblowers (and avenues for whistleblowers to seek recourse in the event there is retaliation).”
Additionally, companies should consider developing a clear framework to encourage and guide the prompt internal reporting of potential violations. Such frameworks position firms to determine whether, when, and how to be first in the door to self-report potential violations.
You can learn more about risk management here.
