A Thought on Whistleblower Programs
Last week the Securities and Exchange Commission doled out a $50 million whistleblower award, the second-largest award given in the award program’s 10-year history.
The money, however, isn’t the telling detail in this case. The telling detail is that the award went to two whistleblowers, who worked together to bring a misconduct case to the SEC’s attention and help in the ensuing investigation.
As usual with SEC whistleblower awards, we don’t know too many details. For example, we don’t know the offending company in question, although it reached a cease-and-desist settlement with the SEC rather than pleading guilty to civil charges.
Nor do we know what this company did. The SEC statement only describes “violations that involved highly complex transactions and would have been difficult to detect” without the whistleblowers’ help. The company did ultimately return “tens of millions of dollars to harmed investors,” which suggests to me that the scam was a Ponzi scheme, but we can’t be certain.
A $50 million award implies that the company paid a settlement of $166 million to $500 million, but that’s a mighty wide range — and we can’t even be sure how large the whistleblower award actually is. The SEC statement only says the award was “over $50 million.” I don’t believe it’s much higher than that, but we don’t know the exact number.
What we do know is that the two whistleblowers worked together closely. According to the SEC award order, these two persons worked with the same whistleblower attorney to bring their tip to the SEC. Whatever that information was, it prompted the SEC to open an investigation. Then the two whistleblowers met with SEC investigators numerous times, “provided voluminous detailed documents,” and continued with other assistance throughout the investigation.
Ultimately, the two whistleblowers (and their lawyer) then filed identical whistleblower award applications. Now they’re splitting the $50 million equally.
Strength in Whistleblower Numbers
I keep returning to the notion of these two whistleblowers collaborating to expose misconduct at their firm. To some extent, and perhaps to a large extent, the support they gave each other must have helped them commit to such a long, difficult ordeal. People like to know they’re not alone when doing something difficult.
So how might corporate compliance officers incorporate that concept into your own internal reporting programs? That’s the question this case inspires me to ponder.
For example, I know one startup firm selling a whistleblower software solution where employees can prepare a harassment complaint, but specify that the complaint isn’t actually filed with the company until another employee also drafts a complaint about the same person. Then both complaints go into the company’s internal reporting system together. (I avoid naming specific software vendors in these posts. If you want to know more, drop me an email at [email protected].)
This strength-in-numbers approach seems especially useful for harassment complaints, where documentary evidence might be scant and the reporter might worry that the allegations will devolve into a “he said, she said” debate that goes nowhere. Allowing something more like a “they all said” dynamic would offer greater comfort to the first few people trying to summon the courage to speak up.
I appreciate the challenges to this idea. For example, I would never endorse compliance training that sends a message like, “Talk among yourselves until all of you are ready to pounce on the bully, then call us.” A system like that is far too vulnerable to abuse. Compliance officers should also consider potential privacy issues: perhaps by allowing two or more employees to submit a complaint together, the accused could say the process violates his or her privacy rights.
And there’s the practical reality that no company needs to offer a strength-in-numbers feature for internal reporting. It’s not required under any whistleblower law or regulation that I know. This would be a deliberate choice to go beyond what the law requires, simply to create a more comfortable environment for internal reporting. Some firms might say that noble goal isn’t worth the extra cost and liability concerns, and not do it.
Helping Whistleblowers Is Helpful
But that brings us back to our $50 million whistleblowers. They remind us that other avenues do exist for unhappy employees to bring their complaints to light, and those other avenues already offer strength in numbers.
Why should companies bother to retool their internal reporting programs to match? Because the one force in your favor is that most employees don’t want to take their complaints outside the business. Most want to raise misconduct concerns internally, because (a) it’s the right thing to do; and (b) they want to see the problem solved.
Ethics and compliance programs should try to harness that desire as much as possible. So however you might fine-tune your internal reporting program to accommodate the natural human fear of being the first one to put your rear on the line, it’s worth considering.