It’s Back! Pre-taliation Enforcement
Oh good lord. The Securities and Exchange Commission just dinged a financial services firm in New York $209,000 for including a “pre-taliation” clause in its employee manual, an eye-rolling offense against whistleblowers that I thought had gone extinct in 2016. Apparently not.
The firm in question is Guggenheim Securities, the broker-dealer subsidiary of hedge fund Guggenheim Partners. The SEC announced its settlement on Wednesday (World Whistleblower Day, we should note), and the case is instructive for compliance officers who want to make sure their own organizations don’t fall into the pre-taliation trap.
The trap itself is simply this: to have policies on the books that forbid employees from approaching regulators without first notifying the company’s legal or compliance teams. You can’t do that. It’s a violation of the Dodd-Frank Act — specifically Section 922, which directs the SEC to operate a whistleblower award program and to solicit tips about corruption from employees and the public.
The SEC then adopted Rule 21F-17, which says:
No person may take any action to impede an individual from communicating directly with the Commission staff about a possible securities law violation, including enforcing, or threatening to enforce, a confidentiality agreement … with respect to such communications.
Which brings us to Guggenheim Securities. As described by the SEC in its settlement order, Guggenheim had a “Communications With Regulators” policy on the books from at least April 2016 to July 2020 that did indeed forbid employees from contacting regulators without prior approval from the firm’s legal or compliance teams. The policy itself said:
Employees are also strictly prohibited from initiating contact with any Regulator without prior approval from the Legal or Compliance Department. This prohibition applies to any subject matter that might be discussed with a regulator… Any employee that violates this policy may be subject to disciplinary action by the Firm.
That is a pre-emptive threat of retaliation for bringing whistleblower concerns to a regulator. Which fits the definition of pre-taliation.
Guggenheim did previously have policy language that said employees needed to notify the legal and compliance teams when regulators had approached the employee first. Starting in 2016, however, the policy was expanded to include prior approval for the employee taking his or her own initiative to contact the regulator; that’s the bit that gets a company into trouble.
Dueling Policies Create Confusion
We should also note that in addition to this policy forbidding employees from contacting regulators, Guggenheim had a separate “Public Statements” policy that said employees didn’t need to contact legal or compliance before calling regulators. That policy had this language:
Nothing in this policy or any other company policy or agreement is intended to prohibit you (with or without prior notice to the Company) from reporting to or participating in an investigation with a government agency or authority about a possible violation of law, or from making other disclosures protected by applicable whistleblower statutes.
That’s the correct position for a company to take, but one can see how a reasonable employee might be confused when confronted with both policies in the same handbook. They contradict each other.
Moreover, Guggenheim also had a clause in the policy manual that told employees some policies might be more restrictive than others. In all such circumstances, the firm said, “personnel should follow the more restrictive of the policies or procedures, absent explicit direction to the contrary.” If that sentence tells employees anything, it tells them to follow the policy that restricts them from approaching regulators.
And for the years 2018 and 2019 at least, Guggenheim’s compliance training materials also reinforced the message in the Communication With Regulators policy, that employees needed to seek prior approval.
How to Resolve Pre-taliation
That’s easy. You just delete the offending policy language.
Guggenheim did so in 2020, after the SEC contacted the firm to inquire about the pre-taliation concerns. The offending language we mentioned above was removed, and replaced with this:
Nothing in [the Manual] prohibits or restricts any person in any way from reporting possible violations of law or regulation to any governmental agency or entity, or otherwise prevent anyone from participating, assisting, or testifying in any proceeding or investigation by any such agency or entity or from making other disclosures that are protected and/or permitted under law or regulation.
Guggenheim still received a $209,000 fine and a censure from the SEC, and agreed to a cease-and-desist order. And like so many other firms, Guggenheim neither confirms nor denies any wrongdoing.
The SEC also said that to the best of its knowledge, Guggenheim never did take any retaliatory action against an employee for speaking to regulators — but then, that shouldn’t be a necessary element in cases like this anyway.
If you support a speak-up culture, you need to give employees discretion to bring allegations of wrongdoing directly to regulators. That’s the foundation of trust upon which a speak-up culture is built. If your leadership truly does embrace good ethical practices, employees will then bring their concerns directly to you anyway.
Plus, ya know, it’s the law.
The SEC made pre-taliation an enforcement priority in 2016, when it sanctioned numerous firms for the offense. Most of the time, the firms in question never actually took any retaliation against employees; the SEC just didn’t want those clauses on the books. Only in one instance, against an Oklahoma energy business, did the SEC impose a substantial penalty ($1.4 million) because it found evidence that the company had indeed put its pre-taliation policy to work.
Pre-taliation clauses are one of the great unforced errors in corporate compliance. Do a keyword search in your policy manual and training examples, find any offending examples, and then press the Delete key. That’s your remediation. Everything else that might befall a firm for this offense doesn’t need to happen.