Category: Whistleblower

How Does Your Hotline Compare?

Does your hotline ring off the hook with complaints? Is it silent? Are the complaints mostly that the employee thinks his boss is a jerk?

The Network and BDO Consulting published their 2010 Corporate Governance and Compliance Hotline Benchmarking Report. The 2010 report provides an analysis of compilation of more than 500,000 reports from over 4,000 organizations throughout the five-year period covering 2005 to 2009.

Most of the report deal with a per 1,000 employee standard so you can do the math to figure out where your organization sits compared to other companies. They break the employee size into 5 groups: (0-5,000;5,001-10,000;10,0001-20,000; 20,001-50,000; and 50,000+). One interesting item is that report frequency is greater for the smallest organizations than it is for the largest organizations.

Retail has lost its crown as having the most reports to transportation, communication & utilities.

Industry 2005 2009
Construction 2.66 6.96
Finance, Insurance & Real Estate 5.61 8.28
Manufacturing 3.40 4.10
Mining 2.32 3.81
Public Administration N/A 8.66
Retail Trade 18.00 11.09
Service Industries 7.33 10.52
Transportation, Communication & Utilities 9.67 12.80
Wholesale Trade 11.67 7.67
Overall 9.44 8.58

One item that has remained steady is that in 71% of the reports, the participant did not notify management before making the report. Personnel management still takes up about half of the reports. Posters are still the top source for creating awareness about the hotline.

Sources:

Who Blows the Whistle on Corporate Fraud?

It takes a village.

Alexander Dyck, Adair Morse, and Luigi Zingales found that fraud detection does not rely on standard corporate governance actors. Instead they found that employees, short sellers and analysts are the top sources in uncovering corporate fraud.

The three researchers studied reported fraud cases between 1996 and 2004 for U.S. companies with more than $750 million in assets. They ended up with a sample of 216 cases, including the high profile cases like Enron, HealthSouth and Worldcom.

They conclude that those in the best position to spot fraud are those who gather a lot of relevant information as a by-product of their normal work.  Employees, industry regulators, and analysts are at the top of the list.

Financial Reward

A monetary award, like the bounty under the Federal Civil False Claims Act, seems to be a good incentive for employees.

Short sellers are another group with a financial incentive.  The researchers looked at short selling activity prior to revelation of fraud. When that activity three standard deviations above the prior three month average they took that as indication that the short sellers had identified a fraud. If you use that benchmark, the short-sellers detected 22 of the fraud cases.

Reputation Reward

The other incentive is the reputation reward that they largely attribute to journalists. A journalist who uncovers a big fraud gets national attention and future career opportunities. It is interesting that when they weight the frauds based on size, journalists move farther up the list as the fraud detector. That seems a clear indication that reporters are more interested in the big, splashy fraud cases. That also means that we cannot expect the media to act as an effective monitor for smaller companies or for technical violations.

Auditors

I’m sure Francine McKenna, of re: The Auditors, would be interested to see their findings regarding auditors.

“We find very weak evidence of auditor’s incentives to blow the whistle. Auditing a fraudulent company is bad for reputation, but conditional on doing so, bringing this information to light has no benefit for an auditor: it is likely to cost him the account and it does not make him gain new ones.”

Compliance

On a positive note from the compliance perspective, of the 216 cases, 74 or 34.3%, were detected by internal governance. But we shouldn’t pat ourselves on the back too much. These cases are pre-2005 and therefore date before the compliance era.

Raw Data

Of the the 142 cases detected by external governance here is the breakdown:

Fraud Detector Cases Percentage
Employee 26 18.3%
Analyst 24 16.9%
Media 22 15.5%
Industry Regulator or SRO 20 14.1%
Auditor 16 11.3%
SEC 10 7.0%
Client or Competitor 9 6.3%
Equity Holder 5 3.5%
Short seller 5 3.5%
Law Firm 5 3.5%

It would be great to move the SEC higher on the list. But it seems that you want to keep as many groups interested in detecting and reporting fraud. There are lots of groups interested in detecting fraud for lots of reasons. We should make sure that all of them stay engaged and have incentives to report the fraud.

Sources:

Image is Qiqi Green Whistle by Steven Depolo under Creative Commons

SOX Whistleblower Protections at Mutual Fund Companies

We know that Sarbanes-Oxley offers protections to employees at public companies, but does it also protect employees at mutual fund companies?

Yes. At least according to Judge Woodcock of the Massachusetts U.S. District Court.

The Employees

The decision is for two cases that were combined because of the common defendant. According to the decision, Jackie Hosang Lawson worked at Fidelity for more than a decade, before she questioned (1) an expense for “Guidance Interactions”, (2) the improper retention of 12b-1 fees, (3) the methodology that affected fund profitability models, (4) issues with a new source system, (5) allocations of internet expenses, and (6) errors in a back office group. She claims to have received poor job performance ratings, missed a promotion and other bad acts as a result of her raising the issues. She filed four separate whistleblower complaints with OSHA that ended up as this federal district court case.

Jonathan M. Zang started at Fidelity in 1997 as an equity research analyst and eventually became a portfolio manager. Zang objected to what he saw as inaccurate disclosure of portfolio manager compensation in an SEC filing for one of his funds. Zang contended that Fidelity retaliated by giving him poor performance ratings and ultimately fired him.

The Mutual Funds

The Fidelity mutual funds are publicly traded, but do not have any employees. The mutual funds hired FMR LLC and other Fidelity affiliates to act as advisers to the funds and those advisers have the employees. (This is the typical arrangement for mutual funds.)

The fund company took the position that Lawson and Zang were employees of a private company (FMR is private) and are not covered by the SOX whistleblower protection. Lawson and Zang argue that SOX protections are not only for employees of public companies but also for employees of private companies, particularly those that act as investment advisers to public investment companies.

The Statute

The statutory provision in question [18 U.S.C. §1514A(a)]provides:

No company with a class of securities registered under section 12 of the Securities Exchange Act of 1934 … or any officer, employee, contractor, subcontractor, or agent of such company, may discharge, demote, suspend, threaten, harass, or in any other manner discriminate against an employee in the terms and conditions of employment because of any lawful act done by the employee ….

The Reasoning

If Zang or Lawson were direct employees of the mutual fund there is little question that they would be protected.

Judge Woodlock looked at the broader provision of Sarbanes-Oxley and found that the intent was to address the problems of shareholder fraud in the public markets.  The judge feels that the protections applies to employees of  “any related entity of a public company.”

The Lawson and Zang are either contractors, subcontractors, or agents of publicly held investment companies. “If the Funds did not
have investment advisers as their agents, the only activity that could take place on the Funds’ behalf would be actions taken by the Board of Trustees.”

Judge Woodlock did not rule on the substance of the plaintiffs’ claims. He did side with Fidelity and dismissed wrongful discharge claims under state law.

The Future

I expect we will hear more about this case on appeal.

Sources:

Media Leak is not Protected as a SOX Whistleblower

Leaking information to the media about bad financial controls is not protected by SOX whistleblower retaliation clause.

Nicholas P. Tides and Matthew C. Neumann were working as “Audit IT SOX auditors” at The Boeing Company. They made several complaints about auditing deficiencies to their supervisors. They claimed “that Boeing’s auditing culture was unethical and that the work environment was hostile to those who sought change.”

So they took their story to Andrea James, a reporter from the Seattle Post-Intelligencer, providing her with information and documents.

Boeing ended up firing Tides and Neumann. They sued claiming they were wrongly fired as whistleblowers and were protected under Section 806 of Sarbanes-Oxley.

The court pointed out that 18 USC § 1514A(a)(1) states that the protection exists when

the information or assistance is provided to or the investigation is conducted by—

(A) a Federal regulatory or law enforcement agency;

(B) any Member of Congress or any committee of Congress; or

(C) a person with supervisory authority over the employee (or such other person working for the employer who has the authority to investigate, discover, or terminate misconduct)

None of these three cover a reporter or media outlet, so no protection to the whistleblower.

Sources:

Disclosure: I own some Boeing stock.

In-House Counsel as Whistleblowers under SOX

whistleblower

Section 806 of the Sarbanes-Oxley Act (18 USC §1514A) expressly authorizes any “person” alleging discrimination based on protected conduct to file a complaint with the Secretary of Labor and, thereafter, to bring suit in an appropriate district court. There is no exception for lawyers or in-house counsel.

Recently, the Ninth Circuit tackled this issue in the case of Van Asdale v. International Game Technology.

Shawn and Lena Van Asdale were in-house counsel for IGT. As part of the merger of IGT with another company, the Van Asdales raised some issues regarding the validity of a valuable patent owned by IGT. They thought the patent issue should be disclosed in connection with the merger. Their bosses thought otherwise and fired them instead.The Van Asdales sued, asserting a whistleblower claim under the SOX because they were terminated for reporting possible shareholder fraud in connection with that merger.

What About Legal Ethics Restrictions?

IGT argued that the Van Asdales were prohibited from filing suit because of  their ethical obligations as Illinois-licensed attorneys. There is some Illinois law that “in-house counsel do not have a claim under the tort of retaliatory discharge.” Balla v. Gambro, Inc., 584 N.E. 2d 104 (Ill. 1991). However, this case is based on federal law, not Illinois law. So the court rejected that argument.

What About Attorney-Client Privilege?

The Van Asdale’s case is based on a conversation the two had with their boss regarding a pending litigation matter involving the company. To bring the case, they have to disclose information subject to the attorney-client privilege.

The Court looked at Section 806 of the Sarbanes-Oxley Act (18 USC §1514A) which expressly authorizes any “person” alleging discrimination based on protected conduct to file a complaint. Since there is no exception, in-house counsel should not be prevented from bringing a claim. There are ways to protect information. The trial court should “use the many ‘equitable measures at its disposal’ to minimize the possibility of harmful disclosures, not to dismiss the suit altogether.”

What About the Substance of the SOX Claim?

Beyond the attorney-client privilege in the case, there was also a disagreement of the standards for the claim under the whistleblower protections of SOX.

The plaintiffs only needed to show that they reasonably believed that there might have been fraud and were fired for suggesting further inquiry. Section 1514A prohibits discriminating  against an employee for “provid[ing] information . . . regarding any conduct which the employee reasonably believes constitutes a violation of” a listed law. So an employee “must have (1) a subjective belief that the conduct being reported violated a listed law, and (2) this belief must be objectively reasonable.”

References:

Image is by HughElectronic: Whistleblower. http://www.flickr.com/photos/hughelectronic/ / CC BY 2.0

Whistleblowing in Europe – Legal Aspects

hotline

Jonathan Armstrong of Eversheds gave this webinar. (You can watch it yourself after a free registration: Whistelblowing: Challenges in running a helpline in Europe) These are my notes:

Why have a hotline? A hotline can help the headquarters connect with offices abroad. They can help internalize issues and the flow of information. The main reason for a hotline is because of a legislative requirement. Sarbanes-Oxley is the most well known legislation.

The main legal issues implicated: privacy, data security (particularly for third party providers), labor law, HR issues, and Third Party contracts. Although the more issues covered in the helpline, then there will be more legal issues involved.

The history of hotlines really starts with SOX, then were impacted by the 2005 privacy cases in France, then the works council issue in Germany and France in 2005.

The CNIL guidelines limits the hotline to “serious” cases. They have a quick prepacked list of items that you can set up a hotline. If you are outside the parameters, then you need approval. He recommends getting local counsel for the French approach.

The EU has formed the Article 29 Committee. CNIL took the lead in drafting so it looks more like France than the US. It discourages anonymous complaints. It discourages advertising that complaints can be made anonymously. It also gives defense rights to the accused. There is a two month retention period which makes it hard to track patterns. There should be a penalty for bad faith complaints. It expects reports to be investigated within the jurisdiction of the problem. It makes it hard to centralize investigators.

Image is by oyxman and made available through Wikimedia Commons: Tall Red K6 Phone Box.jpg.

It’s Not Fraud, But it Can’t be Ignored

compliance-week-red

This session was a “dark session” so I am not sharing my notes, but will share a few themes that emerged.

Most hotline complaints are for incidents that are not true compliance or ethics issues. Most studies show that HR issues tend to be almost half of the complaints.

There were two camps of thoughts. Those that thought everything should go into one central location and those that thought there should be segregated systems. Largely, this hinged on the issue of attorney-client privilege. Some felt it better to keep this information hidden away to keep from plantiff’s lawyers.

One recommendation that I liked was to use the term “incident reporting system” instead of whistleblower hotline. To me this sounds likeit would remove some of the psychological impediments to using the system. It sounds more user friendly to me.

Hotline for Improvements

hotline-tall_red_k6_phone_box

I overheard at a recent compliance meeting about the possibility of using the whistleblower hotline to also solicit comments for improvements to the operations of your company.

Those of you with active hotlines you probably get enough false positives coming through (HR, workplace disputes, …) that you probably don’t want anything else coming in. But employees and other stakeholders may use a hotline to report any issue that makes them uncomfortable. For example, complaints regarding discrimination and sexual harassment are high-liability issues that need to be addressed. Turning away these calls because the hotline is “for Sarbanes-Oxley Complaints Only” may alienate an employee who has made the difficult decision to take action.

But if your hotline is underused, the anonymity feature could be useful as a suggestions box.

If something is bothering them in the workplace, even if it not a high-liability issues, could come through the hotline. To spin it around, profitability and cost reduction suggestions could come through the hotline.

What do you think?

Image is by oyxman and made available through Wikimedia Commons: Tall Red K6 Phone Box.jpg.

Whistleblower Programs: Challenges for Multinational Companies

skadden

Katherine D. Ashley, Gary DiBianco, Dana H. Freyer, Matthias Horbach, Pierre Servan-Schreiber of Skadden, Arps, Slate, Meagher & Flom LLP put together a nice article addressing the challenges of exporting the whistleblower requirements under Section 301 of Sarbanes-Oxley to operations in the European Union: Whistleblower Programs: Challenges for Multinational Companies

Section 301 of the Sarbanes-Oxley Act of 2002 created a requirement that public company audit committees establish procedures for the “confidential, anonymous submission by employees of the company of concerns regarding questionable accounting or auditing matters.” Most companies have expanded the use of this hotline to include any violation of law or violation of company policy.

On the other side of the Atlantic, European labor and data protection laws offer more protection and rights to the whistleblower’s target. It is struggle to get a whistleblower hotline that works around the world. The folks at Skadden offer some suggestions in their article.

See also:

FINRA Announces Creation of “Office of the Whistleblower”

finra_logoFINRA announced that they have created a new Office of the Whisteblower to expedite review of high-risk tips.  FINRA Senior Vice President Cameron Funkhouser will oversee this new office. What’s not clear to me is how this new initiative differs from the existing File a Regulatory Tip procedure.  According to the press release, this new initiative “will not replace the exist process for handling the thousands of tips and complaints that come through the existing hotlines.”

FINRA states that they receive between 4,500 and 6,000 formal investor complaints annually, which are vetted by FINRA’s Front End Cause Unit. (I find it interesting that the Front End Cause Unit is missing from the FINRA website.) I am not sure if these numbers include regulatory tips.

I am disappointed that the FINRA whistleblower lines vary widely in the information collected and the method of filing:

So what if I am an investor and I think my broker is violating a regulation and committing serious fraud. Do I fill out all three? Is there going be a turf war inside FINRA over who is handling which types of complaints?

It is a great move by FINRA to focus on the whistleblowing and complaint process. Unfortunately, it looks like they made it more complicated instead of easier.

See also: