Category: Whistleblower

Decision on Whistleblower Provisions of Sarbanes-Oxley

first_circuit_court_of_appealsA federal court held that a former employee seeking on acted in good faith, but under an objective analysis, his belief that the company was engaged in fraud was not reasonable and upheld termination. Day v. Staples, Inc., 2009 WL 294804 (1st Cir. February 9, 2009)

The employee complained that the company improperly handled regularly customer returns. The company claimed that the employee was terminated for performance reasons not connected to his statements concerning improper conduct.

The Department of Labor administrative law judge dismissed the SOX complaint, as did the federal district court. The district court concluded that the belief that Staples was engaged in accounting fraud was not reasonable.

In this decision, the First Circuit Court of Appeals held that the “reasonable belief” had to be both subjectively  reasonable as well as objectively reasonable.

This is the first decision by the First Circuit under under the whistleblower protection provision of the Sarbanes-Oxley Act (“SOX”), 18 U.S.C. §1514A.

Day’s complaint did not assert any specific violations of securities laws; rather, it stated that he believed certain Staples practices resulted in the “manipulat[ion] [of] accounting data in an unlawful manner that had negative financial ramifications for Staples,” which “defrauded Staples’ shareholders” and violated the Staples Code of Ethics.

The Court stated: “The plain language of SOX does not provide protection for any type of information provided by an employee but restricts the employee’s protection to information only about certain types of conduct. Those types of conduct fall into three broad categories: (1) a violation of specified federal criminal fraud statutes: 18 U.S.C. § 1341 (mail fraud), § 1343 (wire fraud), § 1344 (bank fraud), § 1348 (securities fraud); (2) a violation of any rule or regulation of the SEC; and/or (3) a violation of any provision of federal law relating to fraud against shareholders.”18 U.S.C. §1514A(a)(1)

When the court applied this test to Mr. Day, it found that the he brought his complaints in subjective good faith. However, there was no objectively reasonable basis to believe that the conduct of which Mr. Day complained constituted securities fraud or shareholder fraud. Without an objectively “reasonable belief” that the conduct constituted either securities fraud or shareholder fraud, the court determined that the whistleblower protection provision did not shield the Mr. Day from termination.

Encouraging Courage on the Job

G. Jeffrey MacDonald takes a look at whistleblower policies in business for the Christian Science Monitor:When courage is encouraged on the job: How workplaces can motivate employees to take a stand when trouble brews.

In business, the difference between a fixable mistake and an irreparable disaster sometimes hinges on whether employees dare to take a stand before habits of wrongdoing become ingrained.

In Whistle-blowing in Organizations Marcia P. Miceli, Terry Morehead Dworkin, and Janet Pollex Near looks at organizational behavior.They found that it is more important to empower your current workers to report wrong-doing than to hire heroes. They found that employees were more likely to become whistle-blowers when they knew where to go with allegations, knew their colleagues would support them and the would not have to confront their supervisor face-to-face.

According to Dr. Near: “they blow the whistle if: the wrongdoing they have observed is serious; they feel that telling somebody about it will actually make a difference, and they feel they’re going to get some support in the organization for doing that.”

Conversely, the enemy of workplace courage is the intense pressure to deliver short-term results. Business put workers in a workplace situation where they need to choose between doing what’s right and protecting their career when they focus on short-term results.

Best Practice Advice for Improving Employee Awareness of Your GRC Program

This post gathers my notes from a webinar entitled Best Practice Advice for Improving Employee Awareness of Your GRC Program which was presented by EthicsPoint.

Barbara Upton-Garvin from the Boys & Girls Club of Greater Kansas City started off with a discussion of their awareness programs. They highlighted their ethics policies and their whistleblower’s policy.

Francine Obregon of Eisai handed out schwag with the whistleblower hotline information. The awareness program was in part designed to advise the employees know that the hotline is part of a larger compliance program. They had recently changed the principles of corporate conduct. She thought it was important to let peopel know that the person answering the hotline would not be answering the questions. The hotline was merely an anonymous conduit.

Barry Elmore from the Majestic Star Casino wanted a program to educate their employees and marketing of the reporting process. They have a broad range of education and knowledge for their employees. They found that the education process was over the heads of many front line employees so they stuck to the basics. They also educated their vendors as part of the program. They conduct new hire training and annual training. They also advertise the hotline in employee break areas and employee newsletters. They sent a copy of the code of conduct to each vendor. Some of his challenges include the 24 hour operations of the business, lots of turnover and confusion between HR issues and code of conduct violations.

Francine pointed out that Eisai focused on branding issues so that all of the compliance materials and schwag all had a similar look and feel.

Barry emphasized that you cannot be boring in delivering the message and training. The examples need to be on the “lighter side.”

Julie Rivera of Red Robin put up posters and handed out wallet cards. “Honest ro Goodness. It’s not just about gourmet burgers. It’s about treating people respectfully.” Red Robin started out with a top-down approach of getting buy-in from corporate in its push out to the individual restaurants. There was some confusion between the open-door policy and hotline. They do get a fair number of low level HR issues on the hotline.

The panel had some trouble answering a question about the effectiveness of the awareness program. Barry and Barbara both see an increase in the number of reports shortly after a training session.

Whistleblower Hotlines for Home Builders

In running through the Compliance Week database, I ran across a few Whistleblower sites and related information for construction companies.

Beazor Homes Confidential Ethics Hotline

Through the Ethics Hotline, you can report evidence of known or suspected fraud, theft, accounting or auditing improprieties, other financial misconduct, or any other type of misconduct involving the assets, operations or employees of Beazer Homes.

Toll Brothers Ethics Reporting

Toll Brothers, Inc. has a simple way for anyone to confidentially report activities that may involve unethical or otherwise inappropriate behavior relating to conflicts of interest, financial reporting, employee misconduct, safety, or other potential violations of the Toll Brothers, Inc. Code of Ethics and Business Conduct.

Pulte Homes Speak Up (.pdf)

HOW WE DO BUSINESS IS AS IMPORTANT AS THE BUSINESS WE DO.
If you have a concern regarding unethical activity, don’t keep it to yourself. Discuss it with your manager.
Or, if you prefer to remain anonymous, call: The Network.

D.R. Horton Complaint Procedures for Accounting, Internal Control, Auditing and Financial Matters. (.pdf)

Any person may submit a good faith complaint regarding accounting, internal accounting control, auditing or financial matters (collectively, “Accounting Matters”) to the management of D.R. Horton. D.R. Horton is committed to achieving compliance with all applicable securities laws and regulations, accounting and financial standards, accounting controls and audit practices. D.R. Horton’s Audit Committee will oversee treatment of concerns in this area.

KB Home Ethics Policy (.pdf)

DOING THE RIGHT THING FOR THE RIGHT REASON
At KB Home, our commitment to doing the right thing for the right reason is the foundation of our homebuilding success and 100% Complete/100% Satisfied culture. Legal obligations and public expectations regarding appropriate business conduct make it more important than ever that we continue to follow the highest ethical standards in everything that we do. Our failure to do so can have serious consequences, including civil and criminal penalties and significant damage to our reputation in the eyes of our customers, business partners and investors. The KB Home Ethics Policy reflects our commitment to operate in an ethical manner, with integrity and in compliance with applicable laws and regulations, and it establishes principles to guide actions and decisions that can be applied in everyday situations.

If you have any questions or concerns, please report them to an immediate supervisor, to one of the designated Ethics Officers, to the Ethics Policy Hotline or to the Ethics Policy Reporting Website.

What are WIFs?

My notes from the EthicsPoint webinar on intake models and the value of web intake forms.  The presenter was Erin Watkinson a business solutions consultant at EthicsPoint.

A custom web intake form is a replacement for paper based forms. You can use the web to report on issues.

Reporting should encourage employees to first go to a supervisor and not go anonymously right away.

A custom WIF is a case intake mechanism for non-licensed users. Its a custom report form that you can brand and format as needed or desired. The WIF can eliminate the re-keying of data. The form dumps the information into a central database.  in a WIF you can have explanatory text, images, fields and/or links to other documentation. The WIF is mapped to fields in the EthicsPoint Event Manager. You can create custom print forms to match the look and feel of the WIF. All of the data elements are available for reporting and analytics. There is also branching logic available depending on how questions are answered.

Erin then showed an example of an HR Management report. This highlighted the branching features. Another demo was the Hospira HR system. They used the system for people to ask questions. The system tracks the questions and the answers given.

Update to the Federal Acquisition Regulations

The Civilian Agency Acquisition Council and the Defense Acquisition Regulations Council (Councils) have agreed on a final rule amending the Federal Acquisition Regulation (FAR) to amplify the requirements for a contractor code of business ethics and conduct, an internal control system, and disclosure to the Government of certain violations of criminal law, violations of the civil False Claims Act, or significant overpayments.

On November 12, 2008 the Department of Defense published amendments to the Federal Acquisition Regulation: Federal Register Volume 73, No.219 page 67064 -67093. Key is the amendment to 52.203-13 that enlarges the requirements for a contractor’s code of business ethics and conduct.

Under 52.203-13(c)(2)(F) requires:

Timely disclosure, in writing, to the agency OIG, with a copy to the Contracting Officer, whenever, in connection with the award, performance, or closeout of any Government contract performed by the Contractor or a subcontractor thereunder, the Contractor has credible evidence that a principal, employee, agent, or subcontractor of the Contractor has committed a violation of Federal criminal law involving fraud, conflict of interest, bribery, or gratuity violations found in Title 18 U.S.C. or a violation of the civil False Claims Act (31 U.S.C. 3729-3733).

These amendments go into effect on December 12, 2008.

Military Whistleblowers Get Little Help

The AP released a story describing the poor performance of the Department of Defense Inspector General’s Office: Whistle-blowers get little help if punished.

The inspector general’s office rejected claims of retaliation and stood by the military in more than 90 percent of nearly 3,000 cases during the past six years. More than 73 percent were closed after only a preliminary review that relied on available documents and sources — often from the military itself — to determine whether a full inquiry was warranted.

The Military Reprisal Investigations, or MRI, handles reprisal cases for military whstleblower reprisal cases.

The Directorate for Military Reprisal Investigations fulfills the statutory requirements to conduct and oversee allegations of whistleblower reprisal made by DoD Military Service members, Nonappropriated Fund (NAF) employees, and Contractor Employees. The Directorate also investigates alleged violations of DoD Directive 6490.1, “Mental Health Evaluations of Members of the Armed Forces.”

CNiL Information on Whistleblower Systems

To follow-up on French Data Protection Authority Blocks SOX Whistleblower Programs and Whistleblowers in France, here is CNiL‘s FAQ on whistleblowing systems and guideline document for whistleblower systems.

CNiL defined a set of rules to be followed for whistleblower systems to be compatible with French data protection laws: Unique Authorisation dated December 8, 2005 (in French, without an English translation).

According to the FAQ on whistleblowing systems a whistleblower system must be limited to

serious risks to the company in the fields of accounting, financial audit, fight against bribery or banking areas can be collected and filed by the organisation in charge of handling the reports.

Examples :

  • Accounting and account auditing disorders,
  • False entries,
  • Tax evasion,
  • Fictitious personnel employment,
  • Bribery of public agents …

Specific examples in the banking area:

  • Terrorism funding,
  • Money laundering…

The whistleblower system may also be used to gather reports on facts

that affect the vital interests of the company or it its employee’s physical or mental integrity
Examples:

  • Threat to the safety of another employee,
  • Moral harassment,
  • Sexual harassment,
  • Discrimination,
  • Insider trading,
  • Conflict of interests,
  • Serious environmental breaches or threats to public health,
  • Disclosure of a manufacturing secret,
  • Serious risks to the company’s information system security …

CNiL also takes to position that the whistleblowing system must not be compulsory, but merely encouraged. CNiL takes the position that the systems should not be designed to encourage anonymity. Confidentiality is fine but anonymity is not.  CNiL provides this example language for the scope of a whistleblower system:

The system is open to employees who wish to inform the organisation about facts susceptible to breach applicable rules in the financial, account auditing and corruption prevention areas. This system is an alternative way of reporting genuine concerns which would not be adequately dealt with by other existing reporting channels such as line management or personnel representatives. If the vital interest of the company is threatened in other areas or if the physical or mental integrity of employee(s) is at stake, reports on such serious facts may be redirected to appropriate individuals within the company. No other type of reports can be made using this system.

French Data Protection Authority Blocks SOX Whistleblower Programs

As a follow-up to the Whistleblowers in France, John B. Reynolds, III and Amy E. Worlton of Wiley Rein LLP offer more insight to the programs and decisions.

CNIL found that employees’ ability to lodge anonymous complaints would increase the likelihood of malicious false reports. CNIL also found that the two companies’ plans would not provide implicated individuals with sufficient access to the records generated by the anonymous tips. Thus, these individuals would not have a sufficient opportunity to challenge accusations. Finally, CNIL held that neither of the companies’ proposals was the least restrictive means of ensuring a responsible corporate culture: employee education or improved auditing standards could achieve the same results without creating and processing personal data about company executives.

See newsletter from Wiley Rein LLP: French Data Protection Authority Blocks SOX Whistleblower Programs.

Whistleblowers in France

French privacy law limits the ability to use anonymous hotlines.

In France, the French Data Protection Authority (La Commission Nationale de l’Informatique et des Libertés (CNIL)), an administrative agency, oversees processes involving the collection or compilation of personal data. In 2005 they decided that two reporting procedures were in violation of French privacy law. McDonald’s Corp. and CEAC, a division of Exide Technologies, sought CNIL’s approval of their whistleblower hotline procedures. In June 2005, CNIL announced that these proposed reporting procedures would violate French law and it refused to authorize the use of such procedures. CNIL expressed concerned that anonymous reporting would lead to malicious false reports of misconduct. They determined that the risk of malicious reporting was disproportionate to the benefit of the hotlines.

There is an obligation to file procedures with the CNIL before they are implemented if files or records will be maintained in France.

See Law Flash from Morgan Lewis: Whistleblower Procedures Inconsistent with French, German Law?