The Securities and Exchange Commission (SEC) has been cracking down on companies that engage in pre-taliation, imposing increasing fines as a result. This was evident in the recent case of JP Morgan,  which faced an $18 million sanction for including a pre-taliation clause in their contracts. This enforcement action highlighted the importance for companies to address pre-taliation risk by implementing contract language that protects individuals’ rights to report misconduct. Matt Kelly and I recently had the chance to take a deep dive into the decision in a recent episode of Compliance into the Weeds.

Corey Schuster, co-chief of the Asset Management Unit in the SEC Division of Enforcement, said in a SEC Press Release, “whether retail or otherwise, must be free to report complaints to the SEC without any interference. Those drafting or using confidentiality agreements need to ensure that they do not include provisions that impede potential whistleblowers.” Gurbir Grewal, Director of the SEC Enforcement Division added,  “Whether it’s in your employment contracts, settlement agreements or elsewhere, you simply cannot include provisions that prevent individuals from contacting the SEC with evidence of wrongdoing.” Matt noted in his blog post on the case, “SEC enforcement against pre-taliation is not exactly news, since the agency has been filing such cases since 2016 — but until now, those enforcement actions have always been about companies using pre-taliation clauses in contracts with employees . Now we have our first case over pre-taliation against customers — and it came with the biggest pre-taliation fine we’ve ever seen, to boot.”

Pre-taliation occurs when a company restricts individuals from speaking out about corporate misconduct to regulators. While previous pre-taliation cases primarily focused on restrictions placed on employees, the JP Morgan securities case marked a significant shift. For the first time, the SEC sanctioned a company for imposing a pre-taliation clause on customers. This expands the range of individuals who may fall victim to pre-taliation and underscores the need for companies to be vigilant in their compliance efforts.

It is crucial for companies to understand that pre-taliation clauses are problematic, regardless of whether they are included in employment contracts, settlement agreements, or elsewhere. The SEC has made it clear that provisions preventing individuals from contacting the SEC with evidence of wrongdoing are unacceptable. Compliance officers are advised to conduct regulatory assessments to understand applicable laws and review contracts for any problematic language.

The fines imposed by the SEC for pre-taliation cases have been increasing over time. In the case of JP Morgan securities, the $18 million sanction was the largest fine ever seen for a simple fix. The remediation action required in these cases is relatively straightforward: companies must delete the problematic language from their agreements and inform anyone who signed the old language that they are free to report misconduct to the SEC or any other regulator. While the mechanics of executing this remediation may be challenging for large organizations with contracts stored in different data warehouses, the basic idea remains the same.

It is worth noting that in most pre-taliation cases, companies rarely enforce the pre-taliation clauses. They often become an afterthought, and it is only years later that companies realize their mistake and attempt to rectify the situation. The SEC’s message is clear: companies must proactively identify and correct problematic language in their contracts to avoid facing significant fines.

The CBRE pre-taliation enforcement action serves as an example of effective remediation practices. CBRE swiftly identified and corrected problematic clauses, updated their code of conduct, and provided training to their compliance team on SEC rules. This proactive approach not only helped them avoid more severe penalties but also garnered praise from the SEC. Here Kelly noted,

• Within one month of learning about the SEC investigation, revising all its U.S. severance agreement templates to assure compliance; followed by an audit of similar agreements worldwide, reviewing some 300 templates used by CBRE affiliates in 54 countries.
• Updating the CBRE Code of Conduct to add new language against pre-taliation.
• Training more than 50 members of the compliance team globally on the Rule 21F-17 language added to all relevant templates;
• Undertaking a mandatory re-certification process, where more than 100,000 employees worldwide certified that they had reviewed the updated Code of Conduct, and attested to their understanding that they were always free to bring concerns to regulators without any advanced notice to CBRE.

Compliance officers face the challenge of balancing various factors when addressing pre-taliation risk. They must consider the impact of state laws, federal whistleblower protection laws, and securities laws that may apply to their company. Conducting a regulatory assessment and thoroughly reviewing contracts can help identify potential areas of concern.

In conclusion, the SEC’s increasing fines for company pre-taliation highlight the importance of compliance and the need for companies to address pre-taliation risk. It is crucial for companies to eliminate pre-taliation clauses from their contracts and ensure individuals are free to report misconduct to regulators. By taking proactive measures and conducting thorough assessments, companies can mitigate the risk of facing significant fines and reputational damage.

[View source.]