Employers in the financial services industry are faced with an escalating number of employment law compliance challenges, but the news is not all bad. For example, although pleading standards for Sarbanes-Oxley Act (“SOX”) whistleblower retaliation actions are increasingly easy for claimants to satisfy, employers are routinely prevailing when these claims are litigated before the courts. In addition, as an alternative to non-compete agreements, which are generally disfavored by courts, employers may find success using the “employee choice” doctrine to persuade former employees not to compete. Other important compliance obligations continue to require vigilance: cybersecurity and data privacy, the effects of gender and race on compensation practices, and the expansion of eligibility for overtime pay are all issues that remain high on regulators’ priority lists. This edition of Epstein Becker Green’s Take 5 addresses these important topics and what financial services employers should know about them:
Relaxed Legal Standards That Favor SOX Whistleblowers Do Not Leave Employers Defenseless
Implementing and Applying the Employee Choice Doctrine: Employers Focus on Forfeiture to Protect Their Company’s Assets
SEC Makes Cybersecurity an Examination Priority for 2016
Compensation Practices of Financial Services Companies Are Likely to Be Targeted by the OFCCP
DOL’s Continued Expansion of Worker Coverage Remains a Top Wage and Hour Concern
For the latest employment, labor, and workforce management news and insights concerning the financial services industry, please visit and subscribe to Epstein Becker Green’s Financial Services Employment Law blog
By: John F. Fullerton III and Jason Kaufman
Section 806 of SOX prohibits publicly traded companies, as well as their subsidiaries, contractors, subcontractors, and agents, from taking adverse personnel actions against employees for reporting activity that they reasonably believe constitutes mail fraud, wire fraud, bank fraud, securities fraud, or a violation of any Securities and Exchange Commission (“SEC”) rule or federal law relating to fraud against shareholders. In recognition of the legislative intent underlying SOX—to provide strong and broad-based protections for employees who report suspected securities violations and financial fraud—courts are increasingly applying lenient standards that favor employees in assessing the viability of a SOX retaliation claim in the face of a motion for pretrial dismissal. Fortunately for employers, however, recent decisions demonstrate that even in today’s whistleblower-friendly environment, courts will readily dismiss SOX retaliation claims that lack adequate evidentiary support.
For example, the U.S. Court of Appeals for the Second Circuit ruled in Nielson v. AECOM Tech Corp. that, in dismissing the plaintiff’s complaint, the district court incorrectly applied the “definitively and specifically” standard to find that the plaintiff had not engaged in activity protected by SOX. Under this originally well-accepted standard, an employee’s communications about a suspected violation are not protected unless they relate “definitively and specifically” to one of the categories of fraud or securities violations listed under Section 806 of SOX, and the employee must reasonably believe that each of the legally defined elements of a suspected violation occurred. Applying this standard, the district court held that the plaintiff’s complaints to his managers (that certain fire safety designs were not properly reviewed) were not protected.
On appeal, the Second Circuit deferred to evolving interpretations of SOX articulated by the Department of Labor’s (“DOL’s”) Administrative Review Board during the Obama administration. The Second Circuit jettisoned the “definitively and specifically” test in favor of the more relaxed “reasonable belief” standard, under which the plaintiff has engaged in protected activity as long as (i) he has a subjective belief that the reported conduct violates a law covered by SOX and (ii) his belief is objectively reasonable for a person in his position. Nevertheless, the Second Circuit affirmed the dismissal because, although the plaintiff alleged that he reported what he believed constituted, inter alia, shareholder fraud, he did “not plausibly allege, on the basis of assertions beyond the trivial and conclusory, that it was objectively reasonable for him to believe that there was such a violation[.]” As a result of the Nielson decision, district courts sitting in the Second Circuit now apply the more relaxed “reasonable belief” standard in determining whether a plaintiff has engaged in protected activity under SOX.
The U.S. Court of Appeals for the Third Circuit released a decision in Wiest v. Tyco Elecs. Corp. on February 2, 2016, that affirmed the dismissal of a plaintiff’s claim that he was unlawfully terminated in violation of SOX for reporting suspected securities fraud pertaining to improper accounting practices. Notably, the Third Circuit had previously reversed the district court’s prior dismissal of the plaintiff’s claim because the district court erred and applied the “definitively and specifically” standard to find that the plaintiff had not engaged in protected activity. On remand, the district court, affirmed by the Third Circuit, dismissed the plaintiff’s SOX claim on summary judgment because, regardless of whether the plaintiff had engaged in protected activity, there was no evidence that it was a factor contributing to his termination. The Third Circuit discussed the leniency of the contributing factor test, which requires only that the plaintiff show that his protected activity affected in any way the decision to terminate. Nevertheless, the Third Circuit found that the plaintiff failed to meet even this low threshold and that the defendant established that it would have terminated the plaintiff in the absence of any protected behavior.
On January 4, 2016, the U.S. District Court for the Southern District of New York in Yang v. Navigators Group, Inc., dismissed a plaintiff’s claim that she was terminated for complaining to her superiors about improper risk control procedures that she believed constituted shareholder fraud and violated securities regulations. The court initially denied a motion to dismiss the claim on the pleadings, rejecting the defendant’s contentions that the allegations were insufficient to show that the plaintiff had engaged in protected activity or reasonably believed that the complained-of conduct was unlawful. In reviewing the evidence subsequently proffered at the summary judgment stage, however, the district court found that some of plaintiff’s communications to her superiors were not protected because they failed to indicate in any way that she believed a violation under Section 806 of SOX had occurred, and, in any event, that the plaintiff was clearly fired for poor performance and there was no evidence that the concerns she raised contributed to the decision to terminate her.
In sum, the number of SOX whistleblower retaliation claims is on the rise, and relaxed legal standards have made it more difficult for employers to obtain pretrial dismissal of these claims. Yet, as the above rulings indicate, employers are not left defenseless. Armed with a properly mounted legal defense, they are frequently prevailing against whistleblower retaliation allegations in the very same cases that are applying more lenient pleading standards.
By: Lauri F. Rasnick and Adriana S. Kosvych
Employers seeking to protect their competitive advantage and find an alternative method of influencing employees to not compete are increasingly relying on so-called “forfeiture for competition” agreements in place of traditional non-competes. This trend is driven, in large part, by the “employee choice” doctrine. In states that have adopted the employee choice doctrine, such as New York, a post-employment non-compete will not be subject to the usual reasonableness standard when it is contingent upon an employee’s choice between receiving and retaining a benefit (e.g., restricted stock, stock options, or some other deferred compensation) and competing.
The validity of the employee choice doctrine was recently affirmed by a New York State court applying Delaware law. See NBTY, Inc. v. O’Connell Vigliante, 2015 N.Y. Slip Op 51726(U) (Sup. Ct., Suffolk County, Nov. 24, 2015). The court’s decision in NBTY serves as an important reminder for employers that certain key components of the employee choice doctrine must be present to enforce post-employment non-competes.
NBTY involved a global manufacturer, distributor, and retailer of vitamins and nutritional supplements that sought to preclude three former executives from joining a direct competitor, Piping Rock Health Products, by invoking restrictive covenants contained in stock-option agreements that they had signed in 2011. The stock-option agreements provided the executives options to purchase specific numbers of shares of common stock that would vest over time, subject to certain terms and conditions. The agreements contained restrictive covenants prohibiting the executives from engaging in any competing business in North America, Europe, or China for a period of one year following the end of their employment with NBTY. After the executives resigned in 2014 and 2015 and began employment with Piping Rock, NBTY commenced an action in New York State court to enforce their restrictive covenants.
In its decision, the Supreme Court, Suffolk County, Commercial Division, acknowledged the applicability of the employee choice doctrine under New York law. Citing Lenel Systems Int’l, Inc. v. Smith, 106 A.D.3d 1536, 966 N.Y.S.2d 618 (N.Y. App. Div., 4th Dep’t 2013), and Morris v. Schroder Capital Management Int’l, 7 N.Y.3d 616, 825 N.Y.S.2d 697 (2006), the court explained that the individual defendants had agreed to post-termination non-compete provisions in exchange for the receipt of additional incentive compensation, i.e., stock options. Upon their decision to leave NBTY’s employ, they had the choice of preserving their rights under the stock-option agreements by refraining from competition with NBTY or risking forfeiture of such rights by exercising their right to compete. The court held that the restrictive covenants contained in the stock agreements were unenforceable, but by choosing to compete with NBTY, the individual defendants forfeited their right to the stock options.
As straightforward as the employee doctrine is in theory, in practice, employers seeking to avail themselves of the doctrine should evaluate and craft their agreements to ensure that all key components are present:
A Genuine Choice. An employee must have a genuine choice between retaining the benefits or leaving the employer to engage in competitive activities. If an employee makes the informed decision to compete, the employer may require that he or she forfeit the benefits promised in exchange for the non-compete.
Voluntary Separation. Some courts have interpreted the “genuine choice” requirement to mean that the employee must voluntarily separate from the employer in order for the employee choice doctrine to apply. The reasoning behind this interpretation is that if the employee is terminated, the employer, not the employee, has made the choice to end the relationship. Thus, a court may not be willing to apply the employee choice doctrine to an employee who is terminated without cause or an employee who is “constructively discharged.” If the employee choice doctrine is not applied, any non-compete that the employer seeks to enforce may be subject to the usual reasonableness analysis that would generally be considered by a court analyzing whether to enforce a restrictive covenant.
Consideration. For the employee choice doctrine to apply, consideration is a necessary element. States vary as to whether initial employment or continued employment, standing alone, may serve as sufficient consideration. When a restrictive covenant is entered into after employment begins, new consideration may be required (and, in any event, may be helpful), such as a corresponding benefit or beneficial change in employment status. Even in the context of stock option plans, restricted cash, or other monetary benefits, consideration may still be a concern when restrictive covenants are added to preexisting plans or benefits.
Forfeiture Relief. The employee choice doctrine is about forfeiture, not restriction. In other words, the agreement should not put a blanket restriction on post-employment competition, but rather should memorialize an incentive-driven bargain: the employee’s receipt and retention of certain benefits in exchange for his or her avoidance of post-employment competitive activity. Inclusion of language that seeks to enjoin the employee from engaging in competition undermines the “choice” element of the employee choice doctrine. Generally speaking, forfeiture of benefits (possibly through rescission), not an injunction, is the sought-after remedy. Of course, an employer would not necessarily be prevented from seeking injunctive relief, where appropriate.
State-Specific Standards. Not all states have adopted the employee choice doctrine. Courts in North Dakota, for example, have found forfeiture for competition clauses to be per se unenforceable. Connecticut, Maryland, Massachusetts, and Pennsylvania recognize the concepts of employee choice and forfeiture-for-competition, but apply them in conjunction with a traditional reasonableness analysis. In light of this wide variation, employers should take into consideration the specific state in which they seek to enforce post-employment non-competes when crafting such agreements.
By: John F. Fullerton III and Jason Kaufman
Businesses of all sizes and in virtually every industry face the daily threat of a data breach or other cybersecurity event, as well as the challenge of managing the potentially catastrophic economic and reputational harm that can flow from such an incident. Further complicating matters is that these threats can come from any number of sources: hackers, phishers, spammers, bot-network operators, spyware and malware authors, insiders, other nations, organized criminal groups, and terrorists. SEC regulations require registered financial institutions—including broker-dealers, investment companies, and investment advisers—to adopt written policies and procedures reasonably designed to ensure the security and confidentiality of customer information and records. In the last few years, the SEC has become increasingly vocal about cybersecurity compliance. For example, SEC Commissioner Luis A. Aguilar, in his speech entitled “Boards of Directors, Corporate Governance and Cyber-Risks: Sharpening the Focus,” noted that “boards that choose to ignore, or minimize, the importance of cybersecurity responsibility do so at their own peril.” It should come as no surprise, then, that the SEC recently announced that cybersecurity compliance will be one its selected examination priorities in 2016. The inspection and examination priorities selected by the SEC “reflect certain practices and products that [the Office of Compliance Inspections and Examinations] perceives to present potentially heightened risk to investors and/or the integrity of the U.S. capital markets.” The recent announcement is a natural continuation of the SEC’s focus on cybersecurity in the financial services industry.
In April 2014, after holding a roundtable discussion with industry representatives, the SEC announced a series of examinations to identify and assess cybersecurity risks and preparedness in the securities industry. In February 2015, the Financial Industry Regulatory Authority (“FINRA”) released a “Report on Cybersecurity Practices.” As FINRA observed, the frequency and sophistication of cyber attacks are increasing, and it is imperative to have fundamental controls in place to manage risk and reduce the threat.
Subsequently, in September 2015, the SEC launched a second initiative to examine the cybersecurity compliance and controls in place at broker-dealers and investment advisory firms. The SEC expressed concern regarding public reports that had identified cybersecurity breaches related to weaknesses in basic data controls. As a result, this second initiative focused on governance and risk assessment, access rights and controls, data loss prevention, vendor management, training, and incident responses.
Shortly thereafter, the SEC announced that a St. Louis-based investment adviser had agreed to settle charges that it failed to establish the required cybersecurity policies and procedures in advance of a breach that compromised the personally identifiable information of approximately 100,000 individuals, including thousands of the firm’s clients. At the time, an SEC representative emphasized that “[a]s we see an increasing barrage of cyber attacks on financial firms, it is important to enforce the safeguards rule even in cases like this when there is no apparent financial harm to clients . . . Firms must adopt written policies to protect their clients’ private information and they need to anticipate potential cybersecurity events and have clear procedures in place rather than waiting to react once a breach occurs.” Without admitting any wrongdoing, the firm agreed to cease and desist and pay a $75,000 fine.
In the recent statement, the SEC indicated that, to advance the efforts announced last September, the 2016 examinations will be looking at structural risks and trends that may involve multiple firms or entire industries. The examinations will include the testing and assessment of the implementation of procedures and controls at the target companies. Companies subject to the SEC’s jurisdiction are therefore well advised to make cybersecurity and data privacy a priority in their own compliance regimes.
By: Dean R. Singewald II
With the release of President Obama’s budget for the DOL on February 9, 2016, the Office of Federal Contract Compliance Programs (“OFCCP") announced two top enforcement priorities for 2016. First, the OFCCP will continue to identify and address systemic pay discrimination in its efforts to reduce the gender and race-based pay gap. Second, the OFCCP will establish regional centers staffed with “highly skilled and specialized compliance officers” to conduct “large, complex compliance evaluations” in specific industries, including the financial services industry.
When President Obama signed the Lilly Ledbetter Fair Pay Act after taking office seven years ago, he made clear his commitment to equal pay for equal work. Since then, the OFCCP has taken steps to fulfill that commitment. With the release of the OFCCP’s 2017 budget, government contractors can count on larger, more complex and thorough compliance investigations specifically aimed at rooting out unlawful pay discrimination. Financial services companies are in an industry specifically targeted by the OFCCP and should expect more audits and greater scrutiny of their compensation practices. The OFCCP’s scrutiny of companies within its jurisdiction at a minimum will include requiring a company to produce compensation data on each U.S.-based employee located at the audited facility, identify factors used to determine employee compensation, and submit policies and documentation concerning the company’s compensation practices.
The OFCCP has jurisdiction pursuant Executive Order 11246 over any financial services company that (i) holds a single government contract or subcontract in excess of $10,000; (ii) holds government contracts or subcontracts that combined are in excess of $10,000 in any 12-month period; (iii) holds government bills of lading; (iv) is a depository of federal funds in any amount; or (v) is a financial institution that is an issuing and paying agent for U.S. savings bonds and notes. Those with contracts in excess of $50,000 are required to maintain written affirmative action programs. The thresholds are higher under the Rehabilitation Act of 1973 and the Vietnam Era Veterans’ Readjustment Assistance Act.
Often overlooked, financial institutions with federal share and deposit insurance, whether with the Federal Deposit Insurance Corporation (“FDIC”) or the National Credit Union Association (“NCUA”), are considered contractors subject to OFCCP jurisdiction. Although the FDIC and NCUA do not use government-appropriated funds, and are not subject to the Federal Acquisition Regulation, the OFCCP maintains that they are contracting government agencies for affirmative action purposes, and by definition, government contracts include contracts for nonpersonal services, including insurance services.
In another recent development, the OFCCP final rule implementing President Obama’s Executive Order 13665 (“Final Rule”) went into effect January 11, 2016. The Final Rule extends pay transparency protections to all employees and applicants. The Final Rule prohibits contractors subject to the Executive Order, when entering into a new or modified contract on or after that date, from discriminating against any employee or applicant for employment for inquiring about, discussing, or disclosing his or her compensation, or the compensation of another employee or applicant. Although the National Labor Relations Act provides similar protections, it does not extend the protections to supervisors, managers, agricultural workers, and employees of rail and air carriers. Under the Final Rule, however, those employees are protected. Contractors are required to notify employees and applicants of their rights by including the Pay Transparency Nondiscrimination Provision prepared by the OFCCP in their employee manual or handbook and either electronically posting the provision on contractor’s career web page or posting a copy in conspicuous places at their facilities.
Finally, on January 29, 2016, the U.S. Equal Employment Opportunity Commission (“EEOC”) proposed revisions to the Employer Information Report (“EEO-1 report”). As proposed, contractors and employers with 100 or more employees would have to submit pay data on their workforce when filing their EEO-1 report. In addition to disclosing the number of employees working in each EEO-1 job category by gender and race/ethnicity, contractors and employers would be required to provide pay data on each employee’s W-2 earnings, along with the total hours worked by the employee. The pay data and hours worked would be submitted in the aggregate showing the total number of employees, and the total number of hours of employees, by gender and race/ethnicity within each EEO-1 job category slotted into 12 pay bands. Each pay band provides a range of compensation received by employees and is used to distinguish different levels of compensation. For example, employees earning from $49,920 to $62,919 would fall within Pay Band 6, while employees earning $208,000 or more would fall within Pay Band 12.
The new EEO-1 report would allow the EEOC and OFCCP to use the employer pay data to “assess complaints of discrimination, focus investigations, and identify employers with existing pay disparities that might warrant further investigation.” Specifically, the pay bands would allow the EEOC and OFCCP to compute within-job-category variation, across-job-category variation, and overall variation, looking at W-2 pay distribution within an establishment, and comparing the establishment's data to aggregate industry data, which would support their ability to detect potential discrimination. While the proposed revisions are now subject to comments and possible changes, going forward, it is clear that the OFCCP, in partnership with the EEOC, will be stepping up its efforts during compliance reviews, specifically scrutinizing contractors’ compensation practices, in an attempt to root out pay discrimination and close the earnings gap.
By: Jeffrey H. Ruzal
The DOL has been steadfast in expanding worker coverage under the Fair Labor Standards Act (“FLSA”), and the financial services industry, like most, will be affected. The DOL’s initiative began on July 6, 2015, when it published a Notice of Proposed Rulemaking (“NPR”) that is expected to extend overtime protection to almost five million white-collar workers who are currently not entitled to overtime pay because they are classified as exempt. The NPR, which is expected to be finalized in July 2016, will likely more than double the salary threshold to qualify for FLSA exemption under the executive, administrative, or professional exemption, increasing it to $970 per week, or $50,440 per year. In addition, the highly compensated employee exemption, which, if satisfied, lightens the duties requirements of the executive, administrative, or professional exemptions, is expected to increase from $100,000 to $122,148. Once in place, these salary threshold requirements are expected to increase annually to adjust for inflation, which has not previously been the case.
Less than two weeks later, on July 15, 2015, the DOL issued Administrator’s Interpretation No. 2015-1 on independent contractor misclassification, promoting the now famous “tagline” that most workers are employees—and not independent contractors—who are, therefore, covered by the FLSA. To support its position, the DOL redefined its long-standing “economic realities” test, which courts rely upon when determining whether there exists an employer-employee relationship. The traditional economic realities test includes the following non-dispositive criteria: (i) the degree of control exercised by the business over the worker; (ii) the worker’s opportunity for profit or loss; (iii) the degree of skill and independent initiative required to perform the work; (iv) the permanence or duration of the working relationship; (v) the extent to which the work is an integral part of the business; and (vi) the worker’s investment in his or her own business. In this Administrator’s Interpretation, however, the DOL significantly revised this objective test by radically redefining the factors to promote “employee” status.
Not resting on its already significant initiative, on January 20, 2016, the DOL issued Administrator’s Interpretation No. 2016-1 (“new Interpretation”) concerning joint-employment liability. The new Interpretation provides that businesses that utilize employees of third-party employers may be considered joint employers of those workers and therefore covered by the FLSA. Also, the new Interpretation states that joint employment often involves a “larger and more established” employer “with a greater ability to implement policy or systemic changes to ensure compliance.” The DOL explains that investigators may hold the larger company responsible for “financial recovery” and “future compliance.” The larger companies are undoubtedly more important to the DOL as they are the deep-pocket joint employer that can be held responsible for the entire amount of back wages owed.
The new Interpretation explains that there are two types of joint employment on which the DOL will focus: horizontal and vertical relationships. Horizontal joint employment exists when an employee has employment relationships with two or more related or commonly owned businesses. In assessing horizontal joint employment, the DOL focuses on the relationship between the businesses, not the workers. The DOL explains that a horizontal joint-employment relationship may exist in situations when: (i) employers share an employee’s services, (ii) one employer acts in the interest of the other employer in relation to the employee, or (iii) one employer controls the other employer and therefore shares control of the other employer.
Vertical joint employment exists when a worker provides services to one company while being formally employed by a third party, such as a labor supplier. To determine whether joint employment exists, the DOL analyzes whether an employee of one business, the labor supplier, is economically dependent on another business that utilizes the labor supplier’s employee.
In light of the DOL’s ongoing initiative to increase coverage under the FLSA, businesses should carefully consider their relationships with independent contractors and their labor supply workforce. Businesses should closely monitor their relationships with independent contractors and be disciplined in limiting their engagement with contractors to discrete projects of a finite duration. In addition, businesses should avoid using contractors as headcount replacement. Doing so places firms at risk for claims by individuals that they were misclassified and entitled to pay and benefits.
With respect to using a labor supplier’s employees, businesses should effectively “partner” with the labor supplier. As part of any services agreement, labor suppliers should explicitly represent that they are treating their workers as employees, and not as independent contractors. Businesses should also have the right to review the labor supplier’s employment records for the workers it supplies to confirm FLSA compliance. In addition, financial services firms may want to pay careful attention to the contracts between them and the labor suppliers, confirming that such contracts contain: (i) appropriate forum and choice of law provisions, (ii) representations regarding wage and hour and other legal practices, and (iii) an explicit indemnification by the labor supplier for any liability arising from a joint-employment relationship.