The Securities and Exchange Commission (“SEC” or “Commission”) recently issued a stark reminder to regulated persons that it will pursue enforcement actions if they prevent whistleblowers from communicating with the SEC or have policies and procedures that could discourage such communication. Indeed, the SEC’s June 23 consent order against an SEC-registered broker-dealer for alleged violations of Rule 21F-17 showed zero tolerance for potential stifling of whistleblowers.
Rule 21F-17 – which was adopted by the SEC as part of its Whistleblower Program pursuant to the Dodd-Frank Wall Street Reform and Consumer Protection Act – applies to any person regulated by the SEC and provides in relevant part, “No person may take any action to impede an individual from communicating directly with the Commission staff about a possible securities law violation, including enforcing, or threatening to enforce, a confidentiality agreement … with respect to such communications.”
The order is notable because, while the SEC alleged that the firm had a policy and training materials that prohibited employees from initiating contact with the SEC without prior approval from its legal or compliance department, it remarked that the company’s parent had another policy indicating that employees were not prohibited from reporting to or participating in a government investigation or making disclosures protected by whistleblower statutes. And like a previous SEC enforcement action for an alleged violation of Rule 21F-17, the order indicated that the SEC was unaware of any specific instances in which an employee was actually prevented from communicating with the SEC or of the company taking any action to prevent such communications.
The order also noted the firm’s cooperation and remediation efforts, including promptly revising the offending policy to state that “nothing in [the Manual] prohibits or restricts any person in any way from reporting possible violations of law or regulation to any governmental agency or entity, or otherwise prevents anyone from participating, assisting, or testifying in any proceeding or investigation by any such agency or entity or from making other disclosures that are protected and/or permitted under law or regulation.”
According to the order, the firm further clarified its policy by also including the following provision in it: “Nothing in this Manual, any agreement between the firm and its employees, or any firm policy or program requires a person to obtain prior authorization from the firm to make any such reports or disclosures to any governmental agency or entity or to notify the firm that an individual intends to make or has made such reports or disclosures.”
Nevertheless, the SEC still fined the firm $208,912 for the alleged violation.
Given this development, public companies, investment advisers, investment companies, broker-dealers, and other persons regulated by the SEC should have counsel carefully review their written policies and procedures, employment agreements, and training materials to ensure that there are no internal inconsistencies that could be viewed by the SEC as tending to stifle communications with its staff. To the extent there are any ambiguities about whether employees are restricted from communicating with the SEC at any point or for any reason, SEC-regulated persons should clarify those materials. While the above language adopted by the firm in its policies and procedures is not a safe harbor, it does provide a helpful example of what the SEC believed to be appropriate given the firm’s facts and circumstances.
 In re Guggenheim Sec. LLC, Exchange Act Release No. 92237 (June 23, 2021).