SEC Awards Whistleblower More Than $10 Million

On September 14, 2020, the SEC announced payment of more than $10 million to a whistleblower who provided original information to the SEC that led to a successful enforcement action.  (The order granting the award can be accessed here.)

In explaining the reason for its award determination, the SEC noted that the whistleblower had “provided extensive and ongoing assistance to the investigative team over the course of the investigation, including identifying witnesses and helping staff understand complex fact patterns and issues related to the matters under investigation.”

Since issuing its first whistleblower award in 2012, the SEC has awarded approximately $520 million to 94 individuals.

Third Circuit Confirms Limits on Scope of Protected Activity Under SOX

On July 16, 2020, the Third Circuit affirmed the dismissal of a former IT analyst’s whistleblower retaliation claim, holding that he lacked an objectively reasonable belief that his complaints implicated one of the enumerated forms of fraud in the SOX whistleblower provision.  Reilly v. GlaxoSmithKline, LLC, No. 19-cv-2897.


Plaintiff was an IT analyst for the Company, where his duties included maintaining the Company’s AS/400 computer servers and addressing performance and security issues related to them.  Beginning in 2011, Plaintiff allegedly began complaining to his supervisor about performance issues caused by the decision to “uncap” the servers’ processors, which allowed them to share capacity.  In 2013, he allegedly voiced an additional concern that the servers’ access management plan provided certain users with more authority than they should be allowed.  Plaintiff was placed in charge of remediating both of the foregoing issues.  Plaintiff escalated his complaints to the Company’s compliance office in 2014, then to the CEO in 2015, adding that he believed these issues were not adequately disclosed in the Company’s 2013 SEC report.  In response, the Company conducted two internal investigations, both of which concluded that Plaintiff’s complaints were unfounded.

In 2014, due to a decision to outsource management of the AS/400 servers, Plaintiff was notified that his department would be reduced to one analyst position and one manager position.  Believing he was “protected” due to his complaints, plaintiff decided not to apply for the remaining analyst position and his employment was eventually terminated in June 2015.  One month later, Plaintiff filed a SOX whistleblower retaliation complaint in the U.S. District Court for the Eastern District of Pennsylvania.  The Court granted the Company’s motion for summary judgment (see our post here).


On appeal, the Third Circuit, relying on its decision in Wiest v. Tyco Elecs. Corp., 812 F.3d 319 (3d Cir. 2016) (see our post on that decision here), reiterated that “Section 806 of SOX protects whistleblowing employees from retaliation for providing information regarding conduct which the employee reasonably believes constitutes mail fraud, wire fraud, bank fraud, securities fraud, a violation of any rule or regulation of the SEC, or fraud against shareholders.”  The court held that Plaintiff failed to show that his “belief” that the Company was committing one of the enumerated forms of fraud was objectively reasonable.  First, the court found that it would not have been objectively reasonable for Plaintiff to believe that the Company was perpetuating a fraud while, at the same time, assigning him to remediate the very issues he complained of.  Describing Plaintiff’s complaints as “workplace disagreements about routine IT issues,” the Court noted that the Company was not required to include such technical details in its SEC reports.  In fact, the court stated that in its annual SEC reports, the Company had sufficiently disclosed risks related to cybersecurity and its computer systems, which in any event, did not relate to fraud.  Finding that Plaintiff had failed to show that his complaints about internal controls “relat[ed] in an understandable way” to any of Section 806’s enumerated forms of fraud, the court affirmed the lower court’s ruling dismissing Plaintiff’s claim.


Reilly reinforces that employees complaining of alleged violations of internal company policies or controls must still state an objectively reasonable belief that those violations implicate one of the provisions specifically enumerated in SOX.

ARB Denies Equitable Tolling of 180-Day Statute of Limitations Under SOX

On June 29, 2020, the Administrative Review Board (“ARB”) upheld the dismissal of a whistleblower retaliation complaint under Section 806 of the Sarbanes-Oxley Act (“SOX”) for failure to file within the 180-day statutory deadline.  Xanthopoulos v. Marsh & McLennan Companies, Inc., ARB Case No. 2019-0045 (June 29, 2020).


Complainant was an employee of Mercer Investment Consulting, an operating company owned by Marsh & McLennan Companies.  Complainant was fired on October 3, 2017, and though he made several filings with the SEC, he did not file his complaint with OSHA until 350 days later on September 18, 2018.  As a result, OSHA dismissed the complaint as untimely, and the Administrative Law Judge (“ALJ”) agreed, holding that Complainant’s claims did not merit equitable tolling of the 180-day statute of limitations under SOX.  Complainant petitioned the ARB for review.


The ARB noted that there are four situations in which equitable tolling of the SOX statute of limitations is appropriate: 1) when the defendant has actively misled the plaintiff with respect to the cause of action; 2) the plaintiff has in some extraordinary way been prevented from asserting his rights; 3) the plaintiff has raised the precise statutory claim in issue but has mistakenly done so in the wrong forum; and 4) the employer’s acts or omissions have lulled the complainant into forgoing prompt action to vindicate his rights.

Complainant argued that his SEC filings were actually SOX claims filed in the wrong forum, due to his mistaken belief that the SEC would investigate his retaliation claims.  According to Complainant, he was not aware until August 2018 that the SEC was not responsible for investigating his allegations of retaliation.

The ARB rejected these arguments.  In his SEC filings, though Complainant stated that his termination was retaliatory, he did not seek employment-based remedies such as reinstatement, back pay or other damages associated with his termination.  Instead, his only mention of monetary relief was in seeking an award under the SEC’s Whistleblower Program, which rewards individuals with a percentage of any money collected due to a SEC enforcement action based on information they provide.  Thus, the ARB found that based on Complainant’s filings, his complaints were concerned more with potential harms to the investing public than those resulting from his termination.

In addition, Complainant stated in his SEC filings that he would “keep the SEC posted of [his] legal actions” regarding “this possible case of sexual harassment, wrongful termination, and/or illegal retaliation under the whistleblower protection of the Dodd-Frank Act.”  The ARB found that these statements demonstrated that Complainant was aware that the SEC’s investigation was separate and would not cover any employment-related claim under SOX.  Furthermore, Complainant admitted to discussing his situation with a member of a civil rights organization he was a part of, who advised him that he should file a claim regarding his discharge with OSHA.  Thus, the ARB concluded, “it is clear that Complainant did not mistakenly file a SOX whistleblower claim with the SEC, but deliberately filed with the SEC a non-SOX claim for the purpose of remedying Respondent’s wrongful conduct that he complained of and seeking a whistleblower award.”


This decision reinforces that the 180-day statute of limitations for SOX whistleblower retaliation claims is strictly construed and equitable tolling of this deadline will only be granted in narrow circumstances.

ARB Rules That Complaints about Theoretical Violations are not Protected Whistleblowing Activity under Dodd-Frank

On June 18, 2020, the U.S. Department of Labor Administrative Review Board (“ARB”) held that a complaint about a theoretical violation of the Dodd-Frank Wall Street Reform and Consumer Financial Protection Act of 2010 (“Dodd-Frank”) does not constitute protected activity under the whistleblower provisions of that statute.  Bryan Horn v. University First Federal Credit Union, ARB Case No. 18-0033 (June 18, 2020).


University First Federal Credit Union (“UFFCU”) hired Complainant as a financial service representative in 2015.  Throughout his employment, Complainant expressed his concerns that multiple UFFCU internal procedures were inadequate.  He also made suggestions for improvements to those procedures during an internal audit.

In early 2016, Complainant worked on processing a customer’s auto loan, which the customer closed at a different UFFCU branch.  That branch’s Acting Manager changed the name of the loan’s processor to reflect their branch, so they and the branch would get credit for processing the loan.

Complainant contacted a branch manager to discuss the loan because he believed it was not “legally and ethically right for someone to steal someone’s work.”  Complainant indicated he would resign that evening and then asked for time to consult with an attorney.  The next day, he expressed his desire to continue working; however, UFFCU told him he could resign or would be terminated.  Complainant resigned that day.  His resignation letter accused UFFCU of violating “ethics and banking laws.”

Complainant subsequently filed a complaint with OSHA, alleging that UFFCU terminated him in retaliation for engaging in activities protected by Dodd-Frank.

ARB’s Ruling

The ARB affirmed the Administrative Law Judge’s (“ALJ”) conclusion that Complainant did not engage in Dodd-Frank-protected activity.  On appeal, Complainant argued that his complaints should be entitled to protection because he had complained “that the lack of written or standardized or internal policies and procedures could lead to mistakes and violations of Dodd-Frank.”  The ARB rejected this argument, explaining:

This is incorrect because an employee does not engage in whistleblower activity by describing merely theoretical situations. Such a belief is too attenuated from the standard to be a reasonable belief of a violation of law and therefore failed to satisfy one of the required elements of his retaliation claim. Stated another way, mere speculation does not satisfy [Complainant]’s burden.


This decision underscores that plaintiffs must reasonably believe there was an actual violation of law, as opposed to a merely theoretical violation, to establish protected activity.

Texas District Court Dismisses SOX Whistleblower Claim for Lack of Employer-Employee Relationship

On June 12, 2020, the U.S. District Court for the Southern District of Texas granted a motion to dismiss in favor of the defendant in a SOX whistleblower retaliation case, finding that the alleged whistleblower – a contractor and advisory board member of the defendant – was not an employee of the defendant, as required by SOX.  Moody v. American National Insurance Co., No. 3:19-cv-00206 (S.D. Tex. June 12, 2020).


Plaintiff brought suit against the American National Insurance Company (“ANICO”) after he was allegedly retaliated against for complaining about the company’s purported SEC violations and bringing a related shareholder-derivative suit.  Specifically, Plaintiff claimed that he experienced retaliation when ANICO: (1) removed him from his position as an advisory board member, (2) canceled contracts with his insurance company, and (3) announced the termination of an office-space lease in one of his company’s buildings.

ANICO filed a motion to dismiss, arguing that Plaintiff is not an employee, and therefore, not within the class of persons that SOX protects.  In response, Plaintiff argued that as “an Advisory Director of ANICO … [and] an insurance agent selling insurance for and on behalf of ANICO as a contractor,” he is a covered employee under SOX.  Plaintiff relied on the U.S. Supreme Court’s decision in Lawson v. FMR (2014) (discussed here), which extended the class of people protected by SOX to include not only those employed by the public company itself, but also potentially employees of contractors and subcontractors who perform work for the pubic company.  According to Plaintiff, Lawson held that SOX protects a public company’s contractors and agents – and that he was therefore protected from retaliation under the statute.


The court sided with ANICO, holding that “retaliation plaintiffs must be employees of the defendant they sue, whether that defendant-employer is the public company itself or one of its contractors.”  In other words, according to the court, the employer-employee relationship is an “essential element” of a retaliation claim.

Because Plaintiff never asserted that he had an employment relationship with ANICO, he cannot state a SOX retaliation claim against the company.  Without further factual support of an employer-employee relationship, it is not enough that Plaintiff claimed that he is the “functional equivalent of an employee” in his role as “an agent, contractor, or subcontractor of ANICO.”  Plaintiff’s service as an advisory board member was also found insufficient to give rise to an employer-employee relationship.  Despite the fact that a corporate director is not disqualified from becoming an employee of the corporation, according to the court, “it is ‘hornbook law’ that a corporate director is not, simply by virtue of his position, an employee.”


Although Lawson greatly expanded the potential universe of companies covered by SOX’s whistleblower provision, this case is a reminder that there are meaningful limitations to its reach – including the requirement that an employer-employee relationship exist in order for a whistleblower to state a claim under the statute.

CFTC Issues $6 Million Whistleblower Award

On June 9, 2020, the U.S. Commodity Futures Trading Commission (CFTC) announced a $6 million whistleblower award to an individual under its Dodd-Frank whistleblower program.  The individual was rewarded for voluntarily providing specific, credible, and timely information that led the CFTC to bring a successful enforcement action.

The Director of the Whistleblower Office, Christopher Ehrman, said in the press release that the award reflects the impact of whistleblowers on the Agency’s enforcement program, noting “whistleblowers have led the CFTC to obtain nearly $900 million in monetary relief.”  The Director added that “sizeable awards like this one should signal to potential whistleblowers that there are real financial incentives to promptly reporting violations to the CFTC.”

This is the CFTC’s second award of 2020, and the largest so far this year.  A $2 million award was issued last month to four whistleblowers who provided a tip containing “synthesized information that highlighted the economic impact of the suspicious activity they identified,” as well as ongoing assistance during the CFTC’s invesgitation.  Per usual practice, the Agency did not provide details about the whistleblower or the information that led to the enforcement action.

COVID-19 Whistleblower Protection Bill Introduced Into Congress

On June 15, 2020, Senator Kamala Harris and Representatives Jackie Speier and Jamie Raskin introduced the COVID-19 Whistleblower Protection Act (the “Act”), which seeks to provide protections for employees who blow the whistle on employers who misuse federal funds received through various measures enacted by Congress aimed at mitigating the impact of the coronavirus pandemic.  (The text of the proposed bill can be found here.)  Many of the whistleblower protections in the Act echo those contained in the American Recovery and Reinvestment Act of 2009 – the economic stimulus bill signed by President Obama in the wake of the Great Recession.  (Our article on that bill can be found here).


If passed, the Act would prohibit employers from taking reprisals against protected individuals for “disclosing, being perceived as disclosing, or preparing to disclose . . . to an officer or entity [designated under the statute] information that the protected individual reasonably believes is evidence of misconduct that violates, obstructs, or undermines any statute, rule, or regulation with respect to any Coronavirus pandemic-related program, project, or activity,” including, among other things, gross mismanagement of agency contracts, grants, and covered funds, dangers to public health or safety, abuse of authority, and violations of laws, rules, or regulations.

In addition, the Act would prohibit employers from retaliating against any protected individual who refuses to obey orders that the individual “reasonably believes would require that individual to violate a statute, rule, or regulation with respect to any Coronavirus pandemic-related program, project, or activity.”  Under the Act, a “reprisal” is defined as “an action (or, as applicable, inaction) that is discharging, demoting, blacklisting, or acting or failing to take an action in a manner prejudicial against, or otherwise discriminating against in any way (including in the hiring process and including by the threat of any such action or inaction) a protected individual.”

The Act’s protections also extend to individuals who assist in disclosing or are preparing to assist in disclosing such information as well as employees who make such disclosures in the ordinary course of their duties.  Notably, the bill takes an expansive approach with respect to the types of individuals it protects, defining a “protected individual” as an employee, former employee, or applicant for employment.  Moreover, the bill defines an employee as “an individual performing services on behalf of an employer, including any individual working for an employer under a contract with such employer (including a contractor, subcontractor, or agent of an employer).”

The Act defines the phrase “Coronavirus pandemic-related program, project, or activity” as a “program, project or activity of the executive branch . . . authorized or carried out using amounts made available under an Act to respond to or to provide aid or assistance to address, relief from, or funding to address the outbreak of COVID-19 that is enacted before, on, or after the date of enactment of this Act.”  The phrase expressly includes programs, projects, or activities that are funded by any of the following: (i) the Paycheck Protection Program and Health Care Enhancement Act; (ii) the CARES Act; (iii) the Families First Coronavirus Response Act; or (iv) the Coronavirus Preparedness and Response Supplemental Appropriations Act, 2020.

Officers and entities to whom individuals can report include, but are not limited to, the Pandemic Response Accountability Committee, an inspector general, including the Special Inspector General for Pandemic Relief, the Congressional Oversight Commission, the Comptroller General of the United States, a member of Congress, and a congressional committee.

Administrative and Judicial Relief

The Act provides that protected individuals who believe they have been subjected to a reprisal may submit a complaint to the U.S. Department of Labor within 3 years after learning of the alleged reprisal.  The employer may then file an answer to the complaint within 60 days.  In evaluating the claims brought by a protected individual, the Secretary of Labor must determine whether the individual’s disclosure or protected activity was a contributing factor in the alleged reprisal.  If the Secretary of Labor does not issue a final decision within 180 days of the filing of the complaint, the individual may bring an action in federal court and is entitled to a jury trial.

Available relief includes reinstatement, compensatory damages, liquidated damages for double back pay, and attorneys’ fees and costs.

The Act also provides that pre-dispute arbitration agreements requiring arbitration of disputes under the Act will not be valid or enforceable.

Implications for Employers

This bill comes as no surprise, as whistleblower protections have proliferated in connection with a broad range of legislation.  Although the bill is only at the earliest stages of the legislative process, the right to a jury trial and availability of substantial damages raise significant risks for employers if the bill is signed into law.

*          *          *

Proskauer’s cross-disciplinary, cross-jurisdictional Coronavirus Response Team is focused on supporting and addressing client concerns. Visit our Coronavirus Resource Center for guidance on risk management measures, practical steps businesses can take and resources to help manage ongoing operations.

SEC Announces Record-Breaking $50 Million Award to Whistleblower

On June 4, 2020, the SEC announced a nearly $50 million award to a whistleblower who provided the SEC with detailed, first-hand information that assisted the agency in bringing a successful enforcement action.  While tipsters have previously shared a $50 million award, this is the largest amount ever awarded to a single whistleblower under the SEC’s whistleblower program and far surpasses the next-largest individual award of $39 million in September 2018.

Jane Norberg, Chief of the SEC’s Office of the Whistleblower, said in a press release that “[t]his award marks several milestones for the whistleblower program,” and explained that the award “is the largest individual whistleblower award announced by the SEC since the inception of the program, and brings the total awarded to whistleblowers by the SEC to over $500 million, including over $100 million in this fiscal year alone.”  She added, “[w]histleblowers have proven to be a critical tool in the enforcement arsenal to combat fraud and protect investors.”

Since the inception of the whistleblower program in 2011, the SEC has received over 33,000 tips and awarded over $500 million to 83 individuals.  The order granting yesterday’s record-breaking award can be accessed here.

Reuters: SEC Eager to Prosecute COVID-19 Misconduct Amid Flurry of Whistleblower Complaints

A Reuters article published on May 26, 2020 reports that the SEC has experienced an uptick in complaints amid the COVID-19 pandemic.  According to the article, the SEC received about 4,000 complaints from mid-March through mid-May – a 35% increase from the previous year.  With an abundance of tips at its disposal, the SEC is eager to investigate and prosecute COVID-19 related misconduct.

The article discusses how the COVID-19 pandemic has incited a wave of misconduct, ranging from loan and healthcare fraud to the production of counterfeit and substandard medical supplies, across a wide range of industries.  The article quotes an SEC spokeswoman as stating: “Unfortunately, fraudsters often seek to exploit difficult situations like the ongoing pandemic for their own gain.  The SEC frequently relies on the tips that we receive from the public.”

According to the article, the SEC has already begun cracking down on COVID-19 misconduct.  For example, the SEC created a task force specifically designed to monitor the market and detect potential abuses.  With the help of that group, the SEC recently charged two companies for allegedly publishing false and misleading information about its COVID-19 testing products.  The article suggests that these charges will be the first of many COVID-19 related enforcement actions.  The SEC’s Co-Head of Enforcement, Steven Peikin, is quoted as stating: “We expect to see the SEC bring more actions as we continue to investigate suspected COVID-19 related scams.”

Notably, the Reuters article comes on the heels of our recent prediction that employers are likely to face a deluge of whistleblower claims under various laws and legal theories in the wake of the COVID-19 pandemic.  We will be monitoring these whistleblower cases closely and continue to report on key future developments.

*               *               *

Proskauer’s cross-disciplinary, cross-jurisdictional Coronavirus Response Team is focused on supporting and addressing client concerns. Visit our Coronavirus Resource Center for guidance on risk management measures, practical steps businesses can take and resources to help manage ongoing operations.

Pennsylvania Magistrate Judge Recommends Dismissal of SOX Whistleblower Claim for Lack of Protected Activity

On May 5, 2020, a Magistrate Judge in the U.S. District Court for the Western District of Pennsylvania issued a report and recommendation recommending that a defendant-employer’s motion for summary judgment dismissing a SOX whistleblower retaliation claim be granted, finding that the plaintiff had not engaged in protected activity.  Wutherich v. Rice Energy Inc, No. 18-cv-00200.


Plaintiff was a manager at the defendant-employer, an energy company involved in fracking.  In July 2016, Plaintiff allegedly overheard a co-worker discussing data regarding wells that the co-worker had obtained from a previous employer.  Plaintiff reported this incident to his supervisor and told him that he thought his co-worker had done something illegal and could go to jail for his actions.  In August 2016, Plaintiff allegedly expressed concern about a conflict of interest regarding the company’s use of a service provider in which Plaintiff’s supervisor had a 25% ownership interest.  Plaintiff alleged that, in response to his two complaints, his employment was terminated.  Plaintiff filed suit against the defendant-employer, alleging, among other claims, that he was retaliated against for providing information about incidents that he reasonably believed constituted fraud against shareholders, in violation of Section 806 of SOX.


The parties filed cross-motions for summary judgment.  The court recommended that the defendant-employer’s motion be granted, finding that Plaintiff did not engage in protected activity.  With respect to the first alleged whistleblower incident, the court found that Plaintiff did not demonstrate that he subjectively believed that his co-worker’s alleged data theft should have been disclosed to shareholders.  With respect to the second alleged whistleblower incident, the court found that Plaintiff did not show that he reasonably believed he was reporting conduct which constituted a securities violation.  Rather, Plaintiff merely stated that his supervisor’s purported conflict of interest was “wrong,” but did not raise any concerns about the defendant-employer potentially failing to disclose this information to shareholders.

The court also found that even if Plaintiff had shown that he had engaged in protected activity, he did not show that the defendant-employer was aware that he had engaged in such activity.  In addition, the court noted that SOX “is not a general anti-retaliation statute.”  Therefore, it was not enough for the defendant-employer to know that Plaintiff had reported something unethical; rather, it had to know or suspect that he had reported a Section 806 violation.


This decision reaffirms the principle that SOX does not extend whistleblower protection to complaints about any form of purportedly improper conduct, but only protects complaints that are related to one of the six categories of misconduct specified in Section 806 of SOX.