The Securities and Exchange Commission announced its first enforcement action Wednesday against a company for using restrictive language in confidentiality agreements that could illegally stifle whistleblowing.
The SEC charged Houston-based KBR Inc. with violating whistleblower protection Rule 21F-17 under the Dodd-Frank Act.
KBR, a global technology and engineering firm, agreed to pay a $130,000 penalty to settle the SEC’s charges.
The company voluntarily amended its confidentiality agreements by adding language making clear that employees are free to report possible violations to the SEC and other federal agencies without KBR approval or fear of retaliation.
KBR had required witnesses in certain internal investigations to sign confidentiality statements. The statements warned employees they could face discipline and even be fired if they discussed the matters with anyone outside KBR without the prior approval of KBR’s legal department.
“Since these investigations included allegations of possible securities law violations, the SEC found that these terms violated Rule 21F-17, which prohibits companies from taking any action to impede whistleblowers from reporting possible securities violations to the SEC,” the agency said.
Rule 21F-17 says, “No person may take any action to impede an individual from communicating directly with the Commission staff about a possible securities law violation, including enforcing, or threatening to enforce, a confidentiality agreement . . . with respect to such communications.”
In 2009, KBR and its former parent Halliburton paid $579 to settle criminal and civil FCPA charges. KBR admitted paying Nigerian officials at least $182 million in bribes for engineering, procurement and construction contracts awarded between 1995 and 2004 to build liquefied natural gas facilities on Bonny Island, Nigeria.
The offending language KBR used in the confidentiality agreements said,
I understand that in order to protect the integrity of this review, I am prohibited from discussing any particulars regarding this interview and the subject matter discussed during the interview, without the prior authorization of the Law Department. I understand that the unauthorized disclosure of information may be grounds for disciplinary action up to and including termination of employment.
Andrew Ceresney, director of the SEC’s enforcement division, said Wednesday: “SEC rules prohibit employers from taking measures through confidentiality, employment, severance, or other type of agreements that may silence potential whistleblowers before they can reach out to the SEC. We will vigorously enforce this provision.”
The SEC settled Wednesday’s enforcement action with an administrative proceeding and didn’t go to court.
Without admitting or denying the charges, KBR agreed to pay the penalty and stop the practice.
It also agreed to put new language in its confidentiality agreements that says:
Nothing in this Confidentiality Statement prohibits me from reporting possible violations of federal law or regulation to any governmental agency or entity, including but not limited to the Department of Justice, the Securities and Exchange Commission, the Congress, and any agency Inspector General, or making other disclosures that are protected under the whistleblower provisions of federal law or regulation. I do not need the prior authorization of the Law Department to make any such report s or disclosures and I am not required to notify the company that I have made such reports or disclosures.
The SEC said it didn’t find “apparent instances in which KBR specifically prevented employees from communicating with the SEC about specific securities law violations.”
“However,” the agency said, “any company’s blanket prohibition against witnesses discussing the substance of the interview has a potential chilling effect on whistleblowers’ willingness to report illegal conduct to the SEC.”
Sean McKessy, chief of the SEC’s office of the whistleblower, advised other companies “to review and amend existing and historical agreements that in word or effect stop their employees from reporting potential violations to the SEC.”
* * *
The SEC’s Release No. 74619 uder the Securities Exchange Act of 1934 and Administrative Proceeding File No. 3-16466 (both dated April 1, 2015) are here (pdf).
Richard L. Cassin is the publisher and editor of the FCPA Blog. He can be contacted here.