Compliance professionals emerging as whistleblowers under new government support

by ,

Brian Mahany, a fraud recovery and whistleblower claims lawyer with three decades of experience as an advocate and attorney, spoke with ACFCS about the role of compliance professionals as whistleblowers, and how the law protects – and sometimes generously rewards – those who report wrongdoings to the government.

Mahany has made a career out of defending fraud victims and whistleblowers who face retaliation from employers, sometimes leading to multi-million dollar recoveries or rewards. In this podcast, Mahany discusses an interesting trend, which he says may not be so new, but is gaining more attention in the media. He addresses how whistleblower programs are slowly changing the way that financial crimes and ethical violations are reported, and how the financial industry is responding.

While whistleblowing may not be a new phenomenon in the financial crime field, recent cases and studies suggest it may continue to rise. This year, the University of Notre Dame and Labaton Sucharow LLP surveyed 1,200 professionals working in the United States  and the United Kingdom  in the financial services industry in various disciplines, compiled into a report called “The Street, The Bull and The Crisis: A Survey of the US & UK Financial Services Industry”, which was released Tuesday.

The firm did a similar study in 2012, also statistically reporting the views of financial services professionals in the US and UK.

Since then, governments in both countries have implemented new regimes to better protect the financial system, and customers, against the unethical behavior that instigated the financial crisis of 2008, like the Dodd-Frank Act in the US.

In spite of these improvements, the report paints a bleak picture of the state of ethics and profit motives of the industry.

Although there are more rules that should prevent unethical practices, professionals believe illegal or corrupt deeds are on the rise.

The reports also reveal  there is a lack of confidence in leaders to report wrongdoing, and that some employees feel unable to report wrongdoing themselves due to the proliferation of confidentiality agreements and the sense that whistleblowing will be followed with negative consequences.

Nevertheless, compliance professionals are still whistleblowing and getting paid for it. It’s not a simple process and most compliance professionals will try to report the wrongdoing through internal processes. For those that are ignored, government programs both new and old exist to make this whistleblowing process safer and more rewarding.

Mahany talks about the new report: The Street, The Bull and The Crisis: A Survey of the US & UK Financial Services Industry

Issued on Tuesday, the report is a collaboration between The University of Notre Dame and Labaton Sucharow LLP, a law firm representing whistleblowers.

Below are some significant statistics and comments focused on whistleblowing from the report in the financial services industry, followed by commentary from  Mahany.

Report: “The marked increase in whistleblower activity along with the strengthening of internal compliance procedures serve as a powerful deterrent to wrongdoers. Still, an alarming number of people report being subject to corporate policies and confidentiality agreements that they believe prevent them from reporting wrongdoing to outside authorities. These troubling policies and agreements can silence the reporting of all local, state, and federal violations. We applaud recent efforts by Congress and the [Securities Exchange Commission (SEC)] to address these questionable secrecy policies and agreements.”

Brian Mahany: “They go hand in hand. We have certainly an increase in whistleblower activity and some corporations will internally try to stop that with policies that say they are forced to remain silent and they can’t report it. The increased whistleblower activity has scared some companies and rather than try to clean up the problem, they’re trying to bury it or hide it.”

Report: “89 percent of industry professionals would report misconduct given the incentives and protections such as those offered by the SEC whistleblower program, 37 percent of respondents are still not aware of the program.”

Brian Mahany: “There’s a lot of misconception out there. I think the percentage of people that don’t know about the program is higher than what’s in the report. The report is a broad sample. When I talk to people, they tell me they had no idea. Even when they do know about various whistleblowing programs, there’s a lot of wrong information that’s floating around. The government hears from people that report some misconduct and a year later they wonder if they’re eligible. I hear from lawyers that specialize in employment law that weren’t aware of the anti-retaliation provisions that are there.”

Report: “28 percent of respondents earning $500,000 or more per year say their company’s confidentiality policies and procedures bar the reporting of potential illegal or unethical activities directly to law enforcement or regulatory authorities. In addition, 25 percent of respondents earning $500,000 or more annually have signed or been asked to sign a confidentiality agreement that would prohibit reporting illegal or unethical activities to the authorities.”

Brian Mahany: “Those type of agreements have a chilling effect. Whether or not they are enforceable. People are afraid to come forward and it creates an atmosphere that if I report wrongdoing I am somehow in trouble, I may face retaliation, I may lose my job. So, those agreements are terrible. The good news is they are probably not enforceable. The SEC has specific rules that say you can’t prevent people from reporting illegal activity or wrongdoing. If any employee knows of wrongdoing, the company may try to prevent that or stop that, but it’s not enforceable.”

Brian Mahany gives some background on the role of compliance officers as whistleblowers below:

The Next Wave of Whistleblowers – Compliance Officers

Last month the Securities and Exchange Commission (“SEC”) announced that a compliance officer was being awarded between $1.4 million and $1.6 million for utilizing the SEC’s new whistleblower program and reporting the whistleblower’s own company.

Corporate lawyers and business organizations immediately cried “foul.” Suddenly the gatekeepers became whistleblowers, or so some say.

The SEC whistleblower program is just four years old. Since its inception, the program has handed cash awards to just 16 people, although the numbers steadily increase each year.

Of the 16 awards, two have been paid to compliance officers, including a $30 million award paid out last year.

It may be the SEC award last month that started the debate about compliance officers being paid awards but let’s not forget the IRS whistleblower program and the federal False Claims Act. The latter has been on the books since the Civil War.

All three of the major whistleblower award programs have received tips from compliance professionals, a trend that is on the rise, according to Mahany.

We have two pending False Claims Act cases involving compliance professionals. Both individuals reported their findings internally first. Both were ignored.

Our experience is that the vast majority of whistleblowers genuinely made an effort to confront management and fix problems before filing whistleblower complaints. That is the experience of most other whistleblower lawyers and advocates as well.

A survey conducted by the Ethics Resource Center found that most whistleblowers try internal reporting before filing formal whistleblower actions.

According to the latest data, 80 percent of the SEC’s whistleblowers last year reported internally before contacting the SEC. Because the program is so new and so few awards have been paid, we suspect that figure is much higher.

People want to make their companies better places to work. Nowhere is the mindset more evident than with compliance professionals — professional auditors, Certified Fraud Examiners, quality assurance personnel and compliance officers.

In August of last year the SEC announced its first award to a compliance officer, $30 million.. In announcing the award, the SEC noted that person first reported problems to his/her employer first and only approached the SEC when the problems were ignored.

We don’t get many details about last year or last month’s awards. The SEC does a great job protecting the anonymity of its award recipients. We do know, however, that a company that hires and then ignores a compliance officer is just asking for trouble.

As noted above, it’s not just the SEC program that pays whistleblowers. In 2012 the Justice Department paid a Citi quality control manager $31 million for reporting her company for lying about the quality of residential mortgages. Sherry Hunt filed her complaint under the False Claims Act.

A year later, an Indian pharmaceutical company was fined $500 million after a project and information manager reported the company for selling adulterated pharmaceuticals in the United States. That whistleblower, Dinesh Thakur, was paid $48 million by the Justice Department for his information. Like Ms. Hunt, he tried to get senior management’s attention long before filing a whistleblower lawsuit.

False Claims Act

To qualify for an award under the federal False Claims Act, whistleblowers must have information about fraud involving federal funds or a federal program. Healthcare fraud (Medicare) and residential lending (FHA, Fannie Mae and Freddie Mac) are the biggest source of current awards.

That program has no restrictions that prevent compliance professionals from receiving an award.

Awards under the Act range between 15 percent and 30 percent of whatever the government collects. Treble damages and provisions that allow additional penalties of up to $11,000 per each false bill or “claim” often make for very large awards.

Unlike the SEC program, however, whistleblowers’ identities are likely to become public. Although complaints are filed “under seal” in federal court, most are unsealed at the conclusion of the government’s investigation.

A benefit of the False Claims Act, however, is that claims can be pursued privately even if the government declines to prosecute. The SEC has no similar provision giving the government more latitude to decline an otherwise good case.

The SEC program is new and has just started paying awards. Not so for the False Claims Act. Last year the Justice Department awarded whistleblowers $635 million under the Act.

SEC Dodd Frank Whistleblower Program

The SEC whistleblower program pays between10 percent and 30 percent of what the government collects.

To qualify, a whistleblower must have information about a violation of federal securities law and the SEC must recover at least $1 million from the wrongdoer. Although the program is still in its infancy, the SEC appears to be getting more aggressive in accepting cases.

SEC Award Restrictions on Compliance Officers

Unlike the False Claims Act, the SEC does impose restrictions on compliance personnel seeking awards.  The general rule is that compliance professionals and others whose principal duties involve internal audit or compliance functions are excluded from receiving an award. There are exceptions, however.

Probably the largest exception to the rule prohibiting compliance officers from collecting awards is the situation when reporting appears necessary to prevent the company from likely causing harm to investors or the company itself.

In simple terms, a company that ignores the compliance officer opens the door for that officer to contact the SEC and receive an award.

Other Whistleblower Award Programs

There are other programs that pay awards including the IRS whistleblower program and FIRREA – the Financial Institutions Reform Recovery and Enforcement Act. The latter covers federally insured banks. Neither program restricts payment of awards to compliance professionals.


No one likes to be ignored at work, particularly those charged with insuring corporate integrity and preventing fraud. Corporate greed and arrogance, however, will likely continue unabated until more compliance officers and other concerned employees step forward and file formal complaints.

Unless there is a threat to public safety – often the case in healthcare fraud cases – we think compliance officers should attempt to work through internal channels first. We caution potential whistleblowers, however, not to wait too long. It isn’t uncommon for companies to make repeated promises but never take action.

Unfortunately, the current whistleblower programs all have a first to file component. Wait too long and some one else may collect an award.