IndiaCorpLaw

Whistleblowing and Confidentiality Agreements

Earlier this week, the US
Securities and Exchange Commission (SEC) issued a settlement order in a case
involving a company that required its employees to sign a confidentiality
agreement when they were interviewed in internal investigations for allegations
of potential violations of federal securities laws. The SEC decried the use of
such confidentiality agreements as militating against laws that required
whistleblower protections, and imposed a fine on the company in addition to
requiring it to amend its confidentiality agreement by removing such
restrictions on its employees. A copy of SEC’s order is available here, and a
report in the New York Times here.[1]

The case involved KBR, Ind., a
Houston headquartered company. When KBR received complaints as part of its compliance
program, it would conduct internal investigations and interview employees.
During such a process, employees were required to sign a confidentiality
agreement that prohibited them from discussing the interview and its subject
matter without the prior authorization of its law department. Although there
was no evidence of KBR in fact preventing any employee from disclosing details
to legal authorities or of KBR taking any action to enforce the confidentiality
agreement, the SEC nevertheless found that the language of the confidentiality
agreement by itself undermines the Whistleblower Provisions of Section 21F of
the Securities Exchange Act of 1934 and Rule 21F-17. Some of these legal provisions
were introduced in the wake of the global financial crisis to introduce greater
whistleblower protection.

Although the SEC imposed a modest
civil penalty of $130,000 and required an amendment to KBR’s confidentiality
agreement to permit reporting of violations to governmental authorities and
regulators, it is the larger message emanating from the order that is
pertinent. It now requires companies to be cautious while framing their
employee confidentiality agreements, which cannot include prohibitions against
employees from making appropriate disclosures to governmental authorities and
regulators if there is any allegation of legal violations or non-compliances. In
effect, the legal requirements of whistleblower protection cannot be whittled
down by companies through tighter confidentiality agreements. In other words, contractual
stipulations must give way to the legislative mandates.

Although this case involves an
analysis of the legal and contractual provisions as applicable in the US, the
general tenor of SEC’s approach would hold good in the Indian context as well. Clause
49 of the listing agreement has detailed provisions requiring listed companies
to set up whistleblowing policies and to provide adequate protection to
whistleblowers against victimization. The implementation of the whistleblowing
policy falls within the remit of the audit committee, for which its chairman
has primary responsibility. Although Clause 49 does not expressly deal with
issues pertaining to confidentiality agreements, any severe restrictions
therein relating to possible reporting of alleged violations to governmental
agencies or the regulators could fall potentially afoul of such policies.

While Clause 49 primarily focuses
on internal reporting of alleged violations, the Companies Act, 2013 in section
143(12) imposes a positive duty on auditors of accompany to report to the
Central Government when in the course of performance of their duties they
discover matters involving a potential offence of fraud. Any terms of the
engagement between the company and its auditors (including confidentiality obligations)
will be subject to this external reporting requirement. Since there have been
concerns that this obligation is too wide in nature, amendments have been
proposed to section 143(12) to make such government reporting applicable only
to frauds exceeding a prescribed amount (i.e. those that are material) and in
other cases to ensure reporting to the audit committee and disclosure in the
annual financial statements. This revisions are pending in the form of the Companies
(Amendment) Bill, 2014
. Until this Bill is passed, the more onerous
reporting obligations of the auditors would apply.



[1] I would like to thank
my colleague Gary Bell for sharing this development with me.