March 27, 2023

Volume XIII, Number 86


March 24, 2023

Subscribe to Latest Legal News and Analysis

Twelve Things to Know About SEC’s Whistleblower Program

The Securities and Exchange Commission’s whistleblower program, like the whistleblower programs of other government agencies, provides bounties to persons who provide information that leads to successful enforcement actions. Under the program, individuals who voluntarily provide the Commission with “original information” that leads to an enforcement action in which more than $1 million in monetary sanctions are imposed may be entitled to between 10 percent and 30 percent of the amount collected. After a slow start, the SEC’s whistleblower program has hit its stride and is having what SEC Chair Mary Jo White called a “transformative impact on our enforcement program.”[1]  We discuss twelve things to know about the whistleblower program below.

  1. It’s Easy. The SEC makes it easy to file a “tip.”  The Office of the Whistleblower website has a six-page form, the core of which asks for all facts pertinent to the alleged violation, why the complainant believes the acts described constitute a violation, supporting materials in the complainant’s possession, the availability and location of any additional supporting materials not in the complainant’s possession, and how the information was obtained. The information may be submitted by completing an online form or by mailing or faxing the completed printed form to the SEC’s Office of the Whistleblower. Information may be submitted anonymously if an attorney represents the whistleblower in making the submission.

  2. Hitting Its Stride. The whistleblower program has taken off in the last two years. In the first four years of the program (2011-14), it paid out $0, $45,739, $14.8 million, and $1.9 million. In Fiscal Year 2015, it awarded more than $37 million to whistleblowers, and in FY 2016, it awarded more than $57 million to whistleblowers. The awards in FY 2016 were more than the total amount awarded in the first five years of the program combined. Six of the ten largest whistleblower awards were made in FY 2016.

  3. In the Aggregate. In the aggregate, the Commission has awarded more than $130 million to 35 whistleblowers.  According to the Office of the Whistleblower’s latest annual report to Congress, these awards are associated with enforcement actions in which more than $584 million in financial sanctions were ordered, including more than $346 million in disgorgement and interest. Five eight-figure awards have been made to date, ranging from $14 million to $30 million. Sixty percent of the successful whistleblowers have received awards for providing original information that caused Enforcement staff to open an investigation, while the remaining 40 percent received awards for contributing to an existing investigation.

  4. More than 18,000 Tips. The number of tips has gone up every year:

    • Tips related to corporate disclosures and offering fraud have seen the largest increase. Over the last four years, tips related to corporate disclosures and financials have gone from 557 to 938, tips related to offering fraud have gone from 553 to 646, and tips related to potential violations of the Foreign Corrupt Practices Act have gone from 149 to 238.  On the other hand, the largest number of tips fall within the Commission’s “Miscellaneous” category.

    • FY 2011

      FY 2012

      FY 2013

      FY 2014

      FY 2015

      FY 2016







  5. Comparisons. A comparison of the SEC whistleblower program to the Commodity Futures Trading Commission’s and IRS’s whistleblower programs shows how effective the SEC has been. The Dodd-Frank Act granted the CFTC and the SEC the same whistleblower award authority. In four of the last six years, however, the CFTC did not make a single award, and over the entire six-year period it made only four awards. On the other hand, the IRS, which has long had a whistleblower program, reported that it made 99 awards totaling more than $103 million in its most recent report to Congress (for FY 2015). Given the much larger number of taxpayers than persons in a position to violate the securities laws, it’s astonishing that the SEC’s whistleblower program, at 2016 levels, is roughly one half the size of the IRS program. Still, none of the SEC awards approach the $104 million that the IRS awarded to a former banker, who both blew the whistle on Swiss banks’ involvement in helping American citizens avoid paying taxes and went to prison for participating in those activities.

  6. Only One Award for Every 500 Tips. As of the time the Office of the Whistleblower filed its FY 2016 report, the ratio of awards to tips was strikingly small: 34 awards vs 18,334 tips, or one whistleblower award for every 539 tips.  Whistleblower tips vary in quality, and even high-value whistleblower tips may lead to outcomes other than successful whistleblower award actions, including referrals to other government agencies, referrals to the SEC staff for examination rather than investigation, and the successful initiation and prosecution of enforcement actions that do not result in large enough monetary sanctions to pay whistleblower awards.

  7. Insiders as Whistleblowers. Insiders are the principal source of the whistleblowing complaints that lead to awards. Sixty-five percent of the award recipients to date were insiders of the entity on which they reported information of wrongdoing to the SEC. Most of these insiders complained internally before going to the SEC.

  8. Internal Reporting. In most cases, the Commission does not require employees to report information through an internal compliance process before reporting that information to the Commission in order to be eligible for an award. This is why many in the industry argue that the whistleblower program undermines a company’s internal review processes because it incents individuals to go directly to the Commission. On the other hand, under the Commission’s program, if an employee reports internally first, and then reports to the Commission within 120 days, the Commission will use the date of the first internal report in determining the employee’s eligibility for an award based on providing the Commission “original information.” The Commission’s rules also provide that if an employee reports the conduct internally and then the company conducts an investigation and reports the results to the Commission, the employee will be considered to have provided all of the information that the company’s investigation reveals.

  9. Restrictive Agreements. The Commission’s whistleblower program has also focused on employment, severance, and confidentiality agreements that might discourage employees or former employees from communicating to the SEC. SEC Rule 21F-17(a) provides that “[n]o person may take any action to impede an individual from communicating directly with the Commission staff about a possible securities law violations, including enforcing, or threatening to enforce, a confidentiality agreement…with respect to such communications.”  The Commission has brought a number of settled actions finding that agreements violated the rule.

    • In an April 2015 enforcement action, the Commission found that a confidentiality agreement that prohibited employees from discussing the substance of interviews they gave in internal investigations without the approval of the company’s legal requirement violated the rule.

    • In a June 2016 enforcement action, the Commission found that language in a severance agreement that prohibited an employee from disclosing confidential information to an outside person, absent formal legal process, without obtaining the written approval of an authorized company representative violated the rule.

    • In two August 2016 enforcement actions, the Commission found that a severance agreement that required outgoing employees to waive their rights to monetary recovery if they filed a complaint with the SEC or other federal agency, and an agreement that made severance payments contingent on an outgoing employees’ waivers of their ability to obtain monetary awards from the SEC’s whistleblower program violated the rule.

    • In September 2016, the Commission included, in a settlement of a case involving alleged Foreign Corrupt Practices Act violations, a requirement that the company contact certain persons and advise them that the confidentiality agreements they signed did not prohibit them from contacting the Commission regarding possible violations of law.

  10. Retaliation. The whistleblower program is also focused on companies that retaliate against whistleblowers.   In June 2014, the Commission charged a firm with retaliating against a whistleblower by tasking him with investigating the very conduct he had reported to the Commission, changing his job function, taking away his supervisory responsibilities, and taking other retaliatory actions.  In issuing its whistleblower rules, the Commission stated that the anti-retaliation protections apply not only to individuals who report wrongdoing to the SEC, but also to employees who report potential securities law violations internally to their employers.  Courts, however, are split on this issue, with the Fifth Circuit holding that only persons who report directly to the Commission are protected, and the Second Circuit holding that protection also extends to employees who report securities law violations only to their employers.  In addition, under the Sarbanes-Oxley Act, employees who are subject to unfavorable employment actions for reporting possible securities law violations, including making internal reports to their companies, may file a complaint with the Department of Labor.   Unfavorable employment actions include, for example, firing, demoting, denying a promotion, disciplining, intimidation, making threats, reassignment, or reducing pay or hours. Employees may also have protection under state whistleblower statutes or under common law, but there is a wide disparity from state to state in the protection provided.

  11. Legal and Compliance Whistleblowers. Legal and compliance officers are eligible for SEC whistleblower awards but only in certain situations—for example, if at least 120 days have elapsed since the individual provided the information to the chief legal officer, chief compliance officer, supervisor, or other specified person, and no action was taken. In August 2014, the SEC announced a $300,000 whistleblower award to a company employee who performed both audit and compliance functions and who reported conduct to the SEC “after the company failed to take action when the employee reported it internally.”  In April 2015, the Commission announced that it was awarding between $1.4 million and $1.6 million to a compliance officer who reported conduct to the SEC “after responsible management at the entity became aware of potentially impending harm to investors and failed to take steps to prevent it.”  As explained by the then Chief of the SEC’s Whistleblower Office, “Individuals who perform internal audit, compliance, and legal functions…may be eligible for an SEC whistleblower award if their companies fail to take appropriate, timely action on information they first report internally.”

  12. Questions that Companies Should Consider.  Certain practical issues arise from the growth of the whistleblower program. These include, but are not limited to: i) Should companies offer their own incentives to employees to bring matters to the company’s attention? ii) How should a company respond when it learns that an employee who would otherwise have been fired or demoted has become a whistleblower?  How should it compensate the employee? iii) How is the attorney-client privilege affected when whistleblowers have an enormous financial incentive to tell the SEC everything that they know and when some of what they have learned is privileged? iv) What language should firms use to avoid potential SEC actions claiming that their employee agreements are unduly restrictive and still maintain confidentiality of matters that should remain confidential? v) How, if at all, should the growth of the SEC’s whistleblower program affect a firm’s approach to self-reporting? vi) What should a firm do when a whistleblower brings a violation to the firm’s attention but the firm believes that the violation is immaterial and not worthy of reporting to the SEC?  The point here is not to assume a single right answer to any of these questions, but rather to state that in the face of a rapidly growing, “transformative” SEC whistleblower program, firms are well-advised to consider these issues.


Earlier this year, the SEC’s first chief of the whistleblower program jumped ship to a law firm that specializes in bringing whistleblower claims. The message was clear: SEC whistleblowing is a growing and lucrative area in which prominent law firms are looking to devote resources, develop expertise and market themselves to potential whistleblowers, much like many law firms market themselves to potential plaintiffs in both securities class actions and arbitrations. All signs are that this will continue and that companies increasingly should assume that employees and others who come across conduct that they believe is problematic will, often without the knowledge of the company, take it upon themselves to bring that conduct to the attention of the Commission and cooperate in helping the Commission bring an action against the company.

[1] SEC Chair Mary Jo White, “Testimony on ‘Oversight of the U.S. Securities and Exchange Commission’ Before the Committee on Banking, Housing, and Urban Affairs,” U.S.  Senate (June 14, 2016).

Copyright 2023 K & L GatesNational Law Review, Volume VI, Number 341

About this Author

Jon Eisenberg, KL Gates Law Firm, Government Enforcement Attorney

on Eisenberg is a partner in the firm’s Washington, D.C. office. He focuses on representing financial institutions and individuals in enforcement matters, litigation, and internal investigations.

Professional Background
After leaving the SEC’s Office of General Counsel, Mr. Eisenberg spent roughly half his career in private practice and half in senior in-house positions. He served as General Counsel for UBS Wealth Management Americas, where he headed the legal department responsible for regulatory relationships...

Vince L. Martinez, KL Gates, government enforcement lawyer, False Claims Act attorney

Vincente (Vince) Martinez is a partner in the firm’s Washington, D.C. office, where he focuses on government enforcement matters.

Mr. Martinez most recently served as the Chief of the Office of Market Intelligence (OMI) in the Securities and Exchange Commission’s (SEC) Division of Enforcement. OMI’s mission is to conduct market surveillance, support trading-based investigations, and collect, analyze, and disseminate tips, complaints, referrals, and other forms of intelligence submitted to the SEC by the public, whistleblowers, self-regulatory...