Audit, Compliance and Risk Blog

Many US federal laws provide explicit protections for whistleblowers – employees who report actual or potential violations of those laws to their employers or to the federal agencies that administer and enforce those laws. The Occupational Safety and Health Administration (OSHA) has administered one such provision under its general worker protection authority for more than 40 years, and presently administers provisions under 22 distinct laws. The best known and most litigated of these non-OSHA laws probably is the Sarbanes-Oxley Act of 2002 (SOx) – Section 806 of that law protects whistleblowers who report activities that may violate anti-fraud provisions of the federal Securities Acts. The rest of this posting discusses this SOx provision; readers subject to additional laws should consider the implications for their activities.

What Activities Does SOx Protect?

Each whistleblower protection provision defines employee activities to be protected from employer retaliation. SOx Section 806 (18 USC § 1514A), for example prohibits:

• A publicly listed company “or any officer, employee, contractor, subcontractor, or agent of such company or nationally recognized statistical rating organization”: [referred to as “employer” below]

  • To “discharge, demote, suspend, threaten, harass, or in any other manner discriminate against an employee in the terms and conditions of employment” [referred to as “retaliate” below]

  • Taking action against any employee who does any of the following: [referred to as “protected activity” below]

    • Provides information to a supervisor, regulator or enforcement agency, or Congress about conduct the employee “reasonably believes” would violate securities anti-fraud provisions

    • Files, causes to be filed, testifies, participates in, or otherwise assists in a regulatory or enforcement proceeding related to alleged violations of those provisions.

The concept is clear: an employer must not retaliate against an employee for protected activity. The actual extent of the prohibition is being worked out in administrative proceedings before OSHA, administrative appeals to administrative law judges (ALJs) and the Administrative Review Board (ARB) from the Department of Labor, judicial appeals to federal courts, and Congressional action to amend SOx.

Emerging details include:

• Employees and employers – Section 806 protects employees of non-public affiliates of public companies and even contractors to public companies, if the alleged misdeeds could render the public companies’ filings fraudulent.

• Retaliation – can be alleged even if the employee is potentially subject to discipline for other reasons, in so-called “mixed motive” situations akin to those addressed under employment anti-discrimination laws.

• Protected activity – includes situations where an employee’s concerns or beliefs are mistaken [they don’t have to be psychic], and situations where employees do not communicate clearly or specifically to employers that they suspect fraud; it is enough if an employee communicates concerns that reflect elements of anti-fraud provisions [they don’t have to be lawyers].

Do Other Whistleblowing Protections Apply?

The 22 whistleblower protection provisions assigned to OSHA are:

• Surface Transportation Assistance Act

• Asbestos Hazard Emergency Response Act

• International Safety Container Act

• Energy Reorganization Act

• Clean Air Act

• Safe Drinking Water Act

• Clean Water Act

• Toxic Substances Control Act

• Solid Waste Disposal Act

• Comprehensive Environmental Response, Compensation and Liability Act (Superfund)

• Wendell H. Ford Aviation Investment and Reform Act for the 21st Century

• Corporate and Criminal Fraud Accountability Act of 2002 (Sarbanes-Oxley Act)

• Pipeline Safety Improvement Act of 2002

• National Transit Systems Security Act of 2007

• Consumer Product Safety Improvement Act of 2008

• Federal Rail Safety Act

• Affordable Care Act (effective March 23, 2010)

• Consumer Financial Protection Act of 2010 (Dodd Frank Wall Street Reform and Consumer Protection Act of 2010) (effective July 21, 2010)

• Seaman’s Protection Act (as amended by Coast Guard Authorization Act of 2010)(effective October 15, 2010)

• FDA Food Safety Modernization Act (effective January 4, 2011)

• Moving Ahead for Progress in the 21st Century Act (MAP-21 Act) (effective July 6, 2012)

Other laws directly protect federal employees. States also provide similar protections.

Implementation Checklist

SOX Section 804 is typical of the general thrust of whistleblower protection provisions: since the provision ultimately is intended to protect the public (investors, in the case of SOx) and the environment, they typically are interpreted generously on behalf of employees whose internal complaints – and if those fail, their whistleblowing – will tend to prevent or stop violations.

• Does your organization have a formalized Code of Conduct? 

• Does it specify policies against bribery, corruption and other forms of organizational and individual wrongdoing?
• Does it apply to all management and non-management employees, agents, commissioned sales personnel and other affiliated personnel?
• Is it administered by appropriate individuals and/or organizational units? 
• Does it include appropriate and accessible internal reporting and whistleblowing provisions? 
• Does it include an organizational commitment against retaliation?

• Does your organization have a formalized compliance program?

• Does it commit the organization to compliance with specific laws, including securities laws if applicable?
• Does it apply to all management and non-management employees, agents, commissioned sales personnel and other affiliated personnel?
• Is it administered by appropriate individuals and/or organizational units? 
• Does it include appropriate and accessible internal reporting and whistleblowing provisions? 
• Does it include an organizational commitment against retaliation?

• Does your organization have a formal policy declaring its intention to do any or all of the following:

• Following up on internal reports, complaints and whistleblowing?

• Not to not retaliate against employees who come forward?

• To protect the anonymity of reporting employees, as appropriate?

• To acknowledge reporting employees, as appropriate?

• To reward reporting employees, as appropriate?

Where Can I Go For More Information?

• OSHA’s “The Whistleblower Page” accessible at www.whistleblowers.gov

• National Conference of State Legislatures’ compilation of state whistleblower laws (last revised in 2009)

About the Author

Jon Elliott is President of Touchstone Environmental and has been a major contributor to STP’s product range for over 25 years. He was involved in developing 16 existing products,including Workplace Violence Prevention: A Practical Guide to Security on the Job,Securities Law and Directors' and Officers' Liability.

Mr. Elliott has a diverse educational background. In addition to his Juris Doctor (University of California, Boalt Hall School of Law, 1981), he holds a Master of Public Policy (Goldman School of Public Policy [GSPP], UC Berkeley, 1980), and a Bachelor of Science in Mechanical Engineering (Princeton University, 1977).

Mr. Elliott is active in professional and community organizations. In addition, he is a past chairman of the Board of Directors of the GSPP Alumni Association, and past member of the Executive Committee of the State Bar of California's Environmental Law Section (including past chair of its Legislative Committee).

You may contact Mr. Elliott directly at: tei@ix.netcom.com.