New England Biz Law Update
Employment lawyers fear that a recent decision from the U.S. Department of Labor Administrative Review Board broadening whistleblower protections under Sarbanes-Oxley may create new burdens for employers.
In the case before the ARB, a Halliburton employee filed a complaint with the Securities and Exchange Commission over certain accounting practices used by the company. He also sent an email to the company’s audit committee, expressing similar concerns.
His email was forwarded to other members of the company, essentially “outing” his identity.
The ARB found that this breach of confidentiality violated Sarbanes-Oxley and remanded the case for further proceedings, including the consideration of damages.
According to R. Scott Oswald, the managing partner of Washington, D.C.-based law firm The Employment Group, “this is a very significant ruling [because] for the first time, the act itself of revealing a whistleblower’s identity can be an adverse action under the statute.”
Whistleblowers may now feel safer coming forward to report information, he said, knowing their identity will be kept confidential.
The decision “shifts who is responsible for confidentiality,” said Richard Moberly, a professor at the University of Nebraska College of Law who has written about Sarbanes-Oxley and whistleblowers. “It is now the duty of the company to keep a whistleblower’s identity confidential.”
This creates a difficult challenge for employers because “there is a real tension between maintaining the confidentiality of a complainant and the requirements to preserve documents and communications” for an investigation, said Daniel Westman, an attorney and author of Whistleblowing: The Law of Retaliatory Discharge.
W. Carl Jordan, a partner at Vinson & Elkins in Houston, who represented Halliburton, did not return a call requesting comment.
Confidentiality breached
Anthony Menendez was hired in 2005 by the finance and accounting operation of Halliburton.
During the course of his work monitoring and researching technical accounting issues, he developed concerns about the company’s revenue recognition practices.
When his supervisor dismissed those concerns, he reported them to the SEC, filing his complaint with the agency confidentially.
He later sent an email to Halliburton’s audit committee presenting the same issues in his SEC complaint. The email was forwarded to other employees, including the company’s general counsel, and in a subsequent document retention email to various employees Menendez was identified by name.
He claimed that as a result, he received no phone calls and few emails and his co-workers generally avoided him.
Menendez took a pre-scheduled leave of absence that the company extended to six months. Prior to his return, both the SEC and the audit committee recommended that no enforcement action be taken against Halliburton for its accounting practices.
Menendez received a letter stating that he would report to a new manager, which he felt was a demotion. He resigned and brought suit.
An administrative law judge determined that while Menendez engaged in activity protected by Sarbanes-Oxley, he did not suffer an adverse employment action as a result of the breach of his confidentiality.
But the ARB disagreed.
It noted that under Section 301 of the statute, companies are required to establish procedures for “(A) the receipt, retention, and treatment of complaints received by the issuer regarding accounting, internal accounting controls, or auditing matters; or (B) the confidential, anonymous submission by employees of the issuer of concerns regarding questionable accounting or auditing matters.”
“We consider Section 301 a critical component of SOX,” the ARB said. “We agree with Menendez’s contention that the right to confidentiality Section 301 affords effectively establishes a ‘term and condition’ of employment … and that the exposure of Menendez’s identity in connection with his complaint to Halliburton’s Audit Committee constituted a violation of that employment term and condition.”
The Board remanded the decision to the ALJ for a determination of whether Halliburton had a legitimate business reason to disclose Menendez’s identity.
If not, the ALJ should then “fashion relief as he deems appropriate,” the ARB said, using “the fallout from the exposure of Menendez’s identity – personal and professional isolation as well as loss of professional opportunities and advancement” to calculate damages.
Adding ‘teeth’ to statute
Moberly said the decision provides an “example of the way in which the new, Obama-dominated ARB is reading Sarbanes-Oxley broadly. The ARB is taking seriously that Sarbanes-Oxley is a remedial statute.”
Oswald said the decision adds “teeth” to existing confidentiality policies.
Although most companies have a policy that to maintain a whistleblower’s confidentiality, he said that in reality, many corporations do not maintain adequate internal controls over their disclosure protocols.
The Menendez decision provides additional incentives to employers to maintain confidentiality going forward, in part because the ARB said that damages may be available.
Menendez could receive “special damages” under Sarbanes-Oxley, said Oswald, which could include recovery for the damage to his reputation as well as emotional distress.
In addition to establishing that the act of breaching confidentiality is actionable, the decision also changes the standard for what constitutes an adverse action.
The ARB “articulated a more favorable iteration of adverse action than defined under other whistleblower statutes,” said Oswald.
As a practical matter, this more generous standard will allow more cases to survive summary judgment, he said.
Awkward balance
Westman noted that the language of the statute makes it clear that companies need to have a mechanism in place for anonymous or confidential reports, but said that Menendez did not complain anonymously but named himself to the Audit Committee.
Before this decision, he said, “I would have told you that by not submitting his concern anonymously the company was under no statutory duty to keep his non-anonymous communication confidential.”
Now, Westman said, employers have been placed in an awkward situation. They have a duty to retain documents related to an investigation, but they have to somehow instruct employees to retain all relevant documents – including communications with the person who made the complaint – without revealing the name of that person.
“Companies will have to go into significant detail about the issues raised by the complainant to make sure they are casting the net broadly enough,” he said. But the more detail they provide, the more likely they are to reveal who filed the complaint, given the nature of the issues raised.
“This is going to be very difficult to do,” he said.
