Sean McKessy, Chief of the Securities and Exchange Commission’s (SEC) Office of the Whistleblower, recently reported that a “significant majority” of whistleblowers indicated that they used internal reporting channels before contacting the SEC.

During a March 14 interview, McKessy touted the progress of the SEC’s whistleblower program. The program, mandated by the 2010 Dodd-Frank Wall Street Reform and Consumer Protection Act, pays monetary awards to whistleblowers who provide the SEC with original information about a violation of the securities laws that leads to a successful SEC enforcement of an action that results in monetary penalties exceeding $1 million.

McKessy explained that his office, which staffed up recently to include seven attorneys and one senior-level paralegal, is continuing to receive tips from across the country, as well as from outside the U.S., identifying conduct canvassing a broad variety of potential securities violations.

Initial criticism of the whistleblower program focused on the fact that the SEC omitted an explicit requirement that whistleblowers first report suspected wrongdoing internally in accordance with their company’s compliance program in order to be eligible for the bounty.

In response to this criticism, McKessy reported that a “significant majority” of whistleblowers indicated that they used internal reporting channels before contacting the SEC. In the tips McKessy personally reviewed, direct reporting to the SEC in lieu of internal reporting occurred less than a handful of times.

While acknowledging that there was some initial concern that his office “would be inundated with an avalanche of nonsense” from individuals trying to take advantage of the bounty, McKessy explained that has not been the case: “Not to say that every whistleblower tip is a home run, but generally we are seeing some very specific, timely, credible tips coming through people who are participating in the program.”

McKessy refused to comment on the existence or non-existence of any current investigations launched as a result of a tip from a whistleblower. While there have not been any awards to whistleblowers under the program, he credited that to the fact that the statute requires the whistleblower to have come forward after July 21, 2010 and the tip would have had to ripen into a successful action where the SEC collected at least $1 million.

In McKessy’s opinion, a payout to a whistleblower “can’t happen soon enough” and “when it happens we will certainly make it known that we have made a payment, consistent with our philosophy of empowering whistleblowers.” The identification of any whistleblower receiving a payment would not be released by the SEC.

There can be little doubt that the whistleblower program will result in an uptick of SEC investigations and resulting enforcement actions. Thus, maintaining a robust compliance program that features a specific mechanism for internal reporting of potential violations of the law or corporate policy is essential. Consider updating your company’s internal reporting program as follows:

  1. Provide an internal hotline for reporting misconduct akin to the hotline provided by the Office of the Whistleblower.
  2. Permit anonymous reporting by allowing employees to elect not to disclose their name or any other identifying information, such as office location or department.
  3. Ensure that the company’s code of conduct or other policy prohibits retaliation for reporting potential misconduct.

The SEC has confirmed that the whistleblower program is operating as intended, providing the SEC with information regarding a broad variety of potential securities violations. In order to avoid becoming a target of a potential SEC investigation, companies should assess and update their internal reporting program to include effective methods of detecting and responding to whistleblower complaints.