The Dodd-Frank Act created the opportunity for whistleblowers to earn potential multi-million dollar awards for information leading to major SEC cases. The SEC's explanation of its so-called "Final Rule," set forth in nearly 300 pages of complex commentary, is basically "pro whistleblower." The SEC largely resisted the pressure of the business lobby to force whistleblowers to "report up" through company compliance programs, which could have severely restricted the impact of the law.
Virtually unknown, but among the most potent of the whistleblower rule's provisions, is the opportunity it provides for outside auditors to become whistleblowers, not just against clients but also against their own audit firms. Imagine the kind of whistleblower the SEC would most welcome: an intelligent professional with direct knowledge of corporate financial improprieties as a "virtual insider" because of his or her direct access to top management and the books and records of the company. The "gatekeeper" who best fits this description is the independent auditor.
Even so, the Dodd-Frank law and the SEC Final Rule specifically say auditors are not allowed to be whistleblowers when the source of their information is obtained from audits required to be undertaken under the federal securities laws and the whistleblower submission would be "contrary to Section 10A" of the securities laws. As we discuss below, Section 10A, which requires auditors to investigate illegal acts by clients, plays a pivotal role in the determination of auditor whistleblower eligibility.
Likewise, auditors retained to perform "compliance or internal audit functions" for a company, or information learned by an accountant at a firm retained "to conduct an inquiry or investigation into possible violations of law" are not eligible for whistleblower awards. In these respects then, the accounting profession would appear to have joined the ranks of attorneys in being legally banned from obtaining an SEC whistleblowing award in most cases.
Exceptions, Exclusions and other Loopholes: When Auditors Can Be Whistleblowers
But, as with most government regulation, all is not as it may initially appear. With respect to auditor whistleblowing, what Dodd-Frank hath taken away the SEC hath given back, at least in part, through the arcane world of federal regulations. In its Final Rule, the SEC carved out several exceptions to the auditor whistleblower ban which open a back door for auditors to qualify as whistleblowers for reporting to the SEC their client's, as well in some cases their own audit firm's, violation of the securities laws and professional standards. For example, the Final Rule states that external auditors of non-issuers not subject to Section 10A (such a broker dealers and investment advisors) may "blow the whistle" directly to the SEC in several circumstances:
If the auditor has "a reasonable basis to believe" that disclosure is necessary to prevent the client entity from "engaging in conduct that is likely to cause substantial injury to the financial interest or property of the entity or investors"; or The auditor "has a reasonable basis to believe that the relevant entity is engaging in conduct that will impede an investigation of the misconduct", or If 120 days or more have passed since the auditor-whistleblower provided the information to the relevant entity's audit committee, chief legal officer, chief compliance officer (or their equivalents), or the whistleblower's supervisor, or since the whistleblower received the information under circumstances indicating any of these parties "was already aware of the information." For the "substantial injury" exception to apply the SEC rule explains that the agency "expects" that the whistleblower can show that management is aware of the "imminent violation" and is not taking steps to prevent it; thus informing the SEC must be "necessary to prevent the entity from engaging in that conduct."
Significantly, and a distinction particularly meaningful for auditors, the suspected violation need not be "material"; the SEC will not require auditors to make what is essentially a legal judgment. The key is a reasonable belief they are preventing conduct likely to cause substantial injury to financial interests or property of the client entity or its investors. The key to the exception is ongoing or prospective, not fully completed, bad conduct, unless there is some form of cover up of bad conduct currently taking place, as is frequently the case.
Likewise, the "impeding the investigation" exception can apply if the client is "destroying documents, improperly influencing witnesses", or engaging "in other improper conduct that may hinder [the SEC's] investigation." This is a wide-open exception that is often present in one form or another in many financial fraud cases. It can encompass efforts to alter records or influence witnesses in internal investigations. Or it may simply involve top managers frustrating investigative efforts of the auditor or others. In just about every accounting fraud or malpractice case I have litigated, the auditors complain of being kept in the dark or getting the run-around from management. This conduct, if true, would probably be enough to qualify the auditor who discloses such management stonewalling to the auditors as an SEC whistleblower under this exception, assuming the SEC ultimately finds fraud.
How Narrow are the Exceptions Allowing Auditor Whistleblowing?
As noted, however, the exceptions described above appear to apply only to audits of non-issuers, audits subject to Rule 21F-8(c)(4) not being covered. That part of the Rule, tracking the language of the Dodd Frank act, bans whistleblowing with information obtained in an audit of a company's financial statements when making the submission would violate Section 10A of the Exchange Act (15 U.S.C. Sec. 78j-a). That section covers audits of public companies. But this begs the question: when is a whistleblower submission contrary to...