Ensuring Compliance: How Startups and Tech Companies Can Avoid SEC Whistleblower Violations 

In a recent blog post, we discussed enforcement actions against Nationwide Planning Associates, Inc., NPA Asset Management, LLC, and Blue Point Strategic Wealth Management, LLC for violating Exchange Act Rule 21F-17(a) , which prohibits impeding individuals from reporting potential securities law violations to the SEC . These firms violated whistleblower protections by requiring clients to sign confidentiality agreements restricting their ability to report misconduct to regulators.

Since then, additional enforcement actions have been taken against several operating companies for similar violations, including TransUnion , IDEX Corporation , LSB Industries , a.k.a. Brands , and others. These companies included provisions in severance, settlement, and employment agreements that either discouraged or prohibited employees from reporting potential securities violations or accepting whistleblower awards. Companies were often unaware that these restrictions violated federal law, yet the SEC still imposed significant penalties.

How These New Orders Relate

The actions against TransUnion , LSB , and others reinforce the SEC's firm stance against companies that impede whistleblowers. Like Nationwide and its affiliates, these operating companies used contractual provisions that either directly or indirectly discouraged whistleblowing to regulators, especially by denying employees the right to receive financial awards for reporting misconduct. Although these companies often did not actively enforce these provisions, the SEC found that simply including such language created a chilling effect on whistleblowing, violating Rule 21F-17(a ) .

How Founders and CEOs of Startups and Technology Companies Can Avoid These Pitfalls

1. Review Employment and Severance Agreements : Founders and CEOs should ensure that employment and severance agreements do not contain provisions restricting employees from reporting potential violations to regulatory bodies or accepting awards for whistleblowing. This applies not just to internal documents but also to agreements with independent contractors and consultants.
2. Educate Management and HR : Ensure that your human resources and legal teams understand the importance of whistleblower protections. They must be aware of the Dodd-Frank Act's provisions and the SEC's rule prohibiting any actions that might deter whistleblowers from coming forward.
3. Proactively Modify Existing Agreements : If your company has used language that might restrict whistleblowers, proactively revise these templates and notify past employees that those clauses do not bind them. Several companies in these enforcement actions took this step as part of their remedial measures, which likely helped mitigate their penalties.
4. Encourage Internal Reporting : Establish clear, confidential channels for employees to report potential misconduct internally before escalating matters to regulators. However, be careful not to suggest or imply that employees cannot directly approach the SEC or other regulatory bodies .
5. Consult Legal Counsel Regularly : As the regulatory landscape evolves, staying updated on SEC rules regarding whistleblower protections is critical . Consulting with experienced legal counsel can help ensure your company's practices remain compliant.

Conclusion

The SEC has clarified that businesses must not prevent employees or clients from reporting misconduct. This applies equally to broker-dealers, investment advisers, startups, and established corporations. For founders and CEOs of technology companies, ensuring compliance with Rule 21F-17(a) is crucial to avoid penalties and promote a culture of transparency and integrity.