One session in particular, on the U.S. Securities and Exchange Commission’s new whistleblowing legislation, drew a packed room with standing room only. The topic is getting a lot of attention and rightfully so, especially from Canadian in-house counsel as it may be moving into Canada, complete with financial incentives.
The Ontario Securities Commission announced Oct. 21 it was looking at a number of new enforcement initiatives including the prospect of introducing a whistleblower program, under which incentives and/or protection from retaliation might be provided to those who have information about marketplace misconduct. If implemented, it would be a first for securities regulators in Canada. There are big question marks around how it would be funded and whether legislative change would be required.
The SEC’s whistleblower program provides significant incentives to bypass internal reporting mechanisms. It stipulates that if people voluntarily provide original information to the SEC that results in successful enforcement and monetary sanctions of more than $1 million, the whistleblower would be eligible to receive between 10 and 30 per cent of the amounts recovered. That’s a significant incentive to report to the SEC and not internally first.
So what are companies to do? David Kohlenberg, deputy general counsel, corporate development and finance law with TransCanada PipeLines Ltd., speaking on an ACC panel in Denver about Canadian securities regulations, noted many companies have invested in code of ethics hotlines for employees to use, but what else can be done internally to get people to report to them first? The U.S. model provides greater incentives to bypass any internal reporting mechanism.
Another aspect of all of this, Kohlenberg pointed out, is that the SEC whistleblower program includes foreign private issuers, such as TransCanada.
Kohlenberg says it comes down to setting the tone at the top of the organization that misconduct is not condoned. At TransCanada, there are seven ways an employee can make contact in an organization to deal with misconduct. There is also an annual certification program to provide training around corrupt practices and security regulation matters. Each employee who takes the program is required to say they understand the conduct policy and they aren’t aware of any misconduct that should have been reported.
In developing an internal program, Kohlenberg says set it up so you can show you have the engagement of executives and directors; that you’ve done risk assessments and due diligence, and you have built trust in your employees so they feel comfortable coming to you. They have to feel some bond to the organization to report on any perceived misconduct.
Do the work now. Don’t wait for the OSC to make it more attractive for employees to call them first.