Earlier this week, the US Securities and Exchange Commission (SEC) issued a settlement order in a case involving a company that required its employees to sign a confidentiality agreement when they were interviewed in internal investigations for allegations of potential violations of federal securities laws. The SEC decried the use of such confidentiality agreements as militating against laws that required whistleblower protections, and imposed a fine on the company in addition to requiring it to amend its confidentiality agreement by removing such restrictions on its employees. A copy of SEC’s order is available here, and a report in the New York Times here.
The case involved KBR, Ind., a Houston headquartered company. When KBR received complaints as part of its compliance program, it would conduct internal investigations and interview employees. During such a process, employees were required to sign a confidentiality agreement that prohibited them from discussing the interview and its subject matter without the prior authorization of its law department. Although there was no evidence of KBR in fact preventing any employee from disclosing details to legal authorities or of KBR taking any action to enforce the confidentiality agreement, the SEC nevertheless found that the language of the confidentiality agreement by itself undermines the Whistleblower Provisions of Section 21F of the Securities Exchange Act of 1934 and Rule 21F-17. Some of these legal provisions were introduced in the wake of the global financial crisis to introduce greater whistleblower protection.
Although the SEC imposed a modest civil penalty of $130,000 and required an amendment to KBR’s confidentiality agreement to permit reporting of violations to governmental authorities and regulators, it is the larger message emanating from the order that is pertinent. It now requires companies to be cautious while framing their employee confidentiality agreements, which cannot include prohibitions against employees from making appropriate disclosures to governmental authorities and regulators if there is any allegation of legal violations or non-compliances. In effect, the legal requirements of whistleblower protection cannot be whittled down by companies through tighter confidentiality agreements. In other words, contractual stipulations must give way to the legislative mandates.
Although this case involves an analysis of the legal and contractual provisions as applicable in the US, the general tenor of SEC’s approach would hold good in the Indian context as well. Clause 49 of the listing agreement has detailed provisions requiring listed companies to set up whistleblowing policies and to provide adequate protection to whistleblowers against victimization. The implementation of the whistleblowing policy falls within the remit of the audit committee, for which its chairman has primary responsibility. Although Clause 49 does not expressly deal with issues pertaining to confidentiality agreements, any severe restrictions therein relating to possible reporting of alleged violations to governmental agencies or the regulators could fall potentially afoul of such policies.
While Clause 49 primarily focuses on internal reporting of alleged violations, the Companies Act, 2013 in section 143(12) imposes a positive duty on auditors of accompany to report to the Central Government when in the course of performance of their duties they discover matters involving a potential offence of fraud. Any terms of the engagement between the company and its auditors (including confidentiality obligations) will be subject to this external reporting requirement. Since there have been concerns that this obligation is too wide in nature, amendments have been proposed to section 143(12) to make such government reporting applicable only to frauds exceeding a prescribed amount (i.e. those that are material) and in other cases to ensure reporting to the audit committee and disclosure in the annual financial statements. This revisions are pending in the form of the Companies (Amendment) Bill, 2014. Until this Bill is passed, the more onerous reporting obligations of the auditors would apply.