Accountants as Whistle-Blowers: Confidentiality Issues
Accountants are increasingly being asked to blow the whistle on corporate wrongdoing to help stem the tide of recent massive financial frauds such as Bernie Madoff’s Ponzi scheme. I have blogged about whistle-blowing considerations before, but not on specific expectations in the law for accountants to blow the whistle. The laws that encourage whistle-blowing by accountants may be well-meaning but they fail to consider the fact that professional accountants and auditors who are Certified Public Accountants or who hold a Certificate in Management Accounting and Certificate in Internal Auditing, all have to abide by a strict code of conduct that generally precludes whistle-blowing. Corporate accountants might be seen as disloyal if they blew the whistle on wrongdoing by their employer. However, this is where ethics and the law part ways. Ethical people use the law as a minimum standard of behavior. They always try to adhere to the law and, in this case, rules of professional accounting and auditing. Under the profession’s rules of conduct, if you know your employer is committing fraud the first step is to take your concerns up the chain of command all the way to the audit committee of the board of directors, if necessary. If you are shut out at every step then, based on your conscience and ethical beliefs about right and wrong, it may be that you choose to take your concerns outside the organization even though it violates your confidentiality obligation and the rules of professional conduct. This is whistle-blowing.
Congress enacted the Dodd-Frank Wall Street Reform and Consumer Protection Act in 2010. One of the goals of Dodd-Frank was to extend whistleblower protection beyond the Sarbanes-Oxley Act of 2002 to further incentivize whistleblowers to expose securities fraud. On May 25, 2011, the U.S. Securities and Exchange Commission (SEC) approved final rules to implement a program to pay individual whistleblowers that provide information relating to possible securities law violations that lead to successful SEC enforcement actions.
While CPAs are not permitted to receive a reward under Dodd-Frank by reporting possible violations of a client, they are permitted to receive a reward by reporting possible violations of their accounting firms in the performance of audit services for a client. In a sense Dodd-Frank contains what some have called a “bounty hunter” provision. To be eligible for a reward under the whistleblower provisions, a whistleblower must voluntarily provide the SEC with original information that leads to a successful enforcement action by the SEC and that results in monetary sanctions of more than $1 million.
Where the SEC recovers at least $1 million, the whistleblower must be awarded anywhere from 10 percent to 30 percent of amounts recovered, although the SEC has broad discretion in determining the exact amount of the award. If the SEC does not ultimately recover at least $1 million, the whistleblower receives nothing.
To receive the award, the whistleblower must agree to provide sworn testimony if needed and other assistance and cooperation with the SEC’s investigation. As a result, whistleblowers may be faced with years of ongoing cooperative obligations before receiving any payment. Although initial whistleblower reports can be made anonymously via an attorney, a whistleblower must identify himself or herself to the SEC before collecting any reward.
The whistleblower provisions exclude two categories of accountants from award eligibility because of their pre-existing legal duty to report securities violations:
- Individuals with internal compliance or audit responsibilities at an entity, including CPAs, who receive information about potential violations, cannot receive whistleblower awards since it is part of their job responsibilities to report suspicion of illegal acts to management. However, these individuals will not be excluded from receiving a whistleblower award where:
- Disclosure to the SEC is needed to prevent “substantial injury” to the financial interest of an entity or its investors,
- The whistleblower reasonably believes the entity is impeding investigation of the misconduct or
- The whistleblower has first reported the violation internally and at least 120 days have passed.
- CPAs who receive information about potential violations of a client or its directors or officers through an audit or other engagement required under the federal securities laws are not eligible to receive whistleblower awards. The SEC included this exclusion so as not to undermine the legal duty that auditors have under Section 10A of the Securities and Exchange Act of 1934 to report illegal acts by officers, directors, and other client personnel up the chain of command. If the issues are not addressed adequately by management, the auditor must then resign from the engagement and file a report with the SEC.
Notably, the whistleblower exclusions do not apply to CPAs who report information about potential violations regarding their own firms’ performance of audit services for a client. This is true even where the CPA’s information about his or her firm leads to a successful enforcement action against one of the firm’s clients.
Several members of the public accounting industry, including KPMG, Ernst & Young, PricewaterhouseCoopers and the Center for Audit Quality, have expressed concerns to the SEC that the accountant exclusion in the whistleblower provisions is too narrow. Those entities believe that permitting CPAs to obtain monetary rewards by blowing the whistle on their own firms’ performance of services for clients could create several significant problems with respect to maintaining the confidentiality of client information.
Blog posted by Steven Mintz, aka Ethics Sage, on August 10, 2011