3 Things We Can Learn From Whistleblower Lawsuits

carrie-penman.png

While compliance professionals may not like what whistleblower plaintiff’s counsel have to say about ethics and compliance programs, their insights are invaluable for organizations who want to increase their program effectiveness.


In corporate legal and compliance circles, two words are guaranteed to trigger a multitude of emotional reactions: “plaintiffs’ lawyers.” But while whistleblower lawyers may be a source of frustration, that doesn’t mean we shouldn’t listen to what they have to say—particularly as the whistleblower landscape continues to evolve. I had such an opportunity at Thomson Reuters’ Fourth Annual Whistleblowing Forum, where I served as a speaker and NAVEX Global was a sponsor.

In addition to some insightful regulator discussions, one of the most revealing discussions involved a trio of lawyers who each make a living suing companies on behalf of whistleblowers. As we’ve written before, providing a supportive environment for employees who raise concerns—indeed, encouraging them—is a smart thing for companies to do. This session served as a strong cautionary tale of what can happen in an unsupportive environment.

The panel featured Thad Guyer of Guyer & Ayers, Jason Zuckerman of Zuckerman Law and Jordan Thomas of Labaton Sucharow. All three have deep experience and success litigating whistleblowerclaims. And, not surprisingly, all three clearly believe that nearly every whistleblower they’ve ever represented is telling the truth and has been deeply wronged by his or her employer. It is worth noting here that our 2015 Ethics and Compliance Hotline Benchmark Report found a huge jump in substantiation rates for retaliation reports, and the latest SEC Report from the Office of the Whistleblower highlighted, once again, that the majority of employees who reported to the SEC, raised their issue internally first.

At the conference, the assembled lawyers directed considerable contempt toward the corporate sector. But if you looked beyond the vitriol, they also dished out some valuable insights – some of which actually also closely track the advice we give our clients.

I heard three key takeaways:

1. Corporate Compliance Program Structure and Reporting Arrangements Matter

During the panel, Mr. Guyer said he believed that corporate compliance programs are “a giant rhetorical exercise” and are designed to limit what the CEO will ever hear or know about. He went on to say that a lot of this occurs because compliance programs are aligned under the General Counsel. “As soon as the hotline call comes in, the cover-up begins,” he said. What?! Yikes!

I don’t share this cynicism, but looking at the most recent high-profile scandals and compliance failures, one can only wonder how or why the CEO or board was not aware or informed early. On Mr. Guyer’s point, for instance, we advise clients to develop and implement formal escalation policies with the board of directors so that everyone in the process knows what to report up the chain of command, to whom and when. This is not a CYA procedure, it’s a vital way to ensure the company is taking claims of wrongdoing seriously—and that the executive team and board of directors won’t be caught off guard.

2. Communication Throughout the Compliance Investigation Process is Imperative

Mr. Thomas spoke about the need to keep employees informed about the process after they’ve filed a claim, right on through until it is resolved. I completely agree. “Communicate about more than an overview of the outcome,” he advised. As he pointed out, simply saying, “Thanks for raising the issue,” at the start of the process and, “The matter has been resolved,” at the end leaves employees questioning whether anything happened at all.

This gets tricky, we know, because when the matter involves another employee, any disciplinary action will be considered confidential personnel information. If someone is fired for breaking the rules, everyone will see that they’re not there anymore. If their pay is docked or they’re formally reprimanded, nobody on the front lines will know what happened, including the person who reported it. But if the employee hears from a person they’ve come to trust throughout the process that their report led to action, they’re far more likely to walk away feeling not only vindicated but also validated.

Mr. Thomas went on to recommend that companies assign a “whistleblower protection assistance person” to be a conduit between the employee and the investigation team throughout the process. This recommendation actually tracks with the recently released OSHA draft recommendations on Whistleblower Protections (which Greg Keating talked about on our blog here) (now out for public comment), which states that organizations should afford “ways for employees to get unbiased, confidential advice about exercising whistleblower rights and coping with the stress of reporting concerns.”

3. Corporate Culture Still Trumps Compliance

Mr. Thomas had one of the day’s most quotable moments when he opined that, in his experience, “organizations are like inattentive parents” who, upon learning that a child has misbehaved, exclaim “I told him the rules!” It’s an imperfect analogy, but I can see his point. It’s not unusual that we see companies in messy situations offer the defense that they told the employee the rules but the employee didn’t listen. Simply walking through company policies during first-day orientation is not only ineffectual, it fosters a feeling among employees that the company cares more about covering itself than about running an ethical workplace.

This is why we speak so often and fervently about creating a culture of compliance. In our most recent compliance training benchmark report, 46 percent of survey respondents told us that “creating a culture of ethics and respect” was their number one priority. Respondents also said that the biggest threat to their program effectiveness is employee cynicism (37 percent) and fear of retaliation for speaking up about misconduct (35 percent).

Providing strong and consistent messaging, followed by demonstrated actions is key. Regular training, investigating reports of wrongdoing, resolving reports quickly and enforcing a no-retaliation culture are among the crucial steps in creating an organizational culture where compliance and ethics are taken seriously. Just as in raising kids, if you want teach them to do something right, you have to be present, engaged and consistent.

Bottom Line

In the end, whether we like it or not, the folks on the “other side” are saying a lot of the same things that the best ethics and compliance officers already know. It can just be hard for us ethics and compliance practitioners to hear how they are saying them.


Struggling to create a speak-up organizational culture? We can help you create a roadmap to pinpoint and address the challenges you’re facing. Talk to a solutions expert today.


What do you have to say? Share your thoughts in the comments below or join a discussion group on Compliance Next.


10 Trends & Takeaways from the 2015 SEC Whistleblower Report

Get Carrie Penman’s take on the implications of the latest report from the SEC’s Office of the Whistleblower, and what organizations should consider doing to respond—from increasing whistleblower retaliation prevention efforts to reviewing employment agreements to ensure they are compliant to training managers on what to do when they receive complaints of misconduct.

Previous/Next Article Chevron Icon of a previous/next arrow. Previous Post

U.K. Procurement Managers to Vendors: Take Cyber Security Seriously or You’re Out

SMEs and third-party vendors must take cyber security seriously or risk losing business, according to a recent KPMG poll of UK procurement managers.Large companies are holding their vendors to higher cyber security standards, and placing the onus on SMEs to demonstrate that they are being proactive on the cyber security front.

Next Post Previous/Next Article Chevron Icon of a previous/next arrow.

Comments